Re: [PATCH 5.9 639/757] random32: make prandom_u32() output unpredictable

From: Willy Tarreau
Date: Tue Oct 27 2020 - 13:12:04 EST


Hi Greg,

On Tue, Oct 27, 2020 at 02:54:49PM +0100, Greg Kroah-Hartman wrote:
> From: George Spelvin <lkml@xxxxxxx>
>
> [ Upstream commit c51f8f88d705e06bd696d7510aff22b33eb8e638 ]
>
> Non-cryptographic PRNGs may have great statistical properties, but
> are usually trivially predictable to someone who knows the algorithm,
> given a small sample of their output. An LFSR like prandom_u32() is
> particularly simple, even if the sample is widely scattered bits.
(...)

I'd have let it cook a bit longer into mainline before backporting it,
first it's not small (a bit border line by stable rules), and second,
considering how long we've been with the previous solution, there's no
emergency anymore. The risks are essentially at the build level though
(e.g. include hell on exotic architectures, or obscure driver trying
to make use of one of the removed functions maybe).

On the other hand, given the amount of tests that run on the stable
queue, we'll quickly know! So we can probably keep it for now, but do
not hesitate to drop and postpone it if it causes any trouble so that
we have time to investigate. I'd rather not go through the previous
one's repeated breakage again!

Thanks,
Willy