lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 12 Apr 2009 07:59:57 -0700 (PDT)
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	"H. Peter Anvin" <hpa@...or.com>
cc:	Avi Kivity <avi@...hat.com>, Pavel Machek <pavel@....cz>,
	Ingo Molnar <mingo@...e.hu>, mingo@...hat.com,
	linux-kernel@...r.kernel.org, tglx@...utronix.de,
	hpa@...ux.intel.com, rjw@...k.pl, linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/setup] x86, setup: "glove box" BIOS calls --
 infrastructure



On Sat, 11 Apr 2009, H. Peter Anvin wrote:
> 
> The main thing you could do is drop or virtualize memory accesses to RAM it
> should never access in the first place, like some BIOSes which scribble over
> random locations in low memory.

Please don't.

This discussion is just taking us down a rat-hole of more complexity, and 
_way_ more fragility.

I'm absolutely willing to bet that trying to do the BIOS calls will break 
way more than it will fix. Sure, it will probably work for 99.9% of all 
BIOSes, but then it will break horribly for some BIOS that tries to do 
something "clever". SMM has already been mentioned as an example of 
something that simply isn't virtualizable.

Timing is another, very traditional, one. There used to be video BIOSes 
that simply didn't work in a dosbox-like environment because they had 
tight timing loops that were coupled to hardware. I can pretty much 
guarantee that that has gone away as far as the video BIOS is concerned, 
but the main BIOS? Who the hell knows.

Sure, none of the calls we do to the BIOS from the kernel should need 
anything fancy at all, and maybe I'm pessimistic. But at the same time, I 
really don't think the BIOS calls are worth that kind of infrastructure. 

Sure, go ahead and wrap them in some kind of "save and restore all 
registers" wrapping, but nothing fancier than that. It would just be 
overkill, and likely to break more than it fixes.

		Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ