From: <Randy.MacLeod@windriver.com>
To: <openembedded-devel@lists.openembedded.org>
Cc: <anuj.mittal@intel.com>, <david.zuhn@sonos.com>
Subject: [PATCH] rng-tools: Revert "rng-tools: move from oe-core to meta-oe"
Date: Thu, 18 Jan 2024 12:02:18 -0500 [thread overview]
Message-ID: <20240118170218.2000699-1-Randy.MacLeod@windriver.com> (raw)
From: Randy MacLeod <Randy.MacLeod@windriver.com>
This reverts commit c076a263517e4dc52b115acc4ead8e3ddfcdded1.
Revert this commit since:
- some systems using oe-core master may still be using kernels from
before 5.6 pulled in the rng-tools algorithm, and
- some hardware platforms may not have a hardware random number generator
and could therefore need to run rngd to avoid long boot-time initialization
due to a depleted entropy pool.
so it's best to leave the recipe in oe-core.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
---
.../rng-tools/rng-tools/default | 1 -
.../recipes-support/rng-tools/rng-tools/init | 42 -----------
.../rng-tools/rng-tools/rng-tools.service | 32 ---------
.../rng-tools/rng-tools_6.16.bb | 69 -------------------
4 files changed, 144 deletions(-)
delete mode 100644 meta-oe/recipes-support/rng-tools/rng-tools/default
delete mode 100644 meta-oe/recipes-support/rng-tools/rng-tools/init
delete mode 100644 meta-oe/recipes-support/rng-tools/rng-tools/rng-tools.service
delete mode 100644 meta-oe/recipes-support/rng-tools/rng-tools_6.16.bb
diff --git a/meta-oe/recipes-support/rng-tools/rng-tools/default b/meta-oe/recipes-support/rng-tools/rng-tools/default
deleted file mode 100644
index b9f8e0363..000000000
--- a/meta-oe/recipes-support/rng-tools/rng-tools/default
+++ /dev/null
@@ -1 +0,0 @@
-EXTRA_ARGS="-r /dev/hwrng"
diff --git a/meta-oe/recipes-support/rng-tools/rng-tools/init b/meta-oe/recipes-support/rng-tools/rng-tools/init
deleted file mode 100644
index 13f0ecd37..000000000
--- a/meta-oe/recipes-support/rng-tools/rng-tools/init
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-#
-# This is an init script for openembedded
-# Copy it to @SYSCONFDIR@/init.d/rng-tools and type
-# > update-rc.d rng-tools defaults 60
-#
-
-rngd=@SBINDIR@/rngd
-test -x "$rngd" || exit 1
-
-[ -r @SYSCONFDIR@/default/rng-tools ] && . "@SYSCONFDIR@/default/rng-tools"
-
-case "$1" in
- start)
- echo -n "Starting random number generator daemon"
- start-stop-daemon -S -q -x $rngd -- $EXTRA_ARGS
- echo "."
- ;;
- stop)
- echo -n "Stopping random number generator daemon"
- start-stop-daemon -K -q -n rngd
- echo "."
- ;;
- reload|force-reload)
- echo -n "Signalling rng daemon restart"
- start-stop-daemon -K -q -s 1 -x $rngd
- start-stop-daemon -K -q -s 1 -x $rngd
- ;;
- restart)
- echo -n "Stopping random number generator daemon"
- start-stop-daemon -K -q -n rngd
- echo "."
- echo -n "Starting random number generator daemon"
- start-stop-daemon -S -q -x $rngd -- $EXTRA_ARGS
- echo "."
- ;;
- *)
- echo "Usage: @SYSCONFDIR@/init.d/rng-tools {start|stop|reload|restart|force-reload}"
- exit 1
-esac
-
-exit 0
diff --git a/meta-oe/recipes-support/rng-tools/rng-tools/rng-tools.service b/meta-oe/recipes-support/rng-tools/rng-tools/rng-tools.service
deleted file mode 100644
index 5ae2fba21..000000000
--- a/meta-oe/recipes-support/rng-tools/rng-tools/rng-tools.service
+++ /dev/null
@@ -1,32 +0,0 @@
-[Unit]
-Description=Hardware RNG Entropy Gatherer Daemon
-DefaultDependencies=no
-Conflicts=shutdown.target
-Before=sysinit.target shutdown.target
-ConditionVirtualization=!container
-
-[Service]
-EnvironmentFile=-@SYSCONFDIR@/default/rng-tools
-ExecStart=@SBINDIR@/rngd -f $EXTRA_ARGS
-CapabilityBoundingSet=CAP_SYS_ADMIN
-IPAddressDeny=any
-LockPersonality=yes
-MemoryDenyWriteExecute=yes
-NoNewPrivileges=yes
-PrivateTmp=yes
-ProtectControlGroups=yes
-ProtectHome=yes
-ProtectHostname=yes
-ProtectKernelModules=yes
-ProtectKernelLogs=yes
-ProtectSystem=strict
-RestrictAddressFamilies=AF_UNIX
-RestrictNamespaces=yes
-RestrictRealtime=yes
-RestrictSUIDSGID=yes
-SystemCallArchitectures=native
-SystemCallErrorNumber=EPERM
-SystemCallFilter=@system-service
-
-[Install]
-WantedBy=sysinit.target
diff --git a/meta-oe/recipes-support/rng-tools/rng-tools_6.16.bb b/meta-oe/recipes-support/rng-tools/rng-tools_6.16.bb
deleted file mode 100644
index f0aa3ff93..000000000
--- a/meta-oe/recipes-support/rng-tools/rng-tools_6.16.bb
+++ /dev/null
@@ -1,69 +0,0 @@
-SUMMARY = "Random number generator daemon"
-DESCRIPTION = "Check and feed random data from hardware device to kernel"
-HOMEPAGE = "https://github.com/nhorman/rng-tools"
-BUGTRACKER = "https://github.com/nhorman/rng-tools/issues"
-LICENSE = "GPL-2.0-only"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-DEPENDS = "openssl libcap"
-
-SRC_URI = "git://github.com/nhorman/rng-tools.git;branch=master;protocol=https \
- file://init \
- file://default \
- file://rng-tools.service \
- "
-SRCREV = "e061c313b95890eb5fa0ada0cd6eec619dafdfe2"
-
-S = "${WORKDIR}/git"
-
-inherit autotools update-rc.d systemd pkgconfig
-
-EXTRA_OECONF = "--without-rtlsdr"
-
-PACKAGECONFIG ??= "libjitterentropy"
-PACKAGECONFIG:libc-musl = "libargp libjitterentropy"
-
-PACKAGECONFIG[libargp] = "--with-libargp,--without-libargp,argp-standalone,"
-PACKAGECONFIG[libjitterentropy] = "--enable-jitterentropy,--disable-jitterentropy,libjitterentropy"
-PACKAGECONFIG[libp11] = "--with-pkcs11,--without-pkcs11,libp11 openssl"
-PACKAGECONFIG[nistbeacon] = "--with-nistbeacon,--without-nistbeacon,curl libxml2"
-PACKAGECONFIG[qrypt] = "--with-qrypt,--without-qrypt,curl"
-
-INITSCRIPT_PACKAGES = "${PN}-service"
-INITSCRIPT_NAME:${PN}-service = "rng-tools"
-INITSCRIPT_PARAMS:${PN}-service = "start 03 2 3 4 5 . stop 30 0 6 1 ."
-
-SYSTEMD_PACKAGES = "${PN}-service"
-SYSTEMD_SERVICE:${PN}-service = "rng-tools.service"
-
-CFLAGS += " -DJENT_CONF_ENABLE_INTERNAL_TIMER "
-
-PACKAGES =+ "${PN}-service"
-
-FILES:${PN}-service += " \
- ${sysconfdir}/init.d/rng-tools \
- ${sysconfdir}/default/rng-tools \
-"
-
-# Refer autogen.sh in rng-tools
-do_configure:prepend() {
- cp ${S}/README.md ${S}/README
-}
-
-do_install:append() {
- install -Dm 0644 ${WORKDIR}/default ${D}${sysconfdir}/default/rng-tools
- install -Dm 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/rng-tools
- install -Dm 0644 ${WORKDIR}/rng-tools.service \
- ${D}${systemd_system_unitdir}/rng-tools.service
- sed -i \
- -e 's,@SYSCONFDIR@,${sysconfdir},g' \
- -e 's,@SBINDIR@,${sbindir},g' \
- ${D}${sysconfdir}/init.d/rng-tools \
- ${D}${systemd_system_unitdir}/rng-tools.service
-
- if [ "${@bb.utils.contains('PACKAGECONFIG', 'nistbeacon', 'yes', 'no', d)}" = "yes" ]; then
- sed -i \
- -e '/^IPAddressDeny=any/d' \
- -e '/^RestrictAddressFamilies=/ s/$/ AF_INET AF_INET6/' \
- ${D}${systemd_system_unitdir}/rng-tools.service
- fi
-}
--
2.34.1
reply other threads:[~2024-01-18 17:02 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240118170218.2000699-1-Randy.MacLeod@windriver.com \
--to=randy.macleod@windriver.com \
--cc=anuj.mittal@intel.com \
--cc=david.zuhn@sonos.com \
--cc=openembedded-devel@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.