Difference between revisions of "Qemu"
(added qemu manpage; lists formatted, but need to do boldfacing etc. of options) |
|||
| Line 22: | Line 22: | ||
kqemu and Win98 don't get along. | kqemu and Win98 don't get along. | ||
==Documentation== | ==Documentation== | ||
| − | NAME qemu - QEMU System Emulator SYNOPSIS usage: qemu [options] | + | ===NAME=== |
| − | [disk_image] DESCRIPTION The QEMU System emulator simulates a complete | + | [[qemu]] - QEMU System Emulator ===SYNOPSIS=== |
| − | PC. In order to meet specific user needs, two versions of QEMU are | + | usage: [[qemu]] [options] [disk_image] ===DESCRIPTION=== |
| − | available: | + | The QEMU System emulator simulates a complete PC. In order to meet |
| − | "qemu-fast" uses the host Memory Management Unit (MMU) to simulate the | + | specific user needs, two versions of QEMU are available: #"qemu-fast" |
| − | x86 MMU. It is fast but has limitations because the whole 4 GB address | + | uses the host Memory Management Unit (MMU) to simulate the x86 MMU. It |
| − | space cannot be used and some memory mapped peripherials cannot be | + | is fast but has limitations because the whole 4 GB address space cannot |
| − | + | be used and some memory mapped peripherials cannot be emulated | |
| − | be used Moreover there is no separation between the host and target | + | accurately yet. Therefore, a specific guest Linux kernel can be used |
| − | + | Moreover there is no separation between the host and target address | |
| − | "qemu-fast" code by writing at the right addresses). | + | spaces, so it offers no security (the target OS can modify the |
| − | "qemu" uses a software MMU. It is about two times slower but | + | "qemu-fast" code by writing at the right addresses). #."qemu" uses a |
| − | more accurate emulation and a complete separation between the host and | + | software MMU. It is about two times slower but gives a more accurate |
| − | target address spaces. QEMU emulates the following PC peripherials: | + | emulation and a complete separation between the host and target address |
| − | i440FX host PCI bridge and PIIX3 PCI to ISA bridge | + | spaces. QEMU emulates the following PC peripherials: *i440FX host PCI |
| − | PCI VGA card or dummy VGA card with Bochs VESA extensions (hardware | + | bridge and PIIX3 PCI to ISA bridge *Cirrus CLGD 5446 PCI VGA card or |
| − | level, including all non standard modes). | + | dummy VGA card with Bochs VESA extensions (hardware level, including |
| − | PS/2 mouse and keyboard | + | all non standard modes). *PS/2 mouse and keyboard *2 PCI IDE interfaces |
| − | CD-ROM support | + | with hard disk and CD-ROM support *Floppy disk *NE2000 PCI network |
| − | NE2000 PCI network adapters | + | adapters *Serial ports *Soundblaster 16 card QEMU uses the PC BIOS from |
| − | uses the PC BIOS from the Bochs project and the Plex86/Bochs LGPL VGA | + | the Bochs project and the Plex86/Bochs LGPL VGA BIOS. ===OPTIONS=== |
| − | BIOS. OPTIONS | + | disk_image is a raw hard disk image for IDE hard disk 0. ====General |
| − | disk_image is a raw hard disk image for IDE hard disk 0. General | + | options==== |
| − | options | + | *-fda file |
| − | -fdb file Use file as floppy disk 0/1 image You can use the host floppy | + | *-fdb file |
| − | by using /dev/fd0 as filename. -hda file | + | :Use file as floppy disk 0/1 image You can use the host floppy by using |
| − | -hdb file | + | /dev/fd0 as filename. *-hda file |
| − | -hdc file | + | *-hdb file |
| − | -hdd file Use file as hard disk 0, 1, 2 or 3 image -cdrom file Use file | + | *-hdc file |
| − | as CD-ROM image (you cannot use -hdc and and -cdrom at the same time). | + | *-hdd file |
| − | You can use the host CD-ROM by using /dev/cdrom as filename. -boot | + | :Use file as hard disk 0, 1, 2 or 3 image *-cdrom file |
| − | [a|c|d] Boot on floppy (a), hard disk (c) or CD-ROM (d). Hard disk boot | + | :Use file as CD-ROM image (you cannot use -hdc and and -cdrom at the |
| − | is the default. -snapshot Write to temporary files instead of disk | + | same time). You can use the host CD-ROM by using /dev/cdrom as |
| − | image files. In this case, the raw disk image you use is not written | + | filename. *-boot [a|c|d] |
| − | back. You can however force the write back by pressing C-a s -m megs | + | :Boot on floppy (a), hard disk (c) or CD-ROM (d). Hard disk boot is the |
| − | Set virtual RAM size to megs megabytes. Default is 128 MB. -nographic | + | default. *-snapshot |
| − | Normally, QEMU uses SDL to display the VGA output. With this option, | + | :Write to temporary files instead of disk image files. In this case, |
| + | the raw disk image you use is not written back. You can however force | ||
| + | the write back by pressing C-a s *-m megs | ||
| + | :Set virtual RAM size to megs megabytes. Default is 128 MB. *-nographic | ||
| + | :Normally, QEMU uses SDL to display the VGA output. With this option, | ||
you can totally disable graphical output so that QEMU is a simple | you can totally disable graphical output so that QEMU is a simple | ||
command line application. The emulated serial port is redirected on the | command line application. The emulated serial port is redirected on the | ||
console. Therefore, you can still use QEMU to debug a Linux kernel with | console. Therefore, you can still use QEMU to debug a Linux kernel with | ||
| − | a serial console. -enable-audio The SB16 emulation is disabled by | + | a serial console. *-enable-audio |
| − | default as it may give problems with Windows. You can enable it | + | :The SB16 emulation is disabled by default as it may give problems with |
| − | manually with this option. -localtime Set the real time clock to local | + | Windows. You can enable it manually with this option. *-localtime |
| − | time (the default is to UTC time). This option is needed to have | + | :Set the real time clock to local time (the default is to UTC time). |
| − | correct date in MS-DOS or Windows. -full-screen Start in full screen. | + | This option is needed to have correct date in MS-DOS or Windows. |
| − | Network options | + | *-full-screen |
| − | [default=/etc/qemu-ifup]. This script is launched | + | :Start in full screen. ====Network options==== |
| − | to configure the host network interface (usually tun0) corresponding to | + | *-n script |
| − | the virtual NE2000 card. -macaddr addr Set the mac address of the first | + | :Set TUN/TAP network init script [default=/etc/qemu-ifup]. This script |
| − | interface (the format is aa:bb:cc:dd:ee:ff in hexa). The mac address is | + | is launched to configure the host network interface (usually tun0) |
| − | incremented for each new network interface. -tun-fd fd Assumes fd talks | + | corresponding to the virtual NE2000 card. *-macaddr addr |
| − | to a tap/tun host network interface and use it. Read | + | :Set the mac address of the first interface (the format is |
| + | aa:bb:cc:dd:ee:ff in hexa). The mac address is incremented for each new | ||
| + | network interface. *-tun-fd fd | ||
| + | :Assumes fd talks to a tap/tun host network interface and use it. Read | ||
<http://bellard.org/qemu/tetrinet.html> to have an example of its | <http://bellard.org/qemu/tetrinet.html> to have an example of its | ||
| − | use. -user-net Use the user mode network stack. This is the default if | + | use. *-user-net |
| − | no tun/tap network init script is found. -tftp prefix When using the | + | :Use the user mode network stack. This is the default if no tun/tap |
| − | user mode network stack, activate a built-in TFTP server. All filenames | + | network init script is found. *-tftp prefix |
| − | beginning with prefix can be downloaded from the host to the guest | + | :When using the user mode network stack, activate a built-in TFTP |
| − | using a TFTP client. The TFTP client on the guest must be configured in | + | server. All filenames beginning with prefix can be downloaded from the |
| − | binary mode (use the command "bin" of the Unix TFTP client). The host | + | host to the guest using a TFTP client. The TFTP client on the guest |
| − | IP address on the guest is as usual 10.0.2.2. -smb dir When using the | + | must be configured in binary mode (use the command "bin" of the Unix |
| − | user mode network stack, activate a built-in SMB server so that Windows | + | TFTP client). The host IP address on the guest is as usual 10.0.2.2. |
| − | OSes can access to the host files in dir transparently. In the guest | + | *-smb dir |
| − | Windows OS, the line: 10.0.2.4 smbserver must be added in the file | + | :When using the user mode network stack, activate a built-in SMB server |
| − | C:\WINDOWS\LMHOSTS (for windows 9x/Me) or | + | so that Windows OSes can access to the host files in dir transparently. |
| + | :In the guest Windows OS, the line: 10.0.2.4 smbserver | ||
| + | :must be added in the file C:\WINDOWS\LMHOSTS (for windows 9x/Me) or | ||
C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS (Windows NT/2000). Then dir can | C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS (Windows NT/2000). Then dir can | ||
| − | be accessed in \\smbserver\qemu. Note that a SAMBA server must be | + | be accessed in \\smbserver\qemu. :Note that a SAMBA server must be |
installed on the host OS in /usr/sbin/smbd. QEMU was tested succesfully | installed on the host OS in /usr/sbin/smbd. QEMU was tested succesfully | ||
| − | with smbd version 2.2.7a from the Red Hat 9. -redir | + | with smbd version 2.2.7a from the Red Hat 9. *-redir |
| − | [tcp|udp]:host-port:[guest-host]:guest-port When using the user mode | + | [tcp|udp]:host-port:[guest-host]:guest-port |
| − | network stack, redirect incoming TCP or UDP connections to the host | + | :When using the user mode network stack, redirect incoming TCP or UDP |
| − | port host-port to the guest guest-host on guest port guest-port. If | + | connections to the host port host-port to the guest guest-host on guest |
| − | guest-host is not specified, its value is 10.0.2.15 (default address | + | port guest-port. If guest-host is not specified, its value is 10.0.2.15 |
| − | given by the built-in DHCP server). For example, to redirect host X11 | + | (default address given by the built-in DHCP server). :For example, to |
| − | connection from screen 1 to guest screen 0, use the following: # on the | + | redirect host X11 connection from screen 1 to guest screen 0, use the |
| − | host qemu -redir tcp:6001::6000 [...] # this host xterm should open in | + | following: # on the host qemu -redir tcp:6001::6000 [...] # this host |
| − | the guest X11 server xterm -display :1 To redirect telnet connections | + | xterm should open in the guest X11 server xterm -display :1 |
| − | from host port 5555 to telnet port on the guest, use the following: # | + | :To redirect telnet connections from host port 5555 to telnet port on |
| − | on the host qemu -redir tcp:5555::23 [...] telnet localhost 5555 Then | + | the guest, use the following: # on the host qemu -redir tcp:5555::23 |
| − | when you use on the host "telnet localhost 5555", you connect to the | + | [...] telnet localhost 5555 |
| − | guest telnet server. -dummy-net Use the dummy network stack: no packet | + | :Then when you use on the host "telnet localhost 5555", you connect to |
| − | will be received by the network cards. Linux boot specific | + | the guest telnet server. *-dummy-net |
| − | + | :Use the dummy network stack: no packet will be received by the network | |
| − | the disk image. It can be useful for easier testing of various kernels. | + | cards. ====Linux boot specific==== |
| − | -kernel bzImage Use bzImage as kernel image. -append cmdline Use | + | When using these options, you can use a given Linux kernel without |
| − | cmdline as kernel command line -initrd file Use file as initial ram | + | installing it in the disk image. It can be useful for easier testing of |
| − | disk. Debug/Expert options | + | various kernels. *-kernel bzImage |
| − | port to host device dev. Available devices are: "vc" Virtual console | + | :Use bzImage as kernel image. *-append cmdline |
| − | "pty" [Linux only] Pseudo TTY (a new PTY is automatically allocated) | + | :Use cmdline as kernel command line *-initrd file |
| − | "null" void device "stdio" [Unix only] standard input/output The | + | :Use file as initial ram disk. ====Debug/Expert options==== |
| − | default device is "vc" in graphical mode and "stdio" in non graphical | + | *-serial dev |
| − | mode. This option can be used several times to simulate up to 4 serials | + | :Redirect the virtual serial port to host device dev. Available devices |
| − | ports. -monitor dev Redirect the monitor to host device dev (same | + | are: **"vc" |
| − | devices as the serial port). The default device is "vc" in graphical | + | **:Virtual console **"pty" |
| − | mode and "stdio" in non graphical mode. -s Wait gdb connection to port | + | **:[Linux only] Pseudo TTY (a new PTY is automatically allocated) |
| − | 1234 -p port Change gdb connection port. -S Do not start CPU at startup | + | **"null" |
| − | (you must type 'c' in the monitor). -d Output log in /tmp/qemu.log -isa | + | **:void device **"stdio" |
| − | Simulate an ISA-only system (default is PCI system). -std-vga Simulate | + | **:[Unix only] standard input/output :The default device is "vc" in |
| − | a standard VGA card with Bochs VBE extensions (default is Cirrus Logic | + | graphical mode and "stdio" in non graphical mode. :This option can be |
| − | GD5446 PCI VGA) -loadvm file Start right away with a saved state | + | used several times to simulate up to 4 serials ports. *-monitor dev |
| − | ("loadvm" in monitor) During the graphical emulation, you can use the | + | :Redirect the monitor to host device dev (same devices as the serial |
| − | following keys: Ctrl-Alt-f Toggle full screen Ctrl-Alt-n Switch to | + | port). The default device is "vc" in graphical mode and "stdio" in non |
| − | virtual console 'n'. Standard console mappings are: 1 Target system | + | graphical mode. *-s |
| − | + | :Wait gdb connection to port 1234 *-p port | |
| − | grab. In the virtual consoles, you can use Ctrl-Up, Ctrl-Down, Ctrl-PageUp and Ctrl-PageDown to move in the back log. | + | :Change gdb connection port. *-S |
| − | + | :Do not start CPU at startup (you must type 'c' in the monitor). *-d | |
| − | + | :Output log in /tmp/qemu.log *-isa | |
| − | Ctrl-a h | + | :Simulate an ISA-only system (default is PCI system). *-std-vga |
| − | + | :Simulate a standard VGA card with Bochs VBE extensions (default is | |
| − | Ctrl-a x | + | Cirrus Logic GD5446 PCI VGA) *-loadvm file |
| − | + | :Start right away with a saved state ("loadvm" in monitor) ====PowerPC | |
| − | Ctrl-a s | + | Options==== |
| − | + | The following options are specific to the PowerPC emulation: *-prep | |
| − | Ctrl-a b | + | :Simulate a PREP system (default is PowerMAC) *-g WxH[xDEPTH] |
| − | + | :Set the initial VGA graphic mode. The default is 800x600x15. | |
| − | Ctrl-a c | + | ===Keys=== |
| − | + | During the graphical emulation, you can use the following keys: | |
| − | Ctrl-a Ctrl-a | + | *Ctrl-Alt-f |
| − | + | *:Toggle full screen *Ctrl-Alt-n | |
| − | + | *:Switch to virtual console 'n'. Standard console mappings are: | |
| − | + | **1 | |
| − | + | **:Target system display | |
| − | + | **2 | |
| − | + | **:Monitor | |
| − | + | **3 | |
| − | + | **:Serial port | |
| − | SEE ALSO | + | *Ctrl-Alt |
| − | + | *:Toggle mouse and keyboard grab. | |
| − | AUTHOR | + | *In the virtual consoles, you can use Ctrl-Up, Ctrl-Down, Ctrl-PageUp and Ctrl-PageDown to move in the back log. |
| − | + | *During emulation, if you are using the -nographic option, use Ctrl-a h to get terminal commands: | |
| − | + | **Ctrl-a h | |
| + | **:Print this help | ||
| + | **Ctrl-a x | ||
| + | **:Exit emulatior | ||
| + | **Ctrl-a s | ||
| + | **:Save disk data back to file (if -snapshot) | ||
| + | **Ctrl-a b | ||
| + | **:Send break (magic sysrq in Linux) | ||
| + | **Ctrl-a c | ||
| + | **:Switch between console and monitor | ||
| + | **Ctrl-a Ctrl-a | ||
| + | **:Send Ctrl-a | ||
| + | ==SEE ALSO== | ||
| + | The HTML documentation of QEMU for more precise information and Linux user mode emulator invocation. | ||
| + | ==AUTHOR== | ||
| + | Fabrice Bellard | ||
Revision as of 15:15, 25 June 2005
Techniques: Software: Emulators: Qemu QEMU is an open source processor emulator. It emulates a variety of different [http://qemu.org/status.html CPUs and systems], and achieves good speed by using dynamic translation.
Some Quick Notes
- Creating the disk image: qemu-img create win98hd.img 2G qemu -hda
win98hd.img -cdrom win98.iso -boot d For linux host systems, there is a loadable kernel module (called kqemu) that will allow qemu to run at near native speeds. At the time of this writing, there aren't distributed packages available with the module built, so you'll need to download the source from the website and compile it locally. First download the qemu source and untar it. Then download the kqemu source and untar it within the qemu source directory. Then run ./configure && make && sudo make install. You might also want to install the vgabios package from your package manager. If you're wanting to run Win98 under qemu, this option is moot because kqemu and Win98 don't get along.
Documentation
NAME
qemu - QEMU System Emulator ===SYNOPSIS=== usage: qemu [options] [disk_image] ===DESCRIPTION=== The QEMU System emulator simulates a complete PC. In order to meet specific user needs, two versions of QEMU are available: #"qemu-fast" uses the host Memory Management Unit (MMU) to simulate the x86 MMU. It is fast but has limitations because the whole 4 GB address space cannot be used and some memory mapped peripherials cannot be emulated accurately yet. Therefore, a specific guest Linux kernel can be used Moreover there is no separation between the host and target address spaces, so it offers no security (the target OS can modify the "qemu-fast" code by writing at the right addresses). #."qemu" uses a software MMU. It is about two times slower but gives a more accurate emulation and a complete separation between the host and target address spaces. QEMU emulates the following PC peripherials: *i440FX host PCI bridge and PIIX3 PCI to ISA bridge *Cirrus CLGD 5446 PCI VGA card or dummy VGA card with Bochs VESA extensions (hardware level, including all non standard modes). *PS/2 mouse and keyboard *2 PCI IDE interfaces with hard disk and CD-ROM support *Floppy disk *NE2000 PCI network adapters *Serial ports *Soundblaster 16 card QEMU uses the PC BIOS from the Bochs project and the Plex86/Bochs LGPL VGA BIOS. ===OPTIONS=== disk_image is a raw hard disk image for IDE hard disk 0. ====General options====
- -fda file
- -fdb file
- Use file as floppy disk 0/1 image You can use the host floppy by using
/dev/fd0 as filename. *-hda file
- -hdb file
- -hdc file
- -hdd file
- Use file as hard disk 0, 1, 2 or 3 image *-cdrom file
- Use file as CD-ROM image (you cannot use -hdc and and -cdrom at the
same time). You can use the host CD-ROM by using /dev/cdrom as filename. *-boot [a|c|d]
- Boot on floppy (a), hard disk (c) or CD-ROM (d). Hard disk boot is the
default. *-snapshot
- Write to temporary files instead of disk image files. In this case,
the raw disk image you use is not written back. You can however force the write back by pressing C-a s *-m megs
- Set virtual RAM size to megs megabytes. Default is 128 MB. *-nographic
- Normally, QEMU uses SDL to display the VGA output. With this option,
you can totally disable graphical output so that QEMU is a simple command line application. The emulated serial port is redirected on the console. Therefore, you can still use QEMU to debug a Linux kernel with a serial console. *-enable-audio
- The SB16 emulation is disabled by default as it may give problems with
Windows. You can enable it manually with this option. *-localtime
- Set the real time clock to local time (the default is to UTC time).
This option is needed to have correct date in MS-DOS or Windows.
- -full-screen
- Start in full screen. ====Network options====
- -n script
- Set TUN/TAP network init script [default=/etc/qemu-ifup]. This script
is launched to configure the host network interface (usually tun0) corresponding to the virtual NE2000 card. *-macaddr addr
- Set the mac address of the first interface (the format is
aa:bb:cc:dd:ee:ff in hexa). The mac address is incremented for each new network interface. *-tun-fd fd
- Assumes fd talks to a tap/tun host network interface and use it. Read
<http://bellard.org/qemu/tetrinet.html> to have an example of its use. *-user-net
- Use the user mode network stack. This is the default if no tun/tap
network init script is found. *-tftp prefix
- When using the user mode network stack, activate a built-in TFTP
server. All filenames beginning with prefix can be downloaded from the host to the guest using a TFTP client. The TFTP client on the guest must be configured in binary mode (use the command "bin" of the Unix TFTP client). The host IP address on the guest is as usual 10.0.2.2.
- -smb dir
- When using the user mode network stack, activate a built-in SMB server
so that Windows OSes can access to the host files in dir transparently.
- In the guest Windows OS, the line: 10.0.2.4 smbserver
- must be added in the file C:\WINDOWS\LMHOSTS (for windows 9x/Me) or
C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS (Windows NT/2000). Then dir can be accessed in \\smbserver\qemu. :Note that a SAMBA server must be installed on the host OS in /usr/sbin/smbd. QEMU was tested succesfully with smbd version 2.2.7a from the Red Hat 9. *-redir [tcp|udp]:host-port:[guest-host]:guest-port
- When using the user mode network stack, redirect incoming TCP or UDP
connections to the host port host-port to the guest guest-host on guest port guest-port. If guest-host is not specified, its value is 10.0.2.15 (default address given by the built-in DHCP server). :For example, to redirect host X11 connection from screen 1 to guest screen 0, use the following: # on the host qemu -redir tcp:6001::6000 [...] # this host xterm should open in the guest X11 server xterm -display :1
- To redirect telnet connections from host port 5555 to telnet port on
the guest, use the following: # on the host qemu -redir tcp:5555::23 [...] telnet localhost 5555
- Then when you use on the host "telnet localhost 5555", you connect to
the guest telnet server. *-dummy-net
- Use the dummy network stack: no packet will be received by the network
cards. ====Linux boot specific==== When using these options, you can use a given Linux kernel without installing it in the disk image. It can be useful for easier testing of various kernels. *-kernel bzImage
- Use bzImage as kernel image. *-append cmdline
- Use cmdline as kernel command line *-initrd file
- Use file as initial ram disk. ====Debug/Expert options====
- -serial dev
- Redirect the virtual serial port to host device dev. Available devices
are: **"vc"
- Virtual console **"pty"
- [Linux only] Pseudo TTY (a new PTY is automatically allocated)
- "null"
- void device **"stdio"
- [Unix only] standard input/output :The default device is "vc" in
graphical mode and "stdio" in non graphical mode. :This option can be used several times to simulate up to 4 serials ports. *-monitor dev
- Redirect the monitor to host device dev (same devices as the serial
port). The default device is "vc" in graphical mode and "stdio" in non graphical mode. *-s
- Wait gdb connection to port 1234 *-p port
- Change gdb connection port. *-S
- Do not start CPU at startup (you must type 'c' in the monitor). *-d
- Output log in /tmp/qemu.log *-isa
- Simulate an ISA-only system (default is PCI system). *-std-vga
- Simulate a standard VGA card with Bochs VBE extensions (default is
Cirrus Logic GD5446 PCI VGA) *-loadvm file
- Start right away with a saved state ("loadvm" in monitor) ====PowerPC
Options==== The following options are specific to the PowerPC emulation: *-prep
- Simulate a PREP system (default is PowerMAC) *-g WxH[xDEPTH]
- Set the initial VGA graphic mode. The default is 800x600x15.
Keys
During the graphical emulation, you can use the following keys:
- Ctrl-Alt-f
- Toggle full screen *Ctrl-Alt-n
- Switch to virtual console 'n'. Standard console mappings are:
- 1
- Target system display
- 2
- Monitor
- 3
- Serial port
- Ctrl-Alt
- Toggle mouse and keyboard grab.
- In the virtual consoles, you can use Ctrl-Up, Ctrl-Down, Ctrl-PageUp and Ctrl-PageDown to move in the back log.
- During emulation, if you are using the -nographic option, use Ctrl-a h to get terminal commands:
- Ctrl-a h
- Print this help
- Ctrl-a x
- Exit emulatior
- Ctrl-a s
- Save disk data back to file (if -snapshot)
- Ctrl-a b
- Send break (magic sysrq in Linux)
- Ctrl-a c
- Switch between console and monitor
- Ctrl-a Ctrl-a
- Send Ctrl-a
- Ctrl-a h
SEE ALSO
The HTML documentation of QEMU for more precise information and Linux user mode emulator invocation.
AUTHOR
Fabrice Bellard