[LinuxBIOS] OLPC Keyboard/System Controller ENE KB3920
Bari Ari
bari at onelabs.com
Wed Mar 15 04:58:49 CET 2006
Jim Gettys wrote:
> It isn't clear to me if we should release the code (at least without
> some thought) to this part.
If it would help with "The Free Software Foundation's Campaign for Free
BIOS" for laptops
http://www.fsf.org/campaigns/free-bios.html
OLPC would also gain support from this community and the whole open
source community for laptops and tablets.
The keyboard/system controller in laptops is often used to control
writes to the flash (and several other system areas) and has made it
very difficult to support laptops with a Free BIOS.
>
> Here's what I'm paranoid about: that the serial flash rom in which
> LinuxBIOS and bootloader is stored gets overwritten, and the laptop is
> no longer a laptop, but an expensive brick. I particularly worry about
> someone writing a worm that manages to do this, and that
> thousands/millions of machines all over the world are unrecoverable.
> The logistics of repair are impossible. I will ask Mark Foster about
> how that flash gets write enabled; if we can absolutely in hardware
> inhibit write to the boot flash, then I get much less worried. I've
> sent him mail asking.
Several vendors have relied on "security through obscurity" to prevent
worms or a virus from modifying the system BIOS. It's always been
defeated. A very difficult AES + SHA-1 or SHA-256 hash based security
scheme could be used, but it still would not be 100% secure.
> I do want the bootloader sequence in this flash to be able to load a
> second copy of itself out of the regular main flash so that later
> versions can be installed safely (with appropriate checksum checking).
> I don't want the situation we had on the iPAQ where you could possibly
> "brick" the unit when updating the bootloader. The iPAQ valhalla we had
> (you could send us a bricked iPAQ and we'd eventually reflash it via
> jtag and return it) was a PITA, and not feasible for OLPC. We have to
> ensure boot and restore is absolutely bulletproof.
> - Jim
Fallback BIOS in ROM plus a hardware switch/jumper to control writes to
flash is one 100% solution. Having a fallback BIOS image in flash would
only be safe if writes to the memory area in flash that stores the
fallback BIOS image is completely inaccessible to writes unless a
hardware switch/jumper is enabled.
-Bari
More information about the coreboot
mailing list