diff options
author | David Benjamin <davidben@google.com> | 2020-04-21 17:29:50 -0400 |
---|---|---|
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | 2020-05-14 18:17:12 +0000 |
commit | 3e4dfbb2f81493e1f25b3ce83fee3ed999373a6c (patch) | |
tree | 1c80ac7b7e6a8f206a6c6cbf98551dbeab199a27 /README.md | |
parent | 9cf9d3eb0681e0522db89ef5178c7bf8d5e7977f (diff) | |
download | boringssl-3e4dfbb2f81493e1f25b3ce83fee3ed999373a6c.zip boringssl-3e4dfbb2f81493e1f25b3ce83fee3ed999373a6c.tar.gz boringssl-3e4dfbb2f81493e1f25b3ce83fee3ed999373a6c.tar.bz2 |
Add CRYPTO_pre_sandbox_init.
The intent is to replace the logic in [0] and allows Chromium to set up
the MADV_WIPEONFORK page without increasing sandbox syscall surface.
From there we can remove RAND_set_urandom_fd and trim a bit of
complexity from the PRNG logic.
[0] https://source.chromium.org/chromium/chromium/src/+/master:content/app/content_main_runner_impl.cc;l=333-341;drc=975850fa57e140ec696114477e9416a19f06d29f
Change-Id: I9b679e15da551a10302389556c6c77d192be662a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41326
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -39,3 +39,4 @@ There are other files in this directory which might be helpful: * [FUZZING.md](/FUZZING.md): information about fuzzing BoringSSL. * [CONTRIBUTING.md](/CONTRIBUTING.md): how to contribute to BoringSSL. * [BREAKING-CHANGES.md](/BREAKING-CHANGES.md): notes on potentially-breaking changes. + * [SANDBOXING.md](/SANDBOXING.md): notes on using BoringSSL in a sandboxed environment. |