Module Name: src
Committed By: riastradh
Date: Fri May 13 09:39:40 UTC 2022
Modified Files:
src/sys/arch/x86/x86: pmap.c
Log Message:
x86/pmap: Feed entropy_extract output through nist_hash_drbg.
The entropy pool algorithm is NOT designed to provide backtracking
resistance on its own -- it MUST be combined with a PRNG/DRBG that
provides that.
The only reason we use entropy_extract here is that cprng(9) is not
available yet (which in turn is because kmem and other basic kernel
facilities aren't available yet), but nist_hash_drbg doesn't have any
initialization order requirements, so we'll just use it directly.
To generate a diff of this commit:
cvs rdiff -u -r1.414 -r1.415 src/sys/arch/x86/x86/pmap.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
