GNU bug report logs - #35714
Parted destroys mbr_signature (Disk Identifier) when adding MBR bootcode

Previous Next

Package: parted;

Reported by: Matthijs Kooijman <matthijs <at> stdin.nl>

Date: Mon, 13 May 2019 14:21:03 UTC

Severity: normal

Full log

View this message in rfc822 format

From: Matthijs Kooijman <matthijs <at> stdin.nl>
To: 35714 <at> debbugs.gnu.org
Subject: bug#35714: Parted destroys mbr_signature (Disk Identifier) when adding MBR bootcode
Date: Mon, 13 May 2019 10:52:12 +0200

[Message part 1 (text/plain, inline)]
Hi folks,

I believe I found a bug in the dos partition table writer. Let me start
with the cause. There's this bit of code:

	if (!table->boot_code[0]) {
		memset (table->boot_code, 0, 512);
		memcpy (table->boot_code, MBR_BOOT_CODE, sizeof (MBR_BOOT_CODE));
	}

When a disk has no MBR bootcode, this adds some. However, it also starts
with clearing the *entire* MBR sector. I believe this should just clear
the bootcode, e.g.

	- memset (table->boot_code, 0, 512);
	+ memset (table->boot_code, 0, sizeof(table->boot_code));

The current code clears the mbr_signature, partition table and magic at
the end. The partition table is rewritten from the table in memory, the
magic value is simply replaced with a fixed value, but the mbr_signature
is replaced by newly randomly generated value.

Effectively, this means that when modifying a partition table without
any boot code, the mbr_signature will be changed.

I've noticed this problem on a Raspberry pi. The default raspbian images
are generated using fdisk, without any boot code (which is not needed on
a pi). Modifying the partition table using parted then generates a new
mbr_signature. Since this signature (called Disk Identifier by fdisk) is
used to generate the PARTUUID for partitions [1], and the PARTUUID is used
to locate the root filesystem, this effectively makes the system
unbootable.

It seems this has been known for a while, since a workaround [2] has
been (silently, without mentioning it in the commend message) introduced
two years ago [3] in the raspberry pi resizing code (probably at the
same time they started using PARTUUID I suspect).

Also note that the disk identifier is only changes once, since then the
MBR has bootcode and parted no longer needs to clear things.

Gr.

Matthijs

[1]: https://raspberrypi.stackexchange.com/a/95436/70022
[2]: https://github.com/RPi-Distro/raspi-config/blob/master/init_resize.sh#L77-L82
[3]: https://github.com/RPi-Distro/raspi-config/commit/44a2e6188c004de50b6c25c8bace2872d672cdd1

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 6 years and 35 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.