[PATCH 1/1] tools: use cryptographically safe RNG
Rasmus Villemoes
ravi at prevas.dk
Fri Nov 15 08:18:17 CET 2024
On Fri, Nov 15 2024, Mark Kettenis <mark.kettenis at xs4all.nl> wrote:
>> Date: Thu, 14 Nov 2024 11:39:27 -0600
>> From: Tom Rini <trini at konsulko.com>
>>
>> On Thu, Nov 14, 2024 at 06:35:44PM +0100, Heinrich Schuchardt wrote:
>> > Tom Rini <trini at konsulko.com> schrieb am Do., 14. Nov. 2024, 18:27:
>> >
>> > > On Sat, Nov 02, 2024 at 05:32:59PM +0100, Heinrich Schuchardt wrote:
>> > >
>> > > > The PRNG implementing the random() function only has 2^31 states and
>> > > > therefore is unsafe to use for cryptography. Use arc4random() instead.
>> > > >
>> > > > Fixes: cc34f04efd63 ("tools: image-host.c: use random instead of rand")
>> > > > Addresses-Coverity-ID: 312953 Calling risky function
>> > > > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
>> > > > ---
>> > > > tools/image-host.c | 35 +++--------------------------------
>> > > > 1 file changed, 3 insertions(+), 32 deletions(-)
>> > >
>> > > Now I get:
>> > > /home/uboot/u-boot/u-boot/tools/image-host.c: In function
>> > > 'fit_image_setup_cipher':
>> > > /home/uboot/u-boot/u-boot/tools/image-host.c:439:17: warning: implicit
>> > > declaration of function 'arc4random_buf' [-Wimplicit-function-declaration]
>> > > 439 | arc4random_buf((void *)info->iv,
>> > > info->cipher->iv_len);
>> > > | ^~~~~~~~~~~~~~
>> > > /usr/bin/ld: tools/image-host.o: in function `fit_image_cipher_data':
>> > > image-host.c:(.text+0xb41): undefined reference to `arc4random_buf'
>> > > collect2: error: ld returned 1 exit status
>> > > make[3]: *** [scripts/Makefile.host:104: tools/dumpimage] Error 1
>> > >
>> > > in the docker container. I gather this means arc4random_buf is not as
>> > > widely available as assumed.
>> > >
>> >
>> > glibc 2.36 is required published 2022-08. Ubuntu Jammy is 22.04.
>>
>> Yeah, that's likely (a) too new and (b) strange because:
>> https://source.denx.de/u-boot/u-boot/-/jobs/945810 and so is jammy
>> 22.04.
>
> Linking against libbsd might be an alternative on older systems.
Or use getrandom(), which according to the man page has been exposed via
glibc since glibc 2.25. Or just read from /dev/urandom which should work
everywhere.
Rasmus
More information about the U-Boot
mailing list