NetBSD/sys/kern
tls 88ad351cb1 Re-fix 'fix' for SA-2013-003. Because the original fix evaluated a flag
backwards, in low-entropy conditions there was a time interval in which
/dev/urandom could still output bits on an unacceptably short key.  Output
from /dev/random was *NOT* impacted.

Eliminate the flag in question -- it's safest to always fill the requested
key buffer with output from the entropy-pool, even if we let the caller
know we couldn't provide bytes with the full entropy it requested.

Advisory will be updated soon with a full worst-case analysis of the
/dev/urandom output path in the presence of either variant of the
SA-2013-003 bug.  Fortunately, because a large amount of other input
is mixed in before users can obtain any output, it doesn't look as dangerous
in practice as I'd feared it might be.
2013-03-28 18:06:48 +00:00
..
bufq_disksort.c
bufq_fcfs.c
bufq_priocscan.c BUFQ_PRIOCSCAN: 2012-02-17 08:45:11 +00:00
bufq_readprio.c
cnmagic.c Apply the better patch in the PR. 2011-11-19 17:34:41 +00:00
core_elf32.c extending vmem(9) to be able to allocated resources for it's own needs. 2012-01-27 19:48:38 +00:00
core_elf64.c
core_netbsd.c udpate license clauses on my code to match the new-style BSD licenses. 2011-02-02 20:07:25 +00:00
exec_aout.c - Replace few malloc(9) uses with kmem(9). 2011-04-24 18:46:22 +00:00
exec_ecoff.c - Replace few malloc(9) uses with kmem(9). 2011-04-24 18:46:22 +00:00
exec_elf32.c
exec_elf64.c
exec_elf.c back out elf note changes and use EF_ARM_ABIVERS to determine EABI usage. 2012-08-05 01:43:58 +00:00
exec_script.c
exec_subr.c Bounds process's stack size with max_stack_size so that 32bit 2011-08-08 06:30:43 +00:00
genlintstub.awk
init_main.c calculate vnode cache size based on the resource it gets allocated from 2013-03-18 13:36:21 +00:00
init_sysctl_base.c
init_sysctl.c calculate vnode cache size based on the resource it gets allocated from 2013-03-18 13:36:21 +00:00
init_sysent.c regen 2012-10-02 01:46:20 +00:00
kern_acct.c Make sure that we initialize all accounting bytes. 2011-09-03 14:09:03 +00:00
kern_auth.c C99 section 6.7.2.3 (Tags) Note 3 states that: 2013-03-18 19:35:35 +00:00
kern_cctr.c
kern_cfglock.c
kern_clock.c adapt the cyclic module and profile dtrace provider to netbsd. 2012-12-02 01:05:16 +00:00
kern_condvar.c also comment on the meaning of timo=0 for cv_timedwait_sig. 2013-03-08 08:36:37 +00:00
kern_core.c Don't dump core on an existing core file we don't own. From OpenBSD, suggested 2011-09-24 22:53:50 +00:00
kern_cpu.c put binary compatibility support for the old AMD-only CPU microcode 2012-10-17 20:19:55 +00:00
kern_ctf.c
kern_descrip.c Return EOPNOTSUPP for fnullop_kqfilter to prevent registration of unsupported 2012-11-24 15:07:44 +00:00
kern_drvctl.c split device_t/softc for all remaining drivers. 2012-10-27 17:17:22 +00:00
kern_event.c - initialize kn_id 2012-11-24 15:14:32 +00:00
kern_exec.c If you are going to dick around with p_stat, remember to put it 2012-11-08 17:40:46 +00:00
kern_exit.c exit_lwps, lwp_wait: fix a race condition by re-trying if p_lock was dropped 2012-09-27 20:43:15 +00:00
kern_fileassoc.c fileassoc_file_delete: pre-check whether fileassoc was used and thus avoid 2012-01-22 03:48:51 +00:00
kern_fork.c revert racy vfork() parent-blocking-before-child-execs-or-exits code. 2012-07-27 20:52:49 +00:00
kern_history.c move and rename the uvm history code out of uvm_stat to "kernhist". 2011-05-17 04:18:05 +00:00
kern_hook.c split device_t/softc for all remaining drivers. 2012-10-27 17:17:22 +00:00
kern_idle.c - Add mi_cpu_init() and initialise cpu_lock and kcpuset_attached/running there. 2012-01-29 22:55:40 +00:00
kern_ksyms.c Add a separate bool to indicate a symbol table has been loaded. 2013-01-17 14:36:36 +00:00
kern_kthread.c Add a __HAVE_CPU_UAREA_IDLELWP hook so that the MD code can allocate 2012-09-01 00:26:37 +00:00
kern_ktrace.c Remove COMPAT_SA / KERN_SA. Welcome to 6.99.3! 2012-02-19 21:05:51 +00:00
kern_lock.c Use __cacheline_aligned 2012-08-30 02:23:14 +00:00
kern_lwp.c The lwp_id in a process are supposed to be non-zero and unique. 2012-12-16 22:21:03 +00:00
kern_malloc.c - Replace some malloc(9) uses with kmem(9). 2012-04-30 22:51:27 +00:00
kern_module_vfs.c - don't if then else the same thing. print a more meaningful message 2011-09-14 12:30:20 +00:00
kern_module.c downgrade an error to debug. 2013-03-24 22:06:37 +00:00
kern_mutex_obj.c Modify *ASSERTMSG() so they are now used as variadic macros. The main goal 2011-09-27 01:02:33 +00:00
kern_mutex.c {mutex,rw}_vector_enter: use macro versions to disable/enable preemption. 2012-02-25 22:32:44 +00:00
kern_ntptime.c
kern_pax.c First step of random number subsystem rework described in 2011-11-19 22:51:18 +00:00
kern_physio.c Make vmapbuf() return success/error and make physio deal with a 2011-02-10 14:46:44 +00:00
kern_pmf.c in pmf_system_shutdown(), don't do anything if we're panicing. 2012-11-13 14:08:07 +00:00
kern_proc.c Add a new resource to limit the number of lwps per user, RLIMIT_NTHR. There 2012-06-09 02:31:14 +00:00
kern_prot.c Remove debugging. 2012-06-09 02:55:32 +00:00
kern_ras.c Remove COMPAT_SA / KERN_SA. Welcome to 6.99.3! 2012-02-19 21:05:51 +00:00
kern_rate.c Signed overflow is undefined behavior, and one version of gcc 2012-12-12 11:10:56 +00:00
kern_resource.c fix setrlimit(RLIMIT_STACK) for __MACHINE_STACK_GROWS_UP platforms. 2013-01-07 16:54:54 +00:00
kern_rndpool.c Address multiple problems with rnd(4)/cprng(9): 2012-04-17 02:50:38 +00:00
kern_rndq.c Tweak the previous a little: don't be so hasty to declare sources "fast" 2013-01-26 22:22:07 +00:00
kern_runq.c revert rev.1.37 for now. 2013-03-12 23:16:31 +00:00
kern_rwlock_obj.c Sprinkle __cacheline_aligned and __read_mostly. 2011-05-13 22:16:43 +00:00
kern_rwlock.c rw_vector_enter: reload owner in the case of no hand-off. 2012-12-12 14:53:01 +00:00
kern_sdt.c
kern_sig.c Remove COMPAT_SA / KERN_SA. Welcome to 6.99.3! 2012-02-19 21:05:51 +00:00
kern_sleepq.c Add comments saying that a cv_timedwait and sleepq_block interpret 2013-03-08 08:35:09 +00:00
kern_softint.c - softint_dispatch: perform pserialize(9) switchpoint when softintr processing 2013-01-07 23:21:31 +00:00
kern_ssp.c First step of random number subsystem rework described in 2011-11-19 22:51:18 +00:00
kern_stub.c Remove COMPAT_SA / KERN_SA. Welcome to 6.99.3! 2012-02-19 21:05:51 +00:00
kern_subr.c Make detection of root on wedges (dk(4)) machine independent. Remove 2012-06-10 17:05:18 +00:00
kern_synch.c The field ci_curlwp is only defined for MULTIPROCESSOR kernels. 2012-09-02 16:00:00 +00:00
kern_syscall.c Add a new type of syscall "EXTERN" which is meant for modules that live 2012-05-05 19:37:37 +00:00
kern_sysctl.c CID/980000: missing va_end() 2013-02-09 01:20:08 +00:00
kern_tc.c kill some -Wunused-but-set-variable warnings 2012-11-13 20:10:02 +00:00
kern_time.c kernel portion of clock_nanosleep() 2012-10-02 01:44:27 +00:00
kern_timeout.c
kern_todr.c Remove clause 3 (UCB advertising clause) from the University of Utah 2011-02-08 20:20:06 +00:00
kern_turnstile.c comments and assertions. 2012-06-15 13:51:40 +00:00
kern_uidinfo.c At least pretend to not leak memory in sysctl initialization. 2013-03-10 17:55:42 +00:00
kern_uuid.c First step of random number subsystem rework described in 2011-11-19 22:51:18 +00:00
kern_verifiedexec.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
kern_xxx.c Print syscall name on syscall exit (when using SYSCALL_DEBUG). 2011-09-01 18:25:44 +00:00
kgdb_stub.c Fix -fno-common found by building i386/conf/ALL 2012-07-28 00:43:22 +00:00
Make.tags.inc
Makefile Add a target, subr_vmem, for building the vmem(9) test program. 2011-09-02 22:15:16 +00:00
makesyscalls.sh make rump kernel syscalls through curproc->p_emul instead of rump_sysent 2013-03-07 19:17:46 +00:00
sched_4bsd.c update a comment 2011-12-02 12:29:35 +00:00
sched_m2.c This is no place to attach the primary cpu. Things go wrong from here because 2011-09-16 01:03:52 +00:00
subr_autoconf.c printflike maintenance. 2013-02-09 00:31:21 +00:00
subr_blist.c printflike maintenance. 2013-02-09 00:31:21 +00:00
subr_bufq.c
subr_callback.c
subr_copy.c
subr_cprng.c Re-fix 'fix' for SA-2013-003. Because the original fix evaluated a flag 2013-03-28 18:06:48 +00:00
subr_cpufreq.c Revert the revision 1.5 in cpufreq(9). Instead, document that the KPI can 2011-10-27 05:25:07 +00:00
subr_debug.c
subr_device.c
subr_devsw.c add an XXX comment i meant to include with the original change. 2012-02-18 06:29:10 +00:00
subr_disk_mbr.c No longer determine availability of ISO and UDF partitions, we default 2012-10-03 07:05:51 +00:00
subr_disk_open.c split device_t/softc for all remaining drivers. 2012-10-27 17:17:22 +00:00
subr_disk.c printflike maintenance. 2013-02-09 00:31:21 +00:00
subr_evcnt.c Modify *ASSERTMSG() so they are now used as variadic macros. The main goal 2011-09-27 01:02:33 +00:00
subr_exec_fd.c kern/42030 - tracking of file descriptors by ktrace/kdump 2011-06-01 21:24:59 +00:00
subr_extent.c remove left over macro after kmem_map is gone 2012-01-29 11:14:49 +00:00
subr_hash.c Add hash_list_size() and simplify slightly. 2012-06-05 20:51:36 +00:00
subr_humanize.c
subr_iostat.c
subr_kcpuset.c Rename kcpuset_copybits() to kcpuset_export_u32() and thus be more specific 2012-09-16 22:09:33 +00:00
subr_kmem.c split allocation lookup table to decrease overall memory used 2012-07-21 11:45:04 +00:00
subr_kobj_vfs.c Always provide a meaningful short name for the kobj in the error message, 2011-08-13 21:04:05 +00:00
subr_kobj.c size_t needs to printed with %zu 2012-12-30 20:52:20 +00:00
subr_lockdebug.c Fix LOCKDEBUG build. 2013-02-09 11:04:32 +00:00
subr_log.c
subr_lwp_specificdata.c
subr_once.c
subr_optstr.c
subr_pcq.c Revert to more readable but non-standard use of offsetof to calculate 2012-01-31 20:40:09 +00:00
subr_pcu.c Remove a debugging printf 2012-12-31 01:20:05 +00:00
subr_percpu.c extending vmem(9) to be able to allocated resources for it's own needs. 2012-01-27 19:48:38 +00:00
subr_physmap.c - physmap_map, physmap_map_fini: pmap_update() must be performed before 2013-01-19 01:04:51 +00:00
subr_pool.c In pool_cache_put_slow(), pool_get() can block (it does mutex_enter()), 2013-03-11 21:37:54 +00:00
subr_prf.c Move the DDB-specific part of vpanic() to a new db_panic() function, 2013-02-10 11:04:19 +00:00
subr_prof.c
subr_pserialize.c - pserialize_switchpoint: check for passing twice, not more than needed. 2013-02-07 23:37:58 +00:00
subr_specificdata.c
subr_spldebug.c
subr_syscall_stats.c
subr_tftproot.c Fix misspelling: accommodate is a long enough word to have room for two 'c's 2012-12-01 11:41:49 +00:00
subr_time.c Fix monotonic interval timers. 2011-12-18 22:30:25 +00:00
subr_userconf.c modify parsing of device names so that it can deal with names which 2011-08-01 10:33:26 +00:00
subr_vmem.c update comments 2013-03-06 11:20:10 +00:00
subr_workqueue.c If the workqueue is using a prio less than PRI_KERNEL, make sure KTHREAD_TS 2012-10-07 22:16:21 +00:00
subr_xcall.c Stopgap fix to make rump cooperate with pserialize, may be revisited later. 2013-02-19 11:20:17 +00:00
sys_aio.c Remove curproc == NULL test. 2011-02-17 19:02:50 +00:00
sys_descrip.c Force sys_close not to restart by returning ERESTART. 2012-08-05 04:26:10 +00:00
sys_generic.c As discussed in tech-kern, provide the means to prevent delivery of SIGPIPE 2012-01-25 00:28:35 +00:00
sys_lwp.c exit_lwps, lwp_wait: fix a race condition by re-trying if p_lock was dropped 2012-09-27 20:43:15 +00:00
sys_module.c Add -A, -a, and -e options to modstat(8) along with kernel 2012-08-07 01:19:05 +00:00
sys_mqueue.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
sys_pipe.c Make sure we can deliver two file descriptors for pipe2() before we set 2012-05-16 09:41:11 +00:00
sys_pmc.c
sys_process.c PR# kern/45330: ptrace: signals can alter syscall return values 2011-09-06 11:22:42 +00:00
sys_pset.c Remove LW_AFFINITY flag and fix some bugs affinity mask handling. 2011-08-07 21:13:05 +00:00
sys_sched.c - Convert x86 MD code, mainly pmap(9) e.g. TLB shootdown code, to use 2012-04-20 22:23:24 +00:00
sys_select.c Assert equality, not assignment, in selrecord. 2013-01-26 19:38:17 +00:00
sys_sig.c Properly differentiate between infinite timeout and zero timeout. 2013-03-08 09:32:59 +00:00
sys_socket.c - Eliminate so_nbio and turn it into a bit SS_NBIO in so_state. 2011-12-20 23:56:28 +00:00
sys_syscall.c use sy_call() so that l->l_sysent gets set, so that we can autoload modules 2012-05-05 19:44:02 +00:00
syscalls.c regen 2012-10-02 01:46:20 +00:00
syscalls.conf Forgot this one from previous commit. It too is needed for syscallargs.h 2012-08-03 12:41:13 +00:00
syscalls.master kernel portion of clock_nanosleep() 2012-10-02 01:44:27 +00:00
sysv_ipc.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
sysv_msg.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
sysv_sem.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
sysv_shm.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
tty_bsdpty.c
tty_conf.c
tty_ptm.c Add COMPAT_60 versions of the TIOCPTMGET and TIOCPTSNAME ioctls. 2012-10-19 16:55:22 +00:00
tty_pty.c Set tp->t_dev to the correct dev_t value in both ptmopen and ptsopen. 2012-10-20 00:21:10 +00:00
tty_subr.c - Introduce a sysctl to control the default tty queue size kern.tty.qsize, 2011-09-24 00:05:38 +00:00
tty_tty.c
tty.c printflike maintenance. 2013-02-09 00:31:21 +00:00
uipc_accf.c
uipc_domain.c Add sockaddr_format to ease debugging code dealing with socket 2013-01-31 14:30:47 +00:00
uipc_mbuf2.c Miscellaneous mbuf changes: 2011-08-08 19:10:33 +00:00
uipc_mbuf.c Add m_ensure_contig() routine, which is equivalent to m_pullup, but does not 2013-01-19 00:51:52 +00:00
uipc_proto.c Add SOCK_SEQPACKET to PL_LOCAL sockets. Based on patch from Jesse Off, 2011-05-29 03:32:46 +00:00
uipc_sem.c expose ksem_t for fstat(8), and implement stat for future reference. 2012-11-25 01:05:04 +00:00
uipc_socket2.c - Eliminate so_nbio and turn it into a bit SS_NBIO in so_state. 2011-12-20 23:56:28 +00:00
uipc_socket.c Add comment questioning lock asymmetry. 2013-03-14 19:13:17 +00:00
uipc_syscalls.c PR/47569: Valery Ushakov: SOCK_NONBLOCK does not work because it does not 2013-02-14 21:57:58 +00:00
uipc_usrreq.c Fix some screw cases in cmsg file descriptor passing. 2013-02-14 01:00:07 +00:00
vfs_bio.c calculate vnode cache size based on the resource it gets allocated from 2013-03-18 13:36:21 +00:00
vfs_cache.c Excise struct componentname from the namecache. 2012-11-05 17:27:37 +00:00
vfs_cwd.c Support FD_CLOEXEC in rump kernels. 2011-02-15 15:54:28 +00:00
vfs_dirhash.c
vfs_getcwd.c Disentangle the namecache from the internals of namei. 2012-11-05 17:24:09 +00:00
vfs_hooks.c
vfs_init.c Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with 2012-03-13 18:40:26 +00:00
vfs_lockf.c
vfs_lookup.c Add most system calls for POSIX extended API set, part 2, with test cases: 2012-11-18 17:41:51 +00:00
vfs_mount.c Make the spec_node table implementation private to spec_vnops.c. 2013-02-13 14:03:48 +00:00
vfs_quotactl.c Improve the names of some members of struct quotactl_args. These are 2012-02-01 05:43:53 +00:00
vfs_subr.c C99 section 6.7.2.3 (Tags) Note 3 states that: 2013-03-18 19:35:35 +00:00
vfs_syscalls.c Revert defective O_SEARCH implementation committed by manu@ along with 2013-01-13 08:15:02 +00:00
vfs_trans.c Replace the rwlock based implementation with passive serialization 2013-01-21 09:14:01 +00:00
vfs_vnode.c Make the spec_node table implementation private to spec_vnops.c. 2013-02-13 14:03:48 +00:00
vfs_vnops.c Bring back Manuel Bouyers patch to resolve races between vget() and vrelel() 2012-11-12 11:00:07 +00:00
vfs_wapbl.c why didn't gcc find the formatting error? 2013-02-09 00:32:12 +00:00
vfs_xattr.c Return ENODATA when no attribute is found, like Linux does. After 2012-05-01 07:48:25 +00:00
vnode_if.c Change VOP_BWRITE() to take a vnode as its first argument like all other 2011-07-11 08:27:37 +00:00
vnode_if.sh Change VOP_BWRITE() to take a vnode as its first argument like all other 2011-07-11 08:23:00 +00:00
vnode_if.src Change the vnode locking protocol of VOP_GETATTR() to request at least 2011-10-14 09:23:28 +00:00