Hi! > > Well, difference is that you can defend against arbitrary network > > packet, but you can't defend against arbitrarily broken BIOS. If > > it loops forever, or overwrites random memory place, we lost... > > We could protect against random memory corruption too, if it ever > became a widespread problem: by executing the BIOS call in a virtual > machine. (We can probably use the KVM code to properly emulate big > real mode, etc.) We already have problems where bios corrupts low memory area during suspend/resume. Not sure how KVM helps. Anyway I do agree with the patches. > "BIOS people" are operating in a completely different culture. Time > to market, hardware workarounds, short-term differentiators, secret > bootstrap sequences and code compactness are king in that space. > Code quality is dead last in the list. I strongly doubt that given > the radically conflicting priorities a reasonable dialogue can be > established. "BIOS people" control stuff like SMM mode. We can workaround some BIOS problems, but definitely not all of them. For servers, I guess Linux has enough of market share that we could certify known-good servers (and maybe warn against known-bad). Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html