* [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage
@ 2023-01-24 16:34 Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 1/6] ArmVirtPkg/PrePi: Ensure timely execution of library constructors Ard Biesheuvel
` (6 more replies)
0 siblings, 7 replies; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
We recently experienced some build breakage in one of the ArmVirtPkg
platforms that is not covered by PlatformCI, in the PrePi component
which replaces the entire PEI stage. This component is now also being
used in TDVF, and so any modifications to it may regress the existing
users.
So add build and boot tests of ArmVirtQemuKernel (which is a version of
ArmVirtQemu which can be loaded as a loadable image instead of executing
from [emulated] NOR flash), and a build test of ArmVirtKvmTool, which is
also based on PrePi and runs under the kvmtool VMM. To further increase
coverage, enable secure boot, TPM support and HTTP(s) boot support when
building ArmVirtQemu for AARCH64.
Changes since v1:
- factor out common pieces into PlatformBuildLib.py, as suggested by
Gerd
Patches #1 and #2 fix existing boot regressions, which hadn't been
reported yet.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Oliver Steffen <osteffen@redhat.com>
Ard Biesheuvel (6):
ArmVirtPkg/PrePi: Ensure timely execution of library constructors
ArmVirtPkg/ArmVirtQemu: enlarge initial flash mapping
ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py
ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds
ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel
ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool
ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 4 +-
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 86 ++++++++++++++++++--
ArmVirtPkg/PlatformCI/KvmToolBuild.py | 32 ++++++++
ArmVirtPkg/PlatformCI/{PlatformBuild.py => PlatformBuildLib.py} | 23 +-----
ArmVirtPkg/PlatformCI/QemuBuild.py | 34 ++++++++
ArmVirtPkg/PlatformCI/QemuKernelBuild.py | 35 ++++++++
ArmVirtPkg/PrePi/PrePi.c | 6 +-
7 files changed, 188 insertions(+), 32 deletions(-)
create mode 100644 ArmVirtPkg/PlatformCI/KvmToolBuild.py
rename ArmVirtPkg/PlatformCI/{PlatformBuild.py => PlatformBuildLib.py} (89%)
create mode 100644 ArmVirtPkg/PlatformCI/QemuBuild.py
create mode 100644 ArmVirtPkg/PlatformCI/QemuKernelBuild.py
--
2.39.0
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v2 1/6] ArmVirtPkg/PrePi: Ensure timely execution of library constructors
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
@ 2023-01-24 16:34 ` Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 2/6] ArmVirtPkg/ArmVirtQemu: enlarge initial flash mapping Ard Biesheuvel
` (5 subsequent siblings)
6 siblings, 0 replies; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
PrePi has a bare metal entry point, and so it is in charge of calling
the library constructors once the C runtime has been initialized
sufficiently.
However, we are now relying on a HOB to have been constructed by the
time the MMU code runs, and so the constructors should be run before
that.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmVirtPkg/PrePi/PrePi.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/ArmVirtPkg/PrePi/PrePi.c b/ArmVirtPkg/PrePi/PrePi.c
index c15dc305fced..3d943b2138d3 100755
--- a/ArmVirtPkg/PrePi/PrePi.c
+++ b/ArmVirtPkg/PrePi/PrePi.c
@@ -60,6 +60,9 @@ PrePiMain (
//
InvalidateDataCacheRange ((VOID *)(UINTN)PcdGet64 (PcdFdBaseAddress), PcdGet32 (PcdFdSize));
+ // SEC phase needs to run library constructors by hand.
+ ProcessLibraryConstructorList ();
+
// Initialize MMU and Memory HOBs (Resource Descriptor HOBs)
Status = MemoryPeim (UefiMemoryBase, FixedPcdGet32 (PcdSystemMemoryUefiRegionSize));
ASSERT_EFI_ERROR (Status);
@@ -93,9 +96,6 @@ PrePiMain (
// Now, the HOB List has been initialized, we can register performance information
PERF_START (NULL, "PEI", NULL, StartTimeStamp);
- // SEC phase needs to run library constructors by hand.
- ProcessLibraryConstructorList ();
-
// Assume the FV that contains the SEC (our code) also contains a compressed FV.
Status = DecompressFirstFv ();
ASSERT_EFI_ERROR (Status);
--
2.39.0
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 2/6] ArmVirtPkg/ArmVirtQemu: enlarge initial flash mapping
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 1/6] ArmVirtPkg/PrePi: Ensure timely execution of library constructors Ard Biesheuvel
@ 2023-01-24 16:34 ` Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 3/6] ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py Ard Biesheuvel
` (4 subsequent siblings)
6 siblings, 0 replies; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
The initial ID map used by ArmVirtQemu only covers 2 MiB of NOR flash,
while the NOOPT build can be up to 3 MiB in size, resulting in a crash
if the unmapped 1 MiB is accessed before the real page tables are up.
So increate the initial flash mapping to 4 MiB.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S b/ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S
index 4a4b7b77ed83..584ffcb3ebe2 100644
--- a/ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S
+++ b/ArmVirtPkg/Library/ArmPlatformLibQemu/IdMap.S
@@ -15,6 +15,7 @@
.set TT_MT_MEM, (0x3 << 2) | (0x3 << 8) // MAIR #3
.set PAGE_XIP, TT_TYPE_PAGE | TT_MT_MEM | TT_AF | TT_RO | TT_NG
+ .set BLOCK_XIP, TT_TYPE_BLOCK | TT_MT_MEM | TT_AF | TT_RO | TT_NG
.set BLOCK_DEV, TT_TYPE_BLOCK | TT_MT_DEV | TT_AF | TT_XN | TT_NG
.set BLOCK_MEM, TT_TYPE_BLOCK | TT_MT_MEM | TT_AF | TT_XN | TT_NG
@@ -33,7 +34,8 @@ idmap: /* level 0 */
20: /* level 2 */
.quad 3f + TT_TYPE_TABLE // up to 2 MB of flash
- .fill 63, 8, 0x0 // 126 MB of unused flash
+ .quad BLOCK_XIP | (0x1 << 21) // another 2 MB of flash
+ .fill 62, 8, 0x0 // 124 MB of unused flash
.set idx, 64
.rept 448
.quad BLOCK_DEV | (idx << 21) // 896 MB of RW- device mappings
--
2.39.0
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 3/6] ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 1/6] ArmVirtPkg/PrePi: Ensure timely execution of library constructors Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 2/6] ArmVirtPkg/ArmVirtQemu: enlarge initial flash mapping Ard Biesheuvel
@ 2023-01-24 16:34 ` Ard Biesheuvel
2023-01-26 14:34 ` [edk2-devel] " Michael Kubacki
2023-01-24 16:34 ` [PATCH v2 4/6] ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds Ard Biesheuvel
` (3 subsequent siblings)
6 siblings, 1 reply; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
In order to reduce the amount of code duplication, refactor the
PlatformBuild.py script that builds ArmVirtQemu.dsc into a reusable
PlatformBuildLib.py containing most of the bits and pieces, and a small
QemuBuild.py which is specific to the DSC in question.
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 12 ++++----
ArmVirtPkg/PlatformCI/{PlatformBuild.py => PlatformBuildLib.py} | 19 ++----------
ArmVirtPkg/PlatformCI/QemuBuild.py | 31 ++++++++++++++++++++
3 files changed, 39 insertions(+), 23 deletions(-)
diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
index 5fa7518d2c5e..b1526ae8e50b 100644
--- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
+++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
@@ -30,42 +30,42 @@ jobs:
strategy:
matrix:
QEMU_AARCH64_DEBUG:
- Build.File: "$(package)/PlatformCI/PlatformBuild.py"
+ Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "AARCH64"
Build.Flags: ""
Build.Target: "DEBUG"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_AARCH64_RELEASE:
- Build.File: "$(package)/PlatformCI/PlatformBuild.py"
+ Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "AARCH64"
Build.Flags: ""
Build.Target: "RELEASE"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_AARCH64_NOOPT:
- Build.File: "$(package)/PlatformCI/PlatformBuild.py"
+ Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "AARCH64"
Build.Flags: ""
Build.Target: "NOOPT"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_ARM_DEBUG:
- Build.File: "$(package)/PlatformCI/PlatformBuild.py"
+ Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "ARM"
Build.Flags: ""
Build.Target: "DEBUG"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_ARM_RELEASE:
- Build.File: "$(package)/PlatformCI/PlatformBuild.py"
+ Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "ARM"
Build.Flags: ""
Build.Target: "RELEASE"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_ARM_NOOPT:
- Build.File: "$(package)/PlatformCI/PlatformBuild.py"
+ Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "ARM"
Build.Flags: ""
Build.Target: "NOOPT"
diff --git a/ArmVirtPkg/PlatformCI/PlatformBuild.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
similarity index 90%
rename from ArmVirtPkg/PlatformCI/PlatformBuild.py
rename to ArmVirtPkg/PlatformCI/PlatformBuildLib.py
index dff653e919eb..91aa9b31d3c5 100644
--- a/ArmVirtPkg/PlatformCI/PlatformBuild.py
+++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
@@ -17,21 +17,6 @@ from edk2toolext.invocables.edk2_pr_eval import PrEvalSettingsManager
from edk2toollib.utility_functions import RunCmd
from edk2toollib.utility_functions import GetHostInfo
-# ####################################################################################### #
-# Common Configuration #
-# ####################################################################################### #
-
-
-class CommonPlatform():
- ''' Common settings for this platform. Define static data here and use
- for the different parts of stuart
- '''
- PackagesSupported = ("ArmVirtPkg",)
- ArchSupported = ("AARCH64", "ARM")
- TargetsSupported = ("DEBUG", "RELEASE", "NOOPT")
- Scopes = ('armvirt', 'edk2-build')
- WorkspaceRoot = os.path.realpath(os.path.join(
- os.path.dirname(os.path.abspath(__file__)), "..", ".."))
# ####################################################################################### #
# Configuration for Update & Setup #
@@ -139,7 +124,7 @@ class SettingsManager(UpdateSettingsManager, SetupSettingsManager, PrEvalSetting
The tuple should be (<workspace relative path to dsc file>, <input dictionary of dsc key value pairs>)
'''
- return (os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc"), {})
+ return (CommonPlatform.DscName, {})
# ####################################################################################### #
@@ -163,7 +148,7 @@ class PlatformBuilder(UefiBuilder, BuildSettingsManager):
"TARGET_ARCH", args.build_arch.upper(), "From CmdLine")
shell_environment.GetBuildVars().SetValue(
- "ACTIVE_PLATFORM", "ArmVirtPkg/ArmVirtQemu.dsc", "From CmdLine")
+ "ACTIVE_PLATFORM", CommonPlatform.DscName, "From CmdLine")
def GetWorkspaceRoot(self):
''' get WorkspacePath '''
diff --git a/ArmVirtPkg/PlatformCI/QemuBuild.py b/ArmVirtPkg/PlatformCI/QemuBuild.py
new file mode 100644
index 000000000000..f4dcc1d1d245
--- /dev/null
+++ b/ArmVirtPkg/PlatformCI/QemuBuild.py
@@ -0,0 +1,31 @@
+# @file
+# Script to Build OVMF UEFI firmware
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+import os
+import sys
+
+sys.path.append(os.path.dirname(os.path.abspath(__file__)))
+from PlatformBuildLib import SettingsManager
+from PlatformBuildLib import PlatformBuilder
+
+ # ####################################################################################### #
+ # Common Configuration #
+ # ####################################################################################### #
+class CommonPlatform():
+ ''' Common settings for this platform. Define static data here and use
+ for the different parts of stuart
+ '''
+ PackagesSupported = ("ArmVirtPkg",)
+ ArchSupported = ("AARCH64", "ARM")
+ TargetsSupported = ("DEBUG", "RELEASE", "NOOPT")
+ Scopes = ('armvirt', 'edk2-build')
+ WorkspaceRoot = os.path.realpath(os.path.join(
+ os.path.dirname(os.path.abspath(__file__)), "..", ".."))
+
+ DscName = os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc")
+
+import PlatformBuildLib
+PlatformBuildLib.CommonPlatform = CommonPlatform
--
2.39.0
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 4/6] ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
` (2 preceding siblings ...)
2023-01-24 16:34 ` [PATCH v2 3/6] ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py Ard Biesheuvel
@ 2023-01-24 16:34 ` Ard Biesheuvel
2023-01-26 14:35 ` [edk2-devel] " Michael Kubacki
2023-01-24 16:34 ` [PATCH v2 5/6] ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel Ard Biesheuvel
` (2 subsequent siblings)
6 siblings, 1 reply; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
To increase the CI coverage, enable secure boot, TPM2 support and HTTPS
boot on ArmVirtQemu builds used in CI.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
index b1526ae8e50b..44a1d3da6742 100644
--- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
+++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
@@ -32,21 +32,21 @@ jobs:
QEMU_AARCH64_DEBUG:
Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "AARCH64"
- Build.Flags: ""
+ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
Build.Target: "DEBUG"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_AARCH64_RELEASE:
Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "AARCH64"
- Build.Flags: ""
+ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
Build.Target: "RELEASE"
Run.Flags: $(run_flags)
Run: $(should_run)
QEMU_AARCH64_NOOPT:
Build.File: "$(package)/PlatformCI/QemuBuild.py"
Build.Arch: "AARCH64"
- Build.Flags: ""
+ Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
Build.Target: "NOOPT"
Run.Flags: $(run_flags)
Run: $(should_run)
--
2.39.0
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 5/6] ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
` (3 preceding siblings ...)
2023-01-24 16:34 ` [PATCH v2 4/6] ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds Ard Biesheuvel
@ 2023-01-24 16:34 ` Ard Biesheuvel
2023-01-26 14:35 ` [edk2-devel] " Michael Kubacki
2023-01-24 16:34 ` [PATCH v2 6/6] ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool Ard Biesheuvel
2023-01-25 9:41 ` [edk2-devel] [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Gerd Hoffmann
6 siblings, 1 reply; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
ArmVirtQemuKernel.dsc describes a firmware build that is loadable at
arbitrary address and can be invoked using the Linux/arm64 kernel boot
protocol. The early code deviates significantly from ArmVirtQemu, and so
it makes sense to cover this platform in CI even if it is not widely
used. This ensures that the relocatable PrePi and other components in
EmbeddedPkg don't regress on ARM as they are being updated for use on
TDVF.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 43 ++++++++++++++++++++
ArmVirtPkg/PlatformCI/PlatformBuildLib.py | 4 +-
ArmVirtPkg/PlatformCI/QemuBuild.py | 3 ++
ArmVirtPkg/PlatformCI/{QemuBuild.py => QemuKernelBuild.py} | 6 ++-
4 files changed, 53 insertions(+), 3 deletions(-)
diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
index 44a1d3da6742..2b6cc119167b 100644
--- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
+++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
@@ -72,6 +72,49 @@ jobs:
Run.Flags: $(run_flags)
Run: $(should_run)
+ QEMU_KERNEL_AARCH64_DEBUG:
+ Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
+ Build.Arch: "AARCH64"
+ Build.Flags: ""
+ Build.Target: "DEBUG"
+ Run.Flags: $(run_flags)
+ Run: $(should_run)
+ QEMU_KERNEL_AARCH64_RELEASE:
+ Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
+ Build.Arch: "AARCH64"
+ Build.Flags: ""
+ Build.Target: "RELEASE"
+ Run.Flags: $(run_flags)
+ Run: $(should_run)
+ QEMU_KERNEL_AARCH64_NOOPT:
+ Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
+ Build.Arch: "AARCH64"
+ Build.Flags: ""
+ Build.Target: "NOOPT"
+ Run.Flags: $(run_flags)
+ Run: $(should_run)
+ QEMU_KERNEL_ARM_DEBUG:
+ Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
+ Build.Arch: "ARM"
+ Build.Flags: ""
+ Build.Target: "DEBUG"
+ Run.Flags: $(run_flags)
+ Run: $(should_run)
+ QEMU_KERNEL_ARM_RELEASE:
+ Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
+ Build.Arch: "ARM"
+ Build.Flags: ""
+ Build.Target: "RELEASE"
+ Run.Flags: $(run_flags)
+ Run: $(should_run)
+ QEMU_KERNEL_ARM_NOOPT:
+ Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
+ Build.Arch: "ARM"
+ Build.Flags: ""
+ Build.Target: "NOOPT"
+ Run.Flags: $(run_flags)
+ Run: $(should_run)
+
workspace:
clean: all
diff --git a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
index 91aa9b31d3c5..405817cae785 100644
--- a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
+++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
@@ -226,13 +226,13 @@ class PlatformBuilder(UefiBuilder, BuildSettingsManager):
args += " -cpu cortex-a57" # emulate cpu
elif(self.env.GetValue("TARGET_ARCH").upper() == "ARM"):
cmd = "qemu-system-arm"
- args = "-M virt"
+ args = "-M virt,highmem=off"
args += " -cpu cortex-a15" # emulate cpu
else:
raise NotImplementedError()
# Common Args
- args += " -pflash " + Built_FV # path to fw
+ args += CommonPlatform.FvQemuArg + Built_FV # path to fw
args += " -m 1024" # 1gb memory
# turn off network
args += " -net none"
diff --git a/ArmVirtPkg/PlatformCI/QemuBuild.py b/ArmVirtPkg/PlatformCI/QemuBuild.py
index f4dcc1d1d245..c651a9501fcf 100644
--- a/ArmVirtPkg/PlatformCI/QemuBuild.py
+++ b/ArmVirtPkg/PlatformCI/QemuBuild.py
@@ -27,5 +27,8 @@ class CommonPlatform():
DscName = os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc")
+ # this platform produces a bootable NOR flash image
+ FvQemuArg = " -pflash "
+
import PlatformBuildLib
PlatformBuildLib.CommonPlatform = CommonPlatform
diff --git a/ArmVirtPkg/PlatformCI/QemuBuild.py b/ArmVirtPkg/PlatformCI/QemuKernelBuild.py
similarity index 81%
copy from ArmVirtPkg/PlatformCI/QemuBuild.py
copy to ArmVirtPkg/PlatformCI/QemuKernelBuild.py
index f4dcc1d1d245..f340dfac8843 100644
--- a/ArmVirtPkg/PlatformCI/QemuBuild.py
+++ b/ArmVirtPkg/PlatformCI/QemuKernelBuild.py
@@ -25,7 +25,11 @@ class CommonPlatform():
WorkspaceRoot = os.path.realpath(os.path.join(
os.path.dirname(os.path.abspath(__file__)), "..", ".."))
- DscName = os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc")
+ DscName = os.path.join("ArmVirtPkg", "ArmVirtQemuKernel.dsc")
+
+ # this platform produces an executable image that is invoked using
+ # the Linux/arm64 kernel boot protocol
+ FvQemuArg = " -kernel "
import PlatformBuildLib
PlatformBuildLib.CommonPlatform = CommonPlatform
--
2.39.0
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH v2 6/6] ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
` (4 preceding siblings ...)
2023-01-24 16:34 ` [PATCH v2 5/6] ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel Ard Biesheuvel
@ 2023-01-24 16:34 ` Ard Biesheuvel
2023-01-26 14:35 ` [edk2-devel] " Michael Kubacki
2023-01-25 9:41 ` [edk2-devel] [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Gerd Hoffmann
6 siblings, 1 reply; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-24 16:34 UTC (permalink / raw)
To: devel
Cc: Ard Biesheuvel, Gerd Hoffmann, Michael Kubacki, Jiewen Yao,
Oliver Steffen
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 25 +++++++++++++++
ArmVirtPkg/PlatformCI/KvmToolBuild.py | 32 ++++++++++++++++++++
2 files changed, 57 insertions(+)
diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
index 2b6cc119167b..d1772a65fc3a 100644
--- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
+++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
@@ -115,6 +115,31 @@ jobs:
Run.Flags: $(run_flags)
Run: $(should_run)
+ KVMTOOL_AARCH64_DEBUG:
+ Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
+ Build.Arch: "AARCH64"
+ Build.Flags: ""
+ Build.Target: "DEBUG"
+ Run: false
+ KVMTOOL_AARCH64_RELEASE:
+ Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
+ Build.Arch: "AARCH64"
+ Build.Flags: ""
+ Build.Target: "RELEASE"
+ Run: false
+ KVMTOOL_ARM_DEBUG:
+ Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
+ Build.Arch: "ARM"
+ Build.Flags: ""
+ Build.Target: "DEBUG"
+ Run: false
+ KVMTOOL_ARM_RELEASE:
+ Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
+ Build.Arch: "ARM"
+ Build.Flags: ""
+ Build.Target: "RELEASE"
+ Run: false
+
workspace:
clean: all
diff --git a/ArmVirtPkg/PlatformCI/KvmToolBuild.py b/ArmVirtPkg/PlatformCI/KvmToolBuild.py
new file mode 100644
index 000000000000..4d02dba124ac
--- /dev/null
+++ b/ArmVirtPkg/PlatformCI/KvmToolBuild.py
@@ -0,0 +1,32 @@
+# @file
+# Script to Build ArmVirtPkg UEFI firmware
+#
+# Copyright (c) Microsoft Corporation.
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+import os
+import sys
+
+sys.path.append(os.path.dirname(os.path.abspath(__file__)))
+from PlatformBuildLib import SettingsManager
+from PlatformBuildLib import PlatformBuilder
+
+ # ####################################################################################### #
+ # Common Configuration #
+ # ####################################################################################### #
+class CommonPlatform():
+ ''' Common settings for this platform. Define static data here and use
+ for the different parts of stuart
+ '''
+ PackagesSupported = ("ArmVirtPkg",)
+ ArchSupported = ("AARCH64", "ARM")
+ TargetsSupported = ("DEBUG", "RELEASE")
+ Scopes = ('armvirt', 'edk2-build')
+ WorkspaceRoot = os.path.realpath(os.path.join(
+ os.path.dirname(os.path.abspath(__file__)), "..", ".."))
+
+ DscName = os.path.join("ArmVirtPkg", "ArmVirtKvmTool.dsc")
+ FvQemuArg = "" # ignored
+
+import PlatformBuildLib
+PlatformBuildLib.CommonPlatform = CommonPlatform
--
2.39.0
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
` (5 preceding siblings ...)
2023-01-24 16:34 ` [PATCH v2 6/6] ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool Ard Biesheuvel
@ 2023-01-25 9:41 ` Gerd Hoffmann
2023-01-25 12:38 ` Ard Biesheuvel
6 siblings, 1 reply; 13+ messages in thread
From: Gerd Hoffmann @ 2023-01-25 9:41 UTC (permalink / raw)
To: devel, ardb; +Cc: Michael Kubacki, Jiewen Yao, Oliver Steffen
On Tue, Jan 24, 2023 at 05:34:11PM +0100, Ard Biesheuvel wrote:
> We recently experienced some build breakage in one of the ArmVirtPkg
> platforms that is not covered by PlatformCI, in the PrePi component
> which replaces the entire PEI stage. This component is now also being
> used in TDVF, and so any modifications to it may regress the existing
> users.
>
> So add build and boot tests of ArmVirtQemuKernel (which is a version of
> ArmVirtQemu which can be loaded as a loadable image instead of executing
> from [emulated] NOR flash), and a build test of ArmVirtKvmTool, which is
> also based on PrePi and runs under the kvmtool VMM. To further increase
> coverage, enable secure boot, TPM support and HTTP(s) boot support when
> building ArmVirtQemu for AARCH64.
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
As you mention secure boot: As far I know current state of affairs is
that nothing protects efi variable flash on ArmVirt, so secure boot
isn't actually secure because the OS can easily manipulate 'db' etc.
State of affairs on physical hardware (at least on Qualcomm SoCs) seems
to be that there is some service running in the Trusted Zone secure
world which manages (and controls access to) EFI variables. See
https://lore.kernel.org/lkml/eaa455ed-2dd2-a33f-6420-a75484eccc35@gmail.com/t/
Do you happen to know whenever any of this is available as open source,
be it the secure world code or the EFI drivers talking to it? Is there
some kind of standard for this or does every vendor brew its own?
thanks & take care,
Gerd
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage
2023-01-25 9:41 ` [edk2-devel] [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Gerd Hoffmann
@ 2023-01-25 12:38 ` Ard Biesheuvel
0 siblings, 0 replies; 13+ messages in thread
From: Ard Biesheuvel @ 2023-01-25 12:38 UTC (permalink / raw)
To: devel, kraxel; +Cc: Michael Kubacki, Jiewen Yao, Oliver Steffen
On Wed, 25 Jan 2023 at 10:42, Gerd Hoffmann <kraxel@redhat.com> wrote:
>
> On Tue, Jan 24, 2023 at 05:34:11PM +0100, Ard Biesheuvel wrote:
> > We recently experienced some build breakage in one of the ArmVirtPkg
> > platforms that is not covered by PlatformCI, in the PrePi component
> > which replaces the entire PEI stage. This component is now also being
> > used in TDVF, and so any modifications to it may regress the existing
> > users.
> >
> > So add build and boot tests of ArmVirtQemuKernel (which is a version of
> > ArmVirtQemu which can be loaded as a loadable image instead of executing
> > from [emulated] NOR flash), and a build test of ArmVirtKvmTool, which is
> > also based on PrePi and runs under the kvmtool VMM. To further increase
> > coverage, enable secure boot, TPM support and HTTP(s) boot support when
> > building ArmVirtQemu for AARCH64.
>
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
>
Thanks.
> As you mention secure boot: As far I know current state of affairs is
> that nothing protects efi variable flash on ArmVirt, so secure boot
> isn't actually secure because the OS can easily manipulate 'db' etc.
>
True.
There is a way around this, though: we could emulate secure EL0 using
KVM and a separate EL1 context that implements the Secure Partition
interface that standalone MM supports. That way, we would be able to
run the entire MM based variable runtime stack, similar to how SMM
emulation is implemented (or so I am told)
None of this has been implemented or prototyped, though, and nobody
seems to want it badly enough to bother.
> State of affairs on physical hardware (at least on Qualcomm SoCs) seems
> to be that there is some service running in the Trusted Zone secure
> world which manages (and controls access to) EFI variables. See
> https://lore.kernel.org/lkml/eaa455ed-2dd2-a33f-6420-a75484eccc35@gmail.com/t/
>
Yes. There are other efforts underway that are OP-TEE based, i.e.,
RPMB partition owned by the secure firmware, and a supplicant in Linux
user space that marshalls requests between the Linux kernel and the
secure firmware. And yes, this is a terrible design, and the qcom
approach seems slightly better.
On bare metal hardware, you can generally just use the standalone MM
based driver stack. I implemented this for SynQuacer/Developerbox,
when building its firmware with SECURE_BOOT_ENABLE from
edk2-platforms.
However, this approach only works if the secure world can have
complete ownership of the storage. On QCOM devices or other eMMC/UFS
based devices, there is only a single controller which must be owned
by the Linux kernel, and so any access by the firmware needs to be
routed via some component that performs the arbitration. In the OP-TEE
case, this is the supplicant in user space. in the QCOM case, I
imagine there may be some code in the magic hypervisor that takes care
of this.
> Do you happen to know whenever any of this is available as open source,
> be it the secure world code or the EFI drivers talking to it? Is there
> some kind of standard for this or does every vendor brew its own?
>
There is no standard for this, as far as I know, even though the
problem was well understood 8+ years ago. As far as I know, the QCOM
approach is specific to snapdragon EFI platforms, and similar hacks
are needed in Windows for the EFI runtime stack to be swapped out and
the special driver swapped into the consumers of the EFI variables.
The secure world calling convention is standardized, though, and IIRC,
there were some suggestions regarding reuse of the EFI variable
emulation function IDs. But in general, it is very hard to get QCOM
engineers to care about any of this - even if Lenovo are now invested
in running Linux on the ARM ThinkPads, they still have to work around
the buggy firmware that they get from QCOM and AMI, and getting it
fixed appears to be very hard.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH v2 3/6] ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py
2023-01-24 16:34 ` [PATCH v2 3/6] ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py Ard Biesheuvel
@ 2023-01-26 14:34 ` Michael Kubacki
0 siblings, 0 replies; 13+ messages in thread
From: Michael Kubacki @ 2023-01-26 14:34 UTC (permalink / raw)
To: devel, ardb; +Cc: Gerd Hoffmann, Michael Kubacki, Jiewen Yao, Oliver Steffen
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
> In order to reduce the amount of code duplication, refactor the
> PlatformBuild.py script that builds ArmVirtQemu.dsc into a reusable
> PlatformBuildLib.py containing most of the bits and pieces, and a small
> QemuBuild.py which is specific to the DSC in question.
>
> Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 12 ++++----
> ArmVirtPkg/PlatformCI/{PlatformBuild.py => PlatformBuildLib.py} | 19 ++----------
> ArmVirtPkg/PlatformCI/QemuBuild.py | 31 ++++++++++++++++++++
> 3 files changed, 39 insertions(+), 23 deletions(-)
>
> diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> index 5fa7518d2c5e..b1526ae8e50b 100644
> --- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> +++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> @@ -30,42 +30,42 @@ jobs:
> strategy:
>
> matrix:
>
> QEMU_AARCH64_DEBUG:
>
> - Build.File: "$(package)/PlatformCI/PlatformBuild.py"
>
> + Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "AARCH64"
>
> Build.Flags: ""
>
> Build.Target: "DEBUG"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_AARCH64_RELEASE:
>
> - Build.File: "$(package)/PlatformCI/PlatformBuild.py"
>
> + Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "AARCH64"
>
> Build.Flags: ""
>
> Build.Target: "RELEASE"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_AARCH64_NOOPT:
>
> - Build.File: "$(package)/PlatformCI/PlatformBuild.py"
>
> + Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "AARCH64"
>
> Build.Flags: ""
>
> Build.Target: "NOOPT"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_ARM_DEBUG:
>
> - Build.File: "$(package)/PlatformCI/PlatformBuild.py"
>
> + Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "ARM"
>
> Build.Flags: ""
>
> Build.Target: "DEBUG"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_ARM_RELEASE:
>
> - Build.File: "$(package)/PlatformCI/PlatformBuild.py"
>
> + Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "ARM"
>
> Build.Flags: ""
>
> Build.Target: "RELEASE"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_ARM_NOOPT:
>
> - Build.File: "$(package)/PlatformCI/PlatformBuild.py"
>
> + Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "ARM"
>
> Build.Flags: ""
>
> Build.Target: "NOOPT"
>
> diff --git a/ArmVirtPkg/PlatformCI/PlatformBuild.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
> similarity index 90%
> rename from ArmVirtPkg/PlatformCI/PlatformBuild.py
> rename to ArmVirtPkg/PlatformCI/PlatformBuildLib.py
> index dff653e919eb..91aa9b31d3c5 100644
> --- a/ArmVirtPkg/PlatformCI/PlatformBuild.py
> +++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
> @@ -17,21 +17,6 @@ from edk2toolext.invocables.edk2_pr_eval import PrEvalSettingsManager
> from edk2toollib.utility_functions import RunCmd
>
> from edk2toollib.utility_functions import GetHostInfo
>
>
>
> -# ####################################################################################### #
>
> -# Common Configuration #
>
> -# ####################################################################################### #
>
> -
>
> -
>
> -class CommonPlatform():
>
> - ''' Common settings for this platform. Define static data here and use
>
> - for the different parts of stuart
>
> - '''
>
> - PackagesSupported = ("ArmVirtPkg",)
>
> - ArchSupported = ("AARCH64", "ARM")
>
> - TargetsSupported = ("DEBUG", "RELEASE", "NOOPT")
>
> - Scopes = ('armvirt', 'edk2-build')
>
> - WorkspaceRoot = os.path.realpath(os.path.join(
>
> - os.path.dirname(os.path.abspath(__file__)), "..", ".."))
>
>
>
> # ####################################################################################### #
>
> # Configuration for Update & Setup #
>
> @@ -139,7 +124,7 @@ class SettingsManager(UpdateSettingsManager, SetupSettingsManager, PrEvalSetting
>
>
> The tuple should be (<workspace relative path to dsc file>, <input dictionary of dsc key value pairs>)
>
> '''
>
> - return (os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc"), {})
>
> + return (CommonPlatform.DscName, {})
>
>
>
>
>
> # ####################################################################################### #
>
> @@ -163,7 +148,7 @@ class PlatformBuilder(UefiBuilder, BuildSettingsManager):
> "TARGET_ARCH", args.build_arch.upper(), "From CmdLine")
>
>
>
> shell_environment.GetBuildVars().SetValue(
>
> - "ACTIVE_PLATFORM", "ArmVirtPkg/ArmVirtQemu.dsc", "From CmdLine")
>
> + "ACTIVE_PLATFORM", CommonPlatform.DscName, "From CmdLine")
>
>
>
> def GetWorkspaceRoot(self):
>
> ''' get WorkspacePath '''
>
> diff --git a/ArmVirtPkg/PlatformCI/QemuBuild.py b/ArmVirtPkg/PlatformCI/QemuBuild.py
> new file mode 100644
> index 000000000000..f4dcc1d1d245
> --- /dev/null
> +++ b/ArmVirtPkg/PlatformCI/QemuBuild.py
> @@ -0,0 +1,31 @@
> +# @file
>
> +# Script to Build OVMF UEFI firmware
>
> +#
>
> +# Copyright (c) Microsoft Corporation.
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +##
>
> +import os
>
> +import sys
>
> +
>
> +sys.path.append(os.path.dirname(os.path.abspath(__file__)))
>
> +from PlatformBuildLib import SettingsManager
>
> +from PlatformBuildLib import PlatformBuilder
>
> +
>
> + # ####################################################################################### #
>
> + # Common Configuration #
>
> + # ####################################################################################### #
>
> +class CommonPlatform():
>
> + ''' Common settings for this platform. Define static data here and use
>
> + for the different parts of stuart
>
> + '''
>
> + PackagesSupported = ("ArmVirtPkg",)
>
> + ArchSupported = ("AARCH64", "ARM")
>
> + TargetsSupported = ("DEBUG", "RELEASE", "NOOPT")
>
> + Scopes = ('armvirt', 'edk2-build')
>
> + WorkspaceRoot = os.path.realpath(os.path.join(
>
> + os.path.dirname(os.path.abspath(__file__)), "..", ".."))
>
> +
>
> + DscName = os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc")
>
> +
>
> +import PlatformBuildLib
>
> +PlatformBuildLib.CommonPlatform = CommonPlatform
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH v2 4/6] ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds
2023-01-24 16:34 ` [PATCH v2 4/6] ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds Ard Biesheuvel
@ 2023-01-26 14:35 ` Michael Kubacki
0 siblings, 0 replies; 13+ messages in thread
From: Michael Kubacki @ 2023-01-26 14:35 UTC (permalink / raw)
To: devel, ardb; +Cc: Gerd Hoffmann, Michael Kubacki, Jiewen Yao, Oliver Steffen
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
> To increase the CI coverage, enable secure boot, TPM2 support and HTTPS
> boot on ArmVirtQemu builds used in CI.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> index b1526ae8e50b..44a1d3da6742 100644
> --- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> +++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> @@ -32,21 +32,21 @@ jobs:
> QEMU_AARCH64_DEBUG:
>
> Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "AARCH64"
>
> - Build.Flags: ""
>
> + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
>
> Build.Target: "DEBUG"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_AARCH64_RELEASE:
>
> Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "AARCH64"
>
> - Build.Flags: ""
>
> + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
>
> Build.Target: "RELEASE"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
> QEMU_AARCH64_NOOPT:
>
> Build.File: "$(package)/PlatformCI/QemuBuild.py"
>
> Build.Arch: "AARCH64"
>
> - Build.Flags: ""
>
> + Build.Flags: "BLD_*_SECURE_BOOT_ENABLE=1 BLD_*_TPM2_ENABLE=1 BLD_*_NETWORK_TLS_ENABLE=1 BLD_*_NETWORK_IP6_ENABLE=1 BLD_*_NETWORK_HTTP_BOOT_ENABLE=1"
>
> Build.Target: "NOOPT"
>
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH v2 5/6] ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel
2023-01-24 16:34 ` [PATCH v2 5/6] ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel Ard Biesheuvel
@ 2023-01-26 14:35 ` Michael Kubacki
0 siblings, 0 replies; 13+ messages in thread
From: Michael Kubacki @ 2023-01-26 14:35 UTC (permalink / raw)
To: devel, ardb; +Cc: Gerd Hoffmann, Michael Kubacki, Jiewen Yao, Oliver Steffen
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
> ArmVirtQemuKernel.dsc describes a firmware build that is loadable at
> arbitrary address and can be invoked using the Linux/arm64 kernel boot
> protocol. The early code deviates significantly from ArmVirtQemu, and so
> it makes sense to cover this platform in CI even if it is not widely
> used. This ensures that the relocatable PrePi and other components in
> EmbeddedPkg don't regress on ARM as they are being updated for use on
> TDVF.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 43 ++++++++++++++++++++
> ArmVirtPkg/PlatformCI/PlatformBuildLib.py | 4 +-
> ArmVirtPkg/PlatformCI/QemuBuild.py | 3 ++
> ArmVirtPkg/PlatformCI/{QemuBuild.py => QemuKernelBuild.py} | 6 ++-
> 4 files changed, 53 insertions(+), 3 deletions(-)
>
> diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> index 44a1d3da6742..2b6cc119167b 100644
> --- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> +++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> @@ -72,6 +72,49 @@ jobs:
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
>
>
> + QEMU_KERNEL_AARCH64_DEBUG:
>
> + Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
>
> + Build.Arch: "AARCH64"
>
> + Build.Flags: ""
>
> + Build.Target: "DEBUG"
>
> + Run.Flags: $(run_flags)
>
> + Run: $(should_run)
>
> + QEMU_KERNEL_AARCH64_RELEASE:
>
> + Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
>
> + Build.Arch: "AARCH64"
>
> + Build.Flags: ""
>
> + Build.Target: "RELEASE"
>
> + Run.Flags: $(run_flags)
>
> + Run: $(should_run)
>
> + QEMU_KERNEL_AARCH64_NOOPT:
>
> + Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
>
> + Build.Arch: "AARCH64"
>
> + Build.Flags: ""
>
> + Build.Target: "NOOPT"
>
> + Run.Flags: $(run_flags)
>
> + Run: $(should_run)
>
> + QEMU_KERNEL_ARM_DEBUG:
>
> + Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
>
> + Build.Arch: "ARM"
>
> + Build.Flags: ""
>
> + Build.Target: "DEBUG"
>
> + Run.Flags: $(run_flags)
>
> + Run: $(should_run)
>
> + QEMU_KERNEL_ARM_RELEASE:
>
> + Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
>
> + Build.Arch: "ARM"
>
> + Build.Flags: ""
>
> + Build.Target: "RELEASE"
>
> + Run.Flags: $(run_flags)
>
> + Run: $(should_run)
>
> + QEMU_KERNEL_ARM_NOOPT:
>
> + Build.File: "$(package)/PlatformCI/QemuKernelBuild.py"
>
> + Build.Arch: "ARM"
>
> + Build.Flags: ""
>
> + Build.Target: "NOOPT"
>
> + Run.Flags: $(run_flags)
>
> + Run: $(should_run)
>
> +
>
> workspace:
>
> clean: all
>
>
>
> diff --git a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
> index 91aa9b31d3c5..405817cae785 100644
> --- a/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
> +++ b/ArmVirtPkg/PlatformCI/PlatformBuildLib.py
> @@ -226,13 +226,13 @@ class PlatformBuilder(UefiBuilder, BuildSettingsManager):
> args += " -cpu cortex-a57" # emulate cpu
>
> elif(self.env.GetValue("TARGET_ARCH").upper() == "ARM"):
>
> cmd = "qemu-system-arm"
>
> - args = "-M virt"
>
> + args = "-M virt,highmem=off"
>
> args += " -cpu cortex-a15" # emulate cpu
>
> else:
>
> raise NotImplementedError()
>
>
>
> # Common Args
>
> - args += " -pflash " + Built_FV # path to fw
>
> + args += CommonPlatform.FvQemuArg + Built_FV # path to fw
>
> args += " -m 1024" # 1gb memory
>
> # turn off network
>
> args += " -net none"
>
> diff --git a/ArmVirtPkg/PlatformCI/QemuBuild.py b/ArmVirtPkg/PlatformCI/QemuBuild.py
> index f4dcc1d1d245..c651a9501fcf 100644
> --- a/ArmVirtPkg/PlatformCI/QemuBuild.py
> +++ b/ArmVirtPkg/PlatformCI/QemuBuild.py
> @@ -27,5 +27,8 @@ class CommonPlatform():
>
>
> DscName = os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc")
>
>
>
> + # this platform produces a bootable NOR flash image
>
> + FvQemuArg = " -pflash "
>
> +
>
> import PlatformBuildLib
>
> PlatformBuildLib.CommonPlatform = CommonPlatform
>
> diff --git a/ArmVirtPkg/PlatformCI/QemuBuild.py b/ArmVirtPkg/PlatformCI/QemuKernelBuild.py
> similarity index 81%
> copy from ArmVirtPkg/PlatformCI/QemuBuild.py
> copy to ArmVirtPkg/PlatformCI/QemuKernelBuild.py
> index f4dcc1d1d245..f340dfac8843 100644
> --- a/ArmVirtPkg/PlatformCI/QemuBuild.py
> +++ b/ArmVirtPkg/PlatformCI/QemuKernelBuild.py
> @@ -25,7 +25,11 @@ class CommonPlatform():
> WorkspaceRoot = os.path.realpath(os.path.join(
>
> os.path.dirname(os.path.abspath(__file__)), "..", ".."))
>
>
>
> - DscName = os.path.join("ArmVirtPkg", "ArmVirtQemu.dsc")
>
> + DscName = os.path.join("ArmVirtPkg", "ArmVirtQemuKernel.dsc")
>
> +
>
> + # this platform produces an executable image that is invoked using
>
> + # the Linux/arm64 kernel boot protocol
>
> + FvQemuArg = " -kernel "
>
>
>
> import PlatformBuildLib
>
> PlatformBuildLib.CommonPlatform = CommonPlatform
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH v2 6/6] ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool
2023-01-24 16:34 ` [PATCH v2 6/6] ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool Ard Biesheuvel
@ 2023-01-26 14:35 ` Michael Kubacki
0 siblings, 0 replies; 13+ messages in thread
From: Michael Kubacki @ 2023-01-26 14:35 UTC (permalink / raw)
To: devel, ardb; +Cc: Gerd Hoffmann, Michael Kubacki, Jiewen Yao, Oliver Steffen
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
On 1/24/2023 11:34 AM, Ard Biesheuvel wrote:
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml | 25 +++++++++++++++
> ArmVirtPkg/PlatformCI/KvmToolBuild.py | 32 ++++++++++++++++++++
> 2 files changed, 57 insertions(+)
>
> diff --git a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> index 2b6cc119167b..d1772a65fc3a 100644
> --- a/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> +++ b/ArmVirtPkg/PlatformCI/.azurepipelines/Ubuntu-GCC5.yml
> @@ -115,6 +115,31 @@ jobs:
> Run.Flags: $(run_flags)
>
> Run: $(should_run)
>
>
>
> + KVMTOOL_AARCH64_DEBUG:
>
> + Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
>
> + Build.Arch: "AARCH64"
>
> + Build.Flags: ""
>
> + Build.Target: "DEBUG"
>
> + Run: false
>
> + KVMTOOL_AARCH64_RELEASE:
>
> + Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
>
> + Build.Arch: "AARCH64"
>
> + Build.Flags: ""
>
> + Build.Target: "RELEASE"
>
> + Run: false
>
> + KVMTOOL_ARM_DEBUG:
>
> + Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
>
> + Build.Arch: "ARM"
>
> + Build.Flags: ""
>
> + Build.Target: "DEBUG"
>
> + Run: false
>
> + KVMTOOL_ARM_RELEASE:
>
> + Build.File: "$(package)/PlatformCI/KvmToolBuild.py"
>
> + Build.Arch: "ARM"
>
> + Build.Flags: ""
>
> + Build.Target: "RELEASE"
>
> + Run: false
>
> +
>
> workspace:
>
> clean: all
>
>
>
> diff --git a/ArmVirtPkg/PlatformCI/KvmToolBuild.py b/ArmVirtPkg/PlatformCI/KvmToolBuild.py
> new file mode 100644
> index 000000000000..4d02dba124ac
> --- /dev/null
> +++ b/ArmVirtPkg/PlatformCI/KvmToolBuild.py
> @@ -0,0 +1,32 @@
> +# @file
>
> +# Script to Build ArmVirtPkg UEFI firmware
>
> +#
>
> +# Copyright (c) Microsoft Corporation.
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +##
>
> +import os
>
> +import sys
>
> +
>
> +sys.path.append(os.path.dirname(os.path.abspath(__file__)))
>
> +from PlatformBuildLib import SettingsManager
>
> +from PlatformBuildLib import PlatformBuilder
>
> +
>
> + # ####################################################################################### #
>
> + # Common Configuration #
>
> + # ####################################################################################### #
>
> +class CommonPlatform():
>
> + ''' Common settings for this platform. Define static data here and use
>
> + for the different parts of stuart
>
> + '''
>
> + PackagesSupported = ("ArmVirtPkg",)
>
> + ArchSupported = ("AARCH64", "ARM")
>
> + TargetsSupported = ("DEBUG", "RELEASE")
>
> + Scopes = ('armvirt', 'edk2-build')
>
> + WorkspaceRoot = os.path.realpath(os.path.join(
>
> + os.path.dirname(os.path.abspath(__file__)), "..", ".."))
>
> +
>
> + DscName = os.path.join("ArmVirtPkg", "ArmVirtKvmTool.dsc")
>
> + FvQemuArg = "" # ignored
>
> +
>
> +import PlatformBuildLib
>
> +PlatformBuildLib.CommonPlatform = CommonPlatform
>
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2023-01-26 14:35 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-01-24 16:34 [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 1/6] ArmVirtPkg/PrePi: Ensure timely execution of library constructors Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 2/6] ArmVirtPkg/ArmVirtQemu: enlarge initial flash mapping Ard Biesheuvel
2023-01-24 16:34 ` [PATCH v2 3/6] ArmVirtPkg/PlatformCI: factor out reusable PlatformBuildLib.py Ard Biesheuvel
2023-01-26 14:34 ` [edk2-devel] " Michael Kubacki
2023-01-24 16:34 ` [PATCH v2 4/6] ArmVirtPkg/PlatformCI: Enable optional features on Qemu AARCH64 builds Ard Biesheuvel
2023-01-26 14:35 ` [edk2-devel] " Michael Kubacki
2023-01-24 16:34 ` [PATCH v2 5/6] ArmVirtPkg/PlatformCI: Add CI coverage for ArmVirtQemuKernel Ard Biesheuvel
2023-01-26 14:35 ` [edk2-devel] " Michael Kubacki
2023-01-24 16:34 ` [PATCH v2 6/6] ArmVirtPkg/PlatformCI: Perform build test of ArmVirtKvmTool Ard Biesheuvel
2023-01-26 14:35 ` [edk2-devel] " Michael Kubacki
2023-01-25 9:41 ` [edk2-devel] [PATCH v2 0/6] ArmVirtPkg: Increase PlatformCI coverage Gerd Hoffmann
2023-01-25 12:38 ` Ard Biesheuvel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox