summaryrefslogtreecommitdiffstats
path: root/src/core/efi-random.c
blob: c4d25d68e426c5cc2b8425dda2153a818a75936a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/* SPDX-License-Identifier: LGPL-2.1+ */

#include <fcntl.h>
#include <linux/random.h>
#include <sys/ioctl.h>
#include <unistd.h>

#include "alloc-util.h"
#include "chattr-util.h"
#include "efi-random.h"
#include "efivars.h"
#include "fd-util.h"
#include "fs-util.h"
#include "strv.h"

/* If a random seed was passed by the boot loader in the LoaderRandomSeed EFI variable, let's credit it to
 * the kernel's random pool, but only once per boot. If this is run very early during initialization we can
 * instantly boot up with a filled random pool.
 *
 * This makes no judgement on the entropy passed, it's the job of the boot loader to only pass us a seed that
 * is suitably validated. */

static void lock_down_efi_variables(void) {
        const char *p;
        int r;

        /* Paranoia: let's restrict access modes of these a bit, so that unprivileged users can't use them to
         * identify the system or gain too much insight into what we might have credited to the entropy
         * pool. */
        FOREACH_STRING(p,
                       "/sys/firmware/efi/efivars/LoaderRandomSeed-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f",
                       "/sys/firmware/efi/efivars/LoaderSystemToken-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f") {

                r = chattr_path(p, 0, FS_IMMUTABLE_FL, NULL);
                if (r == -ENOENT)
                        continue;
                if (r < 0)
                        log_warning_errno(r, "Failed to drop FS_IMMUTABLE_FL from %s, ignoring: %m", p);

                if (chmod(p, 0600) < 0)
                        log_warning_errno(errno, "Failed to reduce access mode of %s, ignoring: %m", p);
        }
}

int efi_take_random_seed(void) {
        _cleanup_free_ struct rand_pool_info *info = NULL;
        _cleanup_free_ void *value = NULL;
        _cleanup_close_ int random_fd = -1;
        size_t size;
        int r;

        /* Paranoia comes first. */
        lock_down_efi_variables();

        if (access("/run/systemd/efi-random-seed-taken", F_OK) < 0) {
                if (errno != ENOENT) {
                        log_warning_errno(errno, "Failed to determine whether we already used the random seed token, not using it.");
                        return 0;
                }

                /* ENOENT means we haven't used it yet. */
        } else {
                log_debug("EFI random seed already used, not using again.");
                return 0;
        }

        r = efi_get_variable(EFI_VENDOR_LOADER, "LoaderRandomSeed", NULL, &value, &size);
        if (r == -EOPNOTSUPP) {
                log_debug_errno(r, "System lacks EFI support, not initializing random seed from EFI variable.");
                return 0;
        }
        if (r == -ENOENT) {
                log_debug_errno(r, "Boot loader did not pass LoaderRandomSeed EFI variable, not crediting any entropy.");
                return 0;
        }
        if (r < 0)
                return log_warning_errno(r, "Failed to read LoaderRandomSeed EFI variable, ignoring: %m");

        if (size == 0)
                return log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Random seed passed from boot loader has zero size? Ignoring.");

        /* The kernel API only accepts "int" as entropy count (which is in bits), let's avoid any chance for
         * confusion here. */
        if (size > INT_MAX / 8)
                size = INT_MAX / 8;

        random_fd = open("/dev/urandom", O_WRONLY|O_CLOEXEC|O_NOCTTY);
        if (random_fd < 0)
                return log_warning_errno(errno, "Failed to open /dev/urandom for writing, ignoring: %m");

        /* Before we use the seed, let's mark it as used, so that we never credit it twice. Also, it's a nice
         * way to let users known that we successfully acquired entropy from the boot laoder. */
        r = touch("/run/systemd/efi-random-seed-taken");
        if (r < 0)
                return log_warning_errno(r, "Unable to mark EFI random seed as used, not using it: %m");

        info = malloc(offsetof(struct rand_pool_info, buf) + size);
        if (!info)
                return log_oom();

        info->entropy_count = size * 8;
        info->buf_size = size;
        memcpy(info->buf, value, size);

        if (ioctl(random_fd, RNDADDENTROPY, info) < 0)
                return log_warning_errno(errno, "Failed to credit entropy, ignoring: %m");

        log_info("Successfully credited entropy passed from boot loader.");
        return 1;
}