iPXE currently seeds the random number generator using the system timer tick count. When large numbers of machines are booted simultaneously, multiple machines may end up choosing the same DHCP transaction ID (XID) value; this can cause problems. Fix by using the least significant (and hence most variable) bits of each network device's link-layer address to perturb the random number generator. This introduces some per-machine unique data into the random number generator's seed, and so reduces the chances of DHCP XID collisions. This does not affect the ANS X9.82-compatible random bit generator used by TLS and other cryptography code, which uses an entirely separate source of entropy. Originally-implemented-by: Bernhard Kohl <bernhard.kohl@nsn.com> Signed-off-by: Michael Brown <mcb30@ipxe.org>tags/v1.20.1
|
|
||
442 |
|
442 |
|
443 |
|
443 |
|
444 |
|
444 |
|
|
445 |
|
|
445 |
|
446 |
|
|
447 |
|
|
446 |
|
448 |
|
447 |
|
449 |
|
448 |
|
450 |
|
|
|
||
453 |
|
455 |
|
454 |
|
456 |
|
455 |
|
457 |
|
456 |
|
|
|
457 |
|
|
|
|
458 |
|
|
458 |
|
459 |
|
459 |
|
460 |
|
|
461 |
|
|
|
462 |
|
|
|
463 |
|
|
|
464 |
|
|
|
465 |
|
|
|
466 |
|
|
|
467 |
|
|
|
468 |
|
|
460 |
|
469 |
|
461 |
|
470 |
|
462 |
|
471 |
|