On Wednesday 21 July 2004 22:53, Hidetoshi Shimokawa wrote: > At Wed, 21 Jul 2004 15:59:01 +0100, > > Doug Rabson wrote: > > > If no, assuming I had a Windows or Linux box on the firewire bus, > > > would it be possible to access physical memory from a different > > > OS? > > > > Windows XP has some kind of firewire debug driver that you might > > have to load (I haven't read the docs on that). I don't think the > > linux driver enables physical access by default but it would be > > easy to hack it in (just write all ones to the right fwohci > > register). > > The physical access is usually used for SBP-2 initiator mode. > Without physical access, the performance of SBP-2 should be > poorer and we see more load on CPU. > > The physical access can be restricted by two way. You can > restrict it per node-id and by physical memory range(upper bound). My vague plan was for the SBP driver to enable physical access from the SBP node. This could be done on a transaction basis so that we enable it before posting a transaction and disabled it when all current transactions have completed. > > As far as I have tried, WindowsXP seems not to allow physical access > of usual nodes. But I think you can easily cheat it by a node with > sbp target mode(use sbp_targ(4) ;-). If you can avoid enabling access for drives that you are not actually using, this might not be that bad. Defaulting to auto-login means that an attacker would have plenty of opportunity though. > > In my opinion, it's hard to ensure security with current OHCI > specification. In practice, any attacker is likely to be only a few meters away so the best defense is probably to just reach over and hit them :-)Received on Thu Jul 22 2004 - 06:39:01 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:02 UTC