From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-100483-e=80x24.org@sourceware.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS31976 209.132.180.0/23
X-Spam-Status: No, score=-4.1 required=3.0 tests=AWL,BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dcvr.yhbt.net (Postfix) with ESMTPS id 67C1920248
	for <e@80x24.org>; Thu,  7 Mar 2019 17:10:07 +0000 (UTC)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:date:message-id
	:content-type:content-transfer-encoding:mime-version; q=dns; s=
	default; b=vlrJVu8Fp+mSaOCg2s/9Dn7HjXIkFi4KFh9/RESwMZ1ovywZUPn0p
	XJmZrblcN9LXal6YBvhBkw646csjJIWepoWtkr6O97LO54fZW43bBKH98yyEauCA
	VmMStdjtCJUd6rPElmoKXbZOKRLIVeizbHd4ELqtMm9suQ6M56nWDk=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:cc:subject:date:message-id
	:content-type:content-transfer-encoding:mime-version; s=default;
	 bh=jMT1sHe5uywwnmvEf1F3W6FVJEs=; b=HFmJXZnMhOUhdtVsbfiGH6RPAsWV
	+ro/TItu/T2C6THMq79xTKLcX4QsnN/4PAgduGTZHBE750Ihk3wx3wB9aO7eVthz
	h8/SPImTBPkRdfIXnekDmbtvKT9pQpD0aIDxBcTGhGkgTV+LvzZ43BWvfuBTGs3/
	EqYMciHMT4u+TbY=
Received: (qmail 62203 invoked by alias); 7 Mar 2019 17:10:04 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-e=80x24.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 62180 invoked by uid 89); 7 Mar 2019 17:10:04 -0000
Authentication-Results: sourceware.org; auth=none
X-HELO: EUR03-VE1-obe.outbound.protection.outlook.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
 s=selector1-arm-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NhldKElW3ozfP/5mVy37pJs5md1Hpi6irjqSrOl1AH8=;
 b=iOD3c/kBDGa2vAnaJA87u+vECCx83ESg7wOh3FRLzqNKRXJkZIxDmERsJAEHO3OiF0X1QW8AYZXL1Q+kPkP6zmFw1z55O9E4auuN0Tv+bc27/o3Zz4LycV34hpIve4ro93fKePoZDFgj5EectfkY1Xn/3tAnYzwJ7EB3A63GQ8Q=
From: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
To: Adhemerval Zanella <adhemerval.zanella@linaro.org>
CC: nd <nd@arm.com>, "libc-alpha@sourceware.org" <libc-alpha@sourceware.org>
Subject: Re: [PATCH v2 4/6] Do not use HP_TIMING_NOW for random bits
Date: Thu, 7 Mar 2019 17:09:58 +0000
Message-ID:
 <DB5PR08MB1030324E236C7205748F2D9C834C0@DB5PR08MB1030.eurprd08.prod.outlook.com>
x-ms-exchange-purlcount: 1
received-spf: None (protection.outlook.com: arm.com does not designate
 permitted sender hosts)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=Wilco.Dijkstra@arm.com; 
x-ms-exchange-senderadcheck: 1
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED

Hi Adhemerval,

LGTM with a few minor comments below.

Wilco

 include/random-bits.h    | 41 ++++++++++++++++++++++++++++++++++++++++
 resolv/res_mkquery.c     | 19 +++----------------
 resolv/res_send.c        | 12 ++----------
 sysdeps/posix/tempname.c | 19 +++----------------
 4 files changed, 49 insertions(+), 42 deletions(-)
 create mode 100644 include/random-bits.h

diff --git a/include/random-bits.h b/include/random-bits.h
new file mode 100644
index 0000000000..5ab53450af
--- /dev/null
+++ b/include/random-bits.h
@@ -0,0 +1,41 @@
+/* Fast pseudo-random bits based on clock_gettime.
+   Copyright (C) 2019 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#ifndef _RANDOM_BITS_H
+# define _RANDOM_BITS_H
+
+#include <time.h>
+#include <stdint.h>
+
+/* Provides fast pseudo-random bits through clock_gettime.  It has unspeci=
fied
+   starting time, nano-second accuracy, its randomness is significantly be=
tter
+   than gettimeofday, and for mostly architectures it is implemented throu=
gh
+   vDSO instead of a syscall.  Since the source is a system clock, the upp=
er=20
+   bits will have less entropy. */
+static inline uint32_t
+random_bits (void)
+{
+  struct timespec tv;
+  __clock_gettime (CLOCK_MONOTONIC, &tv);
+  /* Shuffle the lower bits to minimize the clock bias.  */
+  uint32_t ret =3D tv.tv_nsec ^ tv.tv_sec;
+  ret ^=3D (ret << 24) | (ret >> 8);
+  return ret;
+}
+
+#endif

OK

diff --git a/resolv/res_mkquery.c b/resolv/res_mkquery.c
index 19b8b402c4..dd43d347af 100644
--- a/resolv/res_mkquery.c
+++ b/resolv/res_mkquery.c
@@ -82,6 +82,7 @@
  * SOFTWARE.
  */
=20
+#include <stdint.h>
 #include <sys/types.h>
 #include <sys/param.h>
 #include <netinet/in.h>
@@ -92,12 +93,7 @@
 #include <string.h>
 #include <sys/time.h>
 #include <shlib-compat.h>
-
-#include <hp-timing.h>
-#include <stdint.h>
-#if HP_TIMING_AVAIL
-# define RANDOM_BITS(Var) { uint64_t v64; HP_TIMING_NOW (v64); Var =3D v64=
; }
-#endif
+#include <random-bits.h>
=20
 int
 __res_context_mkquery (struct resolv_context *ctx, int op, const char *dna=
me,
@@ -120,16 +116,7 @@ __res_context_mkquery (struct resolv_context *ctx, int=
 op, const char *dname,
   /* We randomize the IDs every time.  The old code just incremented
      by one after the initial randomization which still predictable if
      the application does multiple requests.  */
-  int randombits;
-#ifdef RANDOM_BITS
-  RANDOM_BITS (randombits);
-#else
-  struct timeval tv;
-  __gettimeofday (&tv, NULL);
-  randombits =3D (tv.tv_sec << 8) ^ tv.tv_usec;
-#endif
-
-  hp->id =3D randombits;
+  hp->id =3D random_bits ();
   hp->opcode =3D op;
   hp->rd =3D (ctx->resp->options & RES_RECURSE) !=3D 0;
   hp->rcode =3D NOERROR;

OK

diff --git a/resolv/res_send.c b/resolv/res_send.c
index fa040c1198..1b59b6080c 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -109,7 +109,7 @@
 #include <unistd.h>
 #include <kernel-features.h>
 #include <libc-diag.h>
-#include <hp-timing.h>
+#include <random-bits.h>
=20
 #if PACKETSZ > 65536
 #define MAXPACKET       PACKETSZ
@@ -309,15 +309,7 @@ nameserver_offset (struct __res_state *statp)
   if ((offset & 1) =3D=3D 0)
     {
       /* Initialization is required.  */
-#if HP_TIMING_AVAIL
-      uint64_t ticks;
-      HP_TIMING_NOW (ticks);
-      offset =3D ticks;
-#else
-      struct timeval tv;
-      __gettimeofday (&tv, NULL);
-      offset =3D ((tv.tv_sec << 8) ^ tv.tv_usec);
-#endif
+      offset =3D random_bits ();
       /* The lowest bit is the most random.  Preserve it.  */
       offset <<=3D 1;
=20
OK

diff --git a/sysdeps/posix/tempname.c b/sysdeps/posix/tempname.c
index 2ed39d1a42..5217cb38e1 100644
--- a/sysdeps/posix/tempname.c
+++ b/sysdeps/posix/tempname.c
@@ -71,22 +71,8 @@
 #endif
=20
 #ifdef _LIBC
-# include <hp-timing.h>
-# if HP_TIMING_AVAIL
-#  define RANDOM_BITS(Var) \
-  if (__glibc_unlikely (value =3D=3D UINT64_C (0)))				      \
-    {									      \
-      /* If this is the first time this function is used initialize	      =
\
-	 the variable we accumulate the value in to some somewhat	      \
-	 random value.  If we'd not do this programs at startup time	      \
-	 might have a reduced set of possible names, at least on slow	      \
-	 machines.  */							      \
-      struct timeval tv;						      \
-      __gettimeofday (&tv, NULL);					      \
-      value =3D ((uint64_t) tv.tv_usec << 16) ^ tv.tv_sec;		      \
-    }									      \
-  HP_TIMING_NOW (Var)
-# endif
+# include <random-bits.h>
+# define RANDOM_BITS(Var) ((Var) =3D random_bits ())

This define is not used (removed above).

 #endif
=20
 /* Use the widest available unsigned type if uint64_t is not
@@ -237,6 +223,7 @@ __gen_tempname (char *tmpl, int suffixlen, int flags, i=
nt kind)
   }
 #endif
   value +=3D random_time_bits ^ __getpid ();
+  value +=3D random_bits () ^ __getpid ();
=20
One of these should be shifted so that it actually increases the number of
random bits.

Note value is static, which looks like a concurrency bug. Making it a local=
=20
should work equally well now we've got a better random number.

   for (count =3D 0; count < attempts; value +=3D 7777, ++count)
     {
--=20
2.17.1