[syslinux] isolinux.bin checksum
ady-sf at hotmail.com
Thu Jan 11 18:48:50 PST 2018
> Ady wrote:
> > This is a quote from Wonko/Jaclaz, who has also been investigation this
> > issue and deserves credit for it:
> > Ok, not that I understand the code, but what *somehow* happens is that
> > the "embedded" checksum in Isolinux.bin (starting from 4.00) is the
> > checksum of the WHOLE file (i.e. starting from offset 0 instead of 64)
> > at a time when:
> > 1) the dword at offset 0x10 (bi_length) is still 0xDEAFBEEF
> > 2) the dword at offset 0x14 (bi_csum) is still 0xDEADBEEF
> > [...] Credits also go to Erwan.L.
> Slapping hand against forehead: I should have come to the idea to restore
> the initial byte pattern before testing with offset 0 instead of 64.
> The observations match my theory about the missing addition of "start"
> when beginning the checksum loop, if "start" is 64.
> > Since I am not a developer, I cannot avoid wondering whether patching
> > prepcore.c would have additional consequences.
> The change should only influence the checksum, which can hardly get worse.
> It comes to me that a run of old checksumiso.pl should have the same
> effect as putting isolinux.bin into an ISO. I.e. test would be whether
> the four bytes at offset 20 of a freshly built isolinux change by a run
> of checksumiso.pl.
> If they don't change, then we have a high probability of correct code
> in prepcore.c.
I was able to test isolinux.bin + ldlinux.c32 built with the patch
suggested by Thomas.
A_ The default checksum included in the tested isolinux.bin (offset 20,
4-bytes-long) is the "correct" one (as oppose to the current situation,
since version 4.00).
B_ The aforementioned checksum is corroborated by several ISO-building
tools, by using their respective "patch info table" options.
C_ When building ISO images without using the "patch info table"
option, the checksum was unaltered, and the ISO image still
successfully boots a VM. This is in contrast to the current situation
(since version 4.00), in which the default checksum is incorrect and
the resulting ISO images (without patching the boot info table) fail to
boot, showing instead a "checksum error".
D_ Considering that mkisofs patches the boot info table on the source
isolinux.bin file (not just the file within the resulting ISO image, as
xorriso does), the content of every ISO image generated for these tests
was then extracted, and the extracted isolinux.bin file was compared,
not just against the source of the ISO image but also against the
original/initial isolinux.bin (built with Thomas' patch).
E_ In the tested isolinux.bin, after the 4-bytes-long checksum (offsets
20 to 23), there is a series of 0xDEADBEEF, repeated 7 times (i.e.
28-bytes-long series of "EF BE AD DE"). Under some circumstances (e.g.
using, or not using, specific options), some ISO-building tools replace
these bytes with zeroes. This is not new, and should not affect the
F_ In the tested isolinux.bin file, there are two additional bytes that
I found to be changed/affected by some ISO-building tools (e.g.
mkisofs), at offset 12 and offset 13. I haven't checked the
meaning/usage of these particular offsets in isolinux.bin, so I don't
know the reason for this change. Perhaps Thomas has this (background)
info more "at hand" than I?
G_ I have not tested isolinux-debug.bin nor any isohybrid features.
>From the point of view of the isolinux.bin checksum, Thomas's patch
seems to provide the correct effect: successfully booting isolinux.bin
is possible even when not patching the boot info table (under
simplified conditions), which should help support less-knowledgeable
users. This was the intention of the improvements originally introduced
in Syslinux 2.12, and broken since version 4.00.
Thoughts? Comments? Feedback?
More information about the Syslinux