| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rngd needs to start after `systemd-udev-settle` in order for the kernel
modules of the random source hardware to be loaded before it is started.
However, since the `rngd.service` does not require or want
`systemd-udev-settle.service` it might not be scheduled for start and
the `After=systemd-udev-settle.service` there has no effect.
Adding `Wants=systemd-udev-settle.service` provides a weak requirement
to it, so that the `rngd` is started after it, if possible.
(From OE-Core rev: e9715d4234eb7b45dee8b323799014646f0a1b07)
Signed-off-by: Claudius Heine <ch@denx.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 28b3d8c01966d16f8ab8d61beaf9527f987f1ec6)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Remove backported patches.
(From OE-Core rev: bcb0895c41ca97fdf1d53d8368ff46d5968cdc4a)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Debug logs were only controlled by --debug flag while in --foreground mode.
In --daemon mode (the default for us) /var/log/message got stuffed with
details of entropy pool refilling, which is useless in production, and
hamful when log rotation then gets rid of the more useful logs.
This change makes the two modes consistently only produce debug logs when
--debug is specified.
(From OE-Core rev: 914526868656fd279b13ba8e4d721d27cb2a8792)
Signed-off-by: Yann Dirson <yann@blade-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
| |
(From OE-Core rev: 368405e33a3db97a85cfd4cb06cb5a105b924d3e)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Whilst rngd has to run as root, we can significantly constrain its
permissions (network is only required if nistbeacon is enabled).
(From OE-Core rev: 3ed70b755d0b60e61e0871f8b0cca2e2ab5e13f9)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
rngd.service has a constraint of Before=sysinit.target, installing as
part of multi-user.target is an odd choice as unless it's pulled in by a
different dependency, an other target would not start it.
(From OE-Core rev: eeb1e236dab087b7565dbbf6979e2b4c03e56e91)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It do make sense to start rngd early in the boot process because
otherwise we would need to track every service that might need entropy
and explicitly configure it to start after rngd.
When used with systemd rngd blocked the shutdown process because it
simply missed the proper unit configuration. As the systemd
documentation explains, when using DefaultDependencies=no one also
have to explicitly configure the unit to properly stop at some point.
This is normaly achieved by having Before=shutdown.target and
Conflicts=shutdown.target set for the unit.
To have rngd started early again we reverte the changes done to
rngd.service in commit edf7606822 (rng-tools: fix rngd blocks system
shutdown). To have it properly stopped on shutdown we also add
Before=shutdown.target and Conflicts=shutdown.target.
(From OE-Core rev: a74e7df33e2c8ab2152e3217c0a5df3f65971713)
Signed-off-by: Alban Bedel <alban.bedel@aerq.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix-rngd-fail-to-stop.patch is added to fix rngd blocks system shutdown
issue. But it causes rngd doesn't release CPU and causes 100% CPU
usage, so drop it.
The block shutdown issue is caused by comit [7cb64b9fe1 rng-tools: start
earlier in the boot process] which updated rngd.service. Revert the
modification of rngd.service.
Update sed expressions in do_install as well which fails to replace
second match in one line.
(From OE-Core rev: edf760682270de36850407c860bea5aea29e30bc)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade rng-tools from 6.6 to latest commit 9fc873c which 26 commits
beyond release 6.7:
$ git describe 9fc873c5af0e39263
v6.7-26-g9fc873c
Because it includes some critical fixes such as configure fails and
'Import yocto fixes for 6.6'.
* remove local patches that all are merged by upstream
* backport patch to fix rngd fails to stop issue
* add PACKAGECONFIG libp11
(From OE-Core rev: 3e09c8b5b6517da97a9ec0ce5deb4ba1b066d19b)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
this commit will permit to read the option from
/etc/default/rng-tools both from systemd and sysvinit unit file.
(From OE-Core rev: 16ced1a253c74c01ca414db2f1a010c083213b91)
Signed-off-by: Nicola Lunghi <nick83ola@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
- Fix typo of `--disable-jitterntropy' in both of PACKAGECONFIG and configure --help
- Enable jitterntropy for musl
(From OE-Core rev: c3b96aaa40413d66d8fc4252235e6fa27dd8db53)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update SRC_URI, previously upstream is dead, latest update is 2014
- Drop read_error_msg.patch
- Rework do_configure and do_compile
- Enable jitterentropy
License-Update: Upstream changed, but license is still gplv2
(From OE-Core rev: 0d5fb24babec69b653f582acdf47fa22fcdeed2e)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Since commit [f1dc9ac rng-tools: Fix crazy defaults] fixed
init based on sysvinit, this fix rngd.service based on systemd.
(From OE-Core rev: 078630b7bf8599ea2b3717ce33d2da0f7f26b0e2)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Entropy is needed earlier in the boot process in some cases, for example
connman can require it, and rgd doesn't require much, so move it earlier
in the boot process, 03 for sysvinit, and before sysinit for systemd.
(From OE-Core rev: 31c9b42aaeef3ad66e05e51b8209e87f2a22f091)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Expand messages output if entropy data cannot
be read.
(From OE-Core rev: 23cf9be2065d6ea01f6d10cbed64a590c31e5bfc)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Feeding the output of /dev/urandom into /dev/random is pretty much insane
and not something we should encourage.
I can't really imagine a scenario where this would be a sensible idea since
/dev/urandom if effectively derived from /dev/random.
This changes the tool to default to /dev/hwrng which makes much more sense,
feeding hardware entropy into the random pool. In the QEMU case, this will
feed entropy from the host into the guests which is also what we want.
Yes, this change will cause rngd not to start if /dev/hwrng isn't present,
but it isn't needed if that isn't so I don't see this as a bad thing.
(https://wiki.archlinux.org/index.php/Rng-tools has a section in red which
agrees with the above, "this is a really bad idea, since you are simple
filling the kernel entropy pool with entropy coming from the kernel itself!")
(From OE-Core rev: f1dc9ac46710814c27cae2d22e79c84a9522993a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
Add systemd service file for rng-tools.
(From OE-Core rev: d374897100ae756df72677d47c9c70c7fefca192)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
| |
This adds or fixes the Upstream-Status for all remaining patches missing it
in OE-Core.
(From OE-Core rev: 563cab8e823c3fde8ae4785ceaf4d68a5d3e25df)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
Fix a variety of spelling and format mistakes to improve the ease of reading the
tags programatically.
(From OE-Core rev: 6e1aaf80b0d951b48cd25cb7161ec19448295094)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
uclibc support was removed a while ago and musl works much better. Start to
remove the various overrides and patches related to uclibc which are no longer
needed.
uclibc support in a layer would still be possible. I have strong reasons to
believe nobody is still using uclibc since patches are missing and I doubt
the metadata even parses anymore.
(From OE-Core rev: 653704e9cf325cb494eb23facca19e9f05132ffd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When testing core-image-sato with hardening flags, it fails with
SIGSEGV in libc.so during relocation time
This is due to relocations in .text [textrel]
build QA points it out clearly during qemux86 build as well
AssertionError: 2 != 0 : Log: /mnt/a/oe/build/tmp/work/qemux86-bec-linux-musl/core-image-sato/1.0-r0/dmesg_output.log
-----------------------
Central error: [ 19.043597] rngd[525]: segfault at 80098bb7 ip b77b14fc sp bfe9b380 error 7 in libc.so[b774c000+97000]
(From OE-Core rev: 5770cd5bee1c9ad3025435426361f0e407d43ef8)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Uclibc has its own argp implemented as libuargp. So, we add a new
option --enable-uclibc to select it.
(From OE-Core rev: 0bbbc0b377e4fd9a788f5aa7688afa5516e263dd)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
| |
The underquoted m4 caused build failures if libgcrypt wasn't present. The floating
dependency on libgcrypt was just plain incorrect, particularly given the incorrect
libgcrypt RDEPENDS. Change to use PACKAGECONFIG an default to on.
(From OE-Core rev: 17b3044d7508a921916da4979ff8bfbab1e206ce)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
musl doesn't provide argp, so we need argp-standalone, as we do for uclibc.
Rather than passing in -largp via the recipe, patch the configure script to
provide an argument for the libargp usage and check for it when needed, and
use PACKAGECONFIG. The initial patch to check for libargp and use it if
available came from Gentoo. The patches are kept separate despite the second
modifying what the first does, in order to keep the history/origin clear.
(From OE-Core rev: 94ecc846f9b33fcec039936643c49728eedfefb7)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
Adding this recipe to oe-core will allow it to be used by qemu to
provide a way to generate additional entropy needed to fix hangs
with getrandom().
Additional kernel config options have already been added to the
default qemu kernel configs.
[YOCTO #8681]
[YOCOT #8816]
(From OE-Core rev: 030bc0b2f9636f5cacef29c939b323569cd5673f)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
