1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #include <sys/types.h> 28 #include <sys/systm.h> 29 #include <sys/stream.h> 30 #include <sys/cmn_err.h> 31 #include <sys/kmem.h> 32 #define _SUN_TPI_VERSION 2 33 #include <sys/tihdr.h> 34 #include <sys/stropts.h> 35 #include <sys/socket.h> 36 #include <sys/random.h> 37 #include <sys/policy.h> 38 #include <sys/tsol/tndb.h> 39 #include <sys/tsol/tnet.h> 40 41 #include <netinet/in.h> 42 #include <netinet/ip6.h> 43 44 #include <inet/common.h> 45 #include <inet/ip.h> 46 #include <inet/ip6.h> 47 #include <inet/ipclassifier.h> 48 #include "sctp_impl.h" 49 #include "sctp_asconf.h" 50 #include "sctp_addr.h" 51 52 /* 53 * Returns 0 on success, EACCES on permission failure. 54 */ 55 static int 56 sctp_select_port(sctp_t *sctp, in_port_t *requested_port, int *user_specified) 57 { 58 sctp_stack_t *sctps = sctp->sctp_sctps; 59 conn_t *connp = sctp->sctp_connp; 60 61 /* 62 * Get a valid port (within the anonymous range and should not 63 * be a privileged one) to use if the user has not given a port. 64 * If multiple threads are here, they may all start with 65 * with the same initial port. But, it should be fine as long as 66 * sctp_bindi will ensure that no two threads will be assigned 67 * the same port. 68 */ 69 if (*requested_port == 0) { 70 *requested_port = sctp_update_next_port( 71 sctps->sctps_next_port_to_try, 72 crgetzone(connp->conn_cred), sctps); 73 if (*requested_port == 0) 74 return (EACCES); 75 *user_specified = 0; 76 } else { 77 int i; 78 boolean_t priv = B_FALSE; 79 80 /* 81 * If the requested_port is in the well-known privileged range, 82 * verify that the stream was opened by a privileged user. 83 * Note: No locks are held when inspecting sctp_g_*epriv_ports 84 * but instead the code relies on: 85 * - the fact that the address of the array and its size never 86 * changes 87 * - the atomic assignment of the elements of the array 88 */ 89 if (*requested_port < sctps->sctps_smallest_nonpriv_port) { 90 priv = B_TRUE; 91 } else { 92 for (i = 0; i < sctps->sctps_g_num_epriv_ports; i++) { 93 if (*requested_port == 94 sctps->sctps_g_epriv_ports[i]) { 95 priv = B_TRUE; 96 break; 97 } 98 } 99 } 100 if (priv) { 101 /* 102 * sctp_bind() should take a cred_t argument so that 103 * we can use it here. 104 */ 105 if (secpolicy_net_privaddr(connp->conn_cred, 106 *requested_port, IPPROTO_SCTP) != 0) { 107 dprint(1, 108 ("sctp_bind(x): no prive for port %d", 109 *requested_port)); 110 return (EACCES); 111 } 112 } 113 *user_specified = 1; 114 } 115 116 return (0); 117 } 118 119 int 120 sctp_listen(sctp_t *sctp) 121 { 122 sctp_tf_t *tf; 123 sctp_stack_t *sctps = sctp->sctp_sctps; 124 conn_t *connp = sctp->sctp_connp; 125 126 RUN_SCTP(sctp); 127 /* 128 * TCP handles listen() increasing the backlog, need to check 129 * if it should be handled here too 130 */ 131 if (sctp->sctp_state > SCTPS_BOUND || 132 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) { 133 WAKE_SCTP(sctp); 134 return (EINVAL); 135 } 136 137 /* Do an anonymous bind for unbound socket doing listen(). */ 138 if (sctp->sctp_nsaddrs == 0) { 139 struct sockaddr_storage ss; 140 int ret; 141 142 bzero(&ss, sizeof (ss)); 143 ss.ss_family = connp->conn_family; 144 145 WAKE_SCTP(sctp); 146 if ((ret = sctp_bind(sctp, (struct sockaddr *)&ss, 147 sizeof (ss))) != 0) 148 return (ret); 149 RUN_SCTP(sctp) 150 } 151 152 /* Cache things in the ixa without any refhold */ 153 ASSERT(!(connp->conn_ixa->ixa_free_flags & IXA_FREE_CRED)); 154 connp->conn_ixa->ixa_cred = connp->conn_cred; 155 connp->conn_ixa->ixa_cpid = connp->conn_cpid; 156 if (is_system_labeled()) 157 connp->conn_ixa->ixa_tsl = crgetlabel(connp->conn_cred); 158 159 sctp->sctp_state = SCTPS_LISTEN; 160 (void) random_get_pseudo_bytes(sctp->sctp_secret, SCTP_SECRET_LEN); 161 sctp->sctp_last_secret_update = ddi_get_lbolt64(); 162 bzero(sctp->sctp_old_secret, SCTP_SECRET_LEN); 163 tf = &sctps->sctps_listen_fanout[SCTP_LISTEN_HASH( 164 ntohs(connp->conn_lport))]; 165 sctp_listen_hash_insert(tf, sctp); 166 WAKE_SCTP(sctp); 167 return (0); 168 } 169 170 /* 171 * Bind the sctp_t to a sockaddr, which includes an address and other 172 * information, such as port or flowinfo. 173 */ 174 int 175 sctp_bind(sctp_t *sctp, struct sockaddr *sa, socklen_t len) 176 { 177 int user_specified; 178 boolean_t bind_to_req_port_only; 179 in_port_t requested_port; 180 in_port_t allocated_port; 181 int err = 0; 182 conn_t *connp = sctp->sctp_connp; 183 uint_t scope_id; 184 sin_t *sin; 185 sin6_t *sin6; 186 187 ASSERT(sctp != NULL); 188 189 RUN_SCTP(sctp); 190 191 if ((sctp->sctp_state >= SCTPS_BOUND) || 192 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING) || 193 (sa == NULL || len == 0)) { 194 /* 195 * Multiple binds not allowed for any SCTP socket 196 * Also binding with null address is not supported. 197 */ 198 err = EINVAL; 199 goto done; 200 } 201 202 switch (sa->sa_family) { 203 case AF_INET: 204 sin = (sin_t *)sa; 205 if (len < sizeof (struct sockaddr_in) || 206 connp->conn_family == AF_INET6) { 207 err = EINVAL; 208 goto done; 209 } 210 requested_port = ntohs(sin->sin_port); 211 break; 212 case AF_INET6: 213 sin6 = (sin6_t *)sa; 214 if (len < sizeof (struct sockaddr_in6) || 215 connp->conn_family == AF_INET) { 216 err = EINVAL; 217 goto done; 218 } 219 requested_port = ntohs(sin6->sin6_port); 220 /* Set the flowinfo. */ 221 connp->conn_flowinfo = 222 sin6->sin6_flowinfo & ~IPV6_VERS_AND_FLOW_MASK; 223 224 scope_id = sin6->sin6_scope_id; 225 if (scope_id != 0 && IN6_IS_ADDR_LINKSCOPE(&sin6->sin6_addr)) { 226 connp->conn_ixa->ixa_flags |= IXAF_SCOPEID_SET; 227 connp->conn_ixa->ixa_scopeid = scope_id; 228 connp->conn_incoming_ifindex = scope_id; 229 } else { 230 connp->conn_ixa->ixa_flags &= ~IXAF_SCOPEID_SET; 231 connp->conn_incoming_ifindex = connp->conn_bound_if; 232 } 233 break; 234 default: 235 err = EAFNOSUPPORT; 236 goto done; 237 } 238 bind_to_req_port_only = requested_port == 0 ? B_FALSE : B_TRUE; 239 240 err = sctp_select_port(sctp, &requested_port, &user_specified); 241 if (err != 0) 242 goto done; 243 244 if ((err = sctp_bind_add(sctp, sa, 1, B_TRUE, 245 user_specified == 1 ? htons(requested_port) : 0)) != 0) { 246 goto done; 247 } 248 err = sctp_bindi(sctp, requested_port, bind_to_req_port_only, 249 user_specified, &allocated_port); 250 if (err != 0) { 251 sctp_free_saddrs(sctp); 252 } else { 253 ASSERT(sctp->sctp_state == SCTPS_BOUND); 254 } 255 done: 256 WAKE_SCTP(sctp); 257 return (err); 258 } 259 260 /* 261 * Perform bind/unbind operation of a list of addresses on a sctp_t 262 */ 263 int 264 sctp_bindx(sctp_t *sctp, const void *addrs, int addrcnt, int bindop) 265 { 266 ASSERT(sctp != NULL); 267 ASSERT(addrs != NULL); 268 ASSERT(addrcnt > 0); 269 270 switch (bindop) { 271 case SCTP_BINDX_ADD_ADDR: 272 return (sctp_bind_add(sctp, addrs, addrcnt, B_FALSE, 273 sctp->sctp_connp->conn_lport)); 274 case SCTP_BINDX_REM_ADDR: 275 return (sctp_bind_del(sctp, addrs, addrcnt, B_FALSE)); 276 default: 277 return (EINVAL); 278 } 279 } 280 281 /* 282 * Add a list of addresses to a sctp_t. 283 */ 284 int 285 sctp_bind_add(sctp_t *sctp, const void *addrs, uint32_t addrcnt, 286 boolean_t caller_hold_lock, in_port_t port) 287 { 288 int err = 0; 289 boolean_t do_asconf = B_FALSE; 290 sctp_stack_t *sctps = sctp->sctp_sctps; 291 conn_t *connp = sctp->sctp_connp; 292 293 if (!caller_hold_lock) 294 RUN_SCTP(sctp); 295 296 if (sctp->sctp_state > SCTPS_ESTABLISHED || 297 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) { 298 if (!caller_hold_lock) 299 WAKE_SCTP(sctp); 300 return (EINVAL); 301 } 302 303 if (sctp->sctp_state > SCTPS_LISTEN) { 304 /* 305 * Let's do some checking here rather than undoing the 306 * add later (for these reasons). 307 */ 308 if (!sctps->sctps_addip_enabled || 309 !sctp->sctp_understands_asconf || 310 !sctp->sctp_understands_addip) { 311 if (!caller_hold_lock) 312 WAKE_SCTP(sctp); 313 return (EINVAL); 314 } 315 do_asconf = B_TRUE; 316 } 317 /* 318 * On a clustered node, for an inaddr_any bind, we will pass the list 319 * of all the addresses in the global list, minus any address on the 320 * loopback interface, and expect the clustering susbsystem to give us 321 * the correct list for the 'port'. For explicit binds we give the 322 * list of addresses and the clustering module validates it for the 323 * 'port'. 324 * 325 * On a non-clustered node, cl_sctp_check_addrs will be NULL and 326 * we proceed as usual. 327 */ 328 if (cl_sctp_check_addrs != NULL) { 329 uchar_t *addrlist = NULL; 330 size_t size = 0; 331 int unspec = 0; 332 boolean_t do_listen; 333 uchar_t *llist = NULL; 334 size_t lsize = 0; 335 336 /* 337 * If we are adding addresses after listening, but before 338 * an association is established, we need to update the 339 * clustering module with this info. 340 */ 341 do_listen = !do_asconf && sctp->sctp_state > SCTPS_BOUND && 342 cl_sctp_listen != NULL; 343 344 err = sctp_get_addrlist(sctp, addrs, &addrcnt, &addrlist, 345 &unspec, &size); 346 if (err != 0) { 347 ASSERT(addrlist == NULL); 348 ASSERT(addrcnt == 0); 349 ASSERT(size == 0); 350 if (!caller_hold_lock) 351 WAKE_SCTP(sctp); 352 SCTP_KSTAT(sctps, sctp_cl_check_addrs); 353 return (err); 354 } 355 ASSERT(addrlist != NULL); 356 (*cl_sctp_check_addrs)(connp->conn_family, port, &addrlist, 357 size, &addrcnt, unspec == 1); 358 if (addrcnt == 0) { 359 /* We free the list */ 360 kmem_free(addrlist, size); 361 if (!caller_hold_lock) 362 WAKE_SCTP(sctp); 363 return (EINVAL); 364 } 365 if (do_listen) { 366 lsize = sizeof (in6_addr_t) * addrcnt; 367 llist = kmem_alloc(lsize, KM_SLEEP); 368 } 369 err = sctp_valid_addr_list(sctp, addrlist, addrcnt, llist, 370 lsize); 371 if (err == 0 && do_listen) { 372 (*cl_sctp_listen)(connp->conn_family, llist, 373 addrcnt, connp->conn_lport); 374 /* list will be freed by the clustering module */ 375 } else if (err != 0 && llist != NULL) { 376 kmem_free(llist, lsize); 377 } 378 /* free the list we allocated */ 379 kmem_free(addrlist, size); 380 } else { 381 err = sctp_valid_addr_list(sctp, addrs, addrcnt, NULL, 0); 382 } 383 if (err != 0) { 384 if (!caller_hold_lock) 385 WAKE_SCTP(sctp); 386 return (err); 387 } 388 /* Need to send ASCONF messages */ 389 if (do_asconf) { 390 err = sctp_add_ip(sctp, addrs, addrcnt); 391 if (err != 0) { 392 sctp_del_saddr_list(sctp, addrs, addrcnt, B_FALSE); 393 if (!caller_hold_lock) 394 WAKE_SCTP(sctp); 395 return (err); 396 } 397 } 398 if (!caller_hold_lock) 399 WAKE_SCTP(sctp); 400 return (0); 401 } 402 403 /* 404 * Remove one or more addresses bound to the sctp_t. 405 */ 406 int 407 sctp_bind_del(sctp_t *sctp, const void *addrs, uint32_t addrcnt, 408 boolean_t caller_hold_lock) 409 { 410 int error = 0; 411 boolean_t do_asconf = B_FALSE; 412 uchar_t *ulist = NULL; 413 size_t usize = 0; 414 sctp_stack_t *sctps = sctp->sctp_sctps; 415 conn_t *connp = sctp->sctp_connp; 416 417 if (!caller_hold_lock) 418 RUN_SCTP(sctp); 419 420 if (sctp->sctp_state > SCTPS_ESTABLISHED || 421 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) { 422 if (!caller_hold_lock) 423 WAKE_SCTP(sctp); 424 return (EINVAL); 425 } 426 /* 427 * Fail the remove if we are beyond listen, but can't send this 428 * to the peer. 429 */ 430 if (sctp->sctp_state > SCTPS_LISTEN) { 431 if (!sctps->sctps_addip_enabled || 432 !sctp->sctp_understands_asconf || 433 !sctp->sctp_understands_addip) { 434 if (!caller_hold_lock) 435 WAKE_SCTP(sctp); 436 return (EINVAL); 437 } 438 do_asconf = B_TRUE; 439 } 440 441 /* Can't delete the last address nor all of the addresses */ 442 if (sctp->sctp_nsaddrs == 1 || addrcnt >= sctp->sctp_nsaddrs) { 443 if (!caller_hold_lock) 444 WAKE_SCTP(sctp); 445 return (EINVAL); 446 } 447 448 if (cl_sctp_unlisten != NULL && !do_asconf && 449 sctp->sctp_state > SCTPS_BOUND) { 450 usize = sizeof (in6_addr_t) * addrcnt; 451 ulist = kmem_alloc(usize, KM_SLEEP); 452 } 453 454 error = sctp_del_ip(sctp, addrs, addrcnt, ulist, usize); 455 if (error != 0) { 456 if (ulist != NULL) 457 kmem_free(ulist, usize); 458 if (!caller_hold_lock) 459 WAKE_SCTP(sctp); 460 return (error); 461 } 462 /* ulist will be non-NULL only if cl_sctp_unlisten is non-NULL */ 463 if (ulist != NULL) { 464 ASSERT(cl_sctp_unlisten != NULL); 465 (*cl_sctp_unlisten)(connp->conn_family, ulist, addrcnt, 466 connp->conn_lport); 467 /* ulist will be freed by the clustering module */ 468 } 469 if (!caller_hold_lock) 470 WAKE_SCTP(sctp); 471 return (error); 472 } 473 474 /* 475 * Returns 0 for success, errno value otherwise. 476 * 477 * If the "bind_to_req_port_only" parameter is set and the requested port 478 * number is available, then set allocated_port to it. If not available, 479 * return an error. 480 * 481 * If the "bind_to_req_port_only" parameter is not set and the requested port 482 * number is available, then set allocated_port to it. If not available, 483 * find the first anonymous port we can and set allocated_port to that. If no 484 * anonymous ports are available, return an error. 485 * 486 * In either case, when succeeding, update the sctp_t to record the port number 487 * and insert it in the bind hash table. 488 */ 489 int 490 sctp_bindi(sctp_t *sctp, in_port_t port, boolean_t bind_to_req_port_only, 491 int user_specified, in_port_t *allocated_port) 492 { 493 /* number of times we have run around the loop */ 494 int count = 0; 495 /* maximum number of times to run around the loop */ 496 int loopmax; 497 sctp_stack_t *sctps = sctp->sctp_sctps; 498 conn_t *connp = sctp->sctp_connp; 499 zone_t *zone = crgetzone(connp->conn_cred); 500 zoneid_t zoneid = connp->conn_zoneid; 501 502 /* 503 * Lookup for free addresses is done in a loop and "loopmax" 504 * influences how long we spin in the loop 505 */ 506 if (bind_to_req_port_only) { 507 /* 508 * If the requested port is busy, don't bother to look 509 * for a new one. Setting loop maximum count to 1 has 510 * that effect. 511 */ 512 loopmax = 1; 513 } else { 514 /* 515 * If the requested port is busy, look for a free one 516 * in the anonymous port range. 517 * Set loopmax appropriately so that one does not look 518 * forever in the case all of the anonymous ports are in use. 519 */ 520 loopmax = (sctps->sctps_largest_anon_port - 521 sctps->sctps_smallest_anon_port + 1); 522 } 523 do { 524 uint16_t lport; 525 sctp_tf_t *tbf; 526 sctp_t *lsctp; 527 int addrcmp; 528 529 lport = htons(port); 530 531 /* 532 * Ensure that the sctp_t is not currently in the bind hash. 533 * Hold the lock on the hash bucket to ensure that 534 * the duplicate check plus the insertion is an atomic 535 * operation. 536 * 537 * This function does an inline lookup on the bind hash list 538 * Make sure that we access only members of sctp_t 539 * and that we don't look at sctp_sctp, since we are not 540 * doing a SCTPB_REFHOLD. For more details please see the notes 541 * in sctp_compress() 542 */ 543 sctp_bind_hash_remove(sctp); 544 tbf = &sctps->sctps_bind_fanout[SCTP_BIND_HASH(port)]; 545 mutex_enter(&tbf->tf_lock); 546 for (lsctp = tbf->tf_sctp; lsctp != NULL; 547 lsctp = lsctp->sctp_bind_hash) { 548 conn_t *lconnp = lsctp->sctp_connp; 549 550 if (lport != lconnp->conn_lport || 551 lsctp->sctp_state < SCTPS_BOUND) 552 continue; 553 554 /* 555 * On a labeled system, we must treat bindings to ports 556 * on shared IP addresses by sockets with MAC exemption 557 * privilege as being in all zones, as there's 558 * otherwise no way to identify the right receiver. 559 */ 560 if (lconnp->conn_zoneid != zoneid && 561 lconnp->conn_mac_mode == CONN_MAC_DEFAULT && 562 connp->conn_mac_mode == CONN_MAC_DEFAULT) 563 continue; 564 565 addrcmp = sctp_compare_saddrs(sctp, lsctp); 566 if (addrcmp != SCTP_ADDR_DISJOINT) { 567 if (!connp->conn_reuseaddr) { 568 /* in use */ 569 break; 570 } else if (lsctp->sctp_state == SCTPS_BOUND || 571 lsctp->sctp_state == SCTPS_LISTEN) { 572 /* 573 * socket option SO_REUSEADDR is set 574 * on the binding sctp_t. 575 * 576 * We have found a match of IP source 577 * address and source port, which is 578 * refused regardless of the 579 * SO_REUSEADDR setting, so we break. 580 */ 581 break; 582 } 583 } 584 } 585 if (lsctp != NULL) { 586 /* The port number is busy */ 587 mutex_exit(&tbf->tf_lock); 588 } else { 589 if (is_system_labeled()) { 590 mlp_type_t addrtype, mlptype; 591 uint_t ipversion; 592 593 /* 594 * On a labeled system we must check the type 595 * of the binding requested by the user (either 596 * MLP or SLP on shared and private addresses), 597 * and that the user's requested binding 598 * is permitted. 599 */ 600 if (connp->conn_family == AF_INET) 601 ipversion = IPV4_VERSION; 602 else 603 ipversion = IPV6_VERSION; 604 605 addrtype = tsol_mlp_addr_type( 606 connp->conn_allzones ? ALL_ZONES : 607 zone->zone_id, 608 ipversion, 609 connp->conn_family == AF_INET ? 610 (void *)&sctp->sctp_ipha->ipha_src : 611 (void *)&sctp->sctp_ip6h->ip6_src, 612 sctps->sctps_netstack->netstack_ip); 613 614 /* 615 * tsol_mlp_addr_type returns the possibilities 616 * for the selected address. Since all local 617 * addresses are either private or shared, the 618 * return value mlptSingle means "local address 619 * not valid (interface not present)." 620 */ 621 if (addrtype == mlptSingle) { 622 mutex_exit(&tbf->tf_lock); 623 return (EADDRNOTAVAIL); 624 } 625 mlptype = tsol_mlp_port_type(zone, IPPROTO_SCTP, 626 port, addrtype); 627 if (mlptype != mlptSingle) { 628 if (secpolicy_net_bindmlp(connp-> 629 conn_cred) != 0) { 630 mutex_exit(&tbf->tf_lock); 631 return (EACCES); 632 } 633 /* 634 * If we're binding a shared MLP, then 635 * make sure that this zone is the one 636 * that owns that MLP. Shared MLPs can 637 * be owned by at most one zone. 638 * 639 * No need to handle exclusive-stack 640 * zones since ALL_ZONES only applies 641 * to the shared stack. 642 */ 643 644 if (mlptype == mlptShared && 645 addrtype == mlptShared && 646 connp->conn_zoneid != 647 tsol_mlp_findzone(IPPROTO_SCTP, 648 lport)) { 649 mutex_exit(&tbf->tf_lock); 650 return (EACCES); 651 } 652 connp->conn_mlp_type = mlptype; 653 } 654 } 655 /* 656 * This port is ours. Insert in fanout and mark as 657 * bound to prevent others from getting the port 658 * number. 659 */ 660 sctp->sctp_state = SCTPS_BOUND; 661 connp->conn_lport = lport; 662 663 ASSERT(&sctps->sctps_bind_fanout[ 664 SCTP_BIND_HASH(port)] == tbf); 665 sctp_bind_hash_insert(tbf, sctp, 1); 666 667 mutex_exit(&tbf->tf_lock); 668 669 /* 670 * We don't want sctp_next_port_to_try to "inherit" 671 * a port number supplied by the user in a bind. 672 * 673 * This is the only place where sctp_next_port_to_try 674 * is updated. After the update, it may or may not 675 * be in the valid range. 676 */ 677 if (user_specified == 0) 678 sctps->sctps_next_port_to_try = port + 1; 679 680 *allocated_port = port; 681 682 return (0); 683 } 684 685 if ((count == 0) && (user_specified)) { 686 /* 687 * We may have to return an anonymous port. So 688 * get one to start with. 689 */ 690 port = sctp_update_next_port( 691 sctps->sctps_next_port_to_try, 692 zone, sctps); 693 user_specified = 0; 694 } else { 695 port = sctp_update_next_port(port + 1, zone, sctps); 696 } 697 if (port == 0) 698 break; 699 700 /* 701 * Don't let this loop run forever in the case where 702 * all of the anonymous ports are in use. 703 */ 704 } while (++count < loopmax); 705 706 return (bind_to_req_port_only ? EADDRINUSE : EADDRNOTAVAIL); 707 } 708 709 /* 710 * Don't let port fall into the privileged range. 711 * Since the extra privileged ports can be arbitrary we also 712 * ensure that we exclude those from consideration. 713 * sctp_g_epriv_ports is not sorted thus we loop over it until 714 * there are no changes. 715 * 716 * Note: No locks are held when inspecting sctp_g_*epriv_ports 717 * but instead the code relies on: 718 * - the fact that the address of the array and its size never changes 719 * - the atomic assignment of the elements of the array 720 */ 721 in_port_t 722 sctp_update_next_port(in_port_t port, zone_t *zone, sctp_stack_t *sctps) 723 { 724 int i; 725 boolean_t restart = B_FALSE; 726 727 retry: 728 if (port < sctps->sctps_smallest_anon_port) 729 port = sctps->sctps_smallest_anon_port; 730 731 if (port > sctps->sctps_largest_anon_port) { 732 if (restart) 733 return (0); 734 restart = B_TRUE; 735 port = sctps->sctps_smallest_anon_port; 736 } 737 738 if (port < sctps->sctps_smallest_nonpriv_port) 739 port = sctps->sctps_smallest_nonpriv_port; 740 741 for (i = 0; i < sctps->sctps_g_num_epriv_ports; i++) { 742 if (port == sctps->sctps_g_epriv_ports[i]) { 743 port++; 744 /* 745 * Make sure whether the port is in the 746 * valid range. 747 * 748 * XXX Note that if sctp_g_epriv_ports contains 749 * all the anonymous ports this will be an 750 * infinite loop. 751 */ 752 goto retry; 753 } 754 } 755 756 if (is_system_labeled() && 757 (i = tsol_next_port(zone, port, IPPROTO_SCTP, B_TRUE)) != 0) { 758 port = i; 759 goto retry; 760 } 761 762 return (port); 763 } 764