diff options
| author | Visa Hankala <visa@cvs.openbsd.org> | 2020-05-26 13:30:48 +0000 |
|---|---|---|
| committer | Visa Hankala <visa@cvs.openbsd.org> | 2020-05-26 13:30:48 +0000 |
| commit | 575493d48f8b50da3d3c53d526ce2fdc6f747424 (patch) | |
| tree | be1611e48ceef4607aae8ecc6a9668e82fe4531b /sys/arch | |
| parent | e88836b81666de52bc1b18c648db163d6d2d2506 (diff) | |
Check outcome of loadrandom() on octeon
If loadrandom() succeeds, set RB_GOODRANDOM in boothowto.
To enable fchmod(), disk_open() has to mount the filesystem in writable
mode. This is tricky because the filesystem might be unclean. Hence the
code has to use MNT_FORCE.
Input and OK deraadt@
Diffstat (limited to 'sys/arch')
| -rw-r--r-- | sys/arch/octeon/stand/rdboot/disk.c | 5 | ||||
| -rw-r--r-- | sys/arch/octeon/stand/rdboot/rdboot.c | 32 |
2 files changed, 26 insertions, 11 deletions
diff --git a/sys/arch/octeon/stand/rdboot/disk.c b/sys/arch/octeon/stand/rdboot/disk.c index cc943444c73..eda089bc34f 100644 --- a/sys/arch/octeon/stand/rdboot/disk.c +++ b/sys/arch/octeon/stand/rdboot/disk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: disk.c,v 1.1 2019/07/17 14:36:32 visa Exp $ */ +/* $OpenBSD: disk.c,v 1.2 2020/05/26 13:30:47 visa Exp $ */ /* * Copyright (c) 2019 Visa Hankala @@ -180,7 +180,8 @@ disk_open(const char *path) memset(&ffs_args, 0, sizeof(ffs_args)); ffs_args.fspec = devpath; - if (mount(MOUNT_FFS, "/mnt", MNT_RDONLY, &ffs_args) == -1) { + if (mount(MOUNT_FFS, "/mnt", MNT_FORCE | MNT_NOATIME, + &ffs_args) == -1) { fprintf(stderr, "failed to mount %s: %s\n", devpath, strerror(errno)); return NULL; diff --git a/sys/arch/octeon/stand/rdboot/rdboot.c b/sys/arch/octeon/stand/rdboot/rdboot.c index 540a7a5d20a..91dfce7ec22 100644 --- a/sys/arch/octeon/stand/rdboot/rdboot.c +++ b/sys/arch/octeon/stand/rdboot/rdboot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rdboot.c,v 1.5 2020/05/26 13:21:58 visa Exp $ */ +/* $OpenBSD: rdboot.c,v 1.6 2020/05/26 13:30:47 visa Exp $ */ /* * Copyright (c) 2019-2020 Visa Hankala @@ -46,7 +46,7 @@ #define BOOTRANDOM_MAX 256 /* no point being greater than RC4STATE */ #define KERNEL "/bsd" -void loadrandom(void); +int loadrandom(void); void kexec(void); struct cmd_state cmd; @@ -102,7 +102,9 @@ main(void) } while (!getcmd()); } - loadrandom(); + if (loadrandom() == 0) + cmd.boothowto |= RB_GOODRANDOM; + kexec(); hasboot = 0; @@ -113,23 +115,34 @@ main(void) return 0; } -void +int loadrandom(void) { char buf[BOOTRANDOM_MAX]; - int fd; + struct stat sb; + int fd, ret = 0; /* Read the file from the device specified by the kernel path. */ if (disk_open(cmd.path) == NULL) - return; + return -1; fd = open(BOOTRANDOM, O_RDONLY); if (fd == -1) { fprintf(stderr, "%s: cannot open %s: %s", __func__, BOOTRANDOM, strerror(errno)); disk_close(); - return; + return -1; + } + if (fstat(fd, &sb) == 0) { + if (sb.st_mode & S_ISTXT) { + printf("NOTE: random seed is being reused.\n"); + ret = -1; + } + if (read(fd, buf, sizeof(buf)) != sizeof(buf)) + ret = -1; + fchmod(fd, sb.st_mode | S_ISTXT); + } else { + ret = -1; } - read(fd, buf, sizeof(buf)); close(fd); disk_close(); @@ -142,10 +155,11 @@ loadrandom(void) if (fd == -1) { fprintf(stderr, "%s: cannot open %s: %s", __func__, DEVRANDOM, strerror(errno)); - return; + return -1; } write(fd, buf, sizeof(buf)); close(fd); + return ret; } void |