src - OpenBSD base system

Age	Commit message (Collapse)	Author
2008-06-25	use pools for the uio and iovec allocations in sr_crypto_getcryptop()	Thordur I. Bjornsson
	instead of malloc; OK hshoexer@ and macro@
2008-06-14	Use multiple crypto keys per volume. Each key is used to encrypt at	Damien Miller
	most 0.5TB of disk. This is well below P1619-2007's recommendation for AES-XTS of 1TB/key, but small enough so we can test that we actually use multiple keys with inexpensive hardware. We allocate 32 keys, so this will do for volumes up to 16TB. Fix a crypto session leak in sr_crypto_free_resources() much debugging help mshoexer@; ok hshoexer@ marco@
2008-06-14	remove duplicate #defines; ok hshoexer@	Damien Miller

2008-06-14	implement a check code to determine whether the disk keys have	Damien Miller
	been correctly decrypted using the masking key. The check code is a HMAC-SHA1 over the disk keys using a hash of the masking key. It should be slow enough to provide no useful brute force success oracle and should not leak significant data about the masking key or disk keys. ok hshoexer@ marco@
2008-06-13	make the disk key masking algorithm a parameter and add some extra	Damien Miller
	reserved space in case we ever want to support a different scheme ok hshoexer@ marco@
2008-06-13	Implement pbkdf2 in in bioctl to derive master key from a passphrase.	Hans-Joerg Hoexer
	ok marco djm
2008-06-13	rearrange on-disk structures to the top of the file, wrap kernel-only	Damien Miller
	parts in #ifdef _KERNEL; makes softraidvar.h usable from userland ok hshoexer@
2008-06-12	wrap definitions for softraid crypto "ifdef CRYPTO". Suggested by djm	Hans-Joerg Hoexer

2008-06-12	Get mask keying for on-disk keys from user space and keep a "hint" for key	Hans-Joerg Hoexer
	generation used by user space in the meta data. Actually use the masking key for encryption and decryption of on-disk key at run time. ok djm marco
2008-06-12	Add delete volume functionality.	Marco Peereboom
	discussed with krw, kettenis & drahn ok hshoexer
2008-06-11	Move first pieces of crypto softraid into the tree. Still totally	Hans-Joerg Hoexer
	disabled, of course, and still work in progress. help by djm@, ok marco@
2008-02-22	Propper encryption of on-disk-keys, prodded/suggest by tedu@ and djm@	Hans-Joerg Hoexer
	also use aes to generate proppper IVs ok marco@
2008-02-17	Add "in blocks" to disk size discriptors so that I don't have to read	Marco Peereboom
	code single time I look at it.
2008-02-17	Add propper key encryption.	Hans-Joerg Hoexer
	ok marco@
2008-02-15	Add myself to the copyrights, ok marco@	Chris Kuethe

2008-02-14	Actually implement the crypto.	Chris Kuethe
	ok tedu@ marco@
2008-02-07	Add optional metadata memebers.	Marco Peereboom
	Randomize Crypto password and add salt array. Add mock key encryption functions.
2008-02-05	Shave off a few more bytes by moving IO collision detection into a generic	Marco Peereboom
	fucntion. Fix bug in the crypto code that could casuse data corruption as a bonus, bad cut & past tedu!
2008-02-05	Create a generic function to validate IO instead of copying and pasting	Marco Peereboom
	same code in all disciplines. This shaves of a few bytes. crypto 3185 -> 2690 raid 0 2843 -> 2378 raid 1 3474 -> 2689
2008-02-03	There is no such thing as RAIDCRYPTO so rename to CRYPTO	Marco Peereboom

2008-01-29	Improve performance dramatically by preventing severeal context switches.	Marco Peereboom
	Decrypt only once on entry or exit instead of on in and out regardless of direction. There is still room for improvement but this is the first stab. Tested by many ok tedu
2008-01-26	Remove duplicate protos	Marco Peereboom

2008-01-24	Create chunk and state transition functions for RAID 0.	Marco Peereboom
	Move RAID 1 chunk and state transition functions into proper file. Let Crypto use RAID 1 chunk and state transition functions for now but this needs fixing.
2008-01-24	Add IO path to RAID 0 discipline.	Marco Peereboom

2008-01-19	Add initial scaffold for RAID 0. No IO just yet.	Marco Peereboom
	Much prodding todd
2007-11-27	also move softraid raid1 into own file, ok marco	Ted Unangst

2007-11-27	split crypto functions out into their own file, so softraid.c is not such	Ted Unangst
	a jungle. ok deraadt marco
2007-11-26	rename RAID C to RAID CRYPTO. makes marco happier	Ted Unangst

2007-06-06	correct format strings for large types; ok marco	Theo de Raadt

2007-06-06	now that all partition size/offsets are potentially 64-bit, change the	Theo de Raadt
	type of all variables to daddr64_t. this includes the APIs for XXsize() and XXdump(), all range checks inside bio drivers, internal variables for disklabel handling, and even uvm's swap offsets. re-read numerous times by otto, miod, krw, thib to look for errors
2007-06-02	Add optional metadata element. This will be needed in the future for	Marco Peereboom
	certain disciplines.
2007-06-01	Add additional flag to indicate that we have a metdadata io pending; this	Marco Peereboom
	way if we shut down the system we can make sure that it makes it onto disk before scsibus detach. ok dlg
2007-05-31	Fix redundancy for RAID 1. Now one can pull a disk and continue running.	Marco Peereboom
	help from drahn
2007-05-31	correct misspelled mail address in copyright statement, marco@ ok	Alexander von Gernler

2007-05-30	Sync after the metadata is saved.	Marco Peereboom

2007-05-30	add basic support for a crypto(9) backed raid C discipline	Ted Unangst
	ok marco
2007-05-29	Add dirty bit for volumes	Marco Peereboom

2007-05-29	Add shutdownhook for all disciplines	Marco Peereboom

2007-05-29	Re-add sync.	Marco Peereboom
	ok tedu
2007-05-28	Make disk assembly smarter and add two qualifiers to it:	Marco Peereboom
	1) noautoassemble; when set the softraid volume will not be assembled during autoconf. 2) force; when set it will overwrite metadata on disk While writing this I ran into 3 bugs that were fixed along the way 1) bcopy in sr_read_meta was copying data to the wrong pointer 2) in sr_read_meta the wrong metadata was coppied into the chunk 3) sr_free_discipline was freing a pointer that wasn't malloc'd ok dlg
2007-05-26	Assemble disks at boot time. This is not complete yet since it does not	Marco Peereboom
	order and roams volumes yet but is useful enough in most environments.
2007-05-24	create separate function to validate metadata.	Marco Peereboom
	remove seeding of checksums.
2007-05-23	Remove all vnode dependencies so that we can bootstrap softraid volumes.	Marco Peereboom
	Code from tedu. Replace all kernel string magic with dev_t passed in from bioctl. Suggestion from beck and tedu. Help from miod. Fix chunk crc. ok tedu
2007-05-08	Assemble disk from user supplied metadata.	Marco Peereboom
	Verify all metada to make sure it is correct; this includes sorting the chunks Add 2 new functions for printing uuid and metadata.
2007-05-01	Refactor metadata code; this is the first step to be able to bringup	Marco Peereboom
	devices at boot time. Reset the metadata versions to 1 until this solidifies we wont change these.
2007-04-23	Add interesting runtime stats.	Marco Peereboom

2007-04-22	Add more debug output for metadata.	Marco Peereboom
	Spacing as well.
2007-04-22	Don't use SBLOCK_UFS1. Don't call it SKIP either.	Marco Peereboom
	Pompted by deraadt
2007-04-22	Skip past SBLOCK_UFS1 to make sure that metadata does not destroy anything	Marco Peereboom
	filesystem related. pointed out by deraadt
2007-04-21	Remove big endian in metadata; prompted by deraadt.	Marco Peereboom
	Align metadata to 64 bit; from deraadt.