#
1.65 |
|
23-Feb-2024 |
andvar |
s/opetions/options/ in hw.ubsec node description.
|
Revision tags: thorpej-ifq-base thorpej-altq-separation-base
|
#
1.64 |
|
04-Aug-2023 |
riastradh |
entropy(9): Simplify stages. Split interrupt vs non-interrupt paths.
- Nix the entropy stage (cold, warm, hot). Just use the usual kernel `cold' (cold: single-core, single-thread; interrupts may happen), and don't make any three-way distinction about whether interrupts or threads or other CPUs can be running.
Instead, while cold, use splhigh/splx or forbid paths to come from interrupt context, and while warm, use mutex or the per-CPU hard and soft interrupt paths for low latency. This comes at a small cost to some interrupt latency, since we may stir the pool in interrupt context -- but only for a very short window early at boot between configure and configure2, so it's hard to imagine it matters much.
- Allow rnd_add_uint32 to run in hard interrupt context or with spin locks held, but defer processing to softint and drop samples on the floor if buffer is full. This is mainly used for cheaply tossing samples from drivers for non-HWRNG devices into the entropy pool, so it is often used from interrupt context and/or under spin locks.
- New rnd_add_data_intr provides the interrupt-like data entry path for arbitrary buffers and driver-specified entropy estimates: defer processing to softint and drop samples on the floor if buffer is full.
- Document that rnd_add_data is forbidden under spin locks outside interrupt context (will crash in LOCKDEBUG), and inadvisable in interrupt context (but technically permitted just in case there are compatibility issues for now); later we can forbid it altogether in interrupt context or under spin locks.
- Audit all uses of rnd_add_data to use rnd_add_data_intr where it might be used in interrupt context or under a spin lock.
This fixes a regression from last year when the global entropy lock was changed from IPL_VM (spin) to IPL_SOFTSERIAL (adaptive). Thought I'd caught all the problems from that, but another one bit three different people this week, presumably because of recent changes that led to more non-HWRNG drivers entering the entropy consolidation path from rnd_add_uint32.
In my attempt to preserve the rnd(9) API for the (now long-since abandoned) prospect of pullup to netbsd-9 in my rewrite of the entropy subsystem in 2020, I didn't introduce a separate entry point for entering entropy from interrupt context or equivalent, i.e., spin locks held, and instead made rnd_add_data rely on cpu_intr_p() to decide whether to process the whole sample under a lock or only take as much as there's buffer space for before scheduling a softint. In retrospect, that was a mistake (though perhaps not as much of a mistake as other entropy API decisions...), a mistake which is finally getting rectified now by rnd_add_data_intr.
XXX pullup-10
|
#
1.63 |
|
06-May-2023 |
andvar |
s/Regiser/Register/ and s/regester/register/ in comments.
|
Revision tags: netbsd-10-base bouyer-sunxi-drm-base
|
#
1.62 |
|
27-Aug-2022 |
skrll |
branches: 1.62.4; Correct the abbreviation of approximately to 'approx.'
|
#
1.61 |
|
27-Aug-2022 |
skrll |
Trailing whitespace
|
#
1.60 |
|
23-May-2022 |
rin |
Audit unload/unmap v.s. free against DMA buffer for sys/dev/pci; make sure that bus_dmamap_unload(9) [or bus_dmamap_destroy(9)] or bus_dmamem_unmap(9) are preceding to freeing DMA buffer, if it is loaded or mapped, respectively.
This is mandatory for some archs. See, e.g.:
http://www.nerv.org/netbsd/?q=id:20210511T013030Z.013443cc790088147e4beed43f53dedabeaf9312 http://www.nerv.org/netbsd/?q=id:20220511T172220Z.561179f0b6fcc5b9cd73e274f69d74e2ce9e4c93
XXX XXX XXX Compile test only (for amd64/ALL).
Thanks riastradh@ for double check.
|
#
1.59 |
|
22-May-2022 |
riastradh |
opencrypto: Make freesession callback return void.
No functional change intended: all drivers already return zero unconditionally.
|
#
1.58 |
|
22-May-2022 |
riastradh |
ubsec(4): Prune dead branches. Assert session id validity.
|
#
1.57 |
|
22-May-2022 |
riastradh |
ubsec(4): Tidy up error branches of ubsec_process.
Make sure to return zero, not error, when we've already done crypto_done and set crp_etype.
|
#
1.56 |
|
22-May-2022 |
riastradh |
ubsec(4): Assert crp_sid is valid.
If opencrypto passes a bad sid in, that's a bug in opencrypto that needs to be fixed, not a user-triggered invalid input that we need to fail gracefully on.
|
#
1.55 |
|
22-May-2022 |
riastradh |
ubsec(4): ubsec_kprocess always returns zero. Prune dead branches.
|
#
1.54 |
|
22-May-2022 |
riastradh |
ubsec(4): Fix error branch: call crypto_kdone, don't return error.
|
#
1.53 |
|
18-May-2022 |
riastradh |
ubsec(4): Nix dead code.
No functional change intended.
|
Revision tags: thorpej-i2c-spi-conf2-base thorpej-futex2-base thorpej-cfargs2-base cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base thorpej-i2c-spi-conf-base thorpej-cfargs-base thorpej-futex-base
|
#
1.52 |
|
14-Jun-2020 |
riastradh |
ubsec(4): Don't use prev msg's last block as IV for next msg in CBC.
This violates the security contract of the CBC construction, which requires that the IV be unpredictable in advance; an adaptive adversary can exploit this to verify plaintext guesses.
XXX Compile-tested only.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.64 |
|
04-Aug-2023 |
riastradh |
entropy(9): Simplify stages. Split interrupt vs non-interrupt paths.
- Nix the entropy stage (cold, warm, hot). Just use the usual kernel `cold' (cold: single-core, single-thread; interrupts may happen), and don't make any three-way distinction about whether interrupts or threads or other CPUs can be running.
Instead, while cold, use splhigh/splx or forbid paths to come from interrupt context, and while warm, use mutex or the per-CPU hard and soft interrupt paths for low latency. This comes at a small cost to some interrupt latency, since we may stir the pool in interrupt context -- but only for a very short window early at boot between configure and configure2, so it's hard to imagine it matters much.
- Allow rnd_add_uint32 to run in hard interrupt context or with spin locks held, but defer processing to softint and drop samples on the floor if buffer is full. This is mainly used for cheaply tossing samples from drivers for non-HWRNG devices into the entropy pool, so it is often used from interrupt context and/or under spin locks.
- New rnd_add_data_intr provides the interrupt-like data entry path for arbitrary buffers and driver-specified entropy estimates: defer processing to softint and drop samples on the floor if buffer is full.
- Document that rnd_add_data is forbidden under spin locks outside interrupt context (will crash in LOCKDEBUG), and inadvisable in interrupt context (but technically permitted just in case there are compatibility issues for now); later we can forbid it altogether in interrupt context or under spin locks.
- Audit all uses of rnd_add_data to use rnd_add_data_intr where it might be used in interrupt context or under a spin lock.
This fixes a regression from last year when the global entropy lock was changed from IPL_VM (spin) to IPL_SOFTSERIAL (adaptive). Thought I'd caught all the problems from that, but another one bit three different people this week, presumably because of recent changes that led to more non-HWRNG drivers entering the entropy consolidation path from rnd_add_uint32.
In my attempt to preserve the rnd(9) API for the (now long-since abandoned) prospect of pullup to netbsd-9 in my rewrite of the entropy subsystem in 2020, I didn't introduce a separate entry point for entering entropy from interrupt context or equivalent, i.e., spin locks held, and instead made rnd_add_data rely on cpu_intr_p() to decide whether to process the whole sample under a lock or only take as much as there's buffer space for before scheduling a softint. In retrospect, that was a mistake (though perhaps not as much of a mistake as other entropy API decisions...), a mistake which is finally getting rectified now by rnd_add_data_intr.
XXX pullup-10
|
#
1.63 |
|
06-May-2023 |
andvar |
s/Regiser/Register/ and s/regester/register/ in comments.
|
Revision tags: netbsd-10-base bouyer-sunxi-drm-base
|
#
1.62 |
|
27-Aug-2022 |
skrll |
Correct the abbreviation of approximately to 'approx.'
|
#
1.61 |
|
27-Aug-2022 |
skrll |
Trailing whitespace
|
#
1.60 |
|
23-May-2022 |
rin |
Audit unload/unmap v.s. free against DMA buffer for sys/dev/pci; make sure that bus_dmamap_unload(9) [or bus_dmamap_destroy(9)] or bus_dmamem_unmap(9) are preceding to freeing DMA buffer, if it is loaded or mapped, respectively.
This is mandatory for some archs. See, e.g.:
http://www.nerv.org/netbsd/?q=id:20210511T013030Z.013443cc790088147e4beed43f53dedabeaf9312 http://www.nerv.org/netbsd/?q=id:20220511T172220Z.561179f0b6fcc5b9cd73e274f69d74e2ce9e4c93
XXX XXX XXX Compile test only (for amd64/ALL).
Thanks riastradh@ for double check.
|
#
1.59 |
|
22-May-2022 |
riastradh |
opencrypto: Make freesession callback return void.
No functional change intended: all drivers already return zero unconditionally.
|
#
1.58 |
|
22-May-2022 |
riastradh |
ubsec(4): Prune dead branches. Assert session id validity.
|
#
1.57 |
|
22-May-2022 |
riastradh |
ubsec(4): Tidy up error branches of ubsec_process.
Make sure to return zero, not error, when we've already done crypto_done and set crp_etype.
|
#
1.56 |
|
22-May-2022 |
riastradh |
ubsec(4): Assert crp_sid is valid.
If opencrypto passes a bad sid in, that's a bug in opencrypto that needs to be fixed, not a user-triggered invalid input that we need to fail gracefully on.
|
#
1.55 |
|
22-May-2022 |
riastradh |
ubsec(4): ubsec_kprocess always returns zero. Prune dead branches.
|
#
1.54 |
|
22-May-2022 |
riastradh |
ubsec(4): Fix error branch: call crypto_kdone, don't return error.
|
#
1.53 |
|
18-May-2022 |
riastradh |
ubsec(4): Nix dead code.
No functional change intended.
|
Revision tags: thorpej-i2c-spi-conf2-base thorpej-futex2-base thorpej-cfargs2-base cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base thorpej-i2c-spi-conf-base thorpej-cfargs-base thorpej-futex-base
|
#
1.52 |
|
14-Jun-2020 |
riastradh |
ubsec(4): Don't use prev msg's last block as IV for next msg in CBC.
This violates the security contract of the CBC construction, which requires that the IV be unpredictable in advance; an adaptive adversary can exploit this to verify plaintext guesses.
XXX Compile-tested only.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.63 |
|
06-May-2023 |
andvar |
s/Regiser/Register/ and s/regester/register/ in comments.
|
Revision tags: netbsd-10-base bouyer-sunxi-drm-base
|
#
1.62 |
|
27-Aug-2022 |
skrll |
Correct the abbreviation of approximately to 'approx.'
|
#
1.61 |
|
27-Aug-2022 |
skrll |
Trailing whitespace
|
#
1.60 |
|
23-May-2022 |
rin |
Audit unload/unmap v.s. free against DMA buffer for sys/dev/pci; make sure that bus_dmamap_unload(9) [or bus_dmamap_destroy(9)] or bus_dmamem_unmap(9) are preceding to freeing DMA buffer, if it is loaded or mapped, respectively.
This is mandatory for some archs. See, e.g.:
http://www.nerv.org/netbsd/?q=id:20210511T013030Z.013443cc790088147e4beed43f53dedabeaf9312 http://www.nerv.org/netbsd/?q=id:20220511T172220Z.561179f0b6fcc5b9cd73e274f69d74e2ce9e4c93
XXX XXX XXX Compile test only (for amd64/ALL).
Thanks riastradh@ for double check.
|
#
1.59 |
|
22-May-2022 |
riastradh |
opencrypto: Make freesession callback return void.
No functional change intended: all drivers already return zero unconditionally.
|
#
1.58 |
|
22-May-2022 |
riastradh |
ubsec(4): Prune dead branches. Assert session id validity.
|
#
1.57 |
|
22-May-2022 |
riastradh |
ubsec(4): Tidy up error branches of ubsec_process.
Make sure to return zero, not error, when we've already done crypto_done and set crp_etype.
|
#
1.56 |
|
22-May-2022 |
riastradh |
ubsec(4): Assert crp_sid is valid.
If opencrypto passes a bad sid in, that's a bug in opencrypto that needs to be fixed, not a user-triggered invalid input that we need to fail gracefully on.
|
#
1.55 |
|
22-May-2022 |
riastradh |
ubsec(4): ubsec_kprocess always returns zero. Prune dead branches.
|
#
1.54 |
|
22-May-2022 |
riastradh |
ubsec(4): Fix error branch: call crypto_kdone, don't return error.
|
#
1.53 |
|
18-May-2022 |
riastradh |
ubsec(4): Nix dead code.
No functional change intended.
|
Revision tags: thorpej-i2c-spi-conf2-base thorpej-futex2-base thorpej-cfargs2-base cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base thorpej-i2c-spi-conf-base thorpej-cfargs-base thorpej-futex-base
|
#
1.52 |
|
14-Jun-2020 |
riastradh |
ubsec(4): Don't use prev msg's last block as IV for next msg in CBC.
This violates the security contract of the CBC construction, which requires that the IV be unpredictable in advance; an adaptive adversary can exploit this to verify plaintext guesses.
XXX Compile-tested only.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.62 |
|
27-Aug-2022 |
skrll |
Correct the abbreviation of approximately to 'approx.'
|
#
1.61 |
|
27-Aug-2022 |
skrll |
Trailing whitespace
|
#
1.60 |
|
23-May-2022 |
rin |
Audit unload/unmap v.s. free against DMA buffer for sys/dev/pci; make sure that bus_dmamap_unload(9) [or bus_dmamap_destroy(9)] or bus_dmamem_unmap(9) are preceding to freeing DMA buffer, if it is loaded or mapped, respectively.
This is mandatory for some archs. See, e.g.:
http://www.nerv.org/netbsd/?q=id:20210511T013030Z.013443cc790088147e4beed43f53dedabeaf9312 http://www.nerv.org/netbsd/?q=id:20220511T172220Z.561179f0b6fcc5b9cd73e274f69d74e2ce9e4c93
XXX XXX XXX Compile test only (for amd64/ALL).
Thanks riastradh@ for double check.
|
#
1.59 |
|
22-May-2022 |
riastradh |
opencrypto: Make freesession callback return void.
No functional change intended: all drivers already return zero unconditionally.
|
#
1.58 |
|
22-May-2022 |
riastradh |
ubsec(4): Prune dead branches. Assert session id validity.
|
#
1.57 |
|
22-May-2022 |
riastradh |
ubsec(4): Tidy up error branches of ubsec_process.
Make sure to return zero, not error, when we've already done crypto_done and set crp_etype.
|
#
1.56 |
|
22-May-2022 |
riastradh |
ubsec(4): Assert crp_sid is valid.
If opencrypto passes a bad sid in, that's a bug in opencrypto that needs to be fixed, not a user-triggered invalid input that we need to fail gracefully on.
|
#
1.55 |
|
22-May-2022 |
riastradh |
ubsec(4): ubsec_kprocess always returns zero. Prune dead branches.
|
#
1.54 |
|
22-May-2022 |
riastradh |
ubsec(4): Fix error branch: call crypto_kdone, don't return error.
|
#
1.53 |
|
18-May-2022 |
riastradh |
ubsec(4): Nix dead code.
No functional change intended.
|
Revision tags: thorpej-i2c-spi-conf2-base thorpej-futex2-base thorpej-cfargs2-base cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base thorpej-i2c-spi-conf-base thorpej-cfargs-base thorpej-futex-base
|
#
1.52 |
|
14-Jun-2020 |
riastradh |
ubsec(4): Don't use prev msg's last block as IV for next msg in CBC.
This violates the security contract of the CBC construction, which requires that the IV be unpredictable in advance; an adaptive adversary can exploit this to verify plaintext guesses.
XXX Compile-tested only.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.60 |
|
23-May-2022 |
rin |
Audit unload/unmap v.s. free against DMA buffer for sys/dev/pci; make sure that bus_dmamap_unload(9) [or bus_dmamap_destroy(9)] or bus_dmamem_unmap(9) are preceding to freeing DMA buffer, if it is loaded or mapped, respectively.
This is mandatory for some archs. See, e.g.:
http://www.nerv.org/netbsd/?q=id:20210511T013030Z.013443cc790088147e4beed43f53dedabeaf9312 http://www.nerv.org/netbsd/?q=id:20220511T172220Z.561179f0b6fcc5b9cd73e274f69d74e2ce9e4c93
XXX XXX XXX Compile test only (for amd64/ALL).
Thanks riastradh@ for double check.
|
#
1.59 |
|
22-May-2022 |
riastradh |
opencrypto: Make freesession callback return void.
No functional change intended: all drivers already return zero unconditionally.
|
#
1.58 |
|
22-May-2022 |
riastradh |
ubsec(4): Prune dead branches. Assert session id validity.
|
#
1.57 |
|
22-May-2022 |
riastradh |
ubsec(4): Tidy up error branches of ubsec_process.
Make sure to return zero, not error, when we've already done crypto_done and set crp_etype.
|
#
1.56 |
|
22-May-2022 |
riastradh |
ubsec(4): Assert crp_sid is valid.
If opencrypto passes a bad sid in, that's a bug in opencrypto that needs to be fixed, not a user-triggered invalid input that we need to fail gracefully on.
|
#
1.55 |
|
22-May-2022 |
riastradh |
ubsec(4): ubsec_kprocess always returns zero. Prune dead branches.
|
#
1.54 |
|
22-May-2022 |
riastradh |
ubsec(4): Fix error branch: call crypto_kdone, don't return error.
|
#
1.53 |
|
18-May-2022 |
riastradh |
ubsec(4): Nix dead code.
No functional change intended.
|
Revision tags: thorpej-i2c-spi-conf2-base thorpej-futex2-base thorpej-cfargs2-base cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base thorpej-i2c-spi-conf-base thorpej-cfargs-base thorpej-futex-base
|
#
1.52 |
|
14-Jun-2020 |
riastradh |
ubsec(4): Don't use prev msg's last block as IV for next msg in CBC.
This violates the security contract of the CBC construction, which requires that the IV be unpredictable in advance; an adaptive adversary can exploit this to verify plaintext guesses.
XXX Compile-tested only.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.52 |
|
14-Jun-2020 |
riastradh |
ubsec(4): Don't use prev msg's last block as IV for next msg in CBC.
This violates the security contract of the CBC construction, which requires that the IV be unpredictable in advance; an adaptive adversary can exploit this to verify plaintext guesses.
XXX Compile-tested only.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.51 |
|
25-May-2020 |
thorpej |
unifdef everything-but-NetBSD. Gets rid of a naked cfattach decl.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.50 |
|
30-Apr-2020 |
riastradh |
rnd_attach_source calls the callback itself now.
No need for every driver to explicitly call it to prime the pool.
Eliminate now-unused <sys/rndpool.h>.
|
#
1.49 |
|
30-Apr-2020 |
riastradh |
Don't attach rndsource until it's actually ready to run.
|
Revision tags: bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base phil-wifi-20200406
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: is-mlppp-base ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-2-RELEASE netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.48 |
|
16-Mar-2020 |
pgoyette |
Use the module subsystem's ability to process SYSCTL_SETUP() entries to automate installation of sysctl nodes.
Note that there are still a number of device and pseudo-device modules that create entries tied to individual device units, rather than to the module itself. These are not changed.
|
Revision tags: ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
#
1.47 |
|
10-Nov-2019 |
chs |
in many device attach paths, allocate memory with M_WAITOK instead of M_NOWAIT and remove code to handle failures that can no longer happen.
|
Revision tags: netbsd-9-base phil-wifi-20190609 isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: netbsd-8-1-RELEASE netbsd-8-1-RC1 jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; 1.43.18; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
Revision tags: isaki-audio2-base pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226
|
#
1.46 |
|
22-Dec-2018 |
maxv |
Replace: M_COPY_PKTHDR -> m_copy_pkthdr. No functional change, since the former is a macro to the latter.
|
#
1.45 |
|
09-Dec-2018 |
jdolecek |
use pci_intr_establish_xname() everywhere
|
Revision tags: pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.44 |
|
03-Sep-2018 |
riastradh |
Rename min/max -> uimin/uimax for better honesty.
These functions are defined on unsigned int. The generic name min/max should not silently truncate to 32 bits on 64-bit systems. This is purely a name change -- no functional change intended.
HOWEVER! Some subsystems have
#define min(a, b) ((a) < (b) ? (a) : (b)) #define max(a, b) ((a) > (b) ? (a) : (b))
even though our standard name for that is MIN/MAX. Although these may invite multiple evaluation bugs, these do _not_ cause integer truncation.
To avoid `fixing' these cases, I first changed the name in libkern, and then compile-tested every file where min/max occurred in order to confirm that it failed -- and thus confirm that nothing shadowed min/max -- before changing it.
I have left a handful of bootloaders that are too annoying to compile-test, and some dead code:
cobalt ews4800mips hp300 hppa ia64 luna68k vax acorn32/if_ie.c (not included in any kernels) macppc/if_gm.c (superseded by gem(4))
It should be easy to fix the fallout once identified -- this way of doing things fails safe, and the goal here, after all, is to _avoid_ silent integer truncations, not introduce them.
Maybe one day we can reintroduce min/max as type-generic things that never silently truncate. But we should avoid doing that for a while, so that existing code has a chance to be detected by the compiler for conversion to uimin/uimax without changing the semantics until we can properly audit it all. (Who knows, maybe in some cases integer truncation is actually intended!)
|
Revision tags: jdolecek-ncqfixes-base pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base tls-maxphys-base-20171202 matt-nb8-mediatek-base nick-nhusb-base-20170825 perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 jdolecek-ncq-base pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
branches: 1.43.16; KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-2-RELEASE netbsd-7-1-2-RELEASE netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|
Revision tags: nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907
|
#
1.43 |
|
07-Jul-2016 |
msaitoh |
KNF. Remove extra spaces. No functional change.
|
Revision tags: nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606
|
#
1.42 |
|
13-Apr-2015 |
riastradh |
Add header guards and necessary includes.
|
Revision tags: netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base-20150406 nick-nhusb-base netbsd-7-base tls-maxphys-base
|
#
1.41 |
|
10-Aug-2014 |
tls |
branches: 1.41.4; Merge tls-earlyentropy branch into HEAD.
|
Revision tags: yamt-pagecache-base9 tls-earlyentropy-base rmind-smpnet-nbase rmind-smpnet-base
|
#
1.40 |
|
19-Apr-2014 |
bad |
Add support for accelerated AES_CBC in ubsec(4) for BCM5823 and newer. Update man-page and bump date. Adjust OpenBSD RCS IDs to reflect roughly the version we are in sync with.
|
#
1.39 |
|
18-Apr-2014 |
bad |
Rewrite the dmamap handling to allocate and cache the dmamaps beforehand. Calling bus_dmamap_create/destroy is no longer possible in interrupt context. Move the dmamaps to the end of struct ubsec_q so the rest of the struct can be cleared with one call to memset().
As a bonus we get a 25% increase in throughput encrypting 8K blocks.
|
Revision tags: riastradh-xf86-video-intel-2-7-1-pre-2-21-15
|
#
1.38 |
|
29-Mar-2014 |
christos |
branches: 1.38.2; make pci_intr_string and eisa_intr_string take a buffer and a length instead of relying in local static storage.
|
Revision tags: riastradh-drm2-base3
|
#
1.37 |
|
25-Feb-2014 |
pooka |
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before the sysctl link sets are processed, and remove redundancy.
Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate lines of code.
|
#
1.36 |
|
03-Jan-2014 |
pgoyette |
If you're going to build this driver as a module, make sure that it depends on opencrypto module.
|
#
1.35 |
|
26-Dec-2013 |
bad |
Also disable MCR4INT in ubsec_detach() when appropriate.
|
#
1.34 |
|
17-Nov-2013 |
bad |
Add support for BCM5825, and BCM5860, 5861, 5862 from OpenBSD rev 1.143: Add support for the BCM5825 and the next-generation BCM5860, 5861, 5862 Broadcom CryptoNetX IPSec/SSL Security Processors. The 5825 is a faster version of the already supported 5823, and the even faster 586x series is a bit different and needed some more changes.
AES support hasn't been pulled in yet.
|
#
1.33 |
|
17-Nov-2013 |
bad |
Create the sysctl variables on module initialization. Create them under hw.ubsec as is hip these days.
|
#
1.32 |
|
17-Nov-2013 |
bad |
Make ubsec(4) loadable as kmod.
|
#
1.31 |
|
17-Nov-2013 |
bad |
Fix locking botch. Callers of ubsec_rng_locked() lock and release sc_mtx already.
|
#
1.30 |
|
17-Nov-2013 |
bad |
Use callout_setfunc()/callout_schedule() instead of callout_reset(), it is cheaper.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.29 |
|
13-Jun-2013 |
tls |
branches: 1.29.2; Convert the entropy pool framework from pseudo-callout-driven to soft interrupt driven operation.
Add a polling mode of operation -- now we can ask hardware random number generators to top us up just when we need it (bcm2835_rng and amdpm converted as examples).
Fix a stall noticed with repeated reads from /dev/random while testing.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.28 |
|
27-Oct-2012 |
chs |
split device_t/softc for all remaining drivers. replace "struct device *" with "device_t". use device_xname(), device_unit(), etc.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.27 |
|
30-Jan-2012 |
drochner |
branches: 1.27.6; Use pci_aprint_devinfo(9) instead of pci_devinfo+aprint_{normal,naive} where it looks straightforward, and pci_aprint_devinfo_fancy in a few others where drivers want to supply their own device names instead of the pcidevs generated one. More complicated cases, where names are composed at runtime, are left alone for now. It certainly makes sense to simplify the drivers here rather than inventing a catch-all API. This should serve as as example for new drivers, and also ensure consistent output in the AB_QUIET ("boot -q") case. Also, it avoids excessive stack usage where drivers attach child devices because the buffer for the device name is not kept on the local stack anymore.
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base
|
#
1.26 |
|
19-Nov-2011 |
tls |
branches: 1.26.2; First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following:
An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time.
A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run.
A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
|
Revision tags: jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base jruoho-x86intr-base matt-mips64-premerge-20101231 rmind-uvmplock-base
|
#
1.25 |
|
13-Nov-2010 |
uebayasi |
branches: 1.25.8; Don't pull in the whole uvm(9) API to access only PAGE_SIZE and some other constants. These are provided by sys/param.h now.
|
Revision tags: uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211
|
#
1.24 |
|
26-Nov-2009 |
njoly |
branches: 1.24.4; Cleanup interrupt establish error messages. Do not mix aprint_error/aprint_normal/printf calls for a single line.
|
Revision tags: yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.23 |
|
12-May-2009 |
cegger |
use device_private(). "looks good" ad@ XXX for the device_t/softc split, please check the driver that no cases have been missed.
|
#
1.22 |
|
06-May-2009 |
cegger |
struct device * -> device_t, no functional changes intended.
|
#
1.21 |
|
06-May-2009 |
cegger |
struct cfdata * -> cfdata_t, no functional changes intended.
|
Revision tags: yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 nick-hppapmap-base
|
#
1.20 |
|
18-Apr-2009 |
tsutsui |
Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.19 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.18 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.17 |
|
19-Dec-2008 |
cegger |
branches: 1.17.2; use M_ZERO on malloc() and remove subsequent bzero().
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base yamt-pf42-base
|
#
1.16 |
|
10-Apr-2008 |
cegger |
branches: 1.16.4; 1.16.12; use aprint_*_dev and device_xname
|
Revision tags: ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.15 |
|
02-Feb-2008 |
tls |
branches: 1.15.6; From Darran Hunt at Coyote Point: don't truncate HMAC to 96 bits unless actually asked to.
Fixed in FreeBSD a while ago, discussed on tech-kern and tech-crypto.
|
Revision tags: vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base matt-armv6-base
|
#
1.14 |
|
11-Dec-2007 |
lukem |
use __KERNEL_RCSID()
|
Revision tags: nick-csl-alignment-base5 matt-armv6-prevmlocking yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase yamt-x86pmap-base4 bouyer-xenamd64-base yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base jmcneill-pm-base nick-csl-alignment-base reinoud-bufcleanup-base mjf-ufs-trans-base vmlocking-base
|
#
1.13 |
|
09-Jul-2007 |
ad |
branches: 1.13.8; 1.13.14; 1.13.16; 1.13.18; 1.13.20; Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes - select()/poll() improvements - miscellaneous MT safety improvements
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.12 |
|
04-Mar-2007 |
christos |
branches: 1.12.2; 1.12.4; Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 matt-nb4-arm-base netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.11 |
|
16-Nov-2006 |
christos |
branches: 1.11.4; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.10 |
|
12-Oct-2006 |
christos |
- sprinkle __unused on function decls. - fix a couple of unused bugs - no more -Wno-unused for i386
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base yamt-pdpolicy-base4 yamt-pdpolicy-base3 elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.9 |
|
28-Mar-2006 |
thorpej |
branches: 1.9.8; 1.9.10; Use device_unit().
|
Revision tags: peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5 yamt-readahead-base3 ktrace-lwp-base
|
#
1.8 |
|
25-Nov-2005 |
thorpej |
branches: 1.8.4; 1.8.6; 1.8.8; 1.8.10; 1.8.12; - De-couple the software crypto implementation from the rest of the framework. There is no need to waste the space if you are only using algoritms provided by hardware accelerators. To get the software implementations, add "pseudo-device swcr" to your kernel config. - Lazily initialize the opencrypto framework when crypto drivers (either hardware or swcr) register themselves with the framework.
|
Revision tags: yamt-readahead-base2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base
|
#
1.7 |
|
28-Jun-2005 |
thorpej |
branches: 1.7.2; 1.7.8; Use ANSI function decls and static.
|
#
1.6 |
|
30-May-2005 |
christos |
- const poisoning - avoid variable shadowing.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base
|
#
1.5 |
|
27-Feb-2005 |
perry |
nuke trailing whitespace
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE yamt-km-base2 yamt-km-base netbsd-2-0-1-RELEASE kent-audio1-beforemerge netbsd-2-base kent-audio1-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.4 |
|
28-Aug-2003 |
thorpej |
branches: 1.4.4; 1.4.10; 1.4.12; * Make matching and chip info table-driven. * Print product name and revision at attach time. * Use aprint_*().
|
#
1.3 |
|
27-Aug-2003 |
thorpej |
Fix some diagnotic printfs.
|
#
1.2 |
|
21-Aug-2003 |
jonathan |
Remove #ifdef _OpenBSD__ code which sets the softc pointer `sc' by passing an index into ubsec_cd.cd_devs[]: that causes too much confusion with the checks that sc is non-null.
|
#
1.1 |
|
01-Aug-2003 |
jonathan |
Preliminary port of merged OpenBSD/FreeBSD ubsec driver for Bluesteel Networks/Broadcom line of cryptographic accelerators.
|