Hi,
Some functions in rnd have a timespec; make sure to zero it
as already done with other buffers. Also do buf in
dequeue_randomness().
- Michael
Index: src/sys/dev/rnd.c
===================================================================
RCS file: /cvs/src/sys/dev/rnd.c,v
retrieving revision 1.191
diff -u -p -u -r1.191 rnd.c
--- src/sys/dev/rnd.c 8 Dec 2016 05:32:49 -0000 1.191
+++ src/sys/dev/rnd.c 13 Dec 2016 04:49:24 -0000
@@ -312,6 +312,7 @@ enqueue_randomness(u_int state, u_int va
timeout_add(&rnd_timeout, 1);
mtx_leave(&entropylock);
+ explicit_bzero(&ts, sizeof(ts));
}
/*
@@ -388,6 +389,7 @@ dequeue_randomness(void *v)
mtx_enter(&entropylock);
}
mtx_leave(&entropylock);
+ explicit_bzero(buf, sizeof(buf));
}
/*
@@ -458,6 +460,7 @@ suspend_randomness(void)
dequeue_randomness(NULL);
rs_count = 0;
arc4random_buf(entropy_pool, sizeof(entropy_pool));
+ explicit_bzero(&ts, sizeof(ts));
}
void
@@ -473,6 +476,7 @@ resume_randomness(char *buf, size_t bufl
dequeue_randomness(NULL);
rs_count = 0;
+ explicit_bzero(&ts, sizeof(ts));
}
static inline void _rs_rekey(u_char *dat, size_t datlen);
@@ -523,6 +527,7 @@ _rs_stir(int do_lock)
mtx_leave(&rndlock);
explicit_bzero(buf, sizeof(buf));
+ explicit_bzero(&ts, sizeof(ts));
}
static inline void
