#systemd's EFI bootloader, systemd-boot, will now pass the on-disk RNG seeds it manages directly to the Linux kernel, so that the RNG is seeded by them before userspace runs. github.com/systemd/system…

This RFC patchset for the Linux kernel proposes using an EFI non-volatile variable as a persistent RNG seed that the kernel's EFISTUB can manage transparently and automatically. Very cool if it works. A question about using variables that way. lore.kernel.org/linux-efi/2022…

v7 posted of the vDSO getrandom() series: lore.kernel.org/lkml/202211241… , with a stackless ChaCha20 implementation on x86-64, as well as a corresponding patch to wire this up for glibc from Adhemerval Zanella - github.com/bminor/glibc/c… . I'm daily driving this on my laptop's libc.

Ibraheem Ahmed Protty Well, there is one cool use in the #Linux kernel #wireguard by Jason Donenfeld: git.kernel.org/pub/scm/linux/…

WireGuard is the first reproducible build package on F-Droid that has a fully verified signature path. The WireGuard Project builds WireGuard from source, and then signs the resultant APK with a private key stored in an HSM. F-Droid’s build server downloads that source and does

Direct APK downloads for WireGuard for Android are now available: lore.kernel.org/wireguard/ZGIo…

Linux 6.11 Lands Support For getrandom() In The vDSO phoronix.com/news/Linux-6.1…

The (v1) glibc patch for enabling this is now posted: inbox.sourceware.org/libc-alpha/202… GCC - GNU Toolchain

vDSO getrandom() has now been ported to arm64, powerpc64, powerpc32, s390x, and loongarch64, in addition to the prior x86_64 port: lore.kernel.org/all/2024091612…

this is the official code of a major HSM vendor used for verify key attestations (what's wrong left as an exercise)

vDSO getrandom() Ported To Five More CPU Architectures With Linux 6.12 phoronix.com/news/Linux-6.1…

Golang now supports vDSO getrandom() for huge speedups: github.com/golang/go/comm…

Golang Now Enables Speedier getrandom() On Linux phoronix.com/news/Goland-ge…

The GCC - GNU Toolchain GNU C Library Merges Support for getrandom vDSO phoronix.com/news/glibc-get…

Glibc 2.41 will support vDSO getrandom(): sourceware.org/git/?p=glibc.g…

vDSO getrandom() objective complete!