MSVSphere Packaging Team
4 months ago
commit
0854eae7a3
GPG Key ID:
B2B0B9F29E528FE8
@ -0,0 +1 @@
|
||||
SOURCES/rng-tools-6.17.tar.gz
|
||||
@ -0,0 +1 @@
|
||||
c950c97cf54d902559df02458ae205d9c7bb4fa6 SOURCES/rng-tools-6.17.tar.gz
|
||||
@ -0,0 +1,42 @@
|
||||
From 86a66ed41390fa5f98aade60a55376269fd163b0 Mon Sep 17 00:00:00 2001
|
||||
From: Vladis Dronov <vdronov@redhat.com>
|
||||
Date: Fri, 17 Sep 2021 01:04:51 +0200
|
||||
Subject: [PATCH] Comment out an unused assignment
|
||||
|
||||
Covscan warns about an unused value. Comment it out.
|
||||
|
||||
Defect type: UNUSED_VALUE: covscan warning:
|
||||
rng-tools-6.13/rngd_rdrand.c:260: assigned_value: Assigning value
|
||||
from "!!(info.ecx & 0x2000000U)" to "have_aesni" here, but that
|
||||
stored value is overwritten before it can be used.
|
||||
|
||||
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
|
||||
---
|
||||
rngd_rdrand.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git rngd_rdrand.c rngd_rdrand.c
|
||||
index caa9d05..ea7b8fa 100644
|
||||
--- rngd_rdrand.c
|
||||
+++ rngd_rdrand.c
|
||||
@@ -239,7 +239,7 @@ int init_drng_entropy_source(struct rng *ent_src)
|
||||
struct cpuid info;
|
||||
/* We need RDRAND, but AESni is optional */
|
||||
const uint32_t features_ecx1_rdrand = 1 << 30;
|
||||
- const uint32_t features_ecx1_aesni = 1 << 25;
|
||||
+ //const uint32_t features_ecx1_aesni = 1 << 25;
|
||||
const uint32_t features_ebx7_rdseed = 1 << 18;
|
||||
uint32_t max_cpuid_leaf;
|
||||
unsigned char xkey[AES_BLOCK]; /* Material to XOR into the key */
|
||||
@@ -257,7 +257,7 @@ int init_drng_entropy_source(struct rng *ent_src)
|
||||
if (!(info.ecx & features_ecx1_rdrand))
|
||||
return 1;
|
||||
|
||||
- have_aesni = !!(info.ecx & features_ecx1_aesni);
|
||||
+ //have_aesni = !!(info.ecx & features_ecx1_aesni);
|
||||
have_aesni = 0; /* BACK OUT NH */
|
||||
have_rdseed = 0;
|
||||
if (max_cpuid_leaf >= 7) {
|
||||
--
|
||||
2.26.3
|
||||
|
||||
@ -0,0 +1,26 @@
|
||||
From de2ee0d8b7e8ad2915165ef941a6ec37442a2fdc Mon Sep 17 00:00:00 2001
|
||||
From: Vladis Dronov <vdronov@redhat.com>
|
||||
Date: Tue, 6 Jul 2021 14:36:46 +0200
|
||||
Subject: [PATCH] Revert "Build randstat binary"
|
||||
|
||||
We do not want new and mostly useless randstat binary.
|
||||
This reverts commit 2ce93190cb0111fcab2f622a539689d70960643a.
|
||||
|
||||
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
|
||||
---
|
||||
contrib/Makefile.am | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git contrib/Makefile.am contrib/Makefile.am
|
||||
index a81fb0e..18c4fbc 100644
|
||||
--- contrib/Makefile.am
|
||||
+++ contrib/Makefile.am
|
||||
@@ -1,2 +1,3 @@
|
||||
-bin_PROGRAMS = randstat
|
||||
-randstat_SOURCES = randstat.c
|
||||
+
|
||||
+EXTRA_DIST = randstat.c
|
||||
+
|
||||
--
|
||||
2.26.3
|
||||
|
||||
@ -0,0 +1,13 @@
|
||||
[Unit]
|
||||
Description=Hardware RNG Entropy Gatherer Daemon
|
||||
ConditionVirtualization=!container
|
||||
ConditionKernelCommandLine=!fips=1
|
||||
|
||||
# The "-f" option is required for the systemd service rngd to work with Type=simple
|
||||
[Service]
|
||||
Type=simple
|
||||
EnvironmentFile=/etc/sysconfig/rngd
|
||||
ExecStart=/usr/sbin/rngd -f $RNGD_ARGS
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
@ -0,0 +1,3 @@
|
||||
# Optional arguments passed to rngd. See rngd(8) and
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1252175#c21
|
||||
RNGD_ARGS="--fill-watermark=0 -x pkcs11 -x nist -x qrypt -x namedpipe -D daemon:daemon"
|
||||
@ -0,0 +1,121 @@
|
||||
%global _hardened_build 1
|
||||
|
||||
# this is a correct if, bcond_with actually means without and vice versa
|
||||
%if 0%{?rhel} && 0%{?rhel} >= 9
|
||||
%bcond_with pkcs11
|
||||
%bcond_with rtlsdr
|
||||
%else
|
||||
%bcond_without pkcs11
|
||||
%bcond_without rtlsdr
|
||||
%endif
|
||||
|
||||
Summary: Random number generator related utilities
|
||||
Name: rng-tools
|
||||
Version: 6.17
|
||||
Release: 3%{?dist}
|
||||
License: GPL-2.0-or-later
|
||||
URL: https://github.com/nhorman/rng-tools
|
||||
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
|
||||
Source1: rngd.service
|
||||
Source2: rngd.sysconfig
|
||||
|
||||
BuildRequires: gcc make binutils
|
||||
BuildRequires: gettext
|
||||
BuildRequires: systemd systemd-rpm-macros
|
||||
BuildRequires: autoconf >= 2.57, automake >= 1.7
|
||||
BuildRequires: libgcrypt-devel libcurl-devel
|
||||
BuildRequires: libxml2-devel openssl-devel
|
||||
BuildRequires: jitterentropy-devel
|
||||
BuildRequires: jansson-devel
|
||||
BuildRequires: libcap-devel
|
||||
%if %{with rtlsdr}
|
||||
BuildRequires: rtl-sdr-devel
|
||||
%endif
|
||||
%if %{with pkcs11}
|
||||
BuildRequires: libp11-devel
|
||||
Suggests: opensc
|
||||
%endif
|
||||
|
||||
Requires(post): systemd
|
||||
Requires(preun): systemd
|
||||
Requires(postun): systemd
|
||||
|
||||
# This ensures that the selinux-policy package and all its dependencies
|
||||
# are not pulled into containers and other systems that do not use SELinux.
|
||||
Requires: (selinux-policy >= 36.5 if selinux-policy)
|
||||
|
||||
Patch0: 1-rt-comment-out-have-aesni.patch
|
||||
Patch1: 2-rt-revert-build-randstat.patch
|
||||
|
||||
%description
|
||||
This is a random number generator daemon and its tools. It monitors
|
||||
a set of entropy sources present on a system (like /dev/hwrng, RDRAND,
|
||||
TPM, jitter) and supplies entropy from them to a kernel entropy pool.
|
||||
|
||||
%prep
|
||||
%autosetup -p0
|
||||
|
||||
%build
|
||||
%if !%{with pkcs11}
|
||||
%define _without_pkcs11 --without-pkcs11
|
||||
%endif
|
||||
%if !%{with rtlsdr}
|
||||
%define _without_rtlsdr --without-rtlsdr
|
||||
%endif
|
||||
|
||||
./autogen.sh
|
||||
# a dirty hack to force PIC for a PIC-aware assembly code for i686
|
||||
# /usr/lib/rpm/redhat/redhat-hardened-cc1 in Koji/Brew does not
|
||||
# force PIC for assembly sources as of now
|
||||
%ifarch i386 i686
|
||||
sed -i -e '/^#define RDRAND_RETRY_LIMIT\t10/a#define __PIC__ 1' rdrand_asm.S
|
||||
%endif
|
||||
# a dirty hack so libdarn_impl_a_CFLAGS overrides common CFLAGS
|
||||
sed -i -e 's/$(libdarn_impl_a_CFLAGS) $(CFLAGS)/$(CFLAGS) $(libdarn_impl_a_CFLAGS)/' Makefile.in
|
||||
%configure %{?_without_pkcs11} %{?_without_rtlsdr}
|
||||
%make_build
|
||||
|
||||
%install
|
||||
%make_install
|
||||
|
||||
# install systemd unit file
|
||||
install -Dt %{buildroot}%{_unitdir} -m0644 %{SOURCE1}
|
||||
# install sysconfig file
|
||||
install -D %{SOURCE2} -m0644 %{buildroot}%{_sysconfdir}/sysconfig/rngd
|
||||
|
||||
%post
|
||||
%systemd_post rngd.service
|
||||
|
||||
%preun
|
||||
%systemd_preun rngd.service
|
||||
|
||||
%postun
|
||||
%systemd_postun_with_restart rngd.service
|
||||
|
||||
%files
|
||||
%{!?_licensedir:%global license %%doc}
|
||||
%license COPYING
|
||||
%doc AUTHORS README.md
|
||||
%{_bindir}/rngtest
|
||||
%{_sbindir}/rngd
|
||||
%{_mandir}/man1/rngtest.1.*
|
||||
%{_mandir}/man8/rngd.8.*
|
||||
%attr(0644,root,root) %{_unitdir}/rngd.service
|
||||
%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rngd
|
||||
|
||||
%changelog
|
||||
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 6.17-3
|
||||
- Bump release for June 2024 mass rebuild
|
||||
|
||||
* Wed Jun 19 2024 Vladis Dronov <vdronov@redhat.com> - 6.17-2
|
||||
- Add Intel CET IBT instrumentation to assembly code
|
||||
- Update to the upstream v6.17 @ ac43f912 (RHEL-36771)
|
||||
|
||||
* Wed Jun 05 2024 Vladis Dronov <vdronov@redhat.com> - 6.17-1
|
||||
- Update to the upstream v6.17 @ 2160b9c3 (RHEL-36771)
|
||||
|
||||
* Sat Mar 30 2024 Vladis Dronov <vdronov@redhat.com> - 6.16-7
|
||||
- Update to the upstream v6.16 + tip of origin/master @ 98cf8d63
|
||||
|
||||
* Fri Jan 26 2024 Vladis Dronov <vdronov@redhat.com> - 6.16-6
|
||||
- Initial import from Fedora 40
|
||||
Loading…
Reference in new issue