summaryrefslogtreecommitdiffstats
path: root/sys/dev/pci/safe.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* replace add_*_randomness with enqueue_randomness()jasper2018-04-281-2/+2
| | | | | | | | | this gets rid of the source annotation which doesn't really add anything other than adding complexitiy. randomess is generally good enough that the few extra bits that the source type would add are not worth it. ok mikeb@ deraadt@
* Reduce the per-packet allocation costs for crypto operations (cryptop)patrick2017-02-071-6/+9
| | | | | | | | | | | | | | by pre-allocating two cryptodesc objects and storing them in an array instead of a linked list. If more than two cryptodesc objects are required use mallocarray to fetch them. Adapt the drivers to the new API. This change results in one pool-get per ESP packet instead of three. It also simplifies softraid crypto where more cryptodesc objects are allocated than used. From, with and ok markus@, ok bluhm@ "looks sane" mpi@
* Remove plain DES from the kernel crypto framework, including the cryptonaddy2015-12-101-19/+6
| | | | accelerator drivers. No longer used by anything. ok sthen@ mikeb@
* Expand ancient NTOHL/NTOHS/HTONS/HTONL macros.mpi2015-07-161-2/+2
| | | | ok guenther@, henning@
* Remove some includes include-what-you-use claims don'tjsg2015-03-141-2/+1
| | | | | | | have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels. ok tedu@ deraadt@
* Remove support for public key operationsmikeb2014-08-151-277/+1
|
* Some reallocarray() use; review Jean-Philippe Ouellet, patrick keshishianderaadt2014-07-131-2/+2
| | | | ok tedu
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-4/+4
| | | | after discussions with beck deraadt kettenis.
* Remove excessive sys/cdefs.h inclusionderaadt2012-12-051-3/+1
| | | | ok guenther millert kettenis
* handle m_copyback errors, this code is too sensitive for suchmikeb2012-01-131-3/+6
| | | | failures to be neglected; ok markus
* Passing M_WAITOK to mbuf functions is supposed to be a contract betweenblambert2011-04-051-2/+3
| | | | | | | | | | | | | | | the caller and the function that the function will not fail to allocate memory and return a NULL pointer. However, m_dup_pkthdr() violates this contract, making it possible for functions that pass M_WAITOK to be surprised in ways that hurt. Fix this by passing the wait flag all the way down the functions that actually do the allocation for m_dup_pkthdr() so that we won't be surprised. man page update forthcoming ok claudio@
* use nitems(); no binary change for drivers that are compiled on amd64.jasper2011-04-031-5/+4
| | | | ok claudio@
* use explicit_bzero() for key materials, including that in the session.deraadt2011-01-121-3/+5
| | | | there was also a local buffer which was left around
* Bring CBC oracle attack countermeasure from r1.32 of cryptosoft.c tomikeb2010-12-151-33/+3
| | | | | | | | | | | | | the hardware crypto accelerator land. This fixes aes-ni, via xcrypt, glxsb(4), hifn(4), safe(4) and ubsec(4) drivers. Original commit message by angelos: Don't keep the last blocksize-bytes of ciphertext for use as the next plaintext's IV, in CBC mode. Use arc4random() to acquire fresh IVs per message. with and ok deraadt, ok markus, djm
* m_copyback can fail to allocate memory, but is a void fucntion so gymnasticsblambert2010-07-021-3/+5
| | | | | | | | | are required to detect that. Change the function to take a wait argument (used in nfs server, but M_NOWAIT everywhere else for now) and to return an error ok claudio@ henning@ krw@
* update a random sampling of drivers after the proc.h -> systm.h movetedu2010-04-061-2/+1
|
* Fix two bugs in IPsec/HMAC-SHA2:markus2010-01-101-5/+5
| | | | | | | | | | | | | | | (1) use correct (message) block size of 128 byte (instead of 64 bytes) for HMAC-SHA512/384 (RFC4634). (2) RFC4868 specifies that HMAC-SHA-{256,384,512} is truncated to nnn/2 bits, while we still use 96 bits. 96 bits have been specified in draft-ietf-ipsec-ciph-sha-256-00 while draft-ietf-ipsec-ciph-sha-256-01 changed it to 128 bits. WARNING: this change makes IPsec with SHA-256 (the default) incompatible with older OpenBSD versions and other IPsec-implementations that share this bug. ok+tests naddy, fries; requested by reyk/deraadt
* M_DUP_PKTHDR() define -> m_dup_pkthdr() function to properly dealkrw2009-09-131-3/+8
| | | | | | | | | | | | | with m_tag_copy_chain() failures. Use m_defrag() to eliminate hand rolled defragging of mbufs and some uses of M_DUP_PKTHDR(). Original diff from thib@, claudio@'s feedback integrated by me. Tests kevlo@ claudio@, "reads ok" blambert@ ok thib@ claudio@, "m_defrag() bits ok" kettenis@
* Change safe_rng_read() from __inline to static __inline likejsg2009-06-251-3/+3
| | | | | the original FreeBSD code for consistent behaviour between c89/c99 compilers.
* Second pass of simple timeout_add -> timeout_add_sec conversionsblambert2008-10-151-3/+3
| | | | | | | This should take care of the simpler ones (i.e., timeout values of integer multiples of hz). ok krw@, art@
* rename arc4random_bytes => arc4random_buf to match libc's nicer name;djm2008-06-091-2/+2
| | | | ok deraadt@
* arc4random_bytes() is the preferred interface for generating nonces;djm2007-09-181-2/+2
| | | | "looks ok" markus@
* of ofderaadt2007-02-281-2/+2
|
* do not check for master/io/mem enables; ok kettenisderaadt2006-06-291-14/+2
|
* make SAFE_DEBUG compile clean; ssehic@gmailderaadt2006-03-121-10/+5
|
* typos from alexey dobriyan;jmc2006-02-061-2/+2
|
* Replace 'while (j>=0)' constructs with safer, more KNF friendly for()krw2005-12-171-9/+3
| | | | | | | loops because j is unsigned. Comments from Marco Hyman and Andreas Gunnarson fixed my first version. Spotted by lint. 'go for it' deraadt@ for initial version.
* fix comments, splimp -> splnetbrad2005-11-091-3/+3
|
* do not set PCI_COMMAND_MASTER_ENABLE explicitly as it's already set in pcisubmatch(); kettenis@ testing; brad@ okmickey2005-08-091-4/+1
|
* Replace RSA-derived md5 code with code derived from Colin Plumb's PD version.millert2004-05-071-2/+2
| | | | | | This moves md5.c out of libkern and into sys/crypto where it belongs (as requested by markus@). Note that md5.c is still mandatory (dev/rnd.c uses it). Verified with IPsec + hmac-md5 and tcp md5sig. OK henning@ and hshoexer@
* Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.grange2004-05-041-2/+2
| | | | | | This matches our SLIST behaviour and NetBSD's SIMPLEQ as well. ok millert krw deraadt
* advertise features of our crypto chips better; ok tdevalderaadt2004-02-031-9/+10
| | | | jason is being a slacker
* remove uvm_extern.hbrad2004-01-091-3/+1
| | | | | | tested on alpha, i386, powerpc, sparc64, m68k. ok miod@
* need to flip the operands wordwise for big endian machines. modexp worksjason2003-08-221-4/+5
| | | | on ppc now.
* How about we NOT stomp all over memory past the end of the result buffer.jason2003-08-201-5/+6
| | | | (Now modexp runs for non-1k/2k operations)
* - The safenet chip really likes it's big nums to be written to differentjason2003-08-201-5/+6
| | | | | | | | parts of memory... picky picky ;) - zero the bignum memory after copying out the result (one less copy of sensitive material floating around...)... Why don't vendors provide a bit you can toggle that does this? - Oh, and modexp now works.
* most of the infrastructure to support public key operation. This is justjason2003-08-201-12/+277
| | | | a snapshot of work in progress (doesn't work correctly yet).
* add more delays during initjason2003-08-141-7/+8
|
* remove magic swapping constants in favor of the #defines I added a fewjason2003-08-141-3/+3
| | | | minutes ago (could have sworn I hit ^X^S).
* - remove some uneeded junk (mainly leftovers from ubsec cut/paste)jason2003-08-141-59/+57
| | | | | | | | | - fix interrupt printing - make shared structure entries volatile to ensure ordering - swap the key, iv, and mackey arguments appropriately - treat particle descriptor as two 32 elements (necessary for swabbing) - set the endian control byte correctly and flip off swabbing on the packet data (now works on macppc)
* - Don't need the bus_dma callback cruft as we have everything necessary in thejason2003-08-121-39/+130
| | | | | | map structure. - pull in some of sam's debugging stuff so that #define SAFE_DEBUG will compile - set the dst <- src when uio && nicealign && uniform
* cleaning: remove sc_flags and FBSDID junkjason2003-08-121-10/+7
| | | | also: let safe_uniform() check all of the elements
* safenet 1141 driver from freebsd (sam at errno):jason2003-08-121-0/+1814
this is a completely hacked up version, complaints should be to me not sam =)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.