diff options
author | markm <markm@FreeBSD.org> | 2013-10-04 06:55:06 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 2013-10-04 06:55:06 +0000 |
commit | b28953010e0b4d9208d7f9dcc8933e6d56f16ce3 (patch) | |
tree | c4e072a0e767bef2275921e88362a12f29adf3c2 /sys/netgraph | |
parent | 4655fd3ead80b03639e139ad19759e0307eb10df (diff) | |
download | FreeBSD-src-b28953010e0b4d9208d7f9dcc8933e6d56f16ce3.zip FreeBSD-src-b28953010e0b4d9208d7f9dcc8933e6d56f16ce3.tar.gz |
Snapshot. This passes the build test, but has not yet been finished or debugged.
Contains:
* Refactor the hardware RNG CPU instruction sources to feed into
the software mixer. This is unfinished. The actual harvesting needs
to be sorted out. Modified by me (see below).
* Remove 'frac' parameter from random_harvest(). This was never
used and adds extra code for no good reason.
* Remove device write entropy harvesting. This provided a weak
attack vector, was not very good at bootstrapping the device. To
follow will be a replacement explicit reseed knob.
* Separate out all the RANDOM_PURE sources into separate harvest
entities. This adds some secuity in the case where more than one
is present.
* Review all the code and fix anything obviously messy or inconsistent.
Address som review concerns while I'm here, like rename the pseudo-rng
to 'dummy'.
Submitted by: Arthur Mesh <arthurmesh@gmail.com> (the first item)
Diffstat (limited to 'sys/netgraph')
-rw-r--r-- | sys/netgraph/ng_iface.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/netgraph/ng_iface.c b/sys/netgraph/ng_iface.c index 72fc162..12ee3a5 100644 --- a/sys/netgraph/ng_iface.c +++ b/sys/netgraph/ng_iface.c @@ -775,7 +775,7 @@ ng_iface_rcvdata(hook_p hook, item_p item) return (EAFNOSUPPORT); } if (harvest.point_to_point) - random_harvest(&(m->m_data), 12, 3, 0, RANDOM_NET_NG); + random_harvest(&(m->m_data), 12, 3, RANDOM_NET_NG); M_SETFIB(m, ifp->if_fib); netisr_dispatch(isr, m); return (0); |