mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-21 18:03:41 +03:00
bootctl: when updating EFI random seed file, hash old seed with new one
Let's not regress in entropy in any case. This does what f913c784ad4c93894fd6cb2590738113dff5a694 also does.
This commit is contained in:
parent
60315d5953
commit
114172fbe7
@ -13,6 +13,7 @@
|
|||||||
#include "mkdir.h"
|
#include "mkdir.h"
|
||||||
#include "path-util.h"
|
#include "path-util.h"
|
||||||
#include "random-util.h"
|
#include "random-util.h"
|
||||||
|
#include "sha256.h"
|
||||||
#include "tmpfile-util.h"
|
#include "tmpfile-util.h"
|
||||||
#include "umask-util.h"
|
#include "umask-util.h"
|
||||||
|
|
||||||
@ -20,11 +21,15 @@ int install_random_seed(const char *esp) {
|
|||||||
_cleanup_close_ int esp_fd = -EBADF, loader_dir_fd = -EBADF, fd = -EBADF;
|
_cleanup_close_ int esp_fd = -EBADF, loader_dir_fd = -EBADF, fd = -EBADF;
|
||||||
_cleanup_free_ char *tmp = NULL;
|
_cleanup_free_ char *tmp = NULL;
|
||||||
uint8_t buffer[RANDOM_EFI_SEED_SIZE];
|
uint8_t buffer[RANDOM_EFI_SEED_SIZE];
|
||||||
|
struct sha256_ctx hash_state;
|
||||||
size_t token_size;
|
size_t token_size;
|
||||||
|
bool refreshed;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(esp);
|
assert(esp);
|
||||||
|
|
||||||
|
assert_cc(RANDOM_EFI_SEED_SIZE == SHA256_DIGEST_SIZE);
|
||||||
|
|
||||||
esp_fd = open(esp, O_DIRECTORY|O_RDONLY|O_CLOEXEC);
|
esp_fd = open(esp, O_DIRECTORY|O_RDONLY|O_CLOEXEC);
|
||||||
if (esp_fd < 0)
|
if (esp_fd < 0)
|
||||||
return log_error_errno(errno, "Failed to open ESP directory '%s': %m", esp);
|
return log_error_errno(errno, "Failed to open ESP directory '%s': %m", esp);
|
||||||
@ -37,6 +42,35 @@ int install_random_seed(const char *esp) {
|
|||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to acquire random seed: %m");
|
return log_error_errno(r, "Failed to acquire random seed: %m");
|
||||||
|
|
||||||
|
sha256_init_ctx(&hash_state);
|
||||||
|
sha256_process_bytes(&(const size_t) { sizeof(buffer) }, sizeof(size_t), &hash_state);
|
||||||
|
sha256_process_bytes(buffer, sizeof(buffer), &hash_state);
|
||||||
|
|
||||||
|
fd = openat(loader_dir_fd, "random-seed", O_NOFOLLOW|O_CLOEXEC|O_RDONLY|O_NOCTTY);
|
||||||
|
if (fd < 0) {
|
||||||
|
if (errno != ENOENT)
|
||||||
|
return log_error_errno(errno, "Failed to open old random seed file: %m");
|
||||||
|
|
||||||
|
sha256_process_bytes(&(const ssize_t) { 0 }, sizeof(ssize_t), &hash_state);
|
||||||
|
refreshed = false;
|
||||||
|
} else {
|
||||||
|
ssize_t n;
|
||||||
|
|
||||||
|
/* Hash the old seed in so that we never regress in entropy. */
|
||||||
|
|
||||||
|
n = read(fd, buffer, sizeof(buffer));
|
||||||
|
if (n < 0)
|
||||||
|
return log_error_errno(errno, "Failed to read old random seed file: %m");
|
||||||
|
|
||||||
|
sha256_process_bytes(&n, sizeof(n), &hash_state);
|
||||||
|
sha256_process_bytes(buffer, n, &hash_state);
|
||||||
|
|
||||||
|
fd = safe_close(fd);
|
||||||
|
refreshed = n > 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
sha256_finish_ctx(&hash_state, buffer);
|
||||||
|
|
||||||
if (tempfn_random("random-seed", "bootctl", &tmp) < 0)
|
if (tempfn_random("random-seed", "bootctl", &tmp) < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
@ -65,7 +99,7 @@ int install_random_seed(const char *esp) {
|
|||||||
if (syncfs(fd) < 0)
|
if (syncfs(fd) < 0)
|
||||||
return log_error_errno(errno, "Failed to sync ESP file system: %m");
|
return log_error_errno(errno, "Failed to sync ESP file system: %m");
|
||||||
|
|
||||||
log_info("Random seed file %s/loader/random-seed successfully written (%zu bytes).", esp, sizeof(buffer));
|
log_info("Random seed file %s/loader/random-seed successfully %s (%zu bytes).", esp, refreshed ? "refreshed" : "written", sizeof(buffer));
|
||||||
|
|
||||||
if (!arg_touch_variables)
|
if (!arg_touch_variables)
|
||||||
return 0;
|
return 0;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user