Linux 5.5 To Finally Wire Up EFI RNG Code For x86 As Another Source Of Entropy

The EFI specification has an RNG protocol that is optional for being able to return RNG values from supporting an arbitrary set of RNG algorithms. This has been around since UEFI 2.4 (2013) and while the Linux kernel ARM code has invoked it for years in their EFI code, the x86 (x86_64 included) code has a similar hook-up for Linux 5.5.
Where supported this will seed the kernel entropy pool as another source of entropy during the early stages of the boot process where normally entropy can be quite limited. There is already the existing CONFIG_RANDOM_TRUST_BOOTLOADER Kconfig switch for whether this source of randomness can be trusted.
This EFI x86 RNG code is among the few improvements in EFI updates for v5.5.
10 Comments