Commit Graph

255 Commits

Author SHA1 Message Date
jmg
c3ff54cc39 Add some new modes to OpenCrypto. These modes are AES-ICM (can be used
for counter mode), and AES-GCM.  Both of these modes have been added to
the aesni module.

Included is a set of tests to validate that the software and aesni
module calculate the correct values.  These use the NIST KAT test
vectors.  To run the test, you will need to install a soon to be
committed port, nist-kat that will install the vectors.  Using a port
is necessary as the test vectors are around 25MB.

All the man pages were updated.  I have added a new man page, crypto.7,
which includes a description of how to use each mode.  All the new modes
and some other AES modes are present.  It would be good for someone
else to go through and document the other modes.

A new ioctl was added to support AEAD modes which AES-GCM is one of them.
Without this ioctl, it is not possible to test AEAD modes from userland.

Add a timing safe bcmp for use to compare MACs.  Previously we were using
bcmp which could leak timing info and result in the ability to forge
messages.

Add a minor optimization to the aesni module so that single segment
mbufs don't get copied and instead are updated in place.  The aesni
module needs to be updated to support blocked IO so segmented mbufs
don't have to be copied.

We require that the IV be specified for all calls for both GCM and ICM.
This is to ensure proper use of these functions.

Obtained from:	p4: //depot/projects/opencrypto
Relnotes:	yes
Sponsored by:	FreeBSD Foundation
Sponsored by:	NetGate
2014-12-12 19:56:36 +00:00
andrew
a0c22b9f10 Use the unified syntax in a few more assembly files
MFC after:	1 week
Sponsored by:	ABT Systems Ltd
2014-12-05 19:08:36 +00:00
delphij
8d13dca13b Sync with userland variant.
MFC after:	2 weeks
2014-11-17 21:01:35 +00:00
des
325f19fddb Add a complete implementation of MurmurHash3. Tweak both implementations
so they match the established idiom.  Document them in hash(9).

MFC after:	1 month
MFC with:	r272906
2014-10-18 22:15:11 +00:00
delphij
c27f7c8888 Remove duplicated code.
Suggested by:	jmg
2014-10-16 22:04:07 +00:00
gnn
23f601a6ca Change the PF hash from Jenkins to Murmur3. In forwarding tests
this showed a conservative 3% incrase in PPS.

Differential Revision:	https://reviews.freebsd.org/D461
Submitted by:	des
Reviewed by:	emaste
MFC after:	1 month
2014-10-10 19:26:26 +00:00
delphij
e23313b949 Add explicit_bzero(3) and its kernel counterpart.
Obtained from:	OpenBSD
MFC after:	2 weeks
2014-10-07 04:54:11 +00:00
bz
1fec365dc9 Use __DECONST to avoid compiler warnings (and thus build failures)
with gcc on sparc64, mips, and powerpc after r271173.
2014-09-08 08:12:09 +00:00
benno
b46fbbac90 Add support for gdb's memory searching capabilities to our in-kernel gdb
server.

Submitted by:	Daniel O'Connor <daniel.oconnor@isilon.com>
Reviewed by:	jhb
Sponsored by:	EMC Isilon Storage Division
2014-09-05 16:40:47 +00:00
trasz
cac9beab7d Bring in the new automounter, similar to what's provided in most other
UNIX systems, eg. MacOS X and Solaris.  It uses Sun-compatible map format,
has proper kernel support, and LDAP integration.

There are still a few outstanding problems; they will be fixed shortly.

Reviewed by:	allanjude@, emaste@, kib@, wblock@ (earlier versions)
Phabric:	D523
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
2014-08-17 09:44:42 +00:00
ian
e51357b618 Fix unwind-info errors in our hand-written arm assembler code.
We have functions nested within functions, and places where we start a
function then never end it, we just jump to the middle of something else.
We tried to express this with nested ENTRY()/END() macros (which result
in .fnstart and .fnend directives), but it turns out there's no way to
express that nesting in ARM EHABI unwind info, and newer tools treat
multiple .fnstart directives without an intervening .fnend as an error.

These changes introduce two new macros, EENTRY() and EEND().  EENTRY()
creates a global label you can call/jump to just like ENTRY(), but it
doesn't emit a .fnstart.  EEND() is a no-op that just documents the
conceptual endpoint that matches up with the same-named EENTRY().

This is based on patches submitted by Stepan Dyatkovskiy, but I made some
changes and added the EEND() stuff, so blame any problems on me.

Submitted by:	Stepan Dyatkovskiy <stpworld@narod.ru>
2014-08-01 18:24:44 +00:00
marcel
9f28abd980 Remove ia64.
This includes:
o   All directories named *ia64*
o   All files named *ia64*
o   All ia64-specific code guarded by __ia64__
o   All ia64-specific makefile logic
o   Mention of ia64 in comments and documentation

This excludes:
o   Everything under contrib/
o   Everything under crypto/
o   sys/xen/interface
o   sys/sys/elf_common.h

Discussed at: BSDcan
2014-07-07 00:27:09 +00:00
jhb
7a3f5808a0 Use strcasecmp() instead of strcmp() when checking user-supplied encoding
names so that encoding names are treated as case-insensitive.  This allows
the use of 'utf-8' instead of 'UTF-8' for example and matches the behavior
of iconv(1).

PR:		167977
Submitted by:	buganini@gmail.com
MFC after:	1 week
2014-06-09 19:27:47 +00:00
eadler
f50f4fbaba Fix typo
Reported by:	emaste
2013-11-29 20:14:26 +00:00
eadler
26e90e1c0c Fix typo
Reported by:	swildner@DragonFlyBSD.org
2013-11-29 20:12:02 +00:00
andrew
f093c57980 Fix ixp425 boot2 with ARM EABI:
- libkern is missing __aeabi_llsl, implement this by calling __ashldi3.
 - Because of how the asm entry macros are defined the boot2 code
   requires the unwind symbols to exist, include them in boot2.

Approved by:	re (marius)
2013-09-29 15:19:34 +00:00
alfred
fdd68bea0e Fix watchdog pretimeout.
The original API calls for pow2ns, however the new APIs from
Linux call for seconds.

We need to be able to convert to/from 2^Nns to seconds in both
userland and kernel to fix this and properly compare units.
2013-07-27 20:47:01 +00:00
ache
60f7807df1 Attempt to mitigate poor initialization of arc4 by one-shot
reinitialization from yarrow right after good entropy is harvested.

Approved by:    secteam (delphij)
MFC after:      1 week
2013-04-19 00:30:52 +00:00
andrew
e271e57551 Add __aeabi_memset to libkern, implemented using memset, as clang may
generate calls to it.
2013-03-16 23:11:55 +00:00
andrew
faaba46948 Add END to ARM libkern assembly functions 2013-03-16 04:08:01 +00:00
andrew
147f0b89f3 Move the __aeabi_unwind_cpp_pr{0,1,2} functions to libkern so they can be
referenced in a non-debug kernel.
2013-03-16 04:06:49 +00:00
andrew
f7c2b781b9 Add __aeabi_memcpy to libkern as clang may generate calls to it. 2013-03-10 07:55:40 +00:00
andrew
7603324a00 Add __aeabi_ulcmp to allow building of the LINT kernel. 2013-01-23 09:18:18 +00:00
andrew
98107ecb18 Add the required __aeabi_* functions the kernel uses when built for ARM EABI 2013-01-17 09:37:42 +00:00
delphij
20c3c08700 Sync strlcpy with userland version.
MFC after:	1 month
2012-11-03 04:29:24 +00:00
delphij
40a21802d0 Sync strlen with userland implementation.
MFC after:	1 month
2012-11-03 04:28:53 +00:00
eadler
2dc3520f1e s/ is is / is /g
s/ a a / a /g

Approved by:	cperciva
MFC after:	3 days
2012-09-14 22:00:03 +00:00
glebius
0259eae71d - Move jenkins.h to jenkins_hash.c
- Provide missing function that can do hashing of arbitrary sized buffer.
- Refetch lookup3.c and do only minimal edits to it, so that diff between
  our jenkins_hash.c and lookup3.c is minimal.
- Add declarations for jenkins_hash(), jenkins_hash32() to sys/hash.h.
- Document these functions in hash(9)

Obtained from:	http://burtleburtle.net/bob/c/lookup3.c
2012-09-04 12:07:33 +00:00
mjg
fa660450eb Fix unloading of libiconv module.
Previously it would either loop infinitely or exit with error leaking a lock.

Reported by:	Will DeVries
Approved by:	trasz (mentor)
MFC after:	1 week
2012-06-11 17:42:39 +00:00
kevlo
ac02c7a60d Use strcmp that I replaced by accident. 2012-05-21 02:45:47 +00:00
kevlo
d5c0b27552 Fix broken ref count
Submitted by:	gcooper
2012-05-21 02:41:15 +00:00
kevlo
c50e4642a9 Fix improper handling of variadic args with ICDEBUG
PR:	kern/168095
Submitted by:	gcooper
2012-05-21 02:30:22 +00:00
kevlo
d6b2311f23 Remove dead code 2012-05-21 02:23:20 +00:00
marius
076ad4a1d1 Remove second consts in r233288 in order to appease C++ compilers.
While at it, remove some style(9) bugs in libkern.h.

Submitted by:	kan
2012-03-26 18:22:04 +00:00
marius
3bf3d7b5ee Declare the CRC lookup-tables const as they hardly should change at
run-time.
2012-03-21 20:55:21 +00:00
ed
d73fab6676 Implement extensions on top of standards instead of the other way around.
Now that index() and rindex() have become unused, simply turn them into
wrappers around strchr() and strrchr(), respectively.
2012-01-03 07:05:30 +00:00
ed
ab210c8f2f Use strchr() and strrchr().
It seems strchr() and strrchr() are used more often than index() and
rindex(). Therefore, simply migrate all kernel code to use it.

For the XFS code, remove an empty line to make the code identical to
the code in the Linux kernel.
2012-01-02 12:12:10 +00:00
ed
1879e1bef4 Remove the now unused skpc() function.
It was only used by ufs and ext2 and I have really strong doubts that
there are other pieces of code that also use this function. If it turns
out that external drivers use this code as well, I'd be happy to migrate
or revert.

Bump __FreeBSD_version while there.
2012-01-01 20:54:44 +00:00
ed
a201da7178 Introducing memcchr(3).
It seems two of the file system drivers we have in the tree, namely ufs
and ext3, use a function called `skpc()'. The meaning of this function
does not seem to be documented in FreeBSD, but it turns out one needs to
be a VAX programmer to understand what it does.

SPKC is an instruction on the VAX that does the opposite of memchr(). It
searches for the non-equal character. Add a new function called
memcchr() to the tree that has the following advantages over skpc():

- It has a name that makes more sense than skpc(). Just like strcspn()
  matches the complement of strspn(), memcchr() is the complement of
  memchr().

- It is faster than skpc(). Similar to our strlen() in libc, it compares
  entire words, instead of single bytes. It seems that for this routine
  this yields a sixfold performance increase on amd64.

- It has a man page.
2012-01-01 20:26:11 +00:00
avg
c46d7f1b35 retire libkern gets
Inspired by:	bde
MFC after:	2 months
X-MFC-Note:	if deemed a part of KPI, just call cngets internally
2011-12-17 15:48:55 +00:00
kevlo
1a26b28a9b Add unicode support to msdosfs and smbfs; original pathes from imura,
bug fixes by Kuan-Chung Chiu <buganini at gmail dot com>.

Tested by me in production for several days at work.
2011-11-18 03:05:20 +00:00
ed
e97eae1577 Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
This means that their use is restricted to a single C file.
2011-11-07 06:44:47 +00:00
jkim
3f5abb3529 Add strnlen() to libkern. 2011-10-04 23:53:47 +00:00
brucec
4a353c54fd Fix typos - remove duplicate "is".
PR:		docs/154934
Submitted by:	Eitan Adler <lists at eitanadler.com>
MFC after:	3 days
2011-02-23 09:22:33 +00:00
ed
4ee939c936 Add support for asterisk characters when filling in the GELI password
during boot.

Change the last argument of gets() to indicate a visibility flag and add
definitions for the numerical constants. Except for the value 2, gets()
will behave exactly the same, so existing consumers shouldn't break. We
only use it in two places, though.

Submitted by:	lme (older version)
2010-11-14 14:12:43 +00:00
attilio
278493a1a5 Make the RPC specific __rpc_inet_ntop() and __rpc_inet_pton() general
in the kernel (just as inet_ntoa() and inet_aton()) are and sync their
prototype accordingly with already mentioned functions.

Sponsored by:	Sandvine Incorporated
Reviewed by:	emaste, rstone
Approved by:	dfr
MFC after:	2 weeks
2010-09-24 15:01:45 +00:00
raj
6840cdea0c Provide memchr() in the libkern.
This is required by libfdt and will be compiled in conditionally only for
FDT-enabled platforms.

Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
2010-06-02 17:27:23 +00:00
joel
e0860804e3 Switch to our preferred 2-clause BSD license.
Approved by:	bp
2010-04-07 16:50:38 +00:00
joel
e05c4d0c19 Start copyright notice with /*- 2010-04-07 16:29:10 +00:00
attilio
01da2349df Move inet_aton() (specular to inet_ntoa(), already present in libkern)
into libkern in order to made it usable by other modules than alias_proxy.

Obtained from:	Sandvine Incorporated
Sponsored by:	Sandvine Incorporated
MFC:		1 week
2009-11-12 00:46:28 +00:00