From nobody Tue Aug 22 05:49:20 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RVJM44xcsz4qNVR;
	Tue, 22 Aug 2023 05:49:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RVJM44RVPz4StM;
	Tue, 22 Aug 2023 05:49:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1692683360;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kUK9uWeewmc662GxJtfHb37VStQrm0+r6/tBmnAWuCc=;
	b=x0B74FmA65G2fqIc28cuiTzAu8Gb0i+mfmnabkK5BStoSS14ci8VdIpKq7W2Of77be7f/R
	G7hHI3fatRmxivdygLViW/IzvZWncJR6rnEAfriv41ydS3mQcQCGhzjK6kCo8/nWmqz3Mh
	0Iwl+96TtSZgPHku77sI4WWxRLHAwRXximqDVAP/txqVYKxssa2kqnNe8uXeGIQJAeXTC4
	7j2kzYmEQvsdsZ/x6inQj0YrfN2Hb48gMgDBT/8W8zYh/+AK25ZgzSl2NShF+urCbr1XpK
	rzS0+Tvae6cyvuLiKCe7PRJ7rUHU+mabUOIAlu+Csh+GvymaY5PVg7P62apcnA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1692683360;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kUK9uWeewmc662GxJtfHb37VStQrm0+r6/tBmnAWuCc=;
	b=K5wvonGzikmk0c+85vadt4mSYgUn8643PIxF90k6YZd81XDOTP8Q8jn04Kr87lykfEbToF
	wiJu/+TWFsZJjeSQloRMRC7L7sdq1Ns5qLUc7diHKiiSuAm4+1gAPegHwVGy67glsV//uW
	a2rD1mvXwR5ad0n74GLg0lTLPawqUaPX9Qdlf81auBmLzqBhhGgpxApbofrNC65KG7P5du
	Ak8StXyGbXhtxzxkxXssd7ts0y3YrdcM85tTcNDcUF/MNSu6whXnJH2XgxPYuSEyqsnFji
	QUb4qgAK8gD4XceuHT0Wvwyy+zyNbdy73jiEFQxc9LOwhYPHQkVZY495IiGHMg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1692683360; a=rsa-sha256; cv=none;
	b=lAnmJegp3sWIfxUpiQGXDCVjQqmvj4lP3FU+LjF2C8s73AxpW2hRTf2pSbkppUwzy9ljc1
	XtP0N9XjhxQzf7OeBZGE9fK4ejNUMDnh83vJ4KOEbJZ5GF7SMTekq5v4J1YhyUM8mxuW47
	IDEkR4Y2tACqsxAsKg5FvBFRtVpy7w/nneQElsBuEg0Bzo8qZP3agLtrObVw+Accizij6T
	CYeTya4xgXVemfmLeyiLHAzRHRakwf6TfAh8jQO4mWcJ7SvDZmnG3ntEs76LA9P7mEAPMi
	QNZeLJfF1aSz/snzGrcKMwYUFUCwcAddgfyAEqRc5BJCZeYlMt5O+z4eP6DjmQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RVJM43B4NzrJy;
	Tue, 22 Aug 2023 05:49:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 37M5nKpM058853;
	Tue, 22 Aug 2023 05:49:20 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 37M5nKMg058850;
	Tue, 22 Aug 2023 05:49:20 GMT
	(envelope-from git)
Date: Tue, 22 Aug 2023 05:49:20 GMT
Message-Id: <202308220549.37M5nKMg058850@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Corvin =?utf-8?Q?K=C3=B6hne?= <corvink@FreeBSD.org>
Subject: git: 6f7e9779fcb1 - main - bhyve: add config option to
  load ACPI tables into memory
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: corvink
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 6f7e9779fcb196e2d66720e1b97de89b69677208
Auto-Submitted: auto-generated

The branch main has been updated by corvink:

URL: https://cgit.FreeBSD.org/src/commit/?id=6f7e9779fcb196e2d66720e1b97de89b69677208

commit 6f7e9779fcb196e2d66720e1b97de89b69677208
Author:     Corvin Köhne <corvink@FreeBSD.org>
AuthorDate: 2022-07-27 12:47:54 +0000
Commit:     Corvin Köhne <corvink@FreeBSD.org>
CommitDate: 2023-08-22 05:49:00 +0000

    bhyve: add config option to load ACPI tables into memory
    
    For backward compatibility, the ACPI tables are loaded into the guest
    memory. Windows scans the memory, finds the ACPI tables and uses them.
    It ignores the ACPI tables provided by the UEFI. We are patching the
    ACPI tables in the guest memory, so that's mostly fine. However, Windows
    will break when the ACPI tables become to large or when we add entries
    which can't be patched by bhyve. One example of an unpatchable entry, is
    a TPM log. The TPM log has to be allocated by the guest firmware. As the
    address of the TPM log is unpredictable, bhyve can't assign it in the
    memory version of the ACPI tables. Additionally, this makes it
    impossible for bhyve to calculate a correct checksum of the table.
    
    By default ACPI tables are still loaded into guest memory for backward
    compatibility. The new acpi_tables_in_memory config value can be set to
    false to avoid this behaviour.
    
    Reviewed by:            markj
    MFC after:              1 week
    Sponsored by:           Beckhoff Automation GmbH & Co. KG
    Differential Revision:  https://reviews.freebsd.org/D39979
---
 usr.sbin/bhyve/basl.c         | 53 +++++++++++++++++++++++++++++++------------
 usr.sbin/bhyve/bhyve_config.5 |  7 ++++++
 usr.sbin/bhyve/bhyverun.c     |  1 +
 3 files changed, 46 insertions(+), 15 deletions(-)

diff --git a/usr.sbin/bhyve/basl.c b/usr.sbin/bhyve/basl.c
index 8a4f2c4f311e..c20a52571937 100644
--- a/usr.sbin/bhyve/basl.c
+++ b/usr.sbin/bhyve/basl.c
@@ -20,6 +20,7 @@
 #include <vmmapi.h>
 
 #include "basl.h"
+#include "config.h"
 #include "qemu_loader.h"
 
 struct basl_table_checksum {
@@ -60,6 +61,7 @@ static STAILQ_HEAD(basl_table_list, basl_table) basl_tables = STAILQ_HEAD_INITIA
 static struct qemu_loader *basl_loader;
 static struct basl_table *rsdt;
 static struct basl_table *xsdt;
+static bool load_into_memory;
 
 static __inline uint64_t
 basl_le_dec(void *pp, size_t len)
@@ -153,6 +155,16 @@ basl_finish_install_guest_tables(struct basl_table *const table, uint32_t *const
 		return (EFAULT);
 	}
 
+	/* Cause guest BIOS to copy the ACPI table into guest memory. */
+	BASL_EXEC(
+	    qemu_fwcfg_add_file(table->fwcfg_name, table->len, table->data));
+	BASL_EXEC(qemu_loader_alloc(basl_loader, table->fwcfg_name,
+	    table->alignment, QEMU_LOADER_ALLOC_HIGH));
+
+	if (!load_into_memory) {
+		return (0);
+	}
+
 	/*
 	 * Install ACPI tables directly in guest memory for use by guests which
 	 * do not boot via EFI. EFI ROMs provide a pointer to the firmware
@@ -168,12 +180,6 @@ basl_finish_install_guest_tables(struct basl_table *const table, uint32_t *const
 	}
 	memcpy(gva, table->data, table->len);
 
-	/* Cause guest bios to copy the ACPI table into guest memory. */
-	BASL_EXEC(
-	    qemu_fwcfg_add_file(table->fwcfg_name, table->len, table->data));
-	BASL_EXEC(qemu_loader_alloc(basl_loader, table->fwcfg_name,
-	    table->alignment, QEMU_LOADER_ALLOC_HIGH));
-
 	return (0);
 }
 
@@ -197,6 +203,14 @@ basl_finish_patch_checksums(struct basl_table *const table)
 		assert(checksum->start < table->len);
 		assert(checksum->start + len <= table->len);
 
+		/* Cause guest BIOS to patch the checksum. */
+		BASL_EXEC(qemu_loader_add_checksum(basl_loader,
+		    table->fwcfg_name, checksum->off, checksum->start, len));
+
+		if (!load_into_memory) {
+			continue;
+		}
+
 		/*
 		 * Install ACPI tables directly in guest memory for use by
 		 * guests which do not boot via EFI. EFI ROMs provide a pointer
@@ -230,10 +244,6 @@ basl_finish_patch_checksums(struct basl_table *const table)
 			sum += *(gva + i);
 		}
 		*checksum_gva = -sum;
-
-		/* Cause guest bios to patch the checksum. */
-		BASL_EXEC(qemu_loader_add_checksum(basl_loader,
-		    table->fwcfg_name, checksum->off, checksum->start, len));
 	}
 
 	return (0);
@@ -278,6 +288,15 @@ basl_finish_patch_pointers(struct basl_table *const table)
 			return (EFAULT);
 		}
 
+		/* Cause guest BIOS to patch the pointer. */
+		BASL_EXEC(
+		    qemu_loader_add_pointer(basl_loader, table->fwcfg_name,
+			src_table->fwcfg_name, pointer->off, pointer->size));
+
+		if (!load_into_memory) {
+			continue;
+		}
+
 		/*
 		 * Install ACPI tables directly in guest memory for use by
 		 * guests which do not boot via EFI. EFI ROMs provide a pointer
@@ -301,11 +320,6 @@ basl_finish_patch_pointers(struct basl_table *const table)
 		val = basl_le_dec(gva + pointer->off, pointer->size);
 		val += BHYVE_ACPI_BASE + src_table->off;
 		basl_le_enc(gva + pointer->off, val, pointer->size);
-
-		/* Cause guest bios to patch the pointer. */
-		BASL_EXEC(
-		    qemu_loader_add_pointer(basl_loader, table->fwcfg_name,
-			src_table->fwcfg_name, pointer->off, pointer->size));
 	}
 
 	return (0);
@@ -338,6 +352,15 @@ basl_finish(void)
 		return (EINVAL);
 	}
 
+	/*
+	 * If we install ACPI tables by FwCfg and by memory, Windows will use
+	 * the tables from memory. This can cause issues when using advanced
+	 * features like a TPM log because we aren't able to patch the memory
+	 * tables accordingly.
+	 */
+	load_into_memory = get_config_bool_default("acpi_tables_in_memory",
+	    true);
+
 	/*
 	 * We have to install all tables before we can patch them. Therefore,
 	 * use two loops. The first one installs all tables and the second one
diff --git a/usr.sbin/bhyve/bhyve_config.5 b/usr.sbin/bhyve/bhyve_config.5
index d074d4503894..6904ad096c0d 100644
--- a/usr.sbin/bhyve/bhyve_config.5
+++ b/usr.sbin/bhyve/bhyve_config.5
@@ -122,6 +122,13 @@ The value must be formatted as described in
 Wire guest memory.
 .It Va acpi_tables Ta bool Ta false Ta
 Generate ACPI tables.
+.It Va acpi_tables_in_memory Ta bool Ta true Ta
+.Xr bhyve 8
+always exposes ACPI tables by FwCfg.
+For backward compatibility bhyve copies them into the guest memory as well.
+This can cause problems if the guest uses the in-memory version, since certain
+advanced features, such as TPM emulation, are exposed only via FwCfg.
+Therefore, it is recommended to set this flag to false when running Windows guests.
 .It Va destroy_on_poweroff Ta bool Ta false Ta
 Destroy the VM on guest-initiated power-off.
 .It Va gdb.address Ta string Ta localhost Ta
diff --git a/usr.sbin/bhyve/bhyverun.c b/usr.sbin/bhyve/bhyverun.c
index 3d32bfd35408..3db796c65a28 100644
--- a/usr.sbin/bhyve/bhyverun.c
+++ b/usr.sbin/bhyve/bhyverun.c
@@ -1202,6 +1202,7 @@ set_defaults(void)
 {
 
 	set_config_bool("acpi_tables", false);
+	set_config_bool("acpi_tables_in_memory", true);
 	set_config_value("memory.size", "256M");
 	set_config_bool("x86.strictmsr", true);
 	set_config_value("lpc.fwcfg", "bhyve");