[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to start an armv8 machine in EL3?
From: |
Alex Bennée |
Subject: |
Re: How to start an armv8 machine in EL3? |
Date: |
Wed, 03 Mar 2021 14:17:11 +0000 |
User-agent: |
mu4e 1.5.8; emacs 28.0.50 |
ckim@etri.re.kr writes:
> Hi Alex Bennée,
>
> Sorry, machine ab21q is just the copy of machine virt.
> I found the pflash.img contained all zero in the beginning so it cause
> invalid instruction trap.
> (thanks for the -d int,exec,in_asm option, I have to first learn more
> about the qemu usage than the internal.)
You can see the cpu state with -d cpu so I can see on my system it's
reported as:
PSTATE=400003cd -Z-- EL3h
> So I did 'cp test.bin pflash.img; truncate -s 67108864 pflash.img' to cut it
> to 64MB.
> (The test.bin was almost 67MB, I was confused by the small sized test.elf
> which was only 776KB).
> Now with the ' ${QEMU_DIR}/qemu-system-aarch64 -M virt -cpu cortex-a72
> -nographic -smp 1
> -m 2048 -drive if=pflash,file=pflash.img,format=raw,readonly=on -s -S'
> command,
> And after attaching gdb, I can see the original assembly code is being
> executed.
> But with this method, it still is in EL1 (I can see with 'mrs x8,
> currentel' shortly after the start),
Can you confirm it disagrees with the state -d cpu reports?
> And the 'msr sp_el1, x0' instruction causes trap to 0x200.
> Could you give me more advice on this?
> Thank you very much.
>
> Chan Kim
>
>> -----Original Message-----
>> From: Alex Bennée <alex.bennee@linaro.org>
>> Sent: Wednesday, March 3, 2021 9:01 PM
>> To: ckim@etri.re.kr
>> Cc: qemu-discuss@nongnu.org
>> Subject: Re: How to start an armv8 machine in EL3?
>>
>>
>> ckim@etri.re.kr writes:
>>
>> > Hello Alex Bennée,
>> >
>> > Thank you for the help!
>> > I didn't know "-kernel xxx.elf" method makes it start at EL1 by the
>> > loader stub, and doing "--machine virtualization=on" makes it start at
>> EL2. I checked these using gdb.
>> >
>> > And then I tested your suggestion :
>> > ${QEMU_DIR}/qemu-system-aarch64 -M ab21q -cpu cortex-a72 -nographic
>> > -smp 1 -m 2048 -drive
>> > if=pflash,file=${KER_DIR}/ab21s_test.bin,format=raw,readonly=on -s -S
>>
>> Hold on you've just switched from -M virt to -M ab21q? I don't even
>> recognise that model.
>>
>> > And it gave me :
>> > qemu-system-aarch64: device requires 67108864 bytes, block backend
>> > provides 776704 bytes
>> >
>> > Looks like the pflash device size is 64MB and my .bin file (which I made
>> with objcopy from .elf file) is not big enough to fill the device.
>> > I made the .bin file inside the pflash.img file by doing
>> > (https://xnand.netlify.app/2019/10/03/armv8-qemu-efi-aarch64.html )
>> >
>> > cp ${KER_DIR}/ab21s_test.bin pflash.img
>> > dd if=/dev/zero of=pflash.img bs=1c count=1 seek=67108863
>> >
>> > and tried
>> > ${QEMU_DIR}/qemu-system-aarch64 -M virt -cpu cortex-a72 -nographic
>> > -smp 1 -m 2048 -drive if=pflash,file=pflash.img,format=raw,readonly=on -
>> s -S To see how the code works, but it traps from the first instruction.
>>
>> Is it the instruction you expect? Try single stepping with gdbstub while
>> using -d int,exec,in_asm on your command line for more details.
>>
>> >
>> > Can you tell me what's wrong with my command? (BTW I made .bin file by
>> > aarch64-elf-objcopy -O binary test.elf test.bin )
>> >
>> > Again thanks for the kind explanation!
>> > Best regards,
>> >
>> > Chan Kim
>> >
>> >> -----Original Message-----
>> >> From: Alex Bennée <alex.bennee@linaro.org>
>> >> Sent: Wednesday, March 3, 2021 7:05 PM
>> >> To: ckim@etri.re.kr
>> >> Cc: qemu-discuss@nongnu.org
>> >> Subject: Re: How to start an armv8 machine in EL3?
>> >>
>> >>
>> >> ckim@etri.re.kr writes:
>> >>
>> >> > Hello all,
>> >> >
>> >> > I found out in a baremetal program I run for qemu aarch64 'virt'
>> >> > machine (cpu is cortex-a72),
>> >> >
>> >> > the "msr sp_el1, x0" instruction causes trap making PC jump to
>> >> > 0x200 which is the vector address for synchronous exception, from
>> >> > current EL while using SP_ELx (if the vector base address was 0,
>> which is the case).
>> >> >
>> >> > (Ref :
>> >> > https://developer.arm.com/documentation/102412/0100/The-vector-tabl
>> >> > es
>> >> > )
>> >> >
>> >> > When I read the 'EL' value by 'msr x8, currentel', x8 became '0x4'
>> >> > so it is
>> >> > EL1
>> >> > (https://community.arm.com/developer/ip-products/processors/f/corte
>> >> > x-a
>> >> > -forum
>> >> > /10303/armv8-a-currentel-register-definition)
>> >> >
>> >> > How come cortex-a72 machines started at EL1?
>> >>
>> >> Are you booting a kernel directly? In this case the kernel will boot
>> >> into
>> >> EL1 unless you specify -machine type=virt,virtualization=on in which
>> >> case it will boot into EL2 and allow the kernel to utilise the
>> >> virtualisation extensions.
>> >>
>> >> > And if I want to make the virtual machine start at EL3 (this
>> >> > baremetal code assumes it should be in EL3 after reset, and it runs
>> >> > ok in rtl sim.), what should I do?
>> >>
>> >> Generally as only firmware deals with EL3 you would have it running
>> >> on some sort of flash device which the model would boot to directly
>> >> in EL3 rather than running the stub loader we have for the kernel.
>> >> For example to load the EDK firmware you would have:
>> >>
>> >> -drive
>> >> if=pflash,file=/usr/share/AAVMF/AAVMF_CODE.fd,format=raw,readonly=on \
>> >> -drive
>> >> if=pflash,file=/home/alex/models/qemu-arm64-efivars,format=raw
>> >>
>> >> as part of your command line. You also need to enable secure mode in
>> >> the machine options (-machine type=virt,secure=on).
>> >>
>> >> >
>> >> > Thank you very much for reading.
>> >> >
>> >> > Chan Kim
>> >> >
>> >> >
>> >>
>> >>
>> >> --
>> >> Alex Bennée
>>
>>
>> --
>> Alex Bennée
--
Alex Bennée