Author: nbd Date: 2015-12-10 13:40:55 +0100 (Thu, 10 Dec 2015) New Revision: 47827
Modified: trunk/package/kernel/linux/modules/crypto.mk Log: kernel/modules: fix crypto API RNG for >=4.2 Since kernel 4.2, DRBG is the default crypto API RNG, replacing krng. As DRBG is not enabled, there is no crypto API RNG available when running kernel 4.2 or later. Because of this, IPsec SAs fail to install. In strongSwan, this results in a vague error that is difficult to debug: received netlink error: No such file or directory (2) Solve this by adding DRBG to the kmod-crypto-rng package. As enabling DRBG in the kernel config also enables the Jitterentropy RNG, include it in kmod-crypto-rng instead of having it in a separate package. Signed-off-by: Stijn Tintel <[email protected]> Modified: trunk/package/kernel/linux/modules/crypto.mk =================================================================== --- trunk/package/kernel/linux/modules/crypto.mk 2015-12-10 12:40:19 UTC (rev 47826) +++ trunk/package/kernel/linux/modules/crypto.mk 2015-12-10 12:40:55 UTC (rev 47827) @@ -100,27 +100,22 @@ define KernelPackage/crypto-rng TITLE:=CryptoAPI random number generation - KCONFIG:=CONFIG_CRYPTO_RNG2 - FILES:=$(LINUX_DIR)/crypto/rng.ko -ifeq ($(strip $(call CompareKernelPatchVer,$(KERNEL_PATCHVER),lt,4.2.0)),1) - FILES+=$(LINUX_DIR)/crypto/krng.ko -endif - AUTOLOAD:=$(call AutoLoad,09,rng krng) + KCONFIG:= \ + CONFIG_CRYPTO_DRBG \ + CONFIG_CRYPTO_JITTERENTROPY \ + CONFIG_CRYPTO_RNG2 + FILES:= \ + $(LINUX_DIR)/crypto/[email protected] \ + $(LINUX_DIR)/crypto/[email protected] \ + $(LINUX_DIR)/crypto/[email protected] \ + $(LINUX_DIR)/crypto/rng.ko + AUTOLOAD:=$(call AutoLoad,09,[email protected] [email protected] [email protected] rng) $(call AddDepends/crypto) endef $(eval $(call KernelPackage,crypto-rng)) -define KernelPackage/crypto-rng-jitterentropy - TITLE:=Jitterentropy Non-Deterministic Random Number Generator - KCONFIG:=CONFIG_CRYPTO_JITTERENTROPY - FILES:= $(LINUX_DIR)/crypto/jitterentropy_rng.ko - AUTOLOAD:=$(call AutoLoad,10,jitterentropy-rng) - $(call AddDepends/crypto) -endef -$(eval $(call KernelPackage,crypto-rng-jitterentropy)) - define KernelPackage/crypto-iv TITLE:=CryptoAPI initialization vectors DEPENDS:=+kmod-crypto-manager +kmod-crypto-rng +kmod-crypto-wq _______________________________________________ openwrt-commits mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-commits
