| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Add macros to read/write virtio registers.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
virtio 1.0 specifies the location of the various virtio regions
using pci capabilities. Look them up and store the results.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
... instead of the bdf only.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
For virtio 1.0 support we will need more state than just the (legacy
mode) ioaddr for each virtio-pci device. Prepare for that by adding
a new struct for it. For now it carries the ioaddr only.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
virtio version 1.0 registers can (and actually do in the qemu
implementation) live in mmio space. So we must run the blk and
scsi virtio drivers in 32bit mode, otherwise we can't access them.
This also allows to drop a bunch of GET_LOWFLAT calls from the virtio
code in the following patches.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Add a parameter to pci_find_capability, to specify the start point.
This allows to find multiple capabilities of the same type, by calling
pci_find_capability again with the offset of the last capability found.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Rename tcg externally called functions to more closely match other
subsystems.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Move the call to measure the option ROM 'tpm_option_rom' into
init_optionrom.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Remove some unused #defines and remove comments pointing to
sections in specs.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Clean up the parameters to the build_and_send_cmd function call.
Use the sizeof() on the preceding buffer parameter. If the buffer
is NULL, we pass 0.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Remove the array size from all arrays.
Replace the magic 12 with sizeof(GetCapability_Timeouts),
which represents the maximum number of bytes that need to be
reserved.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Introduce a #define for the TPM command tag 0x00c1.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
Don't mark function definitions in headers with "inline" - it causes
compile warnings on gcc v5.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Acked-by: Paul Menzel <paulepanter@sourceforge.net>
|
|
This patch adds invocations of functions that measure various parts of the
code and data through various parts of the BIOS code. It follows TCG
specifications on what needs to be measured. It also adds the implementation
of the called functions.
Reference for what needs to be measured can be found in specs found here:
http://www.trustedcomputinggroup.org/resources/pc_client_work_group_specific_implementation_specification_for_conventional_bios
The first measurements are done once the ACPI tables have been initialized.
Once booted into Linux, the current measurements produce the following logs
which can be found in /sys/kernel/security/tpm0/ascii_bios_measurements.
The below log also shows measurements from trusted grub.
1 3fb240d2a04085a4e84f81e4398e070ed5a18163 06 [SMBIOS]
2 cc812353fc277c1fab99e0b721752a1392984566 06 [Option ROM]
2 9dbd87163112e5670378abe4510491259a61f411 05 [Start Option ROM Scan]
2 6f74e357331b8dee11bbad85f27bc66cb873106c 06 [Option ROM]
2 5626eb7ac05c7231e46d7461e7d3839b03ae9fad 06 [Option ROM]
4 c1e25c3f6b0dc78d57296aa2870ca6f782ccf80f 05 [Calling INT 19h]
0 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
1 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
2 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
3 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
4 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
5 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
6 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
7 d9be6524a5f5047db5866813acf3277892a7a30a 04 []
4 8cf2fe6c87d4d0b2998a43da630292e6d85ee8b6 05 [Booting BCV device 80h (HDD)]
4 5dff94459a3e2d13a433ef94afdc306144565bf7 0d [IPL]
5 d1b33afde65ad47502332af957c60f20c84c1edc 0e [IPL Partition Data]
4 487ce764b527ccad17f1d04243d0136fa981e6c4 0d [IPL]
4 91d285e4dead566324c8938a3cc75803f462d9a1 0d [IPL]
4 8ba79ac98bb491524fef29defc724daaf6263d35 0d [IPL]
4 c591c15b82e4ff30e7383a4ff1ef3b41b38521ac 06 []
4 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator]
5 8cdc27ec545eda33fbba1e8b8dae4da5c7206972 04 [Grub Event Separator]
5 e8673b9e14b02dc12d8ccfd0176bca7a3de7fc3c 0e [IPL Partition Data]
5 0163e375a0af7525c5dac1a8e74b277359e40d1d 1105 []
8 4be30f67c3d48ab7f04d9c0fd07f06d4c68379be 1205 []
8 54c83965978de9708d026016ecb0e70660e04388 1305 []
5 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator]
8 2431ed60130faeaf3a045f21963f71cacd46a029 04 [OS Event Separator]
8 f3973cae05d6e2055062119d6e6e1e077b7df876 1005 []
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
I've been successfully using SeaBIOS as secondary bootloader. In more details
I have GRUB2-as-payload in flash together with coreboot. SeaBIOS binary is on
the HDD and loaded by GRUB when needed. This has an unfortunate consequence
that I have to keep vga oprom in flash even if usually I boot without it. This
patches makes bios.bin.elf multiboot executable with files passed as modules.
Example:
menuentry "SeaBIOS (mb)" --unrestricted {
root=ahci0,2
multiboot /bios.bin.elf
module /vgabios_x230.rom name=pci8086,0166.rom
}
the parameter name= specifies under which name SeaBIOS will see it.
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Signed-off-by: Quan Xu <quan.xu@intel.com>
|
|
This patch implements the TCG BIOS interrupt handler 1ah. It is for
example used by trusted grub.
This patch adds an implementation of SHA1 (following NIST specs., IETF RFC 3147
and Wikipedia) for speeding up measurements of code. Trusted Grub for example
makes use of this interface and measures (calculates SHA1) of the Linux kernel
and initrd. Those files can be rather large and hunting their bytes through
the TIS interface as part of the int handler commands invoked by trusted grub
does take quite some time due to the many vmexits the interface is creating
(one per byte).
There is also a threshold for the size of data to hash (100k) below which
the TPM is used and above the internal faster SHA1 algorithm is used.
This patch for example enables trusted grub to interact with the TPM
and take additional measurements.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
This patch implements the main part of the TCG BIOS extensions. It provides
the following functionality:
- initialization of the TCPA ACPI table used for logging of measurements
- initialization of the TPM by sending a sequence of commands to it
- proper setup of the TPM before the BIOS hands over control to the bootloader
- support for S3 resume; BIOS sends TPM_Startup(ST_STATE) to TPM
- enable configuration of SeaBIOS to be built with TCGBIOS extensions
All TCG BIOS extensions are activated with CONFIG_TCGBIOS.
Structures that are needed in subsequent patches are also included in
tcgbios.h at this point.
The effect of this patch is that it initialized the TPM upon VM start
and S3 resume.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
This patch adds an implementation of a TPM TIS driver for the TPM TIS
emulation supported by QEMU. The driver is broken up into several
small functions that have to be called in proper sequence. The driver is
cleanly separated from the rest of the code through an interface holding
pointers to the driver's functions.
A client using this driver first probes whether the TPM TIS
interface is available (probe function) and then invokes the interface
function to initialze the interface and send requests and receive responses.
Possible future extensions *could* include a virtio interface for the TPM
with a corresponding driver here.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
At least AHCI on Intel on some machines claim to support only 6 ports
while in fact higher port numbers are present and work.
This is needed to access CD-ROM on PackardBell MS2290.
Both GRUB and Linux have a similar workaround.
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
|
|
Bits 16-31 of the SMM revision ID are feature bits. We only need to
check that SMBASE relocation is supported, but do not care about other
features. In particular, this allows the SMM I/O instruction restart
feature to be present.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
Change the smbios structure to use a 4 byte u32 signature field
instead of a 4 byte character string field. In practice, this allows
the compiler to place the signature in the initialize code segment and
thus makes it less likely the signature would be found in the
f-segment. (If the smbios signature is found in the f-segment it can
confuse some table scans.)
Reviewed-by: Bruce Rogers <brogers@suse.com>
Tested-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
If the last mode set (while not in vm86 mode) was done from a VBE mode
set call then disable the extra stack. This works under the premise
that only a modern OS would invoke the VBE mode changing facilities
and a modern OS would always call the vgabios with sufficient stack
space.
This is an ugly hack to work around a problem Windows Vista (and
possibly later Windows releases) has with the VGA BIOS using a stack
in the e-segment.
Reported-by: Richard Laager <rlaager@wiktel.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
On some platforms, F12 may be hard to access; for example, on OS X
machines F9-F12 have been intercepted by the OS for a long time, and
on newer OS X releases function keys are basically gone for good.
Which keys are and are not available depends on the client, not on
the server, but only function keys are usually trapped by terminals.
Hence, using ESC for the boot menu avoids the problems associated
with F12.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
If the menu key is ESC, do not restart boot unless
1.5 seconds have passed. Otherwise users (trained by years of
repeatedly hitting keys to enter the BIOS) will end up hitting ESC
multiple times and immediately booting the primary boot device.
Suggested-by: Matt DeVillier <matt.devillier@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
In 0673b787 the QEMU SMP init code was changed to run in 32bit mode.
Unfortunately, the transition32 assembler function is not
multi-processor safe, because it modifies the global RTC index
register. This race condition led to sporadic failures when emulating
machines with a large number of processors.
This patch changes the entry_smp code to use a variant of transition32
that does not touch the RTC registers.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
For resource sizing and mapping purposes treat devices on extra root
buses as if they are on the default root bus (bus 0).
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
If there are extra primary root buses, scanning the bus's 0
subtree is not enough. Scan all the range.
Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
TEST: Booted ASUS KFSN4-DRE with iPXE ROMs built in to CBFS;
with etc/pci-optionrom-exec set to 0 the on-board network ROMs
were ignored while the iPXE ROMs executed normally. When set
to 2 or greater all option ROMs executed normally. Tests of
VGA only were not possible due to a lack of supported hardware.
Signed-off-by: Timothy Pearson <tpearson@raptorengineeringinc.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
For PCIe device support AER(Advanced Error Reporting), from the
pcie spec 3.0 chapter 6.2.5, ERR_COR, ERR_NONFATAL, and ERR_FATAL
can be forwarded from the secondary interface to the primary interface,
only require the SERR# Enable bit in the Bridge Control register is set.
and at the kernel side, we found only _HPP() method can enable
SERR#, So here we want to turn on this bit.
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Use barrier() for memory mapped IO functions.
This fixes pvscsi driver to boot on QEMU's pvscsi controller.
Test command:
qemu -m 512 --enable-kvm -device pvscsi,id=pvscsi0
-device scsi-disk,bus=pvscsi0.0,drive=drive0
-drive id=drive0,if=none,file=ubuntu1410.img,if=none
-bios seabios/out/bios.bin
Signed-off-by: Ameya Palande <2ameya@gmail.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
There is no need to pass 'cmdsize' to the usb drivers as the cmdsize
is always 8 bytes.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The xhci_xfer_setup, xhci_xfer_data, xhci_xfer_status, and
xhci_xfer_normal functions are very similar - enhance xhci_xfer_queue
to reduce the boiler plate in the above functions. Merge the
resulting setup, data, and status code into the only function that
uses them - xhci_send_pipe().
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
This is purely code movement - no code changes.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Now that all drivers have unified control and bulk transmit functions,
unify the driver calling code in usb.c as well.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Merge both the control and bulk pipe sending functions into one new
function: xhci_send_pipe(). This makes the xhci interface similar to
the other usb drivers.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Merge both the control and bulk pipe sending functions into one new
function: uhci_send_pipe(). The two existing functions were similar,
and by merging them the resulting code supports more flexible control
transfers.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Merge both the control and bulk pipe sending functions into one new
function: ohci_send_pipe(). The two existing functions were similar,
and by merging them the resulting code supports more flexible control
transfers.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Merge both the control and bulk pipe sending functions into one new
function: ehci_send_pipe(). The two existing functions were similar,
and by merging them the resulting code supports more flexible control
transfers.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Simplify the calculation of the maximum transfer size per qtd,
simplify the fillTDbuffer() function so that it only fills the buffer
pointers, and rename fillTDbuffer() to ehci_fill_tdbuf().
Also, don't modify 'data' or 'datasize' so that usb_xfer_time() can
use 'datasize' at the end of the function.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
The maximum bulk transfer is 64K and 4 QTDs can always transfer 64K.
So, there is no need to support a transfer with more than 4 QTDs.
Build the entire transaction and then submit it in one operation to
simplify the code.
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
GWBasic relies on this, so implement it to enable some serious retrocomputing.
There is no better way to do it than trying to match all characters one by one
against the current font.
This makes it possible to actually do something in SCREEN 1 and SCREEN 2
(without it, you can use graphics in the programs but not in direct mode).
I couldn't find documentation for what to return as the attribute, but
experimenting with DOSBox suggests 0 (and GWBasic accepts it).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
|
Increase the number of simultaneous transfer descriptors that the
driver will build for uhci. The old value of 4 was a leftover from
when SeaBIOS had a tiny 512 byte extra stack - now that there is a 2K
extra stack there is plenty of space for additional descriptors.
Using a value of 16 should allow for an entire 1ms frame of bulk
transfer content to be setup in advance (assuming the max packet size
is 64 bytes).
Signed-off-by: Kevin O'Connor <kevin@koconnor.net>
|
