This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Holger Freyther gerrit-no-reply at lists.osmocom.orgHolger Freyther has uploaded this change for review. ( https://gerrit.osmocom.org/10098
Change subject: Move from libc random() to osmo_get_rand_id (2nd attempt)
......................................................................
Move from libc random() to osmo_get_rand_id (2nd attempt)
When starting multiple mobile in the same second, the libc random number
generator will be seeded to exactly the same value.
The random bits inside the RACH request(s) will be exactly the same
across multiple mobile and when the channel fails they all pick the same
randomized back-off timing.
Use stronger random numbers and replace all calls to random(2) with
osmo_get_rand_id. Add a fallback to try random().
[v2: Add helper to make sure the result is int and between 0 and
RAND_MAX]
Change-Id: Icdd4be88c62bba1e9d954568e48f0c12a67ac182
---
M src/host/layer23/include/osmocom/bb/mobile/Makefile.am
A src/host/layer23/include/osmocom/bb/mobile/utils.h
M src/host/layer23/src/mobile/Makefile.am
M src/host/layer23/src/mobile/gsm322.c
M src/host/layer23/src/mobile/gsm48_mm.c
M src/host/layer23/src/mobile/gsm48_rr.c
M src/host/layer23/src/mobile/settings.c
A src/host/layer23/src/mobile/utils.c
8 files changed, 64 insertions(+), 7 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmocom-bb refs/changes/98/10098/1
diff --git a/src/host/layer23/include/osmocom/bb/mobile/Makefile.am b/src/host/layer23/include/osmocom/bb/mobile/Makefile.am
index 12cf24b..d2b4f2a 100644
--- a/src/host/layer23/include/osmocom/bb/mobile/Makefile.am
+++ b/src/host/layer23/include/osmocom/bb/mobile/Makefile.am
@@ -1,3 +1,3 @@
noinst_HEADERS = gsm322.h gsm480_ss.h gsm411_sms.h gsm48_cc.h gsm48_mm.h \
gsm48_rr.h mncc.h settings.h subscriber.h support.h \
- transaction.h vty.h mncc_sock.h primitives.h
+ transaction.h vty.h mncc_sock.h primitives.h utils.h
diff --git a/src/host/layer23/include/osmocom/bb/mobile/utils.h b/src/host/layer23/include/osmocom/bb/mobile/utils.h
new file mode 100644
index 0000000..30f09ff
--- /dev/null
+++ b/src/host/layer23/include/osmocom/bb/mobile/utils.h
@@ -0,0 +1,3 @@
+#pragma once
+
+int mobile_random(void);
diff --git a/src/host/layer23/src/mobile/Makefile.am b/src/host/layer23/src/mobile/Makefile.am
index 4e80e4e..f541565 100644
--- a/src/host/layer23/src/mobile/Makefile.am
+++ b/src/host/layer23/src/mobile/Makefile.am
@@ -5,7 +5,7 @@
noinst_LIBRARIES = libmobile.a
libmobile_a_SOURCES = gsm322.c gsm480_ss.c gsm411_sms.c gsm48_cc.c gsm48_mm.c \
gsm48_rr.c mnccms.c settings.c subscriber.c support.c \
- transaction.c vty_interface.c voice.c mncc_sock.c primitives.c
+ transaction.c vty_interface.c voice.c mncc_sock.c primitives.c utils.c
bin_PROGRAMS = mobile
diff --git a/src/host/layer23/src/mobile/gsm322.c b/src/host/layer23/src/mobile/gsm322.c
index c3485b6..f49b97d 100644
--- a/src/host/layer23/src/mobile/gsm322.c
+++ b/src/host/layer23/src/mobile/gsm322.c
@@ -40,6 +40,7 @@
#include <osmocom/bb/common/networks.h>
#include <osmocom/bb/mobile/vty.h>
#include <osmocom/bb/mobile/app_mobile.h>
+#include <osmocom/bb/mobile/utils.h>
#include <l1ctl_proto.h>
@@ -959,7 +960,7 @@
entries++;
}
while(entries) {
- move = random() % entries;
+ move = mobile_random() % entries;
i = 0;
llist_for_each_entry(temp, &temp_list, entry) {
if (rxlev2dbm(temp->rxlev) > -85) {
diff --git a/src/host/layer23/src/mobile/gsm48_mm.c b/src/host/layer23/src/mobile/gsm48_mm.c
index a7af1f5..c7cea65 100644
--- a/src/host/layer23/src/mobile/gsm48_mm.c
+++ b/src/host/layer23/src/mobile/gsm48_mm.c
@@ -30,6 +30,7 @@
#include <osmocom/core/utils.h>
#include <osmocom/gsm/gsm48.h>
#include <osmocom/core/talloc.h>
+#include <osmocom/gsm/gsm_utils.h>
#include <osmocom/bb/common/logging.h>
#include <osmocom/bb/common/osmocom_data.h>
@@ -41,6 +42,7 @@
#include <osmocom/bb/mobile/app_mobile.h>
#include <osmocom/bb/mobile/primitives.h>
#include <osmocom/bb/mobile/vty.h>
+#include <osmocom/bb/mobile/utils.h>
extern void *l23_ctx;
@@ -2099,7 +2101,7 @@
mm->t3212.timeout.tv_sec = current_time.tv_sec
+ (t % s->t3212);
} else {
- uint32_t rand = random();
+ uint32_t rand = mobile_random();
LOGP(DMM, LOGL_INFO, "New T3212 while timer is not "
"running (value %d)\n", s->t3212);
diff --git a/src/host/layer23/src/mobile/gsm48_rr.c b/src/host/layer23/src/mobile/gsm48_rr.c
index dd3fe93..5921c76 100644
--- a/src/host/layer23/src/mobile/gsm48_rr.c
+++ b/src/host/layer23/src/mobile/gsm48_rr.c
@@ -71,6 +71,7 @@
#include <osmocom/gsm/rsl.h>
#include <osmocom/gsm/gsm48.h>
#include <osmocom/core/bitvec.h>
+#include <osmocom/gsm/gsm_utils.h>
#include <osmocom/bb/common/osmocom_data.h>
#include <osmocom/bb/common/l1l2_interface.h>
@@ -79,6 +80,7 @@
#include <osmocom/bb/common/networks.h>
#include <osmocom/bb/common/l1ctl.h>
#include <osmocom/bb/mobile/vty.h>
+#include <osmocom/bb/mobile/utils.h>
#include <l1ctl_proto.h>
@@ -1628,7 +1630,7 @@
}
}
- chan_req = random();
+ chan_req = mobile_random();
chan_req &= rr->chan_req_mask;
chan_req |= rr->chan_req_val;
diff --git a/src/host/layer23/src/mobile/settings.c b/src/host/layer23/src/mobile/settings.c
index 7370b0a..908b4b4 100644
--- a/src/host/layer23/src/mobile/settings.c
+++ b/src/host/layer23/src/mobile/settings.c
@@ -23,8 +23,10 @@
#include <errno.h>
#include <string.h>
#include <osmocom/core/talloc.h>
+#include <osmocom/gsm/gsm_utils.h>
#include <osmocom/bb/mobile/app_mobile.h>
+#include <osmocom/bb/mobile/utils.h>
#include <osmocom/bb/common/logging.h>
#include <osmocom/bb/common/osmocom_data.h>
#include <osmocom/bb/common/networks.h>
@@ -184,8 +186,8 @@
if (digits > 15)
digits = 15;
- sprintf(rand, "%08ld", random() % 100000000);
- sprintf(rand + 8, "%07ld", random() % 10000000);
+ sprintf(rand, "%08d", mobile_random() % 100000000);
+ sprintf(rand + 8, "%07d", mobile_random() % 10000000);
strcpy(set->imei + 15 - digits, rand + 15 - digits);
strncpy(set->imeisv, set->imei, 15);
diff --git a/src/host/layer23/src/mobile/utils.c b/src/host/layer23/src/mobile/utils.c
new file mode 100644
index 0000000..50a7f54
--- /dev/null
+++ b/src/host/layer23/src/mobile/utils.c
@@ -0,0 +1,47 @@
+/* Utilities used by mobile */
+
+/* (C) 2018 by Holger Hans Peter Freyther
+ *
+ * All Rights Reserved
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ */
+
+#include <osmocom/bb/mobile/utils.h>
+
+#include <osmocom/gsm/gsm_utils.h>
+
+#include <stdlib.h>
+#include <stdint.h>
+
+
+/**
+ * A secure replacement for random(3).
+ *
+ * \return a secure random number using osmo_get_rand_id between
+ * 0 and RAND_MAX.
+ */
+int mobile_random(void)
+{
+ unsigned int r;
+
+ if (osmo_get_rand_id((uint8_t *) &r, sizeof(r)) != 0)
+ return random();
+
+ r &= ~(1U << 31);
+ r %= RAND_MAX;
+ return (int) r;
+}
--
To view, visit https://gerrit.osmocom.org/10098
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings
Gerrit-Project: osmocom-bb
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Icdd4be88c62bba1e9d954568e48f0c12a67ac182
Gerrit-Change-Number: 10098
Gerrit-PatchSet: 1
Gerrit-Owner: Holger Freyther <holger at freyther.de>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180721/26682ff9/attachment.htm>