flat assembler
Message board for the users of flat assembler.

Index > OS Construction > Vesa Graphics

Goto page Previous  1, 2, 3  Next
Author
Thread Post new topic Reply to topic
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
> read any reference to irreal, unreal etc... where is it exactlly? manual# page n° please...

UTFG + DOS FAQ in this forum Laughing

> Instead, if you are interested in DOS, learn DPMI.

YES.

> If you want it for you own OS, learn protected mode well enough to be able to call DOS interrupts

They won't be available Laughing

> in v86 mode.

But you can call BIOS INT's using "raw" switches to RM.

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 24 Dec 2007, 23:20
View user's profile Send private message Reply with quote
dosin



Joined: 24 Aug 2007
Posts: 337
dosin
Thanks, for every ones input on it!! If anyone has more to add that would be great...

Quote:
Why didn't you look at the DOS FAQ

This was for programers in gerneral to post about...
not for help... but its good to point these things out for other readers looking!


Everyone have a Happy Holiday!
Post 25 Dec 2007, 02:54
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Quote:
Quote:
in v86 mode.

But you can call BIOS INT's using "raw" switches to RM.

It may be simpler to code, but it is bad design for OS. Could be fine for basic prototype OS, not for anything more advanced.
Post 25 Dec 2007, 09:05
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Octavio



Joined: 21 Jun 2003
Posts: 366
Location: Spain
Octavio
vid wrote:
Quote:
Quote:
in v86 mode.

But you can call BIOS INT's using "raw" switches to RM.

It may be simpler to code, but it is bad design for OS. Could be fine for basic prototype OS, not for anything more advanced.

why is a bad design?
Post 25 Dec 2007, 09:51
View user's profile Send private message Visit poster's website Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
vid wrote:
but it is bad design for OS.


Evidence, please Laughing

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 25 Dec 2007, 10:03
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Because you put too much trust into interrupt handler code. You shouldn't allow BIOS code to access memory that contains your system structures, you shouldn't allow int 10 handler to mess with HDD or DMA ports, etc...

someone could use this to get over system logging, to elevate local priviliges, etc...
Post 25 Dec 2007, 10:09
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
tom tobias



Joined: 09 Sep 2003
Posts: 1320
Location: usa
tom tobias
The underlying question is not about BIOS, but about accessing hardware from protected mode. vid addresses the "protection" component of protected mode. I think that one should rather consider the FLAT aspect of "protected mode", and from that perspective, of course, Octavio and NTOSKRNL_VXE make a good point, why not have an operating system which uses the full 32 bit space, without obligation to switch back and forth to real mode to access hardware. Seems reasonable to me.
Post 25 Dec 2007, 10:27
View user's profile Send private message Reply with quote
Octavio



Joined: 21 Jun 2003
Posts: 366
Location: Spain
Octavio
vid wrote:

someone could use this to get over system logging, to elevate local priviliges, etc...

bios,chips and drivers can take control of the computer even if the OS is always in protected mode.Using real mode do not makes it more insecure.
Post 25 Dec 2007, 15:30
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17664
Location: In your JS exploiting you and your system
revolution
Yes, there is SMM of course. But I hardly think that is likely as a security risk.
Post 25 Dec 2007, 16:08
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Quote:
bios,chips and drivers can take control of the computer even if the OS is always in protected mode.Using real mode do not makes it more insecure.

I wasn't talking about BIOS code. I was concerned about someone giving his own code in place of BIOS code (overwrite int vector prior to booting)

Yeah, you might test if address of vector is in BIOS memory region, but:
- what to do if it isn't? Fail to load OS?
- still this can be tricked (just overwrite code pointer in BIOS data area instead of overwriting vector, etc...)

By doing this, you are opening security gap, that shouldn't be present in any real OS
Post 25 Dec 2007, 16:13
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u
vid wrote:
It may be simpler to code, but it is bad design for OS. Could be fine for basic prototype OS, not for anything more advanced.
I totally disagree with you on this point vid, the method work well, is easy to implement and it user's feature's of the cpu, as they were ment to be used.

Plues this method is no more a security threat, than Boot your OS or hobby OS's in then selfs.
See here for more info:
http://www.securityfocus.com/columnists/442

Using this method you can get round any security, including GAMES.


Last edited by Dex4u on 25 Dec 2007, 18:06; edited 1 time in total
Post 25 Dec 2007, 17:56
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Dex: I agree that once you stop trusting machine, you are screwed (eg. you are always screwed unless we have Trusted Computing).

But "owning OS from boot" is IMHO hurder harder than hooking interrupt and overwriting few stuff.

One security threat that we can't solve doesn't excuse ignoring another security threat which we can fix.
Post 25 Dec 2007, 18:05
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u
@vid, i suppose it come down to priority's, You can for example put bar's on your windows and doors, but this would just as likely get in the way of the house owner as well.
I see a unprotected OS (as in runs in ring0, no paging, direct access to hardware ) as like a Scalpel, yes you can cut your fingars off, but also you can save life's. I see over secure OS's as like plastic knifes, safe, but you can do little with them that YOU want to do.
Post 25 Dec 2007, 18:31
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4242
Location: 2018
edfed
good reply...

and i add the VIRUS and MALICIOUS software presence...
if somebody makes a virii and broacast it , he's bad...
but if the OS doesn't care about the virii? simply ignore it and kill it???
strangelly hard ... there, the rings have a goal...
so use of rings can be for application....
Post 25 Dec 2007, 18:52
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Dex: well, if you want DOS-like OS without protection, then switching to RM is of course fine. Also as intermediate testing it might be fine. But for anything real that people should use, no. Every known security hole should be fixed.

Quote:
I see over secure OS's as like plastic knifes, safe, but you can do little with them that YOU want to do.

example? Wink
Post 25 Dec 2007, 21:14
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
DOS386



Joined: 08 Dec 2006
Posts: 1901
DOS386
Quote:
well, if you want DOS-like OS without protection, then switching to RM is of course fine.


Smile

Quote:
One security threat that we can't solve doesn't excuse ignoring another security threat which we can fix.


Quote:
But for anything real that people should use, no. Every known security hole should be fixed.


This "argument" is absolutely unreproductable Confused - what you you expect your OS to "protect" you from ? From someone coming in with a "Scalpel" also ?

_________________
Bug Nr.: 12345

Title: Hello World program compiles to 100 KB !!!

Status: Closed: NOT a Bug
Post 25 Dec 2007, 23:55
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 3043
Location: vpcmipstrm
bitRAKE
Who'd put wheels on a safe and drive it around - only to find that crashing slams the occupants against the inner wall and killing them anyway? Security on a PC is the same lunacy.

(damn, broken BBCode)

Edit by Loco: Replaced parentheses with %28/%29 on the URL
Post 26 Dec 2007, 00:25
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Quote:
what you you expect your OS to "protect" you from ?

i expect OS to protect me as good as possible from someone who
- can affect boot process (eg. boot something prior to booting OS)
- does have user-level access to system
- doesn't have admin-level access to system
- wants to elevate to admin-level privileges.

I realize you will never be secure after he can affect boot process, as Dex pointed out, but this security hole makes it even easier for him.
Post 26 Dec 2007, 00:36
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u
[quote="vid"]
Quote:
I see over secure OS's as like plastic knifes, safe, but you can do little with them that YOU want to do.
Quote:

example? Wink
A simple example would be say you want to make a better media player than windows have.
YOU want to do that, but THEY do not want you to do that, so they give you safe API, that lets you make a OK media player, but it will never be as good as windows.
Now if you had full control and where the best programmer, you could easy make a better one.
Now are they protecting you or them selfs ?.

As a side note, all game consoles run more or let in a none protective environment and i do not see lots of virus for them, this includes running lots of homebrew.
Post 26 Dec 2007, 03:01
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
ok, if safe OS is badly designed, then it is harder to overcome bad design than in unsafe OS.

But still, i'd prefer safe OS that fixes all known problems.
Post 26 Dec 2007, 10:22
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.