Building Stock RD-1AE Images
The RD-1AE automotive solution from Arm has an extensive set of software and documentation provided by Arm. This document will cover the steps needed to build and run these software images on Arm Virtual Hardware powered by Corellium.
Note that the RD-1AE model contains all of the stock firmware already and you can choose which software package to run by using the pulldown menu for Firmware version when you create the device.
For more information on the Arm software packages for the RD-1AE, refer to the Arm Automotive Solutions webpage. Note that the terms RD-1AE and Kronos are used interchangeably by Arm, as Kronos was originally the codename for the device as it was being developed.
Build your image
To build your own version of the stock firmware, follow these steps:
Follow the Ubuntu instructions on this Yocto documentation page.
Install additional dependencies.
sudo apt install -y python3-newt tmux
sudo -H pip3 install --upgrade kas==4.2Clone the repository with tmux.
tmux new-session -s rd-1ae
tmux attach -t rd-1ae
mkdir -p $HOME/rd-1ae
cd $HOME/rd-1ae
git clone https://git.gitlab.arm.com/automotive-and-industrial/kronos-ref-stack/kronos.git --branch v1.0Apply the following changes to the repository to increase the mem size and disable SVE support.
$ git diff
diff --git a/yocto/kas/base.yml b/yocto/kas/base.yml
index cc2481d..ae8e01a 100644
--- a/yocto/kas/base.yml
+++ b/yocto/kas/base.yml
@@ -50,7 +50,7 @@ repos:
env:
TESTIMAGE_AUTO:
- SVE_DISABLE_FLAG:
+ SVE_DISABLE_FLAG: "1"
local_conf_header:
meta-kronos-error-qa: |
@@ -72,5 +72,5 @@ local_conf_header:
HALT,${DL_DIR},100M,1K \
HALT,${SSTATE_DIR},100M,1K \
HALT,/tmp,10M,1K"
+ mem: |
+ BAREMETAL_IMAGE_MEM_SIZE = "4064M"Apply the following patch to disable PCI passthrough of an unmodeled AHCI PCI device. This is relevant only for the virtualization firmware targets.
diff --git a/yocto/meta-kronos/recipes-core/domu-package/domu-envs.inc b/yocto/meta-kronos/recipes-core/domu-package/domu-envs.inc
index 6ba5380..0367462 100644
--- a/yocto/meta-kronos/recipes-core/domu-package/domu-envs.inc
+++ b/yocto/meta-kronos/recipes-core/domu-package/domu-envs.inc
@@ -35,7 +35,7 @@ DOMU1_NUMBER_OF_CPUS ?= "2"
DOMU1_VCPU_PIN ?= "cpus = [\"1-2\"]"
DOMU1_MPAM ?= "mpam = [\"slc=0xc0\"]"
DOMU1_SVE ?= "sve = \"${DOMU_SVE_SETTING}\""
-DOMU1_PCI_PASSTHROUGH ?= "pci = [\"${DOMU1_PCI_ID}\"]"
+DOMU1_PCI_PASSTHROUGH ?= ""
DOMU1_EXTRA ?= "${DOMU1_BRIDGES}\\n${DOMU1_VCPU_PIN}\\n${DOMU1_MPAM}\\n${DOMU1_SVE}\\n${DOMU1_PCI_PASSTHROUGH}\\n"
DOMU2_BRIDGES ?= "vif = ['script=vif-openvswitch,bridge=ovsbr0,vifname=domu2.ext0', 'script=vif-openvswitch,bridge=brsi0.100,vifname=domu2.ethsi0', 'script=vif-openvswitch,bridge=brsi1.200,vifname=domu2.ethsi1', 'script=vif-openvswitch,bridge=brsi2.300,vifname=domu2.ethsi2']"The default disk size in the reference software build is only 2GB. Apply the following change to
meta-arm-bsp
to increase the disk size to 32GB.ubuntu@ip-100-68-0-137:~/rd1ae/layers/meta-arm/meta-arm-bsp$ git diff
diff --git a/meta-arm-bsp/wic/fvp-rd-kronos-efi-disk.wks.in b/meta-arm-bsp/wic/fvp-rd-kronos-efi-disk.wks.in
index 928308e9..87b731dc 100644
--- a/meta-arm-bsp/wic/fvp-rd-kronos-efi-disk.wks.in
+++ b/meta-arm-bsp/wic/fvp-rd-kronos-efi-disk.wks.in
@@ -1,5 +1,5 @@
part /boot --label boot --active --align 1024 --use-uuid --part-type EF00 --source bootimg-efi --sourceparams="loader=${EFI_PROVIDER}" --size=128M
-part / --label root --align 1024 --use-uuid --source rootfs --fstype=ext4
+part / --label root --align 1024 --use-uuid --source rootfs --fstype=ext4 --size=16384
bootloader --ptable gpt --timeout=1 --append="${GRUB_LINUX_APPEND}"Check to ensure the changes have been made using
kas
.kas shell -c "bitbake-getvar BAREMETAL_IMAGE_MEM_SIZE"
Transfer and unpack the tarball, then run the following.
chmod a+x build_run.sh
./build_run.shStart the build through the
kas menu
. In this example, we select "Safety Island Actuation Demo" and "Baremetal".kas menu kronos/Kconfig
When selecting "Safety Island Actuation Demo", the compiled binaries can be found in
build/tmp_$type/deploy/images/fvp-rd-kronos/
. Note that$type
is either baremetal, virtualization, or systemready-glibc.
Upload your image
The simplest way to upload your own firmware image is to download an existing image and replace the relevant components.
Filename Yocto build | Description | Filename Corellium build |
---|---|---|
rss-flash-image-fvp-rd-kronos.wic | RSS boot flash, three SI images and SCP | boot_flash |
ap-flash-image-fvp-rd-kronos.wic | AP boot flash | ap_flash |
mmc-image-fvp-rd-kronos.wic | SD card | sdcard |
rss-nvm-image.bin | Lifecycle Manager OTP | lcm_op |
$type-image-fvp-rd-kronos.wic / arm-systemready-ir-acs-fvp-rd-kronos.wic | System storage | virtio_0 |
encrypted_dm_provisioning_bundle.bin | DM provisioning bundle | firmware/encrypted_dm_provisioning_bundle.bin |
encrypted_cm_provisioning_bundle_0.bin | CM provisioning bundle | firmware/encrypted_cm_provisioning_bundle_0.bin |
rss-rom-image-fvp-rd-kronos.wic.nopt | RSS ROM | firmware/rss-rom-image-fvp-rd-kronos.wic.nopt |
Boot a custom ISO
The build config for the reference software stack supports different opterating systems including Debian and openSUSE.
Users who want to run a custom Linux operating system have several options.
Upload a custom ISO to the SD card
Start with an existing RD-1AE device.
Increase the size of your ISO to 4GiB. (The SD card partition cannot exceed 4 GiB, so there's no support fror larger ISOs.)
truncate -s4GiB /path/to/iso
Navigate to Settings -> Partitions for your device on the AVH web interface.
Upload your custom ISO to the SD card partition then click Save & Reboot.
U-Boot will prioritize your custom ISO over the internal virtio disk.
Package a custom ISO into the firmware image
Download the source image ("coreimg") for your desired RD-1AE firmware image from the device creation menu.
Increase the size of your ISO to 4GiB. (The SD card partition cannot exceed 4 GiB, so there's no support fror larger ISOs.)
truncate -s4GiB /path/to/iso
Move the ISO to the same working directory as the coreimg.
mv /path/to/iso sdcard
Update the
sdcard
archive member of the coreimg file.zip <coreimg_source_image> sdcard
Create an RD-1AE using your custom firmware image.
Build the image with a custom ISO
The above methods will work if you want to boot a custom ISO on the main application cores in the primary compute.
Safety Island firmware images require a different approach, since the Safety Island is an entirely separate subsystem of the RD-1AE model. The Safety Island doesn't get its firmware from the disk but rather from the flash devices.
To boot a custom ISO on the Safety Island cluster, you will need to integrate the ISO into the build environment so it's built into the final signed images that are validated during the boot process.