From owner-freebsd-current@FreeBSD.ORG  Sat Nov  3 15:52:53 2012
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 1112DA4A;
 Sat,  3 Nov 2012 15:52:53 +0000 (UTC)
 (envelope-from m.e.sanliturk@gmail.com)
Received: from mail-vc0-f182.google.com (mail-vc0-f182.google.com
 [209.85.220.182])
 by mx1.freebsd.org (Postfix) with ESMTP id 928998FC08;
 Sat,  3 Nov 2012 15:52:52 +0000 (UTC)
Received: by mail-vc0-f182.google.com with SMTP id fw7so6156033vcb.13
 for <multiple recipients>; Sat, 03 Nov 2012 08:52:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=9yvsNYutwKsB6hfw4mSIWBx6L4bc1KJMM2+8vEiOFh8=;
 b=YxiQ/Nd7mwWPVGMPAg2GCFQWNGY0ug6lOfY/Zyi6k81n50IwlEKW8k61R4XGemKWQX
 7WNXgz7EayEVPvaiOkwzfcHOX7j1SNrdMaxMzOYcetyKrqdZoVM7W4Pp396Avya1deQg
 no5O4g5gK6/q4vJgYWwTdUPhZZi1wPrdi+p54TjbeQmR7GYyDmJ+TuCp+m9By6prR7Uh
 VkPc4VRXdkvCDerXPZH35VSOWqbk2iNylwefBLDwpr3ApZBV4tVQ/RE2XNE60i6u9vky
 LUjngH1ovfcj02ojTWrHGhDoyM3lglkMzKNgzifIKYV/baWbQ/nrsji6uUEEHgdHe7Jl
 UUmg==
MIME-Version: 1.0
Received: by 10.58.168.135 with SMTP id zw7mr4949236veb.4.1351957971530; Sat,
 03 Nov 2012 08:52:51 -0700 (PDT)
Received: by 10.58.218.35 with HTTP; Sat, 3 Nov 2012 08:52:51 -0700 (PDT)
In-Reply-To: <1351956625.1120.44.camel@revolution.hippie.lan>
References: <CAPJF9wmO-oO7cy4XUwnTMb5cpD14TaK430rWW2nqodBFWw54DQ@mail.gmail.com>
 <1167404891.20121103170049@serebryakov.spb.ru>
 <CAPJF9wmVPxMDBqyy=Dqdnb+Z33f_wLDx9CFbk_oSEx4inboK6A@mail.gmail.com>
 <CAOgwaMtnqCvA3_zyd1fqmEFyrTD4hZHoE5QZC0akmK0DTm8=yw@mail.gmail.com>
 <1351956625.1120.44.camel@revolution.hippie.lan>
Date: Sat, 3 Nov 2012 08:52:51 -0700
Message-ID: <CAOgwaMvzFJKE_s_W_NpOFSOD8aUdw7aJa5fVCG7rDo=qf=wS=w@mail.gmail.com>
Subject: Re: FreeBSD as read-only firmware
From: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com>
To: Ian Lepore <freebsd@damnhippie.dyndns.org>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
Cc: Alexander Yerenkow <yerenkow@gmail.com>, lev@freebsd.org,
 freebsd-current <freebsd-current@freebsd.org>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Nov 2012 15:52:53 -0000

On Sat, Nov 3, 2012 at 8:30 AM, Ian Lepore <freebsd@damnhippie.dyndns.org>wrote:

> On Sat, 2012-11-03 at 08:01 -0700, Mehmet Erol Sanliturk wrote:
> > I do not know exact data transmission rate of SDHC cards , but , I
> > think ,
> > it is faster than CD or DVD . For CD and DVD , at present there is NO
> > any
> > only READ CD or DVD devices . They are disappeared from the market .
> > For
> > writable CD or DVD , it may be possible to append some files at the
> > end of
> > recorded area , and the media may be corrupted by re-recording ( I
> > think ) .
>
> Expect roughly 22-25MB/sec on a modern SDHC with a 4-bit datapath.
>
> Be aware that there's no way to truly write protect an SD card.  There
> is a write protect tab on a full-size card (but not on a MicroSD), but
> it's not enforced in the card's hardware, it is a polite request to the
> system "please don't write to this card" and some systems don't even
> have the hardware to sense the switch position.
>


I did NOT know this feature of SDHC cards . I was assuming that such a
switch
absolutely prevents writing anything onto SDHC card .

Then , it is necessary to find another write-protect applicable device which
I do not have any idea about such devices .

One may be READ-ONLY Blue-Ray device although it may be slow , if there
exists such units .



>
> Since it's flash-memory based, it also may corrupt the media on write,
> including the possibility of corrupting existing data that has no
> relation to the new data being written.  That is, you could have a
> write-protected partition and a write-enabled partition on the same
> SDCard, and writing into the write-enabled partition can damage data on
> the write-protected partition.  This is because you have no control over
> the way the embedded flash microcontroller allocates storage internally,
> and it is free to place data pages from unrelated filesystems into the
> same blocks (block = erase/programming sized unit).
>


In my idea , ALL of the writes will be diverted another drive(s) ( HDD ,
etc. ) containing
/home , /var . /tmp , etc. and NOTHING will be written onto the
write-protected device .



>
> I suspect all off-the-shelf nand-flash based storage has the same
> problems, but CF and SDCard are the only ones I've got hands-on
> experience with.  At work we're now moving away from CF and SDCard and
> towards putting nand flash chips directly onto our boards, and using
> FreeBSD to access them rather than relying on the behaviors of some
> embedded microcontroller we know nothing about.
>

No one is considering write-protect such parts . Therefore , malicious
programs  are able to even invade and modify such parts or make them
unusable .



>
> -- Ian
>
>
>

Thank you very much .


Mehmet Erol Sanliturk