2017年3月26日 星期日

使用 gdb+qemu 來執行/除錯 raspberry pi linux kernel

the 1st edition: 20150408
the 2nd edition: 20150711 add rpi2 part, Initramfs source files conf
the 3rd edition: 20151001 /dev/ram0
the 4th edition: 20170320 使用 4.4.y linux kernel

看了這個《Linux 内核分析》課程之後, 我知道可以用 qemu + gdb 來 debug linux kernel。

課程所提供的 rootfs 在這裡, 很精簡, 對學習很有幫助:
git clone  https://github.com/mengning/menu.git

我想如法泡製在 raspberry pi 上, 因為我沒有實體的 pi 開發版 (後來有了), 所以用這方法來 trace linux kernel。不過要先解決如何編譯 linux kernel for qemu/pi。

raspberry pi Kernel Building》這份文件有教學, 不過編譯出來的 kernel 無法在 qemu 上執行, 要參考這篇《build raspberrypi kernel for qemu》(需要 patch 並選擇一些選項)

舊的 xecdesign.com 資料已經不存在了, 也無法適用於 4.4.y 的 kernel, https://github.com/dhruvvyas90/qemu-rpi-kernel 這裡提供的 linux-arm.patch 可以讓 rpi 4.4.y 的 kernel 在 qemu 中啟動, tools/build-kernel-qemu 提供了 script 自動編譯 kernel。
  1. wget http://xecdesign.com/downloads/linux-qemu/linux-arm.patch
  2. patch -p1 -d linux/ < linux-arm.patch

記得加入 debug option, 這樣編譯出來的 kernel 才有 debug symbol, 可以配合 gdb 做 source code level debug。

add debug option
kernel hacking—>
   Compile-time checks and compiler options ->
     [*] compile the kernel with debug info

這是我的 linux kernel config 和下載的 patch:
config and patch

https://github.com/descent/linux/tree/rpi-4.4.y-qemu 有我 patch 好的 kernel, qemu-config 是給 qemu 用的 config file。

測試環境:
git clone https://github.com/raspberrypi/linux
git commit 8362c08dfc8dd9e54745b3f1e5e4ff0a1fb30614

再來的問題是, 如何載入 initrd?

和 x86 的版本有點不同, 需要 -append 加入參數,《Compiling Linux kernel for QEMU ARM emulator》提供了一個辦法, 不過 -append 裡頭的參數還是無法讓我正常使用《Linux内核分析》裡頭介紹的 rootfs initrd image, 其文章提供的 hello rootfs initrd image 當然也無法使用, 最後找到以下指令。

qemu-system-arm -M versatilepb -cpu arm1176 -kernel /media/2/pi/linux/arch/arm/boot/zImage -m 128 -initrd rootfs  -append "initrd=rootfs"
qemu-system-arm -M versatilepb -cpu arm1176 -kernel /media/2/pi/linux/arch/arm/boot/zImage -m 128 -initrd m/rootfs.img  -append "initrd=rootfs.img"

menuos for raspberry pi in qemu
寄件者 ??

雖然有了 arm 的 debug 環境, 不過我還有些疑惑? linux 被載入的位址為何? 固定在那個位址嗎? 它可以被移動到其他位址嗎?

x86 有個 relocatable kernel 的選項。那他怎麼做 relocation 的動作?
x86 linux option
1 Processor type and features
2   (0x1000000) Physical address where the kernel is loaded
3   [*] Build a relocatable kernel

對應的變數是:
CONFIG_RELOCATABLE=y

arm 版本沒有 relocatable kernel 的選項, 不過有個 AUTO_ZRELADDR=y, 在 Enable "AUTO_ZRELADDR" support under "Boot" options, 好像是等同於 RELOCATABLE。

The Linux Kernel: Configuring the Kernel Part 5 提到:

This next kernel option (Build a relocatable kernel (RELOCATABLE)) allows the kernel to be placed somewhere else in the memory. The kernel file will be 10% larger,

深入探索 Kdump,第 3 部分: Kdump 原理探秘
可重定位內核(relocatable kernel)
可重定位內核的意義

在 kdump 出現之前,內核只能從一個固定的物理地址上啟動。這對 kdump 來說是一種限制。因為為了收集生產內核的內存鏡像,捕獲內核不能從生產內核使用的啟動地址上啟動。因此就需要另編譯一個從一個不同的地址啟動的內核來作捕獲內核。這就是為什麼 RHEL5 中有一個包叫 kernel-kdump 的原因。技術的創新往往來自對方便的追求。開發人員為了不用費心多編譯一個內核,為 kernel 實現了「可重定向」這個特性。
實現原理

x86_64: 運行時修改 text 段及 data 段的眏射

kernel 在啟動以後,會檢測自己被加載到了什麼位置。然後根據這個來更新自己的內存頁表以反映 kernel 的 text 段和 data 段中虛擬地址與物理地址之間正確的映射關係。

i386: 使用預先生成的重定位信息

i386 中的 text 和 data 段是已經寫死的線性映射區的一部分,要想使用修改頁表的辦法支持重定向是比較困難的。於是在編譯內核時,另生成一份所有需要重定位的 symbol 的位置信息,放進 bzimage 格式的內核中。內核啟動解壓縮後,根據加載的地址和這份表來時行重定位。

powerpc: 將 vmlinuz 鏈接為「position-independent executable」形式

與 x86 體系不同,在 powerpc 體系中,/boot/vmlinuz 並不是一個 bzimage 格式的文件,它就是一個 ELF 格式的文件,而且啟動機理也不盡相同。因此,在 powerpc 上主要是利用了「位置無關可執行」格式這一成熟技術來實現可重定位。


以下是我的 qemu command, 搭配 linux/vmlinux 就可以 gdb single step linux kernel。

qemu-system-arm -M versatilepb -cpu arm1176 -kernel linux/arch/arm/boot/zImage -m 128 -initrd m/rootfs.img  -append "initrd=rootfs.img" -s -S

不過我想從第一個指令開始看起, 無法成功, 只好照著課程步驟, 把 break point 設在 start_kernel, 可以正常 debug, 和課程提到的是一樣的結果。以下是開機時暫存器的值。

gdb.sh 示範如果使用 gdb 連上 qemu:

gdb.sh
 1 descent@debian64:linux-4.4.1$ arm-linux-gnueabihf-gdb linux/vmlinux
 2 GNU gdb (Debian 7.10-1+b1) 7.10
 3 Copyright (C) 2015 Free Software Foundation, Inc.
 4 License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
 5 This is free software: you are free to change and redistribute it.
 6 There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
 7 and "show warranty" for details.
 8 This GDB was configured as "x86_64-linux-gnu".
 9 Type "show configuration" for configuration details.
10 For bug reporting instructions, please see:
11 <http://www.gnu.org/software/gdb/bugs/>.
12 Find the GDB manual and other documentation resources online at:
13 <http://www.gnu.org/software/gdb/documentation/>.
14 For help, type "help".
15 Type "apropos word" to search for commands related to "word"...
16 Reading symbols from vmlinux...done.
17 (gdb) target remote localhost:1234
18 Remote debugging using localhost:1234
19 0x0000fff0 in ?? ()
20 (gdb) b start_kernel
21 Breakpoint 1 at 0xc1846740: file init/main.c, line 498.
22 (gdb) c
23 Continuing.
24 
25 Breakpoint 1, start_kernel () at init/main.c:498
26 498 {
27 (gdb) 

rpi
 1 (gdb) i r
 2 r0             0x0    0
 3 r1             0x0    0
 4 r2             0x0    0
 5 r3             0x0    0
 6 r4             0x0    0
 7 r5             0x0    0
 8 r6             0x0    0
 9 r7             0x0    0
10 r8             0x0    0
11 r9             0x0    0
12 r10            0x0    0
13 r11            0x0    0
14 r12            0x0    0
15 sp             0x0    0x0 <__vectors_start>
16 lr             0x0    0
17 pc             0x0    0x0 <__vectors_start>
18 cpsr           0x400001d3     1073742291

使用 Initramfs source files conf 的選項可以將 initramfs 直接編入 kernel, 這樣就不需要使用 qemu 的 -initrd。

Initramfs source files conf
1 General setup  --->
2   [*] Initial RAM filesystem and RAM disk (initramfs/initrd) support
3   (/media/2/linux_kernel/m/rootfs) Initramfs source file(s)  

重要:
不過需要將 /dev/console 複製到 Initramfs source file (我的例子是: /media/2/linux_kernel/m/rootfs), 否則開機會有 console 相關的錯誤訊息。


arm(rpi) 的 qemu 指令

qemu-system-arm -M versatilepb -cpu arm1176 -kernel arch/arm/boot/zImage -m 128

descent@debian32:~/linux-3.10.27/arch/x86/boot$ ls ~/git/FS/target2/dev/
console  mtd1   mtd13  mtd3  mtd7       mtdblock1   mtdblock13  mtdblock3  mtdblock7  ptmx    rtc0  tty2  tty6   ttyS1
kmem     mtd10  mtd14  mtd4  mtd8       mtdblock10  mtdblock14  mtdblock4  mtdblock8  pts     tty   tty3  tty7   ttyS2
mem      mtd11  mtd15  mtd5  mtd9       mtdblock11  mtdblock15  mtdblock5  mtdblock9  ram0    tty0  tty4  tty8   urandom
mtd0     mtd12  mtd2   mtd6  mtdblock0  mtdblock12  mtdblock2   mtdblock6  null       random  tty1  tty5  ttyS0  zero

init 放在 /init, 有些環境可能要放在 /sbin/init

若要在終端機秀出 qemu 訊息, 使用以下指令, 重點在指定 -nographic -append "console=ttyAMA0 這兩個參數。

qemu-system-arm -M versatilepb -cpu arm1176 -kernel arch/arm/boot/zImage -m 128 -nographic -append "console=ttyAMA0"

qemu rpi message for terminal
  1 descent@debian64:linux$ qemu-system-arm -M versatilepb -cpu arm1176 -kernel arch/arm/boot/zImage -m 128 -nographic  -append "console=ttyAMA0"
  2 
  3 (process:31080): GLib-WARNING **: /build/glib2.0-94amRy/glib2.0-2.50.1/./glib/gmem.c:483: custom memory allocation vtable not supported
  4 pulseaudio: set_sink_input_volume() failed
  5 pulseaudio: Reason: Invalid argument
  6 pulseaudio: set_sink_input_mute() failed
  7 pulseaudio: Reason: Invalid argument
  8 Uncompressing Linux... done, booting the kernel.
  9 Booting Linux on physical CPU 0x0
 10 Initializing cgroup subsys cpuset
 11 Initializing cgroup subsys cpu
 12 Initializing cgroup subsys cpuacct
 13 Linux version 4.4.30-rt5+ (descent@debian64) (gcc version 4.8.3 20140303 (prerelease) (crosstool-NG linaro-1.13.1+bzr2650 - Linaro GCC 2014.03) ) #9 Mon Mar 20 17:27:35 CST 2017
 14 CPU: ARMv6-compatible processor [410fb767] revision 7 (ARMv7), cr=00c5387d
 15 CPU: VIPT aliasing data cache, unknown instruction cache
 16 Machine: ARM-Versatile PB
 17 Memory policy: Data cache writeback
 18 sched_clock: 32 bits at 24MHz, resolution 41ns, wraps every 89478484971ns
 19 Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 32480
 20 Kernel command line: console=ttyAMA0
 21 PID hash table entries: 512 (order: -1, 2048 bytes)
 22 Dentry cache hash table entries: 16384 (order: 4, 65536 bytes)
 23 Inode-cache hash table entries: 8192 (order: 3, 32768 bytes)
 24 Memory: 124120K/131072K available (4039K kernel code, 185K rwdata, 1088K rodata, 164K init, 139K bss, 6952K reserved, 0K cma-reserved)
 25 Virtual kernel memory layout:
 26     vector  : 0xffff0000 - 0xffff1000   (   4 kB)
 27     fixmap  : 0xffc00000 - 0xfff00000   (3072 kB)
 28     vmalloc : 0xc8800000 - 0xff800000   ( 880 MB)
 29     lowmem  : 0xc0000000 - 0xc8000000   ( 128 MB)
 30     modules : 0xbf000000 - 0xc0000000   (  16 MB)
 31       .text : 0xc0008000 - 0xc050a1bc   (5129 kB)
 32       .init : 0xc050b000 - 0xc0534000   ( 164 kB)
 33       .data : 0xc0534000 - 0xc05626c0   ( 186 kB)
 34        .bss : 0xc05626c0 - 0xc0585460   ( 140 kB)
 35 NR_IRQS:224
 36 VIC @f1140000: id 0x00041190, vendor 0x41
 37 FPGA IRQ chip 0 "SIC" @ f1003000, 13 irqs, parent IRQ: 63
 38 clocksource: timer3: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275 ns
 39 Console: colour dummy device 80x30
 40 Calibrating delay loop... 735.23 BogoMIPS (lpj=3676160)
 41 pid_max: default: 32768 minimum: 301
 42 Mount-cache hash table entries: 1024 (order: 0, 4096 bytes)
 43 Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes)
 44 Disabling cpuset control group subsystem
 45 Initializing cgroup subsys memory
 46 Initializing cgroup subsys devices
 47 Initializing cgroup subsys freezer
 48 CPU: Testing write buffer coherency: ok
 49 Setting up static identity map for 0x8220 - 0x827c
 50 devtmpfs: initialized
 51 VFP support v0.3: implementor 41 architecture 1 part 20 variant b rev 5
 52 clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
 53 NET: Registered protocol family 16
 54 DMA: preallocated 256 KiB pool for atomic coherent allocations
 55 Serial: AMBA PL011 UART driver
 56 dev:f1: ttyAMA0 at MMIO 0x101f1000 (irq = 44, base_baud = 0) is a PL011 rev1
 57 console [ttyAMA0] enabled
 58 dev:f2: ttyAMA1 at MMIO 0x101f2000 (irq = 45, base_baud = 0) is a PL011 rev1
 59 dev:f3: ttyAMA2 at MMIO 0x101f3000 (irq = 46, base_baud = 0) is a PL011 rev1
 60 fpga:09: ttyAMA3 at MMIO 0x10009000 (irq = 70, base_baud = 0) is a PL011 rev1
 61 PCI core found (slot 11)
 62 PCI host bridge to bus 0000:00
 63 pci_bus 0000:00: root bus resource [mem 0x50000000-0x5fffffff]
 64 pci_bus 0000:00: root bus resource [mem 0x60000000-0x6fffffff pref]
 65 pci_bus 0000:00: root bus resource [io  0x1000-0xffff]
 66 pci_bus 0000:00: No busn resource found for root bus, will use [bus 00-ff]
 67 PCI: bus0: Fast back to back transfers disabled
 68 pci 0000:00:0c.0: BAR 2: assigned [mem 0x50000000-0x50001fff]
 69 pci 0000:00:0c.0: BAR 1: assigned [mem 0x50002000-0x500023ff]
 70 pci 0000:00:0c.0: BAR 0: assigned [io  0x1000-0x10ff]
 71 vgaarb: loaded
 72 SCSI subsystem initialized
 73 clocksource: Switched to clocksource timer3
 74 NET: Registered protocol family 2
 75 TCP established hash table entries: 1024 (order: 0, 4096 bytes)
 76 TCP bind hash table entries: 1024 (order: 0, 4096 bytes)
 77 TCP: Hash tables configured (established 1024 bind 1024)
 78 UDP hash table entries: 256 (order: 0, 4096 bytes)
 79 UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
 80 NET: Registered protocol family 1
 81 RPC: Registered named UNIX socket transport module.
 82 RPC: Registered udp transport module.
 83 RPC: Registered tcp transport module.
 84 RPC: Registered tcp NFSv4.1 backchannel transport module.
 85 NetWinder Floating Point Emulator V0.97 (double precision)
 86 futex hash table entries: 256 (order: -1, 3072 bytes)
 87 Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
 88 jffs2: version 2.2. (NAND) © 2001-2006 Red Hat, Inc.
 89 romfs: ROMFS MTD (C) 2007 Red Hat, Inc.
 90 Block layer SCSI generic (bsg) driver version 0.4 loaded (major 254)
 91 io scheduler noop registered
 92 io scheduler deadline registered
 93 io scheduler cfq registered (default)
 94 pl061_gpio dev:e4: PL061 GPIO chip @0x101e4000 registered
 95 pl061_gpio dev:e5: PL061 GPIO chip @0x101e5000 registered
 96 pl061_gpio dev:e6: PL061 GPIO chip @0x101e6000 registered
 97 pl061_gpio dev:e7: PL061 GPIO chip @0x101e7000 registered
 98 clcd-pl11x dev:20: PL110 rev0 at 0x10120000
 99 clcd-pl11x dev:20: Versatile hardware, VGA display
100 Console: switching to colour frame buffer device 80x30
101 brd: module loaded
102 sym53c8xx 0000:00:0c.0: enabling device (0100 -> 0103)
103 sym0: <895a> rev 0x0 at pci 0000:00:0c.0 irq 93
104 sym0: No NVRAM, ID 7, Fast-40, LVD, parity checking
105 sym0: SCSI BUS has been reset.
106 scsi host0: sym-2.2.3
107 scsi 0:0:2:0: CD-ROM            QEMU     QEMU CD-ROM      2.3. PQ: 0 ANSI: 5
108 scsi target0:0:2: tagged command queuing enabled, command queue depth 16.
109 scsi target0:0:2: Beginning Domain Validation
110 scsi target0:0:2: Domain Validation skipping write tests
111 scsi target0:0:2: Ending Domain Validation
112 sr 0:0:2:0: [sr0] scsi3-mmc drive: 16x/50x cd/rw xa/form2 cdda tray
113 cdrom: Uniform CD-ROM driver Revision: 3.20
114 physmap platform flash device: 04000000 at 34000000
115 physmap-flash.0: Found 1 x32 devices at 0x0 in 32-bit bank. Manufacturer ID 0x000000 Chip ID 0x000000
116 Intel/Sharp Extended Query Table at 0x0031
117 Using buffer write method
118 smc91x.c: v1.1, sep 22 2004 by Nicolas Pitre <nico@fluxnic.net>
119 smc91x smc91x.0 eth0: SMC91C11xFD (rev 1) at c8a5a000 IRQ 57
120  [nowait]
121 smc91x smc91x.0 eth0: Ethernet addr: 52:54:00:12:34:56
122 mousedev: PS/2 mouse device common for all mice
123 ledtrig-cpu: registered to indicate activity on CPUs
124 Netfilter messages via NETLINK v0.30.
125 nf_conntrack version 0.5.0 (1939 buckets, 7756 max)
126 ip_tables: (C) 2000-2006 Netfilter Core Team
127 NET: Registered protocol family 17
128 bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this.
129 Bridge firewalling registered
130 input: AT Raw Set 2 keyboard as /devices/fpga:06/serio0/input/input0
131 input: ImExPS/2 Generic Explorer Mouse as /devices/fpga:07/serio1/input/input2
132 VFS: Cannot open root device "(null)" or unknown-block(0,0): error -6
133 Please append a correct "root=" boot option; here are the available partitions:
134 0100            4096 ram0  (driver?)
135 0101            4096 ram1  (driver?)
136 0102            4096 ram2  (driver?)
137 0103            4096 ram3  (driver?)
138 0104            4096 ram4  (driver?)
139 0105            4096 ram5  (driver?)
140 0106            4096 ram6  (driver?)
141 0107            4096 ram7  (driver?)
142 0108            4096 ram8  (driver?)
143 0109            4096 ram9  (driver?)
144 010a            4096 ram10  (driver?)
145 010b            4096 ram11  (driver?)
146 010c            4096 ram12  (driver?)
147 010d            4096 ram13  (driver?)
148 010e            4096 ram14  (driver?)
149 010f            4096 ram15  (driver?)
150 0b00         1048575 sr0  driver: sr



qemu-system-i386
  1 Script started on Wed 05 Aug 2015 04:59:52 PM CST
  2 descent@debian32:~/linux-3.10.27/arch/x86/boot$ qemu-system-i386 -nographic -kernel bzImage -append "console=ttyS0"
  3 [    0.000000] Initializing cgroup subsys cpuset
  4 [    0.000000] Initializing cgroup subsys cpu
  5 [    0.000000] Initializing cgroup subsys cpuacct
  6 [    0.000000] Linux version 3.10.27 (descent@debian32) (gcc version 4.8.5 (Debian 4.8.5-1) ) #2 SMP Wed Aug 5 16:41:20 CST 2015
  7 [    0.000000] e820: BIOS-provided physical RAM map:
  8 [    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
  9 [    0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
 10 [    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
 11 [    0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000007fdffff] usable
 12 [    0.000000] BIOS-e820: [mem 0x0000000007fe0000-0x0000000007ffffff] reserved
 13 [    0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
 14 [    0.000000] Notice: NX (Execute Disable) protection missing in CPU!
 15 [    0.000000] SMBIOS 2.8 present.
 16 [    0.000000] e820: last_pfn = 0x7fe0 max_arch_pfn = 0x100000
 17 [    0.000000] found SMP MP-table at [mem 0x000f6640-0x000f664f] mapped at [c00f6640]
 18 [    0.000000] Scanning 1 areas for low memory corruption
 19 [    0.000000] init_memory_mapping: [mem 0x00000000-0x000fffff]
 20 [    0.000000] init_memory_mapping: [mem 0x07800000-0x07bfffff]
 21 [    0.000000] init_memory_mapping: [mem 0x00100000-0x077fffff]
 22 [    0.000000] init_memory_mapping: [mem 0x07c00000-0x07fdffff]
 23 [    0.000000] ACPI: RSDP 000f6470 00014 (v00 BOCHS )
 24 [    0.000000] ACPI: RSDT 07fe16a9 00034 (v01 BOCHS  BXPCRSDT 00000001 BXPC 00000001)
 25 [    0.000000] ACPI: FACP 07fe0bda 00074 (v01 BOCHS  BXPCFACP 00000001 BXPC 00000001)
 26 [    0.000000] ACPI: DSDT 07fe0040 00B9A (v01 BOCHS  BXPCDSDT 00000001 BXPC 00000001)
 27 [    0.000000] ACPI: FACS 07fe0000 00040
 28 [    0.000000] ACPI: SSDT 07fe0c4e 009AB (v01 BOCHS  BXPCSSDT 00000001 BXPC 00000001)
 29 [    0.000000] ACPI: APIC 07fe15f9 00078 (v01 BOCHS  BXPCAPIC 00000001 BXPC 00000001)
 30 [    0.000000] ACPI: HPET 07fe1671 00038 (v01 BOCHS  BXPCHPET 00000001 BXPC 00000001)
 31 [    0.000000] 0MB HIGHMEM available.
 32 [    0.000000] 127MB LOWMEM available.
 33 [    0.000000]   mapped low ram: 0 - 07fe0000
 34 [    0.000000]   low ram: 0 - 07fe0000
 35 [    0.000000] Zone ranges:
 36 [    0.000000]   DMA      [mem 0x00001000-0x00ffffff]
 37 [    0.000000]   Normal   [mem 0x01000000-0x07fdffff]
 38 [    0.000000]   HighMem  empty
 39 [    0.000000] Movable zone start for each node
 40 [    0.000000] Early memory node ranges
 41 [    0.000000]   node   0: [mem 0x00001000-0x0009efff]
 42 [    0.000000]   node   0: [mem 0x00100000-0x07fdffff]
 43 [    0.000000] Using APIC driver default
 44 [    0.000000] ACPI: PM-Timer IO Port: 0x608
 45 [    0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
 46 [    0.000000] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
 47 [    0.000000] ACPI: IOAPIC (id[0x00] address[0xfec00000] gsi_base[0])
 48 [    0.000000] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
 49 [    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
 50 [    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
 51 [    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
 52 [    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
 53 [    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
 54 [    0.000000] Using ACPI (MADT) for SMP configuration information
 55 [    0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
 56 [    0.000000] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
 57 [    0.000000] PM: Registered nosave memory: 000000000009f000 - 00000000000a0000
 58 [    0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000f0000
 59 [    0.000000] PM: Registered nosave memory: 00000000000f0000 - 0000000000100000
 60 [    0.000000] e820: [mem 0x08000000-0xfffbffff] available for PCI devices
 61 [    0.000000] setup_percpu: NR_CPUS:8 nr_cpumask_bits:8 nr_cpu_ids:1 nr_node_ids:1
 62 [    0.000000] PERCPU: Embedded 13 pages/cpu @c7ed0000 s32064 r0 d21184 u53248
 63 [    0.000000] Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 32382
 64 [    0.000000] Kernel command line: console=ttyS0
 65 [    0.000000] PID hash table entries: 512 (order: -1, 2048 bytes)
 66 [    0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes)
 67 [    0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes)
 68 [    0.000000] Initializing CPU#0
 69 [    0.000000] Initializing HighMem for node 0 (00000000:00000000)
 70 [    0.000000] Memory: 118524k/130944k available (5775k kernel code, 12028k reserved, 2092k data, 2124k init, 0k highmem)
 71 [    0.000000] virtual kernel memory layout:
 72 [    0.000000]     fixmap  : 0xfff15000 - 0xfffff000   ( 936 kB)
 73 [    0.000000]     pkmap   : 0xff800000 - 0xffc00000   (4096 kB)
 74 [    0.000000]     vmalloc : 0xc87e0000 - 0xff7fe000   ( 880 MB)
 75 [    0.000000]     lowmem  : 0xc0000000 - 0xc7fe0000   ( 127 MB)
 76 [    0.000000]       .init : 0xc17b0000 - 0xc19c3000   (2124 kB)
 77 [    0.000000]       .data : 0xc15a3f7b - 0xc17af0c0   (2092 kB)
 78 [    0.000000]       .text : 0xc1000000 - 0xc15a3f7b   (5775 kB)
 79 [    0.000000] Checking if this processor honours the WP bit even in supervisor mode...Ok.
 80 [    0.000000] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
 81 [    0.000000] Hierarchical RCU implementation.
 82 [    0.000000]  RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=1.
 83 [    0.000000] NR_IRQS:2304 nr_irqs:256 16
 84 [    0.000000] Console: colour VGA+ 80x25
 85 [    0.000000] console [ttyS0] enabled
 86 [    0.000000] tsc: Fast TSC calibration failed
 87 [    0.000000] tsc: Unable to calibrate against PIT
 88 [    0.000000] tsc: using HPET reference calibration
 89 [    0.000000] tsc: Detected 3594.682 MHz processor
 90 [    0.009236] Calibrating delay loop (skipped), value calculated using timer frequency.. 7189.36 BogoMIPS (lpj=3594682)
 91 [    0.011114] pid_max: default: 32768 minimum: 301
 92 [    0.013258] Security Framework initialized
 93 [    0.015457] SELinux:  Initializing.
 94 [    0.017211] Mount-cache hash table entries: 512
 95 [    0.024728] Initializing cgroup subsys freezer
 96 [    0.027285] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
 97 [    0.027285] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0
 98 [    0.027285] tlb_flushall_shift: 6
 99 [    0.067329] Freeing SMP alternatives: 24k freed
100 [    0.068019] ACPI: Core revision 20130328
101 [    0.082594] ACPI: All ACPI Tables successfully acquired
102 [    0.092004] Enabling APIC mode:  Flat.  Using 1 I/O APICs
103 [    0.095000] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
104 [    0.107000] smpboot: CPU0: Intel QEMU Virtual CPU version 2.3.0 (fam: 06, model: 06, stepping: 03)
105 [    0.110000] APIC calibration not consistent with PM-Timer: 107ms instead of 100ms
106 [    0.110000] APIC delta adjusted to PM-Timer: 6249946 (6741014)
107 [    0.110658] Performance Events: Broken PMU hardware detected, using software events only.
108 [    0.112041] Failed to access perfctr msr (MSR c1 is 0)
109 [    0.121634] Brought up 1 CPUs
110 [    0.122075] smpboot: Total of 1 processors activated (7189.36 BogoMIPS)
111 [    0.136000] RTC time:  8:59:58, date: 08/05/15
112 [    0.138000] NET: Registered protocol family 16
113 [    0.140000] kworker/u2:0 (13) used greatest stack depth: 7312 bytes left
114 [    0.145499] kworker/u2:0 (17) used greatest stack depth: 7188 bytes left
115 [    0.149506] ACPI: bus type PCI registered
116 [    0.152247] PCI: PCI BIOS revision 2.10 entry at 0xfd40f, last bus=0
117 [    0.153054] PCI: Using configuration type 1 for base access
118 [    0.158222] kworker/u2:0 (28) used greatest stack depth: 7176 bytes left
119 [    0.224664] bio: create slab <bio-0> at 0
120 [    0.228120] ACPI: Added _OSI(Module Device)
121 [    0.229000] ACPI: Added _OSI(Processor Device)
122 [    0.229020] ACPI: Added _OSI(3.0 _SCP Extensions)
123 [    0.230053] ACPI: Added _OSI(Processor Aggregator Device)
124 [    0.248036] ACPI: Interpreter enabled
125 [    0.249202] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S1_] (20130328/hwxface-568)
126 [    0.251100] ACPI Exception: AE_NOT_FOUND, While evaluating Sleep State [\_S2_] (20130328/hwxface-568)
127 [    0.253401] ACPI: (supports S0 S3 S4 S5)
128 [    0.254000] ACPI: Using IOAPIC for interrupt routing
129 [    0.256325] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
130 [    0.260855] ACPI: No dock devices found.
131 [    0.293274] kworker/u2:0 (303) used greatest stack depth: 7164 bytes left
132 [    0.307297] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
133 [    0.309451] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
134 [    0.312217] PCI host bridge to bus 0000:00
135 [    0.313176] pci_bus 0000:00: root bus resource [bus 00-ff]
136 [    0.314220] pci_bus 0000:00: root bus resource [io  0x0000-0x0cf7]
137 [    0.315057] pci_bus 0000:00: root bus resource [io  0x0d00-0xffff]
138 [    0.316110] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff]
139 [    0.317059] pci_bus 0000:00: root bus resource [mem 0x08000000-0xfebfffff]
140 [    0.325852] pci 0000:00:01.3: quirk: [io  0x0600-0x063f] claimed by PIIX4 ACPI
141 [    0.326111] pci 0000:00:01.3: quirk: [io  0x0700-0x070f] claimed by PIIX4 SMB
142 [    0.343104] acpi PNP0A03:00: ACPI _OSC support notification failed, disabling PCIe ASPM
143 [    0.344070] acpi PNP0A03:00: Unable to request _OSC control (_OSC support mask: 0x08)
144 [    0.350525] ACPI: PCI Interrupt Link [LNKA] (IRQs 5 *10 11)
145 [    0.351557] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
146 [    0.353559] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
147 [    0.355146] ACPI: PCI Interrupt Link [LNKD] (IRQs 5 10 *11)
148 [    0.357429] ACPI: PCI Interrupt Link [LNKS] (IRQs *9)
149 [    0.360731] ACPI: Enabled 16 GPEs in block 00 to 0F
150 [    0.364861] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
151 [    0.365073] vgaarb: loaded
152 [    0.366034] vgaarb: bridge control possible 0000:00:02.0
153 [    0.369180] SCSI subsystem initialized
154 [    0.370104] ACPI: bus type ATA registered
155 [    0.374000] pps_core: LinuxPPS API ver. 1 registered
156 [    0.374042] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
157 [    0.376055] PTP clock support registered
158 [    0.377651] PCI: Using ACPI for IRQ routing
159 [    0.387092] cfg80211: Calling CRDA to update world regulatory domain
160 [    0.390840] NetLabel: Initializing
161 [    0.391045] NetLabel:  domain hash size = 128
162 [    0.392028] NetLabel:  protocols = UNLABELED CIPSOv4
163 [    0.394131] NetLabel:  unlabeled traffic allowed by default
164 [    0.396357] HPET: 3 timers in total, 0 timers will be used for per-cpu timer
165 [    0.397000] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
166 [    0.399258] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
167 [    0.403000] Switching to clocksource hpet
168 [    0.459290] pnp: PnP ACPI init
169 [    0.460062] ACPI: bus type PNP registered
170 [    0.472349] pnp: PnP ACPI: found 10 devices
171 [    0.473069] ACPI: bus type PNP unregistered
172 [    0.476546] kworker/u2:0 (369) used greatest stack depth: 7020 bytes left
173 [    0.549015] NET: Registered protocol family 2
174 [    0.553424] TCP established hash table entries: 1024 (order: 1, 8192 bytes)
175 [    0.555696] TCP bind hash table entries: 1024 (order: 1, 8192 bytes)
176 [    0.557204] TCP: Hash tables configured (established 1024 bind 1024)
177 [    0.559307] TCP: reno registered
178 [    0.561870] UDP hash table entries: 256 (order: 1, 8192 bytes)
179 [    0.563621] UDP-Lite hash table entries: 256 (order: 1, 8192 bytes)
180 [    0.566137] NET: Registered protocol family 1
181 [    0.568983] RPC: Registered named UNIX socket transport module.
182 [    0.570720] RPC: Registered udp transport module.
183 [    0.571742] RPC: Registered tcp transport module.
184 [    0.572788] RPC: Registered tcp NFSv4.1 backchannel transport module.
185 [    0.576091] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
186 [    0.576429] pci 0000:00:01.0: PIIX3: Enabling Passive Release
187 [    0.581731] pci 0000:00:01.0: Activating ISA DMA hang workarounds
188 [    0.622091] microcode: CPU0 sig=0x663, pf=0x1, revision=0x0
189 [    0.624728] microcode: Microcode Update Driver: v2.00 <tigran@aivazian.fsnet.co.uk>, Peter Oruba
190 [    0.626546] Scanning for low memory corruption every 60 seconds
191 [    0.633912] audit: initializing netlink socket (disabled)
192 [    0.636554] type=2000 audit(1438765198.636:1): initialized
193 [    0.708201] HugeTLB registered 4 MB page size, pre-allocated 0 pages
194 [    0.743534] VFS: Disk quotas dquot_6.5.2
195 [    0.745062] Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
196 [    0.752887] kworker/u2:0 (544) used greatest stack depth: 6980 bytes left
197 [    0.761762] NFS: Registering the id_resolver key type
198 [    0.763958] Key type id_resolver registered
199 [    0.764838] Key type id_legacy registered
200 [    0.766713] msgmni has been set to 231
201 [    0.777784] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 252)
202 [    0.780426] io scheduler noop registered
203 [    0.781273] io scheduler deadline registered
204 [    0.783633] io scheduler cfq registered (default)
205 [    0.786663] pci_hotplug: PCI Hot Plug PCI Core version: 0.5
206 [    0.791211] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
207 [    0.793137] ACPI: Power Button [PWRF]
208 [    0.814357] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
209 [    0.839611] 00:05: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
210 [    0.852105] Non-volatile memory driver v1.3
211 [    0.853475] Linux agpgart interface v0.103
212 [    0.857962] [drm] Initialized drm 1.1.0 20060810
213 [    0.869001] loop: module loaded
214 [    0.886918] scsi0 : ata_piix
215 [    0.889793] scsi1 : ata_piix
216 [    0.892069] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc040 irq 14
217 [    0.893396] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc048 irq 15
218 [    0.903225] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
219 [    0.907034] serio: i8042 KBD port at 0x60,0x64 irq 1
220 [    0.908692] serio: i8042 AUX port at 0x60,0x64 irq 12
221 [    0.917325] mousedev: PS/2 mouse device common for all mice
222 [    0.921552] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
223 [    0.928758] device-mapper: ioctl: 4.24.0-ioctl (2013-01-15) initialised: dm-devel@redhat.com
224 [    0.931408] cpuidle: using governor ladder
225 [    0.932440] cpuidle: using governor menu
226 [    0.934504] hidraw: raw HID events driver (C) Jiri Kosina
227 [    0.941414] Netfilter messages via NETLINK v0.30.
228 [    0.944016] nf_conntrack version 0.5.0 (1852 buckets, 7408 max)
229 [    0.952440] ctnetlink v0.93: registering with nfnetlink.
230 [    0.956965] ip_tables: (C) 2000-2006 Netfilter Core Team
231 [    0.959743] TCP: cubic registered
232 [    0.960075] Initializing XFRM netlink socket
233 [    0.963648] NET: Registered protocol family 10
234 [    0.968998] ip6_tables: (C) 2000-2006 Netfilter Core Team
235 [    0.972067] sit: IPv6 over IPv4 tunneling driver
236 [    0.975865] NET: Registered protocol family 17
237 [    0.977894] Key type dns_resolver registered
238 [    0.980079] Using IPI No-Shortcut mode
239 [    0.987210] registered taskstats version 1
240 [    0.990722]   Magic number: 11:675:977
241 [    1.053051] ata2.00: ATAPI: QEMU DVD-ROM, 2.3.0, max UDMA/100
242 [    1.056210] ata2.00: configured for MWDMA2
243 [    1.064049] scsi 1:0:0:0: CD-ROM            QEMU     QEMU DVD-ROM     2.3. PQ: 0 ANSI: 5
244 [    1.072887] sr0: scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
245 [    1.074694] cdrom: Uniform CD-ROM driver Revision: 3.20
246 [    1.079892] sr 1:0:0:0: Attached scsi generic sg0 type 5
247 [    1.088087] Freeing unused kernel memory: 2124k freed
248 [    1.128077] Write protecting the kernel text: 5776k
249 [    1.129247] Write protecting the kernel read-only data: 1696k
250                                                             
251   *    *                                   ****       ****  
252  ***  ***     **        **      *    *    *    *     **     
253  * *  * *    *  *      *  *     *    *   *      *   **      
254  * *  * *   *    *    *    *    *    *   *      *    ***    
255  *  **  *   ******    *    *    *    *   *      *      **   
256  *      *   *         *    *    *    *   *      *       **  
257  *      *    *        *    *     *  **    *    *       **   
258  *      *     ***     *    *      **  *    ****     ****    
259                                                             
260 MenuOS>>[    1.536217] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input2
261 [    1.614615] tsc: Refined TSC clocksource calibration: 3594.685 MHz
262 [    1.617405] Switching to clocksource tsc
263 
264 MenuOS>>help
265 help - Menu List
266     * help - Menu List
267     * version - MenuOS V1.0(Based on Linux 3.18.6)
268     * quit - Quit from MenuOS
269     * time - Show System Time
270     * time-asm - Show System Time(asm)
271 MenuOS>>quit
272 quit - Quit from MenuOS
273 MenuOS>>qemu: terminating on signal 15 from pid 5972
274 descent@debian32:~/linux-3.10.27/arch/x86/boot$ exit
275 
276 Script done on Wed 05 Aug 2015 05:00:09 PM CST


rootfs 是《Linux 内核分析》提供的, 從這裡下載:
git clone https://github.com/mengning/menu.git

我做了個小修改使其可以在 arm kernel 上執行。

使用以下指令編譯:
gcc -o init linktable.c menu.c test.c -m32 -static -lpthread

編譯相關指令
make i386_defconfig

make ARCH=arm menuconfig

make ARCH=arm versatile_defconfig
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- bcmrpi_defconfig

make ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf-
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=mnt/ext4 modules
sudo make ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=mnt/ext4 modules_install

模擬器果然只是模擬器, 在 rpi 2 的真實機器上並沒有正常呈現畫面, 我的 dev 加入不少東西, 我也不知道哪個才是必要的。init 則要放在 /sbin/init

rpi2-rfs
 1 root@NB-debian:/media/2# ls /dev/ sbin/
 2 /dev/:
 3 autofs   mapper       sdb1      tty22  tty5     vboxdrvu
 4 block   mcelog       sdb2      tty23  tty50    vboxnetctl
 5 bsg   media0       sdb3      tty24  tty51    vboxusb
 6 btrfs-control  mei       serial    tty25  tty52    vcs
 7 bus   mem       sg0       tty26  tty53    vcs1
 8 cdrom   mmcblk0      sg1       tty27  tty54    vcs2
 9 cdrw   mmcblk0p1      sg2       tty28  tty55    vcs3
10 char   mmcblk0p2      shm       tty29  tty56    vcs4
11 console   mqueue       snapshot  tty3   tty57    vcs5
12 core   net       snd       tty30  tty58    vcs6
13 cpu   network_latency     sr0       tty31  tty59    vcs7
14 cpu_dma_latency  network_throughput  stderr    tty32  tty6     vcsa
15 cuse   null       stdin     tty33  tty60    vcsa1
16 disk   port       stdout    tty34  tty61    vcsa2
17 dri   ppp       tty       tty35  tty62    vcsa3
18 dvd   psaux       tty0      tty36  tty63    vcsa4
19 dvdrw   ptmx       tty1      tty37  tty7     vcsa5
20 fb0   pts       tty10     tty38  tty8     vcsa6
21 fd   random       tty11     tty39  tty9     vcsa7
22 full   rfkill       tty12     tty4   ttyS0    vfio
23 fuse   rtc       tty13     tty40  ttyS1    vga_arbiter
24 hidraw0   rtc0       tty14     tty41  ttyS2    vhci
25 hpet   sda       tty15     tty42  ttyS3    vhost-net
26 hugepages  sda1       tty16     tty43  ttyUSB0  video0
27 initctl   sda2       tty17     tty44  uhid     watchdog
28 input   sda3       tty18     tty45  uinput   watchdog0
29 kmsg   sda4       tty19     tty46  urandom  xconsole
30 kvm   sda5       tty2      tty47  usb      zero
31 log   sda6       tty20     tty48  v4l
32 loop-control  sdb       tty21     tty49  vboxdrv
33 
34 sbin/:
35 init 

以下是真實機器版本:
寄件者 20150614 raspberry pi 2

總算搞出來了, sd card 抽換的手快抽筋了。

在 arm 平台假如還有問題的話, 有可能還需要 /dev/ram0 並指定 kernel 參數 (也許不用, 但 /dev/ram0 一定要)
root=/dev/ram0

ex:
bootargs root=/dev/ram0 rw console=ttyS0,115200 mem=768M@0x00000000

ref:

沒有留言:

張貼留言

使用 google 的 reCAPTCHA 驗證碼, 總算可以輕鬆留言了。

我實在受不了 spam 了, 又不想讓大家的眼睛花掉, 只好放棄匿名留言。這是沒辦法中的辦法了。留言的朋友需要有 google 帳號。