" dea-key-wrap=on|off controls support for DEA key wrapping (default=on)\n"
" suppress-vmdesc=on|off disables self-describing migration (default=off)\n"
" nvdimm=on|off controls NVDIMM support (default=off)\n"
- " enforce-config-section=on|off enforce configuration section migration (default=off)\n"
" memory-encryption=@var{} memory encryption object to use (default=none)\n"
" hmat=on|off controls ACPI HMAT support (default=off)\n",
QEMU_ARCH_ALL)
``nvdimm=on|off``
Enables or disables NVDIMM support. The default is off.
- ``enforce-config-section=on|off``
- If ``enforce-config-section`` is set to on, force migration code
- to send configuration section even if the machine-type sets the
- ``migration.send-configuration`` property to off. NOTE: this
- parameter is deprecated. Please use ``-global``
- ``migration.send-configuration``\ =on\|off instead.
-
``memory-encryption=``
Memory encryption object to use. The default is none.
.. parsed-literal::
- |qemu_system| \
- -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \
- -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \
+ |qemu_system| \\
+ -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \\
+ -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \\
-drive file=/dev/fdset/2,index=0,media=disk
ERST
The path to the image file in the local filesystem
``aio``
- Specifies the AIO backend (threads/native, default: threads)
+ Specifies the AIO backend (threads/native/io_uring,
+ default: threads)
``locking``
Specifies whether the image file is protected with Linux OFD
"-drive [file=file][,if=type][,bus=n][,unit=m][,media=d][,index=i]\n"
" [,cache=writethrough|writeback|none|directsync|unsafe][,format=f]\n"
" [,snapshot=on|off][,rerror=ignore|stop|report]\n"
- " [,werror=ignore|stop|report|enospc][,id=name][,aio=threads|native]\n"
+ " [,werror=ignore|stop|report|enospc][,id=name]\n"
+ " [,aio=threads|native|io_uring]\n"
" [,readonly=on|off][,copy-on-read=on|off]\n"
" [,discard=ignore|unmap][,detect-zeroes=on|off|unmap]\n"
" [[,bps=b]|[[,bps_rd=r][,bps_wr=w]]]\n"
The default mode is ``cache=writeback``.
``aio=aio``
- aio is "threads", or "native" and selects between pthread based
- disk I/O and native Linux AIO.
+ aio is "threads", "native", or "io_uring" and selects between pthread
+ based disk I/O, native Linux AIO, or Linux io_uring API.
``format=format``
Specify which disk format will be used rather than detecting the
.. parsed-literal::
- |qemu_system| \
- -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \
- -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \
+ |qemu_system| \\
+ -add-fd fd=3,set=2,opaque="rdwr:/path/to/file" \\
+ -add-fd fd=4,set=2,opaque="rdonly:/path/to/file" \\
-drive file=/dev/fdset/2,index=0,media=disk
You can connect a CDROM to the slave of ide0:
" [,sku=str]\n"
" specify SMBIOS type 3 fields\n"
"-smbios type=4[,sock_pfx=str][,manufacturer=str][,version=str][,serial=str]\n"
- " [,asset=str][,part=str]\n"
+ " [,asset=str][,part=str][,max-speed=%d][,current-speed=%d]\n"
" specify SMBIOS type 4 fields\n"
+ "-smbios type=11[,value=str][,path=filename]\n"
+ " specify SMBIOS type 11 fields\n"
"-smbios type=17[,loc_pfx=str][,bank=str][,manufacturer=str][,serial=str]\n"
" [,asset=str][,part=str][,speed=%d]\n"
" specify SMBIOS type 17 fields\n",
``-smbios type=4[,sock_pfx=str][,manufacturer=str][,version=str][,serial=str][,asset=str][,part=str]``
Specify SMBIOS type 4 fields
+``-smbios type=11[,value=str][,path=filename]``
+ Specify SMBIOS type 11 fields
+
+ This argument can be repeated multiple times, and values are added in the order they are parsed.
+ Applications intending to use OEM strings data are encouraged to use their application name as
+ a prefix for the value string. This facilitates passing information for multiple applications
+ concurrently.
+
+ The ``value=str`` syntax provides the string data inline, while the ``path=filename`` syntax
+ loads data from a file on disk. Note that the file is not permitted to contain any NUL bytes.
+
+ Both the ``value`` and ``path`` options can be repeated multiple times and will be added to
+ the SMBIOS table in the order in which they appear.
+
+ Note that on the x86 architecture, the total size of all SMBIOS tables is limited to 65535
+ bytes. Thus the OEM strings data is not suitable for passing large amounts of data into the
+ guest. Instead it should be used as a indicator to inform the guest where to locate the real
+ data set, for example, by specifying the serial ID of a block device.
+
+ An example passing three strings is
+
+ .. parsed-literal::
+
+ -smbios type=11,value=cloud-init:ds=nocloud-net;s=http://10.10.0.1:8000/,\\
+ value=anaconda:method=http://dl.fedoraproject.org/pub/fedora/linux/releases/25/x86_64/os,\\
+ path=/some/file/with/oemstringsdata.txt
+
+ In the guest OS this is visible with the ``dmidecode`` command
+
+ .. parsed-literal::
+
+ $ dmidecode -t 11
+ Handle 0x0E00, DMI type 11, 5 bytes
+ OEM Strings
+ String 1: cloud-init:ds=nocloud-net;s=http://10.10.0.1:8000/
+ String 2: anaconda:method=http://dl.fedoraproject.org/pub/fedora/linux/releases/25/x86_64/os
+ String 3: myapp:some extra data
+
+
``-smbios type=17[,loc_pfx=str][,bank=str][,manufacturer=str][,serial=str][,asset=str][,part=str][,speed=%d]``
Specify SMBIOS type 17 fields
ERST
.. parsed-literal::
- |qemu_system| -hda linux.img -boot n -device e1000,netdev=n1 \
+ |qemu_system| -hda linux.img -boot n -device e1000,netdev=n1 \\
-netdev user,id=n1,tftp=/path/to/tftp/files,bootfile=/pxelinux.0
``smb=dir[,smbserver=addr]``
disable script execution.
If running QEMU as an unprivileged user, use the network helper
- helper to configure the TAP interface and attach it to the bridge.
+ to configure the TAP interface and attach it to the bridge.
The default network helper executable is
``/path/to/qemu-bridge-helper`` and the default bridge device is
``br0``.
#launch a QEMU instance with two NICs, each one connected
#to a TAP device
- |qemu_system| linux.img \
- -netdev tap,id=nd0,ifname=tap0 -device e1000,netdev=nd0 \
+ |qemu_system| linux.img \\
+ -netdev tap,id=nd0,ifname=tap0 -device e1000,netdev=nd0 \\
-netdev tap,id=nd1,ifname=tap1 -device rtl8139,netdev=nd1
.. parsed-literal::
#launch a QEMU instance with the default network helper to
#connect a TAP device to bridge br0
- |qemu_system| linux.img -device virtio-net-pci,netdev=n1 \
+ |qemu_system| linux.img -device virtio-net-pci,netdev=n1 \\
-netdev tap,id=n1,"helper=/path/to/qemu-bridge-helper"
``-netdev bridge,id=id[,br=bridge][,helper=helper]``
.. parsed-literal::
# launch a first QEMU instance
- |qemu_system| linux.img \
- -device e1000,netdev=n1,mac=52:54:00:12:34:56 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n1,mac=52:54:00:12:34:56 \\
-netdev socket,id=n1,listen=:1234
# connect the network of this instance to the network of the first instance
- |qemu_system| linux.img \
- -device e1000,netdev=n2,mac=52:54:00:12:34:57 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n2,mac=52:54:00:12:34:57 \\
-netdev socket,id=n2,connect=127.0.0.1:1234
``-netdev socket,id=id[,fd=h][,mcast=maddr:port[,localaddr=addr]]``
.. parsed-literal::
# launch one QEMU instance
- |qemu_system| linux.img \
- -device e1000,netdev=n1,mac=52:54:00:12:34:56 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n1,mac=52:54:00:12:34:56 \\
-netdev socket,id=n1,mcast=230.0.0.1:1234
# launch another QEMU instance on same "bus"
- |qemu_system| linux.img \
- -device e1000,netdev=n2,mac=52:54:00:12:34:57 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n2,mac=52:54:00:12:34:57 \\
-netdev socket,id=n2,mcast=230.0.0.1:1234
# launch yet another QEMU instance on same "bus"
- |qemu_system| linux.img \
- -device e1000,netdev=n3,mac=52:54:00:12:34:58 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n3,mac=52:54:00:12:34:58 \\
-netdev socket,id=n3,mcast=230.0.0.1:1234
Example (User Mode Linux compat.):
.. parsed-literal::
# launch QEMU instance (note mcast address selected is UML's default)
- |qemu_system| linux.img \
- -device e1000,netdev=n1,mac=52:54:00:12:34:56 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n1,mac=52:54:00:12:34:56 \\
-netdev socket,id=n1,mcast=239.192.168.1:1102
# launch UML
/path/to/linux ubd0=/path/to/root_fs eth0=mcast
.. parsed-literal::
- |qemu_system| linux.img \
- -device e1000,netdev=n1,mac=52:54:00:12:34:56 \
+ |qemu_system| linux.img \\
+ -device e1000,netdev=n1,mac=52:54:00:12:34:56 \\
-netdev socket,id=n1,mcast=239.192.168.1:1102,localaddr=1.2.3.4
``-netdev l2tpv3,id=id,src=srcaddr,dst=dstaddr[,srcport=srcport][,dstport=dstport],txsession=txsession[,rxsession=rxsession][,ipv6][,udp][,cookie64][,counter][,pincounter][,txcookie=txcookie][,rxcookie=rxcookie][,offset=offset]``
# Setup tunnel on linux host using raw ip as encapsulation
# on 1.2.3.4
- ip l2tp add tunnel remote 4.3.2.1 local 1.2.3.4 tunnel_id 1 peer_tunnel_id 1 \
+ ip l2tp add tunnel remote 4.3.2.1 local 1.2.3.4 tunnel_id 1 peer_tunnel_id 1 \\
encap udp udp_sport 16384 udp_dport 16384
- ip l2tp add session tunnel_id 1 name vmtunnel0 session_id \
+ ip l2tp add session tunnel_id 1 name vmtunnel0 session_id \\
0xFFFFFFFF peer_session_id 0xFFFFFFFF
ifconfig vmtunnel0 mtu 1500
ifconfig vmtunnel0 up
# on 4.3.2.1
# launch QEMU instance - if your network has reorder or is very lossy add ,pincounter
- |qemu_system| linux.img -device e1000,netdev=n1 \
+ |qemu_system| linux.img -device e1000,netdev=n1 \\
-netdev l2tpv3,id=n1,src=4.2.3.1,dst=1.2.3.4,udp,srcport=16384,dstport=16384,rxsession=0xffffffff,txsession=0xffffffff,counter
``-netdev vde,id=id[,sock=socketpath][,port=n][,group=groupname][,mode=octalmode]``
Enable FIPS 140-2 compliance mode.
ERST
-HXCOMM Deprecated by -accel tcg
-DEF("no-kvm", 0, QEMU_OPTION_no_kvm, "", QEMU_ARCH_I386)
-
DEF("msg", HAS_ARG, QEMU_OPTION_msg,
"-msg [timestamp[=on|off]][,guest-name=[on|off]]\n"
" control error message format\n"
.. parsed-literal::
- # |qemu_system| \
- -object tls-cipher-suites,id=mysuite0,priority=@SYSTEM \
+ # |qemu_system| \\
+ -object tls-cipher-suites,id=mysuite0,priority=@SYSTEM \\
-fw_cfg name=etc/edk2/https/ciphers,gen_id=mysuite0
``-object filter-buffer,id=id,netdev=netdevid,interval=t[,queue=all|rx|tx][,status=on|off][,position=head|tail|id=<id>][,insert=behind|before]``
.. parsed-literal::
- # |qemu_system| \
- [...] \
- -object cryptodev-backend-builtin,id=cryptodev0 \
- -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
+ # |qemu_system| \\
+ [...] \\
+ -object cryptodev-backend-builtin,id=cryptodev0 \\
+ -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \\
[...]
``-object cryptodev-vhost-user,id=id,chardev=chardevid[,queues=queues]``
.. parsed-literal::
- # |qemu_system| \
- [...] \
- -chardev socket,id=chardev0,path=/path/to/socket \
- -object cryptodev-vhost-user,id=cryptodev0,chardev=chardev0 \
- -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \
+ # |qemu_system| \\
+ [...] \\
+ -chardev socket,id=chardev0,path=/path/to/socket \\
+ -object cryptodev-vhost-user,id=cryptodev0,chardev=chardev0 \\
+ -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 \\
[...]
``-object secret,id=id,data=string,format=raw|base64[,keyid=secretid,iv=string]``
.. parsed-literal::
- # |qemu_system| \
- -object secret,id=secmaster0,format=base64,file=key.b64 \
- -object secret,id=sec0,keyid=secmaster0,format=base64,\
+ # |qemu_system| \\
+ -object secret,id=secmaster0,format=base64,file=key.b64 \\
+ -object secret,id=sec0,keyid=secmaster0,format=base64,\\
data=$SECRET,iv=$(<iv.b64)
``-object sev-guest,id=id,cbitpos=cbitpos,reduced-phys-bits=val,[sev-device=string,policy=policy,handle=handle,dh-cert-file=file,session-file=file]``
.. parsed-literal::
- # |qemu_system_x86| \
- ......
- -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 \
- -machine ...,memory-encryption=sev0
+ # |qemu_system_x86| \\
+ ...... \\
+ -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 \\
+ -machine ...,memory-encryption=sev0 \\
.....
``-object authz-simple,id=id,identity=string``
.. parsed-literal::
- # |qemu_system| \
- ...
- -object 'authz-simple,id=auth0,identity=CN=laptop.example.com,,O=Example Org,,L=London,,ST=London,,C=GB' \
+ # |qemu_system| \\
+ ... \\
+ -object 'authz-simple,id=auth0,identity=CN=laptop.example.com,,O=Example Org,,L=London,,ST=London,,C=GB' \\
...
Note the use of quotes due to the x509 distinguished name
.. parsed-literal::
- # |qemu_system| \
- ...
- -object authz-simple,id=auth0,filename=/etc/qemu/vnc-sasl.acl,refresh=yes
+ # |qemu_system| \\
+ ... \\
+ -object authz-simple,id=auth0,filename=/etc/qemu/vnc-sasl.acl,refresh=yes \\
...
``-object authz-pam,id=id,service=string``
.. parsed-literal::
- # |qemu_system| \
- ...
- -object authz-pam,id=auth0,service=qemu-vnc
+ # |qemu_system| \\
+ ... \\
+ -object authz-pam,id=auth0,service=qemu-vnc \\
...
There would then be a corresponding config file for PAM at