[Cryptography] Improvements to RNG seeding in Linux 4.10
James A. Donald
jamesd at echeque.com
Tue Feb 28 22:35:27 EST 2017
On 2/28/2017 4:45 PM, Marshall Pierce wrote:
> It seems that Linux 4.10 will get its entropy pool populated early in boot via UEFI.
>
> Commits:
> - https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=568bc4e87033d232c5fd00d5b0cd22a2ccc04944
> - https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=636259880a7e7d3446a707dddebc799da94bdd0b
UEFI means that device specific hardware can supply entropy. Which
makes sense given that only device specific hardware can access things
that are truly random.
But chances are that the hardware will not have drivers to access device
specific entropy, that since customers will not know, hardware makers
will not bother.
More information about the cryptography
mailing list