From patchwork Thu Jun 16 09:38:11 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Etienne Champetier X-Patchwork-Id: 636319 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2001:1868:205::9]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3rVdfJ2mjkz9t1H for ; Thu, 16 Jun 2016 19:40:24 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=Qm9vHSL7; dkim-atps=neutral Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1bDTlA-0000p1-1X; Thu, 16 Jun 2016 09:38:48 +0000 Received: from mail-wm0-x241.google.com ([2a00:1450:400c:c09::241]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1bDTl4-0000C0-JH for lede-dev@lists.infradead.org; Thu, 16 Jun 2016 09:38:45 +0000 Received: by mail-wm0-x241.google.com with SMTP id r5so10031668wmr.0 for ; Thu, 16 Jun 2016 02:38:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=CAZ7pw8y+Ue64HnJYpxpzjIKD5AXUfbnHhDN8g6AwaQ=; b=Qm9vHSL7oDk5x3lKpdgOJnCvawVJuvGHjclExTGtnYSjTm8QfSXOQXN0NqIcPtttA3 j4Ddp40x4zzpXr/Y+I8/1PAYVNe2P6o2mcuIabt6oI5zoHD1ATD76iKRBpRhNAShYoC3 kxCPtaXSRizRI7/zo7pob2ThHZ183fYVXp02lfHASLMvJuOZnT0AHZg2lDNwDG9DLeeR jlBA3LIr7zfKAJYsptRLmp+9KGSAxbd6/PxZvaJz47EKVZwHcAZq4ORwh30h3W6IVKbB 0Llom2k7NQO73QPa2XIC4hLya5c+Zn8EVqsqCKo2QvzbGzf6djc/cXn0gIe3iGocOASE fwiw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=CAZ7pw8y+Ue64HnJYpxpzjIKD5AXUfbnHhDN8g6AwaQ=; b=aOjt3S5ZZR0YtJ085tWvcNe3kolG85GwWEgA616dsnVjk+EmKjqOzrEIAv5/aF9iZH 2V3nWtrOycZ8DvFQKbErr4WNXLkcwEVD+5CFhULCJwXt/adtuQRROjqaXKtFDium1/3a NjrsYUMDehzMx5zML6uPdcv/iWFp1zSJ+/LEP68TeYRbiOzKCQFD/ZwAlJ4JYjhQ3XiJ 0/7/BjfWrA98FYdJ2FhcAD38QY+NmPTpXJddUFa7WafMtbUdYMsIQK1ToMMjky1Y/0wD PH81WhD2tVoWEQ7PB8jir0d4TSKSpiWKWvmkqLsv5t/CHtU+deT5gmG4hyFc1QBZWgk2 yAew== X-Gm-Message-State: ALyK8tKshP+QBwrAMNeTKXmcTtBv+2kX9h02BH0iycRgKL+m0YKwSxhx4cHsuaeV66cpPQ== X-Received: by 10.28.48.138 with SMTP id w132mr3637065wmw.44.1466069900780; Thu, 16 Jun 2016 02:38:20 -0700 (PDT) Received: from ubuntu1404.lxcnattst (ns623510.ovh.net. [5.135.134.9]) by smtp.gmail.com with ESMTPSA id bh7sm10672161wjb.22.2016.06.16.02.38.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 16 Jun 2016 02:38:19 -0700 (PDT) From: Etienne CHAMPETIER To: lede-dev@lists.infradead.org Date: Thu, 16 Jun 2016 09:38:11 +0000 Message-Id: <1466069891-28577-1-git-send-email-champetier.etienne@gmail.com> X-Mailer: git-send-email 1.9.1 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160616_023843_288185_B9A96B18 X-CRM114-Status: GOOD ( 14.19 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:241 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (champetier.etienne[at]gmail.com) -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid Subject: [LEDE-DEV] [PATCH v4] base-files: seed /dev/urandom X-BeenThere: lede-dev@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Etienne CHAMPETIER MIME-Version: 1.0 Sender: "Lede-dev" Errors-To: lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This commit: 1) seed /dev/urandom with a saved seed as early as possible (see /lib/preinit/81_urandom_seed) 2) save a new seed if system.@system[0].write_urandom_seed_on_boot == 1 or if none exists. We use getrandom() so we are sure /dev/urandom pool is initialized (see /etc/init.d/urandom_seed) seed size is 512 bytes (ie /proc/sys/kernel/random/poolsize / 8) it's the same size as in ubuntu 14.04 and all systemd systems seed file is /etc/urandom.seed (need a writable path) seeding /dev/urandom doesn't change entropy estimation, so we still have "random: ubus urandom read with 4 bits of entropy available" messages in the logs, but we can now ignore them if after "urandom-seed: Seeding with ..." message for now saving a new seed is disabled by default as Felix and John are concerned we might write too much and destroy the flash v2: log preinit messages to /dev/kmsg v3: use non generic function name for logging, as /lib/preinit/ files are all sourced together in /etc/preinit v4: after a lot of discussion on the ML, use a config param Signed-off-by: Etienne CHAMPETIER --- package/base-files/files/bin/config_generate | 1 + package/base-files/files/etc/init.d/urandom_seed | 28 ++++++++++++++++++++++ .../base-files/files/lib/preinit/81_urandom_seed | 19 +++++++++++++++ 3 files changed, 48 insertions(+) create mode 100755 package/base-files/files/etc/init.d/urandom_seed create mode 100644 package/base-files/files/lib/preinit/81_urandom_seed diff --git a/package/base-files/files/bin/config_generate b/package/base-files/files/bin/config_generate index 8002bc4..9bccead 100755 --- a/package/base-files/files/bin/config_generate +++ b/package/base-files/files/bin/config_generate @@ -230,6 +230,7 @@ generate_static_system() { set system.@system[-1].timezone='UTC' set system.@system[-1].ttylogin='0' set system.@system[-1].log_size='64' + set system.@system[-1].write_urandom_seed_on_boot='0' delete system.ntp set system.ntp='timeserver' diff --git a/package/base-files/files/etc/init.d/urandom_seed b/package/base-files/files/etc/init.d/urandom_seed new file mode 100755 index 0000000..f950685 --- /dev/null +++ b/package/base-files/files/etc/init.d/urandom_seed @@ -0,0 +1,28 @@ +#!/bin/sh /etc/rc.common + +START=99 + +EXTRA_COMMANDS="save" + +SEED=/etc/urandom.seed + +error_exit() { + logger -t urandom_seed "$1" + exit 1 +} + +save() { + touch $SEED.tmp || error_exit "touch failed" + chown root:root $SEED.tmp || error_exit "chown failed" + chmod 600 $SEED.tmp || error_exit "chmod failed" + getrandom 512 > $SEED.tmp || error_exit "getrandom failed" + mv $SEED.tmp $SEED || error_exit "mv failed" +} + +boot() { + [ -f $SEED ] || { + save + exit 0 + } + [ "$(uci get system.@system[0].write_urandom_seed_on_boot)" == "1" ] && save +} diff --git a/package/base-files/files/lib/preinit/81_urandom_seed b/package/base-files/files/lib/preinit/81_urandom_seed new file mode 100644 index 0000000..a1457aa --- /dev/null +++ b/package/base-files/files/lib/preinit/81_urandom_seed @@ -0,0 +1,19 @@ +#!/bin/sh + +log_urandom_seed() { + echo "urandom-seed: $1" > /dev/kmsg +} + +do_urandom_seed() { + S=/etc/urandom.seed + U=/dev/urandom + + [ -c $U ] || { log_urandom_seed "Something is wrong with $U"; return; } + [ -f $S ] || { log_urandom_seed "Seed file not found ($S)"; return; } + [ -O $S -a -G $S -a ! -x $S ] || { log_urandom_seed "Wrong owner / permissions for $S"; return; } + + log_urandom_seed "Seeding with $S" + cat $S > $U +} + +boot_hook_add preinit_main do_urandom_seed