From: "Theo de Raadt" <deraadt@openbsd.org>
Subject: Re: installer, rc: unify random seeding
To: Klemens Nanni <kn@openbsd.org>
Cc: OpenBSD tech <tech@openbsd.org>
Date: Sun, 18 May 2025 02:44:28 -0600

I'm happy.

Klemens Nanni <kn@openbsd.org> wrote:

> 03.05.2025 02:29, Klemens Nanni пишет:
> > No behaviour change, just, imho, simpler and cleaner code.
> > 
> > The installer has feed_random() plus store_random() and rc(8) has random_seed().
> > 
> > Call both store_random() and use the same wording to match, use variables for
> > brevity and to tell what the files are used for.
> > 
> > Replace the absoloute octal mode to chmod(8) with symbolic (relative) one to
> > explicitly show that this is where userland strips the sticky bit set by the
> > bootloader to help itself:  if set, seeds are skipped with
> > 
> > 	NOTE: random seed is being reused.
> > 
> > (If your root is a softraid, you never see this as bootloaders cannot write to it
> >  and thus never sets +t in the first place.)
> > 
> > Always call the function on shutdown and silence just stderr (stdout already
> > is quiet) instead of doing a preemptive append for brevity:  the reason for
> > the current brief message is rc r1.437 from 2014:
> > 
> >     Print a warning message if the files with the random seed are not
> >     writeable during shutdown.  This prevents ugly error messages when
> >     the machine is rebooted from singe-user without mounting the file
> >     systems read-write.
> > 
> > Feedback? OK?
> 
> Ping.
> 
> Same diff with better comment from Theo.
> 
> Index: distrib/miniroot/install.sub
> ===================================================================
> RCS file: /cvs/src/distrib/miniroot/install.sub,v
> diff -u -p -r1.1270 install.sub
> --- distrib/miniroot/install.sub	4 May 2025 12:32:41 -0000	1.1270
> +++ distrib/miniroot/install.sub	8 May 2025 09:58:48 -0000
> @@ -2932,12 +2932,17 @@ encr_pwd() {
>  	fi
>  }
>  
> -# Store entropy for the next boot.
> +# Create future seeds for the bootloader and rc(8).
>  store_random() {
> -	dd if=/dev/random of=/mnt/var/db/host.random bs=65536 count=1 \
> -		status=none
> -	dd if=/dev/random of=/mnt/etc/random.seed bs=512 count=1 status=none
> -	chmod 600 /mnt/var/db/host.random /mnt/etc/random.seed
> +	local _bootseed=/mnt/etc/random.seed _hostseed=/mnt/var/db/host.random
> +
> +	dd if=/dev/random of=$_bootseed bs=512   count=1 status=none
> +	dd if=/dev/random of=$_hostseed bs=65536 count=1 status=none
> +
> +	# Removal of the sticky bit indicates the file has fresh contents for
> +	# use by a subsequent bootloader (who sets the sticky bit to prevent
> +	# content reuse).
> +	chmod u=rw-t,go= $_bootseed $_hostseed
>  }
>  
>  # Final steps common for installs and upgrades.
> @@ -3068,7 +3073,7 @@ __EOT
>  		fi
>  	fi
>  
> -	# Store entropy for the next boot.
> +	# Update seed files.
>  	store_random
>  
>  	# Pat on the back.
> Index: etc/rc
> ===================================================================
> RCS file: /cvs/src/etc/rc,v
> diff -u -p -r1.580 rc
> --- etc/rc	7 Apr 2025 14:49:26 -0000	1.580
> +++ etc/rc	8 May 2025 09:58:48 -0000
> @@ -72,14 +72,20 @@ wsconsctl_conf() {
>  	done
>  }
>  
> -# Push the old seed into the kernel, create a future seed  and create a seed
> -# file for the boot-loader.
> -random_seed() {
> -	dd if=/var/db/host.random of=/dev/random bs=65536 count=1 status=none
> -	chmod 600 /var/db/host.random
> -	dd if=/dev/random of=/var/db/host.random bs=65536 count=1 status=none
> -	dd if=/dev/random of=/etc/random.seed bs=512 count=1 status=none
> -	chmod 600 /etc/random.seed
> +# Push the old seed into the kernel and create future seeds for the bootloader,
> +# the installer and rc(8).
> +store_random() {
> +	local _bootseed=/etc/random.seed _hostseed=/var/db/host.random
> +
> +	dd if=$_hostseed of=/dev/random bs=65536 count=1 status=none
> +
> +	dd if=/dev/random of=$_bootseed bs=512   count=1 status=none
> +	dd if=/dev/random of=$_hostseed bs=65536 count=1 status=none
> +
> +	# Removal of the sticky bit indicates the file has fresh contents for
> +	# use by a subsequent bootloader (who sets the sticky bit to prevent
> +	# content reuse).
> +	chmod u=rw-t,go= $_bootseed $_hostseed
>  }
>  
>  # Populate net.inet.(tcp|udp).baddynamic with the contents of /etc/services so
> @@ -351,12 +357,8 @@ _rc_parse_conf
>  # - execute the rc.d scripts specified by $pkg_scripts in reverse order
>  # - bring carp interfaces down gracefully
>  if [[ $1 == shutdown ]]; then
> -	if echo 2>/dev/null >>/var/db/host.random ||
> -	    echo 2>/dev/null >>/etc/random.seed; then
> -		random_seed
> -	else
> -		echo warning: cannot write random seed to disk
> -	fi
> +	store_random 2>/dev/null ||
> +		echo 'warning: cannot write random seed to disk'
>  
>  	# If we are in secure level 0, assume single user mode.
>  	if (($(sysctl -n kern.securelevel) == 0)); then
> @@ -490,7 +492,7 @@ sh /etc/netstart
>  
>  start_daemon unwind >/dev/null 2>&1
>  
> -random_seed
> +store_random
>  
>  wait_reorder_libs
>  
>