commit haveged for openSUSE:Factory
Hello community, here is the log from the commit of package haveged for openSUSE:Factory checked in at 2012-12-28 15:01:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/haveged (Old) and /work/SRC/openSUSE:Factory/.haveged.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "haveged", Maintainer is "MVyskocil@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/haveged/haveged.changes 2012-11-28 10:35:31.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.haveged.new/haveged.changes 2012-12-28 15:01:04.000000000 +0100 @@ -1,0 +2,12 @@ +Fri Dec 21 11:53:16 UTC 2012 - dvaleev@suse.com + +- fix powerpc detection (haveged-ppc.patch) + +------------------------------------------------------------------- +Sun Dec 16 02:11:10 UTC 2012 - pascal.bleser@opensuse.org + +- update to 1.6: + * make clock_gettime a build option and correct dependencies when used + * fix alignment fault on arm64 in procedure A test0 + +------------------------------------------------------------------- Old: ---- haveged-1.5.tar.gz New: ---- haveged-1.6.tar.gz haveged-ppc.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ haveged.spec ++++++ --- /var/tmp/diff_new_pack.k0JfD8/_old 2012-12-28 15:01:06.000000000 +0100 +++ /var/tmp/diff_new_pack.k0JfD8/_new 2012-12-28 15:01:06.000000000 +0100 @@ -17,7 +17,7 @@ Name: haveged -Version: 1.5 +Version: 1.6 Release: 0 Summary: Feed entropy into random pool License: GPL-3.0 @@ -26,6 +26,7 @@ Source0: http://www.issihosts.com/haveged/%{name}-%{version}.tar.gz Source1: %{name}.init Source2: %{name}.service +Patch0: haveged-ppc.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: automake Requires(pre): %insserv_prereq @@ -49,12 +50,16 @@ %prep %setup -q +%patch0 -p1 %build autoreconf -fiv export CFLAGS="%optflags -fpie" export LDFLAGS="-Wl,-z,relro,-z,now -pie" -%configure --enable-nistest=yes --enable-daemon=yes +%configure \ + --enable-nistest=yes \ + --enable-daemon=yes \ + --enable-clock_gettime=yes make %{?_smp_mflags} %check @@ -110,7 +115,7 @@ %{_sbindir}/rc%{name} %{_sbindir}/%{name} %config %{_initddir}/%{name} -%{_mandir}/man8/%{name}.8.gz +%doc %{_mandir}/man8/%{name}.8* %if 0%{?have_systemd} %{_unitdir}/%{name}.service %endif ++++++ haveged-1.5.tar.gz -> haveged-1.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/ChangeLog new/haveged-1.6/ChangeLog --- old/haveged-1.5/ChangeLog 2012-08-12 16:34:44.000000000 +0200 +++ new/haveged-1.6/ChangeLog 2012-12-15 18:13:07.000000000 +0100 @@ -1,3 +1,8 @@ +v1.6 (Dec 15, 2012) + * Correct makefile encoding and defaults description + * Make clock_gettime a build option and correct dependencies when used. + * Fix alignment fault on arm64 in procedure A test0. + v1.5 (Aug 12, 2012) * Add online tests based on AIS-31 controlled by --enable-olt build option * Add -o option to specify online tests to perform diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/README new/haveged-1.6/README --- old/haveged-1.5/README 2012-08-12 16:32:53.000000000 +0200 +++ new/haveged-1.6/README 2012-10-07 16:15:28.000000000 +0200 @@ -1,270 +1,278 @@ -Haveged, an entropy source - -INTRODUCTION - -Complete documentation on haveged can be found at http://www.issihosts.com/haveged/ - -Linux provides device interfaces (/dev/random and /dev/urandom) to a pool of -random numbers collected from system interrupt service routines. On some -systems, especially on those systems with high needs or limited user -interaction, the standard collection mechanism cannot meet demand. In those -cases, an adequate supply of random numbers can be maintained by feeding -additional entropy into /dev/random pool via a file system interface. The -haveged daemon was created to fulfill this function using random data generated -by the HAVEGE algorithm. - -The HAVEGE algorithm is based upon the indirect effects of unrelated hardware -events on the instruction timing of a calculation that is sensitive to processor -features such as branch predictors and instruction/data access mechanisms. -Samples from a high-resolution timer are input into the algorithm to -produce a stream of random data in a collection buffer. The contents of this -buffer can be fed into the random device or accessed directly through the file -system. File system access is a useful alternative to those situations where -use of the random device is either inappropriate or not available. - -The HAVEGE mechanism is implemented in C using in-line assembly only where -direct hardware access is needed. On modern compilers, compiler intrinsics are -used to replace much if not all in-line assembly. In any case, the compiler has a -large role determining how HAVEGE operates in practice and any port of haveged -to a new environment should be fully tested before being put into production. -The build system provides "check" targets to test the output of the haveged -random number generator through the file system interface. - -Online test options based upon the methodology from the proposed AIS-31 standard -from the German Federal Office for Information Security (Bundesamt f�r Sicherheit -in der Informationstechnik) are provided in haveged as a final check of the output -of the random number generator. In its default configuration, haveged passes most -of the requirements for a NTG.1 class device described in version two of the -AIS-31 specification. - -BUILDING haveged - -This package originated on "Enterprise Linux 5" systems (RHEL 5 / CentOS 5 / SL -5), but every effort has been made to retain and broaden the hardware support of the -original HAVEGE implementation. The package uses the automake build system. - -The configure process uses hardware detection via config.sub or the configure -"-host" command line argument. The configure "host" variable is used to select -in-line assembly or compiler intrinsics appropriate to the build target. - -Currently supported hosts are: - -1. x86 -2. ia64 -3. powerpc -4. s390 -5. sparc -6. sparclite -7. default - -The default host type is provided for those systems without user level access to -a high-resolution system timer. In this case, clock_gettime(CLOCK_MONOTONIC) -is used as the timer source. In this case, extended testing is recommended before -putting this configuration into service using the build check targets and/or -use of the online test facilities to verify correct operation. - -The haveged collection loop is tuned at run-time to match the size of the hosts -L1 data and instruction caches. The size determination is made on the basis of -the best fit to the following (low to high): - -1. as a compiled default -2. as determined by cpuid, if available -3. as determined by the /sys file system, if available -4. as specified on the command line. - -Under most circumstances, the default tuning will suffice and manual overrides are -unnecessary. - -The following build options are available to "./configure": - -1. --enable-capture (diagnostic) -2. --enable-daemon (default for Linux) -3. --enable-init (type) -4. --enable-inject (diagnostic) -5. --enable-olt (recommended default) -6. --enable-nistest (recommended) -7. --enable-threads (experimental) - -If options capture or inject are enabled, or the daemon option is disabled, -haveged will build without the daemon interfaces (i.e. only file system access -will be available). The install target will install the executable in the user -bin directory and no init method will be configured. If the daemon option defaults -to "enabled" if the host operating system for the build is Linux and disabled -otherwise. - -The daemon interface requires access to the random device and the /proc virtual -file system as well as the ability to fork into the background. The daemon -interface targets the 2.6 kernel and may not work on 2.4 kernels due to -difference in the random interface between those two kernel versions. The change -in the proc file system from pool size expressed in bytes to pool size expressed -in bits has been taken into account - other changes may be required. - -The daemon interface includes an init method to start the daemon at system boot. -The sysV mechanism is used by default. The enable-init method specifies a template -to be used for the init script. A simple naming convention indicates if the -template will be used to install a traditional systemv init script ("haveged") -or a systemd unit definition ("haveged.service"). In the latter case, pkg-config -is required by the install target. See INSTALLATION for details. - -The file system interface supports file creation of up data setups up to 16tb or -can be part of a piped command set. See the man file for examples. - -The online test system tests the output of the haveged random number generator -using AIS-31 test procedures A and B. Either or both tests may be run as a -total failure check (a "tot" test) at initialization and/or continuously during -all subsequent haveged operation - See the man page and the description at -http://www.issihosts.com/haveged/ais31.html for further information. -The online test facility does require additional resources and for systems with -a limited resource budget, the enable-olt build switch can be used to suppress -the entire online test facility. - -The build system provides two additional test mechanisms for the haveged random -number generator within the build system. The tests are implemented by by -ent/test.sh and nist/test.sh. By default, only the ent/test.sh test is performed. -The other test must be enabled with the configure option "-enable-nistest" -to ensure so that both tests are executed by the check target: - -1. A "quick" check based upon and adaptation of the public domain ENT program. - The "entest" program uses the ENT sources to subject a sample to the following: - - a) The Chi-Square result must fall within acceptable bounds (>1% and <99 %) - b) The entropy/character must exceed a minimum (7.5) - c) The arithmetic mean must exceed a minimum (127.0) - d) The monte-carlo approximation of PI must lie within error bounds (.5%) - e) The Sequential Correlation Coefficient must be below a minimum (.8) - - The program provides a pass-fail indication and an optional display of the - results to stdout. - -2. An adaptation of the NIST Statistical Test Suite as adapted by Oliver - Rochecouste of irisa.fr as part of the original havege project. More that 400 - tests are performed in a typical run. The program provides as pass-fail - indication with detailed results reported in the nist.out file in the - nist directory. You will need sit down with SP800-*.pdf available from the - NIST to review the detailed results. - - -Both scripts function the same way, haveged is run to collect a sample file in -the test directory which is then analyzed by the test program. A pass-fail return -is given in both case, additional information is written to stdout. The input -samples and the nist.out report are deleted by the clean make target. - -The tests can also executed from a shell prompt at any time after "make check" by -executing ent/test.sh or nist/test.sh from the build directory. Command arguments -to the script are passed on to the haveged invocation, this allows the sample -size to be adjusted via "-r" or cache sizes to be specified via "-d" and "-i". - -Both test mechanism are statistical and even a fully functional random number -generator will experience occasional failures. It is not uncommon to see one or -two failures in the NIST suite and the entest will occasionally fail with a small -sample size (usually the Chi-Square test barks). Early haveged releases used a -entest sample size of 1MB, this has been increased to 16MB because failures with -that sample size were all too common. A 16MB sample will also deplete and refill -the haveged collection area to exercise all buffer logic. - -The threads option is a prototype for running multiple collection threads in -a single haveged instance. The goal is to create a multi-core haveged that -would spread collection overhead more evenly over the available cpu resources. - - -RUNNING haveged - -The following invocation arguments are always available: - - --buffer , -b [] Buffer size [KW] - default : 128 (512KB) - --data , -d [] Data cache size [KB] - --inst , -i [] Instruction cache size [KB] - --file , -f [] Sample output file - default: 'sample', use '-' for stdout - --number , -n [] Write to file, units can be k, m, g, t. Use 0 for unlimited - --verbose , -v [] Output level 0=minimal,1=info,<diagnostics> - --help , -h This help - -If haveged is built with online testing enabled, the following is present - - --onlinetest , -o [] [t<x>][c<x>] x=[a[n][w]][b[w]] 't'ot, 'c'ontinuous, default: tb" - -The default configuration executes the "tot" test using AIS procedure B. At the completion -of the tot test, the buffer is reloaded and any continuous tests will be run before -data becomes available. - -If haveged is built with threads support, the following is present - - --threads , -t [] Number of threads - -If daemon interface is enabled the following options are available: - - --Foreground , -F Run daemon in foreground, do not fork and detach, - --pid , -p [] The location of the daemon pid file, default: /var/run/haveged.pid - --run , -r [] 0=daemon,1=config info,>1=Write <r>KB sample file - --write , -w [] Set write_wakeup_threshold [bits] - -The "-b", "-d", "-i" options are needed only in special cases. Generator output -should be validated after changes to these values. - -Non-zero "-r" options are used to test the haveged random number generator; The -random number generator will be configured, the initial data collection pass -will be executed, configuration details will be written to stdout, and a "-r" -KB sample of output will be written to the sample output file for all "-r" > 1. -The "-n" option provides a more friendly version of r > 1. If the daemon interface -is not enabled, the run value option is not available and defaults to 1. - -Output for r=1 displays build and tuning information: - -haveged: version: 1.5; arch: x86; vendor: GenuineIntel; cores: 1/1, buffer: 128 -haveged: d_cache: 32K (000020), i_cache: 32K (000020), i_index: 20/40, i_size: 31756/62345 -haveged: tot tests: B, continuous tests: - -Sources displayed in parenthesis are bit values indicating where the tuning -information was found: - -0x00001 Default value -0x00002 Invocation parameter -0x00004-0x00020 Cpuid functions available -0x00040 Virtual file system available -0x00100-0x02000 Cpuid detail -0x04000- Virtual file system detail - -The "-v" option also uses a bit mask to obtain additional diagnostic information - -0x01 Adds build/tuning display and testing summary to any run -0x02 Show test details -0x04 Show timing for collections -0x08 Show collection loop characteristics -0x10 Show code offsets. - -The "-w" option will set proc/sys/kernel/random/write_wakeup_threshold to the -given value. This is useful because this threshold is very small on some systems. -A minimum of 1024 is recommended. - - - - -INSTALLATION - -If the daemon interface is not enabled, the install places the executable in -the bin directory and provides a man(8) page. It the daemon interface is enabled, -the executable is installed in the sbin directory and the daemon startup is -enabeled at system boot. - -A simple template system is used to setup the init method. The template must -reside in the init.d build directory and is selected by the --enable-init build -option. Template names "service.*" indicate that a systemd style init, while -templates with other style names ("sysv.*" recommended) are used for sysv -style init scripts. - -Examples: - -./configure --enable-init=service.redhat -./configure --enable-init=sysv.lsb - -The default setting is "sysv.redhat". Custom sysv init scripts can be added as -necessary by adding templates to init.d. - - -EXTRAS - -The contrib directory contains bits and pieces that are not integrated into the -distribution. Currently this contains an unorganized collection of some of -the tools used to analyze haveged. - - +Haveged, an entropy source + +INTRODUCTION + +Complete documentation on haveged can be found at http://www.issihosts.com/haveged/ + +Linux provides device interfaces (/dev/random and /dev/urandom) to a pool of +random numbers collected from system interrupt service routines. On some +systems, especially on those systems with high needs or limited user +interaction, the standard collection mechanism cannot meet demand. In those +cases, an adequate supply of random numbers can be maintained by feeding +additional entropy into /dev/random pool via a file system interface. The +haveged daemon was created to fulfill this function using random data generated +by the HAVEGE algorithm. + +The HAVEGE algorithm is based upon the indirect effects of unrelated hardware +events on the instruction timing of a calculation that is sensitive to processor +features such as branch predictors and instruction/data access mechanisms. +Samples from a high-resolution timer are input into the algorithm to +produce a stream of random data in a collection buffer. The contents of this +buffer can be fed into the random device or accessed directly through the file +system. File system access is a useful alternative to those situations where +use of the random device is either inappropriate or not available. + +The HAVEGE mechanism is implemented in C using in-line assembly only where +direct hardware access is needed. On modern compilers, compiler intrinsics are +used to replace much if not all in-line assembly. In any case, the compiler has a +large role determining how HAVEGE operates in practice and any port of haveged +to a new environment should be fully tested before being put into production. +The build system provides "check" targets to test the output of the haveged +random number generator through the file system interface. + +Online test options based upon the methodology from the proposed AIS-31 standard +from the German Federal Office for Information Security (Bundesamt für Sicherheit +in der Informationstechnik) are provided in haveged as a final check of the output +of the random number generator. In its default configuration, haveged passes most +of the requirements for a NTG.1 class device described in version two of the +AIS-31 specification. + +BUILDING haveged + +This package originated on "Enterprise Linux 5" systems (RHEL 5 / CentOS 5 / SL +5), but every effort has been made to retain and broaden the hardware support of the +original HAVEGE implementation. The package uses the automake build system. + +The configure process uses hardware detection via config.sub or the configure +"-host" command line argument. The configure "host" variable is used to select +in-line assembly or compiler intrinsics appropriate to the build target. + +Currently supported hosts are: + +1. x86 +2. ia64 +3. powerpc +4. s390 +5. sparc +6. sparclite +7. default + +The default host type is provided for those systems without user level access to +a high-resolution system timer. In this case, clock_gettime(CLOCK_MONOTONIC) +is used as the timer source. In this case, extended testing is recommended before +putting this configuration into service using the build check targets and/or +use of the online test facilities to verify correct operation. + +The haveged collection loop is tuned at run-time to match the size of the hosts +L1 data and instruction caches. The size determination is made on the basis of +the best fit to the following (low to high): + +1. as a compiled default +2. as determined by cpuid, if available +3. as determined by the /sys file system, if available +4. as specified on the command line. + +Under most circumstances, the default tuning will suffice and manual overrides are +unnecessary. + +The following build options are available to "./configure": + +1. --enable-capture (diagnostic) +2. --enable-clock_gettime (not normally needed) +3. --enable-daemon (default for Linux) +4. --enable-init (type) +5. --enable-inject (diagnostic) +6. --enable-nistest (recommended) +7. --enable-olt (recommended default) +8. --enable-threads (experimental) + +If options capture or inject are enabled, or the daemon option is disabled, +haveged will build without the daemon interfaces (i.e. only file system access +will be available). The install target will install the executable in the user +bin directory and no init method will be configured. If the daemon option defaults +to "enabled" if the host operating system for the build is Linux and disabled +otherwise. + +On supported architectures, a hardware specific high resolution timer source is +selected by the haveged build. The clock_gettime() function can provide this +source under certain circumstances and is the default mechanism for builds on +unrecognized architectures. Due to variability of clock_gettime() implementations, +the adequacy of the clock_gettime() resolution cannot be known until runtime. +For all recognized architectures, this option defaults to no. + +The daemon interface requires access to the random device and the /proc virtual +file system as well as the ability to fork into the background. The daemon +interface targets the 2.6 kernel and may not work on 2.4 kernels due to +difference in the random interface between those two kernel versions. The change +in the proc file system from pool size expressed in bytes to pool size expressed +in bits has been taken into account - other changes may be required. + +The daemon interface includes an init method to start the daemon at system boot. +The sysV mechanism is used by default. The enable-init method specifies a template +to be used for the init script. A simple naming convention indicates if the +template will be used to install a traditional systemv init script ("haveged") +or a systemd unit definition ("haveged.service"). In the latter case, pkg-config +is required by the install target. See INSTALLATION for details. + +The file system interface supports file creation of up data setups up to 16tb or +can be part of a piped command set. See the man file for examples. + +The online test system tests the output of the haveged random number generator +using AIS-31 test procedures A and B. Either or both tests may be run as a +total failure check (a "tot" test) at initialization and/or continuously during +all subsequent haveged operation - See the man page and the description at +http://www.issihosts.com/haveged/ais31.html for further information. +The online test facility does require additional resources and for systems with +a limited resource budget, the enable-olt build switch can be used to suppress +the entire online test facility. + +The build system provides two additional test mechanisms for the haveged random +number generator within the build system. The tests are implemented by by +ent/test.sh and nist/test.sh. By default, only the ent/test.sh test is performed. +The other test must be enabled with the configure option "-enable-nistest" +to ensure so that both tests are executed by the check target: + +1. A "quick" check based upon and adaptation of the public domain ENT program. + The "entest" program uses the ENT sources to subject a sample to the following: + + a) The Chi-Square result must fall within acceptable bounds (>1% and <99 %) + b) The entropy/character must exceed a minimum (7.5) + c) The arithmetic mean must exceed a minimum (127.0) + d) The monte-carlo approximation of PI must lie within error bounds (.5%) + e) The Sequential Correlation Coefficient must be below a minimum (.8) + + The program provides a pass-fail indication and an optional display of the + results to stdout. + +2. An adaptation of the NIST Statistical Test Suite as adapted by Oliver + Rochecouste of irisa.fr as part of the original havege project. More that 400 + tests are performed in a typical run. The program provides as pass-fail + indication with detailed results reported in the nist.out file in the + nist directory. You will need sit down with SP800-*.pdf available from the + NIST to review the detailed results. + + +Both scripts function the same way, haveged is run to collect a sample file in +the test directory which is then analyzed by the test program. A pass-fail return +is given in both case, additional information is written to stdout. The input +samples and the nist.out report are deleted by the clean make target. + +The tests can also executed from a shell prompt at any time after "make check" by +executing ent/test.sh or nist/test.sh from the build directory. Command arguments +to the script are passed on to the haveged invocation, this allows the sample +size to be adjusted via "-r" or cache sizes to be specified via "-d" and "-i". + +Both test mechanism are statistical and even a fully functional random number +generator will experience occasional failures. It is not uncommon to see one or +two failures in the NIST suite and the entest will occasionally fail with a small +sample size (usually the Chi-Square test barks). Early haveged releases used a +entest sample size of 1MB, this has been increased to 16MB because failures with +that sample size were all too common. A 16MB sample will also deplete and refill +the haveged collection area to exercise all buffer logic. + +The threads option is a prototype for running multiple collection threads in +a single haveged instance. The goal is to create a multi-core haveged that +would spread collection overhead more evenly over the available cpu resources. + + +RUNNING haveged + +The following invocation arguments are always available: + + --buffer , -b [] Buffer size [KW] - default : 128 (512KB) + --data , -d [] Data cache size [KB] + --inst , -i [] Instruction cache size [KB] + --file , -f [] Sample output file - default: 'sample', use '-' for stdout + --number , -n [] Write to file, units can be k, m, g, t. Use 0 for unlimited + --verbose , -v [] Output level 0=minimal,1=info,<diagnostics> + --help , -h This help + +If haveged is built with online testing enabled, the following is present + + --onlinetest , -o [] [t<x>][c<x>] x=[a[n][w]][b[w]] 't'ot, 'c'ontinuous, default: tb" + +The default configuration executes the "tot" test using AIS procedure B. At the completion +of the tot test, the buffer is reloaded and any continuous tests will be run before +data becomes available. + +If haveged is built with threads support, the following is present + + --threads , -t [] Number of threads + +If daemon interface is enabled the following options are available: + + --Foreground , -F Run daemon in foreground, do not fork and detach, + --pid , -p [] The location of the daemon pid file, default: /var/run/haveged.pid + --run , -r [] 0=daemon,1=config info,>1=Write <r>KB sample file + --write , -w [] Set write_wakeup_threshold [bits] + +The "-b", "-d", "-i" options are needed only in special cases. Generator output +should be validated after changes to these values. + +Non-zero "-r" options are used to test the haveged random number generator; The +random number generator will be configured, the initial data collection pass +will be executed, configuration details will be written to stdout, and a "-r" +KB sample of output will be written to the sample output file for all "-r" > 1. +The "-n" option provides a more friendly version of r > 1. If the daemon interface +is not enabled, the run value option is not available and defaults to 1. + +Output for r=1 displays build and tuning information: + +haveged: version: 1.5; arch: x86; vendor: GenuineIntel; cores: 1/1, buffer: 128 +haveged: d_cache: 32K (000020), i_cache: 32K (000020), i_index: 20/40, i_size: 31756/62345 +haveged: tot tests: B, continuous tests: + +Sources displayed in parenthesis are bit values indicating where the tuning +information was found: + +0x00001 Default value +0x00002 Invocation parameter +0x00004-0x00020 Cpuid functions available +0x00040 Virtual file system available +0x00100-0x02000 Cpuid detail +0x04000- Virtual file system detail + +The "-v" option also uses a bit mask to obtain additional diagnostic information + +0x01 Adds build/tuning display and testing summary to any run +0x02 Show test details +0x04 Show timing for collections +0x08 Show collection loop characteristics +0x10 Show code offsets. + +The "-w" option will set proc/sys/kernel/random/write_wakeup_threshold to the +given value. This is useful because this threshold is very small on some systems. +A minimum of 1024 is recommended. + + + + +INSTALLATION + +If the daemon interface is not enabled, the install places the executable in +the bin directory and provides a man(8) page. It the daemon interface is enabled, +the executable is installed in the sbin directory and the daemon startup is +enabled at system boot. + +A simple template system is used to setup the init method. The template must +reside in the init.d build directory and is selected by the --enable-init build +option. Template names "service.*" indicate that a systemd style init, while +templates with other style names ("sysv.*" recommended) are used for sysv +style init scripts. + +Examples: + +./configure --enable-init=service.redhat +./configure --enable-init=sysv.lsb + +The default setting is "sysv.redhat". Custom sysv init scripts can be added as +necessary by adding templates to init.d. + + +EXTRAS + +The contrib directory contains bits and pieces that are not integrated into the +distribution. Currently this contains an unorganized collection of some of +the tools used to analyze haveged. + + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/config.h.in new/haveged-1.6/config.h.in --- old/haveged-1.5/config.h.in 2012-08-12 16:47:56.000000000 +0200 +++ new/haveged-1.6/config.h.in 2012-12-15 18:19:54.000000000 +0100 @@ -3,8 +3,8 @@ /* daemon type */ #undef DAEMON_TYPE -/* Define to 1 if you have the `clock_gettime' function. */ -#undef HAVE_CLOCK_GETTIME +/* Define to 1 for clock_gettime */ +#undef ENABLE_CLOCK_GETTIME /* Define to 1 if you have the <cpuid.h> header file. */ #undef HAVE_CPUID_H @@ -124,7 +124,7 @@ /* Define to 1 if you have the `__rdtsc' function. */ #undef HAVE___RDTSC -/* Define to 1 to supress daemon interface */ +/* Define to 1 to suppress daemon interface */ #undef NO_DAEMON /* Define to single collection thread */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/configure new/haveged-1.6/configure --- old/haveged-1.5/configure 2012-08-12 16:47:39.000000000 +0200 +++ new/haveged-1.6/configure 2012-12-15 18:18:50.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for haveged 1.5. +# Generated by GNU Autoconf 2.68 for haveged 1.6. # # # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -557,8 +557,8 @@ # Identity of this package. PACKAGE_NAME='haveged' PACKAGE_TARNAME='haveged' -PACKAGE_VERSION='1.5' -PACKAGE_STRING='haveged 1.5' +PACKAGE_VERSION='1.6' +PACKAGE_STRING='haveged 1.6' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -706,6 +706,7 @@ enable_init enable_olt enable_capture +enable_clock_gettime enable_daemon enable_inject enable_threads @@ -1263,7 +1264,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures haveged 1.5 to adapt to many kinds of systems. +\`configure' configures haveged 1.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1333,7 +1334,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of haveged 1.5:";; + short | recursive ) echo "Configuration of haveged 1.6:";; esac cat <<\_ACEOF @@ -1345,6 +1346,8 @@ [default=sysv.redhat] --enable-olt=yes/no Enable online tests [default=yes] --enable-capture=no/yes Enable capture diagnostic. [default=no] + --enable-clock_gettime=no/yes + Enable clock_gettime. [default=no] --enable-daemon=yes/no Enable daemon [default=yes if linux] --enable-inject=no/yes Enable inject diagnostic. [default=no] --enable-threads=no/yes Enable threads [default=no] @@ -1428,7 +1431,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -haveged configure 1.5 +haveged configure 1.6 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1793,7 +1796,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by haveged $as_me 1.5, which was +It was created by haveged $as_me 1.6, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2610,7 +2613,7 @@ # Define the identity of the package. PACKAGE='haveged' - VERSION='1.5' + VERSION='1.6' cat >>confdefs.h <<_ACEOF @@ -2694,6 +2697,15 @@ fi +## Make clock_gettime configurable +# Check whether --enable-clock_gettime was given. +if test "${enable_clock_gettime+set}" = set; then : + enableval=$enable_clock_gettime; +else + enable_clock_gettime="no" +fi + + ## Make build w/o daemon interface configurable # Check whether --enable-daemon was given. if test "${enable_daemon+set}" = set; then : @@ -4274,7 +4286,7 @@ _ACEOF -for ac_func in __rdtsc clock_gettime floor gettimeofday memset pow select sched_yield sqrt +for ac_func in __rdtsc floor gettimeofday memset pow select sched_yield sqrt do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" @@ -4718,7 +4730,7 @@ ;; *) - HA_LDFLAGS="$HA_LDFLAGS -lrt" + $enable_clock_gettime = "yes" cat >>confdefs.h <<_ACEOF #define HAVE_ISA_GENERIC "$host" @@ -4728,6 +4740,77 @@ esac +## Check clock_getime option + +if test "x$enable_clock_gettime" = "xyes"; then + saved_libs=$LIBS + LIB_CLOCK_GETTIME= + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5 +$as_echo_n "checking for library containing clock_gettime... " >&6; } +if ${ac_cv_search_clock_gettime+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char clock_gettime (); +int +main () +{ +return clock_gettime (); + ; + return 0; +} +_ACEOF +for ac_lib in '' rt posix4; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_clock_gettime=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_clock_gettime+:} false; then : + break +fi +done +if ${ac_cv_search_clock_gettime+:} false; then : + +else + ac_cv_search_clock_gettime=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5 +$as_echo "$ac_cv_search_clock_gettime" >&6; } +ac_res=$ac_cv_search_clock_gettime +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + test "$ac_cv_search_clock_gettime" = "none required" || LIB_CLOCK_GETTIME=$ac_cv_search_clock_gettime +else + as_fn_error $? "clock_gettime is required for host :\"$host\"." "$LINENO" 5 +fi + + LIBS=$saved_libs + HA_LDFLAGS="$HA_LDFLAGS $LIB_CLOCK_GETTIME" + +$as_echo "#define ENABLE_CLOCK_GETTIME 1" >>confdefs.h + +fi + + ## Determine daemon type if test "$daemon_type" = "none"; then @@ -4779,7 +4862,7 @@ fi -## Set hardware depedent define for the build +## Set hardware dependent define for the build @@ -5331,7 +5414,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by haveged $as_me 1.5, which was +This file was extended by haveged $as_me 1.6, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -5397,7 +5480,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -haveged config.status 1.5 +haveged config.status 1.6 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/configure.ac new/haveged-1.6/configure.ac --- old/haveged-1.5/configure.ac 2012-08-12 16:47:28.000000000 +0200 +++ new/haveged-1.6/configure.ac 2012-10-07 15:54:12.000000000 +0200 @@ -3,7 +3,7 @@ ## Minimum Autoconf version AC_PREREQ(1.9) -AC_INIT([haveged],[1.5]) +AC_INIT([haveged],[1.6]) AC_CONFIG_AUX_DIR(config) AC_CONFIG_HEADER([config.h]) AM_INIT_AUTOMAKE @@ -29,6 +29,9 @@ AC_DEFINE(RAW_OUT_ENABLE, 1, [Define to 1 for capture diagnostic]) fi +## Make clock_gettime configurable +AC_ARG_ENABLE(clock_gettime, AS_HELP_STRING([--enable-clock_gettime=[no/yes]],[Enable clock_gettime. [default=no]]),, enable_clock_gettime="no") + ## Make build w/o daemon interface configurable AC_ARG_ENABLE(daemon, AS_HELP_STRING([--enable-daemon=[yes/no]],[Enable daemon [default=yes if linux]]),, enable_daemon="x" ) @@ -68,7 +71,7 @@ AC_FUNC_MALLOC AC_FUNC_SELECT_ARGTYPES AC_TYPE_SIGNAL -AC_CHECK_FUNCS([__rdtsc clock_gettime floor gettimeofday memset pow select sched_yield sqrt]) +AC_CHECK_FUNCS([__rdtsc floor gettimeofday memset pow select sched_yield sqrt]) ## Checks for header files. AC_HEADER_STDC @@ -141,16 +144,30 @@ ;; *) - HA_LDFLAGS="$HA_LDFLAGS -lrt" + $enable_clock_gettime = "yes" AC_DEFINE_UNQUOTED(HAVE_ISA_GENERIC, "$host", [Define generic host]) ;; esac +## Check clock_getime option + +if test "x$enable_clock_gettime" = "xyes"; then + saved_libs=$LIBS + LIB_CLOCK_GETTIME= + AC_SEARCH_LIBS([clock_gettime], [rt posix4], + [test "$ac_cv_search_clock_gettime" = "none required" || LIB_CLOCK_GETTIME=$ac_cv_search_clock_gettime], + AC_MSG_ERROR([clock_gettime is required for host :"$host".])) + LIBS=$saved_libs + HA_LDFLAGS="$HA_LDFLAGS $LIB_CLOCK_GETTIME" + AC_DEFINE(ENABLE_CLOCK_GETTIME, 1, [Define to 1 for clock_gettime]) +fi + + ## Determine daemon type if test "$daemon_type" = "none"; then - AC_DEFINE(NO_DAEMON, 1, [Define to 1 to supress daemon interface]) + AC_DEFINE(NO_DAEMON, 1, [Define to 1 to suppress daemon interface]) else case "$enable_init" in service.*) @@ -170,7 +187,7 @@ AM_CONDITIONAL(ENABLE_SYSV, test "$daemon_type" = "sysv") AM_CONDITIONAL(ENABLE_SYSTEMD, test "$daemon_type" = "systemd") -## Set hardware depedent define for the build +## Set hardware dependent define for the build AC_SUBST(HA_LDFLAGS) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/haveged.spec new/haveged-1.6/haveged.spec --- old/haveged-1.5/haveged.spec 2012-06-23 00:07:32.000000000 +0200 +++ new/haveged-1.6/haveged.spec 2012-10-07 15:54:55.000000000 +0200 @@ -1,5 +1,5 @@ Name: haveged -Version: 1.5 +Version: 1.6 Release: 1 License: GPLv3 Group: System Environment/Daemons diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/man/haveged.8 new/haveged-1.6/man/haveged.8 --- old/haveged-1.5/man/haveged.8 2012-08-12 16:39:30.000000000 +0200 +++ new/haveged-1.6/man/haveged.8 2012-12-15 18:04:35.000000000 +0100 @@ -1,4 +1,4 @@ -.TH haveged 8 "August 12, 2012" "version 1.5" "SYSTEM ADMINISTRATION COMMANDS" +.TH haveged 8 "December 15, 2012" "version 1.6" "SYSTEM ADMINISTRATION COMMANDS" .SH NAME haveged \- Generate random numbers and feed linux random device. .SH SYNOPSIS @@ -33,9 +33,9 @@ Haveged includes a run time test facility based upon the test suite defined in the AIS-31 specification from the The German Federal Office for Information Security -(Bundesamt f�r Sicherheit in der Informationstechnik). The test suite consists +(Bundesamt für Sicherheit in der Informationstechnik). The test suite consists of 9 statistical tests packaged into two test suites ("A" and "B"). The tests -can be run at initialization (a.k.a. a "tot" test), or continously to monitor +can be run at initialization (a.k.a. a "tot" test), or continuously to monitor all output. Failure of a suite will terminate execution unless explicitly waived in the onlinetest command line option. @@ -87,7 +87,8 @@ groups, each group indicates the procedures to be run, using "a<n>" to indicate a AIS-31 procedure A variant, and "b" to indicate AIS procedure B. The specifications are order independent (procedure B always runs first) and case insensitive. A "w" -can be appended to any test token to make the test advisory only. +can be appended to any test token to make the test advisory only. The default is +'ta8bcb' if run as a daemon and 'ta8b' otherwise. For example, the string "tbca8b" is suitable for an AIS NTG.1 device (use procedure B for the "tot" test, then cycle between procedure A8 and procedure B continuously for diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/nist/nist.c new/haveged-1.6/nist/nist.c --- old/haveged-1.5/nist/nist.c 2012-02-07 01:13:49.000000000 +0100 +++ new/haveged-1.6/nist/nist.c 2012-08-14 00:42:45.000000000 +0200 @@ -10,7 +10,7 @@ static int random_pool1 [_32MB]; -char basename[FILENAME_MAX]; +char basename[FILENAME_MAX+1]; char *GetBaseDir(void) { @@ -28,7 +28,8 @@ printf("Usage sts <file>\n"); return 1; } -strcpy(basename, argv[0]); +strncpy(basename, argv[0], FILENAME_MAX); +basename[FILENAME_MAX] = 0; for(i=strlen(basename);i>0 && basename[i-1]!='/' && basename[i-1]!='\\';i--) ; basename[i] = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/havege.c new/haveged-1.6/src/havege.c --- old/haveged-1.5/src/havege.c 2012-07-30 00:32:55.000000000 +0200 +++ new/haveged-1.6/src/havege.c 2012-08-14 14:32:16.000000000 +0200 @@ -160,7 +160,7 @@ for(i=0;i<sz;i++) buffer[i] = havege_ndread(h->collector); - return h->error==H_NOERR? i : -1; + return h->error==(U_INT)H_NOERR? i : -1; #endif } /** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/havegecollect.c new/haveged-1.6/src/havegecollect.c --- old/haveged-1.5/src/havegecollect.c 2012-08-12 15:54:49.000000000 +0200 +++ new/haveged-1.6/src/havegecollect.c 2012-10-07 00:38:21.000000000 +0200 @@ -35,6 +35,26 @@ #define DIAGNOSTICS_ENABLE #endif /** + * Option to use clockgettime() as timer source + */ +#if defined(ENABLE_CLOCK_GETTIME) +#include <time.h> + +#undef HARDCLOCK +#define HARDCLOCK(x) x = havege_clock() +/** + * Provide a generic timer fallback + */ +static U_INT havege_clock(void) +{ + struct timespec ts; + + clock_gettime(CLOCK_MONOTONIC, &ts); + return (U_INT)(ts.tv_nsec + ts.tv_sec * 1000000000LL); +} +#endif + +/** * Memory allocation sizing */ #define SZH_INIT sizeof(H_COLLECT)+sizeof(char *)*(LOOP_CT + 2) @@ -137,7 +157,7 @@ szBuffer = h_ptr->i_collectSz; d_cache = h_ptr->dataCache->size; - h_ctxt = (H_COLLECT *) malloc(SZH_COLLECT(szBuffer + SZ_TICK)); + h_ctxt = (H_COLLECT *) calloc(SZH_COLLECT(szBuffer + SZ_TICK),1); if (NULL != h_ctxt) { h_ctxt->havege_app = h_ptr; h_ctxt->havege_idx = nCollector; @@ -157,12 +177,12 @@ ** processor TLBs. */ ANDPT = ((2*d_cache*1024)/sizeof(U_INT))-1; - p = (U_INT *) malloc((ANDPT + 4097)*sizeof(U_INT)); + p = (U_INT *) calloc((ANDPT + 4097)*sizeof(U_INT),1); if (NULL != p) { offs = (U_INT)((((unsigned long)&p[4096])&0xfff)/sizeof(U_INT)); PWALK = &p[4096-offs]; /** - * Warm up the generator, runing the startup tests + * Warm up the generator, running the startup tests */ (void)havege_gather(h_ctxt); for(i=1;i<MININITRAND;i++) { @@ -226,20 +246,6 @@ memset(wkspc, 0, SZH_INIT); havege_ndinit(h_ptr, (struct h_collect *) wkspc); } - -#ifdef HAVE_ISA_GENERIC -#include <time.h> -/** - * Provide a generic timer fallback - */ -static U_INT havege_clock(void) -{ - struct timespec ts; - - clock_gettime(CLOCK_MONOTONIC, &ts); - return (U_INT)(ts.tv_nsec + ts.tv_sec * 1000000000LL); -} -#endif /** * This method is called only for control points NOT part of a normal collection: * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/havegecollect.h new/haveged-1.6/src/havegecollect.h --- old/haveged-1.5/src/havegecollect.h 2012-07-06 22:24:08.000000000 +0200 +++ new/haveged-1.6/src/havegecollect.h 2012-10-07 00:22:44.000000000 +0200 @@ -86,7 +86,7 @@ */ #ifdef HAVE_ISA_GENERIC #define ARCH "generic" -#define HARDCLOCK(x) x = havege_clock() +#define ENABLE_CLOCKGETTIME 1 #endif #ifdef HAVE_ISA_IA64 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/haveged.c new/haveged-1.6/src/haveged.c --- old/haveged-1.5/src/haveged.c 2012-08-11 19:16:34.000000000 +0200 +++ new/haveged-1.6/src/haveged.c 2012-12-15 17:58:16.000000000 +0100 @@ -105,7 +105,7 @@ "F", "Foreground", "0", "Run daemon in foreground", "r", "run", "1", "0=daemon, 1=config info, >1=<r>KB sample", "n", "number", "1", "Output size in [k|m|g|t] bytes, 0 = unlimited (if stdout)", - "o", "onlinetest", "1", "[t<x>][c<x>] x=[a[n][w]][b[w]] 't'ot, 'c'ontinuous, default: tb", + "o", "onlinetest", "1", "[t<x>][c<x>] x=[a[n][w]][b[w]] 't'ot, 'c'ontinuous, default: ta8b", "p", "pidfile", "1", "daemon pidfile, default: /var/run/haveged.pid", "s", "source", "1", "Injection soure file", "t", "threads", "1", "Number of threads", @@ -364,8 +364,8 @@ if (fscanf(osrel_fh,"%d.%d", &major, &minor)<2) major = minor = 0; fclose(osrel_fh); + if (major==2 && minor==4) max_bits *= 8; } - if (major==2 && minor==4) max_bits *= 8; } else max_bits = -1; if (max_bits < 1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/haveged.h new/haveged-1.6/src/haveged.h --- old/haveged-1.5/src/haveged.h 2012-08-11 16:30:42.000000000 +0200 +++ new/haveged-1.6/src/haveged.h 2012-10-06 23:08:42.000000000 +0200 @@ -33,7 +33,7 @@ unsigned int i_cache; /* size of instruction cache (kb) */ unsigned int low_water; /* write threshold to set - 0 for none */ char *tests_config; /* online test configuration */ - char *os_rel; /* path to operating sytem release */ + char *os_rel; /* path to operating system release */ char *pid_file; /* name of pid file */ char *poolsize; /* path to poolsize */ char *random_device; /* path to random device */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/havegetest.c new/haveged-1.6/src/havegetest.c --- old/haveged-1.5/src/havegetest.c 2012-08-02 14:46:49.000000000 +0200 +++ new/haveged-1.6/src/havegetest.c 2012-12-15 17:46:09.000000000 +0100 @@ -114,7 +114,7 @@ return 0; } /** - * Check if the current buffer should be released if continous testing is + * Check if the current buffer should be released if continuous testing is * being performed. The buffer must be discarded if it contains an * uncompleted retry or an uncompleted procedure with a failed test * or a failed procedure. @@ -318,7 +318,7 @@ * AIS-31 test procedure A. The test is initiated by setting procState to TEST_INIT and * the test is performed by calling the procedure adding input until completion is indicated * by a proc state of TEST_DONE. The first test requires 3145728 bits (393,216 bytes) and - * the remaing 5 tests are repeated on sucessive 2500 byte samples for 257 times. + * the remaining 5 tests are repeated on sucessive 2500 byte samples for 257 times. * * An ideal RNG will fail this test with a probablilty of 0.9987. If there is a single failed * test, the test will be repeated. An ideal RNG should almost never fail the retry. @@ -627,7 +627,7 @@ return tot<sz? aisTest(h_ctxt, prod, buffer+tot, sz - tot) : 1; } /** - * Procedure A tests 1 thru 4 correspond to the fips140-1 tests. These tests + * Procedure A tests 1 through 4 correspond to the fips140-1 tests. These tests * are conducted on the same input stream, so the calculations can be * done in parallel. */ @@ -737,7 +737,6 @@ U_INT offs, /* IN: starting offset */ U_INT tid) /* IN: test id */ { - U_INT48 *w = (U_INT48 *)p->aux; U_INT i, j; switch(p->testState) { @@ -748,19 +747,18 @@ * this test always uses the aux buffer to collect the test data */ case TEST_INPUT: - for(i=offs;(i+5)<p->range && p->bridge<TEST0_LENGTH;i+=6) - w[p->bridge++] = *((U_INT48 *)&p->data[i]) & 0xffffffffffffLL; + for(i=offs;(i+6)<p->range && p->bridge<TEST0_LENGTH;i+=6,p->bridge++) + memcpy(p->aux+(p->bridge*6), p->data+i*6, 6); offs = i; if (p->bridge<TEST0_LENGTH) break; p->bytesUsed += TEST0_USED; p->bridge = 0; case TEST_EVAL: - qsort(w, TEST0_LENGTH, sizeof(U_INT48), test0cmp); - for(i=1,j=0;i<TEST0_LENGTH;i++) - if (w[i-1] == w[i]) { - j|=1; - } + qsort(p->aux, TEST0_LENGTH, 6, test0cmp); + for (i=1,j=0;i<TEST0_LENGTH;i++) + if (!memcmp(p->aux+(i-1)*6, p->aux+i*6, 6)) + j++; p->results[tid].testResult = j; p->results[tid++].finalValue = i; p->testRun = tid; @@ -773,8 +771,7 @@ */ static int test0cmp(const void *aa, const void *bb) { - const U_INT48 *a = aa, *b = bb; - return (*a<*b)? -1 : (*a > *b)? 1 : 0; + return memcmp(aa,bb,6); } /** * Procedure A autocorrelation test. Brutal bit twiddling. @@ -800,7 +797,7 @@ } } /** - * This test always uses the same data as test1 thru test4 + * This test always uses the same data as test1 through test4 */ dp = (U_INT8 *) p->chain5; for (max = k = 0,tau=1;tau<=TEST5_LENGTH;tau++){ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haveged-1.5/src/havegetest.h new/haveged-1.6/src/havegetest.h --- old/haveged-1.5/src/havegetest.h 2012-07-27 21:41:34.000000000 +0200 +++ new/haveged-1.6/src/havegetest.h 2012-12-15 17:48:34.000000000 +0100 @@ -33,7 +33,7 @@ #define U_INT8 uint8_t /** * All individual tests and the test procedures use the following - * simple state maching to manage input. + * simple state machine to manage input. */ typedef enum { TEST_INIT, /* initialize the test */ @@ -47,7 +47,7 @@ * used as test0 and a autocorrelation test is used as test5. test0 is executed only * once, the other tests are repeated in sequence 257 times. */ -#define AIS_A_REPS 257 /* reps for test1 thru test 5 */ +#define AIS_A_REPS 257 /* reps for test1 through test 5 */ /** * Constants for the fips tests. Note AIS-31 v1 uses the unamended FIPS test limits */ @@ -73,7 +73,6 @@ * test 0 consumes 64k * 48 bits */ #define TEST0_LENGTH 65536 -#define TEST0_SIZE (TEST0_LENGTH*sizeof(U_INT48)) #define TEST0_USED (TEST0_LENGTH * 6) #define TEST5_LENGTH 5000 /** @@ -102,7 +101,7 @@ U_INT bytesUsed; /* number of bytes used */ U_INT8 *chain5; /* chain to test 5 */ U_INT options; /* duty cycle for test5 */ - char aux[TEST0_SIZE]; /* extra work space */ + char aux[TEST0_USED]; /* extra work space */ resultA results[1286]; /* test results */ } procA; /** ++++++ haveged-ppc.patch ++++++ Index: haveged-1.6/configure.ac =================================================================== --- haveged-1.6.orig/configure.ac +++ haveged-1.6/configure.ac @@ -127,7 +127,7 @@ case "$host" in AC_DEFINE(HAVE_ISA_IA64, 1, [Define to 1 for ia64]) ;; - powerpc-*|pcc-*|powerpc64|ppc64) + powerpc-*|pcc-*|powerpc64-*|ppc64-*) AC_DEFINE(HAVE_ISA_PPC, 1, [Define to 1 for ppc]) ;; -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de