From b814a93adfaebe63094da43ca155a871ed5bfd5d Mon Sep 17 00:00:00 2001 From: Subash Abhinov Kasiviswanathan Date: Wed, 19 Aug 2015 16:33:59 -0600 Subject: net: Fail explicit bind to local reserved ports Reserved ports may have some special use cases which are not suitable for use by general userspace applications. Currently, ports specified in ip_local_reserved_ports will not be returned only in case of automatic port assignment. Add a boolean sysctl flag 'reserved_port_bind'. Default value is 1 which preserves the existing behavior. Setting the value to 0 will prevent userspace applications from binding to these ports even when they are explicitly requested. BUG=20663075 Change-Id: Ib1071ca5bd437cd3c4f71b56147e4858f3b9ebec Signed-off-by: Subash Abhinov Kasiviswanathan Signed-off-by: Mekala Natarajan --- include/net/ip.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/net/ip.h b/include/net/ip.h index a04070b82..c02d09be8 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -211,6 +211,7 @@ static inline int inet_is_reserved_local_port(int port) return test_bit(port, sysctl_local_reserved_ports); } +extern int sysctl_reserved_port_bind; extern int sysctl_ip_nonlocal_bind; /* From inetpeer.c */ -- cgit v1.2.3