Bug 247790 - PIDs are no longer randomized after reaching pid_max
Summary: PIDs are no longer randomized after reaching pid_max
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-05 20:30 UTC by kd-dev
Modified: 2020-07-09 02:15 UTC (History)
1 user (show)

See Also:

Attachments
Wrap `trypid' with a modulus. (366 bytes, patch)
2020-07-05 20:30 UTC, kd-dev 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description kd-dev 2020-07-05 20:30:37 UTC 
Created attachment 216234 [details]
Wrap `trypid' with a modulus.

Overview:

If `random' pushes `trypid' over the `max_pid' threshold then
`trypid' is reset to 2 and is no-longer randomized.

Steps to Reproduce:

# sysctl kern.randompid=10240 # Unreasonably large for a smaller test
# for x in `jot 100`; do
>       sh -c 'echo $$'
> done | awk '{print length}' | sort -n | uniq -c

Expected Results:

Longer PIDs are orders of magnitude more likely than smaller PIDs.

>   1 3
>   8 4
>  91 5

Actual Results:

Two-digit PIDs are far more likely than they should be.

>   5 2
>  10 4
>  85 5

Additional Information:

Only CURRENT is affected.

Patch:

The attached patch wraps `trypid' with a modulus rather than simply
setting it to 2.  I have successfully compiled the patch without
warnings, and am currently running the patched kernel.