CCing people who have shown some interest in haveged previously. The
haveged upstream has moved the init code into a contrib directory
because as stated in the README:https://github.com/jirka-h/haveged
IMPORTANT UPDATE
Starting from Linux kernel v5.6, the HAVEGED inspired algorithm has been
included in the Linux kernel (see the LKML article
<https://lore.kernel.org/lkml/alpine.deb.2.21.1909290010500.2...@nanos.tec.linutronix.de/T/>
and the Linux Kernel commit
<https://github.com/torvalds/linux/commit/30c08efec8884fb106b8e57094baa51bb4c44e32>).
As soon as the CRNG (the Linux cryptographic-strength random number
generator) gets ready, |/dev/random| does not block on reads anymore.
I'm happy that these changes made it into the mainline kernel. It's
pleasing to see that the main idea behind HAVEGED has sustained time
test - it was published already in 2003 here.
<https://www.irisa.fr/caps/projects/hipsor/publications/havege-tomacs.pdf>
I'm also glad that the HAVEGE algorithm is being further explored and
examined - see the CPU Jitter Random Number Generator.
<https://www.chronox.de/jent.html>
It means that HAVEGED *service* is now less relevant. However, it's
still useful in the following situations, when you
* need randomness early in the boot process, before the CRNG in the
Linux kernel gets fully initialized.
* want to deploy an additional entropy source. HAVEGED now inserts
entropy into the kernel every 60 seconds, regardless of the entropy
level reported by Linux Kernel. It does not affect the |/dev/random|
read speed but it diversifies the entropy sources, making the Linux
Kernel CRNG more robust.
* you are looking for userspace RNG to generate random numbers. See
|man -S8 haveged| for examples or try running |haveged -n 0 | pv >
/dev/null|
* and last but not least, most Linux installations are still running
on the older kernel versions.
In any case, I will keep maintaining the HAVEGED project. The userspace
application, as well as the haveged library, are not affected in any way
by changes in the Linux kernel.
---
If you want the init system support back, please submit a patch.
Also Debain/Ubuntu splits the package into:
- haveged
- libhavege2
but the memory savings hardly seem worthwhile so I won't bother:
$ du -sk
tmp/work/core2-64-poky-linux/haveged/1.9.17-r0/packages-split/haveged/usr/*
104
tmp/work/core2-64-poky-linux/haveged/1.9.17-r0/packages-split/haveged/usr/lib
36
tmp/work/core2-64-poky-linux/haveged/1.9.17-r0/packages-split/haveged/usr/sbin
If you want to split it up, please submit a patch.
--
# Randy MacLeod
# Wind River Linux
On 2022-03-21 22:22, Randy MacLeod wrote:
Remove the daemon support code since this feature is deprecated by merging
the ideas from the HAVEGE algorithm into the kernel:
297bdf1 Update README.md
Starting from Linux kernel v5.6, the HAVEGED **service** has become
obsolete.
The userspace application as well as the haveged library are not affected.
...
Update the HOMEPAGE link to https.
Signed-off-by: Randy MacLeod<randy.macl...@windriver.com>
---
.../haveged/haveged_1.9.14.bb | 47 -------------------
.../haveged/haveged_1.9.17.bb | 26 ++++++++++
2 files changed, 26 insertions(+), 47 deletions(-)
delete mode 100644 meta-oe/recipes-extended/haveged/haveged_1.9.14.bb
create mode 100644 meta-oe/recipes-extended/haveged/haveged_1.9.17.bb
diff --git a/meta-oe/recipes-extended/haveged/haveged_1.9.14.bb
b/meta-oe/recipes-extended/haveged/haveged_1.9.14.bb
deleted file mode 100644
index 3e4edae9d..000000000
--- a/meta-oe/recipes-extended/haveged/haveged_1.9.14.bb
+++ /dev/null
@@ -1,47 +0,0 @@
-SUMMARY = "haveged - A simple entropy daemon"
-DESCRIPTION = "The haveged project is an attempt to provide an easy-to-use,
unpredictable random number generator based upon an adaptation of the HAVEGE algorithm.
Haveged was created to remedy low-entropy conditions in the Linux random device that can
occur under some workloads, especially on headless servers."
-AUTHOR = "Gary Wuertz"
-HOMEPAGE ="http://www.issihosts.com/haveged/index.html";
-LICENSE = "GPL-3.0-only"
-LIC_FILES_CHKSUM="file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
-
-# v1.9.14
-SRCREV = "4da3080ad4587860e5da73072d6ed54d0052938c"
-SRC_URI = "git://github.com/jirka-h/haveged.git;branch=master;protocol=https \
-"
-S = "${WORKDIR}/git"
-
-UPSTREAM_CHECK_URI ="https://github.com/jirka-h/haveged/releases";
-
-inherit autotools update-rc.d systemd
-
-EXTRA_OECONF = "\
- --enable-nistest=yes \
- --enable-olt=yes \
- --enable-threads=no \
-"
-
-PACKAGECONFIG ??="${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
-PACKAGECONFIG[systemd] = "--enable-init=service.fedora
--enable-initdir=${systemd_system_unitdir}, --enable-init=sysv.redhat, systemd"
-
-INITSCRIPT_PACKAGES = "${PN}"
-INITSCRIPT_NAME = "haveged"
-INITSCRIPT_PARAMS:${PN} = "defaults 9"
-
-SYSTEMD_PACKAGES = "${PN}"
-SYSTEMD_SERVICE:${PN} = "haveged.service"
-
-do_install:append() {
- # The exit status is 143 when the service is stopped
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false',
d)}; then
- sed -i '/ExecStart/a SuccessExitStatus=143'
${D}${systemd_system_unitdir}/haveged.service
- # Hybrid systemd-sysvinit distros must install the initscript manually
- if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true',
'false', d)}; then
- install -d ${D}${INIT_D_DIR}
- sed -e "s,@SBINDIR@,${sbindir},g" <${S}/init.d/sysv.redhat
>${D}${INIT_D_DIR}/haveged
- chmod 755 ${D}${INIT_D_DIR}/haveged
- fi
- fi
-}
-
-MIPS_INSTRUCTION_SET = "mips"
diff --git a/meta-oe/recipes-extended/haveged/haveged_1.9.17.bb
b/meta-oe/recipes-extended/haveged/haveged_1.9.17.bb
new file mode 100644
index 000000000..25007c777
--- /dev/null
+++ b/meta-oe/recipes-extended/haveged/haveged_1.9.17.bb
@@ -0,0 +1,26 @@
+SUMMARY = "haveged - A simple entropy daemon"
+DESCRIPTION = "The haveged project is an attempt to provide an easy-to-use,
unpredictable random number generator based upon an adaptation of the HAVEGE algorithm.
Haveged was created to remedy low-entropy conditions in the Linux random device that can
occur under some workloads, especially on headless servers."
+
+AUTHOR = "Gary Wuertz"
+HOMEPAGE ="https://www.issihosts.com/haveged/index.html";
+
+LICENSE = "GPL-3.0-only"
+LIC_FILES_CHKSUM="file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
+
+# v1.9.17
+SRCREV = "1ff76272aba9803501e6f473dd5083f0e09289ac"
+SRC_URI = "git://github.com/jirka-h/haveged.git;branch=master;protocol=https \
+"
+S = "${WORKDIR}/git"
+
+UPSTREAM_CHECK_URI ="https://github.com/jirka-h/haveged/releases";
+
+inherit autotools
+
+EXTRA_OECONF = "\
+ --enable-nistest=yes \
+ --enable-olt=yes \
+ --enable-threads=no \
+"
+
+MIPS_INSTRUCTION_SET = "mips"
--
# Randy MacLeod
# Wind River Linux
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#96124):
https://lists.openembedded.org/g/openembedded-devel/message/96124
Mute This Topic: https://lists.openembedded.org/mt/89944592/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
