The bulk of the motivation for this and description of crypto vulnerabilities is in the first patch of this series. The following two patches then fix up entropy accounting for the new model. The last patch fixes a minor code safety issue. This v2 improves some documentation comments and unifies these patches into one patchset. Jason A. Donenfeld (4): random: use computational hash for entropy extraction random: simplify entropy debiting random: use linear min-entropy accumulation crediting random: make credit_entropy_bits() always safe drivers/char/random.c | 490 ++++++---------------------------- include/trace/events/random.h | 30 +-- 2 files changed, 87 insertions(+), 433 deletions(-) -- 2.35.0