• G
    random: Fix fast_mix() function · 19acc77a
    George Spelvin 提交于
    There was a bad typo in commit 43759d4f ("random: use an improved
    fast_mix() function") and I didn't notice because it "looked right", so
    I saw what I expected to see when I reviewed it.
    
    Only months later did I look and notice it's not the Threefish-inspired
    mix function that I had designed and optimized.
    
    Mea Culpa.  Each input bit still has a chance to affect each output bit,
    and the fast pool is spilled *long* before it fills, so it's not a total
    disaster, but it's definitely not the intended great improvement.
    
    I'm still working on finding better rotation constants.  These are good
    enough, but since it's unrolled twice, it's possible to get better
    mixing for free by using eight different constants rather than repeating
    the same four.
    Signed-off-by: NGeorge Spelvin <linux@horizon.com>
    Cc: Theodore Ts'o <tytso@mit.edu>
    Cc: stable@vger.kernel.org  # v3.16+
    Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
    19acc77a
random.c 53.2 KB