Building coreboot for RISC-V and running it in Qemu
1. What is RISC-V?
RISC-V is relatively fresh and growing in popularity open standard ISA based on
RISC principles. The fact that ISA is free to use and everyone can see every
processors move makes it easier to work on security bugs such as Meltdown and
Spectre which are huge flaws of other architectures. The other reason it is
getting so successful is while x86 or ARM require a license to be used, RISC-V
can be implemented by anyone for free and companies can modify it to fit their
needs, which makes them independent from the main providers and may lead to
increase of competitiveness in the aspect of innovation.
While getting more and more attention, RISC-V is also getting more support. It
is supported architecture for coreboot. In the next steps, I will explain how to
build coreboot for RISC-V and run it in Qemu emulator.
2. Download and run Docker image
Docker container is a recommended choice to build coreboot as it has already built cross toolchains. You can set up environment with these commands:
|
|
3. Download coreboot source tree
|
|
4. Configure the build
Configure your mainboard in coreboot directory
|
|
Inside menuconfig
follow these steps:
|
|
NOTE: Unfortunately using demonstration payloads such as
coreinfo
ortint
is not possible as they uselibpayload
library which does not support RISC-V architecture yet. However, there is a WIP branch working on adding initial support for RISC-V you can check out. You can also try compiling linux kernel and use it as a payload.
(Optionally) You can check your configuration by these commands:
|
|
The output should look like this:
|
|
5. Build coreboot
|
|
At the end of the process, you can see the following output:
|
|
6. Test image in QEMU
If you do not have Qemu installed you cant do it via this command
|
|
Now you can run your image in Qemu
|
|
You should see coreboot booting with your payload if you chose one,
otherwise you should see booting coreboot alone with ending info Paylod not loaded
.
Summary
It is definitely worth focusing our attention on this architecture, as the innovative business model behind it may lead us to RISC-V being standard ISA for all computer devices and might be the only way to provide safe and secure future. However there are many things we need to do to make it happen such as providing more support for this architecture as it’s not in the mainstream yet.
If you think we can help in improving the security of your firmware or you
looking for someone who can boost your product by leveraging advanced features
of used hardware platform, feel free to book a call with us
or drop us email to contact<at>3mdeb<dot>com
. If you are interested in similar
content feel free to sign up to our newsletter
