...
Disable USE_VIRTCONSOLE in order to see all boot logs. Doing this enables the emulated PL011 serial and is much slower. Although edk2 does support virtio-console, it doesn’t display the debug output there (but you’ll still see RMM logs showing progress during boot).
When booting via grub2, the kernel parameters are stored in
grub.cfgwhich is copied fromboard/aarch64-efi/grub.cfgby the buildroot scriptboard/aarch64-efi/post-image.sh. Bu default the kernel parameters do not define aconsole, so Linux will determine the boot console from the device tree’s/chosen/stdout-pathproperty, which QEMU initializes to the default serial console. So if you want to boot with virtconsole, addconsole=hvc0toboard/aarch64-efi/grub.cfgbefore making buildroot.
Attestation Proof of Concept
A demonstration application called cca-workload-attestation has been integrated to the root file system. From a Realm VM, it provides users with the capability to query the RMM for a CCA attestation token that can either be printed to the console or saved to a file. It also demonstrate a tpypical interaction with an attestation service by communicating the CCA attestation token to a local instance of the Veraison services. Details on the cca-workload-attestation, the Veraison services and the endorser that populate the endorsement values can be found here.
Tips
Automate some things in the host boot
...