From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Quirin Gylstorff <quirin.gylstorff@siemens.com>,
Christian Storm <christian.storm@siemens.com>
Subject: [isar-cip-core][PATCH 12/12] start-qemu.sh: Add support for SWUpdate and secure boot mode to arm64
Date: Wed, 4 May 2022 21:46:00 +0200 [thread overview]
Message-ID: <7091df13d797c9ed013c8d189c9f1d888f384680.1651693560.git.jan.kiszka@siemens.com> (raw)
In-Reply-To: <cover.1651693560.git.jan.kiszka@siemens.com>
From: Jan Kiszka <jan.kiszka@siemens.com>
We just need to pick up the newly deployed firmware.bin as -bios,
analogously to the x86's OVMF, and switch to a disk image. A separate
key storage is not yet used, thus there is no difference between normal
and secure mode for arm64 so far.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
start-qemu.sh | 67 ++++++++++++++++++++++++++++++++-------------------
1 file changed, 42 insertions(+), 25 deletions(-)
diff --git a/start-qemu.sh b/start-qemu.sh
index fe08ebd..ad4fca5 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -45,7 +45,10 @@ if [ -z "${TARGET_IMAGE}" ];then
fi
fi
-case "$1" in
+arch="$1"
+shift 1
+
+case "${arch}" in
x86|x86_64|amd64)
DISTRO_ARCH=amd64
QEMU=qemu-system-x86_64
@@ -98,7 +101,7 @@ case "$1" in
usage
;;
*)
- echo "Unsupported architecture: $1"
+ echo "Unsupported architecture: ${arch}"
exit 1
;;
esac
@@ -107,40 +110,54 @@ IMAGE_PREFIX="$(dirname $0)/build/tmp/deploy/images/qemu-${DISTRO_ARCH}/${TARGET
if [ -z "${DISPLAY}" ]; then
QEMU_EXTRA_ARGS="${QEMU_EXTRA_ARGS} -nographic"
- case "$1" in
+ case "${arch}" in
x86|x86_64|amd64)
KERNEL_CMDLINE="${KERNEL_CMDLINE} console=ttyS0"
esac
fi
-shift 1
-
QEMU_COMMON_OPTIONS=" \
-m 1G \
-serial mon:stdio \
-netdev user,id=net,hostfwd=tcp:127.0.0.1:22222-:22 \
${QEMU_EXTRA_ARGS}"
-if [ -n "${SECURE_BOOT}" ]; then
- ovmf_code=${OVMF_CODE:-./build/tmp/deploy/images/qemu-amd64/OVMF/OVMF_CODE_4M.secboot.fd}
- ovmf_vars=${OVMF_VARS:-./build/tmp/deploy/images/qemu-amd64/OVMF/OVMF_VARS_4M.snakeoil.fd}
-
- ${QEMU_PATH}${QEMU} \
- -global ICH9-LPC.disable_s3=1 \
- -global isa-fdc.driveA= \
- -drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
- -drive if=pflash,format=raw,file=${ovmf_vars} \
- -drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw \
- ${QEMU_COMMON_OPTIONS} "$@"
-
-elif [ -n "${SWUPDATE_BOOT}" ]; then
- ovmf_code=${OVMF_CODE:-./build/tmp/deploy/images/qemu-amd64/OVMF/OVMF_CODE_4M.fd}
-
- ${QEMU_PATH}${QEMU} \
- -drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw \
- -drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
- ${QEMU_COMMON_OPTIONS} "$@"
-
+if [ -n "${SECURE_BOOT}${SWUPDATE_BOOT}" ]; then
+ case "${arch}" in
+ x86|x86_64|amd64)
+ if [ -n "${SECURE_BOOT}" ]; then
+ ovmf_code=${OVMF_CODE:-./build/tmp/deploy/images/qemu-amd64/OVMF/OVMF_CODE_4M.secboot.fd}
+ ovmf_vars=${OVMF_VARS:-./build/tmp/deploy/images/qemu-amd64/OVMF/OVMF_VARS_4M.snakeoil.fd}
+
+ ${QEMU_PATH}${QEMU} \
+ -global ICH9-LPC.disable_s3=1 \
+ -global isa-fdc.driveA= \
+ -drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
+ -drive if=pflash,format=raw,file=${ovmf_vars} \
+ -drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw \
+ ${QEMU_COMMON_OPTIONS} "$@"
+ else
+ ovmf_code=${OVMF_CODE:-./build/tmp/deploy/images/qemu-amd64/OVMF/OVMF_CODE_4M.fd}
+
+ ${QEMU_PATH}${QEMU} \
+ -drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw \
+ -drive if=pflash,format=raw,unit=0,readonly=on,file=${ovmf_code} \
+ ${QEMU_COMMON_OPTIONS} "$@"
+ fi
+ ;;
+ arm64|aarch64)
+ u_boot_bin=${FIRMWARE_BIN:-./build/tmp/deploy/images/qemu-arm64/firmware.bin}
+
+ ${QEMU_PATH}${QEMU} \
+ -drive file=${IMAGE_PREFIX}.wic.img,discard=unmap,if=none,id=disk,format=raw \
+ -bios ${u_boot_bin} \
+ ${QEMU_COMMON_OPTIONS} "$@"
+ ;;
+ *)
+ echo "Unsupported architecture: ${arch}"
+ exit 1
+ ;;
+ esac
else
IMAGE_FILE=$(ls ${IMAGE_PREFIX}.ext4.img)
--
2.34.1
prev parent reply other threads:[~2022-05-04 19:46 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-04 19:45 [isar-cip-core][PATCH 00/12] Fixes and improvements for SWUpdate images, kernel/config update Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 01/12] initramfs-etc-overlay-hook: Improve error reporting of script Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 02/12] initramfs-etc-overlay-hook: Install overlay module Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 03/12] initramfs-abrootfs-hook: Remove obsolete patch Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 04/12] Rework secure boot key handling and signing recipes Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 05/12] linux-cip: Update cip-kernel-config for QEMU and ipc227e Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 06/12] linux-cip: Update to 4.19.239-cip72 and 5.10.112-cip6 Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 07/12] efibootguard: Update to 0.11 release Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 08/12] efibootguard: Use new unified kernel image generation Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 09/12] efibootguard: Add support for embedding DTBs into unified kernel images Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 10/12] u-boot-qemu-arm64: Add recipe for customized version based on 2022.04 Jan Kiszka
2022-05-04 19:45 ` [isar-cip-core][PATCH 11/12] Enable SWUpdate with and w/o secure boot for QEMU arm64 Jan Kiszka
2022-05-04 19:46 ` Jan Kiszka [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7091df13d797c9ed013c8d189c9f1d888f384680.1651693560.git.jan.kiszka@siemens.com \
--to=jan.kiszka@siemens.com \
--cc=christian.storm@siemens.com \
--cc=cip-dev@lists.cip-project.org \
--cc=quirin.gylstorff@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.