I wanted to highlight this commit. On some architectures we use a system bootloader rather than our own bootloader. In this particular case an octeon bootloader would be hard to write, becuase it needs native drivers for some very complicated peripherals.
So the solution is to have the kernel self-seed the entropy buffer very very early in locore. Another possibile solution would be to find the vendor bootloader, and teach them about our ELF randomdata segment. Convince then to fill that buffer if they find it in a kernel. That would slowly lead other operating systems towards this strategy... >CVSROOT: /cvs >Module name: src >Changes by: v...@cvs.openbsd.org 2017/05/09 09:11:33 > >Modified files: > sys/arch/octeon/conf: ld.script > sys/arch/octeon/octeon: locore.S > >Log message: >Mix bits from the built-in RNG with the randomdata section at boot time. >This should improve considerably the quality of early entropy and >stack protector guard data on octeon. > >Suggested by and OK deraadt@ >OK kettenis@, jasper@ > >
