The RNG can't actually be seeded from a shell script, due to the
reliance on ioctls and the fact that entropy written into the
unprivileged /dev/urandom device is not immediately mixed in, making
subsequent seed reads dangerous. For this reason, the seedrng project
provides a basic "C script" meant to be copy and pasted into projects
like Busybox and tweaked as needed: <https://git.zx2c4.com/seedrng/about/>.
The SeedRNG construction has been part of systemd's seeder since
January, and recently was added to Android, OpenRC, and Void's Runit,
with more integrations on their way depending on context. Virtually
every single Busybox-based distro I have seen seeds things in wrong,
incomplete, or otherwise dangerous way. For example, fixing this issue
in Buildroot requires first for Busybox to have this fix.
This commit imports it into Busybox and wires up the basic config. The
utility itself is tiny, and unlike the example code from the SeedRNG
project, we can re-use libbb's existing hash functions, rather than
having to ship a standalone BLAKE2s, which makes this even smaller.
function old new delta
seedrng_main - 1463 +1463
.rodata 107858 108665 +807
seed_from_file_if_exists - 697 +697
packed_usage 34414 34519 +105
static.longopts - 38 +38
static.seedrng_prefix - 26 +26
seed_dir - 8 +8
non_creditable_seed - 8 +8
lock_file - 8 +8
creditable_seed - 8 +8
applet_names 2747 2755 +8
applet_main 3192 3200 +8
------------------------------------------------------------------------------
(add/remove: 9/0 grow/shrink: 4/0 up/down: 3184/0) Total: 3184 bytes
text data bss dec hex filename
973776 4219 1816 979811 ef363 busybox_old
977035 4227 1848 983110 f0046 busybox_unstripped
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
In replace mode ('R' command) the backspace character should get
special treatment:
- backspace only goes back to the start of the replacement;
- backspacing over replaced characters restores the original text.
Prior to this commit BusyBox vi deleted the characters both before
and after the cursor in replace mode.
function old new delta
undo_pop - 235 +235
char_insert 858 884 +26
indicate_error 81 84 +3
find_range 654 657 +3
static.text_yank 77 79 +2
do_cmd 4486 4243 -243
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/1 up/down: 269/-243) Total: 26 bytes
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Do not skip over "*p = c;" statement.
Testcase: echo ~~nouser/qwe
function old new delta
argstr 1396 1406 +10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Without this patch, BusyBox handles bash pattern substitutions without
a terminating '/' character incorrectly.
Consider the following shell script:
_bootstrapver=5.0.211-r0
_referencesdir="/usr/${_bootstrapver/-*}/Sources"
echo $_referencesdir
This should output `/usr/5.0.211/Sources`. However, without this patch
it instead outputs `/usr/5.0.211Sources`. This is due to the fact that
BusyBox expects the bash pattern substitutions to always be terminated
with a '/' (at least in this part of subvareval) and thus reads passed
the substitution itself and consumes the '/' character which is part of
the literal string. If there is no '/' after the substitution then
BusyBox might perform an out-of-bounds read under certain circumstances.
When replacing the bash pattern substitution with `${_bootstrapver/-*/}`,
or with this patch applied, ash outputs the correct value.
Signed-off-by: Sören Tempel <soeren@soeren-tempel.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"
function old new delta
.rodata 108586 108460 -126
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-126) Total: -126 bytes
text data bss dec hex filename
970412 4219 1848 976479 ee65f busybox_old
970286 4219 1848 976353 ee5e1 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This can be faster on some CPUs.
On Skylake, evidently load latency from L1 (or store-to-load
forwarding in LSU) is fast enough to completely hide
memory reference latencies here.
function old new delta
sha1_process_block64 3495 3514 +19
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The specification requires volume label to be space padded.
Latest fsck.vfat will remove the zero padded volume label
as invalid. See also:
https://github.com/dosfstools/dosfstools/issues/172
Make the default label also "NO NAME" which has the special meaning
that label is not set.
function old new delta
mkfs_vfat_main 1470 1502 +32
static.NO_NAME_11 - 12 +12
.rodata 104309 104318 +9
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/0 up/down: 53/0) Total: 53 bytes
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In order to improve compatibility with GNU cmp add support for long
options to busybox cmp.
function old new delta
static.cmp_longopts - 36 +36
cmp_main 589 594 +5
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 41/0) Total: 41 bytes
Signed-off-by: Walter Lozano <walter.lozano@collabora.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>