diff options
Diffstat (limited to 'meta/recipes-support/rng-tools')
-rw-r--r-- | meta/recipes-support/rng-tools/rng-tools/0001-rngd-fix-debug-to-also-filter-syslog-calls.patch | 46 | ||||
-rw-r--r-- | meta/recipes-support/rng-tools/rng-tools/a4b6d9ce64f132e463b9091d0536913ddaf11516.patch | 42 | ||||
-rw-r--r-- | meta/recipes-support/rng-tools/rng-tools/dab16a5fd4efde8ef569b358e19b1fcbc7d0d938.patch | 51 | ||||
-rw-r--r-- | meta/recipes-support/rng-tools/rng-tools/rng-tools.service (renamed from meta/recipes-support/rng-tools/rng-tools/rngd.service) | 4 | ||||
-rw-r--r-- | meta/recipes-support/rng-tools/rng-tools_6.16.bb (renamed from meta/recipes-support/rng-tools/rng-tools_6.10.bb) | 58 |
5 files changed, 34 insertions, 167 deletions
diff --git a/meta/recipes-support/rng-tools/rng-tools/0001-rngd-fix-debug-to-also-filter-syslog-calls.patch b/meta/recipes-support/rng-tools/rng-tools/0001-rngd-fix-debug-to-also-filter-syslog-calls.patch deleted file mode 100644 index 0733378668..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/0001-rngd-fix-debug-to-also-filter-syslog-calls.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 213a869e8315ead2c739acfcbde712358a842dee Mon Sep 17 00:00:00 2001 -From: Yann Dirson <yann@blade-group.com> -Date: Fri, 9 Oct 2020 15:12:26 +0200 -Subject: [PATCH] rngd: fix --debug to also filter syslog() calls - -Debug logs were only controlled by --debug flag while in --foreground -mode. In --daemon mode /var/log/message got stuffed with details of -entropy pool refilling, which is useless in production, and hamful -when log rotation then gets rid of the more useful logs. This is -especially true for embedded systems. - -This change makes the two modes consistently only produce debug logs when ---debug is specified. - -Upstream-Status: Backport [213a869e8315ead2c739acfcbde712358a842dee] - -Signed-off-by: Yann Dirson <yann@blade-group.com> ---- - rngd.h | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/rngd.h b/rngd.h -index 901b6f1..a79ea0f 100644 ---- a/rngd.h -+++ b/rngd.h -@@ -166,13 +166,13 @@ extern bool quiet; - #define message(priority,fmt,args...) do { \ - if (quiet) \ - break;\ -+ if (arguments->debug == false && LOG_PRI(priority) == LOG_DEBUG) \ -+ break;\ - if (am_daemon) { \ - syslog((priority), fmt, ##args); \ - } else if (!msg_squash) { \ -- if ((LOG_PRI(priority) != LOG_DEBUG) || (arguments->debug == true)) {\ -- fprintf(stderr, fmt, ##args); \ -- fflush(stderr); \ -- } \ -+ fprintf(stderr, fmt, ##args); \ -+ fflush(stderr); \ - } \ - } while (0) - --- -2.28.0 - diff --git a/meta/recipes-support/rng-tools/rng-tools/a4b6d9ce64f132e463b9091d0536913ddaf11516.patch b/meta/recipes-support/rng-tools/rng-tools/a4b6d9ce64f132e463b9091d0536913ddaf11516.patch deleted file mode 100644 index 96301617b2..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/a4b6d9ce64f132e463b9091d0536913ddaf11516.patch +++ /dev/null @@ -1,42 +0,0 @@ -From a4b6d9ce64f132e463b9091d0536913ddaf11516 Mon Sep 17 00:00:00 2001 -From: Neil Horman <nhorman@tuxdriver.com> -Date: Thu, 30 Apr 2020 16:57:35 -0400 -Subject: [PATCH] Remove name conflict with libc encrypt -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Forgot to fixup the funciton name conflict with libcs encrypt() function -on power systems - -Upstream-Status: Backport [https://github.com/nhorman/rng-tools/commit/a4b6d9ce64f132e463b9091d0536913ddaf11516] -Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> -Signed-off-by: Neil Horman <nhorman@tuxdriver.com> -Reported-by: Natanael Copa <ncopa@alpinelinux.org> -Reported-by: "Milan P. Stanić" <mps@arvanta.net> ---- - rngd_darn.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/rngd_darn.c b/rngd_darn.c -index 35df7a1..9345895 100644 ---- a/rngd_darn.c -+++ b/rngd_darn.c -@@ -109,7 +109,7 @@ static int init_openssl(struct rng *ent_src) - return 0; - } - --int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, -+static int osslencrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, - unsigned char *iv, unsigned char *ciphertext) - { - int len; -@@ -150,7 +150,7 @@ static inline int openssl_mangle(unsigned char *tmp, struct rng *ent_src) - unsigned char ciphertext[CHUNK_SIZE * RDRAND_ROUNDS]; - - /* Encrypt the plaintext */ -- ciphertext_len = encrypt (tmp, strlen(tmp), key, iv_buf, -+ ciphertext_len = osslencrypt (tmp, strlen(tmp), key, iv_buf, - ciphertext); - printf("Calling mangle with len %d\n", ciphertext_len); - if (!ciphertext_len) diff --git a/meta/recipes-support/rng-tools/rng-tools/dab16a5fd4efde8ef569b358e19b1fcbc7d0d938.patch b/meta/recipes-support/rng-tools/rng-tools/dab16a5fd4efde8ef569b358e19b1fcbc7d0d938.patch deleted file mode 100644 index 93103ef79f..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/dab16a5fd4efde8ef569b358e19b1fcbc7d0d938.patch +++ /dev/null @@ -1,51 +0,0 @@ -From dab16a5fd4efde8ef569b358e19b1fcbc7d0d938 Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine <fontaine.fabrice@gmail.com> -Date: Mon, 30 Mar 2020 00:10:46 +0200 -Subject: [PATCH] rngd_jitter: disambiguate call to encrypt - -Commit 0f184ea7e792427fb20afe81d471b565aee96f0b disambiguate the call to -encrypt in rngd_rdrand.c but did not update rngd_jitter.c. - -This raise the following build failure: - -rngd_jitter.c:75:12: error: conflicting types for 'encrypt' - static int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, - ^~~~~~~ -In file included from rngd_jitter.c:27: -/home/dawncrow/buildroot-test/scripts/instance-0/output-1/host/powerpc-buildroot-linux-uclibc/sysroot/usr/include/unistd.h:1132:13: note: previous declaration of 'encrypt' was here - extern void encrypt (char *__block, int __edflag) __THROW __nonnull ((1)); - ^~~~~~~ -Makefile:770: recipe for target 'rngd-rngd_jitter.o' failed - -Fixes: - - http://autobuild.buildroot.org/results/0ca6bf16e3acbc94065b88c4442d6595424b77cb - -Upstream-Status: Backport [https://github.com/nhorman/rng-tools/commit/dab16a5fd4efde8ef569b358e19b1fcbc7d0d938] -Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> ---- - rngd_jitter.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/rngd_jitter.c b/rngd_jitter.c -index c1b1aca..49a3825 100644 ---- a/rngd_jitter.c -+++ b/rngd_jitter.c -@@ -72,7 +72,7 @@ unsigned char *aes_buf; - char key[AES_BLOCK]; - static unsigned char iv_buf[CHUNK_SIZE] __attribute__((aligned(128))); - --static int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, -+static int osslencrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, - unsigned char *iv, unsigned char *ciphertext) - { - EVP_CIPHER_CTX *ctx; -@@ -122,7 +122,7 @@ static inline int openssl_mangle(unsigned char *tmp, struct rng *ent_src) - unsigned char ciphertext[CHUNK_SIZE * RDRAND_ROUNDS]; - - /* Encrypt the plaintext */ -- ciphertext_len = encrypt (tmp, strlen(tmp), key, iv_buf, -+ ciphertext_len = osslencrypt (tmp, strlen(tmp), key, iv_buf, - ciphertext); - if (!ciphertext_len) - return -1; diff --git a/meta/recipes-support/rng-tools/rng-tools/rngd.service b/meta/recipes-support/rng-tools/rng-tools/rng-tools.service index 0559b97991..5ae2fba215 100644 --- a/meta/recipes-support/rng-tools/rng-tools/rngd.service +++ b/meta/recipes-support/rng-tools/rng-tools/rng-tools.service @@ -1,9 +1,9 @@ [Unit] Description=Hardware RNG Entropy Gatherer Daemon DefaultDependencies=no -After=systemd-udev-settle.service -Before=sysinit.target shutdown.target Conflicts=shutdown.target +Before=sysinit.target shutdown.target +ConditionVirtualization=!container [Service] EnvironmentFile=-@SYSCONFDIR@/default/rng-tools diff --git a/meta/recipes-support/rng-tools/rng-tools_6.10.bb b/meta/recipes-support/rng-tools/rng-tools_6.16.bb index 40ec5ad671..f0aa3ff93f 100644 --- a/meta/recipes-support/rng-tools/rng-tools_6.10.bb +++ b/meta/recipes-support/rng-tools/rng-tools_6.16.bb @@ -1,23 +1,17 @@ SUMMARY = "Random number generator daemon" DESCRIPTION = "Check and feed random data from hardware device to kernel" -AUTHOR = "Philipp Rumpf, Jeff Garzik <jgarzik@pobox.com>, \ - Henrique de Moraes Holschuh <hmh@debian.org>" HOMEPAGE = "https://github.com/nhorman/rng-tools" BUGTRACKER = "https://github.com/nhorman/rng-tools/issues" -LICENSE = "GPLv2" +LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -DEPENDS = "sysfsutils openssl" - -SRC_URI = "\ - git://github.com/nhorman/rng-tools.git \ - file://a4b6d9ce64f132e463b9091d0536913ddaf11516.patch \ - file://dab16a5fd4efde8ef569b358e19b1fcbc7d0d938.patch \ - file://0001-rngd-fix-debug-to-also-filter-syslog-calls.patch \ - file://init \ - file://default \ - file://rngd.service \ -" -SRCREV = "0be82200a66d9321451e0a0785bfae350b9cffdc" +DEPENDS = "openssl libcap" + +SRC_URI = "git://github.com/nhorman/rng-tools.git;branch=master;protocol=https \ + file://init \ + file://default \ + file://rng-tools.service \ + " +SRCREV = "e061c313b95890eb5fa0ada0cd6eec619dafdfe2" S = "${WORKDIR}/git" @@ -26,38 +20,50 @@ inherit autotools update-rc.d systemd pkgconfig EXTRA_OECONF = "--without-rtlsdr" PACKAGECONFIG ??= "libjitterentropy" -PACKAGECONFIG_libc-musl = "libargp libjitterentropy" +PACKAGECONFIG:libc-musl = "libargp libjitterentropy" PACKAGECONFIG[libargp] = "--with-libargp,--without-libargp,argp-standalone," PACKAGECONFIG[libjitterentropy] = "--enable-jitterentropy,--disable-jitterentropy,libjitterentropy" PACKAGECONFIG[libp11] = "--with-pkcs11,--without-pkcs11,libp11 openssl" -PACKAGECONFIG[nistbeacon] = "--with-nistbeacon,--without-nistbeacon,curl libxml2 openssl" +PACKAGECONFIG[nistbeacon] = "--with-nistbeacon,--without-nistbeacon,curl libxml2" +PACKAGECONFIG[qrypt] = "--with-qrypt,--without-qrypt,curl" + +INITSCRIPT_PACKAGES = "${PN}-service" +INITSCRIPT_NAME:${PN}-service = "rng-tools" +INITSCRIPT_PARAMS:${PN}-service = "start 03 2 3 4 5 . stop 30 0 6 1 ." -INITSCRIPT_NAME = "rng-tools" -INITSCRIPT_PARAMS = "start 03 2 3 4 5 . stop 30 0 6 1 ." +SYSTEMD_PACKAGES = "${PN}-service" +SYSTEMD_SERVICE:${PN}-service = "rng-tools.service" -SYSTEMD_SERVICE_${PN} = "rngd.service" +CFLAGS += " -DJENT_CONF_ENABLE_INTERNAL_TIMER " + +PACKAGES =+ "${PN}-service" + +FILES:${PN}-service += " \ + ${sysconfdir}/init.d/rng-tools \ + ${sysconfdir}/default/rng-tools \ +" # Refer autogen.sh in rng-tools -do_configure_prepend() { +do_configure:prepend() { cp ${S}/README.md ${S}/README } -do_install_append() { +do_install:append() { install -Dm 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/rng-tools install -Dm 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/rng-tools - install -Dm 0644 ${WORKDIR}/rngd.service \ - ${D}${systemd_system_unitdir}/rngd.service + install -Dm 0644 ${WORKDIR}/rng-tools.service \ + ${D}${systemd_system_unitdir}/rng-tools.service sed -i \ -e 's,@SYSCONFDIR@,${sysconfdir},g' \ -e 's,@SBINDIR@,${sbindir},g' \ ${D}${sysconfdir}/init.d/rng-tools \ - ${D}${systemd_system_unitdir}/rngd.service + ${D}${systemd_system_unitdir}/rng-tools.service if [ "${@bb.utils.contains('PACKAGECONFIG', 'nistbeacon', 'yes', 'no', d)}" = "yes" ]; then sed -i \ -e '/^IPAddressDeny=any/d' \ -e '/^RestrictAddressFamilies=/ s/$/ AF_INET AF_INET6/' \ - ${D}${systemd_system_unitdir}/rngd.service + ${D}${systemd_system_unitdir}/rng-tools.service fi } |