diff options
Diffstat (limited to 'man/systemd-boot.xml')
| -rw-r--r-- | man/systemd-boot.xml | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml index 57b66803fa..f96c4c6512 100644 --- a/man/systemd-boot.xml +++ b/man/systemd-boot.xml @@ -436,28 +436,6 @@ </varlistentry> <varlistentry> - <term><varname>LoaderRandomSeed</varname></term> - - <listitem><para>A binary random seed <command>systemd-boot</command> may optionally pass to the - OS. This is a volatile EFI variable that is hashed at boot from the combination of a random seed - stored in the ESP (in <filename>/loader/random-seed</filename>) and a "system token" persistently - stored in the EFI variable <varname>LoaderSystemToken</varname> (see below). During early OS boot the - system manager reads this variable and passes it to the OS kernel's random pool, crediting the full - entropy it contains. This is an efficient way to ensure the system starts up with a fully initialized - kernel random pool — as early as the initrd phase. <command>systemd-boot</command> reads - the random seed from the ESP, combines it with the "system token", and both derives a new random seed - to update in-place the seed stored in the ESP, and the random seed to pass to the OS from it via - SHA256 hashing in counter mode. This ensures that different physical systems that boot the same - "golden" OS image — i.e. containing the same random seed file in the ESP — will still pass a - different random seed to the OS. It is made sure the random seed stored in the ESP is fully - overwritten before the OS is booted, to ensure different random seed data is used between subsequent - boots.</para> - - <para>See <ulink url="https://systemd.io/RANDOM_SEEDS">Random Seeds</ulink> for - further information.</para></listitem> - </varlistentry> - - <varlistentry> <term><varname>LoaderSystemToken</varname></term> <listitem><para>A binary random data field, that is used for generating the random seed to pass to |