From 9bf25f9e532dad32d71e95a85c413996d4bd58ac Mon Sep 17 00:00:00 2001

From: Lennart Poettering <lennart@poettering.net>

Date: Tue, 1 Oct 2013 23:11:23 +0200

Subject: [PATCH] hashmap: randomize hash functions a bit

---

 configure.ac         |   2 +-

 src/shared/hashmap.c | 104 +++++++++++++++++++++++++++++++--------------------

 src/shared/util.c    |  19 ++++++++++

 src/shared/util.h    |   1 +

 4 files changed, 85 insertions(+), 41 deletions(-)

diff --git a/configure.ac b/configure.ac

index c7f4f1b..2ae0411 100644

--- a/configure.ac

+++ b/configure.ac

@@ -804,7 +804,7 @@ have_myhostname=no

 AC_ARG_ENABLE(myhostname, AS_HELP_STRING([--disable-myhostname], [disable nss-myhostname support]))

 if test "x$enable_myhostname" != "xno"; then

         AC_HEADER_STDC

-        AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h])

+        AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h sys/auxv.h])

         AC_C_CONST

         AC_TYPE_SIZE_T

diff --git a/src/shared/hashmap.c b/src/shared/hashmap.c

index 6330792..f06fce6 100644

--- a/src/shared/hashmap.c

+++ b/src/shared/hashmap.c

@@ -24,6 +24,10 @@

 #include <string.h>

 #include <errno.h>

+#ifdef HAVE_SYS_AUXV_H

+#include <sys/auxv.h>

+#endif

+

 #include "util.h"

 #include "hashmap.h"

 #include "macro.h"

@@ -46,6 +50,7 @@ struct Hashmap {

         struct hashmap_entry ** buckets;

         unsigned n_buckets, n_entries;

+        unsigned random_xor;

         bool from_pool;

 };

@@ -171,10 +176,15 @@ int uint64_compare_func(const void *_a, const void *_b) {

         return a < b ? -1 : (a > b ? 1 : 0);

 }

+static unsigned bucket_hash(Hashmap *h, const void *p) {

+        return (h->hash_func(p) ^ h->random_xor) % h->n_buckets;

+}

+

 Hashmap *hashmap_new(hash_func_t hash_func, compare_func_t compare_func) {

         bool b;

         Hashmap *h;

         size_t size;

+        void *auxv;

         b = is_main_thread();

@@ -204,6 +214,19 @@ Hashmap *hashmap_new(hash_func_t hash_func, compare_func_t compare_func) {

         h->from_pool = b;

+        /* Let's randomize our hash functions a bit so that they are

+         * harder to guess for clients. For this, start out by cheaply

+         * using some bits the kernel passed into the process using

+         * the auxiliary vector. If the hashmap grows later on we will

+         * rehash everything using a new random XOR mask from

+         * /dev/random. */

+#ifdef HAVE_SYS_AUXV_H

+        auxv = (void*) getauxval(AT_RANDOM);

+        h->random_xor = auxv ? *(unsigned*) auxv : random_u();

+#else

+        h->random_xor = random_u();

+#endif

+

         return h;

 }

@@ -284,8 +307,7 @@ static void remove_entry(Hashmap *h, struct hashmap_entry *e) {

         assert(h);

         assert(e);

-        hash = h->hash_func(e->key) % h->n_buckets;

-

+        hash = bucket_hash(h, e->key);

         unlink_entry(h, e, hash);

         if (h->from_pool)

@@ -368,7 +390,6 @@ void hashmap_clear_free_free(Hashmap *h) {

         }

 }

-

 static struct hashmap_entry *hash_scan(Hashmap *h, unsigned hash, const void *key) {

         struct hashmap_entry *e;

         assert(h);

@@ -382,8 +403,8 @@ static struct hashmap_entry *hash_scan(Hashmap *h, unsigned hash, const void *ke

 }

 static bool resize_buckets(Hashmap *h) {

-        unsigned m;

         struct hashmap_entry **n, *i;

+        unsigned m, nxor;

         assert(h);

@@ -398,6 +419,11 @@ static bool resize_buckets(Hashmap *h) {

         if (!n)

                 return false;

+        /* Let's use a different randomized xor value for the

+         * extension, so that people cannot guess what we are using

+         * here forever */

+        nxor = random_u();

+

         for (i = h->iterate_list_head; i; i = i->iterate_next) {

                 unsigned hash, x;

@@ -410,10 +436,10 @@ static bool resize_buckets(Hashmap *h) {

                 if (i->bucket_previous)

                         i->bucket_previous->bucket_next = i->bucket_next;

                 else

-                        h->buckets[hash % h->n_buckets] = i->bucket_next;

+                        h->buckets[(hash ^ h->random_xor) % h->n_buckets] = i->bucket_next;

                 /* Then, add to new backet table */

-                x = hash % m;

+                x = (hash ^ nxor) % m;

                 i->bucket_next = n[x];

                 i->bucket_previous = NULL;

@@ -427,6 +453,7 @@ static bool resize_buckets(Hashmap *h) {

         h->buckets = n;

         h->n_buckets = m;

+        h->random_xor = nxor;

         return true;

 }

@@ -437,7 +464,7 @@ int hashmap_put(Hashmap *h, const void *key, void *value) {

         assert(h);

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (e) {

                 if (e->value == value)

@@ -446,7 +473,7 @@ int hashmap_put(Hashmap *h, const void *key, void *value) {

         }

         if (resize_buckets(h))

-                hash = h->hash_func(key) % h->n_buckets;

+                hash = bucket_hash(h, key);

         if (h->from_pool)

                 e = allocate_tile(&first_entry_pool, &first_entry_tile, sizeof(struct hashmap_entry));

@@ -470,7 +497,7 @@ int hashmap_replace(Hashmap *h, const void *key, void *value) {

         assert(h);

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (e) {

                 e->key = key;

@@ -487,7 +514,7 @@ int hashmap_update(Hashmap *h, const void *key, void *value) {

         assert(h);

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (!e)

                 return -ENOENT;

@@ -503,7 +530,7 @@ void* hashmap_get(Hashmap *h, const void *key) {

         if (!h)

                 return NULL;

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (!e)

                 return NULL;

@@ -518,7 +545,7 @@ void* hashmap_get2(Hashmap *h, const void *key, void **key2) {

         if (!h)

                 return NULL;

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (!e)

                 return NULL;

@@ -535,12 +562,8 @@ bool hashmap_contains(Hashmap *h, const void *key) {

         if (!h)

                 return false;

-        hash = h->hash_func(key) % h->n_buckets;

-

-        if (!hash_scan(h, hash, key))

-                return false;

-

-        return true;

+        hash = bucket_hash(h, key);

+        return !!hash_scan(h, hash, key);

 }

 void* hashmap_remove(Hashmap *h, const void *key) {

@@ -551,9 +574,9 @@ void* hashmap_remove(Hashmap *h, const void *key) {

         if (!h)

                 return NULL;

-        hash = h->hash_func(key) % h->n_buckets;

-

-        if (!(e = hash_scan(h, hash, key)))

+        hash = bucket_hash(h, key);

+        e = hash_scan(h, hash, key);

+        if (!e)

                 return NULL;

         data = e->value;

@@ -569,11 +592,12 @@ int hashmap_remove_and_put(Hashmap *h, const void *old_key, const void *new_key,

         if (!h)

                 return -ENOENT;

-        old_hash = h->hash_func(old_key) % h->n_buckets;

-        if (!(e = hash_scan(h, old_hash, old_key)))

+        old_hash = bucket_hash(h, old_key);

+        e = hash_scan(h, old_hash, old_key);

+        if (!e)

                 return -ENOENT;

-        new_hash = h->hash_func(new_key) % h->n_buckets;

+        new_hash = bucket_hash(h, new_key);

         if (hash_scan(h, new_hash, new_key))

                 return -EEXIST;

@@ -594,12 +618,14 @@ int hashmap_remove_and_replace(Hashmap *h, const void *old_key, const void *new_

         if (!h)

                 return -ENOENT;

-        old_hash = h->hash_func(old_key) % h->n_buckets;

-        if (!(e = hash_scan(h, old_hash, old_key)))

+        old_hash = bucket_hash(h, old_key);

+        e = hash_scan(h, old_hash, old_key);

+        if (!e)

                 return -ENOENT;

-        new_hash = h->hash_func(new_key) % h->n_buckets;

-        if ((k = hash_scan(h, new_hash, new_key)))

+        new_hash = bucket_hash(h, new_key);

+        k = hash_scan(h, new_hash, new_key);

+        if (k)

                 if (e != k)

                         remove_entry(h, k);

@@ -620,7 +646,7 @@ void* hashmap_remove_value(Hashmap *h, const void *key, void *value) {

         if (!h)

                 return NULL;

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (!e)

@@ -711,7 +737,7 @@ void *hashmap_iterate_skip(Hashmap *h, const void *key, Iterator *i) {

         if (!h)

                 return NULL;

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (!e)

@@ -820,9 +846,9 @@ int hashmap_merge(Hashmap *h, Hashmap *other) {

         for (e = other->iterate_list_head; e; e = e->iterate_next) {

                 int r;

-                if ((r = hashmap_put(h, e->key, e->value)) < 0)

-                        if (r != -EEXIST)

-                                return r;

+                r = hashmap_put(h, e->key, e->value);

+                if (r < 0 && r != -EEXIST)

+                        return r;

         }

         return 0;

@@ -844,13 +870,11 @@ void hashmap_move(Hashmap *h, Hashmap *other) {

                 n = e->iterate_next;

-                h_hash = h->hash_func(e->key) % h->n_buckets;

-

+                h_hash = bucket_hash(h, e->key);

                 if (hash_scan(h, h_hash, e->key))

                         continue;

-                other_hash = other->hash_func(e->key) % other->n_buckets;

-

+                other_hash = bucket_hash(other, e->key);

                 unlink_entry(other, e, other_hash);

                 link_entry(h, e, h_hash);

         }

@@ -865,11 +889,11 @@ int hashmap_move_one(Hashmap *h, Hashmap *other, const void *key) {

         assert(h);

-        h_hash = h->hash_func(key) % h->n_buckets;

+        h_hash = bucket_hash(h, key);

         if (hash_scan(h, h_hash, key))

                 return -EEXIST;

-        other_hash = other->hash_func(key) % other->n_buckets;

+        other_hash = bucket_hash(other, key);

         e = hash_scan(other, other_hash, key);

         if (!e)

                 return -ENOENT;

@@ -925,7 +949,7 @@ void *hashmap_next(Hashmap *h, const void *key) {

         if (!h)

                 return NULL;

-        hash = h->hash_func(key) % h->n_buckets;

+        hash = bucket_hash(h, key);

         e = hash_scan(h, hash, key);

         if (!e)

                 return NULL;

diff --git a/src/shared/util.c b/src/shared/util.c

index e69d1ff..95fe35e 100644

--- a/src/shared/util.c

+++ b/src/shared/util.c

@@ -2420,6 +2420,25 @@ fallback:

         return random() * RAND_MAX + random();

 }

+unsigned random_u(void) {

+        _cleanup_close_ int fd;

+        unsigned u;

+        ssize_t r;

+

+        fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);

+        if (fd < 0)

+                goto fallback;

+

+        r = loop_read(fd, &u, sizeof(u), true);

+        if (r != sizeof(u))

+                goto fallback;

+

+        return u;

+

+fallback:

+        return random() * RAND_MAX + random();

+}

+

 void rename_process(const char name[8]) {

         assert(name);

diff --git a/src/shared/util.h b/src/shared/util.h

index 63f4e3d..1b845b3 100644

--- a/src/shared/util.h

+++ b/src/shared/util.h

@@ -253,6 +253,7 @@ int make_null_stdio(void);

 int make_console_stdio(void);

 unsigned long long random_ull(void);

+unsigned random_u(void);

 /* For basic lookup tables with strictly enumerated entries */

 #define __DEFINE_STRING_TABLE_LOOKUP(name,type,scope)                   \