Linus Torvalds writes: (Summary) (Untested.)
Looks workable.
Looks workable.
Small tweak: you should check the return value of get_random_bytes_arch(), because in theory it can fail.
because in theory it can fail.
Sadly, that's not actually how get_random_bytes_arch() really works - it falls back on "get_random_bytes()" on failure instead, which is explicitly against the whole point here.
against the whole point here.
So I think it would need some tweaking, with a new function entirely (get_random_bytes_arch() with a failure return for "cannot fill buffer").
Looks workable.
Looks workable.
[...]
+ }Small tweak: you should check the return value of get_random_bytes_arch(), because in theory it can fail.
because in theory it can fail.
Sadly, that's not actually how get_random_bytes_arch() really works - it falls back on "get_random_bytes()" on failure instead, which is explicitly against the whole point here.
against the whole point here.
So I think it would need some tweaking, with a new function entirely (get_random_bytes_arch() with a failure return for "cannot fill buffer").