iris, and darwin tweaks

[bsittler]

i think iris might be starting to talk. the words are few, and the pronunciation odd enough that i'm never really sure, but i think i've been hearing "fish", "kitty", "guido" (one of the cats), and "no" used in more-or-less appropriate situations. rebbyribs is a bit more skeptical, but i'm sure iris will talk clearly and distinctly soon enough.

note: what

Comments

[bsittler]

zero. the font is a publicly exported symbol (_iso_font) with known contents (256 8x16-bit bitmaps), the font layout is well known (ISO 8859-1 with VT100 alternate character set [blank in the distributed kernel] in the C1 range [corresponding to characters 0x80-0x9f]), the script is carefully modifying only the correct region of the font, and it has a precondition check to make sure the previous data was the expected blank cells.

the one for the palette is on slightly shakier ground, as there's no exported symbol for the palette, but the distance between the font and the palette is easy to calculate and the precondition check is a lot more robust since the old palette data is very distinctive (vga palette entry × 4, RGB-5/5/5 entry × 2, and RGB-8/8/8 entry padded to 32 bits.) the palette hack is unlikely to work on a 64-bit machine, and may not even work on a powerpc, but because of the precondition it should at least not crash.

although a third-party kext does panic the machine from time to time (at least, it only seems to happen while starting or stopping parallels. the trickiest part was figuring out that the font is stored reverse-bit-endian (at least compared to a VGA font), but that was not too tricky.

[two_pi_r]

touch&eeacute;. I just see "dd of=/dev/kmem" and think "panic city". Of course, the only thing I've done with dd of=/dev/kmem is with an if=/dev/urandom just to see what happens, so hey.

[bsittler]

yeah, that sounds fun. how well did it stand up to the fuzzing?

[two_pi_r]

Not very. The screen barfed colors and blinks, and of course the machine locked.

[bsittler]

yeah, most software (kernels included) is not written with "major random memory corruption" as a design constraint. i guess interplanetary probes and some satellites are exceptions here.