From 57fea029cc3d6faf5a8b9ad4b17b543359fe7ccb Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Wed, 20 Apr 2022 15:40:40 +0200
Subject: seedrng: compress format strings with %s arguments

- Avoid an xstrdup call with seed_dir.
- Compress format strings with %s arguments.
- Open /dev/urandom for add entropy ioctl rather than /dev/random, so that
  /dev/random is only used for the already-sightly-flawed poll() check for
  creditability.

function                                             old     new   delta
seedrng_main                                         948     958     +10
seed_from_file_if_exists                             410     417      +7
.rodata                                           108338  108206    -132
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 17/-132)          Total: -115 bytes
   text	   data	    bss	    dec	    hex	filename
 975829	   4227	   1816	 981872	  efb70	busybox_old
 975714	   4227	   1816	 981757	  efafd	busybox_unstripped

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
---
 util-linux/seedrng.c | 22 ++++++++++------------
 1 file changed, 10 insertions(+), 12 deletions(-)

(limited to 'util-linux')

diff --git a/util-linux/seedrng.c b/util-linux/seedrng.c
index 5735dc059..5a41addf0 100644
--- a/util-linux/seedrng.c
+++ b/util-linux/seedrng.c
@@ -129,7 +129,7 @@ static int seed_rng(uint8_t *seed, size_t len, bool credit)
 	}
 	memcpy(req.buffer, seed, len);
 
-	random_fd = open("/dev/random", O_RDONLY);
+	random_fd = open("/dev/urandom", O_RDONLY);
 	if (random_fd < 0)
 		return -1;
 	ret = ioctl(random_fd, RNDADDENTROPY, &req);
@@ -150,11 +150,11 @@ static int seed_from_file_if_exists(const char *filename, int dfd, bool credit,
 	if (seed_len < 0) {
 		if (errno == ENOENT)
 			return 0;
-		bb_simple_perror_msg("unable to read seed file");
+		bb_perror_msg("unable to%s seed", " read");
 		return -1;
 	}
 	if ((unlink(filename) < 0 || fsync(dfd) < 0) && seed_len) {
-		bb_simple_perror_msg("unable to remove seed, so not seeding");
+		bb_perror_msg("unable to%s seed", " remove");
 		return -1;
 	} else if (!seed_len)
 		return 0;
@@ -164,7 +164,7 @@ static int seed_from_file_if_exists(const char *filename, int dfd, bool credit,
 
 	printf("Seeding %zd bits %s crediting\n", seed_len * 8, credit ? "and" : "without");
 	if (seed_rng(seed, seed_len, credit) < 0) {
-		bb_simple_perror_msg("unable to seed");
+		bb_perror_msg("unable to%s seed", "");
 		return -1;
 	}
 	return 0;
@@ -173,7 +173,7 @@ static int seed_from_file_if_exists(const char *filename, int dfd, bool credit,
 int seedrng_main(int argc, char *argv[]) MAIN_EXTERNALLY_VISIBLE;
 int seedrng_main(int argc UNUSED_PARAM, char *argv[])
 {
-	char *seed_dir, *creditable_seed, *non_creditable_seed;
+	const char *seed_dir = DEFAULT_SEED_DIR, *creditable_seed, *non_creditable_seed;
 	int ret, fd = -1, dfd = -1, program_ret = 0;
 	uint8_t new_seed[MAX_SEED_LEN];
 	size_t new_seed_len;
@@ -195,8 +195,6 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
 #endif
 
 	opt = getopt32long(argv, "d:n", longopts, &seed_dir);
-	if (!(opt & OPT_d) || !seed_dir)
-		seed_dir = xstrdup(DEFAULT_SEED_DIR);
 	skip_credit = opt & OPT_n;
 	creditable_seed = concat_path_file(seed_dir, CREDITABLE_SEED_NAME);
 	non_creditable_seed = concat_path_file(seed_dir, NON_CREDITABLE_SEED_NAME);
@@ -206,11 +204,11 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
 		bb_simple_error_msg_and_die(bb_msg_you_must_be_root);
 
 	if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST)
-		bb_simple_perror_msg_and_die("unable to create seed directory");
+		bb_perror_msg_and_die("unable to %s seed directory", "create");
 
 	dfd = open(seed_dir, O_DIRECTORY | O_RDONLY);
 	if (dfd < 0 || flock(dfd, LOCK_EX) < 0) {
-		bb_simple_perror_msg("unable to lock seed directory");
+		bb_perror_msg("unable to %s seed directory", "lock");
 		program_ret = 1;
 		goto out;
 	}
@@ -232,7 +230,7 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
 	new_seed_len = determine_optimal_seed_len();
 	ret = read_new_seed(new_seed, new_seed_len, &new_seed_creditable);
 	if (ret < 0) {
-		bb_simple_perror_msg("unable to read new seed");
+		bb_perror_msg("unable to%s seed", " read new");
 		new_seed_len = SHA256_OUTSIZE;
 		memset(new_seed, 0, SHA256_OUTSIZE);
 		program_ret |= 1 << 3;
@@ -241,10 +239,10 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
 	sha256_hash(&hash, new_seed, new_seed_len);
 	sha256_end(&hash, new_seed + new_seed_len - SHA256_OUTSIZE);
 
-	printf("Saving %zu bits of %s seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "creditable" : "non-creditable");
+	printf("Saving %zu bits of %screditable seed for next boot\n", new_seed_len * 8, new_seed_creditable ? "" : "non-");
 	fd = open(non_creditable_seed, O_WRONLY | O_CREAT | O_TRUNC, 0400);
 	if (fd < 0 || full_write(fd, new_seed, new_seed_len) != (ssize_t)new_seed_len || fsync(fd) < 0) {
-		bb_simple_perror_msg("unable to write seed file");
+		bb_perror_msg("unable to%s seed", " write");
 		program_ret |= 1 << 4;
 		goto out;
 	}
-- 
cgit v1.2.3