Module Name: src
Committed By: riastradh
Date: Fri May 13 09:39:52 UTC 2022
Modified Files:
src/sys/kern: kern_entropy.c
Log Message:
entropy(9): Note rules about how to use entropy_extract output.
To generate a diff of this commit:
cvs rdiff -u -r1.54 -r1.55 src/sys/kern/kern_entropy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.54 src/sys/kern/kern_entropy.c:1.55
--- src/sys/kern/kern_entropy.c:1.54 Thu Mar 24 12:58:56 2022
+++ src/sys/kern/kern_entropy.c Fri May 13 09:39:52 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_entropy.c,v 1.54 2022/03/24 12:58:56 riastradh Exp $ */
+/* $NetBSD: kern_entropy.c,v 1.55 2022/05/13 09:39:52 riastradh Exp $ */
/*-
* Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -75,7 +75,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.54 2022/03/24 12:58:56 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.55 2022/05/13 09:39:52 riastradh Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -1341,6 +1341,16 @@ sysctl_entropy_gather(SYSCTLFN_ARGS)
*
* Extract len bytes from the global entropy pool into buf.
*
+ * Caller MUST NOT expose these bytes directly -- must use them
+ * ONLY to seed a cryptographic pseudorandom number generator
+ * (`CPRNG'), a.k.a. deterministic random bit generator (`DRBG'),
+ * and then erase them. entropy_extract does not, on its own,
+ * provide backtracking resistance -- it must be combined with a
+ * PRNG/DRBG that does.
+ *
+ * You generally shouldn't use this directly -- use cprng(9)
+ * instead.
+ *
* Flags may have:
*
* ENTROPY_WAIT Wait for entropy if not available yet.
