On 09/11/2018 09.54, Hongxu Jia wrote: > Since commit [f1dc9ac rng-tools: Fix crazy defaults] fixed > init based on sysvinit, this fix rngd.service based on systemd. > > Signed-off-by: Hongxu Jia <hongxu....@windriver.com> > --- > meta/recipes-support/rng-tools/rng-tools/rngd.service | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-support/rng-tools/rng-tools/rngd.service > b/meta/recipes-support/rng-tools/rng-tools/rngd.service > index cb81024..f0355db 100644 > --- a/meta/recipes-support/rng-tools/rng-tools/rngd.service > +++ b/meta/recipes-support/rng-tools/rng-tools/rngd.service > @@ -5,7 +5,7 @@ After=systemd-udev-settle.service > Before=sysinit.target > > [Service] > -ExecStart=@SBINDIR@/rngd -f -r /dev/urandom > +ExecStart=@SBINDIR@/rngd -f -r /dev/hwrng > SuccessExitStatus=66 > > [Install] >
This has been applied to master, but please apply this to thud as well - feeding the kernel's entropy pool from that same entropy pool is of course utter nonsense, but since rngd is also _crediting those bytes with providing real bits of entropy_ (ioctl RNDADDENTROPY) makes it a security issue. Rasmus -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
