Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sbin/rndctl Trigger entropy consolidation before saving seed.



details:   https://anonhg.NetBSD.org/src/rev/ded3e07bbb2d
branches:  trunk
changeset: 1009926:ded3e07bbb2d
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Thu May 07 19:13:38 2020 +0000

description:
Trigger entropy consolidation before saving seed.

This way, whenever /etc/security runs infrequently (daily), or the
operator manually issues rndctl -S, we ensure that all samples taken
during the entire boot are hashed together in the seed for the next
boot.

This should be infrequent enough that it's unlikely to enable the
iterative-guessing attacks that we try to mitigate by not frequently
consolidating entropy.

diffstat:

 sbin/rndctl/rndctl.c |  15 +++++++++++++--
 1 files changed, 13 insertions(+), 2 deletions(-)

diffs (50 lines):

diff -r 1356be8acdc5 -r ded3e07bbb2d sbin/rndctl/rndctl.c
--- a/sbin/rndctl/rndctl.c      Thu May 07 19:12:45 2020 +0000
+++ b/sbin/rndctl/rndctl.c      Thu May 07 19:13:38 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: rndctl.c,v 1.35 2020/05/07 19:12:45 riastradh Exp $    */
+/*     $NetBSD: rndctl.c,v 1.36 2020/05/07 19:13:38 riastradh Exp $    */
 
 /*-
  * Copyright (c) 1997 Michael Graff.
@@ -31,7 +31,7 @@
 
 #include <sys/cdefs.h>
 #ifndef lint
-__RCSID("$NetBSD: rndctl.c,v 1.35 2020/05/07 19:12:45 riastradh Exp $");
+__RCSID("$NetBSD: rndctl.c,v 1.36 2020/05/07 19:13:38 riastradh Exp $");
 #endif
 
 #include <sys/param.h>
@@ -40,6 +40,7 @@
 #include <sys/ioctl.h>
 #include <sys/rndio.h>
 #include <sys/sha3.h>
+#include <sys/sysctl.h>
 
 #include <err.h>
 #include <errno.h>
@@ -251,6 +252,11 @@
        char tmp[PATH_MAX];
        int fd_seed;
 
+       /* Consolidate any pending samples.  */
+       if (sysctlbyname("kern.entropy.consolidate", NULL, NULL,
+               (const int[]){1}, sizeof(int)) == -1)
+               warn("consolidate entropy");
+
        /* Format the temporary file name.  */
        if (snprintf(tmp, sizeof tmp, "%s.tmp", filename) >= PATH_MAX)
                errx(1, "path too long");
@@ -367,6 +373,11 @@
 
        /*
         * 2. Feed the old seed into the kernel.
+        *
+        * This also has the effect of consolidating pending samples,
+        * whether or not there are enough samples from sources deemed
+        * to have full entropy, so that the updated seed will
+        * incorporate them.
         */
        rd.len = MIN(sizeof(rd.data), sizeof(rs.data));
        rd.entropy = rs.entropy;



Home | Main Index | Thread Index | Old Index