From owner-svn-src-all@FreeBSD.ORG Tue Mar 15 20:31:49 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from [127.0.0.1] (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by hub.freebsd.org (Postfix) with ESMTP id 8C4E9106564A; Tue, 15 Mar 2011 20:31:46 +0000 (UTC) (envelope-from jkim@FreeBSD.org) From: Jung-uk Kim To: Maxim Dounin Date: Tue, 15 Mar 2011 16:31:31 -0400 User-Agent: KMail/1.6.2 References: <201103151714.p2FHEQdF049456@svn.freebsd.org> <20110315193306.GK99496@mdounin.ru> <201103151555.45816.jkim@FreeBSD.org> In-Reply-To: <201103151555.45816.jkim@FreeBSD.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201103151631.34418.jkim@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r219672 - in head: share/man/man9 sys/i386/include X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Mar 2011 20:31:49 -0000 On Tuesday 15 March 2011 03:55 pm, Jung-uk Kim wrote: > On Tuesday 15 March 2011 03:33 pm, Maxim Dounin wrote: > > Hello! > > > > On Tue, Mar 15, 2011 at 05:14:26PM +0000, Jung-uk Kim wrote: > > > Author: jkim > > > Date: Tue Mar 15 17:14:26 2011 > > > New Revision: 219672 > > > URL: http://svn.freebsd.org/changeset/base/219672 > > > > > > Log: > > > Unconditionally use binuptime(9) for get_cyclecount(9) on > > > i386. Since this function is almost exclusively used for random > > > harvesting, there is no need for micro-optimization. Adjust > > > the manual page accordingly. > > > > Note that on early boot only dummy timecounter available, and > > binuptime() has no entropy. > > > > As a result of this change random(9) won't have entropy on early > > boot on i386, and arc4random(9) as well. While there are no > > known major security problems associated with it - it at least > > makes stack protector easily bypasseable as it now (again after > > r198295) uses well-known stack guard instead of random one. And > > there may be other issues as well. > > > > Hope you thought well before moving i386 to a set of platforms > > which have no early boot randomness at all. And you have good > > reason for doing it. > > Hmm... Is bintime(9) good enough for you then? I guess it won't work cause boottimebin is set pretty late. Arg... If I can't come up with something sensible, I'll revert this commit. Jung-uk Kim