Hi,
Actually, I wonder if the rng stuff is really worth the effort when the majority of our systems is not supporting it.
passing through virtio-rng is definitely a good idea especially with the terrible openssl on SLE12 that requires several kilobytes of entropy for generating a trivial RSA key. However, I'm not sure if selecting /dev/hwrng was a good idea, since that one has an unspecified quality (and might be returning 00"s all day). The normal setup is that you run rngd that tests the entropy of hwrng before feeding bad kernel into the kernel entropy pool, and /dev/random is seeded with those entropy sources that provide the required quality. With just using /dev/random from the host the amount of code needed and the level of breakage should be minimized accross architectures. -- To unsubscribe, e-mail: opensuse-arm+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-arm+owner@opensuse.org