On 17/08/21 16:31, Kenneth Adam Miller wrote:
I am trying to discover how to schedule QEMU to begin actual emulation
as currently my target correctly starts QEMU but only shows the shell,
and not even boot loading occurs within QEMU. I'm trying to learn from
example, and so will focus my questions only on X86. I can see the
MachineClass and MachineState types, and I have tried to follow QEMU
with the debugger and found where QEMU calls qemu_init and
qemu_main_loop under qemu/softmmu/main.c, and even tried to follow
through from init to main loop to see where it would begin booting, but
I cannot see where the bootloader is scheduled or specified or started
from within the target occurs.
There are two possibilities:
1) QEMU loads a fixed firmware file, usually at a fixed address in
memory so that the reset vector of the CPU is inside the firmware. This
is what happens for example on x86. The firmware ultimately boots the
machine (e.g. on x86 you have BIOS->GRUB->Linux or something like that).
2) QEMU loads a binary specified on the command line---typically with
-kernel, which is stored in current_machine->kernel_filename---and
somehow arranges for the guest to execute that file when it starts. For
example one possibility is to write a jump instruction at the CPU reset
vector (see riscv_setup_rom_reset_vec for an example). The functions
you want to look at for the loading part are load_elf_ram*, and
load_uimage_as and load_image_targphys_as.
Note that on platforms that use a fixed firmware file there's still the
possibility of using -kernel. In that case, the firmware initializes
the system, then places the binary in memory and jumps to it. qboot
(https://github.com/qemu/qboot) is a very small x86 firmware that is
able to boot a Linux or multiboot kernel.
Paolo
