On Sat, Jan 22, 2022 at 11:51:37AM +0000, Jonathan Wakely wrote:
IIRC it wasn't that simple. The necessary entropy was *not*
coming
from uninitialized bytes. There were other sources of *real* entropy,
but the Debian patch caused *none* of it to be added to the pool
(except for the PID). Zeroing the uninitialized bytes would *not* hurt
as long as the *real* sources of entropy still get added.
And one really can't rely on entropy from uninitialized variables, using
them is UB, so the compiler may already use zeros in there instead, or could
have optimized those entirely etc.
Jakub