QEMU使我们在没有外设设备下常用的调试Linux软件,可以用来模拟系统启动;
并支持GDB,在没有外设的情况,用来学习和跟踪代码的最好工具之一。

我们在学习一个架构前,往往需要跟踪代码流程,那么qemu就是最适合的工具。

依赖环境

  1. sudo apt-get install -y qemu gcc make gdb git figlet
  2. sudo apt-get install -y libncurses5-dev iasl wget
  3. sudo apt-get install -y device-tree-compiler
  4. sudo apt-get install -y flex bison libssl-dev libglib2.0-dev
  5. sudo apt-get install -y libfdt-dev libpixman-1-dev
  6. sudo apt-get install -y python pkg-config u-boot-tools intltool xsltproc
  7. sudo apt-get install -y gperf libglib2.0-dev libgirepository1.0-dev
  8. sudo apt-get install -y gobject-introspection
  9. sudo apt-get install -y python2.7-dev python-dev bridge-utils
  10. sudo apt-get install -y uml-utilities net-tools
  11. sudo apt-get install -y libattr1-dev libcap-dev
  12. sudo apt-get install -y kpartx libsdl2-dev libsdl1.2-dev
  13. sudo apt-get install -y debootstrap bsdtar
  14. sudo apt-get install -y libelf-dev gcc-multilib g++-multilib
  15. sudo apt-get install -y libcap-ng-dev libaio-dev
  16. sudo apt-get install -y libcap-dev libattr1-dev figlet libssl-dev

相关代码下载

快速部署

可以通过以下链接快速部署:
https://github.com/vici-by/Linux-kernel-test/blob/main/kernel-test/vidi-env-init.sh

相关下载

Linux内核下载 https://mirror.bjtu.edu.cn/kernel/linux/kernel/
UBOOT下载 ftp://ftp.denx.de/pub/u-boot
busybox下载 https://busybox.net/downloads/

QEMU模拟X86_64启动

QEMU模拟X86_64 linux

package.rar :网络配置文件
RunBiscuitOS.sh :qemu测试demo脚本
参考文档:用Qemu搭建x86学习环境

下载相关文件

  1. mkdir x86_64 -p && cd x86_64 
  2. x86_64_dir=$(pwd)
  3. export LINUX="linux-5.8.14" 
  4. export QEMU="qemu-5.1.0"
  5. export BUSYBOX="busybox-1.32.0"
  6. export EDK2="edk2-UDK2018"
  7. wget https://mirror.bjtu.edu.cn/kernel/linux/kernel/v5.x/${LINUX}.tar.gz && \
  8.     tar -zxf ${LINUX}.tar.gz && rm ${LINUX}.tar.gz
  9. wget https://download.qemu.org/${QEMU}.tar.xz && \
  10.     tar xJf ${QEMU}.tar.xz && rm ${QEMU}.tar.xz
  11. wget https://busybox.net/downloads/${BUSYBOX}.tar.bz2 && \
  12.     tar jxf ${BUSYBOX}.tar.bz2 && rm ${BUSYBOX}.tar.bz2
  14. wget https://github.com/tianocore/edk2/archive/UDK2018.zip &&  \
  15.     unzip edk2-${EDK2}.zip && rm  ${EDK2}.zip
  18. ln -s ${x86_64_dir}/${LINUX} ${x86_64_dir}/linux
  19. ln -s ${x86_64_dir}/${QEMU} ${x86_64_dir}/qemu
  20. ln -s ${x86_64_dir}/${BUSYBOX} ${x86_64_dir}/busybox
  21. ln -s ${x86_64_dir}/${EDK2} ${x86_64_dir}/edk2
  23. # 将package.rar放到当前目录,解压
  24. sudo ./package/networking/bridge.sh
  25. sudo cp ./package/networking/qemu-* /etc/

编译并支持qemu-system-x86_64

  1. cd qemu
  2. ./configure  --prefix=/opt/x86_64/qemu-x86-bin --target-list=x86_64-softmmu --gdb=/usr/bin/gdb \
  3.     --enable-linux-aio --enable-debug --enable-debug-info
  4.  sudo make && sudo make install
  5.  sudo echo "PATH=\$PATH:/usr/local/qemu_x86/bin" >> ~/.bashrc
  6.  source ~/.bashrc
  7.  which qemu-system-x86_64

编译内核

  1. cd linux
  2. make x86_64_defconfig
  3. make menuconfig
  4.   // 这部分默认内核都有配置,这里强调下
  5.     General setup --->
  6.         [*]Initial RAM filesystem and RAM disk (initramfs/initrd) support
  8.   Device Driver --->
  9.         [*] Block devices --->
  10.               <*> RAM block device support
  11.               (153600) Default RAM disk size
  12. make -j$(cat /proc/cpuinfo | grep processor | wc -l)

编译打包文件系统

可能需要下载相应版本编译器:http://ftp.gnu.org/gnu/gcc/gcc-7.5.0/gcc-7.5.0.tar.gz 否则C程序运行不了

  1. cd busybox
  2. make menuconfig
  3.      Settings  --->
  4.        --- Build Options 
  5.         [*] Build static binary (no shared libs)
  6. rm _install ; make -j$(cat /proc/cpuinfo | grep processor | wc -l) && make install
  7. cd ../
  9. # need root
  11. BUSYBOX=$(realpath busybox)
  12. OUTPUT=$(realpath ./)
  13. ROOTFS_NAME=x86_64
  14. ROOTFS_SIZE=200
  15. FS_TYPE=ext4
  16. sudo rm ${OUTPUT}/rootfs/ -rf
  17. sudo  rm x86_64.img
  18. mkdir -p ${OUTPUT}/rootfs
  20. sudo cp ${BUSYBOX}/_install/*  ${OUTPUT}/rootfs -raf
  21. sudo chown root.root ${OUTPUT}/rootfs/* -R
  22. sudo cp ${BUSYBOX}/examples/bootfloppy/etc ${OUTPUT}/rootfs -arf
  23. sudo sed -r  "/askfirst/ s/.*/::respawn:-\/bin\/sh/" ${OUTPUT}/rootfs/etc/inittab -i
  24. sudo mkdir -p  ${OUTPUT}/rootfs/lib      
  25. sudo mkdir -p  ${OUTPUT}/rootfs/proc
  26. sudo mkdir -p  ${OUTPUT}/rootfs/sys
  27. sudo mkdir -p  ${OUTPUT}/rootfs/tmp
  28. sudo mkdir -p  ${OUTPUT}/rootfs/root
  29. sudo mkdir -p  ${OUTPUT}/rootfs/var
  30. sudo mkdir -p  ${OUTPUT}/rootfs/mnt
  31. sudo mkdir -p  ${OUTPUT}/rootfs/dev
  32. sudo mknod  ${OUTPUT}/rootfs/dev/tty1 c 4 1 
  33. sudo mknod  ${OUTPUT}/rootfs/dev/tty2 c 4 2 
  34. sudo mknod  ${OUTPUT}/rootfs/dev/tty3 c 4 3 
  35. sudo mknod  ${OUTPUT}/rootfs/dev/tty4 c 4 4 
  36. sudo mknod  ${OUTPUT}/rootfs/dev/console c 5 1 
  37. sudo mknod  ${OUTPUT}/rootfs/dev/null c 1 3
  39. sudo echo "mount -t sysfs sysfs /sys" >> ${OUTPUT}/rootfs/etc/init.d/rcS
  40. sudo echo "mount -t tracefs nodev /sys/kernel/tracing" >> ${OUTPUT}/rootfs/etc/init.d/rcS
  41. sudo echo "mount  -t  debugfs  nodev  /sys/kernel/debug" >> ${OUTPUT}/rootfs/etc/init.d/rcS
  44. dd if=/dev/zero of=${OUTPUT}/ramdisk bs=1M count=${ROOTFS_SIZE}
  45. mkfs.ext4 -E lazy_itable_init=1,lazy_journal_init=1 -F ${OUTPUT}/ramdisk
  46. mkdir -p ${OUTPUT}/tmpfs
  47. sudo mount -t ${FS_TYPE} ${OUTPUT}/ramdisk ${OUTPUT}/tmpfs/ -o loop
  48. sudo cp -raf ${OUTPUT}/rootfs/*  ${OUTPUT}/tmpfs/
  49. sudo umount ${OUTPUT}/tmpfs
  50. mv ${OUTPUT}/ramdisk ${OUTPUT}/${ROOTFS_NAME}.img
  51. sudo rm ${OUTPUT}/rootfs/  ${OUTPUT}/tmpfs -rf 
  54. # 挂载外接盘
  55. dd if=/dev/zero of=Freeze.img bs=1M count=128
  56. sudo mkfs.ext4 -F ./Freeze.img
  57. mkdir -p freezeDir  && FREEDIR=$(realpath freezeDir)
  58. sudo mount -t ext4 -o loop ./Freeze.img ${FREEDIR}  
  60. # .... 拷贝测试文件
  62. sync && sudo umount ${FREEDIR}

qemu 模拟启动

  1. 注:这部分需要主机开启VM虚拟化
  2. kvm-ok命令检测
  3. baiy@ubuntu:x86_64$ qemu-system-x86_64  -cpu help
  4. x86 base     base CPU model type with no features enabled              
  5. x86 host       KVM processor with all supported host features            
  6. x86 max         Enables all features supported by the accelerator in the current host
  9. # common usual
  10. /usr/local/qemu_x86/bin/qemu-system-x86_64  \
  11.      -smp 2 \
  12.   -cpu host \
  13.   -enable-kvm \
  14.   -m 512M  \
  15.   -kernel linux/arch/x86/boot/bzImage \
  16.   -hda ./x86_64.img \
  17.   -hdb ./Freeze.img \
  18.   -nographic \
  19.   -append "root=/dev/sda rw rootfstype=ext4 console=ttyS0 init=linuxrc loglevel=8"
  25.  # support network 
  26.   /usr/local/qemu_x86/bin/qemu-system-x86_64  \
  27.      -smp 2 \
  28.   -cpu host \
  29.   -enable-kvm \
  30.   -m 512M  \
  31.   -kernel linux/arch/x86/boot/bzImage \
  32.   -hda ./x86_64.img \
  33.   -hdb ./Freeze.img \
  34.   -nographic \
  35.   -append "root=/dev/sda rw rootfstype=ext4 console=ttyS0 init=linuxrc loglevel=8" \
  36.   -net tap  \
  37.   -device virtio-net-device,netdev=bsnet0,mac=E0:FE:D0:3C:2E:EE  \
  38.   -netdev tap,id=bsnet0,ifname=bsTap0
  40. # debug
  41.   /usr/local/qemu_x86/bin/qemu-system-x86_64  \
  42.      -smp 2 \
  43.   -cpu host \
  44.   -enable-kvm \
  45.   -m 512M  \
  46.   -kernel linux/arch/x86/boot/bzImage \
  47.   -hda ./x86_64.img \
  48.   -hdb ./Freeze.img \
  49.   -nographic \
  50.   -append "root=/dev/sda rw rootfstype=ext4 console=ttyS0 init=linuxrc loglevel=8" \
  51.   -S -s
  53. gdb vmlinux
  54. target remote localhost:1234
  55. b start_kernel
  56. continue

QEMU模拟ARM64启动

环境搭建

  1. # 相关软件包下载
  2. [official git]
  3. git clone git://git.denx.de/u-boot.git
  4. git clone https://github.com/torvalds/linux 
  5. git clone git://busybox.net/busybox.git
  8. [local download]
  9. ftp://ftp.denx.de/pub/u-boot/
  10. https://mirror.bjtu.edu.cn/kernel/linux/kernel/v4.x/
  11. https://busybox.net/downloads/
  13. 交叉编译器下载
  14. https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads
  15. https://www.linaro.org/downloads/

QEMU模拟ATF+UBOOT

QEMU模拟Linux

QEMU模拟ATF+UBOOT+Linux全流程

QEMU模拟ARM32启动

QEMU模拟UBOOT

QEMU模拟Linux

QEMU模拟UBOOT+Linux全流程