|
|
| (7 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| [[Category:Techniques]] | | [[Computing]]: [[Emulators]]: [[Qemu]] |
| [[Techniques]]: Software: Emuators: [[Qemu]] | | |
| [http://qemu.org/ QEMU] is an open source processor emulator. It | | [[Qemu]] is an open source processor emulator. It emulates a variety of different [http://qemu.org/status.html CPUs and systems], and achieves good speed by using dynamic translation. |
| emulates a variety of different [http://qemu.org/status.html CPUs and | | ==Reference== |
| systems], and achieves good speed by using dynamic translation. | | * [http://qemu.org/ official homepage] |
| ==Some Quick Notes== | | * {{wikipedia|QEMU}} |
| *Creating the disk image: qemu-img create win98hd.img 2G qemu -hda | | |
| win98hd.img -cdrom win98.iso -boot d
| | ==Articles== |
| For linux host systems, there is a loadable kernel module (called
| | *[[Qemu on Linux]]: setting up and using Qemu under Linux |
| kqemu) that will allow qemu to run at near native speeds. At the time
| | *[[Win98 in Qemu]]: installing and running [[Windows 98]] inside Qemu |
| of this writing, there aren't distributed packages available with the
| |
| module built, so you'll need to download the source from the website
| |
| and compile it locally.
| |
| First download the
| |
| [http://fabrice.bellard.free.fr/qemu/qemu-0.7.0.tar.gz qemu source] and | |
| [[untar]] it. Then download the
| |
| [http://fabrice.bellard.free.fr/qemu/kqemu-0.6.2-1.tar.gz kqemu source]
| |
| and [[untar]] it within the qemu source directory. Then run ./configure
| |
| && make && sudo make install. You might also want to
| |
| install the vgabios package from your package manager.
| |
| If you're wanting to run [[Windows 98]] under qemu, this option is moot
| |
| because kqemu and Win98 don't get along.
| |
| ==Documentation==
| |
| ===NAME===
| |
| [[qemu]] - QEMU System Emulator ===SYNOPSIS===
| |
| usage: [[qemu]] [options] [disk_image] ===DESCRIPTION===
| |
| The QEMU System emulator simulates a complete PC. In order to meet
| |
| specific user needs, two versions of QEMU are available: #"qemu-fast"
| |
| uses the host Memory Management Unit (MMU) to simulate the x86 MMU. It
| |
| is fast but has limitations because the whole 4 GB address space cannot
| |
| be used and some memory mapped peripherials cannot be emulated
| |
| accurately yet. Therefore, a specific guest Linux kernel can be used
| |
| Moreover there is no separation between the host and target address
| |
| spaces, so it offers no security (the target OS can modify the
| |
| "qemu-fast" code by writing at the right addresses). #"qemu" uses a
| |
| software MMU. It is about two times slower but gives a more accurate
| |
| emulation and a complete separation between the host and target address
| |
| spaces. QEMU emulates the following PC peripherials: *i440FX host PCI
| |
| bridge and PIIX3 PCI to ISA bridge *Cirrus CLGD 5446 PCI VGA card or
| |
| dummy VGA card with Bochs VESA extensions (hardware level, including
| |
| all non-standard modes). *PS/2 mouse and keyboard *2 PCI IDE interfaces
| |
| with hard disk and CD-ROM support *Floppy disk *NE2000 PCI network
| |
| adapters *Serial ports *Soundblaster 16 card QEMU uses the PC BIOS from
| |
| the [[Bochs]] project and the Plex86/Bochs LGPL VGA BIOS. ===OPTIONS===
| |
| *''disk_image'' is a raw hard disk image for IDE hard disk 0.
| |
| ====General options==== | |
| *'''-fda''' ''file'' | |
| *'''-fdb''' ''file''
| |
| :Use file as floppy disk 0/1 image You can use the host floppy by using
| |
| /dev/fd0 as filename. *'''-hda''' ''file''
| |
| *'''-hdb''' ''file''
| |
| *'''-hdc''' ''file''
| |
| *'''-hdd''' ''file''
| |
| :Use file as hard disk 0, 1, 2 or 3 image *'''-cdrom''' ''file''
| |
| :Use file as CD-ROM image (you cannot use -hdc and and -cdrom at the
| |
| same time). You can use the host CD-ROM by using /dev/cdrom as
| |
| filename. *'''-boot''' ['''a'''|'''c'''|'''d''']
| |
| :Boot on floppy (a), hard disk (c) or CD-ROM (d). Hard disk boot is the
| |
| default. *'''-snapshot'''
| |
| :Write to temporary files instead of disk image files. In this case,
| |
| the raw disk image you use is not written back. You can however force
| |
| the write back by pressing C-a s *'''-m''' ''megs''
| |
| :Set virtual RAM size to ''megs'' megabytes. Default is 128 MB.
| |
| *'''-nographic'''
| |
| :Normally, QEMU uses SDL to display the VGA output. With this option,
| |
| you can totally disable graphical output so that QEMU is a simple
| |
| command line application. The emulated serial port is redirected on the
| |
| console. Therefore, you can still use QEMU to debug a Linux kernel with
| |
| a serial console. *'''-enable-audio'''
| |
| :The SB16 emulation is disabled by default as it may give problems with
| |
| Windows. You can enable it manually with this option. *'''-localtime'''
| |
| :Set the real time clock to local time (the default is to UTC time).
| |
| This option is needed to have correct date in
| |
| MS-DOS or Windows. *'''-full-screen'''
| |
| :Start in full screen. ====Network options====
| |
| *'''-n''' ''script''
| |
| :Set TUN/TAP network init script [default=/etc/qemu-ifup]. This script
| |
| is launched to configure the host network interface (usually tun0)
| |
| corresponding to the virtual NE2000 card. *'''-macaddr''' ''addr''
| |
| :Set the mac address of the first interface (the format is | |
| aa:bb:cc:dd:ee:ff in hexa). The mac address is incremented for each new
| |
| network interface. *'''-tun-fd''' ''fd''
| |
| :Assumes ''fd'' talks to a tap/tun host network interface and use it.
| |
| Read <http://bellard.org/qemu/tetrinet.html> to have an example
| |
| of its use. *'''-user-net'''
| |
| :Use the user mode network stack. This is the default if no tun/tap
| |
| network init script is found. *'''-tftp''' ''prefix''
| |
| :When using the user mode network stack, activate a built-in TFTP
| |
| server. All filenames beginning with ''prefix'' can be downloaded from
| |
| the host to the guest using a TFTP client. The TFTP client on the guest
| |
| must be configured in binary mode (use the command "bin" of the Unix
| |
| TFTP client). The host IP address on the guest is as usual 10.0.2.2.
| |
| *'''-smb''' ''dir''
| |
| :When using the user mode network stack, activate a built-in SMB server
| |
| so that Windows OSes can access to the host files in ''dir''
| |
| transparently. :In the guest Windows OS, the line: 10.0.2.4 smbserver
| |
| :must be added in the file C:\WINDOWS\LMHOSTS (for windows 9x/Me) or
| |
| C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS (Windows NT/2000). Then dir can
| |
| be accessed in \\smbserver\qemu. :Note that a SAMBA server must be
| |
| installed on the host OS in /usr/sbin/smbd. QEMU was tested succesfully
| |
| with smbd version 2.2.7a from the Red Hat 9. *'''-redir'''
| |
| ['''tcp'''|'''udp''']''':'''''host-port''''':'''[''guest-host'']''':'''''guest-port'' | |
| :When using the user mode network stack, redirect incoming TCP or UDP
| |
| connections to the host port host-port to the guest guest-host on guest
| |
| port guest-port. If guest-host is not specified, its value is 10.0.2.15
| |
| (default address given by the built-in DHCP server). :For example, to
| |
| redirect host X11 connection from screen 1 to guest screen 0, use the
| |
| following: # on the host [[qemu]] -redir tcp:6001::6000 [...] # this
| |
| host xterm should open in the guest X11 server [[xterm]] -display :1
| |
| :To redirect telnet connections from host port 5555 to telnet port on
| |
| the guest, use the following: # on the host [[qemu]] -redir
| |
| tcp:5555::23 [...] [[telnet]] localhost 5555
| |
| :Then when you use on the host "telnet localhost 5555", you connect to
| |
| the guest telnet server. *'''-dummy-net'''
| |
| :Use the dummy network stack: no packet will be received by the network
| |
| cards. ====Linux boot specific====
| |
| When using these options, you can use a given Linux kernel without
| |
| installing it in the disk image. It can be useful for easier testing of | |
| various kernels. *'''-kernel''' ''bzImage''
| |
| :Use ''bzImage'' as kernel image. *'''-append''' ''cmdline''
| |
| :Use cmdline as kernel command line *'''-initrd''' ''file''
| |
| :Use ''file'' as initial ram disk. ====Debug/Expert options====
| |
| *'''-serial''' ''dev''
| |
| :Redirect the virtual serial port to host device ''dev''. Available
| |
| devices are: **"vc"
| |
| **:Virtual console **"pty"
| |
| **:[Linux only] Pseudo TTY (a new PTY is automatically allocated)
| |
| **"null"
| |
| **:void device **"stdio"
| |
| **:[Unix only] standard input/output :The default device is "vc" in
| |
| graphical mode and "stdio" in non graphical mode. :This option can be
| |
| used several times to simulate up to 4 serials ports. *'''-monitor'''
| |
| ''dev''
| |
| :Redirect the monitor to host device ''dev'' (same devices as the
| |
| serial port). The default device is "vc" in graphical mode and "stdio"
| |
| in non graphical mode. *'''-s'''
| |
| :Wait gdb connection to port 1234 *'''-p''' ''port''
| |
| :Change gdb connection port. *'''-S'''
| |
| :Do not start CPU at startup (you must type 'c' in the monitor).
| |
| *'''-d'''
| |
| :Output log in /tmp/qemu.log *'''-isa'''
| |
| :Simulate an ISA-only system (default is PCI system). *'''-std-vga'''
| |
| :Simulate a standard VGA card with Bochs VBE extensions (default is
| |
| Cirrus Logic GD5446 PCI VGA) *'''-loadvm''' ''file''
| |
| :Start right away with a saved state ("loadvm" in monitor) ====PowerPC
| |
| Options====
| |
| The following options are specific to the PowerPC emulation:
| |
| *'''-prep'''
| |
| :Simulate a PREP system (default is PowerMAC) *'''-g'''
| |
| ''W'''''x'''''H''['''x'''''DEPTH'']
| |
| :Set the initial VGA graphic mode. The default is 800x600x15.
| |
| ===Keys===
| |
| During the graphical emulation, you can use the following keys:
| |
| *'''Ctrl-Alt-f'''
| |
| *:Toggle full screen *'''Ctrl-Alt-'''''n''
| |
| *:Switch to virtual console 'n'. Standard console mappings are:
| |
| **'''1''' : Target system display **'''2''' : Monitor **'''3''' :Serial
| |
| port *'''Ctrl-Alt'''
| |
| *:Toggle mouse and keyboard grab. *In the virtual consoles, you can use
| |
| '''Ctrl-Up''', '''Ctrl-Down''', '''Ctrl-PageUp''' and
| |
| '''Ctrl-PageDown''' to move in the back log. *During emulation, if you
| |
| are using the -nographic option, use '''Ctrl-a h''' to get terminal
| |
| commands: **'''Ctrl-a h'''
| |
| **:Print this help **'''Ctrl-a x'''
| |
| **:Exit emulatior **'''Ctrl-a s'''
| |
| **:Save disk data back to file (if -snapshot) **'''Ctrl-a b'''
| |
| **:Send break (magic sysrq in Linux) **'''Ctrl-a c'''
| |
| **:Switch between console and monitor **'''Ctrl-a Ctrl-a'''
| |
| **:Send Ctrl-a ===SEE ALSO===
| |
| The HTML documentation of QEMU for more precise information and Linux
| |
| user mode emulator invocation. ===AUTHOR===
| |
| Fabrice Bellard
| |
| ==Edit Log==
| |
| *'''2005-06-25''': Added contents of manpage
| |
