random: Initialise the kernel's PRNG earlier

Since more processes depend on good randomness, we need to
make sure that the kernel's PRNG is initialized as early as
possible.

For systems without a HWRNG, we will need to fall back to our
noisy loop and wait until we have enough randomness.

This patch also removes saving and restoring the seed. This
is no longer useful because the kernel's PRNG only takes any
input after it has successfully been seeded from other sources.

Hence adding this seed does not increase its randomness.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

config/rootfiles/common/aarch64/initscripts

@@ -104,7 +104,6 @@ etc/rc.d/rc0.d/K08fcron
 etc/rc.d/rc0.d/K28apache
 etc/rc.d/rc0.d/K30sshd
 #etc/rc.d/rc0.d/K34client175
-etc/rc.d/rc0.d/K45random
 etc/rc.d/rc0.d/K47setclock
 etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
@@ -124,7 +123,6 @@ etc/rc.d/rc0.d/S80mountfs
 etc/rc.d/rc0.d/S90swap
 etc/rc.d/rc0.d/S99halt
 #etc/rc.d/rc3.d
-etc/rc.d/rc3.d/S00random
 etc/rc.d/rc3.d/S01vnstat
 etc/rc.d/rc3.d/S10sysklogd
 etc/rc.d/rc3.d/S11unbound
@@ -157,7 +155,6 @@ etc/rc.d/rc6.d/K08fcron
 etc/rc.d/rc6.d/K28apache
 etc/rc.d/rc6.d/K30sshd
 #etc/rc.d/rc6.d/K34client175
-etc/rc.d/rc6.d/K45random
 etc/rc.d/rc6.d/K47setclock
 etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
@@ -194,6 +191,7 @@ etc/rc.d/rcsysinit.d/S45udev_retry
 etc/rc.d/rcsysinit.d/S50cleanfs
 etc/rc.d/rcsysinit.d/S60setclock
 etc/rc.d/rcsysinit.d/S65rngd
+etc/rc.d/rcsysinit.d/S66random
 etc/rc.d/rcsysinit.d/S70console
 etc/rc.d/rcsysinit.d/S71pakfire
 etc/rc.d/rcsysinit.d/S73swconfig

config/rootfiles/common/armv5tel/initscripts

@@ -104,7 +104,6 @@ etc/rc.d/rc0.d/K08fcron
 etc/rc.d/rc0.d/K28apache
 etc/rc.d/rc0.d/K30sshd
 #etc/rc.d/rc0.d/K34client175
-etc/rc.d/rc0.d/K45random
 etc/rc.d/rc0.d/K47setclock
 etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
@@ -124,7 +123,6 @@ etc/rc.d/rc0.d/S80mountfs
 etc/rc.d/rc0.d/S90swap
 etc/rc.d/rc0.d/S99halt
 #etc/rc.d/rc3.d
-etc/rc.d/rc3.d/S00random
 etc/rc.d/rc3.d/S01vnstat
 etc/rc.d/rc3.d/S10sysklogd
 etc/rc.d/rc3.d/S11unbound
@@ -157,7 +155,6 @@ etc/rc.d/rc6.d/K08fcron
 etc/rc.d/rc6.d/K28apache
 etc/rc.d/rc6.d/K30sshd
 #etc/rc.d/rc6.d/K34client175
-etc/rc.d/rc6.d/K45random
 etc/rc.d/rc6.d/K47setclock
 etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
@@ -194,6 +191,7 @@ etc/rc.d/rcsysinit.d/S45udev_retry
 etc/rc.d/rcsysinit.d/S50cleanfs
 etc/rc.d/rcsysinit.d/S60setclock
 etc/rc.d/rcsysinit.d/S65rngd
+etc/rc.d/rcsysinit.d/S66random
 etc/rc.d/rcsysinit.d/S70console
 etc/rc.d/rcsysinit.d/S71pakfire
 etc/rc.d/rcsysinit.d/S73swconfig

config/rootfiles/common/i586/initscripts

@@ -103,7 +103,6 @@ etc/rc.d/rc0.d/K08fcron
 etc/rc.d/rc0.d/K28apache
 etc/rc.d/rc0.d/K30sshd
 #etc/rc.d/rc0.d/K34client175
-etc/rc.d/rc0.d/K45random
 etc/rc.d/rc0.d/K47setclock
 etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
@@ -123,7 +122,6 @@ etc/rc.d/rc0.d/S80mountfs
 etc/rc.d/rc0.d/S90swap
 etc/rc.d/rc0.d/S99halt
 #etc/rc.d/rc3.d
-etc/rc.d/rc3.d/S00random
 etc/rc.d/rc3.d/S01vnstat
 etc/rc.d/rc3.d/S10sysklogd
 etc/rc.d/rc3.d/S12acpid
@@ -156,7 +154,6 @@ etc/rc.d/rc6.d/K08fcron
 etc/rc.d/rc6.d/K28apache
 etc/rc.d/rc6.d/K30sshd
 #etc/rc.d/rc6.d/K34client175
-etc/rc.d/rc6.d/K45random
 etc/rc.d/rc6.d/K47setclock
 etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
@@ -193,6 +190,7 @@ etc/rc.d/rcsysinit.d/S45udev_retry
 etc/rc.d/rcsysinit.d/S50cleanfs
 etc/rc.d/rcsysinit.d/S60setclock
 etc/rc.d/rcsysinit.d/S65rngd
+etc/rc.d/rcsysinit.d/S66random
 etc/rc.d/rcsysinit.d/S70console
 etc/rc.d/rcsysinit.d/S71pakfire
 etc/rc.d/rcsysinit.d/S74cloud-init

config/rootfiles/common/x86_64/initscripts

@@ -103,7 +103,6 @@ etc/rc.d/rc0.d/K08fcron
 etc/rc.d/rc0.d/K28apache
 etc/rc.d/rc0.d/K30sshd
 #etc/rc.d/rc0.d/K34client175
-etc/rc.d/rc0.d/K45random
 etc/rc.d/rc0.d/K47setclock
 etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
@@ -123,7 +122,6 @@ etc/rc.d/rc0.d/S80mountfs
 etc/rc.d/rc0.d/S90swap
 etc/rc.d/rc0.d/S99halt
 #etc/rc.d/rc3.d
-etc/rc.d/rc3.d/S00random
 etc/rc.d/rc3.d/S01vnstat
 etc/rc.d/rc3.d/S10sysklogd
 etc/rc.d/rc3.d/S12acpid
@@ -156,7 +154,6 @@ etc/rc.d/rc6.d/K08fcron
 etc/rc.d/rc6.d/K28apache
 etc/rc.d/rc6.d/K30sshd
 #etc/rc.d/rc6.d/K34client175
-etc/rc.d/rc6.d/K45random
 etc/rc.d/rc6.d/K47setclock
 etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
@@ -193,6 +190,7 @@ etc/rc.d/rcsysinit.d/S45udev_retry
 etc/rc.d/rcsysinit.d/S50cleanfs
 etc/rc.d/rcsysinit.d/S60setclock
 etc/rc.d/rcsysinit.d/S65rngd
+etc/rc.d/rcsysinit.d/S66random
 etc/rc.d/rcsysinit.d/S70console
 etc/rc.d/rcsysinit.d/S71pakfire
 etc/rc.d/rcsysinit.d/S74cloud-init

lfs/initscripts

@@ -126,9 +126,6 @@ $(TARGET) :
 	ln -sf ../init.d/unbound     /etc/rc.d/rc0.d/K86unbound
 	ln -sf ../init.d/unbound     /etc/rc.d/rc3.d/S11unbound
 	ln -sf ../init.d/unbound     /etc/rc.d/rc6.d/K86unbound
-	ln -sf ../init.d/random      /etc/rc.d/rc0.d/K45random
-	ln -sf ../init.d/random      /etc/rc.d/rc3.d/S00random
-	ln -sf ../init.d/random      /etc/rc.d/rc6.d/K45random
 	ln -sf ../../sysconfig/rc.local /etc/rc.d/rc3.d/S98rc.local
 	ln -sf ../init.d/client175   /etc/rc.d/rc0.d/K34client175
 	ln -sf ../init.d/client175   /etc/rc.d/rc3.d/S66client175
@@ -174,6 +171,7 @@ $(TARGET) :
 	ln -sf ../init.d/setclock    /etc/rc.d/rc0.d/K47setclock
 	ln -sf ../init.d/setclock    /etc/rc.d/rc6.d/K47setclock
 	ln -sf ../init.d/rngd        /etc/rc.d/rcsysinit.d/S65rngd
+	ln -sf ../init.d/random      /etc/rc.d/rcsysinit.d/S66random
 	ln -sf ../init.d/console     /etc/rc.d/rcsysinit.d/S70console
 	ln -sf ../init.d/pakfire     /etc/rc.d/rcsysinit.d/S71pakfire
 	ln -sf ../init.d/cloud-init  /etc/rc.d/rcsysinit.d/S74cloud-init

src/initscripts/system/random

@@ -22,29 +22,10 @@ case "$1" in
 			sync
 			rm -f /var/tmp/random-tmpfile
 		done;
-
-		boot_mesg "\rInitializing kernel random number generator..."
-		if [ -f /var/tmp/random-seed ]; then
-			/bin/cat /var/tmp/random-seed >/dev/urandom
-		fi
-		touch /var/tmp/random-seed
-		chmod 600 /var/tmp/random-seed
-		/bin/dd if=/dev/urandom of=/var/tmp/random-seed \
-			count=1 bs=$poolsize &>/dev/null
-		evaluate_retval
-		;;
-
-	stop)
-		boot_mesg "Saving random seed..."
-		touch /var/tmp/random-seed
-		chmod 600 /var/tmp/random-seed
-		/bin/dd if=/dev/urandom of=/var/tmp/random-seed \
-			count=1 bs=$poolsize &>/dev/null
-		evaluate_retval
 		;;
 
 	*)
-		echo "Usage: $0 {start|stop}"
+		echo "Usage: $0 {start}"
 		exit 1
 		;;
 esac