khwrngd provides the same functionality as rngd here, but is integrated in the kernel, and started by default by the hwrng driver as soon as the device is initialized. It was added in Linux 3.17 by the following commit: commit be4000bc4644d027c519b6361f5ae3bbfc52c347 Author: Torsten Duwe <duwe@lst.de> Date: Sat Jun 14 23:46:03 2014 -0400 hwrng: create filler thread This can be viewed as the in-kernel equivalent of hwrngd; like FUSE it is a good thing to have a mechanism in user land, but for some reasons (simplicity, secrecy, integrity, speed) it may be better to have it in kernel space. This patch creates a thread once a hwrng registers, and uses the previously established add_hwgenerator_randomness() to feed its data to the input pool as long as needed. A derating factor is used to bias the entropy estimation and to disable this mechanism entirely when set to zero. --- start-vm.nix | 8 -------- 1 file changed, 8 deletions(-) diff --git a/start-vm.nix b/start-vm.nix index 442f83a8f45..66fb358cb39 100644 --- a/start-vm.nix +++ b/start-vm.nix @@ -45,14 +45,6 @@ let s6-linux-init-hpr -fr ''; } // services.".s6-svscan" or {}; - - rngd = { - run = writeScript "rngd-run" '' - #! ${execline}/bin/execlineb -P - ${rng-tools}/bin/rngd -f -x pkcs11,rdrand - ''; - } // services.rngd or {}; - } // services; in -- 2.24.0