Hi, "When source port is generated on the fly for the TCP protocol (ie. with connect() ) will be altered so that the source port is generated at random, instead of a simple incrementing algorithm." Ported from grsecurity (http://www.grsecurity.net by Brad Spengler). Instead of using the PaX & grsecurity-dependent get_random_long() function, we use the new randomization infrastructure introduced by Arjan van de Ven <[email protected]>, providing the helpers get_random_int() and randomize_range(). More information at: http://people.redhat.com/arjanv/randomize/02-randomize-infrastructure The patch is also available at: http://pearls.tuxedo-es.org/patches/security/tcp-rand_src-ports.patch Signed-off-by: Lorenzo Hernandez Garcia-Hierro <[email protected]> Cheers, -- Lorenzo Hernández García-Hierro <[email protected]> [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
When source port is generated on the fly for the TCP protocol (ie. with connect() ) will be altered so that the source port is generated at random, instead of a simple incrementing algorithm. Ported from grsecurity (http://www.grsecurity.net by Brad Spengler). Instead of using the PaX & grsecurity-dependent get_random_long() function, we use the new randomization infrastructure introduced by Arjan van de Ven <[email protected]>, providing the helpers get_random_int() and randomize_range(). More information at: http://people.redhat.com/arjanv/randomize/02-randomize-infrastructure Signed-off-by: Lorenzo Hernandez Garcia-Hierro <[email protected]> --- linux-2.6.11-lorenzo/net/ipv4/tcp_ipv4.c | 5 +++++ 1 files changed, 5 insertions(+) diff -puN net/ipv4/tcp_ipv4.c~tcp-rand_src-ports net/ipv4/tcp_ipv4.c --- linux-2.6.11/net/ipv4/tcp_ipv4.c~tcp-rand_src-ports 2005-04-17 17:31:27.233438208 +0200 +++ linux-2.6.11-lorenzo/net/ipv4/tcp_ipv4.c 2005-04-17 17:37:03.528313616 +0200 @@ -224,6 +224,9 @@ static int tcp_v4_get_port(struct sock * spin_lock(&tcp_portalloc_lock); rover = tcp_port_rover; + if (high > low) + rover = low + (get_random_int() % remaining); + do { rover++; if (rover < low || rover > high) @@ -666,6 +669,8 @@ static inline int tcp_v4_hash_connect(st struct hlist_node *node; struct tcp_tw_bucket *tw = NULL; + offset = get_random_int(); + local_bh_disable(); for (i = 1; i <= range; i++) { port = low + (i + offset) % range; _
Attachment:
signature.asc
Description: This is a digitally signed message part
- Follow-Ups:
- Re: [PATCH] TCP ipv4 source port randomization
- From: "David S. Miller" <[email protected]>
- Re: [PATCH] TCP ipv4 source port randomization
- Prev by Date: Re: [RFC 1 of 9] patches to add diskdump functionality to block layer
- Next by Date: Re: Fortuna
- Previous by thread: [PATCH 7/7] procfs privacy: /proc/iomem & /proc/ioports
- Next by thread: Re: [PATCH] TCP ipv4 source port randomization
- Index(es):