[coreboot] coreboot runs in linux userspace

[Rudolf Marek]

Hi all,

I had this long in mind, now it works, coreboot can be run as Linux process and 
IO is done through a serialICE. This is handy for debugging and valgrinding, or 
maybe handy for zillions of other reasons.

How it works:

ruik at ruik:~/coreboot$ gdb ./build/cbfs/fallback/coreboot_ram.elf
(gdb) run
Starting program: /home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf
POST: 0x80
IO WRITE: [00000080] 00000080 size 1
SerialICE not ready yet (ignoring)
POST: 0x39
IO WRITE: [00000080] 00000039 size 1
SerialICE not ready yet (ignoring)
coreboot-4.0-2408-gad422c0-dirty Tue Jun  5 00:04:52 CEST 2012 booting...
POST: 0x40
IO WRITE: [00000080] 00000040 size 1
SerialICE not ready yet (ignoring)
Enumerating buses...
Show all devs...Before device enumeration.
Root Device: enabled 1
PCI_DOMAIN: 0000: enabled 1

....

Or when it crashes:

Root Device init
APIC_CLUSTER: 0 init
MSR WRITE: [0000001b] 00000000fee00900
MSR READ: [0000001b] 00000000fee00900
MEM READ: [fee00020] 00000000 size 4
==13541== Invalid read of size 1
==13541==    at 0x106C0E: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x10991B: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x10AD0B: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x10BA3F: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x10C232: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x106F99: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x10003D: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==    by 0x127347: ??? (in 
/home/ruik/coreboot/build/cbfs/fallback/coreboot_ram.elf)
==13541==  Address 0xa000 is not stack'd, malloc'd or (recently) free'd
==13541==
==13541==
==13541== Process terminating with default action of signal 11 (SIGSEGV)
==13541==  Access not within mapped region at address 0xA000


Please note that valgrind is confused with our debug symbols, but gdb works fine.

In general, the real coreboot jumps to hacked version of serial ICE and waits.
The userspace program is run as any process and hacked version serialICE host 
from qemu talks normally to linux kernel (this is done via custom 0x80 calls)

no libc is used, even the memory layout is same. The only memory mapped is what 
ELF has and also highmem/lowmem bits (check ulinux_mmap calls).

It is still very experimental but works fine. I put together quickly some 
patches which may be found here:

emote: New Changes:
remote:   http://review.coreboot.org/1089
remote:   http://review.coreboot.org/1090
remote:   http://review.coreboot.org/1091
remote:   http://review.coreboot.org/1092
remote:   http://review.coreboot.org/1093
remote:   http://review.coreboot.org/1094
remote:   http://review.coreboot.org/1095
remote:   http://review.coreboot.org/1096
remote:   http://review.coreboot.org/1097

Thanks
Rudolf