qemu with Z2 support

I spent some days getting qemu to emulate some Z2 hardware, and got some results :)
Almost all hw is emulated, it lacks only voltage regulator and WiFi, but it's not easy to implement Marvell's WiFi chip, because there's no datasheet, and anyway it makes no sense. Also screen rotation is not supported (yet).

Stock bootloader - blob - (with slight modification) and stock kernel works. Blob puts Z2 into deepsleep on reset, so I hacked it not to do this.

How to compile qemu:

So, how to hack blob:
  • put your blob image (first 64kb of NOR) somewhere
  • convert it to hex representation with xxd: xxd mtdblock1.bin >mtdblock1.hex
  • apply patch onto mtdblock1.hex
  • convert hex back to bin: mv mtdblock1.bin mtdblock1.bin.bak; xxd -r mtdblock1.hex >mtdblock1.bin
I don't put modified nor original blob binary anywhere, as I doubt it's legal.

How to run stock sw:
  • cd qemu-z2; mkdir z2; wget http://downloads.tuxfamily.org/linuxrx1950/tmp/z2_start.sh
  • Combine mtdblocks into one flash image: cat mtdblock1.bin >z2_flash; cat mtdblock2.bin >>z2_flash; cat mtdblock3.bin >>z2_flash
  • So, z2 directory contains following files: z2_start.sh, z2_flash
  • Now just start z2_start.sh script
How to run latest kernel:
  • Use same z2_flash and z2_start.sh files from z2 directory
  • You'll also need kernel image - zImage (not uImage!)
  • Start z2_start.sh as follows: ./z2_start.sh -kernel zImage -append console=tty0
You can also use SD card image, just specify -sd image.filename as argument to z2_start.sh script

Update (2013-Nov-27): link to blob patch is updated!

Comments

tyler S said…
do you need to clone the thing to somewhere special?
or can it go just about anywhere
September 30, 2012 at 11:09 PM
anarsoul said…
Actually, now you can just use qemu from your distro repository. My changes were merged ~year ago or so
October 1, 2012 at 7:29 AM
tyler S said…
where? I cant seem to do anything software related lately
October 1, 2012 at 11:39 AM
anarsoul said…
Install qemu from yours distro repo:
apt-get install qemu or pacman -S qemu or emerge qemu, then check qemu version with 'qemu-system-arm --version', you don't need to compile qemu by yourself if it's 1.1.0 or newer. You can check that Z2 emulation is here by invoking 'qemu-system-arm -M ?', it's last in list for qemu-1.2.0
October 1, 2012 at 11:51 AM
tyler S said…
one last question; where do you get the mtdblockx.bin files?
if you get them off a stock zipit then is there a alternative?
October 1, 2012 at 9:34 PM
anarsoul said…
You don't need them to test mainline firmware (openwrt?), just do 'dd if=/dev/zero of=z2_flash bs=1k count=8k' to prepare empty flash image.
October 1, 2012 at 11:45 PM
tyler S said…
i lied; one more question; how do you get u-boot to stay awake?
qemu keeps giving me this: "machine entered Deep-sleep mode"
October 2, 2012 at 12:58 AM
tyler S said…
how do you make the zImage of openwrt?
October 2, 2012 at 6:36 AM
anarsoul said…
You can use uImage, qemu recognizes it aswell
October 2, 2012 at 9:22 AM
anarsoul said…
And just pass kernel to qemu, don't try to boot via u-boot
October 2, 2012 at 9:23 AM
Anonymous said…
This comment has been removed by the author.
June 28, 2013 at 6:10 PM
Anonymous said…
> qemu keeps giving me this: "machine entered Deep-sleep mode"

The patch is reversed by a mistake. Just open an mtdblock1.hex with editor and do a reversive operation by a hand, i.e. change 001a to 00ea.
October 20, 2013 at 3:53 PM
tycho said…
I tried running this and get:

http://dl.dropboxusercontent.com/u/6134596/Screenshots/99letv0_biht.png

Qemu jumps to 100% cpu, i left it for 30 minutes and then killed it ; nothing happens, on any of the machines.

Any way to debug this? It's 1.2.0 and it does have z2 support etc.


November 27, 2013 at 5:37 PM
Anonymous said…
This comment has been removed by the author.
December 4, 2013 at 1:44 PM
Anonymous said…
> where do you get the mtdblockx.bin files?
Here they are: https://drive.google.com/file/d/0ByyEP_2OsyDfSjl4MnRSN0tjQlU/edit?usp=sharing
April 10, 2014 at 7:09 AM
Post a Comment

Popular posts from this blog

Access point with Raspberry Pi and rtl8192cu dongle

On Thursday ethernet ports (WAN and LAN1-4) in my Asus WL500GPv1 router have completely died, so I needed a replacement. Hopefully, recently I've got Raspberry Pi, so I decided to use it as a router. I've got TP-LINK TL-WN821NC USB stick from local store which is based on RTL8192CU chipset. Unfortunately, its driver doesn't work with vanilla hostapd, but requires patched ancient version of hostapd from Realtek . I'm using Archlinux on my rpi and I've found manual how to setup AP using this USB stick  here , but I don't want to overwrite binaries from repository packages, since it's not a sane way, and it can (and will) be broken by hostapd update. So I prepared a package, here's source package (just unpack it and build with makepkg directly on rpi), and here's binary package for armv6h (you can install it with pacman -U). I can't put PKGBUILD in AUR, since there's no stable hosting for Realtek's hostapd. If anyone is willing to host...
Read more

Migration to xubuntu

Recently I moved from kde to xfce on my laptop, but as xfce doesn't look pretty in gentoo (actually, it looks awful), I decided to move to xubuntu :) System is pretty fast now (much faster than it was in kde). Here's gtk analogs of kde apps I was used to: claws-mail (instead of kmail) exaile (instead of amarok) tilda (instead of yakuake) I've created ppa with some custom packages: tilda with changed shortcuts for switching tabs, default ctrl+pgup/ctrl+pgdn are used in mc and vim, so I changed them to shift+arrow, however it would be better to add option in gui for changing these shortcuts swt-gtk-3.5.2, it's required to fix rendering issues in tuxguitar Btw, there's arm toolchain in ubuntu repository :) xubuntu rocks!
Read more

Wayland and software rendering

Image
Recently I spent few evenings for hacking wayland . I like idea of wayland - rendering is done completely on client (in whatever way), compositor (server part) is responsible in rendering buffers from clients on the screen. Issue for me was rendering part of weston (reference compositor for wayland) - it uses GLES for compositing, but I want to try wayland and weston on devices without hw acceleration (pure software rendering), and running software GL on PXA270@312MHz does not sound like a good idea, does it? :) So I asked on #wayland@irc.freenode.org if it possible to implement software renderer, Kristian Høgsberg (khr) responded that in master branch of weston repo there's a nice abstraction of renderer, so it's possible to implement pixman renderer. So I did :) weston with x11-backend and pixman renderer khr and pq from #wayland were very helpful, and described place of renderer in wayland architecture, here're some points renderer just performs rendering of ...
Read more