[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debbugs-tracker] bug#15366: closed (MBR disk signature not random enoug

From: GNU bug Tracking System
Subject: [debbugs-tracker] bug#15366: closed (MBR disk signature not random enough)
Date: Sun, 24 Nov 2013 01:35:02 +0000

Your message dated Sat, 23 Nov 2013 20:34:26 -0500
with message-id <address@hidden>
and subject line Re: bug#15366: MBR disk signature not random enough
has caused the debbugs.gnu.org bug report #15366,
regarding MBR disk signature not random enough
to be marked as done.

(If you believe you have received this mail in error, please contact

15366: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=15366
GNU Bug Tracking System
Contact address@hidden with problems
--- Begin Message --- Subject: MBR disk signature not random enough Date: Fri, 13 Sep 2013 14:06:30 +0100 User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
is used to create a new mbr_signature where none exists. The possible return values for generate_random_id() range from 0 to 999999, derived from the tv_usec field of gettimeofday(2).

This limits the actual value written to mbr_signature to 0.023% of the possible uint32 values.

I don't know how many MBRs in the world libparted has written the mbr_signature to, but the chance of collisions are greatly increased by having an artificially restricted value.

Is there a better libc-provided rand(3)/random(3) function which can be used to provide a full 32 bits of randomness?

I haven't checked all the other mklabel types, but it's possible they have similar limitations. gpt.c uses uuid_generate() which delegates the task to libuuid. Perhaps this could be used (with truncated output) for the MBR signature?


--- End Message ---
--- Begin Message --- Subject: Re: bug#15366: MBR disk signature not random enough Date: Sat, 23 Nov 2013 20:34:26 -0500 User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
Hash: SHA512

This was fixed by this commit:

commit 70aa35b2b4d2e723fe82ac3184e5921a52be73ab
Author: Jonathan Liu <address@hidden>
Date:   Fri Oct 4 07:32:12 2013 -0700

    dos: improve MBR signature generation
    Using tv_usec in struct timeval from gettimeofday() doesn't provide
    enough precision to fill an unsigned 32-bit integer and isn't really
    random. It it always less than one million when using the GNU C library
    while an unsigned 32-bit integer ranges between 0 and 4294967295.
    In FAT filesystem creation, parted already uses a better random
    generator, so move that code into a common function and use it
    for MS-DOS MBR signature generation.
    * libparted/fs/r/fat/fat.c (_gen_new_serial_number): Remove.
    (fat_create): Use generate_random_uint32 instead of
    * libparted/labels/dos.c (generate_random_id): Remove.
    (msdos_write): Use generate_random_uint32 instead of
    * libparted/labels/misc.h (generate_random_uint32): New function.
    Created from _gen_new_serial_number in libparted/fs/r/fat/fat.c with
    additional check to avoid returning zero, which may be interpreted
    as no FAT serial number or no MBR signature.

Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


--- End Message ---

reply via email to

[Prev in Thread] Current Thread [Next in Thread]