From owner-svn-src-all@FreeBSD.ORG Sat Oct 24 04:55:15 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 886FF1065676; Sat, 24 Oct 2009 04:55:15 +0000 (UTC) (envelope-from ru@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 7577B8FC15; Sat, 24 Oct 2009 04:55:15 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n9O4tFe2081659; Sat, 24 Oct 2009 04:55:15 GMT (envelope-from ru@svn.freebsd.org) Received: (from ru@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n9O4tFI3081655; Sat, 24 Oct 2009 04:55:15 GMT (envelope-from ru@svn.freebsd.org) Message-Id: <200910240455.n9O4tFI3081655@svn.freebsd.org> From: Ruslan Ermilov Date: Sat, 24 Oct 2009 04:55:15 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r198434 - in stable/8/sys: . amd64/include/xen cddl/contrib/opensolaris contrib/dev/acpica contrib/pf dev/xen/xenpci kern sys X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Oct 2009 04:55:15 -0000 Author: ru Date: Sat Oct 24 04:55:14 2009 New Revision: 198434 URL: http://svn.freebsd.org/changeset/base/198434 Log: MFC r198295: Random number generator initialization cleanup: - Introduce new SI_SUB_RANDOM point in boot sequence to make it clear from where one may start using random(9). It should be as early as possible, so place it just after SI_SUB_CPU where we have some randomness on most platforms via get_cyclecount(). - Move stack protector initialization to be after SI_SUB_RANDOM as before this point we have no randomness at all. This fixes stack protector to actually protect stack with some random guard value instead of a well-known one. Note that this patch doesn't try to address arc4random(9) issues. With current code, it will be implicitly seeded by stack protector and hence will get the same entropy as random(9). It will be securely reseeded once /dev/random is feeded by some entropy from userland. Submitted by: Maxim Dounin Approved by: re (kib) Modified: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/kern/init_main.c stable/8/sys/kern/stack_protector.c stable/8/sys/sys/kernel.h Modified: stable/8/sys/kern/init_main.c ============================================================================== --- stable/8/sys/kern/init_main.c Sat Oct 24 04:11:40 2009 (r198433) +++ stable/8/sys/kern/init_main.c Sat Oct 24 04:55:14 2009 (r198434) @@ -557,6 +557,19 @@ proc0_post(void *dummy __unused) } SYSINIT(p0post, SI_SUB_INTRINSIC_POST, SI_ORDER_FIRST, proc0_post, NULL); +static void +random_init(void *dummy __unused) +{ + + /* + * After CPU has been started we have some randomness on most + * platforms via get_cyclecount(). For platforms that don't + * we will reseed random(9) in proc0_post() as well. + */ + srandom(get_cyclecount()); +} +SYSINIT(random, SI_SUB_RANDOM, SI_ORDER_FIRST, random_init, NULL); + /* *************************************************************************** **** Modified: stable/8/sys/kern/stack_protector.c ============================================================================== --- stable/8/sys/kern/stack_protector.c Sat Oct 24 04:11:40 2009 (r198433) +++ stable/8/sys/kern/stack_protector.c Sat Oct 24 04:55:14 2009 (r198434) @@ -28,5 +28,4 @@ __stack_chk_init(void *dummy __unused) for (i = 0; i < __arraycount(guard); i++) __stack_chk_guard[i] = guard[i]; } -/* SI_SUB_EVENTHANDLER is right after SI_SUB_LOCK used by arc4rand() init. */ -SYSINIT(stack_chk, SI_SUB_EVENTHANDLER, SI_ORDER_ANY, __stack_chk_init, NULL); +SYSINIT(stack_chk, SI_SUB_RANDOM, SI_ORDER_ANY, __stack_chk_init, NULL); Modified: stable/8/sys/sys/kernel.h ============================================================================== --- stable/8/sys/sys/kernel.h Sat Oct 24 04:11:40 2009 (r198433) +++ stable/8/sys/sys/kernel.h Sat Oct 24 04:55:14 2009 (r198434) @@ -109,6 +109,7 @@ enum sysinit_sub_id { SI_SUB_VNET_PRELINK = 0x1E00000, /* vnet init before modules */ SI_SUB_KLD = 0x2000000, /* KLD and module setup */ SI_SUB_CPU = 0x2100000, /* CPU resource(s)*/ + SI_SUB_RANDOM = 0x2120000, /* random number generator */ SI_SUB_KDTRACE = 0x2140000, /* Kernel dtrace hooks */ SI_SUB_MAC = 0x2180000, /* TrustedBSD MAC subsystem */ SI_SUB_MAC_POLICY = 0x21C0000, /* TrustedBSD MAC policies */