[OE-core] [PATCH] rng-tools: only print the success message when initialize entropy sources

mingli.yu at windriver.com mingli.yu at windriver.com
Fri Feb 28 04:20:12 UTC 2020 

From: Mingli Yu <mingli.yu at windriver.com>

There is below message when check rngd service status
in qemu env.
[rdrand]: Initialization Failed

The complete service status as below in qemu env:
 # systemctl status rngd

    rngd.service - Hardware RNG Entropy Gatherer Daemon
       Loaded: loaded (/lib/systemd/system/rngd.service; enabled; vendor preset: >
       Active: active (running) since Tue 2020-02-25 05:08:11 UTC; 42min ago
    Main PID: 133 (rngd)
       Tasks: 2 (limit: 3591)
       Memory: 1.0M
    CGroup: /system.slice/rngd.service
           `-133 /usr/sbin/rngd -f -r /dev/hwrng
    Feb 25 05:08:14 qemux86-64 rngd[133]: Initializing available sources
    Feb 25 05:08:14 qemux86-64 rngd[133]: [hwrng ]: Initialized
    Feb 25 05:08:14 qemux86-64 rngd[133]: [rdrand]: Initialization Failed
    Feb 25 05:08:14 qemux86-64 rngd[133]: [jitter]: Initializing AES buffer
    Feb 25 05:08:31 qemux86-64 rngd[133]: [jitter]: Enabling JITTER rng support
    Feb 25 05:08:39 qemux86-64 rngd[133]: [jitter]: Initialized
    Warning: Journal has been rotated since unit was started. Log output is incompl

The message "[rdrand]: Initialization Failed" is misleading and
also results in parselogs.ParseLogsTest.test_parselogs failed
in do_testimage.

In fact, the message only indicates the rdrand entropy
source initialized failed and it doesn't affect the rngd
function. So improve to only print the message for the
entropy sources which initialized successfully to avoid
misleading users.

That makes sense as after check the available entropy
sources, there is a logic to check whether there is at
least one available entropy source exist as below in
rngd.c
if (!ent_sources) {
message(LOG_DAEMON|LOG_ERR,
"can't open any entropy source");
message(LOG_DAEMON|LOG_ERR,
"Maybe RNG device modules are not loaded\n");
return 1;
}

That's to say, only printing the message for the entropy
sources which initialized successfully is safe.

Signed-off-by: Mingli Yu <mingli.yu at windriver.com>
---
 ...-print-the-success-message-when-initializ.patch | 47 ++++++++++++++++++++++
 meta/recipes-support/rng-tools/rng-tools_6.9.bb    |  1 +
 2 files changed, 48 insertions(+)
 create mode 100644 meta/recipes-support/rng-tools/rng-tools/0001-rngd.c-only-print-the-success-message-when-initializ.patch

diff --git a/meta/recipes-support/rng-tools/rng-tools/0001-rngd.c-only-print-the-success-message-when-initializ.patch b/meta/recipes-support/rng-tools/rng-tools/0001-rngd.c-only-print-the-success-message-when-initializ.patch
new file mode 100644
index 0000000..ba3958f
--- /dev/null
+++ b/meta/recipes-support/rng-tools/rng-tools/0001-rngd.c-only-print-the-success-message-when-initializ.patch
@@ -0,0 +1,47 @@
+From 820d7fc8477b690803f9640452ce6df2f3eb6a79 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu at windriver.com>
+Date: Fri, 28 Feb 2020 02:39:53 +0000
+Subject: [PATCH] rngd.c: only print the success message when initialize
+
+Only print the message for the entropy sources which
+initialized successfully to avoid misleading users.
+
+That makes sense as after check the available entropy
+sources, there is logic to check whether there is at
+least one available entropy source exist as below:
+if (!ent_sources) {
+     message(LOG_DAEMON|LOG_ERR,
+             "can't open any entropy source");
+     message(LOG_DAEMON|LOG_ERR,
+             "Maybe RNG device modules are not loaded\n");
+     return 1;
+}
+
+That's to say, only printing the message for the entropy
+sources which initialized successfully is safe.
+
+Upstream-Status: Submitted [https://github.com/nhorman/rng-tools/pull/84]
+
+Signed-off-by: Mingli Yu <mingli.yu at windriver.com>
+---
+ rngd.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/rngd.c b/rngd.c
+index d8cd9af..78dae36 100644
+--- a/rngd.c
++++ b/rngd.c
+@@ -795,9 +795,8 @@ int main(int argc, char **argv)
+ 				ent_sources++;
+ 				ent_src->fipsctx = malloc(sizeof(fips_ctx_t));
+ 				fips_init(ent_src->fipsctx, discard_initial_data(ent_src));
+-                                message_entsrc(ent_src, LOG_DAEMON|LOG_INFO, "Initialized\n");
++                                message_entsrc(ent_src, LOG_DAEMON|LOG_INFO, "Initialized successfully\n");
+ 			} else {
+-                                message_entsrc(ent_src, LOG_DAEMON|LOG_ERR, "Initialization Failed\n");
+ 				ent_src->disabled = true;
+ 			}
+ 		}
+-- 
+2.24.1
+
diff --git a/meta/recipes-support/rng-tools/rng-tools_6.9.bb b/meta/recipes-support/rng-tools/rng-tools_6.9.bb
index 913342c..cce61aa 100644
--- a/meta/recipes-support/rng-tools/rng-tools_6.9.bb
+++ b/meta/recipes-support/rng-tools/rng-tools_6.9.bb
@@ -10,6 +10,7 @@ DEPENDS = "sysfsutils"
 
 SRC_URI = "\
     git://github.com/nhorman/rng-tools.git \
+    file://0001-rngd.c-only-print-the-success-message-when-initializ.patch \
     file://init \
     file://default \
     file://rngd.service \
-- 
2.7.4

More information about the Openembedded-core mailing list