Linux 6.11 Lands Support For getrandom() In The vDSO

Going back two years has been the effort for adding getrandom() to the vDSO in order to enhance the performance. This work has yielded as much as 15x the performance in showing very fast while being secure user-space RNG needs. A few weeks back Linus Torvalds was unconvinced by adding getrandom() to the vDSO, but after going back through the patches he gave it another go. Today the work has managed to be mainlined for Linux 6.11.

The getrandom() in the vDSO effort was led by Jason Donenfeld who is known for his work on WireGuard. Last week he sent in the code as part of the RNG updates pull request and today it was honored by Linus Torvalds.

The code is merged and summed up as:

"This adds getrandom() support to the vDSO.

First, it adds a new kind of mapping to mmap(2), MAP_DROPPABLE, which lets the kernel zero out pages anytime under memory pressure, which enables allocating memory that never gets swapped to disk but also doesn't count as being mlocked.

Then, the vDSO implementation of getrandom() is introduced in a generic manner and hooked into random.c.

Next, this is implemented on x86. (Also, though it's not ready for this pull, somebody has begun an arm64 implementation already)"

Great to see this milestone achieved so user-space can generate random bytes quickly and safely.