nvmutil: new urandom fd every time (rlong)

otherwise, a stale descriptor could be manipulated easily by an attacker over time very theoretical to be honest Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-18 04:18:58 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-18 04:18:58 +0000
commit: 7d5384ebb03d7a24ec50ab4432d18519ca8814f2 (patch)
tree: 7889f91cb58356e6da1c4c864a24e03ddcf3e62f /util/nvmutil
parent: fb9e66036724ede10006f23b9b03b8866d780414 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index f89a0a31..8495836f 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -992,7 +992,7 @@ rlong(void)
 	static unsigned long mix = 0;
 	static unsigned long counter = 0;
 
-	static int fd = -1;
+	int fd = -1;
 
 	struct x_st_timeval tv;
 
@@ -1055,6 +1055,9 @@ rlong(void)
 	    sizeof(unsigned long), 0, IO_READ, LOOP_EAGAIN,
 	    LOOP_EINTR, MAX_ZERO_RW_RETRY, OFF_ERR);
 
+	if (x_i_close(fd) < 0)
+		err(errno, "Can't close randomness fd");
+
 	if (nr == sizeof(unsigned long))
 		return rval;
 
@@ -3095,11 +3098,15 @@ int
 x_i_close(int fd)
 {
 	int r;
+	int saved_errno = errno;
 
 	do {
 		r = close(fd);
 	} while (r == -1 && errno == EINTR);
 
+	if (r > -1)
+		errno = saved_errno;
+
 	return r;
 }
author	Leah Rowe <leah@libreboot.org>	2026-03-18 04:18:58 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-18 04:18:58 +0000
commit	7d5384ebb03d7a24ec50ab4432d18519ca8814f2 (patch)
tree	7889f91cb58356e6da1c4c864a24e03ddcf3e62f /util/nvmutil
parent	fb9e66036724ede10006f23b9b03b8866d780414 (diff)