Date: Wed, 28 Mar 2018 20:34:15 +0200 From: Oliver Pinter <oliver.pinter@hardenedbsd.org> To: Eitan Adler <eadler@freebsd.org>, cem@freebsd.org Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: Re: svn commit: r330897 - in stable/11: bin/cat bin/chflags bin/chmod bin/cp bin/date bin/dd bin/df bin/domainname bin/echo bin/ed bin/hostname bin/kill bin/ln bin/ls bin/mkdir bin/mv bin/pax bin/ps bi... Message-ID: <CAPQ4ffsV4W2stNKOO3znXeuYbOWd-9KxfiewnA%2B08iLwRrwAWQ@mail.gmail.com> In-Reply-To: <CAPQ4fftrKyRKudLE9MPPo2Tns8rr2gz4jxaq%2BC57=O%2Bqmsf5iw@mail.gmail.com> References: <201803140319.w2E3JuGP036341@repo.freebsd.org> <CAPQ4fft6jREbRrGmh=zo7Oc75QmxSDg8T5%2BtFkv4TmTCnqShgg@mail.gmail.com> <CAPQ4fftrKyRKudLE9MPPo2Tns8rr2gz4jxaq%2BC57=O%2Bqmsf5iw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 3/28/18, Oliver Pinter <oliver.pinter@hardenedbsd.org> wrote: > On 3/28/18, Oliver Pinter <oliver.pinter@hardenedbsd.org> wrote: >> Hi! >> >> This part of the MFC is wrong: >> >> https://svnweb.freebsd.org/base/stable/11/sys/sys/random.h?limit_changes=0&r1=330897&r2=330896&pathrev=330897 >> >> Could you please MFC back the other random related changes too? Some >> of them made by cem@. > > Namely these commits: > > commit b95744ba0ac2f46a95ecbe423a4d8dd7c9513da0 > Author: Oliver Pinter <oliver.pinter@hardenedbsd.org> > Date: Sun Oct 15 17:15:48 2017 +0200 > > opBSD MFC r324394: random(4): Gather entropy from Pure sources > > At initialization, hc_source_mask only includes non-Pure sources. > > The patch changes source registration to enable the registered source in > the > hc_source_mask bitmask. This mask governs which sources are harvested. > > This patch also disallows userspace from disabling such sources. > > PR: 222807 > Submitted by: W. Dean Freeman <badfilemagic AT gmail.com> > Reviewed by: jmg (earlier version), delphij > Approved by: secteam (delphij) > Obtained from: HBSD 0054e3e170e083811acc9f3b637f8be8a86c03e7 > Security: yes > Differential Revision: https://reviews.freebsd.org/D12611 > > (cherry picked from commit 1c36667f647c87c89227b495e8a79ff1d38a2d31) > > Author: cem <cem@FreeBSD.org> > Original-commit-date: Sat Oct 7 19:02:03 2017 +0000 > svn-commit-id: /head/ r324394 > Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org> > > commit 6c94c5ce8a5b3ed5dec3bb0437da293de1da22fc > Author: Oliver Pinter <oliver.pinter@hardenedbsd.org> > Date: Sun Oct 15 17:15:43 2017 +0200 > > opBSD MFC r324393: random(4): Add missing source descriptions > > Add source descriptions missed in r260847, r303035. > > While here, convert the array to C99 initializers. > > Reviewed by: delphij > Approved by: secteam (delphij) > Sponsored by: Dell EMC Isilon > Differential Revision: https://reviews.freebsd.org/D12618 > > (cherry picked from commit 25edb3fc554994c75b6282d88b1dd960fd476737) > > Adopted to 11-STABLE since arm/broadcom/bcm2835/bcm2835_rng.c > does not exists here. > > Author: cem <cem@FreeBSD.org> > Original-commit-date: Sat Oct 7 18:59:29 2017 +0000 > svn-commit-id: /head/ r324393 > Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org> > > commit 28fc9178aca64f2fec46e2753187b35bcab8e962 > Author: Oliver Pinter <oliver.pinter@hardenedbsd.org> > Date: Sun Oct 15 17:15:37 2017 +0200 > > opBSD MFC r324372: random(4): Discard low entropy inputs > > The later fields of the harvest_event structure are predictable and > provide > little value to the entropy pool. Only feed in the relatively high > entropy > counter and explicit entropy buffer to increase measured input entropy. > > See also: > https://people.freebsd.org/~jmg/vbsdcon_2017_ddfreebsdrng_slides.pdf > > PR: 222807 > Submitted by: W. Dean Freeman <badfilemagic AT gmail.com> > Reviewed by: jmg (earlier version), delphij > Approved by: secteam (delphij) > Obtained from: HBSD 8d809124d563937edd84c9c9d5494406e359c55c > Security: no -- low entropy marginal input has no known > negative affect on pool quality > Differential Revision: https://reviews.freebsd.org/D12610 > > (cherry picked from commit 1d234c562d594d49fd330eef90cd1b8f0e73f8fa) > > Author: cem <cem@FreeBSD.org> > Original-commit-date: Fri Oct 6 18:27:55 2017 +0000 > svn-commit-id: /head/ r324372 > Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org> > Or please apply the attached patch. > >> >> On 3/14/18, Eitan Adler <eadler@freebsd.org> wrote: >>> Author: eadler >>> Date: Wed Mar 14 03:19:51 2018 >>> New Revision: 330897 >>> URL: https://svnweb.freebsd.org/changeset/base/330897 >>> > > [... trim ...] > [-- Attachment #2 --] From 38d9b670806c64c31f49f425707d59aad89b6246 Mon Sep 17 00:00:00 2001 From: Oliver Pinter <oliver.pinter@hardenedbsd.org> Date: Wed, 28 Mar 2018 20:26:30 +0200 Subject: [PATCH] opBSD: revert misMFCd parts of sys/sys/random.h Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org> diff --git a/sys/sys/random.h b/sys/sys/random.h index 9e03e5ef6527..26764851d00c 100644 --- a/sys/sys/random.h +++ b/sys/sys/random.h @@ -60,9 +60,9 @@ read_random(void *a __unused, u_int b __unused) #endif /* - * Note: if you add or remove members of random_entropy_source, remember to - * also update the strings in the static array random_source_descr[] in - * random_harvestq.c. + * Note: if you add or remove members of random_entropy_source, remember to also update the + * KASSERT regarding what valid members are in random_harvest_internal(), and remember the + * strings in the static array random_source_descr[] in random_harvestq.c. * * NOTE: complain loudly to markm@ or on the lists if this enum gets more than 32 * distinct values (0-31)! ENTROPYSOURCE may be == 32, but not > 32. @@ -83,8 +83,7 @@ enum random_entropy_source { RANDOM_UMA, /* Special!! UMA/SLAB Allocator */ RANDOM_ENVIRONMENTAL_END = RANDOM_UMA, /* Fast hardware random-number sources from here on. */ - RANDOM_PURE_START, - RANDOM_PURE_OCTEON = RANDOM_PURE_START, + RANDOM_PURE_OCTEON, RANDOM_PURE_SAFE, RANDOM_PURE_GLXSB, RANDOM_PURE_UBSEC, @@ -93,29 +92,19 @@ enum random_entropy_source { RANDOM_PURE_NEHEMIAH, RANDOM_PURE_RNDTEST, RANDOM_PURE_VIRTIO, - RANDOM_PURE_BROADCOM, ENTROPYSOURCE }; #define RANDOM_HARVEST_EVERYTHING_MASK ((1 << (RANDOM_ENVIRONMENTAL_END + 1)) - 1) -#define RANDOM_HARVEST_PURE_MASK (((1 << ENTROPYSOURCE) - 1) & (-1UL << RANDOM_PURE_START)) - -#define RANDOM_LEGACY_BOOT_ENTROPY_MODULE "/boot/entropy" -#define RANDOM_CACHED_BOOT_ENTROPY_MODULE "boot_entropy_cache" -#define RANDOM_CACHED_SKIP_START 256 #if defined(DEV_RANDOM) void random_harvest_queue(const void *, u_int, u_int, enum random_entropy_source); void random_harvest_fast(const void *, u_int, u_int, enum random_entropy_source); void random_harvest_direct(const void *, u_int, u_int, enum random_entropy_source); -void random_harvest_register_source(enum random_entropy_source); -void random_harvest_deregister_source(enum random_entropy_source); #else #define random_harvest_queue(a, b, c, d) do {} while (0) #define random_harvest_fast(a, b, c, d) do {} while (0) #define random_harvest_direct(a, b, c, d) do {} while (0) -#define random_harvest_register_source(a) do {} while (0) -#define random_harvest_deregister_source(a) do {} while (0) #endif #if defined(RANDOM_ENABLE_UMA)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPQ4ffsV4W2stNKOO3znXeuYbOWd-9KxfiewnA%2B08iLwRrwAWQ>