Hello community, here is the log from the commit of package systemd for openSUSE:Factory checked in at 2014-08-29 17:43:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/systemd (Old) and /work/SRC/openSUSE:Factory/.systemd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "systemd" Changes: -------- --- /work/SRC/openSUSE:Factory/systemd/systemd-mini.changes 2014-08-27 16:53:17.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.systemd.new/systemd-mini.changes 2014-08-29 17:43:05.000000000 +0200 @@ -1,0 +2,28 @@ +Thu Aug 28 10:07:10 UTC 2014 - [email protected] + +- Add upstream patches + 0001-login-fix-memory-leak-on-DropController.patch + 0002-util-fix-minimal-race-where-we-might-miss-SIGTERMs-w.patch + 0003-sd-journal-properly-convert-object-size-on-big-endia.patch + 0004-sd-journal-verify-that-object-start-with-the-field-n.patch +- Add upstream patch + 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch + to avoid that hwdb ID's for unrecognised USB device are taken + from the USB hub. + +------------------------------------------------------------------- +Wed Aug 27 16:01:17 UTC 2014 - [email protected] + +- Add upstream patches + 0001-systemctl-Correct-error-message-printed-when-bus_pro.patch + 0002-units-order-systemd-fsck-.service-after-local-fs-pre.patch + 0003-keymap-Adjust-for-more-Samsung-900X4-series.patch + +------------------------------------------------------------------- +Wed Aug 27 12:52:09 UTC 2014 - [email protected] + +- Add patch use-rndaddentropy-ioctl-to-load-random-seed.patch to + use RNDADDENTROPY ioctl to load random-seed and to increase + entropy count as well (bnc#892096) + +------------------------------------------------------------------- systemd.changes: same change New: ---- 0001-login-fix-memory-leak-on-DropController.patch 0001-systemctl-Correct-error-message-printed-when-bus_pro.patch 0002-units-order-systemd-fsck-.service-after-local-fs-pre.patch 0002-util-fix-minimal-race-where-we-might-miss-SIGTERMs-w.patch 0003-keymap-Adjust-for-more-Samsung-900X4-series.patch 0003-sd-journal-properly-convert-object-size-on-big-endia.patch 0004-sd-journal-verify-that-object-start-with-the-field-n.patch 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch use-rndaddentropy-ioctl-to-load-random-seed.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ systemd-mini.spec ++++++ --- /var/tmp/diff_new_pack.q0sB47/_old 2014-08-29 17:43:12.000000000 +0200 +++ /var/tmp/diff_new_pack.q0sB47/_new 2014-08-29 17:43:12.000000000 +0200 @@ -798,6 +798,22 @@ Patch384: 0004-hwdb-update-format-description-and-document-reloadin.patch # PATCH-FIX-UPSTREAM added at 2014/08/25 Patch385: 0008-hwdb-update.patch +# PATCH-FIX-SUSE Use RNDADDENTROPY ioctl to load random-seed and to increase entropy count as well (bnc#892096) +Patch386: use-rndaddentropy-ioctl-to-load-random-seed.patch +# PATCH-FIX-UPSTREAM added at 2014/08/27 +Patch387: 0001-systemctl-Correct-error-message-printed-when-bus_pro.patch +# PATCH-FIX-UPSTREAM added at 2014/08/27 +Patch388: 0002-units-order-systemd-fsck-.service-after-local-fs-pre.patch +# PATCH-FIX-UPSTREAM added at 2014/08/27 +Patch389: 0003-keymap-Adjust-for-more-Samsung-900X4-series.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch390: 0001-login-fix-memory-leak-on-DropController.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch391: 0002-util-fix-minimal-race-where-we-might-miss-SIGTERMs-w.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch392: 0003-sd-journal-properly-convert-object-size-on-big-endia.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch393: 0004-sd-journal-verify-that-object-start-with-the-field-n.patch # UDEV PATCHES # ============ @@ -931,6 +947,8 @@ Patch1062: 1062-rules-set-default-permissions-for-GenWQE-devices.patch # PATCH-FIX-UPSTREAM 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch Patch1063: 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch +# PATCH-FIX-UPSTREAM 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch +Patch1064: 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1475,6 +1493,14 @@ %patch383 -p0 %patch384 -p0 %patch385 -p0 +%patch386 -p1 +%patch387 -p0 +%patch388 -p0 +%patch389 -p0 +%patch390 -p0 +%patch391 -p0 +%patch392 -p0 +%patch393 -p0 # udev patches %patch1001 -p1 @@ -1561,6 +1587,7 @@ %patch1061 -p0 %patch1062 -p1 %patch1063 -p0 +%patch1064 -p0 # remove patch backups find -name '*.orig' -exec rm -f '{}' \+ ++++++ systemd.spec ++++++ --- /var/tmp/diff_new_pack.q0sB47/_old 2014-08-29 17:43:12.000000000 +0200 +++ /var/tmp/diff_new_pack.q0sB47/_new 2014-08-29 17:43:12.000000000 +0200 @@ -793,6 +793,22 @@ Patch384: 0004-hwdb-update-format-description-and-document-reloadin.patch # PATCH-FIX-UPSTREAM added at 2014/08/25 Patch385: 0008-hwdb-update.patch +# PATCH-FIX-SUSE Use RNDADDENTROPY ioctl to load random-seed and to increase entropy count as well (bnc#892096) +Patch386: use-rndaddentropy-ioctl-to-load-random-seed.patch +# PATCH-FIX-UPSTREAM added at 2014/08/27 +Patch387: 0001-systemctl-Correct-error-message-printed-when-bus_pro.patch +# PATCH-FIX-UPSTREAM added at 2014/08/27 +Patch388: 0002-units-order-systemd-fsck-.service-after-local-fs-pre.patch +# PATCH-FIX-UPSTREAM added at 2014/08/27 +Patch389: 0003-keymap-Adjust-for-more-Samsung-900X4-series.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch390: 0001-login-fix-memory-leak-on-DropController.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch391: 0002-util-fix-minimal-race-where-we-might-miss-SIGTERMs-w.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch392: 0003-sd-journal-properly-convert-object-size-on-big-endia.patch +# PATCH-FIX-UPSTREAM added at 2014/08/28 +Patch393: 0004-sd-journal-verify-that-object-start-with-the-field-n.patch # UDEV PATCHES # ============ @@ -926,6 +942,8 @@ Patch1062: 1062-rules-set-default-permissions-for-GenWQE-devices.patch # PATCH-FIX-UPSTREAM 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch Patch1063: 1063-udev-path_id-suppress-ID_PATH-for-devices-with-an-un.patch +# PATCH-FIX-UPSTREAM 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch +Patch1064: 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1470,6 +1488,14 @@ %patch383 -p0 %patch384 -p0 %patch385 -p0 +%patch386 -p1 +%patch387 -p0 +%patch388 -p0 +%patch389 -p0 +%patch390 -p0 +%patch391 -p0 +%patch392 -p0 +%patch393 -p0 # udev patches %patch1001 -p1 @@ -1556,6 +1582,7 @@ %patch1061 -p0 %patch1062 -p1 %patch1063 -p0 +%patch1064 -p0 # remove patch backups find -name '*.orig' -exec rm -f '{}' \+ ++++++ 0001-login-fix-memory-leak-on-DropController.patch ++++++ >From 60240797a4ce464ec7a0537ccbec4c83f599251c Mon Sep 17 00:00:00 2001 From: David Herrmann <[email protected]> Date: Fri, 22 Aug 2014 14:57:11 +0200 Subject: [PATCH] login: fix memory-leak on DropController() Our bus-name watch helpers only remove a bus-name if it's not a controller, anymore. If we call manager_drop_busname() before unregistering the controller, the busname will not be dropped. Therefore, first drop the controller, then drop the bus-name. --- src/login/logind-session.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git src/login/logind-session.c src/login/logind-session.c index 136bbce..0c6e425 100644 --- src/login/logind-session.c +++ src/login/logind-session.c @@ -1061,11 +1061,13 @@ bool session_is_controller(Session *s, const char *sender) { static void session_swap_controller(Session *s, char *name) { SessionDevice *sd; + char *c; if (s->controller) { - manager_drop_busname(s->manager, s->controller); - free(s->controller); + c = s->controller; s->controller = NULL; + manager_drop_busname(s->manager, c); + free(c); /* Drop all devices as they're now unused. Do that after the * controller is released to avoid sending out useles -- 1.7.9.2 ++++++ 0001-systemctl-Correct-error-message-printed-when-bus_pro.patch ++++++ >From 498cfc230af8f83675be2e92057956f1792969e4 Mon Sep 17 00:00:00 2001 From: Sjoerd Simons <[email protected]> Date: Sat, 23 Aug 2014 21:11:44 +0200 Subject: [PATCH] systemctl: Correct error message printed when bus_process_wait fails Actually use the variable containing the return code of bus_process_wait when printing the error message as a result of it failing. --- src/systemctl/systemctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c index d9b8bee..6534819 100644 --- src/systemctl/systemctl.c +++ src/systemctl/systemctl.c @@ -2382,7 +2382,7 @@ static int wait_for_jobs(sd_bus *bus, Set *s) { while (!set_isempty(s)) { q = bus_process_wait(bus); if (q < 0) { - log_error("Failed to wait for response: %s", strerror(-r)); + log_error("Failed to wait for response: %s", strerror(-q)); return q; } -- 1.7.9.2 ++++++ 0002-units-order-systemd-fsck-.service-after-local-fs-pre.patch ++++++ >From 66f311206e908a5b6f21e66fad73e1e5ea3e31d6 Mon Sep 17 00:00:00 2001 From: Ivan Shapovalov <[email protected]> Date: Wed, 27 Aug 2014 00:17:43 +0400 Subject: [PATCH] units: order [email protected] after local-fs-pre.target. With this change, it becomes possible to order a unit to activate before any modifications to the file systems. This is especially useful for supporting resume from hibernation. --- units/[email protected] | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git units/[email protected] units/[email protected] index c12efa8..d2cda6a 100644 --- units/[email protected] +++ units/[email protected] @@ -10,7 +10,7 @@ Description=File System Check on %f Documentation=man:[email protected](8) DefaultDependencies=no BindsTo=%i.device -After=systemd-readahead-collect.service systemd-readahead-replay.service %i.device systemd-fsck-root.service +After=systemd-readahead-collect.service systemd-readahead-replay.service %i.device systemd-fsck-root.service local-fs-pre.target Before=shutdown.target [Service] -- 1.7.9.2 ++++++ 0002-util-fix-minimal-race-where-we-might-miss-SIGTERMs-w.patch ++++++ Based on 8a7c93d858c342744adf481565d8bb03b9713dcf Mon Sep 17 00:00:00 2001 From: Lennart Poettering <[email protected]> Date: Wed, 27 Aug 2014 21:42:20 +0200 Subject: [PATCH] util: fix minimal race where we might miss SIGTERMs when forking off an agent Before forking, block all signals, and unblock them afterwards. This way the child will have them blocked, and we won't lose them. --- src/shared/util.c | 39 ++++++++++++++++++++++++++++++++++----- 1 file changed, 34 insertions(+), 5 deletions(-) --- src/shared/util.c +++ src/shared/util.c 2014-08-28 10:32:06.442693437 +0000 @@ -894,6 +894,18 @@ int reset_all_signal_handlers(void) { return 0; } +static int reset_signal_mask(void) { + sigset_t ss; + + if (sigemptyset(&ss) < 0) + return -errno; + + if (sigprocmask(SIG_SETMASK, &ss, NULL) < 0) + return -errno; + + return 0; +} + char *strstrip(char *s) { char *e; @@ -5119,9 +5131,9 @@ int fd_inc_rcvbuf(int fd, size_t n) { } int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) { - pid_t parent_pid, agent_pid; - int fd; bool stdout_is_tty, stderr_is_tty; + pid_t parent_pid, agent_pid; + sigset_t ss, saved_ss; unsigned n, i; va_list ap; char **l; @@ -5129,16 +5141,25 @@ int fork_agent(pid_t *pid, const int exc assert(pid); assert(path); - parent_pid = getpid(); - /* Spawns a temporary TTY agent, making sure it goes away when * we go away */ + parent_pid = getpid(); + + /* First we temporarily block all signals, so that the new + * child has them blocked initially. This way, we can be sure + * that SIGTERMs are not lost we might send to the agent. */ + assert_se(sigfillset(&ss) >= 0); + assert_se(sigprocmask(SIG_SETMASK, &ss, &saved_ss) >= 0); + agent_pid = fork(); - if (agent_pid < 0) + if (agent_pid < 0) { + assert_se(sigprocmask(SIG_SETMASK, &saved_ss, NULL) >= 0); return -errno; + } if (agent_pid != 0) { + assert_se(sigprocmask(SIG_SETMASK, &saved_ss, NULL) >= 0); *pid = agent_pid; return 0; } @@ -5149,6 +5170,12 @@ int fork_agent(pid_t *pid, const int exc if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0) _exit(EXIT_FAILURE); + /* Make sure we actually can kill the agent, if we need to, in + * case somebody invoked us from a shell script that trapped + * SIGTERM or so... */ + reset_all_signal_handlers(); + reset_signal_mask(); + /* Check whether our parent died before we were able * to set the death signal */ if (getppid() != parent_pid) @@ -5161,6 +5188,8 @@ int fork_agent(pid_t *pid, const int exc stderr_is_tty = isatty(STDERR_FILENO); if (!stdout_is_tty || !stderr_is_tty) { + int fd; + /* Detach from stdout/stderr. and reopen * /dev/tty for them. This is important to * ensure that when systemctl is started via ++++++ 0003-keymap-Adjust-for-more-Samsung-900X4-series.patch ++++++ >From e512e8a255ef29d5a8eb605f8849202ea3d3e4cb Mon Sep 17 00:00:00 2001 From: Martin Pitt <[email protected]> Date: Wed, 27 Aug 2014 08:41:10 +0200 Subject: [PATCH] keymap: Adjust for more Samsung 900X4 series Reportedly also applies to NP900X4B, so relax the match to apply to all models of this series. https://launchpad.net/bugs/902332 --- hwdb/60-keyboard.hwdb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git hwdb/60-keyboard.hwdb hwdb/60-keyboard.hwdb index ef0ebc5..0ffcb83 100644 --- hwdb/60-keyboard.hwdb +++ hwdb/60-keyboard.hwdb @@ -939,7 +939,7 @@ keyboard:dmi:bvn*:bvr*:bd*:svn[sS][aA][mM][sS][uU][nN][gG]*:pn*550P*:pvr* # Series 7 / 9 keyboard:dmi:bvn*:bvr*:bd*:svn[sS][aA][mM][sS][uU][nN][gG]*:pn*700Z*:pvr* keyboard:dmi:bvn*:bvr*:bd*:svn[sS][aA][mM][sS][uU][nN][gG]*:pn*700G*:pvr* -keyboard:dmi:bvn*:bvr*:bd*:svn[sS][aA][mM][sS][uU][nN][gG]*:pn*900X[34][CDEFG]*:pvr* +keyboard:dmi:bvn*:bvr*:bd*:svn[sS][aA][mM][sS][uU][nN][gG]*:pn*900X[34]*:pvr* keyboard:dmi:bvn*:bvr*:bd*:svn[sS][aA][mM][sS][uU][nN][gG]*:pn*940X3G*:pvr* KEYBOARD_KEY_ce=!prog1 # Fn+F1 launch settings KEYBOARD_KEY_a0=!mute # Fn+F6 mute -- 1.7.9.2 ++++++ 0003-sd-journal-properly-convert-object-size-on-big-endia.patch ++++++ >From 57cd09acf2c63a414aa2131c00a2b3f600eb0133 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <[email protected]> Date: Sat, 23 Aug 2014 22:35:03 -0400 Subject: [PATCH] sd-journal: properly convert object->size on big endian mmap code crashes when attempting to map an object of zero size. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758392 https://bugs.freedesktop.org/show_bug.cgi?id=82894 --- src/journal/journal-file.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git src/journal/journal-file.h src/journal/journal-file.h index 3d41682..da2ef3b 100644 --- src/journal/journal-file.h +++ src/journal/journal-file.h @@ -214,14 +214,15 @@ static unsigned type_to_context(int type) { static inline int journal_file_object_keep(JournalFile *f, Object *o, uint64_t offset) { unsigned context = type_to_context(o->object.type); + uint64_t s = le64toh(o->object.size); return mmap_cache_get(f->mmap, f->fd, f->prot, context, true, - offset, o->object.size, &f->last_stat, NULL); + offset, s, &f->last_stat, NULL); } static inline int journal_file_object_release(JournalFile *f, Object *o, uint64_t offset) { unsigned context = type_to_context(o->object.type); + uint64_t s = le64toh(o->object.size); - return mmap_cache_release(f->mmap, f->fd, f->prot, context, - offset, o->object.size); + return mmap_cache_release(f->mmap, f->fd, f->prot, context, offset, s); } -- 1.7.9.2 ++++++ 0004-sd-journal-verify-that-object-start-with-the-field-n.patch ++++++ Based on 0f99f74a14ef193c1ebde687c5cc76e1d67b85ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <[email protected]> Date: Tue, 26 Aug 2014 23:54:31 -0400 Subject: [PATCH] sd-journal: verify that object start with the field name If the journal is corrupted, we might return an object that does not start with the expected field name and/or is shorter than it should. --- src/journal/sd-journal.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git src/journal/sd-journal.c src/journal/sd-journal.c index 80ff8fe..693707c 100644 --- src/journal/sd-journal.c +++ src/journal/sd-journal.c @@ -2571,6 +2571,21 @@ _public_ int sd_journal_enumerate_unique(sd_journal *j, const void **data, size_ if (r < 0) return r; + /* Check if we have at least the field name and "=". */ + if (ol <= k) { + log_debug("%s:offset " OFSfmt ": object has size %zu, expected at least %zu", + j->unique_file->path, j->unique_offset, + ol, k + 1); + return -EBADMSG; + } + + if (memcmp(odata, j->unique_field, k) || ((const char*) odata)[k] != '=') { + log_debug("%s:offset " OFSfmt ": object does not start with \"%s=\"", + j->unique_file->path, j->unique_offset, + j->unique_field); + return -EBADMSG; + } + /* OK, now let's see if we already returned this data * object by checking if it exists in the earlier * traversed files. */ -- 1.7.9.2 ++++++ 1064-udev-hwdb-do-not-look-at-usb_device-parents.patch ++++++ >From 77cf759ea05bea476cdcb8d0dcd04c4e6fb3b2ff Mon Sep 17 00:00:00 2001 From: Kay Sievers <[email protected]> Date: Tue, 26 Aug 2014 18:27:36 +0200 Subject: [PATCH] udev: hwdb - do not look at "usb_device" parents Based on a patch from Simon McVittie <[email protected]>. Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758050 --- src/udev/udev-builtin-hwdb.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git src/udev/udev-builtin-hwdb.c src/udev/udev-builtin-hwdb.c index cac97e7..695a31a 100644 --- src/udev/udev-builtin-hwdb.c +++ src/udev/udev-builtin-hwdb.c @@ -88,9 +88,10 @@ static int udev_builtin_hwdb_search(struct udev_device *dev, struct udev_device const char *filter, bool test) { struct udev_device *d; char s[16]; - int n = 0; + bool last = false; + int r = 0; - for (d = srcdev; d; d = udev_device_get_parent(d)) { + for (d = srcdev; d && !last; d = udev_device_get_parent(d)) { const char *dsubsys; const char *modalias = NULL; @@ -104,19 +105,24 @@ static int udev_builtin_hwdb_search(struct udev_device *dev, struct udev_device modalias = udev_device_get_property_value(d, "MODALIAS"); - /* the usb_device does not have a modalias, compose one */ - if (!modalias && streq(dsubsys, "usb")) - modalias = modalias_usb(d, s, sizeof(s)); + if (streq(dsubsys, "usb") && streq_ptr(udev_device_get_devtype(d), "usb_device")) { + /* if the usb_device does not have a modalias, compose one */ + if (!modalias) + modalias = modalias_usb(d, s, sizeof(s)); + + /* avoid looking at any parent device, they are usually just a USB hub */ + last = true; + } if (!modalias) continue; - n = udev_builtin_hwdb_lookup(dev, prefix, modalias, filter, test); - if (n > 0) + r = udev_builtin_hwdb_lookup(dev, prefix, modalias, filter, test); + if (r > 0) break; } - return n; + return r; } static int builtin_hwdb(struct udev_device *dev, int argc, char *argv[], bool test) { -- 1.7.9.2 ++++++ use-rndaddentropy-ioctl-to-load-random-seed.patch ++++++ Simply writing /var/lib/systemd/random-seed back to /dev/(u)random does not increase the entropy bit count. Therefore use the RNDADDENTROPY ioctl to write back the bytes and increase the entropy bit counter. Related to bnc#892096 --- systemd-210/src/random-seed/random-seed.c | 66 +++++++++++++++++++++++++++--- 1 file changed, 61 insertions(+), 5 deletions(-) --- systemd-210/src/random-seed/random-seed.c +++ systemd-210/src/random-seed/random-seed.c 2014-08-27 11:58:59.022526580 +0000 @@ -22,7 +22,9 @@ #include <unistd.h> #include <fcntl.h> #include <errno.h> +#include <linux/random.h> #include <string.h> +#include <sys/ioctl.h> #include <sys/stat.h> #include "log.h" @@ -32,8 +34,9 @@ #define POOL_SIZE_MIN 512 int main(int argc, char *argv[]) { - _cleanup_close_ int seed_fd = -1, random_fd = -1; + _cleanup_close_ int seed_fd = -1, random_fd = -1, entropy_fd = -1; _cleanup_free_ void* buf = NULL; + size_t entropy_count = 0; size_t buf_size = 0; ssize_t k; int r; @@ -82,6 +85,23 @@ int main(int argc, char *argv[]) { if (streq(argv[1], "load")) { + entropy_fd = open(RANDOM_SEED_DIR "entropy_count", O_RDONLY|O_CLOEXEC|O_NOCTTY, 0600); + if (entropy_fd < 0) { + entropy_count = 0; + if (errno != ENOENT) { + log_error("Failed to open " RANDOM_SEED "/entropy_count: %m"); + r = -errno; + goto finish; + } + } else { + r = read(entropy_fd, &entropy_count, sizeof(entropy_count)); + if (r < 0) { + log_error("Failed to read entropy count file: %m"); + r = -errno; + goto finish; + } + } + seed_fd = open(RANDOM_SEED, O_RDWR|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600); if (seed_fd < 0) { seed_fd = open(RANDOM_SEED, O_RDONLY|O_CLOEXEC|O_NOCTTY); @@ -113,16 +133,37 @@ int main(int argc, char *argv[]) { } else { lseek(seed_fd, 0, SEEK_SET); - k = loop_write(random_fd, buf, (size_t) k, false); - if (k <= 0) { - log_error("Failed to write seed to /dev/urandom: %s", r < 0 ? strerror(-r) : "short write"); + if (entropy_count && (size_t) k == buf_size) { + struct rand_pool_info entropy = { + .entropy_count = entropy_count, + .buf_size = buf_size, + }; + entropy.buf[0] = ((__u32*)buf)[0]; + r = ioctl(random_fd, RNDADDENTROPY, &entropy); + if (r < 0) { + log_error("Failed to write seed to /dev/urandom: %m"); + r = -errno; + } + } else { + k = loop_write(random_fd, buf, (size_t) k, false); + if (k <= 0) { + log_error("Failed to write seed to /dev/urandom: %s", r < 0 ? strerror(-r) : "short write"); - r = k == 0 ? -EIO : (int) k; + r = k == 0 ? -EIO : (int) k; + } } } } else if (streq(argv[1], "save")) { + /* Read available entropy count, if possible */ + f = fopen("/proc/sys/kernel/random/entropy_avail", "re"); + if (f) { + if (fscanf(f, "%zu", &entropy_count) < 0) + entropy_count = 0; + fclose(f); + } + seed_fd = open(RANDOM_SEED, O_WRONLY|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600); if (seed_fd < 0) { log_error("Failed to open " RANDOM_SEED ": %m"); @@ -137,6 +178,21 @@ int main(int argc, char *argv[]) { goto finish; } + if (entropy_count) { + entropy_fd = open(RANDOM_SEED_DIR "entropy_count", O_WRONLY|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600); + if (seed_fd < 0) { + log_error("Failed to open " RANDOM_SEED_DIR "entropy_count: %m"); + r = -errno; + goto finish; + } + r = write(entropy_fd, &entropy_count, sizeof(entropy_count)); + if (r < 0) { + log_error("Failed to write entropy count file: %m"); + r = -errno; + goto finish; + } + } + } else { log_error("Unknown verb %s.", argv[1]); r = -EINVAL; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
