From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:59551)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanb@linux.vnet.ibm.com>) id 1QNRrs-00042x-JX
	for qemu-devel@nongnu.org; Fri, 20 May 2011 11:44:01 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanb@linux.vnet.ibm.com>) id 1QNRrr-0000A9-LJ
	for qemu-devel@nongnu.org; Fri, 20 May 2011 11:44:00 -0400
Received: from e6.ny.us.ibm.com ([32.97.182.146]:47329)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanb@linux.vnet.ibm.com>) id 1QNRrr-0000A3-J6
	for qemu-devel@nongnu.org; Fri, 20 May 2011 11:43:59 -0400
Received: from d01relay04.pok.ibm.com (d01relay04.pok.ibm.com [9.56.227.236])
	by e6.ny.us.ibm.com (8.14.4/8.13.1) with ESMTP id p4KFJmYs028033
	for <qemu-devel@nongnu.org>; Fri, 20 May 2011 11:19:48 -0400
Received: from d03av02.boulder.ibm.com (d03av02.boulder.ibm.com [9.17.195.168])
	by d01relay04.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	p4KFhwHW046704
	for <qemu-devel@nongnu.org>; Fri, 20 May 2011 11:43:58 -0400
Received: from d03av02.boulder.ibm.com (loopback [127.0.0.1])
	by d03av02.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP
	id p4K9gfp9013131
	for <qemu-devel@nongnu.org>; Fri, 20 May 2011 03:42:43 -0600
Message-Id: <20110520154306.332177486@linux.vnet.ibm.com>
Date: Fri, 20 May 2011 11:42:52 -0400
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
References: <20110520154240.279198011@linux.vnet.ibm.com>
Content-Disposition: inline; filename=qemu_tpm_paravirt.diff
Subject: [Qemu-devel] [PATCH V5 12/12] Experimental support for taking
	measurements when kernel etc. are passed to Qemu
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: stefanb@linux.vnet.ibm.com, qemu-devel@nongnu.org
Cc: anbang.ruan@cs.ox.ac.uk, andreas.niederl@iaik.tugraz.at, serge@hallyn.com

This really is just for experimental purposes since there are problems
when doing something similar with a multiboot kernel.

This patch addresses the case where the user provides the kernel, initrd
and kernel command line via command line parameters to Qemu. To avoid
incorrect measurements by SeaBIOS, the setup part of the kernel needs
to be treated separately.

For SeaBIOS to be able to measure the kernel whose measurement corresponds
to the 'sha1sum <kernel file>' we need to preserve the setup part of the
kernel. Since Qemu modifies it, we store a copy of the original setup
and later retrieve it in SeaBIOS's and concat the setup and rest of the kernel
to get the correct measurement.

An alternative would be to measure the files in Qemu and make the measurements
available to SeaBIOS. This would introduce a dependency of Qemu on a sha1
algorithm.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

---
 hw/fw_cfg.h |    1 +
 hw/pc.c     |    8 +++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

Index: qemu-git/hw/fw_cfg.h
===================================================================
--- qemu-git.orig/hw/fw_cfg.h
+++ qemu-git/hw/fw_cfg.h
@@ -27,6 +27,7 @@
 #define FW_CFG_SETUP_SIZE       0x17
 #define FW_CFG_SETUP_DATA       0x18
 #define FW_CFG_FILE_DIR         0x19
+#define FW_CFG_SETUP_ORIG_DATA  0x1a
 
 #define FW_CFG_FILE_FIRST       0x20
 #define FW_CFG_FILE_SLOTS       0x10
Index: qemu-git/hw/pc.c
===================================================================
--- qemu-git.orig/hw/pc.c
+++ qemu-git/hw/pc.c
@@ -659,7 +659,7 @@ static void load_linux(void *fw_cfg,
     uint16_t protocol;
     int setup_size, kernel_size, initrd_size = 0, cmdline_size;
     uint32_t initrd_max;
-    uint8_t header[8192], *setup, *kernel, *initrd_data;
+    uint8_t header[8192], *setup, *kernel, *initrd_data, *setup_orig;
     target_phys_addr_t real_addr, prot_addr, cmdline_addr, initrd_addr = 0;
     FILE *f;
     char *vmode;
@@ -807,6 +807,7 @@ static void load_linux(void *fw_cfg,
     kernel_size -= setup_size;
 
     setup  = qemu_malloc(setup_size);
+    setup_orig = qemu_malloc(setup_size);
     kernel = qemu_malloc(kernel_size);
     fseek(f, 0, SEEK_SET);
     if (fread(setup, 1, setup_size, f) != setup_size) {
@@ -818,6 +819,9 @@ static void load_linux(void *fw_cfg,
         exit(1);
     }
     fclose(f);
+
+    memcpy(setup_orig, setup, setup_size);
+
     memcpy(setup, header, MIN(sizeof(header), setup_size));
 
     fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, prot_addr);
@@ -828,6 +832,8 @@ static void load_linux(void *fw_cfg,
     fw_cfg_add_i32(fw_cfg, FW_CFG_SETUP_SIZE, setup_size);
     fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_DATA, setup, setup_size);
 
+    fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_ORIG_DATA, setup_orig, setup_size);
+
     option_rom[nb_option_roms].name = "linuxboot.bin";
     option_rom[nb_option_roms].bootindex = 0;
     nb_option_roms++;