lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 25 Sep 2008 15:57:50 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Jiri Kosina <jkosina@...e.cz>
CC:	Jesse Barnes <jbarnes@...tuousgeek.org>,
	Frans Pop <elendil@...net.nl>, airlied@...il.com,
	Jeff Garzik <jeff@...zik.org>, davem@...emloft.net,
	jeffrey.t.kirsher@...el.com, david.vrabel@....com, rjw@...k.pl,
	linux-kernel@...r.kernel.org, kernel-testers@...r.kernel.org,
	chrisl@...are.com, Ingo Molnar <mingo@...e.hu>,
	jesse.brandeburg@...il.com
Subject: Re: [Bug #11382] e1000e: 2.6.27-rc1 corrupts EEPROM/NVM

Jiri Kosina wrote:
> On Thu, 25 Sep 2008, Jesse Barnes wrote:
> 
>> However, the "Factory" log at #425480 *does* indicate that a GEM aware 
>> 2D driver was loaded (the "[drm:i915_getparam] *ERROR* Unknown parameter 
>> 5" message indicates as much), but the kernel was definitely not GEM 
>> aware otherwise the call would have succeeded.  So that rules out GEM 
>> proper, but it could still be a bug in one of the non-GEM paths in the 
>> experimental xf86-video-intel bits the various distros seem to be 
>> picking up.
> 
> That was exactly the point I was trying to make, that these error paths 
> will probably also need auditing, once we rule out the possibility of 
> NVRAM being overwritten from kernelspace.
> 

Okay, I just had a scary and hopefully stupid thought.

Especially Intel often has backchannels between the chipset and the 
Ethernet controller for management functions -- anything from WoL to 
IPMI -- generally over some kind of low-speed serial bus.

We're not in a situation where the EEPROM can be touched from the 
chipset via the SMBus or some other non-CPU channel?

	-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ