1. Patchew
  2. QEMU
  3. View series

[PATCH v3 0/6] X86: Alias isa-bios area and clean up

Bernhard Beschow posted 6 patches 1 week, 5 days ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20240508175507.22270-1-shentey@gmail.com
Maintainers: Sergio Lopez <slp@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>, Marcel Apfelbaum <marcel.apfelbaum@gmail.com>, Richard Henderson <richard.henderson@linaro.org>, Eduardo Habkost <eduardo@habkost.net>
include/hw/i386/pc.h  |  1 +
include/hw/i386/x86.h | 17 +++++++++++++++-
hw/i386/microvm.c     |  2 +-
hw/i386/pc.c          |  1 +
hw/i386/pc_piix.c     |  3 +++
hw/i386/pc_q35.c      |  2 ++
hw/i386/pc_sysfw.c    | 17 ++++++++++------
hw/i386/x86.c         | 45 ++++++++++++++++++++++---------------------
8 files changed, 58 insertions(+), 30 deletions(-)
[PATCH v3 0/6] X86: Alias isa-bios area and clean up
Posted by Bernhard Beschow 1 week, 5 days ago 
This series changes the "isa-bios" MemoryRegion to be an alias rather than a
copy in the pflash case. This fixes issuing pflash commands in the isa-bios
region which matches real hardware and which some real-world legacy bioses I'm
running rely on. Furthermore, aliasing in the isa-bios area is already the
current behavior in the bios (a.k.a. ROM) case, so this series consolidates
behavior.

For migration compatibility the aliasing is only performed on new versions of
the q34 and pc machine types.

v3:
* Amend commit message with a diff of `info mtree` (Phil)
* Add comments for bios memory regions (Phil)

v2:
* Don't leak bios memory regions (Phil)
* Add compat machinery (Michael)

Testing done:
* `make check` with qemu-system-x86_64 (QEMU 8.2.2) installed. All tests
  including migration tests pass.
* `make check-avocado`

Best regards,
Bernhard

Bernhard Beschow (6):
  hw/i386/x86: Eliminate two if statements in x86_bios_rom_init()
  hw/i386: Have x86_bios_rom_init() take X86MachineState rather than
    MachineState
  hw/i386/x86: Don't leak "isa-bios" memory regions
  hw/i386/x86: Don't leak "pc.bios" memory region
  hw/i386/x86: Extract x86_isa_bios_init() from x86_bios_rom_init()
  hw/i386/pc_sysfw: Alias rather than copy isa-bios region

 include/hw/i386/pc.h  |  1 +
 include/hw/i386/x86.h | 17 +++++++++++++++-
 hw/i386/microvm.c     |  2 +-
 hw/i386/pc.c          |  1 +
 hw/i386/pc_piix.c     |  3 +++
 hw/i386/pc_q35.c      |  2 ++
 hw/i386/pc_sysfw.c    | 17 ++++++++++------
 hw/i386/x86.c         | 45 ++++++++++++++++++++++---------------------
 8 files changed, 58 insertions(+), 30 deletions(-)

-- 
2.45.0
Re: [PATCH v3 0/6] X86: Alias isa-bios area and clean up
Posted by Philippe Mathieu-Daudé 1 week, 4 days ago 
On 8/5/24 19:55, Bernhard Beschow wrote:

> v3:

> * Add comments for bios memory regions (Phil)

> Bernhard Beschow (6):
>    hw/i386/x86: Eliminate two if statements in x86_bios_rom_init()
>    hw/i386: Have x86_bios_rom_init() take X86MachineState rather than
>      MachineState
>    hw/i386/x86: Don't leak "isa-bios" memory regions
>    hw/i386/x86: Don't leak "pc.bios" memory region
>    hw/i386/x86: Extract x86_isa_bios_init() from x86_bios_rom_init()

Patches 1-5 queued, thanks.
Re: [PATCH v3 0/6] X86: Alias isa-bios area and clean up
Posted by BALATON Zoltan 1 week, 4 days ago 
On Wed, 8 May 2024, Bernhard Beschow wrote:
> This series changes the "isa-bios" MemoryRegion to be an alias rather than a
> copy in the pflash case. This fixes issuing pflash commands in the isa-bios
> region which matches real hardware and which some real-world legacy bioses I'm
> running rely on. Furthermore, aliasing in the isa-bios area is already the

I wonder if this allows the guest to flash the bios now, replacing or 
breaking it which may be a new security issue. If so this may need some 
machine property to enable it or is that not a problem in practice?

Regards,
BALATON Zoltan

> current behavior in the bios (a.k.a. ROM) case, so this series consolidates
> behavior.
>
> For migration compatibility the aliasing is only performed on new versions of
> the q34 and pc machine types.
>
> v3:
> * Amend commit message with a diff of `info mtree` (Phil)
> * Add comments for bios memory regions (Phil)
>
> v2:
> * Don't leak bios memory regions (Phil)
> * Add compat machinery (Michael)
>
> Testing done:
> * `make check` with qemu-system-x86_64 (QEMU 8.2.2) installed. All tests
>  including migration tests pass.
> * `make check-avocado`
>
> Best regards,
> Bernhard
>
> Bernhard Beschow (6):
>  hw/i386/x86: Eliminate two if statements in x86_bios_rom_init()
>  hw/i386: Have x86_bios_rom_init() take X86MachineState rather than
>    MachineState
>  hw/i386/x86: Don't leak "isa-bios" memory regions
>  hw/i386/x86: Don't leak "pc.bios" memory region
>  hw/i386/x86: Extract x86_isa_bios_init() from x86_bios_rom_init()
>  hw/i386/pc_sysfw: Alias rather than copy isa-bios region
>
> include/hw/i386/pc.h  |  1 +
> include/hw/i386/x86.h | 17 +++++++++++++++-
> hw/i386/microvm.c     |  2 +-
> hw/i386/pc.c          |  1 +
> hw/i386/pc_piix.c     |  3 +++
> hw/i386/pc_q35.c      |  2 ++
> hw/i386/pc_sysfw.c    | 17 ++++++++++------
> hw/i386/x86.c         | 45 ++++++++++++++++++++++---------------------
> 8 files changed, 58 insertions(+), 30 deletions(-)
>
> --
> 2.45.0
>
>
>
Re: [PATCH v3 0/6] X86: Alias isa-bios area and clean up
Posted by Bernhard Beschow 6 days, 10 hours ago 

Am 8. Mai 2024 20:39:28 UTC schrieb BALATON Zoltan <balaton@eik.bme.hu>:
>On Wed, 8 May 2024, Bernhard Beschow wrote:
>> This series changes the "isa-bios" MemoryRegion to be an alias rather than a
>> copy in the pflash case. This fixes issuing pflash commands in the isa-bios
>> region which matches real hardware and which some real-world legacy bioses I'm
>> running rely on. Furthermore, aliasing in the isa-bios area is already the
>
>I wonder if this allows the guest to flash the bios now, replacing or breaking it which may be a new security issue.

The bios can already be flashed, just from different addresses. This series just adds another alias region through which flashing will be possible. AFAICS it doesn't impose new security issues.

Ping... The last patch still needs an R-b, the other patches are already on master.

Best regards,
Bernhard

> If so this may need some machine property to enable it or is that not a problem in practice?
>
>Regards,
>BALATON Zoltan
>
>> current behavior in the bios (a.k.a. ROM) case, so this series consolidates
>> behavior.
>> 
>> For migration compatibility the aliasing is only performed on new versions of
>> the q34 and pc machine types.
>> 
>> v3:
>> * Amend commit message with a diff of `info mtree` (Phil)
>> * Add comments for bios memory regions (Phil)
>> 
>> v2:
>> * Don't leak bios memory regions (Phil)
>> * Add compat machinery (Michael)
>> 
>> Testing done:
>> * `make check` with qemu-system-x86_64 (QEMU 8.2.2) installed. All tests
>>  including migration tests pass.
>> * `make check-avocado`
>> 
>> Best regards,
>> Bernhard
>> 
>> Bernhard Beschow (6):
>>  hw/i386/x86: Eliminate two if statements in x86_bios_rom_init()
>>  hw/i386: Have x86_bios_rom_init() take X86MachineState rather than
>>    MachineState
>>  hw/i386/x86: Don't leak "isa-bios" memory regions
>>  hw/i386/x86: Don't leak "pc.bios" memory region
>>  hw/i386/x86: Extract x86_isa_bios_init() from x86_bios_rom_init()
>>  hw/i386/pc_sysfw: Alias rather than copy isa-bios region
>> 
>> include/hw/i386/pc.h  |  1 +
>> include/hw/i386/x86.h | 17 +++++++++++++++-
>> hw/i386/microvm.c     |  2 +-
>> hw/i386/pc.c          |  1 +
>> hw/i386/pc_piix.c     |  3 +++
>> hw/i386/pc_q35.c      |  2 ++
>> hw/i386/pc_sysfw.c    | 17 ++++++++++------
>> hw/i386/x86.c         | 45 ++++++++++++++++++++++---------------------
>> 8 files changed, 58 insertions(+), 30 deletions(-)
>> 
>> --
>> 2.45.0
>> 
>> 
>>

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.