Quoting l...@zitta.fr (l...@zitta.fr): > > Le 06/01/2014 20:01, Serge Hallyn a écrit : > > Quoting Kent R. Spillner (kspill...@acm.org): > >> On Mon, Jan 06, 2014 at 01:54:14PM +0100, Guillaume ZITTA wrote: > >>> This chage introduce also a common randinit() function that could be > >>> used to initialize random generator. > >> Is there any reason to always prefer libc rand() over /dev/urandom? > >> I realize the strength of the random numbers in this particular > >> case probably isn't that important but if you want this randinit() > >> to be more generally useful then perhaps it makes sense to change a > >> few things now: > I first tried with simple srand(time) and created a container with 3 nic > => 3 same hwaddr :-( > a minimal strength is necessary. > >>> +void randinit(void) > >>> +{ > >>> + /* > >>> + srand pre-seed function based on /dev/urandom > >>> + */ > >>> + FILE *f; > >>> + process_lock(); > >>> + f = fopen("/dev/urandom", "r"); > >>> + process_unlock(); > >>> + if (f) { > >> When will this ever fail on Linux? Does Android provide /dev/urandom? > > For one thing, when you're in a nested container and not allowed > > to read /dev/urandom :)
> It works in simple container, why not in nested ? (if cgroup allow it) Because cgroup can disallow it :) > >>> + unsigned int seed; > >>> + int ret = fread(&seed, sizeof(seed), 1, f); > >>> + if (ret != 1) > >>> + seed = time(NULL); > >>> + process_lock(); > >>> + fclose(f); > >>> + process_unlock(); > >>> + srand(seed); > >>> + } else > >>> + srand(time(NULL)); > >>> +} > >> When reading this diff it just felt a little strange that when /dev/urandom > >> is working we still only read one byte from it just to seed libc rand(). > >> What if instead of randinit() you introduced a new function that fills a > >> buffer with the requested number of random ints, e.g.: > > Do we need to worry about draining the entropy pool? Keeping in > > mind that unprivileged containers are now a reality... > If we don't have access to /dev/urandom : > What is the alternative to generate more than 1 address in 1 second ? > The problem is that 2 parallel launch of lxc-create will generate same > hwaddr. > > can srand(time(NULL)+|getpid()+nicnumber) |limit the chances of collisions ? Yeah that should be fine. (Or you might just make sure to only call srand() once, so that getpid() is enough and you can skip nicnumber) -serge _______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel