xref: /dflybsd-src/share/man/man4/safe.4 (revision 755d70b8f2c28b016b6c0330273e7daa38038f27) 
125638cf4SSascha Wildner.\"-
225638cf4SSascha Wildner.\" Copyright (c) 2003	Sam Leffler, Errno Consulting
325638cf4SSascha Wildner.\" All rights reserved.
425638cf4SSascha Wildner.\"
525638cf4SSascha Wildner.\" Redistribution and use in source and binary forms, with or without
625638cf4SSascha Wildner.\" modification, are permitted provided that the following conditions
725638cf4SSascha Wildner.\" are met:
825638cf4SSascha Wildner.\" 1. Redistributions of source code must retain the above copyright
925638cf4SSascha Wildner.\"    notice, this list of conditions and the following disclaimer.
1025638cf4SSascha Wildner.\" 2. Redistributions in binary form must reproduce the above copyright
1125638cf4SSascha Wildner.\"    notice, this list of conditions and the following disclaimer in the
1225638cf4SSascha Wildner.\"    documentation and/or other materials provided with the distribution.
1325638cf4SSascha Wildner.\"
1425638cf4SSascha Wildner.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
1525638cf4SSascha Wildner.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1625638cf4SSascha Wildner.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1725638cf4SSascha Wildner.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1825638cf4SSascha Wildner.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1925638cf4SSascha Wildner.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2025638cf4SSascha Wildner.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2125638cf4SSascha Wildner.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2225638cf4SSascha Wildner.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2325638cf4SSascha Wildner.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2425638cf4SSascha Wildner.\" SUCH DAMAGE.
2525638cf4SSascha Wildner.\"
2625638cf4SSascha Wildner.\" $FreeBSD: src/share/man/man4/safe.4,v 1.7 2006/04/01 10:56:36 brueffer Exp $
2725638cf4SSascha Wildner.\"
28*755d70b8SSascha Wildner.Dd April 21, 2018
2925638cf4SSascha Wildner.Dt SAFE 4
3025638cf4SSascha Wildner.Os
3125638cf4SSascha Wildner.Sh NAME
3225638cf4SSascha Wildner.Nm safe
3325638cf4SSascha Wildner.Nd SafeNet crypto accelerator
3425638cf4SSascha Wildner.Sh SYNOPSIS
3525638cf4SSascha WildnerTo compile this driver into the kernel,
3625638cf4SSascha Wildnerplace the following lines in your
3725638cf4SSascha Wildnerkernel configuration file:
3825638cf4SSascha Wildner.Bd -ragged -offset indent
3925638cf4SSascha Wildner.Cd "device crypto"
4025638cf4SSascha Wildner.Cd "device cryptodev"
4125638cf4SSascha Wildner.Cd "device safe"
4225638cf4SSascha Wildner.Ed
4325638cf4SSascha Wildner.Pp
4425638cf4SSascha WildnerAlternatively, to load the driver as a
4525638cf4SSascha Wildnermodule at boot time, place the following line in
4625638cf4SSascha Wildner.Xr loader.conf 5 :
4725638cf4SSascha Wildner.Bd -literal -offset indent
4825638cf4SSascha Wildnersafe_load="YES"
4925638cf4SSascha Wildner.Ed
5025638cf4SSascha Wildner.Pp
5125638cf4SSascha Wildner.Nm sysctl Va hw.safe.debug
5225638cf4SSascha Wildner.Nm sysctl Va hw.safe.dump
5325638cf4SSascha Wildner.Nm sysctl Va hw.safe.rnginterval
5425638cf4SSascha Wildner.Nm sysctl Va hw.safe.rngbufsize
5525638cf4SSascha Wildner.Nm sysctl Va hw.safe.rngmaxalarm
5625638cf4SSascha Wildner.Sh DESCRIPTION
5725638cf4SSascha WildnerThe
5825638cf4SSascha Wildner.Nm
5925638cf4SSascha Wildnerdriver supports cards containing SafeNet crypto accelerator chips.
6025638cf4SSascha Wildner.Pp
6125638cf4SSascha WildnerThe
6225638cf4SSascha Wildner.Nm
6325638cf4SSascha Wildnerdriver registers itself to accelerate DES, Triple-DES, AES, MD5-HMAC,
6425638cf4SSascha WildnerSHA1-HMAC, and NULL operations for
6525638cf4SSascha Wildner.Xr crypto 4 .
6625638cf4SSascha Wildner.Pp
6725638cf4SSascha WildnerOn all models, the driver registers itself to provide random data to the
6825638cf4SSascha Wildner.Xr random 4
6925638cf4SSascha Wildnersubsystem.
7025638cf4SSascha WildnerPeriodically the driver will poll the hardware RNG and retrieve
7125638cf4SSascha Wildnerdata for use by the system.
7225638cf4SSascha WildnerIf the driver detects that the hardware RNG is resonating with any local
7325638cf4SSascha Wildnersignal, it will reset the oscillators that generate random data.
7425638cf4SSascha WildnerThree
7525638cf4SSascha Wildner.Xr sysctl 8
7625638cf4SSascha Wildnersettings control this procedure:
7725638cf4SSascha Wildner.Va hw.safe.rnginterval
7825638cf4SSascha Wildnerspecifies the time, in seconds, between polling operations,
7925638cf4SSascha Wildner.Va hw.safe.rngbufsize
8025638cf4SSascha Wildnerspecifies the number of 32-bit words to retrieve on each poll,
8125638cf4SSascha Wildnerand
8225638cf4SSascha Wildner.Va hw.safe.rngmaxalarm
8325638cf4SSascha Wildnerspecifies the threshold for resetting the oscillators.
8425638cf4SSascha Wildner.Pp
8525638cf4SSascha WildnerWhen the driver is compiled with
8625638cf4SSascha Wildner.Dv SAFE_DEBUG
8725638cf4SSascha Wildnerdefined, two
8825638cf4SSascha Wildner.Xr sysctl 8
8925638cf4SSascha Wildnervariables are provided for debugging purposes:
9025638cf4SSascha Wildner.Va hw.safe.debug
9125638cf4SSascha Wildnercan be set to a non-zero value to enable debugging messages to be sent
9225638cf4SSascha Wildnerto the console for each cryptographic operation,
9325638cf4SSascha Wildner.Va hw.safe.dump
9425638cf4SSascha Wildneris a write-only variable that can be used to force driver state to be sent
9525638cf4SSascha Wildnerto the console.
9625638cf4SSascha WildnerSet this variable to
9725638cf4SSascha Wildner.Dq Li ring
9825638cf4SSascha Wildnerto dump the current state of the descriptor ring,
9925638cf4SSascha Wildnerto
10025638cf4SSascha Wildner.Dq Li dma
10125638cf4SSascha Wildnerto dump the hardware DMA registers,
10225638cf4SSascha Wildneror
10325638cf4SSascha Wildnerto
10425638cf4SSascha Wildner.Dq Li int
10525638cf4SSascha Wildnerto dump the hardware interrupt registers.
10625638cf4SSascha Wildner.Sh HARDWARE
10725638cf4SSascha WildnerThe
10825638cf4SSascha Wildner.Nm
10925638cf4SSascha Wildnerdriver supports cards containing any of the following chips:
11025638cf4SSascha Wildner.Bl -tag -width "SafeNet 1141" -offset indent
11125638cf4SSascha Wildner.It SafeNet 1141
11225638cf4SSascha WildnerThe original chipset.
11325638cf4SSascha WildnerSupports DES, Triple-DES, AES, MD5, and SHA-1
11425638cf4SSascha Wildnersymmetric crypto operations, RNG, public key operations, and full IPsec
11525638cf4SSascha Wildnerpacket processing.
11625638cf4SSascha Wildner.It SafeNet 1741
11725638cf4SSascha WildnerA faster version of the 1141.
11825638cf4SSascha Wildner.El
11925638cf4SSascha Wildner.Sh SEE ALSO
12025638cf4SSascha Wildner.Xr crypt 3 ,
12125638cf4SSascha Wildner.Xr crypto 4 ,
12225638cf4SSascha Wildner.Xr intro 4 ,
12325638cf4SSascha Wildner.Xr random 4 ,
12425638cf4SSascha Wildner.Xr crypto 9
12525638cf4SSascha Wildner.Sh BUGS
12625638cf4SSascha WildnerPublic key support is not implemented.
127