Searched hist:1.196 (Results 1 - 25 of 265) sorted by relevance
| /src/sys/arch/sparc/sparc/ | ||
| H A D | trap.c | 1.196 Fri Dec 30 17:54:43 GMT 2016 christos branches: 1.196.14; 1.196.16; - allocate state if we did not have any in fpregs - make fpstate explicitly start with fpregs for better type checking - use c11 initializers 1.196 Fri Dec 30 17:54:43 GMT 2016 christos branches: 1.196.14; 1.196.16; - allocate state if we did not have any in fpregs - make fpstate explicitly start with fpregs for better type checking - use c11 initializers 1.196 Fri Dec 30 17:54:43 GMT 2016 christos branches: 1.196.14; 1.196.16; - allocate state if we did not have any in fpregs - make fpstate explicitly start with fpregs for better type checking - use c11 initializers 1.196 Fri Dec 30 17:54:43 GMT 2016 christos branches: 1.196.14; 1.196.16; - allocate state if we did not have any in fpregs - make fpstate explicitly start with fpregs for better type checking - use c11 initializers 1.196 Fri Dec 30 17:54:43 GMT 2016 christos branches: 1.196.14; 1.196.16; - allocate state if we did not have any in fpregs - make fpstate explicitly start with fpregs for better type checking - use c11 initializers 1.196 Fri Dec 30 17:54:43 GMT 2016 christos branches: 1.196.14; 1.196.16; - allocate state if we did not have any in fpregs - make fpstate explicitly start with fpregs for better type checking - use c11 initializers |
| H A D | autoconf.c | 1.196 Wed Jun 18 08:58:41 GMT 2003 drochner branches: 1.196.2; don't #include <sys/dkstat.h> where it is (appearently) unused 1.196 Wed Jun 18 08:58:41 GMT 2003 drochner branches: 1.196.2; don't #include <sys/dkstat.h> where it is (appearently) unused |
| /src/sys/arch/pmax/conf/ | ||
| H A D | GENERIC | 1.196 Tue Jan 23 14:47:55 GMT 2018 sevan branches: 1.196.2; 1.196.4; Alternate buffer queue strategies no longer considered experimental, update description. Discussed on tech-kern http://mail-index.netbsd.org/tech-kern/2018/01/21/msg023002.html 1.196 Tue Jan 23 14:47:55 GMT 2018 sevan branches: 1.196.2; 1.196.4; Alternate buffer queue strategies no longer considered experimental, update description. Discussed on tech-kern http://mail-index.netbsd.org/tech-kern/2018/01/21/msg023002.html 1.196 Tue Jan 23 14:47:55 GMT 2018 sevan branches: 1.196.2; 1.196.4; Alternate buffer queue strategies no longer considered experimental, update description. Discussed on tech-kern http://mail-index.netbsd.org/tech-kern/2018/01/21/msg023002.html |
| /src/lib/libc/sys/ | ||
| H A D | Makefile.inc | 1.196 Sun Oct 26 07:43:07 GMT 2008 mrg branches: 1.196.2; 1.196.4; define and use LIBCDIR in terms of .CURDIR. fixes compat/lib/libc build. 1.196 Sun Oct 26 07:43:07 GMT 2008 mrg branches: 1.196.2; 1.196.4; define and use LIBCDIR in terms of .CURDIR. fixes compat/lib/libc build. 1.196 Sun Oct 26 07:43:07 GMT 2008 mrg branches: 1.196.2; 1.196.4; define and use LIBCDIR in terms of .CURDIR. fixes compat/lib/libc build. |
| /src/sys/arch/x68k/x68k/ | ||
| H A D | machdep.c | 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. 1.196 Mon Apr 03 17:37:29 GMT 2017 christos branches: 1.196.4; 1.196.6; PR/52135: David Binderman: Fix loop bounds checking. |
| /src/sys/dev/usb/ | ||
| H A D | ohci.c | 1.196 Wed Aug 13 09:43:56 GMT 2008 drochner branches: 1.196.2; 1.196.4; 1.196.14; free memory on detach, fixes memory leak, from Andreas Jacobs per PR kern/39322 1.196 Wed Aug 13 09:43:56 GMT 2008 drochner branches: 1.196.2; 1.196.4; 1.196.14; free memory on detach, fixes memory leak, from Andreas Jacobs per PR kern/39322 1.196 Wed Aug 13 09:43:56 GMT 2008 drochner branches: 1.196.2; 1.196.4; 1.196.14; free memory on detach, fixes memory leak, from Andreas Jacobs per PR kern/39322 1.196 Wed Aug 13 09:43:56 GMT 2008 drochner branches: 1.196.2; 1.196.4; 1.196.14; free memory on detach, fixes memory leak, from Andreas Jacobs per PR kern/39322 |
| H A D | uhci.c | 1.196 Fri May 12 01:25:00 GMT 2006 mrg branches: 1.196.2; 1.196.4; make [OU]READ[124]() real inline functions instead of macros. 1.196 Fri May 12 01:25:00 GMT 2006 mrg branches: 1.196.2; 1.196.4; make [OU]READ[124]() real inline functions instead of macros. 1.196 Fri May 12 01:25:00 GMT 2006 mrg branches: 1.196.2; 1.196.4; make [OU]READ[124]() real inline functions instead of macros. |
| /src/sys/nfs/ | ||
| H A D | nfs_vfsops.c | 1.196 Wed Feb 13 09:51:37 GMT 2008 yamt branches: 1.196.6; 1.196.8; 1.196.10; reject files larger than nm_maxfilesize. 1.196 Wed Feb 13 09:51:37 GMT 2008 yamt branches: 1.196.6; 1.196.8; 1.196.10; reject files larger than nm_maxfilesize. 1.196 Wed Feb 13 09:51:37 GMT 2008 yamt branches: 1.196.6; 1.196.8; 1.196.10; reject files larger than nm_maxfilesize. 1.196 Wed Feb 13 09:51:37 GMT 2008 yamt branches: 1.196.6; 1.196.8; 1.196.10; reject files larger than nm_maxfilesize. |
| /src/sys/arch/amiga/conf/ | ||
| H A D | DRACO | 1.196 Mon Oct 26 06:22:28 GMT 2020 rin branches: 1.196.2; regen 1.196 Mon Oct 26 06:22:28 GMT 2020 rin branches: 1.196.2; regen |
| /src/sys/netinet/ | ||
| H A D | tcp_subr.c | 1.196 Sun Dec 11 00:24:58 GMT 2005 christos branches: 1.196.4; 1.196.6; 1.196.8; 1.196.10; 1.196.12; merge ktrace-lwp. 1.196 Sun Dec 11 00:24:58 GMT 2005 christos branches: 1.196.4; 1.196.6; 1.196.8; 1.196.10; 1.196.12; merge ktrace-lwp. 1.196 Sun Dec 11 00:24:58 GMT 2005 christos branches: 1.196.4; 1.196.6; 1.196.8; 1.196.10; 1.196.12; merge ktrace-lwp. 1.196 Sun Dec 11 00:24:58 GMT 2005 christos branches: 1.196.4; 1.196.6; 1.196.8; 1.196.10; 1.196.12; merge ktrace-lwp. 1.196 Sun Dec 11 00:24:58 GMT 2005 christos branches: 1.196.4; 1.196.6; 1.196.8; 1.196.10; 1.196.12; merge ktrace-lwp. 1.196 Sun Dec 11 00:24:58 GMT 2005 christos branches: 1.196.4; 1.196.6; 1.196.8; 1.196.10; 1.196.12; merge ktrace-lwp. |
| /src/sys/sys/ | ||
| H A D | systm.h | 1.196 Sun Mar 04 06:03:42 GMT 2007 christos branches: 1.196.2; 1.196.10; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:03:42 GMT 2007 christos branches: 1.196.2; 1.196.10; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:03:42 GMT 2007 christos branches: 1.196.2; 1.196.10; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. |
| H A D | mount.h | 1.196 Sun May 30 02:26:37 GMT 2010 dholland branches: 1.196.2; 1.196.4; Uses timespec and uio_seg from sys/time.h and sys/uio.h; include those explicitly instead of by accident. 1.196 Sun May 30 02:26:37 GMT 2010 dholland branches: 1.196.2; 1.196.4; Uses timespec and uio_seg from sys/time.h and sys/uio.h; include those explicitly instead of by accident. 1.196 Sun May 30 02:26:37 GMT 2010 dholland branches: 1.196.2; 1.196.4; Uses timespec and uio_seg from sys/time.h and sys/uio.h; include those explicitly instead of by accident. |
| /src/sys/kern/ | ||
| H A D | syscalls.master | 1.196 Thu Mar 27 17:13:25 GMT 2008 ad branches: 1.196.2; 1.196.4; Put kqueue/kevent back as MPSAFE. 1.196 Thu Mar 27 17:13:25 GMT 2008 ad branches: 1.196.2; 1.196.4; Put kqueue/kevent back as MPSAFE. 1.196 Thu Mar 27 17:13:25 GMT 2008 ad branches: 1.196.2; 1.196.4; Put kqueue/kevent back as MPSAFE. |
| H A D | subr_prf.c | 1.196 Mon Oct 31 09:14:18 GMT 2022 simonb branches: 1.196.2; Fix (invalid) gcc uninitialised warning with i386 gcc using -Os. 1.196 Mon Oct 31 09:14:18 GMT 2022 simonb branches: 1.196.2; Fix (invalid) gcc uninitialised warning with i386 gcc using -Os. |
| /src/sys/arch/i386/conf/ | ||
| H A D | INSTALL | 1.196 Fri Apr 26 02:05:10 GMT 2002 ad branches: 1.196.2; 1.196.4; Add a driver for Adaptec FSA RAID controllers, as often found in Dell servers. Based on the FreeBSD/OpenBSD versions. 1.196 Fri Apr 26 02:05:10 GMT 2002 ad branches: 1.196.2; 1.196.4; Add a driver for Adaptec FSA RAID controllers, as often found in Dell servers. Based on the FreeBSD/OpenBSD versions. 1.196 Fri Apr 26 02:05:10 GMT 2002 ad branches: 1.196.2; 1.196.4; Add a driver for Adaptec FSA RAID controllers, as often found in Dell servers. Based on the FreeBSD/OpenBSD versions. |
| /src/sys/dev/scsipi/ | ||
| H A D | st.c | 1.196 Sun Mar 04 06:02:44 GMT 2007 christos branches: 1.196.2; 1.196.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:02:44 GMT 2007 christos branches: 1.196.2; 1.196.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:02:44 GMT 2007 christos branches: 1.196.2; 1.196.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:02:44 GMT 2007 christos branches: 1.196.2; 1.196.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:02:44 GMT 2007 christos branches: 1.196.2; 1.196.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 1.196 Sun Mar 04 06:02:44 GMT 2007 christos branches: 1.196.2; 1.196.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. |
| /src/sys/arch/amiga/amiga/ | ||
| H A D | machdep.c | 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. 1.196 Fri Jun 09 21:29:39 GMT 2006 aymeric branches: 1.196.6; 1.196.8; in the softintr-with-si_callbacks framework, don't use add_sicallback() everytime softintr_schedule() is called. They don't have the same semantics when called multiple times before the callback is triggered. Should avoid huge numbers of si_callbacks being created when a machine is overloaded. XXX the fix certainly applies to the atari port, too. |
| /src/sys/arch/vax/conf/ | ||
| H A D | GENERIC | 1.196 Sat Aug 08 06:36:26 GMT 2015 maxv branches: 1.196.2; Remove KMEMSTATS. 1.196 Sat Aug 08 06:36:26 GMT 2015 maxv branches: 1.196.2; Remove KMEMSTATS. 1.196 Sat Aug 08 06:36:26 GMT 2015 maxv branches: 1.196.2; Remove KMEMSTATS. 1.196 Sat Aug 08 06:36:26 GMT 2015 maxv branches: 1.196.2; Remove KMEMSTATS. |
| /src/sys/arch/x68k/conf/ | ||
| H A D | GENERIC | 1.196 Fri Apr 26 22:46:04 GMT 2019 sevan branches: 1.196.4; Use veriexec.config to reduce duplication 1.196 Fri Apr 26 22:46:04 GMT 2019 sevan branches: 1.196.4; Use veriexec.config to reduce duplication |
| /src/sys/arch/sparc/conf/ | ||
| H A D | GENERIC | 1.196 Sat Nov 11 18:47:12 GMT 2006 jmmv branches: 1.196.2; Remove tmpfs's experimental status. OK'ed by core@. 1.196 Sat Nov 11 18:47:12 GMT 2006 jmmv branches: 1.196.2; Remove tmpfs's experimental status. OK'ed by core@. |
| /src/sys/arch/hpcmips/conf/ | ||
| H A D | GENERIC | 1.196 Mon Jun 04 08:55:21 GMT 2007 martin branches: 1.196.10; Add pseudo-device agr to all GENERIC kernels where it might make sense (commented out in some). 1.196 Mon Jun 04 08:55:21 GMT 2007 martin branches: 1.196.10; Add pseudo-device agr to all GENERIC kernels where it might make sense (commented out in some). 1.196 Mon Jun 04 08:55:21 GMT 2007 martin branches: 1.196.10; Add pseudo-device agr to all GENERIC kernels where it might make sense (commented out in some). 1.196 Mon Jun 04 08:55:21 GMT 2007 martin branches: 1.196.10; Add pseudo-device agr to all GENERIC kernels where it might make sense (commented out in some). |
| /src/lib/libc/include/ | ||
| H A D | namespace.h | 1.196 Wed Jan 17 01:24:29 GMT 2018 kamil branches: 1.196.4; Revert to commits as they broke few rump tests "Include namespace.h in a few of libc source files [...] This change finishes elimination of usage of the global name of the following symbols: - close -> _close - execve -> _execve - fcntl -> _fcntl - setcontext -> _setcontext - wait6 -> _wait6 - write -> _write - writev -> _writev" "Register more syscalls in namespace.h (of libc) Add weak symbols for: - fcntl - close - execve - setcontext - wait6 - write - writev" These changes broke: fs/nfs/t_rquotad:get_nfs_be_1_both fs/nfs/t_rquotad:get_nfs_be_1_group fs/nfs/t_rquotad:get_nfs_be_1_user fs/nfs/t_rquotad:get_nfs_le_1_both fs/nfs/t_rquotad:get_nfs_le_1_group fs/nfs/t_rquotad:get_nfs_le_1_user lib/librumphijack/t_config:fdoff lib/librumphijack/t_tcpip:http lib/librumphijack/t_tcpip:nfs lib/librumphijack/t_vfs:cpcopy lib/librumphijack/t_vfs:mv_x lib/librumphijack/t_vfs:paxcopy net/net/t_forwarding:ipforwarding_fastforward_v4 net/net/t_forwarding:ipforwarding_fastforward_v6 net/net/t_forwarding:ipforwarding_fragment_v4 net/net/t_forwarding:ipforwarding_misc net/net/t_mtudisc6:mtudisc6_basic This revert fixes the failures, except lib/librumphijack/t_vfs. The original changes were added in order to facilitate a usage of sanitizers against programs linked with NetBSD's libc. It is no longer needed, so abandon these changes. Sponsored by <The NetBSD Foundation> 1.196 Wed Jan 17 01:24:29 GMT 2018 kamil branches: 1.196.4; Revert to commits as they broke few rump tests "Include namespace.h in a few of libc source files [...] This change finishes elimination of usage of the global name of the following symbols: - close -> _close - execve -> _execve - fcntl -> _fcntl - setcontext -> _setcontext - wait6 -> _wait6 - write -> _write - writev -> _writev" "Register more syscalls in namespace.h (of libc) Add weak symbols for: - fcntl - close - execve - setcontext - wait6 - write - writev" These changes broke: fs/nfs/t_rquotad:get_nfs_be_1_both fs/nfs/t_rquotad:get_nfs_be_1_group fs/nfs/t_rquotad:get_nfs_be_1_user fs/nfs/t_rquotad:get_nfs_le_1_both fs/nfs/t_rquotad:get_nfs_le_1_group fs/nfs/t_rquotad:get_nfs_le_1_user lib/librumphijack/t_config:fdoff lib/librumphijack/t_tcpip:http lib/librumphijack/t_tcpip:nfs lib/librumphijack/t_vfs:cpcopy lib/librumphijack/t_vfs:mv_x lib/librumphijack/t_vfs:paxcopy net/net/t_forwarding:ipforwarding_fastforward_v4 net/net/t_forwarding:ipforwarding_fastforward_v6 net/net/t_forwarding:ipforwarding_fragment_v4 net/net/t_forwarding:ipforwarding_misc net/net/t_mtudisc6:mtudisc6_basic This revert fixes the failures, except lib/librumphijack/t_vfs. The original changes were added in order to facilitate a usage of sanitizers against programs linked with NetBSD's libc. It is no longer needed, so abandon these changes. Sponsored by <The NetBSD Foundation> |
| /src/sys/rump/librump/rumpkern/ | ||
| H A D | emul.c | 1.196 Thu Apr 30 03:28:19 GMT 2020 riastradh branches: 1.196.20; Rewrite entropy subsystem. Primary goals: 1. Use cryptography primitives designed and vetted by cryptographers. 2. Be honest about entropy estimation. 3. Propagate full entropy as soon as possible. 4. Simplify the APIs. 5. Reduce overhead of rnd_add_data and cprng_strong. 6. Reduce side channels of HWRNG data and human input sources. 7. Improve visibility of operation with sysctl and event counters. Caveat: rngtest is no longer used generically for RND_TYPE_RNG rndsources. Hardware RNG devices should have hardware-specific health tests. For example, checking for two repeated 256-bit outputs works to detect AMD's 2019 RDRAND bug. Not all hardware RNGs are necessarily designed to produce exactly uniform output. ENTROPY POOL - A Keccak sponge, with test vectors, replaces the old LFSR/SHA-1 kludge as the cryptographic primitive. - `Entropy depletion' is available for testing purposes with a sysctl knob kern.entropy.depletion; otherwise it is disabled, and once the system reaches full entropy it is assumed to stay there as far as modern cryptography is concerned. - No `entropy estimation' based on sample values. Such `entropy estimation' is a contradiction in terms, dishonest to users, and a potential source of side channels. It is the responsibility of the driver author to study the entropy of the process that generates the samples. - Per-CPU gathering pools avoid contention on a global queue. - Entropy is occasionally consolidated into global pool -- as soon as it's ready, if we've never reached full entropy, and with a rate limit afterward. Operators can force consolidation now by running sysctl -w kern.entropy.consolidate=1. - rndsink(9) API has been replaced by an epoch counter which changes whenever entropy is consolidated into the global pool. . Usage: Cache entropy_epoch() when you seed. If entropy_epoch() has changed when you're about to use whatever you seeded, reseed. . Epoch is never zero, so initialize cache to 0 if you want to reseed on first use. . Epoch is -1 iff we have never reached full entropy -- in other words, the old rnd_initial_entropy is (entropy_epoch() != -1) -- but it is better if you check for changes rather than for -1, so that if the system estimated its own entropy incorrectly, entropy consolidation has the opportunity to prevent future compromise. - Sysctls and event counters provide operator visibility into what's happening: . kern.entropy.needed - bits of entropy short of full entropy . kern.entropy.pending - bits known to be pending in per-CPU pools, can be consolidated with sysctl -w kern.entropy.consolidate=1 . kern.entropy.epoch - number of times consolidation has happened, never 0, and -1 iff we have never reached full entropy CPRNG_STRONG - A cprng_strong instance is now a collection of per-CPU NIST Hash_DRBGs. There are only two in the system: user_cprng for /dev/urandom and sysctl kern.?random, and kern_cprng for kernel users which may need to operate in interrupt context up to IPL_VM. (Calling cprng_strong in interrupt context does not strike me as a particularly good idea, so I added an event counter to see whether anything actually does.) - Event counters provide operator visibility into when reseeding happens. INTEL RDRAND/RDSEED, VIA C3 RNG (CPU_RNG) - Unwired for now; will be rewired in a subsequent commit. 1.196 Thu Apr 30 03:28:19 GMT 2020 riastradh branches: 1.196.20; Rewrite entropy subsystem. Primary goals: 1. Use cryptography primitives designed and vetted by cryptographers. 2. Be honest about entropy estimation. 3. Propagate full entropy as soon as possible. 4. Simplify the APIs. 5. Reduce overhead of rnd_add_data and cprng_strong. 6. Reduce side channels of HWRNG data and human input sources. 7. Improve visibility of operation with sysctl and event counters. Caveat: rngtest is no longer used generically for RND_TYPE_RNG rndsources. Hardware RNG devices should have hardware-specific health tests. For example, checking for two repeated 256-bit outputs works to detect AMD's 2019 RDRAND bug. Not all hardware RNGs are necessarily designed to produce exactly uniform output. ENTROPY POOL - A Keccak sponge, with test vectors, replaces the old LFSR/SHA-1 kludge as the cryptographic primitive. - `Entropy depletion' is available for testing purposes with a sysctl knob kern.entropy.depletion; otherwise it is disabled, and once the system reaches full entropy it is assumed to stay there as far as modern cryptography is concerned. - No `entropy estimation' based on sample values. Such `entropy estimation' is a contradiction in terms, dishonest to users, and a potential source of side channels. It is the responsibility of the driver author to study the entropy of the process that generates the samples. - Per-CPU gathering pools avoid contention on a global queue. - Entropy is occasionally consolidated into global pool -- as soon as it's ready, if we've never reached full entropy, and with a rate limit afterward. Operators can force consolidation now by running sysctl -w kern.entropy.consolidate=1. - rndsink(9) API has been replaced by an epoch counter which changes whenever entropy is consolidated into the global pool. . Usage: Cache entropy_epoch() when you seed. If entropy_epoch() has changed when you're about to use whatever you seeded, reseed. . Epoch is never zero, so initialize cache to 0 if you want to reseed on first use. . Epoch is -1 iff we have never reached full entropy -- in other words, the old rnd_initial_entropy is (entropy_epoch() != -1) -- but it is better if you check for changes rather than for -1, so that if the system estimated its own entropy incorrectly, entropy consolidation has the opportunity to prevent future compromise. - Sysctls and event counters provide operator visibility into what's happening: . kern.entropy.needed - bits of entropy short of full entropy . kern.entropy.pending - bits known to be pending in per-CPU pools, can be consolidated with sysctl -w kern.entropy.consolidate=1 . kern.entropy.epoch - number of times consolidation has happened, never 0, and -1 iff we have never reached full entropy CPRNG_STRONG - A cprng_strong instance is now a collection of per-CPU NIST Hash_DRBGs. There are only two in the system: user_cprng for /dev/urandom and sysctl kern.?random, and kern_cprng for kernel users which may need to operate in interrupt context up to IPL_VM. (Calling cprng_strong in interrupt context does not strike me as a particularly good idea, so I added an event counter to see whether anything actually does.) - Event counters provide operator visibility into when reseeding happens. INTEL RDRAND/RDSEED, VIA C3 RNG (CPU_RNG) - Unwired for now; will be rewired in a subsequent commit. |
| /src/sys/arch/vax/vax/ | ||
| H A D | machdep.c | 1.196 Thu Jun 11 19:20:46 GMT 2020 ad branches: 1.196.20; uvm_availmem(): give it a boolean argument to specify whether a recent cached value will do, or if the very latest total must be fetched. It can be called thousands of times a second and fetching the totals impacts not only the calling LWP but other CPUs doing unrelated activity in the VM system. 1.196 Thu Jun 11 19:20:46 GMT 2020 ad branches: 1.196.20; uvm_availmem(): give it a boolean argument to specify whether a recent cached value will do, or if the very latest total must be fetched. It can be called thousands of times a second and fetching the totals impacts not only the calling LWP but other CPUs doing unrelated activity in the VM system. 1.196 Thu Jun 11 19:20:46 GMT 2020 ad branches: 1.196.20; uvm_availmem(): give it a boolean argument to specify whether a recent cached value will do, or if the very latest total must be fetched. It can be called thousands of times a second and fetching the totals impacts not only the calling LWP but other CPUs doing unrelated activity in the VM system. 1.196 Thu Jun 11 19:20:46 GMT 2020 ad branches: 1.196.20; uvm_availmem(): give it a boolean argument to specify whether a recent cached value will do, or if the very latest total must be fetched. It can be called thousands of times a second and fetching the totals impacts not only the calling LWP but other CPUs doing unrelated activity in the VM system. 1.196 Thu Jun 11 19:20:46 GMT 2020 ad branches: 1.196.20; uvm_availmem(): give it a boolean argument to specify whether a recent cached value will do, or if the very latest total must be fetched. It can be called thousands of times a second and fetching the totals impacts not only the calling LWP but other CPUs doing unrelated activity in the VM system. 1.196 Thu Jun 11 19:20:46 GMT 2020 ad branches: 1.196.20; uvm_availmem(): give it a boolean argument to specify whether a recent cached value will do, or if the very latest total must be fetched. It can be called thousands of times a second and fetching the totals impacts not only the calling LWP but other CPUs doing unrelated activity in the VM system. |
| /src/sys/arch/sparc64/conf/ | ||
| H A D | GENERIC | 1.196 Tue Dec 13 20:42:20 GMT 2016 christos branches: 1.196.2; wildcard speaker attachments, now that we can handle many of them. 1.196 Tue Dec 13 20:42:20 GMT 2016 christos branches: 1.196.2; wildcard speaker attachments, now that we can handle many of them. 1.196 Tue Dec 13 20:42:20 GMT 2016 christos branches: 1.196.2; wildcard speaker attachments, now that we can handle many of them. 1.196 Tue Dec 13 20:42:20 GMT 2016 christos branches: 1.196.2; wildcard speaker attachments, now that we can handle many of them. |
Completed in 1119 milliseconds