Re: security: delete BIOS password in keyboard buffer during kernelbootup

From: Gerhard Mack
Date: Wed Nov 12 2008 - 03:50:56 EST


On Tue, 11 Nov 2008, Alan Cox wrote:

> Date: Tue, 11 Nov 2008 16:54:21 +0000
> From: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
> To: Pavel Machek <pavel@xxxxxxx>
> Cc: mathias.schnarrenberger@xxxxxx, Olaf van der Spek <olafvdspek@xxxxxxxxx>,
> linux-kernel@xxxxxxxxxxxxxxx
> Subject: Re: security: delete BIOS password in keyboard buffer during kernel
> bootup
>
> > OTOH we don't call BIOS from linux, so we assume that low 64K is
> > usable memory (unless marked otherwise in memmap, I guess).
>
> We use the BIOS in some cases for PCI routing, PCI services, APM, and
> indirectly for SMM traps, ACPI and via user space for other stuff. So we
> preserve the bottom 4K for the BIOS 0x40:xx page
> >
> > Anyway, proper place to do clearing is bootloader; it interacts with
> > bios already, anyway...
>
> Agreed entirely.

Best place would be for the OEM to fix it. If it's a security issue it
shouldn't be overly difficult to embarass them into a fix.

Gerhard

--
Gerhard Mack

gmack@xxxxxxxxxxxxx

<>< As a computer I find your faith in technology amusing.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/