nvmutil: new urandom fd every time (rlong)

otherwise, a stale descriptor could be manipulated easily by an attacker over time very theoretical to be honest Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-18 04:18:58 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-26 06:59:42 +0000
commit: cdce83d19e80435b1856824c2fac8747a566c3f4 (patch)
tree: 4cad42e777d7a71fd41484d56d25b6f76b7ff048
parent: a4004095172643cb7170f1b841996955e967dbd5 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index f89a0a31..8495836f 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -992,7 +992,7 @@ rlong(void)
 	static unsigned long mix = 0;
 	static unsigned long counter = 0;
 
-	static int fd = -1;
+	int fd = -1;
 
 	struct x_st_timeval tv;
 
@@ -1055,6 +1055,9 @@ rlong(void)
 	    sizeof(unsigned long), 0, IO_READ, LOOP_EAGAIN,
 	    LOOP_EINTR, MAX_ZERO_RW_RETRY, OFF_ERR);
 
+	if (x_i_close(fd) < 0)
+		err(errno, "Can't close randomness fd");
+
 	if (nr == sizeof(unsigned long))
 		return rval;
 
@@ -3095,11 +3098,15 @@ int
 x_i_close(int fd)
 {
 	int r;
+	int saved_errno = errno;
 
 	do {
 		r = close(fd);
 	} while (r == -1 && errno == EINTR);
 
+	if (r > -1)
+		errno = saved_errno;
+
 	return r;
 }
author	Leah Rowe <leah@libreboot.org>	2026-03-18 04:18:58 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-26 06:59:42 +0000
commit	cdce83d19e80435b1856824c2fac8747a566c3f4 (patch)
tree	4cad42e777d7a71fd41484d56d25b6f76b7ff048
parent	a4004095172643cb7170f1b841996955e967dbd5 (diff)