freebsd-skq/sys
Poul-Henning Kamp 19b5c7bc4b Add Geom Based Disk Encryption to the tree.
This is an encryption module designed for to secure denial of access
to the contents of "cold disks" with or without destruction activation.

Major features:

   * Based on AES, MD5 and ARC4 algorithms.
   * Four cryptographic barriers:
        1) Pass-phrase encrypts the master key.
        2) Pass-phrase + Lock data locates master key.
        3) 128 bit key derived from 2048 bit master key protects sector key.
        3) 128 bit random single-use sector keys protect data payload.
   * Up to four different changeable pass-phrases.
   * Blackening feature for provable destruction of master key material.
   * Isotropic disk contents offers no information about sector contents.
   * Configurable destination sector range allows steganographic deployment.

This commit adds the kernel part, separate commits will follow for the
userland utility and documentation.

This software was developed for the FreeBSD Project by Poul-Henning Kamp and
NAI Labs, the Security Research Division of Network Associates, Inc.  under
DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
research program.

Many thanks to Robert Watson, CBOSS Principal Investigator for making this
possible.

Sponsored by:   DARPA & NAI Labs.
2002-10-19 17:02:17 +00:00
..
alpha Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
amd64 Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
arm Add standards visibility conditionals. Change any uses of sigset_t to 2002-10-13 00:31:46 +00:00
boot Pass the right number of tlb slots to the kernel. The allocation scheme 2002-10-18 23:49:18 +00:00
cam * Add CDRIOC{READ,WRITE}SPEED ioctls to cd(4). Units are in KB/sec. 2002-10-18 22:03:39 +00:00
coda Back our kernel support for reliable signal queues. 2002-10-01 17:15:53 +00:00
compat Replace the conventional usage of strncpy() by using strlcpy(). 2002-10-17 22:27:21 +00:00
conf Add Geom Based Disk Encryption to the tree. 2002-10-19 17:02:17 +00:00
contrib Replace aux mbufs with packet tags: 2002-10-16 01:54:46 +00:00
crypto Don't panic when we can just return an error code. 2002-10-14 11:21:05 +00:00
ddb Round out the facilty for a 'bound' thread to loan out its KSE 2002-10-09 02:33:36 +00:00
dev * Add CDRIOC{READ,WRITE}SPEED ioctls to cd(4). Units are in KB/sec. 2002-10-18 22:03:39 +00:00
fs Fix comments and one resulting code confusion about the type of the 2002-10-16 08:04:11 +00:00
geom Add Geom Based Disk Encryption to the tree. 2002-10-19 17:02:17 +00:00
gnu MFufs 1.33: 2002-10-18 21:41:41 +00:00
i4b Be consistent about marking functions static. 2002-10-15 20:32:45 +00:00
i386 Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
ia64 Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
isa Fix compile with options SC_NO_SUSPEND_VTYSWITCH. 2002-10-17 16:09:13 +00:00
isofs/cd9660 Fix comments and one resulting code confusion about the type of the 2002-10-16 08:04:11 +00:00
kern In link_elf_load_file(), when SPARSE_MAPPING is defined and we 2002-10-19 05:01:54 +00:00
libkern Slight overhaul of arc4random() and friends. 2002-10-11 13:13:08 +00:00
modules (1) added LSI Logic copyright, and legal line 3 in license, and string 2002-10-18 21:29:14 +00:00
net last arg of in6?_gif_output() is not used any more. 2002-10-17 17:47:55 +00:00
netatalk Add more ethernet types and move AppleTalk types into proper location. 2002-09-06 17:02:29 +00:00
netatm Add a field to struct cmn_unit to hold a pointer to the driver's softc. 2002-10-01 22:04:31 +00:00
netgraph use __packed. 2002-09-23 18:54:32 +00:00
netinet Several malloc() calls were passing the M_DONTWAIT flag 2002-10-19 11:31:50 +00:00
netinet6 last arg of in6?_gif_output() is not used any more. 2002-10-17 17:47:55 +00:00
netipsec "Fast IPsec": this is an experimental IPsec implementation that is derived 2002-10-16 02:10:08 +00:00
netipx Replace aux mbufs with packet tags: 2002-10-16 01:54:46 +00:00
netkey - fixed the order of searching SA table for packets. 2002-07-10 16:39:38 +00:00
netnatm Be consistent about functions being static. 2002-10-16 09:19:17 +00:00
netncp Change iov_base's type from char *' to the standard void *'. All 2002-10-11 14:58:34 +00:00
netns Use m_length() instead of home-rolled versions. 2002-09-18 19:44:14 +00:00
netsmb Some kernel threads try to do significant work, and the default KSTACK_PAGES 2002-10-02 07:44:29 +00:00
nfs Change iov_base's type from char *' to the standard void *'. All 2002-10-11 14:58:34 +00:00
nfsclient Regularize the vop_stdlock'ing protocol across all the filesystems 2002-10-14 03:20:36 +00:00
nfsserver Correct a problem wherein NFS servers running NFSv2 would not return 2002-10-03 21:50:37 +00:00
opencrypto Module-ize the 'core' crypto stuff. This may still need to be compiled 2002-10-16 14:31:34 +00:00
pc98 Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
pccard MFp4: Comment about not assuming INTA# for 6729 2002-10-07 07:02:48 +00:00
pci Be consistent about functions being static. 2002-10-16 09:14:59 +00:00
posix4 Tidy up the scheduler's code for changing the priority of a thread. 2002-10-14 20:34:31 +00:00
powerpc Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
rpc
security Regularize the vop_stdlock'ing protocol across all the filesystems 2002-10-14 03:20:36 +00:00
sparc64 Permits UFS ACLs to be used with the GENERIC kernel. Due to recent 2002-10-19 16:54:15 +00:00
sys * Add CDRIOC{READ,WRITE}SPEED ioctls to cd(4). Units are in KB/sec. 2002-10-18 22:03:39 +00:00
tools - Move ASSERT_VOP_*LOCK* functionality into functions in vfs_subr.c 2002-09-26 04:48:44 +00:00
ufs Clarify that the UFS1 extended attribute configuration steps do not apply 2002-10-19 16:09:16 +00:00
vm Replace the vm_page hash table with a per-vmobject splay tree. There should 2002-10-18 17:24:30 +00:00
Makefile