summaryrefslogtreecommitdiffstats
path: root/src/random-seed/random-seed.c
diff options
context:
space:
mode:
authorFranck Bui <fbui@suse.com>2022-10-24 11:30:29 +0200
committerLuca Boccassi <luca.boccassi@gmail.com>2022-11-09 18:41:30 +0100
commita2f0dbb81004685d17f71fed48dc50027ccadb82 (patch)
treebdac53ae126957dda1b6d11bee67cbe3f6faccc3 /src/random-seed/random-seed.c
parentMerge pull request #25321 from poettering/acpi-timing-fix (diff)
downloadsystemd-a2f0dbb81004685d17f71fed48dc50027ccadb82.tar.xz
systemd-a2f0dbb81004685d17f71fed48dc50027ccadb82.zip
random-seed: make sure to load machine id even if the seed file is missing
Diffstat (limited to '')
-rw-r--r--src/random-seed/random-seed.c49
1 files changed, 29 insertions, 20 deletions
diff --git a/src/random-seed/random-seed.c b/src/random-seed/random-seed.c
index 65de1aa986..04c2a29762 100644
--- a/src/random-seed/random-seed.c
+++ b/src/random-seed/random-seed.c
@@ -131,6 +131,27 @@ static int random_seed_size(int seed_fd, size_t *ret_size) {
return 0;
}
+static void load_machine_id(int urandom_fd) {
+ sd_id128_t mid;
+ int r;
+
+ assert(urandom_fd >= 0);
+
+ /* As an extra protection against "golden images" that are put together sloppily, i.e. images which
+ * are duplicated on multiple systems but where the random seed file is not properly
+ * reset. Frequently the machine ID is properly reset on those systems however (simply because it's
+ * easier to notice, if it isn't due to address clashes and so on, while random seed equivalence is
+ * generally not noticed easily), hence let's simply write the machined ID into the random pool
+ * too. */
+ r = sd_id128_get_machine(&mid);
+ if (r < 0)
+ return (void) log_debug_errno(r, "Failed to get machine ID, ignoring: %m");
+
+ r = random_write_entropy(urandom_fd, &mid, sizeof(mid), /* credit= */ false);
+ if (r < 0)
+ log_debug_errno(r, "Failed to write machine ID to /dev/urandom, ignoring: %m");
+}
+
static int load_seed_file(
int seed_fd,
int urandom_fd,
@@ -139,28 +160,12 @@ static int load_seed_file(
_cleanup_free_ void *buf = NULL;
CreditEntropy lets_credit;
- sd_id128_t mid;
ssize_t k;
int r;
assert(seed_fd >= 0);
assert(urandom_fd >= 0);
- /* First, let's write the machine ID into /dev/urandom, not crediting entropy. Why? As an extra
- * protection against "golden images" that are put together sloppily, i.e. images which are
- * duplicated on multiple systems but where the random seed file is not properly reset. Frequently
- * the machine ID is properly reset on those systems however (simply because it's easier to notice,
- * if it isn't due to address clashes and so on, while random seed equivalence is generally not
- * noticed easily), hence let's simply write the machined ID into the random pool too. */
- r = sd_id128_get_machine(&mid);
- if (r < 0)
- log_debug_errno(r, "Failed to get machine ID, ignoring: %m");
- else {
- r = random_write_entropy(urandom_fd, &mid, sizeof(mid), /* credit= */ false);
- if (r < 0)
- log_debug_errno(r, "Failed to write machine ID to /dev/urandom, ignoring: %m");
- }
-
buf = malloc(seed_size);
if (!buf)
return log_oom();
@@ -402,6 +407,14 @@ static int run(int argc, char *argv[]) {
switch (arg_action) {
case ACTION_LOAD:
+ random_fd = open("/dev/urandom", O_RDWR|O_CLOEXEC|O_NOCTTY);
+ if (random_fd < 0)
+ return log_error_errno(errno, "Failed to open /dev/urandom: %m");
+
+ /* First, let's write the machine ID into /dev/urandom, not crediting entropy. See
+ * load_machine_id() for an explanation why. */
+ load_machine_id(random_fd);
+
seed_fd = open(RANDOM_SEED, O_RDWR|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
if (seed_fd < 0) {
int open_rw_error = -errno;
@@ -421,10 +434,6 @@ static int run(int argc, char *argv[]) {
} else
write_seed_file = true;
- random_fd = open("/dev/urandom", O_RDWR|O_CLOEXEC|O_NOCTTY);
- if (random_fd < 0)
- return log_error_errno(errno, "Failed to open /dev/urandom: %m");
-
read_seed_file = true;
synchronous = true; /* make this invocation a synchronous barrier for random pool initialization */
break;