Project Description

FizzBuzz OS (or just fbos) is an idea I've had in order to better grasp the fundamentals of the low level of a RISC-V machine. In practice, I'd like to build a small Operating System kernel that is able to launch three processes: one that simply prints "Fizz", another that prints "Buzz", and the third which prints "FizzBuzz". These processes are unaware of each other and it's up to the kernel to schedule them by using the timer interrupts as given on openSBI (fizz on % 3 seconds, buzz on % 5 seconds, and fizzbuzz on % 15 seconds).

This kernel provides just one system call, write, which allows any program to pass the string to be written into stdout.

This project is free software and you can find it here.

Goal for this Hackweek

  • Better understand the RISC-V SBI interface.
  • Better understand RISC-V in privileged mode.
  • Have fun.

Resources

Results

The project was a resounding success add-emoji Lots of learning, and the initial target was met.

Looking for hackers with the skills:

assembly risc-v c kernel

This project is part of:

Hack Week 24

Activity

  • 6 days ago: cmatos left this project.
  • 13 days ago: fgonzalez joined this project.
  • 13 days ago: fgonzalez liked this project.
  • 27 days ago: cmatos joined this project.
  • 27 days ago: cmatos liked this project.
  • about 1 month ago: rmarliere liked this project.
  • about 1 month ago: jmodak liked this project.
  • about 2 months ago: rmarliere joined this project.
  • 2 months ago: mbrugger liked this project.
  • 2 months ago: digitaltomm liked this project.
  • 3 months ago: mssola added keyword "assembly" to this project.
  • 3 months ago: mssola added keyword "risc-v" to this project.
  • 3 months ago: mssola added keyword "c" to this project.
  • 3 months ago: mssola added keyword "kernel" to this project.
  • 3 months ago: mssola started this project.
  • 3 months ago: mssola originated this project.

  • Comments

    Be the first to comment!

    Similar Projects

    Symbol Relations by hli

    Description

    There are tools to build function call graphs based on parsing source code, for example, cscope.

    This project aims to achieve a similar goal by directly parsing the disasembly (i.e. objdump) of a compiled binary. The assembly code is what the CPU sees, therefore more "direct". This may be useful in certain scenarios, such as gdb/crash debugging.

    Detailed description and Demos can be found in the README file:

    Supports x86 for now (because my customers only use x86 machines), but support for other architectures can be added easily.

    Tested with python3.6

    Goals

    Any comments are welcome.

    Resources

    https://github.com/lhb-cafe/SymbolRelations

    symrellib.py: mplements the symbol relation graph and the disassembly parser

    symrel_tracer*.py: implements tracing (-t option)

    symrel.py: "cli parser"


    Explore Microchip PIC64GX1000 Curiosity board (riscv64) by a_faerber

    Description

    The Microchip PIC64 family of RISC-V chipsets was announced this summer, with PIC64GX as first subfamily (with SiFive U54 CPU cores, same as Microchip PolarFire). Later families (PIC64-HPSC and PIC64HX) were announced to feature the long-awaited RISC-V Hypervisor Extension.

    My pre-ordered PIC64GX1000 Curiosity board arrived the week before Hackweek 24.

    Goals

    I intend to investigate enabling openSUSE Tumbleweed riscv64 on this new chipset and board.

    Resources

    Progress

    • Created udev rules for Curiosity board's FTDI based debug UARTs on USB-C - UART B has output from HSS / OpenSBI, UART C has output from U-Boot and kernel
    • Modified the image https://download.opensuse.org/ports/riscv/tumbleweed/images/openSUSE-Tumbleweed-RISC-V-JeOS-efi.riscv64-2024.11.10-Build1.13.raw.xz (20241118) with gdisk to prepend a bootloader partition (copying the binary bootloader from the vendor-supplied microSD, ignoring excess partition size) and added the microchip/pic64gx-curiosity-kit.dtb file to the EFI System Partition (again from the vendor-supplied microSD)
    • This boots into Tumbleweed! with ttyS1 by default (UART C)

    Stretch goals

    Investigate also the Microchip PolarFire SoC Discovery board.

    Progress

    The Microchip PolarFire Icicle board and BeagleV-Fire board had previously already been enabled by Torsten Duwe.

    • Additional udev rules needed to be created for its FTDI UART bridge chip.
    • The board ships with a "FIR filter" demo pre-flashed, not exposing any bootloader, only some demo output on UART C. The board will need to be flashed with a Microchip reference design for Linux.
    • The board has an on-board Flash Pro Express JTAG debugger on USB-C. Proprietary Programming and Debug tools software is available from Microchip to download, requiring an account. This should then be able to flash the .job file.
    • An in-progress patchset for OpenOCD is available in Gerrit, not yet in the openSUSE package. Presumably OpenOCD would not support Microchip's .job file format.


    Create openSUSE images for Arm/RISC-V boards by avicenzi

    Project Description

    Create openSUSE images (or test generic EFI images) for Arm and/or RISC-V boards that are not yet supported.

    Goal for this Hackweek

    Create bootable images of Tumbleweed for SBCs that currently have no images available or are untested.

    Consider generic EFI images where possible, as some boards can hold a bootloader.

    Document in the openSUSE Wiki how to flash and use the image for a given board.

    Boards that I have around and there are no images:

    • Rock 3B
    • Nano PC T3 Plus
    • Lichee RV D1
    • StartFive VisionFive (has some image needs testing)

    Hack Week 22

    Hack Week 21

    Resources


    RISC-V emulator in GLSL capable of running Linux by favogt

    Description

    There are already numerous ways to run Linux and some programs through emulation in a web browser (e.g. x86 and riscv64 on https://bellard.org/jslinux/), but none use WebGL/WebGPU to run the emulation on the GPU.

    I already made a PoC of an AArch64 (64-bit Arm) emulator in OpenCL which is unfortunately hindered by a multitude of OpenCL compiler bugs on all platforms (Intel with beignet or the new compute runtime and AMD with Mesa Clover and rusticl). With more widespread and thus less broken GLSL vs. OpenCL and the less complex implementation requirements for RV32 (especially 32bit integers instead of 64bit), that should not be a major problem anymore.

    Goals

    Write an RISC-V system emulator in GLSL that is capable of booting Linux and run some userspace programs interactively. Ideally it is small enough to work on online test platforms like Shaderoo with a custom texture that contains bootstrap code, kernel and initrd.

    Minimum:

    riscv32 without FPU (RV32 IMA) and MMU (µClinux), running Linux in M-mode and userspace in U-mode.

    Stretch goals:

    FPU support, S-Mode support with MMU, SMP. Custom web frontend with more possibilities for I/O (disk image, network?).

    Resources

    RISC-V ISA Specifications
    Shaderoo
    OpenGL 4.5 Quick Reference Card

    Result as of Hackweek 2024

    WebGL turned out to be insufficient, it only supports OpenGL ES 3.0 but imageLoad/imageStore needs ES 3.1. So we switched directions and had to write a native C++ host for the shaders.

    As of Hackweek Friday, the kernel attempts to boot and outputs messages, but panics due to missing memory regions.

    Since then, some bugs were fixed and enough hardware emulation implemented, so that now Linux boots with framebuffer support and it's possible to log in and run programs!

    The repo with a demo video is available at https://github.com/Vogtinator/risky-v


    Tumbleweed on Mars-CM (RISC-V board) by ph03nix

    RISC-V is awesome, Tumbleweed is awesome, chocolate cake is awesome. I'm planning to combine all of them in one project.

    Project Description

    I recently purchased a MILK-V Mars CM and managed to setup it up already using Debian Linux. My project for this Hackweek is to see how far I can get to run Tumbleweed on this compute module board.

    Goal for this Hackweek

    • Run Tumbleweed on the Compute Module

    Resources

    • http://milkv.io/mars-cm
    • https://en.opensuse.org/HCL:VisionFive2


    Investigate Milk-V Jupiter board (riscv64) by a_faerber

    Description

    On Monday of Hackweek 24 we received two Milk-V Jupiter mini-ITX boards (JUPITER_V1.1) via the RISC-V International devboards program. The Jupiter board uses a Spacemit M1 System-on-Chip (SoC).

    The Banana Pi BPI-F3 board with related Spacemit K1 SoC had previously already been investigated by Marvin Friedrich.

    Goals

    Investigate the hardware, any shipping boot firmware and its ability to boot openSUSE Tumbleweed.

    Resources

    Progress

    • On Monday Andreas purchased an ATX power supply, to power up the board.
    • According to UART output (note there's two UART pinouts on the board), there appears to be an undocumented U-Boot bootloader in QSPI, in addition to the documented microSD, NVMe and eMMC boot methods.
    • The on-board bootloader does not seem to support USB ("No working controllers found").
    • Manually loading our GRUB from microSD (via load+bootefi commands from SPI-based U-Boot) works, but in GRUB loading our kernel fails ("error: ../../grub-core/loader/efi/linux.c:521:out of memory.").
    • Marvin instead had success flashing a ready-made Bianbu OS image via titantools to microSD card (i.e., a different U-Boot on microSD), that he then modified to load openSUSE kernels instead.


    ESETv2 Emulator / interpreter by m.crivellari

    Description

    ESETv2 is an intriguing challenge developed by ESET, available on their website under the "Challenge" menu. The challenge involves an "assembly-like" language and a Python compiler that generates .evm binary files.

    This is an example using one of their samples (it prints N Fibonacci numbers):

    .dataSize 0
    .code
    
    loadConst 0, r1 # first
    loadConst 1, r2 # second
    
    loadConst 1, r14 # loop helper
    
    consoleRead r3
    
    loop:
        jumpEqual end, r3, r15
    
        add r1, r2, r4
        mov r2, r1
        mov r4, r2
    
        consoleWrite r1
    
        sub r3, r14, r3
        jump loop
    end:
    hlt
    

    This language also supports multi-threading. It includes instructions such as createThread to start a new thread, joinThread to wait until a thread completes, and lock/unlock to facilitate synchronization between threads.

    Goals

    • create a full interpreter able to run all the available samples provided by ESET.
    • improve / optimize memory (eg. using bitfields where needed as well as avoid unnecessary memory allocations)

    Resources

    Achivements

    Project still not complete. Added lock / unlock instruction implementation but further debug is needed; there is a bug somewhere. Actually the code it works for almost all the examples in the samples folder. 1 of them is not yet runnable (due to a missing "write" opcode implementation), another will cause the bug to show up; still not investigated, anyhow.


    Add a machine-readable output to dmidecode by jdelvare

    Description

    There have been repeated requests for a machine-friendly dmidecode output over the last decade. During Hack Week 19, 5 years ago, I prepared the code to support alternative output formats, but didn't have the time to go further. Last year, Jiri Hnidek from Red Hat Linux posted a proof-of-concept implementation to add JSON output support. This is a fairly large pull request which needs to be carefully reviewed and tested.

    Goals

    Review Jiri's work and provide constructive feedback. Merge the code if acceptable. Evaluate the costs and benefits of using a library such as json-c.


    FastFileCheck work by pstivanin

    Description

    FastFileCheck is a high-performance, multithreaded file integrity checker for Linux. Designed for speed and efficiency, it utilizes parallel processing and a lightweight database to quickly hash and verify large volumes of files, ensuring their integrity over time.

    https://github.com/paolostivanin/FastFileCheck

    Goals

    • Release v1.0.0

    Design overwiew:

    • Main thread (producer): traverses directories and feeds the queue (one thread is more than enough for most use cases)
    • Dedicated consumer thread: manages queue and distributes work to threadpool
    • Worker threads: compute hashes in parallel

    This separation of concerns is efficient because:

    • Directory traversal is I/O bound and works well in a single thread
    • Queue management is centralized, preventing race conditions
    • Hash computation is CPU-intensive and properly parallelized


    early stage kdump support by mbrugger

    Project Description

    When we experience a early boot crash, we are not able to analyze the kernel dump, as user-space wasn't able to load the crash system. The idea is to make the crash system compiled into the host kernel (think of initramfs) so that we can create a kernel dump really early in the boot process.

    Goal for the Hackweeks

    1. Investigate if this is possible and the implications it would have (done in HW21)
    2. Hack up a PoC (done in HW22 and HW23)
    3. Prepare RFC series (giving it's only one week, we are entering wishful thinking territory here).

    update HW23

    • I was able to include the crash kernel into the kernel Image.
    • I'll need to find a way to load that from init/main.c:start_kernel() probably after kcsan_init()
    • I workaround for a smoke test was to hack kexec_file_load() systemcall which has two problems:
      1. My initramfs in the porduction kernel does not have a new enough kexec version, that's not a blocker but where the week ended
      2. As the crash kernel is part of init.data it will be already stale once I can call kexec_file_load() from user-space.

    The solution is probably to rewrite the POC so that the invocation can be done from init.text (that's my theory) but I'm not sure if I can reuse the kexec infrastructure in the kernel from there, which I rely on heavily.

    update HW24

    • Day1
      • rebased on v6.12 with no problems others then me breaking the config
      • setting up a new compilation and qemu/virtme env
      • getting desperate as nothing works that used to work
    • Day 2
      • getting to call the invocation of loading the early kernel from __init after kcsan_init()
    • Day 3

      • fix problem of memdup not being able to alloc so much memory... use 64K page sizes for now
      • code refactoring
      • I'm now able to load the crash kernel
      • When using virtme I can boot into the crash kernel, also it doesn't boot completely (major milestone!), crash in elfcorehdr_read_notes()
    • Day 4

      • crash systems crashes (no pun intended) in copy_old_mempage() link; will need to understand elfcorehdr...
      • call path vmcore_init() -> parse_crash_elf_headers() -> elfcorehdr_read() -> read_from_oldmem() -> copy_oldmem_page() -> copy_to_iter()
    • Day 5

      • hacking arch/arm64/kernel/crash_dump.c:copy_old_mempage() to see if crash system really starts. It does.
      • fun fact: retested with more reserved memory and with UEFI FW, host kernel crashes in init but directly starts the crash kernel, so it works (somehow) \o/
    • TODOs

      • fix elfcorehdr so that we actually can make use of all this...
      • test where in the boot __init() chain we can/should call kexec_early_dump()


    Model checking the BPF verifier by shunghsiyu

    Project Description

    BPF verifier plays a crucial role in securing the system (though less so now that unprivileged BPF is disabled by default in both upstream and SLES), and bugs in the verifier has lead to privilege escalation vulnerabilities in the past (e.g. CVE-2021-3490).

    One way to check whether the verifer has bugs to use model checking (a formal verification technique), in other words, build a abstract model of how the verifier operates, and then see if certain condition can occur (e.g. incorrect calculation during value tracking of registers) by giving both the model and condition to a solver.

    For the solver I will be using the Z3 SMT solver to do the checking since it provide a Python binding that's relatively easy to use.

    Goal for this Hackweek

    Learn how to use the Z3 Python binding (i.e. Z3Py) to build a model of (part of) the BPF verifier, probably the part that's related to value tracking using tristate numbers (aka tnum), and then check that the algorithm work as intended.

    Resources


    Hacking on sched_ext by flonnegren

    Description

    Sched_ext upstream has some interesting issues open for grabs:

    Goals

    Send patches to sched_ext upstream

    Also set up perfetto to trace some of the example schedulers.

    Resources

    https://github.com/sched-ext/scx


    Create DRM drivers for VESA and EFI framebuffers by tdz

    Description

    We already have simpledrm for firmware framebuffers. But the driver is originally for ARM boards, not PCs. It is already overloaded with code to support both use cases. At the same time it is missing possible features for VESA and EFI, such as palette modes or EDID support. We should have DRM drivers for VESA and EFI interfaces. The infrastructure exists already and initial drivers can be forked from simpledrm.

    Goals

    • Initially, a bare driver for VESA or EFI should be created. It can take functionality from simpledrm.
    • Then we can begin to add additional features. The boot loader can provide EDID data. With VGA hardware, VESA can support paletted modes or color management. Example code exists in vesafb.


    Improve UML page fault handler by ptesarik

    Description

    Improve UML handling of segmentation faults in kernel mode. Although such page faults are generally caused by a kernel bug, it is annoying if they cause an infinite loop, or panic the kernel. More importantly, a robust implementation allows to write KUnit tests for various guard pages, preventing potential kernel self-protection regressions.

    Goals

    Convert the UML page fault handler to use oops_* helpers, go through a few review rounds and finally get my patch series merged in 6.14.

    Resources

    Wrong initial attempt: https://lore.kernel.org/lkml/20231215121431.680-1-petrtesarik@huaweicloud.com/T/