Re: Found, a new rootkit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Tim" <ignored_mailbox@xxxxxxxxxxxx>

Tim:
Are you saying that unexpected data coming through your COM port
wouldn't generate IRQ messages (COM ports have an IRQ), which would be
kicking the CPU quite hard?  That's not exactly a trivial thing to
ignore.

Mike McCarty:
The BIOS and MSDOS do not enable interrupts on the UART devices,
hence the CPU doesn't see any requests.

Please don't lecture me about MSDOS systems programming. I wrote my
first interrupt driven serial comm package for MSDOS in 1985.

Actually, I was asking a question, not giving a lecture, but since
you've taken that attitude, answer this:

In the BIOS you get to set the address and IRQ that a serial port will
use.  You can also set power wake up options that wake up the PC if a
particular IRQ is activated.  If you set it to wake up when the IRQ used
by the serial port is activated (i.e. an external modem wake-on-ring
type of function), the PC will wake up (serial port activity causing an
IRQ signal, waking up the system).

Now, *that* seems to refute your first assertion.  (The serial port
generated an IRQ signal, and the BIOS played a part in it.)

Tendentious Tim, what was present to RECEIVE the IRQ message and how do
you know it was intercepted as a software IRQ and not a hardware signal
in a gate array that was enabled by a BIOS setting? I rather suspect it
would be a state machine in a gate array that is used for controlling a
signal that feeds to the power supply that turns it on.

{^_-}


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux