| Age | Commit message (Collapse) | Author |
|---|
|
ok jmc
|
|
__atexit tables and touches global variables. From Srinavasa Nagaraju
through Android/Elliott Hughes.
ok tedu@, guenther@
|
|
ok deraadt
|
|
handlers. if this happens, restart the loop.
ok kettenis matthew millert miod
|
|
ok miod
|
|
ok deraadt@
|
|
ok tedu@ jmc@
|
|
worst C misfeatures. ok deraadt miod
|
|
|
|
to demonstrate to use it with syslog_r.
pointed out by millert
|
|
ok otto
|
|
new wording agreed by at least kettenis@ millert@ otto@
|
|
ok jsing@
|
|
ok beck@ deraadt@ jsing@ guenther@
|
|
don't need to be married.
ok guenther miod beck jsing kettenis
|
|
|
|
From: Edward
tweaks
From: Tim van der Molen
|
|
Use .Fn instead of .Nm as appropriate
Use .In for include lines
Use .Rv -std where possible
Use .Xr to refer to functions from other manual pages
Remove extraneous sys/types.h include
More substantive changes to follow.
Discussed with schwarze
|
|
ok guenther
|
|
|
|
portable code path must handle that; with brent cook
|
|
- Markup ioctl argument types with Fa
- Be clearer that ioctl arguments are pointers to ints.
Similar changes to follow for manual pages that describe
device-specific ioctl commands.
Discussed with jmc and schwarze.
|
|
|
|
aren't misled into thinking they're useful on OpenBSD.
|
|
one of MAP_PRIVATE or MAP_SHARED, as required by POSIX. However, also
caveat that currently OpenBSD doesn't strictly enforce this behavior.
|
|
|
|
improve the random stream itself (it doesn't), but to introduce
noise in the arc4random calling pattern. Thanks to matthew@ who
pointed out bias in a previous diff, ok deraadt@ matthew@
|
|
mechanism, to aid in portability to other systems as requested.
ok matthew
|
|
SIGSEGV instead of SIGBUS for page references beyond the end of a
mapped object.
|
|
|
|
artificially constrain alternative implementations. ok deraadt
|
|
|
|
buffersize is enforced strictly, this supplies sufficient entropy
payload to act as seed material. Discourage general use of this
API, but lock down this function name as the go-to for userland
PRNG seeding. Improve documentation.
ok miod matthew
|
|
|
|
Modern compiler toolchains are capable of optimizing even across
translation unit boundaries, so simply moving the memory clearing into
a separate function is not guaranteed to clear memory.
To avoid this, we take advantage of ELF weak symbol semantics, and
insert a call to an empty, weakly named function. The semantics of
calling this function aren't determinable until load time, so the
compiler and linker need to keep the memset() call.
There are still ways a toolchain might defeat this trick (e.g.,
optimistically expecting the weak symbol to not be overloaded, and
only calling memset() if it is; promoting weak symbols to strong
symbols at link-time when emitting a static binary because they won't
be interposed; implementing load-time optimizations). But at least
for the foreseeable future, these seem unlikely.
ok deraadt
|
|
Allow other non-zero return values in case we change our mind to
return an ssize_t byte count instead of simple success/fail.
ok deraadt, djm
|
|
MAP_INHERIT_ZERO anymore. This restores arc4random's previous
behavior where fork children would mix in some randomness from the
parent process.
New behavior noticed by deraadt
ok deraadt, tedu
|
|
The extra argument doesn't hurt genuine atexit handlers and this fixes a
bug where we didn't provide the argument (effectively passing garbage) for
functions registered with __cxa_atexit in the main executable.
Pointed out by Dmitriy Ivanov <dimitry@google.com> and Elliott Hughes
<enh@google.com>.
ok matthew@
|
|
Now instead of calling getpid() each time a user invokes arc4random(),
we're able to rely on the kernel zero'ing out the RNG state if the
process forks.
ok deraadt, djm
|
|
|
|
discussion with matthew
|
|
of sysctl(). Mark it with XXX while we consider.
|
|
They are obsoleted by the RFC3542 api.
ok mpi@
|
|
call abort().
this direction discussed at length with miod beck tedu matthew etc
|
|
|
|
|
|
I accepted that he's right (again) to seperate this out from heavy
sysctl API and this will simply a variety of things. Functionname
is not used by anyone in the ports tree, so we guess we can use it.
Shocking that no application has a function called this.
ok matthew & others who pushed him to start this early on
|
|
|
|
ok deraadt, jmc, tedu
|
|
This provides a way for a process to designate pages in its address
space that should be replaced by fresh, zero-initialized anonymous
memory in forked child processes, rather than being copied or shared.
ok jmc, kettenis, tedu, deraadt; positive feedback from many more
|
