From: kettenis Date: Sat, 28 Dec 2013 21:00:21 +0000 (+0000) Subject: Try to load entropy data from disk:/etc/random.seed. Then, insert this into X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2ee0b2d67d8b04dd60a22ec01df1758916b80945;p=openbsd Try to load entropy data from disk:/etc/random.seed. Then, insert this into the ELF openbsd.randomdata of the kernel, so that it has entropy right from the start. --- diff --git a/sys/arch/sparc64/stand/ofwboot/boot.c b/sys/arch/sparc64/stand/ofwboot/boot.c index f1eb43e2286..87e0f2f0432 100644 --- a/sys/arch/sparc64/stand/ofwboot/boot.c +++ b/sys/arch/sparc64/stand/ofwboot/boot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: boot.c,v 1.19 2013/03/21 21:51:01 deraadt Exp $ */ +/* $OpenBSD: boot.c,v 1.20 2013/12/28 21:00:21 kettenis Exp $ */ /* $NetBSD: boot.c,v 1.3 2001/05/31 08:55:19 mrg Exp $ */ /* * Copyright (c) 1997, 1999 Eduardo E. Horvath. All rights reserved. @@ -82,6 +82,8 @@ char bootfile[128]; int boothowto; int debug; +char rnddata[BOOTRANDOM_MAX]; + int elf64_exec(int, Elf64_Ehdr *, u_int64_t *, void **, void **); #if 0 @@ -260,6 +262,30 @@ loadfile(int fd, char *args) return (rval); } +int +loadrandom(char *path, char *buf, size_t buflen) +{ + struct stat sb; + int fd, i; + +#define O_RDONLY 0 + + fd = open(path, O_RDONLY); + if (fd == -1) + return -1; + if (fstat(fd, &sb) == -1 || + sb.st_uid != 0 || + (sb.st_mode & (S_IWOTH|S_IROTH))) + goto fail; + if (read(fd, buf, buflen) != buflen) + goto fail; + close(fd); + return 0; +fail: + close(fd); + return (-1); +} + int main() { @@ -327,6 +353,8 @@ main() _rtt(); } } + if (loadrandom(BOOTRANDOM, rnddata, sizeof(rnddata))) + printf("open %s: %s\n", opened_name, strerror(errno)); if ((fd = open(bootline, 0)) < 0) { printf("open %s: %s\n", opened_name, strerror(errno)); continue; diff --git a/sys/arch/sparc64/stand/ofwboot/elf64_exec.c b/sys/arch/sparc64/stand/ofwboot/elf64_exec.c index 0597468f9e4..7ac6fcaa07e 100644 --- a/sys/arch/sparc64/stand/ofwboot/elf64_exec.c +++ b/sys/arch/sparc64/stand/ofwboot/elf64_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: elf64_exec.c,v 1.3 2013/03/21 21:51:01 deraadt Exp $ */ +/* $OpenBSD: elf64_exec.c,v 1.4 2013/12/28 21:00:21 kettenis Exp $ */ /* $NetBSD: elfXX_exec.c,v 1.2 2001/08/15 20:08:15 eeh Exp $ */ /* @@ -78,6 +78,18 @@ elf64_exec(int fd, Elf_Ehdr *elf, u_int64_t *entryp, void **ssymp, void **esymp) printf("read phdr: %s\n", strerror(errno)); return (1); } + + if (phdr.p_type == PT_OPENBSD_RANDOMIZE) { + int m, pos; + + /* Fill segment. */ + for (pos = 0; pos < phdr.p_filesz; pos += m) { + m = MIN(phdr.p_filesz - pos, sizeof(rnddata)); + bcopy(rnddata, (void *)(long)phdr.p_paddr + pos, m); + } + continue; + } + if (phdr.p_type != PT_LOAD || (phdr.p_flags & (PF_W|PF_X)) == 0) continue; diff --git a/sys/arch/sparc64/stand/ofwboot/vers.c b/sys/arch/sparc64/stand/ofwboot/vers.c index bcb0d1dbeab..52bef9115ec 100644 --- a/sys/arch/sparc64/stand/ofwboot/vers.c +++ b/sys/arch/sparc64/stand/ofwboot/vers.c @@ -1 +1 @@ -const char version[] = "1.5"; +const char version[] = "1.6";