QEMU 模拟

Introduction

An embedded architecture virtual machine is important for my current development works. I'm trying to develop a malware behavior monitor which was directly executed in our firmware simulation environment. After facing a lot of issues when I trying to transplant my program from amd64-host into arm-vm, I finally admitted that pre-test for API's availability is unignorable. So, I decide to build a ideal test environment first and record related experience here.

Get qemu-system

Compile qemu-system from source or install it from package manager.

Whatever, qemu-system-<arch> should be avaliable at last.

Using OpenWRT directly

OpenWrt (from open wireless router) is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic. We can download kernel\filesystem\initramfs etc. seperately (not as a firmware bin file) from here: https://downloads.openwrt.org/releases/

As for arm, I come to (root) / releases / 19.07.7 / targets / armvirt / 32 / to get what I want:

• root.ext4.gz

• root.squashfs.gz

• rootfs.cpio.gz

• zImage

• zImage-initramfs

Use gunzip to unzip gz archives above.

Now we have files listed below:

• zImage

• zImage-initramfs

• rootfs.cpio

• ext4.img

• squashfs.img

Using initramfs

Here the rootfs is bundled along with the zImage as a single file. In this mode the filesystem resides entirely in memory and any modifications are lost on poweroff, which is not enough for my requirement. run:

qemu-system-arm -M virt -kernel zImage-initramfs -no-reboot -nographic

Using a separate rootfs

Using cpio

Here the rootfs is present as a separate cpio archive. run:

qemu-system-arm -M virt -kernel zImage -initrd rootfs.cpio -no-reboot -nographic

Using a specific filesystem (squashfs here)

run:

qemu-system-arm -M virt \
 -kernel zImage \
 -no-reboot -nographic \
 -nic user -nic user \
 -drive file=root.squashfs,if=virtio,format=raw \
 -append "root=/dev/vda"