At boot time, add additional per-device information to the
kernel randomness pool. This helps increase the
quality / uniqueness of the random numbers, and is especially
important during the device's first boot, when insufficient
randomness is available.
diff --git a/services/java/com/android/server/EntropyService.java b/services/java/com/android/server/EntropyService.java
index e51a0af..28f09f5 100644
--- a/services/java/com/android/server/EntropyService.java
+++ b/services/java/com/android/server/EntropyService.java
@@ -17,12 +17,16 @@
package com.android.server;
import java.io.File;
+import java.io.FileOutputStream;
import java.io.IOException;
+import java.io.OutputStream;
+import java.io.PrintWriter;
import android.os.Binder;
import android.os.Environment;
import android.os.Handler;
import android.os.Message;
+import android.os.SystemProperties;
import android.util.Log;
/**
@@ -49,6 +53,8 @@
private static final int ENTROPY_WHAT = 1;
private static final int ENTROPY_WRITE_PERIOD = 3 * 60 * 60 * 1000; // 3 hrs
private static final String RANDOM_DEV = "/dev/urandom";
+ private static final long START_TIME = System.currentTimeMillis();
+ private static final long START_NANOTIME = System.nanoTime();
/**
* Handler that periodically updates the entropy on disk.
@@ -67,6 +73,7 @@
public EntropyService() {
loadInitialEntropy();
+ addDeviceSpecificEntropy();
writeEntropy();
scheduleEntropyWriter();
}
@@ -88,7 +95,47 @@
try {
RandomBlock.fromFile(RANDOM_DEV).toFile(ENTROPY_FILENAME);
} catch (IOException e) {
- Log.e(TAG, "unable to write entropy", e);
+ Log.w(TAG, "unable to write entropy", e);
+ }
+ }
+
+ /**
+ * Add additional information to the kernel entropy pool. The
+ * information isn't necessarily "random", but that's ok. Even
+ * sending non-random information to {@code /dev/urandom} is useful
+ * because, while it doesn't increase the "quality" of the entropy pool,
+ * it mixes more bits into the pool, which gives us a higher degree
+ * of uncertainty in the generated randomness. Like nature, writes to
+ * the random device can only cause the quality of the entropy in the
+ * kernel to stay the same or increase.
+ *
+ * <p>For maximum effect, we try to target information which varies
+ * on a per-device basis, and is not easily observable to an
+ * attacker.
+ */
+ private void addDeviceSpecificEntropy() {
+ PrintWriter out = null;
+ try {
+ out = new PrintWriter(new FileOutputStream(RANDOM_DEV));
+ out.println("Copyright (C) 2009 The Android Open Source Project");
+ out.println("All Your Randomness Are Belong To Us");
+ out.println(START_TIME);
+ out.println(START_NANOTIME);
+ out.println(SystemProperties.get("ro.serialno"));
+ out.println(SystemProperties.get("ro.bootmode"));
+ out.println(SystemProperties.get("ro.baseband"));
+ out.println(SystemProperties.get("ro.carrier"));
+ out.println(SystemProperties.get("ro.bootloader"));
+ out.println(SystemProperties.get("ro.hardware"));
+ out.println(SystemProperties.get("ro.revision"));
+ out.println(System.currentTimeMillis());
+ out.println(System.nanoTime());
+ } catch (IOException e) {
+ Log.w(TAG, "Unable to add device specific data to the entropy pool", e);
+ } finally {
+ if (out != null) {
+ out.close();
+ }
}
}