src/sys/modules/random, branch release/8.1.0

src/sys/modules/random, branch release/8.1.0 FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=release%2F8.1.0 2004-04-11T15:40:18Z Include nehemiah.c only on i386, as is done for the non-modules 2004-04-11T15:40:18Z Marcel Moolenaar marcel@FreeBSD.org 2004-04-11T15:40:18Z urn:sha1:4880b26184b5baeffd0d8e1e210b474ebf937653 build. Reorganise the entropy device so that high-yield entropy sources 2004-04-09T15:47:10Z Mark Murray markm@FreeBSD.org 2004-04-09T15:47:10Z urn:sha1:e7806b4c0eb398aba8b6e8ddeda96e6ddd9305ae can more easily be used INSTEAD OF the hard-working Yarrow. The only hardware source used at this point is the one inside the VIA C3 Nehemiah (Stepping 3 and above) CPU. More sources will be added in due course. Contributions welcome! Upgrade the random device to use a "real" hash instead of building 2002-07-15T13:58:35Z Mark Murray markm@FreeBSD.org 2002-07-15T13:58:35Z urn:sha1:bbf09ad887f1ebc18052ee12f5074c05d69a4e46 one out of a block cipher. This has 2 advantages: 1) The code is _much_ simpler 2) We aren't committing our security to one algorithm (much as we may think we trust AES). While I'm here, make an explicit reseed do a slow reseed instead of a fast; this is in line with what the original paper suggested. Drop <bsd.man.mk> support from <bsd.kmod.mk>. 2002-01-11T15:49:02Z Ruslan Ermilov ru@FreeBSD.org 2002-01-11T15:49:02Z urn:sha1:17d6c636720d00f77e5d098daf4c278f89d84f7b Not objected to by: -current The /dev/random driver used Rijndael, not Blowfish, now. 2001-03-10T12:57:08Z Mark Murray markm@FreeBSD.org 2001-03-10T12:57:08Z urn:sha1:add3f7f3dfa1947efff4e74b418f2e885b5ed1b0 Clean up Makefile, and remove the last vestiges of NOBLOCKRANDOM. 2001-01-15T19:35:00Z Mark Murray markm@FreeBSD.org 2001-01-15T19:35:00Z urn:sha1:c202cd74f8da7a4d07046577410322914f91a2d6 Use a consistent style and one much closer to the rest of /usr/src 2001-01-06T14:00:42Z David E. O'Brien obrien@FreeBSD.org 2001-01-06T14:00:42Z urn:sha1:c68159a6d8eede11766cf13896d0f7670dbd51aa Default the /dev/random loadable module to blocking-on-bootup, 2000-12-02T18:29:18Z Mark Murray markm@FreeBSD.org 2000-12-02T18:29:18Z urn:sha1:5f7f65f12441ecd1d99c40032fb750b9e206cf9f but leave a commented-out macro to change this. As the blocking model has seems to be troublesome for many, disable 2000-10-27T06:06:04Z Mark Murray markm@FreeBSD.org 2000-10-27T06:06:04Z urn:sha1:5f3431b5ade253e5ea547b3bff5c61145da6c741 it for now with an option. This option is already deprecated, and will be removed when the entropy-harvesting code is fast enough to warrant it. After some complaints about the dir names, the random device is 2000-10-14T10:59:56Z Mark Murray markm@FreeBSD.org 2000-10-14T10:59:56Z urn:sha1:a6278a2a42fc77094f356a290336a0fc395feb05 now in dirs called sys/*/random/ instead of sys/*/randomdev/*. Introduce blocking, but only at startup; the random device will block until the first reseed happens to prevent clients from using untrustworthy output. Provide a read_random() call for the rest of the kernel so that the entropy device does not need to be present. This means that things like IPX no longer need to have "device random" hardcoded into thir kernel config. The downside is that read_random() will provide very poor output until the entropy device is loaded and reseeded. It is recommended that developers do NOT use the read_random() call; instead, they should use arc4random() which internally uses read_random(). Clean up the mutex and locking code a bit; this makes it possible to unload the module again.