| #
b670c9ba |
| 11-Jun-2025 |
Ahmad Khalifa <vexeduxr@FreeBSD.org> |
newbus: replace leftover device unit wildcards
Reviewed by: imp, jhb
Approved by: imp (mentor)
Differential Revision: https://reviews.freebsd.org/D50913
|
|
Revision tags: release/14.3.0, release/13.4.0-p5, release/13.5.0-p1, release/14.2.0-p3, release/13.5.0, release/14.2.0-p2, release/14.1.0-p8, release/13.4.0-p4, release/14.1.0-p7, release/14.2.0-p1, release/13.4.0-p3, release/14.2.0, release/13.4.0 |
|
| #
a05a6804 |
| 25-Jul-2024 |
Warner Losh <imp@FreeBSD.org> |
newbus: replace -1 in BUS_ADD_CHILD(...-1) with DEVICE_UNIT_ANY
Sponsored by: Netflix
|
|
Revision tags: release/14.1.0, release/13.3.0 |
|
| #
fdafd315 |
| 24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remov
sys: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
show more ...
|
|
Revision tags: release/14.0.0 |
|
| #
685dc743 |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Remove $FreeBSD$: one-line .c pattern
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
| #
474d9290 |
| 20-Jun-2023 |
John Baldwin <jhb@FreeBSD.org> |
ossl: Don't try to initialize the cipher for Chacha20+Poly1305.
Chacha20+Poly1305 doesn't use an ossl_cipher instance the way AES-GCM
does, so ossl_lookup_cipher() failed causing ossl_newsession() t
ossl: Don't try to initialize the cipher for Chacha20+Poly1305.
Chacha20+Poly1305 doesn't use an ossl_cipher instance the way AES-GCM
does, so ossl_lookup_cipher() failed causing ossl_newsession() to
always fail for Chacha20+Poly1305 sessions.
Reported by: gallatin (ktls_test fails with ossl.ko loaded)
Fixes: 9a3444d91c70 ossl: Add a VAES-based AES-GCM implementation for amd64
Tested by: gallatin
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D40580
show more ...
|
| #
9a3444d9 |
| 02-Jun-2023 |
Mark Johnston <markj@FreeBSD.org> |
ossl: Add a VAES-based AES-GCM implementation for amd64
aes-gcm-avx512.S is generated from OpenSSL 3.1 and implements AES-GCM.
ossl_x86.c detects whether the CPU implements the required AVX512
instr
ossl: Add a VAES-based AES-GCM implementation for amd64
aes-gcm-avx512.S is generated from OpenSSL 3.1 and implements AES-GCM.
ossl_x86.c detects whether the CPU implements the required AVX512
instructions; if not, the ossl(4) module does not provide an AES-GCM
implementation. The VAES implementation increases throughput for all
buffer sizes in both directions, up to 2x for sufficiently large
buffers.
The "process" implementation is in two parts: a generic OCF layer in
ossl_aes.c that calls a set of MD functions to do the heavy lifting.
The intent there is to make it possible to add other implementations for
other platforms, e.g., to reduce the diff required for D37421.
A follow-up commit will add a fallback path to legacy AES-NI, so that
ossl(4) can be used in preference to aesni(4) on all amd64 platforms.
In the long term we would like to replace aesni(4) and armv8crypto(4)
with ossl(4).
Note, currently this implementation will not be selected by default
since aesni(4) and ossl(4) return the same probe priority for crypto
sessions, and the opencrypto framework selects the first registered
implementation to break a tie. Since aesni(4) is compiled into the
kernel, aesni(4) wins. A separate change may modify ossl(4) to have
priority.
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Reviewed by: jhb
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D39783
show more ...
|
| #
4d846d26 |
| 10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
show more ...
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0 |
|
| #
ab050b2b |
| 07-May-2022 |
John Baldwin <jhb@FreeBSD.org> |
crypto: Remove unused devclass arguments to DRIVER_MODULE.
|
|
Revision tags: release/12.3.0 |
|
| #
c4026909 |
| 02-Nov-2021 |
Kornel Duleba <mindal@semihalf.com> |
ossl: Add support for ETA mode
Now that the AES-CBC is supported we can handle ETA requests.
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: jhb
Differential revision: https://rev
ossl: Add support for ETA mode
Now that the AES-CBC is supported we can handle ETA requests.
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: jhb
Differential revision: https://reviews.freebsd.org/D32100
show more ...
|
| #
197ff4c3 |
| 02-Nov-2021 |
Kornel Duleba <mindal@semihalf.com> |
ossl: Add support for AES-CBC cipher
AES-CBC OpenSSL assembly is used underneath.
The glue layer(ossl_aes.c) is based on CHACHA20 implementation.
Contrary to the SHA and CHACHA20, AES OpenSSL assemb
ossl: Add support for AES-CBC cipher
AES-CBC OpenSSL assembly is used underneath.
The glue layer(ossl_aes.c) is based on CHACHA20 implementation.
Contrary to the SHA and CHACHA20, AES OpenSSL assembly logic
does not have a fallback implementation in case CPU doesn't
support required instructions.
Because of that CPU caps are checked during initialization and AES
support is advertised only if available.
The feature is available on all architectures that ossl supports:
i386, amd64, arm64.
The biggest advantage of this patch over existing solutions
(aesni(4) and armv8crypto(4)) is that it supports SHA,
allowing for ETA operations.
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: jhb (previous version)
Differential revision: https://reviews.freebsd.org/D32099
show more ...
|
| #
200bc589 |
| 06-Nov-2021 |
Wojciech Macek <wma@FreeBSD.org> |
Revert "ossl: Add support for AES-CBC cipher"
This reverts commit 849faf4e0ba9a8b8f24ff34da93a0fd46c14eda9.
|
| #
0dedcdaa |
| 06-Nov-2021 |
Wojciech Macek <wma@FreeBSD.org> |
Revert "ossl: Add support for ETA mode"
This reverts commit 048a71b46e816de8fb95b553a8ad0e98c0d51e12.
|
| #
048a71b4 |
| 02-Nov-2021 |
Kornel Duleba <mindal@semihalf.com> |
ossl: Add support for ETA mode
Now that the AES-CBC is supported we can handle ETA requests.
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: jhb(previous version)
Differential rev
ossl: Add support for ETA mode
Now that the AES-CBC is supported we can handle ETA requests.
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: jhb(previous version)
Differential revision: https://reviews.freebsd.org/D32100
show more ...
|
| #
849faf4e |
| 02-Nov-2021 |
Kornel Duleba <mindal@semihalf.com> |
ossl: Add support for AES-CBC cipher
AES-CBC OpenSSL assembly is used underneath.
The glue layer(ossl_aes.c) is based on CHACHA20 implementation.
Contrary to the SHA and CHACHA20, AES OpenSSL assemb
ossl: Add support for AES-CBC cipher
AES-CBC OpenSSL assembly is used underneath.
The glue layer(ossl_aes.c) is based on CHACHA20 implementation.
Contrary to the SHA and CHACHA20, AES OpenSSL assembly logic
does not have a fallback implementation in case CPU doesn't
support required instructions.
Because of that CPU caps are checked during initialization and AES
support is advertised only if available.
The feature is available on all architectures that ossl supports:
i386, amd64, arm64.
The biggest advantage of this patch over existing solutions
(aesni(4) and armv8crypto(4)) is that it supports SHA,
allowing for ETA operations.
Sponsored by: Stormshield
Obtained from: Semihalf
Reviewed by: jhb
Differential revision: https://reviews.freebsd.org/D32099
show more ...
|
|
Revision tags: release/13.0.0 |
|
| #
78991a93 |
| 04-Mar-2021 |
John Baldwin <jhb@FreeBSD.org> |
ossl: Add support for the ChaCha20 + Poly1305 AEAD cipher from RFC 8439
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D28757
|
| #
92aecd1e |
| 04-Mar-2021 |
John Baldwin <jhb@FreeBSD.org> |
ossl: Add ChaCha20 cipher support.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D28756
|
| #
a079e38b |
| 04-Mar-2021 |
John Baldwin <jhb@FreeBSD.org> |
ossl: Add Poly1305 digest support.
Reviewed by: cem
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D28754
|
| #
fd86ae68 |
| 04-Dec-2020 |
Mitchell Horne <mhorne@FreeBSD.org> |
ossl: split out x86 bits to x86/ossl_cpuid.c
Make room for adding arm64 support to this driver by moving the
x86-specific feature parsing to a separate file.
Reviewed by: jhb
Sponsored by: The Free
ossl: split out x86 bits to x86/ossl_cpuid.c
Make room for adding arm64 support to this driver by moving the
x86-specific feature parsing to a separate file.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27388
show more ...
|
|
Revision tags: release/12.2.0 |
|
| #
ba610be9 |
| 20-Oct-2020 |
John Baldwin <jhb@FreeBSD.org> |
Add a kernel crypto driver using assembly routines from OpenSSL.
Currently, this supports SHA1 and SHA2-{224,256,384,512} both as plain
hashes and in HMAC mode on both amd64 and i386. It uses the S
Add a kernel crypto driver using assembly routines from OpenSSL.
Currently, this supports SHA1 and SHA2-{224,256,384,512} both as plain
hashes and in HMAC mode on both amd64 and i386. It uses the SHA
intrinsics when present similar to aesni(4), but uses SSE/AVX
instructions when they are not.
Note that some files from OpenSSL that normally wrap the assembly
routines have been adapted to export methods usable by 'struct
auth_xform' as is used by existing software crypto routines.
Reviewed by: gallatin, jkim, delphij, gnn
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D26821
show more ...
|