[LinuxBIOS] OLPC Keyboard/System Controller ENE KB3920

Bari Ari bari at onelabs.com
Wed Mar 15 04:58:49 CET 2006

Jim Gettys wrote:

> It isn't clear to me if we should release the code (at least without
> some thought) to this part.

If it would help with "The Free Software Foundation's Campaign for Free 
BIOS" for laptops


OLPC would also gain support from this community and the whole open 
source community for laptops and tablets.

The keyboard/system controller in laptops is often used to control 
writes to the flash (and several other system areas) and has made it 
very difficult to support laptops with a Free BIOS.

> Here's what I'm paranoid about: that the serial flash rom in which
> LinuxBIOS  and bootloader is stored gets overwritten, and the laptop is
> no longer a laptop, but an expensive brick.  I particularly worry about
> someone writing a worm that manages to do this, and that
> thousands/millions of machines all over the world are unrecoverable.
> The logistics of repair are impossible.  I will ask Mark Foster about
> how that flash gets write enabled; if we can absolutely in hardware
> inhibit write to the boot flash, then I get much less worried.  I've
> sent him mail asking.

Several vendors have relied on "security through obscurity" to prevent 
worms or a virus from modifying the system BIOS. It's always been 
defeated. A very difficult AES + SHA-1 or SHA-256 hash based security 
scheme could be used, but it still would not be 100% secure.

> I do want the bootloader sequence in this flash to be able to load a
> second copy of itself out of the regular main flash so that later
> versions can be installed safely (with appropriate checksum checking).
> I don't want the situation we had on the iPAQ where you could possibly
> "brick" the unit when updating the bootloader.  The iPAQ valhalla we had
> (you could send us a bricked iPAQ and we'd eventually reflash it via
> jtag and return it) was a PITA, and not feasible for OLPC.  We have to
> ensure boot and restore is absolutely bulletproof.
> 					- Jim

Fallback BIOS in ROM plus a hardware switch/jumper to control writes to 
flash is one 100% solution. Having a fallback BIOS image in flash would 
only be safe if writes to the memory area in flash that stores the 
fallback BIOS image is completely inaccessible to writes unless a 
hardware switch/jumper is enabled.


More information about the coreboot mailing list