d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2fb3637007
freebsd-dev/sys/modules/Makefile
Andrey V. Elsukov fcf596178b Merge projects/ipsec into head/. 
Small summary
 -------------

o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
  option IPSEC_SUPPORT added. It enables support for loading
  and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
  default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
  support was removed. Added TCP/UDP checksum handling for
  inbound packets that were decapsulated by transport mode SAs.
  setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
  build as part of ipsec.ko module (or with IPSEC kernel).
  It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
  methods. The only one header file <netipsec/ipsec_support.h>
  should be included to declare all the needed things to work
  with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
  Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
  - now all security associations stored in the single SPI namespace,
    and all SAs MUST have unique SPI.
  - several hash tables added to speed up lookups in SADB.
  - SADB now uses rmlock to protect access, and concurrent threads
    can do SA lookups in the same time.
  - many PF_KEY message handlers were reworked to reflect changes
    in SADB.
  - SADB_UPDATE message was extended to support new PF_KEY headers:
    SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
    can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
  avoid locking protection for ipsecrequest. Now we support
  only limited number (4) of bundled SAs, but they are supported
  for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
  used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
  check for full history of applied IPsec transforms.
o References counting rules for security policies and security
  associations were changed. The proper SA locking added into xform
  code.
o xform code was also changed. Now it is possible to unregister xforms.
  tdb_xxx structures were changed and renamed to reflect changes in
  SADB/SPDB, and changed rules for locking and refcounting.

Reviewed by:	gnn, wblock
Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9352
2017-02-06 08:49:57 +00:00

814 lines
12 KiB
Makefile
Raw Blame History

# $FreeBSD$
SYSDIR?=${.CURDIR}/..
.include "${SYSDIR}/conf/kern.opts.mk"
SUBDIR_PARALLEL=
# Modules that include binary-only blobs of microcode should be selectable by
# MK_SOURCELESS_UCODE option (see below).
.if defined(MODULES_OVERRIDE) && !defined(ALL_MODULES)
SUBDIR=${MODULES_OVERRIDE}
.else
SUBDIR= \
${_3dfx} \
${_3dfx_linux} \
${_aac} \
${_aacraid} \
accf_data \
accf_dns \
accf_http \
acl_nfs4 \
acl_posix1e \
${_acpi} \
ae \
${_aesni} \
age \
${_agp} \
aha \
${_ahb} \
ahci \
${_aic} \
aic7xxx \
alc \
ale \
alq \
${_amdsbwd} \
${_amdtemp} \
amr \
${_an} \
${_aout} \
${_apm} \
${_arcmsr} \
${_arcnet} \
${_armv8crypto} \
${_asmc} \
ata \
ath \
ath_pci \
${_autofs} \
${_auxio} \
${_bce} \
bfe \
bge \
bhnd \
${_bxe} \
${_bios} \
${_bktr} \
${_bm} \
bnxt \
bridgestp \
bwi \
bwn \
bwn_pci \
${_bytgpio} \
cam \
${_cardbus} \
${_carp} \
cas \
${_cbb} \
cc \
cd9660 \
cd9660_iconv \
${_ce} \
${_cfi} \
${_chromebook_platform} \
${_ciss} \
cloudabi \
${_cloudabi32} \
${_cloudabi64} \
${_cm} \
${_cmx} \
${_coff} \
${_coretemp} \
${_cp} \
${_cpsw} \
${_cpuctl} \
${_cpufreq} \
${_crypto} \
${_cryptodev} \
${_cs} \
${_ctau} \
ctl \
${_cxgb} \
${_cxgbe} \
dc \
dcons \
dcons_crom \
de \
${_dpms} \
${_dpt} \
${_drm} \
${_drm2} \
dummynet \
${_ed} \
${_efirt} \
${_elink} \
${_em} \
en \
${_ep} \
${_epic} \
esp \
${_et} \
evdev \
${_ex} \
${_exca} \
ext2fs \
${_fatm} \
fdc \
fdescfs \
${_fe} \
filemon \
firewire \
firmware \
fuse \
${_fxp} \
gem \
geom \
${_glxiic} \
${_glxsb} \
gpio \
hatm \
hifn \
hme \
${_hpt27xx} \
${_hptiop} \
${_hptmv} \
${_hptnr} \
${_hptrr} \
hwpmc \
${_hwpmc_mips24k} \
${_hwpmc_mips74k} \
${_hyperv} \
i2c \
${_ibcore} \
${_ibcs2} \
${_ichwd} \
${_ida} \
if_bridge \
if_disc \
if_edsc \
${_if_enc} \
if_epair \
${_if_gif} \
${_if_gre} \
${_if_me} \
if_lagg \
${_if_ndis} \
${_if_stf} \
if_tap \
if_tun \
if_vlan \
if_vxlan \
${_iir} \
imgact_binmisc \
${_intelspi} \
${_io} \
${_ioat} \
${_ipoib} \
${_ipdivert} \
${_ipfilter} \
${_ipfw} \
ipfw_nat \
${_ipfw_nat64} \
${_ipfw_nptv6} \
${_ipmi} \
ip6_mroute_mod \
ip_mroute_mod \
${_ips} \
${_ipsec} \
${_ipw} \
${_ipwfw} \
${_isci} \
${_iser} \
isp \
${_ispfw} \
${_iwi} \
${_iwifw} \
${_iwm} \
${_iwmfw} \
${_iwn} \
${_iwnfw} \
${_ix} \
${_ixv} \
${_ixgb} \
${_ixl} \
${_ixlv} \
jme \
joy \
kbdmux \
kgssapi \
kgssapi_krb5 \
khelp \
krpc \
ksyms \
le \
lge \
libalias \
libiconv \
libmbpool \
libmchain \
${_linprocfs} \
${_linsysfs} \
${_linux} \
${_linux_common} \
${_linux64} \
linuxkpi \
lmc \
lpt \
mac_biba \
mac_bsdextended \
mac_ifoff \
mac_lomac \
mac_mls \
mac_none \
mac_partition \
mac_portacl \
mac_seeotheruids \
mac_stub \
mac_test \
malo \
md \
mdio \
mem \
mfi \
mii \
mlx \
${_mlx4} \
${_mlx4ib} \
${_mlx4en} \
${_mlx5} \
${_mlx5en} \
${_mly} \
mmc \
mmcsd \
mpr \
mps \
mpt \
mqueue \
mrsas \
msdosfs \
msdosfs_iconv \
${_mse} \
msk \
${_mthca} \
mvs \
mwl \
${_mwlfw} \
mxge \
my \
${_nandfs} \
${_nandsim} \
${_ncr} \
${_nctgpio} \
${_ncv} \
${_ndis} \
${_netgraph} \
${_nfe} \
nfscl \
nfscommon \
nfsd \
nfslock \
nfslockd \
nfssvc \
nge \
nmdm \
${_nsp} \
nullfs \
${_ntb} \
${_nvd} \
${_nvme} \
${_nvram} \
${_nxge} \
oce \
otus \
${_otusfw} \
ow \
${_padlock} \
${_padlock_rng} \
patm \
${_pccard} \
${_pcfclock} \
pcn \
${_pf} \
${_pflog} \
${_pfsync} \
plip \
${_pms} \
ppbus \
ppc \
ppi \
pps \
procfs \
proto \
pseudofs \
${_pst} \
pty \
puc \
${_qlxge} \
${_qlxgb} \
${_qlxgbe} \
ral \
${_ralfw} \
${_random_fortuna} \
${_random_yarrow} \
${_random_other} \
rc4 \
${_rdma} \
${_rdrand_rng} \
re \
rl \
rtwn \
rtwn_pci \
rtwn_usb \
${_rtwnfw} \
${_s3} \
${_safe} \
${_sbni} \
scc \
${_scsi_low} \
sdhci \
${_sdhci_acpi} \
sdhci_pci \
sem \
send \
${_sf} \
${_sfxge} \
sge \
siba_bwn \
siftr \
siis \
sis \
sk \
smbfs \
sn \
snp \
sound \
${_speaker} \
${_splash} \
${_sppp} \
ste \
${_stg} \
stge \
${_streams} \
${_svr4} \
${_sym} \
${_syscons} \
sysvipc \
${_ti} \
${_tcp_fastpath} \
${_tcpmd5} \
tests/framework \
tests/callout_test \
tl \
tmpfs \
${_toecore} \
${_tpm} \
trm \
${_twa} \
twe \
tws \
tx \
${_txp} \
uart \
ubsec \
udf \
udf_iconv \
ufs \
uinput \
unionfs \
usb \
utopia \
${_vesa} \
${_virtio} \
vge \
${_viawd} \
videomode \
vkbd \
${_vmm} \
${_vmware} \
${_vpo} \
vr \
vte \
vx \
${_vxge} \
wb \
${_wbwd} \
${_wi} \
wlan \
wlan_acl \
wlan_amrr \
wlan_ccmp \
wlan_rssadapt \
wlan_tkip \
wlan_wep \
wlan_xauth \
${_wpi} \
${_wpifw} \
${_x86bios} \
${_xe} \
xl \
zlib
.if ${MK_AUTOFS} != "no" || defined(ALL_MODULES)
_autofs= autofs
.endif
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
.if (${MACHINE_CPUARCH} != "arm" || ${MACHINE_ARCH:Marmv6*} != "") && \
${MACHINE_CPUARCH} != "mips" && \
${MACHINE_CPUARCH} != "sparc64"
SUBDIR+= dtrace
.endif
SUBDIR+= opensolaris
.endif
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
.if exists(${.CURDIR}/../opencrypto)
_crypto= crypto
_cryptodev= cryptodev
_random_fortuna=random_fortuna
_random_yarrow= random_yarrow
_random_other= random_other
.endif
.endif
.if ${MK_CUSE} != "no" || defined(ALL_MODULES)
SUBDIR+= cuse
.endif
.if ${MK_EXTRA_TCP_STACKS} != "no" || defined(ALL_MODULES)
_tcp_fastpath= tcp/fastpath
.endif
.if (${MK_INET_SUPPORT} != "no" || ${MK_INET6_SUPPORT} != "no") || \
defined(ALL_MODULES)
_carp= carp
_toecore= toecore
_if_enc= if_enc
_if_gif= if_gif
_if_gre= if_gre
.if ${MK_IPSEC_SUPPORT} != "no"
_ipsec= ipsec
_tcpmd5= tcp/tcpmd5
.endif
.endif
.if (${MK_INET_SUPPORT} != "no" && ${MK_INET6_SUPPORT} != "no") || \
defined(ALL_MODULES)
_if_stf= if_stf
.endif
.if ${MK_INET_SUPPORT} != "no" || defined(ALL_MODULES)
_if_me= if_me
_ipdivert= ipdivert
_ipfw= ipfw
.if ${MK_INET6_SUPPORT} != "no" || defined(ALL_MODULES)
_ipfw_nat64= ipfw_nat64
.endif
.endif
.if ${MK_INET6_SUPPORT} != "no" || defined(ALL_MODULES)
_ipfw_nptv6= ipfw_nptv6
.endif
.if ${MK_IPFILTER} != "no" || defined(ALL_MODULES)
_ipfilter= ipfilter
.endif
.if ${MK_ISCSI} != "no" || defined(ALL_MODULES)
SUBDIR+= iscsi
SUBDIR+= iscsi_initiator
.endif
.if ${MK_NAND} != "no" || defined(ALL_MODULES)
_nandfs= nandfs
_nandsim= nandsim
.endif
.if ${MK_NETGRAPH} != "no" || defined(ALL_MODULES)
_netgraph= netgraph
.endif
.if (${MK_PF} != "no" && (${MK_INET_SUPPORT} != "no" || \
${MK_INET6_SUPPORT} != "no")) || defined(ALL_MODULES)
_pf= pf
_pflog= pflog
.if ${MK_INET_SUPPORT} != "no"
_pfsync= pfsync
.endif
.endif
.if ${MK_SOURCELESS_UCODE} != "no"
_bce= bce
_fatm= fatm
_fxp= fxp
_ispfw= ispfw
_sf= sf
_ti= ti
_txp= txp
.if ${MACHINE_CPUARCH} != "mips"
_mwlfw= mwlfw
_otusfw= otusfw
_ralfw= ralfw
_rtwnfw= rtwnfw
.endif
.endif
.if ${MK_SOURCELESS_UCODE} != "no" && ${MACHINE_CPUARCH} != "arm" && \
${MACHINE_CPUARCH} != "mips" && \
${MACHINE_ARCH} != "powerpc" && ${MACHINE_ARCH} != "powerpcspe" && \
${MACHINE_CPUARCH} != "riscv"
_cxgbe= cxgbe
.endif
.if ${MK_ZFS} != "no" || defined(ALL_MODULES)
SUBDIR+= zfs
.endif
.if (${MACHINE_CPUARCH} == "mips" && ${MACHINE_ARCH:Mmips64} == "")
_hwpmc_mips24k= hwpmc_mips24k
_hwpmc_mips74k= hwpmc_mips74k
.endif
.if ${MACHINE_CPUARCH} != "aarch64" && ${MACHINE_CPUARCH} != "arm" && \
${MACHINE_CPUARCH} != "mips" && ${MACHINE_CPUARCH} != "powerpc" && \
${MACHINE_CPUARCH} != "riscv"
_syscons= syscons
_vpo= vpo
.endif
.if ${MACHINE_CPUARCH} != "mips"
# no BUS_SPACE_UNSPECIFIED
# No barrier instruction support (specific to this driver)
_sym= sym
# intr_disable() is a macro, causes problems
.if ${MK_SOURCELESS_UCODE} != "no"
_cxgb= cxgb
.endif
.endif
.if ${MACHINE_CPUARCH} == "aarch64"
_armv8crypto= armv8crypto
_em= em
.endif
.if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64"
_agp= agp
_an= an
_aout= aout
_bios= bios
_bktr= bktr
_bxe= bxe
_cardbus= cardbus
_cbb= cbb
_cpuctl= cpuctl
_cpufreq= cpufreq
_cs= cs
_dpms= dpms
_drm= drm
_drm2= drm2
_ed= ed
_em= em
_ep= ep
_et= et
_exca= exca
_fe= fe
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_ibcore= ibcore
.endif
_if_ndis= if_ndis
_io= io
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_ipoib= ipoib
_iser= iser
.endif
_ix= ix
_ixv= ixv
_linprocfs= linprocfs
_linsysfs= linsysfs
_linux= linux
_nctgpio= nctgpio
_ndis= ndis
_pccard= pccard
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_rdma= rdma
.endif
_safe= safe
_scsi_low= scsi_low
_speaker= speaker
_splash= splash
_sppp= sppp
_vmware= vmware
_vxge= vxge
_wbwd= wbwd
_wi= wi
_xe= xe
_aac= aac
_aacraid= aacraid
_acpi= acpi
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
_aesni= aesni
.endif
_amdsbwd= amdsbwd
_amdtemp= amdtemp
_arcmsr= arcmsr
_asmc= asmc
_bytgpio= bytgpio
_ciss= ciss
_chromebook_platform= chromebook_platform
_cmx= cmx
_coretemp= coretemp
.if ${MK_SOURCELESS_HOST} != "no"
_hpt27xx= hpt27xx
.endif
_hptiop= hptiop
.if ${MK_SOURCELESS_HOST} != "no"
_hptmv= hptmv
_hptnr= hptnr
_hptrr= hptrr
.endif
_hyperv= hyperv
_ichwd= ichwd
_ida= ida
_iir= iir
_intelspi= intelspi
_ipmi= ipmi
_ips= ips
_isci= isci
_ipw= ipw
_iwi= iwi
_iwm= iwm
_iwn= iwn
_ixgb= ixgb
.if ${MK_SOURCELESS_UCODE} != "no"
_ipwfw= ipwfw
_iwifw= iwifw
_iwmfw= iwmfw
_iwnfw= iwnfw
.endif
_mlx4= mlx4
_mlx5= mlx5
.if (${MK_INET_SUPPORT} != "no" && ${MK_INET6_SUPPORT} != "no") || \
defined(ALL_MODULES)
_mlx4en= mlx4en
_mlx5en= mlx5en
.endif
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_mlx4ib= mlx4ib
.endif
_mly= mly
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_mthca= mthca
.endif
_nfe= nfe
_nvd= nvd
_nvme= nvme
_nvram= nvram
_nxge= nxge
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
_padlock= padlock
_padlock_rng= padlock_rng
_rdrand_rng= rdrand_rng
.endif
_s3= s3
_sdhci_acpi= sdhci_acpi
_tpm= tpm
_twa= twa
_vesa= vesa
_viawd= viawd
_virtio= virtio
_wpi= wpi
.if ${MK_SOURCELESS_UCODE} != "no"
_wpifw= wpifw
.endif
_x86bios= x86bios
.endif
.if ${MACHINE_CPUARCH} == "amd64"
_efirt= efirt
_ioat= ioat
_ixl= ixl
_ixlv= ixlv
_linux64= linux64
_linux_common= linux_common
_ntb= ntb
_pms= pms
_qlxge= qlxge
_qlxgb= qlxgb
_qlxgbe= qlxgbe
_sfxge= sfxge
.if ${MK_BHYVE} != "no" || defined(ALL_MODULES)
_vmm= vmm
.endif
.endif
.if ${MACHINE_CPUARCH} == "i386"
# XXX some of these can move to the general case when de-i386'ed
# XXX some of these can move now, but are untested on other architectures.
_3dfx= 3dfx
_3dfx_linux= 3dfx_linux
_aic= aic
_apm= apm
_arcnet= arcnet
.if ${MK_SOURCELESS_UCODE} != "no"
_ce= ce
.endif
_coff= coff
.if ${MK_SOURCELESS_UCODE} != "no"
_cp= cp
.endif
_elink= elink
_glxiic= glxiic
_glxsb= glxsb
#_ibcs2= ibcs2
_mse= mse
_ncr= ncr
_ncv= ncv
_nsp= nsp
_pcfclock= pcfclock
_pst= pst
_sbni= sbni
_streams= streams
_stg= stg
_svr4= svr4
.if ${MK_EISA} != "no"
_ahb= ahb
.endif
_cm= cm
.if ${MK_SOURCELESS_UCODE} != "no"
_ctau= ctau
.endif
_dpt= dpt
_ex= ex
.endif
.if ${MACHINE_CPUARCH} == "arm"
_cfi= cfi
_cpsw= cpsw
.endif
.if ${MACHINE_CPUARCH} == "powerpc"
_agp= agp
_an= an
_bm= bm
_cardbus= cardbus
_cbb= cbb
_cfi= cfi
_cpufreq= cpufreq
_drm= drm
_exca= exca
_pccard= pccard
_wi= wi
.endif
.if ${MACHINE_ARCH} == "powerpc64"
_drm2= drm2
.endif
.if ${MACHINE_ARCH} == "powerpc64" || ${MACHINE_ARCH} == "powerpc"
# Don't build powermac_nvram for powerpcspe, it's never supported.
_nvram= powermac_nvram
.endif
.if ${MACHINE_CPUARCH} == "sparc64"
_auxio= auxio
_em= em
_epic= epic
.endif
.if (${MACHINE_CPUARCH} == "amd64" || ${MACHINE_ARCH} == "armv6" || \
${MACHINE_CPUARCH} == "i386")
_cloudabi32= cloudabi32
.endif
.if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "amd64"
_cloudabi64= cloudabi64
.endif
.endif
SUBDIR+=${MODULES_EXTRA}
.for reject in ${WITHOUT_MODULES}
SUBDIR:= ${SUBDIR:N${reject}}
.endfor
# Calling kldxref(8) for each module is expensive.
.if !defined(NO_XREF)
.MAKEFLAGS+= -DNO_XREF
afterinstall: .PHONY
@if type kldxref >/dev/null 2>&1; then \
${ECHO} kldxref ${DESTDIR}${KMODDIR}; \
kldxref ${DESTDIR}${KMODDIR}; \
fi
.endif
.include "${SYSDIR}/conf/config.mk"
SUBDIR:= ${SUBDIR:u:O}
.include <bsd.subdir.mk>
Reference in New Issue View Git Blame Copy Permalink