Re: What is cruft, what is security, and can the LibreSSL programmers tell the difference?
OpenBSD's approach to porting is use plain OS functions and if the functions are broken on the target OS then it's the target OS which should be fixed, in contrast to OpenSSL's approach to porting which is to reinvent the wheel several hundred times. OpenBSD also said that they released the library to get testing and feedback.
In this case there is a highly-commented Linux work-around for obtaining entropy showing exactly where the target OS has problems, what the work around is, and asking for it to be fixed. If it is finally fixed then the work around will be removed. Until that time the work around will be improved on.
So what this guy did was read the Linux work-around comments and code and found the Linux work-around was not perfect. He could do this because most of the code is common to all platforms, apart from a few work arounds for each platform.
In short, this was what was supposed to happen.
Biting the hand that feeds IT
