From 1f9cc8cb820fa901157f7616a073b335d11c2fa2 Mon Sep 17 00:00:00 2001 From: gaoyusong Date: Sat, 17 Dec 2022 15:58:02 +0800 Subject: [PATCH] haveged:Updated man page and README.md Signed-off-by: gaoyusong --- backport-0001-Update-README.md.patch | 45 ++++++++++++++++++++++++++++ backport-0002-Update-README.md.patch | 25 ++++++++++++++++ backport-Updated-man-page.patch | 43 ++++++++++++++++++++++++++ haveged.spec | 8 ++++- 4 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 backport-0001-Update-README.md.patch create mode 100644 backport-0002-Update-README.md.patch create mode 100644 backport-Updated-man-page.patch diff --git a/backport-0001-Update-README.md.patch b/backport-0001-Update-README.md.patch new file mode 100644 index 0000000..198afc3 --- /dev/null +++ b/backport-0001-Update-README.md.patch @@ -0,0 +1,45 @@ +From bfff89f0a8568fe1ce974261c0e706be141e175d Mon Sep 17 00:00:00 2001 +From: jirka-h +Date: Mon, 7 Mar 2022 01:59:23 +0100 +Subject: [PATCH 1/3] Update README.md + +--- + README.md | 19 ++++++++----------- + 1 file changed, 8 insertions(+), 11 deletions(-) + +diff --git a/README.md b/README.md +index d3002a8..ced14f6 100644 +--- a/README.md ++++ b/README.md +@@ -4,20 +4,17 @@ Haveged, an entropy source + + IMPORTANT UPDATE + +-Starting from Linux kernel v5.6, the HAVEGED **service** has become obsolete. The userspace application as well as the haveged library are not affected. There are two main reasons for that: ++Starting from Linux kernel v5.6, the HAVEGED inspired algorithm has been included in the Linux kernel (see the [LKML article]( https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/) and the Linux Kernel [commit](https://github.com/torvalds/linux/commit/30c08efec8884fb106b8e57094baa51bb4c44e32)). As soon as the CRNG (the Linux cryptographic-strength random number generator) gets ready, `/dev/random` does not block on reads anymore. + +-1) The mainline Linux Kernel has now HAVEGED algorithm build in internally, see the [LKML article.]( https://lore.kernel.org/lkml/alpine.DEB.2.21.1909290010500.2636@nanos.tec.linutronix.de/T/) ++I'm happy that these changes made it into the mainline kernel. It's pleasing to see that the main idea behind HAVEGED has sustained time test - it was published already in 2003 [here.](https://www.irisa.fr/caps/projects/hipsor/publications/havege-tomacs.pdf) I'm also glad that the HAVEGE algorithm is being further explored and examined - see the [CPU Jitter Random Number Generator.](https://www.chronox.de/jent.html) + +-2) Furthermore, as soon as the CRNG (the Linux cryptographic-strength random number generator) gets ready, `/dev/random` does not block on reads anymore. See the [kernel commit.](https://github.com/torvalds/linux/commit/30c08efec8884fb106b8e57094baa51bb4c44e32) ++It means that HAVEGED **service** is now less relevant. However, it's still useful in the following situations, when you ++* need randomness early in the boot process, before the CRNG in the Linux kernel gets fully initialized. ++* want to deploy an additional entropy source. HAVEGED now inserts entropy into the kernel every 60 seconds, regardless of the entropy level reported by Linux Kernel. It does not affect the `/dev/random` read speed but it diversifies the entropy sources, making the Linux Kernel CRNG more robust. ++* you are looking for userspace RNG to generate random numbers. See `man -S8 haveged` for examples or try running `haveged -n 0 | pv > /dev/null` ++* and last but not least, most Linux installations are still running on the older kernel versions. + +-I'm happy that these changes made it into the mainline kernel. It's nice to see that the main idea behind HAVEGED has sustained time test- it was published already in 2003 [here.](https://www.irisa.fr/caps/projects/hipsor/publications/havege-tomacs.pdf) +- +-I'm also glad that the HAVEGE algorithm is being further explored and examined - see the [CPU Jitter Random Number Generator.](https://www.chronox.de/jent.html) +- +-I will keep maintaining HAVEGED - there are a couple of reasons for that: +-* Most Linux installations are still running on the older kernel versions.  +-* HAVEGED can also be used as the userspace RNG to generate random numbers. See `man -S8 haveged` for examples or try running `haveged -n 0 | pv > /dev/null` +-* Last but not least, HAVEGED can be used as the RNG library.  ++In any case, I will keep maintaining the HAVEGED project. The userspace application, as well as the haveged library, are not affected in any way by changes in the Linux kernel. + + INTRODUCTION + +-- +2.27.0 + diff --git a/backport-0002-Update-README.md.patch b/backport-0002-Update-README.md.patch new file mode 100644 index 0000000..4631d5f --- /dev/null +++ b/backport-0002-Update-README.md.patch @@ -0,0 +1,25 @@ +From 66323fb109e1d39ed06c2176a1ea4390f5feef30 Mon Sep 17 00:00:00 2001 +From: jirka-h +Date: Thu, 31 Mar 2022 15:53:36 +0200 +Subject: [PATCH 2/3] Update README.md + +--- + README.md | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/README.md b/README.md +index ced14f6..e54e00a 100644 +--- a/README.md ++++ b/README.md +@@ -8,6 +8,8 @@ Starting from Linux kernel v5.6, the HAVEGED inspired algorithm has been include + + I'm happy that these changes made it into the mainline kernel. It's pleasing to see that the main idea behind HAVEGED has sustained time test - it was published already in 2003 [here.](https://www.irisa.fr/caps/projects/hipsor/publications/havege-tomacs.pdf) I'm also glad that the HAVEGE algorithm is being further explored and examined - see the [CPU Jitter Random Number Generator.](https://www.chronox.de/jent.html) + ++Please note that while the mainline Linux Kernel and HAVEGED are using the same concept to generate the entropy (utilizing the CPU jitter) the implementation is completely different. In this sense, HAVEGED can be viewed as another entropy source. ++ + It means that HAVEGED **service** is now less relevant. However, it's still useful in the following situations, when you + * need randomness early in the boot process, before the CRNG in the Linux kernel gets fully initialized. + * want to deploy an additional entropy source. HAVEGED now inserts entropy into the kernel every 60 seconds, regardless of the entropy level reported by Linux Kernel. It does not affect the `/dev/random` read speed but it diversifies the entropy sources, making the Linux Kernel CRNG more robust. +-- +2.27.0 + diff --git a/backport-Updated-man-page.patch b/backport-Updated-man-page.patch new file mode 100644 index 0000000..fcc7684 --- /dev/null +++ b/backport-Updated-man-page.patch @@ -0,0 +1,43 @@ +From 00fd6e5e6c47d7732efcdc317d4f4aae2121c2cf Mon Sep 17 00:00:00 2001 +From: Jirka Hladky +Date: Tue, 1 Mar 2022 17:34:29 +0100 +Subject: [PATCH] Updated man page + +--- + man/haveged.8 | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/man/haveged.8 b/man/haveged.8 +index f47f052..fdf682c 100644 +--- a/man/haveged.8 ++++ b/man/haveged.8 +@@ -118,14 +118,14 @@ Set file path for the daemon pid file. Default is "/var/run/haveged.pid", + Set run level for daemon interface: + + n = 0 Run as daemon - must be root. Fills /dev/random when the supply of random bits +- falls below the low water mark of the device. ++ falls below the low water mark of the device. + + n = 1 Display configuration info and terminate. + + n > 1 Write kb of output. Deprecated (use --number instead), only provided for backward + compatibility. + +-If --number is specified, values other than 0,1 are ignored. Default is 0. ++If --number is specified, values other than 0,1 are ignored. Default is 0. + .TP + -v n, --verbose=n + Set diagnostic bitmap as sum of following options: +@@ -149,6 +149,9 @@ Default is 0. Use -1 for all diagnostics. + -w nnn, --write=nnn + Set write_wakeup_threshold of daemon interface to nnn bits. Applies only to run level 0. + .TP ++-V, --version ++Print version information and exit ++.TP + -?, --help + This summary of program options. + +-- +2.27.0 + diff --git a/haveged.spec b/haveged.spec index a6a54c5..219c4b4 100644 --- a/haveged.spec +++ b/haveged.spec @@ -3,7 +3,7 @@ Summary: A Linux entropy source using the HAVEGE algorithm Name: haveged Version: 1.9.15 -Release: 1 +Release: 2 License: GPLv3+ URL: https://github.com/jirka-h/haveged Source0: https://github.com/jirka-h/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz @@ -11,6 +11,9 @@ Source1: haveged.service Patch0: fix-the-core-file-problem.patch Patch1: backport-Fix-haveged-cannot-be-run-as-an-application-if-also-running-as-a-daemon.patch +Patch2: backport-Updated-man-page.patch +Patch3: backport-0001-Update-README.md.patch +Patch4: backport-0002-Update-README.md.patch Requires(post): systemd Requires(preun): systemd @@ -103,6 +106,9 @@ rm -rf %{buildroot} %{_mandir}/man3/libhavege.3* %changelog +* Sat Dec 17 2022 gaoyusong - 1.9.15-2 +- update man page and README.md + * Tue Nov 30 2021 yixiangzhike - 1.9.15-1 - update to 1.9.15