Crashing systems with serial line loopbacks....
    Andrew Jeavons 
    andrew at quantime.co.uk
       
    Fri May  4 01:39:57 AEST 1990
    
    
  
I've been doing some experimenting with serial lines on 386 machines
running SCO Xenix/Unix. The results do not fill me with joy. The machines
are:
1) Bell Technologies 16Mhz 386, Bell Technologies ICC Multiport Serial   
   Line card. 110 Meg disc, 4 meg memory. Nothing wierd, all from the
   same vendor *seems* ultra-stable. SCO Runs 2.2.6 (old,but solid) Xenix.
2) Tandon 33Mhz 386 , Chase AT4 serial card, 330 meg disc, 5 meg memory.
   Runs SCO Unix 3.2. Has had it's problems, but stays up.
The problem in a nutshell is that is *seems* possible to cause a
kernel panic and crash either machine by doing a loopback on any of
the serial lines - this goes for BOTH machines. The first time I saw this
was on machine (1). I had an application that had to talk to another server
living on another machine. To simulate this I had the programs talk to
each other by connecting serial ports to each other. Output from line (1)
to line (3), output from line (4) to line (2). A program sat on lines
1+2 reading/writing to a program sat on lines 3+4. If you ran the lines
at 9600 baud....the kernel panics and the machine crashes. I figured it 
was a Xenix Driver/Board bug, and ran them at 1200 baud and things stayed up.
Machine (2) is fairly new. I was hooking up terminals to it and wanted to
test the line integrity to the VDU. For various reasons I decide to loop
pins 2+3 and have a process send data down the line and be read by another
process on the same line. The kernel panics and the machine crashes 
at 9600 baud, at 1200 seems fine. Now this was quite legal in ye olde days
when I had V7 on a PDP-11/23 with DLV11J's as the serial lines (to change
baud rate you had to re-wire wrap jumpers). The machine simply ran VERY
slow as each character was interrupt processed.
Obviously the peripheral processors in the serial cards crash, perhaps they
get swamped with interrupts, the point is IT SHOULDN'T TAKE OUT THE MAIN
PROCESSOR. 
SCO UNIX 3.2 has all this wonderful security, but if I loop back *ANY*
serial line using a couple of cat commands  I can pull the system over, no
problem.
I would be really interested if this happens on Interactive or Esix / or
on any other boards (like Corollary's) on other systems. I'd also like to
hear opinions on :
a) What actually causes the crashes...?
b) Where this leaves security..........
have fun......
Andrew Jeavons
ATP Ltd
London England.   ...!ukc!qtlon!andrew
    
    
More information about the Comp.unix.xenix
mailing list