Hi Gerd,
I was curious to see what the "sercon" stuff would look like in
SeaVGABIOS instead of in SeaBIOS. So, I put together a quick
prototype. The code is also at:
https://github.com/KevinOConnor/seabios/tree/testing
This is just a proof-of-concept thing - I didn't implement any of the
useful features you have in your series. Specifically, it doesn't
unclutter the serial output, doesn't implement cp437 translations, and
doesn't handle multi-byte input. It does does have basic input,
output, and split-output handling though.
I'm not sure if this is better than a SeaBIOS implementation. I
suspect it will be easier to handle vga quirks this way. However,
handling exotic serial outputs (eg, mmio and usb based) would be
better suited in SeaBIOS.
Thoughts?
-Kevin
Kevin O'Connor (3):
sercon: Initial support for VGA emulation over serial port
sercon: Add basic keyboard input support
sercon: Support "split output" mode
Makefile | 2 +-
vgasrc/Kconfig | 6 +
vgasrc/sercon.c | 356 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
vgasrc/vgabios.c | 15 ++-
vgasrc/vgabios.h | 5 +
vgasrc/vgaentry.S | 7 ++
vgasrc/vgahw.h | 72 ++++++++++-
vgasrc/vgainit.c | 12 +-
vgasrc/vgautil.h | 24 ++++
9 files changed, 482 insertions(+), 17 deletions(-)
create mode 100644 vgasrc/sercon.c
--
2.5.5
The parameters for extending the PCRs of a TPM 2 are written in
big endian format when sent to the TPM. However, the log needs
to be written in little endian format, so we cannot just copy
the structure into the log as-is. To support the little endian
format in the log, we extend the function writing the TPM 2
digest structure with a parameter that allows us to choose the
endianess of a few parameters. We then rewrite the digest structure
in little endian format for the log.
Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com>
---
src/tcgbios.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 4cff4ce..fea88a6 100644
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -311,11 +311,13 @@ tpm20_write_EfiSpecIdEventStruct(void)
*
* le: the log entry to build the digest in
* sha1: the sha1 hash value to use
+ * bigEndian: whether to build in big endian format for the TPM or
+ * little endian for the log
*
* Returns the digest size; -1 on fatal error
*/
static int
-tpm20_build_digest(struct tpm_log_entry *le, const u8 *sha1)
+tpm20_build_digest(struct tpm_log_entry *le, const u8 *sha1, int bigEndian)
{
if (!tpm20_pcr_selection)
return -1;
@@ -346,7 +348,11 @@ tpm20_build_digest(struct tpm_log_entry *le, const u8 *sha1)
return -1;
}
- v->hashAlg = sel->hashAlg;
+ if (bigEndian)
+ v->hashAlg = sel->hashAlg;
+ else
+ v->hashAlg = be16_to_cpu(sel->hashAlg);
+
memset(v->hash, 0, hsize);
memcpy(v->hash, sha1, hsize > SHA1_BUFSIZE ? SHA1_BUFSIZE : hsize);
@@ -360,7 +366,10 @@ tpm20_build_digest(struct tpm_log_entry *le, const u8 *sha1)
}
struct tpm2_digest_values *v = (void*)le->hdr.digest;
- v->count = cpu_to_be32(count);
+ if (bigEndian)
+ v->count = cpu_to_be32(count);
+ else
+ v->count = count;
return dest - (void*)le->hdr.digest;
}
@@ -374,13 +383,13 @@ tpm12_build_digest(struct tpm_log_entry *le, const u8 *sha1)
}
static int
-tpm_build_digest(struct tpm_log_entry *le, const u8 *sha1)
+tpm_build_digest(struct tpm_log_entry *le, const u8 *sha1, int bigEndian)
{
switch (TPM_version) {
case TPM_VERSION_1_2:
return tpm12_build_digest(le, sha1);
case TPM_VERSION_2:
- return tpm20_build_digest(le, sha1);
+ return tpm20_build_digest(le, sha1, bigEndian);
}
return -1;
}
@@ -709,7 +718,7 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type,
.hdr.pcrindex = pcrindex,
.hdr.eventtype = event_type,
};
- int digest_len = tpm_build_digest(&le, hash);
+ int digest_len = tpm_build_digest(&le, hash, 1);
if (digest_len < 0)
return;
int ret = tpm_extend(&le, digest_len);
@@ -717,6 +726,7 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type,
tpm_set_failure();
return;
}
+ tpm_build_digest(&le, hash, 0);
tpm_log_event(&le.hdr, digest_len, event, event_length);
}
@@ -1249,7 +1259,7 @@ hash_log_extend(struct pcpes *pcpes, const void *hashdata, u32 hashdata_length
.hdr.pcrindex = pcpes->pcrindex,
.hdr.eventtype = pcpes->eventtype,
};
- int digest_len = tpm_build_digest(&le, pcpes->digest);
+ int digest_len = tpm_build_digest(&le, pcpes->digest, 1);
if (digest_len < 0)
return TCG_GENERAL_ERROR;
if (extend) {
@@ -1257,6 +1267,7 @@ hash_log_extend(struct pcpes *pcpes, const void *hashdata, u32 hashdata_length
if (ret)
return TCG_TCG_COMMAND_ERROR;
}
+ tpm_build_digest(&le, pcpes->digest, 0);
int ret = tpm_log_event(&le.hdr, digest_len
, pcpes->event, pcpes->eventdatasize);
if (ret)
--
2.5.5
Hi Stefan,
I dusted off some TPM patches I had worked on earlier in the year.
Mostly just code movement, but the last patch I think helps simplify
tpm_build_and_send_cmd().
Do they look okay to you?
-Kevin
Kevin O'Connor (6):
tpm: Add comment banners to tcg.c separating major parts of spec
tpm: Don't call tpm_set_failure() from tpm12_get_capability()
tpm: Move code around in tcgbios.c to keep like code together
acpi: Generalize find_fadt() and find_tcpa_by_rsdp() into
find_acpi_table()
tpm: Don't call tpm_build_and_send_cmd() from tpm20_stirrandom()
tpm: Rework tpm_build_and_send_cmd() into tpm_simple_cmd()
src/fw/biostables.c | 18 +-
src/std/acpi.h | 7 -
src/std/tcg.h | 199 +++++++++--------
src/tcgbios.c | 611 ++++++++++++++++++++++------------------------------
src/util.h | 1 +
5 files changed, 369 insertions(+), 467 deletions(-)
--
2.5.5
Hello,
so far the multiboot support is not included in the documentation.
This small patch changes docs/Runtime_config.md to include multiboot.
I think adding how to use multiboot with Grub would be nice, but this
does not seem to fit to the content of Runtime_config.md.
Do you have any suggestions where to put it?
>
This example shows how to start SeaBIOS from Grub2 via multiboot.
SeaVGABIOS is passed as a module.
```
set root=(usb0,msdos1)
multiboot /bios.elf.bin
module /vgabios.bin name=vgaroms/seavgabios.bin
boot
```
>
Best,
---
Dennis Guse
On Fri, Nov 18, 2016 at 10:48:02AM +0100, Dennis Guse wrote:
> I know usually Seabios is loaded by Coreboot and then Seabios loads
> its modules from CBFS.
> I want to do it slightly different:
> * Hardware starts coreboot (actually libreboot flashed to a Lenovo X60)
> * Coreboot starts Grub2
> * Grub2 chainloads Seabios from external storage, e.g., USB0:
> `chainloader (usb0,msdos1)/bios.bin.elf`
> * Seabios starts and loads its roms and configuration NOT from CBFS
>
> My actual reason for not accessing CBFS is that I want to avoid
> flashing the CBFS to hardware for every change of Seabios or its
> configuration.
> However, I want to have VGA output...
The multiboot support should allow one to pass modules from grub2 to
SeaBIOS. I've not used multiboot, but this was an example posted in
the past:
menuentry "SeaBIOS (mb)" --unrestricted {
root=ahci0,2
multiboot /bios.bin.elf
module /vgabios_x230.rom name=pci8086,0166.rom
}
> So far, I can chainload Seabios from Grub2 (mostly via USB0).
> Then Seabios is accessing the CBFS and automatically loads Grub2 from CBFS.
I don't see why SeaBIOS would automatically chainload grub2 unless you
asked it to. SeaBIOS only brings in payloads that are stored in the
"img/" directory of CBFS - as long as one doesn't put images in that
directory, SeaBIOS wont attempt to boot them.
> For my case, it would be perfect if the roms (mainly VGA.rom) and
> configuration would be compiled into the `bios.bin.elf`.
>
> I looked into the source and did not find a built in option for this
> (I think nobody ever came with such a use case).
> What would be a good starting point for me?
There's no support for compiling in binaries to SeaBIOS.
I'm CC'ing Vladimir as he added the multiboot support.
-Kevin
Hey,
I know usually Seabios is loaded by Coreboot and then Seabios loads
its modules from CBFS.
I want to do it slightly different:
* Hardware starts coreboot (actually libreboot flashed to a Lenovo X60)
* Coreboot starts Grub2
* Grub2 chainloads Seabios from external storage, e.g., USB0:
`chainloader (usb0,msdos1)/bios.bin.elf`
* Seabios starts and loads its roms and configuration NOT from CBFS
My actual reason for not accessing CBFS is that I want to avoid
flashing the CBFS to hardware for every change of Seabios or its
configuration.
However, I want to have VGA output...
So far, I can chainload Seabios from Grub2 (mostly via USB0).
Then Seabios is accessing the CBFS and automatically loads Grub2 from CBFS.
For my case, it would be perfect if the roms (mainly VGA.rom) and
configuration would be compiled into the `bios.bin.elf`.
I looked into the source and did not find a built in option for this
(I think nobody ever came with such a use case).
What would be a good starting point for me?
Best,
---
Dennis Guse
When I have 2 SATA disks attached to my board, and only second priority
device is with OS, SeaBIOS doesn't boot.
The "empty" disk doesn't have MBR, so SeaBIOS doesn't stuck on it, it goes
to the end message "No bootable device. Retrying in 60 seconds."
But if I manually press "ESC" and choose correct disk in interactive promt,
system boots successfully.
Two logs attached to the message (with and without "ESC" interaction). I use
SeaBIOS (d7adf6044a4c772b497e97272adf97426b34a249) as a payload to coreboot.
Hi,
I'm reporting a build issue that I'm seeing when building Xen's
userspace tools, when the build process clones and build Seabios, on
Debian Sid, with gcc '6.2.0 20161019 (Debian 6.2.0-9)'.
The error looks like this (http://pastebin.com/99cubDZ3):
make -C seabios-dir all
make[6]: Entering directory '/home/SOURCES/xen/xen.git/tools/firmware/seabios-dir-remote'
Compile checking out/src/stacks.o
src/stacks.c: Assembler messages:
src/stacks.c:567: Error: found `(', expected: `)'
src/stacks.c:567: Error: junk `(%ebp))' after expression
src/stacks.c:568: Warning: indirect call without `*'
Makefile:133: recipe for target 'out/src/stacks.o' failed
make[6]: *** [out/src/stacks.o] Error 1
make[6]: Leaving directory '/home/SOURCES/xen/xen.git/tools/firmware/seabios-dir-remote'
/home/SOURCES/xen/xen.git/tools/firmware/../../tools/Rules.mk:218: recipe for target 'subdir-all-seabios-dir' failed
Seabios folks may be aware of this already, as it looks very similar to
this:
https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1463516.h…
And even more to this:
https://lists.debian.org/debian-gcc/2016/10/msg00147.html
A colleague of mine (Cc-ed) said in chat that gcc 6.2.1 (don't know on
what distro) seems to build all fine.
Regards,
Dario
--
<<This happens because I choose it to happen!>> (Raistlin Majere)
-----------------------------------------------------------------
Dario Faggioli, Ph.D, http://about.me/dario.faggioli
Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)
