Re: Bootloading within QEMU?

[Paolo Bonzini <pbonzini@redhat.com>]

On 17/08/21 16:31, Kenneth Adam Miller wrote:
> 
> 
> I am trying to discover how to schedule QEMU to begin actual emulation 
> as currently my target correctly starts QEMU but only shows the shell, 
> and not even boot loading occurs within QEMU. I'm trying to learn from 
> example, and so will focus my questions only on X86. I can see the 
> MachineClass and MachineState types, and I have tried to follow QEMU 
> with the debugger and found where QEMU calls qemu_init and 
> qemu_main_loop under qemu/softmmu/main.c, and even tried to follow 
> through from init to main loop to see where it would begin booting, but 
> I cannot see where the bootloader is scheduled or specified or started 
> from within the target occurs.

There are two possibilities:

1) QEMU loads a fixed firmware file, usually at a fixed address in 
memory so that the reset vector of the CPU is inside the firmware.  This 
is what happens for example on x86.  The firmware ultimately boots the 
machine (e.g. on x86 you have BIOS->GRUB->Linux or something like that).

2) QEMU loads a binary specified on the command line---typically with 
-kernel, which is stored in current_machine->kernel_filename---and 
somehow arranges for the guest to execute that file when it starts.  For 
example one possibility is to write a jump instruction at the CPU reset 
vector (see riscv_setup_rom_reset_vec for an example).  The functions 
you want to look at for the loading part are load_elf_ram*, and 
load_uimage_as and load_image_targphys_as.

Note that on platforms that use a fixed firmware file there's still the 
possibility of using -kernel.  In that case, the firmware initializes 
the system, then places the binary in memory and jumps to it.  qboot 
(https://github.com/qemu/qboot) is a very small x86 firmware that is 
able to boot a Linux or multiboot kernel.

Paolo