diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2020-05-26 13:47:30 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2020-05-26 13:47:30 +0000 |
| commit | 36a8d0e11a140b3d5a3114c6a66b869f8b2166f3 (patch) | |
| tree | 98614f92b3063cc033d921bcb20b487b7c322cc1 /sys/arch/sgi | |
| parent | b55a81d93991dbc0f8d6852310b1466e9591d5cd (diff) | |
/etc/random.seed reuse can now be detected. The stat +T bit marks the file
(fchmod +T by bootcode, chmod 600 by /etc/rc). If the seed is reused, and
HWRNG isn't available, the kernel won't get RB_GOODSEED indication...
Diffstat (limited to 'sys/arch/sgi')
| -rw-r--r-- | sys/arch/sgi/stand/boot/boot.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/arch/sgi/stand/boot/boot.c b/sys/arch/sgi/stand/boot/boot.c index 69d5e16d265..e124245b57e 100644 --- a/sys/arch/sgi/stand/boot/boot.c +++ b/sys/arch/sgi/stand/boot/boot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: boot.c,v 1.28 2020/05/25 15:49:42 deraadt Exp $ */ +/* $OpenBSD: boot.c,v 1.29 2020/05/26 13:47:29 deraadt Exp $ */ /* * Copyright (c) 2004 Opsycon AB, www.opsycon.se. @@ -311,6 +311,12 @@ loadrandom(const char *partition, const char *name, void *buf, size_t buflen) error = -1; goto done; } + if (sb.st_mode & S_ISTXT) { + printf("NOTE: random seed is being reused.\n"); + error = -1; + goto done; + } + fchmod(fd, sb.st_mode | S_ISTXT); done: close(fd); return (error); |