Hi Jason! On Tue, 19 Apr 2022 12:50:05 +0200 "Jason A. Donenfeld" <ja...@zx2c4.com> wrote:
> The RNG can't actually be seeded from a shell script, due to the > reliance on ioctls and the fact that entropy written into the > unprivileged /dev/urandom device is not immediately mixed in, making > subsequent seed reads dangerous. For this reason, the seedrng project > provides a basic "C script" meant to be copy and pasted into projects > like Busybox and tweaked as needed: <https://git.zx2c4.com/seedrng/about/>. > > The SeedRNG construction has been part of systemd's seeder since > January, and recently was added to Android, OpenRC, and Void's Runit, > with more integrations on their way depending on context. Virtually > every single Busybox-based distro I have seen seeds things in wrong, > incomplete, or otherwise dangerous way. For example, fixing this issue > in Buildroot requires first for Busybox to have this fix. > > This commit imports it into Busybox and wires up the basic config. The > utility itself is tiny, and unlike the example code from the SeedRNG > project, we can re-use libbb's existing hash functions, rather than > having to ship a standalone BLAKE2s, which makes this even smaller. > > This adds only about 2k to a defconfig binary: > > function old new delta > seedrng_main - 1061 +1061 > seed_from_file_if_exists - 468 +468 > .rodata 100243 100610 +367 > packed_usage 34414 34480 +66 > static.longopts - 26 +26 > applet_names 2747 2755 +8 > applet_main 3192 3200 +8 > ------------------------------------------------------------------------------ > (add/remove: 4/0 grow/shrink: 4/0 up/down: 2004/0) Total: 2004 bytes > text data bss dec hex filename > 1050657 16499 1816 1068972 104fac busybox_old > 1052780 16515 1816 1071111 105807 busybox_unstripped I've applied this v9 now, thanks for the patch and thanks a lot for your patience! PS: make bloatometer gives for me on x86_64 for this v9: function old new delta seedrng_main - 958 +958 seed_from_file_if_exists - 417 +417 .rodata 107858 108206 +348 packed_usage 34414 34480 +66 static.longopts - 26 +26 applet_names 2747 2755 +8 applet_main 3192 3200 +8 ------------------------------------------------------------------------------ (add/remove: 4/0 grow/shrink: 4/0 up/down: 1831/0) Total: 1831 bytes text data bss dec hex filename 973776 4219 1816 979811 ef363 busybox_old 975714 4227 1816 981757 efafd busybox_unstripped and the size of the applet is text data bss dec hex filename 1805 0 0 1805 70d util-linux/seedrng.o As said, there's room for at least another 150b savings, but let's defer that to another round of code-golf ;) thanks, _______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox