2017-11-18 17:09:20 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
2010-08-14 21:23:26 +02:00
|
|
|
|
|
|
|
#include <errno.h>
|
2015-10-24 22:58:24 +02:00
|
|
|
#include <fcntl.h>
|
2010-08-14 21:23:26 +02:00
|
|
|
#include <string.h>
|
|
|
|
#include <sys/stat.h>
|
2015-10-24 22:58:24 +02:00
|
|
|
#include <unistd.h>
|
2010-08-14 21:23:26 +02:00
|
|
|
|
2018-08-06 15:58:16 +02:00
|
|
|
#include "sd-id128.h"
|
|
|
|
|
2015-10-27 03:01:06 +01:00
|
|
|
#include "alloc-util.h"
|
2015-10-25 13:14:12 +01:00
|
|
|
#include "fd-util.h"
|
2015-10-25 14:08:25 +01:00
|
|
|
#include "io-util.h"
|
2010-08-14 21:23:26 +02:00
|
|
|
#include "log.h"
|
2012-04-10 21:54:31 +02:00
|
|
|
#include "mkdir.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
#include "string-util.h"
|
|
|
|
#include "util.h"
|
2010-08-14 21:23:26 +02:00
|
|
|
|
2010-08-18 19:38:45 +02:00
|
|
|
#define POOL_SIZE_MIN 512
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
#define POOL_SIZE_MAX (10*1024*1024)
|
2010-08-18 19:38:45 +02:00
|
|
|
|
2010-08-14 21:23:26 +02:00
|
|
|
int main(int argc, char *argv[]) {
|
2013-08-13 22:01:55 +02:00
|
|
|
_cleanup_close_ int seed_fd = -1, random_fd = -1;
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
bool read_seed_file, write_seed_file;
|
2013-08-13 22:01:55 +02:00
|
|
|
_cleanup_free_ void* buf = NULL;
|
2010-08-18 19:38:45 +02:00
|
|
|
size_t buf_size = 0;
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
struct stat st;
|
2013-08-13 22:01:55 +02:00
|
|
|
ssize_t k;
|
2010-08-18 19:38:45 +02:00
|
|
|
FILE *f;
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
int r;
|
2010-08-14 21:23:26 +02:00
|
|
|
|
|
|
|
if (argc != 2) {
|
|
|
|
log_error("This program requires one argument.");
|
2010-08-31 21:05:54 +02:00
|
|
|
return EXIT_FAILURE;
|
2010-08-14 21:23:26 +02:00
|
|
|
}
|
|
|
|
|
2012-01-12 05:09:06 +01:00
|
|
|
log_set_target(LOG_TARGET_AUTO);
|
2010-08-14 21:23:26 +02:00
|
|
|
log_parse_environment();
|
2010-08-16 22:39:02 +02:00
|
|
|
log_open();
|
2010-08-14 21:23:26 +02:00
|
|
|
|
2011-08-01 20:52:18 +02:00
|
|
|
umask(0022);
|
|
|
|
|
2010-08-18 19:38:45 +02:00
|
|
|
/* Read pool size, if possible */
|
2013-08-13 22:01:55 +02:00
|
|
|
f = fopen("/proc/sys/kernel/random/poolsize", "re");
|
|
|
|
if (f) {
|
2015-09-08 23:03:38 +02:00
|
|
|
if (fscanf(f, "%zu", &buf_size) > 0)
|
2011-10-22 18:47:08 +02:00
|
|
|
/* poolsize is in bits on 2.6, but we want bytes */
|
|
|
|
buf_size /= 8;
|
|
|
|
|
2010-08-18 19:38:45 +02:00
|
|
|
fclose(f);
|
|
|
|
}
|
|
|
|
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
if (buf_size < POOL_SIZE_MIN)
|
2010-08-18 19:38:45 +02:00
|
|
|
buf_size = POOL_SIZE_MIN;
|
|
|
|
|
2013-08-13 22:01:55 +02:00
|
|
|
r = mkdir_parents_label(RANDOM_SEED, 0755);
|
|
|
|
if (r < 0) {
|
2014-11-28 13:19:16 +01:00
|
|
|
log_error_errno(r, "Failed to create directory " RANDOM_SEED_DIR ": %m");
|
2010-09-20 15:04:10 +02:00
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
/* When we load the seed we read it and write it to the device and then immediately update the saved seed with
|
|
|
|
* new data, to make sure the next boot gets seeded differently. */
|
2010-08-14 21:23:26 +02:00
|
|
|
|
|
|
|
if (streq(argv[1], "load")) {
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
int open_rw_error;
|
2010-08-14 21:23:26 +02:00
|
|
|
|
2013-08-13 22:01:55 +02:00
|
|
|
seed_fd = open(RANDOM_SEED, O_RDWR|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
|
2016-02-05 01:45:08 +01:00
|
|
|
open_rw_error = -errno;
|
2013-08-13 22:01:55 +02:00
|
|
|
if (seed_fd < 0) {
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
write_seed_file = false;
|
2016-02-05 01:45:08 +01:00
|
|
|
|
2013-08-13 22:01:55 +02:00
|
|
|
seed_fd = open(RANDOM_SEED, O_RDONLY|O_CLOEXEC|O_NOCTTY);
|
|
|
|
if (seed_fd < 0) {
|
2016-02-05 01:45:08 +01:00
|
|
|
bool missing = errno == ENOENT;
|
|
|
|
|
|
|
|
log_full_errno(missing ? LOG_DEBUG : LOG_ERR,
|
|
|
|
open_rw_error, "Failed to open " RANDOM_SEED " for writing: %m");
|
|
|
|
r = log_full_errno(missing ? LOG_DEBUG : LOG_ERR,
|
|
|
|
errno, "Failed to open " RANDOM_SEED " for reading: %m");
|
|
|
|
if (missing)
|
|
|
|
r = 0;
|
|
|
|
|
2010-08-14 21:23:26 +02:00
|
|
|
goto finish;
|
|
|
|
}
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
} else
|
|
|
|
write_seed_file = true;
|
2010-08-14 21:23:26 +02:00
|
|
|
|
2013-08-13 22:01:55 +02:00
|
|
|
random_fd = open("/dev/urandom", O_RDWR|O_CLOEXEC|O_NOCTTY, 0600);
|
|
|
|
if (random_fd < 0) {
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
write_seed_file = false;
|
|
|
|
|
2013-08-13 22:01:55 +02:00
|
|
|
random_fd = open("/dev/urandom", O_WRONLY|O_CLOEXEC|O_NOCTTY, 0600);
|
|
|
|
if (random_fd < 0) {
|
2015-04-21 18:08:09 +02:00
|
|
|
r = log_error_errno(errno, "Failed to open /dev/urandom: %m");
|
2010-08-14 21:23:26 +02:00
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
read_seed_file = true;
|
2010-08-14 21:23:26 +02:00
|
|
|
|
|
|
|
} else if (streq(argv[1], "save")) {
|
|
|
|
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
random_fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
|
|
|
|
if (random_fd < 0) {
|
|
|
|
r = log_error_errno(errno, "Failed to open /dev/urandom: %m");
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
2013-08-13 22:01:55 +02:00
|
|
|
seed_fd = open(RANDOM_SEED, O_WRONLY|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
|
|
|
|
if (seed_fd < 0) {
|
2015-04-21 18:08:09 +02:00
|
|
|
r = log_error_errno(errno, "Failed to open " RANDOM_SEED ": %m");
|
2010-08-14 21:23:26 +02:00
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
read_seed_file = false;
|
|
|
|
write_seed_file = true;
|
2013-08-13 22:01:55 +02:00
|
|
|
|
2010-08-14 21:23:26 +02:00
|
|
|
} else {
|
2015-04-21 18:08:09 +02:00
|
|
|
log_error("Unknown verb '%s'.", argv[1]);
|
2013-08-13 22:01:55 +02:00
|
|
|
r = -EINVAL;
|
2010-08-14 21:23:26 +02:00
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
if (fstat(seed_fd, &st) < 0) {
|
|
|
|
r = log_error_errno(errno, "Failed to stat() seed file " RANDOM_SEED ": %m");
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* If the seed file is larger than what we expect, then honour the existing size and save/restore as much as it says */
|
|
|
|
if ((uint64_t) st.st_size > buf_size)
|
|
|
|
buf_size = MIN(st.st_size, POOL_SIZE_MAX);
|
|
|
|
|
|
|
|
buf = malloc(buf_size);
|
|
|
|
if (!buf) {
|
|
|
|
r = log_oom();
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (read_seed_file) {
|
2018-08-06 15:58:16 +02:00
|
|
|
sd_id128_t mid;
|
|
|
|
int z;
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
|
|
|
|
k = loop_read(seed_fd, buf, buf_size, false);
|
|
|
|
if (k < 0)
|
|
|
|
r = log_error_errno(k, "Failed to read seed from " RANDOM_SEED ": %m");
|
|
|
|
else if (k == 0) {
|
|
|
|
r = 0;
|
|
|
|
log_debug("Seed file " RANDOM_SEED " not yet initialized, proceeding.");
|
|
|
|
} else {
|
|
|
|
(void) lseek(seed_fd, 0, SEEK_SET);
|
|
|
|
|
|
|
|
r = loop_write(random_fd, buf, (size_t) k, false);
|
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to write seed to /dev/urandom: %m");
|
|
|
|
}
|
2018-08-06 15:58:16 +02:00
|
|
|
|
|
|
|
/* Let's also write the machine ID into the random seed. Why? As an extra protection against "golden
|
|
|
|
* images" that are put together sloppily, i.e. images which are duplicated on multiple systems but
|
|
|
|
* where the random seed file is not properly reset. Frequently the machine ID is properly reset on
|
|
|
|
* those systems however (simply because it's easier to notice, if it isn't due to address clashes and
|
|
|
|
* so on, while random seed equivalence is generally not noticed easily), hence let's simply write the
|
|
|
|
* machined ID into the random pool too. */
|
|
|
|
z = sd_id128_get_machine(&mid);
|
|
|
|
if (z < 0)
|
|
|
|
log_debug_errno(z, "Failed to get machine ID, ignoring: %m");
|
|
|
|
else {
|
|
|
|
z = loop_write(random_fd, &mid, sizeof(mid), false);
|
|
|
|
if (z < 0)
|
|
|
|
log_debug_errno(z, "Failed to write machine ID to /dev/urandom, ignoring: %m");
|
|
|
|
}
|
random-seed: read the full seed file, even if it is larger than 512 byte
Previously, we'd only ever read 512 byte from the random seed file,
under the assumption we won't need more. With this change we'll read the
full file, even if it is larger.
The idea behind htis change is that people can dump additional data into the
random seed file offline if they like, and it can be low quality, and
we'll seed the pool with it anyway. Moreover, if people are paranoid and
want us to save/restore a bigger seed, it's easy to do: just truncate
the file to the right size and we'll save/restore as much in the future.
This also reworks the file a bit, introducing two clear if blocks that
load and that save the random seed, and that each are conditionalized
more carefully.
2018-08-06 15:52:45 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if (write_seed_file) {
|
2015-04-21 18:08:09 +02:00
|
|
|
|
2015-01-12 21:40:14 +01:00
|
|
|
/* This is just a safety measure. Given that we are root and
|
|
|
|
* most likely created the file ourselves the mode and owner
|
|
|
|
* should be correct anyway. */
|
2015-04-21 18:08:09 +02:00
|
|
|
(void) fchmod(seed_fd, 0600);
|
|
|
|
(void) fchown(seed_fd, 0, 0);
|
2010-08-14 21:23:26 +02:00
|
|
|
|
2015-01-12 21:40:14 +01:00
|
|
|
k = loop_read(random_fd, buf, buf_size, false);
|
2015-04-21 18:08:09 +02:00
|
|
|
if (k < 0) {
|
|
|
|
r = log_error_errno(k, "Failed to read new seed from /dev/urandom: %m");
|
|
|
|
goto finish;
|
2015-01-12 21:40:14 +01:00
|
|
|
}
|
2015-04-21 18:08:09 +02:00
|
|
|
if (k == 0) {
|
|
|
|
log_error("Got EOF while reading from /dev/urandom.");
|
|
|
|
r = -EIO;
|
|
|
|
goto finish;
|
|
|
|
}
|
|
|
|
|
|
|
|
r = loop_write(seed_fd, buf, (size_t) k, false);
|
|
|
|
if (r < 0)
|
|
|
|
log_error_errno(r, "Failed to write new random seed file: %m");
|
2010-08-14 21:23:26 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
finish:
|
2013-08-13 22:01:55 +02:00
|
|
|
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
|
2010-08-14 21:23:26 +02:00
|
|
|
}
|