summaryrefslogtreecommitdiff
path: root/sys-apps/rng-tools
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /sys-apps/rng-tools
reinit the tree, so we can have metadata
Diffstat (limited to 'sys-apps/rng-tools')
-rw-r--r--sys-apps/rng-tools/Manifest16
-rw-r--r--sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch45
-rw-r--r--sys-apps/rng-tools/files/rng-tools-5-fix-textrels-on-PIC-x86.patch100
-rw-r--r--sys-apps/rng-tools/files/rng-tools-5-man-fill-watermark.patch17
-rw-r--r--sys-apps/rng-tools/files/rng-tools-5-man-rng-device.patch15
-rw-r--r--sys-apps/rng-tools/files/rng-tools-6-fix-noctty.patch45
-rw-r--r--sys-apps/rng-tools/files/rngd-confd-4.122
-rw-r--r--sys-apps/rng-tools/files/rngd-initd-r1-4.116
-rw-r--r--sys-apps/rng-tools/files/rngd.service8
-rw-r--r--sys-apps/rng-tools/files/test-for-argp.patch43
-rw-r--r--sys-apps/rng-tools/metadata.xml15
-rw-r--r--sys-apps/rng-tools/rng-tools-5-r2.ebuild40
-rw-r--r--sys-apps/rng-tools/rng-tools-6.ebuild46
13 files changed, 428 insertions, 0 deletions
diff --git a/sys-apps/rng-tools/Manifest b/sys-apps/rng-tools/Manifest
new file mode 100644
index 000000000000..e1f64bba1495
--- /dev/null
+++ b/sys-apps/rng-tools/Manifest
@@ -0,0 +1,16 @@
+AUX rng-tools-5-fix-noctty.patch 2069 SHA256 f88650613a41cf0d91807897215c6471db3c2c00c4445083800751c843028949 SHA512 7555185f529ade3cdcd277624820717ede9dff8c004a15786ed8b73c74b9300d71da2d8a51deda63b18f1af07ddbd18fe4a5693a147e189886370f359243251e WHIRLPOOL 4cf145f248396d7f689b1c2feaff88c3edb9e783600a7aaf083b0322bf07377846a35390e11f92869dd38ec68dbb6babacb2f4e3063b30d82685d3a0afc479c7
+AUX rng-tools-5-fix-textrels-on-PIC-x86.patch 2677 SHA256 71fac69129bf3ac6f54cabdd995db2946d5ccc279212de42608cea19fa3c2ada SHA512 8c7c6bced6e0982069ba6ef99c169609ff452a55c32543c25f198a59f81d4e976caf400867cb52bbe2996363f22943ff73c678427da43ad3a019bbe29bd29ce1 WHIRLPOOL 2346261e9891f77a48e8ea54e647fc77e40ec79d099597dec4fd06e265ac3a255eec8d6e2ed46ae00e90fd900998b48a6c3a963bb89d9b81e3cba24cefb7ba11
+AUX rng-tools-5-man-fill-watermark.patch 765 SHA256 f286419c4b3fbbb67c9099ba99c9dc0d17d379d86435d916a517fb7fc9598550 SHA512 8bc7a9903f9f77da2d55321605a2421bef27d8cedd3ea67e5547f4e59b85b3139b3cf269efe4c3abd767d87666e3e28b03e4fbf6984122febf45ea14af3332a0 WHIRLPOOL a8f26673d529147976d335732c1fdf5f7b845502f4d9eae664e38ac80c23066ef3bed53995d31be6996a9782d06371131239c8e2688f09705fe60c03fcbd9771
+AUX rng-tools-5-man-rng-device.patch 398 SHA256 c2553914e0551e1a349b8dfb65cf02d3db66cda9e6aba5046340a7a4f8340f17 SHA512 cd4c0cbcc32f6ace0f05c0dca82461c2a676a986c000850a422c3b509d79f22ddb98732749e63a1d9ec6d90db1745b7a163a590ada61f0ebcdde07b160647d3f WHIRLPOOL 375aca63b539d4c64c5ee4c85f289b2029db2d9b38d07f001135034b725323e74d70b94e49c86722521ac846c438a0bf818ff62581deea5c3b828c4f6ab73924
+AUX rng-tools-6-fix-noctty.patch 2188 SHA256 7a1594cd968621c579efaa77a6257cef038e3d7ff53a5c5a04cd508a16c221d0 SHA512 dff3d3ef81e847d378ca45531e4eaa81f4028b2b08adc17c68bba108cb4604f3bf13daa8b0e46ccb8aec2626ff8fd983038544508f3117828cecfbb282762116 WHIRLPOOL 2893eaa2c37a91770e465344a0051cec645d1d725f903f5a3297bb359f1e24d6a3d102aa3bb76c76c42f521695c5293d90c9022ebacd44f99efab41444c0aef9
+AUX rngd-confd-4.1 562 SHA256 cdbd39f7446f12a9b78e87e9f135cfd0f6f364c4fa4ade0c96084b85c32afc38 SHA512 45e0e9cbe0180162f659bf05c15ee99fb8c1b80274cd8744384ba7f791b1c9a46a63e81eea665b4f492c13b7d5cc1fdb6e524a49a25af77f3791f527b31f688b WHIRLPOOL 87634cea70a1c8ffa7598cc8b0d93c79578433cc21b58bb13bc9144502b9502e2c4f151bcf282ad4ccef44a931f1be5d1e87ff7b9b6d07cfa0a4c288b4172ec3
+AUX rngd-initd-r1-4.1 494 SHA256 3ad9a52d86e54eb755923242b1314584d5c66ab55221f6063a16c23477957a25 SHA512 8bf9a0bd25bcc9c1cc4eacdf875077208ba0899c626a55e57f055cc93b62e23a427e0622859c5b4a31c3aebe550b180777528b43942a3efb2e2c0b4243c3c9c6 WHIRLPOOL 33365650149523b34c6ae38614038ffafd1393a1ec5c967d0e9f6b89557b84f8ebb45c76455844dd73fd0d3cb1768de69c6b9857c4b48015ce351bd61803a4d6
+AUX rngd.service 133 SHA256 a05b1075157d39302106221594e1640479fae5dee4595de09442901a3a2d1648 SHA512 51e9ea84b624cda8d3689d6a9a8d60da4a556aa9d2a1a04e698d9a1490717aa47172e152c93711f8d04be8a5b68b1dfd568a762bd8ee7219afb7cdfff15657d2 WHIRLPOOL 093b0cd19a147abd9fc10f366c2c5a167d31b839d755cf2e56f6ae35409b6eb764db0651858d20dc95b71fe1d90b4ca33bde88053c80e40665613d132357366a
+AUX test-for-argp.patch 1245 SHA256 56824e3d80c931c3f907486cd8bf7b5a3bcc20fa507f452a9c63286443c06756 SHA512 0fe4b37eb3d2e93ff9ce17aed8cfcaa29c7f04289ba692d10fd0f8ef6d9b1e5f64a5734a508aea548f13fd00217972a68bcbeaf6977e763087ad20c19d456ed6 WHIRLPOOL c515fc9a8adf6bd49a4a622c05881e9ad22b514634c25d4f894be96d46f67a886bdcc092cafa57521e17d53bba1f1a3995dc673c24292b0aca276792e575073b
+DIST rng-tools-5.tar.gz 122182 SHA256 60a102b6603bbcce2da341470cad42eeaa9564a16b4490e7867026ca11a3078e SHA512 58047c37cad4f5f1210b696e4dba122878f78e57d05d9cb822f79234240ecce31efd2d39061fea1eb5b2e81d48d8c3bf6b92d06451f1ce5d5db7117704e89c50 WHIRLPOOL 073dbeb9d27189db44658a9f25657b93a320b125fbfc8230f7ce7849b8e7c1f7802b4c3a53de3417525b02739194fab8a6e5eb03d5db317a23deb275d72fbb21
+DIST rng-tools-6.tar.gz 26024 SHA256 6d9c3f72824d1ea15dd2a80bfcf71f6a73c8843c6344f7f774a97a4ca7641b4c SHA512 2aea947c4dba5e8c4df33396957f7224b62200be0e3d10aac08c84155fa473a67df5f49e07a07b2cbea4dfd772d90c1b194e8fce3d8eea762463a7f4a16d6ce4 WHIRLPOOL 4e53c626288219a7cb9c94cf29d22878df5ad3298ca5ebedea46978e519d9b5b0ad94f765e217563105258f4b02b72b0033e551a7d37939ced9ca5d92f0a1048
+EBUILD rng-tools-5-r2.ebuild 1098 SHA256 a6e9a693947fdcff18969be0ea392e8171cab38be6367c6c30cda84f24137613 SHA512 b4a612e14a4e556c57c182a5e709bf497eb11c2b9ca850ca1dd32f94c313157d3273b02715eef907b570d5aaaa06e9786ce33f9085f83423d61fb5af4bbe1b52 WHIRLPOOL d27df6207498055f147981ff7b0f63c30fc1e0d458c8ab550829de00396b7772a5c50fa2d7f057764a35092ec3e30c45a79d5a48dfd94568bdc8e15dfceab603
+EBUILD rng-tools-6.ebuild 1114 SHA256 b783fda920969b210d53a6b8d84f519ded1bfa5be641b2390a93732a15205f91 SHA512 e218c2147b5879418647e85103d7c0bd3f5fe3fcfd42855d64441c1228eb3a2caf462b2b4e553125e88374db64c94894497645421606853968ccbb4ddb2d5f38 WHIRLPOOL fa5a977e4949cdb582902703e3212d8feea462f27c344a5782287b4da1eeda4f58bca03ecb68345da9b5b94a34c62377867a257f60c1ed504601229b453e72d0
+MISC ChangeLog 8067 SHA256 a232bfd53ae71bba942c0065e502fa2087a6af4b14bc5664cb3177c9e0f4ae40 SHA512 b9143f297136c37d810755bb899b4353008d2982eff54d29de73f62a9790506468ba0034206877f894fe681effed2921bf9e8af54e771f46ef60d288955aecc5 WHIRLPOOL 5c62a5780931f8d50387a08076410aa815d6c7637260eec4f69b17a1ea6f51278d3d15786cefda3213527f47816f9dfaa2e296ed240bb6a543dcb70c0ecd2383
+MISC ChangeLog-2015 10419 SHA256 429b14666b303f77b8081e33cb4d2bc4da29c06af72895b37cf17ae3658381ce SHA512 9ef68cdfe956b4918d101ec0cfe3a69a9cf748b52326976edf234b58a48eb8c48fdb32b011fa8fe5e3d0cde8576b212b24d5b4003f87a4e4b327dc2cc0ff59ea WHIRLPOOL 525eb6a7d62820bda06d801c2721e2c38a9ca8af5d26d961c57a9d62c26a8dfec1ab08573f4237f3e6f4ee576de03d6d63a5514424011e773541f29c2b8e3915
+MISC metadata.xml 435 SHA256 853adcedbd25773649ea54cda891d50ddb76210f8a09dccc387a7dd8f656d711 SHA512 8e6882d47d45613afd58beaa45cb41134740efab0c34381789eaabd5938441e98aa59fde0efb922766075ecf3f608b40c632bc4e4cdf786d256d954e502296b7 WHIRLPOOL 6dc3ea1f0a1273a6f33e76898b298b1b0e3cb827bf436380b9ab15f425b47f7e16ec1c2d95f2232c2012fa41da4c0992a3d7598ed844bd1e8f2611559b90d3ca
diff --git a/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch b/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch
new file mode 100644
index 000000000000..568ebe04589d
--- /dev/null
+++ b/sys-apps/rng-tools/files/rng-tools-5-fix-noctty.patch
@@ -0,0 +1,45 @@
+From: Gokturk Yuksek <gokturk@binghamton.edu>
+Subject: [PATCH] Fix rngd to open the entropy source with 'O_NOCTTY' flag
+
+When start-stop-daemon starts a rngd instance configured to use a tty
+device as its entropy source, the application crashes due to not being
+able to read from the entropy device. This is caused by
+start-stop-daemon calling setsid() before executing rngd, which
+disassociates the controlling terminal. When rngd attempts to open a
+hardware entropy source that's a tty device, per POSIX rules, the
+device becomes the controlling terminal for the process. Then rngd
+calls daemon(), which internally calls setsid(), and consequently
+disassociates the controlling terminal for the child. Meanwhile the
+parent rngd process exits. This results in tty device hanging up. By
+looking at the strace logs attached to the bug, it can be observed
+that although the parent rngd process is able to read() from the
+entropy source successfully, further attempts to read() by the child
+rngd process return 0. This complies with the POSIX, which states that
+read() calls on a hung up terminal shall return 0.
+
+Note that when rngd is started without start-stop-daemon, this problem
+does not happen because at the time of opening the entropy source rngd
+already has a controlling terminal.
+
+Prevent the entropy source from becoming the controlling terminal by
+passing 'O_NOCTTY' flag to open() when opening an entropy source. This
+flag prevents a tty device from becoming the controlling terminal for
+a process without a controlling terminal at the time of open().
+
+Thanks to John Bowler <jbowler@acm.org> for debugging the problem and
+pinpointing the issue as well as confirming the fix.
+
+Gentoo-Bug-URL: https://bugs.gentoo.org/556456
+Reported-By: John Bowler <jbowler@acm.org>
+
+--- a/rngd_entsource.c
++++ b/rngd_entsource.c
+@@ -175,7 +175,7 @@
+ */
+ int init_entropy_source(struct rng *ent_src)
+ {
+- ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY);
++ ent_src->rng_fd = open(ent_src->rng_name, O_RDONLY | O_NOCTTY);
+ if (ent_src->rng_fd == -1) {
+ return 1;
+ }
diff --git a/sys-apps/rng-tools/files/rng-tools-5-fix-textrels-on-PIC-x86.patch b/sys-apps/rng-tools/files/rng-tools-5-fix-textrels-on-PIC-x86.patch
new file mode 100644
index 000000000000..5fa5f0b4ecf7
--- /dev/null
+++ b/sys-apps/rng-tools/files/rng-tools-5-fix-textrels-on-PIC-x86.patch
@@ -0,0 +1,100 @@
+From: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
+Subject: [PATCH] Fix assemby textrels on rdrand_asm.S on PIC x86
+
+This patch updates the fixes in the assembly in rdrand_asm.S in
+sys-apps/rng-tools-5 so it won't generate textrels on PIC systems.
+The main fixes are in the use of leal in SETPTR for such systems, the rest is
+the usual PIC support stuff.
+
+This should fix Gentoo bug #469962 and help fix #518210
+
+This patch is released under the GPLv2 or a higher version license as is the
+original file as long as the author and the tester are credited.
+
+Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=469962
+Gentoo-bug-url: https://bugs.gentoo.org/show_bug.cgi?id=518210
+Upstream-status: Not sent yet
+Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
+Reported-by: cilly <cilly@cilly.mine.nu>
+Reported-by: Manuel Rüger <mrueg@gentoo.org>
+Tested-by: Anthony Basile <blueness@gentoo.org>
+
+--- rng-tools/rdrand_asm.S
++++ rng-tools/rdrand_asm.S
+@@ -2,6 +2,7 @@
+ * Copyright (c) 2011-2014, Intel Corporation
+ * Authors: Fenghua Yu <fenghua.yu@intel.com>,
+ * H. Peter Anvin <hpa@linux.intel.com>
++ * PIC code by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+@@ -174,7 +175,19 @@
+ jmp 4b
+ ENDPROC(x86_rdseed_or_rdrand_bytes)
+
++#if defined(__PIC__)
++#define INIT_PIC() \
++ pushl %ebx ; \
++ call __x86.get_pc_thunk.bx ; \
++ addl $_GLOBAL_OFFSET_TABLE_, %ebx
++#define END_PIC() \
++ popl %ebx
++#define SETPTR(var,ptr) leal (var)@GOTOFF(%ebx),ptr
++#else
++#define INIT_PIC()
++#define END_PIC()
+ #define SETPTR(var,ptr) movl $(var),ptr
++#endif
+ #define PTR0 %eax
+ #define PTR1 %edx
+ #define PTR2 %ecx
+@@ -190,6 +203,7 @@
+ movl 8(%ebp), %eax
+ movl 12(%ebp), %edx
+ push %esi
++ INIT_PIC()
+ #endif
+ movl $512, CTR3 /* Number of rounds */
+
+@@ -280,6 +294,7 @@
+ movdqa %xmm7, (7*16)(PTR1)
+
+ #ifdef __i386__
++ END_PIC()
+ pop %esi
+ pop %ebp
+ #endif
+@@ -294,6 +309,7 @@
+ push %ebp
+ mov %esp, %ebp
+ movl 8(%ebp), %eax
++ INIT_PIC()
+ #endif
+
+ SETPTR(aes_round_keys, PTR1)
+@@ -323,6 +339,7 @@
+ call 1f
+
+ #ifdef __i386__
++ END_PIC()
+ pop %ebp
+ #endif
+ ret
+@@ -343,6 +360,16 @@
+
+ ENDPROC(x86_aes_expand_key)
+
++#if defined(__i386__) && defined(__PIC__)
++ .section .text.__x86.get_pc_thunk.bx,"axG",@progbits,__x86.get_pc_thunk.bx,comdat
++ .globl __x86.get_pc_thunk.bx
++ .hidden __x86.get_pc_thunk.bx
++ .type __x86.get_pc_thunk.bx, @function
++__x86.get_pc_thunk.bx:
++ movl (%esp), %ebx
++ ret
++#endif
++
+ .bss
+ .balign 64
+ aes_round_keys:
diff --git a/sys-apps/rng-tools/files/rng-tools-5-man-fill-watermark.patch b/sys-apps/rng-tools/files/rng-tools-5-man-fill-watermark.patch
new file mode 100644
index 000000000000..ea249a5ebdfb
--- /dev/null
+++ b/sys-apps/rng-tools/files/rng-tools-5-man-fill-watermark.patch
@@ -0,0 +1,17 @@
+https://bugs.gentoo.org/555094
+
+patch by Gokturk Yuksek <gokturk@binghamton.edu>
+
+--- a/rngd.8.in
++++ b/rngd.8.in
+@@ -66,7 +66,9 @@
+ .TP
+ \fB\-W\fI n\fR, \fB\-\-fill\-watermark=\fInnn\fR
+ Once we start doing it, feed entropy to \fIrandom-device\fR until at least
+-\fIfill-watermark\fR bits of entropy are available in its entropy pool (default: 2048).
++\fIfill-watermark\fR bits of entropy are available in its entropy pool.
++By default, this value is set to 75% of the entropy pool size or 2048 bits
++if the entropy pool size couldn't be determined.
+ Setting this too high will cause \fIrngd\fR to dominate the contents of the
+ entropy pool. Low values will hurt system performance during entropy
+ starves. Do not set \fIfill-watermark\fR above the size of the
diff --git a/sys-apps/rng-tools/files/rng-tools-5-man-rng-device.patch b/sys-apps/rng-tools/files/rng-tools-5-man-rng-device.patch
new file mode 100644
index 000000000000..82a0cf295765
--- /dev/null
+++ b/sys-apps/rng-tools/files/rng-tools-5-man-rng-device.patch
@@ -0,0 +1,15 @@
+https://bugs.gentoo.org/555106
+
+patch by Gokturk Yuksek <gokturk@binghamton.edu>
+
+--- a/rngd.8.in
++++ b/rngd.8.in
+@@ -59,7 +59,7 @@
+ .TP
+ \fB\-r\fI file\fR, \fB\-\-rng-device=\fIfile\fR
+ Kernel device used for random number input
+-(default: /dev/hwrandom)
++(default: /dev/hwrng)
+ .TP
+ \fB\-s\fI nnn\fR, \fB\-\-random-step=\fInnn\fR
+ Number of bytes written to random-device at a time (default: 64)
diff --git a/sys-apps/rng-tools/files/rng-tools-6-fix-noctty.patch b/sys-apps/rng-tools/files/rng-tools-6-fix-noctty.patch
new file mode 100644
index 000000000000..e915150adb58
--- /dev/null
+++ b/sys-apps/rng-tools/files/rng-tools-6-fix-noctty.patch
@@ -0,0 +1,45 @@
+From: Gokturk Yuksek <gokturk@binghamton.edu>
+Subject: [PATCH] Fix rngd to open the entropy source with 'O_NOCTTY' flag
+
+When start-stop-daemon starts a rngd instance configured to use a tty
+device as its entropy source, the application crashes due to not being
+able to read from the entropy device. This is caused by
+start-stop-daemon calling setsid() before executing rngd, which
+disassociates the controlling terminal. When rngd attempts to open a
+hardware entropy source that's a tty device, per POSIX rules, the
+device becomes the controlling terminal for the process. Then rngd
+calls daemon(), which internally calls setsid(), and consequently
+disassociates the controlling terminal for the child. Meanwhile the
+parent rngd process exits. This results in tty device hanging up. By
+looking at the strace logs attached to the bug, it can be observed
+that although the parent rngd process is able to read() from the
+entropy source successfully, further attempts to read() by the child
+rngd process return 0. This complies with the POSIX, which states that
+read() calls on a hung up terminal shall return 0.
+
+Note that when rngd is started without start-stop-daemon, this problem
+does not happen because at the time of opening the entropy source rngd
+already has a controlling terminal.
+
+Prevent the entropy source from becoming the controlling terminal by
+passing 'O_NOCTTY' flag to open() when opening an entropy source. This
+flag prevents a tty device from becoming the controlling terminal for
+a process without a controlling terminal at the time of open().
+
+Thanks to John Bowler <jbowler@acm.org> for debugging the problem and
+pinpointing the issue as well as confirming the fix.
+
+Gentoo-Bug-URL: https://bugs.gentoo.org/556456
+Reported-By: John Bowler <jbowler@acm.org>
+
+--- rng-tools-rng-tools-6/rngd_entsource.c
++++ rng-tools-rng-tools-6/rngd_entsource.c
+@@ -162,7 +162,7 @@
+ struct sysfs_attribute *rngavail;
+ char buf[16];
+
+- ent_src->rng_fd = open(ent_src->rng_fname, O_RDONLY);
++ ent_src->rng_fd = open(ent_src->rng_fname, O_RDONLY | O_NOCTTY);
+ if (ent_src->rng_fd == -1) {
+ message(LOG_DAEMON|LOG_DEBUG, "Unable to open file: %s", ent_src->rng_fname);
+ return 1;
diff --git a/sys-apps/rng-tools/files/rngd-confd-4.1 b/sys-apps/rng-tools/files/rngd-confd-4.1
new file mode 100644
index 000000000000..77e5db583458
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-confd-4.1
@@ -0,0 +1,22 @@
+# /etc/conf.d/rngd
+
+# Please see "/usr/sbin/rngd --help" and "man rngd" for more information
+
+# If a single device is preferred, then specify it here, otherwise we will
+# search for suitable devices.
+#DEVICE=
+
+# Random step (Number of bytes written to random-device at a time):
+STEP=64
+
+# Should TPM be avoided?
+# NO_TPM=0
+
+# Should RDRAND be avoided? Please note that unless this is commented
+# out, RDRAND _will_ be disabled, as any value will cause it to be
+# disabled.
+# NO_DRNG=1
+
+# Fill watermark
+# 0 <= n <= `sysctl kernel.random.poolsize`
+WATERMARK=2048
diff --git a/sys-apps/rng-tools/files/rngd-initd-r1-4.1 b/sys-apps/rng-tools/files/rngd-initd-r1-4.1
new file mode 100644
index 000000000000..b7777ebab71c
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-initd-r1-4.1
@@ -0,0 +1,16 @@
+#!/sbin/openrc-run
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+ need localmount
+ after urandom
+ provide entropy
+}
+
+command=/usr/sbin/rngd
+pidfile="/var/run/${SVCNAME}.pid"
+command_args="--pid-file ${pidfile} --background --random-step ${STEP:-64} ${NO_TPM:+--no-tpm=1} \
+ ${NO_DRNG:+--no-drng=1} --fill-watermark ${WATERMARK} ${DEVICE:+--rng-device ${DEVICE}}"
+start_stop_daemon_args="--wait 1000"
+retry="SIGKILL/5000"
diff --git a/sys-apps/rng-tools/files/rngd.service b/sys-apps/rng-tools/files/rngd.service
new file mode 100644
index 000000000000..04793437e2d7
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Hardware RNG Entropy Gatherer Daemon
+
+[Service]
+ExecStart=/usr/sbin/rngd -f
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sys-apps/rng-tools/files/test-for-argp.patch b/sys-apps/rng-tools/files/test-for-argp.patch
new file mode 100644
index 000000000000..4ed2aa40b6df
--- /dev/null
+++ b/sys-apps/rng-tools/files/test-for-argp.patch
@@ -0,0 +1,43 @@
+On glibc systems, argp is provided by libc. However, on
+uclibc and other systems which lack argp in their C library,
+argp might be provided by a stand alone library, libargp.
+This patch adds tests to the build system to find who provides
+argp.
+
+X-Gentoo-Bug: 292191
+X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=292191
+Reported-by: Ed Wildgoose <gentoo@wildgooses.com>
+Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
+
+
+--- a/configure.ac
++++ b/configure.ac
+@@ -47,6 +47,28 @@
+ dnl Checks for optional library functions
+ dnl -------------------------------------
+
++dnl First check if we have argp available from libc
++AC_LINK_IFELSE(
++ [AC_LANG_PROGRAM(
++ [#include <argp.h>],
++ [int argc=1; char *argv[]={"test"}; argp_parse(0,argc,argv,0,0,0); return 0;]
++ )],
++ [libc_has_argp="true"],
++ [libc_has_argp="false"]
++)
++
++dnl If libc doesn't provide argp, then test for libargp
++if test "$libc_has_argp" = "false" ; then
++ AC_MSG_WARN("libc does not have argp")
++ AC_CHECK_LIB([argp], [argp_parse], [have_argp="true"], [have_argp="false"])
++
++ if test "$have_argp" = "false"; then
++ AC_MSG_ERROR("no libargp found")
++ else
++ LIBS+=" -largp"
++ fi
++fi
++
+ dnl -----------------
+ dnl Configure options
+ dnl -----------------
diff --git a/sys-apps/rng-tools/metadata.xml b/sys-apps/rng-tools/metadata.xml
new file mode 100644
index 000000000000..6a6818baee38
--- /dev/null
+++ b/sys-apps/rng-tools/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<maintainer type="person">
+ <email>gokturk@gentoo.org</email>
+ <name>Göktürk Yüksek</name>
+</maintainer>
+<maintainer type="project">
+ <email>base-system@gentoo.org</email>
+ <name>Gentoo Base System</name>
+</maintainer>
+<upstream>
+ <remote-id type="sourceforge">gkernel</remote-id>
+</upstream>
+</pkgmetadata>
diff --git a/sys-apps/rng-tools/rng-tools-5-r2.ebuild b/sys-apps/rng-tools/rng-tools-5-r2.ebuild
new file mode 100644
index 000000000000..0e193c1e76b5
--- /dev/null
+++ b/sys-apps/rng-tools/rng-tools-5-r2.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit eutils autotools systemd toolchain-funcs
+
+DESCRIPTION="Daemon to use hardware random number generators"
+HOMEPAGE="http://gkernel.sourceforge.net/"
+SRC_URI="mirror://sourceforge/gkernel/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm ia64 ppc x86"
+IUSE="selinux"
+
+DEPEND="dev-libs/libgcrypt:0
+ dev-libs/libgpg-error"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-rngd )"
+
+src_prepare() {
+ echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am || die
+ epatch "${FILESDIR}"/test-for-argp.patch
+ epatch "${FILESDIR}"/${P}-fix-textrels-on-PIC-x86.patch #469962
+ epatch "${FILESDIR}"/${P}-man-fill-watermark.patch #555094
+ epatch "${FILESDIR}"/${P}-man-rng-device.patch #555106
+ epatch "${FILESDIR}"/${P}-fix-noctty.patch #556456
+ eautoreconf
+
+ sed -i '/^AR /d' Makefile.in || die
+ tc-export AR
+}
+
+src_install() {
+ default
+ newinitd "${FILESDIR}"/rngd-initd-r1-4.1 rngd
+ newconfd "${FILESDIR}"/rngd-confd-4.1 rngd
+ systemd_dounit "${FILESDIR}"/rngd.service
+}
diff --git a/sys-apps/rng-tools/rng-tools-6.ebuild b/sys-apps/rng-tools/rng-tools-6.ebuild
new file mode 100644
index 000000000000..3a559236e0c7
--- /dev/null
+++ b/sys-apps/rng-tools/rng-tools-6.ebuild
@@ -0,0 +1,46 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils autotools systemd toolchain-funcs
+
+DESCRIPTION="Daemon to use hardware random number generators"
+HOMEPAGE="https://github.com/nhorman/rng-tools"
+SRC_URI="https://github.com/nhorman/${PN}/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~x86"
+IUSE="selinux"
+
+DEPEND="dev-libs/libgcrypt:0
+ dev-libs/libgpg-error"
+RDEPEND="${DEPEND}
+ sys-fs/sysfsutils
+ selinux? ( sec-policy/selinux-rngd )"
+
+S="${WORKDIR}/${PN}-${P}"
+
+PATCHES=(
+ "${FILESDIR}"/test-for-argp.patch
+ "${FILESDIR}"/${PN}-5-fix-textrels-on-PIC-x86.patch #469962
+ "${FILESDIR}"/${PN}-5-man-fill-watermark.patch #555094
+ "${FILESDIR}"/${PN}-6-fix-noctty.patch #556456
+)
+
+src_prepare() {
+ echo 'bin_PROGRAMS = randstat' >> contrib/Makefile.am || die
+ default
+ eautoreconf
+
+ sed -i '/^AR /d' Makefile.in || die
+ tc-export AR
+}
+
+src_install() {
+ default
+ newinitd "${FILESDIR}"/rngd-initd-r1-4.1 rngd
+ newconfd "${FILESDIR}"/rngd-confd-4.1 rngd
+ systemd_dounit "${FILESDIR}"/rngd.service
+}