From 0b570ac92d2b868559305c4c242fa3280370ac67 Mon Sep 17 00:00:00 2001 From: maya Date: Wed, 8 Aug 2018 21:15:41 +0000 Subject: [PATCH] Remove nsp(4) documentation following the removal of code. --- distrib/sets/lists/man/mi | 8 +- share/man/man4/Makefile | 4 +- share/man/man4/nsp.4 | 195 -------------------------------------- 3 files changed, 6 insertions(+), 201 deletions(-) delete mode 100644 share/man/man4/nsp.4 diff --git a/distrib/sets/lists/man/mi b/distrib/sets/lists/man/mi index 89dcc48630ac..0b50b87b1572 100644 --- a/distrib/sets/lists/man/mi +++ b/distrib/sets/lists/man/mi @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1605 2018/08/03 06:07:02 kamil Exp $ +# $NetBSD: mi,v 1.1606 2018/08/08 21:15:42 maya Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -1494,7 +1494,7 @@ ./usr/share/man/cat4/nside.0 man-sys-catman .cat ./usr/share/man/cat4/nsip.0 man-obsolete obsolete ./usr/share/man/cat4/nsmb.0 man-sys-catman .cat -./usr/share/man/cat4/nsp.0 man-sys-catman .cat +./usr/share/man/cat4/nsp.0 man-obsolete .cat ./usr/share/man/cat4/nsphy.0 man-sys-catman .cat ./usr/share/man/cat4/nsphyter.0 man-sys-catman .cat ./usr/share/man/cat4/ntwo.0 man-sys-catman .cat @@ -4601,7 +4601,7 @@ ./usr/share/man/html4/nsclpcsio.html man-sys-htmlman html ./usr/share/man/html4/nside.html man-sys-htmlman html ./usr/share/man/html4/nsmb.html man-sys-htmlman html -./usr/share/man/html4/nsp.html man-sys-htmlman html +./usr/share/man/html4/nsp.html man-obsolete html ./usr/share/man/html4/nsphy.html man-sys-htmlman html ./usr/share/man/html4/nsphyter.html man-sys-htmlman html ./usr/share/man/html4/ntwo.html man-sys-htmlman html @@ -7566,7 +7566,7 @@ ./usr/share/man/man4/nside.4 man-sys-man .man ./usr/share/man/man4/nsip.4 man-obsolete obsolete ./usr/share/man/man4/nsmb.4 man-sys-man .man -./usr/share/man/man4/nsp.4 man-sys-man .man +./usr/share/man/man4/nsp.4 man-obsolete .man ./usr/share/man/man4/nsphy.4 man-sys-man .man ./usr/share/man/man4/nsphyter.4 man-sys-man .man ./usr/share/man/man4/ntwo.4 man-sys-man .man diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index 26f06e37787a..9729e777a91e 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.662 2018/07/31 19:30:19 rjs Exp $ +# $NetBSD: Makefile,v 1.663 2018/08/08 21:15:41 maya Exp $ # @(#)Makefile 8.1 (Berkeley) 6/18/93 MAN= aac.4 ac97.4 acardide.4 aceride.4 acphy.4 \ @@ -43,7 +43,7 @@ MAN= aac.4 ac97.4 acardide.4 aceride.4 acphy.4 \ micphy.4 midi.4 mii.4 mk48txx.4 mlx.4 mly.4 mpls.4 mpii.4 mpt.4 \ mpu.4 mtd.4 mtio.4 msm6242b.4 multicast.4 mvsata.4 \ nadb.4 ne.4 neo.4 netintro.4 nfe.4 nfsmb.4 njata.4 njs.4 \ - nsclpcsio.4 nside.4 nsp.4 nsphy.4 nsphyter.4 ntwoc.4 null.4 nsmb.4 \ + nsclpcsio.4 nside.4 nsphy.4 nsphyter.4 ntwoc.4 null.4 nsmb.4 \ nvme.4 \ oak.4 oosiop.4 opl.4 options.4 optiide.4 osiop.4 otus.4 \ pad.4 pas.4 pcdisplay.4 pcf8563rtc.4 pciide.4 pckbc.4 pckbd.4 pcn.4 \ diff --git a/share/man/man4/nsp.4 b/share/man/man4/nsp.4 deleted file mode 100644 index 341194317414..000000000000 --- a/share/man/man4/nsp.4 +++ /dev/null @@ -1,195 +0,0 @@ -.\" $NetBSD: nsp.4,v 1.4 2018/06/15 23:11:56 wiz Exp $ -.\" -.\" Copyright (c) 2008 The NetBSD Foundation, Inc. -.\" All rights reserved. -.\" -.\" This code is derived from software contributed to The NetBSD Foundation -.\" by Coyote Point Systems, Inc. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN -.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd June 13, 2018 -.Dt NSP 4 -.Os -.Sh NAME -.Nm nsp -.Nd NBMK/CyberGuard/NetOctave NSP2000 crypto accelerator -.Sh SYNOPSIS -.Cd "nsp* at pci? dev ? function ?" -.Sh DESCRIPTION -The -.Nm -driver supports cards using the NSP2000 cryptographic processor, -originally manufactured and sold by NetOctave, then CyberGuard, and -presently (late 2008) by NBMK Encryption Technologies. -.Pp -The NSP2000 is a cryptographic -.Dq packet processor -or -.Dq macro processor -featuring extensive support for protocol handshake acceleration -and protocol record operations (e.g. single-pass pad-encrypt-and-hash -for SSL or ESP messages). -It also provides various cryptographic and mathematical primitives -such as random number generation, encryption/decryption (DES, 3DES, and RC4), -hash computation (MD5, SHA1, and HMAC), and an extensive set of operations -for arbitrary precision arithmetic. -It contains a tamper-resistant write-only memory region for storage -of cryptographic keys. -.Pp -The -.Nm -driver registers support for the following operations with -.Xr opencrypto 9 : -.Bl -tag -width "CRK_DH_COMPUTE_KEY" -offset indent -.It Dv CRYPTO_DES_CBC -DES in CBC mode. -.It Dv CRYPTO_3DES_CBC -Triple-DES in CBC mode. -.It Dv CRYPTO_MD5 -The MD5 hash algorithm. -.It Dv CRYPTO_SHA1 -The SHA-1 hash algorithm. -.It Dv CRYPTO_SHA1_HMAC -The HMAC message authentication code using SHA-1 as the hash function. -.It Dv CRYPTO_MD5_HMAC -The HMAC message authentication code using MD5 as the hash function. -.It Dv CRK_MOD -Compute x modulo y. -.It Dv CRK_MOD_ADD -Modular addition. -.It Dv CRK_MOD_ADDINV -Modular additive inversion. -.It Dv CRK_MOD_SUB -Modular subtraction. -.It Dv CRK_MOD_MULT -Modular multiplication. -.It Dv CRK_MOD_MULTINV -Modular multiplicative inversion. -.It Dv CRK_MOD_EXP -Modular exponentiation. -.It Dv CRK_DSA_SIGN -DSA signature creation. -.It Dv CRK_DSA_VERIFY -DSA signature verification. -.It Dv CRK_DH_COMPUTE_KEY -Diffie-Hellman key computation. -.El -.Sh PERFORMANCE -The -.Nm -driver can perform several hundred 1024-bit RSA operations per second, -and can encrypt and hash about 200Mbit/sec of data with symmetric -operations. -Each figure is approximately 1/3 the rated throughput for -the device. -.Pp -Several restrictions limit the performance of this driver: -.Bl -enum -compact -.It -The -.Dv CRK_MOD_EXP_CRT -operation (modular exponentiation with operands in Chinese Remainder -Theorem form) is unfortunately not supported because the -.Xr opencrypto 9 -interface specifies this operation in a way which may only be -compatible with the -.Xr ubsec 4 -accelerator. -.It -The handshake operations and record transforms are not supported as they -are a poor fit for the current -.Xr opencrypto 9 -API. -Support for either would require a method of passing record-transform -contexts between layers of the framework, likely in both directions across -the user-kernel boundary. -Without record operations, the host CPU will almost always -perform RC4 faster than the NSP2000, so RC4 support is disabled in the -.Nm -driver. -.It -The on-board key memory is not supported. -It would be relatively easy to add support for this feature to -.Xr opencrypto 9 , -but the interface for supporting this functionality in OpenSSL in -OpenSSL is complex and poorly documented, which makes kernel support -useless. -.It -The OpenSSL -.Dq engine -for -.Xr crypto 4 -does not yet support the HMAC forms of the hash operations, which roughly -halves performance for many workloads. -.El -.Pp -On a more positive note, the NSP2000 and -.Nm -driver offer excellent performance for small modular arithmetic operations, -achieving 75,000 or more such operations per second. -.Sh SEE ALSO -.Xr crypto 4 , -.Xr intro 4 , -.Xr ipsec 4 , -.Xr rnd 4 , -.Xr opencrypto 9 -.Sh HISTORY -The -.Nm -device driver is descended from the NetOctave SDK for -.Fx 4.11 , -where it was called -.Dq noct . -It is unrelated to the driver of that -name which appeared in -.Ox 3.2 , -which does not support the public-key (or other bignum) functions of the -device. -The -.Nm -driver was ported to -.Nx 5.0 -by Coyote Point Systems, Inc and generously made available under -a BSD-style license by NBMK Encryption Technologies, Inc, the -corporate successor of NetOctave. -.Pp -The -.Nm -device driver does not currently support the device node interface -provided by the original NetOctave -.Dq noct -driver (which offers handshake acceleration, record operations, -memory-mapped handling of packet payloads, and several other useful -features) but most of the code to do so is still present, albeit -in untested form. -.Sh BUGS -Support for limitations of the NSP2000 PCI interface (broken burst-mode -operation, lack of scatter-gather support) is present but tested only on -a fairly small range of host systems. -.Pp -It appears that most if not all NSP2000 cards ever manufactured were -designed to carry either one or two accelerator chips, which suggests -that cards exist with both chips populated. -The -.Nm -driver has never been tested with more than one instance present at a time.