Linux 5.5 To Finally Wire Up EFI RNG Code For x86 As Another Source Of Entropy

Written by Michael Larabel in Hardware on 26 November 2019 at 03:14 AM EST. 10 Comments
HARDWARE
Since 2016 the Linux kernel on ARM has invoked the EFI random number generator (RNG) protocol for serving as an additional source of entropy during early boot. With Linux 5.5 in early 2020 that code is finally happening for x86/x86_64.

The EFI specification has an RNG protocol that is optional for being able to return RNG values from supporting an arbitrary set of RNG algorithms. This has been around since UEFI 2.4 (2013) and while the Linux kernel ARM code has invoked it for years in their EFI code, the x86 (x86_64 included) code has a similar hook-up for Linux 5.5.

Where supported this will seed the kernel entropy pool as another source of entropy during the early stages of the boot process where normally entropy can be quite limited. There is already the existing CONFIG_RANDOM_TRUST_BOOTLOADER Kconfig switch for whether this source of randomness can be trusted.

This EFI x86 RNG code is among the few improvements in EFI updates for v5.5.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week