efibootmgr -w is a no-op

[mgedmin]

I was very curious about the --write-signature option and wanted to see what it actually does, so I looked at the source code.

What it's supposed to do: generate a random-ish number and write it into the 32-bit signature field in the MBR (at offset +440), when the current value of the signature in there is zero.

What it actually does: nothing, since commit ada1a1cfa83f7608c9dfc2a21e82af31a21886ba. The command-line parser sets opt.write_signature = 1 but nothing checks if it's set or not. The code that should check is in make_linux_load_option() that calls efi_generate_file_device_path_from_esp() and ought to be setting the EFIBOOT_OPTIONS_WRITE_SIGNATURE bit in options when opts.write_signature is nonzero.

I could probably create a patch, but I don't think that I could test it properly. As I said, I discovered this by reading the source code rather than by having efibootmgr fail in practice.

[martinezjavier]

@mgedmin yes, I think you are correct. Do you feel like writing a patch for this ?

[mgedmin]

I have absolutely no memory of filing this issue, so it would be rather difficult.

[frozencemetery]

The easiest patch to write would be to deprecate the option, I think - remove it from man page and --help etc.