On Mon, Jun 5, 2017 at 5:47 AM, Jason A. Donenfeld wrote:
> - get_random_bytes(>serial, sizeof(key->serial));
> + ret = get_random_bytes_wait(>serial,
> sizeof(key->serial));
This actually isn't okay at bootup, but I've got a different change
for
Otherwise, we might use bad random numbers which, particularly in the
case of IV generation, could be quite bad. It makes sense to use the
synchronous API here, because we're always in process context (as the
code is littered with GFP_KERNEL and the like).
Signed-off-by: Jason A. Donenfeld