SeedRNG is "sample" copy&pasteable code, meant to be included in various init systems and distros, for correctly seeding the Linux RNG from basic seed files, replacing a pretty diverse set of problematic scripts: git.zx2c4.com/seedrng/about/ git.zx2c4.com/seedrng/tree/s
Conversation
Replying to
Kernel itself could be taught to store/load a seed via pstore similar to how it uses it to store kernel logs for retrieval on next boot.
Replying to
That's a cool idea. Currently the closest thing we have to that is CONFIG_RANDOM_TRUST_BOOTLOADER=y, which leaves it up to the "bootloader" to provide something, somehow. While the BSD bootloaders handle seed files, what this actually amounts to is EFI or OF providing a seed. 1/2
1
So I suppose the thing to do would be to look at platforms that have working pstore but don't have EFI/OF seeds. Otoh, maybe people would trust pstore'd seeds more than blackbox EFI-provided seeds. An alternative approach would be to teach OSS bootloaders to handle this. 2/2
2
Show replies