Differential D6488
libkern: srandom() seed 0: produces predictable result. Authored by pfg on May 21 2016, 8:57 PM.
Details Our particular random() kernel implementation cannot use a zero value If this had to be standards compliant we would have to re-map it to 1, I propose setting using a non-zero value based on arc4random() for
Diff Detail
Event TimelineComment Actions To be honest, I don't see why libkern needs to deviate from common convention (including POSIX) here. What problem is being solved? Comment Actions The problem is using magic numbers like 123459876, but the real issue is that I would like to have a lighter alternative to arc4random that is not necessarily crypto-safe and I don't want to seed it with predictable numbers I would prefer Marsaglia's KISS or Mersenne Twister but this would be good enough. Comment Actions Hmm, random() is already slightly unpredictable because various parts of the kernel use it, so the determinism of srandom(1) is not really there anyway ;) Because random() is used from various parts of the kernel, the accesses to randseed are data races disallowed by C11. I guess this has limited practical effect. I wonder whether arc4random() is ready before random() is called for the first time. Comment Actions Well, I have a patch in D6442, replacing random() with arc4random(), that I plan to abandon in favor of this approach.
random() was replaced in kern_init.c for something internal (would have to dig the revision), it shouldn't be a problem. Comment Actions First, It breaks random API which suppose predictable results even with randseed 0. Comment Actions I.e. it is a hack which may confuse programmer who attempt to use predictable/saved random states in the kernel since function name stays the same and not telling him that results will changed on the fly with saved seed 0. Comment Actions Mersenne primes PRNGs either suffers from visible patters or shorten range to compensate it. Better use this one 32bit and 64bit shifts&xors based, PDF article inside: Comment Actions Mersenne Twister doesn't pass all statistics tests. I even think it's used in courses for wanna-be "hackers". It is very fast though, The MT homepage has accelerated versions for several processors, and it is appropriate for Montecarlo Simulations and/or games (the PS4 credits it in their opensource page). kargl@ pointed me to Marsaglia's KISS which is about as simple as it can be (a combination of two LCG's I think) and passes all the statistical tests. The problem with both Marsaglia's KISS and MT, is that the seed is too big for what our libc expects. Comment Actions I correct myself, Marsagila's KISS combines three RNGs: http://www.thecodingforums.com/threads/64-bit-kiss-rngs.673657/ |