[openfirmware] r1411 - cpu/x86/pc/olpc/via ofw/inet
svn at openfirmware.info
svn at openfirmware.info
Sat Oct 10 01:43:00 CEST 2009
Author: wmb
Date: 2009-10-10 01:43:00 +0200 (Sat, 10 Oct 2009)
New Revision: 1411
Modified:
cpu/x86/pc/olpc/via/fw.bth
cpu/x86/pc/olpc/via/padlock.fth
ofw/inet/tcp.fth
Log:
Via - randomize TCP sequence number.
Modified: cpu/x86/pc/olpc/via/fw.bth
===================================================================
--- cpu/x86/pc/olpc/via/fw.bth 2009-10-09 23:36:03 UTC (rev 1410)
+++ cpu/x86/pc/olpc/via/fw.bth 2009-10-09 23:43:00 UTC (rev 1411)
@@ -451,6 +451,8 @@
fload ${BP}/forth/lib/selstr.fth
+fload ${BP}/cpu/x86/pc/olpc/via/padlock.fth \ Via security engine
+
fload ${BP}/ofw/inet/loadtcp.fth
support-package: http
@@ -481,7 +483,6 @@
fload ${BP}/cpu/x86/pc/olpc/nandcastui.fth
fload ${BP}/cpu/x86/pc/olpc/wifichannel.fth
[then]
-fload ${BP}/cpu/x86/pc/olpc/via/padlock.fth \ Via security engine
fload ${BP}/cpu/x86/pc/olpc/via/fsupdate.fth
fload ${BP}/cpu/x86/pc/olpc/via/fsverify.fth
devalias fsdisk int:0
Modified: cpu/x86/pc/olpc/via/padlock.fth
===================================================================
--- cpu/x86/pc/olpc/via/padlock.fth 2009-10-09 23:36:03 UTC (rev 1410)
+++ cpu/x86/pc/olpc/via/padlock.fth 2009-10-09 23:43:00 UTC (rev 1411)
@@ -2,7 +2,7 @@
: enable-padlock ( -- ) cr4@ h# 200 or cr4! ; \ SSE enable
-code random-bytes ( adr len -- )
+code random-bytes ( adr len -- ) \ The buffer at adr must be at least 8 bytes long
cr4 ebx mov ebx eax mov h# 200 # eax or eax cr4 mov
cx pop
0 [sp] di xchg
@@ -12,6 +12,7 @@
ax cx sub
0= until
0 [sp] di xchg
+ ax pop
ebx cr4 mov
c;
code random-byte ( -- n )
@@ -27,6 +28,7 @@
cx di mov
ebx cr4 mov
c;
+: random-long ( -- l ) 0 0 sp@ 4 random-bytes nip ;
create sha256-constants
h# 6A09E667 , h# BB67AE85 , h# 3C6EF372 , h# A54FF53A ,
Modified: ofw/inet/tcp.fth
===================================================================
--- ofw/inet/tcp.fth 2009-10-09 23:36:03 UTC (rev 1410)
+++ ofw/inet/tcp.fth 2009-10-09 23:43:00 UTC (rev 1411)
@@ -1390,8 +1390,12 @@
;
: next-iss ( -- )
+[ifdef] random-long
+ random-long to iss
+[else]
tcp_iss to iss
issincr 2/ tcp_iss + to tcp_iss
+[then]
;
: do-syn-sent? ( -- done? )
More information about the openfirmware
mailing list