Hi Ted, Thanks for raising this question. For UEFI based system, they have a config table that carries rng seed and can be passed to device randomness. However, they also use add_device_randomness (not sure if it's the same reason that they can't guarantee _all_ bootloader can be trusted) This patch is to let DT based system also have similar features, which can make initial random number stronger. (We only care initial situation here, since more entropy would be added to kernel as time goes on ) Conservatively, we can use add_device_randomness() as well, which would pass buffer to crng_slow_load() instead of crng_fast_load(). But I think we should trust bootloader here. Whoever wants to use this feature should make sure their bootloader can pass valid (random enough) seeds. If they are not sure, they can just don't add the property to DT.
