The length field in the firmware metadata takes into account the size
of the length field itself plus the associated UUID. To get the size
of the contained tables, one must substract those two values. In
parse_fw_meta_data(), this was done incorrectly due to a lack of
parenthesis and operator precedence working from left to right.

For comparison, this is already done correctly in find_table():

    let len = orig_len - (mem::size_of::<Uuid>() + mem::size_of::<u16>());

Since the metadata is parsed backwards, the excessive computed length
would result in accesses to the memory before the firmware metadata.
This region would always be mapped, so no memory faults could end up
occuring.

Signed-off-by: Carlos López <[email protected]>

The functions that do the parsing are contained to the fw_meta module,
so they should return errors related to firmware. This simplifies
error handling in a few places.

Signed-off-by: Carlos López <[email protected]>

Refactor parse_fw_meta_data() to avoid using unsafe and raw pointers
as much as possible. This mainly consists in properly typing the
metadata structures and going from raw pointers to typed references
or values as soon as possible. Since the firmware metadata comes from
the hypervisor, it can be considered untrusted in a confidential
computing model, so extra care is taken when using lengths and
offsets to index into memory.

Signed-off-by: Carlos López <[email protected]>

Signed-off-by: Carlos López <[email protected]>