security: delete BIOS password in keyboard buffer during kernel bootup - Kernel

This is a discussion on security: delete BIOS password in keyboard buffer during kernel bootup - Kernel ; Hi, I'm using a BIOS password in my notebook (nc6120 from HP). Recently I noticed that the HP BIOS doesn't clean the keyboard buffer after the password was correctly entered. I know that this is rather a BIOS thing but ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: security: delete BIOS password in keyboard buffer during kernel bootup

  1. security: delete BIOS password in keyboard buffer during kernel bootup

    Hi,

    I'm using a BIOS password in my notebook (nc6120 from HP). Recently I noticed that the HP BIOS doesn't clean the keyboard buffer after the password was correctly entered. I know that this is rather a BIOS thing but I assume that other BIOSes also don't clean the BIOS keyboard ring buffer (at adress from 0x0000041E up to 0x0000043D). Since after the kernel boot up the BIOS Keyboard ISR is deactivated no one cares about the data in the keyboard buffer. So, the BIOS password is kept in the buffer.

    So, I think it would be good if the kernel clears the keyboard buffer during boot up (at least in x86-based systems) to protect the users password. I don't know anything about EFI-based systems and other architectures.
    Because I'm not sure where to implement the code to delete the keyboard buffer in the kernel, I can't make a proper patch. Possibly one of you can do this


    To read the BIOS keyboard buffer this piece of code can be used:

    #include
    #include
    int main(void) {
    FILE *file;
    int i;
    char keybuffer[32];

    file = fopen("/dev/mem","r");

    if (file==NULL) {
    printf("Couldn't open file\n");
    return 0;
    }
    //set pointer to keyboard buffer
    fseek(file, 0x41E, SEEK_SET);
    //get ASCII / scancodes
    for (i=0;i<32;i++)
    keybuffer[i] = fgetc(file);

    fclose(file);

    for (i=0;i<32;i++)
    printf("position in buffer: %i \t value %i \t character %c\n",i,(int)keybuffer[i],keybuffer[i]);

    return 0;
    }


    I hope I didn't waste too much of your time.

    Best regards,
    Mathias Schnarrenberger
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  2. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    > So, I think it would be good if the kernel clears the keyboard buffer during boot up (at least in x86-based systems) to protect the users password. I don't know anything about EFI-based systems and other architectures.
    > Because I'm not sure where to implement the code to delete the keyboard buffer in the kernel, I can't make a proper patch. Possibly one of you can do this


    Clear it with a program if it bothers you. You've written 90% of the
    needed code with the program below.


    Alan
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  3. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    >Clear it with a program if it bothers you. You've written 90% of the
    >needed code with the program below.



    >Alan


    Yes, I already wrote the program for my personal usage. But I wanted to share
    this information with the open source community. And I think it would be more
    secure to implement this into kernel.

    Mathias
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  4. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    On Sat, Nov 8, 2008 at 11:00 AM, Mathias Schnarrenberger
    wrote:
    > Hi,
    >
    > I'm using a BIOS password in my notebook (nc6120 from HP). Recently I noticed that the HP BIOS doesn't clean the keyboard buffer after the password was correctly entered. I know that this is rather a BIOS thing but I assume that other BIOSes also don't clean the BIOS keyboard ring buffer (at adress from 0x0000041E up to 0x0000043D). Since after the kernel boot up the BIOS Keyboard ISR is deactivated no one cares about the data in the keyboard buffer. So, the BIOS password is kept in the buffer.
    >
    > So, I think it would be good if the kernel clears the keyboard buffer during boot up (at least in x86-based systems) to protect the users password. I don't know anything about EFI-based systems and other architectures.
    > Because I'm not sure where to implement the code to delete the keyboard buffer in the kernel, I can't make a proper patch. Possibly one of you can do this


    What if my BIOS stores some critical info at that memory address?
    I don't think the kernel is the right place to work around this issue.
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  5. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    > What if my BIOS stores some critical info at that memory address?
    > I don't think the kernel is the right place to work around this issue.


    AFAIK every IBM PC compatible BIOS stores the keyboard buffer in this area.

    Mathias
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  6. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    On Sun, 9 Nov 2008 09:41:20 +0100
    Mathias Schnarrenberger wrote:

    > > What if my BIOS stores some critical info at that memory address?
    > > I don't think the kernel is the right place to work around this issue.

    >
    > AFAIK every IBM PC compatible BIOS stores the keyboard buffer in this area.


    Not every system we boot the x86 kernel on is a PC compatible.
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  7. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    On Sun, 9 Nov 2008 09:41:20 +0100
    Mathias Schnarrenberger wrote:

    > > What if my BIOS stores some critical info at that memory address?
    > > I don't think the kernel is the right place to work around this
    > > issue.

    >
    > AFAIK every IBM PC compatible BIOS stores the keyboard buffer in this
    > area.
    >

    that's a very bold statement...

    there are MANY variations of BIOS that are not "IBM PC compatible". In
    fact, that's the rule nowadays... they are only "Windows compatible"
    often, anything that Windows doesn't use is.. untested at best.


    --
    Arjan van de Ven Intel Open Source Technology Centre
    For development, discussion and tips for power savings,
    visit http://www.lesswatts.org
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  8. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    On Sun 2008-11-09 11:08:14, Alan Cox wrote:
    > On Sun, 9 Nov 2008 09:41:20 +0100
    > Mathias Schnarrenberger wrote:
    >
    > > > What if my BIOS stores some critical info at that memory address?
    > > > I don't think the kernel is the right place to work around this issue.

    > >
    > > AFAIK every IBM PC compatible BIOS stores the keyboard buffer in this area.

    >
    > Not every system we boot the x86 kernel on is a PC compatible.


    OTOH we don't call BIOS from linux, so we assume that low 64K is
    usable memory (unless marked otherwise in memmap, I guess).

    Anyway, proper place to do clearing is bootloader; it interacts with
    bios already, anyway...

    --
    (english) http://www.livejournal.com/~pavelmachek
    (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pav...rses/blog.html
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  9. Re: security: delete BIOS password in keyboard buffer during kernel bootup

    > OTOH we don't call BIOS from linux, so we assume that low 64K is
    > usable memory (unless marked otherwise in memmap, I guess).


    We use the BIOS in some cases for PCI routing, PCI services, APM, and
    indirectly for SMM traps, ACPI and via user space for other stuff. So we
    preserve the bottom 4K for the BIOS 0x40:xx page
    >
    > Anyway, proper place to do clearing is bootloader; it interacts with
    > bios already, anyway...


    Agreed entirely.
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread