On Tue, 11 Feb 2014 16:46:31 -0500 (EST) Benjamin Kaduk <[email protected]> wrote:
> [HEIMDAL_MUTEX_* initialization] > Is there a better place for something at this level? [...] > [fortuna rand seeding] > being the AFSOP_SET_THISCELL easily visible in afsd.c. Since that > doesn't fire up rx, we are safe for now, but how future-proof are we? osi_Init() seems like a good place for initializing a mutex. That is called when the openafs/libafs module is loaded. That's where GLOCK is initialized on platforms that need procedural GLOCK initialization. Or an alternative is afs_InitSetup, which will be called when afsd is run, but it supposed to be called before anything hits the net (this is where we call rx_InitHost). This isn't really _enforced_, but -rxbind will not work if something else hits the net before that runs. So if the code is rearchitected or whatever, it's likely that whatever's in there will be moved to the appropriate place. So, it seems like you could collect entropy in that syscall (calling the syscall 32+ times doesn't seem so bad really, but obviously a buffer would be better). And when we hit afs_InitSetup, you can track yourself if you've got the right amount of entropy, and fail to continue if something is wrong. -- Andrew Deason [email protected] _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
