From 6acfeeff53b430d635bf6d10a4e0bb8a2379194f Mon Sep 17 00:00:00 2001
From: Casey Bodley <cbodley@redhat.com>
Date: Tue, 26 Sep 2017 10:36:47 -0400
Subject: [PATCH] random: use ceph::util for non-cryptographic randomness

Signed-off-by: Casey Bodley <cbodley@redhat.com>
---
 src/auth/cephx/CephxClientHandler.cc  |  3 ++-
 src/auth/cephx/CephxServiceHandler.cc |  7 ++++---
 src/ceph_mds.cc                       |  4 ++--
 src/mds/DamageTable.h                 |  4 ++--
 src/msg/Messenger.cc                  |  3 +--
 src/msg/async/AsyncConnection.cc      | 16 +++++-----------
 src/msg/async/AsyncConnection.h       |  2 +-
 src/msg/simple/Pipe.cc                | 21 ++++++---------------
 src/msg/simple/Pipe.h                 |  2 +-
 src/rgw/rgw_data_sync.cc              |  7 +++----
 src/rgw/rgw_gc.cc                     |  9 +++------
 src/rgw/rgw_lc.cc                     |  9 +++------
 src/rgw/rgw_rados.cc                  | 23 ++++++-----------------
 src/rgw/rgw_swift_auth.cc             |  8 ++------
 src/tools/rados/rados.cc              | 27 +++++++++++----------------
 15 files changed, 52 insertions(+), 93 deletions(-)

diff --git a/src/auth/cephx/CephxClientHandler.cc b/src/auth/cephx/CephxClientHandler.cc
index 89d4290373f58..327ca878b3159 100644
--- a/src/auth/cephx/CephxClientHandler.cc
+++ b/src/auth/cephx/CephxClientHandler.cc
@@ -19,6 +19,7 @@
 #include "CephxProtocol.h"
 
 #include "auth/KeyRing.h"
+#include "include/random.h"
 #include "common/config.h"
 #include "common/dout.h"
 
@@ -53,7 +54,7 @@ int CephxClientHandler::build_request(bufferlist& bl) const
     }
 
     CephXAuthenticate req;
-    get_random_bytes((char *)&req.client_challenge, sizeof(req.client_challenge));
+    req.client_challenge = ceph::util::generate_random_number<uint64_t>();
     std::string error;
     cephx_calc_client_server_challenge(cct, secret, server_challenge,
 				       req.client_challenge, &req.key, error);
diff --git a/src/auth/cephx/CephxServiceHandler.cc b/src/auth/cephx/CephxServiceHandler.cc
index 3184835a14dcf..2fefe1de933bf 100644
--- a/src/auth/cephx/CephxServiceHandler.cc
+++ b/src/auth/cephx/CephxServiceHandler.cc
@@ -19,6 +19,7 @@
 #include <errno.h>
 #include <sstream>
 
+#include "include/random.h"
 #include "common/config.h"
 #include "common/debug.h"
 
@@ -30,9 +31,9 @@ int CephxServiceHandler::start_session(EntityName& name, bufferlist::iterator& i
 {
   entity_name = name;
 
-  get_random_bytes((char *)&server_challenge, sizeof(server_challenge));
-  if (!server_challenge)
-    server_challenge = 1;  // always non-zero.
+  uint64_t min = 1; // always non-zero
+  uint64_t max = std::numeric_limits<uint64_t>::max();
+  server_challenge = ceph::util::generate_random_number<uint64_t>(min, max);
   ldout(cct, 10) << "start_session server_challenge " << hex << server_challenge << dec << dendl;
 
   CephXServerChallenge ch;
diff --git a/src/ceph_mds.cc b/src/ceph_mds.cc
index b6cff8348ebaa..acce67289aff5 100644
--- a/src/ceph_mds.cc
+++ b/src/ceph_mds.cc
@@ -23,6 +23,7 @@ using namespace std;
 
 #include "include/ceph_features.h"
 #include "include/compat.h"
+#include "include/random.h"
 
 #include "common/config.h"
 #include "common/strtol.h"
@@ -144,8 +145,7 @@ int main(int argc, const char **argv)
       "MDS names may not start with a numeric digit." << dendl;
   }
 
-  uint64_t nonce = 0;
-  get_random_bytes((char*)&nonce, sizeof(nonce));
+  auto nonce = ceph::util::generate_random_number<uint64_t>();
 
   std::string public_msgr_type = g_conf->ms_public_type.empty() ? g_conf->get_val<std::string>("ms_type") : g_conf->ms_public_type;
   Messenger *msgr = Messenger::create(g_ceph_context, public_msgr_type,
diff --git a/src/mds/DamageTable.h b/src/mds/DamageTable.h
index bc6d3bfdae927..34c7da02e73c8 100644
--- a/src/mds/DamageTable.h
+++ b/src/mds/DamageTable.h
@@ -17,7 +17,7 @@
 #define DAMAGE_TABLE_H_
 
 #include "mdstypes.h"
-#include "auth/Crypto.h"
+#include "include/random.h"
 
 class CDir;
 
@@ -43,7 +43,7 @@ class DamageEntry
 
   DamageEntry()
   {
-    id = get_random(0, 0xffffffff);
+    id = ceph::util::generate_random_number<damage_entry_id_t>(0, 0xffffffff);
     reported_at = ceph_clock_now();
   }
 
diff --git a/src/msg/Messenger.cc b/src/msg/Messenger.cc
index 3d9b57c12bc5f..22c5919558330 100644
--- a/src/msg/Messenger.cc
+++ b/src/msg/Messenger.cc
@@ -17,8 +17,7 @@
 Messenger *Messenger::create_client_messenger(CephContext *cct, string lname)
 {
   std::string public_msgr_type = cct->_conf->ms_public_type.empty() ? cct->_conf->get_val<std::string>("ms_type") : cct->_conf->ms_public_type;
-  uint64_t nonce = 0;
-  get_random_bytes((char*)&nonce, sizeof(nonce));
+  auto nonce = ceph::util::generate_random_number<uint64_t>();
   return Messenger::create(cct, public_msgr_type, entity_name_t::CLIENT(),
 			   std::move(lname), nonce, 0);
 }
diff --git a/src/msg/async/AsyncConnection.cc b/src/msg/async/AsyncConnection.cc
index ce76f1508834c..6a24b7c4b1466 100644
--- a/src/msg/async/AsyncConnection.cc
+++ b/src/msg/async/AsyncConnection.cc
@@ -17,6 +17,7 @@
 #include <unistd.h>
 
 #include "include/Context.h"
+#include "include/random.h"
 #include "common/errno.h"
 #include "AsyncMessenger.h"
 #include "AsyncConnection.h"
@@ -2025,21 +2026,16 @@ void AsyncConnection::discard_out_queue()
   out_q.clear();
 }
 
-int AsyncConnection::randomize_out_seq()
+void AsyncConnection::randomize_out_seq()
 {
   if (get_features() & CEPH_FEATURE_MSG_AUTH) {
-    // Set out_seq to a random value, so CRC won't be predictable.   Don't bother checking seq_error
-    // here.  We'll check it on the call.  PLR
-    uint64_t rand_seq;
-    int seq_error = get_random_bytes((char *)&rand_seq, sizeof(rand_seq));
-    rand_seq &= SEQ_MASK;
+    // Set out_seq to a random value, so CRC won't be predictable.
+    auto rand_seq = ceph::util::generate_random_number<uint64_t>(0, SEQ_MASK);
     lsubdout(async_msgr->cct, ms, 10) << __func__ << " randomize_out_seq " << rand_seq << dendl;
     out_seq = rand_seq;
-    return seq_error;
   } else {
     // previously, seq #'s always started at 0.
     out_seq = 0;
-    return 0;
   }
 }
 
@@ -2137,9 +2133,7 @@ void AsyncConnection::was_session_reset()
 
   dispatch_queue->queue_remote_reset(this);
 
-  if (randomize_out_seq()) {
-    ldout(async_msgr->cct, 15) << __func__ << " could not get random bytes to set seq number for session reset; set seq number to " << out_seq << dendl;
-  }
+  randomize_out_seq();
 
   in_seq = 0;
   connect_seq = 0;
diff --git a/src/msg/async/AsyncConnection.h b/src/msg/async/AsyncConnection.h
index ab2ff2c4ab050..2f3ec202599ce 100644
--- a/src/msg/async/AsyncConnection.h
+++ b/src/msg/async/AsyncConnection.h
@@ -70,7 +70,7 @@ class AsyncConnection : public Connection {
   void discard_out_queue();
   void discard_requeued_up_to(uint64_t seq);
   void requeue_sent();
-  int randomize_out_seq();
+  void randomize_out_seq();
   void handle_ack(uint64_t seq);
   void _append_keepalive_or_ack(bool ack=false, utime_t *t=NULL);
   ssize_t write_message(Message *m, bufferlist& bl, bool more);
diff --git a/src/msg/simple/Pipe.cc b/src/msg/simple/Pipe.cc
index 1bb6faa52dda0..581c8e7c64f5f 100644
--- a/src/msg/simple/Pipe.cc
+++ b/src/msg/simple/Pipe.cc
@@ -31,11 +31,11 @@
 
 // Below included to get encode_encrypt(); That probably should be in Crypto.h, instead
 
-#include "auth/Crypto.h"
 #include "auth/cephx/CephxProtocol.h"
 #include "auth/AuthSessionHandler.h"
 
 #include "include/sock_compat.h"
+#include "include/random.h"
 
 // Constant to limit starting sequence number to 2^31.  Nothing special about it, just a big number.  PLR
 #define SEQ_MASK  0x7fffffff 
@@ -160,10 +160,7 @@ Pipe::Pipe(SimpleMessenger *r, int st, PipeConnection *con)
     connection_state->pipe = get();
   }
 
-  if (randomize_out_seq()) {
-    lsubdout(msgr->cct,ms,15) << "Pipe(): Could not get random bytes to set seq number for session reset; set seq number to " << out_seq << dendl;
-  }
-    
+  randomize_out_seq();
 
   msgr->timeout = msgr->cct->_conf->ms_tcp_read_timeout * 1000; //convert to ms
   if (msgr->timeout == 0)
@@ -1546,19 +1543,15 @@ void Pipe::fault(bool onread)
   }
 }
 
-int Pipe::randomize_out_seq()
+void Pipe::randomize_out_seq()
 {
   if (connection_state->get_features() & CEPH_FEATURE_MSG_AUTH) {
-    // Set out_seq to a random value, so CRC won't be predictable.   Don't bother checking seq_error
-    // here.  We'll check it on the call.  PLR
-    int seq_error = get_random_bytes((char *)&out_seq, sizeof(out_seq));
-    out_seq &= SEQ_MASK;
+    // Set out_seq to a random value, so CRC won't be predictable.
+    out_seq = ceph::util::generate_random_number<uint64_t>(0, SEQ_MASK);
     lsubdout(msgr->cct, ms, 10) << "randomize_out_seq " << out_seq << dendl;
-    return seq_error;
   } else {
     // previously, seq #'s always started at 0.
     out_seq = 0;
-    return 0;
   }
 }
 
@@ -1574,9 +1567,7 @@ void Pipe::was_session_reset()
 
   msgr->dispatch_queue.queue_remote_reset(connection_state.get());
 
-  if (randomize_out_seq()) {
-    lsubdout(msgr->cct,ms,15) << "was_session_reset(): Could not get random bytes to set seq number for session reset; set seq number to " << out_seq << dendl;
-  }
+  randomize_out_seq();
 
   in_seq = 0;
   connect_seq = 0;
diff --git a/src/msg/simple/Pipe.h b/src/msg/simple/Pipe.h
index d8d2a8e0831db..ca67770cc8192 100644
--- a/src/msg/simple/Pipe.h
+++ b/src/msg/simple/Pipe.h
@@ -162,7 +162,7 @@ static const int SM_IOV_MAX = (IOV_MAX >= 1024 ? IOV_MAX / 4 : IOV_MAX);
     void writer();
     void unlock_maybe_reap();
 
-    int randomize_out_seq();
+    void randomize_out_seq();
 
     int read_message(Message **pm,
 		     AuthSessionHandler *session_security_copy);
diff --git a/src/rgw/rgw_data_sync.cc b/src/rgw/rgw_data_sync.cc
index 72cd1ef8bf581..9e924fa0f122e 100644
--- a/src/rgw/rgw_data_sync.cc
+++ b/src/rgw/rgw_data_sync.cc
@@ -21,7 +21,7 @@
 
 #include "cls/lock/cls_lock_client.h"
 
-#include "auth/Crypto.h"
+#include "include/random.h"
 
 #include <boost/asio/yield.hpp>
 
@@ -683,8 +683,7 @@ int RGWRemoteDataLog::init_sync_status(int num_shards)
   }
   RGWDataSyncEnv sync_env_local = sync_env;
   sync_env_local.http_manager = &http_manager;
-  uint64_t instance_id;
-  get_random_bytes((char *)&instance_id, sizeof(instance_id));
+  auto instance_id = ceph::util::generate_random_number<uint64_t>();
   ret = crs.run(new RGWInitDataSyncStatusCoroutine(&sync_env_local, num_shards, instance_id, tn, &sync_status));
   http_manager.stop();
   return ret;
@@ -1552,7 +1551,7 @@ public:
         tn->log(20, SSTR("init"));
         sync_status.sync_info.num_shards = num_shards;
         uint64_t instance_id;
-        get_random_bytes((char *)&instance_id, sizeof(instance_id));
+        instance_id = ceph::util::generate_random_number<uint64_t>();
         yield call(new RGWInitDataSyncStatusCoroutine(sync_env, num_shards, instance_id, tn, &sync_status));
         if (retcode < 0) {
           tn->log(0, SSTR("ERROR: failed to init sync, retcode=" << retcode));
diff --git a/src/rgw/rgw_gc.cc b/src/rgw/rgw_gc.cc
index e29af16ed1762..69fea7c9932a1 100644
--- a/src/rgw/rgw_gc.cc
+++ b/src/rgw/rgw_gc.cc
@@ -6,7 +6,7 @@
 #include "cls/rgw/cls_rgw_client.h"
 #include "cls/refcount/cls_refcount_client.h"
 #include "cls/lock/cls_lock_client.h"
-#include "auth/Crypto.h"
+#include "include/random.h"
 
 #include <list>
 
@@ -240,14 +240,11 @@ int RGWGC::process()
 {
   int max_secs = cct->_conf->rgw_gc_processor_max_time;
 
-  unsigned start;
-  int ret = get_random_bytes((char *)&start, sizeof(start));
-  if (ret < 0)
-    return ret;
+  const int start = ceph::util::generate_random_number(0, max_objs - 1);
 
   for (int i = 0; i < max_objs; i++) {
     int index = (i + start) % max_objs;
-    ret = process(index, max_secs);
+    int ret = process(index, max_secs);
     if (ret < 0)
       return ret;
   }
diff --git a/src/rgw/rgw_lc.cc b/src/rgw/rgw_lc.cc
index cdcfaffff77cc..41b541e373f9f 100644
--- a/src/rgw/rgw_lc.cc
+++ b/src/rgw/rgw_lc.cc
@@ -7,7 +7,7 @@
 
 #include "common/Formatter.h"
 #include <common/errno.h>
-#include "auth/Crypto.h"
+#include "include/random.h"
 #include "cls/rgw/cls_rgw_client.h"
 #include "cls/lock/cls_lock_client.h"
 #include "rgw_common.h"
@@ -597,14 +597,11 @@ int RGWLC::process()
 {
   int max_secs = cct->_conf->rgw_lc_lock_max_time;
 
-  unsigned start;
-  int ret = get_random_bytes((char *)&start, sizeof(start));
-  if (ret < 0)
-    return ret;
+  const int start = ceph::util::generate_random_number(0, max_objs - 1);
 
   for (int i = 0; i < max_objs; i++) {
     int index = (i + start) % max_objs;
-    ret = process(index, max_secs);
+    int ret = process(index, max_secs);
     if (ret < 0)
       return ret;
   }
diff --git a/src/rgw/rgw_rados.cc b/src/rgw/rgw_rados.cc
index b9181d47359af..1ca671d861d04 100644
--- a/src/rgw/rgw_rados.cc
+++ b/src/rgw/rgw_rados.cc
@@ -60,7 +60,7 @@ using namespace librados;
 #include <atomic>
 #include <list>
 #include <map>
-#include "auth/Crypto.h" // get_random_bytes()
+#include "include/random.h"
 
 #include "rgw_log.h"
 
@@ -6002,24 +6002,13 @@ read_omap:
     }
   }
 
-  map<string, bufferlist>::iterator miter;
+  auto miter = m.begin();
   if (m.size() > 1) {
-    vector<string> v;
-    for (miter = m.begin(); miter != m.end(); ++miter) {
-      v.push_back(miter->first);
-    }
-
-    uint32_t r;
-    ret = get_random_bytes((char *)&r, sizeof(r));
-    if (ret < 0)
-      return ret;
-
-    int i = r % v.size();
-    pool_name = v[i];
-  } else {
-    miter = m.begin();
-    pool_name = miter->first;
+    // choose a pool at random
+    auto r = ceph::util::generate_random_number<size_t>(0, m.size() - 1);
+    std::advance(miter, r);
   }
+  pool_name = miter->first;
 
   rule_info->data_pool = pool_name;
   rule_info->data_extra_pool = pool_name;
diff --git a/src/rgw/rgw_swift_auth.cc b/src/rgw/rgw_swift_auth.cc
index 15dfe032b3aa3..0222a9f0dd809 100644
--- a/src/rgw/rgw_swift_auth.cc
+++ b/src/rgw/rgw_swift_auth.cc
@@ -14,7 +14,7 @@
 #include "common/ceph_crypto.h"
 #include "common/Clock.h"
 
-#include "auth/Crypto.h"
+#include "include/random.h"
 
 #include "rgw_client_io.h"
 #include "rgw_http_client.h"
@@ -455,11 +455,7 @@ static int build_token(const string& swift_user,
 static int encode_token(CephContext *cct, string& swift_user, string& key,
 			bufferlist& bl)
 {
-  uint64_t nonce;
-
-  int ret = get_random_bytes((char *)&nonce, sizeof(nonce));
-  if (ret < 0)
-    return ret;
+  const auto nonce = ceph::util::generate_random_number<uint64_t>();
 
   utime_t expiration = ceph_clock_now();
   expiration += cct->_conf->rgw_swift_token_expiration;
diff --git a/src/tools/rados/rados.cc b/src/tools/rados/rados.cc
index 15535e1747a64..eb2dd24b57a09 100644
--- a/src/tools/rados/rados.cc
+++ b/src/tools/rados/rados.cc
@@ -30,7 +30,7 @@ using namespace libradosstriper;
 #include "common/TextTable.h"
 #include "include/stringify.h"
 #include "mds/inode_backtrace.h"
-#include "auth/Crypto.h"
+#include "include/random.h"
 #include <iostream>
 #include <fstream>
 
@@ -53,6 +53,7 @@ using namespace libradosstriper;
 #include "RadosImport.h"
 
 using namespace librados;
+using ceph::util::generate_random_number;
 
 // two steps seem to be necessary to do this right
 #define STR(x) _STR(x)
@@ -514,22 +515,16 @@ public:
 
 static const char alphanum_table[]="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
 
-int gen_rand_alphanumeric(char *dest, int size) /* size should be the required string size + 1 */
+void gen_rand_alphanumeric(char *dest, int size) /* size should be the required string size + 1 */
 {
-  int ret = get_random_bytes(dest, size);
-  if (ret < 0) {
-    cerr << "cannot get random bytes: " << cpp_strerror(ret) << std::endl;
-    return -1;
-  }
+  const int max = sizeof(alphanum_table) - 2;
 
   int i;
   for (i=0; i<size - 1; i++) {
-    int pos = (unsigned)dest[i];
-    dest[i] = alphanum_table[pos & 63];
+    int pos = generate_random_number(0, max);
+    dest[i] = alphanum_table[pos];
   }
   dest[i] = '\0';
-
-  return 0;
 }
 
 struct obj_info {
@@ -691,7 +686,7 @@ int LoadGen::bootstrap(const char *pool)
     gen_rand_alphanumeric(buf, 16);
     info.name = "obj-";
     info.name.append(buf);
-    info.len = get_random(min_obj_len, max_obj_len);
+    info.len = generate_random_number(min_obj_len, max_obj_len);
 
     // throttle...
     while (completions.size() > max_ops) {
@@ -753,14 +748,14 @@ void LoadGen::run_op(LoadGenOp *op)
 
 void LoadGen::gen_op(LoadGenOp *op)
 {
-  int i = get_random(0, objs.size() - 1);
+  int i = generate_random_number<int>(0, objs.size() - 1);
   obj_info& info = objs[i];
   op->oid = info.name;
 
-  size_t len = get_random(min_op_len, max_op_len);
+  size_t len = generate_random_number(min_op_len, max_op_len);
   if (len > info.len)
     len = info.len;
-  size_t off = get_random(0, info.len);
+  size_t off = generate_random_number<size_t>(0, info.len);
 
   if (off + len > info.len)
     off = info.len - len;
@@ -768,7 +763,7 @@ void LoadGen::gen_op(LoadGenOp *op)
   op->off = off;
   op->len = len;
 
-  i = get_random(1, 100);
+  i = generate_random_number(1, 100);
   if (i > read_percent)
     op->type = OP_WRITE;
   else
-- 
2.39.5