Add support for SHA3 type of algorithms that a TPM2 may support
some time in the future.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
The vendorInfoSize is a u8 rather than a u32.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Only write the logs for those PCRs that are in active PCR banks.
A PCR banks is assumed to be active if any of the BIOS relevant
PCRs 0 - 7 is enabled, thus pcrSelect[0] != 0.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Add support for pci config space access via mmconfig bar. Enable for
qemu q35 chipset. Main advantage is that we need only one instead of
two io operations per config space access, which translates to one
instead of two vmexits for virtualization.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20200323145911.22319-3-kraxel@redhat.com
Add helper function to calculate PORT_PCI_CMD value from bdf + addr.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20200323145911.22319-2-kraxel@redhat.com
GCC 10 gives the warnings below:
In file included from out/ccode32flat.o.tmp.c:54:
./src/tcgbios.c: In function 'tpm20_write_EfiSpecIdEventStruct':
./src/tcgbios.c:290:30: warning: array subscript '(<unknown>) + 4294967295' is outside the bounds of an interior zero-length array 'struct TCG_EfiSpecIdEventAlgorithmSize[0]' [-Wzero-length-bounds]
290 | event.hdr.digestSizes[count].algorithmId = be16_to_cpu(sel->hashAlg);
| ~~~~~~~~~~~~~~~~~~~~~^~~~~~~
In file included from ./src/tcgbios.c:22,
from out/ccode32flat.o.tmp.c:54:
./src/std/tcg.h:527:7: note: while referencing 'digestSizes'
527 | } digestSizes[0];
| ^~~~~~~~~~~
In file included from out/ccode32flat.o.tmp.c:54:
./src/tcgbios.c:291:30: warning: array subscript '(<unknown>) + 4294967295' is outside the bounds of an interior zero-length array 'struct TCG_EfiSpecIdEventAlgorithmSize[0]' [-Wzero-length-bounds]
291 | event.hdr.digestSizes[count].digestSize = hsize;
| ~~~~~~~~~~~~~~~~~~~~~^~~~~~~
In file included from ./src/tcgbios.c:22,
from out/ccode32flat.o.tmp.c:54:
./src/std/tcg.h:527:7: note: while referencing 'digestSizes'
527 | } digestSizes[0];
| ^~~~~~~~~~~
[Description copied from Gustavo A. R. Silva <gustavo@embeddedor.com>
from his Linux kernel commits.]
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array
member [1][2], introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=76497732932f15e7323dc805e8ea8dc11bb587cf
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
PS/2 keyboards on Chromebooks with upstream coreboot + SeaBIOS often
fail to init properly / register keystrokes. Modify ps2port init
to match that of TianoCore, which doesn't have said issues.
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
Message-Id: <248435f9-c169-e1db-fc3e-62185b74899c@molgen.mpg.de>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
So we detect kvm even in case there is no qemu pci hostbridge present,
for example when using the new, pci-less microvm machine type.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20200310102248.28412-2-kraxel@redhat.com
Add function to set tsc frequency directly, without calibration.
Also tweak timer setup functions a bit: skip setup in case TimerPort
has not the default value any more, i.e. another timer has been setup
already.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20200310102248.28412-1-kraxel@redhat.com
Since the USB stack doesn't handle stalled pipes,
don't abort keyboard setup if the set_idle command fails,
since it's a non-critical feature. Instead, log a warning.
Test: build/boot Google Pixel Slate, observe keyboard functional
Reviewed-by: Paul Menzel <pmenzel@molgen.mpg.de>
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Some USB keyboards report 9 or 10-byte max packet sizes instead of the
8-byte max specified by the USB HID spec. Increase the available size
and simplify the boundary checks.
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Check each disk attached to a virtio-scsi device whenever
it is bootable and skip initialization in case it isn't.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Call find_prio("HALT") only once, on first is_bootprio_strict() call.
Store the result in a variable and reuse it on subsequent calls.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Because initializing a virtio-blk or virtio-scsi device requires a large
amount of memory, you cannot create more than about 10 virtio devices.
Since initialization is required for booting from media, we will not
initialize those devices that are not in the boot order list.
Signed-off-by: Alexey Kirillov <lekiravi@yandex-team.ru>
Message-id: 20200107171917.7535-3-lekiravi@yandex-team.ru
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Introduce is_bootprio_strict().
We will reuse this function in the next commit.
Signed-off-by: Alexey Kirillov <lekiravi@yandex-team.ru>
Message-id: 20200107171917.7535-2-lekiravi@yandex-team.ru
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Boot devices which use overriden LCHS values are:
* ata
* ahci
* scsi
* esp
* lsi
* megasas
* mpt
* pvscsi
* virtio
* virtio-blk
We use these values in get_translation() and setup_translation() by
introducing a new translation type: "TRANSLATION_HOST".
We treat this translation as TRANSLATION_NONE in fill_ata_edd(),
although this does not really matter since now the translation between
physical and logical geometry does not exist.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190626123816.8907-6-shmuel.eiderman@oracle.com>
Adding the following utility functions:
* boot_lchs_find_pci_device
* boot_lchs_find_scsi_device
* boot_lchs_find_ata_device
These will be used to apply LCHS values received through fw_cfg.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190626123816.8907-5-shmuel.eiderman@oracle.com>
Introduce build_scsi_path() and build_ata_path().
We will reuse these functions in the next commit.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190626123816.8907-4-shmuel.eiderman@oracle.com>
Read bios geometry for boot devices from fw_cfg.
By receiving LCHS values directly from QEMU through fw_cfg we will be
able to support logical geometries which can not be inferred by SeaBIOS
itself.
(For instance: A 8GB virtio-blk hard drive which was originally created
as an IDE and must report LCHS of */32/63 for its operating system to
function will always break under SeaBIOS since a LARGE/LBA translation
will be used, causing the number of reported logical heads to be > 32.)
The only LCHS paravirtual interface available at the moment is for IDE
disks (rtc_read() in get_translation()) and it's limited to a maximum
of 4 disks (this code existed in SeaBIOS's translation function before
SCSI and VirtIO were even introduced).
This is why we create a new interface which allows passing LCHS
information per hdd.
Boot device information is serialized in the following way:
* device_path lcyls lheads lsecs\n
...
* device_path lcyls lheads lsecs\0
Device path is a null terminated string in the "Open Firmware" device
path format, the same path as used in bootorder.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190626123816.8907-2-shmuel.eiderman@oracle.com>
When querying a TPM 2.0 for its PCRs, make sure that we get enough bytes
from it in a response that did not indicate a failure. Basically we are
defending against a TPM 2.0 sending responses that are not compliant to
the specs.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Defend against a broken TPM 1.2 or TPM 2.0 that doesn't send at least
a full response header in the response but less than 10 bytes.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Specifically port->drive.lchs needs clearing, otherwise seabios will
try interpret whatever random crap happens to be there as disk geometry,
which may or may not break boot depending on how lucky you are.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Boot devices which use overriden LCHS values are:
* ata
* ahci
* scsi
* esp
* lsi
* megasas
* mpt
* pvscsi
* virtio
* virtio-blk
We use these values in get_translation() and setup_translation() by
introducing a new translation type: "TRANSLATION_MACHINE".
We treat this translation as TRANSLATION_NONE in fill_ata_edd(),
although this does not really matter since now the translation between
physical and logical geometry does not exist.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190612093704.47175-6-shmuel.eiderman@oracle.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add the "BOOTDEVICES" toggle to remove boot device information received
through fw_cfg.
We will use this toggle in QEMU to reduce the size of the 128k SeaBIOS
rom, which is only used in old compat versions, where this boot device
information does not exist.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190612093704.47175-5-shmuel.eiderman@oracle.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Adding the following utility functions:
* boot_lchs_find_pci_device
* boot_lchs_find_scsi_device
* boot_lchs_find_ata_device
These will be used to apply LCHS values received through fw_cfg.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190612093704.47175-4-shmuel.eiderman@oracle.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Currently glob_prefix() and build_pci_path() are under the "Boot
priority ordering" section.
Move them to a new "Helper search functions" section since we will reuse
them in the next commit.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190612093704.47175-3-shmuel.eiderman@oracle.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Read boot device information from fw_cfg.
Boot device information will contain logical geometry (LCHS) values,
but it is implemented in a manner which allows extension.
By receiving LCHS values directly from QEMU through fw_cfg we will be
able to support logical geometries which can not be inferred by SeaBIOS
itself.
(For instance: A 8GB virtio-blk hard drive which was originally created
as an IDE and must report LCHS of */32/63 for its operating system to
function will always break under SeaBIOS since a LARGE/LBA translation
will be used, causing the number of reported logical heads to be > 32.)
The only LCHS paravirtual interface available at the moment is for IDE
disks (rtc_read() in get_translation()) and it's limited to a maximum
of 4 disks (this code existed in SeaBIOS's translation function before
SCSI and VirtIO were even introduced).
This is why we create a new interface which allows passing LCHS
information per hdd. As mentioned, this interface may be easily extended
to support more information per hdd.
Boot device information is serialized in the following way:
* struct_size (u32)
* device path (sz string)
* device information (struct_size)
...
* device path (sz string)
* device information (struct_size)
Device path is a null terminated string in the "Open Firmware" device
path format, the same path as used in bootorder.
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Reviewed-by: Arbel Moshe <arbel.moshe@oracle.com>
Signed-off-by: Sam Eiderman <shmuel.eiderman@oracle.com>
Message-Id: <20190612093704.47175-2-shmuel.eiderman@oracle.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Commit 004f5b3a moved part of vgasrc/bochsvga.c to vgasrc/svgamodes.c
- copy over the copyright statements as well.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
These were added somewhere between the mailing list server and Gerd's
working copy (as the patch I got via the mailing list is fine). These
don't disturb the compiler, but they look ugly so remove them.
Reported-by: Paul Menzel <pmenzel@molgen.mpg.de>
Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
Message-Id: <20191020200726.20116-1-uwe@kleine-koenig.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This allows to have qemu run at the native screen resolution of my
(physical) monitor.
This is inspired by a patch created by Andreas Dangel that I found on
https://adangel.org/2015/09/11/qemu-kvm-custom-resolutions/ .
Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
Message-Id: <20191017203353.18898-2-uwe@kleine-koenig.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The goal of the patch is to work around a performance bug in guest
linux kernels.
Old linux kernels has a performance flaw in virtio block device access:
on some frequent disk access patterns, e.g. 1M read, the kernel produces
more block requests than needed. This happens because of virtio seg_max
parameter set to 126 (virtqueue_size - 2) which limits the maximum block
request to 516096 (126 * 4096_PAGE_SIZE) bytes.
Setting seg_max > 126 fixes the issue, however, not all linux kernels
allow that without increasing virtio virtqueue size. The old kernels have
a restriction: virtqueue_size >= seg_max. In case of the restriction
violation the old kernels crash.
The restriction is relaxed in the recent linux kernels (ver >= 4.13) with:
commit 44ed8089e991a60d614abe0ee4b9057a28b364e4
Author: Richard W.M. Jones
Date: Thu Aug 10 17:56:51 2017 +0100
scsi: virtio: Reduce BUG if total_sg > virtqueue size to WARN.
and the recent linux kernels don't crash if total_sg > virtqueue size
allowing to set seg_max to the needed value without virtqueue size
increasing.
To fix the performance flaw in the old linux kernels, it's needed to
increse seg_max to 254, and comply the restriction by setting
virtqueue_size to 256.
This is achievable if seabios can support virtqueue size > 128
which this patch actually does.
Windows kernels don't have virtqueue_size >= seg_max restriction and
isn't affected with this kind of the performance bug.
Signed-off-by: Denis Plotnikov <dplotnikov@virtuozzo.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Building with gcc v9 causes lots of warnings about pointers to packed
variables. However, SeaBIOS is limited to x86 where unaligned
reads/writes are supported by the cpu. So, disable that warning.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>