Re: IBM-MAIN Digest - 4 Mar 2012 to 5 Mar 2012 (#2012-65)
In cf4c9114ed956d49a019f58166d918570a346...@tjaxp80093dag.csxt.ad.csx.com, on 03/06/2012 at 08:39 PM, Pate, Gene gene_p...@csx.com said: By PCFLIH backdoor I mean a routine whose address replaced the address of the IBM supplied PCFLIH. That's not what the others were using the term to mean. -- Shmuel (Seymour J.) Metz, SysProg and JOAT ISO position; see http://patriot.net/~shmuel/resume/brief.html We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
Re: IBM-MAIN Digest - 4 Mar 2012 to 5 Mar 2012 (#2012-65)
on 03/05/2012 at 20:54:38, Shmuel Metz (Seymour J.) shmuel+ibm-m...@patriot.net said: What do you mean by backdoor? I don't believe that it is what others were referring to. By PCFLIH backdoor I mean a routine whose address replaced the address of the IBM supplied PCFLIH. The backdoor routine received control every time a PC interrupt occurred and, based on the reason for the PC interrupt it either emulated the failing instruction using available instructions and returned control to the next sequential instruction or passed control to the IBM supplied PCFLIH routine for it to process the PC interrupt. I believe that this is also what the vendor routine being discussed did. As I said, the PCFLIH backdoor is just a technique and if it is not the appropriate technique to use then the vendor should be beat about the head and shoulders and made to use whatever technique is appropriate for what their product needs to accomplish. Gene Pate CSX Technology Enterprise Architecture - This email transmission and any accompanying attachments may contain CSX privileged and confidential information intended only for the use of the intended addressee. Any dissemination, distribution, copying or action taken in reliance on the contents of this email by anyone other than the intended recipient is strictly prohibited. If you have received this email in error please immediately delete it and notify sender at the above CSX email address. Sender and CSX accept no liability for any damage caused directly or indirectly by receipt of this email. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
Re: IBM-MAIN Digest - 4 Mar 2012 to 5 Mar 2012 (#2012-65)
On Tue, 6 Mar 2012 20:39:02 +, Pate, Gene wrote: By PCFLIH backdoor I mean a routine whose address replaced the address of the IBM supplied PCFLIH. That would be a hook or an intercept. Backdoor means something else entirely. The backdoor routine received control every time a PC interrupt ITYM a program interruption. occurred and, based on the reason for the PC interrupt it either emulated the failing instruction using available instructions and returned control to the next sequential instruction or passed control to the IBM supplied PCFLIH routine for it to process the PC interrupt. I believe that this is also what the vendor routine being discussed did. That is certainly not what the vendor routine being discussed is alleged to have done. It is alleged to return to the program that was interrupted in supervisor state. It is further alleged that it is relatively easy for any program to exploit this and to get put into supervisor state. -- Tom Marchant -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN