From debf700a83c093e8a4a37a93d4218ceb77d15cdb Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Tue, 8 Mar 2022 16:00:01 +0100 Subject: [PATCH 1/2] coreos-base/coreos: remove rng-tool dependency rng-tools does not appear to be necessary for booting in virtual machine environments in 2022. Back in the day the boot process would block if there was not enough entropy to seed the system random pool, but over the years the linux kernel made sure that the pool is force seeded if userspace does not do so one it's own. Remove rng-tool as it is not needed and it would require work to make sure it works (detection of tpm/hwrng/intel cpu instructions). --- .../coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild | 1 - .../profiles/coreos/arm64/package.accept_keywords | 3 --- 2 files changed, 4 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild index c213a19f46..ee7ccd6294 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild @@ -164,7 +164,6 @@ RDEPEND="${RDEPEND} sys-apps/nvme-cli sys-apps/pciutils sys-apps/policycoreutils - sys-apps/rng-tools sys-apps/sed sys-apps/seismograph sys-apps/semodule-utils diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords index 4d35c21ab6..2d2419d651 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.accept_keywords @@ -44,9 +44,6 @@ dev-util/checkbashisms * =sys-apps/policycoreutils-3.1-r3 ~arm64 =sys-apps/kexec-tools-2.0.22 ~arm64 -# needed to force enable rng-tools for arm64 -=sys-apps/rng-tools-5-r2 ** - =sys-apps/sandbox-2.12 ~arm64 =sys-apps/semodule-utils-3.1 ~arm64 From 617f619c686b467848c26f7816af8735bc882d30 Mon Sep 17 00:00:00 2001 From: Jeremi Piotrowski Date: Wed, 9 Mar 2022 13:05:03 +0100 Subject: [PATCH 2/2] changelog: add entry for rngd.service removal The user visible effect of rng-tool removal is that rngd is no longer started in the initramfs. --- .../coreos-overlay/changelog/changes/2022-03-09-rngd.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 sdk_container/src/third_party/coreos-overlay/changelog/changes/2022-03-09-rngd.md diff --git a/sdk_container/src/third_party/coreos-overlay/changelog/changes/2022-03-09-rngd.md b/sdk_container/src/third_party/coreos-overlay/changelog/changes/2022-03-09-rngd.md new file mode 100644 index 0000000000..9a525d89c0 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/changelog/changes/2022-03-09-rngd.md @@ -0,0 +1 @@ +- Removed rngd.service because it is not essential anymore for the kernel to boot fast in VM environments ([PR#1700](https://github.com/flatcar-linux/coreos-overlay/pull/1700))