From 8b220c0e9012168a4ce09e429cb8e8920b74d96f Mon Sep 17 00:00:00 2001
From: Laszlo Ersek <lersek@redhat.com>
Date: Thu, 19 Mar 2015 08:24:51 +0100
Subject: pc_sysfw: prevent pflash and/or mis-sized firmware for rhel6.x.0

Message-id: <1422371804-27044-2-git-send-email-lersek@redhat.com>
Patchwork-id: 63581
O-Subject: [RHEV-7.2 qemu-kvm-rhev PATCH 1/1] pc_sysfw: prevent pflash and/or mis-sized firmware for rhel6.x.0 machtypes
Bugzilla: 1175099
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Acked-by: Markus Armbruster <armbru@redhat.com>
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>

QE tried to boot OVMF on a rhel6.x.0 machine type. The shadow_bios()
migration hack that is in effect for those machine types is not compatible
with the OVMF image. An assert() in shadow_bios() catches it, but -- given
that OVMF has never been intended for rhel6.x.0 machine types -- QE has
rather requested us to deny such startups cleanly.

The first hunk prevents "-M rhel6.x.0 -bios ..." style invocations where
the BIOS image is not 128 KB in size. This was suggested by Paolo and it
prevents the case when someone passes an OVMF binary via -bios.

The second hunk prevents "-M rhel6.x.0 -pflash ...", since that
configuration (for boot firmware purposes or otherwise) was never
supported.

Downstream only.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>

diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 662d997..f342e4d 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -192,6 +192,13 @@ static void old_pc_system_rom_init(MemoryRegion *rom_memory, bool isapc_ram_fw)
         (bios_size % 65536) != 0) {
         goto bios_error;
     }
+    if (shadow_bios_after_incoming && bios_size != 128 * 1024) {
+        MachineClass *mc;
+
+        mc = MACHINE_GET_CLASS(current_machine);
+        error_report("machine %s only supports a 128KB BIOS image", mc->name);
+        exit(1);
+    }
     bios = g_malloc(sizeof(*bios));
     memory_region_init_ram(bios, NULL, "pc.bios", bios_size, &error_abort);
     vmstate_register_ram_global(bios);
@@ -240,6 +247,15 @@ void pc_system_firmware_init(MemoryRegion *rom_memory, bool isapc_ram_fw)
         return;
     }
 
+    if (shadow_bios_after_incoming) {
+        MachineClass *mc;
+
+        mc = MACHINE_GET_CLASS(current_machine);
+        error_report("flash-based firmware is not supported by machine %s",
+                     mc->name);
+        exit(1);
+    }
+
     if (kvm_enabled() && !kvm_readonly_mem_enabled()) {
         /* Older KVM cannot execute from device memory. So, flash memory
          * cannot be used unless the readonly memory kvm capability is present. */