From 7220652e183226ea736d7c59359e88c3c0b3f00d Mon Sep 17 00:00:00 2001 From: Matt Turner Date: Thu, 24 Oct 2019 14:40:06 -0700 Subject: [PATCH] sys-apps/rng-tools: Add patch to help rngd shutdown Signed-off-by: Matt Turner --- sys-apps/rng-tools/files/rngd-shutdown.patch | 37 ++++++++ sys-apps/rng-tools/rng-tools-6.7-r2.ebuild | 98 ++++++++++++++++++++ 2 files changed, 135 insertions(+) create mode 100644 sys-apps/rng-tools/files/rngd-shutdown.patch create mode 100644 sys-apps/rng-tools/rng-tools-6.7-r2.ebuild diff --git a/sys-apps/rng-tools/files/rngd-shutdown.patch b/sys-apps/rng-tools/files/rngd-shutdown.patch new file mode 100644 index 000000000000..ba2fffdd86f6 --- /dev/null +++ b/sys-apps/rng-tools/files/rngd-shutdown.patch @@ -0,0 +1,37 @@ +https://bugzilla.redhat.com/show_bug.cgi?id=1690364 + +diff --git a/rngd_jitter.c b/rngd_jitter.c +index 23d96b3..43a13e0 100644 +--- a/rngd_jitter.c ++++ b/rngd_jitter.c +@@ -473,26 +473,22 @@ void close_jitter_entropy_source(struct rng *ent_src) + for (i=0; i < num_threads; i++) + tdata[i].active = 0; + +- flags = fcntl(pipefds[1], F_GETFL, 0); +- flags |= O_NONBLOCK; +- fcntl(pipefds[1], F_SETFL, &flags); ++ close(pipefds[1]); + + /* And wait for completion of each thread */ + for (i=0; i < num_threads; i++) { + message(LOG_DAEMON|LOG_DEBUG, "Checking on done for thread %d\n", i); + while (!tdata[i].done) ++ pthread_kill(threads[i], SIGINT); + if(tdata[i].done) { + message(LOG_DAEMON|LOG_INFO, "Closing thread %d\n", tdata[i].core_id); + pthread_join(threads[i], NULL); + jent_entropy_collector_free(tdata[i].ec); +- } else { +- read(pipefds[0], tmpbuf, 1024); ++ } else + sched_yield(); +- } + } + +- close(pipefds[2]); +- close(pipefds[1]); ++ close(pipefds[0]); + free(tdata); + free(threads); + return; diff --git a/sys-apps/rng-tools/rng-tools-6.7-r2.ebuild b/sys-apps/rng-tools/rng-tools-6.7-r2.ebuild new file mode 100644 index 000000000000..831615de8586 --- /dev/null +++ b/sys-apps/rng-tools/rng-tools-6.7-r2.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools systemd readme.gentoo-r1 toolchain-funcs + +DESCRIPTION="Daemon to use hardware random number generators" +HOMEPAGE="https://github.com/nhorman/rng-tools" +SRC_URI="https://github.com/nhorman/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~riscv ~x86" +IUSE="jitterentropy nistbeacon pkcs11 selinux" + +DEPEND="dev-libs/libgcrypt:0 + dev-libs/libgpg-error + sys-fs/sysfsutils + jitterentropy? ( + app-crypt/jitterentropy:= + ) + nistbeacon? ( + net-misc/curl[ssl] + dev-libs/libxml2:2= + dev-libs/openssl:0= + ) + pkcs11? ( + dev-libs/libp11:= + ) + elibc_musl? ( sys-libs/argp-standalone ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-rngd )" +DEPEND="${DEPEND} + nistbeacon? ( + virtual/pkgconfig + ) +" + +PATCHES=( + "${FILESDIR}"/test-for-argp.patch + "${FILESDIR}"/${PN}-5-fix-textrels-on-PIC-x86.patch #469962 + "${FILESDIR}"/rngd-shutdown.patch +) + +src_prepare() { + echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am || die + + # rngd_pkcs11.c needs to be linked against -lcrypto #684228 + # See: https://github.com/nhorman/rng-tools/pull/61 + if use pkcs11; then + sed -e '/rngd_pkcs11.c$/ a rngd_LDADD\t+= -lcrypto' \ + -i Makefile.am || die + fi + + default + + mv README.md README || die + + eautoreconf + + sed -i '/^AR /d' Makefile.in || die + tc-export AR +} + +src_configure() { + local myeconfargs=( + $(use_enable jitterentropy) + $(use_with nistbeacon) + $(use_with pkcs11) + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + default + newinitd "${FILESDIR}"/rngd-initd-6.7-r1 rngd + newconfd "${FILESDIR}"/rngd-confd-6.7 rngd + systemd_dounit "${FILESDIR}"/rngd.service + + if use pkcs11; then + local DISABLE_AUTOFORMATTING=1 + local DOC_CONTENTS=" +The PKCS11 entropy source may require extra packages (e.g. 'dev-libs/opensc') +to support various smartcard readers. Make sure 'PKCS11_OPTIONS' in: + '${EROOT%/}/etc/conf.d/rngd' +reflects the correct PKCS11 engine path to be used by rngd. +" + readme.gentoo_create_doc + fi + +} + +pkg_postinst() { + use pkcs11 && readme.gentoo_print_elog +} -- 2.26.2