summaryrefslogtreecommitdiffstats
path: root/samples/seccomp
diff options
context:
space:
mode:
authorDaniel Borkmann <dborkman@redhat.com>2013-11-11 12:20:32 +0100
committerDavid S. Miller <davem@davemloft.net>2013-11-11 14:32:14 -0500
commit51c37a70aaa3f95773af560e6db3073520513912 (patch)
tree00da845e9ecfa8ba58e618b9d472d81dc6ddfd41 /samples/seccomp
parent129596674c00352cbbb1efaf36db50726fd374ef (diff)
random32: fix off-by-one in seeding requirement
For properly initialising the Tausworthe generator [1], we have a strict seeding requirement, that is, s1 > 1, s2 > 7, s3 > 15. Commit 697f8d0348 ("random32: seeding improvement") introduced a __seed() function that imposes boundary checks proposed by the errata paper [2] to properly ensure above conditions. However, we're off by one, as the function is implemented as: "return (x < m) ? x + m : x;", and called with __seed(X, 1), __seed(X, 7), __seed(X, 15). Thus, an unwanted seed of 1, 7, 15 would be possible, whereas the lower boundary should actually be of at least 2, 8, 16, just as GSL does. Fix this, as otherwise an initialization with an unwanted seed could have the effect that Tausworthe's PRNG properties cannot not be ensured. Note that this PRNG is *not* used for cryptography in the kernel. [1] http://www.iro.umontreal.ca/~lecuyer/myftp/papers/tausme.ps [2] http://www.iro.umontreal.ca/~lecuyer/myftp/papers/tausme2.ps Joint work with Hannes Frederic Sowa. Fixes: 697f8d0348a6 ("random32: seeding improvement") Cc: Stephen Hemminger <stephen@networkplumber.org> Cc: Florian Weimer <fweimer@redhat.com> Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'samples/seccomp')
0 files changed, 0 insertions, 0 deletions