Commit Graph

31 Commits

Author SHA1 Message Date
Pedro F. Giffuni
3728855a0f sys/geom: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-27 15:17:37 +00:00
Allan Jude
7a3f5d11fb Replace sys/crypto/sha2/sha2.c with lib/libmd/sha512c.c
cperciva's libmd implementation is 5-30% faster

The same was done for SHA256 previously in r263218

cperciva's implementation was lacking SHA-384 which I implemented, validated against OpenSSL and the NIST documentation

Extend sbin/md5 to create sha384(1)

Chase dependancies on sys/crypto/sha2/sha2.{c,h} and replace them with sha512{c.c,.h}

Reviewed by:	cperciva, des, delphij
Approved by:	secteam, bapt (mentor)
MFC after:	2 weeks
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3929
2015-12-27 17:33:59 +00:00
Julian Elischer
3745c395ec Rename the kthread_xxx (e.g. kthread_create()) calls
to kproc_xxx as they actually make whole processes.
Thos makes way for us to add REAL kthread_create() and friends
that actually make theads. it turns out that most of these
calls actually end up being moved back to the thread version
when it's added. but we need to make this cosmetic change first.

I'd LOVE to do this rename in 7.0  so that we can eventually MFC the
new kthread_xxx() calls.
2007-10-20 23:23:23 +00:00
Yaroslav Tykhiy
776fc0e90e Commit the results of the typo hunt by Darren Pilgrim.
This change affects documentation and comments only,
no real code involved.

PR:		misc/101245
Submitted by:	Darren Pilgrim <darren pilgrim bitfreak org>
Tested by:	md5(1)
MFC after:	1 week
2006-08-04 07:56:35 +00:00
Robert Watson
5bb84bc84b Normalize a significant number of kernel malloc type names:
- Prefer '_' to ' ', as it results in more easily parsed results in
  memory monitoring tools such as vmstat.

- Remove punctuation that is incompatible with using memory type names
  as file names, such as '/' characters.

- Disambiguate some collisions by adding subsystem prefixes to some
  memory types.

- Generally prefer lower case to upper case.

- If the same type is defined in multiple architecture directories,
  attempt to use the same name in additional cases.

Not all instances were caught in this change, so more work is required to
finish this conversion.  Similar changes are required for UMA zone names.
2005-10-31 15:41:29 +00:00
Hajimu UMEMOTO
68527b3aad stop including rijndael-api-fst.h from rijndael.h.
this is required to integrate opencrypto into crypto.
2005-03-11 15:42:51 +00:00
Warner Losh
fa521b0366 /* -> /*- for copyright notices, minor format tweaks as necessary 2005-01-06 18:27:30 +00:00
John Baldwin
6074439965 kthread_exit() no longer requires Giant, so don't force callers to acquire
Giant just to call kthread_exit().

Requested by:	many
2004-03-05 22:42:17 +00:00
Poul-Henning Kamp
df3df337b8 Polish the work/state engine in preparation for HW-crypto support. 2004-02-08 10:19:18 +00:00
Poul-Henning Kamp
a980e07369 Remove unused variable.
Found by:       FlexeLint
2003-05-31 19:08:23 +00:00
Poul-Henning Kamp
0195276f54 Use a dedicated malloc(9) bucket for sector storage. 2003-05-05 08:37:07 +00:00
Poul-Henning Kamp
a17da2aa74 Typo in last commit: Do not press xZZ to leave vi(1). 2003-04-29 19:38:55 +00:00
Poul-Henning Kamp
ca8f372bbc When a bio comes back from below with a zero error code, check that
it wrote the full length.  The only case where this should be able
to happen is if we try to read/write past the end and the request
is truncated.  We obviously should never try to do that, so this
code should never activate.
2003-04-29 19:37:36 +00:00
Poul-Henning Kamp
306babd20c Rename g_bde_get_sector() to g_bde_get_keysector() and pick up the
offset from the work packet.
2003-04-28 06:38:31 +00:00
Poul-Henning Kamp
11ca41a9bb Only attempt total cache-purge once in case of failure. 2003-04-28 06:19:41 +00:00
Poul-Henning Kamp
035694b29a Better criteria for skipping disk reading BIO_READ work packets. 2003-04-28 06:15:39 +00:00
Poul-Henning Kamp
d8e7c92c9e Explicitly set the sector state to JUNK if we encounter a read-error. 2003-04-28 06:10:35 +00:00
Poul-Henning Kamp
c08c56e02a Bail as soon as the first write request has failed, there is no point
in trying the second write if the first one went nowhere.
2003-04-26 21:40:26 +00:00
Poul-Henning Kamp
9b99e39d61 Do an explicit retry after we have dumped the cache, rather than a
(potential) tail recursion.
2003-04-25 21:43:11 +00:00
Poul-Henning Kamp
e8e0742ef4 If on a BIO_READ request, we failed to allocate the bio for reading
our key-sector, we would end up returning the read without an error,
despite the fact that the data was not correctly decrypted.

This would result in data corruption on read, but intact data still
on the media.
2003-04-25 21:28:28 +00:00
Poul-Henning Kamp
37f5e4a6c2 Fix a problem and slightly improve the ENOMEM handling:
Give up the entire bio as soon as we detect a problem.

When we detect a problem, give up the bio by contributing the
remainder with ENOMEM, rather than kicking the bio back right
away.

If we failed on a non-first iteration we previously could end up
modifying fields in the bio after we delivered it.  This could
account for memory corruption (none directly reported) on machines
with GBDE.
2003-04-25 21:20:57 +00:00
Poul-Henning Kamp
af6b9f17f9 Don't count a sector in the cache unless we manage to create it. 2003-04-25 20:56:27 +00:00
Poul-Henning Kamp
f2314b445d Rename g_bde_release_sector() to g_bde_release_keysector() and pick up
the sector from the work item.
2003-04-25 20:35:34 +00:00
Poul-Henning Kamp
195d573278 Rename g_bde_read_sector() to g_bde_read_keysector() pick up the offset
in the work structure.
2003-04-25 20:16:59 +00:00
Poul-Henning Kamp
b4b138c27f Including <sys/stdint.h> is (almost?) universally only to be able to use
%j in printfs, so put a newsted include in <sys/systm.h> where the printf
prototype lives and save everybody else the trouble.
2003-03-18 08:45:25 +00:00
Poul-Henning Kamp
4ec353005c Move the g_stat struct to its own .h file, we will export it to other code.
Insted of embedding a struct g_stat in consumers and providers, merely
include a pointer.

Remove a couple of <sys/time.h> includes now unneeded.

Add a special allocator for struct g_stat.  This allocator will allocate
entire pages and hand out g_stat functions from there.  The "id" field
indicates free/used status.

Add "/dev/geom.stats" device driver whic exports the pages from the
allocator to userland with mmap(2) in read-only mode.

This mmap(2) interface should be considered a non-public interface and
the functions in libgeom (not yet committed) should be used to access
the statistics data.
2003-02-08 13:03:57 +00:00
Poul-Henning Kamp
acb161b16f Optimize the size of the work-items by letting the mapping function
decide the largest size which stays inside the zone and does not
collide with a lock sector.
2003-01-02 19:29:49 +00:00
Poul-Henning Kamp
88806cc28c Fix two blunders in the mapping functions which can lead to corrupt data,
for request sizes larger than the sectorsize or for multi-key setups.

See warning mailed to current@ for details of recovery.

Found by:	Marcus Reid <marcus@blazingdot.com>
2002-12-18 19:57:27 +00:00
Poul-Henning Kamp
5afa461402 Run a revision on the GBDE encryption facility.
Replace ARC4 with SHA2-512.
Change lock-structure encoding to use random ordering rather for obscurity.
Encrypt lock-structure with AES/256 instead of AES/128.
Change kkey derivation to be MD5 hash based.
Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen.
Remove clause 3 of the license with NAI Labs consent.

Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David
Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and
suggestions.

This code has still not been stared at for 10 years by a gang of
hard-core cryptographers.  Discretion advised.

NB: These changes result in the on-disk format changing: dump/restore needed.

Sponsored by:   DARPA & NAI Labs.
2002-11-04 09:27:01 +00:00
Poul-Henning Kamp
87d4861cc5 Be consistent about functions being static.
Spotted by:	FlexeLint
2002-10-20 14:30:28 +00:00
Poul-Henning Kamp
19b5c7bc4b Add Geom Based Disk Encryption to the tree.
This is an encryption module designed for to secure denial of access
to the contents of "cold disks" with or without destruction activation.

Major features:

   * Based on AES, MD5 and ARC4 algorithms.
   * Four cryptographic barriers:
        1) Pass-phrase encrypts the master key.
        2) Pass-phrase + Lock data locates master key.
        3) 128 bit key derived from 2048 bit master key protects sector key.
        3) 128 bit random single-use sector keys protect data payload.
   * Up to four different changeable pass-phrases.
   * Blackening feature for provable destruction of master key material.
   * Isotropic disk contents offers no information about sector contents.
   * Configurable destination sector range allows steganographic deployment.

This commit adds the kernel part, separate commits will follow for the
userland utility and documentation.

This software was developed for the FreeBSD Project by Poul-Henning Kamp and
NAI Labs, the Security Research Division of Network Associates, Inc.  under
DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
research program.

Many thanks to Robert Watson, CBOSS Principal Investigator for making this
possible.

Sponsored by:   DARPA & NAI Labs.
2002-10-19 17:02:17 +00:00