urandom-seed: use seedrng for seeding the random number generator
authorJason A. Donenfeld <Jason@zx2c4.com>
Mon, 28 Mar 2022 04:25:56 +0000 (00:25 -0400)
committerPetr Štetiar <ynezz@true.cz>
Mon, 28 Mar 2022 07:27:56 +0000 (09:27 +0200)
commit2edc017a6e0cb92b72b768aaa46c6d336ad84eff
treec8084c6f07eef05a157ef811e9af979098d3b550
parent9d8f620679df7f6f58ba1452311400da088a404b
urandom-seed: use seedrng for seeding the random number generator

The RNG can't actually be seeded from a shell script, due to the
reliance on ioctls. For this reason, the seedrng project provides a
basic script meant to be copy and pasted into projects like OpenWRT
and tweaked as needed: <https://git.zx2c4.com/seedrng/about/>.

This commit imports it into the urandom-seed package and wires up the
init scripts to call it. This also is a significant improvement over the
current init script, which does not robustly handle cleaning up of seeds
and syncing to prevent reuse. Additionally, the existing script creates
a new seed immediately after writing an old one, which means that the
amount of entropy might actually regress, due to failing to credit the
old seed.

Closes: https://github.com/openwrt/openwrt/issues/9570
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [fixed missing INSTALL_DIR]
package/system/urandom-seed/Makefile
package/system/urandom-seed/files/etc/init.d/urandom_seed
package/system/urandom-seed/files/lib/preinit/81_urandom_seed
package/system/urandom-seed/files/sbin/urandom_seed [deleted file]
package/system/urandom-seed/seedrng.c [new file with mode: 0644]