Hello!
The current git tip does not boot from USB or SD cards on an Acer
C720. The issue seems to stem from:
ab9d771ce14d5b8d38cde373d15a51b45efb99c6 is the first bad commit
commit ab9d771ce14d5b8d38cde373d15a51b45efb99c6
Author: Kevin O'Connor <kevin(a)koconnor.net>
Date: Sat Jun 14 12:48:35 2014 -0400
ehci: Update usb command timeouts to use usb_xfer_time()
Signed-off-by: Kevin O'Connor <kevin(a)koconnor.net>
:040000 040000 4fcdb230f8fcffc0d8256225eb3c3220bd2293d4
78b62cb78cc3537da5a2ce1f1417fb1e0a571ba1 M src
Regards,
Stefan
This is a repost of a series of patches providing TPM support to SeaBIOS.
As an addition, this patch series now works on the Acer C720 Chromebook
with limitations (S3 not getting invoked; no logging into TCPA table).
The patch series cleanly applies to a checkout of tags/rel-1.7.5.
The following set of patches add TPM and Trusted Computing support to SeaBIOS.
In particular the patches add:
- a TPM driver for the Qemu's TPM TIS emulation (not yet in Qemu git)
- ACPI support for the TPM device (SSDT table)
- ACPI support for measurement logging (TCPA table)
- Support for initialzation of the TPM
- Support for the TCG BIOS extensions (1ah handler [ah = 0xbb])
(used by trusted grub; http://trousers.sourceforge.net/grub.html)
- Static Root of Trusted for Measurement (SRTM) support
- Support for S3 resume (sends command to TPM upon resume)
- TPM-specific menu for controlling aspects of the TPM
All implementations necessarily follow specifications.
When all patches are applied the following services are available
- SSDT ACPI table for TPM support
- initialization of the TPM upon VM start and S3 resume
- Static root of trust for measurements (SRTM) that measures (some) data
of SeaBIOS in TCPA ACPI table
- 1ah interrupt handler offering APIs for measuring and sending commands to
the TPM (trusted grub uses them)
- User menu for controlling aspects of the state of the TPM
Stefan Berger (8):
Add an implementation of a TPM TIS driver
Provide ACPI SSDT table for TPM device + S3 resume support
Implementation of the TCG BIOS extensions
Support for BIOS interrupt handler
Add 'measurement' code to the BIOS
Add a menu for TPM control
Add a menu item for displaying TPM diagnostics
Make the TPM menu work on a Chromebook (Acer C720)
Makefile | 12 +-
src/Kconfig | 15 +
src/boot.c | 28 +-
src/cdrom.c | 10 +
src/clock.c | 12 +
src/config.h | 1 +
src/fw/acpi-tpm-ssdt.dsl | 24 +
src/fw/acpi-tpm-ssdt.hex | 27 +
src/fw/acpi.c | 41 +
src/hw/tpm_drivers.c | 273 ++++++
src/hw/tpm_drivers.h | 91 ++
src/optionroms.c | 4 +
src/post.c | 9 +
src/resume.c | 2 +
src/sha1.c | 145 +++
src/sha1.h | 8 +
src/std/acpi.h | 20 +
src/tcgbios.c | 2208 ++++++++++++++++++++++++++++++++++++++++++++++
src/tcgbios.h | 431 +++++++++
src/util.h | 32 +
20 files changed, 3388 insertions(+), 5 deletions(-)
create mode 100644 src/fw/acpi-tpm-ssdt.dsl
create mode 100644 src/fw/acpi-tpm-ssdt.hex
create mode 100644 src/hw/tpm_drivers.c
create mode 100644 src/hw/tpm_drivers.h
create mode 100644 src/sha1.c
create mode 100644 src/sha1.h
create mode 100644 src/tcgbios.c
create mode 100644 src/tcgbios.h
--
1.8.1.4
Hello,
We run Coverity on the Xen source code occasionally and it happens to
include SeaBIOS. The following new warnings have appeared since I pulled
in rel-1.7.5.
At least the MISSING_BREAK ones look likely to be valid to me. Not sure
about the other two...
Ian.
-------- Forwarded Message --------
From: scan-admin(a)coverity.com
Subject: New Defects reported by Coverity Scan for XenProject
Date: Wed, 16 Jul 2014 07:16:19 -0700
Message-id: <53c68933a9a35_6cda4073389495a(a)209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to XenProject found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1226281: Unchecked return value (CHECKED_RETURN)
/tools/firmware/seabios-dir-remote/src/fw/smbios.c: 578 in smbios_legacy_setup()
** CID 1226282: Missing break in switch (MISSING_BREAK)
/tools/firmware/seabios-dir-remote/src/hw/blockcmd.c: 49 in cdb_cmd_data()
** CID 1226283: Missing break in switch (MISSING_BREAK)
/tools/firmware/seabios-dir-remote/src/hw/blockcmd.c: 52 in cdb_cmd_data()
** CID 1226284: Missing break in switch (MISSING_BREAK)
/tools/firmware/seabios-dir-remote/src/hw/blockcmd.c: 55 in cdb_cmd_data()
** CID 1226285: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/tools/firmware/seabios-dir-remote/src/hw/usb-xhci.c: 698 in configure_xhci()
________________________________________________________________________________________________________
*** CID 1226281: Unchecked return value (CHECKED_RETURN)
/tools/firmware/seabios-dir-remote/src/fw/smbios.c: 578 in smbios_legacy_setup()
572 }
573 }
574
575 add_struct(32, p);
576 /* Add any remaining provided entries before the end marker */
577 for (i = 0; i < 256; i++)
>>> CID 1226281: Unchecked return value (CHECKED_RETURN)
>>> Calling "get_external" without checking return value (as is done elsewhere 12 out of 13 times).
578 get_external(i, &p, &nr_structs, &max_struct_size, end);
579 add_struct(127, p);
580
581 #undef add_struct
582
583 smbios_entry_point_setup(max_struct_size, p - start, start, nr_structs);
584 free(start);
________________________________________________________________________________________________________
*** CID 1226282: Missing break in switch (MISSING_BREAK)
/tools/firmware/seabios-dir-remote/src/hw/blockcmd.c: 49 in cdb_cmd_data()
43 return esp_scsi_cmd_data(op, cdbcmd, blocksize);
44 case DTYPE_MEGASAS:
45 return megasas_cmd_data(op, cdbcmd, blocksize);
46 case DTYPE_USB_32:
47 if (!MODESEGMENT)
48 return usb_cmd_data(op, cdbcmd, blocksize);
>>> CID 1226282: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
49 case DTYPE_UAS_32:
50 if (!MODESEGMENT)
51 return uas_cmd_data(op, cdbcmd, blocksize);
52 case DTYPE_PVSCSI:
53 if (!MODESEGMENT)
54 return pvscsi_cmd_data(op, cdbcmd, blocksize);
________________________________________________________________________________________________________
*** CID 1226283: Missing break in switch (MISSING_BREAK)
/tools/firmware/seabios-dir-remote/src/hw/blockcmd.c: 52 in cdb_cmd_data()
46 case DTYPE_USB_32:
47 if (!MODESEGMENT)
48 return usb_cmd_data(op, cdbcmd, blocksize);
49 case DTYPE_UAS_32:
50 if (!MODESEGMENT)
51 return uas_cmd_data(op, cdbcmd, blocksize);
>>> CID 1226283: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
52 case DTYPE_PVSCSI:
53 if (!MODESEGMENT)
54 return pvscsi_cmd_data(op, cdbcmd, blocksize);
55 case DTYPE_AHCI_ATAPI:
56 if (!MODESEGMENT)
57 return ahci_cmd_data(op, cdbcmd, blocksize);
________________________________________________________________________________________________________
*** CID 1226284: Missing break in switch (MISSING_BREAK)
/tools/firmware/seabios-dir-remote/src/hw/blockcmd.c: 55 in cdb_cmd_data()
49 case DTYPE_UAS_32:
50 if (!MODESEGMENT)
51 return uas_cmd_data(op, cdbcmd, blocksize);
52 case DTYPE_PVSCSI:
53 if (!MODESEGMENT)
54 return pvscsi_cmd_data(op, cdbcmd, blocksize);
>>> CID 1226284: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
55 case DTYPE_AHCI_ATAPI:
56 if (!MODESEGMENT)
57 return ahci_cmd_data(op, cdbcmd, blocksize);
58 default:
59 return DISK_RET_EPARAM;
60 }
________________________________________________________________________________________________________
*** CID 1226285: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/tools/firmware/seabios-dir-remote/src/hw/usb-xhci.c: 698 in configure_xhci()
692 free(spba);
693 free(pad);
694 goto fail;
695 }
696 int i;
697 for (i = 0; i < spb; i++)
>>> CID 1226285: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "i * 4096" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "u64" (64 bits, unsigned). To avoid overflow, cast either operand to "u64" before performing the multiplication.
698 spba[i] = (u32)pad + (i * PAGE_SIZE);
699 xhci->devs[0].ptr_low = (u32)spba;
700 xhci->devs[0].ptr_high = 0;
701 }
702
703 reg = readl(&xhci->op->usbcmd);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/606?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
I have setup Coreboot with Seabios to run on a Lenovo X131e laptop. It
works fine, except for the non-responsive keyboard on cold boots.
With a warm reboot (restart) I can use the laptop keyboard to press F10 and
then specify the number for the operating system/drive I want to boot from.
But with a cold boot (from a previously powered-off state), the laptop
keyboard does not work until I get to the password prompt in linux. So,
with a cold boot, Seabios just defaults to boot from the first device in the
boot order.
An external USB keyboard, however, works fine (for both cold and warm
reboots) to enter F10 for the boot order and to select the OS/drive I want.
I tried setting the boot-menu-wait and the ps2-keyboard-spinup options with
times as high as 90 seconds (90,000 milli sec), but the laptop keyboard
still did not work on a cold boot. After the 90 seconds, Seabios just
selects the first device to boot from.
Any suggestions?
Thanks
Dear SeaBIOS folks,
in the thread *Help for Coreboot project* [1] on the coreboot mailing
list, Denis Carikli wrote that to get graphics under Linux (not GRUB or
SeaBIOS) with AMD/ATI graphics devices it is enough to place/load(?) the
Video BIOS/VGA Option ROM at the right place and not run it.
The same is needed for some Intel devices (Google Chromebooks) so the
VBT, needed for setting up the panel, is found.
Enabling that option in coreboot (currently only possible by changing
`def_bool` to `y`) and disabling Option ROM handling in SeaBIOS did not
work. I think SeaBIOS overwrote the region (`/proc/iomem`).
Looking for configuration options in SeaBIOS, there is the Kconfig
option `OPTIONROMS_DEPLOYED`, which only available for QEMU though. Also
it uses placed/loaded Option ROMs and still runs them.
I guess more Kconfig options have to be added to support my use case. Is
that wanted or should I do as Denis wrote and patch the SeaBIOS locally?
Thanks,
Paul
[1] http://www.coreboot.org/pipermail/coreboot/2014-July/078293.html
[2] http://review.coreboot.org/5594
Hello!
I added support from the TPM to SeaBIOS and have parts of the BIOS
functionality successfully running on a Chromebook Acer C720 (as example
hardware). Here are some findings on the Acer:
The TPM is successfully detected but sending TPM_Startup(ST_Clear) to
the TPM fails since either coreboot or some other firmware seems to
already have initialized the TPM, which is fine, and also extended PCR 0
with at least one hash. Ideally there would be a TCPA ACPI table
containing information about what was logged, since otherwise the state
of the PCR seems not that useful. SeaBIOS's TPM extensions could then
also use this TCPA table and add its own logs into it along with
extending PCRs in the TPM. So, in this case the TPM SeaBIOS extensions
don't log anything and adding additional ACPI tables to the existing
coreboot tables seems 'impractical'. I was wondering if coreboot could
add such a table if a TPM was found to be present?
Regards,
Stefan
An older version of the SeaBIOS TPM patches can be found here (for now):
http://www.seabios.org/pipermail/seabios/2011-August/002252.html
Building the seabios defconfig on a 64-bit Debian Wheezy system I'm
seeing:
Compiling (16bit) out/romlayout.o
src/romlayout.S: Assembler messages:
src/romlayout.S:285: Error: expecting string instruction after `rep'
make: *** [out/romlayout.o] Error 1
That line is:
// Acquire lock and take ownership of shared stack
1: rep nop
I've also checked the preprocessed version and the nop isn't being
disappeared or anything like that.
This is with 083ee297ef88d "ohci: Update usb command timeouts to use
usb_xfer_time()". I don't see it with the rel-1.7.5 tag.
git bisect has fingered 0673b7870063a ""smp: Replace QEMU SMP init
assembler code with C; run only in 32bit mode.", which makes sense since
it made those additions to romlayout.S
Other than a compiler bug I can't think what might be going on. Debian
Wheezy has gcc 4.7.2 and binutils 2.22.
Ian.