From c23541112d09d7bdf8b6dc5fed6717560249fad0 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Wed, 6 Jan 2021 00:39:48 +0100 Subject: gnu: Add jitterentropy-rngd. * gnu/packages/linux.scm (jitterentropy-rngd): New public variable. --- gnu/packages/linux.scm | 49 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index a8bb9db172..71f21aa687 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2015 Taylan Ulrich Bayırlı/Kammer ;;; Copyright © 2015, 2016, 2017, 2018, 2020 Efraim Flashner ;;; Copyright © 2016 Christopher Allan Webber -;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice +;;; Copyright © 2016–2021 Tobias Geerinckx-Rice ;;; Copyright © 2016, 2017 Alex Kost ;;; Copyright © 2016 Raymond Nicholson ;;; Copyright © 2016 Mathieu Lirzin @@ -2245,6 +2245,53 @@ (define-public iptables Both commands are targeted at system administrators.") (license license:gpl2+))) +(define-public jitterentropy-rngd + (package + (name "jitterentropy-rngd") + (version "1.2.0") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/smuellerDD/jitterentropy-rngd") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1fb8zfwhwkl1d8n4cdn7rdv5rwd75qgc00d36pmkl7wgnj3c9xda")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; no test suite + #:make-flags + (list (string-append "CC=" ,(cc-for-target)) + (string-append "PREFIX=" (assoc-ref %outputs "out")) + "UNITDIR=$(PREFIX)/lib/systemd/system") + #:phases + (modify-phases %standard-phases + (delete 'configure)))) ; no ./configure script + (home-page "https://www.chronox.de/jent.html") + (synopsis "CPU jitter random number generator daemon") + (description + "This simple daemon feeds entropy from the CPU Jitter @acronym{RNG, random +number generator} core to the kernel Linux's entropy estimator. This prevents +the @file{/dev/random} device from blocking and should benefit users of the +preferred @file{/dev/urandom} and @code{getrandom()} interfaces too. + +The CPU Jitter RNG itself is part of the kernel and claims to provide good +entropy by collecting and magnifying differences in CPU execution time as +measured by the high-resolution timer built into modern CPUs. It requires no +additional hardware or external entropy source. + +The random bit stream generated by @command{jitterentropy-rngd} is not processed +by a cryptographically secure whitening function. Nonetheless, its authors +believe it to be a suitable source of cryptographically secure key material or +other cryptographically sensitive data. + +If you agree with them, start this daemon as early as possible to provide +properly seeded random numbers to services like SSH or those using TLS during +early boot when entropy may be low, especially in virtualised environments.") + (license (list license:bsd-3 ; or + license:gpl2+)))) + (define-public lsscsi (package (name "lsscsi") -- cgit v1.2.3