diff options
author | Julien Massot <julien.massot@iot.bzh> | 2021-02-03 16:28:37 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-02-10 23:55:53 +0000 |
commit | 36688f92e75d0147532bc9939ec18012d86c2630 (patch) | |
tree | e43d70cf8e90f4c11ec113c7c332323176a98473 | |
parent | fb3995faec26b19978554326f1739715ed63b809 (diff) | |
download | poky-36688f92e75d0147532bc9939ec18012d86c2630.tar.gz |
rng-tools: fix rngd_jitter initialization
rngd daemon may spam the console when using an older version
than 6.11.
Backport patches from https://github.com/nhorman/rng-tools/pull/99/commits
(From OE-Core rev: 28707d202e56c9fe12492e3370fb56d920560642)
Signed-off-by: Julien Massot <julien.massot@iot.bzh>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 files changed, 105 insertions, 0 deletions
diff --git a/meta/recipes-support/rng-tools/rng-tools/0001-rngd_jitter-fix-O_NONBLOCK-setting-for-entropy-pipe.patch b/meta/recipes-support/rng-tools/rng-tools/0001-rngd_jitter-fix-O_NONBLOCK-setting-for-entropy-pipe.patch new file mode 100644 index 0000000000..3b44095cf5 --- /dev/null +++ b/meta/recipes-support/rng-tools/rng-tools/0001-rngd_jitter-fix-O_NONBLOCK-setting-for-entropy-pipe.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From 6ce86cb5cf06541cd5aad70fe8494b07b22c247e Mon Sep 17 00:00:00 2001 | ||
2 | From: Matthias Schiffer <matthias.schiffer@tq-group.com> | ||
3 | Date: Wed, 27 Jan 2021 16:10:32 +0100 | ||
4 | Subject: [PATCH] rngd_jitter: fix O_NONBLOCK setting for entropy pipe | ||
5 | |||
6 | A pointer was passed to fcntl instead of the flags variable, setting | ||
7 | random flags. | ||
8 | |||
9 | Signed-off-by: Matthias Schiffer <matthias.schiffer@tq-group.com> | ||
10 | --- | ||
11 | rngd_jitter.c | 2 +- | ||
12 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
13 | |||
14 | diff --git a/rngd_jitter.c b/rngd_jitter.c | ||
15 | index 32bac53..25b3543 100644 | ||
16 | --- a/rngd_jitter.c | ||
17 | +++ b/rngd_jitter.c | ||
18 | @@ -465,7 +465,7 @@ int init_jitter_entropy_source(struct rng *ent_src) | ||
19 | |||
20 | flags = fcntl(pipefds[0], F_GETFL, 0); | ||
21 | flags |= O_NONBLOCK; | ||
22 | - fcntl(pipefds[0], F_SETFL, &flags); | ||
23 | + fcntl(pipefds[0], F_SETFL, flags); | ||
24 | |||
25 | if (ent_src->rng_options[JITTER_OPT_USE_AES].int_val) { | ||
26 | #ifdef HAVE_LIBGCRYPT | ||
diff --git a/meta/recipes-support/rng-tools/rng-tools/0002-rngd_jitter-initialize-AES-key-before-setting-the-en.patch b/meta/recipes-support/rng-tools/rng-tools/0002-rngd_jitter-initialize-AES-key-before-setting-the-en.patch new file mode 100644 index 0000000000..34f8227543 --- /dev/null +++ b/meta/recipes-support/rng-tools/rng-tools/0002-rngd_jitter-initialize-AES-key-before-setting-the-en.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | From 330c2ba14510c8103b30d5021adb18f1534031a1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Matthias Schiffer <matthias.schiffer@tq-group.com> | ||
3 | Date: Wed, 27 Jan 2021 16:18:09 +0100 | ||
4 | Subject: [PATCH] rngd_jitter: initialize AES key before setting the entropy | ||
5 | pipe to O_NONBLOCK | ||
6 | |||
7 | Signed-off-by: Matthias Schiffer <matthias.schiffer@tq-group.com> | ||
8 | --- | ||
9 | rngd_jitter.c | 9 +++++---- | ||
10 | 1 file changed, 5 insertions(+), 4 deletions(-) | ||
11 | |||
12 | diff --git a/rngd_jitter.c b/rngd_jitter.c | ||
13 | index 25b3543..48f344c 100644 | ||
14 | --- a/rngd_jitter.c | ||
15 | +++ b/rngd_jitter.c | ||
16 | @@ -463,10 +463,6 @@ int init_jitter_entropy_source(struct rng *ent_src) | ||
17 | pthread_mutex_unlock(&tdata[i].statemtx); | ||
18 | } | ||
19 | |||
20 | - flags = fcntl(pipefds[0], F_GETFL, 0); | ||
21 | - flags |= O_NONBLOCK; | ||
22 | - fcntl(pipefds[0], F_SETFL, flags); | ||
23 | - | ||
24 | if (ent_src->rng_options[JITTER_OPT_USE_AES].int_val) { | ||
25 | #ifdef HAVE_LIBGCRYPT | ||
26 | /* | ||
27 | @@ -487,6 +483,11 @@ int init_jitter_entropy_source(struct rng *ent_src) | ||
28 | ent_src->rng_options[JITTER_OPT_USE_AES].int_val = 1; | ||
29 | } | ||
30 | xread_jitter(aes_buf, tdata[0].buf_sz, ent_src); | ||
31 | + | ||
32 | + flags = fcntl(pipefds[0], F_GETFL, 0); | ||
33 | + flags |= O_NONBLOCK; | ||
34 | + fcntl(pipefds[0], F_SETFL, flags); | ||
35 | + | ||
36 | #else | ||
37 | message_entsrc(ent_src,LOG_CONS|LOG_INFO, "libgcrypt not available. Disabling AES in JITTER source\n"); | ||
38 | ent_src->rng_options[JITTER_OPT_USE_AES].int_val = 0; | ||
diff --git a/meta/recipes-support/rng-tools/rng-tools/0003-rngd_jitter-always-read-from-entropy-pipe-before-set.patch b/meta/recipes-support/rng-tools/rng-tools/0003-rngd_jitter-always-read-from-entropy-pipe-before-set.patch new file mode 100644 index 0000000000..b3bc8028ea --- /dev/null +++ b/meta/recipes-support/rng-tools/rng-tools/0003-rngd_jitter-always-read-from-entropy-pipe-before-set.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | From 36bc92ef2789b13183c8895d83665f48b13c2b9e Mon Sep 17 00:00:00 2001 | ||
2 | From: Matthias Schiffer <matthias.schiffer@tq-group.com> | ||
3 | Date: Wed, 27 Jan 2021 16:22:39 +0100 | ||
4 | Subject: [PATCH] rngd_jitter: always read from entropy pipe before setting | ||
5 | O_NONBLOCK | ||
6 | |||
7 | Even with AES disabled, we want to make sure that jent_read_entropy() has | ||
8 | already generated some entropy before we consider the the source | ||
9 | initialized. Otherwise "Entropy Generation is slow" log spam will be | ||
10 | emitteded until this has happened, which can take several seconds. | ||
11 | |||
12 | Signed-off-by: Matthias Schiffer <matthias.schiffer@tq-group.com> | ||
13 | --- | ||
14 | rngd_jitter.c | 11 +++++++++++ | ||
15 | 1 file changed, 11 insertions(+) | ||
16 | |||
17 | diff --git a/rngd_jitter.c b/rngd_jitter.c | ||
18 | index 48f344c..b736cdd 100644 | ||
19 | --- a/rngd_jitter.c | ||
20 | +++ b/rngd_jitter.c | ||
21 | @@ -492,6 +492,17 @@ int init_jitter_entropy_source(struct rng *ent_src) | ||
22 | message_entsrc(ent_src,LOG_CONS|LOG_INFO, "libgcrypt not available. Disabling AES in JITTER source\n"); | ||
23 | ent_src->rng_options[JITTER_OPT_USE_AES].int_val = 0; | ||
24 | #endif | ||
25 | + } else { | ||
26 | + /* | ||
27 | + * Make sure that an entropy gathering thread has generated | ||
28 | + * at least some entropy before setting O_NONBLOCK and finishing | ||
29 | + * the entropy source initialization. | ||
30 | + * | ||
31 | + * This avoids "Entropy Generation is slow" log spamming that | ||
32 | + * would otherwise happen until jent_read_entropy() has run | ||
33 | + * for the first time. | ||
34 | + */ | ||
35 | + xread_jitter(&i, 1, ent_src); | ||
36 | } | ||
37 | message_entsrc(ent_src,LOG_DAEMON|LOG_INFO, "Enabling JITTER rng support\n"); | ||
38 | return 0; | ||
diff --git a/meta/recipes-support/rng-tools/rng-tools_6.9.bb b/meta/recipes-support/rng-tools/rng-tools_6.9.bb index 913342c315..b8c6f022f3 100644 --- a/meta/recipes-support/rng-tools/rng-tools_6.9.bb +++ b/meta/recipes-support/rng-tools/rng-tools_6.9.bb | |||
@@ -10,6 +10,9 @@ DEPENDS = "sysfsutils" | |||
10 | 10 | ||
11 | SRC_URI = "\ | 11 | SRC_URI = "\ |
12 | git://github.com/nhorman/rng-tools.git \ | 12 | git://github.com/nhorman/rng-tools.git \ |
13 | file://0001-rngd_jitter-fix-O_NONBLOCK-setting-for-entropy-pipe.patch \ | ||
14 | file://0002-rngd_jitter-initialize-AES-key-before-setting-the-en.patch \ | ||
15 | file://0003-rngd_jitter-always-read-from-entropy-pipe-before-set.patch \ | ||
13 | file://init \ | 16 | file://init \ |
14 | file://default \ | 17 | file://default \ |
15 | file://rngd.service \ | 18 | file://rngd.service \ |