On Tue, 20 Aug 2019 at 10:43, Hsin-Yi Wang <hsinyi@xxxxxxxxxxxx> wrote: > > Hi Ted, > > Thanks for raising this question. > > For UEFI based system, they have a config table that carries rng seed > and can be passed to device randomness. However, they also use > add_device_randomness (not sure if it's the same reason that they > can't guarantee _all_ bootloader can be trusted) The config table is actually a Linux invention: it is populated by the EFI stub code (which is part of the kernel) based on the output of a call into the EFI_RNG_PROTOCOL, which is defined in the UEFI spec, but optional and not widely available. I have opted for add_device_randomness() since there is no way to establish the quality level of the output of EFI_RNG_PROTOCOL, and so it is currently only used to prevent the bootup state of the entropy pool to be too predictable, and the output does not contribute to the entropy estimate kept by the RNG core. > This patch is to let DT based system also have similar features, which > can make initial random number stronger. (We only care initial > situation here, since more entropy would be added to kernel as time > goes on ) > > Conservatively, we can use add_device_randomness() as well, which > would pass buffer to crng_slow_load() instead of crng_fast_load(). > But I think we should trust bootloader here. Whoever wants to use this > feature should make sure their bootloader can pass valid (random > enough) seeds. If they are not sure, they can just don't add the > property to DT. It is the firmware that adds the property to the DT, not the user.