CyberLeo.Net >> Repos - FreeBSD/stable/8.git/commit

MFC r198295:

Random number generator initialization cleanup:

- Introduce new SI_SUB_RANDOM point in boot sequence to make it
clear from where one may start using random(9).  It should be as
early as possible, so place it just after SI_SUB_CPU where we
have some randomness on most platforms via get_cyclecount().

- Move stack protector initialization to be after SI_SUB_RANDOM
as before this point we have no randomness at all.  This fixes
stack protector to actually protect stack with some random guard
value instead of a well-known one.

Note that this patch doesn't try to address arc4random(9) issues.
With current code, it will be implicitly seeded by stack protector
and hence will get the same entropy as random(9).  It will be
securely reseeded once /dev/random is feeded by some entropy from
userland.

Submitted by: Maxim Dounin <mdounin@mdounin.ru>
Approved by: re (kib)

git-svn-id: svn://svn.freebsd.org/base/stable/8@198434 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f

author	ru <ru@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Sat, 24 Oct 2009 04:55:14 +0000 (04:55 +0000)
committer	ru <ru@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Sat, 24 Oct 2009 04:55:14 +0000 (04:55 +0000)
commit	68d58d600dcc2e9b9676da5949b0236501d872d1
tree	0483c4d2594c00ada1aeb80547a753779f4480c9	tree \| snapshot
parent	297124d8e09bc33910e4dcc5b47743a212a4aa14	commit \| diff

sys/kern/init_main.c		diff \| blob \| history
sys/kern/stack_protector.c		diff \| blob \| history
sys/sys/kernel.h		diff \| blob \| history