Hi Ruslan,
On Tue, Apr 16, 2019 at 8:38 AM Ruslan Bukin wrote:
>
> Hi I just got this:
>
> ...
> _sleep() at random_harvest_deregister_source+0x132
> random_harvest_deregister_source() at read_random+0xc4
> read_random() at vn_fsync_buf+0x594
> vn_fsync_buf() at arc4rand+0xd4
> arc4rand() at sche
Hi Warner,
On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>> Isn't a file full of data which is distributed in identical form to
>> everyone the exact opposite of entropy?
Ian has the right idea.
> It's just to bootstrap entropy for insta
On Tue, Apr 16, 2019 at 9:33 AM Warner Losh wrote:
> In that case, we're better off having a MD routine that gets called if
> there's no loader-provided entropy pool.
Yes, this is more or less the same plan I had. There's no need to add
anything MD specific; we already abstract MD random source
Author: cem
Date: Tue Apr 16 17:12:17 2019
New Revision: 346282
URL: https://svnweb.freebsd.org/changeset/base/346282
Log:
random(4): Add is_random_seeded(9) KPI
The imagined use is for early boot consumers of random to be able to make
decisions based on whether random is available yet or
Author: cem
Date: Tue Apr 16 18:47:20 2019
New Revision: 346292
URL: https://svnweb.freebsd.org/changeset/base/346292
Log:
stack_protector: Add tunable to bypass random cookies
This is a stopgap measure to unbreak installer/VM/embedded boot issues
introduced (or at least exposed by) in r3
On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
> There are definitely places arc4random is used where sleeping is not allowed.
Sure.
> ipsec generating nonces for AES-CBC is one example I can think of off the
> top of my head.
IVs for AES-CBC are also a great example of a case we should be
On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
> Yes, but we need some kind of non-blocking API, not an
> unconditionally-blocking API
> that deadlocks.
I'm not sure we do. It would be sufficient to check once at subsystem
initialization time. There's no race condition such that we block
On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> bhyveload is effectively the loader in this case. It runs the normal loader
> scripts and logic and so would load the guests's /boot/entropy and pass it
> to the guest kernel as metadata just like the regular loader.
Right, except it doesn't
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote:
>
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > Perhaps cryptographically random stack-protector cookies are simply
> > inappropriate for MIPS or RISCV. Do we have any other examples of
> > kernel random consumers block
Hi Warner,
On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote:
> I'm going to put a very fine point on this: any hard-requirement of entropy
> sources is a non-starter. If you require that, your commit will be backed out
> and/or hacked around by the addition of a nob in the future. It will hap
Hi John,
On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote:
> You're missing the point which is that you've added potential blocking in a
> lot of
> places by changing the semantics of arc4random.
I get it. The thing is, it's a weird blocking semantic. It's not the
same as any other blocking
:22 AM Adrian Chadd wrote:
>
>
>
> On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote:
>>
>> Author: cem
>> Date: Mon Apr 15 18:40:36 2019
>> New Revision: 346250
>> URL: https://svnweb.freebsd.org/changeset/base/346250
>>
>> Log:
>> rand
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Hi,
For anyone intereste
Author: cem
Date: Thu Apr 18 20:48:54 2019
New Revision: 346358
URL: https://svnweb.freebsd.org/changeset/base/346358
Log:
random(4): Restore availability tradeoff prior to r346250
As discussed in that commit message, it is a dangerous default. But the
safe default causes enough pain on
Author: cem
Date: Fri Apr 19 00:31:04 2019
New Revision: 346361
URL: https://svnweb.freebsd.org/changeset/base/346361
Log:
import zstd 1.4.0
Added:
vendor/zstd/dist/CHANGELOG
vendor/zstd/dist/contrib/docker/
vendor/zstd/dist/contrib/docker/Dockerfile
vendor/zstd/dist/contrib/docker/READ
Author: cem
Date: Fri Apr 19 00:32:13 2019
New Revision: 346362
URL: https://svnweb.freebsd.org/changeset/base/346362
Log:
tag zstd 1.4.0
Added:
vendor/zstd/1.4.0/
- copied from r346360, vendor/zstd/dist/
vendor/zstd/1.4.0/CHANGELOG
- copied unchanged from r346361, vendor/zstd/dis
Author: cem
Date: Fri Apr 19 02:54:13 2019
New Revision: 346364
URL: https://svnweb.freebsd.org/changeset/base/346364
Log:
Update to Zstandard 1.4.0
The full release notes can be found on Github:
https://github.com/facebook/zstd/releases/tag/v1.4.0
Relnotes: yes
Added:
he
Author: cem
Date: Fri Apr 19 17:15:58 2019
New Revision: 346399
URL: https://svnweb.freebsd.org/changeset/base/346399
Log:
random.4: Include description of knobs added in r346358
Reported by: ngie
Sponsored by: Dell EMC Isilon
Modified:
head/share/man/man4/random.4
Modified: head/sha
Author: cem
Date: Fri Apr 19 20:05:47 2019
New Revision: 346410
URL: https://svnweb.freebsd.org/changeset/base/346410
Log:
libkern: Bring in arc4random_uniform(9) from libc
It is a useful arc4random wrapper in the kernel for much the same reasons as
in userspace. Move the source to libke
Author: cem
Date: Fri Apr 19 20:06:22 2019
New Revision: 346411
URL: https://svnweb.freebsd.org/changeset/base/346411
Log:
Bump __FreeBSD_version after r346410
Modified:
head/sys/sys/param.h
Modified: head/sys/sys/param.h
==
Author: cem
Date: Fri Apr 19 20:08:45 2019
New Revision: 346412
URL: https://svnweb.freebsd.org/changeset/base/346412
Log:
kernel build: Disable unhelpful GCC warning (tripped after r346352)
-Wformat-zero-length does not highlight any particularly wrong code and it
is especially meaningle
Author: cem
Date: Fri Apr 19 22:08:17 2019
New Revision: 346420
URL: https://svnweb.freebsd.org/changeset/base/346420
Log:
Revert r346410 and r346411
libkern in .PATH has too many filename conflicts with libc and my -DNO_CLEAN
tinderbox didn't catch that ahead of time. Mea culpa.
Added:
Author: cem
Date: Sat Apr 20 16:07:29 2019
New Revision: 346448
URL: https://svnweb.freebsd.org/changeset/base/346448
Log:
netdump: Fix 11 compatibility DIOCSKERNELDUMP ioctl
The logic was present for the 11 version of the DIOCSKERNELDUMP ioctl, but
had not been updated for the 12 ABI.
On Sat, Apr 20, 2019 at 9:54 AM John Baldwin wrote:
> To be clear, I prefer the _new_ indentation. I kept having to go back and
> manually
> use tabify in emacs to work with the current scripts, so once my pending
> stuff is
> drained I will appreciate having it converted.
>
+1 as someone else w
Author: cem
Date: Mon Apr 22 03:25:49 2019
New Revision: 346516
URL: https://svnweb.freebsd.org/changeset/base/346516
Log:
gnop(8): Nopify configuration as a kernel dump device
As a dummy / no-op dump device, to facilitate dumpon(8) testing.
Reviewed by: markj (earlier version)
Diff
Author: cem
Date: Mon Apr 22 16:26:39 2019
New Revision: 346565
URL: https://svnweb.freebsd.org/changeset/base/346565
Log:
rand.3: Match better recommendation language from random.3
Sponsored by: Dell EMC Isilon
Modified:
head/lib/libc/stdlib/rand.3
Modified: head/lib/libc/stdlib/rand.3
Author: cem
Date: Mon Apr 22 16:29:34 2019
New Revision: 346566
URL: https://svnweb.freebsd.org/changeset/base/346566
Log:
random.3: Remove obsolete BUGS section
Relative performance to rand(3) is sort of irrelevant; they do different
things
and a user with sensitivity to RNG performance
Author: cem
Date: Tue Apr 23 17:05:57 2019
New Revision: 346599
URL: https://svnweb.freebsd.org/changeset/base/346599
Log:
netdump: Fix !COMPAT_FREEBSD11 unused variable warning
Reported by: Ralf Wenk
Sponsored by: Dell EMC Isilon
Modified:
head/sys/netinet/netdump/netdump_client.c
Author: cem
Date: Tue Apr 23 17:18:20 2019
New Revision: 346601
URL: https://svnweb.freebsd.org/changeset/base/346601
Log:
ip6_randomflowlabel: Avoid blocking if random(4) is not available
If kern.random.initial_seeding.bypass_before_seeding is disabled, random(4)
and arc4random(9) will b
Author: cem
Date: Wed Apr 24 18:24:22 2019
New Revision: 346643
URL: https://svnweb.freebsd.org/changeset/base/346643
Log:
x86: Halt non-BSP CPUs on panic IPI_STOP
We may need the BSP to reboot, but we don't need any AP CPU that isn't the
panic thread. Any CPU landing in this routine dur
Thanks, Glen!
On Tue, Apr 30, 2019 at 7:29 AM Glen Barber wrote:
>
> Author: gjb
> Date: Tue Apr 30 14:29:09 2019
> New Revision: 346959
> URL: https://svnweb.freebsd.org/changeset/base/346959
>
> Log:
> Reduce the default image size for virtual machine disk images from
> 30GB to 3GB. The ra
Author: cem
Date: Thu May 2 18:10:23 2019
New Revision: 347029
URL: https://svnweb.freebsd.org/changeset/base/347029
Log:
Add a COMPAT_FREEBSD12 kernel option.
Use it wherever COMPAT_FREEBSD11 is currently specified, like r309749.
Reviewed by: imp, jhb, markj
Sponsored by: Dell EMC
Author: cem
Date: Sat May 4 17:35:13 2019
New Revision: 347129
URL: https://svnweb.freebsd.org/changeset/base/347129
Log:
x86: Define pc_monitorbuf as a logical structure
Rather than just accessing it via pointer cast.
No functional change intended.
Discussed with: kib (ear
Author: cem
Date: Sat May 4 20:34:26 2019
New Revision: 347134
URL: https://svnweb.freebsd.org/changeset/base/347134
Log:
x86: Implement MWAIT support for stopping a CPU
IPI_STOP is used after panic or when ddb is entered manually. MONITOR/
MWAIT allows CPUs that support the feature to
Author: cem
Date: Mon May 6 18:24:07 2019
New Revision: 347192
URL: https://svnweb.freebsd.org/changeset/base/347192
Log:
List-ify kernel dump device configuration
Allow users to specify multiple dump configurations in a prioritized list.
This enables fallback to secondary device(s) if p
On Sat, Jul 30, 2016 at 3:23 PM, Mateusz Guzik wrote:
> Author: mjg
> Date: Sat Jul 30 22:23:31 2016
> New Revision: 303563
> URL: https://svnweb.freebsd.org/changeset/base/303563
>
> Log:
> sx: increment spin_cnt before cpu_spinwait in xlock
Looks like it's after cpu_spinwait instead.
>
> T
Hey Shawn,
I don't think this is security-related despite being a bug in
crypto-adjacent code. At best it's a DoS, I think.
Cheers,
Conrad
On Mon, Aug 1, 2016 at 4:15 PM, Shawn Webb wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
>
>
> On August 1, 2016 6:57:03 PM EDT, "Conrad E.
> On Mon, Aug 01, 2016 at 04:41:02PM -0700, Conrad Meyer wrote:
>> Hey Shawn,
>>
>> I don't think this is security-related despite being a bug in
>> crypto-adjacent code. At best it's a DoS, I think.
>>
>> Cheers,
>> Conrad
>>
>> On
Hey Benjamin,
The submitter notes that this wider change isn't quite right in
https://reviews.freebsd.org/D7428 — LIST_SWAP and TAILQ_SWAP both need
the "entry" parameter.
Best,
Conrad
On Sat, Aug 6, 2016 at 10:27 AM, Benjamin Kaduk wrote:
> Author: bjk (doc committer)
> Date: Sat Aug 6 17:27:
This was detected by Coverity as CID 1361483, for what it's worth.
Best,
Conrad
On Mon, Aug 8, 2016 at 11:11 PM, Andriy Gapon wrote:
> Author: avg
> Date: Tue Aug 9 06:11:24 2016
> New Revision: 303869
> URL: https://svnweb.freebsd.org/changeset/base/303869
>
> Log:
> fix a zfs cross-device r
A manual page for gtaskqueue would be nice, if you have time.
Thanks,
Conrad
On Fri, Aug 12, 2016 at 2:29 PM, Stephen Hurd wrote:
> Author: shurd (ports committer)
> Date: Fri Aug 12 21:29:44 2016
> New Revision: 304021
> URL: https://svnweb.freebsd.org/changeset/base/304021
>
> Log:
> Update
Wait, what? Why not? This option provides useful context for
reviewing changes.
Best,
Conrad
On Sat, Aug 13, 2016 at 9:35 PM, Glen Barber wrote:
> Author: gjb
> Date: Sun Aug 14 04:35:04 2016
> New Revision: 304070
> URL: https://svnweb.freebsd.org/changeset/base/304070
>
> Log:
> Do not inc
On Sat, Aug 13, 2016 at 10:48 PM, Juli Mallett wrote:
> On Sat, Aug 13, 2016 at 9:47 PM, Glen Barber wrote:
>> Quoting the original request to remove this, which I tend to agree:
>>
>> -- begin quoted text ---
>> The svn commit mail script uses som
On Thu, Aug 25, 2016 at 1:20 PM, Kristof Provost wrote:
> On 25 Aug 2016, at 22:14, John Baldwin wrote:
>> I hate even writing this mail, and it looks like the topic wasn't really
>> discussed in the review, but I think libifconfig is probably the "better"
>> name if the goal is to move most of if
Author: cem
Date: Fri Feb 15 22:49:15 2019
New Revision: 344183
URL: https://svnweb.freebsd.org/changeset/base/344183
Log:
FUSE: Respect userspace FS "do-not-cache" of file attributes
The FUSE protocol demands that kernel implementations cache user filesystem
file attributes (vattr data)
Author: cem
Date: Fri Feb 15 22:50:31 2019
New Revision: 344184
URL: https://svnweb.freebsd.org/changeset/base/344184
Log:
FUSE: Respect userspace FS "do-not-cache" of path components
The FUSE protocol demands that kernel implementations cache user filesystem
path components (lookup/cnp d
Author: cem
Date: Fri Feb 15 22:51:09 2019
New Revision: 344185
URL: https://svnweb.freebsd.org/changeset/base/344185
Log:
FUSE: Only "dirty" cached file size when data is dirty
Most users of fuse_vnode_setsize() set the cached fvdat->filesize and update
the buf cache bounds as a result o
Author: cem
Date: Fri Feb 15 22:52:49 2019
New Revision: 344186
URL: https://svnweb.freebsd.org/changeset/base/344186
Log:
FUSE: The FUSE design expects writethrough caching
At least prior to 7.23 (which adds FUSE_WRITEBACK_CACHE), the FUSE protocol
specifies only clean data to be cached.
Author: cem
Date: Fri Feb 15 22:55:13 2019
New Revision: 344187
URL: https://svnweb.freebsd.org/changeset/base/344187
Log:
FUSE: Refresh cached file size when it changes (lookup)
The cached fvdat->filesize is indepedent of the (mostly unused)
cached_attrs, and we failed to update it when
This one seems to have inadvertently removed a trailing parenthesis,
introducing a syntax error:
On Fri, Feb 15, 2019 at 2:49 PM Ed Maste wrote:
> New Revision: 344182
> ...
> ==
> --- head/share/mk/bsd.prog.mk Fri Feb
Author: cem
Date: Fri Feb 15 23:41:54 2019
New Revision: 344189
URL: https://svnweb.freebsd.org/changeset/base/344189
Log:
Fixup bsd.prog.mk after r344182
Reported by: tinderbox
Sponsored by: Dell EMC Isilon
Modified:
head/share/mk/bsd.prog.mk
Modified: head/share/mk/bsd.prog.mk
Author: cem
Date: Wed Feb 20 02:48:59 2019
New Revision: 344333
URL: https://svnweb.freebsd.org/changeset/base/344333
Log:
fuse: add descriptions for remaining sysctls
(Except reclaim revoked; I don't know what that goal of that one is.)
Modified:
head/sys/fs/fuse/fuse_file.c
head/sys/
Author: cem
Date: Wed Feb 20 02:49:26 2019
New Revision: 344334
URL: https://svnweb.freebsd.org/changeset/base/344334
Log:
Fuse: whitespace and style(9) cleanup
Take a pass through fixing some of the most egregious whitespace issues in
fs/fuse. Also fix some style(9) warts while here. N
Hi Konstantin,
What is the (K)API for this (do you have any intended consumers in
mind)? Will it be documented in a manual page at some point? Does it
make sense to expose to userspace via mmap(2) or similar?
Thanks,
Conrad
On Wed, Feb 20, 2019 at 1:51 AM Konstantin Belousov wrote:
>
> Author
Nevermind, sorry about that. I see the subsequent commits now.
On Wed, Feb 20, 2019 at 2:33 PM Conrad Meyer wrote:
>
> Hi Konstantin,
>
> What is the (K)API for this (do you have any intended consumers in
> mind)? Will it be documented in a manual page at some point? Does it
Author: cem
Date: Thu Feb 21 02:41:57 2019
New Revision: 344407
URL: https://svnweb.freebsd.org/changeset/base/344407
Log:
fuse: Fix a regression introduced in r337165
On systems with non-default DFLTPHYS and/or MAXBSIZE, FUSE would attempt to
use a buf cache block size in excess of permi
Thanks Mark!
Prior to this change, if you used userspace dtrace enough, eventually
you would get a spurious SIGTRAP on a process, which has the default
behavior of dumping core. Perhaps understandably, people balk at
random core files lying around. Or at dtrace killing their programs.
This patch
On Mon, Feb 25, 2019 at 10:41 AM Dag-Erling Smørgrav wrote:
>
> Author: des
> Date: Mon Feb 25 18:41:16 2019
> New Revision: 344533
> URL: https://svnweb.freebsd.org/changeset/base/344533
>
> Log:
> Upgrade to OpenPAM Tabebuia.
PR: 235903
___
svn-src-
Author: cem
Date: Fri Mar 1 01:57:22 2019
New Revision: 344678
URL: https://svnweb.freebsd.org/changeset/base/344678
Log:
cxgb(4): Netdump: only reference allocated qsets
SGE_QSETS is an upper bound -- fewer qsets may be allocated depending on
the number of CPUs.
Reviewed by: markj
Author: cem
Date: Fri Mar 1 19:21:45 2019
New Revision: 344710
URL: https://svnweb.freebsd.org/changeset/base/344710
Log:
Fortuna: push CTR-mode loop down into randomdev hash.h interface
As a step towards adding other potential streaming ciphers. As well as just
pushing the loop down in
Author: cem
Date: Fri Mar 1 22:51:45 2019
New Revision: 344713
URL: https://svnweb.freebsd.org/changeset/base/344713
Log:
fortuna: Deduplicate kernel vs user includes
No functional change.
Reviewed by: markj, markm
Approved by: secteam (delphij), core (brooks)
Sponsored by: Dell
Author: cem
Date: Fri Mar 1 23:30:23 2019
New Revision: 344714
URL: https://svnweb.freebsd.org/changeset/base/344714
Log:
Embedded chacha: Add 0-bit iv + 128-bit counter mode
This mode might be suitable for a Fortuna keystream primitive.
Reviewed by: markm
Sponsored by: Dell EMC Is
Hi Alan,
On Tue, Mar 5, 2019 at 8:28 AM Alan Somers wrote:
> It's not a problem with the version; they're built from the same
> source. But is there a problem with the compiler? Can a GCC-built
> kernel work with Clang-built world?
Sure; I use this configuration all the time (at least, without
Author: cem
Date: Wed Mar 6 22:56:49 2019
New Revision: 344857
URL: https://svnweb.freebsd.org/changeset/base/344857
Log:
FUSE: Prevent trivial panic
When open(2) was invoked against a FUSE filesystem with an unexpected flags
value (no O_RDONLY / O_RDWR / O_WRONLY), an assertion fired, c
Author: cem
Date: Thu Mar 7 00:55:49 2019
New Revision: 344865
URL: https://svnweb.freebsd.org/changeset/base/344865
Log:
fuse: switch from DFLTPHYS/MAXBSIZE to maxcachebuf
On GENERIC kernels with empty loader.conf, there is no functional change.
DFLTPHYS and MAXBSIZE are both 64kB at th
4 2019
(r344890)
+++ head/usr.bin/seq/tests/seq_test.sh Thu Mar 7 18:24:16 2019
(r344891)
@@ -1,4 +1,4 @@
-# Copyright (c) 2018 Conrad Meyer
+# Copyright (c) 2019 Conrad Meyer
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or
Hi Konstantin,
On Thu, Mar 7, 2019 at 3:00 AM Konstantin Belousov wrote:
>
> On Wed, Mar 06, 2019 at 10:56:49PM +, Conrad Meyer wrote:
> > FUSE: Prevent trivial panic
> >
> > When open(2) was invoked against a FUSE filesystem with an unexpected
> >
Author: cem
Date: Fri Mar 8 01:17:20 2019
New Revision: 344913
URL: https://svnweb.freebsd.org/changeset/base/344913
Log:
Fortuna: Add Chacha20 as an alternative stream cipher
Chacha20 with a 256 bit key and 128 bit counter size is a good match for an
AES256-ICM replacement.
In user
On Tue, Mar 12, 2019 at 3:18 AM Harry Schmalzbauer wrote:
>
> Am 12.03.2019 um 10:27 schrieb Mateusz Piotrowski:
> > URL: https://svnweb.freebsd.org/changeset/base/345057
> >
> > Log:
> >ports.7: Add an example of how to use flavors
> ...
Thank you, Mateusz.
Hi Harry,
> Since cem and dim se
Hi,
A lot of the information about PCIe devices is read by PCI probe and
cached on the (BSD) device. You could access it out of
device_get_ivars(bsddev)->cfg.pcie and avoid the MMIO latency.
On Wed, Mar 13, 2019 at 12:15 PM Hans Petter Selasky
wrote:
> +static inline enum pci_bus_speed
> +pcie_
Author: cem
Date: Thu Mar 14 21:08:48 2019
New Revision: 345158
URL: https://svnweb.freebsd.org/changeset/base/345158
Log:
bhyve(8): Fix uart emulation bug
THRE is always asserted in LSR reads, so REG_IER writes that raise
IER_ETXRDY must also set thre_int_pending.
Reported by: Illu
On Thu, Mar 14, 2019 at 8:06 PM Andrew Thompson wrote:
>
> On Fri, 15 Mar 2019 at 15:11, Chuck Tuffli wrote:
>> bzero(&pciecap, sizeof(pciecap));
...
>> + pciecap.dev_capabilities = PCIEM_CAP_ROLE_ERR_RPT;
>
> If the message you say 'set the bit' but you are overwriting the
Author: cem
Date: Fri Mar 15 22:39:55 2019
New Revision: 345206
URL: https://svnweb.freebsd.org/changeset/base/345206
Log:
stack(9): Drop unused API mode and comment that referenced it
Reviewed by: markj
Differential Revision:https://reviews.freebsd.org/D19601
Modified:
head/s
Author: cem
Date: Thu Mar 21 14:45:08 2019
New Revision: 345380
URL: https://svnweb.freebsd.org/changeset/base/345380
Log:
arc4random: Adjust example code to use uniform() API
PR: 236678
Reported by: Andras Farkas
Modified:
head/lib/libc/gen/arc4random.3
Modified: head/lib
Author: cem
Date: Tue Mar 26 22:45:41 2019
New Revision: 345562
URL: https://svnweb.freebsd.org/changeset/base/345562
Log:
x86: Use XSAVEOPT for fpusave(), when available
Remove redundant npxsave_core definition while here.
Suggested by: Anton Rang
Reviewed by: kib, Anton Rang
Sp
On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> E.g., the CI infrastructure for
> Riscv/Arm is/was generating minimal filesystem images and not
> populating /boot/entropy.
I should add, I say "is/was" because I have a PR out which may address
the problem: https://github.
On Tue, Apr 16, 2019 at 9:33 AM Warner Losh wrote:
> In that case, we're better off having a MD routine that gets called if
> there's no loader-provided entropy pool.
Yes, this is more or less the same plan I had. There's no need to add
anything MD specific; we already abstract MD random source
Author: cem
Date: Tue Apr 16 18:47:20 2019
New Revision: 346292
URL: https://svnweb.freebsd.org/changeset/base/346292
Log:
stack_protector: Add tunable to bypass random cookies
This is a stopgap measure to unbreak installer/VM/embedded boot issues
introduced (or at least exposed by) in r3
Hi John,
On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote:
> You're missing the point which is that you've added potential blocking in a
> lot of
> places by changing the semantics of arc4random.
I get it. The thing is, it's a weird blocking semantic. It's not the
same as any other blocking
On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> bhyveload is effectively the loader in this case. It runs the normal loader
> scripts and logic and so would load the guests's /boot/entropy and pass it
> to the guest kernel as metadata just like the regular loader.
Right, except it doesn't
Author: cem
Date: Fri Apr 19 00:31:04 2019
New Revision: 346361
URL: https://svnweb.freebsd.org/changeset/base/346361
Log:
import zstd 1.4.0
Added:
vendor/zstd/dist/CHANGELOG
vendor/zstd/dist/contrib/docker/
vendor/zstd/dist/contrib/docker/Dockerfile
vendor/zstd/dist/contrib/docker/READ
Hi Marcin,
Isn't this check racy? Thread TIDs are allocated from a fixed range
and can be recycled.
Best,
Conrad
On Mon, Apr 15, 2019 at 7:28 PM Marcin Wojtas wrote:
>
> Author: mw
> Date: Tue Apr 16 02:28:35 2019
> New Revision: 346259
> URL: https://svnweb.freebsd.org/changeset/base/346259
>
Author: cem
Date: Fri Apr 19 00:32:13 2019
New Revision: 346362
URL: https://svnweb.freebsd.org/changeset/base/346362
Log:
tag zstd 1.4.0
Added:
vendor/zstd/1.4.0/
- copied from r346360, vendor/zstd/dist/
vendor/zstd/1.4.0/CHANGELOG
- copied unchanged from r346361, vendor/zstd/dis
On Tue, Apr 16, 2019 at 6:19 AM Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
>> It's not only CI, all release images (memstick, iso) don't have
>> a /boot/entropy.
>> Also all arm/arm64 image don't have this file too.
>> If /boot/entropy is needed and isn't present
:22 AM Adrian Chadd wrote:
>
>
>
> On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote:
>>
>> Author: cem
>> Date: Mon Apr 15 18:40:36 2019
>> New Revision: 346250
>> URL: https://svnweb.freebsd.org/changeset/base/346250
>>
>> Log:
>> rand
On Tue, Apr 16, 2019 at 6:20 AM Shawn Webb wrote:
> Is there any documentation anywhere telling users that Capsicum
> support will be disabled under certain circumstances?
Hi Shawn,
I don't think documenting that makes much sense in general. It would
be extremely burdensome to fully document an
Author: cem
Date: Mon Apr 22 16:26:39 2019
New Revision: 346565
URL: https://svnweb.freebsd.org/changeset/base/346565
Log:
rand.3: Match better recommendation language from random.3
Sponsored by: Dell EMC Isilon
Modified:
head/lib/libc/stdlib/rand.3
Modified: head/lib/libc/stdlib/rand.3
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Hi,
For anyone intereste
Author: cem
Date: Fri Apr 19 17:15:58 2019
New Revision: 346399
URL: https://svnweb.freebsd.org/changeset/base/346399
Log:
random.4: Include description of knobs added in r346358
Reported by: ngie
Sponsored by: Dell EMC Isilon
Modified:
head/share/man/man4/random.4
Modified: head/sha
Author: cem
Date: Fri Apr 19 20:06:22 2019
New Revision: 346411
URL: https://svnweb.freebsd.org/changeset/base/346411
Log:
Bump __FreeBSD_version after r346410
Modified:
head/sys/sys/param.h
Modified: head/sys/sys/param.h
==
Author: cem
Date: Fri Apr 19 02:54:13 2019
New Revision: 346364
URL: https://svnweb.freebsd.org/changeset/base/346364
Log:
Update to Zstandard 1.4.0
The full release notes can be found on Github:
https://github.com/facebook/zstd/releases/tag/v1.4.0
Relnotes: yes
Added:
he
Author: cem
Date: Fri Apr 19 20:05:47 2019
New Revision: 346410
URL: https://svnweb.freebsd.org/changeset/base/346410
Log:
libkern: Bring in arc4random_uniform(9) from libc
It is a useful arc4random wrapper in the kernel for much the same reasons as
in userspace. Move the source to libke
Author: cem
Date: Mon Apr 22 16:29:34 2019
New Revision: 346566
URL: https://svnweb.freebsd.org/changeset/base/346566
Log:
random.3: Remove obsolete BUGS section
Relative performance to rand(3) is sort of irrelevant; they do different
things
and a user with sensitivity to RNG performance
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote:
>
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > Perhaps cryptographically random stack-protector cookies are simply
> > inappropriate for MIPS or RISCV. Do we have any other examples of
> > kernel random consumers block
Author: cem
Date: Tue Apr 23 17:18:20 2019
New Revision: 346601
URL: https://svnweb.freebsd.org/changeset/base/346601
Log:
ip6_randomflowlabel: Avoid blocking if random(4) is not available
If kern.random.initial_seeding.bypass_before_seeding is disabled, random(4)
and arc4random(9) will b
Hi Warner,
On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote:
> I'm going to put a very fine point on this: any hard-requirement of entropy
> sources is a non-starter. If you require that, your commit will be backed out
> and/or hacked around by the addition of a nob in the future. It will hap
Author: cem
Date: Mon Apr 22 03:25:49 2019
New Revision: 346516
URL: https://svnweb.freebsd.org/changeset/base/346516
Log:
gnop(8): Nopify configuration as a kernel dump device
As a dummy / no-op dump device, to facilitate dumpon(8) testing.
Reviewed by: markj (earlier version)
Diff
Author: cem
Date: Thu Apr 18 20:48:54 2019
New Revision: 346358
URL: https://svnweb.freebsd.org/changeset/base/346358
Log:
random(4): Restore availability tradeoff prior to r346250
As discussed in that commit message, it is a dangerous default. But the
safe default causes enough pain on
Author: cem
Date: Fri Apr 19 20:08:45 2019
New Revision: 346412
URL: https://svnweb.freebsd.org/changeset/base/346412
Log:
kernel build: Disable unhelpful GCC warning (tripped after r346352)
-Wformat-zero-length does not highlight any particularly wrong code and it
is especially meaningle
Author: cem
Date: Wed Apr 24 18:24:22 2019
New Revision: 346643
URL: https://svnweb.freebsd.org/changeset/base/346643
Log:
x86: Halt non-BSP CPUs on panic IPI_STOP
We may need the BSP to reboot, but we don't need any AP CPU that isn't the
panic thread. Any CPU landing in this routine dur
201 - 300 of 1507 matches
Mail list logo