The EFI environment variable `rndseed' specifies the path to the
random seed. It is loaded only for fdt platforms at the moment.
Since the rndseed (an rndsave_t object as defined in <sys/rndio.h>)
is 536 bytes long (for hysterical raisins), and to avoid having to
erase parts of the fdt tree, we load it into a physical page whose
address is passed in the fdt tree, rather than passing the content of
the file as an fdt node directly; the kernel then reserves the page
from uvm, and maps it into kva to call rnd_seed.
For now, the only kernel that does use efiboot with fdt is evbarm,
which knows to handle the rndseed. Any new kernels that use efiboot
with fdt must do the same; otherwise uvm may hand out the page with
the secret key on it for a normal page allocation in the kernel --
which should be OK if there are no kernel memory disclosure bugs, but
would lead to worse consequences than simply loading the seed late in
userland with /etc/rc.d/random_seed otherwise.
ok jmcneill
Called at end of cpu_startup. Can be defined in, e.g., evbarm to do
additional stuff after cpu_startup. Defined as a weak alias to a
function that does nothing, so optional.
ok jmcneill
- Fix various locking & sequencing errors with breaking loans.
- Don't call uvm_pageremove_tree() while holding pg->interlock as radixtree
can take further locks when freeing nodes.
The previous source of dclk_vop[01] was vpll via dclk_vop[01]_div.
vpll is apparently used directly as a pixel clock source for the
HDMI PHY, and we don't want the other VOP's dclk changing out from
under it because we can't handle finding a replacement clock source
with the right rate yet.
gpll happens to run at 594MHz, which works well as a basis for pixel
clocks.
Linux suggests that the source clock of the fractional divider needs
to be more than twenty times greater than the resulting clock (or some
intermediate clock?) for output stability. This may not be the case
with 594MHz and the common pixel clocks I see used by displays in my
area of the wild, but it works for now.
NIST's SP800-90B entropy estimation tools put it at no more than .08
bits of entropy per byte of data(!), so estimate 100 bits of data per
bit of entropy. This is probably not conservative enough -- the NIST
tools were written without knowledge of how this alleged TRNG works!
Knowledge of the physics of how the TRNG is supposed to work could
probably enable a better job at predicting the outputs.
While here, bump the size of data we can sample directly with sysctl
to 4096 bytes.
To run a /31 network, participating hosts MUST drop support
for directed broadcasts, and treat the first and last addresses
on subnet as unicast. The broadcast address for the prefix
should be the link local broadcast address, INADDR_BROADCAST.
Taken from FreeBSD, r226402.
Fixes PR kern/51388.
- Add 8168FP, 8411, 8168G, 8401E, 8105E, 8105E_SPIN1, 8106E and 8402 from
{Free,Open}BSD.
- Renumber RTK_HWREV_8103E from 0x24C00000 to 0x34c00000. 0x24C00000 is newly
used as RTK_HWREV_8102EL_SPIN1. Same as {Free,Open}BSD.
- Always accept -S (no sandbox) even if we don't support sandboxing
- More syscalls elided for sandboxiing
- For ELF dynamic means having an interpreter not just PT_DYNAMIC
- Check for large ELF session header offset
- When saving and restoring a locale, keep the locale name in our
own storage.
- Add a flag to disable CSV file detection.
- Don't pass NULL/0 to memset to appease sanitizers.
- Avoid spurious prints when looks for extensions or apple strings
in fsmagic.
- Add builtin decompressors for xz and and bzip.
- Add a limit for the number of CDF elements.
- More checks for overflow in CDF.
When booting sysinst from UEFI, it defaults to a GPT installation
where partition have no labels. Bootstrap used the NAME=label partition
anyway, with the result that both EFI and FFS root partition had
the same name "NAME=" and could not be distinguished. The first matching
partition for the name was used, and bootstrap looked for the kernel
in the EFI partition.
We fix that by not using NAME=label names for partition when label
is empty. In that case we revert to old syntax such as hd0b
jakllsch