diff options
Diffstat (limited to 'meta/recipes-support/rng-tools')
9 files changed, 102 insertions, 309 deletions
diff --git a/meta/recipes-support/rng-tools/rng-tools/0001-If-the-libc-is-lacking-argp-use-libargp.patch b/meta/recipes-support/rng-tools/rng-tools/0001-If-the-libc-is-lacking-argp-use-libargp.patch deleted file mode 100644 index 4bd9d31c0e..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/0001-If-the-libc-is-lacking-argp-use-libargp.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 99679fda405e535a282f04a4decc2381154a749f Mon Sep 17 00:00:00 2001 -From: Christopher Larson <chris_larson@mentor.com> -Date: Mon, 15 Feb 2016 15:59:58 -0700 -Subject: [PATCH 1/2] If the libc is lacking argp, use libargp - -Patch pulled from Gentoo: - - On glibc systems, argp is provided by libc. However, on - uclibc and other systems which lack argp in their C library, - argp might be provided by a stand alone library, libargp. - This patch adds tests to the build system to find who provides - argp. - - X-Gentoo-Bug: 292191 - X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=292191 - Reported-by: Ed Wildgoose <gentoo@wildgooses.com> - Signed-off-by: Anthony G. Basile <blueness@gentoo.org> - -Upstream-Status: Pending -Signed-off-by: Christopher Larson <chris_larson@mentor.com> ---- - configure.ac | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/configure.ac b/configure.ac -index 27a2dba..04fcd25 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -82,6 +82,28 @@ AS_IF( - ] - ) - -+dnl First check if we have argp available from libc -+AC_LINK_IFELSE( -+ [AC_LANG_PROGRAM( -+ [#include <argp.h>], -+ [int argc=1; char *argv[]={"test"}; argp_parse(0,argc,argv,0,0,0); return 0;] -+ )], -+ [libc_has_argp="true"], -+ [libc_has_argp="false"] -+) -+ -+dnl If libc doesn't provide argp, then test for libargp -+if test "$libc_has_argp" = "false" ; then -+ AC_MSG_WARN("libc does not have argp") -+ AC_CHECK_LIB([argp], [argp_parse], [have_argp="true"], [have_argp="false"]) -+ -+ if test "$have_argp" = "false"; then -+ AC_MSG_ERROR("no libargp found") -+ else -+ LIBS+=" -largp" -+ fi -+fi -+ - dnl ----------------- - dnl Configure options - dnl ----------------- --- -2.2.1 - diff --git a/meta/recipes-support/rng-tools/rng-tools/0002-Add-argument-to-control-the-libargp-dependency.patch b/meta/recipes-support/rng-tools/rng-tools/0002-Add-argument-to-control-the-libargp-dependency.patch deleted file mode 100644 index 1c8a79ce0b..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/0002-Add-argument-to-control-the-libargp-dependency.patch +++ /dev/null @@ -1,92 +0,0 @@ -From afc8712a9e6c72fbd03c36f84ecf8703e5d22a8c Mon Sep 17 00:00:00 2001 -From: Christopher Larson <chris_larson@mentor.com> -Date: Mon, 15 Feb 2016 16:11:32 -0700 -Subject: [PATCH 2/2] Add argument to control the libargp dependency - -This ensures that the builds are always deterministic. If the argument isn't -passed, the default behavior is to use libargp if the libc doesn't have argp. - -Upstream-Status: Pending -Signed-off-by: Christopher Larson <chris_larson@mentor.com> ---- - configure.ac | 55 ++++++++++++++++++++++++++++++++++++------------------- - 1 file changed, 36 insertions(+), 19 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 04fcd25..11a5321 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -32,6 +32,13 @@ AC_ARG_WITH([libgcrypt], - [with_libgcrypt=check] - ) - -+AC_ARG_WITH([libargp], -+ AS_HELP_STRING([--without-libargp], -+ [Disable libargp support. Systems whose libc lacks argp can use libargp instead. (Default: check if libc lacks argp)]), -+ [with_libargp=$withval], -+ [with_libargp=check] -+) -+ - dnl Make sure anyone changing configure.ac/Makefile.am has a clue - AM_MAINTAINER_MODE - -@@ -82,27 +89,37 @@ AS_IF( - ] - ) - --dnl First check if we have argp available from libc --AC_LINK_IFELSE( -- [AC_LANG_PROGRAM( -- [#include <argp.h>], -- [int argc=1; char *argv[]={"test"}; argp_parse(0,argc,argv,0,0,0); return 0;] -- )], -- [libc_has_argp="true"], -- [libc_has_argp="false"] -+dnl Determine if we need libargp: either user requested, or libc has no argp -+AS_IF( -+ [test "x$with_libargp" != "xyes"], -+ [ -+ AC_LINK_IFELSE( -+ [AC_LANG_PROGRAM( -+ [#include <argp.h>], -+ [int argc=1; char *argv[]={"test"}; argp_parse(0,argc,argv,0,0,0); return 0;] -+ )], -+ [need_libargp=no], -+ [need_libargp=yes -+ if test "x$with_libargp" = "xno"; then -+ AC_MSG_FAILURE([libargp disabled and libc does not have argp]) -+ fi] -+ ) -+ ], -+ [need_libargp=yes], - ) - --dnl If libc doesn't provide argp, then test for libargp --if test "$libc_has_argp" = "false" ; then -- AC_MSG_WARN("libc does not have argp") -- AC_CHECK_LIB([argp], [argp_parse], [have_argp="true"], [have_argp="false"]) -- -- if test "$have_argp" = "false"; then -- AC_MSG_ERROR("no libargp found") -- else -- LIBS+=" -largp" -- fi --fi -+dnl Check for libargp -+AS_IF( -+ [test "x$need_libargp" = "xyes"], -+ [ -+ AC_CHECK_LIB( -+ [argp], -+ [argp_parse], -+ [LIBS="$LIBS -largp"], -+ [AC_MSG_FAILURE([libargp not found])] -+ ) -+ ] -+) - - dnl ----------------- - dnl Configure options --- -2.2.1 - diff --git a/meta/recipes-support/rng-tools/rng-tools/default b/meta/recipes-support/rng-tools/rng-tools/default index 7aede9be03..b9f8e03635 100644 --- a/meta/recipes-support/rng-tools/rng-tools/default +++ b/meta/recipes-support/rng-tools/rng-tools/default @@ -1,3 +1 @@ -# Specify rng device -#RNG_DEVICE=/dev/hwrng -RNG_DEVICE=/dev/urandom +EXTRA_ARGS="-r /dev/hwrng" diff --git a/meta/recipes-support/rng-tools/rng-tools/init b/meta/recipes-support/rng-tools/rng-tools/init index 7cf78393a4..13f0ecd37c 100644 --- a/meta/recipes-support/rng-tools/rng-tools/init +++ b/meta/recipes-support/rng-tools/rng-tools/init @@ -1,26 +1,19 @@ -#! /bin/sh +#!/bin/sh # # This is an init script for openembedded -# Copy it to /etc/init.d/rng-tools and type +# Copy it to @SYSCONFDIR@/init.d/rng-tools and type # > update-rc.d rng-tools defaults 60 # -rngd=/usr/sbin/rngd +rngd=@SBINDIR@/rngd test -x "$rngd" || exit 1 -if [ -e /etc/default/rng-tools ]; then - . /etc/default/rng-tools -fi - -if [ -n "$RNG_DEVICE" ]; then - EXTRA_ARGS="-- -r $RNG_DEVICE" -fi - +[ -r @SYSCONFDIR@/default/rng-tools ] && . "@SYSCONFDIR@/default/rng-tools" case "$1" in start) echo -n "Starting random number generator daemon" - start-stop-daemon -S -q -x $rngd $EXTRA_ARGS + start-stop-daemon -S -q -x $rngd -- $EXTRA_ARGS echo "." ;; stop) @@ -38,11 +31,11 @@ case "$1" in start-stop-daemon -K -q -n rngd echo "." echo -n "Starting random number generator daemon" - start-stop-daemon -S -q -x $rngd $EXTRA_ARGS + start-stop-daemon -S -q -x $rngd -- $EXTRA_ARGS echo "." ;; *) - echo "Usage: /etc/init.d/rng-tools {start|stop|reload|restart|force-reload}" + echo "Usage: @SYSCONFDIR@/init.d/rng-tools {start|stop|reload|restart|force-reload}" exit 1 esac diff --git a/meta/recipes-support/rng-tools/rng-tools/rng-tools.service b/meta/recipes-support/rng-tools/rng-tools/rng-tools.service new file mode 100644 index 0000000000..5ae2fba215 --- /dev/null +++ b/meta/recipes-support/rng-tools/rng-tools/rng-tools.service @@ -0,0 +1,32 @@ +[Unit] +Description=Hardware RNG Entropy Gatherer Daemon +DefaultDependencies=no +Conflicts=shutdown.target +Before=sysinit.target shutdown.target +ConditionVirtualization=!container + +[Service] +EnvironmentFile=-@SYSCONFDIR@/default/rng-tools +ExecStart=@SBINDIR@/rngd -f $EXTRA_ARGS +CapabilityBoundingSet=CAP_SYS_ADMIN +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectHostname=yes +ProtectKernelModules=yes +ProtectKernelLogs=yes +ProtectSystem=strict +RestrictAddressFamilies=AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service + +[Install] +WantedBy=sysinit.target diff --git a/meta/recipes-support/rng-tools/rng-tools/uclibc-libuargp-configure.patch b/meta/recipes-support/rng-tools/rng-tools/uclibc-libuargp-configure.patch deleted file mode 100644 index e691315d16..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/uclibc-libuargp-configure.patch +++ /dev/null @@ -1,63 +0,0 @@ -In case of uclibc, use libuargp - -If we use uclibc for system libraries, select libuargp - -Upstream-Status: Pending - -Signed-off-by: Maxin B. John <maxin.john@intel.com> ---- -diff -Naur rng-tools-5-orig/configure.ac rng-tools-5/configure.ac ---- rng-tools-5-orig/configure.ac 2016-02-24 18:11:24.023690235 +0200 -+++ rng-tools-5/configure.ac 2016-02-24 18:14:49.763118138 +0200 -@@ -39,6 +39,13 @@ - [with_libargp=check] - ) - -+AC_ARG_ENABLE([uclibc], -+ AS_HELP_STRING([--enable-uclibc], [Use uclibc for system libraries]), -+ use_uclibc=yes, use_uclibc=no) -+AM_CONDITIONAL(USE_UCLIBC, test "x$use_uclibc" = "xyes") -+AS_IF([test "x$use_uclibc" = "xyes"], [AC_DEFINE(USE_UCLIBC)]) -+AH_TEMPLATE([USE_UCLIBC], [Defined if uclibc libraries are used.]) -+ - dnl Make sure anyone changing configure.ac/Makefile.am has a clue - AM_MAINTAINER_MODE - -@@ -101,7 +108,7 @@ - [need_libargp=no], - [need_libargp=yes - if test "x$with_libargp" = "xno"; then -- AC_MSG_FAILURE([libargp disabled and libc does not have argp]) -+ AC_MSG_WARN([libargp disabled and libc does not have argp]) - fi] - ) - ], -@@ -110,7 +117,7 @@ - - dnl Check for libargp - AS_IF( -- [test "x$need_libargp" = "xyes"], -+ [test "x$need_libargp" = "xyes" -a "x$use_uclibc" = "xno"], - [ - AC_CHECK_LIB( - [argp], -@@ -120,6 +127,19 @@ - ) - ] - ) -+ -+dnl Check for libuargp -+AS_IF( -+ [test "x$use_uclibc" = "xyes"], -+ [ -+ AC_CHECK_LIB( -+ [uargp], -+ [argp_parse], -+ [LIBS="$LIBS -luargp"], -+ [AC_MSG_FAILURE([libuargp not found])] -+ ) -+ ] -+) - - dnl ----------------- - dnl Configure options diff --git a/meta/recipes-support/rng-tools/rng-tools/underquote.patch b/meta/recipes-support/rng-tools/rng-tools/underquote.patch deleted file mode 100644 index 1422571818..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools/underquote.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix underquoted m4 entry. This causes a failure if gcrypt isn't present: - -| configure: libgcrypt support disabled -| ../rng-tools-5/configure: line 4345: ac_fn_c_try_link: command not found -| configure: error: in `/media/build1/poky/build/tmp/work/i586-poky-linux/rng-tools/5-r0/build': - -RP -2016/2/16 - -Index: rng-tools-5/configure.ac -=================================================================== ---- rng-tools-5.orig/configure.ac -+++ rng-tools-5/configure.ac -@@ -71,7 +71,7 @@ AS_IF( - [test "x$with_libgcrypt" != "xno"], - [ - AC_CHECK_HEADER([gcrypt.h], -- AC_CHECK_LIB( -+ [AC_CHECK_LIB( - [gcrypt], - [gcry_check_version], , - [ -@@ -80,7 +80,7 @@ AS_IF( - AC_MSG_NOTICE([libgcrypt support disabled]) - fi - ] -- ), -+ )], - [if test "x$with_libgcrypt" != "xcheck"; then - AC_MSG_FAILURE([libgcrypt headers not found]); else - AC_MSG_NOTICE([libgcrypt support disabled]) diff --git a/meta/recipes-support/rng-tools/rng-tools_5.bb b/meta/recipes-support/rng-tools/rng-tools_5.bb deleted file mode 100644 index 913a092fd6..0000000000 --- a/meta/recipes-support/rng-tools/rng-tools_5.bb +++ /dev/null @@ -1,46 +0,0 @@ -SUMMARY = "Random number generator daemon" -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=0b6f033afe6db235e559456585dc8cdc" - -SRC_URI = "http://heanet.dl.sourceforge.net/sourceforge/gkernel/${BP}.tar.gz \ - file://0001-If-the-libc-is-lacking-argp-use-libargp.patch \ - file://0002-Add-argument-to-control-the-libargp-dependency.patch \ - file://underquote.patch \ - file://uclibc-libuargp-configure.patch \ - file://init \ - file://default" - -SRC_URI[md5sum] = "6726cdc6fae1f5122463f24ae980dd68" -SRC_URI[sha256sum] = "60a102b6603bbcce2da341470cad42eeaa9564a16b4490e7867026ca11a3078e" - -# As the recipe doesn't inherit systemd.bbclass, we need to set this variable -# manually to avoid unnecessary postinst/preinst generated. -python () { - if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): - d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") -} - -inherit autotools update-rc.d - -PACKAGECONFIG = "libgcrypt" -PACKAGECONFIG_libc-musl = "libargp" -PACKAGECONFIG_libc-uclibc = "libuargp" -PACKAGECONFIG[libargp] = "--with-libargp,--without-libargp,argp-standalone," -PACKAGECONFIG[libuargp] = "--enable-uclibc,,," -PACKAGECONFIG[libgcrypt] = "--with-libgcrypt,--without-libgcrypt,libgcrypt," - -do_install_append() { - # Only install the init script when 'sysvinit' is in DISTRO_FEATURES. - if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then - install -d "${D}${sysconfdir}/init.d" - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/rng-tools - sed -i -e 's,/etc/,${sysconfdir}/,' -e 's,/usr/sbin/,${sbindir}/,' \ - ${D}${sysconfdir}/init.d/rng-tools - - install -d "${D}${sysconfdir}/default" - install -m 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/rng-tools - fi -} - -INITSCRIPT_NAME = "rng-tools" -INITSCRIPT_PARAMS = "start 30 2 3 4 5 . stop 30 0 6 1 ." diff --git a/meta/recipes-support/rng-tools/rng-tools_6.16.bb b/meta/recipes-support/rng-tools/rng-tools_6.16.bb new file mode 100644 index 0000000000..02abe486bb --- /dev/null +++ b/meta/recipes-support/rng-tools/rng-tools_6.16.bb @@ -0,0 +1,62 @@ +SUMMARY = "Random number generator daemon" +DESCRIPTION = "Check and feed random data from hardware device to kernel" +AUTHOR = "Philipp Rumpf, Jeff Garzik <jgarzik@pobox.com>, \ + Henrique de Moraes Holschuh <hmh@debian.org>" +HOMEPAGE = "https://github.com/nhorman/rng-tools" +BUGTRACKER = "https://github.com/nhorman/rng-tools/issues" +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" +DEPENDS = "sysfsutils openssl libcap" + +SRC_URI = "git://github.com/nhorman/rng-tools.git;branch=master;protocol=https \ + file://init \ + file://default \ + file://rng-tools.service \ + " +SRCREV = "e061c313b95890eb5fa0ada0cd6eec619dafdfe2" + +S = "${WORKDIR}/git" + +inherit autotools update-rc.d systemd pkgconfig + +EXTRA_OECONF = "--without-rtlsdr" + +PACKAGECONFIG ??= "libjitterentropy" +PACKAGECONFIG:libc-musl = "libargp libjitterentropy" + +PACKAGECONFIG[libargp] = "--with-libargp,--without-libargp,argp-standalone," +PACKAGECONFIG[libjitterentropy] = "--enable-jitterentropy,--disable-jitterentropy,libjitterentropy" +PACKAGECONFIG[libp11] = "--with-pkcs11,--without-pkcs11,libp11 openssl" +PACKAGECONFIG[nistbeacon] = "--with-nistbeacon,--without-nistbeacon,curl libxml2" +PACKAGECONFIG[qrypt] = "--with-qrypt,--without-qrypt,curl" + +INITSCRIPT_NAME = "rng-tools" +INITSCRIPT_PARAMS = "start 03 2 3 4 5 . stop 30 0 6 1 ." + +SYSTEMD_SERVICE:${PN} = "rng-tools.service" + +CFLAGS += " -DJENT_CONF_ENABLE_INTERNAL_TIMER " + +# Refer autogen.sh in rng-tools +do_configure:prepend() { + cp ${S}/README.md ${S}/README +} + +do_install:append() { + install -Dm 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/rng-tools + install -Dm 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/rng-tools + install -Dm 0644 ${WORKDIR}/rng-tools.service \ + ${D}${systemd_system_unitdir}/rng-tools.service + sed -i \ + -e 's,@SYSCONFDIR@,${sysconfdir},g' \ + -e 's,@SBINDIR@,${sbindir},g' \ + ${D}${sysconfdir}/init.d/rng-tools \ + ${D}${systemd_system_unitdir}/rng-tools.service + + if [ "${@bb.utils.contains('PACKAGECONFIG', 'nistbeacon', 'yes', 'no', d)}" = "yes" ]; then + sed -i \ + -e '/^IPAddressDeny=any/d' \ + -e '/^RestrictAddressFamilies=/ s/$/ AF_INET AF_INET6/' \ + ${D}${systemd_system_unitdir}/rng-tools.service + fi +} |