From what I read about rngd its task is “to check and feed random data from hardware device to kernel entropy pool”. As I understand it, rngd, once it completes its feed task, should make initial /dev/random access faster on machines without HW random generator. It seems being not practical to run rngd on iMX7D with available /dev/hwrng. Isn’t it?
High CPU usage is caused by using jitter source. rngd -l shows two available entropy sources
Available and enabled entropy sources:
0: Hardware RNG Device (hwrng)
5: JITTER Entropy generator (jitter)
Disabling jitter using -x switch fixes high CPU usage out of power on. vi /etc/default/rng-tools then add x jitter.
rngdtest -c 1 </dev/random or dd if=/dev/random of=/dev/null show similar results with rngd disabled and rngd enabled. Still any benefits in running rngd?
I’m not really familiar with rngd but according to this discussion - “If your OS’s “entropy estimator” is producing small numbers and your userspace applications are using /dev/random, yes, that will degrade your performance.”
If you don’t care about strong encryption you can remove rngd at all.
Thank you very much, good source! rngd still is needed even with /dev/hwrng, unless /dev/random is not used at all. cat /proc/sys/kernel/random/entropy_avail just confirms it easily.
I’ll just use -x jitter switch to reduce boot time a bit.
I wondered how well does /dev/random perform. Turns out that on iMX6ULL /dev/random is fast like ~140kB/s. I mean results of dd if=/dev/random of=/dev/null status=progress. On iMX7D it looks like HW RND is not used at all. /dev/random gives less than 0.5kB/s…
iMX6ULL device tree defines RNDB. iMX7D device tree lacks RND… And NXP is very unfriendly regarding Security Reference Manual. And since HW RND is not working, I see no point in wasting power running rngd…