ef9461ba0e
generator, found on IvyBridge and supposedly later CPUs, accessible with RDRAND instruction. From the Intel whitepapers and articles about Bull Mountain, it seems that we do not need to perform post-processing of RDRAND results, like AES-encryption of the data with random IV and keys, which was done for Padlock. Intel claims that sanitization is performed in hardware. Make both Padlock and Bull Mountain random generators support code covered by kernel config options, for the benefit of people who prefer minimal kernels. Also add the tunables to disable hardware generator even if detected. Reviewed by: markm, secteam (simon) Tested by: bapt, Michael Moll <kvedulv@kvedulv.de> MFC after: 3 weeks
20 lines
446 B
Makefile
20 lines
446 B
Makefile
# $FreeBSD$
|
|
|
|
.PATH: ${.CURDIR}/../../dev/random
|
|
.PATH: ${.CURDIR}/../../crypto/rijndael
|
|
.PATH: ${.CURDIR}/../../crypto/sha2
|
|
|
|
KMOD= random
|
|
SRCS= randomdev.c probe.c
|
|
.if ${MACHINE} == "amd64" || ${MACHINE} == "i386"
|
|
SRCS+= nehemiah.c
|
|
SRCS+= ivy.c
|
|
.endif
|
|
SRCS+= randomdev_soft.c yarrow.c hash.c
|
|
SRCS+= rijndael-alg-fst.c rijndael-api-fst.c sha2.c
|
|
SRCS+= bus_if.h device_if.h vnode_if.h opt_cpu.h
|
|
|
|
CFLAGS+= -I${.CURDIR}/../..
|
|
|
|
.include <bsd.kmod.mk>
|