Page MenuHomeFreeBSD
Differential D53181

random: remove safe(4)
Needs ReviewPublic
Actions

Authored by obrien on Oct 18 2025, 1:36 AM.
Tags
None
Referenced Files
F142151580: D53181.id164470.diff
Fri, Jan 16, 12:42 PM
F142151506: D53181.id164511.diff
Fri, Jan 16, 12:41 PM
Unknown Object (File)
Thu, Jan 15, 5:50 AM
Unknown Object (File)
Mon, Jan 12, 12:39 PM
Unknown Object (File)
Sat, Jan 10, 6:42 PM
Unknown Object (File)
Sat, Jan 10, 6:25 PM
Unknown Object (File)
Sat, Jan 10, 5:13 PM
Unknown Object (File)
Sun, Dec 28, 2:11 AM
View All 46 Files
Subscribers
cem
imp
jhb
ziaee

Details

Reviewers
None
Group Reviewers
csprng
Summary

The SafeNet SafeXcel 1141/1741 crypto accelerator only supports
deprecated & disallowed algorithms (NIST SP800-224idp): DES,
Triple-DES, MD5, SHA-1, SHA1-HMAC, and non-SP800-90B RNG.




Only the AES functionality is still NIST allowed.  However,

modern CPU's have higher software AES throughput than this

25 year old crypto accelerator.
Diff Detail
Repository 
rG FreeBSD src repository 
Lint 
Lint Skipped
 
Unit 
Tests Skipped
 
Build Status 
Buildable 67889
Build 64772: arc lint + arc unit
 
Event Timeline
obrien created this revision.Oct 18 2025, 1:36 AM
Herald added subscribers: ziaee, imp.  ·  View Herald TranscriptOct 18 2025, 1:36 AM
obrien requested review of this revision.Oct 18 2025, 1:36 AM
Harbormaster completed remote builds in B67888: Diff 164467.Oct 18 2025, 1:36 AM
obrien updated this revision to Diff 164468.Oct 18 2025, 1:37 AM
tags
Harbormaster completed remote builds in B67889: Diff 164468.Oct 18 2025, 1:37 AM
obrien added a comment.Oct 18 2025, 1:48 AM
I could only find PCI cards with this chipset (SafeXcel 140-PCI, SafeXcel 141-PCI, SafeXcel 171-PCI, and SafeXcel 241-PCI), nothing newer to plug into a modern AMD64 system.  I haven't yet found any(which) SoC's may have the SafeXcel embedded, but I doubt they are 64-bit capable.
cem added a subscriber: cem.Oct 18 2025, 3:12 AM
Hm, not sure I'd call AES deprecated or disallowed.  But no objection to removing.
cem added inline comments.Oct 18 2025, 3:13 AM
sys/sys/random.h


93
I think this is an ABI change, and requires the usual ABI bump machinery / caution.
obrien updated this revision to Diff 164470.Oct 18 2025, 4:08 AM
PBKAC
Harbormaster completed remote builds in B67891: Diff 164470.Oct 18 2025, 4:08 AM
obrien updated this revision to Diff 164482.Oct 18 2025, 5:30 AM
add more files
Harbormaster completed remote builds in B67893: Diff 164482.Oct 18 2025, 5:30 AM
ziaee added a comment.Oct 18 2025, 2:00 PM
Can we please do driver removals in a measured way, with a mail to an appropriate list issuing a schedule for deprecation and removal, and an entry in the release notes?



To be clear, I don't use/want this hardware and actually it's really ugly in the hardware release notes. I've tried rewriting the entry to fix it and failed, even.
obrien updated this revision to Diff 164511.Oct 18 2025, 11:14 PM
embelish
Harbormaster completed remote builds in B67902: Diff 164511.Oct 18 2025, 11:14 PM
obrien updated this revision to Diff 164710.Oct 21 2025, 6:05 PM
update log message
Harbormaster completed remote builds in B67975: Diff 164710.Oct 21 2025, 6:05 PM
obrien edited the summary of this revision. (Show Details)Oct 21 2025, 7:52 PM


In D53181#1214931, @cem wrote:


Hm, not sure I'd call AES deprecated or disallowed.  But no objection to removing.





I've updated the log message to not claim AES is deprecated.  I've added my opinion on why we should still GC safe(4) for even AES use.
jhb added a subscriber: jhb.Oct 21 2025, 8:26 PM
I already trimmed most of the algorithms from this driver after dropping several deprecated IPsec algorithms back in 2020.  We still support AES-CBC with a SHA1 HMAC for crufty IPsec setups (and in particular, when I last purged IPsec algorithms based on RFC 8221, that combination was not disallowed) and geli(4).



There is a newer RFC 9395 (published April 2023) which deprecate SHA1 HMAC for IPsec, so we could consider adopting that in 16, but we would need to add warnings, etc.  If we wanted to deprecate it from geli(4) that would also need warnings, etc.  I did this for MD5-HMAC before (rG5c420aae3b18027809507dc9142182d4290897bf).  Kerberos has not yet deprecated SHA1 it would seem (RFC 8429 remains the newest RFC there).
sys/conf/options


739 ↗(On Diff #164710)
hifi(4) is also of dubious usefulness


sys/sys/random.h


93
Is it private to the kernel?  OCTEON is also no longer present (was MIPS only) so should perhaps be removed as well, or if it is a user-facing ABI, just leave the value here as a placeholder.
obrien added inline comments.Oct 21 2025, 9:03 PM
sys/conf/options


739 ↗(On Diff #164710)
Already posted as https://reviews.freebsd.org/D53182


sys/sys/random.h


93
Already posted as https://reviews.freebsd.org/D53146
obrien added a comment.EditedOct 21 2025, 9:14 PM
One thing specific to safe(4) is, does SafeXcel 1141/1741 cards / SoC's exist that would plug into any of the platforms listed on https://www.freebsd.org/platforms for 15.0?

I can't find any PCI-e (or even PCI), or USB cards with this HW one can buy.  I question how wide-spread safe(4) ever was.  I cannot figure out how Global Technology Associates, Inc. used this.

Even on eBay, in both current and completed auctions, there is only https://www.ebay.com/itm/365919401957 - which are just silicon chips from 2005.
jhb added a comment.Oct 28 2025, 7:06 PM
BTW, for both hifn(4) and safe(4), please first do a commit to add a deprecation warning using the gone_in(9) API and merge that down to the stable/14 and stable/15 branches.  We also do deprecation warnings in manpages in addition to gone_in(9).
Revision Contents
Changeset List
PathSize
share/
man/
man4/
sys/
dev/
random/
1 line
safe/
sys/
1 line
Diff 164468
View Options
share/man/man4/safe.4
Loading...
View Options
sys/dev/random/random_harvestq.c
Loading...
View Options
sys/dev/safe/safe.c
Loading...
View Options
sys/dev/safe/safereg.h
Loading...
View Options
sys/dev/safe/safevar.h
Loading...
View Options
sys/sys/random.h
Loading...