summaryrefslogtreecommitdiffstats
path: root/sys/crypto/via
Commit message (Collapse)AuthorAgeFilesLines
* MFaesni r215427:kib2010-11-263-9/+31
| | | | | | | | Only save FPU context when not executing in the context of the crypto thread. Tested by: Mike Tancsa MFC after: 1 week
* Use the fpu_kern_enter() interface to properly separate usermode FPUkib2010-06-054-3/+34
| | | | | | | | | | | | | | context from in-kernel execution of padlock instructions and to handle spurious FPUDNA exceptions that sometime are raised when doing padlock calculations. Globally mark crypto(9) kthread as using FPU. Reviewed by: pjd Hardware provided by: Sentex Communications Tested by: pho PR: amd64/135014 MFC after: 1 month
* Changed to M_NOWAIT when reallocing psc_buf in padlock_sha_update(),vanhu2009-05-271-1/+3
| | | | | | | | as we already hold the non sleepable crypto_driver_mutex. Approved by: gnn(mentor) Obtained from: NETASQ MFC after: 2 weeks
* identify routine takes driver_t *, not device_t *.imp2009-02-051-1/+1
|
* Connect padlock(4) to amd64 build for VIA Nano processors.jkim2009-01-122-3/+3
|
* Fix a potential NULL-pointer dereference in padlock(4).philip2008-11-171-1/+5
| | | | | Spotted by: Coverity (via pjd) MFC after: 1 week
* Simplify session selection/allocation.pjd2008-08-091-10/+5
|
* - Fix freeing session on newsession failure.pjd2008-08-091-9/+24
| | | | - Update copyright years.
* Implify sessions freeing loop.pjd2008-08-091-2/+1
|
* We don't have to drop a lock around malloc(M_NOWAIT).pjd2008-08-091-4/+4
|
* When freeing session, restore its ID after zeroing memory.pjd2008-08-091-0/+1
| | | | Bug tracked down by: Patrick Lamaiziere <patfbsd@davenulle.org>
* Sessions in-use are at the end of the queue, so use TAILQ_FOREACH_REVERSE()pjd2008-08-091-3/+5
| | | | | | when looking for them. Idea from: Patrick Lamaiziere <patfbsd@davenulle.org>
* Convert lock that protects sessions list from a mutex to a rwlock.pjd2008-07-201-16/+16
| | | | Now we can use read lock in fast path (padlock_process()).
* Commit the change from FAST_IPSEC to IPSEC. The FAST_IPSECgnn2007-07-031-1/+1
| | | | | | | | option is now deprecated, as well as the KAME IPsec code. What was FAST_IPSEC is now IPSEC. Approved by: re Sponsored by: Secure Computing
* Overhaul driver/subsystem api's:sam2007-03-211-74/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o make all crypto drivers have a device_t; pseudo drivers like the s/w crypto driver synthesize one o change the api between the crypto subsystem and drivers to use kobj; cryptodev_if.m defines this api o use the fact that all crypto drivers now have a device_t to add support for specifying which of several potential devices to use when doing crypto operations o add new ioctls that allow user apps to select a specific crypto device to use (previous ioctls maintained for compatibility) o overhaul crypto subsystem code to eliminate lots of cruft and hide implementation details from drivers o bring in numerous fixes from Michale Richardson/hifn; mostly for 795x parts o add an optional mechanism for mmap'ing the hifn 795x public key h/w to user space for use by openssl (not enabled by default) o update crypto test tools to use new ioctl's and add cmd line options to specify a device to use for tests These changes will also enable much future work on improving the core crypto subsystem; including proper load balancing and interposing code between the core and drivers to dispatch small operations to the s/w driver as appropriate. These changes were instigated by the work of Michael Richardson. Reviewed by: pjd Approved by: re
* Less magic.pjd2006-09-151-2/+3
| | | | MFC after: 3 days
* Remove trailing spaces.pjd2006-07-281-1/+1
|
* Use existing roundup2() macro.pjd2006-07-281-1/+1
| | | | Suggested by: njl
* Remove redundant check committed by accident.pjd2006-07-251-2/+0
|
* Avoid memory allocations when the given address is already 16 bytes aligned.pjd2006-07-251-6/+51
| | | | | | | | | | | | | | Such an address can be used directly in padlock's AES. This improves speed of geli(8) significantly: # sysctl kern.geom.zero.clear=0 # geli onetime -s 4096 gzero # dd if=/dev/gzero.eli of=/dev/null bs=1m count=1000 Before: 113MB/s After: 203MB/s BTW. If sector size is set to 128kB, I can read at 276MB/s :)
* Modify PADLOCK_ALIGN() macro, so when the given address is already 16 bytespjd2006-07-251-1/+1
| | | | aligned, it will be used directly, not 'address + 16'.
* Style fixes.pjd2006-07-254-10/+10
|
* Implement support for HMAC/SHA1 and HMAC/SHA256 acceleration found inpjd2006-07-224-335/+766
| | | | | | | | | | | new VIA CPUs. For older CPUs HMAC/SHA1 and HMAC/SHA256 (and others) will still be done in software. Move symmetric cryptography (currently only AES-CBC 128/192/256) to padlock_cipher.c file. Move HMAC cryptography to padlock_hash.c file. Hardware from: Centaur Technologies
* Correct few bzero()s.pjd2006-07-221-3/+3
| | | | MFC after: 3 days
* Set ses_ictx and ses_octx to NULL after freeing them, so we won't freepjd2006-07-221-0/+2
| | | | | | | | | them twice. This is possible for example in situation when session is used in authentication context, then freed and then used in encryption context and freed - in encryption context ses_ictx and ses_octx are not touched at newsession time, but padlock_freesession could still try to free them when they are not NULL.
* Use the already stored VIA RNG probe informationmr2006-07-131-16/+5
| | | | | | | | instead of probing again. Adjust style(9) somewhat in probe.c Reviewed by: pjd MFC after: 1 week
* Fix gratuitous compiler warning.pjd2006-06-081-1/+2
| | | | Reported by: Rong-en Fan <grafan@gmail.com>
* - Pretend to accelerate various HMAC algorithms, so padlock(4) can be usedpjd2006-06-051-91/+266
| | | | | | | | with fast_ipsec(4) and geli(8) authentication (comming soon). If consumer requests only for HMAC algorithm (without encryption), return EINVAL. - Add support for the CRD_F_KEY_EXPLICIT flag, for both encryption and authentication.
* padlock(4) doesn't support explicitly provided keys yet.pjd2006-04-201-0/+4
| | | | Return an error instead of encrypting/decrypting data with a wrong key.
* On padlock initialization, allocate memory with M_WAITOK.pjd2006-04-121-5/+1
|
* Add VIA/ACE "PadLock" support as a crypto(9) driver.pjd2005-08-181-0/+504
HW donated by: Mike Tancsa <mike@sentex.net> Most of the code obtained from: OpenBSD MFC after: 3 days
OpenPOWER on IntegriCloud