I am trying to run a custom kernel on the Morello FVP.It‘s alread working on QEMU. I followed these instructions:https://git.morello-project.org/morello/docs/-/blob/morello/mainline/common/standalone-baremetal-readme.rst.No matter what I try though, I just cannot get it to work.I was redirected from the official CHERI-CPU to here, so Ijust post one of the messages that contains more informationabout my issue here again:———So I am a bit stuck when trying to use PRELOADED_BL33_BASE='0xE0000000' instead of BL33="..test/helloworld when building the test binary and later running it in the FVP. I want to run a binary that I know is at address 0xE0000000 because if this works, I can just place the kernel's bootloader there and call it a day (hopefully). I am building fip withMBEDTLS_DIR="<morello_workspace>/bsp/deps/mbedtls" \CROSS_COMPILE="<morello_workspace>/tools/clang/bin/llvm-" \make -C "bsp/arm-tf" \ CC="<morello_workspace>/tools/clang/bin/clang" \ LD="<morello_workspace>/tools/clang/bin/ld.lld" \ PLAT=morello ARCH=aarch64 TARGET_PLATFORM=fvp ENABLE_MORELLO_CAP=1 \ E=0 TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION="devel_rsa" \ ROT_KEY="plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem" \ PRELOADED_BL33_BASE='0xE0000000' \ OPENSSL_DIR="<morello_workspace>/output/fvp/intermediates/host_openssl/install" \ all fipand I tried several setups in the FVP but no matter what I did and which options I chose, I could not the the helloworld binary from the example to work on the FVP. It‘s either giving me:NOTICE: Booting Trusted FirmwareNOTICE: BL1: v2.4(debug):37a5f702bNOTICE: BL1: Built : 14:51:05, Jan 27 2021INFO: BL1: RAM 0x4074000 - 0x407f000INFO: Using crypto library 'mbed TLS'INFO: Loading image id=6 at address 0x4001010INFO: Image id=6 loaded: 0x4001010 - 0x40014ceINFO: Loading image id=31 at address 0x4001010INFO: Image id=31 loaded: 0x4001010 - 0x400119cINFO: FCONF: Config file with image ID:31 loaded at address = 0x4001010INFO: Loading image id=24 at address 0x4001300INFO: Image id=24 loaded: 0x4001300 - 0x40013e8INFO: FCONF: Config file with image ID:24 loaded at address = 0x4001300INFO: BL1: Loading BL2INFO: Loading image id=1 at address 0x4057000INFO: Image id=1 loaded: 0x4057000 - 0x4068961NOTICE: BL1: Booting BL2INFO: Entry point address = 0x4057000INFO: SPSR = 0x3c5NOTICE: BL2: v2.7(release):547e449NOTICE: BL2: Built : 11:43:47, Jul 18 2023ERROR: BL2: Failed to load image id 5 (-2)
or it just hands in other configurations. What am I doing wrong? Thank you very much for your help already :)
This is now resolved. I went for UEFI instead. Not nice, not terrible.
Hi Georg,
I tried out the PRELOAD_BL33_BASE flag in order to reproduce the error. I was not able to reproduce the exact issue as I am not getting the hang at image id 5(bl33) but instead at image id 27(nt_fw_config). I think the delta probably could be attributed to previous build not getting cleaned properly.
The error at image id 27 is due to tf-a recursively trying to verify parent images of image id 27 when built with TRUSTED_BOARD_BOOT=1. One of which is image id 11(NON_TRUSTED_FW_KEY_CERT_ID) which when built with PRELOADED_BL33_BASE=1 flag, does not exist.
In the https://git.morello-project.org/morello/docs/-/blob/morello/mainline/common/standalone-baremetal-readme.rst , you can try the following changes in steps to see if it helps
In section 5
ENABLE_MORELLO_CAP=0
TRUSTED_BOARD_BOOT=0
In section 6.1
-C css.trustedBootROMloader.fname=<morello_workspace>/bsp/arm-tf/build/morello/release/bl1.bin
Note that TRUSTED_BOARD_BOOT=0 would disable image authentication and ENABLE_MORELLO_CAP=0 would disable morello capability so capability aware kernel might not work.
Thanks for the insight. I was seeing these Image 27 issues too, couldn't solve them though. Your approach is not of great help though because ENABLE_MORELLO_CAP=0 is not an option for me.. thank you nevertheless.