On Fri, 23 Jun 2023 at 13:31, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote:
>
> We always have to write when using so that we don't credit the same
> seed twice, so it's gotta be used at a stage when SetVariable is
> somewhat working.
This code isn't even the code that "uses" the alleged entropy from
that EFI variable in the first place. That's the code in
efi_random_get_seed() in the EFI boot sequence, and appends it to the
bootup randomness buffers.
And that code already seems to clear the EFI variable (or seems to
append to it).
So this argument seems to be complete garbage - we absolutely do not
have to write it, and your patch already just wrote it in the wrong
place anyway.
Don't make excuses. That code caused boot failures, it was all done in
the wrong place, and at entirely the wrong time.
Linus
