summaryrefslogtreecommitdiffstats
path: root/qemu-options.hx
Commit message (Collapse)AuthorAgeFilesLines
* monitor: raise error when 'pretty' option is used with HMPDaniel P. Berrangé2021-03-181-2/+3
| | | | | | | This is only semantically useful for QMP. Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* Merge remote-tracking branch 'remotes/kraxel/tags/ui-20210316-pull-request' ↵Peter Maydell2021-03-171-2/+16
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into staging vnc+spice: password-secret option. bugfixes for cocoa, vnc, opengl. # gpg: Signature made Tue 16 Mar 2021 05:37:58 GMT # gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/ui-20210316-pull-request: ui/cocoa: Comment about modifier key input quirks ui: fold qemu_alloc_display in only caller ui: honour the actual guest display dimensions without rounding ui: use client width/height in WMVi message ui: avoid sending framebuffer updates outside client desktop bounds ui: add more trace points for VNC client/server messages ui/cocoa: Do not exit immediately after shutdown opengl: Do not convert format with glTexImage2D on OpenGL ES ui: deprecate "password" option for SPICE server ui: introduce "password-secret" option for SPICE server ui: introduce "password-secret" option for VNC servers Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * ui: deprecate "password" option for SPICE serverDaniel P. Berrangé2021-03-151-0/+4
| | | | | | | | | | | | | | | | | | With the new "password-secret" option, there is no reason to use the old inecure "password" option with -spice, so it can be deprecated. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210311114343.439820-4-berrange@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
| * ui: introduce "password-secret" option for SPICE serverDaniel P. Berrangé2021-03-151-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently when using SPICE the "password" option provides the password in plain text on the command line. This is insecure as it is visible to all processes on the host. As an alternative, the password can be provided separately via the monitor. This introduces a "password-secret" option which lets the password be provided up front. $QEMU --object secret,id=vncsec0,file=passwd.txt \ --spice port=5901,password-secret=vncsec0 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210311114343.439820-3-berrange@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
| * ui: introduce "password-secret" option for VNC serversDaniel P. Berrangé2021-03-151-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently when using VNC the "password" flag turns on password based authentication. The actual password has to be provided separately via the monitor. This introduces a "password-secret" option which lets the password be provided up front. $QEMU --object secret,id=vncsec0,file=passwd.txt \ --vnc localhost:0,password-secret=vncsec0 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210311114343.439820-2-berrange@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* | usb: Document the missing -usbdevice optionsThomas Huth2021-03-151-6/+29
|/ | | | | | | | | | | | There are some more -usbdevice options that have never been mentioned in the documentation. Now that we removed -usbdevice from the list of deprecated features again, we should document them properly. While we're at it, also sort them alphabetically. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210310173323.1422754-5-thuth@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* qemu-options: Replace the word 'blacklist'Philippe Mathieu-Daudé2021-03-091-3/+3
| | | | | | | | | | | | | | Follow the inclusive terminology from the "Conscious Language in your Open Source Projects" guidelines [*] and replace the word "blacklist" appropriately. [*] https://github.com/conscious-lang/conscious-lang-docs/blob/main/faq.md Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210303184644.1639691-5-philmd@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
* Various spelling fixesMichael Tokarev2021-03-091-2/+2
| | | | | | | | | | | An assorted set of spelling fixes in various places. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20210309111510.79495-1-mjt@msgid.tls.msk.ru> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
* chardev: add nodelay optionPaolo Bonzini2021-03-061-7/+7
| | | | | | | | | | | | | | The "delay" option was introduced as a way to enable Nagle's algorithm with ",nodelay". Since the short form for boolean options has now been deprecated, introduce a more properly named "nodelay" option. The "delay" option remains as an undocumented option. "delay" and "nodelay" are mutually exclusive. Because the check is done at consumption time, the code also rejects them if one of the two is specified via -set. Based-on: <20210226080526.651705-1-pbonzini@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* vl: deprecate -writeconfigPaolo Bonzini2021-02-251-6/+1Star
| | | | | | | | | | The functionality of -writeconfig is limited and the code does not even try to detect cases where it prints incorrect syntax (for example if values have a quote in them, since qemu_config_parse does not support any kind of escaping) so remove it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options: update to show preferred boolean syntax for -vncDaniel P. Berrangé2021-02-251-8/+8
| | | | | | | | | | | | The preferred syntax is to use "foo=on|off", rather than a bare "foo" or "nofoo". The on|off syntax has been supported since -vnc switched to use QemuOpts in commit 4db14629c38611061fc19ec6927405923de84f08 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210216191027.595031-7-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options: update to show preferred boolean syntax for -incomingDaniel P. Berrangé2021-02-251-4/+4
| | | | | | | | | The preferred syntax is to use "foo=on|off", rather than a bare "foo" or "nofoo". Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210216191027.595031-6-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options: update to show preferred boolean syntax for -netdevDaniel P. Berrangé2021-02-251-5/+5
| | | | | | | | | The preferred syntax is to use "foo=on|off", rather than a bare "foo" or "nofoo". Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210216191027.595031-5-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options: update to show preferred boolean syntax for -spiceDaniel P. Berrangé2021-02-251-9/+10
| | | | | | | | | The preferred syntax is to use "foo=on|off", rather than a bare "foo" or "nofoo". Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210216191027.595031-4-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options: update to show preferred boolean syntax for -chardevDaniel P. Berrangé2021-02-251-39/+39
| | | | | | | | | The preferred syntax is to use "foo=on|off", rather than a bare "foo" or "nofoo". Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210216191027.595031-3-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* machine: add missing doc for memory-backend optionIgor Mammedov2021-02-081-1/+25
| | | | | | | | | | | | | | | | | | Add documentation for '-machine memory-backend' CLI option and how to use it. And document that x-use-canonical-path-for-ramblock-id, is considered to be stable to make sure it won't go away by accident. x- was intended for unstable/iternal properties, and not supposed to be stable option. However it's too late to rename (drop x-) it as it would mean that users will have to mantain both x-use-canonical-path-for-ramblock-id (for QEMU 5.0-5.2) versions and prefix-less for later versions. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Message-Id: <20210121161504.1007247-1-imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* hostmem-file: add readonly=on|off optionStefan Hajnoczi2021-02-011-1/+4
| | | | | | | | | | | | | | Let -object memory-backend-file work on read-only files when the readonly=on option is given. This can be used to share the contents of a file between multiple guests while preventing them from consuming Copy-on-Write memory if guests dirty the pages, for example. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Liam Merwick <liam.merwick@oracle.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Message-Id: <20210104171320.575838-3-stefanha@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* Prefer 'on' | 'off' over 'yes' | 'no' for bool optionsDaniel P. Berrangé2021-01-291-2/+2
| | | | | | | | | Update some docs and test cases to use 'on' | 'off' as the preferred value for bool options. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* runstate: cleanup reboot and panic actionsPaolo Bonzini2021-01-211-4/+4
| | | | | | | | | | | | | | | | | | The possible choices for panic, reset and watchdog actions are inconsistent. "-action panic=poweroff" should be renamed to "-action panic=shutdown" on the command line. This is because "-action panic=poweroff" and "-action watchdog=poweroff" have slightly different semantics, the first does an unorderly exit while the second goes through qemu_cleanup(). With this change, -no-shutdown would not have to change "-action panic=pause" "pause", just like it does not have to change the reset action. "-action reboot=none" should be renamed to "-action reboot=reset". This should be self explanatory, since for example "-action panic=none" lets the guest proceed without taking any action. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* riscv: Add semihosting supportKeith Packard2021-01-181-4/+6
| | | | | | | | | | | | | | Adapt the arm semihosting support code for RISCV. This implementation is based on the standard for RISC-V semihosting version 0.2 as documented in https://github.com/riscv/riscv-semihosting-spec/releases/tag/0.2 Signed-off-by: Keith Packard <keithp@keithp.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20210107170717.2098982-6-keithp@keithp.com> Message-Id: <20210108224256.2321-17-alex.bennee@linaro.org>
* Merge remote-tracking branch ↵Peter Maydell2021-01-151-1/+7
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'remotes/kraxel/tags/audio-20210115-pull-request' into staging audio: improvements for sdl, pulse, fsound. audio: cleanups & codestyle fixes. # gpg: Signature made Fri 15 Jan 2021 13:20:56 GMT # gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full] # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full] # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full] # Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138 * remotes/kraxel/tags/audio-20210115-pull-request: (30 commits) audio: space prohibited between function name and parenthesis'(' audio: Suspect code indent for conditional statements audio: Don't use '%#' in format strings audio: Fix lines over 90 characters audio: foo* bar" should be "foo *bar". audio: Add spaces around operator/delete redundant spaces audio: Add braces for statements/fix braces' position dsoundaudio: fix log message dsoundaudio: enable f32 audio sample format dsoundaudio: rename dsound_open() dsoundaudio: replace GetForegroundWindow() paaudio: send recorded data in smaller chunks paaudio: limit minreq to 75% of audio timer_rate paaudio: comment bugs in functions qpa_init_* paaudio: remove unneeded code paaudio: wait until the playback stream is ready paaudio: wait for PA_STREAM_READY in qpa_write() paaudio: avoid to clip samples multiple times audio: remove remaining unused plive code sdlaudio: enable (in|out).mixing-engine=off ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * sdlaudio: add -audiodev sdl,out.buffer-count optionVolker Rümelin2021-01-151-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently there is a crackling noise with SDL2 audio playback. Commit bcf19777df: "audio/sdlaudio: Allow audio playback with SDL2" already mentioned the crackling noise. Add an out.buffer-count option to give users a chance to select sane settings for glitch free audio playback. The idea was taken from the coreaudio backend. The in.buffer-count option will be used with one of the next patches. Signed-off-by: Volker Rümelin <vr_qemu@t-online.de> Acked-by: Markus Armbruster <armbru@redhat.com> Message-id: 9315afe5-5958-c0b4-ea1e-14769511a9d5@t-online.de Message-Id: <20210110100239.27588-3-vr_qemu@t-online.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* | ui: add support for remote power control to VNC serverDaniel P. Berrangé2021-01-151-0/+4
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | The "XVP" (Xen VNC Proxy) extension defines a mechanism for a VNC client to issue power control requests to trigger graceful shutdown, reboot, or hard reset. This option is not enabled by default, since we cannot assume that users with VNC access implicitly have administrator access to the guest OS. Thus is it enabled with a boolean "power-control" option e.g. -vnc :1,power-control=on While, QEMU can easily support shutdown and reset, there's no easy way to wire up reboot support at this time. In theory it could be done by issuing a shutdown, followed by a reset, but there's no convenient wiring for such a pairing in QEMU. It also isn't possible to have the VNC server directly talk to QEMU guest agent, since the agent chardev is typically owned by an external mgmt app. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> [ kraxel: rebase to master ] [ kraxel: add missing break ] Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* tcg: Add --accel tcg,split-wx propertyRichard Henderson2021-01-071-0/+7
| | | | | | | | | Plumb the value through to alloc_code_gen_buffer. This is not supported by any os or tcg backend, so for now enabling it will result in an error. Reviewed-by: Joelle van Dyne <j@getutm.app> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* Remove the deprecated -show-cursor optionThomas Huth2020-12-151-7/+0Star
| | | | | | | | | It has been marked as deprecated since QEMU v5.0, replaced by the corresponding parameter of the -display option. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201210155808.233895-5-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Remove the deprecated -realtime optionThomas Huth2020-12-151-13/+1Star
| | | | | | | | | It has been marked as deprecated since QEMU v4.2, replaced by the -overcommit option. Time to remove it now. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201210155808.233895-4-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* accel/tcg: Remove deprecated '-tb-size' optionPhilippe Mathieu-Daudé2020-12-151-8/+0Star
| | | | | | | | | | | | The '-tb-size' option (replaced by '-accel tcg,tb-size') is deprecated since 5.0 (commit fe174132478). Remove it. Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20201202112714.1223783-1-philmd@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201210155808.233895-2-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* vl: Add option to avoid stopping VM upon guest panicAlejandro Jimenez2020-12-151-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current default action of pausing a guest after a panic event is received leaves the responsibility to resume guest execution to the management layer. The reasons for this behavior are discussed here: https://lore.kernel.org/qemu-devel/52148F88.5000509@redhat.com/ However, in instances like the case of older guests (Linux and Windows) using a pvpanic device but missing support for the PVPANIC_CRASHLOADED event, and Windows guests using the hv-crash enlightenment, it is desirable to allow the guests to continue running after sending a PVPANIC_PANICKED event. This allows such guests to proceed to capture a crash dump and automatically reboot without intervention of a management layer. Add an option to avoid stopping a VM after a panic event is received, by passing: -action panic=none in the command line arguments, or during runtime by using an upcoming QMP command. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com> Message-Id: <1607705564-26264-3-git-send-email-alejandro.j.jimenez@oracle.com> [Do not fix panic action in the variable, instead modify -no-shutdown. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* vl: Add an -action option specifying response to guest eventsAlejandro Jimenez2020-12-151-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | Several command line options currently in use are meant to modify the behavior of QEMU in response to certain guest events like: -no-reboot, -no-shutdown, -watchdog-action. These can be grouped into a single option of the form: -action event=action Which can be used to specify the existing options above in the following format: -action reboot=none|shutdown -action shutdown=poweroff|pause -action watchdog=reset|shutdown|poweroff|pause|debug|none|inject-nmi This is done in preparation for adding yet another option of this type, which modifies the QEMU behavior when a guest panic occurs. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alejandro Jimenez <alejandro.j.jimenez@oracle.com> Message-Id: <1607705564-26264-2-git-send-email-alejandro.j.jimenez@oracle.com> [Use QemuOpts help support, invoke QMP command. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options.hx: Fix minor issues in icount documentationPeter Maydell2020-12-131-19/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The documentation for the icount documentation has some minor issues: * in a couple of places it says "sleep=on|off" when in the context of the sentence it means specifically "sleep=on" * the synopsis line for the documentation has drifted out of sync with the synopsis line in the DEF() macro (used for "-help" output) * the synopsis line in the DEF() macro is missing a "][" between the sleep= part and the rr= part * the synopsis line doesn't indicate that rrsnapshot is an optional part of the rr=mode,rrfile=filename subgrouping * we don't document that sleep=on can't be used with shift=auto or align=on * the rr option description had some minor grammar and formatting errors and was a bit terse * in commit f1f4b57e88ff in 2015 the documentation of the sleep= suboption got added between the two paragraphs defining general behaviour of the icount option. This meant that the second paragraph talking about the behaviour of "this option" reads as if it's talking about sleep=on, when it's really describing -icount as a whole. The paragraph is better moved back up to above the sleep= section. * the summary text displayed in "-help" output didn't mention the record-and-replay part Fix these errors. Fixes: https://bugs.launchpad.net/qemu/+bug/1774412 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20201121213506.15599-1-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
* treewide: do not use short-form boolean optionsPaolo Bonzini2020-12-101-16/+16
| | | | | | | They are going to be deprecated, avoid warnings on stdout while the tests run. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* docs: Get rid of the weird _005f links in the man pageThomas Huth2020-11-201-18/+20
| | | | | | | | | | | | | | The man page does not contain all the chapters from the System Emulation Users Guide, so some of the links that we've put into the qemu options descriptions can not be resolved and thus the link names are used in the man pages instead. These link names currently contain weird "_005f" letters in the middle and just do not make any sense for the users. To avoid this situation, replace the link names with more descriptive, natural text. Message-Id: <20201116145341.91606-1-thuth@redhat.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3 Buglink: https://bugs.launchpad.net/qemu/+bug/1453608 Signed-off-by: Thomas Huth <thuth@redhat.com>
* machine: remove deprecated -machine enforce-config-section optionPaolo Bonzini2020-10-261-8/+0Star
| | | | | | | Deprecated since 3.1 and complicates the initialization sequence, remove it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Remove deprecated -no-kvm optionThomas Huth2020-10-221-3/+0Star
| | | | | | | | | | | | | | The option has never been mentioned in our documentation, it's been deprecated since years, it's marked with QEMU_ARCH_I386 (which does not make sense anymore since KVM is available on other architectures, too), it does not do anything by default in upstream QEMU (since TCG is the default here anyway), and we're spending too much precious time each year discussing whether it makes sense to keep this option as a nice suger or not... let's finally put an end on this and remove it. Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20201020160504.62460-1-thuth@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* docs: add 'io_uring' option to 'aio' param in qemu-options.hxStefano Garzarella2020-10-051-4/+6
| | | | | | | | | | | When we added io_uring AIO engine, we forgot to update qemu-options.hx, so qemu(1) man page and qemu help were outdated. Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Julia Suvorova <jusual@redhat.com> Reviewed-by: Pankaj Gupta <pankaj.gupta.linux@gmail.com> Message-Id: <20200924151511.131471-1-sgarzare@redhat.com>
* qemu-options: document SMBIOS type 11 settingsDaniel P. Berrangé2020-09-291-0/+41
| | | | | | | | Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20200923133804.2089190-4-berrange@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
* manual: escape backslashes in "parsed-literal" blocksLaszlo Ersek2020-09-161-54/+54
| | | | | | | | | | | | | | | | | | According to <https://docutils.sourceforge.io/docs/ref/rst/directives.html#parsed-literal>, "inline markup is recognized and there is no protection from parsing. Backslash-escapes may be necessary to prevent unintended parsing". The qemu(1) manual page (formatted with Sphinx 2.2.2) has several overlong lines on my system. A stand-alone backslash at EOL serves as line continuation in a "parsed-literal" block. Therefore, escape the backslashes that we want to appear as such in the formatted documentation. Cc: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200908172111.19072-1-lersek@redhat.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
* qemu-options.hx: Fix typo for netdev documentationTianjia Zhang2020-09-011-1/+1
| | | | | | | | | | | This patch fixes the netdev document description typo in qemu-option.hx. Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Li Qiang <liq3ea@gmail.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Message-Id: <20200727045925.29375-1-tianjia.zhang@linux.alibaba.com> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
* hw/smbios: add options for type 4 max-speed and current-speedYing Fang2020-08-271-1/+1
| | | | | | | | | | | | | | | | | Common VM users sometimes care about CPU speed, so we add two new options to allow VM vendors to present CPU speed to their users. Normally these information can be fetched from host smbios. Strictly speaking, the "max speed" and "current speed" in type 4 are not really for the max speed and current speed of processor, for "max speed" identifies a capability of the system, and "current speed" identifies the processor's speed at boot (see smbios spec), but some applications do not tell the differences. Reviewed-by: Igor Mammedov <imammedo@redhat.com> Signed-off-by: Ying Fang <fangying1@huawei.com> Signed-off-by: Heyi Guo <guoheyi@huawei.com> Message-Id: <20200806035634.376-2-fangying1@huawei.com>
* ipmi: Fix a man page entryCorey Minyard2020-07-171-1/+1
| | | | | | | The line was too long, and some of the entries were wrong (fur instead of fru). Just use the prop=val thing tha other entries use. Signed-off-by: Corey Minyard <cminyard@mvista.com>
* ipmi: Add man page pieces for the IPMI PCI devicesCorey Minyard2020-07-171-0/+9
| | | | | | This was forgotten when the devices were added. Signed-off-by: Corey Minyard <cminyard@mvista.com>
* qemu-options.hx: Clean up and fix typo for colo-compareZhang Chen2020-07-151-16/+16
| | | | | | | Fix some typo and optimized some descriptions. Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* net/colo-compare.c: Expose compare "max_queue_size" to usersZhang Chen2020-07-151-2/+3
| | | | | | | | This patch allow users to set the "max_queue_size" according to their environment. Signed-off-by: Zhang Chen <chen.zhang@intel.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* util/qemu-error: prepend guest name to error message to identify affected VM ↵Mario Smarduch2020-07-111-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | owner This is followup patch to the one submitted back in Oct, 19 https://lists.gnu.org/archive/html/qemu-devel/2019-10/msg02102.html My mistake here, I took my eyes of the mailing list after I got the initial thumbs up. This patch follows up on Markus comments in the above link. Purpose of this patch: We want to print guest name for errors, warnings and info messages. This was the first of two patches the second being MCE errors targeting a VM with guest name prepended. But in a large fleet we see many other errors that disable a VM or crash it. In a large fleet and centralized logging having the guest name enables identify of owner and customer. Signed-off-by: Mario Smarduch <msmarduch@digitalocean.com> Message-Id: <20200626201900.8876-1-msmarduch@digitalocean.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Merge remote-tracking branch 'remotes/philmd-gitlab/tags/fw_cfg-20200704' ↵Peter Maydell2020-07-091-0/+37
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into staging firmware (and crypto) patches - add the tls-cipher-suites object, - add the ability to QOM objects to produce data consumable by the fw_cfg device, - let the tls-cipher-suites object implement the FW_CFG_DATA_GENERATOR interface. This is required by EDK2 'HTTPS Boot' feature of OVMF to tell the guest which TLS ciphers it can use. CI jobs results: https://travis-ci.org/github/philmd/qemu/builds/704724619 https://gitlab.com/philmd/qemu/-/pipelines/162938106 https://cirrus-ci.com/build/4682977303068672 # gpg: Signature made Sat 04 Jul 2020 17:37:08 BST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] # Primary key fingerprint: FAAB E75E 1291 7221 DCFD 6BB2 E3E3 2C2C DEAD C0DE * remotes/philmd-gitlab/tags/fw_cfg-20200704: crypto/tls-cipher-suites: Produce fw_cfg consumable blob softmmu/vl: Allow -fw_cfg 'gen_id' option to use the 'etc/' namespace softmmu/vl: Let -fw_cfg option take a 'gen_id' argument hw/nvram/fw_cfg: Add the FW_CFG_DATA_GENERATOR interface crypto: Add tls-cipher-suites object Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * crypto/tls-cipher-suites: Produce fw_cfg consumable blobPhilippe Mathieu-Daudé2020-07-031-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since our format is consumable by the fw_cfg device, we can implement the FW_CFG_DATA_GENERATOR interface. Example of use to dump the cipher suites (if tracing enabled): $ qemu-system-x86_64 -S \ -object tls-cipher-suites,id=mysuite1,priority=@SYSTEM \ -fw_cfg name=etc/path/to/ciphers,gen_id=mysuite1 \ -trace qcrypto\* 1590664444.197123:qcrypto_tls_cipher_suite_priority priority: @SYSTEM 1590664444.197219:qcrypto_tls_cipher_suite_info data=[0x13,0x02] version=TLS1.3 name=TLS_AES_256_GCM_SHA384 1590664444.197228:qcrypto_tls_cipher_suite_info data=[0x13,0x03] version=TLS1.3 name=TLS_CHACHA20_POLY1305_SHA256 1590664444.197233:qcrypto_tls_cipher_suite_info data=[0x13,0x01] version=TLS1.3 name=TLS_AES_128_GCM_SHA256 1590664444.197236:qcrypto_tls_cipher_suite_info data=[0x13,0x04] version=TLS1.3 name=TLS_AES_128_CCM_SHA256 1590664444.197240:qcrypto_tls_cipher_suite_info data=[0xc0,0x30] version=TLS1.2 name=TLS_ECDHE_RSA_AES_256_GCM_SHA384 1590664444.197245:qcrypto_tls_cipher_suite_info data=[0xcc,0xa8] version=TLS1.2 name=TLS_ECDHE_RSA_CHACHA20_POLY1305 1590664444.197250:qcrypto_tls_cipher_suite_info data=[0xc0,0x14] version=TLS1.0 name=TLS_ECDHE_RSA_AES_256_CBC_SHA1 1590664444.197254:qcrypto_tls_cipher_suite_info data=[0xc0,0x2f] version=TLS1.2 name=TLS_ECDHE_RSA_AES_128_GCM_SHA256 1590664444.197258:qcrypto_tls_cipher_suite_info data=[0xc0,0x13] version=TLS1.0 name=TLS_ECDHE_RSA_AES_128_CBC_SHA1 1590664444.197261:qcrypto_tls_cipher_suite_info data=[0xc0,0x2c] version=TLS1.2 name=TLS_ECDHE_ECDSA_AES_256_GCM_SHA384 1590664444.197266:qcrypto_tls_cipher_suite_info data=[0xcc,0xa9] version=TLS1.2 name=TLS_ECDHE_ECDSA_CHACHA20_POLY1305 1590664444.197270:qcrypto_tls_cipher_suite_info data=[0xc0,0xad] version=TLS1.2 name=TLS_ECDHE_ECDSA_AES_256_CCM 1590664444.197274:qcrypto_tls_cipher_suite_info data=[0xc0,0x0a] version=TLS1.0 name=TLS_ECDHE_ECDSA_AES_256_CBC_SHA1 1590664444.197278:qcrypto_tls_cipher_suite_info data=[0xc0,0x2b] version=TLS1.2 name=TLS_ECDHE_ECDSA_AES_128_GCM_SHA256 1590664444.197283:qcrypto_tls_cipher_suite_info data=[0xc0,0xac] version=TLS1.2 name=TLS_ECDHE_ECDSA_AES_128_CCM 1590664444.197287:qcrypto_tls_cipher_suite_info data=[0xc0,0x09] version=TLS1.0 name=TLS_ECDHE_ECDSA_AES_128_CBC_SHA1 1590664444.197291:qcrypto_tls_cipher_suite_info data=[0x00,0x9d] version=TLS1.2 name=TLS_RSA_AES_256_GCM_SHA384 1590664444.197296:qcrypto_tls_cipher_suite_info data=[0xc0,0x9d] version=TLS1.2 name=TLS_RSA_AES_256_CCM 1590664444.197300:qcrypto_tls_cipher_suite_info data=[0x00,0x35] version=TLS1.0 name=TLS_RSA_AES_256_CBC_SHA1 1590664444.197304:qcrypto_tls_cipher_suite_info data=[0x00,0x9c] version=TLS1.2 name=TLS_RSA_AES_128_GCM_SHA256 1590664444.197308:qcrypto_tls_cipher_suite_info data=[0xc0,0x9c] version=TLS1.2 name=TLS_RSA_AES_128_CCM 1590664444.197312:qcrypto_tls_cipher_suite_info data=[0x00,0x2f] version=TLS1.0 name=TLS_RSA_AES_128_CBC_SHA1 1590664444.197316:qcrypto_tls_cipher_suite_info data=[0x00,0x9f] version=TLS1.2 name=TLS_DHE_RSA_AES_256_GCM_SHA384 1590664444.197320:qcrypto_tls_cipher_suite_info data=[0xcc,0xaa] version=TLS1.2 name=TLS_DHE_RSA_CHACHA20_POLY1305 1590664444.197325:qcrypto_tls_cipher_suite_info data=[0xc0,0x9f] version=TLS1.2 name=TLS_DHE_RSA_AES_256_CCM 1590664444.197329:qcrypto_tls_cipher_suite_info data=[0x00,0x39] version=TLS1.0 name=TLS_DHE_RSA_AES_256_CBC_SHA1 1590664444.197333:qcrypto_tls_cipher_suite_info data=[0x00,0x9e] version=TLS1.2 name=TLS_DHE_RSA_AES_128_GCM_SHA256 1590664444.197337:qcrypto_tls_cipher_suite_info data=[0xc0,0x9e] version=TLS1.2 name=TLS_DHE_RSA_AES_128_CCM 1590664444.197341:qcrypto_tls_cipher_suite_info data=[0x00,0x33] version=TLS1.0 name=TLS_DHE_RSA_AES_128_CBC_SHA1 1590664444.197345:qcrypto_tls_cipher_suite_count count: 29 Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20200623172726.21040-6-philmd@redhat.com>
| * crypto: Add tls-cipher-suites objectPhilippe Mathieu-Daudé2020-07-031-0/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On the host OS, various aspects of TLS operation are configurable. In particular it is possible for the sysadmin to control the TLS cipher/protocol algorithms that applications are permitted to use. * Any given crypto library has a built-in default priority list defined by the distro maintainer of the library package (or by upstream). * The "crypto-policies" RPM (or equivalent host OS package) provides a config file such as "/etc/crypto-policies/config", where the sysadmin can set a high level (library-independent) policy. The "update-crypto-policies --set" command (or equivalent) is used to translate the global policy to individual library representations, producing files such as "/etc/crypto-policies/back-ends/*.config". The generated files, if present, are loaded by the various crypto libraries to override their own built-in defaults. For example, the GNUTLS library may read "/etc/crypto-policies/back-ends/gnutls.config". * A management application (or the QEMU user) may overide the system-wide crypto-policies config via their own config, if they need to diverge from the former. Thus the priority order is "QEMU user config" > "crypto-policies system config" > "library built-in config". Introduce the "tls-cipher-suites" object for exposing the ordered list of permitted TLS cipher suites from the host side to the guest firmware, via fw_cfg. The list is represented as an array of bytes. The priority at which the host-side policy is retrieved is given by the "priority" property of the new object type. For example, "priority=@SYSTEM" may be used to refer to "/etc/crypto-policies/back-ends/gnutls.config" (given that QEMU uses GNUTLS). The firmware uses the IANA_TLS_CIPHER array for configuring guest-side TLS, for example in UEFI HTTPS Boot. [Description from Daniel P. Berrangé, edited by Laszlo Ersek.] Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20200623172726.21040-2-philmd@redhat.com>
* | vhost-vdpa: introduce vhost-vdpa backendCindy Lu2020-07-071-0/+12
|/ | | | | | | | | | | | | | | | | | | | | | | | Currently we have 2 types of vhost backends in QEMU: vhost kernel and vhost-user. The above patch provides a generic device for vDPA purpose, this vDPA device exposes to user space a non-vendor-specific configuration interface for setting up a vhost HW accelerator, this patch set introduces a third vhost backend called vhost-vdpa based on the vDPA interface. Vhost-vdpa usage: qemu-system-x86_64 -cpu host -enable-kvm \ ...... -netdev type=vhost-vdpa,vhostdev=/dev/vhost-vdpa-id,id=vhost-vdpa0 \ -device virtio-net-pci,netdev=vhost-vdpa0,page-per-vq=on \ Signed-off-by: Lingshan zhu <lingshan.zhu@intel.com> Signed-off-by: Tiwei Bie <tiwei.bie@intel.com> Signed-off-by: Cindy Lu <lulu@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Message-Id: <20200701145538.22333-14-lulu@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com>
* numa: forbid '-numa node, mem' for 5.1 and newer machine typesIgor Mammedov2020-06-261-4/+5
| | | | | | | | | | | | | | | | Deprecation period is run out and it's a time to flip the switch introduced by cd5ff8333a. Disable legacy option for new machine types (since 5.1) and amend documentation. '-numa node,memdev' shall be used instead of disabled option with new machine types. Signed-off-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Greg Kurz <groug@kaod.org> Message-Id: <20200609135635.761587-1-imammedo@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-options: updates for abstract unix socketsxiaoqiang zhao2020-05-201-2/+6
| | | | | | | add options documents changes for -chardev Signed-off-by: xiaoqiang zhao <zxq_yx_007@163.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>