[thirdparty/systemd.git] / src / random-seed / random-seed.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <errno.h>
#include <fcntl.h>
#include <linux/random.h>
#include <sys/ioctl.h>
#if USE_SYS_RANDOM_H
#  include <sys/random.h>
#endif
#include <sys/stat.h>
#include <sys/xattr.h>
#include <unistd.h>

#include "sd-id128.h"

#include "alloc-util.h"
#include "fd-util.h"
#include "fs-util.h"
#include "io-util.h"
#include "log.h"
#include "main-func.h"
#include "missing_random.h"
#include "missing_syscall.h"
#include "mkdir.h"
#include "parse-util.h"
#include "random-util.h"
#include "string-util.h"
#include "sync-util.h"
#include "util.h"
#include "xattr-util.h"

typedef enum CreditEntropy {
        CREDIT_ENTROPY_NO_WAY,
        CREDIT_ENTROPY_YES_PLEASE,
        CREDIT_ENTROPY_YES_FORCED,
} CreditEntropy;

static CreditEntropy may_credit(int seed_fd) {
        _cleanup_free_ char *creditable = NULL;
        const char *e;
        int r;

        assert(seed_fd >= 0);

        e = getenv("SYSTEMD_RANDOM_SEED_CREDIT");
        if (!e) {
                log_debug("$SYSTEMD_RANDOM_SEED_CREDIT is not set, not crediting entropy.");
                return CREDIT_ENTROPY_NO_WAY;
        }
        if (streq(e, "force")) {
                log_debug("$SYSTEMD_RANDOM_SEED_CREDIT is set to 'force', crediting entropy.");
                return CREDIT_ENTROPY_YES_FORCED;
        }

        r = parse_boolean(e);
        if (r <= 0) {
                if (r < 0)
                        log_warning_errno(r, "Failed to parse $SYSTEMD_RANDOM_SEED_CREDIT, not crediting entropy: %m");
                else
                        log_debug("Crediting entropy is turned off via $SYSTEMD_RANDOM_SEED_CREDIT, not crediting entropy.");

                return CREDIT_ENTROPY_NO_WAY;
        }

        /* Determine if the file is marked as creditable */
        r = fgetxattr_malloc(seed_fd, "user.random-seed-creditable", &creditable);
        if (r < 0) {
                if (IN_SET(r, -ENODATA, -ENOSYS, -EOPNOTSUPP))
                        log_debug_errno(r, "Seed file is not marked as creditable, not crediting.");
                else
                        log_warning_errno(r, "Failed to read extended attribute, ignoring: %m");

                return CREDIT_ENTROPY_NO_WAY;
        }

        r = parse_boolean(creditable);
        if (r <= 0) {
                if (r < 0)
                        log_warning_errno(r, "Failed to parse user.random-seed-creditable extended attribute, ignoring: %s", creditable);
                else
                        log_debug("Seed file is marked as not creditable, not crediting.");

                return CREDIT_ENTROPY_NO_WAY;
        }

        /* Don't credit the random seed if we are in first-boot mode, because we are supposed to start from
         * scratch. This is a safety precaution for cases where we people ship "golden" images with empty
         * /etc but populated /var that contains a random seed. */
        if (access("/run/systemd/first-boot", F_OK) < 0) {

                if (errno != ENOENT) {
                        log_warning_errno(errno, "Failed to check whether we are in first-boot mode, not crediting entropy: %m");
                        return CREDIT_ENTROPY_NO_WAY;
                }

                /* If ENOENT all is good, we are not in first-boot mode. */
        } else {
                log_debug("Not crediting entropy, since booted in first-boot mode.");
                return CREDIT_ENTROPY_NO_WAY;
        }

        return CREDIT_ENTROPY_YES_PLEASE;
}

static int run(int argc, char *argv[]) {
        _cleanup_close_ int seed_fd = -1, random_fd = -1;
        bool read_seed_file, write_seed_file, synchronous;
        _cleanup_free_ void* buf = NULL;
        size_t buf_size;
        struct stat st;
        ssize_t k;
        int r;

        log_setup();

        if (argc != 2)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "This program requires one argument.");

        umask(0022);

        buf_size = random_pool_size();

        r = mkdir_parents(RANDOM_SEED, 0755);
        if (r < 0)
                return log_error_errno(r, "Failed to create directory " RANDOM_SEED_DIR ": %m");

        /* When we load the seed we read it and write it to the device and then immediately update the saved seed with
         * new data, to make sure the next boot gets seeded differently. */

        if (streq(argv[1], "load")) {

                seed_fd = open(RANDOM_SEED, O_RDWR|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
                if (seed_fd < 0) {
                        int open_rw_error = -errno;

                        write_seed_file = false;

                        seed_fd = open(RANDOM_SEED, O_RDONLY|O_CLOEXEC|O_NOCTTY);
                        if (seed_fd < 0) {
                                bool missing = errno == ENOENT;

                                log_full_errno(missing ? LOG_DEBUG : LOG_ERR,
                                               open_rw_error, "Failed to open " RANDOM_SEED " for writing: %m");
                                r = log_full_errno(missing ? LOG_DEBUG : LOG_ERR,
                                                   errno, "Failed to open " RANDOM_SEED " for reading: %m");
                                return missing ? 0 : r;
                        }
                } else
                        write_seed_file = true;

                random_fd = open("/dev/urandom", O_RDWR|O_CLOEXEC|O_NOCTTY, 0600);
                if (random_fd < 0)
                        return log_error_errno(errno, "Failed to open /dev/urandom: %m");

                read_seed_file = true;
                synchronous = true; /* make this invocation a synchronous barrier for random pool initialization */

        } else if (streq(argv[1], "save")) {

                random_fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
                if (random_fd < 0)
                        return log_error_errno(errno, "Failed to open /dev/urandom: %m");

                seed_fd = open(RANDOM_SEED, O_WRONLY|O_CLOEXEC|O_NOCTTY|O_CREAT, 0600);
                if (seed_fd < 0)
                        return log_error_errno(errno, "Failed to open " RANDOM_SEED ": %m");

                read_seed_file = false;
                write_seed_file = true;
                synchronous = false;
        } else
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "Unknown verb '%s'.", argv[1]);

        if (fstat(seed_fd, &st) < 0)
                return log_error_errno(errno, "Failed to stat() seed file " RANDOM_SEED ": %m");

        /* If the seed file is larger than what we expect, then honour the existing size and save/restore as much as it says */
        if ((uint64_t) st.st_size > buf_size)
                buf_size = MIN(st.st_size, RANDOM_POOL_SIZE_MAX);

        buf = malloc(buf_size);
        if (!buf)
                return log_oom();

        if (read_seed_file) {
                sd_id128_t mid;

                /* First, let's write the machine ID into /dev/urandom, not crediting entropy. Why? As an
                 * extra protection against "golden images" that are put together sloppily, i.e. images which
                 * are duplicated on multiple systems but where the random seed file is not properly
                 * reset. Frequently the machine ID is properly reset on those systems however (simply
                 * because it's easier to notice, if it isn't due to address clashes and so on, while random
                 * seed equivalence is generally not noticed easily), hence let's simply write the machined
                 * ID into the random pool too. */
                r = sd_id128_get_machine(&mid);
                if (r < 0)
                        log_debug_errno(r, "Failed to get machine ID, ignoring: %m");
                else {
                        r = loop_write(random_fd, &mid, sizeof(mid), false);
                        if (r < 0)
                                log_debug_errno(r, "Failed to write machine ID to /dev/urandom, ignoring: %m");
                }

                k = loop_read(seed_fd, buf, buf_size, false);
                if (k < 0)
                        log_error_errno(k, "Failed to read seed from " RANDOM_SEED ": %m");
                else if (k == 0)
                        log_debug("Seed file " RANDOM_SEED " not yet initialized, proceeding.");
                else {
                        CreditEntropy lets_credit;

                        (void) lseek(seed_fd, 0, SEEK_SET);

                        lets_credit = may_credit(seed_fd);

                        /* Before we credit or use the entropy, let's make sure to securely drop the
                         * creditable xattr from the file, so that we never credit the same random seed
                         * again. Note that further down we'll write a new seed again, and likely mark it as
                         * credible again, hence this is just paranoia to close the short time window between
                         * the time we upload the random seed into the kernel and download the new one from
                         * it. */

                        if (fremovexattr(seed_fd, "user.random-seed-creditable") < 0) {
                                if (!IN_SET(errno, ENODATA, ENOSYS, EOPNOTSUPP))
                                        log_warning_errno(errno, "Failed to remove extended attribute, ignoring: %m");

                                /* Otherwise, there was no creditable flag set, which is OK. */
                        } else {
                                r = fsync_full(seed_fd);
                                if (r < 0) {
                                        log_warning_errno(r, "Failed to synchronize seed to disk, not crediting entropy: %m");

                                        if (lets_credit == CREDIT_ENTROPY_YES_PLEASE)
                                                lets_credit = CREDIT_ENTROPY_NO_WAY;
                                }
                        }

                        r = random_write_entropy(random_fd, buf, k,
                                                 IN_SET(lets_credit, CREDIT_ENTROPY_YES_PLEASE, CREDIT_ENTROPY_YES_FORCED));
                        if (r < 0)
                                log_error_errno(r, "Failed to write seed to /dev/urandom: %m");
                }
        }

        if (write_seed_file) {
                bool getrandom_worked = false;

                /* This is just a safety measure. Given that we are root and most likely created the file
                 * ourselves the mode and owner should be correct anyway. */
                r = fchmod_and_chown(seed_fd, 0600, 0, 0);
                if (r < 0)
                        return log_error_errno(r, "Failed to adjust seed file ownership and access mode.");

                /* Let's make this whole job asynchronous, i.e. let's make ourselves a barrier for
                 * proper initialization of the random pool. */
                k = getrandom(buf, buf_size, GRND_NONBLOCK);
                if (k < 0 && errno == EAGAIN && synchronous) {
                        log_notice("Kernel entropy pool is not initialized yet, waiting until it is.");
                        k = getrandom(buf, buf_size, 0); /* retry synchronously */
                }
                if (k < 0)
                        log_debug_errno(errno, "Failed to read random data with getrandom(), falling back to /dev/urandom: %m");
                else if ((size_t) k < buf_size)
                        log_debug("Short read from getrandom(), falling back to /dev/urandom.");
                else
                        getrandom_worked = true;

                if (!getrandom_worked) {
                        /* Retry with classic /dev/urandom */
                        k = loop_read(random_fd, buf, buf_size, false);
                        if (k < 0)
                                return log_error_errno(k, "Failed to read new seed from /dev/urandom: %m");
                        if (k == 0)
                                return log_error_errno(SYNTHETIC_ERRNO(EIO),
                                                       "Got EOF while reading from /dev/urandom.");
                }

                r = loop_write(seed_fd, buf, (size_t) k, false);
                if (r < 0)
                        return log_error_errno(r, "Failed to write new random seed file: %m");

                if (ftruncate(seed_fd, k) < 0)
                        return log_error_errno(r, "Failed to truncate random seed file: %m");

                r = fsync_full(seed_fd);
                if (r < 0)
                        return log_error_errno(r, "Failed to synchronize seed file: %m");

                /* If we got this random seed data from getrandom() the data is suitable for crediting
                 * entropy later on. Let's keep that in mind by setting an extended attribute. on the file */
                if (getrandom_worked)
                        if (fsetxattr(seed_fd, "user.random-seed-creditable", "1", 1, 0) < 0)
                                log_full_errno(ERRNO_IS_NOT_SUPPORTED(errno) ? LOG_DEBUG : LOG_WARNING, errno,
                                               "Failed to mark seed file as creditable, ignoring: %m");
        }

        return 0;
}

DEFINE_MAIN_FUNCTION(run);
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
6e200d55	2
6e200d55	3	#include <errno.h>
07630cea	4	#include <fcntl.h>
26ded557	5	#include <linux/random.h>
26ded557 LP	6	#include <sys/ioctl.h>
	7	#if USE_SYS_RANDOM_H
	8	# include <sys/random.h>
	9	#endif
6e200d55	10	#include <sys/stat.h>
26ded557	11	#include <sys/xattr.h>
07630cea	12	#include <unistd.h>
6e200d55	13
8ba12aef LP	14	#include "sd-id128.h"
8ba12aef LP	15
b5efdb8a	16	#include "alloc-util.h"
3ffd4af2	17	#include "fd-util.h"
4b3b5bc7	18	#include "fs-util.h"
c004493c	19	#include "io-util.h"
6e200d55	20	#include "log.h"
5e332028	21	#include "main-func.h"
123aeae2	22	#include "missing_random.h"
f5947a5e	23	#include "missing_syscall.h"
49e942b2	24	#include "mkdir.h"
26ded557	25	#include "parse-util.h"
3e155eba	26	#include "random-util.h"
07630cea	27	#include "string-util.h"
bf819d3a	28	#include "sync-util.h"
07630cea	29	#include "util.h"
26ded557 LP	30	#include "xattr-util.h"
	31
	32	typedef enum CreditEntropy {
	33	CREDIT_ENTROPY_NO_WAY,
	34	CREDIT_ENTROPY_YES_PLEASE,
	35	CREDIT_ENTROPY_YES_FORCED,
	36	} CreditEntropy;
	37
	38	static CreditEntropy may_credit(int seed_fd) {
	39	_cleanup_free_ char *creditable = NULL;
	40	const char *e;
	41	int r;
	42
	43	assert(seed_fd >= 0);
	44
	45	e = getenv("SYSTEMD_RANDOM_SEED_CREDIT");
	46	if (!e) {
	47	log_debug("$SYSTEMD_RANDOM_SEED_CREDIT is not set, not crediting entropy.");
	48	return CREDIT_ENTROPY_NO_WAY;
	49	}
	50	if (streq(e, "force")) {
	51	log_debug("$SYSTEMD_RANDOM_SEED_CREDIT is set to 'force', crediting entropy.");
	52	return CREDIT_ENTROPY_YES_FORCED;
	53	}
	54
	55	r = parse_boolean(e);
	56	if (r <= 0) {
	57	if (r < 0)
	58	log_warning_errno(r, "Failed to parse $SYSTEMD_RANDOM_SEED_CREDIT, not crediting entropy: %m");
	59	else
	60	log_debug("Crediting entropy is turned off via $SYSTEMD_RANDOM_SEED_CREDIT, not crediting entropy.");
	61
	62	return CREDIT_ENTROPY_NO_WAY;
	63	}
	64
	65	/* Determine if the file is marked as creditable */
	66	r = fgetxattr_malloc(seed_fd, "user.random-seed-creditable", &creditable);
	67	if (r < 0) {
	68	if (IN_SET(r, -ENODATA, -ENOSYS, -EOPNOTSUPP))
	69	log_debug_errno(r, "Seed file is not marked as creditable, not crediting.");
	70	else
	71	log_warning_errno(r, "Failed to read extended attribute, ignoring: %m");
	72
	73	return CREDIT_ENTROPY_NO_WAY;
	74	}
	75
	76	r = parse_boolean(creditable);
	77	if (r <= 0) {
	78	if (r < 0)
	79	log_warning_errno(r, "Failed to parse user.random-seed-creditable extended attribute, ignoring: %s", creditable);
	80	else
	81	log_debug("Seed file is marked as not creditable, not crediting.");
	82
	83	return CREDIT_ENTROPY_NO_WAY;
	84	}
	85
	86	/* Don't credit the random seed if we are in first-boot mode, because we are supposed to start from
	87	* scratch. This is a safety precaution for cases where we people ship "golden" images with empty
	88	* /etc but populated /var that contains a random seed. */
	89	if (access("/run/systemd/first-boot", F_OK) < 0) {
	90
	91	if (errno != ENOENT) {
	92	log_warning_errno(errno, "Failed to check whether we are in first-boot mode, not crediting entropy: %m");
	93	return CREDIT_ENTROPY_NO_WAY;
94	}
95
96	/* If ENOENT all is good, we are not in first-boot mode. */
97	} else {
98	log_debug("Not crediting entropy, since booted in first-boot mode.");
99	return CREDIT_ENTROPY_NO_WAY;
100	}
101
102	return CREDIT_ENTROPY_YES_PLEASE;
103	}
6e200d55	104
72d0d7a6	105	static int run(int argc, char *argv[]) {
ce179470	106	_cleanup_close_ int seed_fd = -1, random_fd = -1;
26ded557	107	bool read_seed_file, write_seed_file, synchronous;
ce179470	108	_cleanup_free_ void* buf = NULL;
3e155eba	109	size_t buf_size;
ac93390b	110	struct stat st;
ce179470	111	ssize_t k;
ac93390b	112	int r;
6e200d55	113
d2acb93d	114	log_setup();
6e200d55	115
baaa35ad ZJS	116	if (argc != 2)
	117	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	118	"This program requires one argument.");
72d0d7a6	119
4c12626c LP	120	umask(0022);
4c12626c LP	121
3e155eba	122	buf_size = random_pool_size();
26192dfc	123
5468d9af	124	r = mkdir_parents(RANDOM_SEED, 0755);
72d0d7a6 ZJS	125	if (r < 0)
72d0d7a6 ZJS	126	return log_error_errno(r, "Failed to create directory " RANDOM_SEED_DIR ": %m");
b56e5747	127
ac93390b LP	128	/* When we load the seed we read it and write it to the device and then immediately update the saved seed with
ac93390b LP	129	* new data, to make sure the next boot gets seeded differently. */
6e200d55 LP	130
	131	if (streq(argv[1], "load")) {
	132
ce179470 LP	133	seed_fd = open(RANDOM_SEED, O_RDWR\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);
ce179470 LP	134	if (seed_fd < 0) {
15d961bf LP	135	int open_rw_error = -errno;
15d961bf LP	136
ac93390b	137	write_seed_file = false;
8edc2d22	138
ce179470 LP	139	seed_fd = open(RANDOM_SEED, O_RDONLY\|O_CLOEXEC\|O_NOCTTY);
ce179470 LP	140	if (seed_fd < 0) {
8edc2d22 ZJS	141	bool missing = errno == ENOENT;
	142
	143	log_full_errno(missing ? LOG_DEBUG : LOG_ERR,
	144	open_rw_error, "Failed to open " RANDOM_SEED " for writing: %m");
	145	r = log_full_errno(missing ? LOG_DEBUG : LOG_ERR,
	146	errno, "Failed to open " RANDOM_SEED " for reading: %m");
72d0d7a6	147	return missing ? 0 : r;
6e200d55	148	}
ac93390b LP	149	} else
ac93390b LP	150	write_seed_file = true;
6e200d55	151
ce179470	152	random_fd = open("/dev/urandom", O_RDWR\|O_CLOEXEC\|O_NOCTTY, 0600);
c6127c39 LP	153	if (random_fd < 0)
c6127c39 LP	154	return log_error_errno(errno, "Failed to open /dev/urandom: %m");
6e200d55	155
ac93390b	156	read_seed_file = true;
26ded557	157	synchronous = true; /* make this invocation a synchronous barrier for random pool initialization */
6e200d55 LP	158
	159	} else if (streq(argv[1], "save")) {
	160
ac93390b	161	random_fd = open("/dev/urandom", O_RDONLY\|O_CLOEXEC\|O_NOCTTY);
72d0d7a6 ZJS	162	if (random_fd < 0)
72d0d7a6 ZJS	163	return log_error_errno(errno, "Failed to open /dev/urandom: %m");
ac93390b	164
ce179470	165	seed_fd = open(RANDOM_SEED, O_WRONLY\|O_CLOEXEC\|O_NOCTTY\|O_CREAT, 0600);
72d0d7a6 ZJS	166	if (seed_fd < 0)
72d0d7a6 ZJS	167	return log_error_errno(errno, "Failed to open " RANDOM_SEED ": %m");
6e200d55	168
ac93390b LP	169	read_seed_file = false;
ac93390b LP	170	write_seed_file = true;
26ded557	171	synchronous = false;
baaa35ad ZJS	172	} else
	173	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	174	"Unknown verb '%s'.", argv[1]);
6e200d55	175
72d0d7a6 ZJS	176	if (fstat(seed_fd, &st) < 0)
72d0d7a6 ZJS	177	return log_error_errno(errno, "Failed to stat() seed file " RANDOM_SEED ": %m");
ac93390b LP	178
	179	/* If the seed file is larger than what we expect, then honour the existing size and save/restore as much as it says */
	180	if ((uint64_t) st.st_size > buf_size)
3e155eba	181	buf_size = MIN(st.st_size, RANDOM_POOL_SIZE_MAX);
ac93390b LP	182
ac93390b LP	183	buf = malloc(buf_size);
72d0d7a6 ZJS	184	if (!buf)
72d0d7a6 ZJS	185	return log_oom();
ac93390b LP	186
ac93390b LP	187	if (read_seed_file) {
8ba12aef	188	sd_id128_t mid;
26ded557 LP	189
	190	/* First, let's write the machine ID into /dev/urandom, not crediting entropy. Why? As an
	191	* extra protection against "golden images" that are put together sloppily, i.e. images which
	192	* are duplicated on multiple systems but where the random seed file is not properly
	193	* reset. Frequently the machine ID is properly reset on those systems however (simply
	194	* because it's easier to notice, if it isn't due to address clashes and so on, while random
	195	* seed equivalence is generally not noticed easily), hence let's simply write the machined
	196	* ID into the random pool too. */
	197	r = sd_id128_get_machine(&mid);
	198	if (r < 0)
	199	log_debug_errno(r, "Failed to get machine ID, ignoring: %m");
	200	else {
	201	r = loop_write(random_fd, &mid, sizeof(mid), false);
	202	if (r < 0)
	203	log_debug_errno(r, "Failed to write machine ID to /dev/urandom, ignoring: %m");
	204	}
ac93390b LP	205
	206	k = loop_read(seed_fd, buf, buf_size, false);
	207	if (k < 0)
26ded557 LP	208	log_error_errno(k, "Failed to read seed from " RANDOM_SEED ": %m");
26ded557 LP	209	else if (k == 0)
ac93390b	210	log_debug("Seed file " RANDOM_SEED " not yet initialized, proceeding.");
26ded557 LP	211	else {
	212	CreditEntropy lets_credit;
	213
ac93390b LP	214	(void) lseek(seed_fd, 0, SEEK_SET);
ac93390b LP	215
26ded557	216	lets_credit = may_credit(seed_fd);
8ba12aef	217
26ded557 LP	218	/* Before we credit or use the entropy, let's make sure to securely drop the
	219	* creditable xattr from the file, so that we never credit the same random seed
	220	* again. Note that further down we'll write a new seed again, and likely mark it as
	221	* credible again, hence this is just paranoia to close the short time window between
	222	* the time we upload the random seed into the kernel and download the new one from
	223	* it. */
	224
	225	if (fremovexattr(seed_fd, "user.random-seed-creditable") < 0) {
	226	if (!IN_SET(errno, ENODATA, ENOSYS, EOPNOTSUPP))
	227	log_warning_errno(errno, "Failed to remove extended attribute, ignoring: %m");
	228
	229	/* Otherwise, there was no creditable flag set, which is OK. */
	230	} else {
	231	r = fsync_full(seed_fd);
	232	if (r < 0) {
	233	log_warning_errno(r, "Failed to synchronize seed to disk, not crediting entropy: %m");
	234
	235	if (lets_credit == CREDIT_ENTROPY_YES_PLEASE)
	236	lets_credit = CREDIT_ENTROPY_NO_WAY;
	237	}
	238	}
	239
4dd055f9 LP	240	r = random_write_entropy(random_fd, buf, k,
	241	IN_SET(lets_credit, CREDIT_ENTROPY_YES_PLEASE, CREDIT_ENTROPY_YES_FORCED));
	242	if (r < 0)
	243	log_error_errno(r, "Failed to write seed to /dev/urandom: %m");
8ba12aef	244	}
ac93390b LP	245	}
	246
	247	if (write_seed_file) {
26ded557	248	bool getrandom_worked = false;
6e200d55	249
26ded557 LP	250	/* This is just a safety measure. Given that we are root and most likely created the file
	251	* ourselves the mode and owner should be correct anyway. */
	252	r = fchmod_and_chown(seed_fd, 0600, 0, 0);
	253	if (r < 0)
	254	return log_error_errno(r, "Failed to adjust seed file ownership and access mode.");
	255
	256	/* Let's make this whole job asynchronous, i.e. let's make ourselves a barrier for
	257	* proper initialization of the random pool. */
	258	k = getrandom(buf, buf_size, GRND_NONBLOCK);
	259	if (k < 0 && errno == EAGAIN && synchronous) {
	260	log_notice("Kernel entropy pool is not initialized yet, waiting until it is.");
	261	k = getrandom(buf, buf_size, 0); /* retry synchronously */
	262	}
72d0d7a6	263	if (k < 0)
26ded557 LP	264	log_debug_errno(errno, "Failed to read random data with getrandom(), falling back to /dev/urandom: %m");
26ded557 LP	265	else if ((size_t) k < buf_size)
111a3aae	266	log_debug("Short read from getrandom(), falling back to /dev/urandom.");
26ded557 LP	267	else
	268	getrandom_worked = true;
	269
	270	if (!getrandom_worked) {
	271	/* Retry with classic /dev/urandom */
	272	k = loop_read(random_fd, buf, buf_size, false);
	273	if (k < 0)
	274	return log_error_errno(k, "Failed to read new seed from /dev/urandom: %m");
	275	if (k == 0)
	276	return log_error_errno(SYNTHETIC_ERRNO(EIO),
	277	"Got EOF while reading from /dev/urandom.");
	278	}
1509fb87 LP	279
	280	r = loop_write(seed_fd, buf, (size_t) k, false);
	281	if (r < 0)
72d0d7a6	282	return log_error_errno(r, "Failed to write new random seed file: %m");
26ded557 LP	283
	284	if (ftruncate(seed_fd, k) < 0)
	285	return log_error_errno(r, "Failed to truncate random seed file: %m");
	286
	287	r = fsync_full(seed_fd);
	288	if (r < 0)
	289	return log_error_errno(r, "Failed to synchronize seed file: %m");
	290
	291	/* If we got this random seed data from getrandom() the data is suitable for crediting
	292	* entropy later on. Let's keep that in mind by setting an extended attribute. on the file */
	293	if (getrandom_worked)
	294	if (fsetxattr(seed_fd, "user.random-seed-creditable", "1", 1, 0) < 0)
97f1c6af	295	log_full_errno(ERRNO_IS_NOT_SUPPORTED(errno) ? LOG_DEBUG : LOG_WARNING, errno,
26ded557	296	"Failed to mark seed file as creditable, ignoring: %m");
6e200d55 LP	297	}
6e200d55 LP	298
26ded557	299	return 0;
6e200d55	300	}
72d0d7a6 ZJS	301
72d0d7a6 ZJS	302	DEFINE_MAIN_FUNCTION(run);