summaryrefslogtreecommitdiff
path: root/qemu-doc.texi
AgeCommit message (Collapse)Author
2015-09-16monitor: added generation of documentation for hmp-commands-info.hxPavel Butsykin
It will be easier if you need to add info-commands to edit only hmp-commands-info.hx, before this had to edit monitor.c and hmp-commands.hx. From the build point of view all documentation is saved into qemu-monitor-info.texi which from now on is used for all user documentation building. Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Peter Maydell <peter.maydell@linaro.org> Message-Id: <1441899541-1856-5-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-09-11maint: remove / fix many doubled wordsDaniel P. Berrange
Many source files have doubled words (eg "the the", "to to", and so on). Most of these can simply be removed, but a couple were actual mis-spellings (eg "to to" instead of "to do"). There was even one triple word score "to to to" :-) Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-09-01qga: start a man pageMarc-André Lureau
Add a simple man page for the qemu agent. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> *squashed in review comments from Eric Blake <eblake@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
2015-08-28qemu-doc.texi: Fix capitalization error in OS X build instructionsPeter Maydell
Fix a capitalization error in the OS X build instructions; this was picked up in review of commit b352153f5f and intended to be corrected before I applied it, but I accidentally didn't include it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-08-27From: John Arbuckle <programmingkidx@gmail.com>G 3
qemu-doc.texi: Add information on compiling source code on Mac OS X Add information to the documentation on how to build QEMU on Mac OS X. Signed-off-by: John Arbuckle <programmingkidx@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: fixed a minor capitalization error] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-07-24qemu-doc: fix typosGonglei
Signed-off-by: Gonglei <arei.gonglei@huawei.com> Message-Id: <1435917057-9396-1-git-send-email-arei.gonglei@huawei.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-19raw-posix: Deprecate host floppy passthroughMarkus Armbruster
Raise your hand if you have a physical floppy drive in a computer you've powered on in 2015. Okay, I see we got a few weirdos in the audience. That's okay, weirdos are welcome here. Kidding aside, media change detection doesn't fully work, isn't going to be fixed, and floppy passthrough just isn't earning its keep anymore. Deprecate block driver host_floppy now, so we can drop it after a grace period. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-03-16block: Deprecate QCOW/QCOW2 encryptionMarkus Armbruster
We've steered users away from QCOW/QCOW2 encryption for a while, because it's a flawed design (commit 136cd19 Describe flaws in qcow/qcow2 encryption in the docs). In addition to flawed crypto, we have comically bad usability, and plain old bugs. Let me show you. = Example images = I'm going to use a raw image as backing file, and two QCOW2 images, one encrypted, and one not: $ qemu-img create -f raw backing.img 4m Formatting 'backing.img', fmt=raw size=4194304 $ qemu-img create -f qcow2 -o encryption,backing_file=backing.img,backing_fmt=raw geheim.qcow2 4m Formatting 'geheim.qcow2', fmt=qcow2 size=4194304 backing_file='backing.img' backing_fmt='raw' encryption=on cluster_size=65536 lazy_refcounts=off $ qemu-img create -f qcow2 -o backing_file=backing.img,backing_fmt=raw normal.qcow2 4m Formatting 'normal.qcow2', fmt=qcow2 size=4194304 backing_file='backing.img' backing_fmt='raw' encryption=off cluster_size=65536 lazy_refcounts=off = Usability issues = == Confusing startup == When no image is encrypted, and you don't give -S, QEMU starts the guest immediately: $ qemu-system-x86_64 -nodefaults -display none -monitor stdio normal.qcow2 QEMU 2.2.50 monitor - type 'help' for more information (qemu) info status VM status: running But as soon as there's an encrypted image in play, the guest is *not* started, with no notification whatsoever: $ qemu-system-x86_64 -nodefaults -display none -monitor stdio geheim.qcow2 QEMU 2.2.50 monitor - type 'help' for more information (qemu) info status VM status: paused (prelaunch) If the user figured out that he needs to type "cont" to enter his keys, the confusion enters the next level: "cont" asks for at most *one* key. If more are needed, it then silently does nothing. The user has to type "cont" once per encrypted image: $ qemu-system-x86_64 -nodefaults -display none -monitor stdio -drive if=none,file=geheim.qcow2 -drive if=none,file=geheim.qcow2 QEMU 2.2.50 monitor - type 'help' for more information (qemu) info status VM status: paused (prelaunch) (qemu) c none0 (geheim.qcow2) is encrypted. Password: ****** (qemu) info status VM status: paused (prelaunch) (qemu) c none1 (geheim.qcow2) is encrypted. Password: ****** (qemu) info status VM status: running == Incorrect passwords not caught == All existing encryption schemes give you the GIGO treatment: garbage password in, garbage data out. Guests usually refuse to mount garbage, but other usage is prone to data loss. == Need to stop the guest to add an encrypted image == $ qemu-system-x86_64 -nodefaults -display none -monitor stdio QEMU 2.2.50 monitor - type 'help' for more information (qemu) info status VM status: running (qemu) drive_add "" if=none,file=geheim.qcow2 Guest must be stopped for opening of encrypted image (qemu) stop (qemu) drive_add "" if=none,file=geheim.qcow2 OK Commit c3adb58 added this restriction. Before, we could expose images lacking an encryption key to guests, with potentially catastrophic results. See also "Use without key is not always caught". = Bugs = == Use without key is not always caught == Encrypted images can be in an intermediate state "opened, but no key". The weird startup behavior and the need to stop the guest are there to ensure the guest isn't exposed to that state. But other things still are! * drive_backup $ qemu-system-x86_64 -nodefaults -display none -monitor stdio geheim.qcow2 QEMU 2.2.50 monitor - type 'help' for more information (qemu) drive_backup -f ide0-hd0 out.img raw Formatting 'out.img', fmt=raw size=4194304 I guess this writes encrypted data to raw image out.img. Good luck with figuring out how to decrypt that again. * commit $ qemu-system-x86_64 -nodefaults -display none -monitor stdio geheim.qcow2 QEMU 2.2.50 monitor - type 'help' for more information (qemu) commit ide0-hd0 I guess this writes encrypted data into the unencrypted raw backing image, effectively destroying it. == QMP device_add of usb-storage fails when it shouldn't == When the image is encrypted, device_add creates the device, defers actually attaching it to when the key becomes available, then fails. This is wrong. device_add must either create the device and succeed, or do nothing and fail. $ qemu-system-x86_64 -nodefaults -display none -usb -qmp stdio -drive if=none,id=foo,file=geheim.qcow2 {"QMP": {"version": {"qemu": {"micro": 50, "minor": 2, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device_add", "arguments": { "driver": "usb-storage", "id": "bar", "drive": "foo" } } {"error": {"class": "DeviceEncrypted", "desc": "'foo' (geheim.qcow2) is encrypted"}} {"execute":"device_del","arguments": { "id": "bar" } } {"timestamp": {"seconds": 1426003440, "microseconds": 237181}, "event": "DEVICE_DELETED", "data": {"path": "/machine/peripheral/bar/bar.0/legacy[0]"}} {"timestamp": {"seconds": 1426003440, "microseconds": 238231}, "event": "DEVICE_DELETED", "data": {"device": "bar", "path": "/machine/peripheral/bar"}} {"return": {}} This stuff is worse than useless, it's a trap for users. If people become sufficiently interested in encrypted images to contribute a cryptographically sane implementation for QCOW2 (or whatever other format), then rewriting the necessary support around it from scratch will likely be easier and yield better results than fixing up the existing mess. Let's deprecate the mess now, drop it after a grace period, and move on. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-03-10doc: minor updates to SPARC32 and SPARC64 documentationMark Cave-Ayland
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2014-12-12block: vhdx - change .vhdx_create default block state to ZEROJeff Cody
The VHDX spec specifies that the default new block state is PAYLOAD_BLOCK_NOT_PRESENT for a dynamic VHDX image, and PAYLOAD_BLOCK_FULLY_PRESENT for a fixed VHDX image. However, in order to create space-efficient VHDX images with qemu-img convert, it is desirable to be able to set has_zero_init to true for VHDX. There is currently an option when creating VHDX images, to use block state ZERO for new blocks. However, this currently defaults to 'off'. In order to be able to eventually set has_zero_init to true for VHDX, this needs to default to 'on'. This patch changes the default to 'on', and provides some help information to warn against setting it to 'off' when using qemu-img convert. [Max Reitz pointed out that a full stop was missing at the end of the VHDX_BLOCK_OPT_ZERO option help text. I have added it. --Stefan] Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 85164899eacc86e150c3ceba793cf93b398dedd7.1418018421.git.jcody@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-11-05qemu-doc.texi: fix typos in x509 examplesGonglei
Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-09-22block: delete cow block driverStefan Hajnoczi
This patch removes support for the cow file format. Normally we do not break backwards compatibility but in this case there is no impact and it is the most logical option. Extraordinary claims require extraordinary evidence so I will show why removing the cow block driver is the right thing to do. The cow file format is the disk image format for Usermode Linux, a way of running a Linux system in userspace. The performance of UML was never great and it was hacky, but it enjoyed some popularity before hardware virtualization support became mainstream. QEMU's block/cow.c is supposed to read this image file format. Unfortunately the file format was underspecified: 1. Earlier Linux versions used the MAXPATHLEN constant for the backing filename field. The value of MAXPATHLEN can change, so Linux switched to a 4096 literal but QEMU has a 1024 literal. 2. Padding was not used on the header struct (both in the Linux kernel and in QEMU) so the struct layout varied across architectures. In particular, i386 and x86_64 were different due to int64_t alignment differences. Linux now uses __attribute__((packed)), QEMU does not. Therefore: 1. QEMU cow images do not conform to the Linux cow image file format. 2. cow images cannot be shared between different host architectures. This means QEMU cow images are useless and QEMU has not had bug reports from users actually hitting these issues. Let's get rid of this thing, it serves no purpose and no one will be affected. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-id: 1410877464-20481-1-git-send-email-stefanha@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-12qcow2: Add falloc and full preallocation optionHu Tao
preallocation=falloc allocates disk space by posix_fallocate(), preallocation=full allocates disk space by writing zeros to disk. Both modes imply preallocation=metadata. Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-09-12raw-posix: Add falloc and full preallocation optionHu Tao
This patch adds a new option preallocation for raw format, and implements falloc and full preallocation. Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-07-18doc: slirp supports ICMP echo if enabled in LinuxGernot Hillier
Since QEMU 0.15, slirp (user mode networking) supports ping to the Internet, see e6d43cfb1f9 Signed-off-by: Gernot Hillier <gernot.hillier@siemens.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-07-07Fix nocow typos in manpageChunyan Liu
Signed-off-by: Chunyan Liu <cyliu@suse.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-07-01qemu-img create: add 'nocow' optionChunyan Liu
Add 'nocow' option so that users could have a chance to set NOCOW flag to newly created files. It's useful on btrfs file system to enhance performance. Btrfs has low performance when hosting VM images, even more when the guest in those VM are also using btrfs as file system. One way to mitigate this bad performance is to turn off COW attributes on VM files. Generally, there are two ways to turn off NOCOW on btrfs: a) by mounting fs with nodatacow, then all newly created files will be NOCOW. b) per file. Add the NOCOW file attribute. It could only be done to empty or new files. This patch tries the second way, according to the option, it could add NOCOW per file. For most block drivers, since the create file step is in raw-posix.c, so we can do setting NOCOW flag ioctl in raw-posix.c only. But there are some exceptions, like block/vpc.c and block/vdi.c, they are creating file by calling qemu_open directly. For them, do the same setting NOCOW flag ioctl work in them separately. [Fixed up 082.out due to the new 'nocow' creation option --Stefan] Signed-off-by: Chunyan Liu <cyliu@suse.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-04-18doc: grammify "allows to"Michael Tokarev
English language grammar does not allow usage of the word "allows" directly followed by an infinitive, declaring constructs like "something allows to do somestuff" un-grammatical. Often it is possible to just insert "one" between "allows" and "to" to make the construct grammatical, but usually it is better to re-phrase the statement. This patch tries to fix 4 examples of "allows to" usage in qemu doc, but does not address comments in the code with similar constructs. It also adds missing "the" in the same line. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-03-27doc: update default PowerPC framebuffer settingsMark Cave-Ayland
Since 1.7, the default framebuffer settings for PowerPC are 800x600x32. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> CC: qemu-ppc@nongnu.org Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-03-27doc: update sun4m documentationMark Cave-Ayland
A few minor tidy-ups, plus add reference to the new -vga tcx and cg3 options. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-01-31Describe flaws in qcow/qcow2 encryption in the docsDaniel P. Berrange
The qemu-img.texi / qemu-doc.texi files currently describe the qcow2/qcow2 encryption thus "Encryption uses the AES format which is very secure (128 bit keys). Use a long password (16 characters) to get maximum protection." While AES is indeed a strong encryption system, the way that QCow/QCow2 use it results in a poor/weak encryption system. Due to the use of predictable IVs, based on the sector number extended to 128 bits, it is vulnerable to chosen plaintext attacks which can reveal the existence of encrypted data. The direct use of the user passphrase as the encryption key also leads to an inability to change the passphrase of an image. If passphrase is ever compromised the image data will all be vulnerable, since it cannot be re-encrypted. The admin has to clone the image files with a new passphrase and then use a program like shred to secure erase all the old files. Recommend against any use of QCow/QCow2 encryption, directing users to dm-crypt / LUKS which can meet modern cryptography best practices. [Changed "Qcow" to "qcow" for consistency. --Stefan] Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-01-22docs: qcow2 compat=1.1 is now the defaultStefan Hajnoczi
Commit 9117b47717ad208b12786ce88eacb013f9b3dd1c ("qcow2: Change default for new images to compat=1.1") changed the default qcow2 image format version but forgot to update qemu-doc.texi and qemu-img.texi. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-12-20docs: updated qemu-img man page and qemu-doc to reflect VHDX support.Jeff Cody
The man page for qemu-img, and the qemu-doc, did not mention VHDX as a supported format. This adds in reference to VHDX in those documents. [Stefan Weil <sw@weilnetz.de> suggested s/Block Size/Block size/ for consistency. I have made this change. --Stefan] Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-06-28doc: we use seabios, not bochs biosMichael Tokarev
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-05-26Remove Sun4c, Sun4d and a few CPUsBlue Swirl
Sun4c and Sun4d architectures and related CPUs are not fully implemented (especially Sun4c MMU) and there has been no interest for them. Likewise, a few CPUs (Cypress, Ross etc) are only half implemented. Remove the machines and CPUs, they can be re-added if needed later. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2013-05-12audio: update documentation after removing --audio-card-list optionHervé Poussineau
Commit 98af93fde2e37b5b0c8cee9036e028fe6df6446c removed the --audio-card-list option in configure, and commit 8f3b664f6cc4153cc73941c941d54c4e499b7537 always compiled in the adlib, gus and cs4231a audio cards. Signed-off-by: Hervé Poussineau <hpoussin@reactos.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-04-26qemu-doc: Option -ignore-environment removed.Thomas Schwinge
Has been removed in commit fc9c54124d134dbd76338a92a91804dab2df8166. Signed-off-by: Thomas Schwinge <thomas@codesourcery.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-04-15block: ssh: Use libssh2_sftp_fsync (if supported by libssh2) to flush to disk.Richard W.M. Jones
libssh2_sftp_fsync is an extension to libssh2 to support fsync(2) over sftp, which is itself an extension of OpenSSH. If both libssh2 and the ssh daemon support it, this will allow bdrv_flush_to_disk to commit changes through to disk on the remote server. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-04-15block: Add support for Secure Shell (ssh) block device.Richard W.M. Jones
qemu-system-x86_64 -drive file=ssh://hostname/some/image QEMU will ssh into 'hostname' and open '/some/image' which is made available as a standard block device. You can specify a username (ssh://user@host/...) and/or a port number (ssh://host:port/...). You can also use an alternate syntax using properties (file.user, file.host, file.port, file.path). Current limitations: - Authentication must be done without passwords or passphrases, using ssh-agent. Other authentication methods are not supported. - Uses a single connection, instead of concurrent AIO with multiple SSH connections. This is implemented using libssh2 on the client side. The server just requires a regular ssh daemon with sftp-server support. Most ssh daemons on Unix/Linux systems will work out of the box. Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Cc: Stefan Hajnoczi <stefanha@gmail.com> Cc: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04sheepdog: add support for connecting to unix domain socketMORITA Kazutaka
This patch adds support for a unix domain socket for a connection between qemu and local sheepdog server. You can use the unix domain socket with the following syntax: $ qemu sheepdog+unix:///<vdiname>?socket=<socket path>[#snapid] Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-03-04sheepdog: accept URIsMORITA Kazutaka
The URI syntax is consistent with the NBD and Gluster syntax. The syntax is sheepdog[+tcp]://[host:port]/vdiname[#snapid|#tag] Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-02-26qemu-log: default to stderr for logging outputPeter Maydell
Switch the default for qemu_log logging output from "/tmp/qemu.log" to stderr. This is an incompatible change in some sense, but logging is mostly used for debugging purposes so it shouldn't affect production use. The previous behaviour can be obtained by adding "-D /tmp/qemu.log" to the command line. This change requires us to: * update all the documentation/help text (we take the opportunity to smooth out minor inconsistencies between the phrasing in linux-user/bsd-user/system help messages) * make linux-user and bsd-user defer to qemu-log for the default logging destination rather than overriding it themselves * ensure that all logfile closing is done via qemu_log_close() and that that function doesn't close stderr as well as the obvious change to the behaviour of do_qemu_set_log() when no logfile name has been specified. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-id: 1361901160-28729-1-git-send-email-peter.maydell@linaro.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-11-30Documentation: Update image format informationKevin Wolf
Document new and yet undocumented options and image formats. The qemu-img man page contains information only for raw and qcow2 now and references the HTML documentation for a more detailed description of other formats. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-11-14qemu: Document GlusterFS block driver usageBharata B Rao
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-11-12nbd: accept URIsPaolo Bonzini
The URI syntax is consistent with the Gluster syntax. Export names are specified in the path, preceded by one or more (otherwise unused) slashes. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-08-09iscsi: Pick default initiator-name based on the name of the VMRonnie Sahlberg
This patch updates the iscsi layer to automatically pick a 'unique' initiator-name based on the name of the vm in case the user has not set an explicit iqn-name to use. Create a new function qemu_get_vm_name() that returns the name of the VM, if specified. This way we can thus create default names to use as the initiator name based on the guest session. If the VM is not named via the '-name' command line argument, the iscsi initiator-name used wiull simply be iqn.2008-11.org.linux-kvm If a name for the VM was specified with the '-name' option, iscsi will use a default initiatorname of iqn.2008-11.org.linux-kvm:<name> These names are just the default iscsi initiator name that qemu will generate/use only when the user has not set an explicit initiator name via the commandlines or config files. Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
2012-08-03vnc: disable VNC password authentication (security type 2) when in FIPS modePaul Moore
FIPS 140-2 requires disabling certain ciphers, including DES, which is used by VNC to obscure passwords when they are sent over the network. The solution for FIPS users is to disable the use of VNC password auth when the host system is operating in FIPS compliance mode and the user has specified '-enable-fips' on the QEMU command line. This patch causes QEMU to emit a message to stderr when the host system is running in FIPS mode and a VNC password was specified on the commend line. If the system is not running in FIPS mode, or is running in FIPS mode but VNC password authentication was not requested, QEMU operates normally. Signed-off-by: Paul Moore <pmoore@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-08-02Support 'help' as a synonym for '?' in command line optionsPeter Maydell
For command line options which permit '?' meaning 'please list the permitted values', add support for 'help' as a synonym, by abstracting the check out into a helper function. This change means that in some cases where we were being lazy in our string parsing, "?junk" will now be rejected as an invalid option rather than being (undocumentedly) treated the same way as "?". Update the documentation to use 'help' rather than '?', since '?' is a shell metacharacter and thus prone to fail confusingly if there is a single character filename in the current working directory and the '?' has not been escaped. It's therefore better to steer users towards 'help', though '?' is retained for backwards compatibility. We do not, however, update the output of the system emulator's -help (or any documentation autogenerated from the qemu-options.hx which is the source of the -help text) because libvirt parses our -help output and will break. At a later date when QEMU provides a better interface so libvirt can avoid having to do this, we can update the -help text too. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-07-17doc: Fix indefinite article an -> a before nouns that begin with 'h'Stefan Weil
Although the rule also allows 'an' for historical reasons, 'a' is more common because 'h' is pronounced. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-14qemu-doc: Use QEMU instead of qemu for product nameStefan Weil
When 'qemu' was used as a product name or as a generic process name, it is now replaced by the official upper case 'QEMU'. v2: Added missing period (hint from Andreas Färber). Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-05-14qemu-doc: Fix executable name in examplesStefan Weil
The executable name qemu was replaced some time ago by qemu-system-i386. Fix all examples accordingly. Some examples will only work with qemu-system-i386 or qemu-system-x86_64 for obvious reasons ("dos.img"). To keep things simple, I did not vary the executable name. Place holders like qemu-system-TARGET were also only used once in the enhanced description for QEMU launches using Wine. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2012-05-01Drop darwin-userAndreas Färber
It's been orphaned, not compiling for a long time and despite Apple's drop of their Rosetta ppc emulation technology with Mac OS X Lion no one has stepped up to fix it. Testing necessary changes wrt QOM'ification thus is impossible, so we might as well remove it completely. Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2012-04-07Replace Qemu by QEMU in w32 installation path (prefix)Stefan Weil
The official spelling is QEMU. Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-04-07Replace Qemu by QEMU in user visible documentationStefan Weil
The official spelling is QEMU. Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-02-09iSCSI: add configuration variables for iSCSIRonnie Sahlberg
This patch adds configuration variables for iSCSI to set initiator-name to use when logging in to the target, which type of header-digest to negotiate with the target and username and password for CHAP authentication. This allows specifying a initiator-name either from the command line -iscsi initiator-name=iqn.2004-01.com.example:test or from a configuration file included with -readconfig [iscsi] initiator-name = iqn.2004-01.com.example:test header-digest = CRC32C|CRC32C-NONE|NONE-CRC32C|NONE user = CHAP username password = CHAP password If you use several different targets, you can also configure this on a per target basis by using a group name: [iscsi "iqn.target.name"] ... The configuration file can be read using -readconfig. Example : qemu-system-i386 -drive file=iscsi://127.0.0.1/iqn.ronnie.test/1 -readconfig iscsi.conf Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-12-14doc: Remove Symbian Virtual PlatformStefan Weil
Commit d396a657baec8c6b7aa0c888746e0e2f78303650 removed the code for SVP, so the documentation needs this update. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-11-18Merge remote-tracking branch 'kwolf/block-stable' into stagingAnthony Liguori
2011-11-18Documentation: Add section about iSCSI LUNS to qemu-docRonnie Sahlberg
Add a new section about using iSCSI LUNs with qemu and provide a short example on how to set up a target and access it using the built-in initiator Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-11-17Fix spelling in documentation and comments (similiar -> similar)Stefan Weil
This bug was detected by codespell. In mips_mipssim.c a grammatical error was fixed, too. Signed-off-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-10-26Documentation: fix typoBernhard Reutner-Fischer
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>