Hi Heinrich,
On Thu, 18 Sept 2025 at 06:44, Heinrich Schuchardt <xypron.g...@gmx.de> wrote:
>
> Am 17. September 2025 17:45:03 MESZ schrieb Tom Rini <tr...@konsulko.com>:
> >On Wed, Sep 17, 2025 at 10:42:52AM -0400, Raymond Mao wrote:
> >> Hi Tom,
> >>
> >> On Tue, 16 Sept 2025 at 14:27, Tom Rini <tr...@konsulko.com> wrote:
> >> >
> >> > On Tue, Sep 16, 2025 at 09:12:25AM -0700, Raymond Mao wrote:
> >> >
> >> > > The existing 'conf.qemu_arm64_na' uses 'u-boot.bin' as bios, but for
> >> > > the case of TF-A, 'u-boot.bin' is BL33 and the assembled 'flash.bin'
> >> > > is the bios instead, which will be built and assembled at run-time
> >> > > via a post-buildman script and copied to '/tmp'.
> >> > >
> >> > > Moreover, for running TF-A and OP-TEE on qemu, '-m 4G' and
> >> > > 'virtualization=false,secure=on' are required, and '-semihosting'
> >> > > should be replaced with its modern alias
> >> > > '-semihosting-config enable=on,target=native'.
> >> > >
> >> > > Last, point to the new helper script 'swtpm-tfa'.
> >> > >
> >> > > Signed-off-by: Raymond Mao <raymond....@linaro.org>
> >> >
> >> > Lets fixup the current qemu_arm64 conf to have as much in common as
> >> > possible (4G, modern semihosting flags, etc). Next:
> >> >
> >> > > ---
> >> > > .../conf.qemu_arm64_fw_handoff_tfa_optee | 31 +++++++++++++++++++
> >> > > 1 file changed, 31 insertions(+)
> >> > > create mode 100644 bin/travis-ci/conf.qemu_arm64_fw_handoff_tfa_optee
> >> > >
> >> > > diff --git a/bin/travis-ci/conf.qemu_arm64_fw_handoff_tfa_optee
> >> > > b/bin/travis-ci/conf.qemu_arm64_fw_handoff_tfa_optee
> >> > > new file mode 100644
> >> > > index 0000000..9aa6d3b
> >> > > --- /dev/null
> >> > > +++ b/bin/travis-ci/conf.qemu_arm64_fw_handoff_tfa_optee
> >> > > @@ -0,0 +1,31 @@
> >> > > +# Copyright (c) 2025 Linaro Limited
> >> > > +# Author: Raymond Mao <raymond....@linaro.org>
> >> > > +# Based on conf.qemu_arm64 which is
> >> > > +# Copyright (c) 2017 Tuomas Tynkkynen. All rights reserved.
> >> > > +#
> >> > > +# Permission is hereby granted, free of charge, to any person
> >> > > obtaining a
> >> > > +# copy of this software and associated documentation files (the
> >> > > "Software"),
> >> > > +# to deal in the Software without restriction, including without
> >> > > limitation
> >> > > +# the rights to use, copy, modify, merge, publish, distribute,
> >> > > sublicense,
> >> > > +# and/or sell copies of the Software, and to permit persons to whom
> >> > > the
> >> > > +# Software is furnished to do so, subject to the following conditions:
> >> > > +#
> >> > > +# The above copyright notice and this permission notice shall be
> >> > > included in
> >> > > +# all copies or substantial portions of the Software.
> >> > > +#
> >> > > +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
> >> > > EXPRESS OR
> >> > > +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
> >> > > MERCHANTABILITY,
> >> > > +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
> >> > > SHALL
> >> > > +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
> >> > > OR OTHER
> >> > > +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
> >> > > ARISING
> >> > > +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
> >> > > +# DEALINGS IN THE SOFTWARE.
> >> > > +
> >> > > +console_impl=qemu
> >> > > +qemu_machine="virt,virtualization=false,secure=on"
> >> > > +qemu_helper_script="swtpm-tfa"
> >> > > +qemu_binary="qemu-system-aarch64"
> >> > > +qemu_extra_args="-m 4G -cpu cortex-a57 -nographic -netdev
> >> > > user,id=net0,tftp=${UBOOT_TRAVIS_BUILD_DIR} -device e1000,netdev=net0
> >> > > -device virtio-rng-pci -d unimp -semihosting-config
> >> > > enable=on,target=native -chardev
> >> > > socket,id=chrtpm,path=/tmp/tpm/swtpm-sock -tpmdev
> >> > > emulator,id=tpm0,chardev=chrtpm -device tpm-tis-device,tpmdev=tpm0"
> >> >
> >> > Can we line break this? Then make some functional groupings? Thanks.
> >> >
> >> I am thinking about to merge this script into the common one
> >> "conf.qemu_arm64_na", but do you mind to add
> >> "virtualization=false,secure=on" as a common setting? even though It
> >> is only needed when running with TF-A/OP-TEE.
>
> Main U-Boot is meant to be running in EL2. So why should we start in EL3
> without TF-A?
>
> Why do you want to disable virtualization?
>
1. That was my original motivation to make a separate config file for
introducing "secure=on", since it might lead to unpredictable
behaviours when without TF-A, even tests done normally.
2. You are right, virtualization=false can be removed.
But then we need to make a decision from 2 options:
1. Use one set of config/helper scripts for all qemu_arm64 cases,
ignoring the unpredictable behaviour caused by starting from EL3/EL2.
2. Keep the current patch - use separate sets of config/helper to keep
the concept more clearer. (qemu_helper_script can be just one by using
args, but does not make too much sense when we still have two config
files).
@Tom Rini @Heinrich Schuchardt What are your thoughts?
Regards,
Raymond
> Best regards
>
> Heinrich
>
> >
> >So long as everything works in CI for the other cases, yes, that's fine.
> >
>
