Page 2 of 6 FirstFirst 1234 ... LastLast
Results 11 to 20 of 56

Thread: An Effort Making An Open-Source Radeon Video BIOS

  1. #11
    Join Date
    Aug 2012
    Posts
    396

    Default

    Quote Originally Posted by ChrisXY View Post
    So what does it do? Control fan speeds? Control which clock times are availabe to the drivers? If so, then this is useful. Examples of 3rd party vendors putting broken things on the gpu are seen often enough in this forum here.
    It does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.

  2. #12
    Join Date
    Jul 2013
    Posts
    12

    Default

    I think that open source firmware for network cards is at this moment more desireable. If firmware in network card have security bug, the whole PC can become fully controlled by attacker.
    Quote from first Link:
    I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking network cards. You can get the slides here.

    In short, they're exploiting a buffer overflow in the network card's firmware by sending malicious packets to the card, and then they gain full control over the card's firmware, so they can e.g. issue DMA to/from the host memory, effectively fully controlling the host (that's another example of "Ring -3 rootkit" I would say). The buffer overflow is in some exotic management protocol (that I think is disabled by default, but that's irrelevant) implemented by the NIC's firmware (the NIC has its own RISC processor, and memory, and stack, which they overflow, etc.).

    http://theinvisiblethings.blogspot.c...ds-or-why.html
    http://www.ssi.gouv.fr/IMG/pdf/csw-trustnetworkcard.pdf

  3. #13
    Join Date
    Jan 2007
    Posts
    418

    Default

    Quote Originally Posted by mmstick View Post
    Why should the community care about someone's overzealous 'philosophy'; that sounds ridiculously absurd. There is nothing subjective about this. If there is no practical use for something, then it is worthless whether you agree with it or not.

    Something 'cool' can't really come of this since it's just a simple BIOS that anyone could hack themselves. It's not like untapped potential is hidden in GPU BIOS's. Hardware is released with BIOS's that make full use of all their capabilities as is. Motherboard BIOS's are the only thing that would be worthy of looking into since they handle a much more significant portion of control over hardware in the system (like RAM models, timings, CPU support, etc).
    If anybody could just 'hack it themselves' then it would have been long done. Look at your history, RadeonHD driver, where it was proposed to use the registers directly without Atombios. RadeonHD didn't evolve vast enough (much harder) and people didn't really care for it. But that's with a lot of things in life, Usually things that are 'better', be it technically or ethically, get little support. Sad, but true.

    It does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.
    Ok that's just the most stupidest answer here. Because they do work around in their catalyst drivers? DUH. Really. Duh. They can re-implement the entire bios in software to fix anything simply because a) they know how the hardware works, b) know what to expect from the bios and if not, do it in software anyway.

  4. #14
    Join Date
    Jul 2013
    Posts
    12

    Default

    Quote from first link:
    I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking network cards. You can get the slides here.

    In short, they're exploiting a buffer overflow in the network card's firmware by sending malicious packets to the card, and then they gain full control over the card's firmware, so they can e.g. issue DMA to/from the host memory, effectively fully controlling the host (that's another example of "Ring -3 rootkit" I would say). The buffer overflow is in some exotic management protocol (that I think is disabled by default, but that's irrelevant) implemented by the NIC's firmware (the NIC has its own RISC processor, and memory, and stack, which they overflow, etc.).
    "Remotely Attacking Network Cards (or why we do need VT-d and TXT)" by Joanna Rutkowska
    http://theinvisiblethings.blogspot.c...ds-or-why.html

    "Can you still trust your network card?" by Loc Duflot, Yves-Alexis Perez, Guillaume Valadon, Olivier Levillain.
    http://www.ssi.gouv.fr/IMG/pdf/csw-trustnetworkcard.pdf

  5. #15
    Join Date
    Aug 2012
    Posts
    396

    Default

    Quote Originally Posted by oliver View Post
    If anybody could just 'hack it themselves' then it would have been long done. Look at your history, RadeonHD driver, where it was proposed to use the registers directly without Atombios. RadeonHD didn't evolve vast enough (much harder) and people didn't really care for it. But that's with a lot of things in life, Usually things that are 'better', be it technically or ethically, get little support. Sad, but true.


    Ok that's just the most stupidest answer here. Because they do work around in their catalyst drivers? DUH. Really. Duh. They can re-implement the entire bios in software to fix anything simply because a) they know how the hardware works, b) know what to expect from the bios and if not, do it in software anyway.
    It is done.....you can simply hack an existing BIOS to change the clocks/voltages to be permanent in the firmware itself rather than using software to overclock after booting. Some enthusiast PC gamers do this sort of thing. RadeonHD driver? That obsolete open source Linux driver? Stupid? You mean your attitude which is the stupidest thing in this forum? Do you have any proof of your last statement whatsoever? You can't just 'reimplement a BIOS in software'. The BIOS is there to stay in the middle between the GPU and the driver. All communications have to go through this BIOS, else there wouldn't be much point in making a BIOS. Do you really think multibillion dollar companies would have their products running on dysfunctional BIOSs?

  6. #16
    Join Date
    Jan 2009
    Posts
    191

    Default

    Quote Originally Posted by mmstick View Post
    It does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.
    u-hu, riiight. if you haven't stepped into a shit yet, it doesn't mean that shit doesn't exist, Sherlock.
    as a man, who patched VBIOS'es in his cards for various reasons, including inadequate defaults, on his Windows-running PCs as long as 10 years ago, i can tell that you don't know what you blabbering about.

    PS: and "the very fact that BIOS updates are never given for GPUs is a testament that" VBIOS updates are easy to fuck up, not highly necessary to run the card at all (like with MB BIOS'es and their CPU support) and VBIOS faults are more easily worked-around with proprietary driver updates that override them.

    Quote Originally Posted by mmstick View Post
    All communications have to go through this BIOS, else there wouldn't be much point in making a BIOS
    no, they don't

    Quote Originally Posted by mmstick View Post
    Do you really think multibillion dollar companies would have their products running on dysfunctional BIOSs?
    and don't get me started on MB BIOS'es and firmwares on popular accessory devices. so... fuck-yes !
    Last edited by dfx.; 07-28-2013 at 07:04 AM. Reason: fools don't shut up

  7. #17
    Join Date
    Jul 2009
    Posts
    2

    Default

    Quote Originally Posted by mmstick View Post
    What's the point?
    Opensource replacement to a propietary blob. No more reasons needed.

  8. #18
    Join Date
    Jul 2013
    Posts
    12

    Default

    I think that open source firmware for network cards is more desired, because could be more secure. If firmware is vulnerable then everybody could remotely get into PC. Quote from first link:
    I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking network cards. You can get the slides here.

    In short, they're exploiting a buffer overflow in the network card's firmware by sending malicious packets to the card, and then they gain full control over the card's firmware, so they can e.g. issue DMA to/from the host memory, effectively fully controlling the host (that's another example of "Ring -3 rootkit" I would say). The buffer overflow is in some exotic management protocol (that I think is disabled by default, but that's irrelevant) implemented by the NIC's firmware (the NIC has its own RISC processor, and memory, and stack, which they overflow, etc.).

    Read more there:
    Article: "Remotely Attacking Network Cards (or why we do need VT-d and TXT)" Author: Joanna Rutkowska
    http://theinvisiblethings.blogspot.c...ds-or-why.html

    Presentation: "Can you still trust your network card?" Authors: Loc Duflot, Yves-Alexis Perez, Guillaume Valadon, Olivier Levillain.
    http://www.ssi.gouv.fr/IMG/pdf/csw-trustnetworkcard.pdf
    Last edited by coastiron; 07-28-2013 at 07:32 AM.

  9. #19
    Join Date
    Feb 2008
    Location
    Linuxland
    Posts
    5,130

    Default

    Quote Originally Posted by mmstick View Post
    It does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.
    BIOS updates are given for GPUs. Google for it.

  10. #20
    Join Date
    Mar 2013
    Posts
    144

    Default

    Quote Originally Posted by mmstick View Post
    What's the point?
    In some cases, the only difference between the cheap card and the costly one is the bios locking out features. Combined with some other means of blocking the flashing of the unlocked firmware. Say, raising a read only flag after the flashing through the jTag connection.
    Still, even knowing this, it still seems like a waste of time to me. The price differences between such models is negligible considering the cost in man-hours of a person skilled enough to pull something like this off. A person this skilled in disassembling machine code could work on something like Nouveau where his contribution would matter to millions. Or maybe help bridging the gap between the open source AMD drivers and the closed source ones.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •