rdrand: remove unused unsafe

In edition 2024 functions annotated with `target_feature(enable = "..")`
are unsafe to call from contexts not so annotated, and otherwise safe.
This is why the unsafe block around `rdrand_step` was considered unused
by rustc. Thus carry this through and make `rdrand` itself safe (when
called from an annotated context) and remove all the newly unused unsafe
blocks.

Link: https://doc.rust-lang.org/reference/attributes/codegen.html#r-attributes.codegen.target_feature.safety-restrictions.

Author: tamird

src/backends/rdrand.rs

@@ -28,11 +28,10 @@ static RDRAND_GOOD: lazy::LazyBool = lazy::LazyBool::new();
 const RETRY_LIMIT: usize = 10;
 
 #[target_feature(enable = "rdrand")]
-#[cfg_attr(target_os = "uefi", allow(unused_unsafe))] // HACK: Rust lint gives false positive on uefi
-unsafe fn rdrand() -> Option<Word> {
+fn rdrand() -> Option<Word> {
     for _ in 0..RETRY_LIMIT {
         let mut val = 0;
-        if unsafe { rdrand_step(&mut val) } == 1 {
+        if rdrand_step(&mut val) == 1 {
             return Some(val);
         }
     }
@@ -54,7 +53,7 @@ unsafe fn self_test() -> bool {
     let mut prev = Word::MAX;
     let mut fails = 0;
     for _ in 0..8 {
-        match unsafe { rdrand() } {
+        match rdrand() {
             Some(val) if val == prev => fails += 1,
             Some(val) => prev = val,
             None => return false,
@@ -109,14 +108,14 @@ unsafe fn rdrand_exact(dest: &mut [MaybeUninit<u8>]) -> Option<()> {
     // calls to memcpy to be elided by the compiler.
     let mut chunks = dest.chunks_exact_mut(size_of::<Word>());
     for chunk in chunks.by_ref() {
-        let src = unsafe { rdrand() }?.to_ne_bytes();
+        let src = rdrand()?.to_ne_bytes();
         chunk.copy_from_slice(slice_as_uninit(&src));
     }
 
     let tail = chunks.into_remainder();
     let n = tail.len();
     if n > 0 {
-        let src = unsafe { rdrand() }?.to_ne_bytes();
+        let src = rdrand()?.to_ne_bytes();
         tail.copy_from_slice(slice_as_uninit(&src[..n]));
     }
     Some(())
@@ -125,26 +124,26 @@ unsafe fn rdrand_exact(dest: &mut [MaybeUninit<u8>]) -> Option<()> {
 #[cfg(target_arch = "x86_64")]
 #[target_feature(enable = "rdrand")]
 unsafe fn rdrand_u32() -> Option<u32> {
-    unsafe { rdrand() }.map(crate::util::truncate)
+    rdrand().map(crate::util::truncate)
 }
 
 #[cfg(target_arch = "x86_64")]
 #[target_feature(enable = "rdrand")]
 unsafe fn rdrand_u64() -> Option<u64> {
-    unsafe { rdrand() }
+    rdrand()
 }
 
 #[cfg(target_arch = "x86")]
 #[target_feature(enable = "rdrand")]
 unsafe fn rdrand_u32() -> Option<u32> {
-    unsafe { rdrand() }
+    rdrand()
 }
 
 #[cfg(target_arch = "x86")]
 #[target_feature(enable = "rdrand")]
 unsafe fn rdrand_u64() -> Option<u64> {
-    let a = unsafe { rdrand() }?;
-    let b = unsafe { rdrand() }?;
+    let a = rdrand()?;
+    let b = rdrand()?;
     Some((u64::from(a) << 32) | u64::from(b))
 }