L1-a
Jeff Weaver
weaverj at eecae.ee.msu.edu
Wed Apr 26 17:00:48 AEST 1989
In a previous posting, someone (I'm not sure who) noted a way to disable
L1-a by just returning from the 'montrap' routine. I have a different way
that diables the jump into monitor from the kbdinput() routine. This seems
to disable other keyboard jumps into the monitor from programs such as
kadb. It's very important to disallow L1-a because a
person with knowledge of UNIX internal's can abort a running system,
change kernel accreditation structeres, and then *continue* UNIX.
The fix (SunOs 3.5, but I expect it is simmilar for others) is to change
the instruction at 'kbdinput+0x21e' to a NOP.
% adb -k -w /vmunix /dev/mem
(system vm map info printed out, etc)
kbdinput+0x21e/w 0x4e71 (for running kernel)
kbdinput+0x21e?w 0x4e71 (for kernel image)
montrap/w 0x4e75
montrap?w 0x4e75
$q
Watchdog Reset is still serviceable, but with proper security on UNIX re-entry,
this can be minimized (as the continuation of UNIX from a watchdog reset is
difficult at best).
jeff
Jeffrey Weaver, System Programmer, ERDL Phone: (517) 355-3769
260 Engineering Bldg.
Michigan State University
weaverj at eecae.ee.msu.edu ...uunet!frith!eecae!weaverj
More information about the Comp.sys.sun
mailing list