Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Jul 2004 09:38:40 +0100
From:      Doug Rabson <dfr@nlsystems.com>
To:        Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
Cc:        Andrew Gallatin <gallatin@cs.duke.edu>
Subject:   Re: Excellent job on the firewire support!
Message-ID:  <200407220938.40393.dfr@nlsystems.com>
In-Reply-To: <87u0w1ni2i.wl@tora.nunu.org>
References:  <16634.47272.768935.436137@grasshopper.cs.duke.edu> <1090421941.7114.26.camel@builder02.qubesoft.com> <87u0w1ni2i.wl@tora.nunu.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 21 July 2004 22:53, Hidetoshi Shimokawa wrote:
> At Wed, 21 Jul 2004 15:59:01 +0100,
>
> Doug Rabson wrote:
> > > If no, assuming I had a Windows or Linux box on the firewire bus,
> > > would it be possible to access physical memory from a different
> > > OS?
> >
> > Windows XP has some kind of firewire debug driver that you might
> > have to load (I haven't read the docs on that). I don't think the
> > linux driver enables physical access by default but it would be
> > easy to hack it in (just write all ones to the right fwohci
> > register).
>
> The physical access is usually used for SBP-2 initiator mode.
> Without physical access, the performance of SBP-2 should be
> poorer and we see more load on CPU.
>
> The physical access can be restricted by two way. You can
> restrict it per node-id and by physical memory range(upper bound).

My vague plan was for the SBP driver to enable physical access from the 
SBP node. This could be done on a transaction basis so that we enable 
it before posting a transaction and disabled it when all current 
transactions have completed.

>
> As far as I have tried, WindowsXP seems not to allow physical access
> of usual nodes. But I think you can easily cheat it by a node with
> sbp target mode(use sbp_targ(4) ;-).

If you can avoid enabling access for drives that you are not actually 
using, this might not be that bad. Defaulting to auto-login means that 
an attacker would have plenty of opportunity though.

>
> In my opinion, it's hard to ensure security with current OHCI
> specification.

In practice, any attacker is likely to be only a few meters away so the 
best defense is probably to just reach over and hit them :-)



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200407220938.40393.dfr>