Show Your Support: This site is primarily supported by advertisements. Ads are what have allowed this site to be maintained on a daily basis for the past 18+ years. We do our best to ensure only clean, relevant ads are shown, when any nasty ads are detected, we work to remove them ASAP. If you would like to view the site without ads while still supporting our work, please consider our ad-free Phoronix Premium.
Last Minute Random/RNG Updates Land In Linux 5.18
In addition to the many random/RNG improvements already merged last week into Linux 5.18 (and the /dev/urandom unification that had to be backed out for now), he sent in a secondary set of random updates for this new kernel version.
Linus Torvalds already merged these secondary RNG updates from Donenfeld. The feature highlights for this latest work includes:
- When a hardware RNG passes a large enough chunk of entropy during early boot, the Linux kernel will now skip the fast init path and go ahead and just fully initialize the RNG right away. This ultimately makes enabling CONFIG_RANDOM_TRUST_BOOTLOADER have a useful effect.
- The run-time boot option of random.trust_bootloader= is added as a run-time knob alternative to the build-time CONFIG_RANDOM_TRUST_BOOTLOADER option for whether to pass the seed passed by the bootloader for fully seeding the kernel CRNG. This complements as well the existing random.trust_cpu= option.
- Adding the spec compliant ACPI CID for the VMGENID work for better VM security.
- Restoring build-time randomness via the latest entropy plug-in.
More details on these changes via this Git merge.