[PATCH v8] seedrng: import SeedRNG utility for kernel RNG seed files

Tue Apr 19 10:24:05 UTC 2022

On Tue, Apr 19, 2022 at 11:33 AM Bernhard Reutner-Fischer
<rep.dot.nop at gmail.com> wrote:
> I was not refering to the startup scripts but to the possibility that
> we read data from the path /dev/random, close the fd and only later
> open it again for issuing the ioctl. The first read could easily hit a
> file with e.g. c 1 5, i.e. zero to inject non-random data into the pool.
> This would be avoided if we'd open random only once (and even ensure it
> really is the random chardev) and issue the ioctl on this very fd.

If an unprivileged process can modify files in /dev, all bets are off.