libflash/libffs: Zero checksum words

On writing ffs entries to flash libffs doesn't zero checksum words
before calculating the checksum across the entire structure. This causes
an inaccurate calculation of the checksum as it may calculate a checksum
on non-zero checksum bytes.

This patch solves this by zeroing the entire structure which is to be
written to the flash before calculating the checksum across the struct.

Fixes: 602dee4 libflash/libffs: Rework libffs
Signed-off-by: Cyril Bur <cyril.bur@au1.ibm.com>
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>

libflash/libffs.c

@@ -144,6 +144,14 @@ static int ffs_entry_to_flash(struct ffs_hdr *hdr,
 	if (!ent)
 		return FFS_ERR_PART_NOT_FOUND;
 
+	/*
+	 * So that the checksum gets calculated correctly at least the
+	 * dst->checksum must be zero before calling ffs_entry_checksum()
+	 * memset()ting the entire struct to zero is probably wise as it
+	 * appears the reserved fields are always zero.
+	 */
+	memset(dst, 0, sizeof(*dst));
+
 	memcpy(dst->name, src->name, sizeof(dst->name));
 	dst->name[FFS_PART_NAME_MAX] = '\0';
 	dst->base = cpu_to_be32(src->base / hdr->block_size);
@@ -625,6 +633,14 @@ int ffs_hdr_finalise(struct blocklevel_device *bl, struct ffs_hdr *hdr)
 	if (!real_hdr)
 		return FLASH_ERR_MALLOC_FAILED;
 
+	/*
+	 * So that the checksum gets calculated correctly at least the
+	 * real_hdr->checksum must be zero before calling ffs_hdr_checksum()
+	 * memset()ting the entire struct to zero is probably wise as it
+	 * appears the reserved fields are always zero.
+	 */
+	memset(real_hdr, 0, sizeof(*real_hdr));
+
 	real_hdr->magic = cpu_to_be32(FFS_MAGIC);
 	real_hdr->version = cpu_to_be32(hdr->version);
 	real_hdr->size = cpu_to_be32(hdr->size / hdr->block_size);