apmd should replace /etc/random.seed for hibernate-resumes (and also

chmod 600 the file to remove the t-bit that the bootblocks set when
the file is used)
comments from naddy

1 files changed, 25 insertions, 1 deletions

diff --git a/usr.sbin/apmd/apmd.c b/usr.sbin/apmd/apmd.c
index e03a499dbf2..231d504cf09 100644
--- a/usr.sbin/apmd/apmd.c
+++ b/usr.sbin/apmd/apmd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: apmd.c,v 1.108 2022/02/18 15:22:22 robert Exp $	*/
+/*	$OpenBSD: apmd.c,v 1.109 2022/02/18 22:54:13 deraadt Exp $	*/
 
 /*
  *  Copyright (c) 1995, 1996 John T. Kohl
@@ -315,6 +315,25 @@ handle_client(int sock_fd, int ctl_fd)
 	close(cli_fd);
 }
 
+/*
+ * Refresh the random file read by the bootblocks, and remove the +t bit
+ * which the bootblock use to track "reuse of the file".
+ */
+void
+fixrandom(void)
+{
+	char buf[512];
+	int fd;
+
+	fd = open("/etc/random.seed", O_WRONLY);
+	if (fd != -1) {
+		arc4random_buf(buf, sizeof buf);
+		write(fd, buf, sizeof buf);
+		fchmod(fd, 0600);
+		close(fd);
+	}
+}
+
 int
 suspend(int ctl_fd)
 {
@@ -322,6 +341,7 @@ suspend(int ctl_fd)
 
 	logmsg(LOG_NOTICE, "system suspending");
 	power_status(ctl_fd, 1, NULL);
+	fixrandom();
 	do_etc_file(_PATH_APM_ETC_SUSPEND);
 	sync();
 	sleep(1);
@@ -341,6 +361,7 @@ stand_by(int ctl_fd)
 
 	logmsg(LOG_NOTICE, "system entering standby");
 	power_status(ctl_fd, 1, NULL);
+	fixrandom();
 	do_etc_file(_PATH_APM_ETC_STANDBY);
 	sync();
 	sleep(1);
@@ -360,6 +381,7 @@ hibernate(int ctl_fd)
 
 	logmsg(LOG_NOTICE, "system hibernating");
 	power_status(ctl_fd, 1, NULL);
+	fixrandom();
 	do_etc_file(_PATH_APM_ETC_HIBERNATE);
 	sync();
 	sleep(1);
@@ -497,6 +519,8 @@ main(int argc, char *argv[])
 
 	if (unveil(_PATH_APM_ETC_DIR, "rx") == -1)
 		err(1, "unveil %s", _PATH_APM_ETC_DIR);
+	if (unveil("/etc/random.seed", "w") == -1)
+		err(1, "unveil /etc/random.seed");
 	if (unveil(NULL, NULL) == -1)
 		err(1, "unveil");