Module Name: src Committed By: riastradh Date: Wed May 6 18:31:05 UTC 2020
Modified Files: src/sys/kern: kern_entropy.c Log Message: Don't reject seed file entropy estimates, until one is nonzero. We try to avoid counting the seed file's entropy twice, e.g. once from the boot loader and once from rndctl via /etc/rc.d/random_seed. But previously, if you had a /var/db/entropy-file that was deemed to have zero entropy, that would prevent rndctl -L from _ever_ setting a nonzero entropy estimate, even if you (say) copy a seed file over from another machine (over a non-eavesdroppable medium) and try to load it in with rndctl -L, e.g. via `/etc/rc.d/random_seed start'. Now we accept the first _nonzero_ entropy estimate from a seed file. The operator can still always trick the kernel into believing there's entropy in the system by writing data to /dev/random, if the operator knows something the kernel doesn't; this only affects the _automated_ seed file loading. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.10 src/sys/kern/kern_entropy.c:1.11 --- src/sys/kern/kern_entropy.c:1.10 Tue May 5 15:31:42 2020 +++ src/sys/kern/kern_entropy.c Wed May 6 18:31:05 2020 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.10 2020/05/05 15:31:42 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.11 2020/05/06 18:31:05 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.10 2020/05/05 15:31:42 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.11 2020/05/06 18:31:05 riastradh Exp $"); #include <sys/param.h> #include <sys/types.h> @@ -550,7 +550,7 @@ entropy_seed(rndsave_t *seed) if (E->stage >= ENTROPY_WARM) mutex_enter(&E->lock); seeded = E->seeded; - E->seeded = true; + E->seeded = (seed->entropy > 0); if (E->stage >= ENTROPY_WARM) mutex_exit(&E->lock); @@ -563,7 +563,8 @@ entropy_seed(rndsave_t *seed) printf("entropy: double-seeded by bootloader\n"); seed->entropy = 0; } else { - printf("entropy: entering seed from bootloader\n"); + printf("entropy: entering seed from bootloader" + " with %u bits of entropy\n", (unsigned)seed->entropy); } /* Enter it into the pool and promptly zero it. */ @@ -2197,7 +2198,7 @@ entropy_ioctl(unsigned long cmd, void *d * load a seed from disk that we have already loaded * from the bootloader, so we don't double-count it. */ - if (privileged) { + if (privileged && rdata->entropy && rdata->len) { mutex_enter(&E->lock); if (!E->seeded) { entropybits = MIN(rdata->entropy,