Commit Graph

1490 Commits

Author SHA1 Message Date
tls
7b0b7dedd9 Entropy-pool implementation move and cleanup.
1) Move core entropy-pool code and source/sink/sample management code
   to sys/kern from sys/dev.

2) Remove use of NRND as test for presence of entropy-pool code throughout
   source tree.

3) Remove use of RND_ENABLED in device drivers as microoptimization to
   avoid expensive operations on disabled entropy sources; make the
   rnd_add calls do this directly so all callers benefit.

4) Fix bug in recent rnd_add_data()/rnd_add_uint32() changes that might
   have lead to slight entropy overestimation for some sources.

5) Add new source types for environmental sensors, power sensors, VM
   system events, and skew between clocks, with a sample implementation
   for each.

ok releng to go in before the branch due to the difficulty of later
pullup (widespread #ifdef removal and moved files).  Tested with release
builds on amd64 and evbarm and live testing on amd64.
2012-02-02 19:42:57 +00:00
macallan
0a201d5d34 igsfb doesn't use rcons, no need to pull it in 2012-01-31 05:08:14 +00:00
dholland
749c2c6e19 Add vfs_quotactl.c. This is where filesystem-independent quota
handling will go.
2012-01-29 06:26:54 +00:00
nisimura
cbcafca122 Add UDA1341TS audio CODEC support. Code is written by
Paul Fleischer.
2012-01-28 08:37:22 +00:00
christos
6fb39d18da add a tpm driver from bsssd.sourceforge.net 2012-01-22 06:44:28 +00:00
drochner
40e8e4a37d also remove unnecessary "needs-flag" for firmload, from Paul Goyette 2012-01-19 16:35:24 +00:00
drochner
bb133a10ef get the logics straight: CPU_UCODE requires "firmload" as a dependency 2012-01-18 20:37:20 +00:00
pgoyette
f7607cb2ae options CPU_UCODE requires firmload.c 2012-01-14 04:18:49 +00:00
martin
e485c8dbaa Make option CPU_UCODE global 2012-01-13 21:46:00 +00:00
riz
c1792eb47d Welcome to 2012, Happy New Year!
Don't forget to adjust copyright date in new code.
2012-01-01 00:00:30 +00:00
drochner
496df2a91f do missing ipsec->kame_ipsec renames 2011-12-19 16:10:07 +00:00
joerg
417b55d96e Move Clang-warning flags for ah_regdomain.c into sys/conf, they are
platform independent. Use the selective -Wno-* flags instead of
-Wno-error.
2011-12-19 14:06:16 +00:00
tls
6e1dd068e9 Separate /dev/random pseudodevice implemenation from kernel entropy pool
implementation.  Rewrite pseudodevice code to use cprng_strong(9).

The new pseudodevice is cloning, so each caller gets bits from a stream
generated with its own key.  Users of /dev/urandom get their generators
keyed on a "best effort" basis -- the kernel will rekey generators
whenever the entropy pool hits the high water mark -- while users of
/dev/random get their generators rekeyed every time key-length bits
are output.

The underlying cprng_strong API can use AES-256 or AES-128, but we use
AES-128 because of concerns about related-key attacks on AES-256.  This
improves performance (and reduces entropy pool depletion) significantly
for users of /dev/urandom but does cause users of /dev/random to rekey
twice as often.

Also fixes various bugs (including some missing locking and a reseed-counter
overflow in the CTR_DRBG code) found while testing this.

For long reads, this generator is approximately 20 times as fast as the
old generator (dd with bs=64K yields 53MB/sec on 2Ghz Core2 instead of
2.5MB/sec) and also uses a separate mutex per instance so concurrency
is greatly improved.  For reads of typical key sizes for modern
cryptosystems (16-32 bytes) performance is about the same as the old
code: a little better for 32 bytes, a little worse for 16 bytes.
2011-12-17 20:05:38 +00:00
tls
8a012bd83f The rnd pseudo-device is not really optional, because it is in the same
source file as the entropy-pool code itself.  Move it to std.  This
will be cleaned up more when I split the sources up as they should be.

This fixes build breaks on several ports.  Thanks to Havard Eidnes for
pointing them out.
2011-11-22 21:25:05 +00:00
tls
3afd44cf08 First step of random number subsystem rework described in
<20111022023242.BA26F14A158@mail.netbsd.org>.  This change includes
the following:

	An initial cleanup and minor reorganization of the entropy pool
	code in sys/dev/rnd.c and sys/dev/rndpool.c.  Several bugs are
	fixed.  Some effort is made to accumulate entropy more quickly at
	boot time.

	A generic interface, "rndsink", is added, for stream generators to
	request that they be re-keyed with good quality entropy from the pool
	as soon as it is available.

	The arc4random()/arc4randbytes() implementation in libkern is
	adjusted to use the rndsink interface for rekeying, which helps
	address the problem of low-quality keys at boot time.

	An implementation of the FIPS 140-2 statistical tests for random
	number generator quality is provided (libkern/rngtest.c).  This
	is based on Greg Rose's implementation from Qualcomm.

	A new random stream generator, nist_ctr_drbg, is provided.  It is
	based on an implementation of the NIST SP800-90 CTR_DRBG by
	Henric Jungheim.  This generator users AES in a modified counter
	mode to generate a backtracking-resistant random stream.

	An abstraction layer, "cprng", is provided for in-kernel consumers
	of randomness.  The arc4random/arc4randbytes API is deprecated for
	in-kernel use.  It is replaced by "cprng_strong".  The current
	cprng_fast implementation wraps the existing arc4random
	implementation.  The current cprng_strong implementation wraps the
	new CTR_DRBG implementation.  Both interfaces are rekeyed from
	the entropy pool automatically at intervals justifiable from best
	current cryptographic practice.

	In some quick tests, cprng_fast() is about the same speed as
	the old arc4randbytes(), and cprng_strong() is about 20% faster
	than rnd_extract_data().  Performance is expected to improve.

	The AES code in src/crypto/rijndael is no longer an optional
	kernel component, as it is required by cprng_strong, which is
	not an optional kernel component.

	The entropy pool output is subjected to the rngtest tests at
	startup time; if it fails, the system will reboot.  There is
	approximately a 3/10000 chance of a false positive from these
	tests.  Entropy pool _input_ from hardware random numbers is
	subjected to the rngtest tests at attach time, as well as the
	FIPS continuous-output test, to detect bad or stuck hardware
	RNGs; if any are detected, they are detached, but the system
	continues to run.

	A problem with rndctl(8) is fixed -- datastructures with
	pointers in arrays are no longer passed to userspace (this
	was not a security problem, but rather a major issue for
	compat32).  A new kernel will require a new rndctl.

	The sysctl kern.arandom() and kern.urandom() nodes are hooked
	up to the new generators, but the /dev/*random pseudodevices
	are not, yet.

	Manual pages for the new kernel interfaces are forthcoming.
2011-11-19 22:51:18 +00:00
agc
a5b83a6434 grab major 203 for the iSCSI communications device (between kernel
driver and /sbin/iscsid)
2011-11-19 16:41:55 +00:00
riz
262c7a9290 Build and install new in-kernel iscsi initiator kernel module and associated
binaries (iscsid, iscsictl) if MKISCSI != no.  Initiator can also be built
into a kernel by adding 'pseudo-device iscsi' in kernel configuration.
2011-11-15 16:50:43 +00:00
martin
b37874ed85 Add missing subr_pcq.c 2011-11-02 09:47:57 +00:00
tron
364c7183d8 Fix build of kernels without filemon(4). 2011-10-15 10:18:24 +00:00
sjg
db4d363da5 Add the plumbing so one could compile filemon(4) into a kernel. 2011-10-15 00:23:08 +00:00
jmcneill
ab747348b5 Install dev/i2c/i2c_io.h and implement the API in the iic(4) driver.
Obsolete the I2C_SCAN option as this can now be done from userland.
2011-10-02 16:39:45 +00:00
jruoho
a179648071 Add a simple cpufreq(9).
This is slightly improved version presented on tech-kern@ with proper
locking and few additional functions, mainly required for ioctl(9)/cpuctl(8).
2011-09-28 10:55:46 +00:00
joerg
41c1da9cfb Allow analyze to work by including bsd.clang-analyze.mk for kernels 2011-09-25 22:26:33 +00:00
jnemeth
a55ee38cee dm(4) uses dk_lookup() from dksubr.c 2011-09-19 08:53:30 +00:00
plunky
f2d8d4c1c1 for multi-cpu machines, cpu_hatch() straddles the init of
__stack_chk_guard, so ensure stack protection is disabled
on x86 architectures (I don't know about other archs)
2011-08-31 20:16:43 +00:00
jmcneill
eb0ad8c7a7 let kernel makefile override *.d targets 2011-08-28 23:15:53 +00:00
bouyer
8282898f08 The loongon2f+cs5526+jmicron PATA->SATA bridge cause an interresting issue:
1) because the CS5536 is not associated with a x86 CPU, interrupts are not
  ack'ed as it expects so interrupts cannot configured as edge-triggered
  (as is expected for a PCIIDE in compat mode)
2) the PATA->SATA bridge ignores the WDC_IDS (interrupt disable bit) so
  the PATA IRQ line gets asserted when resetting or running some polled
  commands. It also wrongly asserts IRQ when the (nonexistent) slave
  device is selected
2) wouldn't be an issue with edge-triggered interrupt because we would
   get a spurious interrupt and continue operation, a new interrupt only shows
   up when the PATA IRQ line goes low and high again. But because of 1),
   we get an unclearable interrupt instead, and the system loops on the
   interrupt handler.

To workaround this, introduce a WDC_NO_IDS compile option which runs
all polled commands (including reset) at splbio() and without sleeps,
so that the controller's interrupt is effectively disabled and
won't be reenabled before the interrupt can be cleared.

The conditions triggering this problem are speficic enough to handle
this via a compile-time option; no need for a run-time (e.g. a
config(9), device property or callback to disable interrupts) solution.
2011-08-27 17:05:57 +00:00
jmcneill
1501db31c9 defflag DEBUG_EXEC 2011-08-26 19:07:13 +00:00
christos
26b068fc42 Remove gcc-4.5 hacks 2011-08-18 02:19:20 +00:00
jmcneill
747111eaaf let md makefile add newvers.sh flags by setting NVFLAGS 2011-08-11 22:37:57 +00:00
joerg
53cc155f3b Restrict -Wno-array-bounds to tulip.c with gcc. 2011-08-09 13:02:53 +00:00
jmcneill
fb95eabd74 modify the dtv device api so hardware drivers can be loaded independently
of the dtv module
2011-08-09 01:42:24 +00:00
rmind
52b220e91d Add kcpuset(9) - a reworked dynamic CPU set implementation for kernel.
Suitable for use during the early boot.  MD and other implementations
should be replaced with this interface.

Discussed on: tech-kern@
2011-08-07 13:33:01 +00:00
christos
44968cba76 Add an implementation of passive serialization as described in expired
US patent 4809168. This is a reader / writer synchronization mechanism,
designed for lock-less read operations.
2011-07-30 17:01:04 +00:00
uebayasi
3abce800c0 Define SYMTAB_SPACE in opt_ksyms.h, not opt_ddbparam.h. Ensure
that ddb(4) code is independent of SYMTAB_SPACE value.
2011-07-28 13:42:16 +00:00
cliff
fb19d2b789 Add support for CFI NOR, using MPC8536DS as initial example.
Only AMD/Fujitsu command set is suported so far.
This is still work in progress, be advised.
2011-07-15 19:19:55 +00:00
jmcneill
76266fe692 include dtv 2011-07-09 14:48:12 +00:00
jmcneill
fa30660c16 reserve char 200 for dtv 2011-07-09 14:47:27 +00:00
mrg
0514da4400 adb_kbd.c and adb_ms.c need -Wno-cast-qual due to sysctl const issue. 2011-07-07 08:47:22 +00:00
mrg
fc8b9ddc0c apply some -Wno-foo to 3 files that are non-trivial to solve, for GCC 4.5. 2011-07-04 13:00:19 +00:00
uch
9255b46fb4 7th Edition(V7) File System support. and NetBSD symbolic-link, socket, FIFO extension. see newfs_v7fs(8). 2011-06-27 11:52:22 +00:00
matt
65bd0920b3 Allow PAX_ASLR to be used by itself. 2011-06-23 23:42:43 +00:00
mrg
8f161cd6d3 remove all the code that supported HAVE_GCC=3. mostly from chuq. 2011-06-20 06:52:36 +00:00
matt
3a0f273eba If dbsym fails, not fail the command, remove the target too so that the
next invokation will try to remake it.
2011-06-17 21:19:42 +00:00
joerg
94dd60a9c3 Don't duplicate -Werror here, bsd.sys.mk already provides it 2011-05-30 03:12:43 +00:00
matt
2a1887ef27 Allow COM_TOLERANCE to be tweakable. If comspeed returns an invalid
rate, don't use that error value to set the speed.
2011-05-28 19:30:19 +00:00
joerg
a216da57a6 Default to -Wno-sign-compare -Wno-pointer-sign for clang.
Push -Wno-array-bounds down to the cases that depend on it.
Selectively disable warnings for 3rd party software or non-trivial
issues to be reviewed later to get clang -Werror to build most of the
tree.
2011-05-26 12:56:24 +00:00
drochner
4bd7f95161 -remove references to crypto/arc4/arc4.* -- the code isn't used
anywhere afaics
 (The confusion comes probably from use of arc4random() at various places,
  but this lives in libkern and doesn't share code with the former.)
-g/c non-implementation of arc4 encryption in swcrypto(4)
-remove special casing of ARC4 in crypto(4) -- the point is that it
 doesn't use an IV, and this fact is made explicit by the new "ivsize"
 property of xforms
2011-05-23 15:37:35 +00:00
joerg
d3630a7492 Reorder flag order to not depend on -Wextra being applied before
-Wno-sign-compare
2011-05-23 13:55:55 +00:00
mrg
45a8ff3bec move KERNHIST stuff much earlier, so drivers can depend upon it. 2011-05-23 06:50:17 +00:00