Pseudo-Random Stack Pointer Under Linux

Pseudo-random stack pointer under Linux?

Address space layout randomisation is used on several operating systems for precisely this reason. Your variation in stack pointer addresses may well be caused by this - very likely to be the case on recent versions of Linux and or *BSD. IIRC recent versions of Windows do this as well.

How to get bottom of user stack under multi threads on Linux

Your question isn't completely well-defined. Technically, a user may create a thread using pthread and then switch the new threads sp to another one. So the stack created by pthread_create isn't always the stack used by the process. Hell, the process may even munmap it...

You can, however, access the user's stack at a specific moment (e.g. syscall), in the following manner:

task_pt_regs(task)->sp

However, be sure to validate it, as it may not always be in userspace. The user has complete control over it.

Make Stack Pointer to a mmap returned pointer. (Linux, 32bit VM)

So the problem was actually that mmap grows at the opposite direction of the stack (which, sadly, I forgot). So to assign the pointer, I just had to assign (mmaped_stack+stack_size) instead of just the pointer.

How to generate a random int in C?


Note: Don't use rand() for security. If you need a cryptographically secure number, see this answer instead.

#include <time.h>
#include <stdlib.h>

srand(time(NULL));   // Initialization, should only be called once.
int r = rand();      // Returns a pseudo-random integer between 0 and RAND_MAX.

On Linux, you might prefer to use random and srandom.

pseudo random distribution which guarantees all possible permutations of value sequence - C++

Ok, I'm not sure if there is a general answer, so I would concentrate on random number generator having, say, 64bit internal state/seed, producing 64bit output and having 2^64-1 period. In particular, I would look at linear congruential generator (aka LCG) in the form of

next = (a * prev + c) mod m

where a and m are primes to each other

So:

1) Check

2) Check

3) Check (well, for 64bit space of course)

4) Check (again, except 0 I believe, but each and every permutation of 64bits is output of LCG starting with some seed)

5) Check. LCG is known to be reversible, i.e. one could get 

prev = (next - c) * a_inv mod m

where a_inv could be computed from a, m using Euclid's algorithm

Well, if it looks ok to you, you could try to implement LCG in your 15546bits space

UPDATE

And quick search shows reversible LCG discussion/code here

Reversible pseudo-random sequence generator

Pseudorandom number generator in C - seeding with time functions

Ahhh... I think I got it:

xv6 can't use the stdlib function calls. I'll have to create my own random function.

Any suggestions? Please link me... I know that there's something out there called "something"-twister that's supposed to be good.


Related Topics

Does Cron Expression in Unix/Linux Allow Specifying Exact Start and End Dates

What's the Practical Limit on the Size of Single Packet Transmitted Over Domain Socket

How to Get Time Since File Was Last Modified in Seconds with Bash

Makefile Command Substitution Problem

Can Ptrace Tell If an X86 System Call Used the 64-Bit or 32-Bit Abi

How to Create Virtual Environment for Python 3.7.0

Get Link Speed Programmatically

Capture Both Exit Status and Output from a System Call in R

Arm Inline Asm: Exit System Call with Value Read from Memory

Sort Files Numerically in Bash

Error While Using a Newer Version of Glibc

Can't Get Private Key with Openssl (No Start Line:Pem_Lib.C:703:Expecting: Any Private Key)

Why Is Crond Failing to Run a Non-Root Crontab on Alpine Linux

How to Specify Non-Capturing Groups in Sed

Can't Run Sonar Server Caused by Elasticsearch Cannot Running as Root

How to Install a Rpm Package and Its Dependencies Offline

How to Stop Ffmpeg Remotely

How to Return Exit Code 0 from a Failed Command


Leave a reply



Submit