From owner-svn-src-head@freebsd.org  Thu Apr 16 00:54:07 2020
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8252E2C774D;
 Thu, 16 Apr 2020 00:54:07 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 492ghv2wPFz4fm9;
 Thu, 16 Apr 2020 00:54:07 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5F59227FBD;
 Thu, 16 Apr 2020 00:54:07 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 03G0s7Ht065839;
 Thu, 16 Apr 2020 00:54:07 GMT (envelope-from kevans@FreeBSD.org)
Received: (from kevans@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id 03G0s7Pl065837;
 Thu, 16 Apr 2020 00:54:07 GMT (envelope-from kevans@FreeBSD.org)
Message-Id: <202004160054.03G0s7Pl065837@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: kevans set sender to
 kevans@FreeBSD.org using -f
From: Kyle Evans <kevans@FreeBSD.org>
Date: Thu, 16 Apr 2020 00:54:07 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r359999 - in head: stand/defaults sys/kern
X-SVN-Group: head
X-SVN-Commit-Author: kevans
X-SVN-Commit-Paths: in head: stand/defaults sys/kern
X-SVN-Commit-Revision: 359999
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2020 00:54:07 -0000

Author: kevans
Date: Thu Apr 16 00:54:06 2020
New Revision: 359999
URL: https://svnweb.freebsd.org/changeset/base/359999

Log:
  Preload hostuuid for early-boot use
  
  prison0's hostuuid will get set by the hostid rc script, either after
  generating it and saving it to /etc/hostid or by simply reading /etc/hostid.
  
  Some things (e.g. arbitrary MAC address generation) may use the hostuuid as
  a factor in early boot, so providing a way to read /etc/hostid (if it's
  available) and using it before userland starts up is desirable. The code is
  written such that the preload doesn't *have* to be /etc/hostid, thus not
  assuming that there will be newline at the end of the buffer or even the
  exact shape of the newline. White trailing whitespace/non-printables
  trimmed, the result will be validated as a valid uuid before it's used for
  early boot purposes.
  
  The preload can be turned off with hostuuid_load="NO" in /boot/loader.conf,
  just as other preloads; it's worth noting that this is a 37-byte file, the
  overhead is believed to be generally minimal.
  
  It doesn't seem necessary at this time to be concerned with kern.hostid.
  
  One does wonder if we should consider validating hostuuids coming in
  via jail_set(2); some bits seem to care about uuid form and we bother
  validating format of smbios-provided uuid and in-fact whatever uuid comes
  from /etc/hostid.
  
  Reviewed by:	karels, delphij, jamie
  MFC after:	1 week (don't preload by default, probably)
  Differential Revision:	https://reviews.freebsd.org/D24288

Modified:
  head/stand/defaults/loader.conf
  head/sys/kern/kern_jail.c

Modified: head/stand/defaults/loader.conf
==============================================================================
--- head/stand/defaults/loader.conf	Wed Apr 15 23:00:35 2020	(r359998)
+++ head/stand/defaults/loader.conf	Thu Apr 16 00:54:06 2020	(r359999)
@@ -33,6 +33,11 @@ bitmap_type="splash_image_data" # and place it on the 
 screensave_load="NO"		# Set to YES to load a screensaver module
 screensave_name="green_saver"	# Set to the name of the screensaver module
 
+###  Early hostid configuration ############################
+hostuuid_load="YES"
+hostuuid_name="/etc/hostid"
+hostuuid_type="hostuuid"
+
 ###  Random number generator configuration  ##################
 # See rc.conf(5). The entropy_boot_file config variable must agree with the
 # settings below.

Modified: head/sys/kern/kern_jail.c
==============================================================================
--- head/sys/kern/kern_jail.c	Wed Apr 15 23:00:35 2020	(r359998)
+++ head/sys/kern/kern_jail.c	Thu Apr 16 00:54:06 2020	(r359999)
@@ -48,6 +48,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/taskqueue.h>
 #include <sys/fcntl.h>
 #include <sys/jail.h>
+#include <sys/linker.h>
 #include <sys/lock.h>
 #include <sys/mutex.h>
 #include <sys/racct.h>
@@ -61,6 +62,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/socket.h>
 #include <sys/syscallsubr.h>
 #include <sys/sysctl.h>
+#include <sys/uuid.h>
 #include <sys/vnode.h>
 
 #include <net/if.h>
@@ -75,6 +77,7 @@ __FBSDID("$FreeBSD$");
 #include <security/mac/mac_framework.h>
 
 #define	DEFAULT_HOSTUUID	"00000000-0000-0000-0000-000000000000"
+#define	PRISON0_HOSTUUID_MODULE	"hostuuid"
 
 MALLOC_DEFINE(M_PRISON, "prison", "Prison structures");
 static MALLOC_DEFINE(M_PRISON_RACCT, "prison_racct", "Prison racct structures");
@@ -218,10 +221,38 @@ static unsigned jail_max_af_ips = 255;
 void
 prison0_init(void)
 {
+	uint8_t *file, *data;
+	size_t size;
 
 	prison0.pr_cpuset = cpuset_ref(thread0.td_cpuset);
 	prison0.pr_osreldate = osreldate;
 	strlcpy(prison0.pr_osrelease, osrelease, sizeof(prison0.pr_osrelease));
+
+	/* If we have a preloaded hostuuid, use it. */
+	file = preload_search_by_type(PRISON0_HOSTUUID_MODULE);
+	if (file != NULL) {
+		data = preload_fetch_addr(file);
+		size = preload_fetch_size(file);
+		if (data != NULL) {
+			/*
+			 * The preloaded data may include trailing whitespace, almost
+			 * certainly a newline; skip over any whitespace or
+			 * non-printable characters to be safe.
+			 */
+			while (size > 0 && data[size - 1] <= 0x20) {
+				data[size--] = '\0';
+			}
+			if (validate_uuid(data, size, NULL, 0) == 0) {
+				(void)strlcpy(prison0.pr_hostuuid, data,
+				    size + 1);
+			} else if (bootverbose) {
+				printf("hostuuid: preload data malformed: '%s'",
+				    data);
+			}
+		}
+	}
+	if (bootverbose)
+		printf("hostuuid: using %s\n", prison0.pr_hostuuid);
 }
 
 /*