Host: move Rng from C to Rust

sporksmith · sporksmith · commit 713627b4103d · 2022-11-01T20:56:22.000-05:00
This allows us to remove the previously unsound api Host::random, which
returned a mutable reference from an immutable reference without using
interior mutability.

After this change we no longer need the Random C APIs, so those are
removed.
diff --git a/src/main/build.rs b/src/main/build.rs
@@ -206,7 +206,6 @@ fn run_bindgen(build_common: &ShadowBuildCommon) {
         .opaque_type("Logger")
         .opaque_type("DescriptorTable")
         .opaque_type("MemoryManager")
-        .opaque_type("Random")
         .opaque_type("TaskRef")
         .opaque_type("GList")
         .blocklist_type("Host")
@@ -241,7 +240,6 @@ fn run_bindgen(build_common: &ShadowBuildCommon) {
         .raw_line("use crate::host::syscall::handler::SyscallHandler;")
         .raw_line("use crate::host::timer::Timer;")
         .raw_line("use crate::utility::counter::Counter;")
-        .raw_line("use crate::utility::random::Random;")
 
         .raw_line("use atomic_refcell::AtomicRefCell;")
         .raw_line("use logger::Logger;")
diff --git a/src/main/core/worker.c b/src/main/core/worker.c
@@ -73,8 +73,7 @@ void worker_sendPacket(const Host* srcHost, Packet* packet) {
     /* check if network reliability forces us to 'drop' the packet */
     gdouble reliability = worker_getReliability(srcIP, dstIP);
 
-    Random* random = host_getRandom(srcHost);
-    gdouble chance = random_nextDouble(random);
+    gdouble chance = host_rngDouble(srcHost);
 
     /* don't drop control packets with length 0, otherwise congestion
      * control has problems responding to packet loss */
diff --git a/src/main/host/descriptor/regular_file.c b/src/main/host/descriptor/regular_file.c
@@ -318,8 +318,7 @@ static void _regularfile_readRandomBytes(RegularFile* file, const Host* host, vo
     trace("RegularFile %p will read %zu bytes from random source for host %s", file, numBytes,
           host_getName(host));
 
-    Random* rng = host_getRandom(host);
-    random_nextNBytes(rng, buf, numBytes);
+    host_rngNextNBytes(host, buf, numBytes);
 }
 
 static size_t _regularfile_readvRandomBytes(RegularFile* file, const Host* host,
diff --git a/src/main/host/host.c b/src/main/host/host.c
@@ -84,9 +84,6 @@ struct _HostCInternal {
     /* Lock protecting parts of shimSharedMemBlock. */
     ShimShmemHostLock* shimShmemHostLock;
 
-    /* random stream */
-    Random* random;
-
 #ifdef USE_PERF_TIMERS
     /* track the time spent executing this host */
     GTimer* executionTimer;
@@ -190,7 +187,6 @@ void hostc_setup(HostCInternal* host, DNS* dns, gulong rawCPUFreq, const gchar*
         g_mkdir_with_parents(host->dataDirPath, 0775);
     }
 
-    host->random = random_new(host->params.nodeSeed);
     host->cpu = cpu_new(host->params.cpuFrequency, rawCPUFreq, host->params.cpuThreshold,
                         host->params.cpuPrecision);
 
@@ -295,10 +291,6 @@ void hostc_shutdown(HostCInternal* host) {
         tracker_free(host->tracker);
     }
 
-    if(host->random) {
-        random_free(host->random);
-    }
-
     if(host->params.pcapDir) g_free((gchar*)host->params.pcapDir);
 
     if(host->dataDirPath) {
@@ -459,11 +451,6 @@ in_addr_t hostc_getDefaultIP(HostCInternal* host) {
     return address_toNetworkIP(host->defaultAddress);
 }
 
-Random* hostc_getRandom(HostCInternal* host) {
-    MAGIC_ASSERT(host);
-    return host->random;
-}
-
 gboolean hostc_autotuneReceiveBuffer(HostCInternal* host) {
     MAGIC_ASSERT(host);
     return host->params.autotuneRecvBuf;
@@ -596,8 +583,9 @@ in_port_t _hostc_incrementPort(in_port_t port, in_port_t port_on_overflow) {
     return htons(val);
 }
 
-static in_port_t _hostc_getRandomPort(HostCInternal* host) {
-    gdouble randomFraction = random_nextDouble(host->random);
+static in_port_t _hostc_getRandomPort(const Host* rhost) {
+    HostCInternal* host = host_internal(rhost);
+    gdouble randomFraction = host_rngDouble(rhost);
     gdouble numPotentialPorts = (gdouble)(UINT16_MAX - MIN_RANDOM_PORT);
 
     gdouble randomPick = round(randomFraction * numPotentialPorts);
@@ -610,8 +598,9 @@ static in_port_t _hostc_getRandomPort(HostCInternal* host) {
     return htons(randomHostPort);
 }
 
-in_port_t hostc_getRandomFreePort(HostCInternal* host, ProtocolType type, in_addr_t interfaceIP,
+in_port_t hostc_getRandomFreePort(const Host* rhost, ProtocolType type, in_addr_t interfaceIP,
                                   in_addr_t peerIP, in_port_t peerPort) {
+    HostCInternal* host = host_internal(rhost);
     MAGIC_ASSERT(host);
 
     /* we need a random port that is free everywhere we need it to be.
@@ -622,7 +611,7 @@ in_port_t hostc_getRandomFreePort(HostCInternal* host, ProtocolType type, in_add
     /* if choosing randomly doesn't succeed within 10 tries, then we have already
      * allocated a lot of ports (>90% on average). then we fall back to linear search. */
     for(guint i = 0; i < 10; i++) {
-        in_port_t randomPort = _hostc_getRandomPort(host);
+        in_port_t randomPort = _hostc_getRandomPort(rhost);
 
         /* this will check all interfaces in the case of INADDR_ANY */
         if (hostc_isInterfaceAvailable(host, type, interfaceIP, randomPort, peerIP, peerPort)) {
@@ -633,7 +622,7 @@ in_port_t hostc_getRandomFreePort(HostCInternal* host, ProtocolType type, in_add
     /* now if we tried too many times and still don't have a port, fall back
      * to a linear search to make sure we get a free port if we have one.
      * but start from a random port instead of the min. */
-    in_port_t start = _hostc_getRandomPort(host);
+    in_port_t start = _hostc_getRandomPort(rhost);
     in_port_t next = _hostc_incrementPort(start, htons(MIN_RANDOM_PORT));
     while(next != start) {
         /* this will check all interfaces in the case of INADDR_ANY */
diff --git a/src/main/host/host.h b/src/main/host/host.h
@@ -58,7 +58,6 @@ Tsc* hostc_getTsc(HostCInternal* host);
 const gchar* hostc_getName(HostCInternal* host);
 Address* hostc_getDefaultAddress(HostCInternal* host);
 in_addr_t hostc_getDefaultIP(HostCInternal* host);
-Random* hostc_getRandom(HostCInternal* host);
 gdouble hostc_getNextPacketPriority(HostCInternal* host);
 
 gboolean hostc_autotuneReceiveBuffer(HostCInternal* host);
@@ -83,7 +82,7 @@ gboolean hostc_isInterfaceAvailable(HostCInternal* host, ProtocolType type, in_a
 void hostc_associateInterface(HostCInternal* host, const CompatSocket* socket,
                               in_addr_t bindAddress);
 void hostc_disassociateInterface(HostCInternal* host, const CompatSocket* socket);
-in_port_t hostc_getRandomFreePort(HostCInternal* host, ProtocolType type, in_addr_t interfaceIP,
+in_port_t hostc_getRandomFreePort(const Host* host, ProtocolType type, in_addr_t interfaceIP,
                                   in_addr_t peerIP, in_port_t peerPort);
 
 Arc_AtomicRefCell_AbstractUnixNamespace* hostc_getAbstractUnixNamespace(HostCInternal* host);
diff --git a/src/main/host/host.rs b/src/main/host/host.rs
@@ -1,5 +1,8 @@
 use log::trace;
 use once_cell::unsync::OnceCell;
+use rand::SeedableRng;
+use rand_xoshiro::Xoshiro256PlusPlus;
+use shadow_shim_helper_rs::rootedcell::refcell::RootedRefCell;
 use shadow_shim_helper_rs::rootedcell::Root;
 use std::net::IpAddr;
 use std::os::raw::c_char;
@@ -52,6 +55,8 @@ pub struct Host {
 
     event_queue: Arc<Mutex<EventQueue>>,
 
+    random: RootedRefCell<Xoshiro256PlusPlus>,
+
     params: cshadow::HostParameters,
 }
 
@@ -78,12 +83,17 @@ impl Host {
         // TODO: remove params from HostCInternal.
         let chost = unsafe { cshadow::hostc_new(&params) };
         let root = Root::new();
+        let random = RootedRefCell::new(
+            &root,
+            Xoshiro256PlusPlus::seed_from_u64(params.nodeSeed as u64),
+        );
         Self {
             chost: unsafe { SyncSendPointer::new(chost) },
             info: OnceCell::new(),
             root,
             event_queue: Arc::new(Mutex::new(EventQueue::new())),
             params,
+            random,
         }
     }
 
@@ -161,10 +171,9 @@ impl Host {
         crate::core::logger::log_wrapper::c_to_rust_log_level(level).map(|l| l.to_level_filter())
     }
 
-    pub fn random(&self) -> &mut impl rand::Rng {
-        let ptr = unsafe { cshadow::hostc_getRandom(self.chost()) };
-        let random = unsafe { ptr.as_mut() }.unwrap();
-        &mut random.0
+    pub fn with_random_mut<Res>(&self, f: impl FnOnce(&mut Xoshiro256PlusPlus) -> Res) -> Res {
+        let mut rng = self.random.borrow_mut(&self.root);
+        f(&mut *rng)
     }
 
     pub fn get_new_event_id(&self) -> u64 {
@@ -292,11 +301,11 @@ mod export {
     use std::os::raw::c_char;
 
     use libc::{in_addr_t, in_port_t};
+    use rand::{Rng, RngCore};
 
     use crate::{
         cshadow::{CEmulatedTime, CSimulationTime, HostCInternal},
         network::router::Router,
-        utility::random::Random,
     };
 
     use super::*;
@@ -368,12 +377,6 @@ mod export {
         unsafe { cshadow::hostc_getDefaultIP(hostrc.chost()) }
     }
 
-    #[no_mangle]
-    pub unsafe extern "C" fn host_getRandom(hostrc: *const Host) -> *mut Random {
-        let hostrc = unsafe { hostrc.as_ref().unwrap() };
-        unsafe { cshadow::hostc_getRandom(hostrc.chost()) }
-    }
-
     #[no_mangle]
     pub unsafe extern "C" fn host_getNextPacketPriority(hostrc: *const Host) -> f64 {
         let hostrc = unsafe { hostrc.as_ref().unwrap() };
@@ -510,7 +513,7 @@ mod export {
         let hostrc = unsafe { hostrc.as_ref().unwrap() };
         unsafe {
             cshadow::hostc_getRandomFreePort(
-                hostrc.chost(),
+                hostrc,
                 protocol_type,
                 interface_ip,
                 peer_ip,
@@ -642,6 +645,22 @@ mod export {
         hostrc.schedule_task_with_delay(task, delay)
     }
 
+    #[no_mangle]
+    pub unsafe extern "C" fn host_rngDouble(host: *const Host) -> f64 {
+        let host = unsafe { host.as_ref().unwrap() };
+        host.with_random_mut(|rng| rng.gen())
+    }
+
+    /// Fills the buffer with pseudo-random bytes.
+    #[no_mangle]
+    pub extern "C" fn host_rngNextNBytes(host: *const Host, buf: *mut u8, len: usize) {
+        let host = unsafe { host.as_ref().unwrap() };
+        host.with_random_mut(|rng| {
+            let buf = unsafe { std::slice::from_raw_parts_mut(buf, len) };
+            rng.fill_bytes(buf);
+        })
+    }
+
     /// Should only be used from host.c
     #[no_mangle]
     pub unsafe extern "C" fn host_internal(hostrc: *const Host) -> *mut HostCInternal {
diff --git a/src/main/host/syscall/handler/random.rs b/src/main/host/syscall/handler/random.rs
@@ -31,7 +31,7 @@ impl SyscallHandler {
         };
 
         // Get random bytes using host rng to maintain determinism.
-        ctx.host.random().fill_bytes(&mut mem_ref);
+        ctx.host.with_random_mut(|rng| rng.fill_bytes(&mut mem_ref));
 
         // We must flush the memory reference to write it back.
         match mem_ref.flush() {
diff --git a/src/main/host/syscall/handler/socket.rs b/src/main/host/syscall/handler/socket.rs
@@ -126,7 +126,8 @@ impl SyscallHandler {
 
         debug!("Attempting to bind fd {} to {:?}", fd, addr);
 
-        Socket::bind(socket, addr.as_ref(), ctx.host.random())
+        ctx.host
+            .with_random_mut(|rng| Socket::bind(socket, addr.as_ref(), rng))
     }
 
     #[log_syscall(/* rv */ libc::ssize_t, /* sockfd */ libc::c_int, /* buf */ *const libc::c_char,
diff --git a/src/main/utility/mod.rs b/src/main/utility/mod.rs
@@ -15,7 +15,6 @@ pub mod pcap_writer;
 pub mod perf_timer;
 pub mod pod;
 pub mod proc_maps;
-pub mod random;
 pub mod shm_cleanup;
 pub mod status_bar;
 pub mod stream_len;
diff --git a/src/main/utility/random.rs b/src/main/utility/random.rs

Original file line number	Diff line number	Diff line change
`@@ -318,8 +318,7 @@ static void _regularfile_readRandomBytes(RegularFile* file, const Host* host, vo`
`318`	`318`	`trace("RegularFile %p will read %zu bytes from random source for host %s", file, numBytes,`
`319`	`319`	`host_getName(host));`
`320`	`320`
`321`		`- Random* rng = host_getRandom(host);`
`322`		`- random_nextNBytes(rng, buf, numBytes);`
	`321`	`+ host_rngNextNBytes(host, buf, numBytes);`
`323`	`322`	`}`
`324`	`323`
`325`	`324`	`static size_t _regularfile_readvRandomBytes(RegularFile* file, const Host* host,`
Original file line number	Diff line number	Diff line change
`@@ -126,7 +126,8 @@ impl SyscallHandler {`
`126`	`126`
`127`	`127`	`debug!("Attempting to bind fd {} to {:?}", fd, addr);`
`128`	`128`
`129`		`- Socket::bind(socket, addr.as_ref(), ctx.host.random())`
	`129`	`+ ctx.host`
	`130`	`+ .with_random_mut(\|rng\| Socket::bind(socket, addr.as_ref(), rng))`
`130`	`131`	`}`
`131`	`132`
`132`	`133`	`#[log_syscall(/* rv / libc::ssize_t, / sockfd / libc::c_int, / buf / const libc::c_char,`