This repository has been archived by the owner on Apr 12, 2021. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
nixos/modules/security/rngd: Disable by default
`rngd` seems to be the root cause for slow boot issues, and its functionality is redundant since kernel v3.17 (2014), which introduced a `krngd` task (in kernel space) that takes care of pulling in data from hardware RNGs: > commit be4000bc4644d027c519b6361f5ae3bbfc52c347 > Author: Torsten Duwe <duwe@lst.de> > Date: Sat Jun 14 23:46:03 2014 -0400 > > hwrng: create filler thread > > This can be viewed as the in-kernel equivalent of hwrngd; > like FUSE it is a good thing to have a mechanism in user land, > but for some reasons (simplicity, secrecy, integrity, speed) > it may be better to have it in kernel space. > > This patch creates a thread once a hwrng registers, and uses > the previously established add_hwgenerator_randomness() to feed > its data to the input pool as long as needed. A derating factor > is used to bias the entropy estimation and to disable this > mechanism entirely when set to zero. Closes: #96067
- Loading branch information