Last Minute Random/RNG Updates Land In Linux 5.18

Written by Michael Larabel in Linux Kernel on 1 April 2022 at 05:38 AM EDT. Add A Comment
While Jason Donenfeld is known for his splendid work on the open-source WireGuard secure network tunnel technology, lately he's been driving a number of improvements into the random/RNG code for the Linux kernel.

In addition to the many random/RNG improvements already merged last week into Linux 5.18 (and the /dev/urandom unification that had to be backed out for now), he sent in a secondary set of random updates for this new kernel version.

Linus Torvalds already merged these secondary RNG updates from Donenfeld. The feature highlights for this latest work includes:

- When a hardware RNG passes a large enough chunk of entropy during early boot, the Linux kernel will now skip the fast init path and go ahead and just fully initialize the RNG right away. This ultimately makes enabling CONFIG_RANDOM_TRUST_BOOTLOADER have a useful effect.

- The run-time boot option of random.trust_bootloader= is added as a run-time knob alternative to the build-time CONFIG_RANDOM_TRUST_BOOTLOADER option for whether to pass the seed passed by the bootloader for fully seeding the kernel CRNG. This complements as well the existing random.trust_cpu= option.

- Adding the spec compliant ACPI CID for the VMGENID work for better VM security.

- Restoring build-time randomness via the latest entropy plug-in.

More details on these changes via this Git merge.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week