]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/random-seed/random-seed.c
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0be7221) | patch
random-seed: refresh EFI boot seed when writing a new seed 25319/head
authorJason A. Donenfeld <Jason@zx2c4.com>
Fri, 11 Nov 2022 14:22:35 +0000 (15:22 +0100)
committerJason A. Donenfeld <Jason@zx2c4.com>
Mon, 14 Nov 2022 14:24:00 +0000 (15:24 +0100)
commitf913c784ad4c93894fd6cb2590738113dff5a694
treea5b6b8b5d58e79707206206a0cb0aa5972632c06tree | snapshot
parent0be72218f1c90af5755ab40f94d047ee6864aea8commit | diff
random-seed: refresh EFI boot seed when writing a new seed

Since this runs at shutdown to write a new seed, we should also keep the
bootloader's seed maximally fresh by doing the same. So we follow the
same pattern - hash some new random bytes with the old seed to make a
new seed. We let this fail without warning, because it's just an
opportunistic thing. If the user happens to have set up the random seed
with bootctl, and the RNG is initialized, then things should be fine. If
not, we create a new seed if systemd-boot is in use. And if not, then we
just don't do anything.
src/random-seed/random-seed.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.