goldenkrew3000/hojuix_org
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added current source code

Browse Source
This commit is contained in:
Goldenkrew3000
2026-04-17 14:52:23 +10:00
commit 5c9948162a
53 changed files with 993 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pages/project_seabios/index.html
+211
View File
@@ -0,0 +1,211 @@
<!doctype html>
<html>
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Hojuix</title>
<link
rel="stylesheet"
href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"
/>
<link rel="stylesheet" href="/style.css" />
<style>
p {
font-family: 'Courier New', monospace;
}
.contentBox {
/* Override padding to add more padding to the sides */
/* Was too close for comfort, kinda felt claustrophobic */
padding-left: 25px;
padding-right: 25px;
}
</style>
</head>
<body>
<div align="center">
<table class="mainBox" style="width: 95%">
<tbody>
<td class="innerBox">
<div class="contentBox">
<p align="center" style="font-size: 32px; color: CornflowerBlue;">
<u>SeaBIOS Fork</u>
</p><br>
<p style="font-size: 18px;">
This is basically some notes on my personal fork of SeaBIOS, along with explanations
on certain design choices I made.
</p><br>
<p style="font-size: 20px; color: MediumSlateBlue;">
<u>
General information
</u>
</p>
<p style="padding-left: 20px; padding-bottom: 10px; font-size: 18px;">
Please keep in mind that this is my personal fork of SeaBIOS, and is not intended
for other people to use.<br>
Although, if you so choose to, I am not going to stop you ;)<br>
Also, this SeaBIOS fork is both intended to, and has only been tested in use as
a payload for Coreboot (QEMU x86_64, Thinkpad T460s).<br>
If you are interested in either using this, or just want to see the commits/code,
it is located
<a href="https://github.com/goldenkrew3000/SeaBIOS" style="color: MediumPurple;">
here (clickable).
</a><br>
</p>
<ul style="padding-left: 20px">
<li style="color: MediumSlateBlue;"> <!-- Setting color here sets the point color -->
<p style="font-size: 20px; color: MediumSlateBlue;">
<u>
Change 1 - Security through Obscurity
</u>
</p>
</li>
<p style="padding-left: 20px; font-size: 18px;">
Now, before you even think it: Yes, I know security through obscurity is
objectively a terrible method if done alone.<br>
This change involves two subchanges, which are configurable rebranding
and hiding the boot menu key respectively.<br>
<ul>
<!-- list-style-type allows filled bullet while nested -->
<li style="color: MediumSlateBlue; list-style-type: disc;">
<p style="font-size: 18px; color: MediumSlateBlue;">
<u>
Configurable Rebranding
</u>
</p>
</li>
<p style="padding-left: 20px; font-size: 18px;">
All SeaBIOS branding can be changed at compile time using the precompiler
to use custom branding strings defined in the configuration as to hide
what the actual bootloader is. Eventually, I want to have this change to
the extent that a theoretical attacker could pull the binary, pull every
string from it, and find nothing that is identifiable as SeaBIOS.
</p>
<li style="color: MediumSlateBlue; list-style-type: disc;">
<p style="font-size: 18px; color: MediumSlateBlue;">
<u>
Hiding the boot menu key
</u>
</p>
</li>
<p style="padding-left: 20px; font-size: 18px;">
When SeaBIOS reaches to the boot menu, a message is displayed to press
a key (By default, ESC) to enter the boot menu. This change allows
changing both the boot key and boot menu message from the configuration
at compile time. This is not extremely helpful in it's current state, as it
does not greatly increase security as a theoretical attacker could just
spam every key on the keyboard until success. Although this could be
changed in the future to potentially require a key combination instead
(or even a password), greatly increasing the difficulty of booting
potentially malicious boot media.
</p>
</ul>
</p>
<br>
<li style="color: MediumSlateBlue;">
<p style="font-size: 20px; color: MediumSlateBlue;">
<u>
Change 2 - Configurable Pre-Delay and the removal of the native bootsplash
implementation
</u>
</p>
</li>
<p style="padding-left: 20px; font-size: 18px;">
First, I removed SeaBIOS's native implementation for displaying a bootsplash image,
as I could not get it to function.<br>
I also figured that the less code running, the better.<br>
Although, I still wanted a bootsplash, which leads me into my second point.<br>
I added a configurable pre-delay that delays SeaBIOS's clearing of the framebuffer
by a predetermined amount of milliseconds.<br>
This allows a set amount of time for Coreboot's bootsplash implementation to
display a boot image before displaying the boot manager.
So, I removed SeaBIOS's native implementation for displaying a bootsplash image,
as I could not get it to function (Probably due to my inability to get the
original configuration method to work, as talked about in Change 4). Although, I
still wanted a bootsplash, and Coreboot's native implementation worked really well.
I also removed SeaBIOS's implementation to remove the possibility that at some point
on some random firmware revision that it would just start working, and I would
end up with two bootsplash sequences.
Now, this introduces an issue: SeaBIOS doesn't have any method to play nicely
with Coreboot's bootsplash. So to solve this, I have added a pre-delay option
into SeaBIOS's configuration to allow the user to set a variable delay in
milliseconds just before SeaBIOS clears the framebuffer, allowing time for
Coreboot's bootsplash to display.
</p>
<br>
<li style="color: MediumSlateBlue;">
<p style="font-size: 20px; color: MediumSlateBlue;">
<u>
Change 3 - TPM support removed
</u>
</p>
</li>
<p style="padding-left: 20px; font-size: 18px;">
This might seem like a weird change, even more so considering that I live in
a country that doesn't restrict the use of TPMs (Currently, anyway).
Personally, I believe that all highly regarded secrets (Encryption keys, etc)
should be held either solely in your brain, or physically written down in
an encoded form. The TPM functionality in SeaBIOS contains a non-inconsequential
amount of code, that while it probably doesn't contain exploits, I don't use
it so I might as well remove it to lower the risk anyway.
</p>
<br>
<li style="color: MediumSlateBlue;">
<p style="font-size: 20px; color: MediumSlateBlue;">
<u>
Change 4 - New configuration scheme
</u>
</p>
</li>
<p style="padding-left: 20px; font-size: 18px;">
This is by far the largest change in this fork.<br>
Instead of SeaBIOS being configured through a file-based scheme from CBFS,
it is now configured in a header file before compilation.<br>
I did this because personally I found configuring SeaBIOS to be extremely
confusing, and I couldn't even get it to work properly.<br>
The new configuration file is in src/rf_config.h.<br>
Now, you might ask, why rf_config.h. Well, it's name comes from the previous
functions used to fetch configuration values, which were romfile_*().<br>
</p>
</ul>
</div>
</td>
</tbody>
</table>
<!-- Add some information on the bottom left and right outside the box -->
<div style="width: 95%">
<p align="left" style="display: inline-block; width: 33%">
Document version 1
</p>
<p align="center" style="display: inline-block; width: 33%">
Copyright (C) Goldenkrew3000 2026
</p>
<p align="right" style="display: inline-block; width: 33%">
Last edited 2026/02/21
</p>
</div>
</div>
</body>
</html>