Date: Tue, 20 Oct 2009 16:36:51 +0000 (UTC) From: Ruslan Ermilov <ru@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/sys/kern init_main.c stack_protector.c src/sys/sys kernel.h Message-ID: <200910201638.n9KGcCcq072308@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
ru 2009-10-20 16:36:51 UTC
FreeBSD src repository
Modified files:
sys/kern init_main.c stack_protector.c
sys/sys kernel.h
Log:
SVN rev 198295 on 2009-10-20 16:36:51Z by ru
Random number generator initialization cleanup:
- Introduce new SI_SUB_RANDOM point in boot sequence to make it
clear from where one may start using random(9). It should be as
early as possible, so place it just after SI_SUB_CPU where we
have some randomness on most platforms via get_cyclecount().
- Move stack protector initialization to be after SI_SUB_RANDOM
as before this point we have no randomness at all. This fixes
stack protector to actually protect stack with some random guard
value instead of a well-known one.
Note that this patch doesn't try to address arc4random(9) issues.
With current code, it will be implicitly seeded by stack protector
and hence will get the same entropy as random(9). It will be
securely reseeded once /dev/random is feeded by some entropy from
userland.
Submitted by: Maxim Dounin <mdounin@mdounin.ru>
MFC after: 3 days
Revision Changes Path
1.307 +13 -0 src/sys/kern/init_main.c
1.3 +1 -2 src/sys/kern/stack_protector.c
1.151 +1 -0 src/sys/sys/kernel.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910201638.n9KGcCcq072308>