[yocto] [meta-openssl102-fips][PATCH 2/3] openssh_fips.inc: remove rng-tools from sshd RRECOMMENDS
Hongxu Jia
hongxu.jia at windriver.com
Sat Oct 12 01:17:09 PDT 2019
While kernel enable fips, the rng-tools takes a high cpu performance
which Operation not permitted
...
Oct 12 06:08:23 qemux86-64 rngd[122]: RNDADDENTROPY failed: Operation not permitted
...
Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
---
recipes-connectivity/openssh/openssh_fips.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/recipes-connectivity/openssh/openssh_fips.inc b/recipes-connectivity/openssh/openssh_fips.inc
index 38db03b..0eafb98 100644
--- a/recipes-connectivity/openssh/openssh_fips.inc
+++ b/recipes-connectivity/openssh/openssh_fips.inc
@@ -3,6 +3,8 @@ DEPENDS += " \
openssl-fips \
fipscheck \
"
+RRECOMMENDS_${PN}-sshd_remove = "rng-tools"
+
SRC_URI += " \
file://0001-openssh-8.0p1-fips.patch \
file://0001-conditional-enable-fips-mode.patch \
--
2.7.4
More information about the yocto
mailing list