r323908 tsoome Sept. 22, 2017, 7:40 a.m.
Use errno for error checking.
ViewVC
r323907 tsoome Sept. 22, 2017, 7:37 a.m.
The else statement should have { }
ViewVC
r323906 tsoome Sept. 22, 2017, 7:34 a.m.
We should return ENXIO to indicate the situation with device present,
but no media.
ViewVC
r323905 tsoome Sept. 22, 2017, 7:29 a.m.
The device index, partition index and reference counter are all positive
numbers. However, since our internal partition number may be negative
to indicate GPT table, the compare expression need to take care when comparing
pdinfo_t and partition data.
ViewVC
r323904 tuexen Sept. 22, 2017, 6:33 a.m.
library.

MFC after:	1 week
ViewVC
r323902 tuexen Sept. 22, 2017, 6:07 a.m.
MFC after:	1 week
ViewVC
r323899 cem Sept. 22, 2017, 4:41 a.m.
Sponsored by:	Dell EMC Isilon
ViewVC
r323898 cem Sept. 22, 2017, 4:25 a.m.
I accidentally introduced different whitespace style in r323878.  I'm not
used to using tabs for indentation in Python scripts.

Whitespace only; no functional change.

Sponsored by:	Dell EMC Isilon
ViewVC
r323897 tsoome Sept. 22, 2017, 2:58 a.m.
The link should be replaced by list.
ViewVC
r323896 tsoome Sept. 22, 2017, 2:56 a.m.
The efilib.h update was left out from r323885 by mistake.
ViewVC
r323895 tsoome Sept. 22, 2017, 2:53 a.m.
DevicePathNodeLength() will always return unsigned value.
ViewVC
r323894 imp Sept. 22, 2017, 2:36 a.m.
Prevent cam_iosched_iops_tick() from discarding 'unspent' ios unless
it's a new accounting interval.

Previously ios that weren't used between ticks were lost, as a result
the iops limiter could enforce a limit below the configured maximum.

Obtained from: ElectroBSD
Submitted by: Fabian Keil
PR: 221974
ViewVC
r323893 imp Sept. 22, 2017, 2:36 a.m.
Previously the iops limiter would always allow at least
quanta ios per second as cam_iosched_iops_tick() never set
ios->l_value1 below 1.

Submitted by: Fabian Keil <fk@fabiankeil.de>
Obtained from: ElectroBSD
PR: 221974
ViewVC
r323892 jhb Sept. 22, 2017, 12:34 a.m.
In particular, support chaining an AES cipher with an HMAC for a request
including AAD.  This permits submitting requests from userland to encrypt
objects like IPSec packets using these algorithms.

In the non-GCM case, the authentication crypto descriptor covers both the
AAD and the ciphertext.  The GCM case remains unchanged.  This matches
the requests created internally in IPSec.  For the non-GCM case, the
COP_F_CIPHER_FIRST is also supported since the ordering matters.

Note that while this can be used to simulate IPSec requests from userland,
this ioctl cannot currently be used to perform TLS requests using AES-CBC
and MAC-before-encrypt.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D11759
ViewVC
r323891 jhb Sept. 22, 2017, 12:21 a.m.
This requests that the cipher be performed before rather than after
the HMAC when both are specified for a single operation.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D11757
ViewVC