Re: raspi3b - Device Tree (FDT) load address

[Alex Bennée]

Little Tree <littletreetrunk32@gmail.com> writes:

> Hi,
>
> I am using QEMU 6.2.0 for emulating Raspberry Pi 3B. I understand that in 
> QEMU, Raspberry Pi firmware
> (bootcode.bin,loader.bin, fixup.dat, startup.elf) emulation is not performed 
> at the boot time. 
>
> In real HW board, isn't firmware supposed to load the Flattened Device Tree 
> (FDT) to a designated physical
> address? Does this happen in QEMU? If so, may I know the FDT load address? I 
> couldn't find any authentic
> document describing to which address the DTB is loaded. In one Internet 
> source, I found that it is loaded at
> 0x100. Inspecting the memory address 0x100 through gdb indicates that FDT is 
> not loaded there (The
> memory inspection is performed shortly after the execution of the
> first assembly instruction).

The location of the DTB is not fixed in memory because it can move
depending on the size of the kernel image and how much RAM the board has.
There is a fixup done once this is all decided. See bootloader and
bootloader_aarch64 which are the bootloader stubs that run for a direct
kernel boot.

During arm_setup_direct_kernel_boot() once the location is figured out
fixupcontext is patched and then passed to write_bootloader() to place
it in memory at info->loader_start ready for boot. 

>
> This is the QEMU command line  used for booting. 
>
> $qemu-system-aarch64 -machine raspi3b -nographic -kernel myhypervisor.elf 
> -device
> loader,file=linux-5.10.155/arch/arm64/boot/Image,addr=0x90000

I can't see the dtb in your command line.

>
> 'myhypervisor.elf' is compiled to load at the address 0x80000. In my case, 
> raspi3b boots into EL3.
>
> Thanks a lot,
>   Little


-- 
Alex Bennée
Virtualisation Tech Lead @ Linaro