[Qemu-devel] [PATCH] Let user specify random seed for linux-user

[Qemu-devel] [PATCH] Let user specify random seed for linux-user

[Magnus Reftel]

linux-user uses the rand function for generating the value of the AT_RANDOM elf
aux vector entry, and explicitly seeds the random number generator with the
current time. This makes it impossible to reproduce runs that use the AT_RANDOM
bytes.

This patch adds a command line option and a matching environment variable for
setting the random seed, so that the AT_RANDOM values can be predictable when
the user chooses. The default is still to seed the random number generator
with the current time.

[Qemu-devel] [PATCH] linux-user: Let user specify random seed

[Magnus Reftel]

This patch introduces the -seed command line option and the
QEMU_RAND_SEED environment variable for setting the random seed, which
is used for the AT_RANDOM ELF aux entry.

Signed-off-by: Magnus Reftel <reftel@spotify.com>
---
 linux-user/elfload.c |  1 -
 linux-user/main.c    | 21 +++++++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 1c04fcf..f2e2197 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1539,7 +1539,6 @@ static abi_ulong create_elf_tables(abi_ulong p, int argc, int envc,
      * Generate 16 random bytes for userspace PRNG seeding (not
      * cryptically secure but it's not the aim of QEMU).
      */
-    srand((unsigned int) time(NULL));
     for (i = 0; i < 16; i++) {
         k_rand_bytes[i] = rand();
     }
diff --git a/linux-user/main.c b/linux-user/main.c
index 483eb3f..57cd721 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -46,6 +46,8 @@ unsigned long mmap_min_addr;
 #if defined(CONFIG_USE_GUEST_BASE)
 unsigned long guest_base;
 int have_guest_base;
+static bool have_rand_seed = false;
+static int rand_seed;
 #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
 /*
  * When running 32-on-64 we should make sure we can fit all of the possible
@@ -3546,6 +3548,12 @@ static void handle_arg_pagesize(const char *arg)
     }
 }
 
+static void handle_arg_randseed(const char *arg)
+{
+    have_rand_seed = true;
+    rand_seed = atoi(arg);
+}
+
 static void handle_arg_gdb(const char *arg)
 {
     gdbstub_port = atoi(arg);
@@ -3674,6 +3682,8 @@ static const struct qemu_argument arg_table[] = {
      "",           "run in singlestep mode"},
     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
      "",           "log system calls"},
+    {"seed",       "QEMU_RAND_SEED",   true,  handle_arg_randseed,
+     "",           "Seed for pseudo-random number generator"},
     {"version",    "QEMU_VERSION",     false, handle_arg_version,
      "",           "display version information and exit"},
     {NULL, NULL, false, NULL, NULL, NULL}
@@ -3926,6 +3936,17 @@ int main(int argc, char **argv, char **envp)
         do_strace = 1;
     }
 
+    if (getenv("QEMU_RAND_SEED")) {
+        have_rand_seed = true;
+        rand_seed = atoi(getenv("QEMU_RAND_SEED"));
+    }
+
+    if (have_rand_seed) {
+        srand(rand_seed);
+    } else {
+        srand((int)time(NULL));
+    }
+
     target_environ = envlist_to_environ(envlist, NULL);
     envlist_free(envlist);
 
-- 
1.9.1

Re: [Qemu-devel] [PATCH] linux-user: Let user specify random seed

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 2012 bytes --]

On 10/08/2014 06:13 AM, Magnus Reftel wrote:
> This patch introduces the -seed command line option and the
> QEMU_RAND_SEED environment variable for setting the random seed, which
> is used for the AT_RANDOM ELF aux entry.
> 
> Signed-off-by: Magnus Reftel <reftel@spotify.com>
> ---
>  linux-user/elfload.c |  1 -
>  linux-user/main.c    | 21 +++++++++++++++++++++
>  2 files changed, 21 insertions(+), 1 deletion(-)
> 

> +++ b/linux-user/main.c
> @@ -46,6 +46,8 @@ unsigned long mmap_min_addr;
>  #if defined(CONFIG_USE_GUEST_BASE)
>  unsigned long guest_base;
>  int have_guest_base;
> +static bool have_rand_seed = false;

static variables are automatically 0-initialized without needing an
explicit initializer.

> +static int rand_seed;
>  #if (TARGET_LONG_BITS == 32) && (HOST_LONG_BITS == 64)
>  /*
>   * When running 32-on-64 we should make sure we can fit all of the possible
> @@ -3546,6 +3548,12 @@ static void handle_arg_pagesize(const char *arg)
>      }
>  }
>  
> +static void handle_arg_randseed(const char *arg)
> +{
> +    have_rand_seed = true;
> +    rand_seed = atoi(arg);
> +}

atoi() is trash when compared to strtol() - it doesn't diagnose
overflow, trailing garbage, or empty input.


> @@ -3926,6 +3936,17 @@ int main(int argc, char **argv, char **envp)
>          do_strace = 1;
>      }
>  
> +    if (getenv("QEMU_RAND_SEED")) {
> +        have_rand_seed = true;
> +        rand_seed = atoi(getenv("QEMU_RAND_SEED"));
> +    }

why not call handle_arg_randseed(getenv("QEMU_RAND_SEED")) here?

> +
> +    if (have_rand_seed) {
> +        srand(rand_seed);
> +    } else {
> +        srand((int)time(NULL));

The cast is pointless.  This is C.

> +    }

Do you even need have_rand_seed?  Why not just pre-initialize
rand_seed=time(NULL) and then overwrite rand_seed if the environment
variable is present?

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 539 bytes --]