| History log of /src/sys/kern/kern_ssp.c |
| Revision | | Date | Author | Comments |
| 1.7 |
| 06-Dec-2016 |
christos | void duplicate definition on statically linking libc+ssp and rumpkern+ssp.
|
| 1.6 |
| 19-Nov-2011 |
tls | branches: 1.6.8; 1.6.26; 1.6.30;
First step of random number subsystem rework described in
<20111022023242.BA26F14A158@mail.netbsd.org>. This change includes
the following:
An initial cleanup and minor reorganization of the entropy pool
code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are
fixed. Some effort is made to accumulate entropy more quickly at
boot time.
A generic interface, "rndsink", is added, for stream generators to
request that they be re-keyed with good quality entropy from the pool
as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is
adjusted to use the rndsink interface for rekeying, which helps
address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random
number generator quality is provided (libkern/rngtest.c). This
is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is
based on an implementation of the NIST SP800-90 CTR_DRBG by
Henric Jungheim. This generator users AES in a modified counter
mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers
of randomness. The arc4random/arc4randbytes API is deprecated for
in-kernel use. It is replaced by "cprng_strong". The current
cprng_fast implementation wraps the existing arc4random
implementation. The current cprng_strong implementation wraps the
new CTR_DRBG implementation. Both interfaces are rekeyed from
the entropy pool automatically at intervals justifiable from best
current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as
the old arc4randbytes(), and cprng_strong() is about 20% faster
than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional
kernel component, as it is required by cprng_strong, which is
not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at
startup time; if it fails, the system will reboot. There is
approximately a 3/10000 chance of a false positive from these
tests. Entropy pool _input_ from hardware random numbers is
subjected to the rngtest tests at attach time, as well as the
FIPS continuous-output test, to detect bad or stuck hardware
RNGs; if any are detected, they are detached, but the system
continues to run.
A problem with rndctl(8) is fixed -- datastructures with
pointers in arrays are no longer passed to userspace (this
was not a security problem, but rather a major issue for
compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked
up to the new generators, but the /dev/*random pseudodevices
are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
| 1.5 |
| 01-Feb-2010 |
njoly | branches: 1.5.12;
Switch SSP init output to aprint_debug() instead of aprint_normal()
under DIAGNOSTIC ifdefs.
|
| 1.4 |
| 01-Feb-2010 |
njoly | Aprintify.
|
| 1.3 |
| 26-Dec-2009 |
elad | Put a space after ':'...
|
| 1.2 |
| 26-Feb-2009 |
kenh | branches: 1.2.2; 1.2.4; 1.2.6; 1.2.8;
If sys/param.h is not included, the kernel compile fails on some platforms
with SOFTINT_COUNT undefined (I noticed it on some evbarm kernels)
|
| 1.1 |
| 12-Feb-2009 |
christos | Unbreak ssp kernels. The issue here that when the ssp_init() call was deferred,
it caused the return from the enclosing function to break, as well as the
ssp return on i386. To fix both issues, split configure in two pieces
the one before calling ssp_init and the one after, and move the ssp_init()
call back in main. Put ssp_init() in its own file, and compile this new file
with -fno-stack-protector. Tested on amd64.
XXX: If we want to have ssp kernels working on 5.0, this change needs to
be pulled up.
|
| 1.2.8.2 |
| 13-May-2009 |
jym | Sync with HEAD.
Commit is split, to avoid a "too many arguments" protocol error.
|
| 1.2.8.1 |
| 26-Feb-2009 |
jym | file kern_ssp.c was added on branch jym-xensuspend on 2009-05-13 17:21:56 +0000
|
| 1.2.6.3 |
| 11-Mar-2010 |
yamt | sync with head
|
| 1.2.6.2 |
| 04-May-2009 |
yamt | sync with head.
|
| 1.2.6.1 |
| 26-Feb-2009 |
yamt | file kern_ssp.c was added on branch yamt-nfs-mp on 2009-05-04 08:13:47 +0000
|
| 1.2.4.3 |
| 15-Mar-2009 |
snj | Pull up following revision(s) (requested by christos in ticket #458):
sys/kern/kern_ssp.c: revision 1.2
If sys/param.h is not included, the kernel compile fails on some platforms
with SOFTINT_COUNT undefined (I noticed it on some evbarm kernels)
|
| 1.2.4.2 |
| 15-Mar-2009 |
snj | Pull up following revision(s) (requested by christos in ticket #458):
sys/conf/Makefile.kern.inc: revision 1.121
sys/conf/files: revision 1.940
sys/kern/init_main.c: revision 1.381
sys/kern/kern_ssp.c: revision 1.1
sys/kern/subr_autoconf.c: revision 1.168
sys/sys/device.h: revision 1.116
sys/sys/systm.h: revision 1.233
Unbreak ssp kernels. The issue here that when the ssp_init() call was
deferred, it caused the return from the enclosing function to break, as
well as the ssp return on i386. To fix both issues, split configure in
two pieces the one before calling ssp_init and the one after, and move
the ssp_init() call back in main. Put ssp_init() in its own file, and
compile this new file with -fno-stack-protector. Tested on amd64.
XXX: If we want to have ssp kernels working on 5.0, this change needs to
be pulled up.
|
| 1.2.4.1 |
| 26-Feb-2009 |
snj | file kern_ssp.c was added on branch netbsd-5 on 2009-03-15 19:43:48 +0000
|
| 1.2.2.2 |
| 03-Mar-2009 |
skrll | Sync with HEAD.
|
| 1.2.2.1 |
| 26-Feb-2009 |
skrll | file kern_ssp.c was added on branch nick-hppapmap on 2009-03-03 18:32:56 +0000
|
| 1.5.12.1 |
| 17-Apr-2012 |
yamt | sync with head
|
| 1.6.30.1 |
| 07-Jan-2017 |
pgoyette | Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
|
| 1.6.26.1 |
| 05-Feb-2017 |
skrll | Sync with HEAD
|
| 1.6.8.1 |
| 03-Dec-2017 |
jdolecek | update from HEAD
|
