Setting up the TRNG device driver
The true random-number generator can be built into the kernel or compiled as a separate module.
The true random-number generator requires Message-Security-Assist Extension 7 (MSA 7), which is available as of the IBM z14. During initialization of the TRNG kernel module, or, if TRNG is compiled into the kernel, during kernel startup, the device driver checks for the prerequisite. If the prerequisite is not fulfilled, the device driver silently exits.
modprobe s390_trng
There are no kernel or module parameters for the TRNG device driver.
Device nodes for random data
The true random-number generator device driver provides two interfaces to user space applications: the device node /dev/trng for direct access, and the generic device node /dev/hwrng.
The /dev/hwrng node appears when the TRNG or another source of random data registers with the hwrng device driver. If both the TRNG and a CCA coprocessor are registered, the TRNG takes precedence.
As of the z14, the kernel random device driver also uses the CPACF TRNG true random source through the arch_get_random_seed_* functions. The kernel random device driver provides two device nodes, /dev/random and /dev/urandom. The arch_get_random_seed_* functions require the CPACF TRNG.