luck/tmp_suning_uos_patched
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9088c56095
tmp_suning_uos_patched/net/ipv4
History
Eric Dumazet 9088c56095 udp: Improve port randomization 
Current UDP port allocation is suboptimal.
We select the shortest chain to chose a port (out of 512)
that will hash in this shortest chain.

First, it can lead to give not so ramdom ports and ease
give attackers more opportunities to break the system.

Second, it can consume a lot of CPU to scan all table
in order to find the shortest chain.

Third, in some pathological cases we can fail to find
a free port even if they are plenty of them.

This patch zap the search for a short chain and only
use one random seed. Problem of getting long chains
should be addressed in another way, since we can
obtain long chains with non random ports.

Based on a report and patch from Vitaly Mayatskikh

Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-10-08 11:44:17 -07:00
..
ipvs
netfilter netfilter: xtables: provide invoked family value to extensions 2008-10-08 11:35:20 +02:00
af_inet.c ipv4: Allow binding to non-local addresses if IP_TRANSPARENT is set 2008-10-01 07:31:24 -07:00
ah4.c
arp.c
cipso_ipv4.c
datagram.c
devinet.c
esp4.c
fib_frontend.c
fib_hash.c
fib_lookup.h
fib_rules.c
fib_semantics.c
fib_trie.c
icmp.c
igmp.c ipv4: add mc_count to in_device. 2008-10-07 15:34:37 -07:00
inet_connection_sock.c tcp: Port redirection support for TCP 2008-10-01 07:46:49 -07:00
inet_diag.c
inet_fragment.c
inet_hashtables.c
inet_lro.c
inet_timewait_sock.c ipv4: Implement IP_TRANSPARENT socket option 2008-10-01 07:30:02 -07:00
inetpeer.c
ip_forward.c
ip_fragment.c
ip_gre.c
ip_input.c
ip_options.c
ip_output.c ipv4: Make Netfilter's ip_route_me_harder() non-local address compatible 2008-10-01 07:44:42 -07:00
ip_sockglue.c ipv4: Implement IP_TRANSPARENT socket option 2008-10-01 07:30:02 -07:00
ipcomp.c
ipconfig.c
ipip.c
ipmr.c
Kconfig
Makefile
netfilter.c netfilter: netns: fix {ip,6}_route_me_harder() in netns 2008-10-08 11:35:03 +02:00
proc.c
protocol.c
raw.c
route.c
syncookies.c tcp: Port redirection support for TCP 2008-10-01 07:46:49 -07:00
sysctl_net_ipv4.c
tcp_bic.c
tcp_cong.c
tcp_cubic.c
tcp_diag.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
tcp_input.c tcp: cleanup messy initializer 2008-10-07 14:43:31 -07:00
tcp_ipv4.c tcp: fix length used for checksum in a reset 2008-10-08 11:34:06 -07:00
tcp_lp.c
tcp_minisocks.c tcp: kill pointless urg_mode 2008-10-07 14:43:06 -07:00
tcp_output.c tcp: kill pointless urg_mode 2008-10-07 14:43:06 -07:00
tcp_probe.c
tcp_scalable.c
tcp_timer.c net: wrap sk->sk_backlog_rcv() 2008-10-07 14:18:42 -07:00
tcp_vegas.c
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tcp.c tcp: kill pointless urg_mode 2008-10-07 14:43:06 -07:00
tunnel4.c
udp_impl.h
udp.c udp: Improve port randomization 2008-10-08 11:44:17 -07:00
udplite.c
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c
xfrm4_state.c
xfrm4_tunnel.c