| random32.c (3744741adab6d9195551ce30e65e726c7a408421) | random32.c (c6e169bc146a76d5ccbf4d3825f705414352bd03) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0 2/* 3 * This is a maximally equidistributed combined Tausworthe generator 4 * based on code from GNU Scientific Library 1.5 (30 Jun 2004) 5 * 6 * lfsr113 version: 7 * 8 * x_n = (s1_n ^ s2_n ^ s3_n ^ s4_n) --- 24 unchanged lines hidden (view full) --- 33 */ 34 35#include <linux/types.h> 36#include <linux/percpu.h> 37#include <linux/export.h> 38#include <linux/jiffies.h> 39#include <linux/random.h> 40#include <linux/sched.h> | 1// SPDX-License-Identifier: GPL-2.0 2/* 3 * This is a maximally equidistributed combined Tausworthe generator 4 * based on code from GNU Scientific Library 1.5 (30 Jun 2004) 5 * 6 * lfsr113 version: 7 * 8 * x_n = (s1_n ^ s2_n ^ s3_n ^ s4_n) --- 24 unchanged lines hidden (view full) --- 33 */ 34 35#include <linux/types.h> 36#include <linux/percpu.h> 37#include <linux/export.h> 38#include <linux/jiffies.h> 39#include <linux/random.h> 40#include <linux/sched.h> |
| 41#include <linux/bitops.h> |
|
| 41#include <asm/unaligned.h> 42#include <trace/events/random.h> 43 44/** 45 * prandom_u32_state - seeded pseudo-random number generator. 46 * @state: pointer to state structure holding seeded state. 47 * 48 * This is used for pseudo-randomness with no outside seeding. --- 502 unchanged lines hidden (view full) --- 551 * To avoid worrying about whether it's safe to delay that interrupt 552 * long enough to seed all CPUs, just schedule an immediate timer event. 553 */ 554static void prandom_timer_start(struct random_ready_callback *unused) 555{ 556 mod_timer(&seed_timer, jiffies); 557} 558 | 42#include <asm/unaligned.h> 43#include <trace/events/random.h> 44 45/** 46 * prandom_u32_state - seeded pseudo-random number generator. 47 * @state: pointer to state structure holding seeded state. 48 * 49 * This is used for pseudo-randomness with no outside seeding. --- 502 unchanged lines hidden (view full) --- 552 * To avoid worrying about whether it's safe to delay that interrupt 553 * long enough to seed all CPUs, just schedule an immediate timer event. 554 */ 555static void prandom_timer_start(struct random_ready_callback *unused) 556{ 557 mod_timer(&seed_timer, jiffies); 558} 559 |
| 560#ifdef CONFIG_RANDOM32_SELFTEST 561/* Principle: True 32-bit random numbers will all have 16 differing bits on 562 * average. For each 32-bit number, there are 601M numbers differing by 16 563 * bits, and 89% of the numbers differ by at least 12 bits. Note that more 564 * than 16 differing bits also implies a correlation with inverted bits. Thus 565 * we take 1024 random numbers and compare each of them to the other ones, 566 * counting the deviation of correlated bits to 16. Constants report 32, 567 * counters 32-log2(TEST_SIZE), and pure randoms, around 6 or lower. With the 568 * u32 total, TEST_SIZE may be as large as 4096 samples. 569 */ 570#define TEST_SIZE 1024 571static int __init prandom32_state_selftest(void) 572{ 573 unsigned int x, y, bits, samples; 574 u32 xor, flip; 575 u32 total; 576 u32 *data; 577 578 data = kmalloc(sizeof(*data) * TEST_SIZE, GFP_KERNEL); 579 if (!data) 580 return 0; 581 582 for (samples = 0; samples < TEST_SIZE; samples++) 583 data[samples] = prandom_u32(); 584 585 flip = total = 0; 586 for (x = 0; x < samples; x++) { 587 for (y = 0; y < samples; y++) { 588 if (x == y) 589 continue; 590 xor = data[x] ^ data[y]; 591 flip |= xor; 592 bits = hweight32(xor); 593 total += (bits - 16) * (bits - 16); 594 } 595 } 596 597 /* We'll return the average deviation as 2*sqrt(corr/samples), which 598 * is also sqrt(4*corr/samples) which provides a better resolution. 599 */ 600 bits = int_sqrt(total / (samples * (samples - 1)) * 4); 601 if (bits > 6) 602 pr_warn("prandom32: self test failed (at least %u bits" 603 " correlated, fixed_mask=%#x fixed_value=%#x\n", 604 bits, ~flip, data[0] & ~flip); 605 else 606 pr_info("prandom32: self test passed (less than %u bits" 607 " correlated)\n", 608 bits+1); 609 kfree(data); 610 return 0; 611} 612core_initcall(prandom32_state_selftest); 613#endif /* CONFIG_RANDOM32_SELFTEST */ 614 |
|
| 559/* 560 * Start periodic full reseeding as soon as strong 561 * random numbers are available. 562 */ 563static int __init prandom_init_late(void) 564{ 565 static struct random_ready_callback random_ready = { 566 .func = prandom_timer_start 567 }; 568 int ret = add_random_ready_callback(&random_ready); 569 570 if (ret == -EALREADY) { 571 prandom_timer_start(&random_ready); 572 ret = 0; 573 } 574 return ret; 575} 576late_initcall(prandom_init_late); | 615/* 616 * Start periodic full reseeding as soon as strong 617 * random numbers are available. 618 */ 619static int __init prandom_init_late(void) 620{ 621 static struct random_ready_callback random_ready = { 622 .func = prandom_timer_start 623 }; 624 int ret = add_random_ready_callback(&random_ready); 625 626 if (ret == -EALREADY) { 627 prandom_timer_start(&random_ready); 628 ret = 0; 629 } 630 return ret; 631} 632late_initcall(prandom_init_late); |