From owner-svn-src-head@freebsd.org Tue Sep 3 14:06:04 2019 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 11063DC15F; Tue, 3 Sep 2019 14:06:00 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46N7yv0t8Kz4P46; Tue, 3 Sep 2019 14:05:59 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 1452) id 5281E19F16; Tue, 3 Sep 2019 14:05:53 +0000 (UTC) X-Original-To: yuripv@localmail.freebsd.org Delivered-To: yuripv@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id 4F70B14D9D; Sun, 31 Mar 2019 04:57:55 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1D4198FF5B; Sun, 31 Mar 2019 04:57:55 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 538) id 0C6FE14D9C; Sun, 31 Mar 2019 04:57:55 +0000 (UTC) Delivered-To: src-committers@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id ED6F814D97 for ; Sun, 31 Mar 2019 04:57:51 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A001C8FF58; Sun, 31 Mar 2019 04:57:51 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 774D721DB9; Sun, 31 Mar 2019 04:57:51 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x2V4vpdn091158; Sun, 31 Mar 2019 04:57:51 GMT (envelope-from cem@FreeBSD.org) Received: (from cem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x2V4vp1R091156; Sun, 31 Mar 2019 04:57:51 GMT (envelope-from cem@FreeBSD.org) Message-Id: <201903310457.x2V4vp1R091156@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cem set sender to cem@FreeBSD.org using -f From: Conrad Meyer To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r345744 - in head/libexec: rc/rc.d save-entropy X-SVN-Group: head X-SVN-Commit-Author: cem X-SVN-Commit-Paths: in head/libexec: rc/rc.d save-entropy X-SVN-Commit-Revision: 345744 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk X-Loop: FreeBSD.org Sender: owner-src-committers@freebsd.org X-Rspamd-Queue-Id: 1D4198FF5B X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.90 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; NEURAL_HAM_SHORT(-0.90)[-0.899,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] Status: O X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Tue, 03 Sep 2019 14:06:04 -0000 X-Original-Date: Sun, 31 Mar 2019 04:57:51 +0000 (UTC) X-List-Received-Date: Tue, 03 Sep 2019 14:06:04 -0000 Author: cem Date: Sun Mar 31 04:57:50 2019 New Revision: 345744 URL: https://svnweb.freebsd.org/changeset/base/345744 Log: random(4): Attempt to persist entropy promptly The goal of saving entropy in Fortuna is two-fold: (1) to provide early availability of the random device (unblocking) on next boot; and (2), to have known, high-quality entropy available for that initial seed. We know it is high quality because it's output taken from Fortuna. The FS&K paper makes it clear that Fortuna unblocks when enough bits have been input that the output //may// be safely seeded. But they emphasize that the quality of various entropy sources is unknown, and a saved entropy file is essential for both availability and ensuring initial unpredictability. In FreeBSD we persist entropy using two mechanisms: 1. The /etc/rc.d/random shutdown() function, which is used for ordinary shutdowns and reboots; and, 2. A cron job that runs every dozen minutes or so to persist new entropy, in case the system suffers from power loss or a crash (bypassing the ordinary shutdown path). Filesystems are free to cache dirty data indefinitely, with arbitrary flush policy. Fsync must be used to ensure the data is persisted, especially for the cron job save-entropy, whose entire goal is power loss and crash safe entropy persistence. Ordinary shutdown may not need the fsync because unmount should flush out the dirty entropy file shortly afterwards. But it is always possible power loss or crash occurs during the short window after rc.d/random shutdown runs and before the filesystem is unmounted, so the additional fsync there seems harmless. PR: 230876 Reviewed by: delphij, markj, markm Approved by: secteam (delphij) Differential Revision: https://reviews.freebsd.org/D19742 Modified: head/libexec/rc/rc.d/random head/libexec/save-entropy/save-entropy.sh Modified: head/libexec/rc/rc.d/random ============================================================================== --- head/libexec/rc/rc.d/random Sun Mar 31 04:24:51 2019 (r345743) +++ head/libexec/rc/rc.d/random Sun Mar 31 04:57:50 2019 (r345744) @@ -25,7 +25,8 @@ save_dev_random() for f ; do debug "saving entropy to $f" dd if=/dev/random of="$f" bs=4096 count=1 status=none && - chmod 600 "$f" + chmod 600 "$f" && + fsync "$f" "$(dirname "$f")" done umask ${oumask} } @@ -120,6 +121,9 @@ random_stop() dd if=/dev/random of=${entropy_file_confirmed} \ bs=4096 count=1 2> /dev/null || warn 'write failed (unwriteable file or full fs?)' + fsync "${entropy_file_confirmed}" \ + "$(dirname "${entropy_file_confirmed}")" \ + 2> /dev/null echo '.' ;; esac @@ -145,6 +149,9 @@ random_stop() dd if=/dev/random of=${entropy_boot_file_confirmed} \ bs=4096 count=1 2> /dev/null || warn 'write failed (unwriteable file or full fs?)' + fsync "${entropy_boot_file_confirmed}" \ + "$(dirname "${entropy_boot_file_confirmed}")" \ + 2> /dev/null echo '.' ;; esac Modified: head/libexec/save-entropy/save-entropy.sh ============================================================================== --- head/libexec/save-entropy/save-entropy.sh Sun Mar 31 04:24:51 2019 (r345743) +++ head/libexec/save-entropy/save-entropy.sh Sun Mar 31 04:57:50 2019 (r345744) @@ -90,5 +90,6 @@ while [ ${n} -ge 1 ]; do done dd if=/dev/random of=saved-entropy.1 bs=${entropy_save_sz} count=1 2>/dev/null +fsync saved-entropy.1 "." exit 0