mirror of
https://github.com/wolfcw/libfaketime.git
synced 2026-05-17 00:26:16 +03:00
Merge pull request #304 from dkg/cover-getentropy
better testing for interception of randomness from the kernel, including getentropy()
This commit is contained in:
Wolfgang Hommel
2
.gitignore
vendored
2
.gitignore
vendored
@@ -6,6 +6,8 @@ test/lib*.o
|
||||
test/lib*.so
|
||||
test/use_lib_random
|
||||
test/use_lib_getpid
|
||||
test/repeat_random
|
||||
test/getentropy_test
|
||||
|
||||
src/libfaketime.dylib.1
|
||||
src/libfaketime.1.dylib
|
||||
|
||||
@@ -233,6 +233,7 @@ static int (*real_futimens) (int fd, const struct timespec times
|
||||
|
||||
#ifdef FAKE_RANDOM
|
||||
static ssize_t (*real_getrandom) (void *buf, size_t buflen, unsigned int flags);
|
||||
static int (*real_getentropy) (void *buffer, size_t length);
|
||||
#endif
|
||||
#ifdef FAKE_PID
|
||||
static pid_t (*real_getpid) ();
|
||||
@@ -2466,6 +2467,7 @@ static void ftpl_init(void)
|
||||
|
||||
#ifdef FAKE_RANDOM
|
||||
real_getrandom = dlsym(RTLD_NEXT, "getrandom");
|
||||
real_getentropy = dlsym(RTLD_NEXT, "getentropy");
|
||||
#endif
|
||||
|
||||
#ifdef FAKE_PID
|
||||
@@ -3694,8 +3696,8 @@ inline static uint32_t fakerandom_msws(uint64_t s) {
|
||||
return (char) x & 0xFF;
|
||||
}
|
||||
|
||||
|
||||
ssize_t getrandom(void *buf, size_t buflen, unsigned int flags) {
|
||||
/* return 0 if no FAKERANDOM_SEED was seen */
|
||||
static int bypass_randomness(void* buf, size_t buflen) {
|
||||
char *seedstring = getenv("FAKERANDOM_SEED");
|
||||
char *b = buf;
|
||||
|
||||
@@ -3704,9 +3706,14 @@ ssize_t getrandom(void *buf, size_t buflen, unsigned int flags) {
|
||||
for (size_t i = 0; i < buflen; i++) {
|
||||
b[i] = fakerandom_msws(seed);
|
||||
}
|
||||
return buflen;
|
||||
return 1;
|
||||
}
|
||||
else { /* if no FAKERANDOM_SEED was given, use the original function */
|
||||
return 0;
|
||||
}
|
||||
ssize_t getrandom(void *buf, size_t buflen, unsigned int flags) {
|
||||
if (bypass_randomness(buf, buflen)) {
|
||||
return buflen;
|
||||
} else {
|
||||
if (!initialized)
|
||||
{
|
||||
ftpl_init();
|
||||
@@ -3714,6 +3721,15 @@ ssize_t getrandom(void *buf, size_t buflen, unsigned int flags) {
|
||||
return real_getrandom(buf, buflen, flags);
|
||||
}
|
||||
}
|
||||
int getentropy(void *buffer, size_t length) {
|
||||
if (bypass_randomness(buffer, length)) {
|
||||
return 0;
|
||||
} else {
|
||||
if (!initialized)
|
||||
ftpl_init();
|
||||
return real_getentropy(buffer, length);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef FAKE_PID
|
||||
|
||||
@@ -25,7 +25,7 @@ functest:
|
||||
%_test: %_test.c
|
||||
${CC} -o $@ ${CFLAGS} $<
|
||||
|
||||
randomtest: getrandom_test use_lib_random librandom.so
|
||||
randomtest: getrandom_test use_lib_random librandom.so repeat_random getentropy_test
|
||||
./randomtest.sh
|
||||
|
||||
getpidtest: use_lib_getpid libgetpid.so
|
||||
|
||||
14
test/getentropy_test.c
Normal file
14
test/getentropy_test.c
Normal file
@@ -0,0 +1,14 @@
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
|
||||
int main() {
|
||||
unsigned char buf[16];
|
||||
if (getentropy(buf, sizeof(buf))) {
|
||||
perror("failed to getentropy()");
|
||||
return 1;
|
||||
}
|
||||
for (size_t i = 0; i < sizeof(buf); i++)
|
||||
printf("%02x", buf[i]);
|
||||
printf("\n");
|
||||
return 0;
|
||||
}
|
||||
@@ -5,32 +5,34 @@ FTPL="${FAKETIME_TESTLIB:-../src/libfaketime.so.1}"
|
||||
set -e
|
||||
|
||||
error=0
|
||||
./getrandom_test > run-base
|
||||
LD_PRELOAD="$FTPL" ./getrandom_test > run0
|
||||
FAKERANDOM_SEED=0x12345678DEADBEEF LD_PRELOAD="$FTPL" ./getrandom_test > run1
|
||||
FAKERANDOM_SEED=0x12345678DEADBEEF LD_PRELOAD="$FTPL" ./getrandom_test > run2
|
||||
FAKERANDOM_SEED=0x0000000000000000 LD_PRELOAD="$FTPL" ./getrandom_test > run3
|
||||
|
||||
for iface in getrandom getentropy; do
|
||||
printf "Testing %s() interception...\n" "$iface"
|
||||
|
||||
if diff -u run-base run0 > /dev/null; then
|
||||
error=1
|
||||
printf >&2 'test run without the LD_PRELOAD matches a run without LD_PRELOAD'
|
||||
fi
|
||||
"./${iface}_test" > "${iface}.alone"
|
||||
LD_PRELOAD="$FTPL" "./${iface}_test" > "${iface}.preload"
|
||||
FAKERANDOM_SEED=0x12345678DEADBEEF LD_PRELOAD="$FTPL" "./${iface}_test" > "${iface}.preload.seed0"
|
||||
FAKERANDOM_SEED=0x12345678DEADBEEF LD_PRELOAD="$FTPL" "./${iface}_test" > "${iface}.preload.seed1"
|
||||
FAKERANDOM_SEED=0x0000000000000000 LD_PRELOAD="$FTPL" "./${iface}_test" > "${iface}.preload.seed2"
|
||||
|
||||
if diff -u run0 run1 > /dev/null; then
|
||||
error=2
|
||||
printf >&2 'test run without a seed produced the same data as a run with a seed!\n'
|
||||
fi
|
||||
if ! diff -u run1 run2; then
|
||||
error=3
|
||||
printf >&2 'test runs with identical seeds differed!\n'
|
||||
fi
|
||||
if diff -u run2 run3 >/dev/null; then
|
||||
error=4
|
||||
printf >&2 'test runs with different seeds produced the same data!\n'
|
||||
fi
|
||||
|
||||
rm -f run-base run0 run1 run2 run3
|
||||
if diff -u "${iface}.alone" "${iface}.preload" > /dev/null; then
|
||||
error=1
|
||||
printf >&2 '%s() without the LD_PRELOAD matches a run without LD_PRELOAD\n' "$iface"
|
||||
fi
|
||||
if diff -u "${iface}.preload" "${iface}.preload.seed0" > /dev/null; then
|
||||
error=2
|
||||
printf >&2 '%s() without a seed produced the same data as a run with a seed!\n' "$iface"
|
||||
fi
|
||||
if ! diff -u "${iface}.preload.seed0" "${iface}.preload.seed1"; then
|
||||
error=3
|
||||
printf >&2 '%s() with identical seeds differed!\n' "$iface"
|
||||
fi
|
||||
if diff -u "${iface}.preload.seed1" "${iface}.preload.seed2" >/dev/null; then
|
||||
error=4
|
||||
printf >&2 '%s() with different seeds produced the same data!\n' "$iface"
|
||||
fi
|
||||
rm -f "${iface}.alone" "${iface}.preload" "${iface}.preload.seed0" "${iface}.preload.seed1" "${iface}.preload.seed2"
|
||||
done
|
||||
|
||||
printf 'testing shared object with getrandom() in library constructor\n'
|
||||
LD_LIBRARY_PATH=. ./use_lib_random
|
||||
@@ -40,6 +42,17 @@ FAKERANDOM_SEED=0x0000000000000000 LD_PRELOAD="$FTPL" LD_LIBRARY_PATH=. ./use_li
|
||||
printf 'now with LD_PRELOAD without FAKERANDOM_SEED\n'
|
||||
LD_PRELOAD="$FTPL" LD_LIBRARY_PATH=. ./use_lib_random
|
||||
|
||||
|
||||
FAKERANDOM_SEED=0xDEADBEEFDEADBEEF LD_PRELOAD="$FTPL" ./repeat_random 3 5 > repeat3x5
|
||||
FAKERANDOM_SEED=0xDEADBEEFDEADBEEF LD_PRELOAD="$FTPL" ./repeat_random 5 3 > repeat5x3
|
||||
|
||||
if ! diff -u repeat3x5 repeat5x3; then
|
||||
error=5
|
||||
printf >&2 '5 calls of getrandom(3) did not produce the same stream as 3 calls of getrandom(5)\n'
|
||||
fi
|
||||
|
||||
rm -f repeat3x5 repeat5x3
|
||||
|
||||
if [ 0 = $error ]; then
|
||||
printf 'getrandom interception test successful.\n'
|
||||
fi
|
||||
|
||||
40
test/repeat_random.c
Normal file
40
test/repeat_random.c
Normal file
@@ -0,0 +1,40 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <sys/random.h>
|
||||
|
||||
void usage(const char* name) {
|
||||
fprintf(stderr,
|
||||
"Usage: %s REPS SIZE\n\n"
|
||||
"Gather and print REPS blocks of SIZE bytes from getrandom()\n",
|
||||
name);
|
||||
}
|
||||
|
||||
int main(int argc, const char **argv) {
|
||||
int reps, size;
|
||||
unsigned char *buf;
|
||||
if (argc != 3) {
|
||||
usage(argv[0]);
|
||||
return 1;
|
||||
}
|
||||
reps = atoi(argv[1]);
|
||||
size = atoi(argv[2]);
|
||||
buf = malloc(size);
|
||||
if (!buf) {
|
||||
fprintf(stderr, "failure to allocate buffer of size %d\n", size);
|
||||
return 1;
|
||||
}
|
||||
for (int i = 0; i < reps; i++) {
|
||||
ssize_t resp = getrandom(buf, size, 0);
|
||||
if (resp != size) {
|
||||
fprintf(stderr, "tried to get %d bytes, got %zd\n", size, resp);
|
||||
free(buf);
|
||||
return 2;
|
||||
}
|
||||
for (int j = 0; j < size; j++) {
|
||||
printf("%02x", buf[j]);
|
||||
}
|
||||
}
|
||||
free(buf);
|
||||
printf("\n");
|
||||
return 0;
|
||||
};
|
||||
Reference in New Issue
Block a user