...
Repo: https://gitlab.arm.com/linux-arm/linux-cca cca-full/rmm-v1.0-eac5v2
Build:
| Code Block |
|---|
make CROSS_COMPILE=aarch64-linux-gnu- ARCH=arm64 defconfig make CROSS_COMPILE=aarch64-linux-gnu- ARCH=arm64 -j8 |
...
Repo: for now https://git.codelinaro.org/linaro/dcap/qemu branch rmm-v1.0-eac5cca/v2
Build:
| Code Block |
|---|
# Although it is buildroot that builds the VMM from this source directory, # the following is needed to first download all the submodules ./configure --target-list=aarch64-softmmu |
...
| Code Block |
|---|
qemu-system-aarch64 -M virt,virtualization=on,secure=on,gic-version=3
-M acpi=off -cpu max,x-rme=on -m 8G -smp 8
-nographic
-bios tftrusted-firmware-a/flash.bin
-kernel linux-cca/arch/arm64/boot/Image
-drive format=raw,if=none,file=buildroot/output/images/rootfs.ext4,id=hd0
-device virtio-blk-pci,drive=hd0
# The following parameters allow to use separate consoles for Firmware (port 54320),
# Secure payload (54321), host (54322) and guest (54323).
-nodefaults
-serial tcp:localhost:54320
-serial tcp:localhost:54321
-chardev socket,mux=on,id=hvc0,port=54322,host=localhost
-device virtio-serial-device
-device virtconsole,chardev=hvc0
-chardev socket,mux=on,id=hvc1,port=54323,host=localhost
-device virtio-serial-device
-device virtconsole,chardev=hvc1
-append "root=/dev/vda console=hvc0"
-device virtio-net-pci,netdev=net0 -netdev user,id=net0
# This shares the current directory with the host, providing the files needed
# to launch the guest.
-device virtio-9p-device,fsdev=shr0,mount_tag=shr0
-fsdev local,security_model=none,path=.,id=shr0 |
...
| Code Block | ||
|---|---|---|
| ||
#!/bin/sh
USE_VIRTCONSOLE=true
USE_EDK2=false
USE_INITRD=true
DIRECT_KERNEL_BOOT=true
USE_OPTEE_BUILD=true
VM_MEMORY=512M
if $USE_OPTEE_BUILD; then
KERNEL=/mnt/out/bin/Image
INITRD=/mnt/out-br/images/rootfs.cpio
EDK2=TODO
DISK=TODO
else
# Manual method:
KERNEL=/mnt/linux-cca/arch/arm64/boot/Image
INITRD=/mnt/buildroot/output/images/rootfs.cpio
EDK2=/mnt/edk2/Build/ArmVirtQemu-AARCH64/DEBUG_GCC5/FV/QEMU_EFI.fd
DISK=/mnt/buildroot/output/images/disk.img
fi
add_qemu_arg () {
QEMU_ARGS="$QEMU_ARGS $@"
}
add_kernel_arg () {
KERNEL_ARGS="$KERNEL_ARGS $@"
}
add_qemu_arg -M virt,acpi=off,gic-version=3 -cpu host -enable-kvm
add_qemu_arg -smp 2 -m $VM_MEMORY -overcommit
mem-lock=on
add_qemu_arg -M confidential-guest-support=rme0
add_qemu_arg -object rme-guest,id=rme0,measurement-algo=sha512,num-pmu-counters=6,sve-vector-length=256
add_qemu_arg -device virtio-net-pci,netdev=net0,romfile=""
add_qemu_arg -netdev user,id=net0
if $USE_VIRTCONSOLE; then
add_kernel_arg console=hvc0
add_qemu_arg -nodefaults
add_qemu_arg -chardev stdio,mux=on,id=hvc0,signal=off
add_qemu_arg -device virtio-serial-pci -device virtconsole,chardev=hvc0
else
add_kernel_arg console=ttyAMA0 earlycon
add_qemu_arg -nographic
fi
if $USE_EDK2; then
add_qemu_arg -bios $EDK2
fi
if $DIRECT_KERNEL_BOOT; then
add_qemu_arg -kernel $KERNEL
else
$USE_INITRD && echo "Initrd requires direct kernel boot" && exit 1
fi
if $USE_INITRD; then
add_qemu_arg -initrd $INITRD
else
add_qemu_arg -device virtio-blk-pci,drive=rootfs0
add_qemu_arg -drive format=raw,if=none,file="$DISK",id=rootfs0
add_kernel_arg root=/dev/vda2
fi
$USE_EDK2 && $USE_VIRTCONSOLE && ! $USE_INITRD && \
echo "Don't forget to add console=hvc0 to grub.cfg"
if $DIRECT_KERNEL_BOOT; then
set -x
qemu-system-aarch64 $QEMU_ARGS \
-append "$KERNEL_ARGS" \
</dev/hvc1 >/dev/hvc1
else
set -x
qemu-system-aarch64 $QEMU_ARGS \
</dev/hvc1 >/dev/hvc1
fi |
The -M confidential-guest-support=rme0 and -object rme-guest,id=rme0,measurement-algo=sha512,num-pmu-counters=6,sve-vector-length=256 parameters declare this as a Realm VM and configure its parameters. Do note that the syntax will change as we aim to reuse existing QEMU parameters (notably SVE and PMU).
Save this as executable in the shared folder and in the host, launch it with:
...