Patch-ID# 112352-02 Keywords: security Keyboard DELL LATITUDE laptops CDE I_STR ioctl Synopsis: SunOS 5.8_x86: /kernel/drv/i8042 and /kernel/drv/kb8042 patch Date: Jan/07/2003 Install Requirements: Reboot after installation Solaris Release: 8_x86 SunOS Release: 5.8_x86 Unbundled Product: Unbundled Release: Xref: Topic: SunOS 5.8_x86: /kernel/drv/i8042 and /kernel/drv/kb8042 patch Relevant Architectures: i386.i86pc BugId's fixed with this patch: 4433898 4587859 Changes incorporated in this version: 4587859 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 108529-18 or greater Obsoleted by: Files included with this patch: /kernel/drv/i8042 /kernel/drv/kb8042 Problem Description: 4587859 I_STR ioctl payloads are improperly validated (from 112352-01) 4433898 Keyboard does not function on the DELL LATITUDE CPt laptops at the CDE Login window Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- When installing on a system that requires this patch, one of two workarounds must be used to install Solaris: 1) Use a USB keyboard during installation. This will work for most, but not all systems, needing this patch. 2) Use a serial console during installation. The steps for doing this are shown in detail below. 3) Patch a net installation image and install over the network. After using either method 1 or 2 to start installing Solaris 8, choose to do a manual reboot when installation is complete. This will give you the chance to install the patch manually before rebooting. Copy the patch directory onto a floppy as a tar or cpio file previous to your installation, or use a seperate computer to do this once installation is done. You can then extract the contents of the patch to the /tmp directory from the command line and run patchadd on it. Note that you need to apply it using an option you probably have not used previously: patchadd -R /a 112352-01 The '-R /a' option is needed because your hard disk is mounted as /a during the installation process and is still mounted there when it is completed. You can now shutdown the system using 'init 0' and switch to your normal keyboard. If you were using method 2, a serial console, you can just use 'init 6' to reboot the system - since no switching of keyboards is required. How to install via a Serial Console When in the Device Configuration Assistant (DCA) you eventually end up at the "Boot Solaris" screen. The title is in the red line at the top of the screen. At the bottom is a green line showing the function key options you can use. Use the key to enter the "Boot Tasks" screen. On that screen use the down cursor key to highlight "View/Edit Property Settings" and hit the Space bar to select it. You can then hit the key to execute that function. You should now see a list of properties that can be set during installation. These are the same as the eeprom properties you would set in Solaris (man eeprom). Use the up and down cursor keys or page-up/page-down to navigate the list. Select a property be hitting the Space Bar. You will then use the key to change the property. Here is a list of the properties we need to change, what they default to, and what they need to be changed to: Property Name Default Value New Value output-device screen ttya input-device keyboard ttya You might also need to add a property to this list. Use to create a new property 'ttya-ignore-cd'. Set it's value to true. This is only needed if your cable does not supply CD and DSR correctly. The symptom of this is that the install appears to "hang" with no console output. Be sure to use a Null Modem cable between the COM port of the PC and the terminal or other system you are using. Note that these examples are for the COM1 serial port, known as ttya to Solaris. For COM2 you would use the ttyb port, etc. The baud rate for a serial console defaults to 9600, 8-bits, no parity, and 1 stop bit. You can change this be creating a property for the port you are using. Here is an example for setting COM1 to 38400 baud: (create property) ttya-mode 38400,8,n,1 Do a man of the eeprom command (or look at http:/docs.sun.com for the man page on the eeprom command) to see an explanation of this property. Anything faster than 38400 risks dropping characters, so it is not recommended that you go any faster than that for doing an installation. When you have the properties set up the way you wish, hit the key to go back to the "Boot Tasks" screen. From there you hit to get back to the "Boot Solaris" screen. It will reload the various drivers using during the boot process to insure your new property values are honored. At this point you should be using the serial console and have the "Boot Solaris" screen showing on your serial device screen. To enter a function key value, use the Escape key and the number for the function you wish to use. For example, to enter the equivalent of , enter: <2> Do not configure the video card for your system during installation. Exit out of the kdmconfig program without testing the selection it gives you to install in the text-only mode using your serial console. Now proceed as you would to install any system. After you have completed the installation, be sure you don't leave the serial port configured as the console device, unless that is what you want it to be of course. To use the normal keyboard you need to set input-device to be the keyboard and output-device to be the console. It is recommended that you use the eeprom command to do this once the system is up and then reboot the system. README -- Last modified date: Tuesday, January 7, 2003