util/nvmutil: re-enable urandom reads

i had to loosen the pledges for the new i/o framework, which needs more permissions as a result, i can now open urandom in this function statically, rather than in nvmutil's control logic and because of that, it's less buggy now arc4random is disabled on linux by default, because it's not universally available on all libc, and only since about 2022 in some glibc versions better for portability to let linux users justt use urandom the new logic is different. now it falls back to rand per-byte, but in practise it almost never will. Signed-off-by: Leah Rowe <leah@libreboot.org>
2026-03-25 13:29:03 +02:00 · 2026-03-15 20:53:06 +00:00
parent 0855088209
commit 1f205662a9
1 changed files with 38 additions and 0 deletions
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -381,6 +381,7 @@ static ushort hextonum(char ch_s);
 static ushort rhex(void);
 #if !defined(HAVE_ARC4RANDOM_BUF) || \
    (HAVE_ARC4RANDOM_BUF) < 1
+static ushort read_urandom(void);
 static ulong entropy_jitter(void);
 #endif
 static void write_mac_part(size_t partnum);
@@ -1370,6 +1371,11 @@ rhex(void)
 	struct timeval tv;
 	ulong mix;
 	static ulong counter = 0;
+	ushort r;
+
+	r = read_urandom();
+	if (r < 16)
+		return r;

 	gettimeofday(&tv, NULL);

@@ -1391,6 +1397,38 @@ rhex(void)
 	return (ushort)(mix & 0xf);
 }

+static ushort
+read_urandom(void)
+{
+	static int fd = -1;
+	static ssize_t n = -1;
+
+	static u8 r[12];
+
+	if (fd < 0) {
+
+		fd = open("/dev/urandom", O_RDONLY);
+
+		if (fd < 0)
+			return 16;
+	}
+
+	if (n < 0) {
+
+		n = rw_file_exact(fd, r, 12, 0, IO_READ,
+		    LOOP_EAGAIN, LOOP_EINTR, 2, OFF_ERR);
+
+		if (n == 0)
+			n = -1;
+		if (n < 0)
+			return 16;
+
+		--n;
+	}
+
+	return r[n--] & 0xf;
+}
+
 static ulong
 entropy_jitter(void)
 {