| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 07 Oct 2022 22:34:47 +0200
From: Rolf Eike Beer <eike-kernel@...tec.de>
To: linux-kernel@...r.kernel.org, patches@...ts.linux.dev,
Jason@...c4.com, andreas.noever@...il.com,
akpm@...ux-foundation.org, andriy.shevchenko@...ux.intel.com,
bp@...en8.de, catalin.marinas@....com,
christoph.boehmwalder@...bit.com, hch@....de,
christophe.leroy@...roup.eu, daniel@...earbox.net,
airlied@...hat.com, dave.hansen@...ux.intel.com,
davem@...emloft.net, edumazet@...gle.com, fw@...len.de,
gregkh@...uxfoundation.org, hpa@...or.com, hca@...ux.ibm.com,
deller@....de, herbert@...dor.apana.org.au, chenhuacai@...nel.org,
hughd@...gle.com, kuba@...nel.org, jejb@...ux.ibm.com,
jack@...e.com, jgg@...pe.ca, axboe@...nel.dk,
johannes@...solutions.net, corbet@....net, kadlec@...filter.org,
kpsingh@...nel.org, keescook@...omium.org, elver@...gle.com,
mchehab@...nel.org, mpe@...erman.id.au, pablo@...filter.org,
pabeni@...hat.com, peterz@...radead.org, richard@....at,
linux@...linux.org.uk
Cc: tytso@....edu, tsbogend@...ha.franken.de, tglx@...utronix.de,
tgraf@...g.ch, ulf.hansson@...aro.org, vigneshr@...com,
kernel@...0n.name, will@...nel.org, yury.norov@...il.com,
dri-devel@...ts.freedesktop.org, kasan-dev@...glegroups.com,
kernel-janitors@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org, linux-block@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-doc@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-media@...r.kernel.org,
linux-mips@...r.kernel.org, linux-mm@...ck.org,
linux-mmc@...r.kernel.org, linux-mtd@...ts.infradead.org,
linux-nvme@...ts.infradead.org, linux-parisc@...r.kernel.org,
linux-rdma@...r.kernel.org, linux-s390@...r.kernel.org,
linux-um@...ts.infradead.org, linux-usb@...r.kernel.org,
linux-wireless@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
loongarch@...ts.linux.dev, netdev@...r.kernel.org,
sparclinux@...r.kernel.org, x86@...nel.org, toke@...e.dk,
chuck.lever@...cle.com, jack@...e.cz,
mika.westerberg@...ux.intel.com
Subject: Re: [PATCH v4 4/6] treewide: use get_random_u32() when possible
> diff --git a/arch/parisc/kernel/process.c b/arch/parisc/kernel/process.c
> index 7c37e09c92da..18c4f0e3e906 100644
> --- a/arch/parisc/kernel/process.c
> +++ b/arch/parisc/kernel/process.c
> @@ -288,7 +288,7 @@ __get_wchan(struct task_struct *p)
>
> static inline unsigned long brk_rnd(void)
> {
> - return (get_random_int() & BRK_RND_MASK) << PAGE_SHIFT;
> + return (get_random_u32() & BRK_RND_MASK) << PAGE_SHIFT;
> }
Can't this be
prandom_u32_max(BRK_RND_MASK + 1) << PAGE_SHIFT
? More similar code with other masks follows below.
> diff --git a/drivers/gpu/drm/i915/i915_gem_gtt.c
> b/drivers/gpu/drm/i915/i915_gem_gtt.c index 329ff75b80b9..7bd1861ddbdf
> 100644
> --- a/drivers/gpu/drm/i915/i915_gem_gtt.c
> +++ b/drivers/gpu/drm/i915/i915_gem_gtt.c
> @@ -137,12 +137,12 @@ static u64 random_offset(u64 start, u64 end, u64 len,
> u64 align) range = round_down(end - len, align) - round_up(start, align);
> if (range) {
> if (sizeof(unsigned long) == sizeof(u64)) {
> - addr = get_random_long();
> + addr = get_random_u64();
> } else {
> - addr = get_random_int();
> + addr = get_random_u32();
> if (range > U32_MAX) {
> addr <<= 32;
> - addr |= get_random_int();
> + addr |= get_random_u32();
> }
> }
> div64_u64_rem(addr, range, &addr);
How about
if (sizeof(unsigned long) == sizeof(u64) || range >
U32_MAX)
addr = get_random_u64();
else
addr = get_random_u32();
> diff --git a/drivers/infiniband/hw/cxgb4/cm.c
> b/drivers/infiniband/hw/cxgb4/cm.c index 14392c942f49..499a425a3379 100644
> --- a/drivers/infiniband/hw/cxgb4/cm.c
> +++ b/drivers/infiniband/hw/cxgb4/cm.c
> @@ -734,7 +734,7 @@ static int send_connect(struct c4iw_ep *ep)
> &ep->com.remote_addr;
> int ret;
> enum chip_type adapter_type = ep->com.dev->rdev.lldi.adapter_type;
> - u32 isn = (prandom_u32() & ~7UL) - 1;
> + u32 isn = (get_random_u32() & ~7UL) - 1;
> struct net_device *netdev;
> u64 params;
>
> @@ -2469,7 +2469,7 @@ static int accept_cr(struct c4iw_ep *ep, struct
> sk_buff *skb, }
>
> if (!is_t4(adapter_type)) {
> - u32 isn = (prandom_u32() & ~7UL) - 1;
> + u32 isn = (get_random_u32() & ~7UL) - 1;
u32 isn = get_random_u32() | 0x7;
Same code comes later again.
> diff --git a/drivers/mtd/nand/raw/nandsim.c b/drivers/mtd/nand/raw/nandsim.c
> index 50bcf745e816..4bdaf4aa7007 100644
> --- a/drivers/mtd/nand/raw/nandsim.c
> +++ b/drivers/mtd/nand/raw/nandsim.c
> @@ -1402,7 +1402,7 @@ static int ns_do_read_error(struct nandsim *ns, int
> num)
>
> static void ns_do_bit_flips(struct nandsim *ns, int num)
> {
> - if (bitflips && prandom_u32() < (1 << 22)) {
> + if (bitflips && get_random_u32() < (1 << 22)) {
Doing "get_random_u16() < (1 << 6)" should have the same probability with only
2 bytes of random, no?
> diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
> b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c index
> ac452a0111a9..b71ce6c5b512 100644
> --- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
> +++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c
> @@ -1063,7 +1063,7 @@ static void chtls_pass_accept_rpl(struct sk_buff *skb,
> opt2 |= WND_SCALE_EN_V(WSCALE_OK(tp));
> rpl5->opt0 = cpu_to_be64(opt0);
> rpl5->opt2 = cpu_to_be32(opt2);
> - rpl5->iss = cpu_to_be32((prandom_u32() & ~7UL) - 1);
> + rpl5->iss = cpu_to_be32((get_random_u32() & ~7UL) - 1);
> set_wr_txq(skb, CPL_PRIORITY_SETUP, csk->port_id);
> t4_set_arp_err_handler(skb, sk, chtls_accept_rpl_arp_failure);
> cxgb4_l2t_send(csk->egress_dev, skb, csk->l2t_entry);
> diff --git a/drivers/net/ethernet/rocker/rocker_main.c
> b/drivers/net/ethernet/rocker/rocker_main.c index
> fc83ec23bd1d..8c3bbafabb07 100644
> --- a/drivers/net/ethernet/rocker/rocker_main.c
> +++ b/drivers/net/ethernet/rocker/rocker_main.c
> @@ -139,9 +139,9 @@ static int rocker_reg_test(const struct rocker *rocker)
> return -EIO;
> }
>
> - rnd = prandom_u32();
> + rnd = get_random_u32();
> rnd <<= 31;
> - rnd |= prandom_u32();
> + rnd |= get_random_u32();
> rocker_write64(rocker, TEST_REG64, rnd);
> test_reg = rocker_read64(rocker, TEST_REG64);
> if (test_reg != rnd * 2) {
> diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/pno.c
> b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/pno.c index
> fabfbb0b40b0..374e1cc07a63 100644
> --- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/pno.c
> +++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/pno.c
> @@ -177,7 +177,7 @@ static int brcmf_pno_set_random(struct brcmf_if *ifp,
> struct brcmf_pno_info *pi) memcpy(pfn_mac.mac, mac_addr, ETH_ALEN);
> for (i = 0; i < ETH_ALEN; i++) {
> pfn_mac.mac[i] &= mac_mask[i];
> - pfn_mac.mac[i] |= get_random_int() & ~(mac_mask[i]);
> + pfn_mac.mac[i] |= get_random_u32() & ~(mac_mask[i]);
> diff --git a/lib/reed_solomon/test_rslib.c b/lib/reed_solomon/test_rslib.c
> index 4d241bdc88aa..848e7eb5da92 100644
> --- a/lib/reed_solomon/test_rslib.c
> +++ b/lib/reed_solomon/test_rslib.c
> @@ -164,7 +164,7 @@ static int get_rcw_we(struct rs_control *rs, struct
> wspace *ws,
>
> /* Load c with random data and encode */
> for (i = 0; i < dlen; i++)
> - c[i] = prandom_u32() & nn;
> + c[i] = get_random_u32() & nn;
> @@ -178,7 +178,7 @@ static int get_rcw_we(struct rs_control *rs, struct
> wspace *ws, for (i = 0; i < errs; i++) {
> do {
> /* Error value must be nonzero */
> - errval = prandom_u32() & nn;
> + errval = get_random_u32() & nn;
> } while (errval == 0);
> @@ -206,7 +206,7 @@ static int get_rcw_we(struct rs_control *rs, struct
> wspace *ws, /* Erasure with corrupted symbol */
> do {
> /* Error value must be nonzero */
> - errval = prandom_u32() & nn;
> + errval = get_random_u32() & nn;
> } while (errval == 0);
>
> diff --git a/lib/test_fprobe.c b/lib/test_fprobe.c
> index ed70637a2ffa..e0381b3ec410 100644
> --- a/lib/test_fprobe.c
> +++ b/lib/test_fprobe.c
> @@ -145,7 +145,7 @@ static unsigned long get_ftrace_location(void *func)
> static int fprobe_test_init(struct kunit *test)
> {
> do {
> - rand1 = prandom_u32();
> + rand1 = get_random_u32();
> } while (rand1 <= div_factor);
> diff --git a/lib/test_kprobes.c b/lib/test_kprobes.c
> index a5edc2ebc947..eeb1d728d974 100644
> --- a/lib/test_kprobes.c
> +++ b/lib/test_kprobes.c
> @@ -341,7 +341,7 @@ static int kprobes_test_init(struct kunit *test)
> stacktrace_driver = kprobe_stacktrace_driver;
>
> do {
> - rand1 = prandom_u32();
> + rand1 = get_random_u32();
> } while (rand1 <= div_factor);
> return 0;
> }
> diff --git a/lib/test_rhashtable.c b/lib/test_rhashtable.c
> index 5a1dd4736b56..b358a74ed7ed 100644
> --- a/lib/test_rhashtable.c
> +++ b/lib/test_rhashtable.c
> @@ -291,7 +291,7 @@ static int __init test_rhltable(unsigned int entries)
> if (WARN_ON(err))
> goto out_free;
>
> - k = prandom_u32();
> + k = get_random_u32();
> ret = 0;
> for (i = 0; i < entries; i++) {
> rhl_test_objects[i].value.id = k;
> @@ -369,12 +369,12 @@ static int __init test_rhltable(unsigned int entries)
> pr_info("test %d random rhlist add/delete operations\n", entries);
> for (j = 0; j < entries; j++) {
> u32 i = prandom_u32_max(entries);
> - u32 prand = prandom_u32();
> + u32 prand = get_random_u32();
>
> cond_resched();
>
> if (prand == 0)
> - prand = prandom_u32();
> + prand = get_random_u32();
>
> if (prand & 1) {
> prand >>= 1;
> diff --git a/net/ipv4/tcp_cdg.c b/net/ipv4/tcp_cdg.c
> index ddc7ba0554bd..efcd145f06db 100644
> --- a/net/ipv4/tcp_cdg.c
> +++ b/net/ipv4/tcp_cdg.c
> @@ -243,7 +243,7 @@ static bool tcp_cdg_backoff(struct sock *sk, u32 grad)
> struct cdg *ca = inet_csk_ca(sk);
> struct tcp_sock *tp = tcp_sk(sk);
>
> - if (prandom_u32() <= nexp_u32(grad * backoff_factor))
> + if (get_random_u32() <= nexp_u32(grad * backoff_factor))
> return false;
>
> if (use_ineff) {
> diff --git a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c
> index ceb85c67ce39..18481eb76a0a 100644
> --- a/net/ipv6/ip6_flowlabel.c
> +++ b/net/ipv6/ip6_flowlabel.c
> @@ -220,7 +220,7 @@ static struct ip6_flowlabel *fl_intern(struct net *net,
> spin_lock_bh(&ip6_fl_lock);
> if (label == 0) {
> for (;;) {
> - fl->label =
htonl(prandom_u32())&IPV6_FLOWLABEL_MASK;
> + fl->label =
htonl(get_random_u32())&IPV6_FLOWLABEL_MASK;
> if (fl->label) {
> lfl = __fl_lookup(net, fl-
>label);
> if (!lfl)
> diff --git a/net/netfilter/ipvs/ip_vs_conn.c
> b/net/netfilter/ipvs/ip_vs_conn.c index fb67f1ca2495..8c04bb57dd6f 100644
> --- a/net/netfilter/ipvs/ip_vs_conn.c
> +++ b/net/netfilter/ipvs/ip_vs_conn.c
> @@ -1308,7 +1308,7 @@ void ip_vs_random_dropentry(struct netns_ipvs *ipvs)
> * Randomly scan 1/32 of the whole table every second
> */
> for (idx = 0; idx < (ip_vs_conn_tab_size>>5); idx++) {
> - unsigned int hash = prandom_u32() &
ip_vs_conn_tab_mask;
> + unsigned int hash = get_random_u32() &
ip_vs_conn_tab_mask;
>
> hlist_for_each_entry_rcu(cp, &ip_vs_conn_tab[hash],
c_list) {
> if (cp->ipvs != ipvs)
> diff --git a/net/rds/bind.c b/net/rds/bind.c
> index 5b5fb4ca8d3e..052776ddcc34 100644
> --- a/net/rds/bind.c
> +++ b/net/rds/bind.c
> @@ -104,7 +104,7 @@ static int rds_add_bound(struct rds_sock *rs, const
> struct in6_addr *addr, return -EINVAL;
> last = rover;
> } else {
> - rover = max_t(u16, prandom_u32(), 2);
> + rover = max_t(u16, get_random_u32(), 2);
> last = rover - 1;
> }
> diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c
> b/net/sunrpc/auth_gss/gss_krb5_wrap.c index 5f96e75f9eec..48337687848c
> 100644
> --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c
> +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c
> @@ -130,8 +130,8 @@ gss_krb5_make_confounder(char *p, u32 conflen)
>
> /* initialize to random value */
> if (i == 0) {
> - i = prandom_u32();
> - i = (i << 32) | prandom_u32();
> + i = get_random_u32();
> + i = (i << 32) | get_random_u32();
> }
Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)
Powered by blists - more mailing lists