diff options
author | Paul Holzinger <pholzing@redhat.com> | 2021-12-15 16:07:14 +0100 |
---|---|---|
committer | Paul Holzinger <pholzing@redhat.com> | 2021-12-16 15:35:11 +0100 |
commit | 459e7841473d7b6343d29091ba98b43afbb0aa6c (patch) | |
tree | 45a91181bf95ccc66e58d63aea5a91a833bc4c0d | |
parent | d1c91c128ea32dae3e9c56c657ea57dfed9f6ad4 (diff) | |
download | podman-459e7841473d7b6343d29091ba98b43afbb0aa6c.tar.gz podman-459e7841473d7b6343d29091ba98b43afbb0aa6c.tar.bz2 podman-459e7841473d7b6343d29091ba98b43afbb0aa6c.zip |
MovePauseProcessToScope do not seed everytime
Instead of using math/rand we can use crypto/rand which we do not have
to seed. crypto/rand uses getrandom(2)
Also instead of adding an int to the scope name we add a 4 byte hex
string.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
-rw-r--r-- | utils/utils.go | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/utils/utils.go b/utils/utils.go index 241e361cd..45cec2c5f 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -2,16 +2,15 @@ package utils import ( "bytes" + "crypto/rand" "fmt" "io" "io/ioutil" - "math/rand" "os" "os/exec" "strconv" "strings" "sync" - "time" "github.com/containers/common/pkg/cgroups" "github.com/containers/podman/v3/libpod/define" @@ -205,10 +204,14 @@ func moveProcessToScope(pidPath, slice, scope string) error { func MovePauseProcessToScope(pausePidPath string) { var err error - state := rand.New(rand.NewSource(time.Now().UnixNano())) for i := 0; i < 10; i++ { - r := state.Int() - err = moveProcessToScope(pausePidPath, "user.slice", fmt.Sprintf("podman-pause-%d.scope", r)) + randBytes := make([]byte, 4) + _, err = rand.Read(randBytes) + if err != nil { + logrus.Errorf("failed to read random bytes: %v", err) + continue + } + err = moveProcessToScope(pausePidPath, "user.slice", fmt.Sprintf("podman-pause-%x.scope", randBytes)) if err == nil { return } |