From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202606 header.b=X6PtA04a; dkim-atps=neutral Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3]) by passt.top (Postfix) with ESMTPS id 130035A0262 for ; Thu, 16 Jul 2026 09:38:44 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202606; t=1784187515; bh=4WaxiUPA0MZtiGpnmpyiuk4PhWLaOk5Su+ZXJqqI8Rc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=X6PtA04avjKFBaQ+p7CYdPDR6krmkOCMO8OajLd1FaN9cRHzud+B+OuNUNjd4lZPv H9QAWSjnlhkyocz1SEsIu6Ad8iFlahNsNSFC8lrCmFvD9GRgYiGfuZWyO47gpviDpx KzU+qzJ33YjldTAVMMDoTiNouE++1pf5zOQd6r5Wf51rrWHNMDnIo1EG77fv+4yJJ2 tbWW6wSMcI0J1+BtxYcy9i8BG9dx6/KtzNAEQsfDl/6d/+b+i26jwKPnw6MmAYMXy4 a3g1iJAc0UyacIPCyt/7d8ur1x7LKB30m8pH5HkCMpSp1uZqIE9A3TWZi13IAooRLZ jxZ2g4RBHZTmg== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4h14fM5Z7pz4wCC; Thu, 16 Jul 2026 17:38:35 +1000 (AEST) Date: Thu, 16 Jul 2026 17:38:28 +1000 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH 4/4] ndp: Use high quality entropy in NDP timer even if not needed Message-ID: References: <20260715232523.3372714-1-sbrivio@redhat.com> <20260715232523.3372714-5-sbrivio@redhat.com> <20260716092243.0ad556c4@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ZRk6W9bdkoO3w2O3" Content-Disposition: inline In-Reply-To: <20260716092243.0ad556c4@elisabeth> Message-ID-Hash: 6SXAKJD34EO7BK6NEVJ4FPIQ6QMRNXMI X-Message-ID-Hash: 6SXAKJD34EO7BK6NEVJ4FPIQ6QMRNXMI X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --ZRk6W9bdkoO3w2O3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 16, 2026 at 09:22:44AM +0200, Stefano Brivio wrote: > On Thu, 16 Jul 2026 15:45:30 +1000 > David Gibson wrote: >=20 > > On Thu, Jul 16, 2026 at 01:25:23AM +0200, Stefano Brivio wrote: > > > ...instead of calling random(), to make static checkers happy. > > >=20 > > > I don't think that an attacker could actually gain anything by making > > > router advertisement intervals predictable, but a doubt remains, and > > > this is cheap enough that we might just want to do this to get rid of > > > the noise from static checkers informing us that random() shouldn't be > > > used. > > >=20 > > > Signed-off-by: Stefano Brivio > > > --- > > > ndp.c | 11 +++++++---- > > > 1 file changed, 7 insertions(+), 4 deletions(-) > > >=20 > > > diff --git a/ndp.c b/ndp.c > > > index 1f2bcb0..43457b3 100644 > > > --- a/ndp.c > > > +++ b/ndp.c > > > @@ -413,6 +413,7 @@ void ndp_timer(const struct ctx *c, const struct = timespec *now) > > > { > > > time_t max_rtr_adv_interval =3D DEFAULT_MAX_RTR_ADV_INTERVAL; > > > time_t min_rtr_adv_interval, interval; > > > + long random_part; > > > =20 > > > if (!tap_is_ready(c) || c->no_ra || now->tv_sec < next_ra) > > > return; > > > @@ -433,15 +434,17 @@ void ndp_timer(const struct ctx *c, const struc= t timespec *now) > > > * and causing flurries of RAs at the same time. > > > * > > > * This random doesn't need to be cryptographically strong, so rand= om(3) > > > - * is fine. Other routers on the link also want to avoid > > > - * synchronisation, and anything malicious has much easier ways to = cause > > > - * trouble. > > > + * would be fine. Other routers on the link also want to avoid > > > + * synchronisation, and anything malicious would have much easier w= ays > > > + * to cause trouble. However, for the sake of static checkers, use= high > > > + * quality entropy as provided by raw_random(). > > > * > > > * The modulus also makes this not strictly a uniform distribution,= but, > > > * again, it's close enough for our purposes. > > > */ > > > + raw_random(&random_part, sizeof(random_part)); > > > interval =3D min_rtr_adv_interval + > > > - random() % (max_rtr_adv_interval - min_rtr_adv_interval); > > > + random_part % (max_rtr_adv_interval - min_rtr_adv_interval); = =20 > >=20 > > Although it returns a signed long, random() is explicitly defined to > > only return values between 0 and 2^31-1. >=20 > Oops, I missed that part. I would have naturally used uint32_t here but > then I looked (too quickly) at the prototype of random() and concluded > it would be better to make it equivalent... except it's not. >=20 > > Using raw_random() means we > > can get anything in the full range of a 'long', including negative > > numbers. Is that going to mess up our calculations here? >=20 > I don't think in any catastrophic way, but it might, yes. Probably not, no. But I always forget what the rules are for % on signed values, so best avoided, I think. > > Might be safer to make random_part a uint32_t, then cast it to a > > time_t for the arithmetic. >=20 > Right, v2 does that. >=20 > --=20 > Stefano >=20 --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --ZRk6W9bdkoO3w2O3 Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmpYimoACgkQzQJF27ox 2GdVmg/+KGWhdQuUKYC0QcGzrl/6QRTIeOkC9l3kErcZStHB3iuFN53ii7oOxHn6 Usd73o5vQWByWOePx8zyT6/DGS+EIRRxUeh7Nw5rxW96eAqdLYeT0xkwaSmmdxZ9 QOq395iDxJZbXOvAOfqDqZMi023QNT+9C6hmYyrykzSXJ6ULO/QnrTgRUmjgHInv nwMeLDpxtzgiH6rEeuxZhhNcK0/eJncTMJ/MUxrQdter2oW9NAlMEO/OtLnH8IGp wlkQzHwHzY/nqWSj33vXMiwEVJakFAsSHfpgrwFLdLbEa798ki8xNmhB8LbM55RU RQ1qWjb3zsKRkNshWlA2ZTZ+m+j9KTSbGL5WQr4RPQCcGII+usqaPvlJxdne6vli WUhJ3XzBQwzmDRvTi7QzDA8Nh3vSiyRD718yW6T+ERQjxenStLpZpxUhymv+XX9P RqJW9db19+5Thj8+oaBcIL+2L6lpfRcWe8aNyZvie4GPmmkFN6LHaDldUAj59SvK Zqt6jBVNTrBJ6/gGcqa830OI1qAzCrKP45Yu3LW06LC+hgWFb8afksWQ/ovn04d0 u9YDDU0rkBPqJub2QQGJQw1dwE9dUJmYAKvizh1uSIc7Tre4gIUIdIxEt/c1lS2a 5FVXNADNr+vEpoo9C4umTO56I/8NeepfoFQ4wLyeyiyScztqzVM= =J71W -----END PGP SIGNATURE----- --ZRk6W9bdkoO3w2O3--