diff options
Diffstat (limited to 'src/fripost-partman-udeb/base.sh')
| -rw-r--r-- | src/fripost-partman-udeb/base.sh | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/fripost-partman-udeb/base.sh b/src/fripost-partman-udeb/base.sh index c23dcc1..b6770f8 100644 --- a/src/fripost-partman-udeb/base.sh +++ b/src/fripost-partman-udeb/base.sh @@ -52,6 +52,49 @@ wait_for_device() { [ -b "$device" ] || fatal "Error: $device not found!" } +# The non-blocking PRNG /dev/urandom doesn't block if it has been seeded +# enough, sadly (e.g., if the entropy pool is empty). Reading a few +# bytes from the *blocking* should ensure that "the kernel RNG has [...] +# reach full entropy at least once, which guarantees cryptographic +# quality of the rest of the /dev/urandom stream." -- Tor bug #10676. +# See also urandom(4). (XXX It's possible that the debian installer +# does that already.) +seed_urandom() { + local seed=/var/run/random-seed fifo n records dir + local poolfile=/proc/sys/kernel/random/poolsize bytes=512 + + if [ -f "$seed" ]; then + log "/dev/urandom has already been seeded since start-up" + return + fi + + [ -r $poolfile ] && bytes=$(cat $poolfile) + log "Seeding /dev/urandom with $bytes bytes from /dev/random" + db_subst fripost/seed_urandom_progress_title BYTES $bytes + db_progress START 0 $bytes fripost/seed_urandom_progress_title + db_progress INFO fripost/seed_urandom_progress_info + + fifo=$(mktemp -u) + /bin/mknod "$fifo" p || exit 1 + trap 'kill $pid' EXIT + /bin/dd if=/dev/random bs=1 count=$bytes of=/dev/null 2> "$fifo" & pid=$! + heartbeat $pid USR1 & + + local n records dir + while read -u 7 n records dir; do + [ "$records" = records -a "$dir" = out ] && db_progress SET ${n%+*} + done 7< "$fifo" + db_progress SET $bytes; sleep 0.25 + + rm -f "$fifo" + trap '' EXIT + + db_progress STOP + db_unregister fripost/seed_urandom_progress_title + db_unregister fripost/seed_urandom_progress_info + touch "$seed" +} + ############################################################################## # Wipe the disk (unless d-i's 'fripost/wipe-device' is 'none') @@ -69,6 +112,7 @@ fripost_wipe() { fi source="/dev/$RET" + [ "$source" != /dev/urandom ] || seed_urandom log "Want to wipe $device using source $source" [ -b "$device" -a -d "$blockdir" -a -c "$source" ] || \ fatal "Invalid device $device or source $source" @@ -211,6 +255,7 @@ fripost_encrypt() { keyfile=$(mktemp) || exit 1 log "Encryting device $device and sets up a mapping $name" + seed_urandom db_input high fripost/encryption-password || true db_go |