OpenBSD Journal

n2k14 hackathon report: deraadt@ on random seeds, signing and hibernation

Contributed by jj on from the hack that kiwi, signed dept.

Our second n2k14 hackathon report comes from Theo de Raadt (deraadt@), who writes,
I came to this hackathon with a few targets. I really wanted a break from the recent funding issues. It was time to dig into code.

First off, I completed a series of changes to the random subsystem. The bootblocks now try to read a file (/etc/random.seed) out of the root filesystem, mix it with data from the random instructions or tsc clock, and pass it the kernel. This small pool is given to the kernel using a special ELF random segment, so that fairly strong entropy is available right from kernel startup. For instance, the stack protector is correctly initialized from the get-go. Since large amounts of raw entropy are available, a bunch of "startup problem" code could be deleted or rewritten. We can now call the arc4random functions in the kernel from the earliest point possible. As the kernel becomes more alive step by step, it folds new entropy information into the pool.

Regarding the /etc/random.seed file, some sequencing improvements were made to /etc/rc to update this file, as well feed the random number generator better with other saved entropy sources. I think it is pretty good.. the remaining work is on clock mixing in the bootblocks of the remaining architectures.

My second task was to look into fixing a glaring and ugly ioctl problem in pf. For historical reasons the kernel and pfctl share datastructures far too closely. There is a shortcut that we can take, but I wanted to investigate a cleaner solution, since it will be an ABI break either way. In discussions I estimated it would be around 6000 lines of diff.... and the estimate turned out to be right. The change remains unfinished because the separation is not complete. Anchors have complicated things badly. I'll revisit it.

I also worked on some improved infrastructure for the signed releases coming up in 5.5. Since we do snapshots all the time, we need a robust pipeline for signing files. Still learning..

In between, I kept flipping back and forth towards work on suspend-resume. I continue finding small glitches in the order of operations. It was also a real pleasure to chat with Mark Kettenis throughout the hackathon about the worst suspend-resume problem area (video), and Joel Sing about the possibility of eventually hibernating on softraid.

Throughout the week there were many other interruptions...

A big thank you from the Undeadly editors to Theo for the work and the report!

By the time you read this, there should be more n2k14 reports in the pipeline. Stay tuned.

(Comments are closed)


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]