remove uvm_swpkeyexpire extern for var we never had

remove uvm_swprekeyprint extern for var we never had

make SWAP_KEY_GET symmetrical with SWAP_KEY_PUT by having it call
a function in uvm_swap_encrypt.c instead of doing stuff inline.

lets me remove an extern from the header too.

ok kettenis@

Whitespace nit in previous.

turn a for (i = 0; i < size; i++) arc4random(); loop into arc4random_buf().

Since that function is now so small (2 lines), inline it into it's only user.

Shaves some bytes (104 on amd64).

ok deraa

turn a for (i = 0; i < size; i++) arc4random(); loop into arc4random_buf().

Since that function is now so small (2 lines), inline it into it's only user.

Shaves some bytes (104 on amd64).

ok deraadt@, blambert@. djm@ liked an earlier diff.

show more ...

inital -> initial

First round of __P removal in sys

$OpenBSD$

put in own ctl level for swapencrypt.

use rijndael instead of blowfish because of faster key setup.
break swap paritions into sections, each section has own
encryption key. if a section's key becomes unreferenced, erase it.

use encrypted blocknumber as IV

swap encryption for UVM, option UVM_SWAP_ENCRYPT. needs to be enabled
via sysctl.
Pages are encrypted with the Blowfish encryption algorithm, the key
is initialized randomly on first swap out, ensur

swap encryption for UVM, option UVM_SWAP_ENCRYPT. needs to be enabled
via sysctl.
Pages are encrypted with the Blowfish encryption algorithm, the key
is initialized randomly on first swap out, ensuring that entropy has
accumulated in the kernel randomness pool. Eventually, swap encryption
will be decided on a process by process basis, e.g. a process that reads from
a cryptographic filesystem will enable swap encrypt for its pages. okay
art@ and deraadt@.

show more ...