* [PATCH 1/8] hw/sd/sdcard: Fix size check for backing block image
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-25 9:39 ` Philippe Mathieu-Daudé
2025-08-24 7:18 ` [PATCH 2/8] hw/sd/sdcard: Add validation for boot-partition-size Jan Kiszka
` (6 subsequent siblings)
7 siblings, 1 reply; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
The power-of-2 rule applies to the user data area, not the complete
block image. The latter can be concatenation of boot partition images
and the user data.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
hw/sd/sd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 8c290595f0..16aee210b4 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -2789,7 +2789,7 @@ static void sd_realize(DeviceState *dev, Error **errp)
return;
}
- blk_size = blk_getlength(sd->blk);
+ blk_size = blk_getlength(sd->blk) - sd->boot_part_size * 2;
if (blk_size > 0 && !is_power_of_2(blk_size)) {
int64_t blk_size_aligned = pow2ceil(blk_size);
char *blk_size_str;
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 2/8] hw/sd/sdcard: Add validation for boot-partition-size
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
2025-08-24 7:18 ` [PATCH 1/8] hw/sd/sdcard: Fix size check for backing block image Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-24 7:18 ` [PATCH 3/8] hw/sd/sdcard: Allow user-instantiated eMMC Jan Kiszka
` (5 subsequent siblings)
7 siblings, 0 replies; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
Make sure we are not silently rounding down or even wrapping around,
causing inconsistencies with the provided image.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
hw/sd/sd.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 16aee210b4..834392b0a8 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -2818,6 +2818,16 @@ static void sd_realize(DeviceState *dev, Error **errp)
}
blk_set_dev_ops(sd->blk, &sd_block_ops, sd);
}
+ if (sd->boot_part_size % (128 * KiB) ||
+ sd->boot_part_size > 255 * 128 * KiB) {
+ char *size_str = size_to_str(sd->boot_part_size);
+
+ error_setg(errp, "Invalid boot partition size: %s", size_str);
+ g_free(size_str);
+ error_append_hint(errp,
+ "The boot partition size must be multiples of 128K"
+ "and not larger than 32640K.\n");
+ }
}
static void emmc_realize(DeviceState *dev, Error **errp)
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 3/8] hw/sd/sdcard: Allow user-instantiated eMMC
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
2025-08-24 7:18 ` [PATCH 1/8] hw/sd/sdcard: Fix size check for backing block image Jan Kiszka
2025-08-24 7:18 ` [PATCH 2/8] hw/sd/sdcard: Add validation for boot-partition-size Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-24 7:18 ` [PATCH 4/8] hw/sd/sdcard: Refactor sd_bootpart_offset Jan Kiszka
` (4 subsequent siblings)
7 siblings, 0 replies; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
Enable user-instantiation so that PCI-attached eMMCs can be created for
virt machines, for QA purposes for the eMMC model itself and for complex
firmware/OS integrations using the upcoming RPMB partition support.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
hw/sd/sd.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 834392b0a8..8a4f58295b 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -2912,8 +2912,6 @@ static void emmc_class_init(ObjectClass *klass, const void *data)
dc->desc = "eMMC";
dc->realize = emmc_realize;
device_class_set_props(dc, emmc_properties);
- /* Reason: Soldered on board */
- dc->user_creatable = false;
sc->proto = &sd_proto_emmc;
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 4/8] hw/sd/sdcard: Refactor sd_bootpart_offset
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
` (2 preceding siblings ...)
2025-08-24 7:18 ` [PATCH 3/8] hw/sd/sdcard: Allow user-instantiated eMMC Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-25 9:41 ` Philippe Mathieu-Daudé
2025-08-24 7:18 ` [PATCH 5/8] hw/sd/sdcard: Add basic support for RPMB partition Jan Kiszka
` (3 subsequent siblings)
7 siblings, 1 reply; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
This function provides the offset for any partition in the block image,
not only the boot partitions, therefore rename it. Align the constant
names with the numbering scheme in the standard and use constants for
both boot partitions for consistency reasons. There is also no reason to
return early if boot_part_size is zero because the existing code will
provide the right value in that case as well.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
hw/sd/sd.c | 16 ++++++++--------
hw/sd/sdmmc-internal.h | 3 ++-
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 8a4f58295b..b727a37d06 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -838,14 +838,14 @@ static uint32_t sd_blk_len(SDState *sd)
/*
* This requires a disk image that has two boot partitions inserted at the
- * beginning of it. The size of the boot partitions is the "boot-size"
- * property.
+ * beginning of it, followed by an RPMB partition. The size of the boot
+ * partitions is the "boot-partition-size" property.
*/
-static uint32_t sd_bootpart_offset(SDState *sd)
+static uint32_t sd_part_offset(SDState *sd)
{
unsigned partition_access;
- if (!sd->boot_part_size || !sd_is_emmc(sd)) {
+ if (!sd_is_emmc(sd)) {
return 0;
}
@@ -854,9 +854,9 @@ static uint32_t sd_bootpart_offset(SDState *sd)
switch (partition_access) {
case EXT_CSD_PART_CONFIG_ACC_DEFAULT:
return sd->boot_part_size * 2;
- case EXT_CSD_PART_CONFIG_ACC_BOOT0:
+ case EXT_CSD_PART_CONFIG_ACC_BOOT1:
return 0;
- case EXT_CSD_PART_CONFIG_ACC_BOOT0 + 1:
+ case EXT_CSD_PART_CONFIG_ACC_BOOT2:
return sd->boot_part_size * 1;
default:
g_assert_not_reached();
@@ -1057,7 +1057,7 @@ static const VMStateDescription sd_vmstate = {
static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len)
{
trace_sdcard_read_block(addr, len);
- addr += sd_bootpart_offset(sd);
+ addr += sd_part_offset(sd);
if (!sd->blk || blk_pread(sd->blk, addr, len, sd->data, 0) < 0) {
fprintf(stderr, "sd_blk_read: read error on host side\n");
}
@@ -1066,7 +1066,7 @@ static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len)
static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
{
trace_sdcard_write_block(addr, len);
- addr += sd_bootpart_offset(sd);
+ addr += sd_part_offset(sd);
if (!sd->blk || blk_pwrite(sd->blk, addr, len, sd->data, 0) < 0) {
fprintf(stderr, "sd_blk_write: write error on host side\n");
}
diff --git a/hw/sd/sdmmc-internal.h b/hw/sd/sdmmc-internal.h
index 91eb5b6b2f..ce6bc4e6ec 100644
--- a/hw/sd/sdmmc-internal.h
+++ b/hw/sd/sdmmc-internal.h
@@ -116,7 +116,8 @@ DECLARE_OBJ_CHECKERS(SDState, SDCardClass, SDMMC_COMMON, TYPE_SDMMC_COMMON)
#define EXT_CSD_PART_CONFIG_ACC_MASK (0x7)
#define EXT_CSD_PART_CONFIG_ACC_DEFAULT (0x0)
-#define EXT_CSD_PART_CONFIG_ACC_BOOT0 (0x1)
+#define EXT_CSD_PART_CONFIG_ACC_BOOT1 (0x1)
+#define EXT_CSD_PART_CONFIG_ACC_BOOT2 (0x2)
#define EXT_CSD_PART_CONFIG_EN_MASK (0x7 << 3)
#define EXT_CSD_PART_CONFIG_EN_BOOT0 (0x1 << 3)
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* Re: [PATCH 4/8] hw/sd/sdcard: Refactor sd_bootpart_offset
2025-08-24 7:18 ` [PATCH 4/8] hw/sd/sdcard: Refactor sd_bootpart_offset Jan Kiszka
@ 2025-08-25 9:41 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 22+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-08-25 9:41 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel; +Cc: Bin Meng, qemu-block, Ilias Apalodimas
On 24/8/25 09:18, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> This function provides the offset for any partition in the block image,
> not only the boot partitions, therefore rename it. Align the constant
> names with the numbering scheme in the standard and use constants for
> both boot partitions for consistency reasons. There is also no reason to
> return early if boot_part_size is zero because the existing code will
> provide the right value in that case as well.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> hw/sd/sd.c | 16 ++++++++--------
> hw/sd/sdmmc-internal.h | 3 ++-
> 2 files changed, 10 insertions(+), 9 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
^ permalink raw reply [flat|nested] 22+ messages in thread
* [PATCH 5/8] hw/sd/sdcard: Add basic support for RPMB partition
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
` (3 preceding siblings ...)
2025-08-24 7:18 ` [PATCH 4/8] hw/sd/sdcard: Refactor sd_bootpart_offset Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-24 7:18 ` [PATCH 6/8] crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls Jan Kiszka
` (2 subsequent siblings)
7 siblings, 0 replies; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
The Replay Protected Memory Block (RPMB) is available since eMMC 4.4
which has been obsoleted by 4.41. Therefore lift the provided
EXT_CSD_REV to 5 (4.41) and provide the basic logic to implement basic
support for it. This allows to set the authentication key, read the
write counter and authenticated perform data read and write requests.
Those aren't actually authenticated yet, support for that will be added
later.
The RPMB image needs to be added to backing block images after potential
boot partitions and before the user data. It's size is controlled by
the rpmb-partition-size property.
Also missing in this version (and actually not only for RPMB bits) is
persistence of registers that are supposed to survive power cycles. Most
prominent are the write counters or the authentication key. This feature
can be added later, e.g. by append a state structure to the backing
block image.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
hw/sd/sd.c | 198 +++++++++++++++++++++++++++++++++++++++--
hw/sd/sdmmc-internal.h | 21 +++++
hw/sd/trace-events | 2 +
3 files changed, 213 insertions(+), 8 deletions(-)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index b727a37d06..f9578c6e55 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -117,6 +117,20 @@ typedef struct SDProto {
} cmd[SDMMC_CMD_MAX], acmd[SDMMC_CMD_MAX];
} SDProto;
+#define RPMB_KEY_MAC_LEN 32
+
+typedef struct {
+ uint8_t stuff_bytes[196];
+ uint8_t key_mac[RPMB_KEY_MAC_LEN];
+ uint8_t data[256];
+ uint8_t nonce[16];
+ uint32_t write_counter;
+ uint16_t address;
+ uint16_t block_count;
+ uint16_t result;
+ uint16_t req_resp;
+} RPMBDataFrame;
+
struct SDState {
DeviceState parent_obj;
@@ -140,6 +154,7 @@ struct SDState {
uint8_t spec_version;
uint64_t boot_part_size;
+ uint64_t rpmb_part_size;
BlockBackend *blk;
uint8_t boot_config;
@@ -172,6 +187,10 @@ struct SDState {
uint32_t data_offset;
size_t data_size;
uint8_t data[512];
+ RPMBDataFrame rpmb_result;
+ uint32_t rpmb_write_counter;
+ uint8_t rpmb_key[32];
+ uint8_t rpmb_key_set;
QEMUTimer *ocr_power_timer;
uint8_t dat_lines;
bool cmd_line;
@@ -511,7 +530,9 @@ static void emmc_set_ext_csd(SDState *sd, uint64_t size)
sd->ext_csd[205] = 0x46; /* Min read perf for 4bit@26Mhz */
sd->ext_csd[EXT_CSD_CARD_TYPE] = 0b11;
sd->ext_csd[EXT_CSD_STRUCTURE] = 2;
- sd->ext_csd[EXT_CSD_REV] = 3;
+ sd->ext_csd[EXT_CSD_REV] = 5;
+ sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
+ sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
/* Mode segment (RW) */
sd->ext_csd[EXT_CSD_PART_CONFIG] = sd->boot_config;
@@ -839,7 +860,8 @@ static uint32_t sd_blk_len(SDState *sd)
/*
* This requires a disk image that has two boot partitions inserted at the
* beginning of it, followed by an RPMB partition. The size of the boot
- * partitions is the "boot-partition-size" property.
+ * partitions is the "boot-partition-size" property, the one of the RPMB
+ * partition is 'rpmb-partition-size'.
*/
static uint32_t sd_part_offset(SDState *sd)
{
@@ -853,11 +875,13 @@ static uint32_t sd_part_offset(SDState *sd)
& EXT_CSD_PART_CONFIG_ACC_MASK;
switch (partition_access) {
case EXT_CSD_PART_CONFIG_ACC_DEFAULT:
- return sd->boot_part_size * 2;
+ return sd->boot_part_size * 2 + sd->rpmb_part_size;
case EXT_CSD_PART_CONFIG_ACC_BOOT1:
return 0;
case EXT_CSD_PART_CONFIG_ACC_BOOT2:
return sd->boot_part_size * 1;
+ case EXT_CSD_PART_CONFIG_ACC_RPMB:
+ return sd->boot_part_size * 2;
default:
g_assert_not_reached();
}
@@ -896,7 +920,7 @@ static void sd_reset(DeviceState *dev)
}
size = sect << HWBLOCK_SHIFT;
if (sd_is_emmc(sd)) {
- size -= sd->boot_part_size * 2;
+ size -= sd->boot_part_size * 2 + sd->rpmb_part_size;
}
sect = sd_addr_to_wpnum(size) + 1;
@@ -984,6 +1008,34 @@ static const VMStateDescription sd_ocr_vmstate = {
},
};
+static bool vmstate_needed_for_rpmb(void *opaque)
+{
+ SDState *sd = opaque;
+
+ return sd->rpmb_part_size > 0;
+}
+
+static const VMStateDescription emmc_rpmb_vmstate = {
+ .name = "sd-card/ext_csd_modes-state",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = vmstate_needed_for_rpmb,
+ .fields = (const VMStateField[]) {
+ VMSTATE_UINT8_ARRAY(rpmb_result.key_mac, SDState, RPMB_KEY_MAC_LEN),
+ VMSTATE_UINT8_ARRAY(rpmb_result.data, SDState, 256),
+ VMSTATE_UINT8_ARRAY(rpmb_result.nonce, SDState, 16),
+ VMSTATE_UINT32(rpmb_result.write_counter, SDState),
+ VMSTATE_UINT16(rpmb_result.address, SDState),
+ VMSTATE_UINT16(rpmb_result.block_count, SDState),
+ VMSTATE_UINT16(rpmb_result.result, SDState),
+ VMSTATE_UINT16(rpmb_result.req_resp, SDState),
+ VMSTATE_UINT32(rpmb_write_counter, SDState),
+ VMSTATE_UINT8_ARRAY(rpmb_key, SDState, 32),
+ VMSTATE_UINT8(rpmb_key_set, SDState),
+ VMSTATE_END_OF_LIST()
+ },
+};
+
static bool vmstate_needed_for_emmc(void *opaque)
{
SDState *sd = opaque;
@@ -1050,6 +1102,7 @@ static const VMStateDescription sd_vmstate = {
.subsections = (const VMStateDescription * const []) {
&sd_ocr_vmstate,
&emmc_extcsd_vmstate,
+ &emmc_rpmb_vmstate,
NULL
},
};
@@ -1072,6 +1125,96 @@ static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
}
}
+static void emmc_rpmb_blk_read(SDState *sd, uint64_t addr, uint32_t len)
+{
+ uint16_t resp = be16_to_cpu(sd->rpmb_result.req_resp);
+ unsigned int curr_block = 0;
+
+ if (be16_to_cpu(sd->rpmb_result.result) == RPMB_RESULT_OK &&
+ resp == RPMB_RESP(RPMB_REQ_AUTH_DATA_READ)) {
+ curr_block = be16_to_cpu(sd->rpmb_result.address);
+ if (sd->rpmb_result.block_count == 0) {
+ sd->rpmb_result.block_count = cpu_to_be16(sd->multi_blk_cnt);
+ } else {
+ curr_block += be16_to_cpu(sd->rpmb_result.block_count) -
+ sd->multi_blk_cnt;
+ }
+ addr = curr_block * 256 + sd_part_offset(sd);
+ if (blk_pread(sd->blk, addr, 256, sd->rpmb_result.data, 0) < 0) {
+ fprintf(stderr, "sd_blk_read: read error on host side\n");
+ memset(sd->rpmb_result.data, 0, sizeof(sd->rpmb_result.data));
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_READ_FAILURE);
+ }
+ }
+ memcpy(sd->data, &sd->rpmb_result, sizeof(sd->rpmb_result));
+
+ trace_sdcard_rpmb_read_block(resp, curr_block,
+ be16_to_cpu(sd->rpmb_result.result));
+}
+
+static void emmc_rpmb_blk_write(SDState *sd, uint64_t addr, uint32_t len)
+{
+ RPMBDataFrame *frame = (RPMBDataFrame *)sd->data;
+ uint16_t req = be16_to_cpu(frame->req_resp);
+
+ if (req == RPMB_REQ_READ_RESULT) {
+ /* just return the current result register */
+ goto exit;
+ }
+ memset(&sd->rpmb_result, 0, sizeof(sd->rpmb_result));
+ memcpy(sd->rpmb_result.nonce, frame->nonce, sizeof(sd->rpmb_result.nonce));
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_OK);
+ sd->rpmb_result.req_resp = cpu_to_be16(RPMB_RESP(req));
+
+ if (!sd->rpmb_key_set && req != RPMB_REQ_PROGRAM_AUTH_KEY) {
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_NO_AUTH_KEY);
+ goto exit;
+ }
+
+ switch (req) {
+ case RPMB_REQ_PROGRAM_AUTH_KEY:
+ if (sd->rpmb_key_set) {
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_WRITE_FAILURE);
+ break;
+ }
+ memcpy(sd->rpmb_key, frame->key_mac, sizeof(sd->rpmb_key));
+ sd->rpmb_key_set = 1;
+ break;
+ case RPMB_REQ_READ_WRITE_COUNTER:
+ sd->rpmb_result.write_counter = cpu_to_be32(sd->rpmb_write_counter);
+ break;
+ case RPMB_REQ_AUTH_DATA_WRITE:
+ /* We only support single-block writes so far */
+ if (sd->multi_blk_cnt != 1) {
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_GENERAL_FAILURE);
+ break;
+ }
+ if (be32_to_cpu(frame->write_counter) != sd->rpmb_write_counter) {
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_COUNTER_FAILURE);
+ break;
+ }
+ sd->rpmb_result.address = frame->address;
+ addr = be16_to_cpu(frame->address) * 256 + sd_part_offset(sd);
+ if (blk_pwrite(sd->blk, addr, 256, frame->data, 0) < 0) {
+ fprintf(stderr, "sd_blk_write: write error on host side\n");
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_WRITE_FAILURE);
+ } else {
+ sd->rpmb_write_counter++;
+ }
+ sd->rpmb_result.write_counter = cpu_to_be32(sd->rpmb_write_counter);
+ break;
+ case RPMB_REQ_AUTH_DATA_READ:
+ sd->rpmb_result.address = frame->address;
+ break;
+ default:
+ qemu_log_mask(LOG_UNIMP, "RPMB request %d not implemented\n", req);
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_GENERAL_FAILURE);
+ break;
+ }
+exit:
+ trace_sdcard_rpmb_write_block(req, be16_to_cpu(sd->rpmb_result.result));
+}
+
static void sd_erase(SDState *sd)
{
uint64_t erase_start = sd->erase_start;
@@ -1185,6 +1328,19 @@ static void emmc_function_switch(SDState *sd, uint32_t arg)
break;
}
+ if (index == EXT_CSD_PART_CONFIG) {
+ uint8_t part = b & EXT_CSD_PART_CONFIG_ACC_MASK;
+
+ if (((part == EXT_CSD_PART_CONFIG_ACC_BOOT1 ||
+ part == EXT_CSD_PART_CONFIG_ACC_BOOT2) && !sd->boot_part_size) ||
+ (part == EXT_CSD_PART_CONFIG_ACC_RPMB && !sd->rpmb_part_size)) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "MMC switching to illegal partition\n");
+ sd->card_status |= R_CSR_SWITCH_ERROR_MASK;
+ return;
+ }
+ }
+
trace_sdcard_ext_csd_update(index, sd->ext_csd[index], b);
sd->ext_csd[index] = b;
}
@@ -2386,6 +2542,7 @@ static bool sd_generic_read_byte(SDState *sd, uint8_t *value)
static void sd_write_byte(SDState *sd, uint8_t value)
{
+ unsigned int partition_access;
int i;
if (!sd->blk || !blk_is_inserted(sd->blk)) {
@@ -2435,7 +2592,13 @@ static void sd_write_byte(SDState *sd, uint8_t value)
if (sd->data_offset >= sd->blk_len) {
/* TODO: Check CRC before committing */
sd->state = sd_programming_state;
- sd_blk_write(sd, sd->data_start, sd->data_offset);
+ partition_access = sd->ext_csd[EXT_CSD_PART_CONFIG]
+ & EXT_CSD_PART_CONFIG_ACC_MASK;
+ if (partition_access == EXT_CSD_PART_CONFIG_ACC_RPMB) {
+ emmc_rpmb_blk_write(sd, sd->data_start, sd->data_offset);
+ } else {
+ sd_blk_write(sd, sd->data_start, sd->data_offset);
+ }
sd->blk_written++;
sd->data_start += sd->blk_len;
sd->data_offset = 0;
@@ -2518,6 +2681,7 @@ static uint8_t sd_read_byte(SDState *sd)
{
/* TODO: Append CRCs */
const uint8_t dummy_byte = 0x00;
+ unsigned int partition_access;
uint8_t ret;
uint32_t io_len;
@@ -2561,7 +2725,13 @@ static uint8_t sd_read_byte(SDState *sd)
sd->data_start, io_len)) {
return dummy_byte;
}
- sd_blk_read(sd, sd->data_start, io_len);
+ partition_access = sd->ext_csd[EXT_CSD_PART_CONFIG]
+ & EXT_CSD_PART_CONFIG_ACC_MASK;
+ if (partition_access == EXT_CSD_PART_CONFIG_ACC_RPMB) {
+ emmc_rpmb_blk_read(sd, sd->data_start, io_len);
+ } else {
+ sd_blk_read(sd, sd->data_start, io_len);
+ }
}
ret = sd->data[sd->data_offset ++];
@@ -2789,7 +2959,8 @@ static void sd_realize(DeviceState *dev, Error **errp)
return;
}
- blk_size = blk_getlength(sd->blk) - sd->boot_part_size * 2;
+ blk_size = blk_getlength(sd->blk) - sd->boot_part_size * 2 -
+ sd->rpmb_part_size;
if (blk_size > 0 && !is_power_of_2(blk_size)) {
int64_t blk_size_aligned = pow2ceil(blk_size);
char *blk_size_str;
@@ -2828,13 +2999,23 @@ static void sd_realize(DeviceState *dev, Error **errp)
"The boot partition size must be multiples of 128K"
"and not larger than 32640K.\n");
}
+ if (sd->rpmb_part_size % (128 * KiB) ||
+ sd->rpmb_part_size > 128 * 128 * KiB) {
+ char *size_str = size_to_str(sd->boot_part_size);
+
+ error_setg(errp, "Invalid boot partition size: %s", size_str);
+ g_free(size_str);
+ error_append_hint(errp,
+ "The RPMB partition size must be multiples of 128K"
+ "and not larger than 16384K.\n");
+ }
}
static void emmc_realize(DeviceState *dev, Error **errp)
{
SDState *sd = SDMMC_COMMON(dev);
- sd->spec_version = SD_PHY_SPECv3_01_VERS; /* Actually v4.3 */
+ sd->spec_version = SD_PHY_SPECv3_01_VERS; /* Actually v4.5 */
sd_realize(dev, errp);
}
@@ -2851,6 +3032,7 @@ static const Property sd_properties[] = {
static const Property emmc_properties[] = {
DEFINE_PROP_UINT64("boot-partition-size", SDState, boot_part_size, 0),
DEFINE_PROP_UINT8("boot-config", SDState, boot_config, 0x0),
+ DEFINE_PROP_UINT64("rpmb-partition-size", SDState, rpmb_part_size, 0),
};
static void sdmmc_common_class_init(ObjectClass *klass, const void *data)
diff --git a/hw/sd/sdmmc-internal.h b/hw/sd/sdmmc-internal.h
index ce6bc4e6ec..c4a9aa8edf 100644
--- a/hw/sd/sdmmc-internal.h
+++ b/hw/sd/sdmmc-internal.h
@@ -118,9 +118,30 @@ DECLARE_OBJ_CHECKERS(SDState, SDCardClass, SDMMC_COMMON, TYPE_SDMMC_COMMON)
#define EXT_CSD_PART_CONFIG_ACC_DEFAULT (0x0)
#define EXT_CSD_PART_CONFIG_ACC_BOOT1 (0x1)
#define EXT_CSD_PART_CONFIG_ACC_BOOT2 (0x2)
+#define EXT_CSD_PART_CONFIG_ACC_RPMB (0x3)
#define EXT_CSD_PART_CONFIG_EN_MASK (0x7 << 3)
#define EXT_CSD_PART_CONFIG_EN_BOOT0 (0x1 << 3)
#define EXT_CSD_PART_CONFIG_EN_USER (0x7 << 3)
+#define RPMB_REQ_PROGRAM_AUTH_KEY (1)
+#define RPMB_REQ_READ_WRITE_COUNTER (2)
+#define RPMB_REQ_AUTH_DATA_WRITE (3)
+#define RPMB_REQ_AUTH_DATA_READ (4)
+#define RPMB_REQ_READ_RESULT (5)
+#define RPMB_REQ_AUTH_CONFIG_WRITE (6)
+#define RPMB_REQ_AUTH_CONFIG_READ (7)
+
+#define RPMB_RESP(__req__) ((__req__) << 8)
+
+#define RPMB_RESULT_OK (0)
+#define RPMB_RESULT_GENERAL_FAILURE (1)
+#define RPMB_RESULT_AUTH_FAILURE (2)
+#define RPMB_RESULT_COUNTER_FAILURE (3)
+#define RPMB_RESULT_ADDRESS_FAILURE (4)
+#define RPMB_RESULT_WRITE_FAILURE (5)
+#define RPMB_RESULT_READ_FAILURE (6)
+#define RPMB_RESULT_NO_AUTH_KEY (7)
+#define RPMB_RESULT_COUTER_EXPIRED (0x80)
+
#endif
diff --git a/hw/sd/trace-events b/hw/sd/trace-events
index 8d49840917..d30daa2143 100644
--- a/hw/sd/trace-events
+++ b/hw/sd/trace-events
@@ -59,6 +59,8 @@ sdcard_read_data(const char *proto, const char *cmd_desc, uint8_t cmd, uint32_t
sdcard_set_voltage(uint16_t millivolts) "%u mV"
sdcard_ext_csd_update(unsigned index, uint8_t oval, uint8_t nval) "index %u: 0x%02x -> 0x%02x"
sdcard_switch(unsigned access, unsigned index, unsigned value, unsigned set) "SWITCH acc:%u idx:%u val:%u set:%u"
+sdcard_rpmb_read_block(uint16_t resp, uint16_t read_addr, uint16_t result) "resp 0x%x read_addr 0x%x result 0x%x"
+sdcard_rpmb_write_block(uint16_t req, uint16_t result) "req 0x%x result 0x%x"
# pl181.c
pl181_command_send(uint8_t cmd, uint32_t arg) "sending CMD%02d arg 0x%08" PRIx32
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* [PATCH 6/8] crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
` (4 preceding siblings ...)
2025-08-24 7:18 ` [PATCH 5/8] hw/sd/sdcard: Add basic support for RPMB partition Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-25 9:43 ` Philippe Mathieu-Daudé
2025-08-24 7:18 ` [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field Jan Kiszka
2025-08-24 7:18 ` [PATCH 8/8] scripts: Add helper script to generate eMMC block device images Jan Kiszka
7 siblings, 1 reply; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas, Daniel P. Berrangé
From: Jan Kiszka <jan.kiszka@siemens.com>
If the buffers that should be considered for building the hmac are not
available at the same time, the current API is unsuitable. Extend it so
that passing a NULL pointer as result_len is used as indicator that
further buffers will be passed in succeeding calls to
qcrypto_gnutls_hmac_bytes[v].
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
---
crypto/hmac-gcrypt.c | 4 +++-
crypto/hmac-glib.c | 4 +++-
crypto/hmac-gnutls.c | 4 +++-
crypto/hmac-nettle.c | 4 +++-
include/crypto/hmac.h | 12 ++++++++++++
5 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/crypto/hmac-gcrypt.c b/crypto/hmac-gcrypt.c
index 5273086eb9..e428d17479 100644
--- a/crypto/hmac-gcrypt.c
+++ b/crypto/hmac-gcrypt.c
@@ -121,7 +121,9 @@ qcrypto_gcrypt_hmac_bytesv(QCryptoHmac *hmac,
return -1;
}
- if (*resultlen == 0) {
+ if (resultlen == NULL) {
+ return 0;
+ } else if (*resultlen == 0) {
*resultlen = ret;
*result = g_new0(uint8_t, *resultlen);
} else if (*resultlen != ret) {
diff --git a/crypto/hmac-glib.c b/crypto/hmac-glib.c
index ea80c8d1b2..b845133a05 100644
--- a/crypto/hmac-glib.c
+++ b/crypto/hmac-glib.c
@@ -104,7 +104,9 @@ qcrypto_glib_hmac_bytesv(QCryptoHmac *hmac,
return -1;
}
- if (*resultlen == 0) {
+ if (resultlen == NULL) {
+ return 0;
+ } else if (*resultlen == 0) {
*resultlen = ret;
*result = g_new0(uint8_t, *resultlen);
} else if (*resultlen != ret) {
diff --git a/crypto/hmac-gnutls.c b/crypto/hmac-gnutls.c
index 822995505c..3c5bcbe80b 100644
--- a/crypto/hmac-gnutls.c
+++ b/crypto/hmac-gnutls.c
@@ -119,7 +119,9 @@ qcrypto_gnutls_hmac_bytesv(QCryptoHmac *hmac,
return -1;
}
- if (*resultlen == 0) {
+ if (resultlen == NULL) {
+ return 0;
+ } else if (*resultlen == 0) {
*resultlen = ret;
*result = g_new0(uint8_t, *resultlen);
} else if (*resultlen != ret) {
diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c
index dd5b2ab7a1..2cff7931e1 100644
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@@ -164,7 +164,9 @@ qcrypto_nettle_hmac_bytesv(QCryptoHmac *hmac,
}
}
- if (*resultlen == 0) {
+ if (resultlen == NULL) {
+ return 0;
+ } else if (*resultlen == 0) {
*resultlen = qcrypto_hmac_alg_map[hmac->alg].len;
*result = g_new0(uint8_t, *resultlen);
} else if (*resultlen != qcrypto_hmac_alg_map[hmac->alg].len) {
diff --git a/include/crypto/hmac.h b/include/crypto/hmac.h
index da8a1e3ceb..af3d5f8feb 100644
--- a/include/crypto/hmac.h
+++ b/include/crypto/hmac.h
@@ -90,6 +90,12 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoHmac, qcrypto_hmac_free)
* The memory referenced in @result must be released with a call
* to g_free() when no longer required by the caller.
*
+ * If @result_len is set to a NULL pointer, no result will be returned, and
+ * the hmac object can be used for further invocations of qcrypto_hmac_bytes()
+ * or qcrypto_hmac_bytesv() until a non-NULL pointer is provided. This allows
+ * to build the hmac across memory regions that are not available at the same
+ * time.
+ *
* Returns:
* 0 on success, -1 on error
*/
@@ -123,6 +129,12 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
* The memory referenced in @result must be released with a call
* to g_free() when no longer required by the caller.
*
+ * If @result_len is set to a NULL pointer, no result will be returned, and
+ * the hmac object can be used for further invocations of qcrypto_hmac_bytes()
+ * or qcrypto_hmac_bytesv() until a non-NULL pointer is provided. This allows
+ * to build the hmac across memory regions that are not available at the same
+ * time.
+ *
* Returns:
* 0 on success, -1 on error
*/
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* Re: [PATCH 6/8] crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls
2025-08-24 7:18 ` [PATCH 6/8] crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls Jan Kiszka
@ 2025-08-25 9:43 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 22+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-08-25 9:43 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel
Cc: Bin Meng, qemu-block, Ilias Apalodimas, Daniel P. Berrangé
On 24/8/25 09:18, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> If the buffers that should be considered for building the hmac are not
> available at the same time, the current API is unsuitable. Extend it so
> that passing a NULL pointer as result_len is used as indicator that
> further buffers will be passed in succeeding calls to
> qcrypto_gnutls_hmac_bytes[v].
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> Cc: "Daniel P. Berrangé" <berrange@redhat.com>
> ---
> crypto/hmac-gcrypt.c | 4 +++-
> crypto/hmac-glib.c | 4 +++-
> crypto/hmac-gnutls.c | 4 +++-
> crypto/hmac-nettle.c | 4 +++-
> include/crypto/hmac.h | 12 ++++++++++++
> 5 files changed, 24 insertions(+), 4 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
^ permalink raw reply [flat|nested] 22+ messages in thread
* [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
` (5 preceding siblings ...)
2025-08-24 7:18 ` [PATCH 6/8] crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-25 9:47 ` Philippe Mathieu-Daudé
2025-09-09 14:39 ` Jerome Forissier
2025-08-24 7:18 ` [PATCH 8/8] scripts: Add helper script to generate eMMC block device images Jan Kiszka
7 siblings, 2 replies; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
Implement correct setting of the MAC field when passing RPMB frames back
to the guest. Also check the MAC on authenticated write requests.
As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
register the eMMC class if that is available.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 89 insertions(+), 1 deletion(-)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index f9578c6e55..1acf9f5306 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -51,6 +51,7 @@
#include "qemu/module.h"
#include "sdmmc-internal.h"
#include "trace.h"
+#include "crypto/hmac.h"
//#define DEBUG_SD 1
@@ -118,6 +119,7 @@ typedef struct SDProto {
} SDProto;
#define RPMB_KEY_MAC_LEN 32
+#define RPMB_HASH_LEN 284
typedef struct {
uint8_t stuff_bytes[196];
@@ -1125,6 +1127,66 @@ static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
}
}
+static bool rpmb_calc_hmac(SDState *sd, RPMBDataFrame *frame,
+ unsigned int num_blocks, uint8_t *mac)
+{
+ size_t mac_len = RPMB_KEY_MAC_LEN;
+ bool success = true;
+ Error *err = NULL;
+ QCryptoHmac *hmac;
+ uint64_t addr;
+
+ hmac = qcrypto_hmac_new(QCRYPTO_HASH_ALGO_SHA256, sd->rpmb_key,
+ RPMB_KEY_MAC_LEN, &err);
+ if (!hmac) {
+ error_report_err(err);
+ return false;
+ }
+
+ /*
+ * This implies a read request because we only support single-block write
+ * requests so far.
+ */
+ if (num_blocks > 1) {
+ /*
+ * Unfortunately, the underlying crypto libraries do not allow us to
+ * migrate an active QCryptoHmac state. Therefore, we have to calculate
+ * the HMAC in one run. To avoid buffering a complete read sequence in
+ * SDState, reconstruct all frames except for the last one.
+ */
+ char *buf = (char *)sd->data;
+
+ memcpy(buf, frame->data, RPMB_HASH_LEN);
+ addr = be16_to_cpu(frame->address) * 256 + sd_part_offset(sd);
+ do {
+ if (blk_pread(sd->blk, addr, 256, buf, 0) < 0) {
+ fprintf(stderr, "sd_blk_read: read error on host side\n");
+ success = false;
+ break;
+ }
+ if (qcrypto_hmac_bytes(hmac, buf, RPMB_HASH_LEN, NULL, NULL,
+ &err) < 0) {
+ error_report_err(err);
+ success = false;
+ break;
+ }
+ addr += 256;
+ } while (--num_blocks > 1);
+ }
+
+ if (success &&
+ qcrypto_hmac_bytes(hmac, (const char*)frame->data, RPMB_HASH_LEN, &mac,
+ &mac_len, &err) < 0) {
+ error_report_err(err);
+ success = false;
+ }
+ assert(!success || mac_len == RPMB_KEY_MAC_LEN);
+
+ qcrypto_hmac_free(hmac);
+
+ return success;
+}
+
static void emmc_rpmb_blk_read(SDState *sd, uint64_t addr, uint32_t len)
{
uint16_t resp = be16_to_cpu(sd->rpmb_result.req_resp);
@@ -1145,6 +1207,17 @@ static void emmc_rpmb_blk_read(SDState *sd, uint64_t addr, uint32_t len)
memset(sd->rpmb_result.data, 0, sizeof(sd->rpmb_result.data));
sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_READ_FAILURE);
}
+ if (sd->multi_blk_cnt == 1 &&
+ !rpmb_calc_hmac(sd, &sd->rpmb_result,
+ be16_to_cpu(sd->rpmb_result.block_count),
+ sd->rpmb_result.key_mac)) {
+ memset(sd->rpmb_result.data, 0, sizeof(sd->rpmb_result.data));
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_AUTH_FAILURE);
+ }
+ } else if (!rpmb_calc_hmac(sd, &sd->rpmb_result, 1,
+ sd->rpmb_result.key_mac)) {
+ memset(sd->rpmb_result.data, 0, sizeof(sd->rpmb_result.data));
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_AUTH_FAILURE);
}
memcpy(sd->data, &sd->rpmb_result, sizeof(sd->rpmb_result));
@@ -1156,6 +1229,7 @@ static void emmc_rpmb_blk_write(SDState *sd, uint64_t addr, uint32_t len)
{
RPMBDataFrame *frame = (RPMBDataFrame *)sd->data;
uint16_t req = be16_to_cpu(frame->req_resp);
+ uint8_t mac[RPMB_KEY_MAC_LEN];
if (req == RPMB_REQ_READ_RESULT) {
/* just return the current result register */
@@ -1189,6 +1263,11 @@ static void emmc_rpmb_blk_write(SDState *sd, uint64_t addr, uint32_t len)
sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_GENERAL_FAILURE);
break;
}
+ if (!rpmb_calc_hmac(sd, frame, 1, mac) ||
+ memcmp(frame->key_mac, mac, RPMB_KEY_MAC_LEN) != 0) {
+ sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_AUTH_FAILURE);
+ break;
+ }
if (be32_to_cpu(frame->write_counter) != sd->rpmb_write_counter) {
sd->rpmb_result.result = cpu_to_be16(RPMB_RESULT_COUNTER_FAILURE);
break;
@@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
.parent = TYPE_SD_CARD,
.class_init = sd_spi_class_init,
},
+ /* must be last element */
{
.name = TYPE_EMMC,
.parent = TYPE_SDMMC_COMMON,
@@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
},
};
-DEFINE_TYPES(sd_types)
+static void sd_register_types(void)
+{
+ int num = ARRAY_SIZE(sd_types);
+ if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
+ num--;
+ }
+ type_register_static_array(sd_types, num);
+}
+type_init(sd_register_types);
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-24 7:18 ` [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field Jan Kiszka
@ 2025-08-25 9:47 ` Philippe Mathieu-Daudé
2025-08-25 16:12 ` Jan Kiszka
2025-09-09 14:39 ` Jerome Forissier
1 sibling, 1 reply; 22+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-08-25 9:47 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel; +Cc: Bin Meng, qemu-block, Ilias Apalodimas
Hi Jan,
On 24/8/25 09:18, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> Implement correct setting of the MAC field when passing RPMB frames back
> to the guest. Also check the MAC on authenticated write requests.
>
> As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
> register the eMMC class if that is available.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 89 insertions(+), 1 deletion(-)
> @@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
> .parent = TYPE_SD_CARD,
> .class_init = sd_spi_class_init,
> },
> + /* must be last element */
> {
> .name = TYPE_EMMC,
> .parent = TYPE_SDMMC_COMMON,
> @@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
> },
> };
>
> -DEFINE_TYPES(sd_types)
> +static void sd_register_types(void)
> +{
> + int num = ARRAY_SIZE(sd_types);
> + if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
> + num--;
Instead, expose RPMB feature in CSD when HMAC supported?
Something in emmc_set_ext_csd() in the lines of:
if (qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
sd->ext_csd[EXT_CSD_REV] = 5;
sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
} else {
sd->ext_csd[EXT_CSD_REV] = 3;
}
> + }
> + type_register_static_array(sd_types, num);
> +}
> +type_init(sd_register_types);
^ permalink raw reply [flat|nested] 22+ messages in thread* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-25 9:47 ` Philippe Mathieu-Daudé
@ 2025-08-25 16:12 ` Jan Kiszka
2025-08-25 16:30 ` Philippe Mathieu-Daudé
0 siblings, 1 reply; 22+ messages in thread
From: Jan Kiszka @ 2025-08-25 16:12 UTC (permalink / raw)
To: Philippe Mathieu-Daudé, qemu-devel
Cc: Bin Meng, qemu-block, Ilias Apalodimas
On 25.08.25 11:47, Philippe Mathieu-Daudé wrote:
> Hi Jan,
>
> On 24/8/25 09:18, Jan Kiszka wrote:
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> Implement correct setting of the MAC field when passing RPMB frames back
>> to the guest. Also check the MAC on authenticated write requests.
>>
>> As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
>> register the eMMC class if that is available.
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>> hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
>> 1 file changed, 89 insertions(+), 1 deletion(-)
>
>
>> @@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
>> .parent = TYPE_SD_CARD,
>> .class_init = sd_spi_class_init,
>> },
>> + /* must be last element */
>> {
>> .name = TYPE_EMMC,
>> .parent = TYPE_SDMMC_COMMON,
>> @@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
>> },
>> };
>> -DEFINE_TYPES(sd_types)
>> +static void sd_register_types(void)
>> +{
>> + int num = ARRAY_SIZE(sd_types);
>> + if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
>> + num--;
>
> Instead, expose RPMB feature in CSD when HMAC supported?
>
> Something in emmc_set_ext_csd() in the lines of:
>
> if (qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
> sd->ext_csd[EXT_CSD_REV] = 5;
> sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
> sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
> } else {
> sd->ext_csd[EXT_CSD_REV] = 3;
> }
I need to check if revision 5 still had RPMB as optional (current ones
definitely require it), but I don't think rolling back to revision 3
would be good idea. If start to add more features from newer revisions,
that may cause even more weird results from the user perspective. I'm
not saying we are fully compliant in one or the other version, rather
that we need to work towards becoming so. Have to support multiple
versions along that will not make it easier.
Jan
>
>> + }
>> + type_register_static_array(sd_types, num);
>> +}
>> +type_init(sd_register_types);
>
--
Siemens AG, Foundational Technologies
Linux Expert Center
^ permalink raw reply [flat|nested] 22+ messages in thread* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-25 16:12 ` Jan Kiszka
@ 2025-08-25 16:30 ` Philippe Mathieu-Daudé
2025-08-26 10:18 ` Daniel P. Berrangé
0 siblings, 1 reply; 22+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-08-25 16:30 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel, Daniel P. Berrangé
Cc: Bin Meng, qemu-block, Ilias Apalodimas
+Dan
On 25/8/25 18:12, Jan Kiszka wrote:
> On 25.08.25 11:47, Philippe Mathieu-Daudé wrote:
>> Hi Jan,
>>
>> On 24/8/25 09:18, Jan Kiszka wrote:
>>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>>
>>> Implement correct setting of the MAC field when passing RPMB frames back
>>> to the guest. Also check the MAC on authenticated write requests.
>>>
>>> As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
>>> register the eMMC class if that is available.
>>>
>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>>> ---
>>> hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
>>> 1 file changed, 89 insertions(+), 1 deletion(-)
>>
>>
>>> @@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
>>> .parent = TYPE_SD_CARD,
>>> .class_init = sd_spi_class_init,
>>> },
>>> + /* must be last element */
>>> {
>>> .name = TYPE_EMMC,
>>> .parent = TYPE_SDMMC_COMMON,
>>> @@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
>>> },
>>> };
>>> -DEFINE_TYPES(sd_types)
>>> +static void sd_register_types(void)
>>> +{
>>> + int num = ARRAY_SIZE(sd_types);
>>> + if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
>>> + num--;
>>
>> Instead, expose RPMB feature in CSD when HMAC supported?
>>
>> Something in emmc_set_ext_csd() in the lines of:
>>
>> if (qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
>> sd->ext_csd[EXT_CSD_REV] = 5;
>> sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
>> sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
>> } else {
>> sd->ext_csd[EXT_CSD_REV] = 3;
>> }
>
> I need to check if revision 5 still had RPMB as optional (current ones
> definitely require it), but I don't think rolling back to revision 3
> would be good idea. If start to add more features from newer revisions,
> that may cause even more weird results from the user perspective. I'm
> not saying we are fully compliant in one or the other version, rather
> that we need to work towards becoming so. Have to support multiple
> versions along that will not make it easier.
Daniel, do you have a rough idea how many of our build config do
not support QCRYPTO_HASH_ALGO_SHA256?
(looking about making the SD device unconditional to it).
>>> + }
>>> + type_register_static_array(sd_types, num);
>>> +}
>>> +type_init(sd_register_types);
>>
>
^ permalink raw reply [flat|nested] 22+ messages in thread* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-25 16:30 ` Philippe Mathieu-Daudé
@ 2025-08-26 10:18 ` Daniel P. Berrangé
2025-08-27 5:53 ` Jan Kiszka
0 siblings, 1 reply; 22+ messages in thread
From: Daniel P. Berrangé @ 2025-08-26 10:18 UTC (permalink / raw)
To: Philippe Mathieu-Daudé
Cc: Jan Kiszka, qemu-devel, Bin Meng, qemu-block, Ilias Apalodimas
On Mon, Aug 25, 2025 at 06:30:52PM +0200, Philippe Mathieu-Daudé wrote:
> +Dan
>
> On 25/8/25 18:12, Jan Kiszka wrote:
> > On 25.08.25 11:47, Philippe Mathieu-Daudé wrote:
> > > Hi Jan,
> > >
> > > On 24/8/25 09:18, Jan Kiszka wrote:
> > > > From: Jan Kiszka <jan.kiszka@siemens.com>
> > > >
> > > > Implement correct setting of the MAC field when passing RPMB frames back
> > > > to the guest. Also check the MAC on authenticated write requests.
> > > >
> > > > As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
> > > > register the eMMC class if that is available.
> > > >
> > > > Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> > > > ---
> > > > hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
> > > > 1 file changed, 89 insertions(+), 1 deletion(-)
> > >
> > >
> > > > @@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
> > > > .parent = TYPE_SD_CARD,
> > > > .class_init = sd_spi_class_init,
> > > > },
> > > > + /* must be last element */
> > > > {
> > > > .name = TYPE_EMMC,
> > > > .parent = TYPE_SDMMC_COMMON,
> > > > @@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
> > > > },
> > > > };
> > > > -DEFINE_TYPES(sd_types)
> > > > +static void sd_register_types(void)
> > > > +{
> > > > + int num = ARRAY_SIZE(sd_types);
> > > > + if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
> > > > + num--;
> > >
> > > Instead, expose RPMB feature in CSD when HMAC supported?
> > >
> > > Something in emmc_set_ext_csd() in the lines of:
> > >
> > > if (qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
> > > sd->ext_csd[EXT_CSD_REV] = 5;
> > > sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
> > > sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
> > > } else {
> > > sd->ext_csd[EXT_CSD_REV] = 3;
> > > }
> >
> > I need to check if revision 5 still had RPMB as optional (current ones
> > definitely require it), but I don't think rolling back to revision 3
> > would be good idea. If start to add more features from newer revisions,
> > that may cause even more weird results from the user perspective. I'm
> > not saying we are fully compliant in one or the other version, rather
> > that we need to work towards becoming so. Have to support multiple
> > versions along that will not make it easier.
>
> Daniel, do you have a rough idea how many of our build config do
> not support QCRYPTO_HASH_ALGO_SHA256?
> (looking about making the SD device unconditional to it).
That's always available, since we can get it from 'glib' even when no
crypto libs are linked.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 22+ messages in thread* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-26 10:18 ` Daniel P. Berrangé
@ 2025-08-27 5:53 ` Jan Kiszka
2025-08-27 9:53 ` Daniel P. Berrangé
0 siblings, 1 reply; 22+ messages in thread
From: Jan Kiszka @ 2025-08-27 5:53 UTC (permalink / raw)
To: Daniel P. Berrangé, Philippe Mathieu-Daudé
Cc: qemu-devel, Bin Meng, qemu-block, Ilias Apalodimas
On 26.08.25 12:18, Daniel P. Berrangé wrote:
> On Mon, Aug 25, 2025 at 06:30:52PM +0200, Philippe Mathieu-Daudé wrote:
>> +Dan
>>
>> On 25/8/25 18:12, Jan Kiszka wrote:
>>> On 25.08.25 11:47, Philippe Mathieu-Daudé wrote:
>>>> Hi Jan,
>>>>
>>>> On 24/8/25 09:18, Jan Kiszka wrote:
>>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>>>>
>>>>> Implement correct setting of the MAC field when passing RPMB frames back
>>>>> to the guest. Also check the MAC on authenticated write requests.
>>>>>
>>>>> As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
>>>>> register the eMMC class if that is available.
>>>>>
>>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>>>>> ---
>>>>> hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
>>>>> 1 file changed, 89 insertions(+), 1 deletion(-)
>>>>
>>>>
>>>>> @@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
>>>>> .parent = TYPE_SD_CARD,
>>>>> .class_init = sd_spi_class_init,
>>>>> },
>>>>> + /* must be last element */
>>>>> {
>>>>> .name = TYPE_EMMC,
>>>>> .parent = TYPE_SDMMC_COMMON,
>>>>> @@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
>>>>> },
>>>>> };
>>>>> -DEFINE_TYPES(sd_types)
>>>>> +static void sd_register_types(void)
>>>>> +{
>>>>> + int num = ARRAY_SIZE(sd_types);
>>>>> + if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
>>>>> + num--;
>>>>
>>>> Instead, expose RPMB feature in CSD when HMAC supported?
>>>>
>>>> Something in emmc_set_ext_csd() in the lines of:
>>>>
>>>> if (qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
>>>> sd->ext_csd[EXT_CSD_REV] = 5;
>>>> sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
>>>> sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
>>>> } else {
>>>> sd->ext_csd[EXT_CSD_REV] = 3;
>>>> }
>>>
>>> I need to check if revision 5 still had RPMB as optional (current ones
>>> definitely require it), but I don't think rolling back to revision 3
>>> would be good idea. If start to add more features from newer revisions,
>>> that may cause even more weird results from the user perspective. I'm
>>> not saying we are fully compliant in one or the other version, rather
>>> that we need to work towards becoming so. Have to support multiple
>>> versions along that will not make it easier.
>>
>> Daniel, do you have a rough idea how many of our build config do
>> not support QCRYPTO_HASH_ALGO_SHA256?
>> (looking about making the SD device unconditional to it).
>
> That's always available, since we can get it from 'glib' even when no
> crypto libs are linked.
>
Perfect, makes things simpler.
So what is best practice, assert() availability or silently assume that
it is there?
Jan
--
Siemens AG, Foundational Technologies
Linux Expert Center
^ permalink raw reply [flat|nested] 22+ messages in thread* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-27 5:53 ` Jan Kiszka
@ 2025-08-27 9:53 ` Daniel P. Berrangé
0 siblings, 0 replies; 22+ messages in thread
From: Daniel P. Berrangé @ 2025-08-27 9:53 UTC (permalink / raw)
To: Jan Kiszka
Cc: Philippe Mathieu-Daudé, qemu-devel, Bin Meng, qemu-block,
Ilias Apalodimas
On Wed, Aug 27, 2025 at 07:53:12AM +0200, Jan Kiszka wrote:
> On 26.08.25 12:18, Daniel P. Berrangé wrote:
> > On Mon, Aug 25, 2025 at 06:30:52PM +0200, Philippe Mathieu-Daudé wrote:
> >> +Dan
> >>
> >> On 25/8/25 18:12, Jan Kiszka wrote:
> >>> On 25.08.25 11:47, Philippe Mathieu-Daudé wrote:
> >>>> Hi Jan,
> >>>>
> >>>> On 24/8/25 09:18, Jan Kiszka wrote:
> >>>>> From: Jan Kiszka <jan.kiszka@siemens.com>
> >>>>>
> >>>>> Implement correct setting of the MAC field when passing RPMB frames back
> >>>>> to the guest. Also check the MAC on authenticated write requests.
> >>>>>
> >>>>> As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
> >>>>> register the eMMC class if that is available.
> >>>>>
> >>>>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> >>>>> ---
> >>>>> hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
> >>>>> 1 file changed, 89 insertions(+), 1 deletion(-)
> >>>>
> >>>>
> >>>>> @@ -3122,6 +3201,7 @@ static const TypeInfo sd_types[] = {
> >>>>> .parent = TYPE_SD_CARD,
> >>>>> .class_init = sd_spi_class_init,
> >>>>> },
> >>>>> + /* must be last element */
> >>>>> {
> >>>>> .name = TYPE_EMMC,
> >>>>> .parent = TYPE_SDMMC_COMMON,
> >>>>> @@ -3129,4 +3209,12 @@ static const TypeInfo sd_types[] = {
> >>>>> },
> >>>>> };
> >>>>> -DEFINE_TYPES(sd_types)
> >>>>> +static void sd_register_types(void)
> >>>>> +{
> >>>>> + int num = ARRAY_SIZE(sd_types);
> >>>>> + if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
> >>>>> + num--;
> >>>>
> >>>> Instead, expose RPMB feature in CSD when HMAC supported?
> >>>>
> >>>> Something in emmc_set_ext_csd() in the lines of:
> >>>>
> >>>> if (qcrypto_hmac_supports(QCRYPTO_HASH_ALGO_SHA256)) {
> >>>> sd->ext_csd[EXT_CSD_REV] = 5;
> >>>> sd->ext_csd[EXT_CSD_RPMB_MULT] = sd->rpmb_part_size / (128 * KiB);
> >>>> sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0b111;
> >>>> } else {
> >>>> sd->ext_csd[EXT_CSD_REV] = 3;
> >>>> }
> >>>
> >>> I need to check if revision 5 still had RPMB as optional (current ones
> >>> definitely require it), but I don't think rolling back to revision 3
> >>> would be good idea. If start to add more features from newer revisions,
> >>> that may cause even more weird results from the user perspective. I'm
> >>> not saying we are fully compliant in one or the other version, rather
> >>> that we need to work towards becoming so. Have to support multiple
> >>> versions along that will not make it easier.
> >>
> >> Daniel, do you have a rough idea how many of our build config do
> >> not support QCRYPTO_HASH_ALGO_SHA256?
> >> (looking about making the SD device unconditional to it).
> >
> > That's always available, since we can get it from 'glib' even when no
> > crypto libs are linked.
> >
>
> Perfect, makes things simpler.
>
> So what is best practice, assert() availability or silently assume that
> it is there?
Best practice is always to propagate errors, but if your call chain can't
do that, then in this case you can assert or use &error_abort since this
should never trigger.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field
2025-08-24 7:18 ` [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field Jan Kiszka
2025-08-25 9:47 ` Philippe Mathieu-Daudé
@ 2025-09-09 14:39 ` Jerome Forissier
1 sibling, 0 replies; 22+ messages in thread
From: Jerome Forissier @ 2025-09-09 14:39 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
Hi Jan,
On 8/24/25 09:18, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> Implement correct setting of the MAC field when passing RPMB frames back
> to the guest. Also check the MAC on authenticated write requests.
>
> As this depends on HMAC support for QCRYPTO_HASH_ALGO_SHA256, only
> register the eMMC class if that is available.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> hw/sd/sd.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 89 insertions(+), 1 deletion(-)
I tested this series successfully on top of QEMU v10.1.0 with OP-TEE ('master'
branch, arm64 build), the u-boot 'next' branch, Linux v6.14 and mmc-utils 1.0.
So feel free to add:
Tested-by: Jerome Forissier <jerome.forissier@linaro.org>
Many thanks for your work. It will be valuable in the OP-TEE CI.
Regards,
--
Jerome
^ permalink raw reply [flat|nested] 22+ messages in thread
* [PATCH 8/8] scripts: Add helper script to generate eMMC block device images
2025-08-24 7:18 [PATCH 0/8] sd: Add RPMB emulation to eMMC model Jan Kiszka
` (6 preceding siblings ...)
2025-08-24 7:18 ` [PATCH 7/8] hw/sd/sdcard: Handle RPMB MAC field Jan Kiszka
@ 2025-08-24 7:18 ` Jan Kiszka
2025-08-25 9:51 ` Philippe Mathieu-Daudé
2025-09-09 14:25 ` Jerome Forissier
7 siblings, 2 replies; 22+ messages in thread
From: Jan Kiszka @ 2025-08-24 7:18 UTC (permalink / raw)
To: qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
From: Jan Kiszka <jan.kiszka@siemens.com>
As an eMMC block device image may consist of more than just the user
data partition, provide a helper script that can compose the image from
boot partitions, an RPMB partition and the user data image. The script
also does the required size validation and/or rounding.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
scripts/mkemmc.sh | 185 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 185 insertions(+)
create mode 100755 scripts/mkemmc.sh
diff --git a/scripts/mkemmc.sh b/scripts/mkemmc.sh
new file mode 100755
index 0000000000..5d40c2889b
--- /dev/null
+++ b/scripts/mkemmc.sh
@@ -0,0 +1,185 @@
+#!/bin/sh -e
+#
+# Create eMMC block device image from boot, RPMB and user data images
+#
+# Copyright (c) Siemens, 2025
+#
+# Authors:
+# Jan Kiszka <jan.kiszka@siemens.com>
+#
+# This work is licensed under the terms of the GNU GPL version 2.
+# See the COPYING file in the top-level directory.
+#
+
+usage() {
+ echo "$0 [OPTIONS] USER_IMG[:SIZE] OUTPUT_IMG"
+ echo ""
+ echo "SIZE must be a power of 2. If no SIZE is specified, the size of USER_ING will"
+ echo "be used (rounded up)."
+ echo ""
+ echo "Supported options:"
+ echo " -b BOOT1_IMG[:SIZE] Add boot partitions. SIZE must be multiples of 128K. If"
+ echo " no SIZE is specified, the size of BOOT_IMG will be"
+ echo " used (rounded up). BOOT1_IMG will be stored in boot"
+ echo " partition 1, and a boot partition 2 of the same size"
+ echo " will be created as empty (all zeros) unless -B is"
+ echo " specified as well."
+ echo " -B BOOT2_IMG Fill boot partition 2 with BOOT2_IMG. Must be combined"
+ echo " with -b which is also defining the partition size."
+ echo " -r RPMB_IMG[:SIZE] Add RPMB partition. SIZE must be multiples of 128K. If"
+ echo " no SIZE is specified, the size of RPMB_IMG will be"
+ echo " used (rounded up)."
+ echo " -h, --help This help"
+ echo ""
+ echo "All SIZE parameters support the units K, M, G. If SIZE is smaller than the"
+ echo "associated image, it will be truncated in the output image."
+ exit "$1"
+}
+
+process_size() {
+ if [ "${4#*:}" = "$4" ]; then
+ if ! size=$(stat -L -c %s "$2" 2>/dev/null); then
+ echo "Missing $1 image '$2'." >&2
+ exit 1
+ fi
+ if [ "$3" = 128 ]; then
+ size=$(( (size + 128 * 1024 - 1) & ~(128 * 1024 - 1) ))
+ elif [ $(( size & (size - 1) )) -gt 0 ]; then
+ n=0
+ while [ "$size" -gt 0 ]; do
+ size=$((size >> 1))
+ n=$((n + 1))
+ done
+ size=$((1 << n))
+ fi
+ else
+ value="${4#*:}"
+ if [ "${value%K}" != "$value" ]; then
+ size=${value%K}
+ multiplier=1024
+ elif [ "${value%M}" != "$value" ]; then
+ size=${value%M}
+ multiplier=$((1024 * 1024))
+ elif [ "${value%G}" != "$value" ]; then
+ size=${value%G}
+ multiplier=$((1024 * 1024 * 1024))
+ else
+ size=$value
+ multiplier=1
+ fi
+ if [ "$size" -eq "$size" ] 2>/dev/null; then
+ size=$((size * multiplier))
+ else
+ echo "Invalid value '$value' specified for $2 image size." >&2
+ exit 1
+ fi
+ if [ "$3" = 128 ]; then
+ if [ $(( size & (128 * 1024 - 1) )) -ne 0 ]; then
+ echo "The $2 image size must be multiples of 128K." >&2
+ exit 1
+ fi
+ elif [ $(( size & (size - 1) )) -gt 0 ]; then
+ echo "The %2 image size must be power of 2." >&2
+ exit 1
+ fi
+ fi
+ echo $size
+}
+
+userimg=
+outimg=
+bootimg1=
+bootimg2=/dev/zero
+bootsz=0
+rpmbimg=
+rpmbsz=0
+
+while [ $# -gt 0 ]; do
+ case "$1" in
+ -b)
+ shift
+ [ $# -ge 1 ] || usage 1
+ bootimg1=${1%%:*}
+ bootsz=$(process_size boot "$bootimg1" 128 "$1")
+ shift
+ ;;
+ -B)
+ shift
+ [ $# -ge 1 ] || usage 1
+ bootimg2=$1
+ shift
+ ;;
+ -r)
+ shift
+ [ $# -ge 1 ] || usage 1
+ rpmbimg=${1%%:*}
+ rpmbsz=$(process_size RPMB "$rpmbimg" 128 "$1")
+ shift
+ ;;
+ -h|--help)
+ usage 0
+ ;;
+ *)
+ if [ -z "$userimg" ]; then
+ userimg=${1%%:*}
+ usersz=$(process_size user "$userimg" 2 "$1")
+ elif [ -z "$outimg" ]; then
+ outimg=$1
+ else
+ usage 1
+ fi
+ shift
+ ;;
+ esac
+done
+
+[ -n "$outimg" ] || usage 1
+
+if [ "$bootsz" -gt $((32640 * 1024)) ]; then
+ echo "Boot image size is larger than 32640K." >&2
+ exit 1
+fi
+if [ "$rpmbsz" -gt $((16384 * 1024)) ]; then
+ echo "RPMB image size is larger than 16384K." >&2
+ exit 1
+fi
+
+echo "Creating eMMC image"
+
+truncate "$outimg" -s 0
+pos=0
+
+if [ "$bootsz" -gt 0 ]; then
+ echo " Boot partition 1 and 2: $((bootsz / 1024))K each"
+ blocks=$(( bootsz / (128 * 1024) ))
+ dd if="$bootimg1" of="$outimg" conv=sparse bs=128K count=$blocks \
+ status=none
+ dd if="$bootimg2" of="$outimg" conv=sparse bs=128K count=$blocks \
+ seek=$blocks status=none
+ pos=$((2 * bootsz))
+fi
+
+if [ "$rpmbsz" -gt 0 ]; then
+ echo " RPMB partition: $((rpmbsz / 1024))K"
+ blocks=$(( rpmbsz / (128 * 1024) ))
+ dd if="$rpmbimg" of="$outimg" conv=sparse bs=128K count=$blocks \
+ seek=$(( pos / (128 * 1024) )) status=none
+ pos=$((pos + rpmbsz))
+fi
+
+if [ "$usersz" -lt 1024 ]; then
+ echo " User data: $usersz bytes"
+elif [ "$usersz" -lt $((1024 * 1024)) ]; then
+ echo " User data: $(( (usersz + 1023) / 1024 ))K ($usersz)"
+elif [ "$usersz" -lt $((1024 * 1024 * 1024)) ]; then
+ echo " User data: $(( (usersz + 1048575) / 1048576))M ($usersz)"
+else
+ echo " User data: $(( (usersz + 1073741823) / 1073741824))G ($usersz)"
+fi
+dd if="$userimg" of="$outimg" conv=sparse bs=128K seek=$(( pos / (128 * 1024) )) \
+ count=$(( (usersz + 128 * 1024 - 1) / (128 * 1024) )) status=none
+pos=$((pos + usersz))
+truncate "$outimg" -s $pos
+
+echo ""
+echo "Instantiate via '-device emmc,boot-partition-size=$bootsz,rpmb-partition-size=$rpmbsz,drive=$outimg'"
--
2.43.0
^ permalink raw reply related [flat|nested] 22+ messages in thread* Re: [PATCH 8/8] scripts: Add helper script to generate eMMC block device images
2025-08-24 7:18 ` [PATCH 8/8] scripts: Add helper script to generate eMMC block device images Jan Kiszka
@ 2025-08-25 9:51 ` Philippe Mathieu-Daudé
2025-09-09 14:25 ` Jerome Forissier
1 sibling, 0 replies; 22+ messages in thread
From: Philippe Mathieu-Daudé @ 2025-08-25 9:51 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel; +Cc: Bin Meng, qemu-block, Ilias Apalodimas
On 24/8/25 09:18, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> As an eMMC block device image may consist of more than just the user
> data partition, provide a helper script that can compose the image from
> boot partitions, an RPMB partition and the user data image. The script
> also does the required size validation and/or rounding.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> scripts/mkemmc.sh | 185 ++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 185 insertions(+)
> create mode 100755 scripts/mkemmc.sh
>
> diff --git a/scripts/mkemmc.sh b/scripts/mkemmc.sh
> new file mode 100755
> index 0000000000..5d40c2889b
> --- /dev/null
> +++ b/scripts/mkemmc.sh
> @@ -0,0 +1,185 @@
> +#!/bin/sh -e
> +#
> +# Create eMMC block device image from boot, RPMB and user data images
> +#
> +# Copyright (c) Siemens, 2025
> +#
> +# Authors:
> +# Jan Kiszka <jan.kiszka@siemens.com>
> +#
> +# This work is licensed under the terms of the GNU GPL version 2.
> +# See the COPYING file in the top-level directory.
We now require SPDX tags, otherwise LGTM!
^ permalink raw reply [flat|nested] 22+ messages in thread
* Re: [PATCH 8/8] scripts: Add helper script to generate eMMC block device images
2025-08-24 7:18 ` [PATCH 8/8] scripts: Add helper script to generate eMMC block device images Jan Kiszka
2025-08-25 9:51 ` Philippe Mathieu-Daudé
@ 2025-09-09 14:25 ` Jerome Forissier
2025-09-14 12:23 ` Jan Kiszka
1 sibling, 1 reply; 22+ messages in thread
From: Jerome Forissier @ 2025-09-09 14:25 UTC (permalink / raw)
To: Jan Kiszka, qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
Hi Jan,
On 8/24/25 09:18, Jan Kiszka wrote:
> From: Jan Kiszka <jan.kiszka@siemens.com>
>
> As an eMMC block device image may consist of more than just the user
> data partition, provide a helper script that can compose the image from
> boot partitions, an RPMB partition and the user data image. The script
> also does the required size validation and/or rounding.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
> scripts/mkemmc.sh | 185 ++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 185 insertions(+)
> create mode 100755 scripts/mkemmc.sh
>
> diff --git a/scripts/mkemmc.sh b/scripts/mkemmc.sh
> new file mode 100755
> index 0000000000..5d40c2889b
> --- /dev/null
> +++ b/scripts/mkemmc.sh
> @@ -0,0 +1,185 @@
> +#!/bin/sh -e
> +#
> +# Create eMMC block device image from boot, RPMB and user data images
> +#
> +# Copyright (c) Siemens, 2025
> +#
> +# Authors:
> +# Jan Kiszka <jan.kiszka@siemens.com>
> +#
> +# This work is licensed under the terms of the GNU GPL version 2.
> +# See the COPYING file in the top-level directory.
> +#
> +
> +usage() {
> + echo "$0 [OPTIONS] USER_IMG[:SIZE] OUTPUT_IMG"
> + echo ""
> + echo "SIZE must be a power of 2. If no SIZE is specified, the size of USER_ING will"
> + echo "be used (rounded up)."
> + echo ""
> + echo "Supported options:"
> + echo " -b BOOT1_IMG[:SIZE] Add boot partitions. SIZE must be multiples of 128K. If"
> + echo " no SIZE is specified, the size of BOOT_IMG will be"
the size of BOOT1_IMG
> + echo " used (rounded up). BOOT1_IMG will be stored in boot"
> + echo " partition 1, and a boot partition 2 of the same size"
> + echo " will be created as empty (all zeros) unless -B is"
> + echo " specified as well."
> + echo " -B BOOT2_IMG Fill boot partition 2 with BOOT2_IMG. Must be combined"
> + echo " with -b which is also defining the partition size."
> + echo " -r RPMB_IMG[:SIZE] Add RPMB partition. SIZE must be multiples of 128K. If"
> + echo " no SIZE is specified, the size of RPMB_IMG will be"
> + echo " used (rounded up)."
> + echo " -h, --help This help"
> + echo ""
> + echo "All SIZE parameters support the units K, M, G. If SIZE is smaller than the"
> + echo "associated image, it will be truncated in the output image."
> + exit "$1"
> +}
> +
> +process_size() {
> + if [ "${4#*:}" = "$4" ]; then
> + if ! size=$(stat -L -c %s "$2" 2>/dev/null); then
> + echo "Missing $1 image '$2'." >&2
> + exit 1
> + fi
> + if [ "$3" = 128 ]; then
> + size=$(( (size + 128 * 1024 - 1) & ~(128 * 1024 - 1) ))
> + elif [ $(( size & (size - 1) )) -gt 0 ]; then
> + n=0
> + while [ "$size" -gt 0 ]; do
> + size=$((size >> 1))
> + n=$((n + 1))
> + done
> + size=$((1 << n))
> + fi
> + else
> + value="${4#*:}"
> + if [ "${value%K}" != "$value" ]; then
> + size=${value%K}
> + multiplier=1024
> + elif [ "${value%M}" != "$value" ]; then
> + size=${value%M}
> + multiplier=$((1024 * 1024))
> + elif [ "${value%G}" != "$value" ]; then
> + size=${value%G}
> + multiplier=$((1024 * 1024 * 1024))
> + else
> + size=$value
> + multiplier=1
> + fi
> + if [ "$size" -eq "$size" ] 2>/dev/null; then
> + size=$((size * multiplier))
> + else
> + echo "Invalid value '$value' specified for $2 image size." >&2
> + exit 1
> + fi
> + if [ "$3" = 128 ]; then
> + if [ $(( size & (128 * 1024 - 1) )) -ne 0 ]; then
> + echo "The $2 image size must be multiples of 128K." >&2
> + exit 1
> + fi
> + elif [ $(( size & (size - 1) )) -gt 0 ]; then
> + echo "The %2 image size must be power of 2." >&2
> + exit 1
> + fi
> + fi
> + echo $size
> +}
> +
> +userimg=
> +outimg=
> +bootimg1=
> +bootimg2=/dev/zero
> +bootsz=0
> +rpmbimg=
> +rpmbsz=0
> +
> +while [ $# -gt 0 ]; do
> + case "$1" in
> + -b)
> + shift
> + [ $# -ge 1 ] || usage 1
> + bootimg1=${1%%:*}
> + bootsz=$(process_size boot "$bootimg1" 128 "$1")
> + shift
> + ;;
> + -B)
> + shift
> + [ $# -ge 1 ] || usage 1
> + bootimg2=$1
> + shift
> + ;;
> + -r)
> + shift
> + [ $# -ge 1 ] || usage 1
> + rpmbimg=${1%%:*}
> + rpmbsz=$(process_size RPMB "$rpmbimg" 128 "$1")
> + shift
> + ;;
> + -h|--help)
> + usage 0
> + ;;
> + *)
> + if [ -z "$userimg" ]; then
> + userimg=${1%%:*}
> + usersz=$(process_size user "$userimg" 2 "$1")
> + elif [ -z "$outimg" ]; then
> + outimg=$1
> + else
> + usage 1
> + fi
> + shift
> + ;;
> + esac
> +done
> +
> +[ -n "$outimg" ] || usage 1
> +
> +if [ "$bootsz" -gt $((32640 * 1024)) ]; then
> + echo "Boot image size is larger than 32640K." >&2
> + exit 1
> +fi
Should we warn if BOOT1_IMG and/or BOOT2_IMG are truncated as a result
of $bootsz being too small? I can see how providing a larger size can be
useful to be able to later extend the filesystem, but a smaller size is
more likely to indicate an error I suppose?
> +if [ "$rpmbsz" -gt $((16384 * 1024)) ]; then
> + echo "RPMB image size is larger than 16384K." >&2
> + exit 1
> +fi> +
> +echo "Creating eMMC image"
> +
> +truncate "$outimg" -s 0
> +pos=0
> +
> +if [ "$bootsz" -gt 0 ]; then
> + echo " Boot partition 1 and 2: $((bootsz / 1024))K each"
> + blocks=$(( bootsz / (128 * 1024) ))
> + dd if="$bootimg1" of="$outimg" conv=sparse bs=128K count=$blocks \
> + status=none
> + dd if="$bootimg2" of="$outimg" conv=sparse bs=128K count=$blocks \
> + seek=$blocks status=none
> + pos=$((2 * bootsz))
> +fi
> +
> +if [ "$rpmbsz" -gt 0 ]; then
> + echo " RPMB partition: $((rpmbsz / 1024))K"
> + blocks=$(( rpmbsz / (128 * 1024) ))
> + dd if="$rpmbimg" of="$outimg" conv=sparse bs=128K count=$blocks \
> + seek=$(( pos / (128 * 1024) )) status=none
> + pos=$((pos + rpmbsz))
> +fi
> +
> +if [ "$usersz" -lt 1024 ]; then
> + echo " User data: $usersz bytes"
> +elif [ "$usersz" -lt $((1024 * 1024)) ]; then
> + echo " User data: $(( (usersz + 1023) / 1024 ))K ($usersz)"
> +elif [ "$usersz" -lt $((1024 * 1024 * 1024)) ]; then
> + echo " User data: $(( (usersz + 1048575) / 1048576))M ($usersz)"
> +else
> + echo " User data: $(( (usersz + 1073741823) / 1073741824))G ($usersz)"
> +fi
> +dd if="$userimg" of="$outimg" conv=sparse bs=128K seek=$(( pos / (128 * 1024) )) \
> + count=$(( (usersz + 128 * 1024 - 1) / (128 * 1024) )) status=none
> +pos=$((pos + usersz))
> +truncate "$outimg" -s $pos
> +
> +echo ""
> +echo "Instantiate via '-device emmc,boot-partition-size=$bootsz,rpmb-partition-size=$rpmbsz,drive=$outimg'"
That did not work for me. I had to provide a drive name, not the image path.
An also create PCIe and SDHCI devices. That is:
-device pcie-root-port,id=pcie-root,bus=pcie.0 \
-device sdhci-pci,bus=pcie-root \
-device emmc,boot-partition-size=$bootsz,rpmb-partition-size=$rpmbsz,drive=mmc0
-drive if=none,id=mmc0,file=$outimg,format=raw"
I applied the patches on top of QEMU 10.1.0 if that matters.
Regards,
--
Jerome
^ permalink raw reply [flat|nested] 22+ messages in thread* Re: [PATCH 8/8] scripts: Add helper script to generate eMMC block device images
2025-09-09 14:25 ` Jerome Forissier
@ 2025-09-14 12:23 ` Jan Kiszka
0 siblings, 0 replies; 22+ messages in thread
From: Jan Kiszka @ 2025-09-14 12:23 UTC (permalink / raw)
To: Jerome Forissier, qemu-devel
Cc: Philippe Mathieu-Daudé, Bin Meng, qemu-block,
Ilias Apalodimas
On 09.09.25 16:25, Jerome Forissier wrote:
> Hi Jan,
>
>
> On 8/24/25 09:18, Jan Kiszka wrote:
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> As an eMMC block device image may consist of more than just the user
>> data partition, provide a helper script that can compose the image from
>> boot partitions, an RPMB partition and the user data image. The script
>> also does the required size validation and/or rounding.
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>> scripts/mkemmc.sh | 185 ++++++++++++++++++++++++++++++++++++++++++++++
>> 1 file changed, 185 insertions(+)
>> create mode 100755 scripts/mkemmc.sh
>>
>> diff --git a/scripts/mkemmc.sh b/scripts/mkemmc.sh
>> new file mode 100755
>> index 0000000000..5d40c2889b
>> --- /dev/null
>> +++ b/scripts/mkemmc.sh
>> @@ -0,0 +1,185 @@
>> +#!/bin/sh -e
>> +#
>> +# Create eMMC block device image from boot, RPMB and user data images
>> +#
>> +# Copyright (c) Siemens, 2025
>> +#
>> +# Authors:
>> +# Jan Kiszka <jan.kiszka@siemens.com>
>> +#
>> +# This work is licensed under the terms of the GNU GPL version 2.
>> +# See the COPYING file in the top-level directory.
>> +#
>> +
>> +usage() {
>> + echo "$0 [OPTIONS] USER_IMG[:SIZE] OUTPUT_IMG"
>> + echo ""
>> + echo "SIZE must be a power of 2. If no SIZE is specified, the size of USER_ING will"
>> + echo "be used (rounded up)."
>> + echo ""
>> + echo "Supported options:"
>> + echo " -b BOOT1_IMG[:SIZE] Add boot partitions. SIZE must be multiples of 128K. If"
>> + echo " no SIZE is specified, the size of BOOT_IMG will be"
>
> the size of BOOT1_IMG
>
Thanks, fixed.
>> + echo " used (rounded up). BOOT1_IMG will be stored in boot"
>> + echo " partition 1, and a boot partition 2 of the same size"
>> + echo " will be created as empty (all zeros) unless -B is"
>> + echo " specified as well."
>> + echo " -B BOOT2_IMG Fill boot partition 2 with BOOT2_IMG. Must be combined"
>> + echo " with -b which is also defining the partition size."
>> + echo " -r RPMB_IMG[:SIZE] Add RPMB partition. SIZE must be multiples of 128K. If"
>> + echo " no SIZE is specified, the size of RPMB_IMG will be"
>> + echo " used (rounded up)."
>> + echo " -h, --help This help"
>> + echo ""
>> + echo "All SIZE parameters support the units K, M, G. If SIZE is smaller than the"
>> + echo "associated image, it will be truncated in the output image."
>> + exit "$1"
>> +}
>> +
>> +process_size() {
>> + if [ "${4#*:}" = "$4" ]; then
>> + if ! size=$(stat -L -c %s "$2" 2>/dev/null); then
>> + echo "Missing $1 image '$2'." >&2
>> + exit 1
>> + fi
>> + if [ "$3" = 128 ]; then
>> + size=$(( (size + 128 * 1024 - 1) & ~(128 * 1024 - 1) ))
>> + elif [ $(( size & (size - 1) )) -gt 0 ]; then
>> + n=0
>> + while [ "$size" -gt 0 ]; do
>> + size=$((size >> 1))
>> + n=$((n + 1))
>> + done
>> + size=$((1 << n))
>> + fi
>> + else
>> + value="${4#*:}"
>> + if [ "${value%K}" != "$value" ]; then
>> + size=${value%K}
>> + multiplier=1024
>> + elif [ "${value%M}" != "$value" ]; then
>> + size=${value%M}
>> + multiplier=$((1024 * 1024))
>> + elif [ "${value%G}" != "$value" ]; then
>> + size=${value%G}
>> + multiplier=$((1024 * 1024 * 1024))
>> + else
>> + size=$value
>> + multiplier=1
>> + fi
>> + if [ "$size" -eq "$size" ] 2>/dev/null; then
>> + size=$((size * multiplier))
>> + else
>> + echo "Invalid value '$value' specified for $2 image size." >&2
>> + exit 1
>> + fi
>> + if [ "$3" = 128 ]; then
>> + if [ $(( size & (128 * 1024 - 1) )) -ne 0 ]; then
>> + echo "The $2 image size must be multiples of 128K." >&2
>> + exit 1
>> + fi
>> + elif [ $(( size & (size - 1) )) -gt 0 ]; then
>> + echo "The %2 image size must be power of 2." >&2
>> + exit 1
>> + fi
>> + fi
>> + echo $size
>> +}
>> +
>> +userimg=
>> +outimg=
>> +bootimg1=
>> +bootimg2=/dev/zero
>> +bootsz=0
>> +rpmbimg=
>> +rpmbsz=0
>> +
>> +while [ $# -gt 0 ]; do
>> + case "$1" in
>> + -b)
>> + shift
>> + [ $# -ge 1 ] || usage 1
>> + bootimg1=${1%%:*}
>> + bootsz=$(process_size boot "$bootimg1" 128 "$1")
>> + shift
>> + ;;
>> + -B)
>> + shift
>> + [ $# -ge 1 ] || usage 1
>> + bootimg2=$1
>> + shift
>> + ;;
>> + -r)
>> + shift
>> + [ $# -ge 1 ] || usage 1
>> + rpmbimg=${1%%:*}
>> + rpmbsz=$(process_size RPMB "$rpmbimg" 128 "$1")
>> + shift
>> + ;;
>> + -h|--help)
>> + usage 0
>> + ;;
>> + *)
>> + if [ -z "$userimg" ]; then
>> + userimg=${1%%:*}
>> + usersz=$(process_size user "$userimg" 2 "$1")
>> + elif [ -z "$outimg" ]; then
>> + outimg=$1
>> + else
>> + usage 1
>> + fi
>> + shift
>> + ;;
>> + esac
>> +done
>> +
>> +[ -n "$outimg" ] || usage 1
>> +
>> +if [ "$bootsz" -gt $((32640 * 1024)) ]; then
>> + echo "Boot image size is larger than 32640K." >&2
>> + exit 1
>> +fi
>
> Should we warn if BOOT1_IMG and/or BOOT2_IMG are truncated as a result
> of $bootsz being too small? I can see how providing a larger size can be
> useful to be able to later extend the filesystem, but a smaller size is
> more likely to indicate an error I suppose?
Done, will be part of v4.
>
>> +if [ "$rpmbsz" -gt $((16384 * 1024)) ]; then
>> + echo "RPMB image size is larger than 16384K." >&2
>> + exit 1
>> +fi> +
>> +echo "Creating eMMC image"
>> +
>> +truncate "$outimg" -s 0
>> +pos=0
>> +
>> +if [ "$bootsz" -gt 0 ]; then
>> + echo " Boot partition 1 and 2: $((bootsz / 1024))K each"
>> + blocks=$(( bootsz / (128 * 1024) ))
>> + dd if="$bootimg1" of="$outimg" conv=sparse bs=128K count=$blocks \
>> + status=none
>> + dd if="$bootimg2" of="$outimg" conv=sparse bs=128K count=$blocks \
>> + seek=$blocks status=none
>> + pos=$((2 * bootsz))
>> +fi
>> +
>> +if [ "$rpmbsz" -gt 0 ]; then
>> + echo " RPMB partition: $((rpmbsz / 1024))K"
>> + blocks=$(( rpmbsz / (128 * 1024) ))
>> + dd if="$rpmbimg" of="$outimg" conv=sparse bs=128K count=$blocks \
>> + seek=$(( pos / (128 * 1024) )) status=none
>> + pos=$((pos + rpmbsz))
>> +fi
>> +
>> +if [ "$usersz" -lt 1024 ]; then
>> + echo " User data: $usersz bytes"
>> +elif [ "$usersz" -lt $((1024 * 1024)) ]; then
>> + echo " User data: $(( (usersz + 1023) / 1024 ))K ($usersz)"
>> +elif [ "$usersz" -lt $((1024 * 1024 * 1024)) ]; then
>> + echo " User data: $(( (usersz + 1048575) / 1048576))M ($usersz)"
>> +else
>> + echo " User data: $(( (usersz + 1073741823) / 1073741824))G ($usersz)"
>> +fi
>> +dd if="$userimg" of="$outimg" conv=sparse bs=128K seek=$(( pos / (128 * 1024) )) \
>> + count=$(( (usersz + 128 * 1024 - 1) / (128 * 1024) )) status=none
>> +pos=$((pos + usersz))
>> +truncate "$outimg" -s $pos
>> +
>> +echo ""
>> +echo "Instantiate via '-device emmc,boot-partition-size=$bootsz,rpmb-partition-size=$rpmbsz,drive=$outimg'"
>
> That did not work for me. I had to provide a drive name, not the image path.
Yeah, I already fixed that in v3.
> An also create PCIe and SDHCI devices. That is:
>
> -device pcie-root-port,id=pcie-root,bus=pcie.0 \
> -device sdhci-pci,bus=pcie-root \
At least for the virt machine, just "-device sdhci-pci" is enough.
> -device emmc,boot-partition-size=$bootsz,rpmb-partition-size=$rpmbsz,drive=mmc0
> -drive if=none,id=mmc0,file=$outimg,format=raw"
>
> I applied the patches on top of QEMU 10.1.0 if that matters.
>
> Regards,
Thanks for review and testing!
Jan
--
Siemens AG, Foundational Technologies
Linux Expert Center
^ permalink raw reply [flat|nested] 22+ messages in thread