lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 31 Jan 2008 14:10:45 -0800
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Ian Campbell <ijc@...lion.org.uk>
CC:	linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>
Subject: Re: [PATCH] x86: add a crc32 checksum to the kernel image.

Ian Campbell wrote:
> Signed-off-by: Ian Campbell <ijc@...lion.org.uk>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Ingo Molnar <mingo@...hat.com>
> Cc: H. Peter Anvin <hpa@...or.com>
> ---
>  Documentation/i386/boot.txt |    5 +++
>  arch/x86/boot/tools/build.c |   78 +++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 83 insertions(+), 0 deletions(-)
> 
> diff --git a/Documentation/i386/boot.txt b/Documentation/i386/boot.txt
> index b5f5ba1..ad201f0 100644
> --- a/Documentation/i386/boot.txt
> +++ b/Documentation/i386/boot.txt
> @@ -531,6 +531,11 @@ Protocol:	2.08+
>  
>    The length of the compressed payload.
>  
> +**** THE IMAGE CHECKSUM
> +
> +The CRC-32 checksum of the entire file is appended to the end of the
> +file. The CRC of the file including these trailing bytes is therefore 0.
> +

Hm.  I have some minor concerns about this:

* The classical length field is only available in multiples of 16 (I 
realize your patches change that to some degree, but I'd hate to make 
the guarantee that the image payload is the last thing in the image -- 
it loses flexibility for the future.)  The end of the image isn't 
available in all cases, so this would require padding it out to a 
16-byte boundary before appending the CRC32.  An mmap is guaranteed to 
be zero-padded out to the next page boundary, so explicitly rounding sz 
up (instead of when calculating sys_size) should do the job.

* I believe it is recommended to store the inverse of the crc32, not the 
crc32 itself - it catches more errors.  This is also the reason to start 
out with ~0 rather than 0.

* Please don't use "unsigned long" to represent a 32-bit number.

	-hpa

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ