On Wed, Aug 21, 2019 at 08:21:45PM -0400, George Spelvin wrote: > There's no need to get_random_bytes() into a temporary buffer. > > This is not a no-brainer change; get_random_u32() has slightly weaker > security guarantees, but code like this is the classic example of when > it's appropriate: the random value is stored in the kernel for as long > as it's valuable. The mechanical transformation looks OK, but can someone who knows the RNG confirm this statement? Many of these places are being used in network related contexts, I suspect the value here is often less about secrecy, more about unguessability. Jason
