summaryrefslogtreecommitdiff
path: root/libexec/save-entropy/save-entropy.sh
Commit message (Collapse)AuthorAgeFilesLines
* Reduce disk write load in /usr/libexec/save-entropy.Xin LI2019-11-301-14/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | Before this commit, the save-entropy script rotates entropy files like logs. This involves creating a new file that holds the entropy and renaming of all existing entropy files. However, the entropy data do not really need to be kept in a particular order, and replacing the oldest file is sufficient. This commit replaces the rotation with a scan in the [1..entropy_save_num] space that finds the first empty slot, or the slot of the oldest file, and writes entropy into that slot. This also fixes an issue that prevents save-entropy from saving any entropy when there is one non-regular file in any slot as a side effect. Based on an earlier patch from peterj@. PR: 134225 Reported by: peterj Reviewed by: csprng (cem, markm) MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D22612 Notes: svn path=/head/; revision=355247
* save-entropy(8), rc.d/random: Set nodump flagConrad Meyer2019-05-221-0/+1
| | | | | | | | | | | | | | | | Tag saved entropy files as "nodump," to signal that the files should not be backed up by dump(8) or other automated backup software that honors the file flag. Do not produce an error if the target file resides on a filesystem that does not support file flags (e.g., msdos /boot). Reviewed by: delphij Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D20358 Notes: svn path=/head/; revision=348122
* random(4): Attempt to persist entropy promptlyConrad Meyer2019-03-311-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The goal of saving entropy in Fortuna is two-fold: (1) to provide early availability of the random device (unblocking) on next boot; and (2), to have known, high-quality entropy available for that initial seed. We know it is high quality because it's output taken from Fortuna. The FS&K paper makes it clear that Fortuna unblocks when enough bits have been input that the output //may// be safely seeded. But they emphasize that the quality of various entropy sources is unknown, and a saved entropy file is essential for both availability and ensuring initial unpredictability. In FreeBSD we persist entropy using two mechanisms: 1. The /etc/rc.d/random shutdown() function, which is used for ordinary shutdowns and reboots; and, 2. A cron job that runs every dozen minutes or so to persist new entropy, in case the system suffers from power loss or a crash (bypassing the ordinary shutdown path). Filesystems are free to cache dirty data indefinitely, with arbitrary flush policy. Fsync must be used to ensure the data is persisted, especially for the cron job save-entropy, whose entire goal is power loss and crash safe entropy persistence. Ordinary shutdown may not need the fsync because unmount should flush out the dirty entropy file shortly afterwards. But it is always possible power loss or crash occurs during the short window after rc.d/random shutdown runs and before the filesystem is unmounted, so the additional fsync there seems harmless. PR: 230876 Reviewed by: delphij, markj, markm Approved by: secteam (delphij) Differential Revision: https://reviews.freebsd.org/D19742 Notes: svn path=/head/; revision=345744
* libexec: adoption of SPDX licensing ID tags.Pedro F. Giffuni2017-11-271-0/+2
| | | | | | | | | | | | | | | | | Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. No functional change intended. Notes: svn path=/head/; revision=326274
* This is the much-discussed major upgrade to the random(4) device, known to ↵Mark Murray2014-10-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | you all as /dev/random. This code has had an extensive rewrite and a good series of reviews, both by the author and other parties. This means a lot of code has been simplified. Pluggable structures for high-rate entropy generators are available, and it is most definitely not the case that /dev/random can be driven by only a hardware souce any more. This has been designed out of the device. Hardware sources are stirred into the CSPRNG (Yarrow, Fortuna) like any other entropy source. Pluggable modules may be written by third parties for additional sources. The harvesting structures and consequently the locking have been simplified. Entropy harvesting is done in a more general way (the documentation for this will follow). There is some GREAT entropy to be had in the UMA allocator, but it is disabled for now as messing with that is likely to annoy many people. The venerable (but effective) Yarrow algorithm, which is no longer supported by its authors now has an alternative, Fortuna. For now, Yarrow is retained as the default algorithm, but this may be changed using a kernel option. It is intended to make Fortuna the default algorithm for 11.0. Interested parties are encouraged to read ISBN 978-0-470-47424-2 "Cryptography Engineering" By Ferguson, Schneier and Kohno for Fortuna's gory details. Heck, read it anyway. Many thanks to Arthur Mesh who did early grunt work, and who got caught in the crossfire rather more than he deserved to. My thanks also to folks who helped me thresh this out on whiteboards and in the odd "Hallway track", or otherwise. My Nomex pants are on. Let the feedback commence! Reviewed by: trasz,des(partial),imp(partial?),rwatson(partial?) Approved by: so(des) Notes: svn path=/head/; revision=273872
* Don't save entropy inside jails.Xin LI2014-07-221-0/+2
| | | | | | | | | | | | | As of r126744, we no longer feed the entropy device in jails upon start, and collecting them is no longer useful. PR: conf/126744 Submitted by: Eugene Grosbein <eugen grosbein net> (with minor changes) MFC after: 1 week Approved by: so (des) Notes: svn path=/head/; revision=268979
* 1. Use install -d to create the entropy_dir if missing so that we can do itDoug Barton2012-09-041-28/+26
| | | | | | | | | | | | | | | | | | | | | | | all in one command, with no permissions race. 2. Simplify the rotation logic by cd'ing into the directory, with a test to make sure that it succeeds. 3. Remove any files numbered higher than entropy_save_num. This helps when the user reduces the number, and may be useful for other purposes down the road. 4. Simplify the rotation logic by first testing the common case (it's a regular file) then testing if something else exists with the same name using elif. Also switch from using jot to simpler countdown format. 5. Fix logger lines and error messages to be more consistent, and wrap the code more consistently in the 80 column range. The "not a regular file" error message was mistakenly wrapped entirely in "quotes" which caused logger to include line-wrapping whitespace. Change that to wrap only the variables in quotes, which is both consistent and works better. 6. Update copyright to reflect the fact that changes were made this year. Parts of 2-4 were taken from etc/periodic/daily/310.accounting Notes: svn path=/head/; revision=240090
* 1. Attempt to take one bullet out of the foot-shooting gun by silentlyDoug Barton2006-08-281-10/+10
| | | | | | | | | | | | | | | | | ignoring errors when sourcing rc.conf* files. The most common error occurs when users put a command of some sort into those files. (ifconfig is a popular choice) 2. Make the file rotation logic simpler by starting one down from the "top" of the list, rather than at the top. 3. Try to make file rotation more secure by calling unlink(1) on all new file names before rotating an old file to the new name, rather than merely calling 'rm -f' on any files that exceed the number of files to save. Notes: svn path=/head/; revision=161683
* The script mistakenly ignores the entropy_save_sz variable fromDoug Barton2005-04-111-2/+2
| | | | | | | | | | | | | | | | | | rc.conf[.local]. Fix this, and leave the default as 2048. Update the copyright year to include the present. Update the assignment of the copyright to be me personally, instead of "The FreeBSD Project" which is not a legal entity, and therefore not a proper assignee. My intention remains the same however, that this code continue to be BSD licensed, and freely available to anyone that wants it under those terms. PR: conf/75722 Submitted by: Nicolas Rachinsky <list@rachinsky.de> Notes: svn path=/head/; revision=144889
* Move the process of storing entropy from /dev/random and reseeding withDoug Barton2001-01-141-10/+20
| | | | | | | | | | | | | | | | | | | it at boot time closer to the way we want it to be in the final version. * Move the default directory to /var/db/entropy * Run the entropy saving cron job every 11 minutes. This seems to be a better default, although still bikeshed material. * Feed /dev/random some cheesy "entropy" from various commands and files before the disks are mounted. This gives /dev/random a better chance of running without blocking early. * Move the reseeding with previously stored entropy to the point immediately after the disks are mounted. * Make the harvesting script a little safer in regards to the possibility of accidentally overwriting something other than a regular file. Notes: svn path=/head/; revision=71014
* Add a system to save entropy from /dev/random periodically so thatDoug Barton2001-01-111-0/+82
it can be used to reseed at boot time. This will greatly increase the chances that there will be sufficient entropy available at boot time to prevent long delays. For /etc/rc, remove the vmstat and iostat runs from the attempt to provide some cheesy randomness if the files fail, since those programs are dynamically linked, and ldd seems to want some randomness to do its magic. Guidance and parameters for this project were provided by Mark Murray, based on the requirements of the Yarrow algorithm. Some helpful suggestions for implementation (including the tip about iostat and vmstat) were provided by Sheldon Hearn. All blame for problems or mistakes is mine of course. Notes: svn path=/head/; revision=70922