udev: when random MACs are requested, generate them with genuine randomness

This is a security feature, and we thus shouldn't derive the random MACs from a potentially guessable source. MAC addresses are after all facing to the outside, and can be interacted with from untrusted environments. Hence, let's generate them the same way as we generate UUIDs: from getrandom() or /dev/urandom, and optionally with RDRAND if that's supported. RDRAND should be fine, since this is not cryptographic key material, but ultimately public information. We just want to make sure conflicts are not likely. Previously we'd generate the MACs via rand(), which means given the short seed they are a little bit too guessable, making collisions too likely. See #14355 in particular. Fixes: #14355 (Note that #14355 was already fixed by a0f11d1d11, but I think we should do better even, and not rely on rand() and uninitialized random pools)
2020-05-19 23:07:15 +02:00 · 2020-05-19 23:07:15 +02:00 · 550c8784c5
parent d08a6ec39c
commit 550c8784c5
1 changed files with 5 additions and 1 deletions
--- a/src/udev/net/link-config.c
+++ b/src/udev/net/link-config.c
@ -328,7 +328,11 @@ static int get_mac(sd_device *device, MACAddressPolicy policy, struct ether_addr

        if (want_random) {
                log_device_debug(device, "Using random bytes to generate MAC");
-                random_bytes(mac->ether_addr_octet, ETH_ALEN);
+
+                /* We require genuine randomness here, since we want to make sure we won't collide with other
+                 * systems booting up at the very same time. We do allow RDRAND however, since this is not
+                 * cryptographic key material. */
+                genuine_random_bytes(mac->ether_addr_octet, ETH_ALEN, RANDOM_ALLOW_RDRAND);
        } else {
                uint64_t result;