mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-22 16:44:32 +01:00
86fdaae573
This is a further clean up after r202988. SYSCTL_W is still initialized in rc.subr as some ports may still use it.
83 lines
1.7 KiB
Bash
Executable File
83 lines
1.7 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: initrandom
|
|
# REQUIRE: dumpon ddb
|
|
# BEFORE: disks
|
|
# KEYWORD: nojail
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="initrandom"
|
|
start_cmd="initrandom_start"
|
|
stop_cmd=":"
|
|
|
|
feed_dev_random()
|
|
{
|
|
if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
|
|
cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null
|
|
fi
|
|
}
|
|
|
|
initrandom_start()
|
|
{
|
|
soft_random_generator=`sysctl kern.random 2>/dev/null`
|
|
|
|
echo -n 'Entropy harvesting:'
|
|
|
|
if [ \! -z "${soft_random_generator}" ] ; then
|
|
|
|
if [ -w /dev/random ]; then
|
|
if checkyesno harvest_interrupt; then
|
|
${SYSCTL} kern.random.sys.harvest.interrupt=1 >/dev/null
|
|
echo -n ' interrupts'
|
|
else
|
|
${SYSCTL} kern.random.sys.harvest.interrupt=0 >/dev/null
|
|
fi
|
|
|
|
if checkyesno harvest_ethernet; then
|
|
${SYSCTL} kern.random.sys.harvest.ethernet=1 >/dev/null
|
|
echo -n ' ethernet'
|
|
else
|
|
${SYSCTL} kern.random.sys.harvest.ethernet=0 >/dev/null
|
|
fi
|
|
|
|
if checkyesno harvest_p_to_p; then
|
|
${SYSCTL} kern.random.sys.harvest.point_to_point=1 >/dev/null
|
|
echo -n ' point_to_point'
|
|
else
|
|
${SYSCTL} kern.random.sys.harvest.point_to_point=0 >/dev/null
|
|
fi
|
|
fi
|
|
|
|
# XXX temporary until we can improve the entropy
|
|
# harvesting rate.
|
|
# Entropy below is not great, but better than nothing.
|
|
# This unblocks the generator at startup
|
|
( ps -fauxww; sysctl -a; date; df -ib; dmesg; ps -fauxww ) \
|
|
| dd of=/dev/random bs=8k 2>/dev/null
|
|
cat /bin/ls | dd of=/dev/random bs=8k 2>/dev/null
|
|
|
|
# First pass at reseeding /dev/random.
|
|
#
|
|
case ${entropy_file} in
|
|
[Nn][Oo] | '')
|
|
;;
|
|
*)
|
|
if [ -w /dev/random ]; then
|
|
feed_dev_random "${entropy_file}"
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
echo -n ' kickstart'
|
|
fi
|
|
|
|
echo '.'
|
|
}
|
|
|
|
load_rc_config random
|
|
run_rc_command "$1"
|