From nobody Sat Apr 27 02:41:47 2024
Delivered-To: importer@patchew.org
Received-SPF: none (zoho.com: 80.81.252.135 is neither permitted nor denied by
 domain of seabios.org) client-ip=80.81.252.135;
 envelope-from=seabios-bounces@seabios.org; helo=mail.coreboot.org;
Authentication-Results: mx.zohomail.com;
	spf=none (zoho.com: 80.81.252.135 is neither permitted nor denied by domain
 of seabios.org)  smtp.mailfrom=seabios-bounces@seabios.org;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
Return-Path: <seabios-bounces@seabios.org>
Received: from mail.coreboot.org (mail.coreboot.org [80.81.252.135]) by
 mx.zohomail.com
	with SMTPS id 1543320687913932.5627383606941;
 Tue, 27 Nov 2018 04:11:27 -0800 (PST)
Received: from [127.0.0.1] (helo=ra.coreboot.org)
	by mail.coreboot.org with esmtp (Exim 4.88)
	(envelope-from <seabios-bounces@seabios.org>)
	id 1gRcBy-0004vf-O1; Tue, 27 Nov 2018 13:10:14 +0100
Received: from mx1.redhat.com ([209.132.183.28])
 by mail.coreboot.org with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
 (Exim 4.88) (envelope-from <kraxel@redhat.com>) id 1gRcBo-0004v5-72
 for seabios@seabios.org; Tue, 27 Nov 2018 13:10:12 +0100
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com
 [10.5.11.14])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id E3D1115552
 for <seabios@seabios.org>; Tue, 27 Nov 2018 12:10:42 +0000 (UTC)
Received: from sirius.home.kraxel.org (ovpn-116-59.ams2.redhat.com
 [10.36.116.59])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 931125DA9C;
 Tue, 27 Nov 2018 12:10:39 +0000 (UTC)
Received: by sirius.home.kraxel.org (Postfix, from userid 1000)
 id 7A2545DF0D; Tue, 27 Nov 2018 13:10:38 +0100 (CET)
From: Gerd Hoffmann <kraxel@redhat.com>
To: seabios@seabios.org
Date: Tue, 27 Nov 2018 13:10:38 +0100
Message-Id: <20181127121038.16482-1-kraxel@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.29]); Tue, 27 Nov 2018 12:10:43 +0000 (UTC)
X-Spam-Score: -6.0 (------)
Subject: [SeaBIOS] [PATCH] optionrom: disallow int19 redirect for pnp roms.
X-BeenThere: seabios@seabios.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SeaBIOS mailing list <seabios.seabios.org>
List-Unsubscribe: <https://mail.coreboot.org/mailman/options/seabios>,
 <mailto:seabios-request@seabios.org?subject=unsubscribe>
List-Archive: <http://mail.coreboot.org/pipermail/seabios/>
List-Post: <mailto:seabios@seabios.org>
List-Help: <mailto:seabios-request@seabios.org?subject=help>
List-Subscribe: <https://mail.coreboot.org/mailman/listinfo/seabios>,
 <mailto:seabios-request@seabios.org?subject=subscribe>
Cc: Gerd Hoffmann <kraxel@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Errors-To: seabios-bounces@seabios.org
Sender: "SeaBIOS" <seabios-bounces@seabios.org>
X-Duff: Orig. Duff, Duff Lite, Duff Dry, Duff Dark,
	Raspberry Duff, Lady Duff, Red Duff, Tartar Control Duff
Content-Type: text/plain; charset="utf-8"

Check whenever pnp roms attempt to redirect int19, and in case it does
log a message and undo the redirect.

A pnp rom should not need this, we have BEVs and BCVs for that.
Nevertheless there are roms in the wild which are redirecting int19.
At least some BIOS implementations for physical hardware have a config
option in the setup to allow/disallow int19 redirections, so just not
allowing this seems to be the way to deal with this situation.

Buglink: https://bugzilla.redhat.com//show_bug.cgi?id=3D1642135
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 src/optionroms.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/optionroms.c b/src/optionroms.c
index fc992f649f..4ec5504ca9 100644
--- a/src/optionroms.c
+++ b/src/optionroms.c
@@ -8,6 +8,7 @@
 #include "bregs.h" // struct bregs
 #include "config.h" // CONFIG_*
 #include "farptr.h" // FLATPTR_TO_SEG
+#include "biosvar.h" // GET_IVT
 #include "hw/pci.h" // pci_config_readl
 #include "hw/pcidevice.h" // foreachpci
 #include "hw/pci_ids.h" // PCI_CLASS_DISPLAY_VGA
@@ -136,9 +137,24 @@ init_optionrom(struct rom_header *rom, u16 bdf, int is=
vga)
=20
     tpm_option_rom(newrom, rom->size * 512);
=20
-    if (isvga || get_pnp_rom(newrom))
+    struct pnp_data *pnp =3D get_pnp_rom(newrom);
+    if (isvga || pnp) {
+        struct segoff_s old19, new19;
         // Only init vga and PnP roms here.
+        old19 =3D GET_IVT(0x19);
         callrom(newrom, bdf);
+        new19 =3D GET_IVT(0x19);
+        if (old19.seg !=3D new19.seg ||
+            old19.offset !=3D new19.offset) {
+            dprintf(1, "WARNING! rom tried to hijack int19 "
+                    "(vec %04x:%04x, pnp %s, bev %s, bvc %s)\n",
+                    new19.seg, new19.offset,
+                    pnp             ? "yes" : "no",
+                    pnp && pnp->bev ? "yes" : "no",
+                    pnp && pnp->bcv ? "yes" : "no");
+            SET_IVT(0x19, old19);
+        }
+    }
=20
     return rom_confirm(newrom->size * 512);
 }
--=20
2.9.3


_______________________________________________
SeaBIOS mailing list
SeaBIOS@seabios.org
https://mail.coreboot.org/mailman/listinfo/seabios