From 68bcc6973bca0165982959cc89862ffcc63ef569 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Thu, 10 Dec 2015 12:40:55 +0000 Subject: kernel/modules: fix crypto API RNG for >=4.2 Since kernel 4.2, DRBG is the default crypto API RNG, replacing krng. As DRBG is not enabled, there is no crypto API RNG available when running kernel 4.2 or later. Because of this, IPsec SAs fail to install. In strongSwan, this results in a vague error that is difficult to debug: received netlink error: No such file or directory (2) Solve this by adding DRBG to the kmod-crypto-rng package. As enabling DRBG in the kernel config also enables the Jitterentropy RNG, include it in kmod-crypto-rng instead of having it in a separate package. Signed-off-by: Stijn Tintel git-svn-id: svn://svn.openwrt.org/openwrt/trunk@47827 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/kernel/linux/modules/crypto.mk | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) (limited to 'package') diff --git a/package/kernel/linux/modules/crypto.mk b/package/kernel/linux/modules/crypto.mk index 062afe7168..fe64db46f7 100644 --- a/package/kernel/linux/modules/crypto.mk +++ b/package/kernel/linux/modules/crypto.mk @@ -100,26 +100,21 @@ $(eval $(call KernelPackage,crypto-wq)) define KernelPackage/crypto-rng TITLE:=CryptoAPI random number generation - KCONFIG:=CONFIG_CRYPTO_RNG2 - FILES:=$(LINUX_DIR)/crypto/rng.ko -ifeq ($(strip $(call CompareKernelPatchVer,$(KERNEL_PATCHVER),lt,4.2.0)),1) - FILES+=$(LINUX_DIR)/crypto/krng.ko -endif - AUTOLOAD:=$(call AutoLoad,09,rng krng) + KCONFIG:= \ + CONFIG_CRYPTO_DRBG \ + CONFIG_CRYPTO_JITTERENTROPY \ + CONFIG_CRYPTO_RNG2 + FILES:= \ + $(LINUX_DIR)/crypto/drbg.ko@ge4.2 \ + $(LINUX_DIR)/crypto/jitterentropy_rng.ko@ge4.2 \ + $(LINUX_DIR)/crypto/krng.ko@lt4.2 \ + $(LINUX_DIR)/crypto/rng.ko + AUTOLOAD:=$(call AutoLoad,09,drbg@ge4.2 jitterentropy_rng@ge4.2 krng@lt4.2 rng) $(call AddDepends/crypto) endef $(eval $(call KernelPackage,crypto-rng)) -define KernelPackage/crypto-rng-jitterentropy - TITLE:=Jitterentropy Non-Deterministic Random Number Generator - KCONFIG:=CONFIG_CRYPTO_JITTERENTROPY - FILES:= $(LINUX_DIR)/crypto/jitterentropy_rng.ko - AUTOLOAD:=$(call AutoLoad,10,jitterentropy-rng) - $(call AddDepends/crypto) -endef - -$(eval $(call KernelPackage,crypto-rng-jitterentropy)) define KernelPackage/crypto-iv TITLE:=CryptoAPI initialization vectors -- cgit v1.2.3