Commit Graph

255 Commits

Author SHA1 Message Date
John-Mark Gurney
08fca7a56b Add some new modes to OpenCrypto. These modes are AES-ICM (can be used
for counter mode), and AES-GCM.  Both of these modes have been added to
the aesni module.

Included is a set of tests to validate that the software and aesni
module calculate the correct values.  These use the NIST KAT test
vectors.  To run the test, you will need to install a soon to be
committed port, nist-kat that will install the vectors.  Using a port
is necessary as the test vectors are around 25MB.

All the man pages were updated.  I have added a new man page, crypto.7,
which includes a description of how to use each mode.  All the new modes
and some other AES modes are present.  It would be good for someone
else to go through and document the other modes.

A new ioctl was added to support AEAD modes which AES-GCM is one of them.
Without this ioctl, it is not possible to test AEAD modes from userland.

Add a timing safe bcmp for use to compare MACs.  Previously we were using
bcmp which could leak timing info and result in the ability to forge
messages.

Add a minor optimization to the aesni module so that single segment
mbufs don't get copied and instead are updated in place.  The aesni
module needs to be updated to support blocked IO so segmented mbufs
don't have to be copied.

We require that the IV be specified for all calls for both GCM and ICM.
This is to ensure proper use of these functions.

Obtained from:	p4: //depot/projects/opencrypto
Relnotes:	yes
Sponsored by:	FreeBSD Foundation
Sponsored by:	NetGate
2014-12-12 19:56:36 +00:00
Andrew Turner
524bca9008 Use the unified syntax in a few more assembly files
MFC after:	1 week
Sponsored by:	ABT Systems Ltd
2014-12-05 19:08:36 +00:00
Xin LI
4facd36ca0 Sync with userland variant.
MFC after:	2 weeks
2014-11-17 21:01:35 +00:00
Dag-Erling Smørgrav
99e9de871a Add a complete implementation of MurmurHash3. Tweak both implementations
so they match the established idiom.  Document them in hash(9).

MFC after:	1 month
MFC with:	r272906
2014-10-18 22:15:11 +00:00
Xin LI
d427f43c25 Remove duplicated code.
Suggested by:	jmg
2014-10-16 22:04:07 +00:00
George V. Neville-Neil
1d2baefc13 Change the PF hash from Jenkins to Murmur3. In forwarding tests
this showed a conservative 3% incrase in PPS.

Differential Revision:	https://reviews.freebsd.org/D461
Submitted by:	des
Reviewed by:	emaste
MFC after:	1 month
2014-10-10 19:26:26 +00:00
Xin LI
78b59024b5 Add explicit_bzero(3) and its kernel counterpart.
Obtained from:	OpenBSD
MFC after:	2 weeks
2014-10-07 04:54:11 +00:00
Bjoern A. Zeeb
afa0a6efe0 Use __DECONST to avoid compiler warnings (and thus build failures)
with gcc on sparc64, mips, and powerpc after r271173.
2014-09-08 08:12:09 +00:00
Benno Rice
27ecc2adbc Add support for gdb's memory searching capabilities to our in-kernel gdb
server.

Submitted by:	Daniel O'Connor <daniel.oconnor@isilon.com>
Reviewed by:	jhb
Sponsored by:	EMC Isilon Storage Division
2014-09-05 16:40:47 +00:00
Edward Tomasz Napierala
3914ddf8a7 Bring in the new automounter, similar to what's provided in most other
UNIX systems, eg. MacOS X and Solaris.  It uses Sun-compatible map format,
has proper kernel support, and LDAP integration.

There are still a few outstanding problems; they will be fixed shortly.

Reviewed by:	allanjude@, emaste@, kib@, wblock@ (earlier versions)
Phabric:	D523
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
2014-08-17 09:44:42 +00:00
Ian Lepore
25166187e3 Fix unwind-info errors in our hand-written arm assembler code.
We have functions nested within functions, and places where we start a
function then never end it, we just jump to the middle of something else.
We tried to express this with nested ENTRY()/END() macros (which result
in .fnstart and .fnend directives), but it turns out there's no way to
express that nesting in ARM EHABI unwind info, and newer tools treat
multiple .fnstart directives without an intervening .fnend as an error.

These changes introduce two new macros, EENTRY() and EEND().  EENTRY()
creates a global label you can call/jump to just like ENTRY(), but it
doesn't emit a .fnstart.  EEND() is a no-op that just documents the
conceptual endpoint that matches up with the same-named EENTRY().

This is based on patches submitted by Stepan Dyatkovskiy, but I made some
changes and added the EEND() stuff, so blame any problems on me.

Submitted by:	Stepan Dyatkovskiy <stpworld@narod.ru>
2014-08-01 18:24:44 +00:00
Marcel Moolenaar
e7d939bda2 Remove ia64.
This includes:
o   All directories named *ia64*
o   All files named *ia64*
o   All ia64-specific code guarded by __ia64__
o   All ia64-specific makefile logic
o   Mention of ia64 in comments and documentation

This excludes:
o   Everything under contrib/
o   Everything under crypto/
o   sys/xen/interface
o   sys/sys/elf_common.h

Discussed at: BSDcan
2014-07-07 00:27:09 +00:00
John Baldwin
0cbce0671e Use strcasecmp() instead of strcmp() when checking user-supplied encoding
names so that encoding names are treated as case-insensitive.  This allows
the use of 'utf-8' instead of 'UTF-8' for example and matches the behavior
of iconv(1).

PR:		167977
Submitted by:	buganini@gmail.com
MFC after:	1 week
2014-06-09 19:27:47 +00:00
Eitan Adler
04660ed15f Fix typo
Reported by:	emaste
2013-11-29 20:14:26 +00:00
Eitan Adler
5c41c9d246 Fix typo
Reported by:	swildner@DragonFlyBSD.org
2013-11-29 20:12:02 +00:00
Andrew Turner
ca49624410 Fix ixp425 boot2 with ARM EABI:
- libkern is missing __aeabi_llsl, implement this by calling __ashldi3.
 - Because of how the asm entry macros are defined the boot2 code
   requires the unwind symbols to exist, include them in boot2.

Approved by:	re (marius)
2013-09-29 15:19:34 +00:00
Alfred Perlstein
3d30404f83 Fix watchdog pretimeout.
The original API calls for pow2ns, however the new APIs from
Linux call for seconds.

We need to be able to convert to/from 2^Nns to seconds in both
userland and kernel to fix this and properly compare units.
2013-07-27 20:47:01 +00:00
Andrey A. Chernov
2b50ce65be Attempt to mitigate poor initialization of arc4 by one-shot
reinitialization from yarrow right after good entropy is harvested.

Approved by:    secteam (delphij)
MFC after:      1 week
2013-04-19 00:30:52 +00:00
Andrew Turner
69d758b4b8 Add __aeabi_memset to libkern, implemented using memset, as clang may
generate calls to it.
2013-03-16 23:11:55 +00:00
Andrew Turner
a2dee2ad37 Add END to ARM libkern assembly functions 2013-03-16 04:08:01 +00:00
Andrew Turner
5cc8d54ca0 Move the __aeabi_unwind_cpp_pr{0,1,2} functions to libkern so they can be
referenced in a non-debug kernel.
2013-03-16 04:06:49 +00:00
Andrew Turner
530bff3f19 Add __aeabi_memcpy to libkern as clang may generate calls to it. 2013-03-10 07:55:40 +00:00
Andrew Turner
31735bf308 Add __aeabi_ulcmp to allow building of the LINT kernel. 2013-01-23 09:18:18 +00:00
Andrew Turner
46d741dc7f Add the required __aeabi_* functions the kernel uses when built for ARM EABI 2013-01-17 09:37:42 +00:00
Xin LI
299ff0d7cc Sync strlcpy with userland version.
MFC after:	1 month
2012-11-03 04:29:24 +00:00
Xin LI
6afdae4139 Sync strlen with userland implementation.
MFC after:	1 month
2012-11-03 04:28:53 +00:00
Eitan Adler
0af1b47258 s/ is is / is /g
s/ a a / a /g

Approved by:	cperciva
MFC after:	3 days
2012-09-14 22:00:03 +00:00
Gleb Smirnoff
62208ca5d2 - Move jenkins.h to jenkins_hash.c
- Provide missing function that can do hashing of arbitrary sized buffer.
- Refetch lookup3.c and do only minimal edits to it, so that diff between
  our jenkins_hash.c and lookup3.c is minimal.
- Add declarations for jenkins_hash(), jenkins_hash32() to sys/hash.h.
- Document these functions in hash(9)

Obtained from:	http://burtleburtle.net/bob/c/lookup3.c
2012-09-04 12:07:33 +00:00
Mateusz Guzik
414d9b2ed0 Fix unloading of libiconv module.
Previously it would either loop infinitely or exit with error leaking a lock.

Reported by:	Will DeVries
Approved by:	trasz (mentor)
MFC after:	1 week
2012-06-11 17:42:39 +00:00
Kevin Lo
fa27760e2e Use strcmp that I replaced by accident. 2012-05-21 02:45:47 +00:00
Kevin Lo
040b0e4eda Fix broken ref count
Submitted by:	gcooper
2012-05-21 02:41:15 +00:00
Kevin Lo
f529372e8a Fix improper handling of variadic args with ICDEBUG
PR:	kern/168095
Submitted by:	gcooper
2012-05-21 02:30:22 +00:00
Kevin Lo
bc6f23e0ad Remove dead code 2012-05-21 02:23:20 +00:00
Marius Strobl
f7b9ae0882 Remove second consts in r233288 in order to appease C++ compilers.
While at it, remove some style(9) bugs in libkern.h.

Submitted by:	kan
2012-03-26 18:22:04 +00:00
Marius Strobl
cc0c154ffb Declare the CRC lookup-tables const as they hardly should change at
run-time.
2012-03-21 20:55:21 +00:00
Ed Schouten
22fec34a57 Implement extensions on top of standards instead of the other way around.
Now that index() and rindex() have become unused, simply turn them into
wrappers around strchr() and strrchr(), respectively.
2012-01-03 07:05:30 +00:00
Ed Schouten
dc15eac046 Use strchr() and strrchr().
It seems strchr() and strrchr() are used more often than index() and
rindex(). Therefore, simply migrate all kernel code to use it.

For the XFS code, remove an empty line to make the code identical to
the code in the Linux kernel.
2012-01-02 12:12:10 +00:00
Ed Schouten
41adcfa1d0 Remove the now unused skpc() function.
It was only used by ufs and ext2 and I have really strong doubts that
there are other pieces of code that also use this function. If it turns
out that external drivers use this code as well, I'd be happy to migrate
or revert.

Bump __FreeBSD_version while there.
2012-01-01 20:54:44 +00:00
Ed Schouten
de85bfc508 Introducing memcchr(3).
It seems two of the file system drivers we have in the tree, namely ufs
and ext3, use a function called `skpc()'. The meaning of this function
does not seem to be documented in FreeBSD, but it turns out one needs to
be a VAX programmer to understand what it does.

SPKC is an instruction on the VAX that does the opposite of memchr(). It
searches for the non-equal character. Add a new function called
memcchr() to the tree that has the following advantages over skpc():

- It has a name that makes more sense than skpc(). Just like strcspn()
  matches the complement of strspn(), memcchr() is the complement of
  memchr().

- It is faster than skpc(). Similar to our strlen() in libc, it compares
  entire words, instead of single bytes. It seems that for this routine
  this yields a sixfold performance increase on amd64.

- It has a man page.
2012-01-01 20:26:11 +00:00
Andriy Gapon
6aa40c0146 retire libkern gets
Inspired by:	bde
MFC after:	2 months
X-MFC-Note:	if deemed a part of KPI, just call cngets internally
2011-12-17 15:48:55 +00:00
Kevin Lo
41f1dccceb Add unicode support to msdosfs and smbfs; original pathes from imura,
bug fixes by Kuan-Chung Chiu <buganini at gmail dot com>.

Tested by me in production for several days at work.
2011-11-18 03:05:20 +00:00
Ed Schouten
d745c852be Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
This means that their use is restricted to a single C file.
2011-11-07 06:44:47 +00:00
Jung-uk Kim
f359758c4e Add strnlen() to libkern. 2011-10-04 23:53:47 +00:00
Rebecca Cran
974206cf70 Fix typos - remove duplicate "is".
PR:		docs/154934
Submitted by:	Eitan Adler <lists at eitanadler.com>
MFC after:	3 days
2011-02-23 09:22:33 +00:00
Ed Schouten
eb4c31fd41 Add support for asterisk characters when filling in the GELI password
during boot.

Change the last argument of gets() to indicate a visibility flag and add
definitions for the numerical constants. Except for the value 2, gets()
will behave exactly the same, so existing consumers shouldn't break. We
only use it in two places, though.

Submitted by:	lme (older version)
2010-11-14 14:12:43 +00:00
Attilio Rao
109c1de8ba Make the RPC specific __rpc_inet_ntop() and __rpc_inet_pton() general
in the kernel (just as inet_ntoa() and inet_aton()) are and sync their
prototype accordingly with already mentioned functions.

Sponsored by:	Sandvine Incorporated
Reviewed by:	emaste, rstone
Approved by:	dfr
MFC after:	2 weeks
2010-09-24 15:01:45 +00:00
Rafal Jaworowski
1b1270176e Provide memchr() in the libkern.
This is required by libfdt and will be compiled in conditionally only for
FDT-enabled platforms.

Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
2010-06-02 17:27:23 +00:00
Joel Dahl
d122d78412 Switch to our preferred 2-clause BSD license.
Approved by:	bp
2010-04-07 16:50:38 +00:00
Joel Dahl
c0587701ad Start copyright notice with /*- 2010-04-07 16:29:10 +00:00
Attilio Rao
758801232c Move inet_aton() (specular to inet_ntoa(), already present in libkern)
into libkern in order to made it usable by other modules than alias_proxy.

Obtained from:	Sandvine Incorporated
Sponsored by:	Sandvine Incorporated
MFC:		1 week
2009-11-12 00:46:28 +00:00