meta-agl-core/recipes-support/rng-tools/rng-tools/0003-rngd_jitter-always-read-from-entropy-pipe-before-set.patch

   1 From 36bc92ef2789b13183c8895d83665f48b13c2b9e Mon Sep 17 00:00:00 2001
   2 From: Matthias Schiffer <matthias.schiffer@tq-group.com>
   3 Date: Wed, 27 Jan 2021 16:22:39 +0100
   4 Subject: [PATCH] rngd_jitter: always read from entropy pipe before setting
   5  O_NONBLOCK
   6
   7 Even with AES disabled, we want to make sure that jent_read_entropy() has
   8 already generated some entropy before we consider the the source
   9 initialized. Otherwise "Entropy Generation is slow" log spam will be
  10 emitteded until this has happened, which can take several seconds.
  11
  12 Signed-off-by: Matthias Schiffer <matthias.schiffer@tq-group.com>
  13 ---
  14  rngd_jitter.c | 11 +++++++++++
  15  1 file changed, 11 insertions(+)
  16
  17 diff --git a/rngd_jitter.c b/rngd_jitter.c
  18 index 48f344c..b736cdd 100644
  19 --- a/rngd_jitter.c
  20 +++ b/rngd_jitter.c
  21 @@ -492,6 +492,17 @@ int init_jitter_entropy_source(struct rng *ent_src)
  22                 message_entsrc(ent_src,LOG_CONS|LOG_INFO, "libgcrypt not available. Disabling AES in JITTER source\n");
  23                 ent_src->rng_options[JITTER_OPT_USE_AES].int_val = 0;
  24  #endif
  25 +       } else {
  26 +               /*
  27 +                * Make sure that an entropy gathering thread has generated
  28 +                * at least some entropy before setting O_NONBLOCK and finishing
  29 +                * the entropy source initialization.
  30 +                *
  31 +                * This avoids "Entropy Generation is slow" log spamming that
  32 +                * would otherwise happen until jent_read_entropy() has run
  33 +                * for the first time.
  34 +                */
  35 +               xread_jitter(&i, 1, ent_src);
  36         }
  37         message_entsrc(ent_src,LOG_DAEMON|LOG_INFO, "Enabling JITTER rng support\n");
  38         return 0;