这里有一个潜在的解决方案，可以生成假键盘中断，从内核的 PoV 无法判断这些中断是不是真的.

Here is a potential solution that generates fake keyboard interrupts, from the PoV of the kernel there's no way to tell that these interrupts aren't real.

只有安装了 SA_SAMPLE_RANDOM 的中断处理程序才会产生熵，这消除了为此目的的系统调用.然而，键盘中断确实会产生熵.

Only interrupt handlers installed with SA_SAMPLE_RANDOM will generate entropy, this eliminates syscalls for this purpose. However keyboard interrupts do generate entropy.

我没有测试以下代码，也不能提供任何保证，但我相信如果作为内核模块的一部分运行它应该可以工作.

I have not tested the following code, and can't offer any guarantees, but I believe that it should work if ran as part of a kernel module.

以下代码片段显示了如何将键强行注入键盘控制器的缓冲区.如果没有插入真正的 PS/2 键盘(或在 BIOS 中支持 Legacy USB 的 USB 键盘)，这将不起作用.此代码复制自 Phrack 上的 SMM 键盘记录器文章

The following snippet of code shows how to forcefully inject a key into the keyboard controller's buffer. This will not work if a real PS/2 keyboard (or USB keyboard with Legacy USB support in BIOS) is not plugged in. This code was copied from a SMM keylogger article on Phrack

代码是在 x86 汇编中的，如果你用 C 编写内核模块，你可以将它包裹在一个内联汇编块 asm(""); 中.

The code is in x86 assembly, you can wrap it in an inline assembly block asm(""); if you write your kernel module in C.

; write command byte 0xD2 to command port 0x64
; to re-inject intercepted scan code into keyboard controller buffer
; so that OS keyboard interrupt can read and display it later
mov al, 0xd2
out 0x64, al
; wait until keyboard controller is ready to read
_wait:
in al, 0x64
test al, 0x2
jnz _wait
; re-inject scan code for the key '1' 
mov ax, 1
out 0x60, al

然后产生键盘中断:

int 33

中断 33 通常是 PS/2 键盘.这将导致 Linux 处理键盘中断，读取我们的假扫描码，并为您生成一些随机性.您将希望在循环中调用此方法，但要小心，Linux 部分基于两次中断之间的间隔生成随机性，如果您以固定间隔强制中断，则此方法将获得很少的熵.

Interrupt 33 is typically the PS/2 keyboard. This will cause Linux to handle the keyboard interrupt, read our fake scancode, and generate some randomness for you. You will want to call this in a loop, but be careful, Linux generates randomness based in part on the interval between two interrupts, if you force interrupts at fixed intervals, you will get very little entropy out of this method.

请注意，如果您只执行 asm("int $33") 而不运行代码的第一部分，它也应该可以工作，但这可能会混淆内核.

Note that it should also work if you do just asm("int $33") without running the first part of the code, but that might confuse the kernel.