1
0
mirror of https://passt.top/passt synced 2025-01-21 11:45:15 +00:00

passt: Seed libc's pseudo random number generator

We have an upcoming case where we need pseudo-random numbers to scatter
timings, but we don't need cryptographically strong random numbers.  libc's
built in random() is fine for this purpose, but we should seed it.  Extend
secret_init() - the only current user of random numbers - to do this as
well as generating the SipHash secret.  Using /dev/random for a PRNG seed
is probably overkill, but it's simple and we only do it once, so we might
as well.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2024-11-14 14:33:09 +11:00 committed by Stefano Brivio
parent 71d5deed5e
commit b39760cc7d

13
passt.c
View File

@ -110,12 +110,19 @@ static void post_handler(struct ctx *c, const struct timespec *now)
}
/**
* secret_init() - Create secret value for SipHash calculations
* random_init() - Initialise things based on random data
* @c: Execution context
*/
static void secret_init(struct ctx *c)
static void random_init(struct ctx *c)
{
unsigned int seed;
/* Create secret value for SipHash calculations */
raw_random(&c->hash_secret, sizeof(c->hash_secret));
/* Seed pseudo-RNG for things that need non-cryptographic random */
raw_random(&seed, sizeof(seed));
srandom(seed);
}
/**
@ -236,7 +243,7 @@ int main(int argc, char **argv)
tap_sock_init(&c);
secret_init(&c);
random_init(&c);
if (clock_gettime(CLOCK_MONOTONIC, &now))
die_perror("Failed to get CLOCK_MONOTONIC time");