Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/sys/rump
History
martin 42495e0317 Pull up following revision(s) (requested by riastradh in ticket #1365): 
sys/crypto/nist_hash_drbg/nist_hash_drbg.c: revision 1.1
	sys/crypto/nist_hash_drbg/nist_hash_drbg.h: revision 1.1
	sys/rump/kern/lib/libcrypto/Makefile: revision 1.5
	sys/crypto/nist_hash_drbg/files.nist_hash_drbg: revision 1.1
	sys/rump/librump/rumpkern/Makefile.rumpkern: revision 1.176
	sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h: file removal
	sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h: file removal
	sys/conf/files: revision 1.1238
	sys/dev/rndpseudo.c: revision 1.38
	sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c: file removal
	sys/sys/cprng.h: revision 1.13 - 1.15
	sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h: file removal
	sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h: file removal
	sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg: file removal
	sys/kern/subr_cprng.c: revision 1.31
	sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h: file removal

cprng.h: use static __inline for consistency with other include
headers and remove an unused function.

 -

Switch from NIST CTR_DRBG with AES to NIST Hash_DRBG with SHA-256.

Benefits:
- larger seeds -- a 128-bit key alone is not enough for `128-bit security'
- better resistance to timing side channels than AES
- a better-understood security story (<a  rel="nofollow" href="https://eprint.iacr.org/2018/349">https://eprint.iacr.org/2018/349</a>)
- no loss in compliance with US government standards that nobody ever
  got fired for choosing, at least in the US-dominated western world
- no dirty endianness tricks
- self-tests

Drawbacks:
- performance hit: throughput is reduced to about 1/3 in naive measurements
  => possible to mitigate by using hardware SHA-256 instructions
  => all you really need is 32 bytes to seed a userland PRNG anyway
  => if we just used ChaCha this would go away...
 		2019-09-03 12:08:21 +00:00
..
dev Pull up following revision(s) (requested by christos in ticket #544): 2018-02-12 00:21:07 +00:00
fs Disable a couple of warnings until further investigation. 2017-01-11 12:19:43 +00:00
include Pull up following revision(s) (requested by ozaki-r in ticket #495): 2018-01-13 21:57:11 +00:00
kern Pull up following revision(s) (requested by riastradh in ticket #1365): 2019-09-03 12:08:21 +00:00
librump Pull up following revision(s) (requested by riastradh in ticket #1365): 2019-09-03 12:08:21 +00:00
net Pull up following revision(s) (requested by ozaki-r in ticket #911): 2018-07-13 15:49:55 +00:00
share workaround bin/49481 2014-12-16 15:33:22 +00:00
Makefile Move rump kernel man pages from various sources to sys/rump 2014-11-09 17:39:37 +00:00
Makefile.rump Pass down ${CPUFLAGS} 2016-07-09 05:52:22 +00:00
README.compileopts Move librumpuser compile-time options into the librumpuser source 2016-01-25 00:24:23 +00:00
README.dirs Update a bit. 2013-01-08 13:12:26 +00:00
TODO Remove solved item. 2015-09-08 12:14:20 +00:00
ldscript.rump domains are attached by module(-like) constructors, so no need to 2014-04-23 17:05:18 +00:00
ldscript_sun.rump Generate support for sun ld. 2013-03-15 12:13:07 +00:00
linksyms_sun.c Generate support for sun ld. 2013-03-15 12:13:07 +00:00
listsrcdirs Add uname to rump sources 2015-07-07 12:40:13 +00:00
makerumpsyscalls.sh "rump_private.h" -> <rump-sys/kern.h> 2016-01-26 23:24:55 +00:00
rump.sysmap regen 2015-06-18 15:19:50 +00:00
sunldgen.sh Support generating support for Sun ld. 2013-03-15 12:12:16 +00:00

README.dirs 

	$NetBSD: README.dirs,v 1.12 2013/01/08 13:12:26 pooka Exp $


The following is a quick rundown of the current directory structure.
First, components in the kernel namespace, i.e. compiled with -D_KERNEL

sys/rump/librump - rump kernel base and factions
  /rumpkern	- kernel core, e.g. syscall, interrupt and lock support

  /rumpdev	- device support, e.g. autoconf subsystem
  /rumpnet	- networking support and sockets layer
  /rumpvfs	- file system support

sys/rump/include
  /machine - used for architectures where the rump kernel ABI is not yet the
	     same as the kernel module ABI.  will eventually disappear
	     completely
  /rump    - kernel headers installed to userspace

sys/rump/dev - device components, e.g. audio, raidframe, usb drivers

sys/rump/fs - file system components
  /lib/lib${fs}  - kernel file system code

sys/rump/net - networking components
  /lib/libnet	  - subroutines from sys/net, e.g. route and if_ethersubr
  /lib/libnetinet - TCP/IP
  /lib/libvirtif  - a virtual interface which uses host tap(4) to shovel
		    packets.  This is used by netinet and if_ethersubr.
  /lib/libshmif   - a virtual interface which uses a memory mapped file
		    as an ethernet bus.  works completely unprivileged.
  /lib/libsockin  - implements PF_INET using host kernel sockets.  This is
		    mutually exclusive with net, netinet and virtif.



The rest are out-of-kernel components (i.e. no -D_KERNEL).

hypercall interface:
src/lib/librumpuser
  The "rumpuser" hypercall interfaces are used by a rump kernel to
  access host resources.

remote client interface:
src/lib/librumpclient
  The rumpclient library provides remote access to rump kernel servers.

system call hijacking:
src/lib/librumphijack
  The rumphijack library allows intercepting system calls and redirecting
  them to a rump kernel server instead of the host kernel.  In other
  words, it allows existing binaries to request indicated services from
  a rump kernel instead of from the host kernel.

Users:
src/lib
  /libp2k  - puffs-to-vfs adaption layer, userspace namespace
  /libukfs - user kernel file system, a library to access file system
	     images (or devices) directly in userspace without going
	     through a system call and puffs.  It provides a slightly
	     higher interface than syscalls.

src/usr.sbin/puffs
  rump_$fs - userspace file system daemons using the kernel fs code

src/share/examples/rump
  Various examples detailing use of rump kernels in different scenarios.
  These are provided source-only.