Thanks to agraf_, stefanha and Snader_LB for their IRC assistance.
Thanks to Markus Armbruster and Alexander Graf (again) for their
assistance with the second version of this patch. No patch is too
simple to test...
Signed-off-by: Brad Hards <bradh@frogmouth.net>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Turn on SASL support by appending "sasl" to the spice arguments, which
requires that the client use SASL to authenticate with the spice. The
exact choice of authentication method used is controlled from the
system / user's SASL configuration file for the 'qemu' service. This
is typically found in /etc/sasl2/qemu.conf. If running QEMU as an
unprivileged user, an environment variable SASL_CONF_PATH can be used
to make it search alternate locations for the service config. While
some SASL auth methods can also provide data encryption (eg GSSAPI),
it is recommended that SASL always be combined with the 'tls' and
'x509' settings to enable use of SSL and server certificates. This
ensures a data encryption preventing compromise of authentication
credentials.
It requires support from spice 0.8.1.
[ kraxel: moved spell fix to separate commit ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Some people want to be able disable spice's guest <-> client copy paste support
because of security considerations.
[ kraxel: drop old-version error message ]
Phillip Merensky reported that the special keys (e.g. Ctrl-Alt-f for full
screen) did not work correctly if -alt-grab is used.
BUG: 696530
Review of ui/sdl.c:sdl_refresh indicates that this is the intended behaviour,
so we should update the documentation to match the actual behaviour, as
suggested by Phillip in the bug report.
Signed-off-by: Brad Hards <bradh@frogmouth.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This option gives the ability to switch one "accelerator" like kvm, xen
or the default one tcg. We can specify more than one accelerator by
separate them by a colon. QEMU will try each one and use the first whose
works.
So,
./qemu -machine accel=xen:kvm:tcg
which would try Xen support first, then KVM and finally TCG if none of
the other works.
By default, QEMU will use TCG. But we can specify another default in the
global configuration file.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
helpfull -> helpful
usefull -> useful
cotrol -> control
and a grammar fix.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
New option -display none. This option differs from -nographic by not
trying to take control of stdio etc. but instead behaves as if a
graphics display is enabled, except that it doesn't show one.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch introduces a -display argument which consolidates the
setting of the display mode. Valid options are:
sdl/curses/default
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This option allow to disable adaptive behaviors in some encodings.
Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When MSI is off, each interrupt needs to be bounced through the io
thread when it's set/cleared, so vhost-net causes more context switches and
higher CPU utilization than userspace virtio which handles networking in
the same thread.
We'll need to fix this by adding level irq support in kvm irqfd,
for now disable vhost-net in these configurations.
Added a vhostforce flag to force vhost-net back on.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
With current sndbuf default value, a blocked
target guest can prevent another guest from
transmitting any packets. While current
sndbuf value (1M) is reported to help some
UDP based workloads, the default should
be safe (0).
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Adding a chardev backend for spice, where spice determines what
to do with it based on the name attribute given during chardev creation.
For usage by spice vdagent in conjunction with a properly named
virtio-serial device, and future smartcard channel usage.
Example usage:
qemu -device virtio-serial -chardev spicevmc,name=vdagent,id=vdagent \
-device virtserialport,chardev=vdagent,name=com.redhat.spice.0
v4->v5:
* add tracing events
* fix missing comma
* fix help string to show debug is optional
v3->v4:
* updated commit message
v1->v3 changes: (v2 had a wrong commit message)
* removed spice-qemu-char.h, folded into ui/qemu-spice.h
* removed dead IOCTL code
* removed comment
* removed ifdef CONFIG_SPICE from qemu-config.c and qemu-options.hx help.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
qxl is a paravirtual graphics card. The qxl device is the bridge
between the guest and the spice server (aka libspice-server). The
spice server will send the rendering commands to the spice client, which
will actually render them.
The spice server is also able to render locally, which is done in case
the guest wants read something from video memory. Local rendering is
also used to support display over vnc and sdl.
qxl is activated using "-vga qxl". qxl supports multihead, additional
cards can be added via '-device qxl".
[ v2: add copyright to files ]
[ v2: use qemu-common.h for standard includes ]
[ v2: create separate qxl-vga device for primary ]
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Add an option to specify the host IP to send multicast packets from,
when using a multicast socket for networking. The option takes an IP
address and sets the IP_MULTICAST_IF socket option, which causes the
packets to use that IP's interface as an egress.
This is useful if the host machine has several interfaces with several
virtual networks across disparate interfaces.
Signed-off-by: Mike Ryan <mikeryan@ISI.EDU>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Add -spice command line switch. Has support setting passwd and port for
now. With this patch applied the spice client can successfully connect
to qemu. You can't do anything useful yet though.
This patch adds an optional command line switch '-trace' to specify the
filename to write traces to, when qemu starts.
Eg, If compiled with the 'simple' trace backend,
[temp@system]$ qemu -trace FILENAME IMAGE
Allows the binary traces to be written to FILENAME instead of the option
set at config-time.
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This is equivalent to SM_PASSTHROUGH security model.
The only exception is, failure of privilige operation like chown
are ignored. This makes a passthrough like security model usable
for people who runs kvm as non root
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
* 'for-anthony' of git://repo.or.cz/qemu/kevin:
Fix -snapshot deleting images on disk change
block: Use error codes from lower levels for error message
block: default to 0 minimal / optiomal I/O size
move 'unsafe' to end of caching modes in help
virtio-blk: Create exit function to unregister savevm
block migration: propagate return value when bdrv_write() returns < 0
ide/atapi: add support for GET EVENT STATUS NOTIFICATION
The lossy option can be used to enable lossy compression
methods like gradient or jpeg. This patch disable them by
default.
Signed-off-by: Corentin Chary <corentincj@iksaif.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Libvirt parses qemu help output to determine qemu features. In particular
it probes for the following: "cache=writethrough|writeback|none". The
addition of the unsafe cache mode was inserted within this string, as
opposed to being added to the end, which impacted libvirt's probe.
Unbreak libvirt by keeping the existing cache modes intact and add
unsafe to the end.
This problem only manifests itself if a caching mode is explicitly
specified in the libvirt xml, in which case older syntax for caching is
passed to qemu, which it no longer understands.
Signed-off-by: Bruce Rogers <brogers@novell.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Commit 5989020bc1 introduced a chardev
option to disable signals on stdio. Add the corresponding documentation.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The new option is:
-fsdev fstype,id=myid,path=/share_path/,security_model=[mapped|passthrough]
-virtfs fstype,path=/share_path/,security_model=[mapped|passthrough],mnt_tag=tag
In the case of mapped security model, files are created with QEMU user
credentials and the client-user's credentials are saved in extended attributes.
Whereas in the case of passthrough security model, files on the
filesystem are directly created with client-user's credentials.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When using -snapshot we don't care about data integrity of the cow file
at all, so let's disable flushing there and squeeze out the last drop
of performance we could possibly get.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Usually the guest can tell the host to flush data to disk. In some cases we
don't want to flush though, but try to keep everything in cache.
So let's add a new cache value to -drive that allows us to set the cache
policy to most aggressive, disabling flushes. We call this mode "unsafe",
as guest data is not guaranteed to survive host crashes anymore.
This patch also adds a noop function for aio, so we can do nothing in AIO
fashion.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Commit 6616b2ad reverted commit 40ea285c. Looks like a mismerge to
me.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Currently the commandline to create a virtual-filesystem pass-through between
the guest and the host is as follows:
#qemu -fsdev fstype,id=ID,path=path/to/share \
-device virtio-9p-pci,fsdev=ID,mount_tag=tag \
This patch provides a syntactic short-cut to achieve the same as follows:
#qemu -virtfs fstype,path=path/to/share,mount_tag=tag
This will be internally expanded as:
#qemu -fsdev fstype,id=tag,path=path/to/share, \
-device virtio-9p-pci,fsdev=tag,mount_tag=tag \
Signed-off-by: Gautham R Shenoy <ego@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch creates a new command line option named -fsdev to hold any file
system specific information.
The option will currently hold the following attributes:
-fsdev fstype id=id,path=path_to_share
where
fstype: Type of the file system.
id: Identifier used to refer to this fsdev
path: The path on the host that is identified by this fsdev.
[aneesh.kumar@linux.vnet.ibm.com: Abstraction using FsContext]
Signed-off-by: Gautham R Shenoy <ego@in.ibm.com>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This adds vhost binary option to tap, to enable vhost net accelerator.
Default is off for now, we'll be able to make default on long term
when we know it's stable.
vhostfd option can be used by management, to pass in the fd. Assigning
vhostfd implies vhost=on.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Move target specific functions and RAM handling to arch_init.c.
Add a flag to QEMUOptions structure to indicate for which
architectures the option is allowed, check the flag
in run time and remove conditional code in option handling.
Now that no target dependencies remain, compile vl.c only once
for all targets.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Port qemu-kvm's -mem-path and -mem-prealloc options. These are useful
for backing guest memory with huge pages via hugetlbfs.
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
CC: john cooper <john.cooper@redhat.com>
* Add line options to function index.
* Add description for -set (TODO).
* Add description for -global (TODO).
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Similar to the qemu-img.c patch, but I also have to unescape remaining
% signs in qemu-options.hx.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: malc <av1474@comtv.ru>
Since qemu-options.h is only used in vl.c, we can avoid using
brittle interpolation from a generated file.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: malc <av1474@comtv.ru>
While there, use "property" rather than "option", for consistency with
-global.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>