[PATCH v1 0/5] treewide cleanup of random integer usage

Jason A. Donenfeld Jason at zx2c4.com
Thu Oct 6 08:48:39 AEDT 2022


Hi folks,

This is a five part treewide cleanup of random integer handling. The
rules for random integers are:

- If you want a secure or an insecure random u64, use get_random_u64().
- If you want a secure or an insecure random u32, use get_random_u32().
  * The old function prandom_u32() has been deprecated for a while now
    and is just a wrapper around get_random_u32().
- If you want a secure or an insecure random u16, use get_random_u16().
- If you want a secure or an insecure random u8, use get_random_u8().
- If you want secure or insecure random bytes, use get_random_bytes().
  * The old function prandom_bytes() has been deprecated for a while now
    and has long been a wrapper around get_random_bytes().
- If you want a non-uniform random u32, u16, or u8 bounded by a certain
  open interval maximum, use prandom_u32_max().
  * I say "non-uniform", because it doesn't do any rejection sampling or
    divisions. Hence, it stays within the prandom_* namespace.

These rules ought to be applied uniformly, so that we can clean up the
deprecated functions, and earn the benefits of using the modern
functions. In particular, in addition to the boring substitutions, this
patchset accomplishes a few nice effects:

- By using prandom_u32_max() with an upper-bound that the compiler can
  prove at compile-time is ≤65536 or ≤256, internally get_random_u16()
  or get_random_u8() is used, which wastes fewer batched random bytes,
  and hence has higher throughput.

- By using prandom_u32_max() instead of %, when the upper-bound is not a
  constant, division is still avoided, because prandom_u32_max() uses
  a faster multiplication-based trick instead.

- By using get_random_u16() or get_random_u8() in cases where the return
  value is intended to indeed be a u16 or a u8, we waste fewer batched
  random bytes, and hence have higher throughput.

So, based on those rules and benefits from following them, this patchset
breaks down into the following five steps:

1) Replace `prandom_u32() % max` and variants thereof with
   prandom_u32_max(max).

2) Replace `(type)get_random_u32()` and variants thereof with
   get_random_u16() or get_random_u8(). I took the pains to actually
   look and see what every lvalue type was across the entire tree.

3) Replace remaining deprecated uses of prandom_u32() with
   get_random_u32(). 

4) Replace remaining deprecated uses of prandom_bytes() with
   get_random_bytes().

5) Remove the deprecated and now-unused prandom_u32() and
   prandom_bytes() inline wrapper functions.

I was thinking of taking this through my random.git tree (on which this
series is currently based) and submitting it near the end of the merge
window, or waiting for the very end of the 6.1 cycle when there will be
the fewest new patches brewing. If somebody with some treewide-cleanup
experience might share some wisdom about what the best timing usually
winds up being, I'm all ears.

I've CC'd get_maintainers.pl, which is a pretty big list. Probably some
portion of those are going to bounce, too, and everytime you reply to
this thread, you'll have to deal with a bunch of bounces coming
immediately after. And a recipient list this big will probably dock my
email domain's spam reputation, at least temporarily. Sigh. I think
that's just how it goes with treewide cleanups though. Again, let me
know if I'm doing it wrong.

Please take a look!

Thanks,
Jason

Cc: Ajay Singh <ajay.kathat at microchip.com>
Cc: Akinobu Mita <akinobu.mita at gmail.com>
Cc: Alexandre Torgue <alexandre.torgue at foss.st.com>
Cc: Amitkumar Karwar <amitkarwar at gmail.com>
Cc: Andreas Dilger <adilger.kernel at dilger.ca>
Cc: Andreas Färber <afaerber at suse.de>
Cc: Andreas Noever <andreas.noever at gmail.com>
Cc: Andrew Lunn <andrew at lunn.ch>
Cc: Andrew Morton <akpm at linux-foundation.org>
Cc: Andrii Nakryiko <andrii at kernel.org>
Cc: Andy Gospodarek <andy at greyhouse.net>
Cc: Andy Lutomirski <luto at kernel.org>
Cc: Andy Shevchenko <andriy.shevchenko at linux.intel.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy at intel.com>
Cc: Anna Schumaker <anna at kernel.org>
Cc: Arend van Spriel <aspriel at gmail.com>
Cc: Ayush Sawal <ayush.sawal at chelsio.com>
Cc: Borislav Petkov <bp at alien8.de>
Cc: Chao Yu <chao at kernel.org>
Cc: Christoph Böhmwalder <christoph.boehmwalder at linbit.com>
Cc: Christoph Hellwig <hch at lst.de>
Cc: Christophe Leroy <christophe.leroy at csgroup.eu>
Cc: Chuck Lever <chuck.lever at oracle.com>
Cc: Claudiu Beznea <claudiu.beznea at microchip.com>
Cc: Cong Wang <xiyou.wangcong at gmail.com>
Cc: Dan Williams <dan.j.williams at intel.com>
Cc: Daniel Borkmann <daniel at iogearbox.net>
Cc: Darrick J. Wong <djwong at kernel.org>
Cc: Dave Hansen <dave.hansen at linux.intel.com>
Cc: David Ahern <dsahern at kernel.org>
Cc: David S. Miller <davem at davemloft.net>
Cc: Dennis Dalessandro <dennis.dalessandro at cornelisnetworks.com>
Cc: Dick Kennedy <dick.kennedy at broadcom.com>
Cc: Dmitry Vyukov <dvyukov at google.com>
Cc: Eric Dumazet <edumazet at google.com>
Cc: Florian Westphal <fw at strlen.de>
Cc: Franky Lin <franky.lin at broadcom.com>
Cc: Ganapathi Bhat <ganapathi017 at gmail.com>
Cc: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
Cc: Gregory Greenman <gregory.greenman at intel.com>
Cc: H. Peter Anvin <hpa at zytor.com>
Cc: Hannes Reinecke <hare at suse.de>
Cc: Hans Verkuil <hverkuil at xs4all.nl>
Cc: Hante Meuleman <hante.meuleman at broadcom.com>
Cc: Hao Luo <haoluo at google.com>
Cc: Haoyue Xu <xuhaoyue1 at hisilicon.com>
Cc: Heiner Kallweit <hkallweit1 at gmail.com>
Cc: Helge Deller <deller at gmx.de>
Cc: Herbert Xu <herbert at gondor.apana.org.au>
Cc: Hideaki YOSHIFUJI <yoshfuji at linux-ipv6.org>
Cc: Hugh Dickins <hughd at google.com>
Cc: Igor Mitsyanko <imitsyanko at quantenna.com>
Cc: Ilya Dryomov <idryomov at gmail.com>
Cc: Ingo Molnar <mingo at redhat.com>
Cc: Jack Wang <jinpu.wang at ionos.com>
Cc: Jaegeuk Kim <jaegeuk at kernel.org>
Cc: Jaehoon Chung <jh80.chung at samsung.com>
Cc: Jakub Kicinski <kuba at kernel.org>
Cc: Jamal Hadi Salim <jhs at mojatatu.com>
Cc: James E.J. Bottomley <jejb at linux.ibm.com>
Cc: James Smart <james.smart at broadcom.com>
Cc: Jan Kara <jack at suse.com>
Cc: Jason Gunthorpe <jgg at ziepe.ca>
Cc: Jay Vosburgh <j.vosburgh at gmail.com>
Cc: Jean-Paul Roubelat <jpr at f6fbb.org>
Cc: Jeff Layton <jlayton at kernel.org>
Cc: Jens Axboe <axboe at kernel.dk>
Cc: Jiri Olsa <jolsa at kernel.org>
Cc: Jiri Pirko <jiri at resnulli.us>
Cc: Johannes Berg <johannes at sipsolutions.net>
Cc: John Fastabend <john.fastabend at gmail.com>
Cc: John Stultz <jstultz at google.com>
Cc: Jon Maloy <jmaloy at redhat.com>
Cc: Jonathan Corbet <corbet at lwn.net>
Cc: Jozsef Kadlecsik <kadlec at netfilter.org>
Cc: Julian Anastasov <ja at ssi.bg>
Cc: KP Singh <kpsingh at kernel.org>
Cc: Kalle Valo <kvalo at kernel.org>
Cc: Kees Cook <keescook at chromium.org>
Cc: Keith Busch <kbusch at kernel.org>
Cc: Lars Ellenberg <lars.ellenberg at linbit.com>
Cc: Leon Romanovsky <leon at kernel.org>
Cc: Manish Rangankar <mrangankar at marvell.com>
Cc: Manivannan Sadhasivam <mani at kernel.org>
Cc: Marcelo Ricardo Leitner <marcelo.leitner at gmail.com>
Cc: Marco Elver <elver at google.com>
Cc: Martin K. Petersen <martin.petersen at oracle.com>
Cc: Martin KaFai Lau <martin.lau at linux.dev>
Cc: Masami Hiramatsu <mhiramat at kernel.org>
Cc: Mauro Carvalho Chehab <mchehab at kernel.org>
Cc: Maxime Coquelin <mcoquelin.stm32 at gmail.com>
Cc: Md. Haris Iqbal <haris.iqbal at ionos.com>
Cc: Michael Chan <michael.chan at broadcom.com>
Cc: Michael Ellerman <mpe at ellerman.id.au>
Cc: Michael Jamet <michael.jamet at intel.com>
Cc: Michal Januszewski <spock at gentoo.org>
Cc: Mika Westerberg <mika.westerberg at linux.intel.com>
Cc: Miquel Raynal <miquel.raynal at bootlin.com>
Cc: Namjae Jeon <linkinjeon at kernel.org>
Cc: Naveen N. Rao <naveen.n.rao at linux.ibm.com>
Cc: Neil Horman <nhorman at tuxdriver.com>
Cc: Nicholas Piggin <npiggin at gmail.com>
Cc: Nilesh Javali <njavali at marvell.com>
Cc: OGAWA Hirofumi <hirofumi at mail.parknet.co.jp>
Cc: Pablo Neira Ayuso <pablo at netfilter.org>
Cc: Paolo Abeni <pabeni at redhat.com>
Cc: Peter Zijlstra <peterz at infradead.org>
Cc: Philipp Reisner <philipp.reisner at linbit.com>
Cc: Potnuri Bharat Teja <bharat at chelsio.com>
Cc: Pravin B Shelar <pshelar at ovn.org>
Cc: Rasmus Villemoes <linux at rasmusvillemoes.dk>
Cc: Richard Weinberger <richard at nod.at>
Cc: Rohit Maheshwari <rohitm at chelsio.com>
Cc: Russell King <linux at armlinux.org.uk>
Cc: Sagi Grimberg <sagi at grimberg.me>
Cc: Santosh Shilimkar <santosh.shilimkar at oracle.com>
Cc: Sergey Matyukevich <geomatsi at gmail.com>
Cc: Sharvari Harisangam <sharvari.harisangam at nxp.com>
Cc: Simon Horman <horms at verge.net.au>
Cc: Song Liu <song at kernel.org>
Cc: Stanislav Fomichev <sdf at google.com>
Cc: Steffen Klassert <steffen.klassert at secunet.com>
Cc: Stephen Boyd <sboyd at kernel.org>
Cc: Stephen Hemminger <stephen at networkplumber.org>
Cc: Sungjong Seo <sj1557.seo at samsung.com>
Cc: Theodore Ts'o <tytso at mit.edu>
Cc: Thomas Gleixner <tglx at linutronix.de>
Cc: Thomas Graf <tgraf at suug.ch>
Cc: Thomas Sailer <t.sailer at alumni.ethz.ch>
Cc: Toke Høiland-Jørgensen <toke at toke.dk>
Cc: Trond Myklebust <trond.myklebust at hammerspace.com>
Cc: Ulf Hansson <ulf.hansson at linaro.org>
Cc: Varun Prakash <varun at chelsio.com>
Cc: Veaceslav Falico <vfalico at gmail.com>
Cc: Vignesh Raghavendra <vigneshr at ti.com>
Cc: Vinay Kumar Yadav <vinay.yadav at chelsio.com>
Cc: Vinod Koul <vkoul at kernel.org>
Cc: Vlad Yasevich <vyasevich at gmail.com>
Cc: Wenpeng Liang <liangwenpeng at huawei.com>
Cc: Xinming Hu <huxinming820 at gmail.com>
Cc: Xiubo Li <xiubli at redhat.com>
Cc: Yehezkel Bernat <YehezkelShB at gmail.com>
Cc: Ying Xue <ying.xue at windriver.com>
Cc: Yishai Hadas <yishaih at nvidia.com>
Cc: Yonghong Song <yhs at fb.com>
Cc: Yury Norov <yury.norov at gmail.com>
Cc: brcm80211-dev-list.pdl at broadcom.com
Cc: cake at lists.bufferbloat.net
Cc: ceph-devel at vger.kernel.org
Cc: coreteam at netfilter.org
Cc: dccp at vger.kernel.org
Cc: dev at openvswitch.org
Cc: dmaengine at vger.kernel.org
Cc: drbd-dev at lists.linbit.com
Cc: dri-devel at lists.freedesktop.org
Cc: kasan-dev at googlegroups.com
Cc: linux-actions at lists.infradead.org
Cc: linux-arm-kernel at lists.infradead.org
Cc: linux-block at vger.kernel.org
Cc: linux-crypto at vger.kernel.org
Cc: linux-doc at vger.kernel.org
Cc: linux-ext4 at vger.kernel.org
Cc: linux-f2fs-devel at lists.sourceforge.net
Cc: linux-fbdev at vger.kernel.org
Cc: linux-fsdevel at vger.kernel.org
Cc: linux-hams at vger.kernel.org
Cc: linux-kernel at vger.kernel.org
Cc: linux-media at vger.kernel.org
Cc: linux-mm at kvack.org
Cc: linux-mmc at vger.kernel.org
Cc: linux-mtd at lists.infradead.org
Cc: linux-nfs at vger.kernel.org
Cc: linux-nvme at lists.infradead.org
Cc: linux-raid at vger.kernel.org
Cc: linux-rdma at vger.kernel.org
Cc: linux-scsi at vger.kernel.org
Cc: linux-sctp at vger.kernel.org
Cc: linux-stm32 at st-md-mailman.stormreply.com
Cc: linux-usb at vger.kernel.org
Cc: linux-wireless at vger.kernel.org
Cc: linux-xfs at vger.kernel.org
Cc: linuxppc-dev at lists.ozlabs.org
Cc: lvs-devel at vger.kernel.org
Cc: netdev at vger.kernel.org
Cc: netfilter-devel at vger.kernel.org
Cc: rds-devel at oss.oracle.com
Cc: SHA-cyfmac-dev-list at infineon.com
Cc: target-devel at vger.kernel.org
Cc: tipc-discussion at lists.sourceforge.net

Jason A. Donenfeld (5):
  treewide: use prandom_u32_max() when possible
  treewide: use get_random_{u8,u16}() when possible
  treewide: use get_random_u32() when possible
  treewide: use get_random_bytes when possible
  prandom: remove unused functions

 Documentation/networking/filter.rst           |  2 +-
 arch/powerpc/crypto/crc-vpmsum_test.c         |  2 +-
 arch/x86/mm/pat/cpa-test.c                    |  4 +-
 block/blk-crypto-fallback.c                   |  2 +-
 crypto/async_tx/raid6test.c                   |  2 +-
 crypto/testmgr.c                              | 94 +++++++++----------
 drivers/block/drbd/drbd_receiver.c            |  4 +-
 drivers/dma/dmatest.c                         |  2 +-
 drivers/infiniband/core/cma.c                 |  2 +-
 drivers/infiniband/hw/cxgb4/cm.c              |  4 +-
 drivers/infiniband/hw/cxgb4/id_table.c        |  4 +-
 drivers/infiniband/hw/hfi1/tid_rdma.c         |  2 +-
 drivers/infiniband/hw/hns/hns_roce_ah.c       |  5 +-
 drivers/infiniband/hw/mlx4/mad.c              |  2 +-
 drivers/infiniband/ulp/ipoib/ipoib_cm.c       |  2 +-
 drivers/infiniband/ulp/rtrs/rtrs-clt.c        |  3 +-
 drivers/md/raid5-cache.c                      |  2 +-
 drivers/media/common/v4l2-tpg/v4l2-tpg-core.c |  2 +-
 .../media/test-drivers/vivid/vivid-radio-rx.c |  4 +-
 drivers/mmc/core/core.c                       |  4 +-
 drivers/mmc/host/dw_mmc.c                     |  2 +-
 drivers/mtd/nand/raw/nandsim.c                |  8 +-
 drivers/mtd/tests/mtd_nandecctest.c           | 12 +--
 drivers/mtd/tests/speedtest.c                 |  2 +-
 drivers/mtd/tests/stresstest.c                | 19 +---
 drivers/mtd/ubi/debug.c                       |  2 +-
 drivers/mtd/ubi/debug.h                       |  6 +-
 drivers/net/bonding/bond_main.c               |  2 +-
 drivers/net/ethernet/broadcom/bnxt/bnxt.c     |  2 +-
 drivers/net/ethernet/broadcom/cnic.c          |  5 +-
 .../chelsio/inline_crypto/chtls/chtls_cm.c    |  4 +-
 .../chelsio/inline_crypto/chtls/chtls_io.c    |  4 +-
 drivers/net/ethernet/rocker/rocker_main.c     |  8 +-
 drivers/net/hamradio/baycom_epp.c             |  2 +-
 drivers/net/hamradio/hdlcdrv.c                |  2 +-
 drivers/net/hamradio/yam.c                    |  2 +-
 drivers/net/phy/at803x.c                      |  2 +-
 drivers/net/wireguard/selftest/allowedips.c   | 16 ++--
 .../broadcom/brcm80211/brcmfmac/p2p.c         |  2 +-
 .../net/wireless/intel/iwlwifi/mvm/mac-ctxt.c |  2 +-
 .../net/wireless/marvell/mwifiex/cfg80211.c   |  4 +-
 .../wireless/microchip/wilc1000/cfg80211.c    |  2 +-
 .../net/wireless/quantenna/qtnfmac/cfg80211.c |  2 +-
 drivers/nvme/common/auth.c                    |  2 +-
 drivers/scsi/cxgbi/cxgb4i/cxgb4i.c            |  4 +-
 drivers/scsi/fcoe/fcoe_ctlr.c                 |  4 +-
 drivers/scsi/lpfc/lpfc_hbadisc.c              |  6 +-
 drivers/scsi/qedi/qedi_main.c                 |  2 +-
 drivers/target/iscsi/cxgbit/cxgbit_cm.c       |  2 +-
 drivers/thunderbolt/xdomain.c                 |  2 +-
 drivers/video/fbdev/uvesafb.c                 |  2 +-
 fs/ceph/inode.c                               |  2 +-
 fs/ceph/mdsmap.c                              |  2 +-
 fs/exfat/inode.c                              |  2 +-
 fs/ext2/ialloc.c                              |  2 +-
 fs/ext4/ialloc.c                              |  4 +-
 fs/ext4/ioctl.c                               |  4 +-
 fs/ext4/mmp.c                                 |  2 +-
 fs/ext4/super.c                               |  7 +-
 fs/f2fs/gc.c                                  |  2 +-
 fs/f2fs/namei.c                               |  2 +-
 fs/f2fs/segment.c                             |  8 +-
 fs/fat/inode.c                                |  2 +-
 fs/nfsd/nfs4state.c                           |  4 +-
 fs/ubifs/debug.c                              | 10 +-
 fs/ubifs/journal.c                            |  2 +-
 fs/ubifs/lpt_commit.c                         | 14 +--
 fs/ubifs/tnc_commit.c                         |  2 +-
 fs/xfs/libxfs/xfs_alloc.c                     |  2 +-
 fs/xfs/libxfs/xfs_ialloc.c                    |  4 +-
 fs/xfs/xfs_error.c                            |  2 +-
 fs/xfs/xfs_icache.c                           |  2 +-
 fs/xfs/xfs_log.c                              |  2 +-
 include/linux/prandom.h                       | 12 ---
 include/net/netfilter/nf_queue.h              |  2 +-
 include/net/red.h                             |  2 +-
 include/net/sock.h                            |  2 +-
 kernel/kcsan/selftest.c                       |  4 +-
 kernel/time/clocksource.c                     |  2 +-
 lib/fault-inject.c                            |  2 +-
 lib/find_bit_benchmark.c                      |  4 +-
 lib/random32.c                                |  4 +-
 lib/reed_solomon/test_rslib.c                 | 12 +--
 lib/sbitmap.c                                 |  4 +-
 lib/test_fprobe.c                             |  2 +-
 lib/test_kprobes.c                            |  2 +-
 lib/test_list_sort.c                          |  2 +-
 lib/test_objagg.c                             |  2 +-
 lib/test_rhashtable.c                         |  6 +-
 lib/test_vmalloc.c                            | 19 +---
 lib/uuid.c                                    |  2 +-
 mm/shmem.c                                    |  2 +-
 net/802/garp.c                                |  2 +-
 net/802/mrp.c                                 |  2 +-
 net/ceph/mon_client.c                         |  2 +-
 net/ceph/osd_client.c                         |  2 +-
 net/core/neighbour.c                          |  2 +-
 net/core/pktgen.c                             | 47 +++++-----
 net/core/stream.c                             |  2 +-
 net/dccp/ipv4.c                               |  4 +-
 net/ipv4/datagram.c                           |  2 +-
 net/ipv4/igmp.c                               |  6 +-
 net/ipv4/inet_connection_sock.c               |  2 +-
 net/ipv4/inet_hashtables.c                    |  2 +-
 net/ipv4/ip_output.c                          |  2 +-
 net/ipv4/route.c                              |  2 +-
 net/ipv4/tcp_cdg.c                            |  2 +-
 net/ipv4/tcp_ipv4.c                           |  4 +-
 net/ipv4/udp.c                                |  2 +-
 net/ipv6/addrconf.c                           |  8 +-
 net/ipv6/ip6_flowlabel.c                      |  2 +-
 net/ipv6/mcast.c                              | 10 +-
 net/ipv6/output_core.c                        |  2 +-
 net/mac80211/rc80211_minstrel_ht.c            |  2 +-
 net/mac80211/scan.c                           |  2 +-
 net/netfilter/ipvs/ip_vs_conn.c               |  2 +-
 net/netfilter/ipvs/ip_vs_twos.c               |  4 +-
 net/netfilter/nf_nat_core.c                   |  4 +-
 net/netfilter/xt_statistic.c                  |  2 +-
 net/openvswitch/actions.c                     |  2 +-
 net/packet/af_packet.c                        |  2 +-
 net/rds/bind.c                                |  2 +-
 net/sched/act_gact.c                          |  2 +-
 net/sched/act_sample.c                        |  2 +-
 net/sched/sch_cake.c                          |  8 +-
 net/sched/sch_netem.c                         | 22 ++---
 net/sched/sch_pie.c                           |  2 +-
 net/sched/sch_sfb.c                           |  2 +-
 net/sctp/socket.c                             |  4 +-
 net/sunrpc/auth_gss/gss_krb5_wrap.c           |  4 +-
 net/sunrpc/cache.c                            |  2 +-
 net/sunrpc/xprt.c                             |  2 +-
 net/sunrpc/xprtsock.c                         |  2 +-
 net/tipc/socket.c                             |  2 +-
 net/unix/af_unix.c                            |  2 +-
 net/xfrm/xfrm_state.c                         |  2 +-
 136 files changed, 304 insertions(+), 339 deletions(-)

-- 
2.37.3


More information about the Linuxppc-dev mailing list