Change the default from /dev/urandom to /dev/random

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

ChangeLog.d/dev-random.txt

@@ -2,3 +2,10 @@ Features
    * The device for reading entropy on platforms without a dedicated system
      call can now be configured with MBEDTLS_PLATFORM_DEV_RANDOM or
      mbedtls_platform_dev_random.
+
+Security
+   * The default device for reading entropy on platforms without a dedicated
+     system call is now /dev/random instead of /dev/urandom. This is safer
+     on Linux in case the application runs early after the kernel boots,
+     but may block needlessly on Linux <= 5.6. Reported by supers1ngular
+     (BayLibre).

include/mbedtls/mbedtls_config.h

@@ -4176,14 +4176,14 @@
  *   if it is used early after the kernel boots, especially on embedded
  *   devices without an interactive user.
  *
- * Thus you should change the value to `/dev/random` if your application
+ * Thus you should change the value to `/dev/urandom` if your application
  * may be used on a device running Linux without a dedicated hardware
- * entropy source early after boot.
+ * entropy source, and doesn't run early during or after boot.
  *
  * This is the default value of ::mbedtls_platform_dev_random, which
  * can be changed at run time.
  */
-//#define MBEDTLS_PLATFORM_DEV_RANDOM "/dev/urandom"
+//#define MBEDTLS_PLATFORM_DEV_RANDOM "/dev/random"
 
 /** \def MBEDTLS_CHECK_RETURN
  *

include/mbedtls/platform.h

@@ -395,7 +395,7 @@ int mbedtls_platform_set_exit(void (*exit_func)(int status));
 #endif
 
 #if !defined(MBEDTLS_PLATFORM_DEV_RANDOM)
-#define MBEDTLS_PLATFORM_DEV_RANDOM "/dev/urandom"
+#define MBEDTLS_PLATFORM_DEV_RANDOM "/dev/random"
 #endif
 
 #if defined(MBEDTLS_PLATFORM_HAVE_DEV_RANDOM)