lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20081118150659.GF30358@elte.hu>
Date:	Tue, 18 Nov 2008 16:06:59 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Alan Cox <alan@...rguk.ukuu.org.uk>
Cc:	"H. Peter Anvin" <hpa@...or.com>, Philipp Kohlbecher <xt28@....de>,
	Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86: alternative identifier for Phoenix BIOS


* Alan Cox <alan@...rguk.ukuu.org.uk> wrote:

> On Sat, 15 Nov 2008 17:55:20 -0800
> "H. Peter Anvin" <hpa@...or.com> wrote:
> 
> > Philipp Kohlbecher wrote:
> > > My laptop (a Samsung X20) contains a Phoenix BIOS and would benefit from
> > > patch 1e22436eba84edfec9c25e5a25d09062c4f91ca9 (x86: reserve low 64K on
> > > AMI and Phoenix BIOS boxen).
> > > 
> > > However, according to /sys/class/dmi/id/bios_vendor, the BIOS identifies
> > > its vendor as "Phoenix Technologies LTD" (sans the comma).
> > 
> > Given that AMI and Phoenix combined is something like 80% of the BIOS
> > market, if not more, it might simply be easier to make it unconditional,
> >  or make it a whitelist instead.
> 
> Far more useful would be to make people aware of the problem. If the 
> BIOS is scribbling in the low 64K of RAM not just BIOS areas, and 
> doing so outside of ACPI marked areas they need to fix the BIOS 
> ASAP. If they leave their BIOSes randomly scribbling in operating 
> system memory areas then as with previous (hardware related) cases 
> of vendors knowingly shipping corrupting equipment they'll be 
> building up a huge class action legal liability.
> 
> As such making sure the vendor knows in a way they cannot deny is a 
> very useful activity.

CONFIG_X86_CHECK_BIOS_CORRUPTION=y will do that, it prints:

  Corrupted low memory at 0x1000 (4096 phys) = 0x1234
  Memory corruption detected in low memory
  < stack trace >

if enough distros turn it on (at least in their debug kernels) it 
creates the right kind of user pressure.

This debug feature to catch BIOS-generated low-memory corruption is 
already upstream.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ