1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #include <sys/types.h> 28 #include <sys/systm.h> 29 #include <sys/stream.h> 30 #include <sys/cmn_err.h> 31 #include <sys/kmem.h> 32 #define _SUN_TPI_VERSION 2 33 #include <sys/tihdr.h> 34 #include <sys/stropts.h> 35 #include <sys/socket.h> 36 #include <sys/random.h> 37 #include <sys/policy.h> 38 #include <sys/tsol/tndb.h> 39 #include <sys/tsol/tnet.h> 40 41 #include <netinet/in.h> 42 #include <netinet/ip6.h> 43 44 #include <inet/common.h> 45 #include <inet/ip.h> 46 #include <inet/ip6.h> 47 #include <inet/ipclassifier.h> 48 #include "sctp_impl.h" 49 #include "sctp_asconf.h" 50 #include "sctp_addr.h" 51 52 /* 53 * Returns 0 on success, EACCES on permission failure. 54 */ 55 static int 56 sctp_select_port(sctp_t *sctp, in_port_t *requested_port, int *user_specified) 57 { 58 sctp_stack_t *sctps = sctp->sctp_sctps; 59 conn_t *connp = sctp->sctp_connp; 60 61 /* 62 * Get a valid port (within the anonymous range and should not 63 * be a privileged one) to use if the user has not given a port. 64 * If multiple threads are here, they may all start with 65 * with the same initial port. But, it should be fine as long as 66 * sctp_bindi will ensure that no two threads will be assigned 67 * the same port. 68 */ 69 if (*requested_port == 0) { 70 *requested_port = sctp_update_next_port( 71 sctps->sctps_next_port_to_try, 72 crgetzone(connp->conn_cred), sctps); 73 if (*requested_port == 0) 74 return (EACCES); 75 *user_specified = 0; 76 } else { 77 int i; 78 boolean_t priv = B_FALSE; 79 80 /* 81 * If the requested_port is in the well-known privileged range, 82 * verify that the stream was opened by a privileged user. 83 * Note: No locks are held when inspecting sctp_g_*epriv_ports 84 * but instead the code relies on: 85 * - the fact that the address of the array and its size never 86 * changes 87 * - the atomic assignment of the elements of the array 88 */ 89 if (*requested_port < sctps->sctps_smallest_nonpriv_port) { 90 priv = B_TRUE; 91 } else { 92 for (i = 0; i < sctps->sctps_g_num_epriv_ports; i++) { 93 if (*requested_port == 94 sctps->sctps_g_epriv_ports[i]) { 95 priv = B_TRUE; 96 break; 97 } 98 } 99 } 100 if (priv) { 101 /* 102 * sctp_bind() should take a cred_t argument so that 103 * we can use it here. 104 */ 105 if (secpolicy_net_privaddr(connp->conn_cred, 106 *requested_port, IPPROTO_SCTP) != 0) { 107 dprint(1, 108 ("sctp_bind(x): no prive for port %d", 109 *requested_port)); 110 return (EACCES); 111 } 112 } 113 *user_specified = 1; 114 } 115 116 return (0); 117 } 118 119 int 120 sctp_listen(sctp_t *sctp) 121 { 122 sctp_tf_t *tf; 123 sctp_stack_t *sctps = sctp->sctp_sctps; 124 conn_t *connp = sctp->sctp_connp; 125 126 RUN_SCTP(sctp); 127 /* 128 * TCP handles listen() increasing the backlog, need to check 129 * if it should be handled here too 130 */ 131 if (sctp->sctp_state > SCTPS_BOUND || 132 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) { 133 WAKE_SCTP(sctp); 134 return (EINVAL); 135 } 136 137 /* Do an anonymous bind for unbound socket doing listen(). */ 138 if (sctp->sctp_nsaddrs == 0) { 139 struct sockaddr_storage ss; 140 int ret; 141 142 bzero(&ss, sizeof (ss)); 143 ss.ss_family = connp->conn_family; 144 145 WAKE_SCTP(sctp); 146 if ((ret = sctp_bind(sctp, (struct sockaddr *)&ss, 147 sizeof (ss))) != 0) 148 return (ret); 149 RUN_SCTP(sctp) 150 } 151 152 /* Cache things in the ixa without any refhold */ 153 connp->conn_ixa->ixa_cred = connp->conn_cred; 154 connp->conn_ixa->ixa_cpid = connp->conn_cpid; 155 if (is_system_labeled()) 156 connp->conn_ixa->ixa_tsl = crgetlabel(connp->conn_cred); 157 158 sctp->sctp_state = SCTPS_LISTEN; 159 (void) random_get_pseudo_bytes(sctp->sctp_secret, SCTP_SECRET_LEN); 160 sctp->sctp_last_secret_update = lbolt64; 161 bzero(sctp->sctp_old_secret, SCTP_SECRET_LEN); 162 tf = &sctps->sctps_listen_fanout[SCTP_LISTEN_HASH( 163 ntohs(connp->conn_lport))]; 164 sctp_listen_hash_insert(tf, sctp); 165 WAKE_SCTP(sctp); 166 return (0); 167 } 168 169 /* 170 * Bind the sctp_t to a sockaddr, which includes an address and other 171 * information, such as port or flowinfo. 172 */ 173 int 174 sctp_bind(sctp_t *sctp, struct sockaddr *sa, socklen_t len) 175 { 176 int user_specified; 177 boolean_t bind_to_req_port_only; 178 in_port_t requested_port; 179 in_port_t allocated_port; 180 int err = 0; 181 conn_t *connp = sctp->sctp_connp; 182 uint_t scope_id; 183 sin_t *sin; 184 sin6_t *sin6; 185 186 ASSERT(sctp != NULL); 187 188 RUN_SCTP(sctp); 189 190 if ((sctp->sctp_state >= SCTPS_BOUND) || 191 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING) || 192 (sa == NULL || len == 0)) { 193 /* 194 * Multiple binds not allowed for any SCTP socket 195 * Also binding with null address is not supported. 196 */ 197 err = EINVAL; 198 goto done; 199 } 200 201 switch (sa->sa_family) { 202 case AF_INET: 203 sin = (sin_t *)sa; 204 if (len < sizeof (struct sockaddr_in) || 205 connp->conn_family == AF_INET6) { 206 err = EINVAL; 207 goto done; 208 } 209 requested_port = ntohs(sin->sin_port); 210 break; 211 case AF_INET6: 212 sin6 = (sin6_t *)sa; 213 if (len < sizeof (struct sockaddr_in6) || 214 connp->conn_family == AF_INET) { 215 err = EINVAL; 216 goto done; 217 } 218 requested_port = ntohs(sin6->sin6_port); 219 /* Set the flowinfo. */ 220 connp->conn_flowinfo = 221 sin6->sin6_flowinfo & ~IPV6_VERS_AND_FLOW_MASK; 222 223 scope_id = sin6->sin6_scope_id; 224 if (scope_id != 0 && IN6_IS_ADDR_LINKSCOPE(&sin6->sin6_addr)) { 225 connp->conn_ixa->ixa_flags |= IXAF_SCOPEID_SET; 226 connp->conn_ixa->ixa_scopeid = scope_id; 227 connp->conn_incoming_ifindex = scope_id; 228 } else { 229 connp->conn_ixa->ixa_flags &= ~IXAF_SCOPEID_SET; 230 connp->conn_incoming_ifindex = connp->conn_bound_if; 231 } 232 break; 233 default: 234 err = EAFNOSUPPORT; 235 goto done; 236 } 237 bind_to_req_port_only = requested_port == 0 ? B_FALSE : B_TRUE; 238 239 err = sctp_select_port(sctp, &requested_port, &user_specified); 240 if (err != 0) 241 goto done; 242 243 if ((err = sctp_bind_add(sctp, sa, 1, B_TRUE, 244 user_specified == 1 ? htons(requested_port) : 0)) != 0) { 245 goto done; 246 } 247 err = sctp_bindi(sctp, requested_port, bind_to_req_port_only, 248 user_specified, &allocated_port); 249 if (err != 0) { 250 sctp_free_saddrs(sctp); 251 } else { 252 ASSERT(sctp->sctp_state == SCTPS_BOUND); 253 } 254 done: 255 WAKE_SCTP(sctp); 256 return (err); 257 } 258 259 /* 260 * Perform bind/unbind operation of a list of addresses on a sctp_t 261 */ 262 int 263 sctp_bindx(sctp_t *sctp, const void *addrs, int addrcnt, int bindop) 264 { 265 ASSERT(sctp != NULL); 266 ASSERT(addrs != NULL); 267 ASSERT(addrcnt > 0); 268 269 switch (bindop) { 270 case SCTP_BINDX_ADD_ADDR: 271 return (sctp_bind_add(sctp, addrs, addrcnt, B_FALSE, 272 sctp->sctp_connp->conn_lport)); 273 case SCTP_BINDX_REM_ADDR: 274 return (sctp_bind_del(sctp, addrs, addrcnt, B_FALSE)); 275 default: 276 return (EINVAL); 277 } 278 } 279 280 /* 281 * Add a list of addresses to a sctp_t. 282 */ 283 int 284 sctp_bind_add(sctp_t *sctp, const void *addrs, uint32_t addrcnt, 285 boolean_t caller_hold_lock, in_port_t port) 286 { 287 int err = 0; 288 boolean_t do_asconf = B_FALSE; 289 sctp_stack_t *sctps = sctp->sctp_sctps; 290 conn_t *connp = sctp->sctp_connp; 291 292 if (!caller_hold_lock) 293 RUN_SCTP(sctp); 294 295 if (sctp->sctp_state > SCTPS_ESTABLISHED || 296 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) { 297 if (!caller_hold_lock) 298 WAKE_SCTP(sctp); 299 return (EINVAL); 300 } 301 302 if (sctp->sctp_state > SCTPS_LISTEN) { 303 /* 304 * Let's do some checking here rather than undoing the 305 * add later (for these reasons). 306 */ 307 if (!sctps->sctps_addip_enabled || 308 !sctp->sctp_understands_asconf || 309 !sctp->sctp_understands_addip) { 310 if (!caller_hold_lock) 311 WAKE_SCTP(sctp); 312 return (EINVAL); 313 } 314 do_asconf = B_TRUE; 315 } 316 /* 317 * On a clustered node, for an inaddr_any bind, we will pass the list 318 * of all the addresses in the global list, minus any address on the 319 * loopback interface, and expect the clustering susbsystem to give us 320 * the correct list for the 'port'. For explicit binds we give the 321 * list of addresses and the clustering module validates it for the 322 * 'port'. 323 * 324 * On a non-clustered node, cl_sctp_check_addrs will be NULL and 325 * we proceed as usual. 326 */ 327 if (cl_sctp_check_addrs != NULL) { 328 uchar_t *addrlist = NULL; 329 size_t size = 0; 330 int unspec = 0; 331 boolean_t do_listen; 332 uchar_t *llist = NULL; 333 size_t lsize = 0; 334 335 /* 336 * If we are adding addresses after listening, but before 337 * an association is established, we need to update the 338 * clustering module with this info. 339 */ 340 do_listen = !do_asconf && sctp->sctp_state > SCTPS_BOUND && 341 cl_sctp_listen != NULL; 342 343 err = sctp_get_addrlist(sctp, addrs, &addrcnt, &addrlist, 344 &unspec, &size); 345 if (err != 0) { 346 ASSERT(addrlist == NULL); 347 ASSERT(addrcnt == 0); 348 ASSERT(size == 0); 349 if (!caller_hold_lock) 350 WAKE_SCTP(sctp); 351 SCTP_KSTAT(sctps, sctp_cl_check_addrs); 352 return (err); 353 } 354 ASSERT(addrlist != NULL); 355 (*cl_sctp_check_addrs)(connp->conn_family, port, &addrlist, 356 size, &addrcnt, unspec == 1); 357 if (addrcnt == 0) { 358 /* We free the list */ 359 kmem_free(addrlist, size); 360 if (!caller_hold_lock) 361 WAKE_SCTP(sctp); 362 return (EINVAL); 363 } 364 if (do_listen) { 365 lsize = sizeof (in6_addr_t) * addrcnt; 366 llist = kmem_alloc(lsize, KM_SLEEP); 367 } 368 err = sctp_valid_addr_list(sctp, addrlist, addrcnt, llist, 369 lsize); 370 if (err == 0 && do_listen) { 371 (*cl_sctp_listen)(connp->conn_family, llist, 372 addrcnt, connp->conn_lport); 373 /* list will be freed by the clustering module */ 374 } else if (err != 0 && llist != NULL) { 375 kmem_free(llist, lsize); 376 } 377 /* free the list we allocated */ 378 kmem_free(addrlist, size); 379 } else { 380 err = sctp_valid_addr_list(sctp, addrs, addrcnt, NULL, 0); 381 } 382 if (err != 0) { 383 if (!caller_hold_lock) 384 WAKE_SCTP(sctp); 385 return (err); 386 } 387 /* Need to send ASCONF messages */ 388 if (do_asconf) { 389 err = sctp_add_ip(sctp, addrs, addrcnt); 390 if (err != 0) { 391 sctp_del_saddr_list(sctp, addrs, addrcnt, B_FALSE); 392 if (!caller_hold_lock) 393 WAKE_SCTP(sctp); 394 return (err); 395 } 396 } 397 if (!caller_hold_lock) 398 WAKE_SCTP(sctp); 399 return (0); 400 } 401 402 /* 403 * Remove one or more addresses bound to the sctp_t. 404 */ 405 int 406 sctp_bind_del(sctp_t *sctp, const void *addrs, uint32_t addrcnt, 407 boolean_t caller_hold_lock) 408 { 409 int error = 0; 410 boolean_t do_asconf = B_FALSE; 411 uchar_t *ulist = NULL; 412 size_t usize = 0; 413 sctp_stack_t *sctps = sctp->sctp_sctps; 414 conn_t *connp = sctp->sctp_connp; 415 416 if (!caller_hold_lock) 417 RUN_SCTP(sctp); 418 419 if (sctp->sctp_state > SCTPS_ESTABLISHED || 420 (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) { 421 if (!caller_hold_lock) 422 WAKE_SCTP(sctp); 423 return (EINVAL); 424 } 425 /* 426 * Fail the remove if we are beyond listen, but can't send this 427 * to the peer. 428 */ 429 if (sctp->sctp_state > SCTPS_LISTEN) { 430 if (!sctps->sctps_addip_enabled || 431 !sctp->sctp_understands_asconf || 432 !sctp->sctp_understands_addip) { 433 if (!caller_hold_lock) 434 WAKE_SCTP(sctp); 435 return (EINVAL); 436 } 437 do_asconf = B_TRUE; 438 } 439 440 /* Can't delete the last address nor all of the addresses */ 441 if (sctp->sctp_nsaddrs == 1 || addrcnt >= sctp->sctp_nsaddrs) { 442 if (!caller_hold_lock) 443 WAKE_SCTP(sctp); 444 return (EINVAL); 445 } 446 447 if (cl_sctp_unlisten != NULL && !do_asconf && 448 sctp->sctp_state > SCTPS_BOUND) { 449 usize = sizeof (in6_addr_t) * addrcnt; 450 ulist = kmem_alloc(usize, KM_SLEEP); 451 } 452 453 error = sctp_del_ip(sctp, addrs, addrcnt, ulist, usize); 454 if (error != 0) { 455 if (ulist != NULL) 456 kmem_free(ulist, usize); 457 if (!caller_hold_lock) 458 WAKE_SCTP(sctp); 459 return (error); 460 } 461 /* ulist will be non-NULL only if cl_sctp_unlisten is non-NULL */ 462 if (ulist != NULL) { 463 ASSERT(cl_sctp_unlisten != NULL); 464 (*cl_sctp_unlisten)(connp->conn_family, ulist, addrcnt, 465 connp->conn_lport); 466 /* ulist will be freed by the clustering module */ 467 } 468 if (!caller_hold_lock) 469 WAKE_SCTP(sctp); 470 return (error); 471 } 472 473 /* 474 * Returns 0 for success, errno value otherwise. 475 * 476 * If the "bind_to_req_port_only" parameter is set and the requested port 477 * number is available, then set allocated_port to it. If not available, 478 * return an error. 479 * 480 * If the "bind_to_req_port_only" parameter is not set and the requested port 481 * number is available, then set allocated_port to it. If not available, 482 * find the first anonymous port we can and set allocated_port to that. If no 483 * anonymous ports are available, return an error. 484 * 485 * In either case, when succeeding, update the sctp_t to record the port number 486 * and insert it in the bind hash table. 487 */ 488 int 489 sctp_bindi(sctp_t *sctp, in_port_t port, boolean_t bind_to_req_port_only, 490 int user_specified, in_port_t *allocated_port) 491 { 492 /* number of times we have run around the loop */ 493 int count = 0; 494 /* maximum number of times to run around the loop */ 495 int loopmax; 496 sctp_stack_t *sctps = sctp->sctp_sctps; 497 conn_t *connp = sctp->sctp_connp; 498 zone_t *zone = crgetzone(connp->conn_cred); 499 zoneid_t zoneid = connp->conn_zoneid; 500 501 /* 502 * Lookup for free addresses is done in a loop and "loopmax" 503 * influences how long we spin in the loop 504 */ 505 if (bind_to_req_port_only) { 506 /* 507 * If the requested port is busy, don't bother to look 508 * for a new one. Setting loop maximum count to 1 has 509 * that effect. 510 */ 511 loopmax = 1; 512 } else { 513 /* 514 * If the requested port is busy, look for a free one 515 * in the anonymous port range. 516 * Set loopmax appropriately so that one does not look 517 * forever in the case all of the anonymous ports are in use. 518 */ 519 loopmax = (sctps->sctps_largest_anon_port - 520 sctps->sctps_smallest_anon_port + 1); 521 } 522 do { 523 uint16_t lport; 524 sctp_tf_t *tbf; 525 sctp_t *lsctp; 526 int addrcmp; 527 528 lport = htons(port); 529 530 /* 531 * Ensure that the sctp_t is not currently in the bind hash. 532 * Hold the lock on the hash bucket to ensure that 533 * the duplicate check plus the insertion is an atomic 534 * operation. 535 * 536 * This function does an inline lookup on the bind hash list 537 * Make sure that we access only members of sctp_t 538 * and that we don't look at sctp_sctp, since we are not 539 * doing a SCTPB_REFHOLD. For more details please see the notes 540 * in sctp_compress() 541 */ 542 sctp_bind_hash_remove(sctp); 543 tbf = &sctps->sctps_bind_fanout[SCTP_BIND_HASH(port)]; 544 mutex_enter(&tbf->tf_lock); 545 for (lsctp = tbf->tf_sctp; lsctp != NULL; 546 lsctp = lsctp->sctp_bind_hash) { 547 conn_t *lconnp = lsctp->sctp_connp; 548 549 if (lport != lconnp->conn_lport || 550 lsctp->sctp_state < SCTPS_BOUND) 551 continue; 552 553 /* 554 * On a labeled system, we must treat bindings to ports 555 * on shared IP addresses by sockets with MAC exemption 556 * privilege as being in all zones, as there's 557 * otherwise no way to identify the right receiver. 558 */ 559 if (lconnp->conn_zoneid != zoneid && 560 lconnp->conn_mac_mode == CONN_MAC_DEFAULT && 561 connp->conn_mac_mode == CONN_MAC_DEFAULT) 562 continue; 563 564 addrcmp = sctp_compare_saddrs(sctp, lsctp); 565 if (addrcmp != SCTP_ADDR_DISJOINT) { 566 if (!connp->conn_reuseaddr) { 567 /* in use */ 568 break; 569 } else if (lsctp->sctp_state == SCTPS_BOUND || 570 lsctp->sctp_state == SCTPS_LISTEN) { 571 /* 572 * socket option SO_REUSEADDR is set 573 * on the binding sctp_t. 574 * 575 * We have found a match of IP source 576 * address and source port, which is 577 * refused regardless of the 578 * SO_REUSEADDR setting, so we break. 579 */ 580 break; 581 } 582 } 583 } 584 if (lsctp != NULL) { 585 /* The port number is busy */ 586 mutex_exit(&tbf->tf_lock); 587 } else { 588 if (is_system_labeled()) { 589 mlp_type_t addrtype, mlptype; 590 uint_t ipversion; 591 592 /* 593 * On a labeled system we must check the type 594 * of the binding requested by the user (either 595 * MLP or SLP on shared and private addresses), 596 * and that the user's requested binding 597 * is permitted. 598 */ 599 if (connp->conn_family == AF_INET) 600 ipversion = IPV4_VERSION; 601 else 602 ipversion = IPV6_VERSION; 603 604 addrtype = tsol_mlp_addr_type( 605 connp->conn_allzones ? ALL_ZONES : 606 zone->zone_id, 607 ipversion, 608 connp->conn_family == AF_INET ? 609 (void *)&sctp->sctp_ipha->ipha_src : 610 (void *)&sctp->sctp_ip6h->ip6_src, 611 sctps->sctps_netstack->netstack_ip); 612 613 /* 614 * tsol_mlp_addr_type returns the possibilities 615 * for the selected address. Since all local 616 * addresses are either private or shared, the 617 * return value mlptSingle means "local address 618 * not valid (interface not present)." 619 */ 620 if (addrtype == mlptSingle) { 621 mutex_exit(&tbf->tf_lock); 622 return (EADDRNOTAVAIL); 623 } 624 mlptype = tsol_mlp_port_type(zone, IPPROTO_SCTP, 625 port, addrtype); 626 if (mlptype != mlptSingle) { 627 if (secpolicy_net_bindmlp(connp-> 628 conn_cred) != 0) { 629 mutex_exit(&tbf->tf_lock); 630 return (EACCES); 631 } 632 /* 633 * If we're binding a shared MLP, then 634 * make sure that this zone is the one 635 * that owns that MLP. Shared MLPs can 636 * be owned by at most one zone. 637 * 638 * No need to handle exclusive-stack 639 * zones since ALL_ZONES only applies 640 * to the shared stack. 641 */ 642 643 if (mlptype == mlptShared && 644 addrtype == mlptShared && 645 connp->conn_zoneid != 646 tsol_mlp_findzone(IPPROTO_SCTP, 647 lport)) { 648 mutex_exit(&tbf->tf_lock); 649 return (EACCES); 650 } 651 connp->conn_mlp_type = mlptype; 652 } 653 } 654 /* 655 * This port is ours. Insert in fanout and mark as 656 * bound to prevent others from getting the port 657 * number. 658 */ 659 sctp->sctp_state = SCTPS_BOUND; 660 connp->conn_lport = lport; 661 662 ASSERT(&sctps->sctps_bind_fanout[ 663 SCTP_BIND_HASH(port)] == tbf); 664 sctp_bind_hash_insert(tbf, sctp, 1); 665 666 mutex_exit(&tbf->tf_lock); 667 668 /* 669 * We don't want sctp_next_port_to_try to "inherit" 670 * a port number supplied by the user in a bind. 671 * 672 * This is the only place where sctp_next_port_to_try 673 * is updated. After the update, it may or may not 674 * be in the valid range. 675 */ 676 if (user_specified == 0) 677 sctps->sctps_next_port_to_try = port + 1; 678 679 *allocated_port = port; 680 681 return (0); 682 } 683 684 if ((count == 0) && (user_specified)) { 685 /* 686 * We may have to return an anonymous port. So 687 * get one to start with. 688 */ 689 port = sctp_update_next_port( 690 sctps->sctps_next_port_to_try, 691 zone, sctps); 692 user_specified = 0; 693 } else { 694 port = sctp_update_next_port(port + 1, zone, sctps); 695 } 696 if (port == 0) 697 break; 698 699 /* 700 * Don't let this loop run forever in the case where 701 * all of the anonymous ports are in use. 702 */ 703 } while (++count < loopmax); 704 705 return (bind_to_req_port_only ? EADDRINUSE : EADDRNOTAVAIL); 706 } 707 708 /* 709 * Don't let port fall into the privileged range. 710 * Since the extra privileged ports can be arbitrary we also 711 * ensure that we exclude those from consideration. 712 * sctp_g_epriv_ports is not sorted thus we loop over it until 713 * there are no changes. 714 * 715 * Note: No locks are held when inspecting sctp_g_*epriv_ports 716 * but instead the code relies on: 717 * - the fact that the address of the array and its size never changes 718 * - the atomic assignment of the elements of the array 719 */ 720 in_port_t 721 sctp_update_next_port(in_port_t port, zone_t *zone, sctp_stack_t *sctps) 722 { 723 int i; 724 boolean_t restart = B_FALSE; 725 726 retry: 727 if (port < sctps->sctps_smallest_anon_port) 728 port = sctps->sctps_smallest_anon_port; 729 730 if (port > sctps->sctps_largest_anon_port) { 731 if (restart) 732 return (0); 733 restart = B_TRUE; 734 port = sctps->sctps_smallest_anon_port; 735 } 736 737 if (port < sctps->sctps_smallest_nonpriv_port) 738 port = sctps->sctps_smallest_nonpriv_port; 739 740 for (i = 0; i < sctps->sctps_g_num_epriv_ports; i++) { 741 if (port == sctps->sctps_g_epriv_ports[i]) { 742 port++; 743 /* 744 * Make sure whether the port is in the 745 * valid range. 746 * 747 * XXX Note that if sctp_g_epriv_ports contains 748 * all the anonymous ports this will be an 749 * infinite loop. 750 */ 751 goto retry; 752 } 753 } 754 755 if (is_system_labeled() && 756 (i = tsol_next_port(zone, port, IPPROTO_SCTP, B_TRUE)) != 0) { 757 port = i; 758 goto retry; 759 } 760 761 return (port); 762 } 763