SeaBIOS Fork

This is basically some notes on my personal fork of SeaBIOS, along with explanations on certain design choices I made.

General information

Please keep in mind that this is my personal fork of SeaBIOS, and is not intended for other people to use.
Although, if you so choose to, I am not going to stop you ;)
Also, this SeaBIOS fork is both intended to, and has only been tested in use as a payload for Coreboot (QEMU x86_64, Thinkpad T460s).
If you are interested in either using this, or just want to see the commits/code, it is located here (clickable).

• Change 1 - Security through Obscurity

Now, before you even think it: Yes, I know security through obscurity is objectively a terrible method if done alone.
This change involves two subchanges, which are configurable rebranding and hiding the boot menu key respectively.


• Configurable Rebranding

All SeaBIOS branding can be changed at compile time using the precompiler to use custom branding strings defined in the configuration as to hide what the actual bootloader is. Eventually, I want to have this change to the extent that a theoretical attacker could pull the binary, pull every string from it, and find nothing that is identifiable as SeaBIOS.

• Hiding the boot menu key

When SeaBIOS reaches to the boot menu, a message is displayed to press a key (By default, ESC) to enter the boot menu. This change allows changing both the boot key and boot menu message from the configuration at compile time. This is not extremely helpful in it's current state, as it does not greatly increase security as a theoretical attacker could just spam every key on the keyboard until success. Although this could be changed in the future to potentially require a key combination instead (or even a password), greatly increasing the difficulty of booting potentially malicious boot media.




• Change 2 - Configurable Pre-Delay and the removal of the native bootsplash implementation

First, I removed SeaBIOS's native implementation for displaying a bootsplash image, as I could not get it to function.
I also figured that the less code running, the better.
Although, I still wanted a bootsplash, which leads me into my second point.
I added a configurable pre-delay that delays SeaBIOS's clearing of the framebuffer by a predetermined amount of milliseconds.
This allows a set amount of time for Coreboot's bootsplash implementation to display a boot image before displaying the boot manager. So, I removed SeaBIOS's native implementation for displaying a bootsplash image, as I could not get it to function (Probably due to my inability to get the original configuration method to work, as talked about in Change 4). Although, I still wanted a bootsplash, and Coreboot's native implementation worked really well. I also removed SeaBIOS's implementation to remove the possibility that at some point on some random firmware revision that it would just start working, and I would end up with two bootsplash sequences. Now, this introduces an issue: SeaBIOS doesn't have any method to play nicely with Coreboot's bootsplash. So to solve this, I have added a pre-delay option into SeaBIOS's configuration to allow the user to set a variable delay in milliseconds just before SeaBIOS clears the framebuffer, allowing time for Coreboot's bootsplash to display.




• Change 3 - TPM support removed

This might seem like a weird change, even more so considering that I live in a country that doesn't restrict the use of TPMs (Currently, anyway). Personally, I believe that all highly regarded secrets (Encryption keys, etc) should be held either solely in your brain, or physically written down in an encoded form. The TPM functionality in SeaBIOS contains a non-inconsequential amount of code, that while it probably doesn't contain exploits, I don't use it so I might as well remove it to lower the risk anyway.




• Change 4 - New configuration scheme

This is by far the largest change in this fork.
Instead of SeaBIOS being configured through a file-based scheme from CBFS, it is now configured in a header file before compilation.
I did this because personally I found configuring SeaBIOS to be extremely confusing, and I couldn't even get it to work properly.
The new configuration file is in src/rf_config.h.
Now, you might ask, why rf_config.h. Well, it's name comes from the previous functions used to fetch configuration values, which were romfile_*().