Blob Blame History Raw
From 9bf25f9e532dad32d71e95a85c413996d4bd58ac Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Oct 2013 23:11:23 +0200
Subject: [PATCH] hashmap: randomize hash functions a bit

---
 configure.ac         |   2 +-
 src/shared/hashmap.c | 104 +++++++++++++++++++++++++++++++--------------------
 src/shared/util.c    |  19 ++++++++++
 src/shared/util.h    |   1 +
 4 files changed, 85 insertions(+), 41 deletions(-)

diff --git a/configure.ac b/configure.ac
index c7f4f1b..2ae0411 100644
--- a/configure.ac
+++ b/configure.ac
@@ -804,7 +804,7 @@ have_myhostname=no
 AC_ARG_ENABLE(myhostname, AS_HELP_STRING([--disable-myhostname], [disable nss-myhostname support]))
 if test "x$enable_myhostname" != "xno"; then
         AC_HEADER_STDC
-        AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h])
+        AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h sys/auxv.h])
 
         AC_C_CONST
         AC_TYPE_SIZE_T
diff --git a/src/shared/hashmap.c b/src/shared/hashmap.c
index 6330792..f06fce6 100644
--- a/src/shared/hashmap.c
+++ b/src/shared/hashmap.c
@@ -24,6 +24,10 @@
 #include <string.h>
 #include <errno.h>
 
+#ifdef HAVE_SYS_AUXV_H
+#include <sys/auxv.h>
+#endif
+
 #include "util.h"
 #include "hashmap.h"
 #include "macro.h"
@@ -46,6 +50,7 @@ struct Hashmap {
         struct hashmap_entry ** buckets;
         unsigned n_buckets, n_entries;
 
+        unsigned random_xor;
         bool from_pool;
 };
 
@@ -171,10 +176,15 @@ int uint64_compare_func(const void *_a, const void *_b) {
         return a < b ? -1 : (a > b ? 1 : 0);
 }
 
+static unsigned bucket_hash(Hashmap *h, const void *p) {
+        return (h->hash_func(p) ^ h->random_xor) % h->n_buckets;
+}
+
 Hashmap *hashmap_new(hash_func_t hash_func, compare_func_t compare_func) {
         bool b;
         Hashmap *h;
         size_t size;
+        void *auxv;
 
         b = is_main_thread();
 
@@ -204,6 +214,19 @@ Hashmap *hashmap_new(hash_func_t hash_func, compare_func_t compare_func) {
 
         h->from_pool = b;
 
+        /* Let's randomize our hash functions a bit so that they are
+         * harder to guess for clients. For this, start out by cheaply
+         * using some bits the kernel passed into the process using
+         * the auxiliary vector. If the hashmap grows later on we will
+         * rehash everything using a new random XOR mask from
+         * /dev/random. */
+#ifdef HAVE_SYS_AUXV_H
+        auxv = (void*) getauxval(AT_RANDOM);
+        h->random_xor = auxv ? *(unsigned*) auxv : random_u();
+#else
+        h->random_xor = random_u();
+#endif
+
         return h;
 }
 
@@ -284,8 +307,7 @@ static void remove_entry(Hashmap *h, struct hashmap_entry *e) {
         assert(h);
         assert(e);
 
-        hash = h->hash_func(e->key) % h->n_buckets;
-
+        hash = bucket_hash(h, e->key);
         unlink_entry(h, e, hash);
 
         if (h->from_pool)
@@ -368,7 +390,6 @@ void hashmap_clear_free_free(Hashmap *h) {
         }
 }
 
-
 static struct hashmap_entry *hash_scan(Hashmap *h, unsigned hash, const void *key) {
         struct hashmap_entry *e;
         assert(h);
@@ -382,8 +403,8 @@ static struct hashmap_entry *hash_scan(Hashmap *h, unsigned hash, const void *ke
 }
 
 static bool resize_buckets(Hashmap *h) {
-        unsigned m;
         struct hashmap_entry **n, *i;
+        unsigned m, nxor;
 
         assert(h);
 
@@ -398,6 +419,11 @@ static bool resize_buckets(Hashmap *h) {
         if (!n)
                 return false;
 
+        /* Let's use a different randomized xor value for the
+         * extension, so that people cannot guess what we are using
+         * here forever */
+        nxor = random_u();
+
         for (i = h->iterate_list_head; i; i = i->iterate_next) {
                 unsigned hash, x;
 
@@ -410,10 +436,10 @@ static bool resize_buckets(Hashmap *h) {
                 if (i->bucket_previous)
                         i->bucket_previous->bucket_next = i->bucket_next;
                 else
-                        h->buckets[hash % h->n_buckets] = i->bucket_next;
+                        h->buckets[(hash ^ h->random_xor) % h->n_buckets] = i->bucket_next;
 
                 /* Then, add to new backet table */
-                x = hash % m;
+                x = (hash ^ nxor) % m;
 
                 i->bucket_next = n[x];
                 i->bucket_previous = NULL;
@@ -427,6 +453,7 @@ static bool resize_buckets(Hashmap *h) {
 
         h->buckets = n;
         h->n_buckets = m;
+        h->random_xor = nxor;
 
         return true;
 }
@@ -437,7 +464,7 @@ int hashmap_put(Hashmap *h, const void *key, void *value) {
 
         assert(h);
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
         e = hash_scan(h, hash, key);
         if (e) {
                 if (e->value == value)
@@ -446,7 +473,7 @@ int hashmap_put(Hashmap *h, const void *key, void *value) {
         }
 
         if (resize_buckets(h))
-                hash = h->hash_func(key) % h->n_buckets;
+                hash = bucket_hash(h, key);
 
         if (h->from_pool)
                 e = allocate_tile(&first_entry_pool, &first_entry_tile, sizeof(struct hashmap_entry));
@@ -470,7 +497,7 @@ int hashmap_replace(Hashmap *h, const void *key, void *value) {
 
         assert(h);
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
         e = hash_scan(h, hash, key);
         if (e) {
                 e->key = key;
@@ -487,7 +514,7 @@ int hashmap_update(Hashmap *h, const void *key, void *value) {
 
         assert(h);
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
         e = hash_scan(h, hash, key);
         if (!e)
                 return -ENOENT;
@@ -503,7 +530,7 @@ void* hashmap_get(Hashmap *h, const void *key) {
         if (!h)
                 return NULL;
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
         e = hash_scan(h, hash, key);
         if (!e)
                 return NULL;
@@ -518,7 +545,7 @@ void* hashmap_get2(Hashmap *h, const void *key, void **key2) {
         if (!h)
                 return NULL;
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
         e = hash_scan(h, hash, key);
         if (!e)
                 return NULL;
@@ -535,12 +562,8 @@ bool hashmap_contains(Hashmap *h, const void *key) {
         if (!h)
                 return false;
 
-        hash = h->hash_func(key) % h->n_buckets;
-
-        if (!hash_scan(h, hash, key))
-                return false;
-
-        return true;
+        hash = bucket_hash(h, key);
+        return !!hash_scan(h, hash, key);
 }
 
 void* hashmap_remove(Hashmap *h, const void *key) {
@@ -551,9 +574,9 @@ void* hashmap_remove(Hashmap *h, const void *key) {
         if (!h)
                 return NULL;
 
-        hash = h->hash_func(key) % h->n_buckets;
-
-        if (!(e = hash_scan(h, hash, key)))
+        hash = bucket_hash(h, key);
+        e = hash_scan(h, hash, key);
+        if (!e)
                 return NULL;
 
         data = e->value;
@@ -569,11 +592,12 @@ int hashmap_remove_and_put(Hashmap *h, const void *old_key, const void *new_key,
         if (!h)
                 return -ENOENT;
 
-        old_hash = h->hash_func(old_key) % h->n_buckets;
-        if (!(e = hash_scan(h, old_hash, old_key)))
+        old_hash = bucket_hash(h, old_key);
+        e = hash_scan(h, old_hash, old_key);
+        if (!e)
                 return -ENOENT;
 
-        new_hash = h->hash_func(new_key) % h->n_buckets;
+        new_hash = bucket_hash(h, new_key);
         if (hash_scan(h, new_hash, new_key))
                 return -EEXIST;
 
@@ -594,12 +618,14 @@ int hashmap_remove_and_replace(Hashmap *h, const void *old_key, const void *new_
         if (!h)
                 return -ENOENT;
 
-        old_hash = h->hash_func(old_key) % h->n_buckets;
-        if (!(e = hash_scan(h, old_hash, old_key)))
+        old_hash = bucket_hash(h, old_key);
+        e = hash_scan(h, old_hash, old_key);
+        if (!e)
                 return -ENOENT;
 
-        new_hash = h->hash_func(new_key) % h->n_buckets;
-        if ((k = hash_scan(h, new_hash, new_key)))
+        new_hash = bucket_hash(h, new_key);
+        k = hash_scan(h, new_hash, new_key);
+        if (k)
                 if (e != k)
                         remove_entry(h, k);
 
@@ -620,7 +646,7 @@ void* hashmap_remove_value(Hashmap *h, const void *key, void *value) {
         if (!h)
                 return NULL;
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
 
         e = hash_scan(h, hash, key);
         if (!e)
@@ -711,7 +737,7 @@ void *hashmap_iterate_skip(Hashmap *h, const void *key, Iterator *i) {
         if (!h)
                 return NULL;
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
 
         e = hash_scan(h, hash, key);
         if (!e)
@@ -820,9 +846,9 @@ int hashmap_merge(Hashmap *h, Hashmap *other) {
         for (e = other->iterate_list_head; e; e = e->iterate_next) {
                 int r;
 
-                if ((r = hashmap_put(h, e->key, e->value)) < 0)
-                        if (r != -EEXIST)
-                                return r;
+                r = hashmap_put(h, e->key, e->value);
+                if (r < 0 && r != -EEXIST)
+                        return r;
         }
 
         return 0;
@@ -844,13 +870,11 @@ void hashmap_move(Hashmap *h, Hashmap *other) {
 
                 n = e->iterate_next;
 
-                h_hash = h->hash_func(e->key) % h->n_buckets;
-
+                h_hash = bucket_hash(h, e->key);
                 if (hash_scan(h, h_hash, e->key))
                         continue;
 
-                other_hash = other->hash_func(e->key) % other->n_buckets;
-
+                other_hash = bucket_hash(other, e->key);
                 unlink_entry(other, e, other_hash);
                 link_entry(h, e, h_hash);
         }
@@ -865,11 +889,11 @@ int hashmap_move_one(Hashmap *h, Hashmap *other, const void *key) {
 
         assert(h);
 
-        h_hash = h->hash_func(key) % h->n_buckets;
+        h_hash = bucket_hash(h, key);
         if (hash_scan(h, h_hash, key))
                 return -EEXIST;
 
-        other_hash = other->hash_func(key) % other->n_buckets;
+        other_hash = bucket_hash(other, key);
         e = hash_scan(other, other_hash, key);
         if (!e)
                 return -ENOENT;
@@ -925,7 +949,7 @@ void *hashmap_next(Hashmap *h, const void *key) {
         if (!h)
                 return NULL;
 
-        hash = h->hash_func(key) % h->n_buckets;
+        hash = bucket_hash(h, key);
         e = hash_scan(h, hash, key);
         if (!e)
                 return NULL;
diff --git a/src/shared/util.c b/src/shared/util.c
index e69d1ff..95fe35e 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -2420,6 +2420,25 @@ fallback:
         return random() * RAND_MAX + random();
 }
 
+unsigned random_u(void) {
+        _cleanup_close_ int fd;
+        unsigned u;
+        ssize_t r;
+
+        fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
+        if (fd < 0)
+                goto fallback;
+
+        r = loop_read(fd, &u, sizeof(u), true);
+        if (r != sizeof(u))
+                goto fallback;
+
+        return u;
+
+fallback:
+        return random() * RAND_MAX + random();
+}
+
 void rename_process(const char name[8]) {
         assert(name);
 
diff --git a/src/shared/util.h b/src/shared/util.h
index 63f4e3d..1b845b3 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -253,6 +253,7 @@ int make_null_stdio(void);
 int make_console_stdio(void);
 
 unsigned long long random_ull(void);
+unsigned random_u(void);
 
 /* For basic lookup tables with strictly enumerated entries */
 #define __DEFINE_STRING_TABLE_LOOKUP(name,type,scope)                   \