Move the process of storing entropy from /dev/random and reseeding with

it at boot time closer to the way we want it to be in the final version.

* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
  to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
  and files before the disks are mounted. This gives /dev/random
  a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
  immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
  possibility of accidentally overwriting something other
  than a regular file.

6 files changed, 61 insertions, 72 deletions

diff --git a/etc/crontab b/etc/crontab
index 1f0950e..56ef475 100644
--- a/etc/crontab
+++ b/etc/crontab
@@ -8,11 +8,11 @@ HOME=/var/log
 #
 #minute	hour	mday	month	wday	who	command
 #
-# save some entropy so that /dev/random can reseed on boot
-*/3	*	*	*	*	operator /usr/libexec/save-entropy
-#
 */5	*	*	*	*	root	/usr/libexec/atrun
 #
+# save some entropy so that /dev/random can reseed on boot
+*/11	*	*	*	*	operator /usr/libexec/save-entropy
+#
 # rotate log files every hour, if necessary
 0	*	*	*	*	root	newsyslog
 #
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index 7e3d276..79d52ce 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -324,7 +324,7 @@ start_vinum=""		# set to YES to start vinum
 unaligned_print="YES"	# print unaligned access warnings on the alpha (or NO).
 entropy_file="/entropy" # Set to NO to disable caching entropy through reboots.
 			# /var/db/entropy is preferred if / is not available.
-entropy_dir="/.entropy" # Set to NO to disable caching entropy via cron.
+entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron.
 entropy_save_sz="2048" 	# Size of the entropy cache files.
 entropy_save_num="8" 	# Number of entropy cache files to save.
 
diff --git a/etc/mtree/BSD.root.dist b/etc/mtree/BSD.root.dist
index 0fc9833..e6e9a4d 100644
--- a/etc/mtree/BSD.root.dist
+++ b/etc/mtree/BSD.root.dist
@@ -5,10 +5,6 @@
 
 /set type=dir uname=root gname=wheel mode=0755
 .
-/set type=dir uname=operator gname=operator mode=0700
-    .entropy
-    ..
-/set type=dir uname=root gname=wheel mode=0755
     bin
     ..
     boot
diff --git a/etc/mtree/BSD.var.dist b/etc/mtree/BSD.var.dist
index 78bfd85..053a0f5 100644
--- a/etc/mtree/BSD.var.dist
+++ b/etc/mtree/BSD.var.dist
@@ -24,6 +24,10 @@
         ..
     ..
     db              mode=0755
+/set type=dir uname=operator gname=operator mode=0700
+    entropy
+    ..
+/set type=dir uname=root gname=wheel
         pkg         mode=0755
         ..
     ..
diff --git a/etc/rc b/etc/rc
index 3f9fba7..080f246 100644
--- a/etc/rc
+++ b/etc/rc
@@ -71,6 +71,13 @@ elif [ -r /etc/rc.conf ]; then
 	. /etc/rc.conf
 fi
 
+feed_dev_random() {
+	if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
+		echo "Using ${1} as an entropy file"
+		cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null
+	fi
+}
+
 chkdepend() {
 	svc=$1
 	svc_var=$2
@@ -100,15 +107,15 @@ chkdepend NFS nfs_server_enable portmap portmap_enable
 chkdepend NIS nis_server_enable portmap portmap_enable
 chkdepend NIS nis_client_enable portmap portmap_enable
 
-# First pass at entropy recovery so the rebooting /dev/random can reseed.
+# First pass at reseeding /dev/random.
 #
-feed_dev_random() {
-	if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
-		echo "Using ${1} as an entropy file"
-		cat ${1} > /dev/random 2> /dev/random &&
-		entropy_reseeded=yes
-	fi
-}
+# XXX temporary until we can get the entropy
+# harvesting rate up
+# Entropy below is not great,
+# but better than nothing.
+( ps -efauxww; sysctl -a; date; df -ib; dmesg; ps -efauxww; ) \
+    | dd of=/dev/random bs=8k 2>/dev/null
+cat /bin/ls | dd of=/dev/random bs=8k 2>/dev/null
 
 case ${entropy_file} in
 [Nn][Oo] | '')
@@ -120,21 +127,6 @@ case ${entropy_file} in
 	;;
 esac
 
-case ${entropy_dir} in
-[Nn][Oo])
-	;;
-*)
-	entropy_dir=${entropy_dir:-/.entropy}
-	if [ -d "${entropy_dir}" ]; then
-		if [ -w /dev/random ]; then
-			for seedfile in ${entropy_dir}/*; do
-				feed_dev_random "${seedfile}"
-			done
-		fi
-	fi
-	;;
-esac
-
 # Configure ccd devices.
 #
 if [ -r /etc/ccd.conf ]; then
@@ -224,44 +216,31 @@ if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then
 		sh ${diskless_mount}
 fi
 
-# Second attempt at reseeding, if needed.
-#
-case ${entropy_reseeded} in
-yes)
+# Reseed /dev/random with previously stored entropy.
+case ${entropy_dir} in
+[Nn][Oo])
 	;;
 *)
-	case ${entropy_file} in
-	[Nn][Oo] | '')
-		;;
-	*)
+	entropy_dir=${entropy_dir:-/var/db/entropy}
+	if [ -d "${entropy_dir}" ]; then
 		if [ -w /dev/random ]; then
-			if [ -f "${entropy_file}" -a -r "${entropy_file}" -a \
-			    -s "${entropy_file}" ]; then
-				feed_dev_random "${entropy_file}"
-			elif [ "${entropy_file}" != /var/db/entropy -a \
-			    -f /var/db/entropy -a -r /var/db/entropy -a \
-			    -s /var/db/entropy ]; then
-				feed_dev_random /var/db/entropy 
-			else
-    echo "Can't use ${entropy_file} as an entropy file, trying other sources"
-				# XXX temporary until we can get the entropy
-				# harvesting rate up
-				# Entropy below is not great,
-				# but better than nothing.
-				(ps -gauxwww; sysctl -a;
-				    dmesg) | /bin/dd of=/dev/random bs=8k 2>/dev/null
-				( for i in /etc /var/run ; do
-					cd $i ; ls -al ; cat *
-				done ) | /bin/dd of=/dev/random bs=8k 2>/dev/null
-			fi
+			for seedfile in ${entropy_dir}/*; do
+				feed_dev_random "${seedfile}"
+			done
 		fi
-		;;
-	esac
+	fi
 	;;
 esac
 
-# Remove these to prevent problems on future reboots
-rm -f "${entropy_file}" /var/db/entropy
+case ${entropy_file} in
+[Nn][Oo] | '')
+	;;
+*)
+	if [ -w /dev/random ]; then
+		feed_dev_random "${entropy_file}"
+	fi
+	;;
+esac
 
 adjkerntz -i
 
diff --git a/libexec/save-entropy/save-entropy.sh b/libexec/save-entropy/save-entropy.sh
index 4a84fd7..82b96ca 100755
--- a/libexec/save-entropy/save-entropy.sh
+++ b/libexec/save-entropy/save-entropy.sh
@@ -29,6 +29,8 @@
 # This script is called by cron to store bits of randomness which are
 # then used to seed /dev/random on boot.
 
+# Originally developed by Doug Barton, DougB@FreeBSD.org
+
 PATH=/bin:/usr/bin
 
 # If there is a global system configuration file, suck it in.
@@ -45,33 +47,41 @@ case ${entropy_dir} in
 	exit 0
 	;;
 *)
-	entropy_dir=${entropy_dir:-/.entropy}
+	entropy_dir=${entropy_dir:-/var/db/entropy}
 	;;
 esac
 
 entropy_save_sz=${entropy_save_sz:-2048}
 entropy_save_num=${entropy_save_num:-8}
-entropy_save_jot=$(($entropy_save_num - 1))
 
 if [ ! -d "${entropy_dir}" ]; then
 	umask 077
 	mkdir "${entropy_dir}" || {
-	    logger -is The entropy directory "${entropy_dir}" does not \
+	    logger -is -t "$0" The entropy directory "${entropy_dir}" does not \
 exist, and cannot be created.  Therefore no entropy can be saved. ;
 	    exit 1;}
 	/usr/sbin/chown operator:operator "${entropy_dir}"
 	chmod 0700 "${entropy_dir}"
 fi
 
-rm -f "${entropy_dir}/saved-entropy.${entropy_save_num}"
-
 umask 377
 
-for file_num in `jot ${entropy_save_jot} ${entropy_save_jot} 1`; do
-	if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then
-		new_num=$(($file_num + 1))
-		mv "${entropy_dir}/saved-entropy.${file_num}" \
-		    "${entropy_dir}/saved-entropy.${new_num}"
+for file_num in `jot ${entropy_save_num} ${entropy_save_num} 1`; do
+	if [ -e "${entropy_dir}/saved-entropy.${file_num}" ]; then
+		if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then
+			new_num=$(($file_num + 1))
+			if [ "${new_num}" -gt "${entropy_save_num}" ]; then
+				rm -f "${entropy_dir}/saved-entropy.${file_num}"
+			else
+				mv "${entropy_dir}/saved-entropy.${file_num}" \
+				    "${entropy_dir}/saved-entropy.${new_num}"
+			fi
+		else
+			logger -is -t "$0" \
+"${entropy_dir}/saved-entropy.${file_num} is not a regular file, and therefore \
+it will not be rotated. Entropy file harvesting is aborted."
+			exit 1
+		fi
 	fi
 done