Change in osmocom-bb[master]: Move from libc random() to osmo_get_rand_id

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Holger Freyther gerrit-no-reply at lists.osmocom.org
Wed Jul 11 21:13:11 UTC 2018


Holger Freyther has submitted this change and it was merged. ( https://gerrit.osmocom.org/9914 )

Change subject: Move from libc random() to osmo_get_rand_id
......................................................................

Move from libc random() to osmo_get_rand_id

When starting multiple mobile in the same second, the libc random number
generator will be seeded to exactly the same value.

The random bits inside the RACH request(s) will be exactly the same
across multiple mobile and when the channel fails they all pick the same
randomized back-off timing.

Use stronger random numbers and replace all calls to random(2) with
osmo_get_rand_id. Add a fallback to try random().

Change-Id: Ie0cc64663cd4b90c027b79545dc5d3ac9d87b9dd
---
M src/host/layer23/src/mobile/gsm322.c
M src/host/layer23/src/mobile/gsm48_mm.c
M src/host/layer23/src/mobile/gsm48_rr.c
M src/host/layer23/src/mobile/settings.c
4 files changed, 18 insertions(+), 5 deletions(-)

Approvals:
  Holger Freyther: Looks good to me, approved
  Vadim Yanitskiy: Looks good to me, but someone else must approve
  Jenkins Builder: Verified



diff --git a/src/host/layer23/src/mobile/gsm322.c b/src/host/layer23/src/mobile/gsm322.c
index c3485b6..ce25cd5 100644
--- a/src/host/layer23/src/mobile/gsm322.c
+++ b/src/host/layer23/src/mobile/gsm322.c
@@ -959,7 +959,9 @@
 			entries++;
 	}
 	while(entries) {
-		move = random() % entries;
+		if (osmo_get_rand_id((uint8_t *) &move, sizeof(move)) != 0)
+			move = random();
+		move = move % entries;
 		i = 0;
 		llist_for_each_entry(temp, &temp_list, entry) {
 			if (rxlev2dbm(temp->rxlev) > -85) {
diff --git a/src/host/layer23/src/mobile/gsm48_mm.c b/src/host/layer23/src/mobile/gsm48_mm.c
index a7af1f5..a36e7e8 100644
--- a/src/host/layer23/src/mobile/gsm48_mm.c
+++ b/src/host/layer23/src/mobile/gsm48_mm.c
@@ -30,6 +30,7 @@
 #include <osmocom/core/utils.h>
 #include <osmocom/gsm/gsm48.h>
 #include <osmocom/core/talloc.h>
+#include <osmocom/gsm/gsm_utils.h>
 
 #include <osmocom/bb/common/logging.h>
 #include <osmocom/bb/common/osmocom_data.h>
@@ -2099,7 +2100,9 @@
 			mm->t3212.timeout.tv_sec = current_time.tv_sec
 				+ (t % s->t3212);
 		} else {
-			uint32_t rand = random();
+			uint32_t rand;
+			if (osmo_get_rand_id((uint8_t *) &rand, sizeof(rand)) != 0)
+				rand = random();
 
 			LOGP(DMM, LOGL_INFO, "New T3212 while timer is not "
 				"running (value %d)\n", s->t3212);
diff --git a/src/host/layer23/src/mobile/gsm48_rr.c b/src/host/layer23/src/mobile/gsm48_rr.c
index dd3fe93..db2cb5e 100644
--- a/src/host/layer23/src/mobile/gsm48_rr.c
+++ b/src/host/layer23/src/mobile/gsm48_rr.c
@@ -71,6 +71,7 @@
 #include <osmocom/gsm/rsl.h>
 #include <osmocom/gsm/gsm48.h>
 #include <osmocom/core/bitvec.h>
+#include <osmocom/gsm/gsm_utils.h>
 
 #include <osmocom/bb/common/osmocom_data.h>
 #include <osmocom/bb/common/l1l2_interface.h>
@@ -1628,7 +1629,8 @@
 		}
 	}
 
-	chan_req = random();
+	if (osmo_get_rand_id((uint8_t *) &chan_req, sizeof(chan_req)) != 0)
+		chan_req = random();
 	chan_req &= rr->chan_req_mask;
 	chan_req |= rr->chan_req_val;
 
diff --git a/src/host/layer23/src/mobile/settings.c b/src/host/layer23/src/mobile/settings.c
index 7370b0a..80b0b48 100644
--- a/src/host/layer23/src/mobile/settings.c
+++ b/src/host/layer23/src/mobile/settings.c
@@ -23,6 +23,7 @@
 #include <errno.h>
 #include <string.h>
 #include <osmocom/core/talloc.h>
+#include <osmocom/gsm/gsm_utils.h>
 
 #include <osmocom/bb/mobile/app_mobile.h>
 #include <osmocom/bb/common/logging.h>
@@ -178,14 +179,19 @@
 {
 	int digits = set->imei_random;
 	char rand[16];
+	long rand_num;
 
 	if (digits <= 0)
 		return 0;
 	if (digits > 15)
 		digits = 15;
 
-	sprintf(rand, "%08ld", random() % 100000000);
-	sprintf(rand + 8, "%07ld", random() % 10000000);
+	if (osmo_get_rand_id((uint8_t *) &rand_num, sizeof(rand_num)) != 0)
+		rand_num = random();
+	sprintf(rand, "%08ld", rand_num % 100000000);
+	if (osmo_get_rand_id((uint8_t *) &rand_num, sizeof(rand_num)) != 0)
+		rand_num = random();
+	sprintf(rand + 8, "%07ld", rand_num % 10000000);
 
 	strcpy(set->imei + 15 - digits, rand + 15 - digits);
 	strncpy(set->imeisv, set->imei, 15);

-- 
To view, visit https://gerrit.osmocom.org/9914
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmocom-bb
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: Ie0cc64663cd4b90c027b79545dc5d3ac9d87b9dd
Gerrit-Change-Number: 9914
Gerrit-PatchSet: 3
Gerrit-Owner: Holger Freyther <holger at freyther.de>
Gerrit-Reviewer: Holger Freyther <holger at freyther.de>
Gerrit-Reviewer: Jenkins Builder
Gerrit-Reviewer: Vadim Yanitskiy <axilirator at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180711/087a7403/attachment.htm>


More information about the gerrit-log mailing list