d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ffeb890592
freebsd-skq/sys/modules/Makefile
Mark Murray 10cb24248a This is the much-discussed major upgrade to the random(4) device, known to you all as /dev/random. 
This code has had an extensive rewrite and a good series of reviews, both by the author and other parties. This means a lot of code has been simplified. Pluggable structures for high-rate entropy generators are available, and it is most definitely not the case that /dev/random can be driven by only a hardware souce any more. This has been designed out of the device. Hardware sources are stirred into the CSPRNG (Yarrow, Fortuna) like any other entropy source. Pluggable modules may be written by third parties for additional sources.

The harvesting structures and consequently the locking have been simplified. Entropy harvesting is done in a more general way (the documentation for this will follow). There is some GREAT entropy to be had in the UMA allocator, but it is disabled for now as messing with that is likely to annoy many people.

The venerable (but effective) Yarrow algorithm, which is no longer supported by its authors now has an alternative, Fortuna. For now, Yarrow is retained as the default algorithm, but this may be changed using a kernel option. It is intended to make Fortuna the default algorithm for 11.0. Interested parties are encouraged to read ISBN 978-0-470-47424-2 "Cryptography Engineering" By Ferguson, Schneier and Kohno for Fortuna's gory details. Heck, read it anyway.

Many thanks to Arthur Mesh who did early grunt work, and who got caught in the crossfire rather more than he deserved to.

My thanks also to folks who helped me thresh this out on whiteboards and in the odd "Hallway track", or otherwise.

My Nomex pants are on. Let the feedback commence!

Reviewed by:	trasz,des(partial),imp(partial?),rwatson(partial?)
Approved by:	so(des)
2014-10-30 21:21:53 +00:00

755 lines
11 KiB
Makefile
Raw Blame History

# $FreeBSD$
SYSDIR?=${.CURDIR}/..
.include "${SYSDIR}/conf/kern.opts.mk"
SUBDIR_PARALLEL=
# Modules that include binary-only blobs of microcode should be selectable by
# MK_SOURCELESS_UCODE option (see below).
.if defined(MODULES_OVERRIDE) && !defined(ALL_MODULES)
SUBDIR=${MODULES_OVERRIDE}
.else
SUBDIR= \
${_3dfx} \
${_3dfx_linux} \
${_aac} \
${_aacraid} \
accf_data \
accf_dns \
accf_http \
acl_nfs4 \
acl_posix1e \
${_acpi} \
ae \
${_aesni} \
age \
${_agp} \
aha \
${_ahb} \
ahci \
${_aic} \
aic7xxx \
aio \
alc \
ale \
alq \
${_amdsbwd} \
${_amdtemp} \
amr \
${_an} \
${_aout} \
${_apm} \
${_arcmsr} \
${_arcnet} \
${_asmc} \
${_asr} \
ata \
ath \
ath_pci \
autofs \
${_auxio} \
${_bce} \
bfe \
bge \
${_bxe} \
${_bios} \
${_bktr} \
${_bm} \
bridgestp \
bwi \
bwn \
cam \
${_canbepm} \
${_canbus} \
${_cardbus} \
${_carp} \
cas \
${_cbb} \
cc \
cd9660 \
cd9660_iconv \
${_ce} \
${_cfi} \
${_ciss} \
${_cm} \
${_cmx} \
${_coff} \
${_coretemp} \
${_cp} \
${_cpsw} \
${_cpuctl} \
${_cpufreq} \
${_crypto} \
${_cryptodev} \
${_cs} \
${_ct} \
${_ctau} \
ctl \
cuse \
${_cxgb} \
${_cxgbe} \
${_cyclic} \
dc \
dcons \
dcons_crom \
de \
${_dpms} \
${_dpt} \
${_drm} \
${_drm2} \
${_dtrace} \
dummynet \
${_ed} \
${_elink} \
${_em} \
en \
${_ep} \
${_epic} \
esp \
${_et} \
${_ex} \
${_exca} \
${_ext2fs} \
${_fatm} \
fdc \
fdescfs \
${_fe} \
${_filemon} \
firewire \
firmware \
fuse \
${_fxp} \
gem \
geom \
${_glxiic} \
${_glxsb} \
hatm \
hifn \
hme \
${_hpt27xx} \
${_hptiop} \
${_hptmv} \
${_hptnr} \
${_hptrr} \
hwpmc \
${_hyperv} \
${_i2c} \
${_ibcore} \
${_ibcs2} \
${_ichwd} \
${_ida} \
${_ie} \
if_bridge \
if_disc \
if_edsc \
if_epair \
if_faith \
if_gif \
${_if_gre} \
if_lagg \
${_if_ndis} \
if_stf \
if_tap \
if_tun \
if_vlan \
if_vxlan \
${_igb} \
${_iir} \
imgact_binmisc \
${_io} \
${_ipoib} \
${_ipdivert} \
${_ipfilter} \
${_ipfw} \
ipfw_nat \
${_ipmi} \
ip6_mroute_mod \
ip_mroute_mod \
${_ips} \
${_ipw} \
${_ipwfw} \
${_isci} \
iscsi \
iscsi_initiator \
isp \
${_ispfw} \
${_iwi} \
${_iwifw} \
${_iwn} \
${_iwnfw} \
${_ixgb} \
${_ixgbe} \
${_ixl} \
${_ixlv} \
jme \
joy \
kbdmux \
kgssapi \
kgssapi_krb5 \
khelp \
krpc \
ksyms \
le \
lge \
libalias \
libiconv \
libmbpool \
libmchain \
${_linprocfs} \
${_linsysfs} \
${_linux} \
lmc \
lpt \
mac_biba \
mac_bsdextended \
mac_ifoff \
mac_lomac \
mac_mls \
mac_none \
mac_partition \
mac_portacl \
mac_seeotheruids \
mac_stub \
mac_test \
malo \
mcd \
md \
mem \
mfi \
mii \
mlx \
${_mlx4} \
${_mlx4ib} \
${_mlxen} \
${_mly} \
mmc \
mmcsd \
mpr \
mps \
mpt \
mqueue \
mrsas \
msdosfs \
msdosfs_iconv \
${_mse} \
msk \
${_mthca} \
mvs \
mwl \
${_mwlfw} \
mxge \
my \
${_nandfs} \
${_nandsim} \
${_ncr} \
${_ncv} \
${_ndis} \
netfpga10g \
${_netgraph} \
${_nfe} \
nfs_common \
nfscl \
nfsclient \
nfscommon \
nfsd \
nfslock \
nfslockd \
nfsserver \
nfssvc \
nge \
nmdm \
${_nsp} \
nullfs \
${_ntb} \
${_nvd} \
${_nvme} \
${_nvram} \
${_nxge} \
${_opensolaris} \
oce \
${_padlock} \
${_padlock_rng} \
patm \
${_pccard} \
${_pcfclock} \
pcn \
${_pf} \
${_pflog} \
${_pfsync} \
plip \
${_pmc} \
ppbus \
ppc \
ppi \
pps \
procfs \
proto \
pseudofs \
${_pst} \
pty \
puc \
${_qlxge} \
${_qlxgb} \
${_qlxgbe} \
ral \
${_ralfw} \
${_random} \
rc4 \
${_rdma} \
${_rdrand_rng} \
re \
reiserfs \
rl \
${_s3} \
${_safe} \
${_sbni} \
scc \
scd \
${_scsi_low} \
sdhci \
sdhci_pci \
sem \
send \
${_sf} \
${_sfxge} \
sge \
${_si} \
siba_bwn \
siftr \
siis \
sis \
sk \
${_smbfs} \
${_sn} \
${_snc} \
snp \
${_sound} \
${_speaker} \
${_splash} \
${_sppp} \
ste \
${_stg} \
stge \
${_streams} \
${_svr4} \
${_sym} \
${_syscons} \
sysvipc \
${_ti} \
tl \
tmpfs \
${_toecore} \
${_tpm} \
trm \
${_twa} \
twe \
tws \
tx \
${_txp} \
uart \
ubsec \
udf \
udf_iconv \
ufs \
unionfs \
usb \
utopia \
${_vesa} \
${_virtio} \
vge \
${_viawd} \
vkbd \
${_vmm} \
${_vmware} \
${_vpo} \
vr \
vte \
vx \
${_vxge} \
wb \
${_wbwd} \
${_wds} \
${_wi} \
${_wl} \
wlan \
wlan_acl \
wlan_amrr \
wlan_ccmp \
wlan_rssadapt \
wlan_tkip \
wlan_wep \
wlan_xauth \
${_wpi} \
${_wpifw} \
${_x86bios} \
${_xe} \
xl \
${_zfs} \
zlib
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
.if exists(${.CURDIR}/../opencrypto)
_crypto= crypto
_cryptodev= cryptodev
.endif
.if exists(${.CURDIR}/../crypto)
_random= random
.endif
.endif
.if (${MK_INET_SUPPORT} != "no" || ${MK_INET6_SUPPORT} != "no") || \
defined(ALL_MODULES)
_carp= carp
_toecore= toecore
.endif
.if ${MK_INET_SUPPORT} != "no" || defined(ALL_MODULES)
_if_gre= if_gre
_ipdivert= ipdivert
_ipfw= ipfw
.endif
.if ${MK_IPFILTER} != "no" || defined(ALL_MODULES)
_ipfilter= ipfilter
.endif
.if ${MK_NAND} != "no" || defined(ALL_MODULES)
_nandfs= nandfs
_nandsim= nandsim
.endif
.if ${MK_NETGRAPH} != "no" || defined(ALL_MODULES)
_netgraph= netgraph
.endif
.if (${MK_PF} != "no" && (${MK_INET_SUPPORT} != "no" || \
${MK_INET6_SUPPORT} != "no")) || defined(ALL_MODULES)
_pf= pf
_pflog= pflog
.if ${MK_INET_SUPPORT} != "no"
_pfsync= pfsync
.endif
.endif
.if ${MK_SOURCELESS_UCODE} != "no"
_bce= bce
_cxgbe= cxgbe
_fatm= fatm
_fxp= fxp
_ispfw= ispfw
_mwlfw= mwlfw
_ralfw= ralfw
_sf= sf
_sn= sn
_ti= ti
_txp= txp
.endif
.if ${MACHINE_CPUARCH} != "arm" && ${MACHINE_CPUARCH} != "mips" && \
${MACHINE_CPUARCH} != "powerpc"
_syscons= syscons
_vpo= vpo
.endif
.if ${MACHINE_CPUARCH} != "arm" && ${MACHINE_CPUARCH} != "mips"
# no BUS_SPACE_UNSPECIFIED
# No barrier instruction support (specific to this driver)
_sym= sym
# intr_disable() is a macro, causes problems
.if ${MK_SOURCELESS_UCODE} != "no"
_cxgb= cxgb
.endif
.endif
.if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64"
_agp= agp
_an= an
_aout= aout
_bktr= bktr
_bxe= bxe
_cardbus= cardbus
_cbb= cbb
_cpuctl= cpuctl
_cpufreq= cpufreq
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_cyclic= cyclic
.endif
_dpms= dpms
_drm= drm
_drm2= drm2
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_dtrace= dtrace
.endif
_ed= ed
_em= em
_et= et
_exca= exca
_ext2fs= ext2fs
_filemon= filemon
_i2c= i2c
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_ibcore= ibcore
.endif
_if_ndis= if_ndis
_igb= igb
_io= io
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_ipoib= ipoib
.endif
_linprocfs= linprocfs
_linsysfs= linsysfs
_linux= linux
_ndis= ndis
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_opensolaris= opensolaris
.endif
_pccard= pccard
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_rdma= rdma
.endif
_safe= safe
_scsi_low= scsi_low
_si= si
_smbfs= smbfs
_sound= sound
_speaker= speaker
_splash= splash
_sppp= sppp
_vmware= vmware
_vxge= vxge
_wbwd= wbwd
_wi= wi
.if ${MK_ZFS} != "no" || defined(ALL_MODULES)
_zfs= zfs
.endif
.if ${MACHINE} != "pc98"
_aac= aac
_aacraid= aacraid
_acpi= acpi
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
_aesni= aesni
.endif
_amdsbwd= amdsbwd
_amdtemp= amdtemp
_arcmsr= arcmsr
_asmc= asmc
_ciss= ciss
_cmx= cmx
_coretemp= coretemp
.if ${MK_SOURCELESS_HOST} != "no"
_hpt27xx= hpt27xx
.endif
_hptiop= hptiop
.if ${MK_SOURCELESS_HOST} != "no"
_hptmv= hptmv
_hptnr= hptnr
_hptrr= hptrr
.endif
_hyperv= hyperv
_ichwd= ichwd
_ida= ida
_iir= iir
_ipmi= ipmi
_ips= ips
_ipw= ipw
.if ${MK_SOURCELESS_UCODE} != "no"
_ipwfw= ipwfw
.endif
_isci= isci
_iwi= iwi
.if ${MK_SOURCELESS_UCODE} != "no"
_iwifw= iwifw
.endif
_iwn= iwn
.if ${MK_SOURCELESS_UCODE} != "no"
_iwnfw= iwnfw
.endif
_ixgb= ixgb
_ixgbe= ixgbe
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_mlx4= mlx4
_mlx4ib= mlx4ib
_mlxen= mlxen
.endif
_mly= mly
.if ${MK_OFED} != "no" || defined(ALL_MODULES)
_mthca= mthca
.endif
_nfe= nfe
_nvd= nvd
_nvme= nvme
_nvram= nvram
_nxge= nxge
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
_padlock= padlock
_padlock_rng= padlock_rng
_rdrand_rng= rdrand_rng
.endif
_s3= s3
_tpm= tpm
_twa= twa
_vesa= vesa
_viawd= viawd
_virtio= virtio
_wpi= wpi
.if ${MK_SOURCELESS_UCODE} != "no"
_wpifw= wpifw
.endif
_x86bios= x86bios
.endif
.endif
.if ${MACHINE_CPUARCH} == "amd64"
_ixl= ixl
_ixlv= ixlv
_ntb= ntb
_nvd= nvd
_nvme= nvme
_nvram= nvram
_nxge= nxge
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_opensolaris= opensolaris
.endif
.if ${MK_CRYPT} != "no" || defined(ALL_MODULES)
_padlock= padlock
.endif
_pccard= pccard
_qlxge= qlxge
_qlxgb= qlxgb
_qlxgbe= qlxgbe
_sfxge= sfxge
_vmm= vmm
.endif
.if ${MACHINE_CPUARCH} == "i386"
# XXX some of these can move to the general case when de-i386'ed
# XXX some of these can move now, but are untested on other architectures.
_3dfx= 3dfx
_3dfx_linux= 3dfx_linux
_aic= aic
_apm= apm
_arcnet= arcnet
.if ${MK_SOURCELESS_UCODE} != "no"
_ce= ce
.endif
_coff= coff
.if ${MK_SOURCELESS_UCODE} != "no"
_cp= cp
.endif
_cs= cs
_elink= elink
_ep= ep
_fe= fe
_glxiic= glxiic
_glxsb= glxsb
_ibcs2= ibcs2
_ie= ie
_mse= mse
_ncr= ncr
_ncv= ncv
_nsp= nsp
_pcfclock= pcfclock
_pst= pst
_sbni= sbni
_streams= streams
_stg= stg
_svr4= svr4
_wds= wds
_xe= xe
.if ${MACHINE} == "i386"
.if ${MK_EISA} != "no"
_ahb= ahb
.endif
_asr= asr
_bios= bios
_cm= cm
.if ${MK_SOURCELESS_UCODE} != "no"
_ctau= ctau
.endif
_dpt= dpt
_ex= ex
_wl= wl
.elif ${MACHINE} == "pc98"
_canbepm= canbepm
_canbus= canbus
_ct= ct
_pmc= pmc
_snc= snc
.endif
.endif
.if ${MACHINE_CPUARCH} == "arm"
_cfi= cfi
_cpsw= cpsw
_sound= sound
.endif
.if ${MACHINE_CPUARCH} == "powerpc"
_agp= agp
_an= an
_bm= bm
_cardbus= cardbus
_cbb= cbb
_cfi= cfi
_cpufreq= cpufreq
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_cyclic= cyclic
.endif
_drm= drm
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_dtrace= dtrace
.endif
_exca= exca
_nvram= powermac_nvram
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_opensolaris= opensolaris
.endif
_pccard= pccard
_smbfs= smbfs
_sound= sound
_wi= wi
.endif
.if ${MACHINE_ARCH} == "powerpc64"
.if ${MK_ZFS} != "no" || defined(ALL_MODULES)
_zfs= zfs
.endif
.endif
.if ${MACHINE_CPUARCH} == "sparc64"
_auxio= auxio
_em= em
_epic= epic
_i2c= i2c
_igb= igb
.if ${MK_CDDL} != "no" || defined(ALL_MODULES)
_opensolaris= opensolaris
.endif
_smbfs= smbfs
_sound= sound
.if ${MK_ZFS} != "no" || defined(ALL_MODULES)
_zfs= zfs
.endif
.endif
.endif
.for reject in ${WITHOUT_MODULES}
SUBDIR:= ${SUBDIR:N${reject}}
.endfor
# Calling kldxref(8) for each module is expensive.
.if !defined(NO_XREF)
.MAKEFLAGS+= -DNO_XREF
afterinstall:
@if type kldxref >/dev/null 2>&1; then \
${ECHO} kldxref ${DESTDIR}${KMODDIR}; \
kldxref ${DESTDIR}${KMODDIR}; \
fi
.endif
.include <bsd.subdir.mk>
Reference in New Issue View Git Blame Copy Permalink