summaryrefslogtreecommitdiffstats
path: root/src/random-seed (follow)
Commit message (Collapse)AuthorAgeFilesLines
* random-seed: don't refresh EFI random seed from random-seed.c anymoreLennart Poettering2023-01-041-109/+2
| | | | | | | | | | | | | | The ESP is simply not mounted early enough for this. We want that the regular random seed handling runs as early as we possibly could, but we don't want to delay this until the ESP is actually mounted. Hence, let's remove this from random-seed.c here. A follow-up commit will then add this back in, in a separate service which just calls "bootctl random-seed". Effectively reverts: f913c784ad4c93894fd6cb2590738113dff5a694 Fixes: #25769
* sha256: add helper than hashes a buffer *and* its sizeLennart Poettering2023-01-041-8/+4
| | | | | We use this pattern all the time in order to thward extension attacks, add a helper to make it shorter.
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-2/+2
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* random-seed: handle post-merge review nitsJason A. Donenfeld2022-11-171-30/+31
| | | | These are various misc things that came up after merging.
* random-seed: refresh EFI boot seed when writing a new seedJason A. Donenfeld2022-11-141-11/+111
| | | | | | | | | | | Since this runs at shutdown to write a new seed, we should also keep the bootloader's seed maximally fresh by doing the same. So we follow the same pattern - hash some new random bytes with the old seed to make a new seed. We let this fail without warning, because it's just an opportunistic thing. If the user happens to have set up the random seed with bootctl, and the RNG is initialized, then things should be fine. If not, we create a new seed if systemd-boot is in use. And if not, then we just don't do anything.
* random-seed: make sure to load machine id even if the seed file is missingFranck Bui2022-11-091-20/+29
|
* basic: move version() to build.h+cZbigniew Jędrzejewski-Szmek2022-11-081-1/+1
|
* random-seed: clarify one commentFranck Bui2022-10-251-3/+4
|
* random-seed: downgrade some messagesFranck Bui2022-10-251-2/+2
| | | | | In these cases, we eat up the error and propagate success so we should log at warning level only.
* random_seed: minor improvement in run()Franck Bui2022-10-251-5/+5
|
* random-seed: split out run()Franck Bui2022-10-251-143/+184
| | | | No functional change.
* random-seed: no need to pass 'mode' argument when opening /dev/urandomFranck Bui2022-10-251-1/+1
| | | | | | The open() call is not supposed to create /dev/urandom. No functional change.
* random-seed: make the logic to calculate the number of bytes read from the ↵Franck Bui2022-10-251-10/+19
| | | | | | | | | random seed file clearer We want the size to lie within [/proc/sys/kernel/random/poolsize,RANDOM_POOL_SIZE_MAX] interval. Let's make it more obvious. Also move the logic in a dedicated function.
* random-seed: use getopt()Franck Bui2022-10-251-13/+103
| | | | | | | | It's not really necessary since systemd-random-seed is an internal tool for the moment but this might change in future (to allow system installers to initialize a random seed file for example). Also introducing new options will be easier.
* random-seed: make one more use of random_write_entropy()Franck Bui2022-10-211-1/+1
| | | | No functional change.
* random-seed: shorten a bit may_credit()Franck Bui2022-10-211-11/+8
| | | | No functional change.
* tree-wide: add ERRNO_IS_XATTR_ABSENT() helperLennart Poettering2022-10-101-2/+2
| | | | | We check the same list of error codes on various xattr operations, and we should on some more. Add a common helper for this purpose.
* random-seed: use SHA256_DIGEST_SIZELennart Poettering2022-08-191-1/+1
|
* random-seed: add missing %m in error messageLennart Poettering2022-01-311-1/+1
|
* random-seed: cleanup code nitsJason A. Donenfeld2022-01-051-15/+15
| | | | | | This incorporates various nits from the post-merge review on #21986. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* random-seed: hash together old seed and new seed before writing out fileJason A. Donenfeld2022-01-041-1/+25
| | | | | | | | | | | | | If we're consuming an on-disk seed, we usually write out a new one after consuming it. In that case, we might be at early boot and the randomness could be rather poor, and the kernel doesn't guarantee that it'll use the new randomness right away for us. In order to prevent the new entropy from getting any worse, hash together the old seed and the new seed, and replace the final bytes of the new seed with the hash output. This way, entropy strictly increases and never regresses. Fixes: https://github.com/systemd/systemd/issues/21983 Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* basic: split out sync() family of calls from fs-util.[ch] into new c/h fileLennart Poettering2021-10-051-0/+1
| | | | No changes in code, just some splitting out.
* partition, random-seed, logind: fix log messages with %mZbigniew Jędrzejewski-Szmek2021-04-141-1/+1
| | | | | We would print "...: Success", which is not too terrible, but not pretty either.
* tree-wide: enable colorized logging for daemons when run in consoleYu Watanabe2021-01-311-1/+1
| | | | It may be useful when debugging daemons.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* random-util: add common helper random_write_entropy() for crediting entropy ↵Lennart Poettering2020-06-241-18/+4
| | | | to the kernel's pool
* random-seed: use ERRNO_IS_NOT_SUPPORTED() where appropriateLennart Poettering2020-06-241-1/+1
|
* random-seed: add missing header for GRND_NONBLOCK (#14988)Romain Naour2020-03-021-0/+1
| | | | | | | | | | | | | GRND_NONBLOCK has been introduced with the 3.17 kernel version [1] while adding getrandom(2) system call. The header missing_random.h is needed for random-seed.c when building with old toolchain, such Sourcery CodeBench ARM 2014.05 (kernel headers 3.13). Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/454255917 [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
* tree-wide: drop string.h when string-util.h or friends are includedYu Watanabe2019-11-031-1/+0
|
* tree-wide: drop missing.hYu Watanabe2019-10-311-1/+1
|
* random-seed: rework systemd-random-seed.service substantiallyLennart Poettering2019-07-251-34/+191
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes two major changes to the way systemd-random-seed operates: 1. We now optionally credit entropy if this is configured (via an env var). Previously we never would do that, with this change we still don't by default, but it's possible to enable this if people acknowledge that they shouldn't replicate an image with a contained random seed to multiple systems. Note that in this patch crediting entropy is a boolean thing (unlike in previous attempts such as #1062), where only a relative amount of bits was credited. The simpler scheme implemented here should be OK though as the random seeds saved to disk are now written only with data from the kernel's entropy pool retrieved after the pool is fully initialized. Specifically: 2. This makes systemd-random-seed.service a synchronization point for kernel entropy pool initialization. It was already used like this, for example by systemd-cryptsetup-generator's /dev/urandom passphrase handling, with this change it explicitly operates like that (at least systems which provide getrandom(), where we can support this). This means services that rely on an initialized random pool should now place After=systemd-random-seed.service and everything should be fine. Note that with this change sysinit.target (and thus early boot) is NOT systematically delayed until the entropy pool is initialized, i.e. regular services need to add explicit ordering deps on this service if they require an initialized random pool. Fixes: #4271 Replaces: #10621 #4513
* random-seed: drop falling back to O_WRONLY if O_RDWR on /dev/urandom doesn't ↵Lennart Poettering2019-07-251-7/+2
| | | | | | | | work There's no reason why writing should work if reading and writing doesn't. Let's simplify this hence. /dev/urandom is generally an r/w device, and everything else would be a serious system misconfiguration.
* random-seed: reduce scope of variableLennart Poettering2019-07-251-2/+2
|
* random-seed: move pool size determination to random-util.[ch]Lennart Poettering2019-07-251-18/+4
| | | | That way we can reuse it elsewhere.
* tree-wide: port various places over to use chmod_and_chown()Lennart Poettering2019-05-241-2/+2
| | | | Doing this properly is hard, hence let's unify the code.
* random-seed: don't use "label" version of mkdir_parents()Lennart Poettering2019-03-071-1/+1
| | | | | | | | | | We don't load the selinux label database anyway, hence this is not going to do anything at all. Let's simplify this hence and drop the explicit request. Also note that today SELinux can take the filename into account when automatically deducing the label for a new file, hence even if this code actually would have done something it is redundant today.
* coccinelle: make use of SYNTHETIC_ERRNOZbigniew Jędrzejewski-Szmek2018-11-221-12/+9
| | | | | | | | | | | Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
* log: introduce new helper call log_setup_service()Lennart Poettering2018-11-201-3/+1
| | | | | Let's reduce the common boilerplate and have a single setup function used by all service code to setup logging.
* util-lib: move main() definition macros to its own header fileLennart Poettering2018-11-191-0/+1
| | | | | | | | | This way, we can extend the macro a bit with stuff pulled in from other headers without this affecting everything which pulls in macro.h, which is one of our most basic headers. This is just refactoring, no change in behaviour, in prepartion for later changes.
* random-seed: configure logging before use and define main through macroZbigniew Jędrzejewski-Szmek2018-11-171-46/+27
|
* random-seed: write the machine ID into /dev/urandom as wellLennart Poettering2018-08-201-0/+19
| | | | | | | | | | | | | | | | This is some extra protection for sloppy "golden master" systems, where images are duplicated many times but the random seed is not deleted (or reset for each copy). That golden master systems have to reset /etc/machine-id is better known, and easier to notice (as having the same ID will result in address conflicts and suchlike quite often). Hence let's write the machine ID into /dev/urandom, in case it has been initialized and unlikely the stored random seed has been provisioned differently on each image. Note that we don't credit the entropy either way, hence in the case there's a cycle of a) generating the machine-id early at boot and b) writing it back into /dev/urandom late at boot it shouldn't matter. It's never going to make things worse, just in a few cases better.
* random-seed: read the full seed file, even if it is larger than 512 byteLennart Poettering2018-08-061-33/+55
| | | | | | | | | | | | | | | | Previously, we'd only ever read 512 byte from the random seed file, under the assumption we won't need more. With this change we'll read the full file, even if it is larger. The idea behind htis change is that people can dump additional data into the random seed file offline if they like, and it can be low quality, and we'll seed the pool with it anyway. Moreover, if people are paranoid and want us to save/restore a bigger seed, it's easy to do: just truncate the file to the right size and we'll save/restore as much in the future. This also reworks the file a bit, introducing two clear if blocks that load and that save the random seed, and that each are conditionalized more carefully.
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-3/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
| | | | | This follows what the kernel is doing, c.f. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
* build-sys: drop automake supportZbigniew Jędrzejewski-Szmek2017-07-181-1/+0
| | | | | v2: - also mention m4
* tree-wide: remove Emacs lines from all filesDaniel Mack2016-02-101-2/+0
| | | | | This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
* random-seed: provide nicer error message when unable to open fileZbigniew Jędrzejewski-Szmek2016-02-071-6/+16
| | | | | | | | | | | | If /var is read-only, and the seed file does not exist, we would print a misleading error message for ENOENT. Print both messages instead, to make it easy to diagonose. Also, treat the cases of missing seed file the same as empty seed file and exit successfully. Initialize the return code properly. Fixes https://github.com/systemd/systemd/issues/2530, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813599.
* util-lib: split out allocation calls into alloc-util.[ch]Lennart Poettering2015-10-271-0/+1
|