Linux 5.6 removed the cargo cult blocking CSPRNG.
/dev/random now works the same way as getrandom. It only blocks until CSPRNG is initialized after booting.
GRND_RANDOM flag for getrandom doesn't do anything anymore.
/dev/urandom still doesn't wait for CSPRNG initialization.
Conversation
Replying to
It's not good advice to use /dev/urandom. The best advice is to use getrandom(...). There was no properly designed API on kernels without getrandom(...).
/dev/random is fine to use on Linux 5.6 and later though. Previously misguided software using /dev/random now works properly.
1
8
Linux 5.4 and later actively seed the CSPRNG if anything blocks on it being initialized. It no longer hangs indefinitely waiting for entropy to be collected from elsewhere. It would be really nice if they fixed /dev/urandom too so that all of these APIs simply worked correctly...
1
8