import rng-tools-6.14-6.git.b2b7934e.el8_6
This commit is contained in:
parent
d042781e48
commit
328e8810ff
@ -1 +0,0 @@
|
|||||||
SUBSYSTEM=="misc", KERNEL=="hw_random", GROUP="rngd", MODE="0640"
|
|
40
SOURCES/7-rt-change-option.patch
Normal file
40
SOURCES/7-rt-change-option.patch
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
From 6e1a11ae6df8cd6c98657a8b78761763f3ff2abd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Neil Horman <nhorman@tuxdriver.com>
|
||||||
|
Date: Mon, 28 Feb 2022 07:59:57 -0500
|
||||||
|
Subject: [PATCH 2/3] Change DARN_OPT_AES to DRNG_OPT_AES for rngd_rndr.c
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
@dermotbradley noted that we were using the wrong define for the arm
|
||||||
|
rndr instruction. Fix that up
|
||||||
|
|
||||||
|
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
|
||||||
|
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
|
||||||
|
---
|
||||||
|
rngd_rndr.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git rngd_rndr.c rngd_rndr.c
|
||||||
|
index 79bf2ce..fa1eaa9 100644
|
||||||
|
--- rngd_rndr.c
|
||||||
|
+++ rngd_rndr.c
|
||||||
|
@@ -171,7 +171,7 @@ static int fill_from_rndr(void *buf, size_t size)
|
||||||
|
|
||||||
|
int xread_rndr(void *buf, size_t size, struct rng *ent_src)
|
||||||
|
{
|
||||||
|
- if (ent_src->rng_options[DARN_OPT_AES].int_val)
|
||||||
|
+ if (ent_src->rng_options[DRNG_OPT_AES].int_val)
|
||||||
|
return fill_from_aes(ent_src, buf, size);
|
||||||
|
else
|
||||||
|
return fill_from_rndr(buf, size);
|
||||||
|
@@ -187,7 +187,7 @@ int init_rndr_entropy_source(struct rng *ent_src)
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
message_entsrc(ent_src,LOG_DAEMON|LOG_INFO, "Enabling aarch64 RNDR rng support\n");
|
||||||
|
- if (ent_src->rng_options[DARN_OPT_AES].int_val && init_openssl(ent_src))
|
||||||
|
+ if (ent_src->rng_options[DRNG_OPT_AES].int_val && init_openssl(ent_src))
|
||||||
|
return 1;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
32
SOURCES/8-rt-adjust-detection.patch
Normal file
32
SOURCES/8-rt-adjust-detection.patch
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
From e2698477e8abf623c18ab28d33cc894ec882a706 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Neil Horman <neil.horman@privafy.com>
|
||||||
|
Date: Fri, 18 Mar 2022 18:59:52 -0400
|
||||||
|
Subject: [PATCH 3/3] Adjust jitterentropy detection to look for the settick
|
||||||
|
function
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
Theres no great way to detect if jitterentropy has the internal timer
|
||||||
|
feature enabled so we have to look for a function that is only defined
|
||||||
|
when it is enabled
|
||||||
|
|
||||||
|
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
|
||||||
|
---
|
||||||
|
configure.ac | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git configure.ac configure.ac
|
||||||
|
index e16e1a0..0f5a38e 100644
|
||||||
|
--- configure.ac
|
||||||
|
+++ configure.ac
|
||||||
|
@@ -94,7 +94,7 @@ AS_IF(
|
||||||
|
AC_SEARCH_LIBS(jent_version,jitterentropy,
|
||||||
|
[AM_CONDITIONAL([JITTER], [true])
|
||||||
|
AC_DEFINE([HAVE_JITTER],1,[Enable JITTER])
|
||||||
|
- AC_CHECK_LIB(jitterentropy, jent_entropy_switch_notime_impl,
|
||||||
|
+ AC_CHECK_LIB(jitterentropy, jent_notime_settick,
|
||||||
|
[AC_DEFINE([HAVE_JITTER_NOTIME],1,[Enable JITTER_NOTIME])],
|
||||||
|
[],-lpthread)],
|
||||||
|
AC_MSG_NOTICE([No Jitterentropy library found]),-lpthread)
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
53
SOURCES/9-rt-drop-unused-variables.patch
Normal file
53
SOURCES/9-rt-drop-unused-variables.patch
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
From 370e252c6caedf561c832fa19b20abb7e249b326 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Vladis Dronov <vdronov@redhat.com>
|
||||||
|
Date: Fri, 25 Mar 2022 12:41:45 +0100
|
||||||
|
Subject: [PATCH] Drop unused variables
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
And brush up code a bit. Unused variables are reported by gcc as:
|
||||||
|
|
||||||
|
rngd_darn.c: In function 'init_openssl':
|
||||||
|
rngd_darn.c:68:13: warning: unused variable 'i' [-Wunused-variable]
|
||||||
|
68 | int i;
|
||||||
|
rngd_darn.c: In function 'xread_darn':
|
||||||
|
rngd_darn.c:163:19: warning: unused variable 'darn_ptr' [-Wunused-variable]
|
||||||
|
163 | uint64_t *darn_ptr =(uint64_t *)buf;
|
||||||
|
|
||||||
|
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
|
||||||
|
---
|
||||||
|
rngd_darn.c | 5 +----
|
||||||
|
1 file changed, 1 insertion(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git rngd_darn.c rngd_darn.c
|
||||||
|
index 5254195..7b26cbe 100644
|
||||||
|
--- rngd_darn.c
|
||||||
|
+++ rngd_darn.c
|
||||||
|
@@ -65,7 +65,6 @@ static size_t rand_bytes_served = 0;
|
||||||
|
static int init_openssl(struct rng *ent_src)
|
||||||
|
{
|
||||||
|
uint64_t darn_val;
|
||||||
|
- int i;
|
||||||
|
|
||||||
|
ossl_aes_random_key(key, NULL);
|
||||||
|
|
||||||
|
@@ -140,8 +139,7 @@ static size_t copy_avail_rand_to_buf(unsigned char *buf, size_t size, size_t cop
|
||||||
|
*/
|
||||||
|
static uint64_t get_darn()
|
||||||
|
{
|
||||||
|
- uint64_t darn_val;
|
||||||
|
- darn_val = 0;
|
||||||
|
+ uint64_t darn_val = 0;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -160,7 +158,6 @@ static uint64_t get_darn()
|
||||||
|
|
||||||
|
int xread_darn(void *buf, size_t size, struct rng *ent_src)
|
||||||
|
{
|
||||||
|
- uint64_t *darn_ptr =(uint64_t *)buf;
|
||||||
|
size_t copied = 0;
|
||||||
|
|
||||||
|
while (copied < size) {
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
@ -1,14 +1,15 @@
|
|||||||
|
# This unit is needed to run rngd as a non-privileged user.
|
||||||
|
# It performs a system set up which requires privileges.
|
||||||
|
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Hardware RNG Entropy Gatherer Wake threshold service
|
Description=Hardware RNG Entropy Gatherer Wake threshold service
|
||||||
ConditionVirtualization=!container
|
ConditionVirtualization=!container
|
||||||
Before=rngd.service
|
Before=rngd.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
CapabilityBoundingSet=CAP_SYS_ADMIN
|
|
||||||
AmbientCapabilities=CAP_SYS_ADMIN
|
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
ExecStart=/bin/sh -c "PSIZE=$(cat /proc/sys/kernel/random/poolsize); let THRESH=$PSIZE*3/4; echo $THRESH>/proc/sys/kernel/random/write_wakeup_threshold; udevadm trigger --sysname-match=hw_random --settle"
|
ExecStart=/bin/sh -c "PSIZE=$(cat /proc/sys/kernel/random/poolsize); let THRESH=$PSIZE*3/4; echo $THRESH>/proc/sys/kernel/random/write_wakeup_threshold; if [ -e /dev/hwrng ]; then chmod 0640 /dev/hwrng; chgrp rngd /dev/hwrng; fi"
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=sysinit.target
|
WantedBy=sysinit.target
|
||||||
|
@ -3,16 +3,15 @@
|
|||||||
Summary: Random number generator related utilities
|
Summary: Random number generator related utilities
|
||||||
Name: rng-tools
|
Name: rng-tools
|
||||||
Version: 6.14
|
Version: 6.14
|
||||||
Release: 4.git.b2b7934e%{?dist}
|
Release: 6.git.b2b7934e%{?dist}
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: https://github.com/nhorman/rng-tools
|
URL: https://github.com/nhorman/rng-tools
|
||||||
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
||||||
Source1: rngd.service
|
Source1: rngd.service
|
||||||
Source2: rngd-wake-threshold.service
|
Source2: rngd-wake-threshold.service
|
||||||
Source3: 60-hwrng.rules
|
Source3: rngd.sysconfig
|
||||||
Source4: jitterentropy-library-3.3.1.tar.gz
|
Source4: jitterentropy-library-3.3.1.tar.gz
|
||||||
Source5: rngd.sysconfig
|
|
||||||
|
|
||||||
Patch0: 1-je-rh-makefile.patch
|
Patch0: 1-je-rh-makefile.patch
|
||||||
Patch1: 2-je-remove-install.patch
|
Patch1: 2-je-remove-install.patch
|
||||||
@ -20,18 +19,17 @@ Patch2: 3-rt-use-jitter-static.patch
|
|||||||
Patch3: 4-rt-revert-build-randstat.patch
|
Patch3: 4-rt-revert-build-randstat.patch
|
||||||
Patch4: 5-rt-comment-out-have-aesni.patch
|
Patch4: 5-rt-comment-out-have-aesni.patch
|
||||||
Patch5: 6-je-fix-ec-check.patch
|
Patch5: 6-je-fix-ec-check.patch
|
||||||
|
Patch6: 7-rt-change-option.patch
|
||||||
|
Patch7: 8-rt-adjust-detection.patch
|
||||||
|
Patch8: 9-rt-drop-unused-variables.patch
|
||||||
|
|
||||||
BuildRequires: gcc make
|
BuildRequires: gcc make binutils
|
||||||
BuildRequires: gettext
|
BuildRequires: gettext
|
||||||
#BuildRequires: systemd-units
|
|
||||||
BuildRequires: systemd systemd-rpm-macros
|
BuildRequires: systemd systemd-rpm-macros
|
||||||
BuildRequires: autoconf automake
|
BuildRequires: autoconf automake
|
||||||
BuildRequires: libgcrypt-devel libcurl-devel
|
BuildRequires: libgcrypt-devel libcurl-devel
|
||||||
BuildRequires: libsysfs-devel jansson-devel
|
|
||||||
BuildRequires: libxml2-devel openssl-devel
|
BuildRequires: libxml2-devel openssl-devel
|
||||||
#Requires(post): systemd-units
|
BuildRequires: jansson-devel
|
||||||
#Requires(preun): systemd-units
|
|
||||||
#Requires(postun): systemd-units
|
|
||||||
Requires(post): systemd
|
Requires(post): systemd
|
||||||
Requires(preun): systemd
|
Requires(preun): systemd
|
||||||
Requires(postun): systemd
|
Requires(postun): systemd
|
||||||
@ -52,6 +50,9 @@ mv jitterentropy-library-3.3.1 jitterentropy-library
|
|||||||
%patch3 -p0
|
%patch3 -p0
|
||||||
%patch4 -p0
|
%patch4 -p0
|
||||||
%patch5 -p0
|
%patch5 -p0
|
||||||
|
%patch6 -p0
|
||||||
|
%patch7 -p0
|
||||||
|
%patch8 -p0
|
||||||
|
|
||||||
%build
|
%build
|
||||||
./autogen.sh
|
./autogen.sh
|
||||||
@ -61,15 +62,15 @@ mv jitterentropy-library-3.3.1 jitterentropy-library
|
|||||||
%install
|
%install
|
||||||
%make_install
|
%make_install
|
||||||
|
|
||||||
# install systemd unit file and udev rules
|
# install systemd unit files
|
||||||
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE1}
|
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE1}
|
||||||
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE2}
|
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE2}
|
||||||
install -Dt %{buildroot}%{_udevrulesdir} -m0644 %{SOURCE3}
|
|
||||||
# install sysconfig file
|
# install sysconfig file
|
||||||
install -D %{SOURCE5} -m0644 %{buildroot}%{_sysconfdir}/sysconfig/rngd
|
install -D %{SOURCE3} -m0644 %{buildroot}%{_sysconfdir}/sysconfig/rngd
|
||||||
|
|
||||||
%pre
|
%pre
|
||||||
getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s /sbin/nologin -c "Random Number Generator Daemon" rngd
|
getent group rngd >/dev/null || groupadd -f -r rngd
|
||||||
|
getent passwd rngd >/dev/null || useradd -r -g rngd -M -d / -s /sbin/nologin -c "Random Number Generator Daemon" rngd
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%systemd_post rngd.service rngd-wake-threshold.service
|
%systemd_post rngd.service rngd-wake-threshold.service
|
||||||
@ -80,6 +81,7 @@ getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s
|
|||||||
|
|
||||||
%postun
|
%postun
|
||||||
%systemd_postun_with_restart rngd.service rngd-wake-threshold.service
|
%systemd_postun_with_restart rngd.service rngd-wake-threshold.service
|
||||||
|
getent passwd rngd >/dev/null && userdel rngd
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%{!?_licensedir:%global license %%doc}
|
%{!?_licensedir:%global license %%doc}
|
||||||
@ -91,10 +93,17 @@ getent passwd rngd >/dev/null || useradd -r -M -d %{_localstatedir}/lib/rngd -s
|
|||||||
%{_mandir}/man8/rngd.8.*
|
%{_mandir}/man8/rngd.8.*
|
||||||
%attr(0644,root,root) %{_unitdir}/rngd.service
|
%attr(0644,root,root) %{_unitdir}/rngd.service
|
||||||
%attr(0644,root,root) %{_unitdir}/rngd-wake-threshold.service
|
%attr(0644,root,root) %{_unitdir}/rngd-wake-threshold.service
|
||||||
%attr(0644,root,root) %{_udevrulesdir}/60-hwrng.rules
|
|
||||||
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rngd
|
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rngd
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Apr 28 2022 Vladis Dronov <vdronov@redhat.com> - 6.14-6.git.b2b7934e
|
||||||
|
- Fix a missing rngd group issue (bz2079377)
|
||||||
|
|
||||||
|
* Thu Apr 21 2022 Vladis Dronov <vdronov@redhat.com> - 6.14-5.git.b2b7934e
|
||||||
|
- Fix udevadm issues on systems lacking it (bz 2057030)
|
||||||
|
- Fix a missing working directory issue (bz 2053160)
|
||||||
|
- Add some upstream patches
|
||||||
|
|
||||||
* Mon Nov 22 2021 Vladis Dronov <vdronov@redhat.com> - 6.14-4.git.b2b7934e
|
* Mon Nov 22 2021 Vladis Dronov <vdronov@redhat.com> - 6.14-4.git.b2b7934e
|
||||||
- Update rng-tools to v6.14 @ b2b7934e (bz 2015570)
|
- Update rng-tools to v6.14 @ b2b7934e (bz 2015570)
|
||||||
- Update jitterentropy library to v3.3.1 @ 887c9871
|
- Update jitterentropy library to v3.3.1 @ 887c9871
|
||||||
|
Loading…
Reference in New Issue
Block a user