seedrng: use libbb functions

- Make extensive use of libbb.h functions, which simplify a lot of code
  and reduce binary size considerably.
- Use the already existing PID_FILE_PATH variable.

function                                             old     new   delta
seed_from_file_if_exists                             697     533    -164
.rodata                                           108665  108484    -181
seedrng_main                                        1463    1218    -245
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-590)           Total: -590 bytes
   text	   data	    bss	    dec	    hex	filename
 977035	   4227	   1848	 983110	  f0046	busybox_old
 976445	   4227	   1848	 982520	  efdf8	busybox_unstripped

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
This commit is contained in:
Jason A. Donenfeld 2022-04-20 15:22:55 +02:00 committed by Bernhard Reutner-Fischer
parent 4b407bacd4
commit 4538578996

View File

@ -6,7 +6,7 @@
*/ */
//config:config SEEDRNG //config:config SEEDRNG
//config: bool "seedrng (3.8 kb)" //config: bool "seedrng (2.6 kb)"
//config: default y //config: default y
//config: help //config: help
//config: Seed the kernel RNG from seed files, meant to be called //config: Seed the kernel RNG from seed files, meant to be called
@ -50,53 +50,38 @@
#define GRND_INSECURE 0x0004 /* Apparently some headers don't ship with this yet. */ #define GRND_INSECURE 0x0004 /* Apparently some headers don't ship with this yet. */
#endif #endif
#ifndef LOCALSTATEDIR #if ENABLE_PID_FILE_PATH
#define LOCALSTATEDIR "/var/lib" #define PID_FILE_PATH CONFIG_PID_FILE_PATH
#endif #else
#ifndef RUNSTATEDIR #define PID_FILE_PATH "/var/run"
#define RUNSTATEDIR "/var/run"
#endif #endif
#define DEFAULT_SEED_DIR LOCALSTATEDIR "/seedrng" #define DEFAULT_SEED_DIR "/var/lib/seedrng"
#define DEFAULT_LOCK_FILE RUNSTATEDIR "/seedrng.lock" #define DEFAULT_LOCK_FILE PID_FILE_PATH "/seedrng.lock"
#define CREDITABLE_SEED_NAME "seed.credit" #define CREDITABLE_SEED_NAME "seed.credit"
#define NON_CREDITABLE_SEED_NAME "seed.no-credit" #define NON_CREDITABLE_SEED_NAME "seed.no-credit"
static char *seed_dir, *lock_file, *creditable_seed, *non_creditable_seed; static char *seed_dir, *lock_file, *creditable_seed, *non_creditable_seed;
enum seedrng_lengths { enum seedrng_lengths {
MAX_SEED_LEN = 512, MIN_SEED_LEN = SHA256_OUTSIZE,
MIN_SEED_LEN = SHA256_OUTSIZE MAX_SEED_LEN = 512
}; };
#ifndef DIV_ROUND_UP
#define DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
#endif
static size_t determine_optimal_seed_len(void) static size_t determine_optimal_seed_len(void)
{ {
size_t ret = 0;
char poolsize_str[11] = { 0 }; char poolsize_str[11] = { 0 };
int fd = open("/proc/sys/kernel/random/poolsize", O_RDONLY);
if (fd < 0 || read(fd, poolsize_str, sizeof(poolsize_str) - 1) < 0) { if (open_read_close("/proc/sys/kernel/random/poolsize", poolsize_str, sizeof(poolsize_str) - 1) < 0) {
fprintf(stderr, "WARNING: Unable to determine pool size, falling back to %u bits: %s\n", MIN_SEED_LEN * 8, strerror(errno)); bb_perror_msg("unable to determine pool size, falling back to %u bits", MIN_SEED_LEN * 8);
ret = MIN_SEED_LEN; return MIN_SEED_LEN;
} else }
ret = DIV_ROUND_UP(strtoul(poolsize_str, NULL, 10), 8); return MAX(MIN((bb_strtoul(poolsize_str, NULL, 10) + 7) / 8, MAX_SEED_LEN), MIN_SEED_LEN);
if (fd >= 0)
close(fd);
if (ret < MIN_SEED_LEN)
ret = MIN_SEED_LEN;
else if (ret > MAX_SEED_LEN)
ret = MAX_SEED_LEN;
return ret;
} }
static int read_new_seed(uint8_t *seed, size_t len, bool *is_creditable) static int read_new_seed(uint8_t *seed, size_t len, bool *is_creditable)
{ {
ssize_t ret; ssize_t ret;
int urandom_fd;
*is_creditable = false; *is_creditable = false;
ret = getrandom(seed, len, GRND_NONBLOCK); ret = getrandom(seed, len, GRND_NONBLOCK);
@ -109,21 +94,16 @@ static int read_new_seed(uint8_t *seed, size_t len, bool *is_creditable)
.events = POLLIN .events = POLLIN
}; };
if (random_fd.fd < 0) if (random_fd.fd < 0)
return -errno; return -1;
*is_creditable = poll(&random_fd, 1, 0) == 1; *is_creditable = safe_poll(&random_fd, 1, 0) == 1;
close(random_fd.fd); close(random_fd.fd);
} else if (getrandom(seed, len, GRND_INSECURE) == (ssize_t)len) } else if (getrandom(seed, len, GRND_INSECURE) == (ssize_t)len)
return 0; return 0;
urandom_fd = open("/dev/urandom", O_RDONLY); if (open_read_close("/dev/urandom", seed, len) == (ssize_t)len)
if (urandom_fd < 0) return 0;
return -errno; if (!errno)
ret = read(urandom_fd, seed, len); errno = EIO;
if (ret == (ssize_t)len) return -1;
ret = 0;
else
ret = -errno ? -errno : -EIO;
close(urandom_fd);
return ret;
} }
static int seed_rng(uint8_t *seed, size_t len, bool credit) static int seed_rng(uint8_t *seed, size_t len, bool credit)
@ -138,69 +118,63 @@ static int seed_rng(uint8_t *seed, size_t len, bool credit)
}; };
int random_fd, ret; int random_fd, ret;
if (len > sizeof(req.buffer)) if (len > sizeof(req.buffer)) {
return -EFBIG; errno = EFBIG;
return -1;
}
memcpy(req.buffer, seed, len); memcpy(req.buffer, seed, len);
random_fd = open("/dev/random", O_RDWR); random_fd = open("/dev/random", O_RDWR);
if (random_fd < 0) if (random_fd < 0)
return -errno; return -1;
ret = ioctl(random_fd, RNDADDENTROPY, &req); ret = ioctl(random_fd, RNDADDENTROPY, &req);
if (ret) if (ret)
ret = -errno ? -errno : -EIO; ret = -errno ? -errno : -EIO;
close(random_fd); close(random_fd);
return ret; errno = -ret;
return ret ? -1 : 0;
} }
static int seed_from_file_if_exists(const char *filename, bool credit, sha256_ctx_t *hash) static int seed_from_file_if_exists(const char *filename, bool credit, sha256_ctx_t *hash)
{ {
uint8_t seed[MAX_SEED_LEN]; uint8_t seed[MAX_SEED_LEN];
ssize_t seed_len; ssize_t seed_len;
int fd, dfd, ret = 0; int dfd = -1, ret = 0;
fd = open(filename, O_RDONLY);
if (fd < 0 && errno == ENOENT)
return 0;
else if (fd < 0) {
ret = -errno;
fprintf(stderr, "ERROR: Unable to open seed file: %s\n", strerror(errno));
return ret;
}
dfd = open(seed_dir, O_DIRECTORY | O_RDONLY); dfd = open(seed_dir, O_DIRECTORY | O_RDONLY);
if (dfd < 0) { if (dfd < 0) {
ret = -errno; ret = -errno;
close(fd); bb_simple_perror_msg("unable to open seed directory");
fprintf(stderr, "ERROR: Unable to open seed directory: %s\n", strerror(errno)); goto out;
return ret;
} }
seed_len = read(fd, seed, sizeof(seed)); seed_len = open_read_close(filename, seed, sizeof(seed));
if (seed_len < 0) { if (seed_len < 0) {
if (errno != ENOENT) {
ret = -errno; ret = -errno;
fprintf(stderr, "ERROR: Unable to read seed file: %s\n", strerror(errno)); bb_simple_perror_msg("unable to read seed file");
} }
close(fd); goto out;
if (ret) {
close(dfd);
return ret;
} }
if ((unlink(filename) < 0 || fsync(dfd) < 0) && seed_len) { if ((unlink(filename) < 0 || fsync(dfd) < 0) && seed_len) {
ret = -errno; ret = -errno;
fprintf(stderr, "ERROR: Unable to remove seed after reading, so not seeding: %s\n", strerror(errno)); bb_simple_perror_msg("unable to remove seed after reading, so not seeding");
goto out;
} }
close(dfd);
if (ret)
return ret;
if (!seed_len) if (!seed_len)
return 0; goto out;
sha256_hash(hash, &seed_len, sizeof(seed_len)); sha256_hash(hash, &seed_len, sizeof(seed_len));
sha256_hash(hash, seed, seed_len); sha256_hash(hash, seed, seed_len);
fprintf(stdout, "Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without"); printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without");
ret = seed_rng(seed, seed_len, credit); ret = seed_rng(seed, seed_len, credit);
if (ret < 0) if (ret < 0)
fprintf(stderr, "ERROR: Unable to seed: %s\n", strerror(-ret)); bb_simple_perror_msg("unable to seed");
return ret; out:
if (dfd >= 0)
close(dfd);
errno = -ret;
return ret ? -1 : 0;
} }
int seedrng_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE; int seedrng_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE;
@ -236,14 +210,12 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
if (!(opt & OPT_l) || !lock_file) if (!(opt & OPT_l) || !lock_file)
lock_file = xstrdup(DEFAULT_LOCK_FILE); lock_file = xstrdup(DEFAULT_LOCK_FILE);
skip_credit = opt & OPT_n; skip_credit = opt & OPT_n;
creditable_seed = xasprintf("%s/%s", seed_dir, CREDITABLE_SEED_NAME); creditable_seed = concat_path_file(seed_dir, CREDITABLE_SEED_NAME);
non_creditable_seed = xasprintf("%s/%s", seed_dir, NON_CREDITABLE_SEED_NAME); non_creditable_seed = concat_path_file(seed_dir, NON_CREDITABLE_SEED_NAME);
umask(0077); umask(0077);
if (getuid()) { if (getuid())
fprintf(stderr, "ERROR: This program requires root\n"); bb_simple_error_msg_and_die("this program requires root");
return 1;
}
sha256_begin(&hash); sha256_begin(&hash);
sha256_hash(&hash, seedrng_prefix, strlen(seedrng_prefix)); sha256_hash(&hash, seedrng_prefix, strlen(seedrng_prefix));
@ -252,14 +224,12 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
sha256_hash(&hash, &realtime, sizeof(realtime)); sha256_hash(&hash, &realtime, sizeof(realtime));
sha256_hash(&hash, &boottime, sizeof(boottime)); sha256_hash(&hash, &boottime, sizeof(boottime));
if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST) { if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST)
fprintf(stderr, "ERROR: Unable to create \"%s\" directory: %s\n", seed_dir, strerror(errno)); bb_simple_perror_msg_and_die("unable to create seed directory");
return 1;
}
lock = open(lock_file, O_WRONLY | O_CREAT, 0000); lock = open(lock_file, O_WRONLY | O_CREAT, 0000);
if (lock < 0 || flock(lock, LOCK_EX) < 0) { if (lock < 0 || flock(lock, LOCK_EX) < 0) {
fprintf(stderr, "ERROR: Unable to open lock file: %s\n", strerror(errno)); bb_simple_perror_msg("unable to open lock file");
program_ret = 1; program_ret = 1;
goto out; goto out;
} }
@ -274,7 +244,7 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
new_seed_len = determine_optimal_seed_len(); new_seed_len = determine_optimal_seed_len();
ret = read_new_seed(new_seed, new_seed_len, &new_seed_creditable); ret = read_new_seed(new_seed, new_seed_len, &new_seed_creditable);
if (ret < 0) { if (ret < 0) {
fprintf(stderr, "ERROR: Unable to read new seed: %s\n", strerror(-ret)); bb_simple_perror_msg("unable to read new seed");
new_seed_len = SHA256_OUTSIZE; new_seed_len = SHA256_OUTSIZE;
strncpy((char *)new_seed, seedrng_failure, new_seed_len); strncpy((char *)new_seed, seedrng_failure, new_seed_len);
program_ret |= 1 << 3; program_ret |= 1 << 3;
@ -283,20 +253,20 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
sha256_hash(&hash, new_seed, new_seed_len); sha256_hash(&hash, new_seed, new_seed_len);
sha256_end(&hash, new_seed + new_seed_len - SHA256_OUTSIZE); sha256_end(&hash, new_seed + new_seed_len - SHA256_OUTSIZE);
fprintf(stdout, "Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable"); printf("Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable");
fd = open(non_creditable_seed, O_WRONLY | O_CREAT | O_TRUNC, 0400); fd = open(non_creditable_seed, O_WRONLY | O_CREAT | O_TRUNC, 0400);
if (fd < 0) { if (fd < 0) {
fprintf(stderr, "ERROR: Unable to open seed file for writing: %s\n", strerror(errno)); bb_simple_perror_msg("unable to open seed file for writing");
program_ret |= 1 << 4; program_ret |= 1 << 4;
goto out; goto out;
} }
if (write(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) { if (write(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) {
fprintf(stderr, "ERROR: Unable to write seed file: %s\n", strerror(errno)); bb_simple_perror_msg("unable to write seed file");
program_ret |= 1 << 5; program_ret |= 1 << 5;
goto out; goto out;
} }
if (new_seed_creditable && rename(non_creditable_seed, creditable_seed) < 0) { if (new_seed_creditable && rename(non_creditable_seed, creditable_seed) < 0) {
fprintf(stderr, "WARNING: Unable to make new seed creditable: %s\n", strerror(errno)); bb_simple_perror_msg("unable to make new seed creditable");
program_ret |= 1 << 6; program_ret |= 1 << 6;
} }
out: out: