You Can Now Tell Linux At Boot-Time If You Don't Trust Your CPU Random Number Generator

Covered on Phoronix back during the Linux 4.19 kernel merge window was the new option for distribution vendors or those compiling their own Linux kernel to decide whether you trust the CPU's random number generator. That compile-time functionality has now been re-worked to allow for a boot-time option so users can more easily indicate whether they trust their own processor's RNG.

The Linux 4.19 merge window brought the RANDOM_TRUST_CPU Kconfig option for indicating at the kernel's compilation time if you should trust the CPU's built-in hardware random number generator on the likes of AMD, IBM s390/POWER, Intel, and other CPU RNG implementations. The trust worthiness of modern hardware random number generators is hotly debated whether they may be back-doored for use by spy agencies or other rogue actors given past influence by the NSA and other organizations.

But as your personal views on CPU RNG trust may differ from that of the Linux distribution vendor or whoever is building your kernel, as a "fix", there was a pull request sent in this Sunday morning for allowing this to be configured as a boot parameter.

The random.trust_cpu= option can now be set at boot-time (or added to your GRUB configuration defaults) for on/off to indicate if you trust RdRand to initialize the CRNG.

As far as the CONFIG_RANDOM_TRUST_CPU build-time option, that's being kept around and is used for determining the default behavior if no random.trust_cpu option is used at boot time.

This pull was already merged by Linus Torvalds ahead of the Linux 4.19-rc3 kernel test release. This "do you trust the CPU HWRNG?" question is just one of the small additions of the big Linux 4.19 feature additions in this next version of the kernel.