FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=release%2F8.1.0 2007-11-29T16:06:12Z 2007-11-29T16:06:12Z Simon L. B. Nielsen simon@FreeBSD.org 2007-11-29T16:06:12Z urn:sha1:9790a3cbd4acf18a684305d39c51b4736287160a Security: FreeBSD-SA-07:09.random 2007-05-27T18:54:58Z Robert Watson rwatson@FreeBSD.org 2007-05-27T18:54:58Z urn:sha1:d53c5a8872daa8008b32ccfd109f7412068b7746 on the return values of various run-time sysctl additions, just ignore the return value. Found with: Coverity Prevent(tm) CID: 562 2005-12-20T21:41:52Z Paul Saab ps@FreeBSD.org 2005-12-20T21:41:52Z urn:sha1:efbbe8fa7938f8ac071095b5b46f621885b447e4 Submitted by: ups 2005-03-11T15:42:51Z Hajimu UMEMOTO ume@FreeBSD.org 2005-03-11T15:42:51Z urn:sha1:68527b3aad57040b661a801cfb4de8b5961ae3c0 this is required to integrate opencrypto into crypto. 2004-04-09T15:47:10Z Mark Murray markm@FreeBSD.org 2004-04-09T15:47:10Z urn:sha1:e7806b4c0eb398aba8b6e8ddeda96e6ddd9305ae can more easily be used INSTEAD OF the hard-working Yarrow. The only hardware source used at this point is the one inside the VIA C3 Nehemiah (Stepping 3 and above) CPU. More sources will be added in due course. Contributions welcome! 2003-11-17T23:02:21Z Mark Murray markm@FreeBSD.org 2003-11-17T23:02:21Z urn:sha1:0887c8c110da2f060bc422e6942320054bcc755d o Each source gets its own queue, which is a FIFO, not a ring buffer. The FIFOs are implemented with the sys/queue.h macros. The separation is so that a low entropy/high rate source can't swamp the harvester with low-grade entropy and destroy the reseeds. o Each FIFO is limited to 256 (set as a macro, so adjustable) events queueable. Full FIFOs are ignored by the harvester. This is to prevent memory wastage, and helps to keep the kernel thread CPU usage within reasonable limits. o There is no need to break up the event harvesting into ${burst} sized chunks, so retire that feature. o Break the device away from its roots with the memory device, and allow it to get its major number automagically. 2003-08-24T17:55:58Z David E. O'Brien obrien@FreeBSD.org 2003-08-24T17:55:58Z urn:sha1:aad970f1fee9a2a3e5a0f880be9b87c6193b3bd1 Also some minor style cleanups. 2002-12-12T17:38:45Z Mark Murray markm@FreeBSD.org 2002-12-12T17:38:45Z urn:sha1:340a8a91c378a893b1e15c57f45f4361ab082321 kernel memory allocator, is harmless. This could be a problem for other systems, though. I've modified Darren's patch a little. Original patch by: Darren Schack, Isilon Systems, Inc <darrens@isilon.com> Also analysed by: SGI, and in particular Divy Le Ray of SGI OK'ed by: re(rwatson) 2002-09-21T21:44:19Z Mark Murray markm@FreeBSD.org 2002-09-21T21:44:19Z urn:sha1:a0a95acece1d200759bbe965fc7cc3d772cb3477 2002-07-15T13:58:35Z Mark Murray markm@FreeBSD.org 2002-07-15T13:58:35Z urn:sha1:bbf09ad887f1ebc18052ee12f5074c05d69a4e46 one out of a block cipher. This has 2 advantages: 1) The code is _much_ simpler 2) We aren't committing our security to one algorithm (much as we may think we trust AES). While I'm here, make an explicit reseed do a slow reseed instead of a fast; this is in line with what the original paper suggested.