From unknown Fri Sep 19 23:02:04 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#15366 <15366@debbugs.gnu.org>
To: bug#15366 <15366@debbugs.gnu.org>
Subject: Status: MBR disk signature not random enough
Reply-To: bug#15366 <15366@debbugs.gnu.org>
Date: Sat, 20 Sep 2025 06:02:04 +0000

retitle 15366 MBR disk signature not random enough
reassign 15366 parted
submitter 15366 Philip Rowlands <phr+coreutils@dimebar.com>
severity 15366 normal

thanks


From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 13 09:07:24 2013
Received: (at submit) by debbugs.gnu.org; 13 Sep 2013 13:07:24 +0000
Received: from localhost ([127.0.0.1]:32957 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VKT5n-00074I-5f
	for submit@debbugs.gnu.org; Fri, 13 Sep 2013 09:07:23 -0400
Received: from eggs.gnu.org ([208.118.235.92]:56669)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <phr+coreutils@dimebar.com>) id 1VKT5k-000742-QV
 for submit@debbugs.gnu.org; Fri, 13 Sep 2013 09:07:21 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <phr+coreutils@dimebar.com>) id 1VKT5Z-0007gg-36
 for submit@debbugs.gnu.org; Fri, 13 Sep 2013 09:07:15 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,T_DKIM_INVALID
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:32879)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <phr+coreutils@dimebar.com>) id 1VKT5Y-0007gc-W8
 for submit@debbugs.gnu.org; Fri, 13 Sep 2013 09:07:09 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:58342)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <phr+coreutils@dimebar.com>) id 1VKT5T-0004XC-7u
 for bug-parted@gnu.org; Fri, 13 Sep 2013 09:07:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <phr+coreutils@dimebar.com>) id 1VKT5O-0007eS-J2
 for bug-parted@gnu.org; Fri, 13 Sep 2013 09:07:03 -0400
Received: from out3-smtp.messagingengine.com ([66.111.4.27]:41986)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <phr+coreutils@dimebar.com>) id 1VKT5O-0007cK-B0
 for bug-parted@gnu.org; Fri, 13 Sep 2013 09:06:58 -0400
Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43])
 by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 343AE212EE
 for <bug-parted@gnu.org>; Fri, 13 Sep 2013 09:06:55 -0400 (EDT)
Received: from frontend1 ([10.202.2.160])
 by compute3.internal (MEProxy); Fri, 13 Sep 2013 09:06:55 -0400
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=dimebar.com; h=
 message-id:date:from:mime-version:to:subject:content-type
 :content-transfer-encoding; s=mesmtp; bh=x99YKEW1L7uoyYeef8IBUEi
 wIPg=; b=MwoZUFqm9BgTejdtasSBU8U8LWoBXzVbMrqXvlsGwAil2lQvN+xfZii
 Kmy99hlCRIDupZZX+AVeUKCE/AsaYXw0ObXXSnvJiCMbZcbnXjOSD2WlQZ0FWVog
 v0HFrARMUyNToIIeDgwp0zhTaGwbGeGdirUohG+JYZ4BRyMY2uFM=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
 messagingengine.com; h=message-id:date:from:mime-version:to
 :subject:content-type:content-transfer-encoding; s=smtpout; bh=x
 99YKEW1L7uoyYeef8IBUEiwIPg=; b=cfi1L6L9v/PsFTzkHR16VwwBgdShqa1mJ
 bbxUtJzuIz3CSiAT0YBQFWTmJQP8mG65L/apJXJEtEXExnFfYd1g7LU4bA0JoqzA
 2IO7D1Au0tjKUCFKWKDxgMgCyWfGJU+u0+Ux/mqOiJS1dH/JpABakb/UwDIxsQuY
 P1TFLrlNV4=
X-Sasl-enc: b8zS3DkpJAdJfoBY/ZM9anblWZEnyv7EMcskGT7wvzvB 1379077614
Received: from [192.168.43.170] (unknown [82.132.245.123])
 by mail.messagingengine.com (Postfix) with ESMTPA id 2FC7BC00E7F
 for <bug-parted@gnu.org>; Fri, 13 Sep 2013 09:06:54 -0400 (EDT)
Message-ID: <52330DD6.6070804@dimebar.com>
Date: Fri, 13 Sep 2013 14:06:30 +0100
From: Philip Rowlands <phr+coreutils@dimebar.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: bug-parted@gnu.org
Subject: MBR disk signature not random enough
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

libparted/labels/dos.c:generate_random_id()
is used to create a new mbr_signature where none exists. The possible 
return values for generate_random_id() range from 0 to 999999, derived 
from the tv_usec field of gettimeofday(2).

This limits the actual value written to mbr_signature to 0.023% of the 
possible uint32 values.

I don't know how many MBRs in the world libparted has written the 
mbr_signature to, but the chance of collisions are greatly increased by 
having an artificially restricted value.

Is there a better libc-provided rand(3)/random(3) function which can be 
used to provide a full 32 bits of randomness?

I haven't checked all the other mklabel types, but it's possible they 
have similar limitations. gpt.c uses uuid_generate() which delegates the 
task to libuuid. Perhaps this could be used (with truncated output) for 
the MBR signature?

Cheers,
Phil




From debbugs-submit-bounces@debbugs.gnu.org Sat Nov 23 20:34:36 2013
Received: (at 15366-done) by debbugs.gnu.org; 24 Nov 2013 01:34:36 +0000
Received: from localhost ([127.0.0.1]:40929 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1VkOaq-0006eH-42
	for submit@debbugs.gnu.org; Sat, 23 Nov 2013 20:34:36 -0500
Received: from cdptpa-omtalb.mail.rr.com ([75.180.132.120]:45127)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <psusi@ubuntu.com>) id 1VkOam-0006e0-AT
 for 15366-done@debbugs.gnu.org; Sat, 23 Nov 2013 20:34:32 -0500
X-Authority-Analysis: v=2.0 cv=IPSA+3TG c=1 sm=0 a=3SewDSjaRW4vdJyuxQ33ZQ==:17
 a=DeBnktw0k-IA:10 a=JlIHnqCoHBcA:10 a=LFFd3SvNDBIA:10 a=S1A5HrydsesA:10
 a=8nJEP1OIZ-IA:10 a=fxJcL_dCAAAA:8 a=KGjhK52YXX0A:10 a=LaVLTwSZQQ0A:10
 a=pGLkceISAAAA:8 a=QfKxxUxMAAAA:8 a=ENOCa95lh6e-2s_gLawA:9 a=wPNLvfGTeEIA:10
 a=MSl-tDqOz04A:10 a=qEPZfWqPSTxkRjjT:21 a=OB7I7LHidkh0Gpjo:21
 a=3SewDSjaRW4vdJyuxQ33ZQ==:117
X-Cloudmark-Score: 0
X-Authenticated-User: 
X-Originating-IP: 72.238.73.171
Received: from [72.238.73.171] ([72.238.73.171:42954] helo=[192.168.1.6])
 by cdptpa-oedge02.mail.rr.com (envelope-from <psusi@ubuntu.com>)
 (ecelerity 2.2.3.46 r()) with ESMTP
 id 20/1E-09582-2A751925; Sun, 24 Nov 2013 01:34:27 +0000
Message-ID: <529157A2.6080800@ubuntu.com>
Date: Sat, 23 Nov 2013 20:34:26 -0500
From: Phillip Susi <psusi@ubuntu.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: 15366-done@debbugs.gnu.org
Subject: Re: bug#15366: MBR disk signature not random enough
References: <52330DD6.6070804@dimebar.com>
In-Reply-To: <52330DD6.6070804@dimebar.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 15366-done
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

This was fixed by this commit:

commit 70aa35b2b4d2e723fe82ac3184e5921a52be73ab
Author: Jonathan Liu <net147@gmail.com>
Date:   Fri Oct 4 07:32:12 2013 -0700

    dos: improve MBR signature generation
    
    Using tv_usec in struct timeval from gettimeofday() doesn't provide
    enough precision to fill an unsigned 32-bit integer and isn't really
    random. It it always less than one million when using the GNU C library
    while an unsigned 32-bit integer ranges between 0 and 4294967295.
    
    In FAT filesystem creation, parted already uses a better random
    generator, so move that code into a common function and use it
    for MS-DOS MBR signature generation.
    
    * libparted/fs/r/fat/fat.c (_gen_new_serial_number): Remove.
    (fat_create): Use generate_random_uint32 instead of
    _gen_new_serial_number.
    * libparted/labels/dos.c (generate_random_id): Remove.
    (msdos_write): Use generate_random_uint32 instead of
    generate_random_id.
    * libparted/labels/misc.h (generate_random_uint32): New function.
    Created from _gen_new_serial_number in libparted/fs/r/fat/fat.c with
    additional check to avoid returning zero, which may be interpreted
    as no FAT serial number or no MBR signature.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJSkVeiAAoJEJrBOlT6nu75LL8H/3Yg7oX+VlB+9YX8rHop6wzk
OM7QLy+/Y3ms8cM/In6K38mMpWRmSZ9IPNblE2ez106Qkb9EG9nPhiKJBT4KK3Q8
lSGxZC15ppx68C4X0Wb54iyBBDzE8vmsIn0JYp+9rAtu86EE3XMzQqqVX4h2brHt
EbaYWbnvMWrGAgobhJN/tvjNaI9/dW6rQ7b6JSHEjl9o0ZXCi9m46wMMaSI+2DWH
JJ4ZJgxg0DVYT1dcz6c+kiUNQR/P4KY13JGsF792g9nYxCfWMtQn3LPNXSWFRMW7
jLCsIl2JvIsx74yqXBvXcAZarSjFEkEeW4Hd6lrQfvPvaJaboOVRQKd7YOj3bKQ=
=ip0x
-----END PGP SIGNATURE-----




From unknown Fri Sep 19 23:02:04 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Sun, 22 Dec 2013 12:24:04 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator