From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH] haveged: add entropy daemon
Date: Fri, 30 Jun 2017 14:16:07 +0200 [thread overview]
Message-ID: <20170630121607.sgwh5z7njnhaliid@pengutronix.de> (raw)
In-Reply-To: <20170630071917.GF27745@falbala.home.lespocky.de>
On Fri, Jun 30, 2017 at 09:19:18AM +0200, Alexander Dahl wrote:
> Hei hei,
>
> tested this without systemd on top of a recent ptxdist 2017.06.0 based
> BSP with the sysv init script from buildroot. The usual 'random: crng
> init done' message on the serial konsole comes a lot earlier now, so I
> guess it works. ;-)
>
> Besides: is there any way to have this random generator stuff
> certainly ready before generating dropbear keys (rc-once)?
I think /dev/random and getrandom() can block until then. Something could
be built on top of that. However you need to be careful: This may block a
very long time on an idle embedded system.
Michael
> Greets
> Alex
>
> Tested-by: Alexander Dahl <post@lespocky.de>
>
> On Thu, Jun 29, 2017 at 11:49:26PM +0200, Robert Schwebel wrote:
> > Add the haveged package.
> >
> > Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
> > ---
> > ....ac-fix-handling-for-enable-clock_gettime.patch | 26 ++++++++
> > .../0002-init-fix-path-for-systemd-unit-dir.patch | 24 +++++++
> > ...nstallation-of-systemd-unit-file-DESTDIR-.patch | 28 ++++++++
> > ...akefile.am-create-nonexisting-directories.patch | 31 +++++++++
> > ...file.am-do-not-call-systemd-during-compil.patch | 29 +++++++++
> > patches/haveged-1.9.1/autogen.sh | 1 +
> > patches/haveged-1.9.1/series | 8 +++
> > rules/haveged.in | 7 ++
> > rules/haveged.make | 76 ++++++++++++++++++++++
> > 9 files changed, 230 insertions(+)
> > create mode 100644 patches/haveged-1.9.1/0001-configure.ac-fix-handling-for-enable-clock_gettime.patch
> > create mode 100644 patches/haveged-1.9.1/0002-init-fix-path-for-systemd-unit-dir.patch
> > create mode 100644 patches/haveged-1.9.1/0003-init-make-installation-of-systemd-unit-file-DESTDIR-.patch
> > create mode 100644 patches/haveged-1.9.1/0004-init.d-Makefile.am-create-nonexisting-directories.patch
> > create mode 100644 patches/haveged-1.9.1/0005-init.d-Makefile.am-do-not-call-systemd-during-compil.patch
> > create mode 120000 patches/haveged-1.9.1/autogen.sh
> > create mode 100644 patches/haveged-1.9.1/series
> > create mode 100644 rules/haveged.in
> > create mode 100644 rules/haveged.make
> >
> > diff --git a/patches/haveged-1.9.1/0001-configure.ac-fix-handling-for-enable-clock_gettime.patch b/patches/haveged-1.9.1/0001-configure.ac-fix-handling-for-enable-clock_gettime.patch
> > new file mode 100644
> > index 000000000..20a34b466
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/0001-configure.ac-fix-handling-for-enable-clock_gettime.patch
> > @@ -0,0 +1,26 @@
> > +From: Robert Schwebel <r.schwebel@pengutronix.de>
> > +Date: Thu, 29 Jun 2017 22:30:34 +0200
> > +Subject: [PATCH] configure.ac: fix handling for --enable-clock_gettime
> > +
> > +The logic for this configure option is broken; on ARM, we fall into the
> > +*) path and the logic decides that this option is not set, no matter if
> > +we set it or not.
> > +
> > +Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
> > +---
> > + configure.ac | 2 ++
> > + 1 file changed, 2 insertions(+)
> > +
> > +diff --git a/configure.ac b/configure.ac
> > +index f8d76c106014..e4f17a80d876 100644
> > +--- a/configure.ac
> > ++++ b/configure.ac
> > +@@ -175,6 +175,8 @@ case "$host" in
> > + *)
> > + if test "x$enable_clock_gettime" = "xx"; then
> > + enable_clock_gettime="yes"
> > ++ elif test "x$enable_clock_gettime" = "xyes"; then
> > ++ enable_clock_gettime="yes"
> > + else
> > + AC_MSG_ERROR([no timer source for host :"$host".])
> > + fi
> > diff --git a/patches/haveged-1.9.1/0002-init-fix-path-for-systemd-unit-dir.patch b/patches/haveged-1.9.1/0002-init-fix-path-for-systemd-unit-dir.patch
> > new file mode 100644
> > index 000000000..6ae95fbb5
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/0002-init-fix-path-for-systemd-unit-dir.patch
> > @@ -0,0 +1,24 @@
> > +From: Robert Schwebel <r.schwebel@pengutronix.de>
> > +Date: Thu, 29 Jun 2017 22:53:16 +0200
> > +Subject: [PATCH] init: fix path for systemd unit dir
> > +
> > +This branch was obviously not tested.
> > +
> > +Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
> > +---
> > + init.d/Makefile.am | 2 +-
> > + 1 file changed, 1 insertion(+), 1 deletion(-)
> > +
> > +diff --git a/init.d/Makefile.am b/init.d/Makefile.am
> > +index ca3ad1c1e854..bf86773176a6 100644
> > +--- a/init.d/Makefile.am
> > ++++ b/init.d/Makefile.am
> > +@@ -37,7 +37,7 @@ install-data-hook:
> > + if ENABLE_SYSTEMD_LOOKUP
> > + install -p -m644 haveged.service `pkg-config --variable=systemdsystemunitdir systemd`/haveged.service;
> > + else
> > +- install -p -m644 haveged.service ($unit_dir)/haveged.service;
> > ++ install -p -m644 haveged.service $(unit_dir)/haveged.service;
> > + endif
> > + systemctl enable haveged.service;
> > +
> > diff --git a/patches/haveged-1.9.1/0003-init-make-installation-of-systemd-unit-file-DESTDIR-.patch b/patches/haveged-1.9.1/0003-init-make-installation-of-systemd-unit-file-DESTDIR-.patch
> > new file mode 100644
> > index 000000000..5a536871a
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/0003-init-make-installation-of-systemd-unit-file-DESTDIR-.patch
> > @@ -0,0 +1,28 @@
> > +From: Robert Schwebel <r.schwebel@pengutronix.de>
> > +Date: Thu, 29 Jun 2017 22:54:11 +0200
> > +Subject: [PATCH] init: make installation of systemd unit file DESTDIR aware
> > +
> > +The installation currently does not care about a DESTDIR, which is
> > +imporant when cross compiling.
> > +
> > +Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
> > +---
> > + init.d/Makefile.am | 4 ++--
> > + 1 file changed, 2 insertions(+), 2 deletions(-)
> > +
> > +diff --git a/init.d/Makefile.am b/init.d/Makefile.am
> > +index bf86773176a6..2f92cb7fdde4 100644
> > +--- a/init.d/Makefile.am
> > ++++ b/init.d/Makefile.am
> > +@@ -35,9 +35,9 @@ install-exec-hook:
> > +
> > + install-data-hook:
> > + if ENABLE_SYSTEMD_LOOKUP
> > +- install -p -m644 haveged.service `pkg-config --variable=systemdsystemunitdir systemd`/haveged.service;
> > ++ install -p -m644 haveged.service $(DESTDIR)`pkg-config --variable=systemdsystemunitdir systemd`/haveged.service;
> > + else
> > +- install -p -m644 haveged.service $(unit_dir)/haveged.service;
> > ++ install -p -m644 haveged.service $(DESTDIR)$(unit_dir)/haveged.service;
> > + endif
> > + systemctl enable haveged.service;
> > +
> > diff --git a/patches/haveged-1.9.1/0004-init.d-Makefile.am-create-nonexisting-directories.patch b/patches/haveged-1.9.1/0004-init.d-Makefile.am-create-nonexisting-directories.patch
> > new file mode 100644
> > index 000000000..6f693b000
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/0004-init.d-Makefile.am-create-nonexisting-directories.patch
> > @@ -0,0 +1,31 @@
> > +From: Robert Schwebel <r.schwebel@pengutronix.de>
> > +Date: Thu, 29 Jun 2017 22:59:46 +0200
> > +Subject: [PATCH] init.d/Makefile.am: create nonexisting directories
> > +
> > +install can't assume that all leading directories do already exist.
> > +While this will in most cases be true on normal desktop/server
> > +distributions, cross build systems or systems that build single packages
> > +will build into a fresh hierarchy. Add -D to install, in order to create
> > +the leading directories.
> > +
> > +Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
> > +---
> > + init.d/Makefile.am | 4 ++--
> > + 1 file changed, 2 insertions(+), 2 deletions(-)
> > +
> > +diff --git a/init.d/Makefile.am b/init.d/Makefile.am
> > +index 2f92cb7fdde4..4a6e551f0b51 100644
> > +--- a/init.d/Makefile.am
> > ++++ b/init.d/Makefile.am
> > +@@ -35,9 +35,9 @@ install-exec-hook:
> > +
> > + install-data-hook:
> > + if ENABLE_SYSTEMD_LOOKUP
> > +- install -p -m644 haveged.service $(DESTDIR)`pkg-config --variable=systemdsystemunitdir systemd`/haveged.service;
> > ++ install -p -D -m644 haveged.service $(DESTDIR)`pkg-config --variable=systemdsystemunitdir systemd`/haveged.service;
> > + else
> > +- install -p -m644 haveged.service $(DESTDIR)$(unit_dir)/haveged.service;
> > ++ install -p -D -m644 haveged.service $(DESTDIR)$(unit_dir)/haveged.service;
> > + endif
> > + systemctl enable haveged.service;
> > +
> > diff --git a/patches/haveged-1.9.1/0005-init.d-Makefile.am-do-not-call-systemd-during-compil.patch b/patches/haveged-1.9.1/0005-init.d-Makefile.am-do-not-call-systemd-during-compil.patch
> > new file mode 100644
> > index 000000000..359708a18
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/0005-init.d-Makefile.am-do-not-call-systemd-during-compil.patch
> > @@ -0,0 +1,29 @@
> > +From: Robert Schwebel <r.schwebel@pengutronix.de>
> > +Date: Thu, 29 Jun 2017 23:03:06 +0200
> > +Subject: [PATCH] init.d/Makefile.am: do not call systemd during compilation
> > +
> > +Remove systemd call: we can not assume that the user is allowed to do
> > +so: he might not if he compiles the software as non-root.
> > +
> > +When cross-compiling, the intended systemd might not even run on the
> > +same hardware.
> > +
> > +We better leave the decision whether or not to call systemd to the
> > +administrator.
> > +
> > +Signed-off-by: Robert Schwebel <r.schwebel@pengutronix.de>
> > +---
> > + init.d/Makefile.am | 2 --
> > + 1 file changed, 2 deletions(-)
> > +
> > +diff --git a/init.d/Makefile.am b/init.d/Makefile.am
> > +index 4a6e551f0b51..efb01e3c8aab 100644
> > +--- a/init.d/Makefile.am
> > ++++ b/init.d/Makefile.am
> > +@@ -39,6 +39,4 @@ if ENABLE_SYSTEMD_LOOKUP
> > + else
> > + install -p -D -m644 haveged.service $(DESTDIR)$(unit_dir)/haveged.service;
> > + endif
> > +- systemctl enable haveged.service;
> > +-
> > + endif
> > diff --git a/patches/haveged-1.9.1/autogen.sh b/patches/haveged-1.9.1/autogen.sh
> > new file mode 120000
> > index 000000000..9f8a4cb7d
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/autogen.sh
> > @@ -0,0 +1 @@
> > +../autogen.sh
> > \ No newline at end of file
> > diff --git a/patches/haveged-1.9.1/series b/patches/haveged-1.9.1/series
> > new file mode 100644
> > index 000000000..0e24f4d6b
> > --- /dev/null
> > +++ b/patches/haveged-1.9.1/series
> > @@ -0,0 +1,8 @@
> > +# generated by git-ptx-patches
> > +#tag:base --start-number 1
> > +0001-configure.ac-fix-handling-for-enable-clock_gettime.patch
> > +0002-init-fix-path-for-systemd-unit-dir.patch
> > +0003-init-make-installation-of-systemd-unit-file-DESTDIR-.patch
> > +0004-init.d-Makefile.am-create-nonexisting-directories.patch
> > +0005-init.d-Makefile.am-do-not-call-systemd-during-compil.patch
> > +# d6dc334689ded00c3e697eb3fe83b57a - git-ptx-patches magic
> > diff --git a/rules/haveged.in b/rules/haveged.in
> > new file mode 100644
> > index 000000000..9a8a59702
> > --- /dev/null
> > +++ b/rules/haveged.in
> > @@ -0,0 +1,7 @@
> > +## SECTION=networking
> > +
> > +config HAVEGED
> > + tristate
> > + prompt "haveged"
> > + help
> > + haveged is a simple entropy daemon
> > diff --git a/rules/haveged.make b/rules/haveged.make
> > new file mode 100644
> > index 000000000..0ef3559e6
> > --- /dev/null
> > +++ b/rules/haveged.make
> > @@ -0,0 +1,76 @@
> > +# -*-makefile-*-
> > +#
> > +# Copyright (C) 2017 by Robert Schwebel <r.schwebel@pengutronix.de>
> > +#
> > +# See CREDITS for details about who has contributed to this project.
> > +#
> > +# For further information about the PTXdist project and license conditions
> > +# see the README file.
> > +#
> > +
> > +#
> > +# We provide this package
> > +#
> > +PACKAGES-$(PTXCONF_HAVEGED) += haveged
> > +
> > +#
> > +# Paths and names
> > +#
> > +HAVEGED_VERSION := 1.9.1
> > +HAVEGED_MD5 := 015ff58cd10607db0e0de60aeca2f5f8
> > +HAVEGED := haveged-$(HAVEGED_VERSION)
> > +HAVEGED_SUFFIX := tar.gz
> > +HAVEGED_URL := http://www.issihosts.com/haveged/$(HAVEGED).$(HAVEGED_SUFFIX)
> > +HAVEGED_SOURCE := $(SRCDIR)/$(HAVEGED).$(HAVEGED_SUFFIX)
> > +HAVEGED_DIR := $(BUILDDIR)/$(HAVEGED)
> > +HAVEGED_LICENSE := GPL-3.0
> > +
> > +# ----------------------------------------------------------------------------
> > +# Prepare
> > +# ----------------------------------------------------------------------------
> > +
> > +#
> > +# autoconf
> > +#
> > +HAVEGED_CONF_TOOL := autoconf
> > +HAVEGED_CONF_OPT := \
> > + $(CROSS_AUTOCONF_USR) \
> > + --enable-clock_gettime \
> > + --enable-daemon=yes \
> > + --enable-diagnostic=no \
> > + --enable-init=service.fedora \
> > + --enable-initdir=? \
> > + --enable-nistest=no \
> > + --enable-olt=no \
> > + --enable-threads=no \
> > + --enable-tune=yes
> > +
> > +# ----------------------------------------------------------------------------
> > +# Target-Install
> > +# ----------------------------------------------------------------------------
> > +
> > +$(STATEDIR)/haveged.targetinstall:
> > + @$(call targetinfo)
> > +
> > + @$(call install_init, haveged)
> > + @$(call install_fixup, haveged,PRIORITY,optional)
> > + @$(call install_fixup, haveged,SECTION,base)
> > + @$(call install_fixup, haveged,AUTHOR,"Robert Schwebel <r.schwebel@pengutronix.de>")
> > + @$(call install_fixup, haveged,DESCRIPTION,missing)
> > +
> > + @$(call install_lib, haveged, 0, 0, 0644, libhavege)
> > + @$(call install_copy, haveged, 0, 0, 0755, -, /usr/sbin/haveged)
> > +
> > +ifdef PTXCONF_INITMETHOD_SYSTEMD
> > + @$(call install_copy, haveged, 0, 0, 0644, -, /usr/lib/systemd/system/haveged.service)
> > + @$(call install_link, haveged, \
> > + ../haveged.service, \
> > + /usr/lib/systemd/system/multi-user.target.wants/haveged.service \
> > + )
> > +endif
> > +
> > + @$(call install_finish, haveged)
> > +
> > + @$(call touch)
> > +
> > +# vim: syntax=make
> > --
> > 2.13.2
> >
> >
> > _______________________________________________
> > ptxdist mailing list
> > ptxdist@pengutronix.de
>
> --
> »With the first link, the chain is forged. The first speech censured,
> the first thought forbidden, the first freedom denied, chains us all
> irrevocably.« (Jean-Luc Picard, quoting Judge Aaron Satie)
> *** GnuPG-FP: C28E E6B9 0263 95CF 8FAF 08FA 34AD CD00 7221 5CC6 ***
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next prev parent reply other threads:[~2017-06-30 12:16 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-29 21:49 Robert Schwebel
2017-06-30 7:19 ` Alexander Dahl
2017-06-30 12:16 ` Michael Olbrich [this message]
2017-07-02 15:37 ` Robert Schwebel
2017-07-06 9:13 ` Alexander Dahl
2017-07-02 15:36 ` Robert Schwebel
2017-07-04 10:48 ` Alexander Dahl
2017-07-06 11:54 ` [ptxdist] [PATCH 0/2] haveged: bbinit startup and more download URLs Alexander Dahl
2017-07-06 11:54 ` [ptxdist] [PATCH 1/2] haveged: Add URL for upstream tarball archive Alexander Dahl
2017-07-06 11:54 ` [ptxdist] [PATCH 2/2] haveged: Introduce bbinit startup Alexander Dahl
2017-06-30 8:19 ` [ptxdist] [PATCH] haveged: add entropy daemon Michael Olbrich
2017-06-30 8:32 ` Robert Schwebel
2017-07-02 15:26 ` Robert Schwebel
2017-06-30 12:12 ` Michael Olbrich
2017-07-02 15:27 ` Robert Schwebel
2017-07-02 15:35 ` [ptxdist] [PATCHv2] " Robert Schwebel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170630121607.sgwh5z7njnhaliid@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox