CVS commit: src/sys/kern

[Taylor R Campbell]

Module Name:    src
Committed By:   riastradh
Date:           Thu Apr 30 03:42:23 UTC 2020

Modified Files:
        src/sys/kern: kern_entropy.c

Log Message:
Accept both byte orders for random seed in the kernel.

The file format was defined with a machine-dependent 32-bit integer
field (the estimated number of bits of entropy in the process that
generated it).  Fortunately we have a checksum to verify the order.

This way you can use `rndctl -S' on a little-endian machine to
generate a seed when installing NetBSD on a big-endian machine, and
the kernel will accept it on boot.


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/sys/kern/kern_entropy.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.1 src/sys/kern/kern_entropy.c:1.2
--- src/sys/kern/kern_entropy.c:1.1	Thu Apr 30 03:28:18 2020
+++ src/sys/kern/kern_entropy.c	Thu Apr 30 03:42:23 2020
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_entropy.c,v 1.1 2020/04/30 03:28:18 riastradh Exp $	*/
+/*	$NetBSD: kern_entropy.c,v 1.2 2020/04/30 03:42:23 riastradh Exp $	*/
 
 /*-
  * Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -77,7 +77,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.1 2020/04/30 03:28:18 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.2 2020/04/30 03:42:23 riastradh Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -514,8 +514,6 @@ entropy_seed(rndsave_t *seed)
 	 * but ignore the entropy estimate -- the file may have been
 	 * incompletely written with garbage, which is harmless to add
 	 * but may not be as unpredictable as alleged.
-	 *
-	 * XXX There is a byte order dependency here...
 	 */
 	SHA1Init(&ctx);
 	SHA1Update(&ctx, (const void *)&seed->entropy, sizeof(seed->entropy));
@@ -526,9 +524,20 @@ entropy_seed(rndsave_t *seed)
 		printf("entropy: invalid seed checksum\n");
 		seed->entropy = 0;
 	}
-	explicit_memset(&ctx, 0, sizeof &ctx);
+	explicit_memset(&ctx, 0, sizeof ctx);
 	explicit_memset(digest, 0, sizeof digest);
 
+	/*
+	 * If the entropy is insensibly large, try byte-swapping.
+	 * Otherwise assume the file is corrupted and act as though it
+	 * has zero entropy.
+	 */
+	if (howmany(seed->entropy, NBBY) > sizeof(seed->data)) {
+		seed->entropy = bswap32(seed->entropy);
+		if (howmany(seed->entropy, NBBY) > sizeof(seed->data))
+			seed->entropy = 0;
+	}
+
 	/* Make sure the seed source is attached.  */
 	attach_seed_rndsource();