Make it more explicit, that the PRNG must not
be used for cryptographic purposes.
Future code may also check such things in checkpatch.pl,
but it is probably hard to differentiate valid testing
code only by looking at paths. Therefore this is left
out here by intention.
Signed-off-by: Markus Theil <theil.markus@xxxxxxxxx>
---
include/linux/prandom.h | 2 ++
lib/random32.c | 6 ++++++
2 files changed, 8 insertions(+)
diff --git a/include/linux/prandom.h b/include/linux/prandom.h
index ff7dcc3fa105..63d1fe4b30c8 100644
--- a/include/linux/prandom.h
+++ b/include/linux/prandom.h
@@ -17,7 +17,9 @@ struct rnd_state {
__u32 s1, s2, s3, s4;
};
+/* WARNING: this API MUST NOT be used for cryptographic purposes! */
u32 prandom_u32_state(struct rnd_state *state);
+/* WARNING: this API MUST NOT be used for cryptographic purposes! */
void prandom_bytes_state(struct rnd_state *state, void *buf, size_t nbytes);
void prandom_seed_full_state(struct rnd_state __percpu *pcpu_state);
diff --git a/lib/random32.c b/lib/random32.c
index 24e7acd9343f..c808745a4b53 100644
--- a/lib/random32.c
+++ b/lib/random32.c
@@ -1,5 +1,7 @@
// SPDX-License-Identifier: GPL-2.0
/*
+ * WARNING: this API MUST NOT be used for cryptographic purposes!
+ *
* This is a maximally equidistributed combined Tausworthe generator
* based on code from GNU Scientific Library 1.5 (30 Jun 2004)
*
@@ -48,6 +50,8 @@
*
* This is used for pseudo-randomness with no outside seeding.
* For more random results, use get_random_u32().
+ *
+ * WARNING: this API MUST NOT be used for cryptographic purposes!
*/
u32 prandom_u32_state(struct rnd_state *state)
{
@@ -70,6 +74,8 @@ EXPORT_SYMBOL(prandom_u32_state);
*
* This is used for pseudo-randomness with no outside seeding.
* For more random results, use get_random_bytes().
+ *
+ * WARNING: this API MUST NOT be used for cryptographic purposes!
*/
void prandom_bytes_state(struct rnd_state *state, void *buf, size_t bytes)
{
--
2.47.2
