ocfs2: Binds listener to the configured ip address
This patch binds the o2net listener to the configured ip address
instead of INADDR_ANY for security. Fixes oss.oracle.com bugzilla#814.
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
diff --git a/fs/ocfs2/cluster/tcp.c b/fs/ocfs2/cluster/tcp.c
index 7700418..2021aec 100644
--- a/fs/ocfs2/cluster/tcp.c
+++ b/fs/ocfs2/cluster/tcp.c
@@ -1805,13 +1805,13 @@
ready(sk, bytes);
}
-static int o2net_open_listening_sock(__be16 port)
+static int o2net_open_listening_sock(__be32 addr, __be16 port)
{
struct socket *sock = NULL;
int ret;
struct sockaddr_in sin = {
.sin_family = PF_INET,
- .sin_addr = { .s_addr = (__force u32)htonl(INADDR_ANY) },
+ .sin_addr = { .s_addr = (__force u32)addr },
.sin_port = (__force u16)port,
};
@@ -1834,15 +1834,15 @@
sock->sk->sk_reuse = 1;
ret = sock->ops->bind(sock, (struct sockaddr *)&sin, sizeof(sin));
if (ret < 0) {
- mlog(ML_ERROR, "unable to bind socket to port %d, ret=%d\n",
- ntohs(port), ret);
+ mlog(ML_ERROR, "unable to bind socket at %u.%u.%u.%u:%u, "
+ "ret=%d\n", NIPQUAD(addr), ntohs(port), ret);
goto out;
}
ret = sock->ops->listen(sock, 64);
if (ret < 0) {
- mlog(ML_ERROR, "unable to listen on port %d, ret=%d\n",
- ntohs(port), ret);
+ mlog(ML_ERROR, "unable to listen on %u.%u.%u.%u:%u, ret=%d\n",
+ NIPQUAD(addr), ntohs(port), ret);
}
out:
@@ -1875,7 +1875,8 @@
return -ENOMEM; /* ? */
}
- ret = o2net_open_listening_sock(node->nd_ipv4_port);
+ ret = o2net_open_listening_sock(node->nd_ipv4_address,
+ node->nd_ipv4_port);
if (ret) {
destroy_workqueue(o2net_wq);
o2net_wq = NULL;