From 7bff5712b4cf528b0b00649538545e66cc3a39ee Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Wed, 25 Mar 2026 11:03:23 +0000
Subject: util/libreboot-utils: simplified rand

only use the getrandom syscall on linux,
or arc4random.

the /dev/urandom fallback is removed, and
we use the syscall; failure is almost certainly
unlikely, but if it fails, we abort. this
provides therefore the same guarantee as
bsd arc4random, since it will never return
under fault conditions. it will only ever
return success, or abort.

nobody should be using /dev/urandom in 2026.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/libreboot-utils/include/common.h | 19 +------------------
 1 file changed, 1 insertion(+), 18 deletions(-)

(limited to 'util/libreboot-utils/include')

diff --git a/util/libreboot-utils/include/common.h b/util/libreboot-utils/include/common.h
index 0bab30de..fb3aa886 100644
--- a/util/libreboot-utils/include/common.h
+++ b/util/libreboot-utils/include/common.h
@@ -13,24 +13,13 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <limits.h>
+#include <errno.h>
 
 /* for linux getrandom
  */
 #if defined(__linux__)
-#include <errno.h>
-#if defined(__has_include)
-#if __has_include(<sys/random.h>)
 #include <sys/random.h>
-#define HAVE_GETRANDOM 1
-#endif
-#endif
-#if !defined(HAVE_GETRANDOM)
 #include <sys/syscall.h>
-#if !defined(SYS_getrandom)
-#define HAVE_GETRANDOM_SYSCALL 1
-#endif
-#endif
-
 #endif
 
 #define items(x) (sizeof((x)) / sizeof((x)[0]))
@@ -396,12 +385,6 @@ int dcat(const char *s, size_t n,
 
 unsigned short hextonum(char ch_s);
 size_t rlong(void);
-#if defined(__linux__)
-#if defined(HAVE_GETRANDOM) || \
-    defined(HAVE_GETRANDOM_SYSCALL)
-int fallback_rand_getrandom(void *buf, size_t len);
-#endif
-#endif
 
 /* Helper functions for command: dump
  */
-- 
cgit v1.2.1