Cheriot port of the opensecura soundstream bare-metal demo.
If you do not have an opensecura repo setup, follow the instructions at https://opensecura.googlesource.com/docs/+/refs/heads/master/GettingStarted.md
Be sure ROOTDIR is set in the environment pointing to a current opensecura repo checkout and the target platform is “sencha”; e.g.
cd ~/opensecura source build/setup.sh set-platform sencha printenv ROOTDIR /usr/local/google/home/sleffler/opensecura
The first time you setup a “sencha” platform you need to install the necessary tools:
set-platform sencha m tools
(note the tools are platform-dependent and only installed when the current platform is set to “sencha”).
You also need a current xmake
to build cheriot firmware. Note the most recent prebuilt package is too old so you need to do something like:
$ sudo apt-get install xmake Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: xmake 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. ... Setting up xmake (2.8.6+ds-3) ... ... $ which xmake /usr/bin/xmake $ xmake update update version v2.9.1 from official source .. => download https://gitlab.com/tboox/xmake.git .. ok => install to ~/.local/bin .. ok
(if you use an old xmake you will see this failure:
xmake build checking for platform ... cheriot checking for architecture ... cheriot error: decode json failed, @programdir/core/base/json.lua:223: invalid json syntax starting at position 63: x2000000,
)
Build a sencha platform image with the soundstream firmware for the SMC and run the simulator:
$ m simulate ... export XMAKE_CONFIGDIR=/usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release; \ cd/usr/local/google/home/sleffler/opensecura/hw/matcha/sw/device/cheriot/soundstream && \ xmake config \ -o /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release \ --sdk=/usr/local/google/home/sleffler/opensecura/cache/cheriot-tools \ --board=sencha \ --debug-scheduler=true --debug-allocator=true && \ xmake build checking for platform ... cheriot checking for architecture ... cheriot generating /usr/local/google/home/sleffler/opensecura/sw/cheriot-rtos/sdk/firmware.ldscript.in ... ok [ 31%]: cache compiling.release i2s.cc [ 31%]: cache compiling.release ../../lib/dif/dif_i2s.c [ 32%]: cache compiling.release soundstream.cc [ 32%]: cache compiling.release ../../lib/dif/autogen/dif_i2s_autogen.c [ 32%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/crt/cz.c [ 32%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/crt/arith64.c [ 32%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/scheduler/main.cc [ 32%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/atomic/atomic1.cc [ 33%]: cache compiling.release encode.cc [ 34%]: cache compiling.release ../../../../hw/top_matcha/sw/autogen/top_matcha.c [ 37%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/freestanding/memcmp.c [ 38%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/freestanding/memcpy.c [ 38%]: compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/token_library/token_unseal.S [ 39%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/freestanding/memset.c [ 40%]: cache compiling.release mailbox.cc [ 42%]: cache compiling.release ../../lib/dif/dif_tlul_mailbox.c [ 43%]: cache compiling.release ../../lib/dif/autogen/dif_tlul_mailbox_autogen.c [ 44%]: compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/switcher/entry.S [ 45%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/loader/boot.cc [ 46%]: compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/loader/boot.S [ 46%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/software_revoker/revoker.cc [ 48%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/debug/debug.cc [ 49%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/core/allocator/main.cc [ 50%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/compartment_helpers/claim_fast.cc [ 51%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/compartment_helpers/check_pointer.cc [ 53%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/locks/locks.cc [ 54%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/locks/semaphore.cc [ 55%]: cache compiling.release ../../../../../../sw/cheriot-rtos/sdk/lib/atomic/atomic4.cc [ 56%]: cache compiling.release ml_top.cc [ 57%]: cache compiling.release ../../lib/dif/dif_ml_top.c [ 59%]: cache compiling.release ../../lib/dif/autogen/dif_ml_top_autogen.c [ 60%]: linking library crt.library [ 61%]: linking privileged library cheriot.token_library.library [ 62%]: linking library freestanding.library [ 65%]: linking compartment i2s.compartment [ 66%]: linking compartment soundstream.compartment [ 67%]: linking library atomic1.library [ 68%]: linking compartment mailbox.compartment [ 69%]: linking library debug.library [ 71%]: linking privileged compartment cheriot.software_revoker.compartment [ 83%]: linking library atomic4.library [ 85%]: linking library compartment_helpers.library [ 89%]: linking library locks.library [ 91%]: linking privileged compartment soundstream-firmware.scheduler.compartment [ 93%]: linking compartment ml_top.compartment [ 96%]: linking privileged compartment cheriot.allocator.compartment [ 98%]: linking firmware ../../../../../../out/cheriot/sencha/release/cheriot/cheriot/release/soundstream-firmware [ 98%]: Creating firmware report ../../../../../../out/cheriot/sencha/release/cheriot/cheriot/release/soundstream-firmware.json [ 98%]: Creating firmware dump ../../../../../../out/cheriot/sencha/release/cheriot/cheriot/release/soundstream-firmware.dump ... mkdir /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp cp -f /usr/local/google/home/sleffler/opensecura/out/matcha-bundle-release.elf /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp/matcha-tock-bundle riscv32-unknown-elf-strip /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp/matcha-tock-bundle riscv32-unknown-elf-objcopy -O binary -g /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp/matcha-tock-bundle /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp/matcha-tock-bundle.bin ln -sf /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/cheriot/cheriot/release/soundstream-firmware /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp/kernel tar -C /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp -cvhf /usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/ext_flash.tar matcha-tock-bundle.bin kernel matcha-tock-bundle.bin kernel cd /usr/local/google/home/sleffler/opensecura && /usr/local/google/home/sleffler/opensecura/cache/renode/renode --disable-xwt --port 1234 -e "\ \$repl_file = @sim/config/platforms/sencha.repl; \ \$tar = @/usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/ext_flash.tar; \ \$sc_bin =@/usr/local/google/home/sleffler/opensecura/out/cheriot/sencha/release/tmp/matcha-tock-bundle.bin; \ \$term_port = 3456; \$gdb_port = 3333; i @sim/config/sencha.resc; \ pause; cpu0 IsHalted false; start" 16:20:42.1702 [INFO] Loaded monitor commands from: /usr/local/google/home/sleffler/opensecura/cache/renode/scripts/monitor.py 16:20:42.1895 [INFO] Monitor available in telnet mode on port 1234 16:20:42.4740 [INFO] Including script: /usr/local/google/home/sleffler/opensecura/sim/config/sencha.resc 16:20:42.4910 [INFO] System bus created. 16:20:45.5498 [INFO] Including script: /usr/local/google/home/sleffler/opensecura/sim/config/sencha.resc ...