diff options
| author | Jason A. Donenfeld <Jason@zx2c4.com> | 2022-04-20 15:40:40 +0200 |
|---|---|---|
| committer | Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> | 2022-04-20 15:43:04 +0200 |
| commit | 57fea029cc3d6faf5a8b9ad4b17b543359fe7ccb (patch) | |
| tree | 4d3817a718057834b622d509e5894ce3a5d85746 | |
| parent | 3cb40f89de42aa694d44cb6e896b732fa062ee75 (diff) | |
| download | busybox-w32-57fea029cc3d6faf5a8b9ad4b17b543359fe7ccb.tar.gz busybox-w32-57fea029cc3d6faf5a8b9ad4b17b543359fe7ccb.tar.bz2 busybox-w32-57fea029cc3d6faf5a8b9ad4b17b543359fe7ccb.zip | |
seedrng: compress format strings with %s arguments
- Avoid an xstrdup call with seed_dir.
- Compress format strings with %s arguments.
- Open /dev/urandom for add entropy ioctl rather than /dev/random, so that
/dev/random is only used for the already-sightly-flawed poll() check for
creditability.
function old new delta
seedrng_main 948 958 +10
seed_from_file_if_exists 410 417 +7
.rodata 108338 108206 -132
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 17/-132) Total: -115 bytes
text data bss dec hex filename
975829 4227 1816 981872 efb70 busybox_old
975714 4227 1816 981757 efafd busybox_unstripped
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
| -rw-r--r-- | util-linux/seedrng.c | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/util-linux/seedrng.c b/util-linux/seedrng.c index 5735dc059..5a41addf0 100644 --- a/util-linux/seedrng.c +++ b/util-linux/seedrng.c | |||
| @@ -129,7 +129,7 @@ static int seed_rng(uint8_t *seed, size_t len, bool credit) | |||
| 129 | } | 129 | } |
| 130 | memcpy(req.buffer, seed, len); | 130 | memcpy(req.buffer, seed, len); |
| 131 | 131 | ||
| 132 | random_fd = open("/dev/random", O_RDONLY); | 132 | random_fd = open("/dev/urandom", O_RDONLY); |
| 133 | if (random_fd < 0) | 133 | if (random_fd < 0) |
| 134 | return -1; | 134 | return -1; |
| 135 | ret = ioctl(random_fd, RNDADDENTROPY, &req); | 135 | ret = ioctl(random_fd, RNDADDENTROPY, &req); |
| @@ -150,11 +150,11 @@ static int seed_from_file_if_exists(const char *filename, int dfd, bool credit, | |||
| 150 | if (seed_len < 0) { | 150 | if (seed_len < 0) { |
| 151 | if (errno == ENOENT) | 151 | if (errno == ENOENT) |
| 152 | return 0; | 152 | return 0; |
| 153 | bb_simple_perror_msg("unable to read seed file"); | 153 | bb_perror_msg("unable to%s seed", " read"); |
| 154 | return -1; | 154 | return -1; |
| 155 | } | 155 | } |
| 156 | if ((unlink(filename) < 0 || fsync(dfd) < 0) && seed_len) { | 156 | if ((unlink(filename) < 0 || fsync(dfd) < 0) && seed_len) { |
| 157 | bb_simple_perror_msg("unable to remove seed, so not seeding"); | 157 | bb_perror_msg("unable to%s seed", " remove"); |
| 158 | return -1; | 158 | return -1; |
| 159 | } else if (!seed_len) | 159 | } else if (!seed_len) |
| 160 | return 0; | 160 | return 0; |
| @@ -164,7 +164,7 @@ static int seed_from_file_if_exists(const char *filename, int dfd, bool credit, | |||
| 164 | 164 | ||
| 165 | printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without"); | 165 | printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without"); |
| 166 | if (seed_rng(seed, seed_len, credit) < 0) { | 166 | if (seed_rng(seed, seed_len, credit) < 0) { |
| 167 | bb_simple_perror_msg("unable to seed"); | 167 | bb_perror_msg("unable to%s seed", ""); |
| 168 | return -1; | 168 | return -1; |
| 169 | } | 169 | } |
| 170 | return 0; | 170 | return 0; |
| @@ -173,7 +173,7 @@ static int seed_from_file_if_exists(const char *filename, int dfd, bool credit, | |||
| 173 | int seedrng_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE; | 173 | int seedrng_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE; |
| 174 | int seedrng_main(int argc UNUSED_PARAM, char *argv[]) | 174 | int seedrng_main(int argc UNUSED_PARAM, char *argv[]) |
| 175 | { | 175 | { |
| 176 | char *seed_dir, *creditable_seed, *non_creditable_seed; | 176 | const char *seed_dir = DEFAULT_SEED_DIR, *creditable_seed, *non_creditable_seed; |
| 177 | int ret, fd = -1, dfd = -1, program_ret = 0; | 177 | int ret, fd = -1, dfd = -1, program_ret = 0; |
| 178 | uint8_t new_seed[MAX_SEED_LEN]; | 178 | uint8_t new_seed[MAX_SEED_LEN]; |
| 179 | size_t new_seed_len; | 179 | size_t new_seed_len; |
| @@ -195,8 +195,6 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[]) | |||
| 195 | #endif | 195 | #endif |
| 196 | 196 | ||
| 197 | opt = getopt32long(argv, "d:n", longopts, &seed_dir); | 197 | opt = getopt32long(argv, "d:n", longopts, &seed_dir); |
| 198 | if (!(opt & OPT_d) || !seed_dir) | ||
| 199 | seed_dir = xstrdup(DEFAULT_SEED_DIR); | ||
| 200 | skip_credit = opt & OPT_n; | 198 | skip_credit = opt & OPT_n; |
| 201 | creditable_seed = concat_path_file(seed_dir, CREDITABLE_SEED_NAME); | 199 | creditable_seed = concat_path_file(seed_dir, CREDITABLE_SEED_NAME); |
| 202 | non_creditable_seed = concat_path_file(seed_dir, NON_CREDITABLE_SEED_NAME); | 200 | non_creditable_seed = concat_path_file(seed_dir, NON_CREDITABLE_SEED_NAME); |
| @@ -206,11 +204,11 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[]) | |||
| 206 | bb_simple_error_msg_and_die(bb_msg_you_must_be_root); | 204 | bb_simple_error_msg_and_die(bb_msg_you_must_be_root); |
| 207 | 205 | ||
| 208 | if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST) | 206 | if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST) |
| 209 | bb_simple_perror_msg_and_die("unable to create seed directory"); | 207 | bb_perror_msg_and_die("unable to %s seed directory", "create"); |
| 210 | 208 | ||
| 211 | dfd = open(seed_dir, O_DIRECTORY | O_RDONLY); | 209 | dfd = open(seed_dir, O_DIRECTORY | O_RDONLY); |
| 212 | if (dfd < 0 || flock(dfd, LOCK_EX) < 0) { | 210 | if (dfd < 0 || flock(dfd, LOCK_EX) < 0) { |
| 213 | bb_simple_perror_msg("unable to lock seed directory"); | 211 | bb_perror_msg("unable to %s seed directory", "lock"); |
| 214 | program_ret = 1; | 212 | program_ret = 1; |
| 215 | goto out; | 213 | goto out; |
| 216 | } | 214 | } |
| @@ -232,7 +230,7 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[]) | |||
| 232 | new_seed_len = determine_optimal_seed_len(); | 230 | new_seed_len = determine_optimal_seed_len(); |
| 233 | ret = read_new_seed(new_seed, new_seed_len, &new_seed_creditable); | 231 | ret = read_new_seed(new_seed, new_seed_len, &new_seed_creditable); |
| 234 | if (ret < 0) { | 232 | if (ret < 0) { |
| 235 | bb_simple_perror_msg("unable to read new seed"); | 233 | bb_perror_msg("unable to%s seed", " read new"); |
| 236 | new_seed_len = SHA256_OUTSIZE; | 234 | new_seed_len = SHA256_OUTSIZE; |
| 237 | memset(new_seed, 0, SHA256_OUTSIZE); | 235 | memset(new_seed, 0, SHA256_OUTSIZE); |
| 238 | program_ret |= 1 << 3; | 236 | program_ret |= 1 << 3; |
| @@ -241,10 +239,10 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[]) | |||
| 241 | sha256_hash(&hash, new_seed, new_seed_len); | 239 | sha256_hash(&hash, new_seed, new_seed_len); |
| 242 | sha256_end(&hash, new_seed + new_seed_len - SHA256_OUTSIZE); | 240 | sha256_end(&hash, new_seed + new_seed_len - SHA256_OUTSIZE); |
| 243 | 241 | ||
| 244 | printf("Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable"); | 242 | printf("Saving %zu bits of %screditable seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "" : "non-"); |
| 245 | fd = open(non_creditable_seed, O_WRONLY | O_CREAT | O_TRUNC, 0400); | 243 | fd = open(non_creditable_seed, O_WRONLY | O_CREAT | O_TRUNC, 0400); |
| 246 | if (fd < 0 || full_write(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) { | 244 | if (fd < 0 || full_write(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) { |
| 247 | bb_simple_perror_msg("unable to write seed file"); | 245 | bb_perror_msg("unable to%s seed", " write"); |
| 248 | program_ret |= 1 << 4; | 246 | program_ret |= 1 << 4; |
| 249 | goto out; | 247 | goto out; |
| 250 | } | 248 | } |