microsoft/openvmm
Publicmirrored from https://github.com/microsoft/openvmmAvailable
Guide/src/dev_guide/getting_started/build_openhcl.md
169lines · modecode
| 1 | # Building OpenHCL |
| 2 | |
| 3 | **Prerequisites:** |
| 4 | |
| 5 | - [Getting started on Linux / WSL2](./linux.md). |
| 6 | |
| 7 | Reminder: OpenHCL cannot currently be built on Windows hosts! |
| 8 | |
| 9 | * * * |
| 10 | |
| 11 | An OpenHCL IGVM firmware image is composed of several distinct binaries and |
| 12 | artifacts. For example: the `openvmm_hcl` usermode binary, the OpenHCL boot |
| 13 | shim, the OpenHCL Linux kernel and initrd, etc.... |
| 14 | |
| 15 | Some of these components are built directly out of the OpenVMM repo, whereas |
| 16 | others must be downloaded as pre-built artifacts from other associated repos. |
| 17 | Various tools and scripts will then transform, package, and re-package these |
| 18 | artifacts into a final OpenHCL IGVM firmware binary. |
| 19 | |
| 20 | Fortunately, we don't expect you do to all those steps manually! |
| 21 | |
| 22 | All the complexity of installing the correct system dependencies, building the |
| 23 | right binaries, downloading the right artifacts, etc... is neatly encapsulated |
| 24 | behind a single `cargo xflowey build-igvm` command, which orchestrates the |
| 25 | entire end-to-end OpenHCL build process. |
| 26 | |
| 27 | > NOTE: `cargo xflowey build-igvm` is designed to be used as part of the |
| 28 | > developer inner-loop, and does _NOT_ have a stable CLI suitable for CI or any |
| 29 | > other form of production automation! |
| 30 | > |
| 31 | > In-tree pipelines and automation should interface with the underlying `flowey` |
| 32 | > infrastructure that powers `cargo xflowey build-igvm`, _without_ relying on |
| 33 | > the details of its CLI. |
| 34 | |
| 35 | Using the `build-igvm` flow is as simple as running: |
| 36 | |
| 37 | ```bash |
| 38 | cargo xflowey build-igvm [RECIPE] |
| 39 | ``` |
| 40 | |
| 41 | The first build will take some time as all the dependencies are |
| 42 | installed/downloaded/built. |
| 43 | |
| 44 | **Note: At this time, OpenHCL can only be built on Linux (or WSL2)!** |
| 45 | |
| 46 | A "recipe" corresponds to one of the pre-defined IGVM SKUs that are actively |
| 47 | supported and tested in OpenVMM's build infrastructure. |
| 48 | |
| 49 | A single recipe encodes _all_ the details of what goes into an individual IGVM |
| 50 | file, such as what build flags `openvmm_hcl` should be built with, what goes |
| 51 | into a VTL2 initrd, what `igvmfilegen` manifest is being used, etc... |
| 52 | |
| 53 | - e.g: `x64`, for a "standard" x64 IGVM |
| 54 | - e.g: `aarch64`, for a "standard" aarch64 IGVM |
| 55 | - e.g: `x64-cvm`, for a x64 CVM IGVM |
| 56 | - e.g: `x64-test-linux-direct`, for x64 IGVM booting a test linux direct image |
| 57 | - _for a full list of available recipes, please run `cargo xflowey build-igvm --help`_ |
| 58 | |
| 59 | New recipes can be added by modifying the `build-igvm` source code. |
| 60 | |
| 61 | Build output is then binplaced to: `flowey-out/artifacts/build-igvm/{release-mode}/{recipe}/openhcl-{recipe}.bin` |
| 62 | |
| 63 | So, for example: |
| 64 | |
| 65 | ```bash |
| 66 | cargo xflowey build-igvm x64-cvm |
| 67 | # output: flowey-out/artifacts/build-igvm/debug/x64-cvm/openhcl-x64-cvm.bin |
| 68 | |
| 69 | cargo xflowey build-igvm x64 --release |
| 70 | # output: flowey-out/artifacts/build-igvm/release/x64/openhcl-x64.bin |
| 71 | ``` |
| 72 | |
| 73 | ## Building ohcldiag-dev |
| 74 | |
| 75 | `ohcldiag-dev` is typically built as a Windows binary. |
| 76 | |
| 77 | This can be done directly from Windows, or using cross-compilation from WSL2, as |
| 78 | described in the [Suggested Dev Environment](../getting_started/suggested_dev_env.md#wsl2-cross-compiling-from-wsl2-to-windows) |
| 79 | section of the Guide. |
| 80 | |
| 81 | The command to build `ohcldiag-dev` is simply: |
| 82 | |
| 83 | ```sh |
| 84 | # you may need to run `rustup target add x86_64-pc-windows-msvc` first |
| 85 | cargo build -p ohcldiag-dev --target x86_64-pc-windows-msvc |
| 86 | ``` |
| 87 | |
| 88 | **Note:** Thanks to x86 emulation built into Windows, `ohcldiag-dev.exe` that is |
| 89 | built for x64 Windows will work on Aarch64 Windows as well. |
| 90 | |
| 91 | ## Troubleshooting |
| 92 | |
| 93 | This section documents some common errors you may encounter while building |
| 94 | OpenHCL. |
| 95 | |
| 96 | If you are still running into issues, consider filing an issue on the OpenVMM |
| 97 | GitHub Issue tracker. |
| 98 | |
| 99 | ### Help! The build failed due to a missing dependency! |
| 100 | |
| 101 | If you don't mind having `xflowey` install some dependencies globally on your |
| 102 | machine (i.e: via `apt install`, or `rustup toolchain add`), you can pass |
| 103 | `--auto-install-deps` to your invocation of `build-igvm`. |
| 104 | |
| 105 | Alternatively - `build-igvm` _should_ emit useful human-readable error messages |
| 106 | when it encounters a dependency that isn't installed, with a suggestion on how |
| 107 | to install it. |
| 108 | |
| 109 | If it doesn't - please file an Issue! |
| 110 | |
| 111 | ### Help! Everything is rebuilding even though I only made a small change! |
| 112 | |
| 113 | Cargo's target triple handling can be a bit buggy. Try running with: |
| 114 | |
| 115 | ```bash |
| 116 | CARGO_BUILD_TARGET=x86_64-unknown-linux-gnu cargo build-igvm [RECIPE] |
| 117 | ``` |
| 118 | |
| 119 | or adding the below to your .bashrc: |
| 120 | |
| 121 | ```bash |
| 122 | export CARGO_BUILD_TARGET=x86_64-unknown-linux-gnu |
| 123 | ``` |
| 124 | |
| 125 | ## Build Customization |
| 126 | |
| 127 | Aside from building IGVM files corresponding the the built-in IGVM recipes, |
| 128 | `build-igvm` also offers a plethora of customization options for developers who |
| 129 | wish to build specialized custom IGVM files for local testing. |
| 130 | |
| 131 | Some examples of potentially useful customization include: |
| 132 | |
| 133 | * `--override-manifest`: Override the recipe's `igvmfilegen` manifest file |
| 134 | via, in order to tweak different kernel command line options, different VTL0 |
| 135 | boot configuration, or different VTL2 memory sizes. |
| 136 | |
| 137 | * `--custom-openvmm-hcl`: Specify a pre-built `openvmm_hcl` binary. This is |
| 138 | useful in case you have already built it with some custom settings, e.g.: |
| 139 | |
| 140 | ```bash |
| 141 | cargo build --target x86_64-unknown-linux-musl -p openvmm_hcl --features myfeature |
| 142 | cargo xflowey build-igvm x64 --custom-openvmm-hcl target/x86_64-unknown-linux-musl/debug/openvmm_hcl |
| 143 | ``` |
| 144 | |
| 145 | * Specify a custom VTL2 kernel `vmlinux` / `Image`, instead of using a |
| 146 | pre-packed stable/dev kernel. |
| 147 | |
| 148 | ```bash |
| 149 | cargo xflowey build-igvm x64 --custom-kernel path/to/my/prebuilt/vmlinux |
| 150 | ``` |
| 151 | |
| 152 | For a full list of available customizations, refer to `build-igvm --help`. |
| 153 | |
| 154 | ### Advanced |
| 155 | |
| 156 | Depending on what you're doing, you may need to build the individual components |
| 157 | that go into an OpenHCL IGVM build. |
| 158 | |
| 159 | Our `flowey`-based pipelines handle the complexities of properly invoking and |
| 160 | orchestrating the various individual build tools / scripts used to construct |
| 161 | IGVM files, but a sufficiently motivated user can go through these steps |
| 162 | manually. |
| 163 | |
| 164 | Please consult the source code for `cargo xflowey build-igvm` for a breakdown of |
| 165 | all build steps and available customization options. |
| 166 | |
| 167 | Note that the canonical "source of truth" for how to build end-to-end OpenHCL |
| 168 | IGVM files are these build scripts themselves, and the specific flow is subject |
| 169 | to change over time! |