diff options
author | Mark Kettenis <kettenis@cvs.openbsd.org> | 2013-12-28 21:00:22 +0000 |
---|---|---|
committer | Mark Kettenis <kettenis@cvs.openbsd.org> | 2013-12-28 21:00:22 +0000 |
commit | 68c4e1929c5517567928a3873432131eb5901285 (patch) | |
tree | e867e733f6e390d9b0874de8f067be94131f8514 | |
parent | 2fad2a40db5220b57d22d7ac4cb77b7d49c20e30 (diff) |
Try to load entropy data from disk:/etc/random.seed. Then, insert this into
the ELF openbsd.randomdata of the kernel, so that it has entropy right from
the start.
-rw-r--r-- | sys/arch/sparc64/stand/ofwboot/boot.c | 30 | ||||
-rw-r--r-- | sys/arch/sparc64/stand/ofwboot/elf64_exec.c | 14 | ||||
-rw-r--r-- | sys/arch/sparc64/stand/ofwboot/vers.c | 2 |
3 files changed, 43 insertions, 3 deletions
diff --git a/sys/arch/sparc64/stand/ofwboot/boot.c b/sys/arch/sparc64/stand/ofwboot/boot.c index f1eb43e2286..87e0f2f0432 100644 --- a/sys/arch/sparc64/stand/ofwboot/boot.c +++ b/sys/arch/sparc64/stand/ofwboot/boot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: boot.c,v 1.19 2013/03/21 21:51:01 deraadt Exp $ */ +/* $OpenBSD: boot.c,v 1.20 2013/12/28 21:00:21 kettenis Exp $ */ /* $NetBSD: boot.c,v 1.3 2001/05/31 08:55:19 mrg Exp $ */ /* * Copyright (c) 1997, 1999 Eduardo E. Horvath. All rights reserved. @@ -82,6 +82,8 @@ char bootfile[128]; int boothowto; int debug; +char rnddata[BOOTRANDOM_MAX]; + int elf64_exec(int, Elf64_Ehdr *, u_int64_t *, void **, void **); #if 0 @@ -261,6 +263,30 @@ loadfile(int fd, char *args) } int +loadrandom(char *path, char *buf, size_t buflen) +{ + struct stat sb; + int fd, i; + +#define O_RDONLY 0 + + fd = open(path, O_RDONLY); + if (fd == -1) + return -1; + if (fstat(fd, &sb) == -1 || + sb.st_uid != 0 || + (sb.st_mode & (S_IWOTH|S_IROTH))) + goto fail; + if (read(fd, buf, buflen) != buflen) + goto fail; + close(fd); + return 0; +fail: + close(fd); + return (-1); +} + +int main() { extern char version[]; @@ -327,6 +353,8 @@ main() _rtt(); } } + if (loadrandom(BOOTRANDOM, rnddata, sizeof(rnddata))) + printf("open %s: %s\n", opened_name, strerror(errno)); if ((fd = open(bootline, 0)) < 0) { printf("open %s: %s\n", opened_name, strerror(errno)); continue; diff --git a/sys/arch/sparc64/stand/ofwboot/elf64_exec.c b/sys/arch/sparc64/stand/ofwboot/elf64_exec.c index 0597468f9e4..7ac6fcaa07e 100644 --- a/sys/arch/sparc64/stand/ofwboot/elf64_exec.c +++ b/sys/arch/sparc64/stand/ofwboot/elf64_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: elf64_exec.c,v 1.3 2013/03/21 21:51:01 deraadt Exp $ */ +/* $OpenBSD: elf64_exec.c,v 1.4 2013/12/28 21:00:21 kettenis Exp $ */ /* $NetBSD: elfXX_exec.c,v 1.2 2001/08/15 20:08:15 eeh Exp $ */ /* @@ -78,6 +78,18 @@ elf64_exec(int fd, Elf_Ehdr *elf, u_int64_t *entryp, void **ssymp, void **esymp) printf("read phdr: %s\n", strerror(errno)); return (1); } + + if (phdr.p_type == PT_OPENBSD_RANDOMIZE) { + int m, pos; + + /* Fill segment. */ + for (pos = 0; pos < phdr.p_filesz; pos += m) { + m = MIN(phdr.p_filesz - pos, sizeof(rnddata)); + bcopy(rnddata, (void *)(long)phdr.p_paddr + pos, m); + } + continue; + } + if (phdr.p_type != PT_LOAD || (phdr.p_flags & (PF_W|PF_X)) == 0) continue; diff --git a/sys/arch/sparc64/stand/ofwboot/vers.c b/sys/arch/sparc64/stand/ofwboot/vers.c index bcb0d1dbeab..52bef9115ec 100644 --- a/sys/arch/sparc64/stand/ofwboot/vers.c +++ b/sys/arch/sparc64/stand/ofwboot/vers.c @@ -1 +1 @@ -const char version[] = "1.5"; +const char version[] = "1.6"; |