| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210812100010.0f3922d1@oasis.local.home>
Date: Thu, 12 Aug 2021 10:00:10 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: Yordan Karadzhov <y.karadz@...il.com>
Cc: linux-trace-devel@...r.kernel.org, linux-kernel@...r.kernel.org,
Tom Zanussi <zanussi@...nel.org>,
Daniel Bristot de Oliveira <bristot@...hat.com>,
Masami Hiramatsu <mhiramat@...nel.org>
Subject: Re: [PATCH 1/2] libtracefs: Add random number to keep synthetic
variables unique
On Thu, 12 Aug 2021 11:34:57 +0300
Yordan Karadzhov <y.karadz@...il.com> wrote:
> > @@ -957,7 +960,15 @@ static char *new_arg(struct tracefs_synth *synth)
> > char *arg;
> > int ret;
> >
> > - ret = asprintf(&arg, "__arg__%d", cnt);
> > + /* Create a unique argument name */
> > + if (!synth->arg_name[0]) {
> > + srand(time(NULL));
>
> Nit: Have in mind that time(NULL) has 1 second resolution. Fast consecutive calls (within a second) of this function can
> generate identical random numbers.
> This can be mitigated if we do something like this:
>
> struct timeval now;
>
> gettimeofday(&now, NULL);
> srand(now.tv_usec);
So you are saying that if one thread created two synthetic events
within a second, then this could give the same value. Yeah, I can see
that could happen. I was hoping to avoid the declaring the "now" and
calling gettimeofday().
Also, looking more into this, I see that rand() is not safe in thread
context (it may not be a problem, but there's no guarantee), and
perhaps we should just open code it, to be on the safe side.
Thanks for the review.
-- Steve
Powered by blists - more mailing lists