NIST's SP800-90B entropy estimation tools put it at no more than .08
bits of entropy per byte of data(!), so estimate 100 bits of data per
bit of entropy. This is probably not conservative enough -- the NIST
tools were written without knowledge of how this alleged TRNG works!
Knowledge of the physics of how the TRNG is supposed to work could
probably enable a better job at predicting the outputs.
While here, bump the size of data we can sample directly with sysctl
to 4096 bytes.
To run a /31 network, participating hosts MUST drop support
for directed broadcasts, and treat the first and last addresses
on subnet as unicast. The broadcast address for the prefix
should be the link local broadcast address, INADDR_BROADCAST.
Taken from FreeBSD, r226402.
Fixes PR kern/51388.
- Add 8168FP, 8411, 8168G, 8401E, 8105E, 8105E_SPIN1, 8106E and 8402 from
{Free,Open}BSD.
- Renumber RTK_HWREV_8103E from 0x24C00000 to 0x34c00000. 0x24C00000 is newly
used as RTK_HWREV_8102EL_SPIN1. Same as {Free,Open}BSD.
- Always accept -S (no sandbox) even if we don't support sandboxing
- More syscalls elided for sandboxiing
- For ELF dynamic means having an interpreter not just PT_DYNAMIC
- Check for large ELF session header offset
- When saving and restoring a locale, keep the locale name in our
own storage.
- Add a flag to disable CSV file detection.
- Don't pass NULL/0 to memset to appease sanitizers.
- Avoid spurious prints when looks for extensions or apple strings
in fsmagic.
- Add builtin decompressors for xz and and bzip.
- Add a limit for the number of CDF elements.
- More checks for overflow in CDF.
When booting sysinst from UEFI, it defaults to a GPT installation
where partition have no labels. Bootstrap used the NAME=label partition
anyway, with the result that both EFI and FFS root partition had
the same name "NAME=" and could not be distinguished. The first matching
partition for the name was used, and bootstrap looked for the kernel
in the EFI partition.
We fix that by not using NAME=label names for partition when label
is empty. In that case we revert to old syntax such as hd0b
in UVM, excluding uvmexp.free, which needs special treatment and will be
done with a separate commit. Cuts system time for a build by 20-25% on
a 48 CPU machine w/DIAGNOSTIC.
- Avoid 64-bit integer divide on every fault (for rnd_add_uint32).
It's more pedantically correct to check RW_WRITE_LOCKED before
obtaining the thread id of the owner. And since there must be an
owner annotate the guard NULL check as unlinkely.
No functional change intended. Ok ad@.
They were brought along with the rwlock flags but never used and never
even adapted to the new home (the struct member name is different
here). I looked at adapting and using them, but they don't really
help readability that much and there are cases where we need to deal
with "fused" owner values anyway and so can't use them.
