[PATCH 4/4] random: replace get_random_bytes with get_noncrypto_bytes

Ahmad Fatoum a.fatoum at pengutronix.de
Wed Apr 16 23:58:46 PDT 2025 

get_random_bytes provides random numbers suitable for crypto on Linux,
but in barebox we do not maintain an entropy pool suitable for that.

Instead we have get_crypto_bytes, which gets randomness out of a HWRNG.
Providing the get_random_bytes API with different semantics than in
Linux is thus a security footgun that we should avoid.

Rename it thus to get_noncrypto_bytes and have get_random_bytes generate
an error to assist porting.

Signed-off-by: Ahmad Fatoum <a.fatoum at pengutronix.de>
---
 Documentation/user/random.rst |  2 +-
 commands/stddev.c             |  2 +-
 drivers/mtd/ubi/attach.c      |  4 ++--
 include/stdlib.h              |  9 ++++-----
 lib/random.c                  | 12 +-----------
 lib/uuid.c                    |  4 ++--
 6 files changed, 11 insertions(+), 22 deletions(-)

diff --git a/Documentation/user/random.rst b/Documentation/user/random.rst
index dc3c32ffeb95..39a0a25e0570 100644
--- a/Documentation/user/random.rst
+++ b/Documentation/user/random.rst
@@ -27,7 +27,7 @@ API
         void srand_xor(u64 seed);
 
         /* Fill the buffer with PRNG bits. */
-        void get_random_bytes(void *buf, int len);
+        void get_noncrypto_bytes(void *buf, int len);
 
         /* Fill the buffer with bits provided by HWRNG.
          * This function may fail with a message “error: no HWRNG available!”
diff --git a/commands/stddev.c b/commands/stddev.c
index e9b7dcc0d2f3..e537bf8dacf6 100644
--- a/commands/stddev.c
+++ b/commands/stddev.c
@@ -87,7 +87,7 @@ device_initcall(null_init);
 
 static ssize_t prng_read(struct cdev *cdev, void *buf, size_t count, loff_t offset, ulong flags)
 {
-	get_random_bytes(buf, count);
+	get_noncrypto_bytes(buf, count);
 	return count;
 }
 
diff --git a/drivers/mtd/ubi/attach.c b/drivers/mtd/ubi/attach.c
index 0e7c61e053fb..44fe435e4163 100644
--- a/drivers/mtd/ubi/attach.c
+++ b/drivers/mtd/ubi/attach.c
@@ -1246,8 +1246,8 @@ static int late_analysis(struct ubi_device *ubi, struct ubi_attach_info *ai)
 		if (ai->maybe_bad_peb_count <= 2) {
 			ai->is_empty = 1;
 			ubi_msg(ubi, "empty MTD device detected");
-			get_random_bytes(&ubi->image_seq,
-					 sizeof(ubi->image_seq));
+			get_noncrypto_bytes(&ubi->image_seq,
+					    sizeof(ubi->image_seq));
 		} else {
 			ubi_err(ubi, "MTD device is not UBI-formatted and possibly contains non-UBI data - refusing it");
 			return -EINVAL;
diff --git a/include/stdlib.h b/include/stdlib.h
index 36613eb34a99..f0f7cfd2ed28 100644
--- a/include/stdlib.h
+++ b/include/stdlib.h
@@ -14,7 +14,6 @@ void randbuf_r(u64 *x, void *buf, size_t len);
 void srand_xor(u64 entropy);
 u32 random32(void);
 void get_noncrypto_bytes(void *buf, size_t len);
-void get_random_bytes(void *buf, int len);
 int get_crypto_bytes(void *buf, int len);
 int hwrng_get_crypto_bytes(struct hwrng *rng, void *buf, int len);
 #else
@@ -34,10 +33,6 @@ static inline void get_noncrypto_bytes(void *buf, size_t len)
 {
 	BUG();
 }
-static inline void get_random_bytes(void *buf, int len)
-{
-	BUG();
-}
 static inline int get_crypto_bytes(void *buf, int len)
 {
 	return -ENOSYS;
@@ -53,4 +48,8 @@ static inline u32 prandom_u32_max(u32 ep_ro)
 	return (u32)(((u64) random32() * ep_ro) >> 32);
 }
 
+extern void __compiletime_error(
+	"Depending on use case, use either get_crypto_bytes or get_noncrypto_bytes."
+) get_random_bytes(void *buf, int len);
+
 #endif /* __STDLIB_H */
diff --git a/lib/random.c b/lib/random.c
index 36fb1ec08f05..889d314e0fad 100644
--- a/lib/random.c
+++ b/lib/random.c
@@ -101,16 +101,6 @@ u32 random32(void)
 	return rand_r(&prng_state);
 }
 
-/**
- * get_random_bytes - get pseudo random numbers.
- * This interface can be good enough to generate MAC address
- * or use for NAND test.
- */
-void get_random_bytes(void *buf, int len)
-{
-	get_noncrypto_bytes(buf, len);
-}
-
 int hwrng_get_crypto_bytes(struct hwrng *rng, void *buf, int len)
 {
 	while (len) {
@@ -151,7 +141,7 @@ int get_crypto_bytes(void *buf, int len)
 
 	pr_warn("falling back to Pseudo RNG source!\n");
 
-	get_random_bytes(buf, len);
+	get_noncrypto_bytes(buf, len);
 
 	return 0;
 }
diff --git a/lib/uuid.c b/lib/uuid.c
index 1c134bfb4b15..96f6f4674c0a 100644
--- a/lib/uuid.c
+++ b/lib/uuid.c
@@ -31,7 +31,7 @@ const u8 uuid_index[16] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
  */
 void generate_random_uuid(unsigned char uuid[16])
 {
-	get_random_bytes(uuid, 16);
+	get_noncrypto_bytes(uuid, 16);
 	/* Set UUID version to 4 --- truly random generation */
 	uuid[6] = (uuid[6] & 0x0F) | 0x40;
 	/* Set the UUID variant to DCE */
@@ -41,7 +41,7 @@ EXPORT_SYMBOL(generate_random_uuid);
 
 void generate_random_guid(unsigned char guid[16])
 {
-	get_random_bytes(guid, 16);
+	get_noncrypto_bytes(guid, 16);
 	/* Set GUID version to 4 --- truly random generation */
 	guid[7] = (guid[7] & 0x0F) | 0x40;
 	/* Set the GUID variant to DCE */
-- 
2.39.5

More information about the barebox mailing list