RE: IDE disk and HPA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>  Note that this HPA is a good place to store a bootloader too, in fact
>> I like to think of it as the big floppy drive of the PC which no more
>> have any floppy drive: create a FAT filesystem of 64 Mbytes there and
>> copy all the floppy you used to have there. Your bootloader, if it
>> is good enough, will be able to run software from this area.
>
> If your bootloader if the first thing to run in the system, you can
> use & protect portion of your hardrive for yourself - just make sure you
> lock with set max with password when passing control to 'normal'
> OS/loader.
>
> Aleks.

  When my bootloader is installed in an HPA protected partition
 containning a filesystem (instead of a real primary or extended
 partition), it is by default not only protecting the HPA by
 password but also freeze it.
 To run a trusted application which needs an unprotected IDE disk,
 you need to have the application in the KGZ kernel form
 (elf -> objdump -> gzip with the right IDE comment), see:
http://marc.theaimsgroup.com/?l=linux-kernel&m=112134577732513
 And also uncheck the "ignore kernel IDE options" box in setup.

  The problem is that you cannot really modify the disk size by
 the IDE configuration command because BIOS react badly to disks
 which change their number of LBA after boot, so the bootloader
 cannot be really transparent. Moreover, if the bootloader is
 completely hidden, people try to install multiple times the
 bootloader when they just want to upgrade it - and it does not
 work as intended.
  The bootloader can still be configured to set the disk size
 to the one declared in the MBR if needed and if the IDE disk
 is currently able to modify its own number of LBA. Same for HPA,
 if it finds the HPA frozzen - maybe because it has chainloaded
 itself - it will not try to modify the HPA.
  Note that the frozzen state I am speaking of here have nothing
 to do with the "IDE security freeze" command needed before running
 any OS to protect against disk2brick/blankdisk viruses.

  Etienne.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux