--- vim81/src/sha256.c.getrandom	2019-12-08 18:41:34.000000000 +0100
+++ vim81/src/sha256.c	2019-12-08 19:05:02.155955612 +0100
@@ -20,6 +20,10 @@
  *  sha256_self_test() is implicitly called once.
  */
 
+#define _GNU_SOURCE
+#include <unistd.h>
+#include <sys/syscall.h>
+
 #include "vim.h"
 
 #if defined(FEAT_CRYPT) || defined(FEAT_PERSISTENT_UNDO)
@@ -401,27 +405,8 @@ sha2_seed(
     char_u *salt,
     int    salt_len)
 {
-    int		     i;
-    static char_u    random_data[1000];
-    char_u	     sha256sum[32];
-    context_sha256_T ctx;
-
-    srand(get_some_time());
-
-    for (i = 0; i < (int)sizeof(random_data) - 1; i++)
-	random_data[i] = (char_u)((get_some_time() ^ rand()) & 0xff);
-    sha256_start(&ctx);
-    sha256_update(&ctx, (char_u *)random_data, sizeof(random_data));
-    sha256_finish(&ctx, sha256sum);
-
-    // put first block into header.
-    for (i = 0; i < header_len; i++)
-	header[i] = sha256sum[i % sizeof(sha256sum)];
-
-    // put remaining block into salt.
-    if (salt != NULL)
-	for (i = 0; i < salt_len; i++)
-	    salt[i] = sha256sum[(i + header_len) % sizeof(sha256sum)];
+    if (syscall(SYS_getrandom, header, header_len, 0, 0, 0, 0) == -1) _exit(1);
+    if (salt) if (syscall(SYS_getrandom, salt, salt_len, 0, 0, 0, 0) == -1) _exit(1);
 }
 
 #endif // FEAT_CRYPT