Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 16 Sep 2012 17:21:21 +0100
From:      Mark Murray <markm@FreeBSD.org>
To:        Ben Laurie <benl@freebsd.org>, Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Doug Barton <dougb@freebsd.org>, "David O'Brien" <obrien@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>
Subject:   Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d)
Message-ID:  <E1TDHb0-000FIh-0Z@groundzero.grondar.org>
In-Reply-To: <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com>
References:  <50453686.9090100@FreeBSD.org> <20120911082309.GD72584@dragon.NUXI.org> <504F0687.7020309@FreeBSD.org> <201209121628.18088.jhb@freebsd.org> <5050F477.8060409@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr> <alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr> <E1TCXN0-000NFT-7I@groundzero.grondar.org> <CAG5KPzwOdCkybj3D5uic1KC-pwW-pewgsrqrXg60f5SJjtzYPw@mail.gmail.com> <E1TCbDG-0002Hz-9D@groundzero.grondar.org> <CAG5KPzzRxzVX-%2B9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com> <E1TCbSz-0007CJ-BI@groundzero.grondar.org> <CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com> <E1TCcIq-000Brr-Ex@groundzero.grondar.org> <CAG5KPzwEESg7iUb2%2B-kAN%2Bk55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com> <E1TCdlD-000C1N-4g@groundzero.grondar.org> <CAG5KPzzFO1H5Wcx34oXi09=aJqg5w%2BXWSd8fnn0Byvpy_8%2B-rA@mail.gmail.com> <E1TCpk1-000N2H-Vq@groundzero.grondar.org> <CAG5KPzxOua1t%2BWCef77E5jA1j_m6faw3JXUg sy8W_TeE%2BkpLUg@m <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
------- =_aaaaaaaaaa0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <58816.1347812437.1@groundzero.grondar.org>

Hi

Part 1 of the fix is enclosed; it involves drastically shortening the
input into /dev/random (the "kickstart") at boot time. There are time
implications that I'd like to hear any objections to.

Part 1a is going to be tweeks to stashing entropy at restart
(and possibly during normal running). Also fixes to zero-entropy
first-startup.

Part 2 will be a cheap shortening of files during reading so as not
to clog up the harvest queue. The harvest queue will always be a bit
intolerant of excess input via this route, so this should help a lot.

Part 3 will be the addition of another choice of software PRNG;
Fortuna. Fortuna is MUCH more resilient to attack, at the expense
of using more kernel memory. For modern machines, this is scarcely
noticeable, but it could be bad for embedded units.

Tweeks along the way may include reverting to the original intent of
starting the PRNG blocked, and only unblocking once reseeded.

M
--
Mark R V Murray
Pi: 132511160

------- =_aaaaaaaaaa0
Content-Type: text/plain; file="initrandom.diff"; charset="us-ascii"
Content-ID: <58816.1347812437.2@groundzero.grondar.org>
Content-Description: initrandom.diff

Index: initrandom
===================================================================
--- initrandom	(revision 240384)
+++ initrandom	(working copy)
@@ -23,15 +23,12 @@
 
 better_than_nothing()
 {
-	# XXX temporary until we can improve the entropy
-	# harvesting rate.
 	# Entropy below is not great, but better than nothing.
 	# This unblocks the generator at startup
 	# Note: commands are ordered to cause the most variance across reboots.
-	( kenv; dmesg; df -ib; ps -fauxww; date; sysctl -a ) \
-	    | dd of=/dev/random bs=8k 2>/dev/null
-	/sbin/sha256 -q `sysctl -n kern.bootfile` \
-	    | dd of=/dev/random bs=8k 2>/dev/null
+	for cmd in "kenv" "dmesg" "df -ib" "ps -fauxww" "date" "sysctl -ao" "netstat -arn" "fstat" ; do
+	    ${cmd}| sha256 > /dev/random
+	done
 }
 
 initrandom_start()
@@ -67,6 +64,12 @@
 
 		# First pass at reseeding /dev/random.
 		#
+		better_than_nothing
+
+		sleep 1
+
+		# Give the RNG the best kicking that we might not have.
+		#
 		case ${entropy_file} in
 		[Nn][Oo] | '')
 			;;
@@ -77,8 +80,6 @@
 			;;
 		esac
 
-		better_than_nothing
-
 		echo -n ' kickstart'
 	fi
 

------- =_aaaaaaaaaa0--




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1TDHb0-000FIh-0Z>