Specify better random seed with kernel mechanisms

A better random seed can be obtained by combining getpid(), getppid(),
high-resolution timer, and ASLR.

Author: jserv

qtest.c

@@ -11,11 +11,17 @@
 #include <strings.h> /* strcasecmp */
 #include <sys/stat.h>
 #include <sys/wait.h>
-#include <time.h>
 #include <unistd.h>
 
+#if defined(__APPLE__)
+#include <mach/mach_time.h>
+#else /* Assume POSIX environments */
+#include <time.h>
+#endif
+
 #include "dudect/fixture.h"
 #include "list.h"
+#include "random.h"
 
 /* Shannon entropy */
 extern double shannon_entropy(const uint8_t *input_data);
@@ -979,6 +985,26 @@ static bool sanity_check()
     return true;
 }
 
+uintptr_t os_random(uintptr_t seed)
+{
+    /* ASLR makes the address random */
+    uintptr_t x = (uintptr_t) &os_random ^ seed;
+#if defined(__APPLE__)
+    x ^= (uintptr_t) mach_absolute_time();
+#else
+    struct timespec time;
+    clock_gettime(CLOCK_MONOTONIC, &time);
+    x ^= (uintptr_t) time.tv_sec;
+    x ^= (uintptr_t) time.tv_nsec;
+#endif
+    /* Do a few randomization steps */
+    uintptr_t max = ((x ^ (x >> 17)) & 0x0F) + 1;
+    for (uintptr_t i = 0; i < max; i++)
+        x = random_shuffle(x);
+    assert(x);
+    return x;
+}
+
 #define BUFSIZE 256
 int main(int argc, char *argv[])
 {
@@ -1026,7 +1052,11 @@ int main(int argc, char *argv[])
         }
     }
 
-    srand((unsigned int) (time(NULL)));
+    /* A better seed can be obtained by combining getpid() and its parent ID
+     * with the Unix time.
+     */
+    srand(os_random(getpid() ^ getppid()));
+
     queue_init();
     init_cmd();
     console_init();

random.h

@@ -13,4 +13,39 @@ static inline uint8_t randombit(void)
     return ret & 1;
 }
 
+#if INTPTR_MAX == INT64_MAX
+#define M_INTPTR_SHIFT (3)
+#elif INTPTR_MAX == INT32_MAX
+#define M_INTPTR_SHIFT (2)
+#else
+#error Platform pointers must be 32 or 64 bits
+#endif
+
+#define M_INTPTR_SIZE (1 << M_INTPTR_SHIFT)
+
+static inline uintptr_t random_shuffle(uintptr_t x)
+{
+    /* Ensure we do not get stuck in generating zeros */
+    if (x == 0)
+        x = 17;
+
+#if M_INTPTR_SIZE == 8
+    /* by Sebastiano Vigna, see: <http://xoshiro.di.unimi.it/splitmix64.c> */
+    x ^= x >> 30;
+    x *= 0xbf58476d1ce4e5b9UL;
+    x ^= x >> 27;
+    x *= 0x94d049bb133111ebUL;
+    x ^= x >> 31;
+#elif M_INTPTR_SIZE == 4
+    /* by Chris Wellons, see: <https://nullprogram.com/blog/2018/07/31/> */
+    x ^= x >> 16;
+    x *= 0x7feb352dUL;
+    x ^= x >> 15;
+    x *= 0x846ca68bUL;
+    x ^= x >> 16;
+#endif
+
+    return x;
+}
+
 #endif

scripts/pre-commit.hook

@@ -1,13 +1,15 @@
 #!/usr/bin/env bash
 
-CPPCHECK_suppresses="--inline-suppr harness.c --suppress=unmatchedSuppression:harness.c --suppress=missingIncludeSystem \
---suppress=unusedFunction:linenoise.c \
---suppress=ConfigurationNotChecked:random.c \
+CPPCHECK_suppresses="--inline-suppr harness.c --suppress=unmatchedSuppression:harness.c \
+--suppress=missingIncludeSystem \
+--suppress=noValidConfiguration \
+--suppress=unusedFunction \
+--suppress=unmatchedSuppression:qtest.c \
 --suppress=identicalInnerCondition:log2_lshift16.h \
 --suppress=nullPointerRedundantCheck:report.c \
 --suppress=nullPointerRedundantCheck:harness.c \
---suppress=nullPointer:qtest.c \
 --suppress=nullPointer:queue.c \
+--suppress=nullPointer:qtest.c \
 --suppress=unmatchedSuppression:queue.c"
 CPPCHECK_OPTS="-I. --enable=all --error-exitcode=1 --force $CPPCHECK_suppresses ."