4a6f9d2516
The RNG can't actually be seeded from a shell script, due to the reliance on ioctls. For this reason, Busybox 1.36.0 contains SeedRNG, a tiny program meant to be called at startup and shutdown (and at arbitrary other points in between if desired). Note that initially, the way seedrng was included in busybox broke things quite severely, but now it's been reverted to a reasonably acceptable version. This is a significant improvement over the current init script, which doesn't credit entropy and whose hashing in shell scripts is sort of fragile. Because seedrng is part of busybox, urandom-scripts now depends on BR2_PACKAGE_BUSYBOX. This can be removed again if later we add a standalone seedrng package. Add a decent explanation to the init script about the need for a persistent directory to make this actually work. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> [Arnout: - Remove busybox patch, it's now part of busybox 1.36.0. - Depend on busybox. - Fix shellcheck errors. - Use DAEMON and SEEDRNG_ARGS. - Don't bother with "seed_dir" and "skip_credit" variables. - Rename to S20seedrng. ] Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
8 lines
231 B
Plaintext
8 lines
231 B
Plaintext
config BR2_PACKAGE_URANDOM_SCRIPTS
|
|
bool "urandom-initscripts"
|
|
default y if BR2_PACKAGE_INITSCRIPTS
|
|
depends on BR2_PACKAGE_BUSYBOX
|
|
depends on !BR2_PACKAGE_SYSTEMD
|
|
help
|
|
Initscript to preserve the random seed between reboots.
|