From dbb1a83124140c83bc32c1af58bb22bcbfb86ab3 Mon Sep 17 00:00:00 2001
From: Vladis Dronov <vdronov@redhat.com>
Date: Fri, 18 Jun 2021 17:16:13 +0200
Subject: Rewrite init_kernel_rng() to ensure proper logging

We want to log errors in default_watermark(), so actually we should not
call it before logging is initialized, i.e. before processing command
line switches and setting am_daemon. With that, default_watermark() is
less needed. Adjust the code by merging it into init_kernel_rng() which
is called exactly after logging is initialized and "-l" case is handled.

Also use LOG_DEBUG priority for informational messages about entropy pool.
Initialize arguments->fill_watermark with -1 so we can distinguish cases
when watermark was or was not set by a command line switch.

Signed-off-by: Vladis Dronov <vdronov@redhat.com>
---
 rngd.c       | 14 +++++---------
 rngd_linux.c | 54 +++++++++++++++++++++++++++-------------------------
 rngd_linux.h |  4 ----
 3 files changed, 33 insertions(+), 39 deletions(-)

diff --git a/rngd.c b/rngd.c
index e85e723..a358fc7 100644
--- a/rngd.c
+++ b/rngd.c
@@ -62,7 +62,7 @@
 int kent_pool_size;
 
 /* Background/daemon mode */
-bool am_daemon;				/* True if we went daemon */
+bool am_daemon = false;			/* True if we went daemon */
 bool msg_squash = false;		/* True if we want no messages on the console */
 bool quiet = false;			/* True if we want no console output at all */
 volatile bool server_running = true;	/* set to false, to stop daemon */
@@ -132,6 +132,7 @@ static struct arguments default_arguments = {
 	.random_name	= "/dev/random",
 	.pid_file	= "/var/run/rngd.pid",
 	.random_step	= 64,
+	.fill_watermark = -1,
 	.daemon		= true,
 	.test		= false,
 	.list		= false,
@@ -845,9 +846,6 @@ int main(int argc, char **argv)
 
 	openlog("rngd", 0, LOG_DAEMON);
 
-	/* Get the default watermark level for this platform */
-	arguments->fill_watermark = default_watermark();
-
 	/* Parsing of commandline parameters */
 	if (argp_parse(&argp, argc, argv, 0, 0, arguments) < 0)
 		return 1;
@@ -865,13 +863,12 @@ int main(int argc, char **argv)
 		pid_fd = write_pid_file(arguments->pid_file);
 		if (pid_fd < 0)
 			return 1;
-
 	}
 
 	if (arguments->list) {
 		int found = 0;
 		message(LOG_CONS|LOG_INFO, "Entropy sources that are available but disabled\n");
-		for (i=0; i < ENT_MAX; i++) 
+		for (i=0; i < ENT_MAX; i++)
 			if (entropy_sources[i].init && entropy_sources[i].disabled == true) {
 				found = 1;
 				message(LOG_CONS|LOG_INFO, "%d: %s (%s)\n", i,
@@ -885,7 +882,6 @@ int main(int argc, char **argv)
 		message(LOG_DAEMON|LOG_INFO, "Initializing available sources\n");
 
 	/* Init entropy sources */
-	
 	for (i=0; i < ENT_MAX; i++) {
 		ent_src = &entropy_sources[i];
 		if (ent_src->init && ent_src->disabled == false) {
@@ -907,14 +903,14 @@ int main(int argc, char **argv)
 		int rc = 1;
 		msg_squash = false;
 		message(LOG_CONS|LOG_INFO, "Available and enabled entropy sources:\n");
-		for (i=0; i < ENT_MAX; i++) 
+		for (i=0; i < ENT_MAX; i++)
 			if (entropy_sources[i].init && entropy_sources[i].disabled == false) {
 				rc = 1;
 				message(LOG_CONS|LOG_INFO, "%d: %s (%s)\n", i,
 					entropy_sources[i].rng_name, entropy_sources[i].rng_sname);
 			}
 		message(LOG_CONS|LOG_INFO, "Available entropy sources that failed initalization:\n");
-		for (i=0; i < ENT_MAX; i++) 
+		for (i=0; i < ENT_MAX; i++)
 			if (entropy_sources[i].init && entropy_sources[i].disabled == true && entropy_sources[i].failed_init == true) {
 				rc = 1;
 				message(LOG_CONS|LOG_INFO, "%d: %s (%s)\n", i,
diff --git a/rngd_linux.c b/rngd_linux.c
index c52c62d..873723c 100644
--- a/rngd_linux.c
+++ b/rngd_linux.c
@@ -54,20 +54,26 @@ static int random_fd;
 extern int kent_pool_size;
 
 /*
- * Get the default watermark
+ * Initialize the interface to the Linux Kernel
+ * entropy pool (through /dev/random)
+ *
+ * randomdev is the path to the random device
  */
 
 #define DEFAULT_WATERMARK_GUESS 4096
 
-int default_watermark(void)
+void init_kernel_rng(const char* randomdev)
 {
 	FILE *f;
+	int err;
 	unsigned int wm;
 
+	/* Try to open and read poolsize sysfs file */
 	f = fopen("/proc/sys/kernel/random/poolsize", "r");
 	if (!f) {
 		wm = DEFAULT_WATERMARK_GUESS;
-		message(LOG_DAEMON|LOG_ERR, "can't open /proc/sys/kernel/random/poolsize: %s",
+		message(LOG_DAEMON|LOG_WARNING,
+			"can't open /proc/sys/kernel/random/poolsize: %s\n",
 			strerror(errno));
 		goto err;
 	}
@@ -75,42 +81,36 @@ int default_watermark(void)
 	/* Use DEFAULT_WATERMARK_GUESS if fscanf fails */
 	if(fscanf(f,"%u", &wm) < 1) {
 		wm = DEFAULT_WATERMARK_GUESS;
-		message(LOG_DAEMON|LOG_ERR, "can't read /proc/sys/kernel/random/poolsize: %s",
+		message(LOG_DAEMON|LOG_WARNING,
+			"can't read /proc/sys/kernel/random/poolsize: %s\n",
 			strerror(errno));
 	}
+	fclose(f);
 
 err:
+	/* Set the fill_watermark to wm if it was not set on a command line */
 	kent_pool_size = wm;
 	wm = wm*3/4;
-	message(LOG_DAEMON|LOG_ERR, "kernel entropy pool size: %d pool watermark: %d",
-		kent_pool_size, wm);
-
-	if (f)
-		fclose(f);
-	return wm;
-}
-
-/*
- * Initialize the interface to the Linux Kernel
- * entropy pool (through /dev/random)
- *
- * randomdev is the path to the random device
- */
-void init_kernel_rng(const char* randomdev)
-{
-	FILE *f;
-	int err;
+	if (arguments->fill_watermark == -1)
+		arguments->fill_watermark = wm;
 
+	/* Try to open randomdev file for writing */
 	random_fd = open(randomdev, O_RDWR);
 	if (random_fd == -1) {
 		message(LOG_DAEMON|LOG_ERR, "can't open %s: %s",
 			randomdev, strerror(errno));
 		exit(EXIT_USAGE);
 	}
+
 	/* Don't set the watermark if the watermark is zero */
-	if (!arguments->fill_watermark)
+	if (!arguments->fill_watermark) {
+		message(LOG_DAEMON|LOG_DEBUG,
+			"Kernel entropy pool size %d, pool watermark is not set\n",
+			kent_pool_size);
 		return;
+	}
 
+	/* Actually set entropy pool watermark */
 	f = fopen("/proc/sys/kernel/random/write_wakeup_threshold", "w");
 	if (!f) {
 		err = 1;
@@ -119,12 +119,14 @@ void init_kernel_rng(const char* randomdev)
 		/* Note | not || here... we always want to close the file */
 		err = ferror(f) | fclose(f);
 	}
-	if (err) {
+	if (err)
 		message(LOG_DAEMON|LOG_WARNING,
 			"unable to adjust write_wakeup_threshold: %s\n",
 			strerror(errno));
-	}
-
+	else
+		message(LOG_DAEMON|LOG_DEBUG,
+			"Kernel entropy pool size %d, pool watermark %d\n",
+			kent_pool_size, arguments->fill_watermark);
 }
 
 struct entropy {
diff --git a/rngd_linux.h b/rngd_linux.h
index 4cb2a4a..a485383 100644
--- a/rngd_linux.h
+++ b/rngd_linux.h
@@ -26,9 +26,6 @@
 #include <unistd.h>
 #include <stdint.h>
 
-/* The default watermark level for this platform */
-extern int default_watermark(void);
-
 /*
  * Initialize the interface to the Linux Kernel
  * entropy pool (through /dev/random)
@@ -44,4 +41,3 @@ extern int random_add_entropy(void *buf, size_t size);
 extern void random_sleep(void);
 
 #endif /* RNGD_LINUX__H */
-
-- 
2.26.3