commit 7c5bd948bb7e21fa0ee22f29e97748b2d0360319
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date:   Thu May 17 14:16:58 2018 +0200

    util: fall back to reading /dev/urandom when getrandom() blocks
    
    With recent changes in the Linux kernel, the getrandom() system call may
    block for a long time after boot on machines that don't have enough
    entropy. It blocks the chronyd's initialization before it can detach
    from the terminal and may cause a chronyd service to fail to start due
    to a timeout.
    
    At least for now, enable the GRND_NONBLOCK flag to make the system call
    non-blocking and let the code fall back to reading /dev/urandom (which
    never blocks) if the system call failed with EAGAIN or any other error.
    
    This makes the start of chronyd non-deterministic with respect to files
    that it needs to open and possibly also makes it slightly easier to
    guess the transmit/receive timestamp in client requests until the
    urandom source is fully initialized.

diff --git a/util.c b/util.c
index 4b3e455..76417d5 100644
--- a/util.c
+++ b/util.c
@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, unsigned int len)
       if (disabled)
         break;
 
-      if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
+      if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof (rand_buf)) {
         disabled = 1;
         break;
       }