[rtems-libbsd commit] Remove dangerous weak definition of getentropy()
Sebastian Huber
sebastian.huber at embedded-brains.de
Tue May 14 04:58:20 UTC 2019
On 14/05/2019 00:53, Chris Johns wrote:
> Hi,
>
> The change makes sense from a security point of view but are you sure there are
> no references to these symbols for those users who do not need this stuff to work?
I added these weak definitions along with an update to a new FreeBSD
baseline in 2016. Since 2017 we have a test for getentropy() in the test
suite:
testsuites/libtests/getentropy01/init.c
>
> On 13/5/19 7:20 pm, Sebastian Huber wrote:
>> Module: rtems-libbsd
>> Branch: master
>> Commit: ab80f78a20cae1f580d3474a43a0973b9ad2f1c5
>> Changeset: http://git.rtems.org/rtems-libbsd/commit/?id=ab80f78a20cae1f580d3474a43a0973b9ad2f1c5
>>
>> Author: Sebastian Huber <sebastian.huber at embedded-brains.de>
>> Date: Mon May 13 10:33:19 2019 +0200
>>
>> Remove dangerous weak definition of getentropy()
>>
>> All BSP supporting libbsd should provide this function.
> Would some documentation on what they need to do and at the risk of being flamed
> by security specialists a sample implementation or link a user can use to see
> what is needed be useful?
https://docs.rtems.org/branches/master/bsp-howto/getentropy.html
--
Sebastian Huber, embedded brains GmbH
Address : Dornierstr. 4, D-82178 Puchheim, Germany
Phone : +49 89 189 47 41-16
Fax : +49 89 189 47 41-09
E-Mail : sebastian.huber at embedded-brains.de
PGP : Public key available on request.
Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.
More information about the devel
mailing list