[luksbootkeyfile] Don't dd in the target to get entropy

This commit is contained in:
Adriaan de Groot 2021-09-21 11:58:22 +02:00
parent 9c1e635804
commit a393ffe126

View File

@ -8,7 +8,9 @@
#include "LuksBootKeyFileJob.h" #include "LuksBootKeyFileJob.h"
#include "utils/CalamaresUtilsSystem.h" #include "utils/CalamaresUtilsSystem.h"
#include "utils/Entropy.h"
#include "utils/Logger.h" #include "utils/Logger.h"
#include "utils/NamedEnum.h"
#include "utils/UMask.h" #include "utils/UMask.h"
#include "utils/Variant.h" #include "utils/Variant.h"
@ -102,15 +104,27 @@ static bool
generateTargetKeyfile() generateTargetKeyfile()
{ {
CalamaresUtils::UMask m( CalamaresUtils::UMask::Safe ); CalamaresUtils::UMask m( CalamaresUtils::UMask::Safe );
auto r = CalamaresUtils::System::instance()->targetEnvCommand(
{ "dd", "bs=512", "count=4", "if=/dev/urandom", QString( "of=%1" ).arg( keyfile ) } ); // Get the data
if ( r.getExitCode() != 0 ) QByteArray entropy;
auto entropySource = CalamaresUtils::getEntropy( 2048, entropy );
if ( entropySource != CalamaresUtils::EntropySource::URandom )
{ {
cWarning() << "Could not create LUKS keyfile:" << r.getOutput() << "(exit code" << r.getExitCode() << ')'; cWarning() << "Could not get entropy from /dev/urandom for LUKS.";
return false; return false;
} }
auto fileResult = CalamaresUtils::System::instance()->createTargetFile(
keyfile, entropy, CalamaresUtils::System::WriteMode::Overwrite );
entropy.fill( 'A' );
if ( !fileResult )
{
cWarning() << "Could not create LUKS keyfile:" << smash( fileResult.code() );
return false;
}
// Give ample time to check that the file was created correctly // Give ample time to check that the file was created correctly
r = CalamaresUtils::System::instance()->targetEnvCommand( { "ls", "-la", "/" } ); auto r = CalamaresUtils::System::instance()->targetEnvCommand( { "ls", "-la", "/" } );
cDebug() << "In target system after creating LUKS file" << r.getOutput(); cDebug() << "In target system after creating LUKS file" << r.getOutput();
return true; return true;
} }