spelling

ok mpi@

Enforce range with sysctl_int_bounded in swap_encrypt_ctl

OK millert@

make SWAP_KEY_GET symmetrical with SWAP_KEY_PUT by having it call
a function in uvm_swap_encrypt.c instead of doing stuff inline.

lets me remove an extern from the header too.

ok kettenis@

reduce the scope of things that include uvm_swap_encrypt.h.

uvm_meter.c needs it to route the sysctl, uvm_swap.c needs it to
use the functionality, and uvm_swap_encrypt.c needs it to for obvious
reasons. userland sysctl already includes it explicitely.

everything else doesnt and shouldnt care.

ok miod@

Remove some includes include-what-you-use claims don't
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.

ok tedu@ deraadt@

move arc4random prototype to systm.h. more appropriate for most code
to include that than rdnvar.h. ok deraadt dlg

remove uneeded proc.h includes
ok mpi@ kspillner@

for key material that is being being discarded, convert bzero() to
explicit_bzero() where required
ok markus mikeb

remove proc.h include from uvm_map.h. This has far reaching effects, as
sysctl.h was reliant on this particular include, and many drivers included
sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed.
ok deraadt

turn a for (i = 0; i < size; i++) arc4random(); loop into arc4random_buf().

Since that function is now so small (2 lines), inline it into it's only user.

Shaves some bytes (104 on amd64).

ok deraadt@, blambert@. djm@ liked an earlier diff.

encrypt swap by default. cheap, and why not. can be disabled by people
who have machines that hit swap a lot. decided after survey of developers,
we found that most turned this on. ok various

ansi + some knf, no binary change

ok deraadt

- use 1/2 space for rijndael context in ipsec
- rijndael_set_key_enc_only() sets up context for encryption only
- rijndael_set_key() always sets up full context
- rijndaelKeySetupDec() gets back original protoype
- uvm: use _enc_only() interface
with hshoexer@, ok deraadt@

inital -> initial

branches: 1.10.2;
Replace inclusion of <vm/foo.h> with the correct <uvm/bar.h> when necessary.
(Look ma, I might have broken the tree)

switch to the optimised AES reference code from
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
the same code is used by ssh, so please make sure to update
usr.sbin/ssh/rijndael.c if you change this code.
tested on sparc (jason) and with swap encryption (me); ok deraadt@, provos@

remove vm_conf.h; art@ ok

$OpenBSD$

Convert bzero to memset(X, 0..) and bcopy to memcpy.
This is to match (make diffs smaller) the code in NetBSD.
new gcc inlines those functions, so this could also be a performance win.

put in own ctl level for swapencrypt.

use rijndael instead of blowfish because of faster key setup.
break swap paritions into sections, each section has own
encryption key. if a section's key becomes unreferenced, erase it.

use encrypted blocknumber as IV

<crypto/blf.h>

branches: 1.1.2;
swap encryption for UVM, option UVM_SWAP_ENCRYPT. needs to be enabled
via sysctl.
Pages are encrypted with the Blowfish encryption algorithm, the key
is initialized randomly on first swap out, ensuring that entropy has
accumulated in the kernel randomness pool. Eventually, swap encryption
will be decided on a process by process basis, e.g. a process that reads from
a cryptographic filesystem will enable swap encrypt for its pages. okay
art@ and deraadt@.

Enforce range with sysctl_int_bounded in swap_encrypt_ctl

OK millert@

make SWAP_KEY_GET symmetrical with SWAP_KEY_PUT by having it call
a function in uvm_swap_encrypt.c instead of doing stuff inline.

lets me remove an extern from the header too.

ok kettenis@

reduce the scope of things that include uvm_swap_encrypt.h.

uvm_meter.c needs it to route the sysctl, uvm_swap.c needs it to
use the functionality, and uvm_swap_encrypt.c needs it to for obvious
reasons. userland sysctl already includes it explicitely.

everything else doesnt and shouldnt care.

ok miod@

Remove some includes include-what-you-use claims don't
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.

ok tedu@ deraadt@

move arc4random prototype to systm.h. more appropriate for most code
to include that than rdnvar.h. ok deraadt dlg

remove uneeded proc.h includes
ok mpi@ kspillner@

for key material that is being being discarded, convert bzero() to
explicit_bzero() where required
ok markus mikeb

remove proc.h include from uvm_map.h. This has far reaching effects, as
sysctl.h was reliant on this particular include, and many drivers included
sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed.
ok deraadt

turn a for (i = 0; i < size; i++) arc4random(); loop into arc4random_buf().

Since that function is now so small (2 lines), inline it into it's only user.

Shaves some bytes (104 on amd64).

ok deraadt@, blambert@. djm@ liked an earlier diff.

encrypt swap by default. cheap, and why not. can be disabled by people
who have machines that hit swap a lot. decided after survey of developers,
we found that most turned this on. ok various

ansi + some knf, no binary change

ok deraadt

- use 1/2 space for rijndael context in ipsec
- rijndael_set_key_enc_only() sets up context for encryption only
- rijndael_set_key() always sets up full context
- rijndaelKeySetupDec() gets back original protoype
- uvm: use _enc_only() interface
with hshoexer@, ok deraadt@

inital -> initial

branches: 1.10.2;
Replace inclusion of <vm/foo.h> with the correct <uvm/bar.h> when necessary.
(Look ma, I might have broken the tree)

switch to the optimised AES reference code from
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
the same code is used by ssh, so please make sure to update
usr.sbin/ssh/rijndael.c if you change this code.
tested on sparc (jason) and with swap encryption (me); ok deraadt@, provos@

remove vm_conf.h; art@ ok

$OpenBSD$

Convert bzero to memset(X, 0..) and bcopy to memcpy.
This is to match (make diffs smaller) the code in NetBSD.
new gcc inlines those functions, so this could also be a performance win.

put in own ctl level for swapencrypt.

use rijndael instead of blowfish because of faster key setup.
break swap paritions into sections, each section has own
encryption key. if a section's key becomes unreferenced, erase it.

use encrypted blocknumber as IV

<crypto/blf.h>

branches: 1.1.2;
swap encryption for UVM, option UVM_SWAP_ENCRYPT. needs to be enabled
via sysctl.
Pages are encrypted with the Blowfish encryption algorithm, the key
is initialized randomly on first swap out, ensuring that entropy has
accumulated in the kernel randomness pool. Eventually, swap encryption
will be decided on a process by process basis, e.g. a process that reads from
a cryptographic filesystem will enable swap encrypt for its pages. okay
art@ and deraadt@.

make SWAP_KEY_GET symmetrical with SWAP_KEY_PUT by having it call
a function in uvm_swap_encrypt.c instead of doing stuff inline.

lets me remove an extern from the header too.

ok kettenis@

reduce the scope of things that include uvm_swap_encrypt.h.

uvm_meter.c needs it to route the sysctl, uvm_swap.c needs it to
use the functionality, and uvm_swap_encrypt.c needs it to for obvious
reasons. userland sysctl already includes it explicitely.

everything else doesnt and shouldnt care.

ok miod@

Remove some includes include-what-you-use claims don't
have any direct symbols used. Tested for indirect use by compiling
amd64/i386/sparc64 kernels.

ok tedu@ deraadt@

move arc4random prototype to systm.h. more appropriate for most code
to include that than rdnvar.h. ok deraadt dlg

remove uneeded proc.h includes
ok mpi@ kspillner@

for key material that is being being discarded, convert bzero() to
explicit_bzero() where required
ok markus mikeb

remove proc.h include from uvm_map.h. This has far reaching effects, as
sysctl.h was reliant on this particular include, and many drivers included
sysctl.h unnecessarily. remove sysctl.h or add proc.h as needed.
ok deraadt

turn a for (i = 0; i < size; i++) arc4random(); loop into arc4random_buf().

Since that function is now so small (2 lines), inline it into it's only user.

Shaves some bytes (104 on amd64).

ok deraadt@, blambert@. djm@ liked an earlier diff.

encrypt swap by default. cheap, and why not. can be disabled by people
who have machines that hit swap a lot. decided after survey of developers,
we found that most turned this on. ok various

ansi + some knf, no binary change

ok deraadt

- use 1/2 space for rijndael context in ipsec
- rijndael_set_key_enc_only() sets up context for encryption only
- rijndael_set_key() always sets up full context
- rijndaelKeySetupDec() gets back original protoype
- uvm: use _enc_only() interface
with hshoexer@, ok deraadt@

inital -> initial

branches: 1.10.2;
Replace inclusion of <vm/foo.h> with the correct <uvm/bar.h> when necessary.
(Look ma, I might have broken the tree)

switch to the optimised AES reference code from
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
the same code is used by ssh, so please make sure to update
usr.sbin/ssh/rijndael.c if you change this code.
tested on sparc (jason) and with swap encryption (me); ok deraadt@, provos@

remove vm_conf.h; art@ ok

$OpenBSD$

Convert bzero to memset(X, 0..) and bcopy to memcpy.
This is to match (make diffs smaller) the code in NetBSD.
new gcc inlines those functions, so this could also be a performance win.

put in own ctl level for swapencrypt.

use rijndael instead of blowfish because of faster key setup.
break swap paritions into sections, each section has own
encryption key. if a section's key becomes unreferenced, erase it.

use encrypted blocknumber as IV

<crypto/blf.h>

branches: 1.1.2;
swap encryption for UVM, option UVM_SWAP_ENCRYPT. needs to be enabled
via sysctl.
Pages are encrypted with the Blowfish encryption algorithm, the key
is initialized randomly on first swap out, ensuring that entropy has
accumulated in the kernel randomness pool. Eventually, swap encryption
will be decided on a process by process basis, e.g. a process that reads from
a cryptographic filesystem will enable swap encrypt for its pages. okay
art@ and deraadt@.