X-Git-Url: https://git.proxmox.com/?p=pve-docs.git;a=blobdiff_plain;f=qm.adoc;h=0d453c8bc5c94356b84f768b06e6c32802b3d74e;hp=974becf90e6efcdfa8f5b017c90c6af7d09469b4;hb=6e4c46c4cb08bcd49c4384c2b0817923b1d63585;hpb=2975cb7a5d6a355bbbdd0d1e48a29fe6879773aa

diff --git a/qm.adoc b/qm.adoc
index 974becf..0d453c8 100644
--- a/qm.adoc
+++ b/qm.adoc
@@ -199,6 +199,11 @@ when the filesystem of a VM marks blocks as unused after removing files, the
 emulated SCSI controller will relay this information to the storage, which will
 then shrink the disk image accordingly.
 
+If you would like a drive to be presented to the guest as a solid-state drive
+rather than a rotational hard disk, you can set the *SSD emulation* option on
+that drive. There is no requirement that the underlying storage actually be
+backed by SSDs; this feature can be used with physical media of any type.
+
 .IO Thread
 The option *IO Thread* can only be used when using a disk with the
 *VirtIO* controller, or with the *SCSI* controller, when the emulated controller
@@ -335,7 +340,7 @@ To check if the {pve} host is vulnerable, execute the following command as root:
 for f in /sys/devices/system/cpu/vulnerabilities/*; do echo "${f##*/} -" $(cat "$f"); done
 ----
 
-A community script is also avalaible to detect is the host is still vulnerable.
+A community script is also available to detect is the host is still vulnerable.
 footnote:[spectre-meltdown-checker https://meltdown.ovh/]
 
 Intel processors
@@ -343,7 +348,7 @@ Intel processors
 
 * 'pcid'
 +
-This reduce the performance impact of the Meltdown (CVE-2017-5754) mitigation 
+This reduces the performance impact of the Meltdown (CVE-2017-5754) mitigation
 called 'Kernel Page-Table Isolation (KPTI)', which effectively hides
 the Kernel memory from the user space. Without PCID, KPTI is quite an expensive
 mechanism footnote:[PCID is now a critical performance/security feature on x86
@@ -359,17 +364,17 @@ If this does not return empty your host's CPU has support for 'pcid'.
 
 * 'spec-ctrl'
 +
-Required to enable the Spectre v1 (CVE-2017-5753) and Spectre v2 (CVE-2017-5715) fix, 
-in cases where retpolines are not sufficient. 
-Included by default in Intel CPU models with -IBRS suffix. 
-Must be explicitly turned on for Intel CPU models without -IBRS suffix. 
-Requires the host CPU microcode (intel-microcode >= 20180425).
+Required to enable the Spectre v1 (CVE-2017-5753) and Spectre v2 (CVE-2017-5715) fix,
+in cases where retpolines are not sufficient.
+Included by default in Intel CPU models with -IBRS suffix.
+Must be explicitly turned on for Intel CPU models without -IBRS suffix.
+Requires an updated host CPU microcode (intel-microcode >= 20180425).
 +
 * 'ssbd'
 +
-Required to enable the Spectre V4 (CVE-2018-3639) fix. Not included by default in any Intel CPU model. 
-Must be explicitly turned on for all Intel CPU models. 
-Requires the host CPU microcode(intel-microcode >= 20180703).
+Required to enable the Spectre V4 (CVE-2018-3639) fix. Not included by default in any Intel CPU model.
+Must be explicitly turned on for all Intel CPU models.
+Requires an updated host CPU microcode(intel-microcode >= 20180703).
 
 
 AMD processors
@@ -377,10 +382,10 @@ AMD processors
 
 * 'ibpb'
 +
-Required to enable the Spectre v1 (CVE-2017-5753) and Spectre v2 (CVE-2017-5715) fix, 
-in cases where retpolines are not sufficient. 
-Included by default in AMD CPU models with -IBPB suffix. 
-Must be explicitly turned on for AMD CPU models without -IBPB suffix. 
+Required to enable the Spectre v1 (CVE-2017-5753) and Spectre v2 (CVE-2017-5715) fix,
+in cases where retpolines are not sufficient.
+Included by default in AMD CPU models with -IBPB suffix.
+Must be explicitly turned on for AMD CPU models without -IBPB suffix.
 Requires the host CPU microcode to support this feature before it can be used for guest CPUs.
 
 
@@ -388,27 +393,27 @@ Requires the host CPU microcode to support this feature before it can be used fo
 * 'virt-ssbd'
 +
 Required to enable the Spectre v4 (CVE-2018-3639) fix.
-Not included by default in any AMD CPU model. 
-Must be explicitly turned on for all AMD CPU models. 
-This should be provided to guests, even if amd-ssbd is also provided, for maximum guest compatibility. 
-Note for some QEMU / libvirt versions, this must be force enabled when when using "Host model", 
-because this is a virtual feature that doesn’t exist in the physical host CPUs.
+Not included by default in any AMD CPU model.
+Must be explicitly turned on for all AMD CPU models.
+This should be provided to guests, even if amd-ssbd is also provided, for maximum guest compatibility.
+Note that this must be explicitly enabled when when using the "host" cpu model,
+because this is a virtual feature which does not exist in the physical CPUs.
 
 
 * 'amd-ssbd'
 +
-Required to enable the Spectre v4 (CVE-2018-3639) fix. 
-Not included by default in any AMD CPU model. Must be explicitly turned on for all AMD CPU models. 
-This provides higher performance than virt-ssbd so should be exposed to guests whenever available in the host. 
+Required to enable the Spectre v4 (CVE-2018-3639) fix.
+Not included by default in any AMD CPU model. Must be explicitly turned on for all AMD CPU models.
+This provides higher performance than virt-ssbd, therefore a host supporting this should always expose this to guests if possible.
 virt-ssbd should none the less also be exposed for maximum guest compatibility as some kernels only know about virt-ssbd.
 
 
 * 'amd-no-ssb'
 +
 Recommended to indicate the host is not vulnerable to Spectre V4 (CVE-2018-3639).
-Not included by default in any AMD CPU model. 
-Future hardware generations of CPU will not be vulnerable to CVE-2018-3639, 
-and thus the guest should be told not to enable its mitigations, by exposing amd-no-ssb. 
+Not included by default in any AMD CPU model.
+Future hardware generations of CPU will not be vulnerable to CVE-2018-3639,
+and thus the guest should be told not to enable its mitigations, by exposing amd-no-ssb.
 This is mutually exclusive with virt-ssbd and amd-ssbd.
 
 
@@ -590,6 +595,39 @@ traffic increases. We recommend to set this option only when the VM has to
 process a great number of incoming connections, such as when the VM is running
 as a router, reverse proxy or a busy HTTP server doing long polling.
 
+[[qm_display]]
+Display
+~~~~~~~
+
+QEMU can virtualize a few types of VGA hardware. Some examples are:
+
+* *std*, the default, emulates a card with Bochs VBE extensions.
+* *cirrus*, this was once the default, it emulates a very old hardware module
+with all its problems. This display type should only be used if really
+necessary footnote:[https://www.kraxel.org/blog/2014/10/qemu-using-cirrus-considered-harmful/
+qemu: using cirrus considered harmful], e.g., if using Windows XP or earlier
+* *vmware*, is a VMWare SVGA-II compatible adapter.
+* *qxl*, is the QXL paravirtualized graphics card. Selecting this also
+enables SPICE for the VM.
+
+You can edit the amount of memory given to the virtual GPU, by setting
+the 'memory' option. This can enable higher resolutions inside the VM,
+especially with SPICE/QXL.
+
+As the memory is reserved by display device, selecting Multi-Monitor mode
+for SPICE (e.g., `qxl2` for dual monitors) has some implications:
+
+* Windows needs a device for each monitor, so if your 'ostype' is some
+version of Windows, {pve} gives the VM an extra device per monitor.
+Each device gets the specified amount of memory.
+
+* Linux VMs, can always enable more virtual monitors, but selecting
+a Multi-Monitor mode multiplies the memory given to the device with
+the number of monitors.
+
+Selecting `serialX` as display 'type' disables the VGA output, and redirects
+the Web Console to the selected serial port. A configured display 'memory'
+setting will be ignored in that case.
 
 [[qm_usb_passthrough]]
 USB Passthrough
@@ -845,7 +883,7 @@ clone and modify that.
 VM Generation ID
 ----------------
 
-{pve} supports Virtual Machine Generation ID ('vmgedid') footnote:[Official
+{pve} supports Virtual Machine Generation ID ('vmgenid') footnote:[Official
 'vmgenid' Specification
 https://docs.microsoft.com/en-us/windows/desktop/hyperv_v2/virtual-machine-generation-identifier]
 for virtual machines.
@@ -919,13 +957,13 @@ Step-by-step example of a Windows OVF import
 
 Microsoft provides
 https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/[Virtual Machines downloads]
- to get started with Windows development.We are going to use one of these 
+ to get started with Windows development.We are going to use one of these
 to demonstrate the OVF import feature.
 
 Download the Virtual Machine zip
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-After getting informed about the user agreement, choose the _Windows 10 
+After getting informed about the user agreement, choose the _Windows 10
 Enterprise (Evaluation - Build)_ for the VMware platform, and download the zip.
 
 Extract the disk image from the zip
@@ -948,7 +986,7 @@ The VM is ready to be started.
 Adding an external disk image to a Virtual Machine
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-You can also add an existing disk image to a VM, either coming from a 
+You can also add an existing disk image to a VM, either coming from a
 foreign hypervisor, or one that you created yourself.
 
 Suppose you created a Debian/Ubuntu disk image with the 'vmdebootstrap' tool:
@@ -983,6 +1021,9 @@ ifndef::wiki[]
 include::qm-cloud-init.adoc[]
 endif::wiki[]
 
+ifndef::wiki[]
+include::qm-pci-passthrough.adoc[]
+endif::wiki[]
 
 
 Managing Virtual Machines with `qm`