nortti
/
sortix-mirror
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Mix in fresh randomness when writing out /boot/random.seed. 

When entropy gathering is implemented, in the case of the installer and
upgrader, the system probably won't have any entropy when it begins. By the
time the system is installed, there will probably be a bit of entropy from
the user using the system and general system usage, so mix in some of that.
In the case of init, after an installed system has run for a while, a lot of
entropy will have gotten collected, but init will have its arc4random seeded
with initial boot entry, so mix in some fresh entropy, so the random seed
written on shutdown remains as entropic as possible.
This commit is contained in:
Jonas 'Sortie' Termansen 2017-03-14 23:13:47 +01:00
parent 4c2ef980b1
commit f864c59d0d
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
init/init.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016 Jonas 'Sortie' Termansen.
* Copyright (c) 2011-2017 Jonas 'Sortie' Termansen.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -173,8 +173,15 @@ static void write_random_seed(void)
close(fd);
return;
}
// Write out randomness, but mix in some fresh kernel randomness in case the
// randomness used to seed arc4random didn't have enough entropy, there may
// be more now.
unsigned char buf[256];
arc4random_buf(buf, sizeof(buf));
unsigned char newbuf[256];
getentropy(newbuf, sizeof(newbuf));
for ( size_t i = 0; i < 256; i++ )
buf[i] ^= newbuf[i];
size_t done = writeall(fd, buf, sizeof(buf));
explicit_bzero(buf, sizeof(buf));
if ( done < sizeof(buf) )

9
sysinstall/fileops.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2016 Jonas 'Sortie' Termansen.
* Copyright (c) 2015, 2016, 2017 Jonas 'Sortie' Termansen.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -114,10 +114,17 @@ void write_random_seed(const char* path)
warn("chmod: %s", path);
_exit(2);
}
// Write out randomness, but mix in some fresh kernel randomness in case the
// randomness used to seed arc4random didn't have enough entropy, there may
// be more now.
unsigned char buf[256];
arc4random_buf(buf, sizeof(buf));
unsigned char newbuf[256];
getentropy(newbuf, sizeof(newbuf));
size_t done = writeall(fd, buf, sizeof(buf));
explicit_bzero(buf, sizeof(buf));
for ( size_t i = 0; i < 256; i++ )
buf[i] ^= newbuf[i];
if ( done < sizeof(buf) )
{
warn("write: %s", path);