Download raw body.
installer, rc: unify random seeding
I'm happy.
Klemens Nanni <kn@openbsd.org> wrote:
> 03.05.2025 02:29, Klemens Nanni пишет:
> > No behaviour change, just, imho, simpler and cleaner code.
> >
> > The installer has feed_random() plus store_random() and rc(8) has random_seed().
> >
> > Call both store_random() and use the same wording to match, use variables for
> > brevity and to tell what the files are used for.
> >
> > Replace the absoloute octal mode to chmod(8) with symbolic (relative) one to
> > explicitly show that this is where userland strips the sticky bit set by the
> > bootloader to help itself: if set, seeds are skipped with
> >
> > NOTE: random seed is being reused.
> >
> > (If your root is a softraid, you never see this as bootloaders cannot write to it
> > and thus never sets +t in the first place.)
> >
> > Always call the function on shutdown and silence just stderr (stdout already
> > is quiet) instead of doing a preemptive append for brevity: the reason for
> > the current brief message is rc r1.437 from 2014:
> >
> > Print a warning message if the files with the random seed are not
> > writeable during shutdown. This prevents ugly error messages when
> > the machine is rebooted from singe-user without mounting the file
> > systems read-write.
> >
> > Feedback? OK?
>
> Ping.
>
> Same diff with better comment from Theo.
>
> Index: distrib/miniroot/install.sub
> ===================================================================
> RCS file: /cvs/src/distrib/miniroot/install.sub,v
> diff -u -p -r1.1270 install.sub
> --- distrib/miniroot/install.sub 4 May 2025 12:32:41 -0000 1.1270
> +++ distrib/miniroot/install.sub 8 May 2025 09:58:48 -0000
> @@ -2932,12 +2932,17 @@ encr_pwd() {
> fi
> }
>
> -# Store entropy for the next boot.
> +# Create future seeds for the bootloader and rc(8).
> store_random() {
> - dd if=/dev/random of=/mnt/var/db/host.random bs=65536 count=1 \
> - status=none
> - dd if=/dev/random of=/mnt/etc/random.seed bs=512 count=1 status=none
> - chmod 600 /mnt/var/db/host.random /mnt/etc/random.seed
> + local _bootseed=/mnt/etc/random.seed _hostseed=/mnt/var/db/host.random
> +
> + dd if=/dev/random of=$_bootseed bs=512 count=1 status=none
> + dd if=/dev/random of=$_hostseed bs=65536 count=1 status=none
> +
> + # Removal of the sticky bit indicates the file has fresh contents for
> + # use by a subsequent bootloader (who sets the sticky bit to prevent
> + # content reuse).
> + chmod u=rw-t,go= $_bootseed $_hostseed
> }
>
> # Final steps common for installs and upgrades.
> @@ -3068,7 +3073,7 @@ __EOT
> fi
> fi
>
> - # Store entropy for the next boot.
> + # Update seed files.
> store_random
>
> # Pat on the back.
> Index: etc/rc
> ===================================================================
> RCS file: /cvs/src/etc/rc,v
> diff -u -p -r1.580 rc
> --- etc/rc 7 Apr 2025 14:49:26 -0000 1.580
> +++ etc/rc 8 May 2025 09:58:48 -0000
> @@ -72,14 +72,20 @@ wsconsctl_conf() {
> done
> }
>
> -# Push the old seed into the kernel, create a future seed and create a seed
> -# file for the boot-loader.
> -random_seed() {
> - dd if=/var/db/host.random of=/dev/random bs=65536 count=1 status=none
> - chmod 600 /var/db/host.random
> - dd if=/dev/random of=/var/db/host.random bs=65536 count=1 status=none
> - dd if=/dev/random of=/etc/random.seed bs=512 count=1 status=none
> - chmod 600 /etc/random.seed
> +# Push the old seed into the kernel and create future seeds for the bootloader,
> +# the installer and rc(8).
> +store_random() {
> + local _bootseed=/etc/random.seed _hostseed=/var/db/host.random
> +
> + dd if=$_hostseed of=/dev/random bs=65536 count=1 status=none
> +
> + dd if=/dev/random of=$_bootseed bs=512 count=1 status=none
> + dd if=/dev/random of=$_hostseed bs=65536 count=1 status=none
> +
> + # Removal of the sticky bit indicates the file has fresh contents for
> + # use by a subsequent bootloader (who sets the sticky bit to prevent
> + # content reuse).
> + chmod u=rw-t,go= $_bootseed $_hostseed
> }
>
> # Populate net.inet.(tcp|udp).baddynamic with the contents of /etc/services so
> @@ -351,12 +357,8 @@ _rc_parse_conf
> # - execute the rc.d scripts specified by $pkg_scripts in reverse order
> # - bring carp interfaces down gracefully
> if [[ $1 == shutdown ]]; then
> - if echo 2>/dev/null >>/var/db/host.random ||
> - echo 2>/dev/null >>/etc/random.seed; then
> - random_seed
> - else
> - echo warning: cannot write random seed to disk
> - fi
> + store_random 2>/dev/null ||
> + echo 'warning: cannot write random seed to disk'
>
> # If we are in secure level 0, assume single user mode.
> if (($(sysctl -n kern.securelevel) == 0)); then
> @@ -490,7 +492,7 @@ sh /etc/netstart
>
> start_daemon unwind >/dev/null 2>&1
>
> -random_seed
> +store_random
>
> wait_reorder_libs
>
>
installer, rc: unify random seeding