Well, if we were *really* bothered about this, we could surely hardwire
the kernel never to write to certain pages, in such a way as to require
a reboot with a new kernel or at least a module to be loaded. Even root
can only get certain permissions by either loading modules (which get
priv mode in the chip) or by using device files for access to existing
drivers. Or I could still be talking rubbish. Couldn't
/dev/{mem|kmem|kcore} be hardwired to prevent BIOS flashing ?
It's easy to prevent modules being loaded: don't compile the kernel with
support. It's also easy to prevent rebooting with a new kernel...
N
ps: naturally, we probably don't give a damn anyway, as the machine
would already be totally compromised, but it could save a few quid if
the BIOS were still intact after the attack.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/