rndctl.c revision 1.24
1 /* $NetBSD: rndctl.c,v 1.24 2012/02/02 19:42:57 tls Exp $ */ 2 3 /*- 4 * Copyright (c) 1997 Michael Graff. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the author nor the names of other contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 #include <sys/cdefs.h> 32 #include <sys/types.h> 33 #include <sha1.h> 34 35 #ifndef lint 36 __RCSID("$NetBSD: rndctl.c,v 1.24 2012/02/02 19:42:57 tls Exp $"); 37 #endif 38 39 40 #include <sys/types.h> 41 #include <sys/ioctl.h> 42 #include <sys/param.h> 43 #include <sys/rnd.h> 44 45 #include <stdio.h> 46 #include <stdlib.h> 47 #include <unistd.h> 48 #include <fcntl.h> 49 #include <errno.h> 50 #include <err.h> 51 #include <string.h> 52 53 typedef struct { 54 const char *a_name; 55 u_int32_t a_type; 56 } arg_t; 57 58 static const arg_t source_types[] = { 59 { "???", RND_TYPE_UNKNOWN }, 60 { "disk", RND_TYPE_DISK }, 61 { "net", RND_TYPE_NET }, 62 { "tape", RND_TYPE_TAPE }, 63 { "tty", RND_TYPE_TTY }, 64 { "rng", RND_TYPE_RNG }, 65 { "skew", RND_TYPE_SKEW }, 66 { "env", RND_TYPE_ENV }, 67 { "vm", RND_TYPE_VM }, 68 { "power", RND_TYPE_POWER }, 69 { NULL, 0 } 70 }; 71 72 __dead static void usage(void); 73 static u_int32_t find_type(const char *name); 74 static const char *find_name(u_int32_t); 75 static void do_ioctl(rndctl_t *); 76 static char * strflags(u_int32_t); 77 static void do_list(int, u_int32_t, char *); 78 static void do_stats(void); 79 80 static void 81 usage(void) 82 { 83 84 fprintf(stderr, "usage: %s -CEce [-d devname | -t devtype]\n", 85 getprogname()); 86 fprintf(stderr, " %s -ls [-d devname | -t devtype]\n", 87 getprogname()); 88 fprintf(stderr, " %s -[L|S] save-file\n", getprogname()); 89 exit(1); 90 } 91 92 static u_int32_t 93 find_type(const char *name) 94 { 95 const arg_t *a; 96 97 a = source_types; 98 99 while (a->a_name != NULL) { 100 if (strcmp(a->a_name, name) == 0) 101 return (a->a_type); 102 a++; 103 } 104 105 errx(1, "device name %s unknown", name); 106 return (0); 107 } 108 109 static const char * 110 find_name(u_int32_t type) 111 { 112 const arg_t *a; 113 114 a = source_types; 115 116 while (a->a_name != NULL) { 117 if (type == a->a_type) 118 return (a->a_name); 119 a++; 120 } 121 122 warnx("device type %u unknown", type); 123 return ("???"); 124 } 125 126 static void 127 do_save(const char *const filename) 128 { 129 int est1, est2; 130 rndpoolstat_t rp; 131 rndsave_t rs; 132 SHA1_CTX s; 133 134 int fd; 135 136 fd = open("/dev/urandom", O_RDONLY, 0644); 137 if (fd < 0) { 138 err(1, "device open"); 139 } 140 141 if (ioctl(fd, RNDGETPOOLSTAT, &rp) < 0) { 142 err(1, "ioctl(RNDGETPOOLSTAT)"); 143 } 144 145 est1 = rp.curentropy; 146 147 if (read(fd, rs.data, sizeof(rs.data)) != sizeof(rs.data)) { 148 err(1, "entropy read"); 149 } 150 151 if (ioctl(fd, RNDGETPOOLSTAT, &rp) < 0) { 152 err(1, "ioctl(RNDGETPOOLSTAT)"); 153 } 154 155 est2 = rp.curentropy; 156 157 if (est1 - est2 < 0) { 158 rs.entropy = 0; 159 } else { 160 rs.entropy = est1 - est2; 161 } 162 163 SHA1Init(&s); 164 SHA1Update(&s, (uint8_t *)&rs.entropy, sizeof(rs.entropy)); 165 SHA1Update(&s, rs.data, sizeof(rs.data)); 166 SHA1Final(rs.digest, &s); 167 168 close(fd); 169 unlink(filename); 170 fd = open(filename, O_CREAT|O_EXCL|O_WRONLY, 0600); 171 if (fd < 0) { 172 err(1, "output open"); 173 } 174 175 if (write(fd, &rs, sizeof(rs)) != sizeof(rs)) { 176 unlink(filename); 177 fsync_range(fd, FDATASYNC|FDISKSYNC, (off_t)0, (off_t)0); 178 err(1, "write"); 179 } 180 fsync_range(fd, FDATASYNC|FDISKSYNC, (off_t)0, (off_t)0); 181 close(fd); 182 } 183 184 static void 185 do_load(const char *const filename) 186 { 187 int fd; 188 rndsave_t rs, rszero; 189 rnddata_t rd; 190 SHA1_CTX s; 191 uint8_t digest[SHA1_DIGEST_LENGTH]; 192 193 fd = open(filename, O_RDWR, 0600); 194 if (fd < 0) { 195 err(1, "input open"); 196 } 197 198 unlink(filename); 199 200 if (read(fd, &rs, sizeof(rs)) != sizeof(rs)) { 201 err(1, "read"); 202 } 203 204 memset(&rszero, 0, sizeof(rszero)); 205 if (write(fd, &rszero, sizeof(rszero) != sizeof(rszero))) { 206 err(1, "overwrite"); 207 } 208 fsync_range(fd, FDATASYNC|FDISKSYNC, (off_t)0, (off_t)0); 209 close(fd); 210 211 SHA1Init(&s); 212 SHA1Update(&s, (uint8_t *)&rs.entropy, sizeof(rs.entropy)); 213 SHA1Update(&s, rs.data, sizeof(rs.data)); 214 SHA1Final(digest, &s); 215 216 if (memcmp(digest, rs.digest, sizeof(digest))) { 217 errx(1, "bad digest"); 218 } 219 220 rd.len = MIN(sizeof(rd.data), sizeof(rs.data)); 221 rd.entropy = rs.entropy; 222 memcpy(rd.data, rs.data, MIN(sizeof(rd.data), sizeof(rs.data))); 223 224 fd = open("/dev/urandom", O_RDWR, 0644); 225 if (fd < 0) { 226 err(1, "device open"); 227 } 228 229 if (ioctl(fd, RNDADDDATA, &rd) < 0) { 230 err(1, "ioctl"); 231 } 232 close(fd); 233 } 234 235 static void 236 do_ioctl(rndctl_t *rctl) 237 { 238 int fd; 239 int res; 240 241 fd = open("/dev/urandom", O_RDONLY, 0644); 242 if (fd < 0) 243 err(1, "open"); 244 245 res = ioctl(fd, RNDCTL, rctl); 246 if (res < 0) 247 err(1, "ioctl(RNDCTL)"); 248 249 close(fd); 250 } 251 252 static char * 253 strflags(u_int32_t fl) 254 { 255 static char str[512]; 256 257 str[0] = 0; 258 if (fl & RND_FLAG_NO_ESTIMATE) 259 ; 260 else 261 strlcat(str, "estimate", sizeof(str)); 262 263 if (fl & RND_FLAG_NO_COLLECT) 264 ; 265 else { 266 if (str[0]) 267 strlcat(str, ", ", sizeof(str)); 268 strlcat(str, "collect", sizeof(str)); 269 } 270 271 return (str); 272 } 273 274 #define HEADER "Source Bits Type Flags\n" 275 276 static void 277 do_list(int all, u_int32_t type, char *name) 278 { 279 rndstat_t rstat; 280 rndstat_name_t rstat_name; 281 int fd; 282 int res; 283 uint32_t i; 284 u_int32_t start; 285 286 fd = open("/dev/urandom", O_RDONLY, 0644); 287 if (fd < 0) 288 err(1, "open"); 289 290 if (all == 0 && type == 0xff) { 291 strncpy(rstat_name.name, name, sizeof(rstat_name.name)); 292 res = ioctl(fd, RNDGETSRCNAME, &rstat_name); 293 if (res < 0) 294 err(1, "ioctl(RNDGETSRCNAME)"); 295 printf(HEADER); 296 printf("%-16s %10u %-4s %s\n", 297 rstat_name.source.name, 298 rstat_name.source.total, 299 find_name(rstat_name.source.type), 300 strflags(rstat_name.source.flags)); 301 close(fd); 302 return; 303 } 304 305 /* 306 * Run through all the devices present in the system, and either 307 * print out ones that match, or print out all of them. 308 */ 309 printf(HEADER); 310 start = 0; 311 for (;;) { 312 rstat.count = RND_MAXSTATCOUNT; 313 rstat.start = start; 314 res = ioctl(fd, RNDGETSRCNUM, &rstat); 315 if (res < 0) 316 err(1, "ioctl(RNDGETSRCNUM)"); 317 318 if (rstat.count == 0) 319 break; 320 321 for (i = 0; i < rstat.count; i++) { 322 if (all != 0 || 323 type == rstat.source[i].type) 324 printf("%-16s %10u %-4s %s\n", 325 rstat.source[i].name, 326 rstat.source[i].total, 327 find_name(rstat.source[i].type), 328 strflags(rstat.source[i].flags)); 329 } 330 start += rstat.count; 331 } 332 333 close(fd); 334 } 335 336 static void 337 do_stats(void) 338 { 339 rndpoolstat_t rs; 340 int fd; 341 342 fd = open("/dev/urandom", O_RDONLY, 0644); 343 if (fd < 0) 344 err(1, "open"); 345 346 if (ioctl(fd, RNDGETPOOLSTAT, &rs) < 0) 347 err(1, "ioctl(RNDGETPOOLSTAT)"); 348 349 printf("\t%9u bits mixed into pool\n", rs.added); 350 printf("\t%9u bits currently stored in pool (max %u)\n", 351 rs.curentropy, rs.maxentropy); 352 printf("\t%9u bits of entropy discarded due to full pool\n", 353 rs.discarded); 354 printf("\t%9u hard-random bits generated\n", rs.removed); 355 printf("\t%9u pseudo-random bits generated\n", rs.generated); 356 357 close(fd); 358 } 359 360 int 361 main(int argc, char **argv) 362 { 363 rndctl_t rctl; 364 int ch, cmd, lflag, mflag, sflag; 365 u_int32_t type; 366 char name[16]; 367 const char *filename = NULL; 368 369 rctl.mask = 0; 370 rctl.flags = 0; 371 372 cmd = 0; 373 lflag = 0; 374 mflag = 0; 375 sflag = 0; 376 type = 0xff; 377 378 while ((ch = getopt(argc, argv, "CES:L:celt:d:s")) != -1) { 379 switch (ch) { 380 case 'C': 381 rctl.flags |= RND_FLAG_NO_COLLECT; 382 rctl.mask |= RND_FLAG_NO_COLLECT; 383 mflag++; 384 break; 385 case 'E': 386 rctl.flags |= RND_FLAG_NO_ESTIMATE; 387 rctl.mask |= RND_FLAG_NO_ESTIMATE; 388 mflag++; 389 break; 390 case 'L': 391 if (cmd != 0) 392 usage(); 393 cmd = 'L'; 394 filename = optarg; 395 break; 396 case 'S': 397 if (cmd != 0) 398 usage(); 399 cmd = 'S'; 400 filename = optarg; 401 break; 402 case 'c': 403 rctl.flags &= ~RND_FLAG_NO_COLLECT; 404 rctl.mask |= RND_FLAG_NO_COLLECT; 405 mflag++; 406 break; 407 case 'e': 408 rctl.flags &= ~RND_FLAG_NO_ESTIMATE; 409 rctl.mask |= RND_FLAG_NO_ESTIMATE; 410 mflag++; 411 break; 412 case 'l': 413 lflag++; 414 break; 415 case 't': 416 if (cmd != 0) 417 usage(); 418 cmd = 't'; 419 420 type = find_type(optarg); 421 break; 422 case 'd': 423 if (cmd != 0) 424 usage(); 425 cmd = 'd'; 426 427 type = 0xff; 428 strlcpy(name, optarg, sizeof(name)); 429 break; 430 case 's': 431 sflag++; 432 break; 433 case '?': 434 default: 435 usage(); 436 } 437 } 438 argc -= optind; 439 argv += optind; 440 441 /* 442 * No leftover non-option arguments. 443 */ 444 if (argc > 0) 445 usage(); 446 447 /* 448 * Save. 449 */ 450 if (cmd == 'S') { 451 do_save(filename); 452 exit(0); 453 } 454 455 /* 456 * Load. 457 */ 458 if (cmd == 'L') { 459 do_load(filename); 460 exit(0); 461 } 462 463 /* 464 * Cannot list and modify at the same time. 465 */ 466 if ((lflag != 0 || sflag != 0) && mflag != 0) 467 usage(); 468 469 /* 470 * Bomb out on no-ops. 471 */ 472 if (lflag == 0 && mflag == 0 && sflag == 0) 473 usage(); 474 475 /* 476 * If not listing, we need a device name or a type. 477 */ 478 if (lflag == 0 && cmd == 0 && sflag == 0) 479 usage(); 480 481 /* 482 * Modify request. 483 */ 484 if (mflag != 0) { 485 rctl.type = type; 486 strncpy(rctl.name, name, sizeof(rctl.name)); 487 do_ioctl(&rctl); 488 489 exit(0); 490 } 491 492 /* 493 * List sources. 494 */ 495 if (lflag != 0) 496 do_list(cmd == 0, type, name); 497 498 if (sflag != 0) 499 do_stats(); 500 501 exit(0); 502 } 503
Indexes created Tue Sep 23 23:09:58 GMT 2025