> That issue is why I'm not really happy about the getentropy API: it > was originally defined to never block, and some systems have made it > block for reasons that don't really mean very much. > > This is an argument for providing just getrandom -- the API contract > is is clearer and doesn't require long detailed messages summarizing > research into exactly what the blocking criteria are and what the > practical consequences for them are.
>From the perspective of someone who isn't well versed on the topic of randomness and seeding, getentropy shouts "use me! I'm good!" and getrandom starts scare-mongering you about how various things are insecure, you should learn about seeding, here's 3 options. I still don't find the getrandom man page you provided to be good, it talks about "/dev/random behaviour" which is something you've changed to not have this behaviour.
