On Tue, 19 Sept 2023 at 23:06, Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > > This would be the potential change, BTW: Entirely regardless of your fundamental question, no, that's not the potential change. That causes a crng_reseed() even if the write fails completely and returns -EFAULT. So at a *minimum*, I'd expect the patch to be be something like memzero_explicit(block, sizeof(block)); - return ret ? ret : -EFAULT; + if (!ret) + return -EFAULT; + crng_reseed(NULL); + return ret; but even then I'd ask - wouldn't we want some kind of minimum check? - do we really trust writes to add any actual entropy at all and at what point? which are admittedly likely the same question just in different guises. Also, are there any relevant architectures where "try_to_generate_entropy()" doesn't work? IOW, why do you even care? Linus