From owner-svn-src-head@freebsd.org Sat Apr 11 20:58:46 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6826A27AD03 for ; Sat, 11 Apr 2020 20:58:46 +0000 (UTC) (envelope-from ian@freebsd.org) Received: from outbound2k.ore.mailhop.org (outbound2k.ore.mailhop.org [54.148.219.64]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4906g96kPsz46mF for ; Sat, 11 Apr 2020 20:58:45 +0000 (UTC) (envelope-from ian@freebsd.org) ARC-Seal: i=1; a=rsa-sha256; t=1586638723; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=hBGcKo2DVSInrXyNMKUVpT9l0xEv7p28LTvwulMPfpquF0f6A8/xjG05ucIxrSOnZiW6Wv73Gx1xo LRkl3P/HCSrUhEEQkssN4trH6bVCfqN0fi4JJ/VJXHK4rsO238Dhiq9pOdAv7oCGLXERmBO2wvuHqG fXvVwO1d8m7ZhlsDXiNPBHiRDaJwl3AHtXNYEV3fCPBvzudNUgvBq4z8aCu4dP4mx96k4Cj8Dxitn/ VJV+C2tbX7Iiz15sNOVko/ydGQ5NwQms2wqfRwCoRI1SWH9oWkBzOiCN6zq2gYyXNeizeP/I1ybzFF 96eK03oaALXVEIA5C0b0raovwn0vMzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:cc:to:from:subject:message-id:dkim-signature:from; bh=osfFxKekFYqNYlwZwQtVe4mhRHeLyOdhwc8FBs4Ldo8=; b=sbgYrMiy6++3NSOLE4m4DUV+z9CP76n6sWkatcJaeX2XE6zzfAJYGDe4gJoTdPeyQWl/1x/Gkk4ho 9v4i5zW/XVqjKPFE6QTVqxZwIbPYIllLWcYUGjsmleGZti1ztCS3uT78wtGp7DBxR+D4NmATzCUTuw Sl+t9ji3Y2IAw3nBCTpQHMZT6PUKtS13oinUTicQGSU7jspc5Xqdovv9QSwihSN82z5VuoUdDsidkZ Th6v+5mis5gxnR3KQIMESUFHxg5BeBaGaniyU176W6ni2JqrAO2Aru9FlroH8pDK3zR8eZYdRG9ddN K6EJqaH0JOtRYsj0N8HzyOG3RLn5KDA== ARC-Authentication-Results: i=1; outbound4.ore.mailhop.org; spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60; dmarc=none header.from=freebsd.org; arc=none header.oldest-pass=0; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:cc:to:from:subject:message-id:from; bh=osfFxKekFYqNYlwZwQtVe4mhRHeLyOdhwc8FBs4Ldo8=; b=gYaxv6N0vI4jD1XlLOf0UzeOwJE1d8/oq7oheLwtpnC2uvpEU67uCOm7Z+KtwE1XltBE8PCT+TaSN AhgxkQYuJDjzvXljfG/m8p02uoDn0umYGb0TnOzlN6yv/MAmlNrxrgDMQuUZIosqevgh8U0EkpHA0/ PfdwGSljqjjDPPdO/fmV3JeBSeoXjOabUXaMBIVYXZ0MM+z8JZ2dMmobuBKo2MnzkRpm4LR4IBJEUb 294WjsZ8ia8pv0dXiUKxsBsdtBjQf206RY/jG7Jo7FZ/HrxI12w7LSQWGcAyUjmZ6E6uh4wfzYP2yO OXZft05NrKa9j+NJrmaPmkpweV+UPoQ== X-MHO-RoutePath: aGlwcGll X-MHO-User: 394bb528-7c37-11ea-a065-6d02e42e573a X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Originating-IP: 67.177.211.60 X-Mail-Handler: DuoCircle Outbound SMTP Received: from ilsoft.org (c-67-177-211-60.hsd1.co.comcast.net [67.177.211.60]) by outbound4.ore.mailhop.org (Halon) with ESMTPSA id 394bb528-7c37-11ea-a065-6d02e42e573a; Sat, 11 Apr 2020 20:58:42 +0000 (UTC) Received: from rev (rev [172.22.42.240]) by ilsoft.org (8.15.2/8.15.2) with ESMTP id 03BKwfo3055700; Sat, 11 Apr 2020 14:58:41 -0600 (MDT) (envelope-from ian@freebsd.org) Message-ID: <5667a66b22e18893a4d7de58f0e0fd3084a6e0f7.camel@freebsd.org> Subject: Re: svn commit: r359797 - in head/sys: net netinet netinet6 From: Ian Lepore To: cem@freebsd.org, "Alexander V. Chernikov" Cc: svn-src-all , svn-src-head , src-committers Date: Sat, 11 Apr 2020 14:58:41 -0600 In-Reply-To: References: <202004110737.03B7b8cS067986@repo.freebsd.org> Content-Type: text/plain; charset="windows-1251" X-Mailer: Evolution 3.28.5 FreeBSD GNOME Team Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4906g96kPsz46mF X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-1.94 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-0.97)[-0.971,0]; ASN(0.00)[asn:16509, ipnet:54.148.0.0/15, country:US]; NEURAL_HAM_LONG(-0.97)[-0.968,0] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Apr 2020 20:58:46 -0000 On Sat, 2020-04-11 at 13:02 -0700, Conrad Meyer wrote: > Hi Alexander, > > On Sat, Apr 11, 2020 at 12:37 AM Alexander V. Chernikov > wrote: > > > > Author: melifaro > > Date: Sat Apr 11 07:37:08 2020 > > New Revision: 359797 > > URL: https://svnweb.freebsd.org/changeset/base/359797 > > > > Log: > > Remove per-AF radix_mpath initializtion functions. > > > > Split their functionality by moving random seed allocation > > to SYSINIT and calling (new) generic multipath function from > > standard IPv4/IPv5 RIB init handlers. > > ... > > --- head/sys/net/radix_mpath.c Sat Apr 11 07:31:16 > > 2020 (r359796) > > +++ head/sys/net/radix_mpath.c Sat Apr 11 07:37:08 > > 2020 (r359797) > > @@ -290,38 +290,18 @@ rtalloc_mpath_fib(struct route *ro, uint32_t > > hash, u_i > > ... > > +static void > > +mpath_init(void) > > { > > - struct rib_head *rnh; > > > > hashjitter = arc4random(); > > - if (in6_inithead(head, off, fibnum) == 1) { > > - rnh = (struct rib_head *)*head; > > - rnh->rnh_multipath = 1; > > - return 1; > > - } else > > - return 0; > > } > > +SYSINIT(mpath_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY, mpath_init, > > NULL); > > This is pretty early in boot to be asking for random numbers. We > don't have interrupts yet, for example. If the system doesn't have a > saved /boot/entropy loaded (PPC, or installer, or some other embedded > system perhaps), we will either deadlock boot or get not especially > random numbers here (depending on availability behavior of arc4random > — currently we err on the side of low quality random numbers). > > If this number is predictable to an attacker, is it easier to DoS the > system? Do we need the random number before userspace starts? (I > would imagine networking does not really start chatting with remote > hosts prior to userspace boot, but this is just a guess.) > > Best, > Conrad > I believe the earliest use of networking during boot is for mounting the rootfs using nfs. So SI_SUB_ROOT_CONF-1 might be good. -- Ian