This page is about the "All Virtual All The Time" GSoC 2008 project. This project aims to create a modified Linux-As-Bootloader coreboot payload that contains a custom Linux kernel modified to include KVM support, uClibc, a custom busybox image, and whatever is needed to get KVM up and running in the ROM image. See this screenshot if you want to see it in action.
Prebuilt ROM image
I have prepared a pre-built image that you can use in qemu to see what's this all about without having to spend considerable time to compile it.
These are some copy/paste instructions that will fetch it and run it in qemu(yes, you should already have it installed):
wget http://panzer.utcluj.ro/~alien/coreboot/AVATT/BIOS/bios.bin -O /tmp/bios.bin wget http://panzer.utcluj.ro/~alien/coreboot/AVATT/BIOS/vgabios-cirrus.bin -O /tmp/vgabios-cirrus.bin qemu-system-x86_64 -L /tmp -hda /dev/null -m 768 -serial stdio
If your bandwidth allows, you can also get a disk image, extract it and pass it as the -hda parameter of qemu instead the /dev/null file so that you can mount it and try to run VMs of the CD ISO images present inside it. This won't work for now, see the "Current Status" section to find out why.
Building from scratch
First of all, you need a x86 Linux distribution with gcc > 4.2, since currently the build fails under x86-64 and gcc-3.x doesn't support some compiler flags we are using. Eventually this will get fixed in the future.
In order to build this stuff you need a modified version of buildrom that can be cloned from my git repo using this command:
git clone http://repo.or.cz/r/kvm-coreboot.git
You also need to have installed some of the prerequisites of buildrom. The slackware folks ;] may prefer to skip this and then fix by hand any encountered build failures by installing only the missing programs.
How to build
Just type make from within the buildrom directory and everything should get built.
(Optional step) If you wish to make some adjustments you may do it by running one of these commands, but normally you shouldn't need to do this:
make menuconfig (for buildrom) make kernel-config make uclibc-config make busybox-config
How to run the ROM image you just built
You should read the QEMU Build Tutorial and the QEMU pages to see how to run a BIOS image with qemu, but since this howto aims to be as short as possible, here you have just the minimum information you need to get it running ASAP
It's quite handy to have a symlink to "deploy/emulation-qemu-x86.rom" in your $HOME with the name bios.bin, and in the same directory you should have the Cirrus VGA BIOS ROM image. Here you have cut/paste commands for this scenario:
ln -s deploy/emulation-qemu-x86.rom ~/bios.bin wget http://panzer.utcluj.ro/~alien/coreboot/AVATT/BIOS/vgabios-cirrus.bin -O ~/vgabios-cirrus.bin
Then you must run qemu in 64bit mode so that we can get support for the SVM instructions, just like you run a prebuilt ROM image:
qemu-system-x86_64 -L ~ -hda /dev/null -m 768 -serial stdio
- The -m 768 parameter is mandatory, since otherwise the kernel will panic because I hardcoded the RAM size to 768M in coreboot. It was 128M before, and that proved to be too small. Sorry for those who have few MBs of RAM.
- The -serial parameter is good for those who have keyboard issues with the default SDL output of qemu, like arrow keys not working, etc. This way you can also use the terminal you used to launch qemu as a second console and here all the keys should work fine.
The contents of the ROM image
- Linux kernel version 18.104.22.168 with tiny patches and a custom config
- uClibc daily SVN snapshots with aio support added and a custom config - only the .so files are included in the ROM image
- zlib 1.2.3 - only the .so file is included
- ncurses 5.6 - the .so file and some other small necessary files are included
- kvm-74 with some small patches - the extra BIOSes, the nbd tool and the docs are missing
- busybox 1.1.3 with a custom config - NEEDS VERSION BUMP TO SOMETHING NEWER
- everything compiles fine on x86 but fails on x86-64. It was tested and should compile on the following Linux distributions:
- Ubuntu 8.04 & 8.10 alpha
- Debian Lenny
- kvm crashes due to Thread Local Store(TLS) implementation issues in uClibc.
Notes: Other tested distros that failed:
- Gentoo hardened failed because of a strange error, even after adding some stuff in uClibc's security section. I have no idea what could cause this:
Internal error convert_magic 00006000 != a5a5a5a5
The convert_magic error indicates that the assembler/linker didn't initialize struct image_params at the right place.
- Debian Etch fails to strip the kvm binary and yells two error messages just like this one:
BFD: /home/alien/kvm-coreboot/work/kvm/kvm-74/qemu/x86_64-softmmu/stExbwpM: The first section in the PT_DYNAMIC segment is not the .dynamic section
- make the kvm userspace tool not to crash anymore. A possible solution would be to fix the TLS issues from the version of uClibc we currently use (daily snapshots from their SVN tree). This could even mean porting the uClibc-nptl branch to x86 if both of the x86 linuxthreads branches prove to be too hard to fix.
- user-friendly tool that can create and run virtual machines.
- automatically starting the virtual machines at boot.
- get the network to work in qemu since it fails with both coreboot v2 and v3.
- integrate the virt-manager daemon inside the ROM image, if it and its dependencies fit the remaining free space. This needs network support to be really useful.
- fix compilation on x86_64 boxes by compiling everything in 64bit mode. We need a 64bit hardware anyway since the SVM instructions are available only on recent 64 bit boxes so this shouldn't matter too much, except for the some extra wasted ROM space caused by 64bit code.
- keep the versions as up-to-date as possible but also compatible with each other
If you find anything incomplete or wrong about this page please don't hesitate to fix it. If you can't, please drop me an email at cristi.magherusan NO@SPAM net.utcluj.ro and I'll do it myself.
You can also find me on IRC most of the time. My nick is "alien".
Thanks for passing by,
| I, the copyright holder of this work, hereby release it into the public domain. This applies worldwide.
In case this is not legally possible: