From: Jason A. Donenfeld <Jason@zx2c4.com>
Date: Wed, 16 Nov 2022 18:34:53 +0000 (+0100)
Subject: boot: do not truncate random seed file
X-Git-Tag: v253-rc1~501^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5d29d07b342397a8ecc4bea96f53595a03dd94f1;p=thirdparty%2Fsystemd.git

boot: do not truncate random seed file

There are concerns about the FAT file system driver exploding if we try
to do this, so just leave the bytes zeroed out instead.
---

diff --git a/src/boot/efi/random-seed.c b/src/boot/efi/random-seed.c
index 02f4dfbc7f3..e6a317860d8 100644
--- a/src/boot/efi/random-seed.c
+++ b/src/boot/efi/random-seed.c
@@ -263,7 +263,7 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) {
         sha256_finish_ctx(&hash, random_bytes);
 
         size = sizeof(random_bytes);
-        /* If the file size is too large, zero out the remaining bytes on disk, and then truncate. */
+        /* If the file size is too large, zero out the remaining bytes on disk. */
         if (size < info->FileSize) {
                 err = handle->SetPosition(handle, size);
                 if (err != EFI_SUCCESS)
@@ -280,10 +280,17 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) {
                 err = handle->SetPosition(handle, 0);
                 if (err != EFI_SUCCESS)
                         return log_error_status_stall(err, L"Failed to seek to beginning of random seed file: %r", err);
-                info->FileSize = size;
-                err = handle->SetInfo(handle, &GenericFileInfo, info->Size, info);
-                if (err != EFI_SUCCESS)
-                        return log_error_status_stall(err, L"Failed to truncate random seed file: %r", err);
+
+                /* We could truncate the file here with something like:
+                 *
+                 *     info->FileSize = size;
+                 *     err = handle->SetInfo(handle, &GenericFileInfo, info->Size, info);
+                 *     if (err != EFI_SUCCESS)
+                 *             return log_error_status_stall(err, L"Failed to truncate random seed file: %r", err);
+                 *
+                 * But this is considered slightly risky, because EFI filesystem drivers are a little bit
+                 * flimsy. So instead we rely on userspace eventually truncating this when it writes a new
+                 * seed. For now the best we do is zero it. */
         }
         /* Update the random seed on disk before we use it */
         wsize = size;