1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2020 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
5
6 #if defined(HAVE_CONFIG_H)
7 #include <config/bitcoin-config.h>
8 #endif
9
10 #include <randomenv.h>
11
12 #include <clientversion.h>
13 #include <compat/cpuid.h>
14 #include <crypto/sha512.h>
15 #include <support/cleanse.h>
16 #include <util/time.h> // for GetTime()
17 #ifdef WIN32
18 #include <compat.h> // for Windows API
19 #endif
20
21 #include <algorithm>
22 #include <atomic>
23 #include <chrono>
24 #include <climits>
25 #include <thread>
26 #include <vector>
27
28 #include <stdint.h>
29 #include <string.h>
30 #ifndef WIN32
31 #include <sys/types.h> // must go before a number of other headers
32 #include <fcntl.h>
33 #include <netinet/in.h>
34 #include <sys/resource.h>
35 #include <sys/socket.h>
36 #include <sys/stat.h>
37 #include <sys/time.h>
38 #include <sys/utsname.h>
39 #include <unistd.h>
40 #endif
41 #if HAVE_DECL_GETIFADDRS && HAVE_DECL_FREEIFADDRS
42 #include <ifaddrs.h>
43 #endif
44 #if HAVE_SYSCTL
45 #include <sys/sysctl.h>
46 #if HAVE_VM_VM_PARAM_H
47 #include <vm/vm_param.h>
48 #endif
49 #if HAVE_SYS_RESOURCES_H
50 #include <sys/resources.h>
51 #endif
52 #if HAVE_SYS_VMMETER_H
53 #include <sys/vmmeter.h>
54 #endif
55 #endif
56 #if defined(HAVE_STRONG_GETAUXVAL) || defined(HAVE_WEAK_GETAUXVAL)
57 #include <sys/auxv.h>
58 #endif
59
60 //! Necessary on some platforms
61 extern char** environ;
62
63 namespace {
64
RandAddSeedPerfmon(CSHA512 & hasher)65 void RandAddSeedPerfmon(CSHA512& hasher)
66 {
67 #ifdef WIN32
68 // Seed with the entire set of perfmon data
69
70 // This can take up to 2 seconds, so only do it every 10 minutes.
71 // Initialize last_perfmon to 0 seconds, we don't skip the first call.
72 static std::atomic<std::chrono::seconds> last_perfmon{0s};
73 auto last_time = last_perfmon.load();
74 auto current_time = GetTime<std::chrono::seconds>();
75 if (current_time < last_time + std::chrono::minutes{10}) return;
76 last_perfmon = current_time;
77
78 std::vector<unsigned char> vData(250000, 0);
79 long ret = 0;
80 unsigned long nSize = 0;
81 const size_t nMaxSize = 10000000; // Bail out at more than 10MB of performance data
82 while (true) {
83 nSize = vData.size();
84 ret = RegQueryValueExA(HKEY_PERFORMANCE_DATA, "Global", nullptr, nullptr, vData.data(), &nSize);
85 if (ret != ERROR_MORE_DATA || vData.size() >= nMaxSize)
86 break;
87 vData.resize(std::min((vData.size() * 3) / 2, nMaxSize)); // Grow size of buffer exponentially
88 }
89 RegCloseKey(HKEY_PERFORMANCE_DATA);
90 if (ret == ERROR_SUCCESS) {
91 hasher.Write(vData.data(), nSize);
92 memory_cleanse(vData.data(), nSize);
93 } else {
94 // Performance data is only a best-effort attempt at improving the
95 // situation when the OS randomness (and other sources) aren't
96 // adequate. As a result, failure to read it is isn't considered critical,
97 // so we don't call RandFailure().
98 // TODO: Add logging when the logger is made functional before global
99 // constructors have been invoked.
100 }
101 #endif
102 }
103
104 /** Helper to easily feed data into a CSHA512.
105 *
106 * Note that this does not serialize the passed object (like stream.h's << operators do).
107 * Its raw memory representation is used directly.
108 */
109 template<typename T>
operator <<(CSHA512 & hasher,const T & data)110 CSHA512& operator<<(CSHA512& hasher, const T& data) {
111 static_assert(!std::is_same<typename std::decay<T>::type, char*>::value, "Calling operator<<(CSHA512, char*) is probably not what you want");
112 static_assert(!std::is_same<typename std::decay<T>::type, unsigned char*>::value, "Calling operator<<(CSHA512, unsigned char*) is probably not what you want");
113 static_assert(!std::is_same<typename std::decay<T>::type, const char*>::value, "Calling operator<<(CSHA512, const char*) is probably not what you want");
114 static_assert(!std::is_same<typename std::decay<T>::type, const unsigned char*>::value, "Calling operator<<(CSHA512, const unsigned char*) is probably not what you want");
115 hasher.Write((const unsigned char*)&data, sizeof(data));
116 return hasher;
117 }
118
119 #ifndef WIN32
AddSockaddr(CSHA512 & hasher,const struct sockaddr * addr)120 void AddSockaddr(CSHA512& hasher, const struct sockaddr *addr)
121 {
122 if (addr == nullptr) return;
123 switch (addr->sa_family) {
124 case AF_INET:
125 hasher.Write((const unsigned char*)addr, sizeof(sockaddr_in));
126 break;
127 case AF_INET6:
128 hasher.Write((const unsigned char*)addr, sizeof(sockaddr_in6));
129 break;
130 default:
131 hasher.Write((const unsigned char*)&addr->sa_family, sizeof(addr->sa_family));
132 }
133 }
134
AddFile(CSHA512 & hasher,const char * path)135 void AddFile(CSHA512& hasher, const char *path)
136 {
137 struct stat sb = {};
138 int f = open(path, O_RDONLY);
139 size_t total = 0;
140 if (f != -1) {
141 unsigned char fbuf[4096];
142 int n;
143 hasher.Write((const unsigned char*)&f, sizeof(f));
144 if (fstat(f, &sb) == 0) hasher << sb;
145 do {
146 n = read(f, fbuf, sizeof(fbuf));
147 if (n > 0) hasher.Write(fbuf, n);
148 total += n;
149 /* not bothering with EINTR handling. */
150 } while (n == sizeof(fbuf) && total < 1048576); // Read only the first 1 Mbyte
151 close(f);
152 }
153 }
154
AddPath(CSHA512 & hasher,const char * path)155 void AddPath(CSHA512& hasher, const char *path)
156 {
157 struct stat sb = {};
158 if (stat(path, &sb) == 0) {
159 hasher.Write((const unsigned char*)path, strlen(path) + 1);
160 hasher << sb;
161 }
162 }
163 #endif
164
165 #if HAVE_SYSCTL
166 template<int... S>
AddSysctl(CSHA512 & hasher)167 void AddSysctl(CSHA512& hasher)
168 {
169 int CTL[sizeof...(S)] = {S...};
170 unsigned char buffer[65536];
171 size_t siz = 65536;
172 int ret = sysctl(CTL, sizeof...(S), buffer, &siz, nullptr, 0);
173 if (ret == 0 || (ret == -1 && errno == ENOMEM)) {
174 hasher << sizeof(CTL);
175 hasher.Write((const unsigned char*)CTL, sizeof(CTL));
176 if (siz > sizeof(buffer)) siz = sizeof(buffer);
177 hasher << siz;
178 hasher.Write(buffer, siz);
179 }
180 }
181 #endif
182
183 #ifdef HAVE_GETCPUID
AddCPUID(CSHA512 & hasher,uint32_t leaf,uint32_t subleaf,uint32_t & ax,uint32_t & bx,uint32_t & cx,uint32_t & dx)184 void inline AddCPUID(CSHA512& hasher, uint32_t leaf, uint32_t subleaf, uint32_t& ax, uint32_t& bx, uint32_t& cx, uint32_t& dx)
185 {
186 GetCPUID(leaf, subleaf, ax, bx, cx, dx);
187 hasher << leaf << subleaf << ax << bx << cx << dx;
188 }
189
AddAllCPUID(CSHA512 & hasher)190 void AddAllCPUID(CSHA512& hasher)
191 {
192 uint32_t ax, bx, cx, dx;
193 // Iterate over all standard leaves
194 AddCPUID(hasher, 0, 0, ax, bx, cx, dx); // Returns max leaf in ax
195 uint32_t max = ax;
196 for (uint32_t leaf = 1; leaf <= max && leaf <= 0xFF; ++leaf) {
197 uint32_t maxsub = 0;
198 for (uint32_t subleaf = 0; subleaf <= 0xFF; ++subleaf) {
199 AddCPUID(hasher, leaf, subleaf, ax, bx, cx, dx);
200 // Iterate subleafs for leaf values 4, 7, 11, 13
201 if (leaf == 4) {
202 if ((ax & 0x1f) == 0) break;
203 } else if (leaf == 7) {
204 if (subleaf == 0) maxsub = ax;
205 if (subleaf == maxsub) break;
206 } else if (leaf == 11) {
207 if ((cx & 0xff00) == 0) break;
208 } else if (leaf == 13) {
209 if (ax == 0 && bx == 0 && cx == 0 && dx == 0) break;
210 } else {
211 // For any other leaf, stop after subleaf 0.
212 break;
213 }
214 }
215 }
216 // Iterate over all extended leaves
217 AddCPUID(hasher, 0x80000000, 0, ax, bx, cx, dx); // Returns max extended leaf in ax
218 uint32_t ext_max = ax;
219 for (uint32_t leaf = 0x80000001; leaf <= ext_max && leaf <= 0x800000FF; ++leaf) {
220 AddCPUID(hasher, leaf, 0, ax, bx, cx, dx);
221 }
222 }
223 #endif
224 } // namespace
225
RandAddDynamicEnv(CSHA512 & hasher)226 void RandAddDynamicEnv(CSHA512& hasher)
227 {
228 RandAddSeedPerfmon(hasher);
229
230 // Various clocks
231 #ifdef WIN32
232 FILETIME ftime;
233 GetSystemTimeAsFileTime(&ftime);
234 hasher << ftime;
235 #else
236 struct timespec ts = {};
237 # ifdef CLOCK_MONOTONIC
238 clock_gettime(CLOCK_MONOTONIC, &ts);
239 hasher << ts;
240 # endif
241 # ifdef CLOCK_REALTIME
242 clock_gettime(CLOCK_REALTIME, &ts);
243 hasher << ts;
244 # endif
245 # ifdef CLOCK_BOOTTIME
246 clock_gettime(CLOCK_BOOTTIME, &ts);
247 hasher << ts;
248 # endif
249 // gettimeofday is available on all UNIX systems, but only has microsecond precision.
250 struct timeval tv = {};
251 gettimeofday(&tv, nullptr);
252 hasher << tv;
253 #endif
254 // Probably redundant, but also use all the clocks C++11 provides:
255 hasher << std::chrono::system_clock::now().time_since_epoch().count();
256 hasher << std::chrono::steady_clock::now().time_since_epoch().count();
257 hasher << std::chrono::high_resolution_clock::now().time_since_epoch().count();
258
259 #ifndef WIN32
260 // Current resource usage.
261 struct rusage usage = {};
262 if (getrusage(RUSAGE_SELF, &usage) == 0) hasher << usage;
263 #endif
264
265 #ifdef __linux__
266 AddFile(hasher, "/proc/diskstats");
267 AddFile(hasher, "/proc/vmstat");
268 AddFile(hasher, "/proc/schedstat");
269 AddFile(hasher, "/proc/zoneinfo");
270 AddFile(hasher, "/proc/meminfo");
271 AddFile(hasher, "/proc/softirqs");
272 AddFile(hasher, "/proc/stat");
273 AddFile(hasher, "/proc/self/schedstat");
274 AddFile(hasher, "/proc/self/status");
275 #endif
276
277 #if HAVE_SYSCTL
278 # ifdef CTL_KERN
279 # if defined(KERN_PROC) && defined(KERN_PROC_ALL)
280 AddSysctl<CTL_KERN, KERN_PROC, KERN_PROC_ALL>(hasher);
281 # endif
282 # endif
283 # ifdef CTL_HW
284 # ifdef HW_DISKSTATS
285 AddSysctl<CTL_HW, HW_DISKSTATS>(hasher);
286 # endif
287 # endif
288 # ifdef CTL_VM
289 # ifdef VM_LOADAVG
290 AddSysctl<CTL_VM, VM_LOADAVG>(hasher);
291 # endif
292 # ifdef VM_TOTAL
293 AddSysctl<CTL_VM, VM_TOTAL>(hasher);
294 # endif
295 # ifdef VM_METER
296 AddSysctl<CTL_VM, VM_METER>(hasher);
297 # endif
298 # endif
299 #endif
300
301 // Stack and heap location
302 void* addr = malloc(4097);
303 hasher << &addr << addr;
304 free(addr);
305 }
306
RandAddStaticEnv(CSHA512 & hasher)307 void RandAddStaticEnv(CSHA512& hasher)
308 {
309 // Some compile-time static properties
310 hasher << (CHAR_MIN < 0) << sizeof(void*) << sizeof(long) << sizeof(int);
311 #if defined(__GNUC__) && defined(__GNUC_MINOR__) && defined(__GNUC_PATCHLEVEL__)
312 hasher << __GNUC__ << __GNUC_MINOR__ << __GNUC_PATCHLEVEL__;
313 #endif
314 #ifdef _MSC_VER
315 hasher << _MSC_VER;
316 #endif
317 hasher << __cplusplus;
318 #ifdef _XOPEN_VERSION
319 hasher << _XOPEN_VERSION;
320 #endif
321 #ifdef __VERSION__
322 const char* COMPILER_VERSION = __VERSION__;
323 hasher.Write((const unsigned char*)COMPILER_VERSION, strlen(COMPILER_VERSION) + 1);
324 #endif
325
326 // Bitcoin client version
327 hasher << CLIENT_VERSION;
328
329 #if defined(HAVE_STRONG_GETAUXVAL) || defined(HAVE_WEAK_GETAUXVAL)
330 // Information available through getauxval()
331 # ifdef AT_HWCAP
332 hasher << getauxval(AT_HWCAP);
333 # endif
334 # ifdef AT_HWCAP2
335 hasher << getauxval(AT_HWCAP2);
336 # endif
337 # ifdef AT_RANDOM
338 const unsigned char* random_aux = (const unsigned char*)getauxval(AT_RANDOM);
339 if (random_aux) hasher.Write(random_aux, 16);
340 # endif
341 # ifdef AT_PLATFORM
342 const char* platform_str = (const char*)getauxval(AT_PLATFORM);
343 if (platform_str) hasher.Write((const unsigned char*)platform_str, strlen(platform_str) + 1);
344 # endif
345 # ifdef AT_EXECFN
346 const char* exec_str = (const char*)getauxval(AT_EXECFN);
347 if (exec_str) hasher.Write((const unsigned char*)exec_str, strlen(exec_str) + 1);
348 # endif
349 #endif // HAVE_STRONG_GETAUXVAL || HAVE_WEAK_GETAUXVAL
350
351 #ifdef HAVE_GETCPUID
352 AddAllCPUID(hasher);
353 #endif
354
355 // Memory locations
356 hasher << &hasher << &RandAddStaticEnv << &malloc << &errno << &environ;
357
358 // Hostname
359 char hname[256];
360 if (gethostname(hname, 256) == 0) {
361 hasher.Write((const unsigned char*)hname, strnlen(hname, 256));
362 }
363
364 #if HAVE_DECL_GETIFADDRS && HAVE_DECL_FREEIFADDRS
365 // Network interfaces
366 struct ifaddrs *ifad = NULL;
367 getifaddrs(&ifad);
368 struct ifaddrs *ifit = ifad;
369 while (ifit != NULL) {
370 hasher.Write((const unsigned char*)&ifit, sizeof(ifit));
371 hasher.Write((const unsigned char*)ifit->ifa_name, strlen(ifit->ifa_name) + 1);
372 hasher.Write((const unsigned char*)&ifit->ifa_flags, sizeof(ifit->ifa_flags));
373 AddSockaddr(hasher, ifit->ifa_addr);
374 AddSockaddr(hasher, ifit->ifa_netmask);
375 AddSockaddr(hasher, ifit->ifa_dstaddr);
376 ifit = ifit->ifa_next;
377 }
378 freeifaddrs(ifad);
379 #endif
380
381 #ifndef WIN32
382 // UNIX kernel information
383 struct utsname name;
384 if (uname(&name) != -1) {
385 hasher.Write((const unsigned char*)&name.sysname, strlen(name.sysname) + 1);
386 hasher.Write((const unsigned char*)&name.nodename, strlen(name.nodename) + 1);
387 hasher.Write((const unsigned char*)&name.release, strlen(name.release) + 1);
388 hasher.Write((const unsigned char*)&name.version, strlen(name.version) + 1);
389 hasher.Write((const unsigned char*)&name.machine, strlen(name.machine) + 1);
390 }
391
392 /* Path and filesystem provided data */
393 AddPath(hasher, "/");
394 AddPath(hasher, ".");
395 AddPath(hasher, "/tmp");
396 AddPath(hasher, "/home");
397 AddPath(hasher, "/proc");
398 #ifdef __linux__
399 AddFile(hasher, "/proc/cmdline");
400 AddFile(hasher, "/proc/cpuinfo");
401 AddFile(hasher, "/proc/version");
402 #endif
403 AddFile(hasher, "/etc/passwd");
404 AddFile(hasher, "/etc/group");
405 AddFile(hasher, "/etc/hosts");
406 AddFile(hasher, "/etc/resolv.conf");
407 AddFile(hasher, "/etc/timezone");
408 AddFile(hasher, "/etc/localtime");
409 #endif
410
411 // For MacOS/BSDs, gather data through sysctl instead of /proc. Not all of these
412 // will exist on every system.
413 #if HAVE_SYSCTL
414 # ifdef CTL_HW
415 # ifdef HW_MACHINE
416 AddSysctl<CTL_HW, HW_MACHINE>(hasher);
417 # endif
418 # ifdef HW_MODEL
419 AddSysctl<CTL_HW, HW_MODEL>(hasher);
420 # endif
421 # ifdef HW_NCPU
422 AddSysctl<CTL_HW, HW_NCPU>(hasher);
423 # endif
424 # ifdef HW_PHYSMEM
425 AddSysctl<CTL_HW, HW_PHYSMEM>(hasher);
426 # endif
427 # ifdef HW_USERMEM
428 AddSysctl<CTL_HW, HW_USERMEM>(hasher);
429 # endif
430 # ifdef HW_MACHINE_ARCH
431 AddSysctl<CTL_HW, HW_MACHINE_ARCH>(hasher);
432 # endif
433 # ifdef HW_REALMEM
434 AddSysctl<CTL_HW, HW_REALMEM>(hasher);
435 # endif
436 # ifdef HW_CPU_FREQ
437 AddSysctl<CTL_HW, HW_CPU_FREQ>(hasher);
438 # endif
439 # ifdef HW_BUS_FREQ
440 AddSysctl<CTL_HW, HW_BUS_FREQ>(hasher);
441 # endif
442 # ifdef HW_CACHELINE
443 AddSysctl<CTL_HW, HW_CACHELINE>(hasher);
444 # endif
445 # endif
446 # ifdef CTL_KERN
447 # ifdef KERN_BOOTFILE
448 AddSysctl<CTL_KERN, KERN_BOOTFILE>(hasher);
449 # endif
450 # ifdef KERN_BOOTTIME
451 AddSysctl<CTL_KERN, KERN_BOOTTIME>(hasher);
452 # endif
453 # ifdef KERN_CLOCKRATE
454 AddSysctl<CTL_KERN, KERN_CLOCKRATE>(hasher);
455 # endif
456 # ifdef KERN_HOSTID
457 AddSysctl<CTL_KERN, KERN_HOSTID>(hasher);
458 # endif
459 # ifdef KERN_HOSTUUID
460 AddSysctl<CTL_KERN, KERN_HOSTUUID>(hasher);
461 # endif
462 # ifdef KERN_HOSTNAME
463 AddSysctl<CTL_KERN, KERN_HOSTNAME>(hasher);
464 # endif
465 # ifdef KERN_OSRELDATE
466 AddSysctl<CTL_KERN, KERN_OSRELDATE>(hasher);
467 # endif
468 # ifdef KERN_OSRELEASE
469 AddSysctl<CTL_KERN, KERN_OSRELEASE>(hasher);
470 # endif
471 # ifdef KERN_OSREV
472 AddSysctl<CTL_KERN, KERN_OSREV>(hasher);
473 # endif
474 # ifdef KERN_OSTYPE
475 AddSysctl<CTL_KERN, KERN_OSTYPE>(hasher);
476 # endif
477 # ifdef KERN_POSIX1
478 AddSysctl<CTL_KERN, KERN_OSREV>(hasher);
479 # endif
480 # ifdef KERN_VERSION
481 AddSysctl<CTL_KERN, KERN_VERSION>(hasher);
482 # endif
483 # endif
484 #endif
485
486 // Env variables
487 if (environ) {
488 for (size_t i = 0; environ[i]; ++i) {
489 hasher.Write((const unsigned char*)environ[i], strlen(environ[i]));
490 }
491 }
492
493 // Process, thread, user, session, group, ... ids.
494 #ifdef WIN32
495 hasher << GetCurrentProcessId() << GetCurrentThreadId();
496 #else
497 hasher << getpid() << getppid() << getsid(0) << getpgid(0) << getuid() << geteuid() << getgid() << getegid();
498 #endif
499 hasher << std::this_thread::get_id();
500 }
501