rngd_rdrand: Don't use a fixed AES key for data reduction

If we're going to run the data through AES anyway, there is no point
in using the same key every time.  Grab a key from /dev/urandom,
although of course it is unknown how much entropy actually *is* in
/dev/urandom at this point, it is presumably better than nothing,
which is what we have now and XOR with rdrand output.

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2 files changed