[PATCH] TCP ipv4 source port randomization

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

"When source port is generated on the fly for the TCP protocol (ie. with
connect() ) will
be altered so that the source port is generated at random, instead of a simple
incrementing algorithm."

Ported from grsecurity (http://www.grsecurity.net by Brad Spengler).

Instead of using the PaX & grsecurity-dependent get_random_long() function, we use
the new randomization infrastructure introduced by Arjan van de Ven <[email protected]>,
providing the helpers get_random_int() and randomize_range().

More information at:
http://people.redhat.com/arjanv/randomize/02-randomize-infrastructure

The patch is also available at:
http://pearls.tuxedo-es.org/patches/security/tcp-rand_src-ports.patch

Signed-off-by: Lorenzo Hernandez Garcia-Hierro <[email protected]>

Cheers,
-- 
Lorenzo Hernández García-Hierro <[email protected]> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
When source port is generated on the fly for the TCP protocol (ie. with connect() ) will
be altered so that the source port is generated at random, instead of a simple
incrementing algorithm.

Ported from grsecurity (http://www.grsecurity.net by Brad Spengler).

Instead of using the PaX & grsecurity-dependent get_random_long() function, we use
the new randomization infrastructure introduced by Arjan van de Ven <[email protected]>,
providing the helpers get_random_int() and randomize_range().

More information at:
http://people.redhat.com/arjanv/randomize/02-randomize-infrastructure

Signed-off-by: Lorenzo Hernandez Garcia-Hierro <[email protected]>
---

 linux-2.6.11-lorenzo/net/ipv4/tcp_ipv4.c |    5 +++++
 1 files changed, 5 insertions(+)

diff -puN net/ipv4/tcp_ipv4.c~tcp-rand_src-ports net/ipv4/tcp_ipv4.c
--- linux-2.6.11/net/ipv4/tcp_ipv4.c~tcp-rand_src-ports	2005-04-17 17:31:27.233438208 +0200
+++ linux-2.6.11-lorenzo/net/ipv4/tcp_ipv4.c	2005-04-17 17:37:03.528313616 +0200
@@ -224,6 +224,9 @@ static int tcp_v4_get_port(struct sock *
 		spin_lock(&tcp_portalloc_lock);
 		rover = tcp_port_rover;
 
+		if (high > low)
+			rover = low + (get_random_int() % remaining);
+
 		do {
 			rover++;
 			if (rover < low || rover > high)
@@ -666,6 +669,8 @@ static inline int tcp_v4_hash_connect(st
 		struct hlist_node *node;
  		struct tcp_tw_bucket *tw = NULL;
 
+ 		offset = get_random_int();
+
  		local_bh_disable();
 		for (i = 1; i <= range; i++) {
 			port = low + (i + offset) % range;
_

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux