diff options
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/Fedora/90-haveged.rules | 5 | ||||
-rwxr-xr-x | contrib/Fedora/haveged-dracut.module | 26 | ||||
-rw-r--r-- | contrib/Fedora/haveged-switch-root.service | 17 | ||||
-rw-r--r-- | contrib/Fedora/haveged.service | 36 | ||||
-rw-r--r-- | contrib/Fedora/haveged.spec | 232 | ||||
-rw-r--r-- | contrib/SUSE/90-haveged.rules | 5 | ||||
-rwxr-xr-x | contrib/SUSE/haveged-dracut.module | 26 | ||||
-rw-r--r-- | contrib/SUSE/haveged-switch-root.service | 17 | ||||
-rwxr-xr-x | contrib/build/build.sh | 38 | ||||
-rw-r--r-- | contrib/build/havege_sample.c | 97 | ||||
-rw-r--r-- | contrib/build/lib.spec | 76 | ||||
-rw-r--r-- | contrib/build/nolib.spec | 40 | ||||
-rw-r--r-- | contrib/diags/bins.p | 12 | ||||
-rw-r--r-- | contrib/diags/data_prep.c | 341 | ||||
-rw-r--r-- | contrib/diags/inc.p | 8 | ||||
-rw-r--r-- | contrib/diags/lognorm.r | 6 | ||||
-rwxr-xr-x | contrib/diags/lognorm.sh | 13 |
17 files changed, 995 insertions, 0 deletions
diff --git a/contrib/Fedora/90-haveged.rules b/contrib/Fedora/90-haveged.rules new file mode 100644 index 0000000..6b1c5cf --- /dev/null +++ b/contrib/Fedora/90-haveged.rules @@ -0,0 +1,5 @@ +# Start the haveged service as soon as the random device is available +# to avoid starting other services while starved of entropy + +ACTION=="add", KERNEL=="random" , SUBSYSTEM=="mem", TAG+="systemd", ENV{SYSTEMD_WANTS}+="haveged.service" + diff --git a/contrib/Fedora/haveged-dracut.module b/contrib/Fedora/haveged-dracut.module new file mode 100755 index 0000000..ed5f851 --- /dev/null +++ b/contrib/Fedora/haveged-dracut.module @@ -0,0 +1,26 @@ +#!/bin/bash +# /usr/lib/dracut/modules.d/98haveged/module-setup.sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +# called by dracut +depends() { + return 0 +} + +installkernel() { + return 0 +} + +# called by dracut +install() { + inst_multiple -o \ + /usr/sbin/haveged \ + $systemdsystemunitdir/haveged.service \ + $systemdsystemunitdir/haveged-switch-root.service + mkdir -p "$initdir/$systemdsystemunitdir/sysinit.target.wants" + mkdir -p "$initdir/$systemdsystemunitdir/initrd-switch-root.target.wants" + mkdir -p "$initdir/$systemdsystemunitdir/systemd-journald.service.wants" + ln_r "$systemdsystemunitdir/haveged.service" "$systemdsystemunitdir/systemd-journald.service.wants/haveged.service" + ln_r "$systemdsystemunitdir/haveged-switch-root.service" "$systemdsystemunitdir/initrd-switch-root.target.wants/haveged-switch-root.service" +} diff --git a/contrib/Fedora/haveged-switch-root.service b/contrib/Fedora/haveged-switch-root.service new file mode 100644 index 0000000..8cc38cf --- /dev/null +++ b/contrib/Fedora/haveged-switch-root.service @@ -0,0 +1,17 @@ +[Unit] +Description=Tell haveged about new root +DefaultDependencies=no +ConditionPathExists=/etc/initrd-release +Before=initrd-switch-root.service +JoinsNamespaceOf=haveged.service + +[Service] +ExecStart=-@SBIN_DIR@/haveged -c root=/sysroot +PrivateNetwork=yes +Type=oneshot +StandardInput=null +StandardOutput=null +StandardError=null + +[Install] +WantedBy=initrd-switch-root.target diff --git a/contrib/Fedora/haveged.service b/contrib/Fedora/haveged.service new file mode 100644 index 0000000..abb9cfc --- /dev/null +++ b/contrib/Fedora/haveged.service @@ -0,0 +1,36 @@ +[Unit] +Description=Entropy Daemon based on the HAVEGE algorithm +Documentation=man:haveged(8) http://www.issihosts.com/haveged/ +DefaultDependencies=no +After=systemd-tmpfiles-setup-dev.service +Before=sysinit.target shutdown.target systemd-journald.service + +[Service] +ExecStart=@SBIN_DIR@/haveged -w 1024 -v 1 --Foreground +Restart=always +SuccessExitStatus=137 143 + +SecureBits=noroot-locked +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_SYS_CHROOT +# We can *not* set PrivateTmp=true as it can cause an ordering cycle. +PrivateTmp=false +PrivateDevices=true +# We can *not* set PrivateNetwork=true to allow command mode (chroot when included in initramfs) +#PrivateNetwork=true +ProtectSystem=full +ProtectHome=true +ProtectHostname=true +ProtectKernelLogs=true +ProtectKernelModules=true +RestrictNamespaces=true +RestrictRealtime=true + +LockPersonality=true +MemoryDenyWriteExecute=true +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallFilter=~@mount +SystemCallErrorNumber=EPERM + +[Install] +WantedBy=sysinit.target diff --git a/contrib/Fedora/haveged.spec b/contrib/Fedora/haveged.spec new file mode 100644 index 0000000..9dc4bea --- /dev/null +++ b/contrib/Fedora/haveged.spec @@ -0,0 +1,232 @@ +%define dracutlibdir lib/dracut +Summary: A Linux entropy source using the HAVEGE algorithm +Name: haveged +Version: 1.9.14 +Release: 1%{?dist} +License: GPLv3+ +URL: https://github.com/jirka-h/haveged +Source0: https://github.com/jirka-h/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz +Requires(post): systemd +Requires(preun): systemd +Requires(postun): systemd + +BuildRequires: gcc +BuildRequires: automake coreutils glibc-common systemd-units +Enhances: apache2 gpg2 openssl openvpn php5 smtp_daemon systemd + +%description +A Linux entropy source using the HAVEGE algorithm + +Haveged is a user space entropy daemon which is not dependent upon the +standard mechanisms for harvesting randomness for the system entropy +pool. This is important in systems with high entropy needs or limited +user interaction (e.g. headless servers). + +Haveged uses HAVEGE (HArdware Volatile Entropy Gathering and Expansion) +to maintain a 1M pool of random bytes used to fill /dev/random +whenever the supply of random bits in /dev/random falls below the low +water mark of the device. The principle inputs to haveged are the +sizes of the processor instruction and data caches used to setup the +HAVEGE collector. The haveged default is a 4kb data cache and a 16kb +instruction cache. On machines with a cpuid instruction, haveged will +attempt to select appropriate values from internal tables. + +%package devel +Summary: Headers and shared development libraries for HAVEGE algorithm +Requires: %{name} = %{version}-%{release} + +%description devel +Headers and shared object symbolic links for the HAVEGE algorithm + +%prep +%setup -q + +%build +#autoreconf -fiv +%configure --disable-enttest --enable-nistest --disable-static +#SMP build is not working +#make %{?_smp_mflags} +make + +%check +make check + + +%install +rm -rf %{buildroot} +make install DESTDIR=%{buildroot} INSTALL="install -p" + +chmod 0644 COPYING README ChangeLog AUTHORS + +#Install systemd service file +sed -e 's:@SBIN_DIR@:%{_sbindir}:g' -i contrib/Fedora/*service +install -Dpm 0644 contrib/Fedora/haveged.service %{buildroot}%{_unitdir}/%{name}.service +install -Dpm 0644 contrib/Fedora/haveged-switch-root.service %{buildroot}%{_unitdir}/%{name}-switch-root.service +install -Dpm 0755 contrib/Fedora/haveged-dracut.module %{buildroot}/%{_prefix}/%{dracutlibdir}/modules.d/98%{name}/module-setup.sh +install -Dpm 0644 contrib/Fedora/90-haveged.rules %{buildroot}%{_udevrulesdir}/90-%{name}.rules + +# We don't ship .la files. +rm -rf %{buildroot}%{_libdir}/libhavege.*a + +mkdir -p %{buildroot}%{_defaultdocdir}/%{name} +cp -p COPYING README ChangeLog AUTHORS contrib/build/havege_sample.c %{buildroot}%{_defaultdocdir}/%{name} + +%post +/sbin/ldconfig +%systemd_post %{name}.service %{name}-switch-root.service + +%preun +%systemd_preun %{name}.service %{name}-switch-root.service + +%postun +%systemd_postun_with_restart %{name}.service %{name}-switch-root.service +/sbin/ldconfig + +%files +%{_mandir}/man8/haveged.8* +%{_sbindir}/haveged +%{_unitdir}/*.service +%{_libdir}/*so.* +%{_defaultdocdir}/* +%{_udevrulesdir}/*-%{name}.rules +%dir %{_prefix}/%{dracutlibdir}/modules.d/98%{name} +%{_prefix}/%{dracutlibdir}/modules.d/98%{name}/* + +%files devel +%{_mandir}/man3/libhavege.3* +%dir %{_includedir}/%{name} +%{_includedir}/%{name}/havege.h +%doc contrib/build/havege_sample.c +%{_libdir}/*.so + + +%changelog +* Sun Jun 28 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.14-1 + - Update to 1.9.14 + - BZ1835006 - Added dracut module + - Start the service as soon as the random device is available with + the help of udev, as starting services while starved of entropy + is no good. + +* Sun Jun 28 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.13-1 + - Update to 1.9.13 + +* Thu Jun 18 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.12-1 + - Update to 1.9.12 + +* Fri Jun 12 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.11-1 + - Update to 1.9.11 + +* Thu Jun 11 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.10-1 + - Update to 1.9.10 + +* Thu Jun 11 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.9-2 + - Fixed haveged.service file + +* Tue Jun 09 2020 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.9-1 + - Update to 1.9.9 + +* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Sep 30 2019 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.8-1 + - Update to 1.9.8 + +* Mon Aug 26 2019 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.6-1 + - Update to 1.9.6 + +* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Feb 13 2014 Jirka Hladky <hladky.jiri@gmail.com> - 1.9.1-1 +- Update to 1.9.1 + +* Sat Jan 04 2014 Jirka Hladky <hladky.jiri@gmail.com> - 1.8-1 +- Unversioned docdir change, more info on + https://fedoraproject.org/wiki/Changes/UnversionedDocdirs + +* Fri Jan 03 2014 Jirka Hladky <hladky.jiri@gmail.com> - 1.8-0 +- Updated to the version 1.8 +- Improvement to systemd service file +- Fixed exit status + +* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7-1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sat Jan 19 2013 Jirka Hladky <hladky.jiri@gmail.com> - 1.7-0 +- Updated to the version 1.7 +- Version 1.7 brings developement libraries +- Added devel package +* Sat Oct 13 2012 Jirka Hladky <hladky.jiri@gmail.com> - 1.5-2 +- BZ 850144 +- Introduce new systemd-rpm macros in haveged spec file +- Fedora 19 changes the way how to work with services in spec files. +- It introduces new macros - systemd_post, systemd_preun and systemd_postun; +- which replace scriptlets from Fedora 18 and older +- see https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd + +* Tue Aug 14 2012 Jirka Hladky <hladky.jiri@gmail.com> - 1.5-1 +- Update to the version 1.5 +- Main new feature is a run time verification of the produced random numbers +- PIDFILE set to /run/haveged.pid +- converted README and man page to UTF-8. Informed the upstream to fix it. +* Wed Feb 15 2012 Jirka Hladky <hladky.jiri@gmail.com> - 1.4-3 +- PIDFile should be stored at /run instead of the default location /var/run +- There is long term plan that directory /var/run will not further exist in the future Fedora versions +- Asked upstream to add -p <PID_FILE_location> switch to influence the location of the PID File +- Set PIDFile=/var/run/haveged.pid This is needed as long -p option is not implemented +- https://bugzilla.redhat.com/show_bug.cgi?id=770306#c10 +* Wed Feb 15 2012 Jirka Hladky <hladky.jiri@gmail.com> - 1.4-2 +- Updated systemd service file, https://bugzilla.redhat.com/show_bug.cgi?id=770306 +* Tue Feb 14 2012 Jirka Hladky <hladky.jiri@gmail.com> - 1.4-1 +- Update to the version 1.4 +- Conversion to systemd, drop init script +* Sun Nov 06 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.3-2 +- Fixed a bug on non x86 systems +* Sat Nov 05 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.3-1 +- update from the upstream (1.3 stable) +* Mon Oct 03 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.3-0 +-version 1.3 beta +* Fri Sep 30 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.2-4 +- ppc64 build +* Mon Sep 26 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.2-3 +- Cleaned spec file according to https://bugzilla.redhat.com/show_bug.cgi?id=739347#c11 +* Sat Sep 24 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.2-2 +- Added comment to explain why we need use Fedora specific start script +* Wed Sep 21 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.2-1 +- Cleaned spec file according to https://bugzilla.redhat.com/show_bug.cgi?id=739347#c1 +* Wed Sep 07 2011 Jirka Hladky <hladky.jiri@gmail.com> - 1.2-0 +- Initial build diff --git a/contrib/SUSE/90-haveged.rules b/contrib/SUSE/90-haveged.rules new file mode 100644 index 0000000..6b1c5cf --- /dev/null +++ b/contrib/SUSE/90-haveged.rules @@ -0,0 +1,5 @@ +# Start the haveged service as soon as the random device is available +# to avoid starting other services while starved of entropy + +ACTION=="add", KERNEL=="random" , SUBSYSTEM=="mem", TAG+="systemd", ENV{SYSTEMD_WANTS}+="haveged.service" + diff --git a/contrib/SUSE/haveged-dracut.module b/contrib/SUSE/haveged-dracut.module new file mode 100755 index 0000000..ed5f851 --- /dev/null +++ b/contrib/SUSE/haveged-dracut.module @@ -0,0 +1,26 @@ +#!/bin/bash +# /usr/lib/dracut/modules.d/98haveged/module-setup.sh +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh + +# called by dracut +depends() { + return 0 +} + +installkernel() { + return 0 +} + +# called by dracut +install() { + inst_multiple -o \ + /usr/sbin/haveged \ + $systemdsystemunitdir/haveged.service \ + $systemdsystemunitdir/haveged-switch-root.service + mkdir -p "$initdir/$systemdsystemunitdir/sysinit.target.wants" + mkdir -p "$initdir/$systemdsystemunitdir/initrd-switch-root.target.wants" + mkdir -p "$initdir/$systemdsystemunitdir/systemd-journald.service.wants" + ln_r "$systemdsystemunitdir/haveged.service" "$systemdsystemunitdir/systemd-journald.service.wants/haveged.service" + ln_r "$systemdsystemunitdir/haveged-switch-root.service" "$systemdsystemunitdir/initrd-switch-root.target.wants/haveged-switch-root.service" +} diff --git a/contrib/SUSE/haveged-switch-root.service b/contrib/SUSE/haveged-switch-root.service new file mode 100644 index 0000000..9757da4 --- /dev/null +++ b/contrib/SUSE/haveged-switch-root.service @@ -0,0 +1,17 @@ +[Unit] +Description=Tell haveged about new root +DefaultDependencies=no +ConditionPathExists=/etc/initrd-release +Before=initrd-switch-root.service +JoinsNamespaceOf=haveged.service + +[Service] +ExecStart=-/usr/sbin/haveged -c root=/sysroot +PrivateNetwork=yes +Type=oneshot +StandardInput=null +StandardOutput=null +StandardError=null + +[Install] +WantedBy=initrd-switch-root.target diff --git a/contrib/build/build.sh b/contrib/build/build.sh new file mode 100755 index 0000000..99a4b43 --- /dev/null +++ b/contrib/build/build.sh @@ -0,0 +1,38 @@ +#!/bin/sh +## +## Toggle between library and non-library builds. Fix messed up libtool environment +## Build and run haveged-devel sample +## +case "$1" in +nolib) + sed -i.bak -e '/^##libtool_start##/,/^##libtool_end##/s,^,##,g' ../../configure.ac + sed -i.bak -e '/^####nolibtool_start##/,/^####nolibtool_end##/s,^##,,g' \ + -e '/^##libtool_start##/,/^##libtool_end##/s,^,##,g' ../../src/Makefile.am + cp nolib.spec ../../haveged.spec +;; +lib) + sed -i.bak -e '/^####libtool_start##/,/^####libtool_end##/s,^##,,g' ../../configure.ac + sed -i.bak -e '/^##nolibtool_start##/,/^##nolibtool_end##/s,^,##,g' \ + -e '/^####libtool_start##/,/^####libtool_end##/s,^##,,g' ../../src/Makefile.am + cp lib.spec ../../haveged.spec +;; +new) + cd ../.. + make distclean + rm -rf autom4te.cache + libtoolize --force --install + autoreconf --force + ./configure +;; +sample) + echo "gcc -o havege_sample -DUSE_SOURCE -I../../src -Wall havege_sample.c ../../src/.libs/libhavege.a" + gcc -o havege_sample -DUSE_SOURCE -I../../src -Wall havege_sample.c ../../src/.libs/libhavege.a + echo "./havege_sample > /dev/null" + ./havege_sample > /dev/null +;; + +*) + echo "usage: build [new|nolib|lib|sample]"; +;; +esac + diff --git a/contrib/build/havege_sample.c b/contrib/build/havege_sample.c new file mode 100644 index 0000000..8a407ee --- /dev/null +++ b/contrib/build/havege_sample.c @@ -0,0 +1,97 @@ +/* +Simple test of build - writes 1k of RNG runs to stdout + +gcc -o havege_sample -DUSE_SOURCE -I../../src -Wall havege_sample.c ../../src/.libs/libhavege.a +./havege_sample > /dev/null + +After package is installed into test RAM disk /dev/shm/1 +gcc -Wall -o havege_sample -I/dev/shm/1/include -L/dev/shm/1/lib havege_sample.c -lhavege +LD_LIBRARY_PATH=/dev/shm/1/lib ./havege_sample > /dev/shm/havege_random + + + +*/ + +#include <stdio.h> + +#ifdef USE_SOURCE +#include "havege.h" +#else +#include <haveged/havege.h> +#endif + +int my_status_dump ( H_PTR h, char *buf, size_t buflen) { + H_SD_TOPIC topics[4] = {H_SD_TOPIC_BUILD, H_SD_TOPIC_TUNE, H_SD_TOPIC_TEST, H_SD_TOPIC_SUM}; + int ret=0, i; + + for(i=0;i<4 && ret<(buflen-2);i++) { + ret += havege_status_dump(h, topics[i], buf + ret, buflen-ret); + if (ret>(buflen-2)) + break; + buf[ret++] = '\n'; + } + return ret; +} +/** + * RNG output is written to stdout + */ +int main(void) { + int rc; + H_UINT* buf; + H_PARAMS havege_parameters={0}; + H_PTR havege_state = NULL; + const int status_buf_size = 8192; + char status_buf[status_buf_size]; + int i, size; + + //havege_parameters.msg_out = print_msg; + fprintf(stderr, "library version is %s\n", havege_version(NULL)); + havege_state = havege_create(&havege_parameters); + + rc = havege_state==NULL? H_NOHANDLE : havege_state->error; + if (H_NOERR==rc) { + buf = havege_state->io_buf; + size = havege_state->i_readSz /sizeof(H_UINT); + fprintf(stderr, "havege_create: buffer size is %d\n", havege_state->i_readSz); + } + else { + if (H_NOTESTSPEC==rc) + fprintf(stderr, "ERROR: havege_create: unrecognized test setup: %s", havege_parameters.testSpec); + else fprintf(stderr, "ERROR: havege_create has returned %d\n",rc); + if (H_NOHANDLE!=rc) + havege_destroy(havage_state); + return 1; + } + rc = havege_run(havege_state); + if ( rc ) { + fprintf(stderr, "ERROR: havege_run has returned %d\n", havege_state->error); + havege_destroy(havege_state); + return 1; + } + + if ( my_status_dump(havege_state, status_buf, status_buf_size) > 0 ) + fprintf(stderr,"%s\n", status_buf); + for (i=0;i<1024;i++) { + + rc = havege_rng(havege_state, buf, size); + if ( rc != (int) size ) { + fprintf(stderr, "ERROR: havege_rng has returned %d\n", havege_state->error); + havege_destroy(havege_state); + return 1; + } + + rc = fwrite(buf, 1, size, stdout); + if ( rc < size ) { + fprintf(stderr, "ERROR: fwrite\n"); + havege_destroy(havege_state); + return 1; + } + } + + if ( my_status_dump(havege_state, status_buf, status_buf_size) > 0 ) + fprintf(stderr,"%s\n", status_buf); + havege_destroy(havege_state); + return 0; +} + + diff --git a/contrib/build/lib.spec b/contrib/build/lib.spec new file mode 100644 index 0000000..e278101 --- /dev/null +++ b/contrib/build/lib.spec @@ -0,0 +1,76 @@ +# +# Sample spec file for haveged and haveged-devel +# Copyright (c) 2013-2014 +# This file and all modifications and additions to the pristine +# package are under the same license as the package itself. +# +%define have_systemd 0 + +Name: haveged +Version: 1.9 +Release: 0 +License: GPLv3 +Group: System Environment/Daemons +Summary: Feed entropy into random pool +URL: http://www.issihosts.com/haveged/ +Source0: http://www.issihosts.com/haveged/haveged-%{version}.tar.gz +BuildRoot: %{_builddir}/%{name}-root +%if 0%{?have_systemd} +BuildRequires: systemd +%endif + +%description +The haveged daemon feeds the linux entropy pool with random +numbers generated from hidden processor state. + +%package devel +Summary: haveged development files +Group: Development/Libraries + +%description devel +Headers and shared object symbolic links for the haveged library + +This package contains the haveged implementation of the HAVEGE +algorithm and supporting features. + +%prep +%setup -q + +%build +%configure \ + --enable-daemon\ + --enable--init=sysv.redhat +make + +%check +make check + +%install +%makeinstall +%{__install} -D -m0755 %{_sysconfdir}/init.d/%{name} +%if 0%{?have_systemd} +%{__install} -D -m0644 %{S:2} %{buildroot}%{_unitdir}/%{name}.service +%endif +%{__rm} -f %{buildroot}%{_libdir}/libhavege.*a + +%clean +%{?buildroot:%__rm -rf "%{buildroot}"} + +%files +%defattr(-, root, root, -) +%doc COPYING +%{_mandir}/man8/haveged.8* +%{_sbindir}/haveged +%if 0%{?have_systemd} +%{_unitdir}/haveged.service +%endif + +%files devel +%doc COPYING +%defattr(-, root, root, -) +%{_mandir}/man3/libhavege.3* +%dir %{_includedir}/%{name} +%{_includedir}/%{name}/havege*.h +%doc contrib/build/havege_sample.c +%{_libdir}/*.so* + diff --git a/contrib/build/nolib.spec b/contrib/build/nolib.spec new file mode 100644 index 0000000..1e08735 --- /dev/null +++ b/contrib/build/nolib.spec @@ -0,0 +1,40 @@ +# +# Sample spec file for haveged +# Copyright (c) 2013-2014 +# This file and all modifications and additions to the pristine +# package are under the same license as the package itself. +# +Name: haveged +Version: 1.9 +Release: 1 +License: GPLv3 +Group: System Environment/Daemons +Summary: Feed entropy into random pool +URL: http://www.issihosts.com/haveged/ +Source0: http://www.issihosts.com/haveged/haveged-%{version}.tar.gz +BuildRoot: %{_builddir}/%{name}-root + +%description +The haveged daemon feeds the linux entropy pool with random +numbers generated from hidden processor state. + +%prep +%setup -q + +%build +./configure +make +make check + +%install +[ ${RPM_BUILD_ROOT} != "/" ] && rm -rf $RPM_BUILD_ROOT +make DESTDIR=$RPM_BUILD_ROOT install + +%clean +[ ${RPM_BUILD_ROOT} != "/" ] && rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root) +/usr/local/sbin/haveged +/usr/local/share/man/man8/haveged.8 +/etc/init.d/haveged diff --git a/contrib/diags/bins.p b/contrib/diags/bins.p new file mode 100644 index 0000000..59f026d --- /dev/null +++ b/contrib/diags/bins.p @@ -0,0 +1,12 @@ +unset key
+set ticslevel 0.1
+set xlabel "Step"
+set ylabel "Tick"
+set zlabel "Count"
+set zlabel rotate
+set xtic .2
+set ytic 1
+set grid x y z
+set title "Ticks Frequency"
+splot("run.bins")
+
diff --git a/contrib/diags/data_prep.c b/contrib/diags/data_prep.c new file mode 100644 index 0000000..93176a9 --- /dev/null +++ b/contrib/diags/data_prep.c @@ -0,0 +1,341 @@ +/**
+ ** Data preparation for diagnostic interfaces
+ **
+ ** Copyright 2009-2011 Gary Wuertz gary@issiweb.com
+ ** Copyright 2011 BenEleventh Consulting manolson@beneleventh.com
+ **
+ ** This program is free software: you can redistribute it and/or modify
+ ** it under the terms of the GNU General Public License as published by
+ ** the Free Software Foundation, either version 3 of the License, or
+ ** (at your option) any later version.
+ **
+ ** This program is distributed in the hope that it will be useful,
+ ** but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ ** GNU General Public License for more details.
+ **
+ ** You should have received a copy of the GNU General Public License
+ ** along with this program. If not, see <http://www.gnu.org/licenses/>.
+ **
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <getopt.h>
+#include <math.h>
+
+/**
+ * Something borrowed......
+ */
+#define APP_BUFF_SIZE 1024
+#define NDSIZECOLLECT 0x1000000
+
+typedef unsigned int U_INT;
+
+struct pparams {
+ int cmd; // command to execute
+ int options; // debug options
+ char *outpath; // output file;
+ FILE *input; // input file
+ FILE *output; // output file
+ U_INT limit; // limit delta
+ U_INT repeat; // repeat values
+ U_INT value; // inject value
+ U_INT bsize; // Buffer size
+ double xs; // X scale
+};
+/**
+ * For bin output
+ */
+#define X_BINS 512
+#define Y_BINS 2048
+/**
+ * Divide data into bins
+ */
+#define X_FACTOR (1.0 * X_BINS)/(1.0 * p->bsize)
+#define Y_FACTOR (0.5 * Y_BINS)/(1.0 * 0x7fffffff)
+/*
+ * Scale bins back to values x = 1M, y=4.0G
+ */
+#define X_SCALE (p->xs/X_BINS)
+#define Y_SCALE (4.0/Y_BINS)
+
+static int inject_output(struct pparams *p);
+static void matrix_output(struct pparams *p);
+static void sequence_output(struct pparams *p);
+static void usage(int nopts, struct option *long_options, const char **cmds);
+/**
+ * Data Prep
+ */
+int main(int argc, char **argv)
+{
+ static const char* cmds[] = {
+ "b", "buffer", "1", "buffer size (k): default 1024",
+ "f", "file", "1", "output file name: default is '-' (stdout)",
+ "i", "inject", "1", "inject 0=2up, 1=1up, 2=raw 1up",
+ "o", "output", "1", "[bin|delta|inject|raw|xor|wrap] data",
+ "r", "repeat", "1", "repeat inject sequence",
+ "s", "start", "1", "start value inject sequence",
+ "u", "upper", "1", "inject sequence upper bound",
+ "v", "verbose", "1", "verbose reporting",
+ "h", "help", "0", "This help"
+ };
+ char *outputs[] = {"bin","delta","inject","raw","xor","wrap",NULL};
+ static int nopts = sizeof(cmds)/(4*sizeof(char *));
+ struct option long_options[nopts+1];
+ char short_options[1+nopts*2];
+ struct pparams params;
+ FILE *f;
+ U_INT i, j, n;
+ int c;
+ char *s;
+
+ for(i=j=0;j<(nopts*4);j+=4) {
+ long_options[i].name = cmds[j+1];
+ long_options[i].has_arg = atoi(cmds[j+2]);
+ long_options[i].flag = NULL;
+ long_options[i].val = cmds[j][0];
+ strcat(short_options,cmds[j]);
+ if (long_options[i].has_arg!=0) strcat(short_options,":");
+ i += 1;
+ }
+ memset(&long_options[i], 0, sizeof(struct option));
+ memset(¶ms, 0, sizeof(struct pparams));
+ params.outpath = "-";
+ params.bsize = NDSIZECOLLECT;
+ params.xs = 1.0;
+ do {
+ c = getopt_long (argc, argv, short_options, long_options, NULL);
+ switch(c) {
+ case 'b':
+ params.bsize = atoi(optarg);
+ params.xs = params.bsize;
+ while(params.xs >= 10.0)
+ params.xs /= 10.0;
+ break;
+ case 'f':
+ params.outpath = optarg;
+ break;
+ case 'i':
+ params.options = atoi(optarg);
+ break;
+ case 'o':
+ n = strlen(optarg);
+ for(i=0;outputs[i]!=NULL;i++)
+ if (!strncmp(optarg, outputs[i], n)) {
+ params.cmd = optarg[0];
+ break;
+ }
+ break;
+ case 'r':
+ params.repeat = atoi(optarg);
+ break;
+ case 's':
+ params.value = atoi(optarg);
+ break;
+ case 'u':
+ params.limit = atoi(optarg);
+ break;
+ case 'v':
+ params.cmd = atoi(optarg);
+ break;
+ case '?':
+ case 'h':
+ usage(nopts, long_options, cmds);
+ case -1:
+ break;
+ }
+ } while (c!=-1);
+
+ if (0==params.cmd || optind != (argc-1))
+ usage(nopts, long_options, cmds);
+ if (!strcmp(argv[1],"-"))
+ params.input = stdin;
+ else {
+ params.input = fopen(argv[optind], "rb");
+ if (NULL == params.input) {
+ fprintf(stderr, "Unable to open input %s\n", argv[optind]);
+ exit(2);
+ }
+ }
+ if (!strcmp(params.outpath, "-"))
+ params.output = stdout;
+ else {
+ params.output = fopen(params.outpath, "wb");
+ if (NULL == params.output) {
+ fprintf(stderr, "Unable to open %s\n", params.outpath);
+ exit(3);
+ }
+ fprintf(stdout, "writing to %s\n", params.outpath);
+ }
+ switch(params.cmd) {
+ case 'i':
+ while(inject_output(¶ms)>0)
+ ;
+ break;
+ case 'b':
+ matrix_output(¶ms);
+ break;
+ case 'd': case 'r': case 'x': case 'w':
+ sequence_output(¶ms);
+ break;
+ }
+ if (params.output != stdout)
+ fclose(params.output);
+ return 0;
+}
+/**
+ * Create injection data - input file is log10 sequence data - can be repeated
+ */
+static int inject_output(struct pparams *p)
+{
+ U_INT buf[APP_BUFF_SIZE];
+ char ibuf[80], *s;
+ U_INT i, j;
+ double n, delta;
+ int rv = 1;
+
+ n = 0;
+ for(i=0;i<APP_BUFF_SIZE && rv==1;i++) {
+ buf[i] = p->value;
+ s = fgets(ibuf, 80, p->input);
+ if (NULL == s && p->repeat != 0) {
+ p->repeat -= 1;
+ rewind(p->input);
+ s = fgets(ibuf, 80, p->input);
+ }
+ if (NULL != s) {
+ if (p->options!=0)
+ delta = strtod(ibuf, NULL);
+ else {
+ n = strtod(ibuf, &s);
+ delta = strtod(s, NULL);
+ }
+ if (p->limit != 0 && delta > p->limit)
+ delta -= p->limit;
+ if (p->options == 2)
+ p->value = (U_INT) delta;
+ else p->value += (U_INT)pow(10.0,delta);
+ }
+ else rv = 0;
+ }
+ if (i != fwrite(buf, sizeof(U_INT), i, p->output)) {
+ printf("Write error\n");
+ rv = -1;
+ }
+ return rv;
+}
+/**
+ * Create matrix data file
+ */
+static void matrix_output(struct pparams *p)
+{
+ U_INT buf[APP_BUFF_SIZE];
+ U_INT **matrix;
+ FILE *f = p->input;
+ int i, n, sz, x, y;
+
+ matrix = (U_INT **) malloc(sizeof(U_INT **) * X_BINS);
+ if (NULL == matrix) {
+ fprintf(stderr, "Unable to allocate cols\n");
+ return;
+ }
+ sz = sizeof(U_INT *) * Y_BINS;
+ for (i = 0;i< X_BINS;i++) {
+ matrix[i] = (U_INT *)malloc(sz);
+ if (NULL == matrix[i]) {
+ fprintf(stderr, "Unable to allocate row\n");
+ return;
+ }
+ memset(matrix[i], 0, sz);
+ }
+ n = 0;
+ while(1) {
+ sz = fread(buf, sizeof(U_INT), APP_BUFF_SIZE, f);
+ if (sz < 1)
+ break;
+ for(i=0;i<sz;i++) {
+ x = (int)(n * X_FACTOR);
+ y = (int)(buf[i] * Y_FACTOR);
+ matrix[x][y] += 1;
+ n += 1;
+ n %= p->bsize;
+ }
+ }
+ for(x=0;x<X_BINS;x++)
+ for(y=0;y<Y_BINS;y++)
+ if (matrix[x][y]!=0)
+ fprintf(p->output,"%g\t%g\t%u\n", x*X_SCALE, y*Y_SCALE, matrix[x][y]);
+}
+/**
+ * Create sequence data file
+ */
+static void sequence_output(struct pparams *p)
+{
+ U_INT buf[APP_BUFF_SIZE];
+ FILE *f = p->input;
+ int i, m, n, sz;
+ U_INT delta, cur, prev;
+ U_INT plus, minus;
+
+ m = p->cmd=='r'? 1 : 0;
+ n = 0;
+ plus = minus = 0;
+ while(1) {
+ sz = fread(buf, sizeof(U_INT), APP_BUFF_SIZE, f);
+ if (sz < 1)
+ break;
+ for(i=0;i<sz;i++) {
+ prev = cur;
+ cur = buf[i];
+ if (m==0) {
+ m = 1;
+ }
+ else switch(p->cmd) {
+ case 'd':
+ if (cur < prev)
+ delta = prev - cur;
+ else delta = cur - prev;
+ fprintf(p->output,"%g\t%g\n", n * 10.0/1024.0, log10(delta));
+ break;
+ case 'x':
+ fprintf(p->output,"%g\t%g\n", n * 10.0/1024.0, log10(cur^prev));
+ break;
+ case 'r':
+ fprintf(p->output,"%g\t%g\n", n * 10.0/1024.0, 1.0 * cur);
+ break;
+ case 'w':
+ if (cur < prev) {
+ if (p->options & 1)
+ fprintf(p->output,"rollover %d\n", n);
+ minus++;
+ }
+ else plus++;
+ break;
+ }
+ n += 1;
+ n %= p->bsize;
+ }
+ }
+ if (p->cmd=='w')
+ fprintf(p->output,"Rollover %u/%u = %g\n", minus, plus, minus*100/(double)(minus+plus));
+}
+/**
+ * usage
+ */
+static void usage(int nopts, struct option *long_options, const char **cmds)
+{
+ int i;
+
+ fprintf(stderr, "\nUsage: %s [options] <file>\n\n", "data_prep");
+ fprintf(stderr, "Prepare diagnostic data from <file>\n\n");
+ fprintf(stderr, " Options:\n");
+ for(i=0;long_options[i].val != 0;i++) {
+ fprintf(stderr," --%-10s, -%c %s %s\n",
+ long_options[i].name, long_options[i].val,
+ long_options[i].has_arg? "[]":" ",cmds[4*i+3]);
+ }
+ fprintf(stderr, "\n");
+ exit(1);
+}
+
diff --git a/contrib/diags/inc.p b/contrib/diags/inc.p new file mode 100644 index 0000000..433af86 --- /dev/null +++ b/contrib/diags/inc.p @@ -0,0 +1,8 @@ +unset key
+set xlabel "Step"
+set ylabel "log10(increment)"
+set ylabel rotate
+set xtic auto
+set ytic auto
+set title "Ticks Increment"
+plot("run.inc")
\ No newline at end of file diff --git a/contrib/diags/lognorm.r b/contrib/diags/lognorm.r new file mode 100644 index 0000000..e025122 --- /dev/null +++ b/contrib/diags/lognorm.r @@ -0,0 +1,6 @@ +x = rnorm(16*1024*1024, mean=2.005285, sd=0.2162)
+write(x,file="i7.ln",ncolumns=1)
+x = rnorm(16*1024*1024, mean=2.744504, sd=0.93767)
+write(x,file="xeon.ln",ncolumns=1)
+x = rnorm(16*1024*1024, mean=5.9478, sd=2.4142)
+write(x,file="celeron.ln",ncolumns=1)
diff --git a/contrib/diags/lognorm.sh b/contrib/diags/lognorm.sh new file mode 100755 index 0000000..dbd4e00 --- /dev/null +++ b/contrib/diags/lognorm.sh @@ -0,0 +1,13 @@ +#!/bin/sh
+src/haveged -n 16m -f i7.dat -r 4 -s i7.ln
+ent/entest -vf i7.dat
+nist/nist i7.dat
+mv nist.out i7.out
+src/haveged -n 16m -f xeon.dat -r 4 -s xeon.ln
+ent/entest -vf xeon.dat
+nist/nist xeon.dat
+mv nist.out xeon.out
+src/haveged -n 16m -f celeron.dat -r 4 -s celeron.ln
+ent/entest -vf celeron.dat
+nist/nist celeron.dat
+mv nist.out celeron.out
|