diff options
author | Maciej Żenczykowski <maze@google.com> | 2019-11-26 00:37:04 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2019-11-26 22:20:46 +0100 |
commit | 82f31ebf61bed3077c9935308e0a4b6c44842c5a (patch) | |
tree | 0db99fcf06cb9dd3f5333406547d0ed0680cea52 /mm/rmap.c | |
parent | Merge branch 'ibmvnic-Harden-device-commands-and-queries' (diff) | |
download | linux-82f31ebf61bed3077c9935308e0a4b6c44842c5a.tar.xz linux-82f31ebf61bed3077c9935308e0a4b6c44842c5a.zip |
net: port < inet_prot_sock(net) --> inet_port_requires_bind_service(net, port)
Note that the sysctl write accessor functions guarantee that:
net->ipv4.sysctl_ip_prot_sock <= net->ipv4.ip_local_ports.range[0]
invariant is maintained, and as such the max() in selinux hooks is actually spurious.
ie. even though
if (snum < max(inet_prot_sock(sock_net(sk)), low) || snum > high) {
per logic is the same as
if ((snum < inet_prot_sock(sock_net(sk)) && snum < low) || snum > high) {
it is actually functionally equivalent to:
if (snum < low || snum > high) {
which is equivalent to:
if (snum < inet_prot_sock(sock_net(sk)) || snum < low || snum > high) {
even though the first clause is spurious.
But we want to hold on to it in case we ever want to change what what
inet_port_requires_bind_service() means (for example by changing
it from a, by default, [0..1024) range to some sort of set).
Test: builds, git 'grep inet_prot_sock' finds no other references
Cc: Eric Dumazet <edumazet@google.com>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions