urandom-seed: go back to seeding with shell script temporarily

This reverts commit 2edc017a6e0cb92b72b768aaa46c6d336ad84eff.

We shouldn't be using a shell script here, but the SeedRNG integration
into OpenWRT requires a bit more thought. Etienne raised some important
points immediately after this was merged and planned to send some follow
up commits, but became busy with other things. The points he raised are
important enough that we should actually back this out until it's ready
to go, and then merge it as a cohesive unit. So let's revert this for
now, and come back to it later on.

Cc: Etienne Champetier <champetier.etienne@gmail.com>
Cc: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

1 files changed, 13 insertions, 3 deletions

diff --git a/package/system/urandom-seed/files/lib/preinit/81_urandom_seed b/package/system/urandom-seed/files/lib/preinit/81_urandom_seed
index b3014daeaf..2adc6c47f0 100644
--- a/package/system/urandom-seed/files/lib/preinit/81_urandom_seed
+++ b/package/system/urandom-seed/files/lib/preinit/81_urandom_seed
@@ -2,11 +2,21 @@ log_urandom_seed() {
     echo "urandom-seed: $1" > /dev/kmsg
 }
 
+_do_urandom_seed() {
+    [ -f "$1" ] || { log_urandom_seed "Seed file not found ($1)"; return; }
+    [ -O "$1" -a -G "$1" -a ! -x "$1" ] || { log_urandom_seed "Wrong owner / permissions for $1"; return; }
+
+    log_urandom_seed "Seeding with $1"
+    cat "$1" > /dev/urandom
+}
+
 do_urandom_seed() {
     [ -c /dev/urandom ] || { log_urandom_seed "Something is wrong with /dev/urandom"; return; }
-    seedrng 2>&1 | while read -r line; do
-        log_urandom_seed "$line"
-    done
+
+    _do_urandom_seed "/etc/urandom.seed"
+
+    SEED="$(uci -q get system.@system[0].urandom_seed)"
+    [ "${SEED:0:1}" = "/" -a "$SEED" != "/etc/urandom.seed" ] && _do_urandom_seed "$SEED"
 }
 
 boot_hook_add preinit_main do_urandom_seed