From: Jan Kiszka <jan.kis...@siemens.com>
Useful only on devices with no other sources: USB WLAN sticks based on
the Atheros 9170 (carl9170 kernel driver) provide a hardware random
generator. However, the interface needs to be up in order to is the
generator. That's not the case until ifup ran, but wpa_supplicant will
block this until the random pool is initialized.
Signed-off-by: Jan Kiszka <jan.kis...@siemens.com>
---
meta/recipes-support/rng-tools/rng-tools/default | 4 ++++
meta/recipes-support/rng-tools/rng-tools/init | 3 +++
2 files changed, 7 insertions(+)
diff --git a/meta/recipes-support/rng-tools/rng-tools/default
b/meta/recipes-support/rng-tools/rng-tools/default
index b968f2b789..85c5833a32 100644
--- a/meta/recipes-support/rng-tools/rng-tools/default
+++ b/meta/recipes-support/rng-tools/rng-tools/default
@@ -4,3 +4,7 @@ RNG_DEVICE=/dev/hwrng
# Don't use urandom as source unless you fully understood what that does to
# your system security!
#RNG_DEVICE=/dev/urandom
+
+# Specify wlan interface to enable if rngd should use Atheros 9170 as source.
+# See kernel config help for the security limitations of this.
+#CARL9170_HWRNG_INTERFACE="wlan0"
diff --git a/meta/recipes-support/rng-tools/rng-tools/init
b/meta/recipes-support/rng-tools/rng-tools/init
index 7cf78393a4..30cfc0f3d5 100644
--- a/meta/recipes-support/rng-tools/rng-tools/init
+++ b/meta/recipes-support/rng-tools/rng-tools/init
@@ -20,6 +20,9 @@ fi
case "$1" in
start)
echo -n "Starting random number generator daemon"
+ if [ -n "$CARL9170_HWRNG_INTERFACE" ]; then
+ ip link set $CARL9170_HWRNG_INTERFACE up
+ fi
start-stop-daemon -S -q -x $rngd $EXTRA_ARGS
echo "."
;;
--
2.12.3
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
