FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=release%2F8.1.0 2005-03-11T15:42:51Z 2005-03-11T15:42:51Z Hajimu UMEMOTO ume@FreeBSD.org 2005-03-11T15:42:51Z urn:sha1:68527b3aad57040b661a801cfb4de8b5961ae3c0 this is required to integrate opencrypto into crypto. 2004-04-09T15:47:10Z Mark Murray markm@FreeBSD.org 2004-04-09T15:47:10Z urn:sha1:e7806b4c0eb398aba8b6e8ddeda96e6ddd9305ae can more easily be used INSTEAD OF the hard-working Yarrow. The only hardware source used at this point is the one inside the VIA C3 Nehemiah (Stepping 3 and above) CPU. More sources will be added in due course. Contributions welcome! 2003-11-17T23:02:21Z Mark Murray markm@FreeBSD.org 2003-11-17T23:02:21Z urn:sha1:0887c8c110da2f060bc422e6942320054bcc755d o Each source gets its own queue, which is a FIFO, not a ring buffer. The FIFOs are implemented with the sys/queue.h macros. The separation is so that a low entropy/high rate source can't swamp the harvester with low-grade entropy and destroy the reseeds. o Each FIFO is limited to 256 (set as a macro, so adjustable) events queueable. Full FIFOs are ignored by the harvester. This is to prevent memory wastage, and helps to keep the kernel thread CPU usage within reasonable limits. o There is no need to break up the event harvesting into ${burst} sized chunks, so retire that feature. o Break the device away from its roots with the memory device, and allow it to get its major number automagically. 2003-08-24T17:55:58Z David E. O'Brien obrien@FreeBSD.org 2003-08-24T17:55:58Z urn:sha1:aad970f1fee9a2a3e5a0f880be9b87c6193b3bd1 Also some minor style cleanups. 2002-09-21T21:40:02Z Mark Murray markm@FreeBSD.org 2002-09-21T21:40:02Z urn:sha1:b0186e2c5c68d62cb19577a9cadf886faee57a15 2002-07-15T13:58:35Z Mark Murray markm@FreeBSD.org 2002-07-15T13:58:35Z urn:sha1:bbf09ad887f1ebc18052ee12f5074c05d69a4e46 one out of a block cipher. This has 2 advantages: 1) The code is _much_ simpler 2) We aren't committing our security to one algorithm (much as we may think we trust AES). While I'm here, make an explicit reseed do a slow reseed instead of a fast; this is in line with what the original paper suggested. 2002-03-03T19:44:22Z Mark Murray markm@FreeBSD.org 2002-03-03T19:44:22Z urn:sha1:e119960112f35b3ec1179e262cccde05b59a0309 Remove unneeded includes. Deal with unused function arguments. Resolve a boatload of signed/unsigned imcompatabilities. Etc. 2001-03-10T12:51:55Z Mark Murray markm@FreeBSD.org 2001-03-10T12:51:55Z urn:sha1:02c986ab5491cfc84666b5ce658dd7b3508b6b93 o Separate the kernel stuff from the Yarrow algorithm. Yarrow is now well contained in one source file and one header. o Replace the Blowfish-based crypto routines with Rijndael-based ones. (Rijndael is the new AES algorithm). The huge improvement in Rijndael's key-agility over Blowfish means that this is an extremely dramatic improvement in speed, and makes a heck of a difference in its (lack of) CPU load. o Clean up the sysctl's. At BDE's prompting, I have gone back to static sysctls. o Bug fixes. The streamlining of the crypto stuff enabled me to find and fix some bugs. DES also found a bug in the reseed routine which is fixed. o Change the way reseeds clear "used" entropy. Previously, only the source(s) that caused a reseed were cleared. Now all sources in the relevant pool(s) are cleared. o Code tidy-up. Mostly to make it (nearly) 80-column compliant. 2000-11-26T09:58:18Z Mark Murray markm@FreeBSD.org 2000-11-26T09:58:18Z urn:sha1:17c97150493a7c2b4858381866e1dbbe4c719c75 that it has never (apparently) been invoked. Submitted by: ache 2000-11-25T17:09:01Z Mark Murray markm@FreeBSD.org 2000-11-25T17:09:01Z urn:sha1:e73a42f8fb107ecee0fa96a7af9d64073a0072f1 call instead. This makes a pretty dramatic difference to the amount of work that the harvester needs to do - it is much friendlier on the system. (80386 and 80486 class machines will notice little, as the new get_cyclecounter() call is a wrapper round nanotime(9) for them).