etc/rc.d/initrandom

   1 #!/bin/sh
   2 #
   3 # $FreeBSD$
   4 #
   5
   6 # PROVIDE: initrandom
   7 # REQUIRE: dumpon ddb
   8 # BEFORE: disks
   9 # KEYWORD: nojail
  10
  11 . /etc/rc.subr
  12
  13 name="initrandom"
  14 start_cmd="initrandom_start"
  15 stop_cmd=":"
  16
  17 feed_dev_random()
  18 {
  19         if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
  20                 cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null
  21         fi
  22 }
  23
  24 better_than_nothing()
  25 {
  26         # XXX temporary until we can improve the entropy
  27         # harvesting rate.
  28         # Entropy below is not great, but better than nothing.
  29         # This unblocks the generator at startup
  30         # Note: commands are ordered to cause the most variance across reboots.
  31         ( kenv; dmesg; df -ib; ps -fauxww; date; sysctl -a ) \
  32             | dd of=/dev/random bs=8k 2>/dev/null
  33         /sbin/sha256 -q `sysctl -n kern.bootfile` \
  34             | dd of=/dev/random bs=8k 2>/dev/null
  35 }
  36
  37 initrandom_start()
  38 {
  39         soft_random_generator=`sysctl kern.random 2>/dev/null`
  40
  41         echo -n 'Entropy harvesting:'
  42
  43         if [ \! -z "${soft_random_generator}" ] ; then
  44
  45                 if [ -w /dev/random ]; then
  46                         if checkyesno harvest_interrupt; then
  47                                 ${SYSCTL} kern.random.sys.harvest.interrupt=1 >/dev/null
  48                                 echo -n ' interrupts'
  49                         else
  50                                 ${SYSCTL} kern.random.sys.harvest.interrupt=0 >/dev/null
  51                         fi
  52
  53                         if checkyesno harvest_ethernet; then
  54                                 ${SYSCTL} kern.random.sys.harvest.ethernet=1 >/dev/null
  55                                 echo -n ' ethernet'
  56                         else
  57                                 ${SYSCTL} kern.random.sys.harvest.ethernet=0 >/dev/null
  58                         fi
  59
  60                         if checkyesno harvest_p_to_p; then
  61                                 ${SYSCTL} kern.random.sys.harvest.point_to_point=1 >/dev/null
  62                                 echo -n ' point_to_point'
  63                         else
  64                                 ${SYSCTL} kern.random.sys.harvest.point_to_point=0 >/dev/null
  65                         fi
  66                 fi
  67
  68                 # First pass at reseeding /dev/random.
  69                 #
  70                 case ${entropy_file} in
  71                 [Nn][Oo] | '')
  72                         ;;
  73                 *)
  74                         if [ -w /dev/random ]; then
  75                                 feed_dev_random "${entropy_file}"
  76                         fi
  77                         ;;
  78                 esac
  79
  80                 better_than_nothing
  81
  82                 echo -n ' kickstart'
  83         fi
  84
  85         echo '.'
  86 }
  87
  88 load_rc_config random
  89 run_rc_command "$1"