[illumos-Developer] webrev: removal of closed kcfd
Sriram Narayanan
sriram at belenix.org
Wed Sep 8 01:01:51 PDT 2010
Wow :)
-- Sriram
On 9/8/10, Garrett D'Amore <garrett at nexenta.com> wrote:
> Ok, I've integrated all of richlowes suggestions, plus I've removed
> nightly's use of the crypto tarball (verified!), and cleaned up a bunch
> more FIPS 140 stale/dead code. The end result is a lot more code
> deleted.
>
> The new webrev is
>
> http://http://mexico.purplecow.org/gdamore/webrev/nofips/
>
> Notes:
>
> * FIPS 140-2 support is totally gone.
>
> * the FIPS entry points in crypto ops are left in place, for
> compatibility
>
> * elfsign support remains in place in nightly, but is not used.
>
> * kcfpoold runs in the SYS class, and so cannot be priocntl'd or
> pbind'ed. Fixing this is potentially a low priority tasks, but
> admittedly I'm less confident about using FX or TS for a process with
> out at least *some* presence in userland. So I'd like to defer until
> someone complains if possible. This only affects crypto run *from the
> kernel.*
>
> * I've not tested any of this on SPARC yet. I'd like willing
> volunteers, especially folks with hardware crypto like dca.
>
> Thanks.
>
> - Garrett
>
>
> _______________________________________________
> Developer mailing list
> Developer at lists.illumos.org
> http://lists.illumos.org/m/listinfo/developer
>
--
Sent from my mobile device
Belenix: www.belenix.org
More information about the Developer
mailing list