Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 15 Mar 2011 22:33:06 +0300
From:      Maxim Dounin <mdounin@mdounin.ru>
To:        Jung-uk Kim <jkim@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r219672 - in head: share/man/man9 sys/i386/include
Message-ID:  <20110315193306.GK99496@mdounin.ru>
In-Reply-To: <201103151714.p2FHEQdF049456@svn.freebsd.org>
References:  <201103151714.p2FHEQdF049456@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Hello!

On Tue, Mar 15, 2011 at 05:14:26PM +0000, Jung-uk Kim wrote:

> Author: jkim
> Date: Tue Mar 15 17:14:26 2011
> New Revision: 219672
> URL: http://svn.freebsd.org/changeset/base/219672
> 
> Log:
>   Unconditionally use binuptime(9) for get_cyclecount(9) on i386.  Since this
>   function is almost exclusively used for random harvesting, there is no need
>   for micro-optimization.  Adjust the manual page accordingly.

Note that on early boot only dummy timecounter available, and 
binuptime() has no entropy.

As a result of this change random(9) won't have entropy on early 
boot on i386, and arc4random(9) as well.  While there are no known 
major security problems associated with it - it at least makes 
stack protector easily bypasseable as it now (again after r198295) 
uses well-known stack guard instead of random one.  And there may 
be other issues as well.

Hope you thought well before moving i386 to a set of platforms 
which have no early boot randomness at all.  And you have good 
reason for doing it.

Maxim Dounin

> 
> Modified:
>   head/share/man/man9/get_cyclecount.9
>   head/sys/i386/include/cpu.h
> 
> Modified: head/share/man/man9/get_cyclecount.9
> ==============================================================================
> --- head/share/man/man9/get_cyclecount.9	Tue Mar 15 16:50:17 2011	(r219671)
> +++ head/share/man/man9/get_cyclecount.9	Tue Mar 15 17:14:26 2011	(r219672)
> @@ -24,7 +24,7 @@
>  .\"
>  .\" $FreeBSD$
>  .\"
> -.Dd October 24, 2009
> +.Dd March 15, 2011
>  .Dt GET_CYCLECOUNT 9
>  .Os
>  .Sh NAME
> @@ -65,14 +65,14 @@ do not have such a register,
>  so
>  .Fn get_cyclecount
>  on these platforms
> -returns a (non-monotonic) combination of numbers
> +returns a (monotonic) combination of numbers
>  represented by the
>  structure returned by
>  .Xr binuptime 9 .
>  .Pp
>  The
> -.Tn Pentium
> -processors all use the
> +.Tn AMD64 and Intel 64
> +processors use the
>  .Li TSC
>  register.
>  .Pp
> 
> Modified: head/sys/i386/include/cpu.h
> ==============================================================================
> --- head/sys/i386/include/cpu.h	Tue Mar 15 16:50:17 2011	(r219671)
> +++ head/sys/i386/include/cpu.h	Tue Mar 15 17:14:26 2011	(r219672)
> @@ -70,15 +70,10 @@ void	swi_vm(void *);
>  static __inline uint64_t
>  get_cyclecount(void)
>  {
> -#if defined(I486_CPU) || defined(KLD_MODULE)
>  	struct bintime bt;
>  
> -	if (!tsc_present) {
> -		binuptime(&bt);
> -		return ((uint64_t)bt.sec << 56 | bt.frac >> 8);
> -	}
> -#endif
> -	return (rdtsc());
> +	binuptime(&bt);
> +	return ((uint64_t)bt.sec << 56 | bt.frac >> 8);
>  }
>  
>  #endif
> _______________________________________________
> svn-src-all@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/svn-src-all
> To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110315193306.GK99496>