Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp5845444rwb;
        Mon, 14 Nov 2022 10:14:17 -0800 (PST)
X-Google-Smtp-Source: AA0mqf6kDoKMz5nuWZn6HKVOxm57zTvsKswcyitSZaxrX7POAhfDBRKLEsTyljl1bEZZL79k5L3k
X-Received: by 2002:a17:906:dfd8:b0:7ad:a8c3:588f with SMTP id jt24-20020a170906dfd800b007ada8c3588fmr10656981ejc.687.1668449657518;
        Mon, 14 Nov 2022 10:14:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1668449657; cv=none;
        d=google.com; s=arc-20160816;
        b=mshylggvtBIXsXke4APtfsCd6FfQLQ8kIBYYBJiqxkUyg5uHue4hxdWL/+48GA1pJl
         T8irhsXAC0QJXzBRZzmnGnHx6/jG2T5HldzDN/Z3nvGpzPqYGN0Jaqeyr9UrUCQzOF5Z
         QPOBruDFPDjcZMpf0qsMwBKHb7FqyhxZzRdia/3y4g+RYKuMUw9Jnog34JBl63u6nbSC
         RhFKDVTWVpxIm441vYnLBdLr5GvwUdNeyJtoSv2QazBJklQQ0LgyjJTXmLHKKRS0Qri+
         v0Heopxk2e3fFcv5NAUCIVvfNZkHbRZ5rYdo27wwBmuepociBRV6Qgjyxxeoha3tzoDF
         OAtA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to
         :organization:content-language:references:cc:to:subject:from
         :user-agent:mime-version:date:message-id;
        bh=KoNjR5N388OpVXMigGGo0r+pO+2D1Vjm3mNrieDkGWo=;
        b=qZX/4sjXaNkggzlEH/AlgwAHB4xU2g6+m6dbI4MAJ9XRGmjRRiCnJfMBUa1OZL54zW
         MwkVnird/QjC+UpDfz2jRxebW4KtehGdFhPgJ4+eXLqYG4AFwBXKoMu8Ke8Ckz6rYl1N
         /R8lq0EcO6VovlheGP5fvuTNVHp8dvgqEssXsM/UqHmthLwktXDc0TFk9QzWuuAmXaLS
         APLBZc+iuZM4Q6+zcb4WXDEpdb2d/ORo+k4SWWpqAsoUbad+iG1ipfk1H57c1IXKEKB+
         ni0Yjq1wOtloPHglp2bNvwk0DDm6LqTYurgD0WZzF3Uj5rocOBIVY1dL+luv1xHUksnd
         5YxA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id e7-20020a50fb87000000b0046272b487cesi8314564edq.331.2022.11.14.10.13.43;
        Mon, 14 Nov 2022 10:14:17 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S238193AbiKNSFB (ORCPT <rfc822;logchen2009@gmail.com>
        + 99 others); Mon, 14 Nov 2022 13:05:01 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58264 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S237427AbiKNSEl (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 14 Nov 2022 13:04:41 -0500
Received: from smtp2-g21.free.fr (smtp2-g21.free.fr [IPv6:2a01:e0c:1:1599::11])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 473742C111;
        Mon, 14 Nov 2022 10:04:22 -0800 (PST)
Received: from [IPV6:2a01:e35:39f2:1220:da6c:81de:7fd7:e3eb] (unknown [IPv6:2a01:e35:39f2:1220:da6c:81de:7fd7:e3eb])
        by smtp2-g21.free.fr (Postfix) with ESMTPS id EC9A52003D0;
        Mon, 14 Nov 2022 19:04:13 +0100 (CET)
Message-ID: <60574e8f-20ff-0996-5558-e9bd35e42681@opteya.com>
Date:   Mon, 14 Nov 2022 19:04:13 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.4.2
From:   Yann Droneaud <ydroneaud@opteya.com>
Subject: Re: [PATCH v1 3/5] random: add helpers for random numbers with given
 floor or range
To:     "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc:     Kees Cook <keescook@chromium.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Theodore Ts'o <tytso@mit.edu>, linux-crypto@vger.kernel.org,
        linux-kernel@vger.kernel.org
References: <20221022014403.3881893-1-Jason@zx2c4.com>
 <20221022014403.3881893-4-Jason@zx2c4.com>
Content-Language: fr-FR
Organization: OPTEYA
In-Reply-To: <20221022014403.3881893-4-Jason@zx2c4.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

[resent in text only]

Hi,


Le 22/10/2022 à 03:44, Jason A. Donenfeld a écrit :
> Now that we have get_random_u32_below(), it's trivial to make inline
> helpers to compute get_random_u32_above() and get_random_u32_between(),
> which will help clean up open coded loops and manual computations
> throughout the tree.
>
> Signed-off-by: Jason A. Donenfeld<Jason@zx2c4.com>
> ---
>   include/linux/random.h | 24 ++++++++++++++++++++++++
>   1 file changed, 24 insertions(+)
>
> diff --git a/include/linux/random.h b/include/linux/random.h
> index 3a82c0a8bc46..92188a74e50e 100644
> --- a/include/linux/random.h
> +++ b/include/linux/random.h
> @@ -91,6 +91,30 @@ static inline u32 get_random_u32_below(u32 ceil)
>   	}
>   }
>   
> +/*
> + * Returns a random integer in the interval (floor, U32_MAX], with uniform
> + * distribution, suitable for all uses. Fastest when floor is a constant, but
> + * still fast for variable floor as well.
> + */
> +static inline u32 get_random_u32_above(u32 floor)
> +{
> +	BUILD_BUG_ON_MSG(__builtin_constant_p(floor) && floor == U32_MAX,
> +			 "get_random_u32_above() must take floor < U32_MAX");
> +	return floor + 1 + get_random_u32_below(U32_MAX - floor);
> +}
> +
> +/*
> + * Returns a random integer in the interval [floor, ceil), with uniform
> + * distribution, suitable for all uses. Fastest when floor and ceil are
> + * constant, but still fast for variable floor and ceil as well.
> + */
> +static inline u32 get_random_u32_between(u32 floor, u32 ceil)
> +{
> +	BUILD_BUG_ON_MSG(__builtin_constant_p(floor) && __builtin_constant_p(ceil) &&
> +			 floor >= ceil, "get_random_u32_above() must take floor < ceil");
> +	return floor + get_random_u32_below(ceil - floor);
> +}

I have a bad feeling about this one, and can't help but thinking it's going
to bite someone: when asked to pick a number *between* 0 and 10,
I usually think I'm allowed to pick 10 (even if I'm going to answer 7 as it should).

Also, regardinghttps://lore.kernel.org/lkml/20221114164558.1180362-4-Jason@zx2c4.com/
where there's a lot of such changes:

- seqno = get_random_u32_below(data->fc.chain_length) + 1; + seqno = 
get_random_u32_between(1, data->fc.chain_length + 1); IMHO, having the 
function returning a value in range [floor, ceil] would simplify the 
patch: - seqno = get_random_u32_below(data->fc.chain_length) + 1; + 
seqno = get_random_u32_between(1, data->fc.chain_length);

Regards.

-- 
Yann Droneaud
OPTEYA