efi: random: fix NULL-deref when refreshing seed

Do not try to refresh the RNG seed in case the firmware does not support setting variables. This is specifically needed to prevent a NULL-pointer dereference on the Lenovo X13s with some firmware revisions, or more generally, whenever the runtime services have been disabled (e.g. efi=noruntime or with PREEMPT_RT). Fixes: e7b813b ("efi: random: refresh non-volatile random seed when RNG is initialized") Reported-by: Steev Klimaszewski <steev@kali.org> Reported-by: Bjorn Andersson <andersson@kernel.org> Tested-by: Steev Klimaszewski <steev@kali.org> Tested-by: Andrew Halaney <ahalaney@redhat.com> # sc8280xp-lenovo-thinkpad-x13s Signed-off-by: Johan Hovold <johan+linaro@kernel.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
mariux64 · Dec 20, 2022 · 41a1585 · 41a1585
1 parent 6bb20c1
commit 41a1585
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
@@ -429,7 +429,9 @@ static int __init efisubsys_init(void)
 		platform_device_register_simple("efi_secret", 0, NULL, 0);
 #endif
 
-	execute_with_initialized_rng(&refresh_nv_rng_seed_nb);
+	if (efi_rt_services_supported(EFI_RT_SUPPORTED_SET_VARIABLE))
+		execute_with_initialized_rng(&refresh_nv_rng_seed_nb);
+
 	return 0;
 
 err_remove_group: