lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20081116072300.GB19646@elte.hu>
Date:	Sun, 16 Nov 2008 08:23:00 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Philipp Kohlbecher <xt28@....de>, Ingo Molnar <mingo@...hat.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86: alternative identifier for Phoenix BIOS


* H. Peter Anvin <hpa@...or.com> wrote:

> Philipp Kohlbecher wrote:
> > My laptop (a Samsung X20) contains a Phoenix BIOS and would 
> > benefit from patch 1e22436eba84edfec9c25e5a25d09062c4f91ca9 (x86: 
> > reserve low 64K on AMI and Phoenix BIOS boxen).
> > 
> > However, according to /sys/class/dmi/id/bios_vendor, the BIOS 
> > identifies its vendor as "Phoenix Technologies LTD" (sans the 
> > comma).

Note that we should do a simpler patch: just change the string to 
"Phoenix Technologies" and that will provide a proper match. (DMI 
matches work on substrings too)

Also, note that you can also force this behavior (and the checking) 
via CONFIG_X86_CHECK_BIOS_CORRUPTION=y - that will enable the 
reservation and a debug check regardless of DMI matches.

> Given that AMI and Phoenix combined is something like 80% of the 
> BIOS market, if not more, it might simply be easier to make it 
> unconditional, or make it a whitelist instead.

The (slim) hope would be for them to address the memory corruptions 
that have been reported. It can affect older Linux versions, etc. So 
we want to print the fact to the syslog, based on the DMI strings from 
the reports.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ