freebsd kernel with SKQ
Go to file
Poul-Henning Kamp 19b5c7bc4b Add Geom Based Disk Encryption to the tree.
This is an encryption module designed for to secure denial of access
to the contents of "cold disks" with or without destruction activation.

Major features:

   * Based on AES, MD5 and ARC4 algorithms.
   * Four cryptographic barriers:
        1) Pass-phrase encrypts the master key.
        2) Pass-phrase + Lock data locates master key.
        3) 128 bit key derived from 2048 bit master key protects sector key.
        3) 128 bit random single-use sector keys protect data payload.
   * Up to four different changeable pass-phrases.
   * Blackening feature for provable destruction of master key material.
   * Isotropic disk contents offers no information about sector contents.
   * Configurable destination sector range allows steganographic deployment.

This commit adds the kernel part, separate commits will follow for the
userland utility and documentation.

This software was developed for the FreeBSD Project by Poul-Henning Kamp and
NAI Labs, the Security Research Division of Network Associates, Inc.  under
DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
research program.

Many thanks to Robert Watson, CBOSS Principal Investigator for making this
possible.

Sponsored by:   DARPA & NAI Labs.
2002-10-19 17:02:17 +00:00
bin Staticify for lint. 2002-10-18 14:48:48 +00:00
contrib Fix security bug in contains_dot_dot routine. 2002-10-19 09:32:03 +00:00
crypto Permit the argument to the -s option to be a hostname. I see no 2002-10-02 00:27:14 +00:00
etc Add sr_YU locale directories 2002-10-19 12:56:56 +00:00
games So a positive time zone offset is west, right? or is it east? Um. 2002-10-19 04:49:10 +00:00
gnu Revert last delta. SGR support in grotty(1) is disabled system-wide 2002-10-18 09:14:17 +00:00
include Install the include files in sys/dev/ofw. 2002-10-18 15:30:50 +00:00
kerberos5 Build kerberized versions of the PAM library, and install them 2002-10-11 14:17:09 +00:00
kerberosIV Remove programs that no longer need a kerberisation option. 2002-10-16 16:12:22 +00:00
lib o since you can't use DIOCGDINFO and DIOCGSLICEINFO on drive nodes with geom, 2002-10-19 16:39:28 +00:00
libexec Fix a problem with RTLD_TRACE flag to dlopen(3), which sometimes can return 2002-10-19 10:18:29 +00:00
release Fixups to get make release going again for i386: 2002-10-19 16:44:16 +00:00
sbin Clear the pending counts in the superblock after a successful run 2002-10-19 05:36:48 +00:00
secure Don't lint contrib'ed sources, even if the builder has asked for linting. 2002-09-25 09:58:00 +00:00
share Add sr_YU locales 2002-10-19 13:04:05 +00:00
sys Add Geom Based Disk Encryption to the tree. 2002-10-19 17:02:17 +00:00
tools Fix a bug that showed up when trying to produce a database for 2002-10-17 16:29:26 +00:00
usr.bin Fix a problem with RTLD_TRACE flag to dlopen(3), which sometimes can return 2002-10-19 10:18:29 +00:00
usr.sbin * Add CDRIOC{READ,WRITE}SPEED ioctls to cd(4). Units are in KB/sec. 2002-10-18 22:03:39 +00:00
COPYRIGHT
MAINTAINERS Add myself as da(4) maintainer. This is mostly so I can review and commit 2002-10-18 18:27:56 +00:00
Makefile PC98 is not a true architecture, but a subarchitecture of i386, so we need 2002-10-02 13:52:36 +00:00
Makefile.inc1 Initiate deorbit burn for the i386-only a.out related support. Moves are 2002-09-17 01:49:00 +00:00
Makefile.upgrade
README Fix broken handbook links. 2002-07-21 16:45:30 +00:00
UPDATING gcc 3.2 2002-09-03 06:13:43 +00:00

This is the top level of the FreeBSD source directory.  This file
was last revised on:
$FreeBSD$

For copyright information, please see the file COPYRIGHT in this
directory (additional copyright information also exists for some
sources in this tree - please see the specific source directories for
more information).

The Makefile in this directory supports a number of targets for
building components (or all) of the FreeBSD source tree, the most
commonly used one being ``world'', which rebuilds and installs
everything in the FreeBSD system from the source tree except the
kernel, the kernel-modules and the contents of /etc.  The
``buildkernel'' and ``installkernel'' targets build and install
the kernel and the modules (see below).  Please see the top of
the Makefile in this directory for more information on the
standard build targets and compile-time flags.

Building a kernel is a somewhat more involved process, documentation
for which can be found at:
   http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html
And in the config(8) man page.
Note: If you want to build and install the kernel with the
``buildkernel'' and ``installkernel'' targets, you might need to build
world before.  More information is available in the handbook.

The sample kernel configuration files reside in the sys/<arch>/conf
sub-directory (assuming that you've installed the kernel sources), the
file named GENERIC being the one used to build your initial installation
kernel.  The file NOTES contains entries and documentation for all possible
devices, not just those commonly used.  It is the successor of the ancient
LINT file, but in contrast to LINT, it is not buildable as a kernel but a
pure reference and documentation file.


Source Roadmap:
---------------
bin		System/user commands.

contrib		Packages contributed by 3rd parties.

crypto		Cryptography stuff (see crypto/README).

etc		Template files for /etc.

games		Amusements.

gnu		Various commands and libraries under the GNU Public License.
		Please see gnu/COPYING* for more information.

include		System include files.

kerberos5	Kerberos5 (Heimdal) package.

kerberosIV	KerberosIV (eBones) package.

lib		System libraries.

libexec		System daemons.

release		Release building Makefile & associated tools.

sbin		System commands.

secure		Cryptographic libraries and commands.

share		Shared resources.

sys		Kernel sources.

tools		Utilities for regression testing and miscellaneous tasks.

usr.bin		User commands.

usr.sbin	System administration commands.


For information on synchronizing your source tree with one or more of
the FreeBSD Project's development branches, please see:

  http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/synching.html