* Stephan Müller: > * support deactivation of TRNG (i.e. blocking behavior of /dev/random) > at compile time. If deactivated, /dev/random behaves like > getrandom(2). I don't quite understand this comment. Doesn't getrandom with the GRND_RANDOM always behave like /dev/random? Presumably, without the TRNG tap, the GRND_RANDOM flag for getrandom is ignored, and reading from /dev/random behaves like reading from /dev/urandom. Anyway, reading the accompanying PDF, this looks rather impressive: the userspace bootstrapping problem is gone (the issue where waiting for more entropy prevents the collection of more entropy), *and* we can still make the standards people happy. (Replying from my other account due to mail issues, sorry.)