Lines Matching refs:this
40 is not initialized. The provided random bytes will be of low quality in this
41 case however. Moreover the kernel will log about all programs using this
42 interface in this state, and which thus potentially rely on an uninitialized
60 includes random bytes generated this way in its entropy pool, but didn't use
61 to credit entropy for it (i.e. data from this source wasn't considered good
65 means systems with CPUs supporting this opcode will be able to very quickly
71 line to change that, but note that this is a global setting affect all
149 initialized, this is identical to `getrandom(0)`, returning cryptographically
176 this service typically runs relatively late during early boot: long after
179 not advised to rely exclusively on this functionality to seed the kernel's
180 entropy pool. Also note that this service synchronously waits until the
199 seed file for the ESP is then written to the ESP, ensuring this is completed
208 replicated between multiple images and the random seed is not reset, this
213 entropy pool of different machines, even if this seed is the only source of
225 from using this mechanism, for safety reasons. This is because on VM
242 environments, as the random seed passed this way is accessible to
243 unprivileged programs via `/proc/cmdline`. Using this option outside of
278 to fix this.
281 installing any 'system token' in an EFI variable, as described above, this
335 daemons do is still desirable today, this would be much better implemented
353 delay, which this doesn't solve), there's hence little benefit for us to
360 Yes, NetBSD has that, and the above is inspired by that (note though: this
372 wouldn't have to involve userspace in this.
381 this is currently not available.
397 `/proc/cmdline`. It's not desirable if unprivileged processes can use this
401 That said, we actually do implement this with the `systemd.random_seed=`
402 kernel command line option. Don't use this outside of testing environments,