summaryrefslogtreecommitdiff
path: root/qemu-options.hx
AgeCommit message (Collapse)Author
2018-03-13target/i386: add Secure Encrypted Virtualization (SEV) objectBrijesh Singh
Add a new memory encryption object 'sev-guest'. The object will be used to create encrypted VMs on AMD EPYC CPU. The object provides the properties to pass guest owner's public Diffie-hellman key, guest policy and session information required to create the memory encryption context within the SEV firmware. e.g to launch SEV guest # $QEMU \ -object sev-guest,id=sev0 \ -machine ....,memory-encryption=sev0 Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13machine: add memory-encryption optionBrijesh Singh
When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Cc: Stefan Hajnoczi <stefanha@gmail.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-06balloon: Fix documentation of the --balloon parameter and deprecate itThomas Huth
There are two issues with the documentation of the --balloon parameter: First, "--balloon none" is simply doing nothing. Even if a machine had a balloon device by default, this option is not disabling anything, it is simply ignored. Thus let's simply drop this option from the documentation to avoid to confuse the users (but keep the code in vl.c for backward compatibility). Second, the documentation claims that "--balloon virtio" is the default mode, but this is not true anymore since commit 382f074371f7dc32a34. Since that commit, the option also has no real use case anymore, since you can simply use "--device virtio-balloon" nowadays instead. Thus to simplify our complex parameter zoo a little bit, let's deprecate the the parameter now and tell the user to use "--device virtio-balloon" instead. Fixes: 382f074371f7dc32a34c944c845b1698e83d8c36 Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1519796303-13257-1-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-05net: Add a new convenience option "--nic" to configure default/on-board NICsThomas Huth
The legacy "-net" option can be quite confusing for the users since most people do not expect to get a "vlan" hub between their emulated guest hardware and the host backend. But so far, we are also not able to get rid of "-net" completely, since it is the only way to configure on-board NICs that can not be instantiated via "-device" yet. It's also a little bit shorter to type "-net nic -net tap" instead of "-device xyz,netdev=n1 -netdev tap,id=n1". So what we need is a new convenience option that is shorter to type than the full -device + -netdev stuff, and which can be used to configure the on-board NICs that can not be handled via -device yet. Thus this patch now provides such a new option "--nic": It adds an entry in the nd_table to configure a on-board / default NIC, creates a host backend and connects the two directly, without a confusing "vlan" hub inbetween. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-03-05net: Remove the deprecated way of dumping network packetsThomas Huth
"-net dump" has been marked as deprecated since QEMU v2.10, since it only works with the deprecated 'vlan' parameter (or hubs). Network dumping should be done with "-object filter-dump" nowadays instead. Since nobody complained so far about the deprecation message, let's finally get rid of "-net dump" now. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-03-05net: Only show vhost-user in the help text if CONFIG_POSIX is definedThomas Huth
According to net/Makefile.objs we only link in the vhost-user code if CONFIG_POSIX has been set. So the help screen should also only show this information if CONFIG_POSIX has been defined. Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-03-01cryptodev: add vhost-user as a new cryptodev backendGonglei
Usage: -chardev socket,id=charcrypto0,path=/path/to/your/socket -object cryptodev-vhost-user,id=cryptodev0,chardev=charcrypto0 -device virtio-crypto-pci,id=crypto0,cryptodev=cryptodev0 Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com> Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2018-02-19mem: add share parameter to memory-backend-ramMarcel Apfelbaum
Currently only file backed memory backend can be created with a "share" flag in order to allow sharing guest RAM with other processes in the host. Add the "share" flag also to RAM Memory Backend in order to allow remapping parts of the guest RAM to different host virtual addresses. This is needed by the RDMA devices in order to remap non-contiguous QEMU virtual addresses to a contiguous virtual address range. Moved the "share" flag to the Host Memory base class, modified phys_mem_alloc to include the new parameter and a new interface memory_region_init_ram_shared_nomigrate. There are no functional changes if the new flag is not used. Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Marcel Apfelbaum <marcel@redhat.com>
2018-02-10qemu-options.hx: Remove confusing spaces in parameter listingsThomas Huth
The spaces between the parameters in the chardev and tpmdev sections are rather confusing than helpful, and prevent that the lists can be copy-n-pasted easily for real usage. We also don't use such spaces in other sections in the documentation, e.g. with the -netdev option, so let's be consistent and remove the spaces in the chardev and tpmdev sections, too. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2018-02-07Add the Windows Hypervisor Platform accelerator.Justin Terry (VM)
Introduces the configure support for the new Windows Hypervisor Platform that allows for hypervisor acceleration from usermode components on the Windows platform. Signed-off-by: Justin Terry (VM) <juterry@microsoft.com> Message-Id: <1516655269-1785-2-git-send-email-juterry@microsoft.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-02-07Add memfd based hostmemMarc-André Lureau
Add a new memory backend, similar to hostmem-file, except that it doesn't need to create files. It also enforces memory sealing. This backend is mainly useful for sharing the memory with other processes. Note that Linux supports transparent huge-pages of shmem/memfd memory since 4.8. It is relatively easier to set up THP than a dedicate hugepage mount point by using "madvise" in /sys/kernel/mm/transparent_hugepage/shmem_enabled. Since 4.14, memfd allows to set hugetlb requirement explicitly. Pending for merge in 4.16 is memfd sealing support for hugetlb backed memory. Usage: -object memory-backend-memfd,id=mem1,size=1G Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20180201132757.23063-5-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-01-29qemu-doc: Get rid of "vlan=X" example in the documentationThomas Huth
The vlan concept is marked as deprecated, so we should not use this for examples in the documentation anymore. Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-01-29net: Allow hubports to connect to other netdevsThomas Huth
QEMU can emulate hubs to connect NICs and netdevs. This is currently primarily used for the mis-named 'vlan' feature of the networking subsystem. Now the 'vlan' feature has been marked as deprecated, since its name is rather confusing and the users often rather mis-configure their network when trying to use it. But while the 'vlan' parameter should be removed at one point in time, the basic idea of emulating a hub in QEMU is still good: It's useful for bundling up the output of multiple NICs into one single l2tp netdev for example. Now to be able to use the hubport feature without 'vlan's, there is one missing piece: The possibility to connect a hubport to a netdev, too. This patch adds this possibility by introducing a new "netdev=..." parameter to the hubports. To bundle up the output of multiple NICs into one socket netdev, you can now run QEMU with these parameters for example: qemu-system-ppc64 ... -netdev socket,id=s1,connect=:11122 \ -netdev hubport,hubid=1,id=h1,netdev=s1 \ -netdev hubport,hubid=1,id=h2 -device e1000,netdev=h2 \ -netdev hubport,hubid=1,id=h3 -device virtio-net-pci,netdev=h3 For using the socket netdev, you have got to start another QEMU as the receiving side first, for example with network dumping enabled: qemu-system-x86_64 -M isapc -netdev socket,id=s0,listen=:11122 \ -device ne2k_isa,netdev=s0 \ -object filter-dump,id=f1,netdev=s0,file=/tmp/dump.dat After the ppc64 guest tried to boot from both NICs, you can see in the dump file (using Wireshark, for example), that the output of both NICs (the e1000 and the virtio-net-pci) has been successfully transfered via the socket netdev in this case. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-01-26usb: Remove legacy -usbdevice options (host, serial, disk and net)Thomas Huth
The option have been marked as deprecated since QEMU 2.10, and so far nobody complained that the host, serial, disk and net options are urgently required anymore. So let's now get rid at least of this legacy pile, to simplify the usb code quite a bit. This patch removes the usbdevices host, serial, disk and net. These devices use their own complicated parameter parsing mechanisms, so they are just ugly to maintain, without real benefit for the users (the users can use the corresponding "-device" parameters instead which have the same complexity as the "-usbdevice" devices here). Note that the other rather simple -usbdevice options (mouse, tablet, etc.) are not removed yet (the code is really simple here, so it does not hurt much to keep it), as well as the two devices "braille" and "bt" which are easier to use with -usbdevice than with -device. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-id: 1515519171-20315-1-git-send-email-thuth@redhat.com [kraxel] delete some usb_host_device_open() leftovers. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2018-01-19hostmem-file: add "align" optionHaozhong Zhang
When mmap(2) the backend files, QEMU uses the host page size (getpagesize(2)) by default as the alignment of mapping address. However, some backends may require alignments different than the page size. For example, mmap a device DAX (e.g., /dev/dax0.0) on Linux kernel 4.13 to an address, which is 4K-aligned but not 2M-aligned, fails with a kernel message like [617494.969768] dax dax0.0: qemu-system-x86: dax_mmap: fail, unaligned vma (0x7fa37c579000 - 0x7fa43c579000, 0x1fffff) Because there is no common approach to get such alignment requirement, we add the 'align' option to 'memory-backend-file', so that users or management utils, which have enough knowledge about the backend, can specify a proper alignment via this option. Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com> Message-Id: <20171211072806.2812-2-haozhong.zhang@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> [ehabkost: fixed typo, fixed error_setg() format string] Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-01-19numa: fix missing '-numa cpu' in '-help' outputIgor Mammedov
commit 419fcdec3c (numa: add '-numa cpu,...' option for property based node mapping) added '-numa cpu' option but forgot to update appropriate section for '--help'. Add '-numa cpu' description to '-help' output Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <1511880838-56509-1-git-send-email-imammedo@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-01-19qemu-options: document memory-backend-ramStefan Hajnoczi
The documentation should mention -object memory-backend-ram. Suggested-by: Yumei Huang <yuhuang@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20171128161529.3025-3-stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-01-19qemu-options: document missing memory-backend-file optionsStefan Hajnoczi
This patch adds undocumented memory-backend-file options to the documentation. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20171128161529.3025-2-stefanha@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-01-08Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell
Block layer patches # gpg: Signature made Fri 22 Dec 2017 14:09:01 GMT # gpg: using RSA key 0x7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: (35 commits) block: Keep nodes drained between reopen_queue/multiple commit: Simplify reopen of base test-bdrv-drain: Test graph changes in drained section block: Allow graph changes in subtree drained section test-bdrv-drain: Recursive draining with multiple parents test-bdrv-drain: Test behaviour in coroutine context test-bdrv-drain: Tests for bdrv_subtree_drain block: Add bdrv_subtree_drained_begin/end() block: Don't notify parents in drain call chain test-bdrv-drain: Test nested drain sections block: Nested drain_end must still call callbacks block: Don't block_job_pause_all() in bdrv_drain_all() test-bdrv-drain: Test drain vs. block jobs blockjob: Pause job on draining any job BDS test-bdrv-drain: Test bs->quiesce_counter test-bdrv-drain: Test callback for bdrv_drain block: Make bdrv_drain() driver callbacks non-recursive block: Assert drain_all is only called from main AioContext block: Remove unused bdrv_requests_pending block: Mention -drive cyls/heads/secs/trans/serial/addr in deprecation chapter ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-01-08Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-hvf' into ↵Peter Maydell
staging Initial support for the HVF accelerator # gpg: Signature made Sat 23 Dec 2017 07:51:18 GMT # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream-hvf: i386: hvf: cleanup x86_gen.h i386: hvf: remove VM_PANIC from "in" i386: hvf: remove addr_t i386: hvf: simplify flag handling i386: hvf: abort on decoding error i386: hvf: remove ZERO_INIT macro i386: hvf: remove more dead emulator code i386: hvf: unify register enums between HVF and the rest i386: hvf: header cleanup i386: hvf: move all hvf files in the same directory i386: hvf: inject General Protection Fault when vmexit through vmcall i386: hvf: refactor event injection code for hvf i386: hvf: implement vga dirty page tracking i386: refactor KVM cpuid code so that it applies to hvf as well i386: hvf: implement hvf_get_supported_cpuid i386: hvf: use new helper functions for put/get xsave i386: hvf: fix licensing issues; isolate task handling code (GPL v2-only) i386: hvf: add code base from Google's QEMU repository apic: add function to apic that will be used by hvf Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-12-22block: Remove the deprecated -hdachs optionThomas Huth
It's been marked as deprecated since QEMU v2.10.0, and so far nobody complained that we should keep it, so let's remove this legacy option now to simplify the code quite a bit. Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2017-12-22i386: hvf: add code base from Google's QEMU repositorySergio Andres Gomez Del Real
This file begins tracking the files that will be the code base for HVF support in QEMU. This code base is part of Google's QEMU version of their Android emulator, and can be found at https://android.googlesource.com/platform/external/qemu/+/emu-master-dev This code is based on Veertu Inc's vdhh (Veertu Desktop Hosted Hypervisor), found at https://github.com/veertuinc/vdhh. Everything is appropriately licensed under GPL v2-or-later, except for the code inside x86_task.c and x86_task.h, which, deriving from KVM (the Linux kernel), is licensed GPL v2-only. This code base already implements a very great deal of functionality, although Google's version removed from Vertuu's the support for APIC page and hyperv-related stuff. According to the Android Emulator Release Notes, Revision 26.1.3 (August 2017), "Hypervisor.framework is now enabled by default on macOS for 32-bit x86 images to improve performance and macOS compatibility", although we better use with caution for, as the same Revision warns us, "If you experience issues with it specifically, please file a bug report...". The code hasn't seen much update in the last 5 months, so I think that we can further develop the code with occasional visiting Google's repository to see if there has been any update. On top of Google's code, the following changes were made: - add code to the configure script to support the --enable-hvf argument. If the OS is Darwin, it checks for presence of HVF in the system. The patch also adds strings related to HVF in the file qemu-options.hx. QEMU will only support the modern syntax style '-M accel=hvf' no enable hvf; the legacy '-enable-hvf' will not be supported. - fix styling issues - add glue code to cpus.c - move HVFX86EmulatorState field to CPUX86State, changing the the emulation functions to have a parameter with signature 'CPUX86State *' instead of 'CPUState *' so we don't have to get the 'env'. Signed-off-by: Sergio Andres Gomez Del Real <Sergio.G.DelReal@gmail.com> Message-Id: <20170913090522.4022-2-Sergio.G.DelReal@gmail.com> Message-Id: <20170913090522.4022-3-Sergio.G.DelReal@gmail.com> Message-Id: <20170913090522.4022-5-Sergio.G.DelReal@gmail.com> Message-Id: <20170913090522.4022-6-Sergio.G.DelReal@gmail.com> Message-Id: <20170905035457.3753-7-Sergio.G.DelReal@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-12-22qemu-doc: The "-net nic" option can be used with "netdev=...", tooThomas Huth
Looks like we missed to document that it is also possible to specify a netdev with "-net nic" - which is very useful if you want to configure your on-board NIC to use a backend that has been specified with "-netdev". Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-12-21Remove legacy -no-kvm-pit optionThomas Huth
It's only printing a warning since QEMU v1.3.0, so nobody should use this anymore today. Let's get rid of this now. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <1513619065-31722-1-git-send-email-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-12-20qemu-options: Belatedly document --watchdog-action inject-nmiMarkus Armbruster
Missed in commit 795dc6e46d, v2.4.0. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-9-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-12-20qemu-options: Polish section "Character device options"Markus Armbruster
Cc: Paolo Bonzini <pbonzini@redhat.com> CC: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-8-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-12-20qemu-options: Polish section "TPM device options"Markus Armbruster
Cc: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-7-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-12-20qemu-options: Add missing -iscsi Texinfo documentationMarkus Armbruster
Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com> Cc: Kevin Wolf <kwolf@redhat.com> Cc: Max Reitz <mreitz@redhat.com> Cc: qemu-block@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-6-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
2017-12-20qemu-options: Move -iscsi under "Block device options"Markus Armbruster
-iscsi ended up under the "Device URL Syntax" heading by a sequence of errors, as explained in the previous commit. Move it under the "Block device options" heading. Nothing left under "Device URL Syntax"; drop the heading. Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com> Cc: Kevin Wolf <kwolf@redhat.com> Cc: Max Reitz <mreitz@redhat.com> Cc: qemu-block@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-5-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>
2017-12-20qemu-options qemu-doc: Move "Device URL Syntax" to qemu-docMarkus Armbruster
Commit 0f5314a (v1.0) added section "Device URL Syntax" to qemu-options.hx. It's enclosed in STEXI..ETEXI, thus affects only qemu-options.texi, not --help. It appears as a subsection under section "Invocation". Similarly, qemu.1 has it as a subsection under "OPTIONS". Commit f9dadc9 (v1.1.0) dropped new option -iscsi into the middle of this section. No effect on qemu-options.texi. It appears in --help run together with the "Bluetooth(R) options:" header. Commit c70a01e (v1.5.0) gives it is own heading in --help by moving commit 0f5314a's DEFHEADING(Device URL Syntax:) outside STEXI..ETEXI. Trouble is the heading makes no sense for -iscsi. Move all of the "Device URL Syntax" Texinfo to qemu-doc.texi. Mark it for inclusion in qemu.1 with '@c man begin NOTES'. This turns it into a separate section outside the list of options both in qemu-doc and in qemu.1. There's substantial overlap with the existing qemu-doc section "Disk Images". Mark with a TODO comment. Output of --help will be fixed next. Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com> Cc: Kevin Wolf <kwolf@redhat.com> Cc: Max Reitz <mreitz@redhat.com> Cc: qemu-block@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-4-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Ronnie Sahlberg <ronniesahlberg@gmail.com> [Unwanted @node dropped]
2017-12-20qemu-options: Fix markup of -netdev l2tpv3Markus Armbruster
The table of option parameters lacks @table and @end table. The parameters become items in the enclosing table of options. Screwed up when l2tpv3 was added in commit 3fb69aa. Fix the obvious way. Cc: Jason Wang <jasowang@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-3-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-12-20qemu-options: Remove stray colons from output of --helpMarkus Armbruster
Commit 43f187a broke --help: it put colons into blank lines. It removed the colon from DEFHEADING(TITLE:) and added it back in the macro expansion of DEFHEADING(TITLE), so hxtool can emit "@subsection TITLE" more easily. Trouble is it's added back even for the blank lines made with DEFHEADING(). Put the colons back where they were before commit 43f187a, and strip them in hxtool instead. Cc: Paolo Bonzini <pbonzini@redhat.com> CC: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20171002140307.5292-2-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2017-12-18Document pretty parameter for mon optionVicente Jimenez Aguilar
Documentation: document pretty parameter for mon option that turns on JSON pretty printing Signed-off-by: Vicente Jimenez Aguilar <googuy@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2017-12-14s390x: deprecate s390-squash-mcss machine propHalil Pasic
With the cssids unrestricted (commit "s390x/css: unrestrict cssids") the s390-squash-mcss machine property should not be used. Actually Libvirt never supported this, so the expectation is that removing it should be pretty painless. But let's play nice and deprecate it first. Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com> Message-Id: <20171206144438.28908-3-pasic@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2017-11-27qemu-options: Mention locking option of file driverFam Zheng
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2017-11-20Revert "Add new PCI ID for i82559a"Jason Wang
This reverts commit 5e89dc01133f8f5e621f6b66b356c6f37d31dafb since: - we should use ID in the spec instead the one used by OEM - in the future, we should allow changing id through either property or EEPROM file. Cc: Stefan Weil <sw@weilnetz.de> Cc: Michael Nawrocki <michael.nawrocki@gtri.gatech.edu> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-11-13Add new PCI ID for i82559aMike Nawrocki
Adds a new PCI ID for the i82559a (0x8086 0x1030) interface. The "x-use-alt-device-id" property controls whether this new ID is to be used, and is true by default, and set to false in a compat entry. Signed-off-by: Mike Nawrocki <michael.nawrocki@gtri.gatech.edu> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-10-13tpm: Added support for TPM emulatorAmarnath Valluri
This change introduces a new TPM backend driver that can communicate with swtpm(software TPM emulator) using unix domain socket interface. QEMU talks to the TPM emulator using QEMU's socket-based chardev backend device. Swtpm uses two Unix sockets for communications, one for plain TPM commands and responses, and one for out-of-band control messages. QEMU passes the data socket to be used over the control channel. The swtpm and associated tools can be found here: https://github.com/stefanberger/swtpm The swtpm's control channel protocol specification can be found here: https://github.com/stefanberger/swtpm/wiki/Control-Channel-Specification Usage: # setup TPM state directory mkdir /tmp/mytpm chown -R tss:root /tmp/mytpm /usr/bin/swtpm_setup --tpm-state /tmp/mytpm --createek # Ask qemu to use TPM emulator with given tpm state directory qemu-system-x86_64 \ [...] \ -chardev socket,id=chrtpm,path=/tmp/swtpm-sock \ -tpmdev emulator,id=tpm0,chardev=chrtpm \ -device tpm-tis,tpmdev=tpm0 \ [...] Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2017-10-09qemu-options: Deprecate -nodefconfigEduardo Habkost
Since 2012 (commit ba6212d8 "Eliminate cpus-x86_64.conf file") we have no default config files that would be disabled using -nodefconfig. Update documentation and document -nodefconfig as deprecated. Cc: Markus Armbruster <armbru@redhat.com> Acked-by: Alistair Francis <alistair.francis@xilinx.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20171004030025.7866-3-ehabkost@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-09-26remove trailing whitespace from qemu-options.hxMichael Tokarev
Remove trailing whitespace in qemu-options documentation, as it causes reproducibility issues depending on the echo implementation used by the Makefile. Reported-By: Vagrant Cascadian <vagrant@debian.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2017-09-19hostmem-file: Add "discard-data" optionEduardo Habkost
The new option can be used to indicate that the file contents can be destroyed and don't need to be flushed to disk when QEMU exits or when the memory backend object is removed. Internally, it will trigger a madvise(MADV_REMOVE) call when the memory backend is removed. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20170824192315.5897-4-ehabkost@redhat.com> [ehabkost: fixup: improved documentation] Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Tested-by: Zack Cornelius <zack.cornelius@kove.net> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2017-09-15seccomp: add resourcecontrol argument to command lineEduardo Otubo
This patch adds [,resourcecontrol=deny] to `-sandbox on' option. It blacklists all process affinity and scheduler priority system calls to avoid any bigger of the process. Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15seccomp: add spawn argument to command lineEduardo Otubo
This patch adds [,spawn=deny] argument to `-sandbox on' option. It blacklists fork and execve system calls, avoiding Qemu to spawn new threads or processes. Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15seccomp: add elevateprivileges argument to command lineEduardo Otubo
This patch introduces the new argument [,elevateprivileges=allow|deny|children] to the `-sandbox on'. It allows or denies Qemu process to elevate its privileges by blacklisting all set*uid|gid system calls. The 'children' option will let forks and execves run unprivileged. Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-09-15seccomp: add obsolete argument to command lineEduardo Otubo
This patch introduces the argument [,obsolete=allow] to the `-sandbox on' option. It allows Qemu to run safely on old system that still relies on old system calls. Signed-off-by: Eduardo Otubo <otubo@redhat.com>
2017-08-01qemu-options: document existance of versioned machine typesDaniel P. Berrange
The -machine docs did not explain what the versioned machine types are for, nor that they'll be maintained across releases. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <20170725141041.1195-1-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-07-18Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into ↵Peter Maydell
staging # gpg: Signature made Mon 17 Jul 2017 13:17:17 BST # gpg: using RSA key 0xEF04965B398D6211 # gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211 * remotes/jasowang/tags/net-pull-request: virtio-net: fix offload ctrl endian virtion-net: Prefer is_power_of_2() docs/colo-proxy.txt: Update colo-proxy usage of net driver with vnet_header net/filter-rewriter.c: Make filter-rewriter support vnet_hdr_len net/colo-compare.c: Add vnet packet's tcp/udp/icmp compare net/colo.c: Add vnet packet parse feature in colo-proxy net/colo-compare.c: Make colo-compare support vnet_hdr_len net/colo-compare.c: Introduce parameter for compare_chr_send() net/colo.c: Make vnet_hdr_len as packet property net/filter-mirror.c: Add new option to enable vnet support for filter-redirector net/filter-mirror.c: Make filter mirror support vnet support. net/filter-mirror.c: Introduce parameter for filter_send() net/net.c: Add vnet_hdr support in SocketReadState net: Add vnet_hdr_len arguments in NetClientState Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-07-17Merge remote-tracking branch 'remotes/kraxel/tags/ui-20170717-pull-request' ↵Peter Maydell
into staging ui: vnc and keymap updates for 2.10 # gpg: Signature made Mon 17 Jul 2017 10:38:11 BST # gpg: using RSA key 0x4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/ui-20170717-pull-request: keymaps: fr-ca: add missing keys hmp: Update info vnc vnc: Set default kbd delay to 10ms Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2017-07-17net/filter-rewriter.c: Make filter-rewriter support vnet_hdr_lenZhang Chen
We add the vnet_hdr_support option for filter-rewriter, default is disabled. If you use virtio-net-pci or other driver needs vnet_hdr, please enable it. You can use it for example: -object filter-rewriter,id=rew0,netdev=hn0,queue=all,vnet_hdr_support We get the vnet_hdr_len from NetClientState that make us parse net packet correctly. Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
2017-07-17net/colo-compare.c: Make colo-compare support vnet_hdr_lenZhang Chen
We add the vnet_hdr_support option for colo-compare, default is disabled. If you use virtio-net-pci or other driver needs vnet_hdr, please enable it. You can use it for example: -object colo-compare,id=comp0,primary_in=compare0-0,secondary_in=compare1,outdev=compare_out0,vnet_hdr_support COLO-compare can get vnet header length from filter, Add vnet_hdr_len to struct packet and output packet with the vnet_hdr_len. Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com> Signed-off-by: Jason Wang <jasowang@redhat.com>