Re: [RFC/RFT PATCH 3/6] random: Use u32 to keep track of batched entropy generation

Thu, 27 Nov 2025 02:15:44 -0800 

On Thu, 27 Nov 2025 at 11:11, david laight <[email protected]> wrote:
>
> On Thu, 27 Nov 2025 10:22:30 +0100
> Ard Biesheuvel <[email protected]> wrote:
>
> > From: Ard Biesheuvel <[email protected]>
> >
> > The batched entropy containers each have a generation field, to keep
> > track of the base_crng generation from which it was last reseeded.
> >
> > This use case does not require all bits of the unsigned long to be
> > stored: storing only 32 bits is sufficient to determine whether or not
> > we're at most 4 billion generations behind, which seems ample.
> >
> > So use an unsigned int instead: this will allow a future patch to treat
> > the generation and position as a single 64-bit quantity, which can be
> > used locklessly in a compare-and-exchange() operation.
>
> Probably best to use a u32.
> While it will always(?) be the same as 'unsigned int' it is more
> descriptive.
>
> >
> > Signed-off-by: Ard Biesheuvel <[email protected]>
> > ---
> >  drivers/char/random.c | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/drivers/char/random.c b/drivers/char/random.c
> > index b8b24b6ed3fe..0e04bc60d034 100644
> > --- a/drivers/char/random.c
> > +++ b/drivers/char/random.c
> > @@ -507,7 +507,7 @@ struct batch_ ##type {                                  
> >                           \
> >        */                                                                   
> >   \
> >       type entropy[CHACHA_BLOCK_SIZE * 3 / (2 * sizeof(type))];             
> >   \
> >       local_lock_t lock;                                                    
> >   \
> > -     unsigned long generation;                                             
> >   \
> > +     unsigned int generation;                                              
> >   \
> >       unsigned int position;                                                
> >   \
> >  };                                                                         
> >   \
> >                                                                             
> >   \
> > @@ -521,7 +521,7 @@ type get_random_ ##type(void)                           
> >                           \
> >       type ret;                                                             
> >   \
> >       unsigned long flags;                                                  
> >   \
> >       struct batch_ ##type *batch;                                          
> >   \
> > -     unsigned long next_gen;                                               
> >   \
> > +     unsigned int next_gen;                                                
> >   \
> >                                                                             
> >   \
> >       warn_unseeded_randomness();                                           
> >   \
> >                                                                             
> >   \
> > @@ -533,7 +533,7 @@ type get_random_ ##type(void)                           
> >                           \
> >       local_lock_irqsave(&batched_entropy_ ##type.lock, flags);             
> >   \
> >       batch = raw_cpu_ptr(&batched_entropy_##type);                         
> >   \
> >                                                                             
> >   \
> > -     next_gen = READ_ONCE(base_crng.generation);                           
> >   \
> > +     next_gen = (unsigned int)READ_ONCE(base_crng.generation);             
> >   \
>
> Isn't that cast pointless?
>

Depends on your definition of pointless :-)

We're deliberately truncating here, and the cast makes that explicit.

Reply via email to