chid_match: match UEFI firmware hwids with the current smbios data#42570
Conversation
3e8f14c to
95a46af
Compare
Claude review of PR #42570 (cbf8033)Must fix
Suggestions
Nits
|
95a46af to
583b869
Compare
583b869 to
2113076
Compare
2113076 to
7162d3f
Compare
b5630b7 to
fd438eb
Compare
fd438eb to
d04ddfa
Compare
| /* Count devices and check validity */ | ||
| for (; (n_devices + 1) * sizeof(*devices) < hwid_length;) { | ||
| const Device *device = &devices[n_devices]; | ||
| uint32_t device_type = DEVICE_TYPE_FROM_DESCRIPTOR(device->descriptor); |
There was a problem hiding this comment.
Claude: suggestion: Only the type nibble of the descriptor is validated (via DEVICE_TYPE_FROM_DESCRIPTOR); the size field encoded in the low 28 bits (DEVICE_SIZE_FROM_DESCRIPTOR(device->descriptor)) is read from the untrusted .hwids table but never checked against sizeof(Device). The counting loop instead advances by a fixed sizeof(*devices) stride and reads the union offsets at fixed positions 20/24, so a malformed descriptor declaring a different size is silently parsed as if it were 28 bytes. The format documents the descriptor as encoding the per-entry size (and assert_cc ties DEVICE_DESCRIPTOR_* to sizeof(Device)), so consider rejecting entries where DEVICE_SIZE_FROM_DESCRIPTOR(device->descriptor) != sizeof(Device) rather than ignoring the declared size.
There was a problem hiding this comment.
This is not correct if different device types have different sizes.
c0c716a to
a754a1f
Compare
UEFI firmware type hwids must be matched against the current hardware first. This change implements that. Additionally, some extra validations on the hwids entries have also been added.
a754a1f to
cbf8033
Compare

UEFI firmware type hwids must be matched against the current hardware. Due to a gap, this was previously not being done.