diff --git a/doc/tutorials/create-up2-images.sh b/doc/tutorials/create-up2-images.sh new file mode 100755 index 000000000..4e7089ef7 --- /dev/null +++ b/doc/tutorials/create-up2-images.sh @@ -0,0 +1,285 @@ +#!/bin/bash + + +usage() { + echo "Usage: $0 [options]" + echo "This script build images for SBL based platforms" + echo "options:" + echo "--mirror-url default: 'https://cdn.download.clearlinux.org/releases/', for swupd" + echo "--acrn-code-path: Specify acrn_hypervisor code path for acrn sbl build. If acrn-sbl-path is provided, acrn-code-path will be ignored" + echo "--acrn-sbl-path: Specify acrn sbl binary path. If acrn-sbl-path isn't provided, acrn_code_path will be must option" + echo "--clearlinux-version: mandatory option for sos images build" + echo "--images-type: Specify the type of OS image to build (sos/laag/all, default vaule is all)" + echo "--sign-key: Specify the debug key for signing, default value provided" + echo "--sos-rootfs-size: Specify the sos_rootfs image size, default value is 3584M" + echo "--laag-image-size: Specify the laag image size, default value is 10240M" + echo "--sos-bundle-append: Specify more sos bundles need to be add" + echo "--laag-json: mandatory option for uos image build, used for ister.py" +} + + +create_sos_images() { + mkdir sos_rootfs + echo "Clean previously generated images" + rm -fv sos_boot.img + rm -fv sos_rootfs.img + + fallocate -l ${SOS_ROOTFS_SIZE}M sos_rootfs.img || return 1 + mkfs.ext4 sos_rootfs.img + mount sos_rootfs.img sos_rootfs + echo mount sos_rootfs >> .cleanup + + mountpoint sos_rootfs || return 1 + + swupd verify --install --path=sos_rootfs --contenturl=$MIRRORURL --versionurl=$MIRRORURL --format=staging -m ${VERSION} || + { + echo "Failed to swupd install" + return 1 + } + + swupd bundle-add $SOS_BUNDLE_LIST --path=sos_rootfs --contenturl=$MIRRORURL --versionurl=$MIRRORURL --format=staging || + { + echo "Failed to swupd bundle add" + return 1 + } + + SOS_BOOTARGS_DEBUG=${ACRN_HV_CODE_PATH}/devicemodel/samples/up2/sos_bootargs_debug.txt + + if [[ ! ${ACRN_SBL} && ! -f ${ACRN_SBL} ]] + then + if [ ${ACRN_HV_CODE_PATH} ] + then + make -C ${ACRN_HV_CODE_PATH} clean || return 1 + make -C ${ACRN_HV_CODE_PATH} hypervisor PLATFORM=sbl BOARD=up2 FIRMWARE=sbl || return 1 + ACRN_SBL=${ACRN_HV_CODE_PATH}/build/hypervisor/acrn.32.out + else + echo "Need to provide acrn.sbl or acrn-hypervisor source code path" + return 1 + fi + fi + + if [ ! -f ${ACRN_SBL} ] + then + echo "ACRN SBL is not found." + return 1 + fi + + if [ -f ${SOS_BOOTARGS_DEBUG} ] + then + echo -n "CMDLINE: " + echo $(tr '\n' ' ' < $SOS_BOOTARGS_DEBUG) | tee tmp/cmdline + else + echo "sos_bootargs_debug.txt is not found" + return 1 + fi + + SOS_KERNEL=$(ls sos_rootfs/usr/lib/kernel/org.clearlinux.iot-lts2018-sos*) + touch tmp/hv_cmdline + + iasimage create -o iasImage -i 0x40300 -d tmp/bxt_dbg_priv_key.pem -p 4 tmp/hv_cmdline ${ACRN_SBL} tmp/cmdline ${SOS_KERNEL} || + { + echo "stitch iasimage for sos_boot failed!" + return 1 + } + + if [ -f iasImage ]; then + mv iasImage sos_boot.img + fi + + return +} + + +create_uos_images() { + echo "Start to create the up2_laag.img..." + rm -fv up2_laag.img + fallocate -l ${LAAG_IMAGE_SIZE}M up2_laag.img || return 1 + mkfs.ext4 up2_laag.img + mkdir laag_image + mount -v up2_laag.img laag_image + echo mount laag_image >> .cleanup + + mkdir -p laag_image/clearlinux + ister.py -t $LAAG_JSON -V $MIRRORURL -C $MIRRORURL || + { + echo "ister create clearlinux.img failed" + return 1 + } + + mv clearlinux.img laag_image/clearlinux + devloop=`losetup --partscan --find --show laag_image/clearlinux/clearlinux.img` + echo loopdev $devloop >> .cleanup + + mkdir laag_rootfs + mount "$devloop"p2 laag_rootfs + echo mount laag_rootfs >> .cleanup + + mount "$devloop"p1 laag_rootfs/boot + echo mount laag_rootfs/boot >> .cleanup + + kernel_version=`readlink laag_rootfs/usr/lib/kernel/default-iot-lts2018 | awk -F '2018.' '{print $2}'` + cmdline=`ls laag_rootfs/usr/lib/kernel | grep cmdline-$kernel_version` + + iasimage create -o laag_rootfs/boot/iasImage -i 0x30300 -d tmp/bxt_dbg_priv_key.pem laag_rootfs/usr/lib/kernel/$cmdline laag_rootfs/usr/lib/kernel/default-iot-lts2018 + +} + +cleanup() { + # Process .cleanup file in reverse order + [ -e .cleanup ] && tac .cleanup | while read key val; do + case $key in + loopdev) + losetup --detach $val + ;; + mount) + umount -R -v $val && rmdir $val + ;; + mkdir) + rm -rfv $val + esac + done + rm -fv .cleanup +} + +# Default values +SOS_BASE_BUNDLE_LIST="service-os os-core-update openssh-server software-defined-cockpit" +SOS_BUNDLE_APPEND="" +LAAG_BUNDLE_APPEND="" +SOS_ROOTFS_SIZE=3584 +LAAG_IMAGE_SIZE=10240 +LAAG_VDISK_SIZE=5120 +MIRRORURL="https://cdn.download.clearlinux.org/releases/" +SIGN_KEY="https://download.clearlinux.org/secureboot/DefaultIASSigningPrivateKey.pem" +IMAGE=all + +while [ $# -gt 0 ]; do + case $1 in + --mirror-url) + MIRRORURL=$2 + shift 2 + ;; + --acrn-code-path) + ACRN_HV_CODE_PATH=$2 + shift 2 + ;; + --acrn-sbl-path) + ACRN_SBL=$2 + shift 2 + ;; + --clearlinux-version) + VERSION=$2 + echo ${VERSION} + shift 2 + ;; + --images-type) + IMAGE=$2 + shift 2 + ;; + --sign-key) + SIGN_KEY=$2 + shift 2 + ;; + --sos-rootfs-size) + SOS_ROOTFS_SIZE=$2 + shift 2 + ;; + --laag-image-size) + LAAG_IMAGE_SIZE=$2 + shift 2 + ;; + --sos-bundle-append) + SOS_BUNDLE_APPEND=$2 + shift 2 + ;; + --laag-json) + LAAG_JSON=$2 + shift 2 + ;; + -h|--help) + usage + exit -1 + ;; + *) + echo Invalid argument: $1 + usage + exit -1 + ;; + esac +done + +SOS_BUNDLE_LIST=${SOS_BASE_BUNDLE_LIST}" "${SOS_BUNDLE_APPEND} + + +# check valid images type +if [[ ${IMAGE} != "sos" && ${IMAGE} != "laag" && ${IMAGE} != "all" ]]; then + echo "--images-type: must be one of sos, laag, all, and default is all" + exit 1 +fi + +# check valid LaaG image and vdisk sizes +if [[ ${IMAGE} == "sos" || ${IMAGE} == "all" ]]; then + if [[ ! ${VERSION} ]]; then + echo "--clearlinux-version: must be provided for SOS images building." + exit 1 + fi + if [[ ! ${ACRN_SBL} && ! ${ACRN_HV_CODE_PATH} ]]; then + echo "Should provide --acrn-sbl-path or --acrn-code-path for SOS images building" + exit 1 + fi +fi + +# check valid LaaG image and vdisk sizes +if [[ ${IMAGE} == "laag" || ${IMAGE} == "all" ]] && [[ ! ${LAAG_JSON} ]]; then + echo "--laag-uos is mandatory option for laag image build" + exit 1 +fi + +# check superuser privileges +if [[ $EUID -ne 0 ]]; then + echo "Need to be run as root" + exit 1 +fi + +trap cleanup EXIT + +# mkdir tmp for tempoaray files +mkdir tmp +echo mkdir tmp >> .cleanup + +#download debug key for iasimage signing +curl -o tmp/bxt_dbg_priv_key.pem -k ${SIGN_KEY} || +{ + echo "Failed to retrieve debug key" + exit 1 +} + +# Add iasimage bundle +swupd bundle-add iasimage --contenturl=$MIRRORURL --versionurl=$MIRRORURL || +{ + echo "Failed to swupd add iasimage" + exit 1 +} + +if [[ ${IMAGE} == 'sos' || ${IMAGE} == 'all' ]] +then + if create_sos_images + then + echo "Successful create sos images" + else + echo "Failed to create sos images" + exit 1 + fi +fi + +if [[ ${IMAGE} == 'laag' || ${IMAGE} == 'all' ]] +then + if create_uos_images + then + echo "Successful create uos images" + else + echo "Failed to create uos images" + exit 1 + fi +fi + +exit 0 diff --git a/doc/tutorials/flash_LaaG.json b/doc/tutorials/flash_LaaG.json new file mode 100644 index 000000000..0176f893c --- /dev/null +++ b/doc/tutorials/flash_LaaG.json @@ -0,0 +1,297 @@ +{ + "flash": { + "commands": [ + { + "args": "flashing unlock", + "description": "Set device state to unlocked", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "flash gpt ${gpt}", + "description": "Initialize the partition table", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "erase sos_boot", + "description": "Erase sos_boot partition", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "erase sos_rootfs", + "description": "Erase sos_rootfs partition", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "format sos_boot", + "description": "Format sos_boot partition", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "format sos_rootfs", + "block_scan": true, + "description": "Format sos_rootfs partition", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 6000000, + "tool": "fastboot" + }, + { + "args": "flash sos_boot ${sos_boot}", + "description": "Flash sos_boot partition", + "mandatory": true, + "restrict": [ + "acrn", + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 600000, + "tool": "fastboot" + }, + { + "args": "flash sos_rootfs ${sos_rootfs}", + "description": "Flash sos_rootfs partition", + "mandatory": true, + "restrict": [ + "SOS", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 600000, + "tool": "fastboot" + }, + { + "args": "flashing lock", + "description": "Set device state to locked", + "group": "lock-device", + "mandatory": true, + "restrict": [ + "acrn", + "SOS" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "continue", + "description": "Boot to main OS", + "mandatory": true, + "restrict": [ + "acrn", + "SOS" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "flashing unlock", + "description": "Set device state to unlocked", + "mandatory": true, + "restrict": [ + "LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "erase data_partition", + "description": "Erase LaaG partition", + "mandatory": true, + "restrict": [ + "LaaG", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "format data_partition", + "block_scan": true, + "description": "Format LaaG partition", + "mandatory": true, + "restrict": [ + "LaaG", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 6000000, + "tool": "fastboot" + }, + { + "args": "flash data_partition ${LaaG_data_partition}", + "description": "Flash LaaG partition", + "mandatory": true, + "restrict": [ + "LaaG", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 600000, + "tool": "fastboot" + }, + { + "args": "flashing lock", + "description": "Set device state to locked", + "group": "lock-device", + "mandatory": true, + "restrict": [ + "LaaG", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + }, + { + "args": "continue", + "description": "Boot to main OS", + "mandatory": true, + "restrict": [ + "LaaG", + "SOS_and_LaaG" + ], + "retry": 1, + "timeout": 60000, + "tool": "fastboot" + } + ], + "configurations": { + "SOS_and_LaaG": { + "brief": "SOS_and_LaaG", + "description": "flash SOS and LaaG images", + "groupsState": { + "lock-device": true + }, + "name": "SOS_and_LaaG", + "parameters": { + "gpt": "gpt" + }, + "startState": "pos" + }, + "acrn": { + "brief": "acrn", + "description": "flash sos_boot", + "groupsState": { + "lock-device": true + }, + "name": "acrn", + "parameters": { + "gpt": "gpt" + }, + "startState": "pos" + }, + "SOS": { + "brief": "SOS", + "description": "flash SOS images", + "groupsState": { + "lock-device": true + }, + "name": "SOS", + "parameters": { + "gpt": "gpt" + }, + "startState": "pos" + }, + "LaaG": { + "brief": "LaaG", + "default": true, + "description": "flash LaaG images", + "groupsState": { + "lock-device": true + }, + "name": "LaaG", + "parameters": { + "gpt": "gpt" + }, + "startState": "pos" + } + }, + "groups": { + "lock-device": { + "description": "Put the device in locked state at the end of the flash procedure.", + "name": "Lock the device (it implies the userdata partition wipe)" + } + }, + "osplatform": "ACRN", + "parameters": { + "gpt": { + "name": "gpt", + "options": { + "gpt": { + "description": "partition_desc.bin", + "value": "partition_desc.bin" + } + }, + "type": "file" + }, + "sos_boot": { + "description": "sos_boot.img", + "name": "sos_boot", + "type": "file", + "value": "sos_boot.img" + }, + "sos_rootfs": { + "description": "sos_rootfs.img", + "name": "sos_rootfs", + "type": "file", + "value": "sos_rootfs.img" + }, + "LaaG_data_partition": { + "description": "up2_laag.img", + "name": "LaaG_data_partition", + "type": "file", + "value": "up2_laag.img" + } + }, + "version": "3.0" + } +} diff --git a/doc/tutorials/images/platformflashtool_start_to_flash.png b/doc/tutorials/images/platformflashtool_start_to_flash.png new file mode 100644 index 000000000..97c2aeb95 Binary files /dev/null and b/doc/tutorials/images/platformflashtool_start_to_flash.png differ diff --git a/doc/tutorials/images/sbl_boot_flow_UP2.png b/doc/tutorials/images/sbl_boot_flow_UP2.png new file mode 100644 index 000000000..d756dd920 Binary files /dev/null and b/doc/tutorials/images/sbl_boot_flow_UP2.png differ diff --git a/doc/tutorials/images/sos_console_login.png b/doc/tutorials/images/sos_console_login.png new file mode 100644 index 000000000..84c1ae7e1 Binary files /dev/null and b/doc/tutorials/images/sos_console_login.png differ diff --git a/doc/tutorials/images/up2_sbl_connections.png b/doc/tutorials/images/up2_sbl_connections.png new file mode 100644 index 000000000..0cb9bd43f Binary files /dev/null and b/doc/tutorials/images/up2_sbl_connections.png differ diff --git a/doc/tutorials/launch_uos.sh b/doc/tutorials/launch_uos.sh new file mode 100644 index 000000000..639a034e5 --- /dev/null +++ b/doc/tutorials/launch_uos.sh @@ -0,0 +1,452 @@ +#!/bin/bash + + +kernel_version=$(uname -r | awk -F. '{ printf("%d.%d", $1,$2) }') + +ipu_passthrough=0 + +# Check the device file of /dev/vbs_ipu to determine the IPU mode +if [ ! -e "/dev/vbs_ipu" ]; then +ipu_passthrough=1 +fi + +audio_passthrough=0 + +# Check the device file of /dev/vbs_k_audio to determine the audio mode +if [ ! -e "/dev/vbs_k_audio" ]; then +audio_passthrough=1 +fi + +cse_passthrough=0 +hbm_ver=`cat /sys/class/mei/mei0/hbm_ver` +major_ver=`echo $hbm_ver | cut -d '.' -f1` +minor_ver=`echo $hbm_ver | cut -d '.' -f2` +if [[ "$major_ver" -lt "2" ]] || \ + [[ "$major_ver" == "2" && "$minor_ver" -lt "2" ]]; then + cse_passthrough=1 +fi + +function launch_clearlinux() +{ +if [ ! -f "/data/$5/$5.img" ]; then + echo "no /data/$5/$5.img, exit" + exit +fi + +#vm-name used to generate uos-mac address +mac=$(cat /sys/class/net/en*/address) +vm_name=vm$1 +mac_seed=${mac:9:8}-${vm_name} + +# create a unique tap device for each VM +tap=tap_$6 +tap_exist=$(ip a | grep acrn_"$tap" | awk '{print $1}') +if [ "$tap_exist"x != "x" ]; then + echo "tap device existed, reuse acrn_$tap" +else + ip tuntap add dev acrn_$tap mode tap +fi + +# if acrn-br0 exists, add VM's unique tap device under it +br_exist=$(ip a | grep acrn-br0 | awk '{print $1}') +if [ "$br_exist"x != "x" -a "$tap_exist"x = "x" ]; then + echo "acrn-br0 bridge aleady exists, adding new tap device to it..." + ip link set acrn_"$tap" master acrn-br0 + ip link set dev acrn_"$tap" down + ip link set dev acrn_"$tap" up +fi + +#check if the vm is running or not +vm_ps=$(pgrep -a -f acrn-dm) +result=$(echo $vm_ps | grep "${vm_name}") +if [[ "$result" != "" ]]; then + echo "$vm_name is running, can't create twice!" + exit +fi + +#for VT-d device setting +modprobe pci_stub +echo "8086 5aaa" > /sys/bus/pci/drivers/pci-stub/new_id +echo "0000:00:15.1" > /sys/bus/pci/devices/0000:00:15.1/driver/unbind +echo "0000:00:15.1" > /sys/bus/pci/drivers/pci-stub/bind + +boot_ipu_option="" +if [ $ipu_passthrough == 1 ];then + # for ipu passthrough - ipu device 0:3.0 + if [ -d "/sys/bus/pci/devices/0000:00:03.0" ]; then + echo "8086 5a88" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:03.0" > /sys/bus/pci/devices/0000:00:03.0/driver/unbind + echo "0000:00:03.0" > /sys/bus/pci/drivers/pci-stub/bind + boot_ipu_option="$boot_ipu_option"" -s 12,passthru,0/3/0 " + fi + + # for ipu passthrough - ipu related i2c 0:16.0 + # please use virtual slot 22 for i2c 0:16.0 to make sure that the i2c controller + # could get the same virtaul BDF as physical BDF + if [ -d "/sys/bus/pci/devices/0000:00:16.0" ]; then + echo "8086 5aac" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:16.0" > /sys/bus/pci/devices/0000:00:16.0/driver/unbind + echo "0000:00:16.0" > /sys/bus/pci/drivers/pci-stub/bind + boot_ipu_option="$boot_ipu_option"" -s 22,passthru,0/16/0 " + fi +else + boot_ipu_option="$boot_ipu_option"" -s 21,virtio-ipu " +fi + +boot_cse_option="" +if [ $cse_passthrough == 1 ]; then + echo "8086 5a9a" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:0f.0" > /sys/bus/pci/devices/0000:00:0f.0/driver/unbind + echo "0000:00:0f.0" > /sys/bus/pci/drivers/pci-stub/bind + boot_cse_option="$boot_cse_option"" -s 15,passthru,0/0f/0 " +else + boot_cse_option="$boot_cse_option"" -s 15,virtio-heci,0/0f/0 " +fi + +# for sd card passthrough - SDXC/MMC Host Controller 00:1c.0 +# echo "8086 5acc" > /sys/bus/pci/drivers/pci-stub/new_id +# echo "0000:00:1c.0" > /sys/bus/pci/devices/0000:00:1c.0/driver/unbind +# echo "0000:00:1c.0" > /sys/bus/pci/drivers/pci-stub/bind + +#for memsize setting, total 8GB(>7.5GB) uos->6GB, 4GB(>3.5GB) uos->2GB +memsize=`cat /proc/meminfo|head -n 1|awk '{print $2}'` +if [ $memsize -gt 7500000 ];then + mem_size=6G +elif [ $memsize -gt 3500000 ];then + mem_size=2G +else + mem_size=512M +fi + +if [ "$setup_mem" != "" ];then + mem_size=$setup_mem +fi + +boot_dev_flag=",b" +if [ $7 == 1 ];then + boot_image_option="--vsbl /usr/share/acrn/bios/VSBL_debug.bin" +else + boot_image_option="--vsbl /usr/share/acrn/bios/VSBL.bin" +fi + +#interrupt storm monitor for pass-through devices, params order: +#threshold/s,probe-period(s),intr-inject-delay-time(ms),delay-duration(ms) +intr_storm_monitor="--intr_monitor 10000,10,1,100" + +acrn-dm --help 2>&1 | grep 'GVT args' +if [ $? == 0 ];then + GVT_args=$3 + boot_GVT_option=" -s 0:2:0,pci-gvt -G " +else + boot_GVT_option='' + GVT_args='' +fi + + +acrn-dm -A -m $mem_size -c $2$boot_GVT_option"$GVT_args" -s 0:0,hostbridge -s 1:0,lpc -l com1,stdio \ + -s 5,virtio-console,@pty:pty_port \ + -s 6,virtio-hyper_dmabuf \ + -s 8,wdt-i6300esb \ + -s 3,virtio-blk$boot_dev_flag,/data/$5/$5.img \ + -s 4,virtio-net,$tap $boot_image_option \ + -s 7,xhci,1-1:1-2:1-3:2-1:2-2:2-3:cap=apl \ + -s 9,passthru,0/15/1 \ + $boot_cse_option \ + $intr_storm_monitor \ + $boot_ipu_option \ + -i /run/acrn/ioc_$vm_name,0x20 \ + -l com2,/run/acrn/ioc_$vm_name \ + --mac_seed $mac_seed \ + -B "root=/dev/vda2 rw rootwait maxcpus=$2 nohpet console=hvc0 \ + console=ttyS0 no_timer_check ignore_loglevel log_buf_len=16M \ + consoleblank=0 tsc=reliable i915.avail_planes_per_pipe=$4 i915.enable_guc_loading=0 \ + i915.enable_hangcheck=0 i915.nuclear_pageflip=1 \ + i915.enable_guc_submission=0 i915.enable_guc=0" $vm_name +} + +function launch_android() +{ +if [ ! -f "/data/$5/$5.img" ]; then + echo "no /data/$5/$5.img, exit" + exit +fi + +#vm-name used to generate uos-mac address +mac=$(cat /sys/class/net/en*/address) +vm_name=vm$1 +mac_seed=${mac:9:8}-${vm_name} + +# create a unique tap device for each VM +tap=tap_$6 +tap_exist=$(ip a | grep acrn_"$tap" | awk '{print $1}') +if [ "$tap_exist"x != "x" ]; then + echo "tap device existed, reuse acrn_$tap" +else + ip tuntap add dev acrn_$tap mode tap +fi + +# if acrn-br0 exists, add VM's unique tap device under it +br_exist=$(ip a | grep acrn-br0 | awk '{print $1}') +if [ "$br_exist"x != "x" -a "$tap_exist"x = "x" ]; then + echo "acrn-br0 bridge aleady exists, adding new tap device to it..." + ip link set acrn_"$tap" master acrn-br0 + ip link set dev acrn_"$tap" down + ip link set dev acrn_"$tap" up +fi + +#Use MMC name + serial for ADB serial no., same as native android +mmc_name=`cat /sys/block/mmcblk0/device/name` +mmc_serial=`cat /sys/block/mmcblk0/device/serial | sed -n 's/^..//p'` +ser=$mmc_name$mmc_serial + +#check if the vm is running or not +vm_ps=$(pgrep -a -f acrn-dm) +result=$(echo $vm_ps | grep "${vm_name}") +if [[ "$result" != "" ]]; then + echo "$vm_name is running, can't create twice!" + exit +fi + +#for VT-d device setting +modprobe pci_stub +echo "8086 5aaa" > /sys/bus/pci/drivers/pci-stub/new_id +echo "0000:00:15.1" > /sys/bus/pci/devices/0000:00:15.1/driver/unbind +echo "0000:00:15.1" > /sys/bus/pci/drivers/pci-stub/bind + +#for audio device +boot_audio_option="" +if [ $audio_passthrough == 1 ]; then + echo "8086 5a98" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:0e.0" > /sys/bus/pci/devices/0000:00:0e.0/driver/unbind + echo "0000:00:0e.0" > /sys/bus/pci/drivers/pci-stub/bind + + #for audio codec + echo "8086 5ab4" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:17.0" > /sys/bus/pci/devices/0000:00:17.0/driver/unbind + echo "0000:00:17.0" > /sys/bus/pci/drivers/pci-stub/bind + + boot_audio_option="-s 14,passthru,0/e/0,keep_gsi -s 23,passthru,0/17/0" +else + boot_audio_option="-s 14,virtio-audio" +fi +# # for sd card passthrough - SDXC/MMC Host Controller 00:1b.0 +# echo "8086 5acc" > /sys/bus/pci/drivers/pci-stub/new_id +# echo "0000:00:1c.0" > /sys/bus/pci/devices/0000:00:1c.0/driver/unbind +# echo "0000:00:1c.0" > /sys/bus/pci/drivers/pci-stub/bind + +# Check if the NPK device/driver is present +ls -d /sys/bus/pci/drivers/intel_th_pci/0000* 2>/dev/null 1>/dev/null +if [ $? == 0 ];then + npk_virt="-s 0:0:2,npk,8/24" +else + npk_virt="" +fi + +# WA for USB role switch hang issue, disable runtime PM of xHCI device +echo on > /sys/devices/pci0000:00/0000:00:15.0/power/control + +boot_ipu_option="" +if [ $ipu_passthrough == 1 ];then + # for ipu passthrough - ipu device 0:3.0 + if [ -d "/sys/bus/pci/devices/0000:00:03.0" ]; then + echo "8086 5a88" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:03.0" > /sys/bus/pci/devices/0000:00:03.0/driver/unbind + echo "0000:00:03.0" > /sys/bus/pci/drivers/pci-stub/bind + boot_ipu_option="$boot_ipu_option"" -s 12,passthru,0/3/0 " + fi + + # for ipu passthrough - ipu related i2c 0:16.0 + # please use virtual slot 22 for i2c 0:16.0 to make sure that the i2c controller + # could get the same virtaul BDF as physical BDF + if [ -d "/sys/bus/pci/devices/0000:00:16.0" ]; then + echo "8086 5aac" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:16.0" > /sys/bus/pci/devices/0000:00:16.0/driver/unbind + echo "0000:00:16.0" > /sys/bus/pci/drivers/pci-stub/bind + boot_ipu_option="$boot_ipu_option"" -s 22,passthru,0/16/0 " + fi +else + boot_ipu_option="$boot_ipu_option"" -s 21,virtio-ipu " +fi + +boot_cse_option="" +if [ $cse_passthrough == 1 ]; then + echo "8086 5a9a" > /sys/bus/pci/drivers/pci-stub/new_id + echo "0000:00:0f.0" > /sys/bus/pci/devices/0000:00:0f.0/driver/unbind + echo "0000:00:0f.0" > /sys/bus/pci/drivers/pci-stub/bind + boot_cse_option="$boot_cse_option"" -s 15,passthru,0/0f/0 " +else + boot_cse_option="$boot_cse_option"" -s 15,virtio-heci,0/0f/0 " +fi + +#for memsize setting, total 8GB(>7.5GB) uos->6GB, 4GB(>3.5GB) uos->2GB +memsize=`cat /proc/meminfo|head -n 1|awk '{print $2}'` +if [ $memsize -gt 7500000 ];then + mem_size=6G +elif [ $memsize -gt 3500000 ];then + mem_size=2G +else + mem_size=512M +fi + +if [ "$setup_mem" != "" ];then + mem_size=$setup_mem +fi + +kernel_cmdline_generic="maxcpus=$2 nohpet tsc=reliable intel_iommu=off \ + androidboot.serialno=$ser \ + i915.enable_rc6=1 i915.enable_fbc=1 i915.enable_guc_loading=0 i915.avail_planes_per_pipe=$4 \ + i915.enable_hangcheck=0 use_nuclear_flip=1 i915.enable_guc_submission=0 i915.enable_guc=0" + +boot_dev_flag=",b" +if [ $7 == 1 ];then + boot_image_option="--vsbl /usr/share/acrn/bios/VSBL_debug.bin" +else + boot_image_option="--vsbl /usr/share/acrn/bios/VSBL.bin" +fi +kernel_cmdline="$kernel_cmdline_generic" + +: ' +select right virtual slots for acrn_dm: +1. some passthru device need virtual slot same as physical, like audio 0:e.0 at +virtual #14 slot, so "-s 14,passthru,0/e/0" +2. acrn_dm share vioapic irq between some virtual slots: like 6&14, 7&15. Need +guarantee no virt irq sharing for each passthru device. +FIXME: picking a virtual slot (#24 now) which is level-triggered to make sure +audio codec passthrough working +3. the bootable device slot is configured in compile stating in Android Guest +image, it should be kept using 3 as fixed value for Android Guest on Gordon_peak +ACRN project +' + +#interrupt storm monitor for pass-through devices, params order: +#threshold/s,probe-period(s),intr-inject-delay-time(ms),delay-duration(ms) +intr_storm_monitor="--intr_monitor 10000,10,1,100" + +acrn-dm --help 2>&1 | grep 'GVT args' +if [ $? == 0 ];then + GVT_args=$3 + boot_GVT_option=" -s 2,pci-gvt -G " +else + boot_GVT_option='' + GVT_args='' +fi + + acrn-dm -A -m $mem_size -c $2$boot_GVT_option"$GVT_args" -s 0:0,hostbridge -s 1:0,lpc -l com1,stdio $npk_virt\ + -s 9,virtio-net,$tap \ + -s 3,virtio-blk$boot_dev_flag,/data/$5/$5.img \ + -s 7,xhci,1-1:1-2:1-3:2-1:2-2:2-3:cap=apl \ + -s 8,passthru,0/15/1 \ + -s 13,virtio-rpmb \ + -s 10,virtio-hyper_dmabuf \ + -s 11,wdt-i6300esb \ + $boot_audio_option \ + $boot_cse_option \ + $intr_storm_monitor \ + $boot_ipu_option \ + --mac_seed $mac_seed \ + -i /run/acrn/ioc_$vm_name,0x20 \ + -l com2,/run/acrn/ioc_$vm_name \ + $boot_image_option \ + --enable_trusty \ + -B "$kernel_cmdline" $vm_name +} + +function launch_alios() +{ +#AliOS is not Android, only has same configuration currently, reuse launch function + +launch_android "$@" +} + +function help() +{ +echo "Use luanch_uos.sh like that ./launch_uos.sh -V <#>" +echo "The option -V means the UOSs group to be launched by vsbl as below" +echo "-V 1 means just launching 1 clearlinux UOS" +echo "-V 2 means just launching 1 android UOS" +echo "-V 3 means launching 1 clearlinux UOS + 1 android UOS" +echo "-V 4 means launching 2 clearlinux UOSs" +echo "-V 5 means just launching 1 alios UOS" +echo "-V 6 means auto check android/linux/alios UOS; if exist, launch it" +} + +launch_type=1 +debug=0 + +while getopts "V:M:hd" opt +do + case $opt in + V) launch_type=$[$OPTARG] + ;; + M) setup_mem=$OPTARG + ;; + d) debug=1 + ;; + h) help + exit 1 + ;; + ?) help + exit 1 + ;; + esac +done + +if [ ! -b "/dev/mmcblk0p3" ]; then + echo "no /dev/mmcblk0p3 data partition, exit" + exit +fi + +mkdir -p /data +mount /dev/mmcblk0p3 /data + +if [ $launch_type == 6 ]; then + if [ -f "/data/android/android.img" ]; then + launch_type=2; + elif [ -f "/data/alios/alios.img" ]; then + launch_type=5; + else + launch_type=1; + fi +fi + +# offline SOS CPUs except BSP before launch UOS +for i in `ls -d /sys/devices/system/cpu/cpu[1-99]`; do + online=`cat $i/online` + idx=`echo $i | tr -cd "[1-99]"` + echo cpu$idx online=$online + if [ "$online" = "1" ]; then + echo 0 > $i/online + online=`cat $i/online` + # during boot time, cpu hotplug may be disabled by pci_device_probe during a pci module insmod + while [ "$online" = "1" ]; do + sleep 1 + echo 0 > $i/online + online=`cat $i/online` + done + echo $idx > /sys/class/vhm/acrn_vhm/offline_cpu + fi +done + +case $launch_type in + 1) echo "Launch clearlinux UOS" + launch_clearlinux 1 1 "64 448 8" 0x070F00 clearlinux "LaaG" $debug + ;; + 2) echo "Launch android UOS" + launch_android 1 1 "64 448 8" 0x070F00 android "AaaG" $debug + ;; + 3) echo "Launch clearlinux UOS + android UOS" + launch_android 1 2 "64 448 4" 0x00000C android "AaaG" $debug & + sleep 5 + launch_clearlinux 2 1 "64 448 4" 0x070F00 clearlinux "LaaG" $debug + ;; + 4) echo "Launch two clearlinux UOSs" + launch_clearlinux 1 1 "64 448 4" 0x00000C clearlinux "L1aaG" $debug & + sleep 5 + launch_clearlinux 2 1 "64 448 4" 0x070F00 clearlinux_dup "L2aaG" $debug + ;; + 5) echo "Launch alios UOS" + launch_alios 1 3 "64 448 8" 0x070F00 alios "AliaaG" $debug + ;; +esac + +umount /data diff --git a/doc/tutorials/partition_desc.bin b/doc/tutorials/partition_desc.bin new file mode 100644 index 000000000..a9ec97ce7 Binary files /dev/null and b/doc/tutorials/partition_desc.bin differ diff --git a/doc/tutorials/using_sbl_on_up2.rst b/doc/tutorials/using_sbl_on_up2.rst new file mode 100644 index 000000000..c65904c39 --- /dev/null +++ b/doc/tutorials/using_sbl_on_up2.rst @@ -0,0 +1,292 @@ +.. _using-sbl-up2: + +Using SBL on UP2 Borad +###################### + +This document builds on the :ref:`getting-started-up2`, and explains how to use +SBL instead of UEFI to boot UP2 board. + +.. image:: images/sbl_boot_flow_UP2.png + :align: center + +We show a verified Boot Sequence with SBL on an Intel® Architecture platform UP2, +and the boot process proceeds as follows: + +#. SBL verifies and boots the ACRN hypervisor and Service OS kernel +#. Service OS kernel verifies and loads ACRN Device Model and vSBL through ``dm-verity`` +#. vSBL starts the User-side verified boot process + + +Prerequisites +************* + +The following hardware and software are required to use SBL on an UP2 board: + +* UP2 kit (`Model N3350 `_) +* `USB 2.0 pin header cable `_ for debug UART output +* USB to TTL serial cable (PL2303TA for example) for debug UART output +* Micro USB OTG cable for flashing +* Linux host +* Internet access + +.. image:: images/up2_sbl_connections.png + :align: center + +Build SBL +********* + +Slim Bootloader is an open-source boot firmware solution, +built from the ground up to be secure, lightweight, and highly +optimized while leveraging robust tools and libraries from +the EDK II framework. + +Follow the steps of `Building `_ +and `Stitching `_ +from ``_ to generate the +BIOS binary file ````, which is the new IFWI image with SBL in BIOS region. + + + +Flash SBL on the UP2 +******************** + +#. Download the appropriate BIOS update for `UP2 Board `_. +#. Put the empty USB flash drive in your PC and format it as FAT32. +#. Decompress the BIOS zip file into the formatted drive. +#. Attach the USB disk and keyboard to the board and power it on. +#. During boot, press :kbd:`F7` on the usb keyboard to enter the UEFI BIOS boot menu. +#. Navigate through the following menus and select ``Build-in EFI shell``. +#. Please take note of which filesystem number ``fs*`` your USB drive is mapped to. +#. Switch to that filesystem, e.g. ``fs1:``. +#. Navigate to the path where you decompressed the update (the ``cd`` and ``ls`` commands are available here, as if in an Unix shell). + + .. code-block:: none + + Fpt_3.1.50.2222.efi -f -y + +.. note:: + Note the trailing colon on the command ``fs*`` and ``fs1:`` for example. + +.. note:: + The current version of UP Board UEFI BIOS is ``R1.5``, + and the programming software version is ``Fpt_3.1.50.2222.efi``. + + +Build ACRN for UP2 +****************** + +In Clear Linux, build out the SOS and LaaG image with these two files: + +* create-up2-images.sh +* uos.json + +An example of the configuration file ``uos.json``: + +.. code-block:: none + + { + "DestinationType" : "virtual", + "PartitionLayout" : [ { "disk" : "clearlinux.img", "partition" : 1, "size" : "100M", "type" : "EFI" }, + { "disk" : "clearlinux.img", "partition" : 2, "size" : "10G", "type" : "linux" } ], + "FilesystemTypes" : [ { "disk" : "clearlinux.img", "partition" : 1, "type" : "ext2" }, + { "disk" : "clearlinux.img", "partition" : 2, "type" : "ext4" } ], + "PartitionMountPoints" : [ { "disk" : "clearlinux.img", "partition" : 1, "mount" : "/boot" }, + { "disk" : "clearlinux.img", "partition" : 2, "mount" : "/" } ], + "Version": 26880, + "Bundles": ["kernel-iot-lts2018", "openssh-server", "software-defined-cockpit", "os-core", "os-core-update"] + } + +.. note:: + To generate the image with a specified version, please modify + the "Version" argument, and we can set ``"Version": 26000`` instead + of ``"Version": 26880`` for example. + +Clone the source code of ``acrn-hypervisor`` and build SOS and LaaG image: + +.. code-block:: none + + cd ~ + git clone https://github.com/projectacrn/acrn-hypervisor + sudo ./acrn-hypervisor/devicemodel/samples/up2/create-up2-images.sh --images-type all --clearlinux-version 26880 --laag-json uos.json --acrn-code-path ~/acrn-hypervisor/ + + +This step will generate the images of SOS and LaaG: + +* sos_boot.img +* sos_rootfs.img +* up2_laag.img + +.. note:: + When building images, you can modify the ``--clearlinux-version`` argument + to a specific version (such as 26800). To generate the images of SOS only, + modify the ``--images-type`` argument to ``sos``. + + +We still need the binary image for GPT partitions and +configuration file for flashing: + +* partition_desc.bin +* flash_LaaG.json + +.. note:: + ``partition_desc.bin`` and ``flash_LaaG.json`` are in the diretory + ``~/acrn-hypervisor/doc/tutorials/``. + + +.. table:: + :widths: auto + + +------------------------------+---------------------------------------------------+ + | Filename | Description | + +==============================+===================================================+ + | sos_boot.img | This SOS image contains the ACRN hypervisor and | + | | SOS kernel. | + +------------------------------+---------------------------------------------------+ + | sos_rootfs.img | This is the root filesystem image for the SOS. it | + | | contains the Device Models implementation and | + | | SOS user space. | + +------------------------------+---------------------------------------------------+ + | partition_desc.bin | This is the binary image for GPT partitions | + +------------------------------+---------------------------------------------------+ + | up2_laag.img | This is the root filesystem image for the SOS. | + | | It has an integrated kernel and userspace. | + +------------------------------+---------------------------------------------------+ + | flash_LaaG.json | Configuration file for Intel® Platform Flash Tool | + | | to flash SOS image + hypervisor/SOS boot image + | + | | SOS userland | + +------------------------------+---------------------------------------------------+ + +.. note:: + In this step, please build SOS and LaaG images in Clear Linux rather than Ubuntu. + +Download and install flash tool +******************************* + +#. Download Intel® Platform Flash Tool Lite from ``_. + + +#. For Ubuntu host, install `platformflashtoollite_5.8.9.0_linux_x86_64.deb `_ for example. + + +SOS and LaaG Installation +************************* + +#. Connect a USB cable from the debug board to your Ubuntu host machine, + and run the following command to verify that its USB serial port is + discovered and showing under ``/dev``. + + .. code-block:: none + + ls /dev/ttyUSB* + /dev/ttyUSB0 + +#. Connect to board via ``minicom``, and use ``/dev/ttyUSB0`` for exmaple: + + .. code-block:: none + + sudo minicom -s /dev/ttyUSB0 + + .. note:: + Please verify the minicom serial port settings are 115200 8N1 and + both HW and SW flow control are turned off. + +#. When you see following console log, please press any key to enter + shell command: + + .. code-block:: none + + ====================Os Loader==================== + + + Press any key within 2 second(s) to enter the command shell + + Shell> + + +#. Swap the boot sequence of ``DevType: MEM`` to ``Idx:0``: + + .. code-block:: none + + Shell> boot + Boot options (in HEX): + + Idx|ImgType|DevType|DevNum|Flags|HwPart|FsType|SwPart|File/Lbaoffset + 0| 0| MMC | 0 | 0 | 0 | RAW | 1 | 0x0 + 1| 4| MEM | 0 | 0 | 0 | RAW | 0 | 0x0 + + SubCommand: + s -- swap boot order by index + a -- modify all boot options one by one + q -- quit boot option change + idx -- modify the boot option specified by idx (0 to 0x1) + s + Updated the Boot Option List + Boot options (in HEX): + + Idx|ImgType|DevType|DevNum|Flags|HwPart|FsType|SwPart|File/Lbaoffset + 0| 4| MEM | 0 | 0 | 0 | RAW | 0 | 0x0 + 1| 0| MMC | 0 | 0 | 0 | RAW | 1 | 0x0 + + +#. Exit and reboot to fastboot mode: + + .. code-block:: none + + Shell> exit + + … + + 40E0 | 175118 ms | 158 ms | Kernel setup + 40F0 | 175144 ms | 26 ms | FSP ReadyToBoot/EndOfFirmware notify + 4100 | 175144 ms | 0 ms | TPM IndicateReadyToBoot + ------+------------+------------+---------------------------------- + + Starting MB Kernel ... + + abl cmd 00: console=ttyS0,115200 + abl cmd 00 length: 20 + abl cmd 01: fw_boottime=175922 + abl cmd 01 length: 18 + boot target: 1 + target=1 + Enter fastboot mode ... + Start Send HECI Message: EndOfPost + HECI sec_mode 00000000 + GetSeCMode successful + GEN_END_OF_POST size is 4 + uefi_call_wrapper(SendwACK) = 0 + Group =000000FF + Command =0000000C + IsRespone=00000001 + Result =00000000 + RequestedActions =00000000 + USB for fastboot transport layer selected + + +#. When UP2 board is fastboot mode, you should be able + see the device in Platform Flash Tool. Select the + file ``flash_LaaG.json`` and modify ``Configuration`` + to ``SOS_and_LaaG``. Click ``Start to flash`` to flash images. + + .. image:: images/platformflashtool_start_to_flash.png + :align: center + +Boot to SOS +*********** +After flashing, UP2 board will automaticlly reboot and +boot to ACRN hypervisor. And login SOS by following command: + +.. image:: images/sos_console_login.png + :align: center + +Launch UOS +********** +Run the ``launch_uos.sh`` script to launch the UOS: + + .. code-block:: none + + cd ~ + wget https://raw.githubusercontent.com/projectacrn/acrn-hypervisor/master/doc/tutorials/launch_uos.sh + sudo ./launch_uos.sh -V 1 + + **Congratulations**, you are now watching the User OS booting up!