Difference between revisions of "QEMU"

From coreboot
Jump to: navigation, search
(Added notes about debugging coreboot with qemu)
m
 
Line 60: Line 60:
 
Replace '''/dev/zero''' above with a real QEMU disk image which has a '''/boot/grub/menu.lst''' on '''hda1''' to actually boot something.
 
Replace '''/dev/zero''' above with a real QEMU disk image which has a '''/boot/grub/menu.lst''' on '''hda1''' to actually boot something.
  
=== coreboot v3 + libpayload + coreinfo ===
+
=== coreboot + libpayload + coreinfo ===
  
 
[[Image:Coreinfo nvram.png|thumb|right|[[coreinfo]] NVRAM dump.]]
 
[[Image:Coreinfo nvram.png|thumb|right|[[coreinfo]] NVRAM dump.]]

Latest revision as of 10:04, 10 December 2012

You can easily try out coreboot using QEMU, without having to actually flash the BIOS chip on your real hardware.

Tutorials

Ready-made QEMU images

Below is a list of various downloadable QEMU images you can use to try out coreboot.

You need a patched version of vgabios-cirrus.zip for these images to work fine, the version in QEMU's CVS repository does not yet work. The image from Debian's QEMU package (/usr/share/qemu/vgabios-cirrus.bin) is already patched and works, too.

coreboot v2 + SeaBIOS

SeaBIOS payload.

SeaBIOS is an open-source legacy BIOS implementation which can be used as a coreboot payload. It implements the standard BIOS calling interfaces that a typical x86 proprietary BIOS implements.

The QEMU image uses coreboot v2 (r4917) and SeaBIOS (9eebe66a9978165cfa91f2266c97fa5d0aa6ef2e, 2009-11-04) with the following changes to the default src/config.h:

#define CONFIG_COREBOOT 1
#define CONFIG_DEBUG_SERIAL 1
#define CONFIG_COREBOOT_FLASH 1
#define CONFIG_OPTIONROMS_DEPLOYED 0
#define CONFIG_VGAHOOKS 1

Usage:

mkdir foo
cd foo
wget http://www.coreboot.org/images/6/6a/Qemu_coreboot_seabios.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_coreboot_seabios.zip
unzip Vgabios-cirrus.zip
mv qemu_coreboot_seabios.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

Replace /dev/zero above with a real QEMU disk image to actually boot something.

coreboot v3 + FILO

FILO payload.

FILO is a simple bootloader which can load (e.g.) Linux kernels from disk.

The QEMU image uses coreboot v3 (r672) and FILO (r45) with a certain configuration (for example: it's looking for /boot/grub/menu.lst on hda1).

mkdir foo
cd foo
wget http://www.coreboot.org/images/b/b9/Qemu_coreboot_filo.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_coreboot_filo.zip
unzip Vgabios-cirrus.zip
mv qemu_coreboot_filo.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

Replace /dev/zero above with a real QEMU disk image which has a /boot/grub/menu.lst on hda1 to actually boot something.

coreboot + libpayload + coreinfo

coreinfo NVRAM dump.

This is a small payload called coreinfo.

mkdir foo
cd foo
wget http://www.coreboot.org/images/0/06/Qemu_coreboot_coreinfo.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_coreboot_coreinfo.zip
unzip Vgabios-cirrus.zip
mv qemu_coreboot_coreinfo.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

coreboot v3 + invaders

GRUB invaders as payload.
mkdir foo
cd foo
wget http://www.coreboot.org/images/c/c8/Qemu_coreboot_invaders.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_coreboot_invaders.zip
unzip Vgabios-cirrus.zip
mv qemu_coreboot_invaders.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

coreboot v3 + libpayload + tint

tint as payload.

This is coreboot v3 (r656), libpayload (r3225), and tint 0.03b patched to be built against libpayload.

mkdir foo
cd foo
wget http://www.coreboot.org/images/6/62/Qemu_libpayload_tint.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_libpayload_tint.zip
unzip Vgabios-cirrus.zip
mv qemu_libpayload_tint.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

coreboot v3 + Memtest86

Memtest86 payload.

This is coreboot v3 (r656) and Memtest86 (3.4) with serial support enabled. The VGA display in QEMU is broken after a few seconds, this is a known issue, but we don't yet know what exactly the problem is.

mkdir foo
cd foo
wget http://www.coreboot.org/images/3/33/Qemu_coreboot_memtest.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_coreboot_memtest.zip
unzip Vgabios-cirrus.zip
mv qemu_coreboot_memtest.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

coreboot v3 + OpenBIOS

OpenBIOS payload.

This is coreboot v3 (r672) and OpenBIOS (r186).

mkdir foo
cd foo
wget http://www.coreboot.org/images/9/9d/Qemu_coreboot_openbios.zip
wget http://www.coreboot.org/images/0/0d/Vgabios-cirrus.zip
unzip Qemu_coreboot_openbios.zip
unzip Vgabios-cirrus.zip
mv qemu_coreboot_openbios.bin bios.bin
cd ..
qemu -L foo -hda /dev/zero -serial stdio

Debugging

You can use embedded gdbserver features inside qemu. For example to start gdbserver on localhost 1234 port you need add "-s" option. Also it's very useful add "-S" option to stop qemu at the start, so you can run booting process from gdb

qemu -L . -bios coreboot.rom -nographic -s -S

And then you can use gdb for debugging coreboot:

gdb> target remote localhost:1234
gdb> bt [some_address]
gdb> run
gdb> i r

For improve gdb output you can add this to ~/.gdbinit file:

set history save on
set disassembly-flavor intel
display/4i $pc

Also tracing option available in qemu "-d" You only need choose trace level: in_asm, exec, cpu, out_asm And qemu place tracing log at the /tmp/qemu.log

Public domain I, the copyright holder of this work, hereby release it into the public domain. This applies worldwide.

In case this is not legally possible:
I grant anyone the right to use this work for any purpose, without any conditions, unless such conditions are required by law.