From nobody Tue Dec 16 03:01:24 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=linaro.org
ARC-Seal: i=1; a=rsa-sha256; t=1753602151; cv=none;
	d=zohomail.com; s=zohoarc;
	b=fw5G0utcMyqgRPd88zJaOkP8ABoScpEI1ExxWNrxIEKZPu4l7y+EK7yU0VNJ5iZvQlCdg6PW0HetTpX4xzMe+KwgqFyVH2c0SJ41LAPiXFrl23VV1/cPrU80bLdZXMEvOFBd4e0aHzKANPTBOHsPQZjwCQMZXHp2RaAUE6JjfYI=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1753602151;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=HolV9X4BkVapdOFNAuZ95FskSHr7YQ0pnoaUzo/RGgg=;
	b=MrC88HXfAYaRBC2seXw38EDMqPl42EPmmDvzFFNUAKrZzsahXM8XQdjyVsHxrUUZwbZeqUdljJvtLiD0AJqAYq2/qbPGisVf9l+O0QM+hQ44yofbNQ30YD2JPkkqk/pl9Gr9uA6BUPIL1ofTIMTvHcnBZx86ohmg5Cs7oqmnn6w=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<richard.henderson@linaro.org> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1753602151883602.5148516065767;
 Sun, 27 Jul 2025 00:42:31 -0700 (PDT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1ufw1W-0006bA-KU; Sun, 27 Jul 2025 03:42:22 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <richard.henderson@linaro.org>)
 id 1ufw1O-0006I6-Pw
 for qemu-devel@nongnu.org; Sun, 27 Jul 2025 03:42:16 -0400
Received: from mail-pl1-x62f.google.com ([2607:f8b0:4864:20::62f])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <richard.henderson@linaro.org>)
 id 1ufw1L-000152-Pm
 for qemu-devel@nongnu.org; Sun, 27 Jul 2025 03:42:14 -0400
Received: by mail-pl1-x62f.google.com with SMTP id
 d9443c01a7336-2350fc2591dso39774975ad.1
 for <qemu-devel@nongnu.org>; Sun, 27 Jul 2025 00:42:11 -0700 (PDT)
Received: from localhost.localdomain (syn-098-150-199-049.res.spectrum.com.
 [98.150.199.49]) by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-23fbe53b546sm29633055ad.177.2025.07.27.00.42.08
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 27 Jul 2025 00:42:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1753602130; x=1754206930; darn=nongnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=HolV9X4BkVapdOFNAuZ95FskSHr7YQ0pnoaUzo/RGgg=;
 b=TDodKcjTBJwzNKL2KIdzdsjFxLg6XL6/9Fdr5nzTR0RlNAvTvT74zDHirQIqm77JdU
 N+RcQAb/xUVhLXgrTGpbpogPzCH46zSNCUHKYLqFf+n5us1/YGfMvja7itDCa5hweHvM
 AJ1b05DeAp4Go8S1zVKsTymhvzyEOVTzIrn7YOAmV1EYlfwGgCGjaBCjA/gbNEKajKq+
 HFxRac+Y/uTgRYVmVAJGlfHgjKdaa3aL/Z9tyTB5V7e8KjJ2YODZp9KotSz4bfaggNqP
 QcszdM9ZD71kiDC30TiaALlHmKkb6k+nwyxD1gUYxcxS4q0eRI5GQOuk47b3keuyfGCC
 tQdg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1753602130; x=1754206930;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=HolV9X4BkVapdOFNAuZ95FskSHr7YQ0pnoaUzo/RGgg=;
 b=Xaqb7JbHxD0MrvnNDV65Z/rXbkYrhqPK7uF+EL9dnOIxWhcqXFNpYFg5vLeihyejj7
 me7zdcCpePD9B38JxA5P2zTz+PHXQsQ+ryFsekkHHFbQMz8t7Lh8sYFRpuu7Un/wlHrg
 FD3I6CKtL9T78Xrxt0EGybTsnrB2+OnuXt/qpC2F6Wl8GQk16piTg7EhVGcd9meeWzYY
 8dNn9IkkOYxHJ4sAmi7rsQPD2H1P6s12eC921PToindpifANjOHAU5XnCChcZedMZgAV
 MXiJUfP6oizpMXuGywq5nTD/VC7lQx+r2jNI19cAGkwNyTI1r6MLhGfmgLGTVA+1O830
 nZ2g==
X-Gm-Message-State: AOJu0YxK0Vs7hfA9iS6jj4iX5O342qmPp5JZJWAs6F/5be8T6mStVx0/
 VnuNRMCcFYv1wHO4wbL9ZwVcxrOU6NMgkBv+y0Q1fV5J3sB3loEhWhUSyptCJ7uL/R7X9tsLVs0
 aTATk
X-Gm-Gg: ASbGncsDkNT2QBm8//4TkfYKo8OAI5U1lwvAuW4lN9dlnLdxcmr/zRVdEUjYlaAG7vH
 7u2HQhQb8PxDHaL+hW/ZYpg4XuSh2ZVe4xHDkX/7D7r499p7VH4Sn/eq2hzfEK71UuML8C7hu2J
 3dMBBOSgthYlaCMTe9BPFqWzBVwajhL+Dc0Wx/pe1VYc6oqr6vOOrxrgTig/FW/Id8Km+pWT+p7
 Kunkas4hSalKpCMuAcZltSwHwtmjjyM/yvybSPXDskHBLOfOVoNolPWtAW7tb8xUUhSJSsl97Gy
 P/Iej//QroY0qlVQy9+tOZdzXWtrCcPZgWiU+4KjE/UNvqWBz7kr/J39/lZtLbEskcOA4P0GODs
 4U58e5CA+e3U4mkhhHmOsce8EDSABlQJcUF8nXtVuEmZ2Qb2pCX6Ou/ekrSRqIZfSqU5Cv8XLNE
 WeTFKHXAuCiA==
X-Google-Smtp-Source: 
 AGHT+IGgbIPDqR/0dS1vLD1FRaP6Zr4Wl/SyOGVyUerc20avUG9AN4+6cjQh+CQ2W9k6rNhQ0/8g+Q==
X-Received: by 2002:a17:902:cccd:b0:23f:75d1:3691 with SMTP id
 d9443c01a7336-23fb2b5c028mr104499585ad.15.1753602130119;
 Sun, 27 Jul 2025 00:42:10 -0700 (PDT)
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Cc: qemu-arm@nongnu.org,
	Pierrick Bouvier <pierrick.bouvier@linaro.org>
Subject: [PATCH v9 2/6] tests/functional/test_aarch64_rme: update image
Date: Sat, 26 Jul 2025 21:41:58 -1000
Message-ID: <20250727074202.83141-3-richard.henderson@linaro.org>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20250727074202.83141-1-richard.henderson@linaro.org>
References: <20250727074202.83141-1-richard.henderson@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Received-SPF: pass client-ip=2607:f8b0:4864:20::62f;
 envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x62f.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: pass (identity @linaro.org)
X-ZM-MESSAGEID: 1753602153650116600
Content-Type: text/plain; charset="utf-8"

From: Pierrick Bouvier <pierrick.bouvier@linaro.org>

TF-A needs to be patched to enable support for FEAT_TCR2 and
FEAT_SCTLR2. This new image contains updated firmware.

Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250719035838.2284029-3-pierrick.bouvier@linaro.org>
Reviewed-by: Philippe Mathieu-Daud=C3=A9 <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daud=C3=A9 <philmd@linaro.org>
---
 tests/functional/test_aarch64_rme_sbsaref.py | 64 ++++++++-------
 tests/functional/test_aarch64_rme_virt.py    | 85 +++++++-------------
 2 files changed, 66 insertions(+), 83 deletions(-)

diff --git a/tests/functional/test_aarch64_rme_sbsaref.py b/tests/functiona=
l/test_aarch64_rme_sbsaref.py
index 746770e776..cd6390b548 100755
--- a/tests/functional/test_aarch64_rme_sbsaref.py
+++ b/tests/functional/test_aarch64_rme_sbsaref.py
@@ -10,21 +10,23 @@
 # SPDX-License-Identifier: GPL-2.0-or-later
=20
 import os
+from os.path import join
+import shutil
=20
 from qemu_test import QemuSystemTest, Asset, wait_for_console_pattern
 from qemu_test import exec_command_and_wait_for_pattern
-from test_aarch64_rme_virt import test_realms_guest
=20
=20
 class Aarch64RMESbsaRefMachine(QemuSystemTest):
=20
-    # Stack is built with OP-TEE build environment from those instructions:
+    # Stack is inspired from:
     # https://linaro.atlassian.net/wiki/spaces/QEMU/pages/29051027459/
-    # https://github.com/pbo-linaro/qemu-rme-stack
+    # https://github.com/pbo-linaro/qemu-linux-stack/tree/rme_sbsa_release
+    # ./build.sh && ./archive_artifacts.sh out.tar.xz
     ASSET_RME_STACK_SBSA =3D Asset(
-        ('https://fileserver.linaro.org/s/KJyeBxL82mz2r7F/'
-         'download/rme-stack-op-tee-4.2.0-cca-v4-sbsa.tar.gz'),
-         'dd9ab28ec869bdf3b5376116cb3689103b43433fd5c4bca0f4a8d8b3c104999e=
')
+        ('https://github.com/pbo-linaro/qemu-linux-stack/'
+         'releases/download/build/rme_sbsa_release-a7f02cf.tar.xz'),
+         '27d8400b11befb828d6db0cab97e7ae102d0992c928d3dfbf38b24b6cf6c324c=
')
=20
     # This tests the FEAT_RME cpu implementation, by booting a VM supporti=
ng it,
     # and launching a nested VM using it.
@@ -35,35 +37,41 @@ def test_aarch64_rme_sbsaref(self):
=20
         self.vm.set_console()
=20
-        stack_path_tar_gz =3D self.ASSET_RME_STACK_SBSA.fetch()
-        self.archive_extract(stack_path_tar_gz, format=3D"tar")
+        stack_path_tar =3D self.ASSET_RME_STACK_SBSA.fetch()
+        self.archive_extract(stack_path_tar, format=3D"tar")
=20
-        rme_stack =3D self.scratch_file('rme-stack-op-tee-4.2.0-cca-v4-sbs=
a')
-        pflash0 =3D os.path.join(rme_stack, 'images', 'SBSA_FLASH0.fd')
-        pflash1 =3D os.path.join(rme_stack, 'images', 'SBSA_FLASH1.fd')
-        virtual =3D os.path.join(rme_stack, 'images', 'disks', 'virtual')
-        drive =3D os.path.join(rme_stack, 'out-br', 'images', 'rootfs.ext4=
')
+        rme_stack =3D self.scratch_file('.')
+        pflash0 =3D join(rme_stack, 'out', 'SBSA_FLASH0.fd')
+        pflash1 =3D join(rme_stack, 'out', 'SBSA_FLASH1.fd')
+        rootfs =3D join(rme_stack, 'out', 'host.ext4')
=20
-        self.vm.add_args('-cpu', 'max,x-rme=3Don,pauth-impdef=3Don')
+        efi =3D join(rme_stack, 'out', 'EFI')
+        os.mkdir(efi)
+        shutil.copyfile(join(rme_stack, 'out', 'Image'), join(efi, 'Image'=
))
+        with open(join(efi, 'startup.nsh'), 'w') as startup:
+            startup.write('fs0:Image nokaslr root=3D/dev/vda rw init=3D/in=
it --'
+                          ' /host/out/lkvm run --realm'
+                          ' -m 256m'
+                          ' --restricted_mem'
+                          ' --kernel /host/out/Image'
+                          ' --disk /host/out/guest.ext4'
+                          ' --params "root=3D/dev/vda rw init=3D/init"')
+
+        self.vm.add_args('-cpu', 'max,x-rme=3Don')
+        self.vm.add_args('-smp', '2')
         self.vm.add_args('-m', '2G')
         self.vm.add_args('-M', 'sbsa-ref')
         self.vm.add_args('-drive', f'file=3D{pflash0},format=3Draw,if=3Dpf=
lash')
         self.vm.add_args('-drive', f'file=3D{pflash1},format=3Draw,if=3Dpf=
lash')
-        self.vm.add_args('-drive', f'file=3Dfat:rw:{virtual},format=3Draw')
-        self.vm.add_args('-drive', f'format=3Draw,if=3Dnone,file=3D{drive}=
,id=3Dhd0')
-        self.vm.add_args('-device', 'virtio-blk-pci,drive=3Dhd0')
-        self.vm.add_args('-device', 'virtio-9p-pci,fsdev=3Dshr0,mount_tag=
=3Dshr0')
-        self.vm.add_args('-fsdev', f'local,security_model=3Dnone,path=3D{r=
me_stack},id=3Dshr0')
-        self.vm.add_args('-device', 'virtio-net-pci,netdev=3Dnet0')
-        self.vm.add_args('-netdev', 'user,id=3Dnet0')
-
+        self.vm.add_args('-drive', f'file=3Dfat:rw:{efi},format=3Draw')
+        self.vm.add_args('-drive', f'format=3Draw,file=3D{rootfs},if=3Dvir=
tio')
+        self.vm.add_args('-virtfs',
+                         f'local,path=3D{rme_stack}/,mount_tag=3Dhost,'
+                         'security_model=3Dmapped,readonly=3Doff')
         self.vm.launch()
-        # Wait for host VM boot to complete.
-        wait_for_console_pattern(self, 'Welcome to Buildroot',
-                                 failure_message=3D'Synchronous Exception =
at')
-        exec_command_and_wait_for_pattern(self, 'root', '#')
-
-        test_realms_guest(self)
+        # Wait for host and guest VM boot to complete.
+        wait_for_console_pattern(self, 'root@guest',
+                                 failure_message=3D'Kernel panic')
=20
 if __name__ =3D=3D '__main__':
     QemuSystemTest.main()
diff --git a/tests/functional/test_aarch64_rme_virt.py b/tests/functional/t=
est_aarch64_rme_virt.py
index 8452d27928..bb603aaa26 100755
--- a/tests/functional/test_aarch64_rme_virt.py
+++ b/tests/functional/test_aarch64_rme_virt.py
@@ -9,50 +9,22 @@
 #
 # SPDX-License-Identifier: GPL-2.0-or-later
=20
-import os
+from os.path import join
=20
 from qemu_test import QemuSystemTest, Asset
 from qemu_test import exec_command, wait_for_console_pattern
 from qemu_test import exec_command_and_wait_for_pattern
=20
-def test_realms_guest(test_rme_instance):
-
-    # Boot the (nested) guest VM
-    exec_command(test_rme_instance,
-                 'qemu-system-aarch64 -M virt,gic-version=3D3 '
-                 '-cpu host -enable-kvm -m 512M '
-                 '-M confidential-guest-support=3Drme0 '
-                 '-object rme-guest,id=3Drme0 '
-                 '-device virtio-net-pci,netdev=3Dnet0,romfile=3D '
-                 '-netdev user,id=3Dnet0 '
-                 '-kernel /mnt/out/bin/Image '
-                 '-initrd /mnt/out-br/images/rootfs.cpio '
-                 '-serial stdio')
-    # Detect Realm activation during (nested) guest boot.
-    wait_for_console_pattern(test_rme_instance,
-                             'SMC_RMI_REALM_ACTIVATE')
-    # Wait for (nested) guest boot to complete.
-    wait_for_console_pattern(test_rme_instance,
-                             'Welcome to Buildroot')
-    exec_command_and_wait_for_pattern(test_rme_instance, 'root', '#')
-    # query (nested) guest cca report
-    exec_command(test_rme_instance, 'cca-workload-attestation report')
-    wait_for_console_pattern(test_rme_instance,
-                             '"cca-platform-hash-algo-id": "sha-256"')
-    wait_for_console_pattern(test_rme_instance,
-                             '"cca-realm-hash-algo-id": "sha-512"')
-    wait_for_console_pattern(test_rme_instance,
-                             '"cca-realm-public-key-hash-algo-id": "sha-25=
6"')
-
 class Aarch64RMEVirtMachine(QemuSystemTest):
=20
-    # Stack is built with OP-TEE build environment from those instructions:
+    # Stack is inspired from:
     # https://linaro.atlassian.net/wiki/spaces/QEMU/pages/29051027459/
-    # https://github.com/pbo-linaro/qemu-rme-stack
+    # https://github.com/pbo-linaro/qemu-linux-stack/tree/rme_release
+    # ./build.sh && ./archive_artifacts.sh out.tar.xz
     ASSET_RME_STACK_VIRT =3D Asset(
-        ('https://fileserver.linaro.org/s/iaRsNDJp2CXHMSJ/'
-         'download/rme-stack-op-tee-4.2.0-cca-v4-qemu_v8.tar.gz'),
-         '1851adc232b094384d8b879b9a2cfff07ef3d6205032b85e9b3a4a9ae6b0b7ad=
')
+        ('https://github.com/pbo-linaro/qemu-linux-stack/'
+         'releases/download/build/rme_release-86101e5.tar.xz'),
+         'e42fef8439badb52a071ac446fc33cff4cb7d61314c7a28fdbe61a11e1faad3a=
')
=20
     # This tests the FEAT_RME cpu implementation, by booting a VM supporti=
ng it,
     # and launching a nested VM using it.
@@ -63,15 +35,16 @@ def test_aarch64_rme_virt(self):
=20
         self.vm.set_console()
=20
-        stack_path_tar_gz =3D self.ASSET_RME_STACK_VIRT.fetch()
-        self.archive_extract(stack_path_tar_gz, format=3D"tar")
+        stack_path_tar =3D self.ASSET_RME_STACK_VIRT.fetch()
+        self.archive_extract(stack_path_tar, format=3D"tar")
=20
-        rme_stack =3D self.scratch_file('rme-stack-op-tee-4.2.0-cca-v4-qem=
u_v8')
-        kernel =3D os.path.join(rme_stack, 'out', 'bin', 'Image')
-        bios =3D os.path.join(rme_stack, 'out', 'bin', 'flash.bin')
-        drive =3D os.path.join(rme_stack, 'out-br', 'images', 'rootfs.ext4=
')
+        rme_stack =3D self.scratch_file('.')
+        kernel =3D join(rme_stack, 'out', 'Image')
+        bios =3D join(rme_stack, 'out', 'flash.bin')
+        rootfs =3D join(rme_stack, 'out', 'host.ext4')
=20
-        self.vm.add_args('-cpu', 'max,x-rme=3Don,pauth-impdef=3Don')
+        self.vm.add_args('-cpu', 'max,x-rme=3Don')
+        self.vm.add_args('-smp', '2')
         self.vm.add_args('-m', '2G')
         self.vm.add_args('-M', 'virt,acpi=3Doff,'
                          'virtualization=3Don,'
@@ -79,23 +52,25 @@ def test_aarch64_rme_virt(self):
                          'gic-version=3D3')
         self.vm.add_args('-bios', bios)
         self.vm.add_args('-kernel', kernel)
-        self.vm.add_args('-drive', f'format=3Draw,if=3Dnone,file=3D{drive}=
,id=3Dhd0')
-        self.vm.add_args('-device', 'virtio-blk-pci,drive=3Dhd0')
-        self.vm.add_args('-device', 'virtio-9p-device,fsdev=3Dshr0,mount_t=
ag=3Dshr0')
-        self.vm.add_args('-fsdev', f'local,security_model=3Dnone,path=3D{r=
me_stack},id=3Dshr0')
-        self.vm.add_args('-device', 'virtio-net-pci,netdev=3Dnet0')
-        self.vm.add_args('-netdev', 'user,id=3Dnet0')
+        self.vm.add_args('-drive', f'format=3Draw,file=3D{rootfs},if=3Dvir=
tio')
+        self.vm.add_args('-virtfs',
+                         f'local,path=3D{rme_stack}/,mount_tag=3Dhost,'
+                         'security_model=3Dmapped,readonly=3Doff')
         # We need to add nokaslr to avoid triggering this sporadic bug:
         # https://gitlab.com/qemu-project/qemu/-/issues/2823
-        self.vm.add_args('-append', 'root=3D/dev/vda nokaslr')
+        self.vm.add_args('-append',
+                         'nokaslr root=3D/dev/vda rw init=3D/init --'
+                         ' /host/out/lkvm run --realm'
+                         ' -m 256m'
+                         ' --restricted_mem'
+                         ' --kernel /host/out/Image'
+                         ' --disk /host/out/guest.ext4'
+                         ' --params "root=3D/dev/vda rw init=3D/init"')
=20
         self.vm.launch()
-        # Wait for host VM boot to complete.
-        wait_for_console_pattern(self, 'Welcome to Buildroot',
-                                 failure_message=3D'Synchronous Exception =
at')
-        exec_command_and_wait_for_pattern(self, 'root', '#')
-
-        test_realms_guest(self)
+        # Wait for host and guest VM boot to complete.
+        wait_for_console_pattern(self, 'root@guest',
+                                 failure_message=3D'Kernel panic')
=20
 if __name__ =3D=3D '__main__':
     QemuSystemTest.main()
--=20
2.43.0