From nobody Wed Feb 4 03:53:39 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of seabios.org designates 78.46.105.101 as permitted sender) client-ip=78.46.105.101; envelope-from=seabios-bounces@seabios.org; helo=coreboot.org; Received-SPF: pass (zohomail.com: domain of seabios.org designates 78.46.105.101 as permitted sender) client-ip=78.46.105.101; envelope-from=seabios-bounces@seabios.org; helo=coreboot.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of seabios.org designates 78.46.105.101 as permitted sender) smtp.mailfrom=seabios-bounces@seabios.org; dmarc=pass(p=reject dis=none) header.from=seabios.org ARC-Seal: i=1; a=rsa-sha256; t=1767660572; cv=none; d=zohomail.com; s=zohoarc; b=L6ev2MyBekJvD/ujYqYjgHN+qn5xNHUPdYxh0sHlc+J2+vzZsRb5uOrXq340UUUI2iH+s6TmD4iCSKuhfZyYBdpm8IamtmmVWb0EsTDbzBL0+eJ3FUUKdLxMXiNeujGpNAwJ9lJ8CJGJhqxwPo6Dl0oWenYl2zJRr/dR9CM9M1A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1767660572; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:Subject:Subject:To:To:Message-Id; bh=F6Dysxqpk7zZHLuoU+WKeE6K87ZQdfE2g/NMi2CJzlg=; b=OgwsiFr5eCfPo4JWA5+T0zz76PTc1jn/+n/TCvv6ZLPhB1JEhCfq9FlKrGR0rLTG7XEqrGB4Nc1YMc6TbSjxJkJSXbAPFjjMmxsfFuynX4n3rV1TSJ4/31uCb8crS4UHahjGUqaApUg55OYjEkl3iShLByl6HLsCa8hfaJjtXZg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of seabios.org designates 78.46.105.101 as permitted sender) smtp.mailfrom=seabios-bounces@seabios.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from coreboot.org (mail.coreboot.org [78.46.105.101]) by mx.zohomail.com with SMTPS id 1767660572004862.1220487814765; Mon, 5 Jan 2026 16:49:32 -0800 (PST) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by coreboot.org (Postfix) with ESMTPA id 44CD2817DC; Tue, 6 Jan 2026 00:49:27 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) (pdx-out-014.esa.us-west-2.outbound.mail-perimeter.amazon.com [35.83.148.184]) by coreboot.org (Postfix) with ESMTP id 740B681782 for ; Tue, 6 Jan 2026 00:49:09 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) smtpout.naws.us-west-2.prod.farcaster.email.amazon.dev) ([10.5.0.115]) by internal-pdx-out-014.esa.us-west-2.outbound.mail-perimeter.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2026 00:49:04 +0000 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.11.111:2525] with esmtp (Farcaster) id 6b6c5d52-908b-4838-b430-df28f9718bdc; Tue, 6 Jan 2026 00:49:04 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) EX19MTAUWC002.ant.amazon.com (10.250.64.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.2562.35; Tue, 6 Jan 2026 00:49:04 +0000 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) EX19D020UWC004.ant.amazon.com (10.13.138.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.2562.35; Tue, 6 Jan 2026 00:49:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seabios.org; s=dkim; t=1767660567; h=from:from:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:list-id:list-owner:list-unsubscribe:list-subscribe:list-post; bh=F6Dysxqpk7zZHLuoU+WKeE6K87ZQdfE2g/NMi2CJzlg=; b=a5S4Qvzisb/idaKcADLjrurxf6OWObEM0q+NhtVMqMAuTBirWuKXSLAwuNfgE32mjyc0TJ A+E6l0KXTZl2ftPvPI0nsglZMRT0fooYViYQ2JKNYPDMRQPxmLHuhIsHvb56/JhKYWxs0h P4msBtvJMxXoMu9/eOyo3SZrurYI8Jc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazoncorp2; t=1767660549; x=1799196549; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=kS/ysGz6aXfdW4vjh6lZTLpIxAAOKn5aeYsRhWnHZzU=; b=XRZsbLW4p0GND+Smgg8VYLqTL6LAus3Nc67+J+GnnyyrTQfO9IThE0FT 9BbLdQTxDSlo4HnxG/OgeW+ZLRxRHUPqnmkf9j748QphqjQC3ZTKdoOwU N7cR3Apbak8J7JnPsKHQ5GmakKxhOAfnWsiK9tce4kyNDNDY3kWOODeBx +UhFUhhgi4XRfzFCYiI4da2it4WPWTRf1Lfgd9/ZfSETWWwTdsMAgX0ao iiAqr2iffSSqnCYG5rsp/4FHJWVDIAXVjf22Scod5RBvlUN2X2OpqC9TK 8+oRvJsfnIKTd2rrg93c/Or7MxjPHBpkeD6c46F5g4x/I22Fu6ZzyIktQ A==; X-CSE-ConnectionGUID: tOPZgAh2T6uw59UDfDJH8g== X-CSE-MsgGUID: SNjmp6oESiactmX7UxIHUA== X-IronPort-AV: E=Sophos;i="6.21,204,1763424000"; d="scan'208";a="10052765" X-Farcaster-Flow-ID: 6b6c5d52-908b-4838-b430-df28f9718bdc To: Date: Tue, 6 Jan 2026 00:49:01 +0000 Message-ID: <20260106004901.21059-1-graf@amazon.com> MIME-Version: 1.0 X-ClientProxiedBy: EX19D037UWB001.ant.amazon.com (10.13.138.123) To EX19D020UWC004.ant.amazon.com (10.13.138.149) Message-ID-Hash: FEWXNLZSBKNNTXJY5EE4M2JTTB6PXU4A X-Message-ID-Hash: FEWXNLZSBKNNTXJY5EE4M2JTTB6PXU4A X-MailFrom: prvs=4590e15f3=graf@amazon.de X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-seabios.seabios.org-0; header-match-seabios.seabios.org-1; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: nh-open-source@amazon.com X-Mailman-Version: 3.3.11b1 Precedence: list Subject: [SeaBIOS] [PATCH] boot: Add boot failure catch-all handler to prevent VM crashes List-Id: SeaBIOS mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Alexander Graf via SeaBIOS Reply-To: Alexander Graf Content-Transfer-Encoding: quoted-printable Authentication-Results: coreboot.org; auth=pass smtp.auth=mailman@coreboot.org smtp.mailfrom=seabios-bounces@seabios.org X-Spamd-Bar: / X-ZohoMail-DKIM: pass (identity @seabios.org) X-ZM-MESSAGEID: 1767660574086158500 Content-Type: text/plain; charset="utf-8" Implement catch-all mechanism to handle invalid boot loaders that execute random instructions and reach the VGA hole at 0xa0000, which would lead to VM crashes with KVM_INTERNAL_ERROR. When a BIOS boot loader gets corrupted, it can end up jumping across address space and execute stray code. The typical symptom of that is that it executes 0x0 (addw) instructions until the code reaches an MMIO region, such as the VGA window. When running in KVM, attempting to execute code from the MMIO window results in KVM_INTERNAL_ERROR exits which crash the VM. To prevent VM crashes before we reach such an MMIO window, introduce an internal int 0xf0 handler and call it at strategic locations that should never get executed in the first place. When we now have stray code executing, these int calls cause an emergency print of "BIOS failed to boot volume" and cleanly shut down the machine. This is a nicer experience for users as it prints out why their system broke and in addition it avoids KVM_INTERNAL_ERROR calls when a virtual machine attempts to execute from MMIO because of a broken boot loader. Signed-off-by: Alexander Graf --- src/boot.c | 36 ++++++++++++++++++++++++++++++++++++ src/post.c | 4 ++++ src/romlayout.S | 5 +++++ src/util.h | 1 + 4 files changed, 46 insertions(+) diff --git a/src/boot.c b/src/boot.c index 5c37dafd..39a4f9a7 100644 --- a/src/boot.c +++ b/src/boot.c @@ -1044,3 +1044,39 @@ handle_19(void) BootSequence =3D 0; do_boot(0); } + +// INT f0h Boot Failure Service Entry Point +void VISIBLE32FLAT +handle_f0(void) +{ + printf("\n\nBIOS failed to boot volume\n\n "); + + /* Try to shut down. Will busy loop on failure to shut down. */ + apm_shutdown(); +} + +static const u8 catchall[0x10] =3D { + 0xcd, // INT + 0xf0, // interrupt number 0xF0 + 0xeb, // JMP short + 0xfc, // -3 (jump back to INT) +}; + +static void +install_bootfail_catchall_one(u8 *catchall_addr) +{ + memcpy(catchall_addr, catchall, sizeof(catchall)); +} + +/* + * Install the catch-all code just before VGA hole at 0xa0000 and at the e= nd + * of the PMM zero region. + */ +void +install_bootfail_catchall(void) +{ + /* Install just before the VGA hole */ + install_bootfail_catchall_one((u8*)BUILD_LOWRAM_END - sizeof(catchall)= ); + /* and after the PMM zero region */ + install_bootfail_catchall_one((u8*)BUILD_EBDA_MINIMUM); +} diff --git a/src/post.c b/src/post.c index f93106a1..bdacbdb8 100644 --- a/src/post.c +++ b/src/post.c @@ -68,6 +68,9 @@ ivt_init(void) // set vector 0x79 to zero // this is used by 'gardian angel' protection system SET_IVT(0x79, SEGOFF(0, 0)); + + // Boot failure catch-all interrupt (INT 0xF0) + SET_IVT(0xf0, FUNC16(entry_f0)); } =20 static void @@ -115,6 +118,7 @@ interface_init(void) =20 // Other interfaces boot_init(); + install_bootfail_catchall(); bios32_init(); pmm_init(); pnp_init(); diff --git a/src/romlayout.S b/src/romlayout.S index c4a4635e..283a8f5a 100644 --- a/src/romlayout.S +++ b/src/romlayout.S @@ -684,6 +684,11 @@ entry_iret_official: ORG 0xff54 IRQ_ENTRY_ARG 05 =20 + // Boot failure catch-all interrupt handler (INT 0xF0) + .global entry_f0 +entry_f0: + ENTRY_INTO32 _cfunc32flat_handle_f0 + ORG 0xfff0 // Power-up Entry Point .global reset_vector reset_vector: diff --git a/src/util.h b/src/util.h index aff8e888..3c5d075c 100644 --- a/src/util.h +++ b/src/util.h @@ -47,6 +47,7 @@ int boot_lchs_find_scsi_device(struct pci_device *pci, in= t target, int lun, struct chs_s *chs); int boot_lchs_find_ata_device(struct pci_device *pci, int chanid, int slav= e, struct chs_s *chs); +void install_bootfail_catchall(void); =20 // bootsplash.c void enable_vga_console(void); --=20 2.47.1 Amazon Web Services Development Center Germany GmbH Tamara-Danz-Str. 13 10243 Berlin Geschaeftsfuehrung: Christof Hellmis, Andreas Stieger Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B Sitz: Berlin Ust-ID: DE 365 538 597 _______________________________________________ SeaBIOS mailing list -- seabios@seabios.org To unsubscribe send an email to seabios-leave@seabios.org