Re: [PATCH] Fix EDD3.0 data verification.

[Gleb Natapov]

On Wed, Feb 02, 2011 at 09:14:32AM -0800, H. Peter Anvin wrote:
> On 02/02/2011 03:21 AM, Gleb Natapov wrote:
> > Check for nonzero path in edd_has_edd30() has no sense. First, it looks
> > at the wrong memory. Device path starts at offset 30 of the info->params
> > structure which is at offset 8 from the beginning of info structure, but
> > code looks at info + 4 instead. This was correct when code was introduced,
> > but around v2.6.4 three more fields were added to edd_info structure
> > (commit 66b61a5c in history.git). Second, even if it will check correct
> > memory it will always succeed since at offset 30 (params->key) there will
> > be non-zero values otherwise previous check would fail.
> > 
> > The patch replaces this bogus check with one that verifies checksum.
> > 
> > Signed-off-by: Gleb Natapov <gleb@xxxxxxxxxx>
> 
> This is incorrect; the right thing to do is to use the length byte to
> verify the range that should be checksummed.
> 
According to spec length should be set to 30 on exit.

--
			Gleb.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/