[PATCH] TCP ipv4 source port randomization

From: Lorenzo Hernández García-Hierro
Date: Mon Apr 18 2005 - 14:13:50 EST

Next message: Matt Mackall: "Re: Fortuna"
Previous message: Marcelo Tosatti: "Re: [RFC 1 of 9] patches to add diskdump functionality to block layer"
Next in thread: David S. Miller: "Re: [PATCH] TCP ipv4 source port randomization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

"When source port is generated on the fly for the TCP protocol (ie. with
connect() ) will
be altered so that the source port is generated at random, instead of a simple
incrementing algorithm."

Ported from grsecurity (http://www.grsecurity.net by Brad Spengler).

Instead of using the PaX & grsecurity-dependent get_random_long() function, we use
the new randomization infrastructure introduced by Arjan van de Ven <arjanv@xxxxxxxxxx>,
providing the helpers get_random_int() and randomize_range().

More information at:
http://people.redhat.com/arjanv/randomize/02-randomize-infrastructure

The patch is also available at:
http://pearls.tuxedo-es.org/patches/security/tcp-rand_src-ports.patch

Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@xxxxxxx>

Cheers,
--
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

When source port is generated on the fly for the TCP protocol (ie. with connect() ) will
be altered so that the source port is generated at random, instead of a simple
incrementing algorithm.

Ported from grsecurity (http://www.grsecurity.net by Brad Spengler).

Instead of using the PaX & grsecurity-dependent get_random_long() function, we use
the new randomization infrastructure introduced by Arjan van de Ven <arjanv@xxxxxxxxxx>,
providing the helpers get_random_int() and randomize_range().

More information at:
http://people.redhat.com/arjanv/randomize/02-randomize-infrastructure

Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@xxxxxxx>
---

linux-2.6.11-lorenzo/net/ipv4/tcp_ipv4.c | 5 +++++
1 files changed, 5 insertions(+)

diff -puN net/ipv4/tcp_ipv4.c~tcp-rand_src-ports net/ipv4/tcp_ipv4.c
--- linux-2.6.11/net/ipv4/tcp_ipv4.c~tcp-rand_src-ports 2005-04-17 17:31:27.233438208 +0200
+++ linux-2.6.11-lorenzo/net/ipv4/tcp_ipv4.c 2005-04-17 17:37:03.528313616 +0200
@@ -224,6 +224,9 @@ static int tcp_v4_get_port(struct sock *
spin_lock(&tcp_portalloc_lock);
rover = tcp_port_rover;

+ if (high > low)
+ rover = low + (get_random_int() % remaining);
+
do {
rover++;
if (rover < low || rover > high)
@@ -666,6 +669,8 @@ static inline int tcp_v4_hash_connect(st
struct hlist_node *node;
struct tcp_tw_bucket *tw = NULL;

+ offset = get_random_int();
+
local_bh_disable();
for (i = 1; i <= range; i++) {
port = low + (i + offset) % range;
_

Attachment: signature.asc
Description: This is a digitally signed message part

Next message: Matt Mackall: "Re: Fortuna"
Previous message: Marcelo Tosatti: "Re: [RFC 1 of 9] patches to add diskdump functionality to block layer"
Next in thread: David S. Miller: "Re: [PATCH] TCP ipv4 source port randomization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]