lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 28 Mar 2020 17:37:12 +0000
From:   George Spelvin <lkml@....ORG>
To:     Maciej Zenczykowski <maze@...gle.com>
Cc:     Kernel hackers <linux-kernel@...r.kernel.org>,
        "David S. Miller" <davem@...emloft.net>,
        Alexey Kuznetsov <kuznet@....inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        Linux NetDev <netdev@...r.kernel.org>, lkml@....org
Subject: Re: [RFC PATCH v1 18/50] net/ipv6/addrconf.c: Use prandom_u32_max
 for rfc3315 backoff time computation

On Sat, Mar 28, 2020 at 09:56:58AM -0700, Maciej ?enczykowski wrote:
>>         /* multiply 'initial retransmission time' by 0.9 .. 1.1 */
>> -       u64 tmp = (900000 + prandom_u32() % 200001) * (u64)irt;
>> -       do_div(tmp, 1000000);
>> -       return (s32)tmp;
>> +       s32 range = irt / 5;
>> +       return irt - (s32)(range/2) + (s32)prandom_u32_max(range);
> 
> The cast on range/2 looks entirely spurious

You're absolutely right; sorry about that.  I was trying to
preserve the previous code's mixture of signed and unsigned types
and managed to confuse myself.

(I think I got distracted researching whether the inputs could be
negative.)

>>         /* multiply 'retransmission timeout' by 1.9 .. 2.1 */
>> -       u64 tmp = (1900000 + prandom_u32() % 200001) * (u64)rt;
>> -       do_div(tmp, 1000000);
>> -       if ((s32)tmp > mrt) {
>> +       s32 range = rt / 5;
>> +       s32 tmp = 2*rt - (s32)(ran..ge/2) + (s32)prandom_u32_max(range);
> 
> Here as well.  Honestly the cast on prandom might also not be
> necessary, but that at least has a reason.

The whole thing should go.   How about just doing it all in unsigned:

static inline s32 rfc3315_s14_backoff_init(s32 irt)
{
	/* multiply 'initial retransmission time' by 0.9 .. 1.1 */
	u32 range = irt / 5u;
	return irt - range/2 + prandom_u32_max(range);
}

static inline s32 rfc3315_s14_backoff_update(s32 rt, s32 mrt)
{
	/* multiply 'retransmission timeout' by 1.9 .. 2.1 */
	 u32 range = rt / 5u;
	 u32 tmp = 2u*rt - range/2 + prandom_u32_max(range);
	 if (tmp > mrt) {
		 /* multiply 'maximum retransmission time' by 0.9 .. 1.1 */
		  range = mrt / 5u;
		  tmp = mrt - range/2 + prandom_u32_max(range);
	}
	return tmp;
}

That lets "range/2" be implemented as a 1-bit shift.

An interesting question for the latter is whether
"prandom_u32_max(range) - range/2" can be considered a common
subexpression, or is they have to be *independent* random values.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ