Attachment #630992 for bug #926169

View | Details | Raw Unified | Return to bug 926169
Collapse All | Expand All




--
systemd-210/src/random-seed/random-seed.c |   73 +++++++++++++++++++++++++-----
1 file changed, 62 insertions(+), 11 deletions(-)
-- systemd-210/src/random-seed/random-seed.c

#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
#include <linux/random.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/stat.h>

#include "log.h"

#define POOL_SIZE_MIN 512

int main(int argc, char *argv[]) {
        _cleanup_close_ int seed_fd = -1, random_fd = -1, entropy_fd = -1;
        _cleanup_free_ struct rand_pool_info *entropy = NULL;
        size_t buf_size = 0;
        ssize_t k;
        int r;

        if (buf_size <= POOL_SIZE_MIN)
                buf_size = POOL_SIZE_MIN;

        entropy = (struct rand_pool_info*) malloc(sizeof(struct rand_pool_info) + buf_size);
        if (!entropy) {
                r = log_oom();
                goto finish;
        }
        entropy->buf_size = buf_size;

        r = mkdir_parents_label(RANDOM_SEED, 0755);
        if (r < 0) {


        if (streq(argv[1], "load")) {

                entropy_fd = open(RANDOM_SEED_DIR "entropy_count", O_RDONLY|O_CLOEXEC|O_NOCTTY, 0600);
                if (entropy_fd < 0) {
                         entropy->entropy_count = 0;                    
                         if (errno != ENOENT) {
                                log_error("Failed to open " RANDOM_SEED "/entropy_count: %m");
                                r = -errno;
                                goto finish;
                         }
                } else {
                        r = read(entropy_fd, &entropy->entropy_count, sizeof(entropy->entropy_count));
                        if (r < 0) {
                                log_error("Failed to read entropy count file: %m");
                                r = -errno;
                                goto finish;
                        }
                }

                seed_fd = open(RANDOM_SEED, O_RDWR|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
                if (seed_fd < 0) {
                        seed_fd = open(RANDOM_SEED, O_RDONLY|O_CLOEXEC|O_NOCTTY);

                        }
                }

                k = loop_read(seed_fd, entropy->buf, entropy->buf_size, false);
                if (k <= 0) {

                        if (r != 0)

                } else {
                        lseek(seed_fd, 0, SEEK_SET);

                        if (entropy->entropy_count && (size_t) k == entropy->buf_size) {
                                r = ioctl(random_fd, RNDADDENTROPY, entropy);
                                if (r < 0) {
                                        log_error("Failed to write seed to /dev/urandom: %m");
                                        r = -errno;
                                }
                        } else {
                                k = loop_write(random_fd, entropy->buf, (size_t) k, false);
                                if (k <= 0) {
                                        log_error("Failed to write seed to /dev/urandom: %s", r < 0 ? strerror(-r) : "short write");

                                        r = k == 0 ? -EIO : (int) k;
                                }
                        }
                }

        } else if (streq(argv[1], "save")) {

                /* Read available entropy count, if possible */
                f = fopen("/proc/sys/kernel/random/entropy_avail", "re");
                if (f) {
                        if (fscanf(f, "%zu", &entropy->entropy_count) < 0)
                                entropy->entropy_count = 0;
                        fclose(f);
                }

                seed_fd = open(RANDOM_SEED, O_WRONLY|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
                if (seed_fd < 0) {
                        log_error("Failed to open " RANDOM_SEED ": %m");

                        goto finish;
                }

                if (entropy->entropy_count) {
                        entropy_fd = open(RANDOM_SEED_DIR "entropy_count", O_WRONLY|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
                        if (seed_fd < 0) {
                                log_error("Failed to open " RANDOM_SEED_DIR "entropy_count: %m");
                                r = -errno;
                                goto finish;
                        }
                        r = write(entropy_fd, &entropy->entropy_count, sizeof(entropy->entropy_count));
                        if (r < 0) {
                                log_error("Failed to write entropy count file: %m");
                                r = -errno;
                                goto finish;
                        }
                }

        } else {
                log_error("Unknown verb %s.", argv[1]);
                r = -EINVAL;

        fchmod(seed_fd, 0600);
        fchown(seed_fd, 0, 0);

        k = loop_read(random_fd, entropy->buf, entropy->buf_size, false);
        if (k <= 0) {
                log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");
                r = k == 0 ? -EIO : (int) k;
        } else {
                r = loop_write(seed_fd, entropy->buf, (size_t) k, false);
                if (r <= 0) {
                        log_error("Failed to write new random seed file: %s", r < 0 ? strerror(-r) : "short write");
                        r = r == 0 ? -EIO : r;

Return to bug 926169

Line Link Here

(-) (-13 / +62 lines)
	--
1	systemd-210/src/random-seed/random-seed.c \| 73 +++++++++++++++++++++++++-----		systemd-210/src/random-seed/random-seed.c \| 73 +++++++++++++++++++++++++-----
2	1 file changed, 62 insertions(+), 11 deletions(-)	1	1 file changed, 62 insertions(+), 11 deletions(-)
3	-- systemd-210/src/random-seed/random-seed.c
Lines 22-28 Link Here
22	#include <unistd.h>	22	#include <unistd.h>
23	#include <fcntl.h>	23	#include <fcntl.h>
24	#include <errno.h>	24	#include <errno.h>
		25	#include <linux/random.h>
25	#include <string.h>	26	#include <string.h>
		27	#include <sys/ioctl.h>
26	#include <sys/stat.h>	28	#include <sys/stat.h>
27		29
28	#include "log.h"	30	#include "log.h"
Lines 32-39 Link Here
32	#define POOL_SIZE_MIN 512	34	#define POOL_SIZE_MIN 512
33		35
34	int main(int argc, char *argv[]) {	36	int main(int argc, char *argv[]) {
35	_cleanup_close_ int seed_fd = -1, random_fd = -1;	37	_cleanup_close_ int seed_fd = -1, random_fd = -1, entropy_fd = -1;
36	_cleanup_free_ void* buf = NULL;	38	_cleanup_free_ struct rand_pool_info *entropy = NULL;
37	size_t buf_size = 0;	39	size_t buf_size = 0;
38	ssize_t k;	40	ssize_t k;
39	int r;	41	int r;
Lines 64-74 int main(int argc, char *argv[]) { Link Here
64	if (buf_size <= POOL_SIZE_MIN)	66	if (buf_size <= POOL_SIZE_MIN)
65	buf_size = POOL_SIZE_MIN;	67	buf_size = POOL_SIZE_MIN;
66		68
67	buf = malloc(buf_size);	69	entropy = (struct rand_pool_info*) malloc(sizeof(struct rand_pool_info) + buf_size);
68	if (!buf) {	70	if (!entropy) {
69	r = log_oom();	71	r = log_oom();
70	goto finish;	72	goto finish;
71	}	73	}
		74	entropy->buf_size = buf_size;
72		75
73	r = mkdir_parents_label(RANDOM_SEED, 0755);	76	r = mkdir_parents_label(RANDOM_SEED, 0755);
74	if (r < 0) {	77	if (r < 0) {
Lines 82-87 int main(int argc, char *argv[]) { Link Here
82		85
83	if (streq(argv[1], "load")) {	86	if (streq(argv[1], "load")) {
84		87
		88	entropy_fd = open(RANDOM_SEED_DIR "entropy_count", O_RDONLY\|O_CLOEXEC\|O_NOCTTY, 0600);
		89	if (entropy_fd < 0) {
		90	entropy->entropy_count = 0;
		91	if (errno != ENOENT) {
		92	log_error("Failed to open " RANDOM_SEED "/entropy_count: %m");
		93	r = -errno;
		94	goto finish;
		95	}
		96	} else {
		97	r = read(entropy_fd, &entropy->entropy_count, sizeof(entropy->entropy_count));
		98	if (r < 0) {
		99	log_error("Failed to read entropy count file: %m");
		100	r = -errno;
		101	goto finish;
		102	}
		103	}
		104
85	seed_fd = open(RANDOM_SEED, O_RDWR\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);	105	seed_fd = open(RANDOM_SEED, O_RDWR\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);
86	if (seed_fd < 0) {	106	if (seed_fd < 0) {
87	seed_fd = open(RANDOM_SEED, O_RDONLY\|O_CLOEXEC\|O_NOCTTY);	107	seed_fd = open(RANDOM_SEED, O_RDONLY\|O_CLOEXEC\|O_NOCTTY);
Lines 102-108 int main(int argc, char *argv[]) { Link Here
102	}	122	}
103	}	123	}
104		124
105	k = loop_read(seed_fd, buf, buf_size, false);	125	k = loop_read(seed_fd, entropy->buf, entropy->buf_size, false);
106	if (k <= 0) {	126	if (k <= 0) {
107		127
108	if (r != 0)	128	if (r != 0)
Lines 113-128 int main(int argc, char *argv[]) { Link Here
113	} else {	133	} else {
114	lseek(seed_fd, 0, SEEK_SET);	134	lseek(seed_fd, 0, SEEK_SET);
115		135
116	k = loop_write(random_fd, buf, (size_t) k, false);	136	if (entropy->entropy_count && (size_t) k == entropy->buf_size) {
117	if (k <= 0) {	137	r = ioctl(random_fd, RNDADDENTROPY, entropy);
118	log_error("Failed to write seed to /dev/urandom: %s", r < 0 ? strerror(-r) : "short write");	138	if (r < 0) {
		139	log_error("Failed to write seed to /dev/urandom: %m");
		140	r = -errno;
		141	}
		142	} else {
		143	k = loop_write(random_fd, entropy->buf, (size_t) k, false);
		144	if (k <= 0) {
		145	log_error("Failed to write seed to /dev/urandom: %s", r < 0 ? strerror(-r) : "short write");
119		146
120	r = k == 0 ? -EIO : (int) k;	147	r = k == 0 ? -EIO : (int) k;
		148	}
121	}	149	}
122	}	150	}
123		151
124	} else if (streq(argv[1], "save")) {	152	} else if (streq(argv[1], "save")) {
125		153
		154	/* Read available entropy count, if possible */
		155	f = fopen("/proc/sys/kernel/random/entropy_avail", "re");
		156	if (f) {
		157	if (fscanf(f, "%zu", &entropy->entropy_count) < 0)
		158	entropy->entropy_count = 0;
		159	fclose(f);
		160	}
		161
126	seed_fd = open(RANDOM_SEED, O_WRONLY\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);	162	seed_fd = open(RANDOM_SEED, O_WRONLY\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);
127	if (seed_fd < 0) {	163	if (seed_fd < 0) {
128	log_error("Failed to open " RANDOM_SEED ": %m");	164	log_error("Failed to open " RANDOM_SEED ": %m");
Lines 137-142 int main(int argc, char *argv[]) { Link Here
137	goto finish;	173	goto finish;
138	}	174	}
139		175
		176	if (entropy->entropy_count) {
		177	entropy_fd = open(RANDOM_SEED_DIR "entropy_count", O_WRONLY\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);
		178	if (seed_fd < 0) {
		179	log_error("Failed to open " RANDOM_SEED_DIR "entropy_count: %m");
		180	r = -errno;
		181	goto finish;
		182	}
		183	r = write(entropy_fd, &entropy->entropy_count, sizeof(entropy->entropy_count));
		184	if (r < 0) {
		185	log_error("Failed to write entropy count file: %m");
		186	r = -errno;
		187	goto finish;
		188	}
		189	}
		190
140	} else {	191	} else {
141	log_error("Unknown verb %s.", argv[1]);	192	log_error("Unknown verb %s.", argv[1]);
142	r = -EINVAL;	193	r = -EINVAL;
Lines 149-160 int main(int argc, char *argv[]) { Link Here
149	fchmod(seed_fd, 0600);	200	fchmod(seed_fd, 0600);
150	fchown(seed_fd, 0, 0);	201	fchown(seed_fd, 0, 0);
151		202
152	k = loop_read(random_fd, buf, buf_size, false);	203	k = loop_read(random_fd, entropy->buf, entropy->buf_size, false);
153	if (k <= 0) {	204	if (k <= 0) {
154	log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");	205	log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");
155	r = k == 0 ? -EIO : (int) k;	206	r = k == 0 ? -EIO : (int) k;
156	} else {	207	} else {
157	r = loop_write(seed_fd, buf, (size_t) k, false);	208	r = loop_write(seed_fd, entropy->buf, (size_t) k, false);
158	if (r <= 0) {	209	if (r <= 0) {
159	log_error("Failed to write new random seed file: %s", r < 0 ? strerror(-r) : "short write");	210	log_error("Failed to write new random seed file: %s", r < 0 ? strerror(-r) : "short write");
160	r = r == 0 ? -EIO : r;	211	r = r == 0 ? -EIO : r;