[GTALUG] A question about boot

David Collier-Brown davec-b at rogers.com
Thu Jan 5 09:15:20 EST 2017 

The intention is to put the device setup into the boot ROM, so it can't 
(easily) change, but the working assumption is that one can

  * discard the privilege used to set up the device , or
  * be physically unsettable after it is initialized

I don't know the  privilege primitives  for intel/ARM, or if one needs a 
latch somewhere to make the device write-once: I'd love to talk to 
someone who does.

--dave



On 05/01/17 08:47 AM, Alvin Starr via talk wrote:
>
> You need a write only device.
>
> You could boot from a CD/DVD which is write only.
>
> Or possibly an SD card that has the write-lock enabled.
>
> If the computer does not support an SD card you could use usb card 
> reader to boot from.
>
> Of course in the worst case situation someone smart enough could 
> rewrite the BIOS and get around any boot device.
>
>
> On 01/05/2017 08:38 AM, David Collier-Brown via talk wrote:
>>
>> Who can talk about (intel or arm) boot? I'm looking at a problem that 
>> can be solved by setting up a device at boot time and not letting the 
>> OS have the privilege or perhaps the physical ability to change it...
>>
>> --dave
>>
>> -- 
>> David Collier-Brown,         | Always do right. This will gratify
>> System Programmer and Author | some people and astonish the rest
>> davecb at spamcop.net            |                      -- Mark Twain
>>
>>
>> ---
>> Talk Mailing List
>> talk at gtalug.org
>> https://gtalug.org/mailman/listinfo/talk
>
> -- 
> Alvin Starr                   ||   voice: (905)513-7688
> Netvel Inc.                   ||   Cell:  (416)806-0133
> alvin at netvel.net               ||
>
>
> ---
> Talk Mailing List
> talk at gtalug.org
> https://gtalug.org/mailman/listinfo/talk


-- 
David Collier-Brown,         | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at spamcop.net           |                      -- Mark Twain

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20170105/e405661a/attachment.html>

More information about the talk mailing list