New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(mme): Replace insecure rand() with getrandom() for TMSI generation #15411
base: master
Are you sure you want to change the base?
fix(mme): Replace insecure rand() with getrandom() for TMSI generation #15411
Conversation
Thanks for opening a PR! 💯
Howto
More infoPlease take a moment to read through the Magma project's
If this is your first Magma PR, also consider reading
|
✔️ The Semantic PR check ended with status success. See instructions on formatting your commit and pull request titles. |
Oops! Looks like you failed the Howto
♻️ Updated: ❌ The check is still failing the PR Check DCO after the last commit. |
// note srand with seed is initialized at main | ||
return (tmsi_t)rand(); | ||
tmsi_t tmsi = (tmsi_t) 0; | ||
if (getrandom((void*) &tmsi, sizeof(tmsi_t), 0) != sizeof(tmsi_t) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[cpplint] reported by reviewdog 🐶
Using C-style cast. Use reinterpret_cast<void*>(...) instead [readability/casting] [4]
return (tmsi_t)rand(); | ||
tmsi_t tmsi = (tmsi_t) 0; | ||
if (getrandom((void*) &tmsi, sizeof(tmsi_t), 0) != sizeof(tmsi_t) { | ||
tmsi = (tmsi_t) rand(); // Fallback in case of fundamental system error |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[cpplint] reported by reviewdog 🐶
At least two spaces is best between code and comments [whitespace/comments] [2]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes are fine. Please fix the issue reported in build-container job.
Let's discuss the fallback to rand() on line 414. Can an attacker force one of these error conditions?
|
9cd2b3e
to
44dc21a
Compare
// note srand with seed is initialized at main | ||
return (tmsi_t)rand(); | ||
tmsi_t tmsi = (tmsi_t)0; | ||
if (getrandom((void*) &tmsi, sizeof(tmsi_t), 0) != sizeof(tmsi_t)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[cpplint] reported by reviewdog 🐶
Using C-style cast. Use reinterpret_cast<void*>(...) instead [readability/casting] [4]
44dc21a
to
046bc35
Compare
// note srand with seed is initialized at main | ||
return (tmsi_t)rand(); | ||
tmsi_t tmsi = (tmsi_t)0; | ||
if (getrandom((void*)&tmsi, sizeof(tmsi_t), 0) != sizeof(tmsi_t)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[cpplint] reported by reviewdog 🐶
Using C-style cast. Use reinterpret_cast<void*>(...) instead [readability/casting] [4]
Hi @jorgevargasmor please sync git commit --signoff -s -m "fix(mme): Replace insecure rand with getrandom for TMSI generation" |
Summary
This PR addresses the vulnerability related to predictable TMSI generation in Magma's Mobility Management Entity (MME). It replaces the current insecure method with a more robust approach, enhancing user privacy and security.
Test Plan
Validate the new TMSI generation method.
Security Considerations
The new TMSI generation method using
getrandom()
enhances security by providing unpredictable TMSI values, mitigating the risk of tracking user associations by adversaries.