random32: add prandom_u32_max and convert open coded users
CVE-2016-5696 Many functions have open coded a function that returns a random number in range [0,N-1]. Under the assumption that we have a PRNG such as taus113 with being well distributed in [0, ~0U] space, we can implement such a function as uword t = (n*m')>>32, where m' is a random number obtained from PRNG, n the right open interval border and t our resulting random number, with n,m',t in u32 universe. Lets go with Joe and simply call it prandom_u32_max(), although technically we have an right open interval endpoint, but that we have documented. Other users can further be migrated to the new prandom_u32_max() function later on; for now, we need to make sure to migrate reciprocal_divide() users for the reciprocal_divide() follow-up fixup since their function signatures are going to change. Joint work with Hannes Frederic Sowa. Change-Id: Ib62946c0432a63345723df0d891186cd939bec09 Tracked-On: https://jira01.devtools.intel.com/browse/AW-2264 Cc: Jakub Zawadzki <darkjames-ws@darkjames.pl> Cc: Eric Dumazet <eric.dumazet@gmail.com> Cc: linux-kernel@vger.kernel.org Signed-off-by:Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by:
Daniel Borkmann <dborkman@redhat.com> Signed-off-by:
David S. Miller <davem@davemloft.net> Reviewed-on: https://android.intel.com/545360 Reviewed-by:
Mahe, Erwan <erwan.mahe@intel.com> Reviewed-by:
Dubray, SimonX <simonx.dubray@intel.com> Tested-by:
Tasayco Loarte, VictorX <victorx.tasayco.loarte@intel.com> Reviewed-by:
Maalem, Saadi <saadi.maalem@intel.com>
Showing
- drivers/net/team/team_mode_random.c 1 addition, 7 deletionsdrivers/net/team/team_mode_random.c
- include/linux/random.h 17 additions, 1 deletioninclude/linux/random.h
- net/packet/af_packet.c 7 additions, 0 deletionsnet/packet/af_packet.c
- net/sched/sch_choke.c 1 addition, 8 deletionsnet/sched/sch_choke.c
Loading
Please register or sign in to comment