Module Name: src
Committed By: riastradh
Date: Wed May 6 18:31:05 UTC 2020
Modified Files:
src/sys/kern: kern_entropy.c
Log Message:
Don't reject seed file entropy estimates, until one is nonzero.
We try to avoid counting the seed file's entropy twice, e.g. once
from the boot loader and once from rndctl via /etc/rc.d/random_seed.
But previously, if you had a /var/db/entropy-file that was deemed to
have zero entropy, that would prevent rndctl -L from _ever_ setting a
nonzero entropy estimate, even if you (say) copy a seed file over
from another machine (over a non-eavesdroppable medium) and try to
load it in with rndctl -L, e.g. via `/etc/rc.d/random_seed start'.
Now we accept the first _nonzero_ entropy estimate from a seed file.
The operator can still always trick the kernel into believing there's
entropy in the system by writing data to /dev/random, if the operator
knows something the kernel doesn't; this only affects the _automated_
seed file loading.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/kern/kern_entropy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.10 src/sys/kern/kern_entropy.c:1.11
--- src/sys/kern/kern_entropy.c:1.10 Tue May 5 15:31:42 2020
+++ src/sys/kern/kern_entropy.c Wed May 6 18:31:05 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_entropy.c,v 1.10 2020/05/05 15:31:42 riastradh Exp $ */
+/* $NetBSD: kern_entropy.c,v 1.11 2020/05/06 18:31:05 riastradh Exp $ */
/*-
* Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -77,7 +77,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.10 2020/05/05 15:31:42 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.11 2020/05/06 18:31:05 riastradh Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -550,7 +550,7 @@ entropy_seed(rndsave_t *seed)
if (E->stage >= ENTROPY_WARM)
mutex_enter(&E->lock);
seeded = E->seeded;
- E->seeded = true;
+ E->seeded = (seed->entropy > 0);
if (E->stage >= ENTROPY_WARM)
mutex_exit(&E->lock);
@@ -563,7 +563,8 @@ entropy_seed(rndsave_t *seed)
printf("entropy: double-seeded by bootloader\n");
seed->entropy = 0;
} else {
- printf("entropy: entering seed from bootloader\n");
+ printf("entropy: entering seed from bootloader"
+ " with %u bits of entropy\n", (unsigned)seed->entropy);
}
/* Enter it into the pool and promptly zero it. */
@@ -2197,7 +2198,7 @@ entropy_ioctl(unsigned long cmd, void *d
* load a seed from disk that we have already loaded
* from the bootloader, so we don't double-count it.
*/
- if (privileged) {
+ if (privileged && rdata->entropy && rdata->len) {
mutex_enter(&E->lock);
if (!E->seeded) {
entropybits = MIN(rdata->entropy,
