Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp3541111iob;
        Tue, 17 May 2022 02:13:34 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJz9MDzQ+DruprLshbPBGzCKZDaewhjOVYE2zv3gM4nzy/JCRGJgd49fgt+bre2dqEo0noFd
X-Received: by 2002:a63:24d:0:b0:3c2:2f74:2ddb with SMTP id 74-20020a63024d000000b003c22f742ddbmr19000943pgc.83.1652778813844;
        Tue, 17 May 2022 02:13:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1652778813; cv=none;
        d=google.com; s=arc-20160816;
        b=Pixfb08y9FLr1Y7awzxkoeSuiR4S7U0Tfm/6WDuaRRYa1f+8L3dcm334MsMrcZF0hu
         tG0hsFAfZuSyOPWCF0TFuqOGrriIItWGsu49YVi9TMlOtFlaQkLkMoUwkTGd3k9M0bnV
         g267yq7PPkb3A7tZgxzoABQCBRbZQOxCEa8cVR9T2iyNrq0kFoqBI2nLw83rjGzQ3q5Z
         +CdYKTrDc4DvEnT+/jeywNxJhN622Z6XWOwdDGyypw1KD039SjbIASLGiuWGGy8+/2FL
         cPIOQqiucQRcU10xtvMFWkHHJE9/g6YOLSgDZhtAkwGxhmmU9t4aX3y11YVJAC592R9a
         nV5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=9L/q7ejlFViCH4iIQ4N0MLE9lqLXrjHQd8qiBUwRMnQ=;
        b=BGZkIypDZ29mxQVerKWdChwTH6NvTMGqzPbAaxb4SWi2Y2Iorq6CO6bvKtn3w3NqVA
         fMsDVsN0CZUGNodl5FWeBx4lUWFltZf4T5p6A6Hsi9S7bl9bihcqKjM/kFDJM24ddcvJ
         NlC7rhLOs2siwIhaqqls2ubiZF8C2CiKCRk+AGej7tm6X06L387h2uJxbuh/NLACBele
         kIBeSasnMs3sZ4ndkpx7Z3s+zHwtadTSv84ukPTS9AnZVUnNLnN9z3Z5H5IwyE+jWRFj
         DY5PSuxz6HzbtyN/A5SmwE8e08ppxxozFN6uTglYyFL5mYFR3eekajPYReOdhV1h/G8o
         q7eg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=plPSUCBM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id s8-20020a17090302c800b0015eb08a71a7si12533819plk.327.2022.05.17.02.13.20;
        Tue, 17 May 2022 02:13:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=plPSUCBM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347775AbiEPUWU (ORCPT <rfc822;recursive.nomad@gmail.com>
        + 99 others); Mon, 16 May 2022 16:22:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42444 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S243872AbiEPT7D (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 May 2022 15:59:03 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1BC0317ABF;
        Mon, 16 May 2022 12:52:37 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id AB3D360AB8;
        Mon, 16 May 2022 19:52:36 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id AAFB4C385AA;
        Mon, 16 May 2022 19:52:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1652730756;
        bh=LRaJJ6rm2rTcuj00VtV0cAzxzyTuSvN9jZkm2Xc9noo=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=plPSUCBMjRjo5E7DA4rIZgH2N4ObuSsgWMNoLgAq3Z0B/StZUh6R0csq04IXhbgdN
         Ar76nYCOogh836zGFfLhdxQ6L6PVnodNhK2nR+lbSh3ciA8nB/vWWneGmJV7njau+b
         fgeB0xw4oCsnFey1dXwOJusyDuhjkiLEd9TXSTKw=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Moshe Kol <moshe.kol@mail.huji.ac.il>,
        Yossi Gilad <yossi.gilad@mail.huji.ac.il>,
        Amit Klein <aksecurity@gmail.com>,
        Eric Dumazet <edumazet@google.com>, Willy Tarreau <w@1wt.eu>,
        Jakub Kicinski <kuba@kernel.org>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.15 058/102] tcp: add small random increments to the source port
Date:   Mon, 16 May 2022 21:36:32 +0200
Message-Id: <20220516193625.662549345@linuxfoundation.org>
X-Mailer: git-send-email 2.36.1
In-Reply-To: <20220516193623.989270214@linuxfoundation.org>
References: <20220516193623.989270214@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Willy Tarreau <w@1wt.eu>

[ Upstream commit ca7af0402550f9a0b3316d5f1c30904e42ed257d ]

Here we're randomly adding between 0 and 7 random increments to the
selected source port in order to add some noise in the source port
selection that will make the next port less predictable.

With the default port range of 32768-60999 this means a worst case
reuse scenario of 14116/8=1764 connections between two consecutive
uses of the same port, with an average of 14116/4.5=3137. This code
was stressed at more than 800000 connections per second to a fixed
target with all connections closed by the client using RSTs (worst
condition) and only 2 connections failed among 13 billion, despite
the hash being reseeded every 10 seconds, indicating a perfectly
safe situation.

Cc: Moshe Kol <moshe.kol@mail.huji.ac.il>
Cc: Yossi Gilad <yossi.gilad@mail.huji.ac.il>
Cc: Amit Klein <aksecurity@gmail.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/ipv4/inet_hashtables.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c
index 81a33af8393d..573a7e66ebc8 100644
--- a/net/ipv4/inet_hashtables.c
+++ b/net/ipv4/inet_hashtables.c
@@ -833,11 +833,12 @@ int __inet_hash_connect(struct inet_timewait_death_row *death_row,
 	return -EADDRNOTAVAIL;
 
 ok:
-	/* If our first attempt found a candidate, skip next candidate
-	 * in 1/16 of cases to add some noise.
+	/* Here we want to add a little bit of randomness to the next source
+	 * port that will be chosen. We use a max() with a random here so that
+	 * on low contention the randomness is maximal and on high contention
+	 * it may be inexistent.
 	 */
-	if (!i && !(prandom_u32() % 16))
-		i = 2;
+	i = max_t(int, i, (prandom_u32() & 7) * 2);
 	WRITE_ONCE(table_perturb[index], READ_ONCE(table_perturb[index]) + i + 2);
 
 	/* Head lock still held and bh's disabled */
-- 
2.35.1