summaryrefslogtreecommitdiffstats
path: root/sys/dev/pci/safe.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Expand ancient NTOHL/NTOHS/HTONS/HTONL macros.mpi2015-07-161-2/+2
| | | | ok guenther@, henning@
* Remove some includes include-what-you-use claims don'tjsg2015-03-141-2/+1
| | | | | | | have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels. ok tedu@ deraadt@
* Remove support for public key operationsmikeb2014-08-151-277/+1
|
* Some reallocarray() use; review Jean-Philippe Ouellet, patrick keshishianderaadt2014-07-131-2/+2
| | | | ok tedu
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-4/+4
| | | | after discussions with beck deraadt kettenis.
* Remove excessive sys/cdefs.h inclusionderaadt2012-12-051-3/+1
| | | | ok guenther millert kettenis
* handle m_copyback errors, this code is too sensitive for suchmikeb2012-01-131-3/+6
| | | | failures to be neglected; ok markus
* Passing M_WAITOK to mbuf functions is supposed to be a contract betweenblambert2011-04-051-2/+3
| | | | | | | | | | | | | | | the caller and the function that the function will not fail to allocate memory and return a NULL pointer. However, m_dup_pkthdr() violates this contract, making it possible for functions that pass M_WAITOK to be surprised in ways that hurt. Fix this by passing the wait flag all the way down the functions that actually do the allocation for m_dup_pkthdr() so that we won't be surprised. man page update forthcoming ok claudio@
* use nitems(); no binary change for drivers that are compiled on amd64.jasper2011-04-031-5/+4
| | | | ok claudio@
* use explicit_bzero() for key materials, including that in the session.deraadt2011-01-121-3/+5
| | | | there was also a local buffer which was left around
* Bring CBC oracle attack countermeasure from r1.32 of cryptosoft.c tomikeb2010-12-151-33/+3
| | | | | | | | | | | | | the hardware crypto accelerator land. This fixes aes-ni, via xcrypt, glxsb(4), hifn(4), safe(4) and ubsec(4) drivers. Original commit message by angelos: Don't keep the last blocksize-bytes of ciphertext for use as the next plaintext's IV, in CBC mode. Use arc4random() to acquire fresh IVs per message. with and ok deraadt, ok markus, djm
* m_copyback can fail to allocate memory, but is a void fucntion so gymnasticsblambert2010-07-021-3/+5
| | | | | | | | | are required to detect that. Change the function to take a wait argument (used in nfs server, but M_NOWAIT everywhere else for now) and to return an error ok claudio@ henning@ krw@
* update a random sampling of drivers after the proc.h -> systm.h movetedu2010-04-061-2/+1
|
* Fix two bugs in IPsec/HMAC-SHA2:markus2010-01-101-5/+5
| | | | | | | | | | | | | | | (1) use correct (message) block size of 128 byte (instead of 64 bytes) for HMAC-SHA512/384 (RFC4634). (2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to nnn/2 bits, while we still use 96 bits. 96 bits have been specified in draft-ietf-ipsec-ciph-sha-256-00 while draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits. WARNING: this change makes IPsec with SHA-256 (the default) incompatible with older OpenBSD versions and other IPsec-implementations that share this bug. ok+tests naddy, fries; requested by reyk/deraadt
* M_DUP_PKTHDR() define -> m_dup_pkthdr() function to properly dealkrw2009-09-131-3/+8
| | | | | | | | | | | | | with m_tag_copy_chain() failures. Use m_defrag() to eliminate hand rolled defragging of mbufs and some uses of M_DUP_PKTHDR(). Original diff from thib@, claudio@'s feedback integrated by me. Tests kevlo@ claudio@, "reads ok" blambert@ ok thib@ claudio@, "m_defrag() bits ok" kettenis@
* Change safe_rng_read() from __inline to static __inline likejsg2009-06-251-3/+3
| | | | | the original FreeBSD code for consistent behaviour between c89/c99 compilers.
* Second pass of simple timeout_add -> timeout_add_sec conversionsblambert2008-10-151-3/+3
| | | | | | | This should take care of the simpler ones (i.e., timeout values of integer multiples of hz). ok krw@, art@
* rename arc4random_bytes => arc4random_buf to match libc's nicer name;djm2008-06-091-2/+2
| | | | ok deraadt@
* arc4random_bytes() is the preferred interface for generating nonces;djm2007-09-181-2/+2
| | | | "looks ok" markus@
* of ofderaadt2007-02-281-2/+2
|
* do not check for master/io/mem enables; ok kettenisderaadt2006-06-291-14/+2
|
* make SAFE_DEBUG compile clean; ssehic@gmailderaadt2006-03-121-10/+5
|
* typos from alexey dobriyan;jmc2006-02-061-2/+2
|
* Replace 'while (j>=0)' constructs with safer, more KNF friendly for()krw2005-12-171-9/+3
| | | | | | | loops because j is unsigned. Comments from Marco Hyman and Andreas Gunnarson fixed my first version. Spotted by lint. 'go for it' deraadt@ for initial version.
* fix comments, splimp -> splnetbrad2005-11-091-3/+3
|
* do not set PCI_COMMAND_MASTER_ENABLE explicitly as it's already set in pcisubmatch(); kettenis@ testing; brad@ okmickey2005-08-091-4/+1
|
* Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.millert2004-05-071-2/+2
| | | | | | This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
* Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.grange2004-05-041-2/+2
| | | | | | This matches our SLIST behaviour and NetBSD's SIMPLEQ as well. ok millert krw deraadt
* advertise features of our crypto chips better; ok tdevalderaadt2004-02-031-9/+10
| | | | jason is being a slacker
* remove uvm_extern.hbrad2004-01-091-3/+1
| | | | | | tested on alpha, i386, powerpc, sparc64, m68k. ok miod@
* need to flip the operands wordwise for big endian machines. modexp worksjason2003-08-221-4/+5
| | | | on ppc now.
* How about we NOT stomp all over memory past the end of the result buffer.jason2003-08-201-5/+6
| | | | (Now modexp runs for non-1k/2k operations)
* - The safenet chip really likes it's big nums to be written to differentjason2003-08-201-5/+6
| | | | | | | | parts of memory... picky picky ;) - zero the bignum memory after copying out the result (one less copy of sensitive material floating around...)... Why don't vendors provide a bit you can toggle that does this? - Oh, and modexp now works.
* most of the infrastructure to support public key operation. This is justjason2003-08-201-12/+277
| | | | a snapshot of work in progress (doesn't work correctly yet).
* add more delays during initjason2003-08-141-7/+8
|
* remove magic swapping constants in favor of the #defines I added a fewjason2003-08-141-3/+3
| | | | minutes ago (could have sworn I hit ^X^S).
* - remove some uneeded junk (mainly leftovers from ubsec cut/paste)jason2003-08-141-59/+57
| | | | | | | | | - fix interrupt printing - make shared structure entries volatile to ensure ordering - swap the key, iv, and mackey arguments appropriately - treat particle descriptor as two 32 elements (necessary for swabbing) - set the endian control byte correctly and flip off swabbing on the packet data (now works on macppc)
* - Don't need the bus_dma callback cruft as we have everything necessary in thejason2003-08-121-39/+130
| | | | | | map structure. - pull in some of sam's debugging stuff so that #define SAFE_DEBUG will compile - set the dst <- src when uio && nicealign && uniform
* cleaning: remove sc_flags and FBSDID junkjason2003-08-121-10/+7
| | | | also: let safe_uniform() check all of the elements
* safenet 1141 driver from freebsd (sam at errno):jason2003-08-121-0/+1814
this is a completely hacked up version, complaints should be to me not sam =)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.