Date: Sun, 17 Mar 2002 19:10:42 +0100 (CET) From: Thomas Quinot <thomas@cuivre.fr.eu.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: i386/36016: [patch] boot2 inconditionnally allows user interruption Message-ID: <20020317181042.5405D2C3D2@melusine.cuivre.fr.eu.org>
next in thread | raw e-mail | index | archive | help
>Number: 36016 >Category: i386 >Synopsis: [patch] boot2 inconditionnally allows user interruption >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Mar 17 10:20:00 PST 2002 >Closed-Date: >Last-Modified: >Originator: Thomas Quinot >Release: FreeBSD 4.5-STABLE i386 >Organization: >Environment: System: FreeBSD melusine.cuivre.fr.eu.org 4.5-STABLE FreeBSD 4.5-STABLE #1: Thu Jan 31 22:48:26 CET 2002 thomas@melusine.cuivre.fr.eu.org:/usr2/obj/usr2/src/sys/MELUSINE i386 >Description: boot2 inconditionnally allows user interruption of the boot process, and the manual choice of a boot device and boot image. In some situations (eg lab machines accessible to students) it may be desirable to prevent such user interference in the boot process. Modern BIOSes offer password protection on changes to the boot device settings; loader(8) allows a password to be set that protects access to the command line. Unfortunately boot2 currently has no provision to disallow user interruption. >How-To-Repeat: Press a key while boot2 is initially disaplying its twiddling /|\-. You can then boot from any device (including floppies). >Fix: The following patch (against -CURRENT) adds a '-n' option that can be specified in /boot.config. When this option is used, no user entry is taken into account by boot2 (neither on the system console nor on the serial console). --- /users/thomas/projects/FreeBSD/src/sys/boot/i386/boot2/boot2.c.orig Fri Mar 15 00:49:06 2002 +++ /users/thomas/projects/FreeBSD/src/sys/boot/i386/boot2/boot2.c.optn Fri Mar 15 13:45:23 2002 @@ -55,2 +55,3 @@ #define RBX_PROBEKBD 0x1e /* -P */ +#define RBX_NOINTR 0x1f /* -n */ @@ -63,3 +64,3 @@ #define ARGS 0x900 -#define NOPT 13 +#define NOPT 14 #define NDEV 5 @@ -105,3 +106,3 @@ -static const char optstr[NOPT] = "DhaCcdgmPprsv"; +static const char optstr[NOPT] = "DhaCcdgmnPprsv"; static const unsigned char flags[NOPT] = { @@ -115,2 +116,3 @@ RBX_MUTE, + RBX_NOINTR, RBX_PROBEKBD, @@ -780,2 +782,4 @@ + if (opts & 1 << RBX_NOINTR) + return 0; t0 = 0; @@ -805,2 +809,4 @@ { + if (opts & 1 << RBX_NOINTR) + return 0; for (;;) { >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020317181042.5405D2C3D2>