From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=KWal=5P=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EE98DC2D0EB
	for <linux-mm@archiver.kernel.org>; Mon, 30 Mar 2020 09:27:23 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id B3EE92072E
	for <linux-mm@archiver.kernel.org>; Mon, 30 Mar 2020 09:27:23 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B3EE92072E
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=ACULAB.COM
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 634F56B0008; Mon, 30 Mar 2020 05:27:23 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 60BDD6B000C; Mon, 30 Mar 2020 05:27:23 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 549366B0032; Mon, 30 Mar 2020 05:27:23 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0079.hostedemail.com [216.40.44.79])
	by kanga.kvack.org (Postfix) with ESMTP id 3CA266B0008
	for <linux-mm@kvack.org>; Mon, 30 Mar 2020 05:27:23 -0400 (EDT)
Received: from smtpin18.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay04.hostedemail.com (Postfix) with ESMTP id E12A1A755
	for <linux-mm@kvack.org>; Mon, 30 Mar 2020 09:27:22 +0000 (UTC)
X-FDA: 76651500324.18.end15_4060bf2652217
X-HE-Tag: end15_4060bf2652217
X-Filterd-Recvd-Size: 3452
Received: from eu-smtp-delivery-151.mimecast.com (eu-smtp-delivery-151.mimecast.com [146.101.78.151])
	by imf40.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Mon, 30 Mar 2020 09:27:22 +0000 (UTC)
Received: from AcuMS.aculab.com (156.67.243.126 [156.67.243.126]) (Using
 TLS) by relay.mimecast.com with ESMTP id
 uk-mta-95-EgmrUsT0M5yNaW66X6gYVQ-1; Mon, 30 Mar 2020 10:27:18 +0100
X-MC-Unique: EgmrUsT0M5yNaW66X6gYVQ-1
Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) by
 AcuMS.aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) with Microsoft SMTP
 Server (TLS) id 15.0.1347.2; Mon, 30 Mar 2020 10:27:17 +0100
Received: from AcuMS.Aculab.com ([fe80::43c:695e:880f:8750]) by
 AcuMS.aculab.com ([fe80::43c:695e:880f:8750%12]) with mapi id 15.00.1347.000;
 Mon, 30 Mar 2020 10:27:17 +0100
From: David Laight <David.Laight@ACULAB.COM>
To: "'Theodore Y. Ts'o'" <tytso@mit.edu>, George Spelvin <lkml@SDF.ORG>
CC: Dan Williams <dan.j.williams@intel.com>, Linux Kernel Mailing List
	<linux-kernel@vger.kernel.org>, Qian Cai <cai@lca.pw>, Kees Cook
	<keescook@chromium.org>, Michal Hocko <mhocko@suse.com>, Andrew Morton
	<akpm@linux-foundation.org>, Linux MM <linux-mm@kvack.org>
Subject: RE: [RFC PATCH v1 00/52] Audit kernel random number use
Thread-Topic: [RFC PATCH v1 00/52] Audit kernel random number use
Thread-Index: AQHWBS7wHKwkXcotX0GE2ObBbkw++6hffddggACdo1OAAMNccA==
Date: Mon, 30 Mar 2020 09:27:17 +0000
Message-ID: <7923d2289ec044579a3eb00ca339a018@AcuMS.aculab.com>
References: <202003281643.02SGhPmY017434@sdf.org>
 <CAPcyv4iagZy5m3FpMrQqyOi=_uCzqh5MjbW+J_xiHU1Z1BmF=g@mail.gmail.com>
 <20200328182817.GE5859@SDF.ORG>
 <98bd30f23b374ccbb61dd46125dc9669@AcuMS.aculab.com>
 <20200329174122.GD4675@SDF.ORG> <20200329214214.GB768293@mit.edu>
In-Reply-To: <20200329214214.GB768293@mit.edu>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.202.205.107]
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: aculab.com
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000002, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

From: Theodore Y. Ts'o
> Sent: 29 March 2020 22:42
> On Sun, Mar 29, 2020 at 05:41:22PM +0000, George Spelvin wrote:
> > > Using xor was particularly stupid.
> > > The whole generator was then linear and trivially reversable.
> > > Just using addition would have made it much stronger.
> >
> > I considered changing it to addition (actually, add pairs and XOR the
> > sums), but that would break its self-test.  And once I'd done that,
> > there are much better possibilities.
> >
> > Actually, addition doesn't make it *much* stronger.  To start
> > with, addition and xor are the same thing at the lsbit, so
> > observing 113 lsbits gives you a linear decoding problem.
>=20
> David,
>=20
> If anyone is trying to rely on prandom_u32() as being "strong" in any
> sense of the word in terms of being reversable by attacker --- they
> shouldn't be using prandom_u32().  That's going to be true no matter
> *what* algorithm we use.

Indeed, but xor merging of 4 LFSR gives an appearance of an
improvements (over a single LFSR) but gives none and just
increases the complexity.

=09David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1=
PT, UK
Registration No: 1397386 (Wales)