Building coreboot for RISC-V and running it in Qemu

Building coreboot for RISC-V and running it in Qemu

1. What is RISC-V?

RISC-V is relatively fresh and growing in popularity open standard ISA based on RISC principles. The fact that ISA is free to use and everyone can see every processors move makes it easier to work on security bugs such as Meltdown and Spectre which are huge flaws of other architectures. The other reason it is getting so successful is while x86 or ARM require a license to be used, RISC-V can be implemented by anyone for free and companies can modify it to fit their needs, which makes them independent from the main providers and may lead to increase of competitiveness in the aspect of innovation. While getting more and more attention, RISC-V is also getting more support. It is supported architecture for coreboot. In the next steps, I will explain how to build coreboot for RISC-V and run it in Qemu emulator.

2. Download and run Docker image

Docker container is a recommended choice to build coreboot as it has already built cross toolchains. You can set up environment with these commands:

1
2

docker pull coreboot/coreboot-sdk:65718760fa
docker run -u root --rm -it -v $PWD:/home/coreboot/coreboot -w /home/coreboot/coreboot coreboot/coreboot-sdk:65718760fa /bin/bash

3. Download coreboot source tree

1
2
3

git clone https://review.coreboot.org/coreboot
cd coreboot
git checkout 9cc2a6a0c316f9cbf39af6c04fd65512b8e17b11

4. Configure the build

Configure your mainboard in coreboot directory

1

make menuconfig

Inside menuconfig follow these steps:

1
2
3
4
5
6
7
8
9

   select 'Mainboard' menu
   select '(Emulation)' in 'Mainboard vendor'
   select 'QEMU RISC-V rv64' in 'Mainboard model'
   select `10240 KB (10 MB)` in ROM chip size
   select < Exit >
   (optionally) select your Payload in `Payload` menu
                select < Exit >
   select < Exit >
   select < Yes >

NOTE: Unfortunately using demonstration payloads such as coreinfo or tint is not possible as they use libpayload library which does not support RISC-V architecture yet. However, there is a WIP branch working on adding initial support for RISC-V you can check out. You can also try compiling linux kernel and use it as a payload.

(Optionally) You can check your configuration by these commands:

1
2

make savedefconfig
cat defconfig

The output should look like this:

1

CONFIG_BOARD_EMULATION_QEMU_RISCV_RV64=y

5. Build coreboot

1

make

At the end of the process, you can see the following output:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

FMAP REGION: COREBOOT
Name                           Offset     Type           Size   Comp
cbfs master header             0x0        cbfs header        32 none
fallback/romstage              0x80       stage           14131 none
fallback/ramstage              0x3800     stage           23269 none
config                         0x9340     raw               107 none
revision                       0x9400     raw               681 none
(empty)                        0x9700     null          4023960 none
header pointer                 0x3dfdc0   cbfs header         4 none
    HOSTCC     cbfstool/rmodtool.o
    HOSTCC     cbfstool/rmodtool (link)
    HOSTCC     cbfstool/ifwitool.o
    HOSTCC     cbfstool/ifwitool (link)

Built emulation/qemu-riscv (QEMU RISCV)

6. Test image in QEMU

If you do not have Qemu installed you can’t do it via this command

1

apt-get install qemu-system

Now you can run your image in Qemu

1

qemu-system-riscv64 -M virt -m 1024M -nographic -kernel build/coreboot.elf

You should see coreboot booting with your payload if you chose one, otherwise you should see booting coreboot alone with ending info Paylod not loaded.

Summary

It is definitely worth focusing our attention on this architecture, as the innovative business model behind it may lead us to RISC-V being standard ISA for all computer devices and might be the only way to provide safe and secure future. However there are many things we need to do to make it happen such as providing more support for this architecture as it’s not in the mainstream yet.

If you think we can help in improving the security of your firmware or you looking for someone who can boost your product by leveraging advanced features of used hardware platform, feel free to book a call with us or drop us email to contact<at>3mdeb<dot>com. If you are interested in similar content feel free to sign up for our newsletter

Wojciech Niewiadomski
Junior embedded systems developer at 3mdeb. Open source enthusiast currently focused on Linux embedded systems.

Donate


Search


Recent posts

TrenchBoot AEM gains support for UEFI installations

Automating Firmware Security: CI for DBX and Microcode Updates in Dasharo

ram-wipe against RAM attacks

ZarhusBMC: The Beginning - Porting OpenBMC to the X11SSH Platform

Enabling Secure Boot on ODROID M1 (RK3568B)


Top authors


Related posts

Automating Firmware Security: CI for DBX and Microcode Updates in Dasharo

UEFI Update Capsules for Open Source firmware

Improving measured boot and TPM support in Dasharo

New Dasharo v0.9.0 Meteor Lake releases

Getting started with Hardkernel ODROID H4+

Dasharo Compatible with MSI PRO Z690-A Release v1.1.3

Optimizing Firmware Updates: Dasharo Firmware Update Mode for NovaCustom Laptops


Archives

2025 (9)
2024 (13)
2023 (12)
2022 (14)
2021 (25)
2020 (44)
2019 (26)
2018 (16)
2017 (12)
2016 (10)
2015 (8)
2014 (6)
2013 (14)
2012 (24)

Popular tags

linux coreboot embedded open-source trenchboot xen qubesos productivity tpm toolchain uefi arm yocto apu testing virtualization hypervisor dasharo qemu rte Show more