CVS commit: src/sys/arch/x86/x86

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/sys/arch/x86/x86
From: "Taylor R Campbell" <riastradh%netbsd.org@localhost>
Date: Fri, 13 May 2022 09:39:40 +0000

Module Name:    src
Committed By:   riastradh
Date:           Fri May 13 09:39:40 UTC 2022

Modified Files:
        src/sys/arch/x86/x86: pmap.c

Log Message:
x86/pmap: Feed entropy_extract output through nist_hash_drbg.

The entropy pool algorithm is NOT designed to provide backtracking
resistance on its own -- it MUST be combined with a PRNG/DRBG that
provides that.

The only reason we use entropy_extract here is that cprng(9) is not
available yet (which in turn is because kmem and other basic kernel
facilities aren't available yet), but nist_hash_drbg doesn't have any
initialization order requirements, so we'll just use it directly.


To generate a diff of this commit:
cvs rdiff -u -r1.414 -r1.415 src/sys/arch/x86/x86/pmap.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/dev/wsfont
Next by Date: CVS commit: src/sys/kern
Previous by Thread: CVS commit: src/sys/dev/wsfont
Next by Thread: CVS commit: src/sys/kern
Indexes:

Home | Main Index | Thread Index | Old Index