2009/8/25 Vladimir 'phcoder' Serbinenko <phco...@gmail.com>: >> Does it has the same problem as CVE-2008-3896 published for grub-legacy? > It's completely different concern. Actually BIOS keyboard buffer > shouldn't be a problem since only root can read raw memory and if user > is a root he can just kexec any kernel he wants. > I could add keyboard buffer wiping to my sendkey work but it only > offsets the problem since same info is stored in RAM by grb anyway. > The only solution I see for second problem is to make grub_free shred > the memory and ensuring all sensitive fields are dynamically allocated > and free'ed before boot (last part makes code cleaner too). Actually I > have done some experiments with replacing grub_sprintf with > grub_asprintf which revealed many spot of suboptimal code too. > After all I think this is worth to do (wiping keyboard buffer and > making grub_free wipe the memory). But it doesn't destroy the info > which was in memory before grub booted. Doing so may take significant > booting time (to be tested) but may be desirable in some cases.
Ever tried memtest? Depending on the speed of the memory bus and memory size I would expect doing a single write over the whole ram would take seconds to a few tens of seconds. Not unreasonable if you don't boot often but unless it's in the range of seconds I probably would not use such feature. However, that CVE is about grub leaving its passwords in memory. Wiping memory used by grub should be fast - orders of magnitude faster than loading the OS kernel for example. Thanks Michal Thanks Michal _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
