64 Bit build altnerates zeroes and prng data

[rryder]

nwipe 0.16 when built for x86_64 on RHEL 6.5 wipes with repeated patterns of PRNG data alternated with zeroes, instead of all PRNG data as expected. When built for i686 it works as expected with all data being overwritten with PRNG data. This goes back to at least 0.14 I haven't tested earlier versions.

Run as: nwipe --autonuke -m prng --noblank --nowait --nogui /dev/sda /dev/sdb

nwipe x86_64: nwipe i686:

[xambroz]

Issue is the same with 0.17 on Fedora x86_64. Steps to reproduce the issue in test environment: 1) Create image file to wipe with a known pattern of data: dcfldd of=/tmp/test.img pattern=baadf00d bs=1M count=10

2) Add a loop device for the image file so we can nuke it

losetup -d /dev/loop0

losetup /dev/loop0 /tmp/test.img

3) check the pattern before nuking xxd /dev/loop0 hexdump -C /dev/loop

4) nuke it nwipe --autonuke -p mersenne --noblank --nogui --nowait /dev/loop0

5) see the pattern after nuking xxd /dev/loop0 hexdump -C /dev/loop

[xambroz]

I believe the source issue starts with the definition of u32 as unsigned long in nwipe.h. On 64bit platform this is 8 bytes long and not just 4 bytes as expected.

[xambroz]

Proposed patch:

As the size of random value delivered by twister_genrand_int32 is not derived from the size of the 
unsigned long on given platform, but it is always only 0x00000000 - 0xFFFFFFFF we need as special 
function to print it to a byte stream buffer byte by byte.
Issue reported upstream in : https://github.com/martijnvanbrummelen/nwipe/issues/7

diff -ru nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48/src/prng.c nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48.new/src/prng.c
--- nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48/src/prng.c   2014-10-19 21:49:22.000000000 +0200
+++ nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48.new/src/prng.c   2015-06-22 23:54:38.111837575 +0200
@@ -25,6 +25,7 @@
 #include "mt19937ar-cok.h"
 #include "isaac_rand.h"

+
 nwipe_prng_t nwipe_twister =
 {
    "Mersenne Twister (mt19937ar-cok)",
@@ -40,6 +41,25 @@
 };

+/* Print given number of bytes from unsigned integer number to a byte stream buffer starting with low-endian*/
+int nwipe_u32tobuffer(u8 *buffer, u32 rand, int len)
+{
+   int i;
+   u8 c;   //single char
+   if (len > sizeof(u32))
+   {
+       nwipe_log( NWIPE_LOG_FATAL, "Tried to print longer number than the value passed." );
+       len = sizeof(u32);
+   }
+
+   for (i=0 ; i < len; i++)
+   {
+       c=rand & 0xFFUL;
+       rand = rand >> 8;
+       buffer[i]=c;
+   }
+   return 0;
+}

 int nwipe_twister_init( NWIPE_PRNG_INIT_SIGNATURE )
 {
@@ -54,23 +74,23 @@

 int nwipe_twister_read( NWIPE_PRNG_READ_SIGNATURE )
 {
+   u32 i=0;
    u32 ii;
-   u32 words = count / sizeof( u32 );
-   u32 remain = count % sizeof( u32 );
+   u32 words = count / SIZE_OF_TWISTER ;  // the values of twister_genrand_int32 is strictly 4 bytes
+   u32 remain = count % SIZE_OF_TWISTER ; // the values of twister_genrand_int32 is strictly 4 bytes

-   /* Twister returns 4-bytes per call, so cast the buffer into words. */
+   /* Twister returns 4-bytes per call, so progress by 4 bytes. */
    for( ii = 0; ii < words; ++ii )
    {
-       ((u32*)buffer)[ii] = twister_genrand_int32( (twister_state_t*)*state );
+       nwipe_u32tobuffer((u8*)(buffer+i), twister_genrand_int32( (twister_state_t*)*state ), SIZE_OF_TWISTER) ;
+       i = i + SIZE_OF_TWISTER;
    }

-   /* Fill the buffer tail if the count is not evenly divided by the size of u32. */
-   for( ii = 1; ii <= remain; ++ii )
+   /* If there is some remainder copy only relevant number of bytes to not overflow the buffer. */
+   if ( remain > 0 )
    {
-       /* Notice how three bytes are discarded by doing this. */
-       ((u8*)buffer)[count-ii] = twister_genrand_int32( (twister_state_t*)*state );
+       nwipe_u32tobuffer((u8*)(buffer+i), twister_genrand_int32( (twister_state_t*)*state ), remain) ;
    }
-    
    return 0;
 }

diff -ru nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48/src/prng.h nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48.new/src/prng.h
--- nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48/src/prng.h   2014-10-19 21:49:22.000000000 +0200
+++ nwipe-8a9a71822148cb9c82d971030dafd8d374fd1f48.new/src/prng.h   2015-06-22 23:43:46.578397378 +0200
@@ -51,6 +51,10 @@
 int nwipe_isaac_init( NWIPE_PRNG_INIT_SIGNATURE );
 int nwipe_isaac_read( NWIPE_PRNG_READ_SIGNATURE );

+/* Size of the twister is not derived from the architecture, but it is strictly 4 bytes */
+#define SIZE_OF_TWISTER 4
+
+
 #endif /* PRNG_H_ */

 /* eof */

[martijnvanbrummelen]

Thanks for the patch. I need to setup a test environment and do some testing/reviewing.

[xambroz]

Ping?

[martijnvanbrummelen]

Pong I was busy with other stuff. But I am starting to get some more spare time in a bit. Sorry for the delay.

[xambroz]

I have seen that the new release 0.18 is still having this bug - please can you consider patching that?

[martijnvanbrummelen]

Yes its up for the 0.19 release . Can you confirm this patch fixed the problem?

[xambroz]

Yes this patch fixed the problem in 0.17. The 0.18 fails to build for me on the 64bit hosts so I do not know how is that with version 0.18.

[martijnvanbrummelen]

What host are you tring to build it on? And do you have some log files?

[xambroz]

build fail on 64bit - https://github.com/martijnvanbrummelen/nwipe/issues/19 It seems to be related to recent change of the types, not related to the patch for the mersene twister prng.

[xambroz]

Yes I can confirm the patch still works on the 0.18. This is the test-case:

$ dd if=/dev/urandom of=testfile bs=1M count=1
$ sudo losetup /dev/loop0 testfile 
$ sudo xxd /dev/loop0 |head
00000000: 012b 6cbe 94fe ba95 c7c7 d3dc 727f ef06  .+l.........r...
00000010: a5e7 5338 1fec 2961 b6d0 0e64 a1b0 9dd5  ..S8..)a...d....
00000020: 6802 0ea3 00d8 4b41 767d bb98 7750 5b99  h.....KAv}..wP[.
00000030: 862e cd99 d65b aa64 cf9a c09b 1746 f628  .....[.d.....F.(
00000040: b8ed 2d18 a15f 1082 d90a be32 e08c 88e9  ..-.._.....2....
00000050: 974d 470e c781 a7c1 4e5b d649 6e41 c36d  .MG.....N[.InA.m
00000060: 2e38 6066 818d a422 418f 9062 283b 0a1c  .8`f..."A..b(;..
00000070: bbf6 9342 2c81 313f e31f fdad 321b 5d61  ...B,.1?....2.]a
00000080: fcd6 c495 0e88 81f9 6b46 ff30 2417 9ad9  ........kF.0$...
00000090: b3fd a898 ff5b d067 972b 6759 c9be 553b  .....[.g.+gY..U;

$ sudo nwipe --autonuke -p mersenne --noblank --nogui --nowait /dev/loop0
[2016/08/03 15:04:52] nwipe: notice: Opened entropy source '/dev/urandom'.
[2016/08/03 15:04:52] nwipe: info: Device '/dev/loop0' has sector size 512.
[2016/08/03 15:04:52] nwipe: warning: Changing '/dev/loop0' block size from 4096 to 512.
[2016/08/03 15:04:52] nwipe: info: Device '/dev/loop0' is size 1048576.
[2016/08/03 15:04:52] nwipe: notice: Invoking method 'DoD Short' on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Starting round 1 of 1 on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Starting pass 1 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: 1048576 bytes written to device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Finished pass 1 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Starting pass 2 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: 1048576 bytes written to device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Finished pass 2 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Starting pass 3 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: 1048576 bytes written to device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Finished pass 3 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Finished round 1 of 1 on device '/dev/loop0'.
[2016/08/03 15:04:52] nwipe: notice: Nwipe exited.

$ sudo xxd /dev/loop0 |head
00000000: 1eee b559 ef43 bf12 b1db 2d74 dd3f 0621  ...Y.C....-t.?.!
00000010: 5c6e bf8a f0d7 5532 d350 7192 5dc6 294b  \n....U2.Pq.].)K
00000020: f02d b37b 1885 9161 3b53 85c3 f291 620e  .-.{...a;S....b.
00000030: 99ff c467 38cb f385 95b0 1bea ff8b 7f21  ...g8..........!
00000040: 3b16 6d1c b06c 6097 ebf0 afa2 9959 580e  ;.m..l`......YX.
00000050: 320d e0ca aa5b 54df 5a95 aec8 540c 3fe9  2....[T.Z...T.?.
00000060: a9bc 0659 fb68 5acf 65e7 9a60 1c26 0e83  ...Y.hZ.e..`.&..
00000070: 603a b556 0581 2213 cb99 5307 ce79 9387  `:.V.."...S..y..
00000080: f7cd 73d1 dea5 24da 0f7d 8915 6f31 9344  ..s...$..}..o1.D
00000090: ba83 1ce1 529d 0539 a66d c31b 6ffe 84d1  ....R..9.m..o...

[martijnvanbrummelen]

See if version 0.19 works for you.

[xambroz]

0.19 seems to work fine with the PRNG and builds well on fedora <= 23 Just one minor issue - nwipe version was not bumped so "nwipe -V" still reports 0.18

$ dd if=/dev/urandom of=testimage bs=1M count=1
1+0 records in
1+0 records out
1048576 bytes (1.0 MB) copied, 0.0907045 s, 11.6 MB/s
[mambroz@czchown5018619:~/rpmbuild/SPECS] 2016-08-04 00:26:22 +0200
$ sudo losetup /dev/loop0 testimage 
$ sudo xxd /dev/loop0 |head
00000000: 6e83 9e64 0c20 cec2 1cdf 47b7 e3e0 69e1  n..d. ....G...i.
00000010: b12f 0cd3 c26a fc3a ff5e 91dc 54d8 a42e  ./...j.:.^..T...
00000020: 794d eabf 1af8 eee1 a90e 304a 530d 6455  yM........0JS.dU
00000030: 3197 dc63 ea59 7056 73fb 3f04 35d5 3939  1..c.YpVs.?.5.99
00000040: 67bf b3a9 22bc 572c a24d e1e1 03dc 4357  g...".W,.M....CW
00000050: 03cb bcb6 adab 2f88 7b8d 16a1 8076 e4d4  ....../.{....v..
00000060: cbe1 b387 8c33 a8ad 5830 e261 6c6a e874  .....3..X0.alj.t
00000070: 0914 d2ce 3644 f341 2d20 1dc1 a5f0 141f  ....6D.A- ......
00000080: c588 48a6 6e2f a070 81b4 9ee6 19e6 4538  ..H.n/.p......E8
00000090: a6aa ca74 5755 0cce 5db0 13d3 8054 562a  ...tWU..]....TV*

$ sudo nwipe --autonuke -p mersenne --noblank --nogui --nowait /dev/loop0
[2016/08/03 22:27:42] nwipe: notice: Opened entropy source '/dev/urandom'.
[2016/08/03 22:27:42] nwipe: info: Device '/dev/loop0' has sector size 512.
[2016/08/03 22:27:42] nwipe: warning: Changing '/dev/loop0' block size from 4096 to 512.
[2016/08/03 22:27:42] nwipe: info: Device '/dev/loop0' is size 1048576.
[2016/08/03 22:27:42] nwipe: notice: Invoking method 'DoD Short' on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Starting round 1 of 1 on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Starting pass 1 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: 1048576 bytes written to device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Finished pass 1 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Starting pass 2 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: 1048576 bytes written to device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Finished pass 2 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Starting pass 3 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: 1048576 bytes written to device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Finished pass 3 of 3, round 1 of 1, on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Finished round 1 of 1 on device '/dev/loop0'.
[2016/08/03 22:27:42] nwipe: notice: Nwipe exited.

$ sudo xxd /dev/loop0 |head
00000000: 508c d369 4695 9f86 4bf9 5ab2 2f61 96a7  P..iF...K.Z./a..
00000010: 61a8 23a7 06be 957f 9b3b de53 a68f 3b44  a.#......;.S..;D
00000020: 9cb1 28b7 37f8 248d 0dd7 f06b 0060 4d97  ..(.7.$....k.`M.
00000030: 8fea c22a ce20 cb89 7a77 0180 0e6e 31ae  ...*. ..zw...n1.
00000040: ecaf 4f7f 6b56 0c4d 94d0 2bb8 055b 423a  ..O.kV.M..+..[B:
00000050: d3e7 2828 fc46 d7f6 e409 5d17 4015 89ac  ..((.F....].@...
00000060: 8cca acdb d693 492f 45ec 64b0 d678 a52d  ......I/E.d..x.-
00000070: 293a 6a64 79cf 8301 4895 9d01 ace6 9310  ):jdy...H.......
00000080: 86d7 843f cf92 ea28 3814 7443 545e da8a  ...?...(8.tCT^..
00000090: c831 0a35 b3d4 1a24 f3c4 3cfb 3923 03db  .1.5...$..<.9#..

[martijnvanbrummelen]

Fixed.

[xambroz]

Thank you.