看板FB_security
標 題Re: Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d)
發信站NCTU CS FreeBSD Server (Wed Sep 19 23:08:19 2012)
轉信站ptt!csnews.cs.nctu!news.cs.nctu!.cs.nctucs.nctu!.org!ownorg!owner-free
On Sun, Sep 16, 2012 at 05:21:21PM +0100, Mark Murray wrote:
> Tweeks along the way may include reverting to the original intent of
> starting the PRNG blocked, and only unblocking once reseeded.
I hope I'm testing this incorrectly, but I think we've managed to break
this over the years.
1. Putting:
entropy_file="NO"
entropy_dir="NO"
entropy_save_sz="0" # Size of the entropy cache files.
entropy_save_num="0" # Number of entropy cache files to save.
harvest_interrupt="NO" # Entropy device harvests interrupt randomness
harvest_ethernet="NO" # Entropy device harvests ethernet randomness
harvest_p_to_p="NO" # Entropy device harvests point-to-point randomness
in /etc/rc.conf
2. Commenting out "better_than_nothing":
Index: initrandom
===================================================================
--- initrandom (revision 240709)
+++ initrandom (working copy)
@@ -77,7 +77,7 @@ initrandom_start()
;;
esac
- better_than_nothing
+
#better_than_nothing
echo -n ' kickstart'
fi
3. Boot single user and delete ${entropy_file} and ${entropy_dir}/*
4. Adding this patch (which I'd like to commit (but not changing the defaults)):
----------%<----------%<----------%<----------%<----------%<----------
Index: sys/dev/random/randomdev_soft.c
===================================================================
--- sys/dev/random/randomdev_soft.c (revision 240694)
+++ sys/dev/random/randomdev_soft.c (working copy)
@@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
#include <sys/poll.h>
#include <sys/proc.h>
#include <sys/random.h>
+#include <sys/sbuf.h>
#include <sys/selinfo.h>
#include <sys/sysctl.h>
#include <sys/uio.h>
@@ -72,7 +73,7 @@ struct random_systat random_yarrow = {
.write = random_yarrow_write,
.poll = random_yarrow_poll,
.reseed = random_yarrow_flush_reseed,
- .seeded = 1,
+ .seeded = 0,
};
MALLOC_DEFINE(M_ENTROPY, "entropy", "Entropy harvesting buffers");
@@ -85,7 +86,7 @@ struct mtx harvest_mtx;
/* Lockable FIFO queue holding entropy buffers */
struct entropyfifo {
- int count;
+ unsigned int count;
STAILQ_HEAD(harvestlist, harvest) head;
};
@@ -97,6 +98,9 @@ static struct entropyfifo emptyfifo;
/* Harvested entropy */
static struct entropyfifo harvestfifo[ENTROPYSOURCE];
+/* Count processed categories of randomness. */
+static unsigned long e_src_cnt[ENTROPYSOURCE];
+
/* <0 to end the kthread, 0 to let it run, 1 to flush the harvest queues */
static int random_kthread_control = 0;
@@ -114,6 +118,34 @@ random_check_boolean(SYSCTL_HANDLER_ARGS
return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
}
+static int
+sysctl_random_sys_entropy_processed(SYSCTL_HANDLER_ARGS)
+{
+ struct sbuf sb;
+ int error;
+
+ sbuf_new(&sb, NULL, 256, SBUF_AUTOEXTEND);
+ sbuf_printf(&sb,
+"write=%lu/%u, keyboard=%lu/%u, mouse=%lu/%u, net=%lu/%u, interrupt=%lu/%u, pure=%lu/%u",
+ e_src_cnt[RANDOM_WRITE],
+ harvestfifo[RANDOM_WRITE].count,
+ e_src_cnt[RANDOM_KEYBOARD],
+ harvestfifo[RANDOM_KEYBOARD].count,
+ e_src_cnt[RANDOM_MOUSE],
+ harvestfifo[RANDOM_MOUSE].count,
+ e_src_cnt[RANDOM_NET],
+ harvestfifo[RANDOM_NET].count,
+ e_src_cnt[RANDOM_INTERRUPT],
+ harvestfifo[RANDOM_INTERRUPT].count,
+ e_src_cnt[RANDOM_PURE],
+ harvestfifo[RANDOM_PURE].count);
+ sbuf_trim(&sb);
+ sbuf_finish(&sb);
+ error = sysctl_handle_string(oidp, sbuf_data(&sb), sbuf_len(&sb), req);
+ sbuf_delete(&sb);
+ return (error);
+}
+
/* ARGSUSED */
void
random_yarrow_init(void)
@@ -138,7 +170,7 @@ random_yarrow_init(void)
SYSCTL_ADD_PROC(&random_clist,
SYSCTL_CHILDREN(random_sys_o),
OID_AUTO, "seeded", CTLTYPE_INT | CTLFLAG_RW,
- &random_systat.seeded, 1, random_check_boolean, "I",
+ &random_systat.seeded, 0, random_check_boolean, "I",
"Seeded State");
random_sys_harvest_o = SYSCTL_ADD_NODE(&random_clist,
@@ -166,6 +198,10 @@ random_yarrow_init(void)
OID_AUTO, "swi", CTLTYPE_INT | CTLFLAG_RW,
&harvest.swi, 0, random_check_boolean, "I",
"Harvest SWI entropy");
+ SYSCTL_ADD_PROC(&random_clist, SYSCTL_CHILDREN(random_sys_harvest_o),
+ OID_AUTO, "entropy_processed", CTLTYPE_STRING | CTLFLAG_RD,
+ NULL, 0, sysctl_random_sys_entropy_processed, "A",
+ "Number of harvested/queued entropy sources");
/* Initialise the harvest fifos */
STAILQ_INIT(&emptyfifo.head);
@@ -263,8 +299,10 @@ random_kthread(void *arg __unused)
*/
if (!STAILQ_EMPTY(&local_queue)) {
mtx_unlock_spin(&harvest_mtx);
- STAILQ_FOREACH(event, &local_queue, next)
+ STAILQ_FOREACH(event, &local_queue, next) {
random_process_event(event);
+ e_src_cnt[event->source]++;
+ }
mtx_lock_spin(&harvest_mtx);
STAILQ_CONCAT(&emptyfifo.head, &local_queue);
emptyfifo.count += local_count;
Index: sys/dev/random/harvest.c
===================================================================
--- sys/dev/random/harvest.c (revision 240694)
+++ sys/dev/random/harvest.c (working copy)
@@ -48,7 +48,12 @@ __FBSDID("$FreeBSD$");
static int read_random_phony(void *, int);
/* Structure holding the desired entropy sources */
-struct harvest_select harvest = { 1, 1, 1, 0 };
+struct harvest_select harvest = {
+ 0, /*ethernet*/
+ 0, /*pt2pt*/
+ 0, /*intr*/
+ 0, /*swi*/
+};
static int warned = 0;
/* hold the address of the routine which is actually called if
@@ -84,6 +89,12 @@ random_yarrow_deinit_harvester(void)
* XXXRW: get_cyclecount() is cheap on most modern hardware, where cycle
* counters are built in, but on older hardware it will do a real time clock
* read which can be quite expensive.
+ *
+ * @entropy Buffer of 'count' bytes of potential entropy.
+ * @count Number of bytes in 'buffer' to process.
+ * @bits Estimated number of bits of entropy in 'buffer'.
+ * @frac Estimated number of fractional bits entropy in 'buffer'.
+ * @origin Origin where this entropy was gathered.
*/
void
random_harvest(void *entropy, u_int count, u_int bits, u_int frac,
----------%<----------%<----------%<----------%<----------%<----------
5. Still lets me boot multi-user and login:
ngoc# sysctl kern.random
kern.random.yarrow.gengateinterval: 10
kern.random.yarrow.bins: 10
kern.random.yarrow.fastthresh: 192
kern.random.yarrow.slowthresh: 256
kern.random.yarrow.slowoverthresh: 2
kern.random.sys.seeded: 0
kern.random.sys.harvest.ethernet: 0
kern.random.sys.harvest.point_to_point: 0
kern.random.sys.harvest.interrupt: 0
kern.random.sys.harvest.swi: 0
kern.random.sys.harvest.entropy_processed: write=0/0, keyboard=0/0, mouse=0/0, net=0/0, interrupt=0/0, pure=0/0
Also, I'm having trouble finding the source for 'swi' harvesting.
Do you know where it is?
--
-- David (
[email protected])
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "
[email protected]"