Updating netbsd

Posted by / 12-May-2020 19:06

Updating netbsd

This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.

An abstraction layer, "cprng", is provided for in-kernel consumers of randomness.

The arc4random/arc4randbytes API is deprecated for in-kernel use. The current cprng_fast implementation wraps the existing arc4random implementation.

It may be necessary to remove the OBJDIR for external/mit/xorg/server/xorg-server/hw/xfree86 if your update build fails, as the "Xorg" entry there is now a directory.

this commit was splitted into small chunks to avoid a limitation of cvs.

("Protocol error: too many arguments") Revision 1.254 / (download) - annotate - [select for diffs], Sat Feb 1 2014 UTC (5 years, 7 months ago) by skrll Branch: MAIN CVS Tags: yamt-pagecache-base9, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3 Branch point for: tls-earlyentropy Changes since 1.253: 2 -2 lines Diff to previous 1.253 (colored) Revision 1.251 / (download) - annotate - [select for diffs], Fri Jan 31 2014 UTC (5 years, 7 months ago) by martin Branch: MAIN Changes since 1.250: 10 -1 lines Diff to previous 1.250 (colored) Revision 1.250 / (download) - annotate - [select for diffs], Sat Dec 28 2013 UTC (5 years, 8 months ago) by christos Branch: MAIN Changes since 1.249: 9 -1 lines Diff to previous 1.249 (colored) Revision 1.238.2.2 / (download) - annotate - [select for diffs], Sun Jun 23 2013 UTC (6 years, 2 months ago) by tls Branch: tls-maxphys Changes since 1.238.2.1: 20 -1 lines Diff to previous 1.238.2.1 (colored) Revision 1.246 / (download) - annotate - [select for diffs], Wed Jun 5 2013 UTC (6 years, 2 months ago) by martin Branch: MAIN CVS Tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2 Changes since 1.245: 6 -1 lines Diff to previous 1.245 (colored) Revision 1.243 / (download) - annotate - [select for diffs], Sat Mar 2 2013 UTC (6 years, 6 months ago) by christos Branch: MAIN CVS Tags: khorben-n900, agc-symver-base, agc-symver Changes since 1.242: 2 -2 lines Diff to previous 1.242 (colored) Revision 1.242 / (download) - annotate - [select for diffs], Sat Mar 2 2013 UTC (6 years, 6 months ago) by christos Branch: MAIN Changes since 1.241: 5 -1 lines Diff to previous 1.241 (colored) Revision 1.238.2.1 / (download) - annotate - [select for diffs], Tue Nov 20 2012 UTC (6 years, 9 months ago) by tls Branch: tls-maxphys Changes since 1.238: 49 -48 lines Diff to previous 1.238 (colored) Revision 1.234.2.1.2.1 / (download) - annotate - [select for diffs], Thu Nov 1 2012 UTC (6 years, 10 months ago) by matt Branch: matt-nb6-plus Changes since 1.234.2.1: 9 -2 lines Diff to previous 1.234.2.1 (colored) next main 1.234.2.2 (colored) Revision 1.229.2.3 / (download) - annotate - [select for diffs], Tue Oct 30 2012 UTC (6 years, 10 months ago) by yamt Branch: yamt-pagecache CVS Tags: yamt-pagecache-tag8 Changes since 1.229.2.2: 51 -44 lines Diff to previous 1.229.2.2 (colored) to branchpoint 1.229 (colored) Revision 1.241 / (download) - annotate - [select for diffs], Wed Oct 3 2012 UTC (6 years, 11 months ago) by wiz Branch: MAIN CVS Tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6 Changes since 1.240: 46 -46 lines Diff to previous 1.240 (colored) Revision 1.234.2.4 / (download) - annotate - [select for diffs], Sun Sep 30 2012 UTC (6 years, 11 months ago) by bouyer Branch: netbsd-6 CVS Tags: netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-1, netbsd-6-0-RELEASE, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, netbsd-6-0, matt-nb6-plus-nbase, matt-nb6-plus-base Changes since 1.234.2.3: 5 -4 lines Diff to previous 1.234.2.3 (colored) to branchpoint 1.234 (colored) next main 1.235 (colored) Pull up following revision(s) (requested by dholland in ticket #565): UPDATING: revision 1.240 Strengthen the entry about the openssl update, to clarify and emphasize that just doing a non-update build isn't enough; you really do have to nuke $DESTDIR.

Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.

A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.

updating netbsd-51updating netbsd-55updating netbsd-17

Manual pages for the new kernel interfaces are forthcoming.