[Glibc-bsd-commits] r5398 - in trunk/kfreebsd-9/debian: . patches

stevenc-guest at alioth.debian.org stevenc-guest at alioth.debian.org
Mon Jan 27 21:58:58 UTC 2014 

Author: stevenc-guest
Date: 2014-01-27 21:58:58 +0000 (Mon, 27 Jan 2014)
New Revision: 5398

Added:
   trunk/kfreebsd-9/debian/patches/disable_hardware_rngs.diff
Modified:
   trunk/kfreebsd-9/debian/changelog
   trunk/kfreebsd-9/debian/patches/series
Log:
Apply upstream EN-14:01 fix, disabling Intel Ivy Bridge, VIA Eden
and VIA Nano hardware RNGs by default. (Closes: #735449, #735450)


Modified: trunk/kfreebsd-9/debian/changelog
===================================================================
--- trunk/kfreebsd-9/debian/changelog	2014-01-27 21:39:19 UTC (rev 5397)
+++ trunk/kfreebsd-9/debian/changelog	2014-01-27 21:58:58 UTC (rev 5398)
@@ -1,4 +1,4 @@
-kfreebsd-9 (9.2-2) UNRELEASED; urgency=low
+kfreebsd-9 (9.2-2) UNRELEASED; urgency=high
 
   [ Guillem Jover ]
   * Remove myself from Uploaders.
@@ -8,6 +8,10 @@
     siginfo_t.si_status for wait6/waitid/SIGCHLD. (Closes: #729698)
   * Fetch source code securely (https) in get-orig-source.
 
+  [ Steven Chamberlain ]
+  * Apply upstream EN-14:01 fix, disabling Intel Ivy Bridge, VIA Eden
+    and VIA Nano hardware RNGs by default. (Closes: #735449, #735450)
+
  -- Robert Millan <rmh at debian.org>  Thu, 28 Nov 2013 13:41:13 +0100
 
 kfreebsd-9 (9.2-1) unstable; urgency=high

Added: trunk/kfreebsd-9/debian/patches/disable_hardware_rngs.diff
===================================================================
--- trunk/kfreebsd-9/debian/patches/disable_hardware_rngs.diff	                        (rev 0)
+++ trunk/kfreebsd-9/debian/patches/disable_hardware_rngs.diff	2014-01-27 21:58:58 UTC (rev 5398)
@@ -0,0 +1,28 @@
+Description:
+ Disable Intel Ivy Bridge and VIA hardware RNGs by default because the
+ FreeBSD kernel before version 10.0 cannot use them safely.
+ .
+ Implement loader tunables allowing to turn these back on.
+Origin: upstream, http://svnweb.freebsd.org/base?view=revision&revision=260644
+Bug-Debian: http://bugs.debian.org/735449
+
+--- stable/9/sys/dev/random/probe.c	2014/01/14 19:20:41	260643
++++ stable/9/sys/dev/random/probe.c	2014/01/14 19:27:42	260644
+@@ -73,7 +73,7 @@
+ 	if (via_feature_rng & VIA_HAS_RNG) {
+ 		int enable;
+ 
+-		enable = 1;
++		enable = 0;
+ 		TUNABLE_INT_FETCH("hw.nehemiah_rng_enable", &enable);
+ 		if (enable)
+ 			*systat = random_nehemiah;
+@@ -83,7 +83,7 @@
+ 	if (cpu_feature2 & CPUID2_RDRAND) {
+ 		int enable;
+ 
+-		enable = 1;
++		enable = 0;
+ 		TUNABLE_INT_FETCH("hw.ivy_rng_enable", &enable);
+ 		if (enable)
+ 			*systat = random_ivy;

Modified: trunk/kfreebsd-9/debian/patches/series
===================================================================
--- trunk/kfreebsd-9/debian/patches/series	2014-01-27 21:39:19 UTC (rev 5397)
+++ trunk/kfreebsd-9/debian/patches/series	2014-01-27 21:58:58 UTC (rev 5398)
@@ -3,6 +3,7 @@
 000_cpuclockid2_compat32.diff
 #maxlogname.diff
 si_status_wait6.diff
+disable_hardware_rngs.diff
 
 # Other patches that might or might not be mergeable
 cxgbe.diff

More information about the Glibc-bsd-commits mailing list