13ded69484
Summary: Env::GenerateUniqueId() works fine on Windows and on POSIX where /proc/sys/kernel/random/uuid exists. Our other implementation is flawed and easily produces collision in a new multi-threaded test. As we rely more heavily on DB session ID uniqueness, this becomes a serious issue. This change combines several individually suitable entropy sources for reliable generation of random unique IDs, with goal of uniqueness and portability, not cryptographic strength nor maximum speed. Specifically: * Moves code for getting UUIDs from the OS to port::GenerateRfcUuid rather than in Env implementation details. Callers are now told whether the operation fails or succeeds. * Adds an internal API GenerateRawUniqueId for generating high-quality 128-bit unique identifiers, by combining entropy from three "tracks": * Lots of info from default Env like time, process id, and hostname. * std::random_device * port::GenerateRfcUuid (when working) * Built-in implementations of Env::GenerateUniqueId() will now always produce an RFC 4122 UUID string, either from platform-specific API or by converting the output of GenerateRawUniqueId. DB session IDs now use GenerateRawUniqueId while DB IDs (not as critical) try to use port::GenerateRfcUuid but fall back on GenerateRawUniqueId with conversion to an RFC 4122 UUID. GenerateRawUniqueId is declared and defined under env/ rather than util/ or even port/ because of the Env dependency. Likely follow-up: enhance GenerateRawUniqueId to be faster after the first call and to guarantee uniqueness within the lifetime of a single process (imparting the same property onto DB session IDs). Pull Request resolved: https://github.com/facebook/rocksdb/pull/8708 Test Plan: A new mini-stress test in env_test checks the various public and internal APIs for uniqueness, including each track of GenerateRawUniqueId individually. We can't hope to verify anywhere close to 128 bits of entropy, but it can at least detect flaws as bad as the old code. Serial execution of the new tests takes about 350 ms on my machine. Reviewed By: zhichao-cao, mrambacher Differential Revision: D30563780 Pulled By: pdillinger fbshipit-source-id: de4c9ff4b2f581cf784fcedb5f39f16e5185c364
41 lines
1.5 KiB
C++
41 lines
1.5 KiB
C++
// Copyright (c) Facebook, Inc. and its affiliates. All Rights Reserved.
|
|
// This source code is licensed under both the GPLv2 (found in the
|
|
// COPYING file in the root directory) and Apache 2.0 License
|
|
// (found in the LICENSE.Apache file in the root directory).
|
|
|
|
// This file is for functions that extract novel entropy or sources of
|
|
// uniqueness from the execution environment. (By contrast, random.h is
|
|
// for algorithmic pseudorandomness.)
|
|
//
|
|
// These functions could eventually migrate to public APIs, such as in Env.
|
|
|
|
#pragma once
|
|
|
|
#include <cstdint>
|
|
|
|
#include "rocksdb/rocksdb_namespace.h"
|
|
|
|
namespace ROCKSDB_NAMESPACE {
|
|
|
|
// Generates a new 128-bit identifier that is universally unique
|
|
// (with high probability) for each call. The result is split into
|
|
// two 64-bit pieces. This function has NOT been validated for use in
|
|
// cryptography.
|
|
//
|
|
// This is used in generating DB session IDs and by Env::GenerateUniqueId
|
|
// (used for DB IDENTITY) if the platform does not provide a generator of
|
|
// RFC 4122 UUIDs or fails somehow. (Set exclude_port_uuid=true if this
|
|
// function is used as a fallback for GenerateRfcUuid, because no need
|
|
// trying it again.)
|
|
void GenerateRawUniqueId(uint64_t* a, uint64_t* b,
|
|
bool exclude_port_uuid = false);
|
|
|
|
#ifndef NDEBUG
|
|
// A version of above with options for challenge testing
|
|
void TEST_GenerateRawUniqueId(uint64_t* a, uint64_t* b, bool exclude_port_uuid,
|
|
bool exclude_env_details,
|
|
bool exclude_random_device);
|
|
#endif
|
|
|
|
} // namespace ROCKSDB_NAMESPACE
|