From f6b6118fcabda6d6a89a4a16dfee151ab97f1d7a Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Fri, 31 Oct 2025 15:19:30 +1100
Subject: tcp, udp: Don't exclude ports in {tcp,udp}_port_rebind()

To avoid circular forwarding, {tcp,udp}_port_rebind() refuse to listen on
ports that we're already listening on in the reverse direction.  This is
redundant, because we already remove such ports from the forward map when
we scan.  This was needed previously, because our reverse maps might have
been one cycle out of date, so could be missing a newly appeared port.

We've now rearranged the port scanning code to avoid that, so we don't need
the check in tcp_port_rebind() any more.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 tcp.c | 5 -----
 udp.c | 6 ------
 2 files changed, 11 deletions(-)

diff --git a/tcp.c b/tcp.c
index c35c1c3..e91c0cf 100644
--- a/tcp.c
+++ b/tcp.c
@@ -2832,7 +2832,6 @@ int tcp_init(struct ctx *c)
 static void tcp_port_rebind(struct ctx *c, bool outbound)
 {
 	const uint8_t *fmap = outbound ? c->tcp.fwd_out.map : c->tcp.fwd_in.map;
-	const uint8_t *rmap = outbound ? c->tcp.fwd_in.map : c->tcp.fwd_out.map;
 	int (*socks)[IP_VERSIONS] = outbound ? tcp_sock_ns : tcp_sock_init_ext;
 	unsigned port;
 
@@ -2851,10 +2850,6 @@ static void tcp_port_rebind(struct ctx *c, bool outbound)
 			continue;
 		}
 
-		/* Don't loop back our own ports */
-		if (bitmap_isset(rmap, port))
-			continue;
-
 		if ((c->ifi4 && socks[port][V4] == -1) ||
 		    (c->ifi6 && socks[port][V6] == -1)) {
 			if (outbound)
diff --git a/udp.c b/udp.c
index 8cff880..9c00950 100644
--- a/udp.c
+++ b/udp.c
@@ -1204,8 +1204,6 @@ static void udp_port_rebind(struct ctx *c, bool outbound)
 	int (*socks)[NUM_PORTS] = outbound ? udp_splice_ns : udp_splice_init;
 	const uint8_t *fmap
 		= outbound ? c->udp.fwd_out.map : c->udp.fwd_in.map;
-	const uint8_t *rmap
-		= outbound ? c->udp.fwd_in.map : c->udp.fwd_out.map;
 	unsigned port;
 
 	for (port = 0; port < NUM_PORTS; port++) {
@@ -1223,10 +1221,6 @@ static void udp_port_rebind(struct ctx *c, bool outbound)
 			continue;
 		}
 
-		/* Don't loop back our own ports */
-		if (bitmap_isset(rmap, port))
-			continue;
-
 		if ((c->ifi4 && socks[V4][port] == -1) ||
 		    (c->ifi6 && socks[V6][port] == -1))
 			udp_sock_init(c, outbound, NULL, NULL, port);
-- 
cgit v1.2.3