GNU bug report logs - #15366
MBR disk signature not random enough

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 15366 in the body.
You can then email your comments to 15366 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Philip Rowlands <phr+coreutils <at> dimebar.com>
To: bug-parted <at> gnu.org
Subject: MBR disk signature not random enough
Date: Fri, 13 Sep 2013 14:06:30 +0100

libparted/labels/dos.c:generate_random_id()
is used to create a new mbr_signature where none exists. The possible 
return values for generate_random_id() range from 0 to 999999, derived 
from the tv_usec field of gettimeofday(2).

This limits the actual value written to mbr_signature to 0.023% of the 
possible uint32 values.

I don't know how many MBRs in the world libparted has written the 
mbr_signature to, but the chance of collisions are greatly increased by 
having an artificially restricted value.

Is there a better libc-provided rand(3)/random(3) function which can be 
used to provide a full 32 bits of randomness?

I haven't checked all the other mklabel types, but it's possible they 
have similar limitations. gpt.c uses uuid_generate() which delegates the 
task to libuuid. Perhaps this could be used (with truncated output) for 
the MBR signature?

Cheers,
Phil

Message #10 received at 15366-done <at> debbugs.gnu.org (full text, mbox):

From: Phillip Susi <psusi <at> ubuntu.com>
To: 15366-done <at> debbugs.gnu.org
Subject: Re: bug#15366: MBR disk signature not random enough
Date: Sat, 23 Nov 2013 20:34:26 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This was fixed by this commit:

commit 70aa35b2b4d2e723fe82ac3184e5921a52be73ab
Author: Jonathan Liu <net147 <at> gmail.com>
Date:   Fri Oct 4 07:32:12 2013 -0700

    dos: improve MBR signature generation
    
    Using tv_usec in struct timeval from gettimeofday() doesn't provide
    enough precision to fill an unsigned 32-bit integer and isn't really
    random. It it always less than one million when using the GNU C library
    while an unsigned 32-bit integer ranges between 0 and 4294967295.
    
    In FAT filesystem creation, parted already uses a better random
    generator, so move that code into a common function and use it
    for MS-DOS MBR signature generation.
    
    * libparted/fs/r/fat/fat.c (_gen_new_serial_number): Remove.
    (fat_create): Use generate_random_uint32 instead of
    _gen_new_serial_number.
    * libparted/labels/dos.c (generate_random_id): Remove.
    (msdos_write): Use generate_random_uint32 instead of
    generate_random_id.
    * libparted/labels/misc.h (generate_random_uint32): New function.
    Created from _gen_new_serial_number in libparted/fs/r/fat/fat.c with
    additional check to avoid returning zero, which may be interpreted
    as no FAT serial number or no MBR signature.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJSkVeiAAoJEJrBOlT6nu75LL8H/3Yg7oX+VlB+9YX8rHop6wzk
OM7QLy+/Y3ms8cM/In6K38mMpWRmSZ9IPNblE2ez106Qkb9EG9nPhiKJBT4KK3Q8
lSGxZC15ppx68C4X0Wb54iyBBDzE8vmsIn0JYp+9rAtu86EE3XMzQqqVX4h2brHt
EbaYWbnvMWrGAgobhJN/tvjNaI9/dW6rQ7b6JSHEjl9o0ZXCi9m46wMMaSI+2DWH
JJ4ZJgxg0DVYT1dcz6c+kiUNQR/P4KY13JGsF792g9nYxCfWMtQn3LPNXSWFRMW7
jLCsIl2JvIsx74yqXBvXcAZarSjFEkEeW4Hd6lrQfvPvaJaboOVRQKd7YOj3bKQ=
=ip0x
-----END PGP SIGNATURE-----

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.