From nobody Mon May 6 22:10:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1579184339; cv=none; d=zohomail.com; s=zohoarc; b=n3cQLU/iA9j/RvY4Bd9O2/XLfL0bJzLoG7JGH5F6s7h6JGPLWS8MRoumBBkNj5QFgG1RPg/t5lsC7Jb1ByORLPoSLmQwrdZvPh9dVX97vuD5BpiR3vhtUu/ua6OAeVWb3rvLslyOmbH9JgpJE3aG3Akv1Ka7p2isiMzAW51LwsE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1579184339; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=jhedsII/HmmDls6er+VZr4ywzzFrKw13UbU9NxcaIdk=; b=Aq8VvcW6BbC+qNqrgqGxiwaWa+QQ7858aWhBMAZwlLjm0B3ThJvp7xlnpz5AUESFzVMfXGkVH6NxLGzH9XHepRL17tAgs12lfuVPx1D9pR0j2ImgqWHX1HlkXXuMb+vkOPR9clH+mnrr5emRls8y8JUFCAyvUo2yZQ7dadB/Gag= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1579184339221951.3026500058762; Thu, 16 Jan 2020 06:18:59 -0800 (PST) Received: from localhost ([::1]:42758 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1is5z8-0004Yb-2F for importer@patchew.org; Thu, 16 Jan 2020 09:18:58 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:50008) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1is5ve-0000H3-8V for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:26 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1is5va-0006l2-FB for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:22 -0500 Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:40156) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1is5va-0006jt-5X for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:18 -0500 Received: by mail-wr1-x444.google.com with SMTP id c14so19310502wrn.7 for ; Thu, 16 Jan 2020 06:15:18 -0800 (PST) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id 25sm4584169wmi.32.2020.01.16.06.15.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Jan 2020 06:15:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=jhedsII/HmmDls6er+VZr4ywzzFrKw13UbU9NxcaIdk=; b=jSFk+kbaNdpwCQtNiSJuqFUnX9rAQiTs1bwhsRzmp56+wCs/VwrYqSWbVtHgAr/XQ+ cIPEnvMCq3WjRMyNkdnB+CHi8asribIJGXctx92hqYZUWtvVk23FgICYrZJx6/W0DOsv xFTa+KBODb48cXj30/pA/3sw3SPBGLGLDYLbcUP6YORd/BU5I7O4mY4D/oXIdDH8q9XJ GuTFcU5ezIt3AkiQX6xMKekZsBNMIHAANDKVgcXJ+EHVj+mtA+LJJsOmx92dZ8B/3RHJ ekM4nx/2h/bcuYM8A/6+eHT0FLhFB1FGJo/tgbFAjsWTUnr1fYYHqSIOp8m8HJoxjMWc di8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=jhedsII/HmmDls6er+VZr4ywzzFrKw13UbU9NxcaIdk=; b=QbCAcw8TQDe1d3HBzbeN7qxw2IVhu9ZZnPYY/MKcwn1c3hHt+bEow6uXx2e9CzjFJx W0ti5yyNBChGDfwSfVgWvzAoLKGMqsLrbj/RbWjTtM5dnsEq0pQPw3lpRfoScv1m6d8T htpxGcPTcJRCpj8Vd/1H6dtscm777cC6s4Z3lZhrSTwwavqhKeGsL/NRohBFWW989rkA 6aSijMOXXS+05FXaQytaUBn8O1PbrXYg5dn53ntr7icWb5FZouqLJvWih4OlJJxNHa+2 IQ+GjqlU7bO0fLeLWXH2kZ2Sa6RYkNeUhjqT+SyUzRESBqtqU5RoSDrzgnAEkvXXwGDh QZ9A== X-Gm-Message-State: APjAAAWccc6pgipGFOufFYSQxBMHXF4Tz+dv8RifAUfjDrJ12aml1ghW 9AaqU1kmgPO31cd3S0rF14TO41Be/NIXWg== X-Google-Smtp-Source: APXvYqw6FlzMvTOtlIRsTuIe4oNRiUw5QY+BHG1/HA0lQ9Yofmdux1nJyo7CRS1CNvP8I0TFn4aMGg== X-Received: by 2002:a05:6000:11c5:: with SMTP id i5mr3551084wrx.102.1579184116066; Thu, 16 Jan 2020 06:15:16 -0800 (PST) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PATCH 1/3] qemu-nbd: Convert invocation documentation to rST Date: Thu, 16 Jan 2020 14:15:09 +0000 Message-Id: <20200116141511.16849-2-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200116141511.16849-1-peter.maydell@linaro.org> References: <20200116141511.16849-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::444 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , qemu-block@nongnu.org, Stefan Hajnoczi , Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" The qemu-nbd documentation is currently in qemu-nbd.texi in Texinfo format, which we present to the user as: * a qemu-nbd manpage * a section of the main qemu-doc HTML documentation Convert the documentation to rST format, and present it to the user as: * a qemu-nbd manpage * part of the interop/ Sphinx manual This follows the same pattern as commit 27a296fce982 did for the qemu-ga manpage. All the content of the old manpage is retained, except that I have dropped the "This is free software; see the source for copying conditions. There is NO warranty..." text that was in the old AUTHOR section; Sphinx's manpage builder doesn't expect that much text in the AUTHOR section, and since none of our other manpages have it it seems easiest to delete it rather than try to figure out where else in the manpage to put it. The only other textual change is that I have had to give the --nocache option its own description ("Equivalent to --cache=3Dnone") because Sphinx doesn't have an equivalent of using item/itemx to share a description between two options. Some minor aspects of the formatting have changed, to suit what is easiest for Sphinx to output. (The most notable is that Sphinx option section option syntax doesn't support '--option foo=3Dbar' with bar underlined rather than bold, so we have to switch to '--option foo=3DBAR' instead.) The contents of qemu-option-trace.texi are now duplicated in docs/interop/qemu-option-trace.rst.inc, until such time as we complete the conversion of the other files which use it; since it has had only 3 changes in 3 years, this shouldn't be too awkward a burden. (We use .rst.inc because if this file fragment has a .rst extension then Sphinx complains about not seeing it in a toctree.) Signed-off-by: Peter Maydell Acked-by: Stefan Hajnoczi Reviewed-by: Alex Benn=C3=A9e Reviewed-by: Eric Blake Tested-by: Alex Benn=C3=A9e --- Another step forward for https://wiki.qemu.org/Features/Documentation (this is part of step 3 in the 'transition plan'). v1->v2: * avoided some long lines in the Makefile --- Makefile | 16 +- MAINTAINERS | 1 + docs/interop/conf.py | 4 +- docs/interop/index.rst | 1 + docs/interop/qemu-nbd.rst | 263 +++++++++++++++++++++++++ docs/interop/qemu-option-trace.rst.inc | 30 +++ qemu-doc.texi | 6 - qemu-nbd.texi | 214 -------------------- qemu-option-trace.texi | 4 + 9 files changed, 313 insertions(+), 226 deletions(-) create mode 100644 docs/interop/qemu-nbd.rst create mode 100644 docs/interop/qemu-option-trace.rst.inc delete mode 100644 qemu-nbd.texi diff --git a/Makefile b/Makefile index afa5cb6548d..7a8a50d8700 100644 --- a/Makefile +++ b/Makefile @@ -339,7 +339,9 @@ MANUAL_BUILDDIR :=3D docs endif =20 ifdef BUILD_DOCS -DOCS=3Dqemu-doc.html qemu-doc.txt qemu.1 qemu-img.1 qemu-nbd.8 $(MANUAL_BU= ILDDIR)/interop/qemu-ga.8 +DOCS=3Dqemu-doc.html qemu-doc.txt qemu.1 qemu-img.1 +DOCS+=3D$(MANUAL_BUILDDIR)/interop/qemu-nbd.8 +DOCS+=3D$(MANUAL_BUILDDIR)/interop/qemu-ga.8 DOCS+=3Ddocs/interop/qemu-qmp-ref.html docs/interop/qemu-qmp-ref.txt docs/= interop/qemu-qmp-ref.7 DOCS+=3Ddocs/interop/qemu-ga-ref.html docs/interop/qemu-ga-ref.txt docs/in= terop/qemu-ga-ref.7 DOCS+=3Ddocs/qemu-block-drivers.7 @@ -829,7 +831,7 @@ ifdef CONFIG_POSIX ifeq ($(CONFIG_TOOLS),y) $(INSTALL_DATA) qemu-img.1 "$(DESTDIR)$(mandir)/man1" $(INSTALL_DIR) "$(DESTDIR)$(mandir)/man8" - $(INSTALL_DATA) qemu-nbd.8 "$(DESTDIR)$(mandir)/man8" + $(INSTALL_DATA) $(MANUAL_BUILDDIR)/interop/qemu-nbd.8 "$(DESTDIR)$(mandir= )/man8" endif ifdef CONFIG_TRACE_SYSTEMTAP $(INSTALL_DATA) scripts/qemu-trace-stap.1 "$(DESTDIR)$(mandir)/man1" @@ -1007,7 +1009,9 @@ sphinxdocs: $(MANUAL_BUILDDIR)/devel/index.html $(MAN= UAL_BUILDDIR)/interop/index # a single doctree: https://github.com/sphinx-doc/sphinx/issues/2946 build-manual =3D $(call quiet-command,CONFDIR=3D"$(qemu_confdir)" sphinx-b= uild $(if $(V),,-q) -W -b $2 -D version=3D$(VERSION) -D release=3D"$(FULL_V= ERSION)" -d .doctrees/$1-$2 $(SRC_PATH)/docs/$1 $(MANUAL_BUILDDIR)/$1 ,"SPH= INX","$(MANUAL_BUILDDIR)/$1") # We assume all RST files in the manual's directory are used in it -manual-deps =3D $(wildcard $(SRC_PATH)/docs/$1/*.rst) $(SRC_PATH)/docs/$1/= conf.py $(SRC_PATH)/docs/conf.py +manual-deps =3D $(wildcard $(SRC_PATH)/docs/$1/*.rst) \ + $(wildcard $(SRC_PATH)/docs/$1/*.rst.inc) \ + $(SRC_PATH)/docs/$1/conf.py $(SRC_PATH)/docs/conf.py =20 $(MANUAL_BUILDDIR)/devel/index.html: $(call manual-deps,devel) $(call build-manual,devel,html) @@ -1021,6 +1025,9 @@ $(MANUAL_BUILDDIR)/specs/index.html: $(call manual-de= ps,specs) $(MANUAL_BUILDDIR)/interop/qemu-ga.8: $(call manual-deps,interop) $(call build-manual,interop,man) =20 +$(MANUAL_BUILDDIR)/interop/qemu-nbd.8: $(call manual-deps,interop) + $(call build-manual,interop,man) + $(MANUAL_BUILDDIR)/index.html: $(SRC_PATH)/docs/index.html.in qemu-version= .h $(call quiet-command, sed "s|@@VERSION@@|${VERSION}|g" $< >$@, \ "GEN","$@") @@ -1047,7 +1054,6 @@ qemu.1: qemu-doc.texi qemu-options.texi qemu-monitor.= texi qemu-monitor-info.texi qemu.1: qemu-option-trace.texi qemu-img.1: qemu-img.texi qemu-option-trace.texi qemu-img-cmds.texi fsdev/virtfs-proxy-helper.1: fsdev/virtfs-proxy-helper.texi -qemu-nbd.8: qemu-nbd.texi qemu-option-trace.texi docs/qemu-block-drivers.7: docs/qemu-block-drivers.texi docs/qemu-cpu-models.7: docs/qemu-cpu-models.texi scripts/qemu-trace-stap.1: scripts/qemu-trace-stap.texi @@ -1058,7 +1064,7 @@ pdf: qemu-doc.pdf docs/interop/qemu-qmp-ref.pdf docs/= interop/qemu-ga-ref.pdf txt: qemu-doc.txt docs/interop/qemu-qmp-ref.txt docs/interop/qemu-ga-ref.t= xt =20 qemu-doc.html qemu-doc.info qemu-doc.pdf qemu-doc.txt: \ - qemu-img.texi qemu-nbd.texi qemu-options.texi \ + qemu-img.texi qemu-options.texi \ qemu-tech.texi qemu-option-trace.texi \ qemu-deprecated.texi qemu-monitor.texi qemu-img-cmds.texi \ qemu-monitor-info.texi docs/qemu-block-drivers.texi \ diff --git a/MAINTAINERS b/MAINTAINERS index 483edfbc0b5..bfb6a9ba584 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2503,6 +2503,7 @@ F: include/block/nbd* F: qemu-nbd.* F: blockdev-nbd.c F: docs/interop/nbd.txt +F: docs/interop/qemu-nbd.rst T: git https://repo.or.cz/qemu/ericb.git nbd =20 NFS diff --git a/docs/interop/conf.py b/docs/interop/conf.py index e87b8c22bec..40b1ad811de 100644 --- a/docs/interop/conf.py +++ b/docs/interop/conf.py @@ -18,5 +18,7 @@ html_theme_options['description'] =3D u'System Emulation = Management and Interopera # (source start file, name, description, authors, manual section). man_pages =3D [ ('qemu-ga', 'qemu-ga', u'QEMU Guest Agent', - ['Michael Roth '], 8) + ['Michael Roth '], 8), + ('qemu-nbd', 'qemu-nbd', u'QEMU Disk Network Block Device Server', + ['Anthony Liguori '], 8) ] diff --git a/docs/interop/index.rst b/docs/interop/index.rst index 049387ac6de..c28f7785a55 100644 --- a/docs/interop/index.rst +++ b/docs/interop/index.rst @@ -18,5 +18,6 @@ Contents: live-block-operations pr-helper qemu-ga + qemu-nbd vhost-user vhost-user-gpu diff --git a/docs/interop/qemu-nbd.rst b/docs/interop/qemu-nbd.rst new file mode 100644 index 00000000000..873bb9e17d5 --- /dev/null +++ b/docs/interop/qemu-nbd.rst @@ -0,0 +1,263 @@ +QEMU Disk Network Block Device Server +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Synopsis +-------- + +**qemu-nbd** [*OPTION*]... *filename* + +**qemu-nbd** -L [*OPTION*]... + +**qemu-nbd** -d *dev* + +Description +----------- + +Export a QEMU disk image using the NBD protocol. + +Other uses: + +- Bind a /dev/nbdX block device to a QEMU server (on Linux). +- As a client to query exports of a remote NBD server. + +Options +------- + +.. program:: qemu-nbd + +*filename* is a disk image filename, or a set of block +driver options if ``--image-opts`` is specified. + +*dev* is an NBD device. + +.. option:: --object type,id=3DID,...props... + + Define a new instance of the *type* object class identified by *ID*. + See the :manpage:`qemu(1)` manual page for full details of the properties + supported. The common object types that it makes sense to define are the + ``secret`` object, which is used to supply passwords and/or encryption + keys, and the ``tls-creds`` object, which is used to supply TLS + credentials for the qemu-nbd server or client. + +.. option:: -p, --port=3DPORT + + TCP port to listen on as a server, or connect to as a client + (default ``10809``). + +.. option:: -o, --offset=3DOFFSET + + The offset into the image. + +.. option:: -b, --bind=3DIFACE + + The interface to bind to as a server, or connect to as a client + (default ``0.0.0.0``). + +.. option:: -k, --socket=3DPATH + + Use a unix socket with path *PATH*. + +.. option:: --image-opts + + Treat *filename* as a set of image options, instead of a plain + filename. If this flag is specified, the ``-f`` flag should + not be used, instead the :option:`format=3D` option should be set. + +.. option:: -f, --format=3DFMT + + Force the use of the block driver for format *FMT* instead of + auto-detecting. + +.. option:: -r, --read-only + + Export the disk as read-only. + +.. option:: -P, --partition=3DNUM + + Deprecated: Only expose MBR partition *NUM*. Understands physical + partitions 1-4 and logical partition 5. New code should instead use + :option:`--image-opts` with the raw driver wrapping a subset of the + original image. + +.. option:: -B, --bitmap=3DNAME + + If *filename* has a qcow2 persistent bitmap *NAME*, expose + that bitmap via the ``qemu:dirty-bitmap:NAME`` context + accessible through NBD_OPT_SET_META_CONTEXT. + +.. option:: -s, --snapshot + + Use *filename* as an external snapshot, create a temporary + file with ``backing_file=3D``\ *filename*, redirect the write to + the temporary one. + +.. option:: -l, --load-snapshot=3DSNAPSHOT_PARAM + + Load an internal snapshot inside *filename* and export it + as an read-only device, SNAPSHOT_PARAM format is + ``snapshot.id=3D[ID],snapshot.name=3D[NAME]`` or ``[ID_OR_NAME]`` + +.. option:: --cache=3DCACHE + + The cache mode to be used with the file. See the documentation of + the emulator's ``-drive cache=3D...`` option for allowed values. + +.. option:: -n, --nocache + + Equivalent to :option:`--cache=3Dnone`. + +.. option:: --aio=3DAIO + + Set the asynchronous I/O mode between ``threads`` (the default) + and ``native`` (Linux only). + +.. option:: --discard=3DDISCARD + + Control whether ``discard`` (also known as ``trim`` or ``unmap``) + requests are ignored or passed to the filesystem. *DISCARD* is one of + ``ignore`` (or ``off``), ``unmap`` (or ``on``). The default is + ``ignore``. + +.. option:: --detect-zeroes=3DDETECT_ZEROES + + Control the automatic conversion of plain zero writes by the OS to + driver-specific optimized zero write commands. *DETECT_ZEROES* is one of + ``off``, ``on``, or ``unmap``. ``unmap`` + converts a zero write to an unmap operation and can only be used if + *DISCARD* is set to ``unmap``. The default is ``off``. + +.. option:: -c, --connect=3DDEV + + Connect *filename* to NBD device *DEV* (Linux only). + +.. option:: -d, --disconnect + + Disconnect the device *DEV* (Linux only). + +.. option:: -e, --shared=3DNUM + + Allow up to *NUM* clients to share the device (default + ``1``). Safe for readers, but for now, consistency is not + guaranteed between multiple writers. + +.. option:: -t, --persistent + + Don't exit on the last connection. + +.. option:: -x, --export-name=3DNAME + + Set the NBD volume export name (default of a zero-length string). + +.. option:: -D, --description=3DDESCRIPTION + + Set the NBD volume export description, as a human-readable + string. + +.. option:: -L, --list + + Connect as a client and list all details about the exports exposed by + a remote NBD server. This enables list mode, and is incompatible + with options that change behavior related to a specific export (such as + :option:`--export-name`, :option:`--offset`, ...). + +.. option:: --tls-creds=3DID + + Enable mandatory TLS encryption for the server by setting the ID + of the TLS credentials object previously created with the --object + option; or provide the credentials needed for connecting as a client + in list mode. + +.. option:: --fork + + Fork off the server process and exit the parent once the server is runni= ng. + +.. option:: --pid-file=3DPATH + + Store the server's process ID in the given file. + +.. option:: --tls-authz=3DID + + Specify the ID of a qauthz object previously created with the + :option:`--object` option. This will be used to authorize connecting use= rs + against their x509 distinguished name. + +.. option:: -v, --verbose + + Display extra debugging information. + +.. option:: -h, --help + + Display this help and exit. + +.. option:: -V, --version + + Display version information and exit. + +.. option:: -T, --trace [[enable=3D]PATTERN][,events=3DFILE][,file=3DFILE] + + .. include:: qemu-option-trace.rst.inc + +Examples +-------- + +Start a server listening on port 10809 that exposes only the +guest-visible contents of a qcow2 file, with no TLS encryption, and +with the default export name (an empty string). The command is +one-shot, and will block until the first successful client +disconnects: + +:: + + qemu-nbd -f qcow2 file.qcow2 + +Start a long-running server listening with encryption on port 10810, +and whitelist clients with a specific X.509 certificate to connect to +a 1 megabyte subset of a raw file, using the export name 'subset': + +:: + + qemu-nbd \ + --object tls-creds-x509,id=3Dtls0,endpoint=3Dserver,dir=3D/path/to/qem= utls \ + --object 'authz-simple,id=3Dauth0,identity=3DCN=3Dlaptop.example.com,,\ + O=3DExample Org,,L=3DLondon,,ST=3DLondon,,C=3DGB' \ + --tls-creds tls0 --tls-authz auth0 \ + -t -x subset -p 10810 \ + --image-opts driver=3Draw,offset=3D1M,size=3D1M,file.driver=3Dfile,fil= e.filename=3Dfile.raw + +Serve a read-only copy of just the first MBR partition of a guest +image over a Unix socket with as many as 5 simultaneous readers, with +a persistent process forked as a daemon: + +:: + + qemu-nbd --fork --persistent --shared=3D5 --socket=3D/path/to/sock \ + --partition=3D1 --read-only --format=3Dqcow2 file.qcow2 + +Expose the guest-visible contents of a qcow2 file via a block device +/dev/nbd0 (and possibly creating /dev/nbd0p1 and friends for +partitions found within), then disconnect the device when done. +Access to bind qemu-nbd to an /dev/nbd device generally requires root +privileges, and may also require the execution of ``modprobe nbd`` +to enable the kernel NBD client module. *CAUTION*: Do not use +this method to mount filesystems from an untrusted guest image - a +malicious guest may have prepared the image to attempt to trigger +kernel bugs in partition probing or file system mounting. + +:: + + qemu-nbd -c /dev/nbd0 -f qcow2 file.qcow2 + qemu-nbd -d /dev/nbd0 + +Query a remote server to see details about what export(s) it is +serving on port 10809, and authenticating via PSK: + +:: + + qemu-nbd \ + --object tls-creds-psk,id=3Dtls0,dir=3D/tmp/keys,username=3Deblake,end= point=3Dclient \ + --tls-creds tls0 -L -b remote.example.com + +See also +-------- + +:manpage:`qemu(1)`, :manpage:`qemu-img(1)` diff --git a/docs/interop/qemu-option-trace.rst.inc b/docs/interop/qemu-opt= ion-trace.rst.inc new file mode 100644 index 00000000000..23cfcb48537 --- /dev/null +++ b/docs/interop/qemu-option-trace.rst.inc @@ -0,0 +1,30 @@ +.. + The contents of this file must be kept in sync with qemu-option-trace.te= xi + until all the users of the texi file have been converted to rst and + the texi file can be removed. + +Specify tracing options. + +.. option:: [enable=3D]PATTERN + + Immediately enable events matching *PATTERN* + (either event name or a globbing pattern). This option is only + available if QEMU has been compiled with the ``simple``, ``log`` + or ``ftrace`` tracing backend. To specify multiple events or patterns, + specify the :option:`-trace` option multiple times. + + Use :option:`-trace help` to print a list of names of trace points. + +.. option:: events=3DFILE + + Immediately enable events listed in *FILE*. + The file must contain one event name (as listed in the ``trace-events-al= l`` + file) per line; globbing patterns are accepted too. This option is only + available if QEMU has been compiled with the ``simple``, ``log`` or + ``ftrace`` tracing backend. + +.. option:: file=3DFILE + + Log output traces to *FILE*. + This option is only available if QEMU has been compiled with + the ``simple`` tracing backend. diff --git a/qemu-doc.texi b/qemu-doc.texi index 39f950471f2..617485d1461 100644 --- a/qemu-doc.texi +++ b/qemu-doc.texi @@ -633,7 +633,6 @@ encrypted disk images. * disk_images_snapshot_mode:: Snapshot mode * vm_snapshots:: VM snapshots * qemu_img_invocation:: qemu-img Invocation -* qemu_nbd_invocation:: qemu-nbd Invocation * disk_images_formats:: Disk image file formats * host_drives:: Using host drives * disk_images_fat_images:: Virtual FAT disk images @@ -724,11 +723,6 @@ state is not saved or restored properly (in particular= USB). =20 @include qemu-img.texi =20 -@node qemu_nbd_invocation -@subsection @code{qemu-nbd} Invocation - -@include qemu-nbd.texi - @include docs/qemu-block-drivers.texi =20 @node pcsys_network diff --git a/qemu-nbd.texi b/qemu-nbd.texi deleted file mode 100644 index 7f55657722b..00000000000 --- a/qemu-nbd.texi +++ /dev/null @@ -1,214 +0,0 @@ -@example -@c man begin SYNOPSIS -@command{qemu-nbd} [OPTION]... @var{filename} - -@command{qemu-nbd} @option{-L} [OPTION]... - -@command{qemu-nbd} @option{-d} @var{dev} -@c man end -@end example - -@c man begin DESCRIPTION - -Export a QEMU disk image using the NBD protocol. - -Other uses: -@itemize -@item -Bind a /dev/nbdX block device to a QEMU server (on Linux). -@item -As a client to query exports of a remote NBD server. -@end itemize - -@c man end - -@c man begin OPTIONS -@var{filename} is a disk image filename, or a set of block -driver options if @option{--image-opts} is specified. - -@var{dev} is an NBD device. - -@table @option -@item --object type,id=3D@var{id},...props... -Define a new instance of the @var{type} object class identified by @var{id= }. -See the @code{qemu(1)} manual page for full details of the properties -supported. The common object types that it makes sense to define are the -@code{secret} object, which is used to supply passwords and/or encryption -keys, and the @code{tls-creds} object, which is used to supply TLS -credentials for the qemu-nbd server or client. -@item -p, --port=3D@var{port} -The TCP port to listen on as a server, or connect to as a client -(default @samp{10809}). -@item -o, --offset=3D@var{offset} -The offset into the image. -@item -b, --bind=3D@var{iface} -The interface to bind to as a server, or connect to as a client -(default @samp{0.0.0.0}). -@item -k, --socket=3D@var{path} -Use a unix socket with path @var{path}. -@item --image-opts -Treat @var{filename} as a set of image options, instead of a plain -filename. If this flag is specified, the @var{-f} flag should -not be used, instead the '@code{format=3D}' option should be set. -@item -f, --format=3D@var{fmt} -Force the use of the block driver for format @var{fmt} instead of -auto-detecting. -@item -r, --read-only -Export the disk as read-only. -@item -P, --partition=3D@var{num} -Deprecated: Only expose MBR partition @var{num}. Understands physical -partitions 1-4 and logical partition 5. New code should instead use -@option{--image-opts} with the raw driver wrapping a subset of the -original image. -@item -B, --bitmap=3D@var{name} -If @var{filename} has a qcow2 persistent bitmap @var{name}, expose -that bitmap via the ``qemu:dirty-bitmap:@var{name}'' context -accessible through NBD_OPT_SET_META_CONTEXT. -@item -s, --snapshot -Use @var{filename} as an external snapshot, create a temporary -file with backing_file=3D@var{filename}, redirect the write to -the temporary one. -@item -l, --load-snapshot=3D@var{snapshot_param} -Load an internal snapshot inside @var{filename} and export it -as an read-only device, @var{snapshot_param} format is -'snapshot.id=3D[ID],snapshot.name=3D[NAME]' or '[ID_OR_NAME]' -@item -n, --nocache -@itemx --cache=3D@var{cache} -The cache mode to be used with the file. See the documentation of -the emulator's @code{-drive cache=3D...} option for allowed values. -@item --aio=3D@var{aio} -Set the asynchronous I/O mode between @samp{threads} (the default) -and @samp{native} (Linux only). -@item --discard=3D@var{discard} -Control whether @dfn{discard} (also known as @dfn{trim} or @dfn{unmap}) -requests are ignored or passed to the filesystem. @var{discard} is one of -@samp{ignore} (or @samp{off}), @samp{unmap} (or @samp{on}). The default is -@samp{ignore}. -@item --detect-zeroes=3D@var{detect-zeroes} -Control the automatic conversion of plain zero writes by the OS to -driver-specific optimized zero write commands. @var{detect-zeroes} is one= of -@samp{off}, @samp{on} or @samp{unmap}. @samp{unmap} -converts a zero write to an unmap operation and can only be used if -@var{discard} is set to @samp{unmap}. The default is @samp{off}. -@item -c, --connect=3D@var{dev} -Connect @var{filename} to NBD device @var{dev} (Linux only). -@item -d, --disconnect -Disconnect the device @var{dev} (Linux only). -@item -e, --shared=3D@var{num} -Allow up to @var{num} clients to share the device (default -@samp{1}). Safe for readers, but for now, consistency is not -guaranteed between multiple writers. -@item -t, --persistent -Don't exit on the last connection. -@item -x, --export-name=3D@var{name} -Set the NBD volume export name (default of a zero-length string). -@item -D, --description=3D@var{description} -Set the NBD volume export description, as a human-readable -string. -@item -L, --list -Connect as a client and list all details about the exports exposed by -a remote NBD server. This enables list mode, and is incompatible -with options that change behavior related to a specific export (such as -@option{--export-name}, @option{--offset}, ...). -@item --tls-creds=3DID -Enable mandatory TLS encryption for the server by setting the ID -of the TLS credentials object previously created with the --object -option; or provide the credentials needed for connecting as a client -in list mode. -@item --fork -Fork off the server process and exit the parent once the server is running. -@item --pid-file=3DPATH -Store the server's process ID in the given file. -@item --tls-authz=3DID -Specify the ID of a qauthz object previously created with the ---object option. This will be used to authorize connecting users -against their x509 distinguished name. -@item -v, --verbose -Display extra debugging information. -@item -h, --help -Display this help and exit. -@item -V, --version -Display version information and exit. -@item -T, --trace [[enable=3D]@var{pattern}][,events=3D@var{file}][,file= =3D@var{file}] -@findex --trace -@include qemu-option-trace.texi -@end table - -@c man end - -@c man begin EXAMPLES -Start a server listening on port 10809 that exposes only the -guest-visible contents of a qcow2 file, with no TLS encryption, and -with the default export name (an empty string). The command is -one-shot, and will block until the first successful client -disconnects: - -@example -qemu-nbd -f qcow2 file.qcow2 -@end example - -Start a long-running server listening with encryption on port 10810, -and whitelist clients with a specific X.509 certificate to connect to -a 1 megabyte subset of a raw file, using the export name 'subset': - -@example -qemu-nbd \ - --object tls-creds-x509,id=3Dtls0,endpoint=3Dserver,dir=3D/path/to/qemut= ls \ - --object 'authz-simple,id=3Dauth0,identity=3DCN=3Dlaptop.example.com,,\ - O=3DExample Org,,L=3DLondon,,ST=3DLondon,,C=3DGB' \ - --tls-creds tls0 --tls-authz auth0 \ - -t -x subset -p 10810 \ - --image-opts driver=3Draw,offset=3D1M,size=3D1M,file.driver=3Dfile,file.= filename=3Dfile.raw -@end example - -Serve a read-only copy of just the first MBR partition of a guest -image over a Unix socket with as many as 5 simultaneous readers, with -a persistent process forked as a daemon: - -@example -qemu-nbd --fork --persistent --shared=3D5 --socket=3D/path/to/sock \ - --partition=3D1 --read-only --format=3Dqcow2 file.qcow2 -@end example - -Expose the guest-visible contents of a qcow2 file via a block device -/dev/nbd0 (and possibly creating /dev/nbd0p1 and friends for -partitions found within), then disconnect the device when done. -Access to bind qemu-nbd to an /dev/nbd device generally requires root -privileges, and may also require the execution of @code{modprobe nbd} -to enable the kernel NBD client module. @emph{CAUTION}: Do not use -this method to mount filesystems from an untrusted guest image - a -malicious guest may have prepared the image to attempt to trigger -kernel bugs in partition probing or file system mounting. - -@example -qemu-nbd -c /dev/nbd0 -f qcow2 file.qcow2 -qemu-nbd -d /dev/nbd0 -@end example - -Query a remote server to see details about what export(s) it is -serving on port 10809, and authenticating via PSK: - -@example -qemu-nbd \ - --object tls-creds-psk,id=3Dtls0,dir=3D/tmp/keys,username=3Deblake,endpo= int=3Dclient \ - --tls-creds tls0 -L -b remote.example.com -@end example - -@c man end - -@ignore - -@setfilename qemu-nbd -@settitle QEMU Disk Network Block Device Server - -@c man begin AUTHOR -Copyright (C) 2006 Anthony Liguori . -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -@c man end - -@c man begin SEEALSO -qemu(1), qemu-img(1) -@c man end - -@end ignore diff --git a/qemu-option-trace.texi b/qemu-option-trace.texi index 7d1b7f05c54..162f1528d21 100644 --- a/qemu-option-trace.texi +++ b/qemu-option-trace.texi @@ -1,3 +1,7 @@ +@c The contents of this file must be kept in sync with qemu-option-trace.r= st.inc +@c until all the users of the texi file have been converted to rst and +@c the texi file can be removed. + Specify tracing options. =20 @table @option --=20 2.20.1 From nobody Mon May 6 22:10:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1579184304; cv=none; d=zohomail.com; s=zohoarc; b=NDI+jw4HzJv8qWDyN9bJjdTXRV4nhfAIzGDLi/loJWvljT2s8ItgTYQfFAAJfAaohpGSq8l0W5CIhdNeXw/b8ilbXgvYOwtkdw9oTLs7J2ZpcEs02pnW+ymaeDHaP+PfUwb8GXUrnsj3kAjV24kCtM0N9D+f6F9+HRmeeEJBHJo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1579184304; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=dfwkptdMPu/C9yAOU7ujCDeXXt0/3/ztxjQs/BryDaQ=; b=FpYCpIBdzDWWIuyn0UPG8Y/h40G5Lb+UdUJtZaJl191diHQ6xg6VlSB3Lu2OMCd13qtgWrEGS3egc9X7lsK26Y09eqTtlONbkpHjU4PVEu8rYmpTXDF+jKyFRll0RMfrPu3sLVwCBP8UNy9F0yNICsywhCL9eiKBBIolWIJd/yI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1579184304524840.82374807888; Thu, 16 Jan 2020 06:18:24 -0800 (PST) Received: from localhost ([::1]:42754 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1is5yY-0003Zy-Sw for importer@patchew.org; Thu, 16 Jan 2020 09:18:22 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:49987) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1is5vc-0000EJ-B2 for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:21 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1is5va-0006lH-OD for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:20 -0500 Received: from mail-wr1-x436.google.com ([2a00:1450:4864:20::436]:37071) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1is5va-0006kP-IL for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:18 -0500 Received: by mail-wr1-x436.google.com with SMTP id w15so19350086wru.4 for ; Thu, 16 Jan 2020 06:15:18 -0800 (PST) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id 25sm4584169wmi.32.2020.01.16.06.15.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Jan 2020 06:15:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=dfwkptdMPu/C9yAOU7ujCDeXXt0/3/ztxjQs/BryDaQ=; b=kc3nHDz/EMAp88zh7+QW3zB+ExGdngiPE7QjT+GCZWyfEb7a3aek5y7vowkGQlS26Z uW6vEb3G1NIHV0EMO1az/5JgsrtGit2RQyiGejHvSm8RLVrp7x+P0oFmGRJC4qDm8rVU oA3WGK5Wx+kOy+u6WrdvL8Rn24khYy6ww513SpWatf9e7Va2CrQYZhLfEr8Vd8IDNz5L /7wLj47NMX4kPLrlGB5NX2GHV6BOaDHcwKUtSeOvYTbWz4C+sdfnofyEFIyN3UVQ2k2Q oq7NLjw+CA61RKbiio8MoeOYs2eqOOKmekR+qCtfRDgLxPIyttZs86HW5Fa4wgkeOX5f HGXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dfwkptdMPu/C9yAOU7ujCDeXXt0/3/ztxjQs/BryDaQ=; b=t7JrxmTsOk9fxKukYDuFIfjfi/PM82Djqayvtf5r6UVl1C2Rfz4OQLDWIKCzsQJRZT u497mWTGnGRpFF8TL7tCznNcX8woXSPN2dyLwTKnhGgIMh6SoH1SVfVoB/MOh/Tebr5S kPeSTTPUjD6YWlHY4atj7ARxlE940PW2THrMll3IwwDFq8EkbEtaVEUCfvwQlUODGy5T jQH0ewcdkMSsosnVyOR2ItazeG5Qa+pr5f+5DgC73AED/aiANR1/kZNbYuklXlMeaieJ n1t+JMDMo3UK6oQQ2BhZ3sYkuRRZEL5WtkZxGFDBnwl7afWgDP6urqz66CBol4WFgfIX ixuA== X-Gm-Message-State: APjAAAUS0i/7nx+14283xdjWKBbQTYcCQ/RDdpF7rBUXZdEIyAc2we/+ MHxrNVa7wlRlokKXGLepUETxnazd1mtBCw== X-Google-Smtp-Source: APXvYqzCcHaDH+c8lL7oTYD4whLTSribHiGxj5WafLzQpvX+woeFUm3CD0rok/RcFnxkirY+2UylvQ== X-Received: by 2002:a5d:5706:: with SMTP id a6mr3542210wrv.108.1579184117235; Thu, 16 Jan 2020 06:15:17 -0800 (PST) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PATCH 2/3] docs: Create stub system manual Date: Thu, 16 Jan 2020 14:15:10 +0000 Message-Id: <20200116141511.16849-3-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200116141511.16849-1-peter.maydell@linaro.org> References: <20200116141511.16849-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::436 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , qemu-block@nongnu.org, Stefan Hajnoczi , Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" We want a user-facing manual which contains system emulation documentation. Create an empty one which we can populate. Signed-off-by: Peter Maydell Acked-by: Stefan Hajnoczi Reviewed-by: Alex Benn=C3=A9e --- Makefile | 10 +++++++++- docs/system/conf.py | 15 +++++++++++++++ docs/system/index.rst | 16 ++++++++++++++++ 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 docs/system/conf.py create mode 100644 docs/system/index.rst diff --git a/Makefile b/Makefile index 7a8a50d8700..4372d0d1fbd 100644 --- a/Makefile +++ b/Makefile @@ -757,6 +757,7 @@ distclean: clean $(call clean-manual,devel) $(call clean-manual,interop) $(call clean-manual,specs) + $(call clean-manual,system) for d in $(TARGET_DIRS); do \ rm -rf $$d || exit 1 ; \ done @@ -813,6 +814,7 @@ endef install-sphinxdocs: sphinxdocs $(call install-manual,interop) $(call install-manual,specs) + $(call install-manual,system) =20 install-doc: $(DOCS) install-sphinxdocs $(INSTALL_DIR) "$(DESTDIR)$(qemu_docdir)" @@ -1000,7 +1002,10 @@ docs/version.texi: $(SRC_PATH)/VERSION config-host.m= ak # and handles "don't rebuild things unless necessary" itself. # The '.doctrees' files are cached information to speed this up. .PHONY: sphinxdocs -sphinxdocs: $(MANUAL_BUILDDIR)/devel/index.html $(MANUAL_BUILDDIR)/interop= /index.html $(MANUAL_BUILDDIR)/specs/index.html +sphinxdocs: $(MANUAL_BUILDDIR)/devel/index.html \ + $(MANUAL_BUILDDIR)/interop/index.html \ + $(MANUAL_BUILDDIR)/specs/index.html \ + $(MANUAL_BUILDDIR)/system/index.html =20 # Canned command to build a single manual # Arguments: $1 =3D manual name, $2 =3D Sphinx builder ('html' or 'man') @@ -1022,6 +1027,9 @@ $(MANUAL_BUILDDIR)/interop/index.html: $(call manual-= deps,interop) $(MANUAL_BUILDDIR)/specs/index.html: $(call manual-deps,specs) $(call build-manual,specs,html) =20 +$(MANUAL_BUILDDIR)/system/index.html: $(call manual-deps,system) + $(call build-manual,system,html) + $(MANUAL_BUILDDIR)/interop/qemu-ga.8: $(call manual-deps,interop) $(call build-manual,interop,man) =20 diff --git a/docs/system/conf.py b/docs/system/conf.py new file mode 100644 index 00000000000..6435b4d3f8e --- /dev/null +++ b/docs/system/conf.py @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# +# QEMU documentation build configuration file for the 'system' manual. +# +# This includes the top level conf file and then makes any necessary tweak= s. +import sys +import os + +qemu_docdir =3D os.path.abspath("..") +parent_config =3D os.path.join(qemu_docdir, "conf.py") +exec(compile(open(parent_config, "rb").read(), parent_config, 'exec')) + +# This slightly misuses the 'description', but is the best way to get +# the manual title to appear in the sidebar. +html_theme_options['description'] =3D u'System Emulation User''s Guide' diff --git a/docs/system/index.rst b/docs/system/index.rst new file mode 100644 index 00000000000..ea8ea5fe3dc --- /dev/null +++ b/docs/system/index.rst @@ -0,0 +1,16 @@ +.. This is the top level page for the 'system' manual. + + +QEMU System Emulation User's Guide +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +This manual is the overall guide for users using QEMU +for full system emulation (as opposed to user-mode emulation). +This includes working with hypervisors such as KVM, Xen, Hax +or Hypervisor.Framework. + +Contents: + +.. toctree:: + :maxdepth: 2 + --=20 2.20.1 From nobody Mon May 6 22:10:28 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1579184477; cv=none; d=zohomail.com; s=zohoarc; b=UE0hjYQ6+8oCYazUsZif3ETaaCC6Oj7QH9al+z4jOm0i+gZ9LSz8gx1GnsPgMQ+4kWHzFylk7cd1n2ZipPl02yaMhVIT6OnuhBHGR5BBzIN5WikF/Fz1Bz1VoX+/7W8bmcsgRO6ZuL6hfvVgVxVj40QxeqRKhbCSJt8VJmm+FJw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1579184477; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=kYvpOgkQm/Q/JSUVUHpPJDLflJsm+PjVx7b69mCJNNk=; b=Y+3coIk8CPbSpeAG3Hrza1nBwijdPZi+cGYvpbeAx1pY9AYPZIsZxdfxpIkqf8epo2/6loyzfrRYSCFXMbXvaQZH7EYBlVv/WR6BYooPCXFotKFnVHlU4fDR05w0r2jyeqWEmVV2p3EbgM23v79hADBxaljoDQhouNHwaugf4+E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1579184477260675.1809251688442; Thu, 16 Jan 2020 06:21:17 -0800 (PST) Received: from localhost ([::1]:42818 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1is61L-0007Px-2P for importer@patchew.org; Thu, 16 Jan 2020 09:21:15 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:50091) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1is5vo-0000Yr-TH for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:41 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1is5vg-0006r0-3N for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:32 -0500 Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:42597) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1is5vf-0006pI-LQ for qemu-devel@nongnu.org; Thu, 16 Jan 2020 09:15:24 -0500 Received: by mail-wr1-x444.google.com with SMTP id q6so19233408wro.9 for ; Thu, 16 Jan 2020 06:15:23 -0800 (PST) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id 25sm4584169wmi.32.2020.01.16.06.15.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Jan 2020 06:15:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=kYvpOgkQm/Q/JSUVUHpPJDLflJsm+PjVx7b69mCJNNk=; b=cVpDB//vdfqLNlORB5+nxnk3A8YIy9GK3cS3PWXTNJrFlyG2kLCrsB1441DCtjoYNk MUdwPPpbvwu1WuwD9Fyyol7JQtAPumtWtd/k2VbQrcurdfagKz5XHoR98WOjF/QYcaTs iK1S/1jaM74GOvMuYmM+gyPbWbr5p2eXF2Tqk85CaXEokQAmOuZnw+gEo0oAOaW9+1cE +5as3+c3Lzu7q4n5Cu3XjQFqojsr2tUK8PbmXJDjD9kIO+KZpLAwbBU/58fXNt+a7NrH ZOXzDpQLiKyheUxge9snLJmzfvPKX6/SYoaP9HK2c6WW0i1yyoNvRB5Uq3fsL6jm7+Ag XqxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=kYvpOgkQm/Q/JSUVUHpPJDLflJsm+PjVx7b69mCJNNk=; b=jkZvDq+WGbORCKJWHOmFlN2oT2ZkGR9UVmxEulc3IWxncSDyHPz69ukI60CkGlr/y1 dYFKIBErxjSFXAs1VVerUVfRKN/aQd24/yvA6RBq95kJFjbviJDEgVzD4zp+XVGRtA4U 4euyT/RV5j0gMPtkWc5nx9mkedGWeginqy2VI4fvuz1wq59qnQX1U806yR8SVMFN3A/C mU5UwhsAaUCKxd3/xAn1SKRghm4RWj640dd6LyGqHceFC9KKjfRDnWM0vUgHssI18CLz aT8HZJupGjkODzPqVyOebt+VNP1NlAaszxfmBKX35GE/xOTIq8vbYe/QsomyO8SK2Yl/ r2Hg== X-Gm-Message-State: APjAAAWcqkOVQC8MT0ihTDWSGPZPfGc5fTRSUillVVBl32xQxrNtVXuc TeGApTDK6sWN9b6wNdOzSiODrHI0HyEoEw== X-Google-Smtp-Source: APXvYqwcJ62Jkicql0XtPAAyZK53KrlZW5Keg80raVypyIdKJd/gmLX06c9UyCiAK1pAtIQpOtpSiQ== X-Received: by 2002:a5d:6692:: with SMTP id l18mr3808386wru.382.1579184119792; Thu, 16 Jan 2020 06:15:19 -0800 (PST) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PATCH 3/3] qemu-block-drivers: Convert to rST Date: Thu, 16 Jan 2020 14:15:11 +0000 Message-Id: <20200116141511.16849-4-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200116141511.16849-1-peter.maydell@linaro.org> References: <20200116141511.16849-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::444 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , qemu-block@nongnu.org, Stefan Hajnoczi , Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" The qemu-block-drivers documentation is currently in docs/qemu-block-drivers.texi in Texinfo format, which we present to the user as: * a qemu-block-drivers manpage * a section of the main qemu-doc HTML documentation Convert the documentation to rST format, and present it to the user as: * a qemu-block-drivers manpage * part of the system/ Sphinx manual This follows the same pattern we've done for qemu-ga and qemu-nbd. We have to drop a cross-reference from the documentation of the -cdrom option back to the qemu-block-drivers documentation, since they're no longer within the same texinfo document. As noted in a comment, the manpage output is slightly compromised due to limitations in Sphinx. In an ideal world, the HTML output would have the various headings like 'Disk image file formats' as top-level section headings (which then appear in the overall system manual's table-of-contents), and it would not have the section headings which make sense only for the manpage like 'synopsis', 'description', and 'see also'. Unfortunately, the mechanism Sphinx provides for restricting pieces of documentation is limited to the point of being flawed: the 'only::' directive is implemented as a filter that is applied at a very late stage in the document processing pipeline, rather than as an early equivalent of an #ifdef. This means that Sphinx's process of identifying which section heading markup styles are which levels of heading gets confused if the 'only::' directive contains section headings which would affect the heading-level of a later heading. I have opted to prioritise making the HTML format look better, with the compromise being that in the manpage the 'Disk image file formats' &c headings are top-level headings rather than being sub-headings under the traditional 'Description' top-level section title. Signed-off-by: Peter Maydell Acked-by: Stefan Hajnoczi Reviewed-by: Alex Benn=C3=A9e Tested-by: Alex Benn=C3=A9e --- I enquired on sphinx-users (without response so far) https://www.mail-archive.com/sphinx-users@googlegroups.com/msg03837.html whether there's a better approach than using 'only::' to delimit output for a specific format. That directive seems fundamentally flawed because it's implemented as a filter very late in the document processing, so for instance text goes into the search index even if it's marked as not-for-HTML: https://github.com/sphinx-doc/sphinx/issues/1420 What we want ideally would be some equivalent to #ifdef that happens early in the processing pipeline, but I'm not sure Sphinx has it and I'm not convinced that "run everything through the C preprocessor so we can use #ifdef" is worthwhile for the minor benefit here. --- Makefile | 11 +- docs/qemu-block-drivers.texi | 889 -------------------------- docs/system/conf.py | 7 + docs/system/index.rst | 1 + docs/system/qemu-block-drivers.rst | 985 +++++++++++++++++++++++++++++ qemu-doc.texi | 12 - qemu-options.hx | 2 +- 7 files changed, 1000 insertions(+), 907 deletions(-) delete mode 100644 docs/qemu-block-drivers.texi create mode 100644 docs/system/qemu-block-drivers.rst diff --git a/Makefile b/Makefile index 4372d0d1fbd..318d1046c6c 100644 --- a/Makefile +++ b/Makefile @@ -342,9 +342,9 @@ ifdef BUILD_DOCS DOCS=3Dqemu-doc.html qemu-doc.txt qemu.1 qemu-img.1 DOCS+=3D$(MANUAL_BUILDDIR)/interop/qemu-nbd.8 DOCS+=3D$(MANUAL_BUILDDIR)/interop/qemu-ga.8 +DOCS+=3D$(MANUAL_BUILDDIR)/system/qemu-block-drivers.7 DOCS+=3Ddocs/interop/qemu-qmp-ref.html docs/interop/qemu-qmp-ref.txt docs/= interop/qemu-qmp-ref.7 DOCS+=3Ddocs/interop/qemu-ga-ref.html docs/interop/qemu-ga-ref.txt docs/in= terop/qemu-ga-ref.7 -DOCS+=3Ddocs/qemu-block-drivers.7 DOCS+=3Ddocs/qemu-cpu-models.7 DOCS+=3D$(MANUAL_BUILDDIR)/index.html ifdef CONFIG_VIRTFS @@ -751,7 +751,6 @@ distclean: clean rm -f docs/interop/qemu-qmp-ref.txt docs/interop/qemu-ga-ref.txt rm -f docs/interop/qemu-qmp-ref.pdf docs/interop/qemu-ga-ref.pdf rm -f docs/interop/qemu-qmp-ref.html docs/interop/qemu-ga-ref.html - rm -f docs/qemu-block-drivers.7 rm -f docs/qemu-cpu-models.7 rm -rf .doctrees $(call clean-manual,devel) @@ -828,7 +827,7 @@ ifdef CONFIG_POSIX $(INSTALL_DATA) qemu.1 "$(DESTDIR)$(mandir)/man1" $(INSTALL_DIR) "$(DESTDIR)$(mandir)/man7" $(INSTALL_DATA) docs/interop/qemu-qmp-ref.7 "$(DESTDIR)$(mandir)/man7" - $(INSTALL_DATA) docs/qemu-block-drivers.7 "$(DESTDIR)$(mandir)/man7" + $(INSTALL_DATA) $(MANUAL_BUILDDIR)/system/qemu-block-drivers.7 "$(DESTDIR= )$(mandir)/man7" $(INSTALL_DATA) docs/qemu-cpu-models.7 "$(DESTDIR)$(mandir)/man7" ifeq ($(CONFIG_TOOLS),y) $(INSTALL_DATA) qemu-img.1 "$(DESTDIR)$(mandir)/man1" @@ -1036,6 +1035,9 @@ $(MANUAL_BUILDDIR)/interop/qemu-ga.8: $(call manual-d= eps,interop) $(MANUAL_BUILDDIR)/interop/qemu-nbd.8: $(call manual-deps,interop) $(call build-manual,interop,man) =20 +$(MANUAL_BUILDDIR)/system/qemu-block-drivers.7: $(call manual-deps,system) + $(call build-manual,system,man) + $(MANUAL_BUILDDIR)/index.html: $(SRC_PATH)/docs/index.html.in qemu-version= .h $(call quiet-command, sed "s|@@VERSION@@|${VERSION}|g" $< >$@, \ "GEN","$@") @@ -1062,7 +1064,6 @@ qemu.1: qemu-doc.texi qemu-options.texi qemu-monitor.= texi qemu-monitor-info.texi qemu.1: qemu-option-trace.texi qemu-img.1: qemu-img.texi qemu-option-trace.texi qemu-img-cmds.texi fsdev/virtfs-proxy-helper.1: fsdev/virtfs-proxy-helper.texi -docs/qemu-block-drivers.7: docs/qemu-block-drivers.texi docs/qemu-cpu-models.7: docs/qemu-cpu-models.texi scripts/qemu-trace-stap.1: scripts/qemu-trace-stap.texi =20 @@ -1075,7 +1076,7 @@ qemu-doc.html qemu-doc.info qemu-doc.pdf qemu-doc.txt= : \ qemu-img.texi qemu-options.texi \ qemu-tech.texi qemu-option-trace.texi \ qemu-deprecated.texi qemu-monitor.texi qemu-img-cmds.texi \ - qemu-monitor-info.texi docs/qemu-block-drivers.texi \ + qemu-monitor-info.texi \ docs/qemu-cpu-models.texi docs/security.texi =20 docs/interop/qemu-ga-ref.dvi docs/interop/qemu-ga-ref.html \ diff --git a/docs/qemu-block-drivers.texi b/docs/qemu-block-drivers.texi deleted file mode 100644 index 2c7ea49c32d..00000000000 --- a/docs/qemu-block-drivers.texi +++ /dev/null @@ -1,889 +0,0 @@ -@c man begin SYNOPSIS -QEMU block driver reference manual -@c man end - -@set qemu_system qemu-system-x86_64 - -@c man begin DESCRIPTION - -@node disk_images_formats -@subsection Disk image file formats - -QEMU supports many image file formats that can be used with VMs as well as= with -any of the tools (like @code{qemu-img}). This includes the preferred forma= ts -raw and qcow2 as well as formats that are supported for compatibility with -older QEMU versions or other hypervisors. - -Depending on the image format, different options can be passed to -@code{qemu-img create} and @code{qemu-img convert} using the @code{-o} opt= ion. -This section describes each format and the options that are supported for = it. - -@table @option -@item raw - -Raw disk image format. This format has the advantage of -being simple and easily exportable to all other emulators. If your -file system supports @emph{holes} (for example in ext2 or ext3 on -Linux or NTFS on Windows), then only the written sectors will reserve -space. Use @code{qemu-img info} to know the real size used by the -image or @code{ls -ls} on Unix/Linux. - -Supported options: -@table @code -@item preallocation -Preallocation mode (allowed values: @code{off}, @code{falloc}, @code{full}= ). -@code{falloc} mode preallocates space for image by calling posix_fallocate= (). -@code{full} mode preallocates space for image by writing data to underlying -storage. This data may or may not be zero, depending on the storage locat= ion. -@end table - -@item qcow2 -QEMU image format, the most versatile format. Use it to have smaller -images (useful if your filesystem does not supports holes, for example -on Windows), zlib based compression and support of multiple VM -snapshots. - -Supported options: -@table @code -@item compat -Determines the qcow2 version to use. @code{compat=3D0.10} uses the -traditional image format that can be read by any QEMU since 0.10. -@code{compat=3D1.1} enables image format extensions that only QEMU 1.1 and -newer understand (this is the default). Amongst others, this includes -zero clusters, which allow efficient copy-on-read for sparse images. - -@item backing_file -File name of a base image (see @option{create} subcommand) -@item backing_fmt -Image format of the base image -@item encryption -This option is deprecated and equivalent to @code{encrypt.format=3Daes} - -@item encrypt.format - -If this is set to @code{luks}, it requests that the qcow2 payload (not -qcow2 header) be encrypted using the LUKS format. The passphrase to -use to unlock the LUKS key slot is given by the @code{encrypt.key-secret} -parameter. LUKS encryption parameters can be tuned with the other -@code{encrypt.*} parameters. - -If this is set to @code{aes}, the image is encrypted with 128-bit AES-CBC. -The encryption key is given by the @code{encrypt.key-secret} parameter. -This encryption format is considered to be flawed by modern cryptography -standards, suffering from a number of design problems: - -@itemize @minus -@item The AES-CBC cipher is used with predictable initialization vectors b= ased -on the sector number. This makes it vulnerable to chosen plaintext attacks -which can reveal the existence of encrypted data. -@item The user passphrase is directly used as the encryption key. A poorly -chosen or short passphrase will compromise the security of the encryption. -@item In the event of the passphrase being compromised there is no way to -change the passphrase to protect data in any qcow images. The files must -be cloned, using a different encryption passphrase in the new file. The -original file must then be securely erased using a program like shred, -though even this is ineffective with many modern storage technologies. -@end itemize - -The use of this is no longer supported in system emulators. Support only -remains in the command line utilities, for the purposes of data liberation -and interoperability with old versions of QEMU. The @code{luks} format -should be used instead. - -@item encrypt.key-secret - -Provides the ID of a @code{secret} object that contains the passphrase -(@code{encrypt.format=3Dluks}) or encryption key (@code{encrypt.format=3Da= es}). - -@item encrypt.cipher-alg - -Name of the cipher algorithm and key length. Currently defaults -to @code{aes-256}. Only used when @code{encrypt.format=3Dluks}. - -@item encrypt.cipher-mode - -Name of the encryption mode to use. Currently defaults to @code{xts}. -Only used when @code{encrypt.format=3Dluks}. - -@item encrypt.ivgen-alg - -Name of the initialization vector generator algorithm. Currently defaults -to @code{plain64}. Only used when @code{encrypt.format=3Dluks}. - -@item encrypt.ivgen-hash-alg - -Name of the hash algorithm to use with the initialization vector generator -(if required). Defaults to @code{sha256}. Only used when @code{encrypt.for= mat=3Dluks}. - -@item encrypt.hash-alg - -Name of the hash algorithm to use for PBKDF algorithm -Defaults to @code{sha256}. Only used when @code{encrypt.format=3Dluks}. - -@item encrypt.iter-time - -Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. -Defaults to @code{2000}. Only used when @code{encrypt.format=3Dluks}. - -@item cluster_size -Changes the qcow2 cluster size (must be between 512 and 2M). Smaller clust= er -sizes can improve the image file size whereas larger cluster sizes general= ly -provide better performance. - -@item preallocation -Preallocation mode (allowed values: @code{off}, @code{metadata}, @code{fal= loc}, -@code{full}). An image with preallocated metadata is initially larger but = can -improve performance when the image needs to grow. @code{falloc} and @code{= full} -preallocations are like the same options of @code{raw} format, but sets up -metadata also. - -@item lazy_refcounts -If this option is set to @code{on}, reference count updates are postponed = with -the goal of avoiding metadata I/O and improving performance. This is -particularly interesting with @option{cache=3Dwritethrough} which doesn't = batch -metadata updates. The tradeoff is that after a host crash, the reference c= ount -tables must be rebuilt, i.e. on the next open an (automatic) @code{qemu-img -check -r all} is required, which may take some time. - -This option can only be enabled if @code{compat=3D1.1} is specified. - -@item nocow -If this option is set to @code{on}, it will turn off COW of the file. It's= only -valid on btrfs, no effect on other file systems. - -Btrfs has low performance when hosting a VM image file, even more when the= guest -on the VM also using btrfs as file system. Turning off COW is a way to mit= igate -this bad performance. Generally there are two ways to turn off COW on btrf= s: -a) Disable it by mounting with nodatacow, then all newly created files wil= l be -NOCOW. b) For an empty file, add the NOCOW file attribute. That's what thi= s option -does. - -Note: this option is only valid to new or empty files. If there is an exis= ting -file which is COW and has data blocks already, it couldn't be changed to N= OCOW -by setting @code{nocow=3Don}. One can issue @code{lsattr filename} to chec= k if -the NOCOW flag is set or not (Capital 'C' is NOCOW flag). - -@end table - -@item qed -Old QEMU image format with support for backing files and compact image fil= es -(when your filesystem or transport medium does not support holes). - -When converting QED images to qcow2, you might want to consider using the -@code{lazy_refcounts=3Don} option to get a more QED-like behaviour. - -Supported options: -@table @code -@item backing_file -File name of a base image (see @option{create} subcommand). -@item backing_fmt -Image file format of backing file (optional). Useful if the format cannot= be -autodetected because it has no header, like some vhd/vpc files. -@item cluster_size -Changes the cluster size (must be power-of-2 between 4K and 64K). Smaller -cluster sizes can improve the image file size whereas larger cluster sizes -generally provide better performance. -@item table_size -Changes the number of clusters per L1/L2 table (must be power-of-2 between= 1 -and 16). There is normally no need to change this value but this option c= an be -used for performance benchmarking. -@end table - -@item qcow -Old QEMU image format with support for backing files, compact image files, -encryption and compression. - -Supported options: -@table @code -@item backing_file -File name of a base image (see @option{create} subcommand) -@item encryption -This option is deprecated and equivalent to @code{encrypt.format=3Daes} - -@item encrypt.format -If this is set to @code{aes}, the image is encrypted with 128-bit AES-CBC. -The encryption key is given by the @code{encrypt.key-secret} parameter. -This encryption format is considered to be flawed by modern cryptography -standards, suffering from a number of design problems enumerated previously -against the @code{qcow2} image format. - -The use of this is no longer supported in system emulators. Support only -remains in the command line utilities, for the purposes of data liberation -and interoperability with old versions of QEMU. - -Users requiring native encryption should use the @code{qcow2} format -instead with @code{encrypt.format=3Dluks}. - -@item encrypt.key-secret - -Provides the ID of a @code{secret} object that contains the encryption -key (@code{encrypt.format=3Daes}). - -@end table - -@item luks - -LUKS v1 encryption format, compatible with Linux dm-crypt/cryptsetup - -Supported options: -@table @code - -@item key-secret - -Provides the ID of a @code{secret} object that contains the passphrase. - -@item cipher-alg - -Name of the cipher algorithm and key length. Currently defaults -to @code{aes-256}. - -@item cipher-mode - -Name of the encryption mode to use. Currently defaults to @code{xts}. - -@item ivgen-alg - -Name of the initialization vector generator algorithm. Currently defaults -to @code{plain64}. - -@item ivgen-hash-alg - -Name of the hash algorithm to use with the initialization vector generator -(if required). Defaults to @code{sha256}. - -@item hash-alg - -Name of the hash algorithm to use for PBKDF algorithm -Defaults to @code{sha256}. - -@item iter-time - -Amount of time, in milliseconds, to use for PBKDF algorithm per key slot. -Defaults to @code{2000}. - -@end table - -@item vdi -VirtualBox 1.1 compatible image format. -Supported options: -@table @code -@item static -If this option is set to @code{on}, the image is created with metadata -preallocation. -@end table - -@item vmdk -VMware 3 and 4 compatible image format. - -Supported options: -@table @code -@item backing_file -File name of a base image (see @option{create} subcommand). -@item compat6 -Create a VMDK version 6 image (instead of version 4) -@item hwversion -Specify vmdk virtual hardware version. Compat6 flag cannot be enabled -if hwversion is specified. -@item subformat -Specifies which VMDK subformat to use. Valid options are -@code{monolithicSparse} (default), -@code{monolithicFlat}, -@code{twoGbMaxExtentSparse}, -@code{twoGbMaxExtentFlat} and -@code{streamOptimized}. -@end table - -@item vpc -VirtualPC compatible image format (VHD). -Supported options: -@table @code -@item subformat -Specifies which VHD subformat to use. Valid options are -@code{dynamic} (default) and @code{fixed}. -@end table - -@item VHDX -Hyper-V compatible image format (VHDX). -Supported options: -@table @code -@item subformat -Specifies which VHDX subformat to use. Valid options are -@code{dynamic} (default) and @code{fixed}. -@item block_state_zero -Force use of payload blocks of type 'ZERO'. Can be set to @code{on} (defa= ult) -or @code{off}. When set to @code{off}, new blocks will be created as -@code{PAYLOAD_BLOCK_NOT_PRESENT}, which means parsers are free to return -arbitrary data for those blocks. Do not set to @code{off} when using -@code{qemu-img convert} with @code{subformat=3Ddynamic}. -@item block_size -Block size; min 1 MB, max 256 MB. 0 means auto-calculate based on image s= ize. -@item log_size -Log size; min 1 MB. -@end table -@end table - -@subsubsection Read-only formats -More disk image file formats are supported in a read-only mode. -@table @option -@item bochs -Bochs images of @code{growing} type. -@item cloop -Linux Compressed Loop image, useful only to reuse directly compressed -CD-ROM images present for example in the Knoppix CD-ROMs. -@item dmg -Apple disk image. -@item parallels -Parallels disk image format. -@end table - - -@node host_drives -@subsection Using host drives - -In addition to disk image files, QEMU can directly access host -devices. We describe here the usage for QEMU version >=3D 0.8.3. - -@subsubsection Linux - -On Linux, you can directly use the host device filename instead of a -disk image filename provided you have enough privileges to access -it. For example, use @file{/dev/cdrom} to access to the CDROM. - -@table @code -@item CD -You can specify a CDROM device even if no CDROM is loaded. QEMU has -specific code to detect CDROM insertion or removal. CDROM ejection by -the guest OS is supported. Currently only data CDs are supported. -@item Floppy -You can specify a floppy device even if no floppy is loaded. Floppy -removal is currently not detected accurately (if you change floppy -without doing floppy access while the floppy is not loaded, the guest -OS will think that the same floppy is loaded). -Use of the host's floppy device is deprecated, and support for it will -be removed in a future release. -@item Hard disks -Hard disks can be used. Normally you must specify the whole disk -(@file{/dev/hdb} instead of @file{/dev/hdb1}) so that the guest OS can -see it as a partitioned disk. WARNING: unless you know what you do, it -is better to only make READ-ONLY accesses to the hard disk otherwise -you may corrupt your host data (use the @option{-snapshot} command -line option or modify the device permissions accordingly). -@end table - -@subsubsection Windows - -@table @code -@item CD -The preferred syntax is the drive letter (e.g. @file{d:}). The -alternate syntax @file{\\.\d:} is supported. @file{/dev/cdrom} is -supported as an alias to the first CDROM drive. - -Currently there is no specific code to handle removable media, so it -is better to use the @code{change} or @code{eject} monitor commands to -change or eject media. -@item Hard disks -Hard disks can be used with the syntax: @file{\\.\PhysicalDrive@var{N}} -where @var{N} is the drive number (0 is the first hard disk). - -WARNING: unless you know what you do, it is better to only make -READ-ONLY accesses to the hard disk otherwise you may corrupt your -host data (use the @option{-snapshot} command line so that the -modifications are written in a temporary file). -@end table - - -@subsubsection Mac OS X - -@file{/dev/cdrom} is an alias to the first CDROM. - -Currently there is no specific code to handle removable media, so it -is better to use the @code{change} or @code{eject} monitor commands to -change or eject media. - -@node disk_images_fat_images -@subsection Virtual FAT disk images - -QEMU can automatically create a virtual FAT disk image from a -directory tree. In order to use it, just type: - -@example -@value{qemu_system} linux.img -hdb fat:/my_directory -@end example - -Then you access access to all the files in the @file{/my_directory} -directory without having to copy them in a disk image or to export -them via SAMBA or NFS. The default access is @emph{read-only}. - -Floppies can be emulated with the @code{:floppy:} option: - -@example -@value{qemu_system} linux.img -fda fat:floppy:/my_directory -@end example - -A read/write support is available for testing (beta stage) with the -@code{:rw:} option: - -@example -@value{qemu_system} linux.img -fda fat:floppy:rw:/my_directory -@end example - -What you should @emph{never} do: -@itemize -@item use non-ASCII filenames ; -@item use "-snapshot" together with ":rw:" ; -@item expect it to work when loadvm'ing ; -@item write to the FAT directory on the host system while accessing it wit= h the guest system. -@end itemize - -@node disk_images_nbd -@subsection NBD access - -QEMU can access directly to block device exported using the Network Block = Device -protocol. - -@example -@value{qemu_system} linux.img -hdb nbd://my_nbd_server.mydomain.org:1024/ -@end example - -If the NBD server is located on the same host, you can use an unix socket = instead -of an inet socket: - -@example -@value{qemu_system} linux.img -hdb nbd+unix://?socket=3D/tmp/my_socket -@end example - -In this case, the block device must be exported using qemu-nbd: - -@example -qemu-nbd --socket=3D/tmp/my_socket my_disk.qcow2 -@end example - -The use of qemu-nbd allows sharing of a disk between several guests: -@example -qemu-nbd --socket=3D/tmp/my_socket --share=3D2 my_disk.qcow2 -@end example - -@noindent -and then you can use it with two guests: -@example -@value{qemu_system} linux1.img -hdb nbd+unix://?socket=3D/tmp/my_socket -@value{qemu_system} linux2.img -hdb nbd+unix://?socket=3D/tmp/my_socket -@end example - -If the nbd-server uses named exports (supported since NBD 2.9.18, or with = QEMU's -own embedded NBD server), you must specify an export name in the URI: -@example -@value{qemu_system} -cdrom nbd://localhost/debian-500-ppc-netinst -@value{qemu_system} -cdrom nbd://localhost/openSUSE-11.1-ppc-netinst -@end example - -The URI syntax for NBD is supported since QEMU 1.3. An alternative syntax= is -also available. Here are some example of the older syntax: -@example -@value{qemu_system} linux.img -hdb nbd:my_nbd_server.mydomain.org:1024 -@value{qemu_system} linux2.img -hdb nbd:unix:/tmp/my_socket -@value{qemu_system} -cdrom nbd:localhost:10809:exportname=3Ddebian-500-ppc= -netinst -@end example - -@node disk_images_sheepdog -@subsection Sheepdog disk images - -Sheepdog is a distributed storage system for QEMU. It provides highly -available block level storage volumes that can be attached to -QEMU-based virtual machines. - -You can create a Sheepdog disk image with the command: -@example -qemu-img create sheepdog:///@var{image} @var{size} -@end example -where @var{image} is the Sheepdog image name and @var{size} is its -size. - -To import the existing @var{filename} to Sheepdog, you can use a -convert command. -@example -qemu-img convert @var{filename} sheepdog:///@var{image} -@end example - -You can boot from the Sheepdog disk image with the command: -@example -@value{qemu_system} sheepdog:///@var{image} -@end example - -You can also create a snapshot of the Sheepdog image like qcow2. -@example -qemu-img snapshot -c @var{tag} sheepdog:///@var{image} -@end example -where @var{tag} is a tag name of the newly created snapshot. - -To boot from the Sheepdog snapshot, specify the tag name of the -snapshot. -@example -@value{qemu_system} sheepdog:///@var{image}#@var{tag} -@end example - -You can create a cloned image from the existing snapshot. -@example -qemu-img create -b sheepdog:///@var{base}#@var{tag} sheepdog:///@var{image} -@end example -where @var{base} is an image name of the source snapshot and @var{tag} -is its tag name. - -You can use an unix socket instead of an inet socket: - -@example -@value{qemu_system} sheepdog+unix:///@var{image}?socket=3D@var{path} -@end example - -If the Sheepdog daemon doesn't run on the local host, you need to -specify one of the Sheepdog servers to connect to. -@example -qemu-img create sheepdog://@var{hostname}:@var{port}/@var{image} @var{size} -@value{qemu_system} sheepdog://@var{hostname}:@var{port}/@var{image} -@end example - -@node disk_images_iscsi -@subsection iSCSI LUNs - -iSCSI is a popular protocol used to access SCSI devices across a computer -network. - -There are two different ways iSCSI devices can be used by QEMU. - -The first method is to mount the iSCSI LUN on the host, and make it appear= as -any other ordinary SCSI device on the host and then to access this device = as a -/dev/sd device from QEMU. How to do this differs between host OSes. - -The second method involves using the iSCSI initiator that is built into -QEMU. This provides a mechanism that works the same way regardless of which -host OS you are running QEMU on. This section will describe this second me= thod -of using iSCSI together with QEMU. - -In QEMU, iSCSI devices are described using special iSCSI URLs - -@example -URL syntax: -iscsi://[[%]@@][:]// -@end example - -Username and password are optional and only used if your target is set up -using CHAP authentication for access control. -Alternatively the username and password can also be set via environment -variables to have these not show up in the process list - -@example -export LIBISCSI_CHAP_USERNAME=3D -export LIBISCSI_CHAP_PASSWORD=3D -iscsi://// -@end example - -Various session related parameters can be set via special options, either -in a configuration file provided via '-readconfig' or directly on the -command line. - -If the initiator-name is not specified qemu will use a default name -of 'iqn.2008-11.org.linux-kvm[:'] where is the UUID of the -virtual machine. If the UUID is not specified qemu will use -'iqn.2008-11.org.linux-kvm[:'] where is the name of the -virtual machine. - -@example -Setting a specific initiator name to use when logging in to the target --iscsi initiator-name=3Diqn.qemu.test:my-initiator -@end example - -@example -Controlling which type of header digest to negotiate with the target --iscsi header-digest=3DCRC32C|CRC32C-NONE|NONE-CRC32C|NONE -@end example - -These can also be set via a configuration file -@example -[iscsi] - user =3D "CHAP username" - password =3D "CHAP password" - initiator-name =3D "iqn.qemu.test:my-initiator" - # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE - header-digest =3D "CRC32C" -@end example - - -Setting the target name allows different options for different targets -@example -[iscsi "iqn.target.name"] - user =3D "CHAP username" - password =3D "CHAP password" - initiator-name =3D "iqn.qemu.test:my-initiator" - # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE - header-digest =3D "CRC32C" -@end example - - -Howto use a configuration file to set iSCSI configuration options: -@example -cat >iscsi.conf < /sys/bus/pci/devices/0000:06:0d.0/driver/unbind -# echo 1102 0002 > /sys/bus/pci/drivers/vfio-pci/new_id - -# @value{qemu_system} -drive file=3Dnvme://@var{host}:@var{bus}:@var{slot}= .@var{func}/@var{namespace} -@end example - -Alternative syntax using properties: - -@example -@value{qemu_system} -drive file.driver=3Dnvme,file.device=3D@var{host}:@va= r{bus}:@var{slot}.@var{func},file.namespace=3D@var{namespace} -@end example - -@var{host}:@var{bus}:@var{slot}.@var{func} is the NVMe controller's PCI de= vice -address on the host. - -@var{namespace} is the NVMe namespace number, starting from 1. - -@node disk_image_locking -@subsection Disk image file locking - -By default, QEMU tries to protect image files from unexpected concurrent -access, as long as it's supported by the block protocol driver and host -operating system. If multiple QEMU processes (including QEMU emulators and -utilities) try to open the same image with conflicting accessing modes, al= l but -the first one will get an error. - -This feature is currently supported by the file protocol on Linux with the= Open -File Descriptor (OFD) locking API, and can be configured to fall back to P= OSIX -locking if the POSIX host doesn't support Linux OFD locking. - -To explicitly enable image locking, specify "locking=3Don" in the file pro= tocol -driver options. If OFD locking is not possible, a warning will be printed = and -the POSIX locking API will be used. In this case there is a risk that the = lock -will get silently lost when doing hot plugging and block jobs, due to the -shortcomings of the POSIX locking API. - -QEMU transparently handles lock handover during shared storage migration. = For -shared virtual disk images between multiple VMs, the "share-rw" device opt= ion -should be used. - -By default, the guest has exclusive write access to its disk image. If the -guest can safely share the disk image with other writers the @code{-device -...,share-rw=3Don} parameter can be used. This is only safe if the guest = is -running software, such as a cluster file system, that coordinates disk acc= esses -to avoid corruption. - -Note that share-rw=3Don only declares the guest's ability to share the dis= k. -Some QEMU features, such as image file formats, require exclusive write ac= cess -to the disk image and this is unaffected by the share-rw=3Don option. - -Alternatively, locking can be fully disabled by "locking=3Doff" block devi= ce -option. In the command line, the option is usually in the form of -"file.locking=3Doff" as the protocol driver is normally placed as a "file"= child -under a format driver. For example: - -@code{-blockdev driver=3Dqcow2,file.filename=3D/path/to/image,file.locking= =3Doff,file.driver=3Dfile} - -To check if image locking is active, check the output of the "lslocks" com= mand -on host and see if there are locks held by the QEMU process on the image f= ile. -More than one byte could be locked by the QEMU instance, each byte of which -reflects a particular permission that is acquired or protected by the runn= ing -block driver. - -@c man end - -@ignore - -@setfilename qemu-block-drivers -@settitle QEMU block drivers reference - -@c man begin SEEALSO -The HTML documentation of QEMU for more precise information and Linux -user mode emulator invocation. -@c man end - -@c man begin AUTHOR -Fabrice Bellard and the QEMU Project developers -@c man end - -@end ignore diff --git a/docs/system/conf.py b/docs/system/conf.py index 6435b4d3f8e..7ca115f5e03 100644 --- a/docs/system/conf.py +++ b/docs/system/conf.py @@ -13,3 +13,10 @@ exec(compile(open(parent_config, "rb").read(), parent_co= nfig, 'exec')) # This slightly misuses the 'description', but is the best way to get # the manual title to appear in the sidebar. html_theme_options['description'] =3D u'System Emulation User''s Guide' +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages =3D [ + ('qemu-block-drivers', 'qemu-block-drivers', + u'QEMU block drivers reference', + ['Fabrice Bellard and the QEMU Project developers'], 7) +] diff --git a/docs/system/index.rst b/docs/system/index.rst index ea8ea5fe3dc..f66e6ea585c 100644 --- a/docs/system/index.rst +++ b/docs/system/index.rst @@ -14,3 +14,4 @@ Contents: .. toctree:: :maxdepth: 2 =20 + qemu-block-drivers diff --git a/docs/system/qemu-block-drivers.rst b/docs/system/qemu-block-dr= ivers.rst new file mode 100644 index 00000000000..388adbefbf4 --- /dev/null +++ b/docs/system/qemu-block-drivers.rst @@ -0,0 +1,985 @@ +QEMU block drivers reference +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D + +.. |qemu_system| replace:: qemu-system-x86_64 + +.. + We put the 'Synopsis' and 'See also' sections into the manpage, but not + the HTML. This makes the HTML docs read better and means the ToC in + the index has a more useful set of entries. Ideally, the section + headings 'Disk image file formats' would be top-level headings for + the HTML, but sub-headings of the conventional manpage 'Description' + header for the manpage. Unfortunately, due to deficiencies in + the Sphinx 'only' directive, this isn't possible: they must be headers + at the same level as 'Synopsis' and 'See also', otherwise Sphinx's + identification of which header underline style is which gets confused. + +.. only:: man + + Synopsis + -------- + + QEMU block driver reference manual + +Disk image file formats +----------------------- + +QEMU supports many image file formats that can be used with VMs as well as= with +any of the tools (like ``qemu-img``). This includes the preferred formats +raw and qcow2 as well as formats that are supported for compatibility with +older QEMU versions or other hypervisors. + +Depending on the image format, different options can be passed to +``qemu-img create`` and ``qemu-img convert`` using the ``-o`` option. +This section describes each format and the options that are supported for = it. + +.. program:: image-formats +.. option:: raw + + Raw disk image format. This format has the advantage of + being simple and easily exportable to all other emulators. If your + file system supports *holes* (for example in ext2 or ext3 on + Linux or NTFS on Windows), then only the written sectors will reserve + space. Use ``qemu-img info`` to know the real size used by the + image or ``ls -ls`` on Unix/Linux. + + Supported options: + + .. program:: raw + .. option:: preallocation + + Preallocation mode (allowed values: ``off``, ``falloc``, + ``full``). ``falloc`` mode preallocates space for image by + calling ``posix_fallocate()``. ``full`` mode preallocates space + for image by writing data to underlying storage. This data may or + may not be zero, depending on the storage location. + +.. program:: image-formats +.. option:: qcow2 + + QEMU image format, the most versatile format. Use it to have smaller + images (useful if your filesystem does not supports holes, for example + on Windows), zlib based compression and support of multiple VM + snapshots. + + Supported options: + + .. program:: qcow2 + .. option:: compat + + Determines the qcow2 version to use. ``compat=3D0.10`` uses the + traditional image format that can be read by any QEMU since 0.10. + ``compat=3D1.1`` enables image format extensions that only QEMU 1.1 and + newer understand (this is the default). Amongst others, this includes + zero clusters, which allow efficient copy-on-read for sparse images. + + .. option:: backing_file + + File name of a base image (see ``create`` subcommand) + + .. option:: backing_fmt + + Image format of the base image + + .. option:: encryption + + This option is deprecated and equivalent to ``encrypt.format=3Daes`` + + .. option:: encrypt.format + + If this is set to ``luks``, it requests that the qcow2 payload (not + qcow2 header) be encrypted using the LUKS format. The passphrase to + use to unlock the LUKS key slot is given by the ``encrypt.key-secret`` + parameter. LUKS encryption parameters can be tuned with the other + ``encrypt.*`` parameters. + + If this is set to ``aes``, the image is encrypted with 128-bit AES-CBC. + The encryption key is given by the ``encrypt.key-secret`` parameter. + This encryption format is considered to be flawed by modern cryptograp= hy + standards, suffering from a number of design problems: + + - The AES-CBC cipher is used with predictable initialization vectors b= ased + on the sector number. This makes it vulnerable to chosen plaintext a= ttacks + which can reveal the existence of encrypted data. + - The user passphrase is directly used as the encryption key. A poorly + chosen or short passphrase will compromise the security of the encry= ption. + - In the event of the passphrase being compromised there is no way to + change the passphrase to protect data in any qcow images. The files = must + be cloned, using a different encryption passphrase in the new file. = The + original file must then be securely erased using a program like shre= d, + though even this is ineffective with many modern storage technologie= s. + + The use of this is no longer supported in system emulators. Support on= ly + remains in the command line utilities, for the purposes of data libera= tion + and interoperability with old versions of QEMU. The ``luks`` format + should be used instead. + + .. option:: encrypt.key-secret + + Provides the ID of a ``secret`` object that contains the passphrase + (``encrypt.format=3Dluks``) or encryption key (``encrypt.format=3Daes`= `). + + .. option:: encrypt.cipher-alg + + Name of the cipher algorithm and key length. Currently defaults + to ``aes-256``. Only used when ``encrypt.format=3Dluks``. + + .. option:: encrypt.cipher-mode + + Name of the encryption mode to use. Currently defaults to ``xts``. + Only used when ``encrypt.format=3Dluks``. + + .. option:: encrypt.ivgen-alg + + Name of the initialization vector generator algorithm. Currently defau= lts + to ``plain64``. Only used when ``encrypt.format=3Dluks``. + + .. option:: encrypt.ivgen-hash-alg + + Name of the hash algorithm to use with the initialization vector gener= ator + (if required). Defaults to ``sha256``. Only used when ``encrypt.format= =3Dluks``. + + .. option:: encrypt.hash-alg + + Name of the hash algorithm to use for PBKDF algorithm + Defaults to ``sha256``. Only used when ``encrypt.format=3Dluks``. + + .. option:: encrypt.iter-time + + Amount of time, in milliseconds, to use for PBKDF algorithm per key sl= ot. + Defaults to ``2000``. Only used when ``encrypt.format=3Dluks``. + + .. option:: cluster_size + + Changes the qcow2 cluster size (must be between 512 and 2M). Smaller c= luster + sizes can improve the image file size whereas larger cluster sizes gen= erally + provide better performance. + + .. option:: preallocation + + Preallocation mode (allowed values: ``off``, ``metadata``, ``falloc``, + ``full``). An image with preallocated metadata is initially larger but= can + improve performance when the image needs to grow. ``falloc`` and ``ful= l`` + preallocations are like the same options of ``raw`` format, but sets up + metadata also. + + .. option:: lazy_refcounts + + If this option is set to ``on``, reference count updates are postponed= with + the goal of avoiding metadata I/O and improving performance. This is + particularly interesting with :option:`cache=3Dwritethrough` which doe= sn't batch + metadata updates. The tradeoff is that after a host crash, the referen= ce count + tables must be rebuilt, i.e. on the next open an (automatic) ``qemu-img + check -r all`` is required, which may take some time. + + This option can only be enabled if ``compat=3D1.1`` is specified. + + .. option:: nocow + + If this option is set to ``on``, it will turn off COW of the file. It'= s only + valid on btrfs, no effect on other file systems. + + Btrfs has low performance when hosting a VM image file, even more + when the guest on the VM also using btrfs as file system. Turning off + COW is a way to mitigate this bad performance. Generally there are two + ways to turn off COW on btrfs: + + - Disable it by mounting with nodatacow, then all newly created files + will be NOCOW. + - For an empty file, add the NOCOW file attribute. That's what this + option does. + + Note: this option is only valid to new or empty files. If there is + an existing file which is COW and has data blocks already, it couldn't + be changed to NOCOW by setting ``nocow=3Don``. One can issue ``lsattr + filename`` to check if the NOCOW flag is set or not (Capital 'C' is + NOCOW flag). + +.. program:: image-formats +.. option:: qed + + Old QEMU image format with support for backing files and compact image = files + (when your filesystem or transport medium does not support holes). + + When converting QED images to qcow2, you might want to consider using t= he + ``lazy_refcounts=3Don`` option to get a more QED-like behaviour. + + Supported options: + + .. program:: qed + .. option:: backing_file + + File name of a base image (see ``create`` subcommand). + + .. option:: backing_fmt + + Image file format of backing file (optional). Useful if the format c= annot be + autodetected because it has no header, like some vhd/vpc files. + + .. option:: cluster_size + + Changes the cluster size (must be power-of-2 between 4K and 64K). Sma= ller + cluster sizes can improve the image file size whereas larger cluster = sizes + generally provide better performance. + + .. option:: table_size + + Changes the number of clusters per L1/L2 table (must be + power-of-2 between 1 and 16). There is normally no need to + change this value but this option can between used for + performance benchmarking. + +.. program:: image-formats +.. option:: qcow + + Old QEMU image format with support for backing files, compact image file= s, + encryption and compression. + + Supported options: + + .. program:: qcow + .. option:: backing_file + + File name of a base image (see ``create`` subcommand) + + .. option:: encryption + + This option is deprecated and equivalent to ``encrypt.format=3Daes`` + + .. option:: encrypt.format + + If this is set to ``aes``, the image is encrypted with 128-bit AES-CB= C. + The encryption key is given by the ``encrypt.key-secret`` parameter. + This encryption format is considered to be flawed by modern cryptogra= phy + standards, suffering from a number of design problems enumerated prev= iously + against the ``qcow2`` image format. + + The use of this is no longer supported in system emulators. Support o= nly + remains in the command line utilities, for the purposes of data liber= ation + and interoperability with old versions of QEMU. + + Users requiring native encryption should use the ``qcow2`` format + instead with ``encrypt.format=3Dluks``. + + .. option:: encrypt.key-secret + + Provides the ID of a ``secret`` object that contains the encryption + key (``encrypt.format=3Daes``). + +.. program:: image-formats +.. option:: luks + + LUKS v1 encryption format, compatible with Linux dm-crypt/cryptsetup + + Supported options: + + .. program:: luks + .. option:: key-secret + + Provides the ID of a ``secret`` object that contains the passphrase. + + .. option:: cipher-alg + + Name of the cipher algorithm and key length. Currently defaults + to ``aes-256``. + + .. option:: cipher-mode + + Name of the encryption mode to use. Currently defaults to ``xts``. + + .. option:: ivgen-alg + + Name of the initialization vector generator algorithm. Currently defau= lts + to ``plain64``. + + .. option:: ivgen-hash-alg + + Name of the hash algorithm to use with the initialization vector gener= ator + (if required). Defaults to ``sha256``. + + .. option:: hash-alg + + Name of the hash algorithm to use for PBKDF algorithm + Defaults to ``sha256``. + + .. option:: iter-time + + Amount of time, in milliseconds, to use for PBKDF algorithm per key sl= ot. + Defaults to ``2000``. + +.. program:: image-formats +.. option:: vdi + + VirtualBox 1.1 compatible image format. + + Supported options: + + .. program:: vdi + .. option:: static + + If this option is set to ``on``, the image is created with metadata + preallocation. + +.. program:: image-formats +.. option:: vmdk + + VMware 3 and 4 compatible image format. + + Supported options: + + .. program: vmdk + .. option:: backing_file + + File name of a base image (see ``create`` subcommand). + + .. option:: compat6 + + Create a VMDK version 6 image (instead of version 4) + + .. option:: hwversion + + Specify vmdk virtual hardware version. Compat6 flag cannot be enabled + if hwversion is specified. + + .. option:: subformat + + Specifies which VMDK subformat to use. Valid options are + ``monolithicSparse`` (default), + ``monolithicFlat``, + ``twoGbMaxExtentSparse``, + ``twoGbMaxExtentFlat`` and + ``streamOptimized``. + +.. program:: image-formats +.. option:: vpc + + VirtualPC compatible image format (VHD). + + Supported options: + + .. program:: vpc + .. option:: subformat + + Specifies which VHD subformat to use. Valid options are + ``dynamic`` (default) and ``fixed``. + +.. program:: image-formats +.. option:: VHDX + + Hyper-V compatible image format (VHDX). + + Supported options: + + .. program:: VHDX + .. option:: subformat + + Specifies which VHDX subformat to use. Valid options are + ``dynamic`` (default) and ``fixed``. + + .. option:: block_state_zero + + Force use of payload blocks of type 'ZERO'. Can be set to ``on`` (d= efault) + or ``off``. When set to ``off``, new blocks will be created as + ``PAYLOAD_BLOCK_NOT_PRESENT``, which means parsers are free to return + arbitrary data for those blocks. Do not set to ``off`` when using + ``qemu-img convert`` with ``subformat=3Ddynamic``. + + .. option:: block_size + + Block size; min 1 MB, max 256 MB. 0 means auto-calculate based on + image size. + + .. option:: log_size + + Log size; min 1 MB. + +Read-only formats +----------------- + +More disk image file formats are supported in a read-only mode. + +.. program:: image-formats +.. option:: bochs + + Bochs images of ``growing`` type. + +.. program:: image-formats +.. option:: cloop + + Linux Compressed Loop image, useful only to reuse directly compressed + CD-ROM images present for example in the Knoppix CD-ROMs. + +.. program:: image-formats +.. option:: dmg + + Apple disk image. + +.. program:: image-formats +.. option:: parallels + + Parallels disk image format. + +Using host drives +----------------- + +In addition to disk image files, QEMU can directly access host +devices. We describe here the usage for QEMU version >=3D 0.8.3. + +Linux +''''' + +On Linux, you can directly use the host device filename instead of a +disk image filename provided you have enough privileges to access +it. For example, use ``/dev/cdrom`` to access to the CDROM. + +CD + You can specify a CDROM device even if no CDROM is loaded. QEMU has + specific code to detect CDROM insertion or removal. CDROM ejection by + the guest OS is supported. Currently only data CDs are supported. + +Floppy + You can specify a floppy device even if no floppy is loaded. Floppy + removal is currently not detected accurately (if you change floppy + without doing floppy access while the floppy is not loaded, the guest + OS will think that the same floppy is loaded). + Use of the host's floppy device is deprecated, and support for it will + be removed in a future release. + +Hard disks + Hard disks can be used. Normally you must specify the whole disk + (``/dev/hdb`` instead of ``/dev/hdb1``) so that the guest OS can + see it as a partitioned disk. WARNING: unless you know what you do, it + is better to only make READ-ONLY accesses to the hard disk otherwise + you may corrupt your host data (use the ``-snapshot`` command + line option or modify the device permissions accordingly). + +Windows +''''''' + +CD + The preferred syntax is the drive letter (e.g. ``d:``). The + alternate syntax ``\\.\d:`` is supported. ``/dev/cdrom`` is + supported as an alias to the first CDROM drive. + + Currently there is no specific code to handle removable media, so it + is better to use the ``change`` or ``eject`` monitor commands to + change or eject media. + +Hard disks + Hard disks can be used with the syntax: ``\\.\PhysicalDriveN`` + where *N* is the drive number (0 is the first hard disk). + + WARNING: unless you know what you do, it is better to only make + READ-ONLY accesses to the hard disk otherwise you may corrupt your + host data (use the ``-snapshot`` command line so that the + modifications are written in a temporary file). + +Mac OS X +'''''''' + +``/dev/cdrom`` is an alias to the first CDROM. + +Currently there is no specific code to handle removable media, so it +is better to use the ``change`` or ``eject`` monitor commands to +change or eject media. + +Virtual FAT disk images +----------------------- + +QEMU can automatically create a virtual FAT disk image from a +directory tree. In order to use it, just type: + +.. parsed-literal:: + + |qemu_system| linux.img -hdb fat:/my_directory + +Then you access access to all the files in the ``/my_directory`` +directory without having to copy them in a disk image or to export +them via SAMBA or NFS. The default access is *read-only*. + +Floppies can be emulated with the ``:floppy:`` option: + +.. parsed-literal:: + + |qemu_system| linux.img -fda fat:floppy:/my_directory + +A read/write support is available for testing (beta stage) with the +``:rw:`` option: + +.. parsed-literal:: + + |qemu_system| linux.img -fda fat:floppy:rw:/my_directory + +What you should *never* do: + +- use non-ASCII filenames +- use "-snapshot" together with ":rw:" +- expect it to work when loadvm'ing +- write to the FAT directory on the host system while accessing it with th= e guest system + +NBD access +---------- + +QEMU can access directly to block device exported using the Network Block = Device +protocol. + +.. parsed-literal:: + + |qemu_system| linux.img -hdb nbd://my_nbd_server.mydomain.org:1024/ + +If the NBD server is located on the same host, you can use an unix socket = instead +of an inet socket: + +.. parsed-literal:: + + |qemu_system| linux.img -hdb nbd+unix://?socket=3D/tmp/my_socket + +In this case, the block device must be exported using qemu-nbd: + +.. parsed-literal:: + + qemu-nbd --socket=3D/tmp/my_socket my_disk.qcow2 + +The use of qemu-nbd allows sharing of a disk between several guests: + +.. parsed-literal:: + + qemu-nbd --socket=3D/tmp/my_socket --share=3D2 my_disk.qcow2 + +and then you can use it with two guests: + +.. parsed-literal:: + + |qemu_system| linux1.img -hdb nbd+unix://?socket=3D/tmp/my_socket + |qemu_system| linux2.img -hdb nbd+unix://?socket=3D/tmp/my_socket + +If the nbd-server uses named exports (supported since NBD 2.9.18, or with = QEMU's +own embedded NBD server), you must specify an export name in the URI: + +.. parsed-literal:: + + |qemu_system| -cdrom nbd://localhost/debian-500-ppc-netinst + |qemu_system| -cdrom nbd://localhost/openSUSE-11.1-ppc-netinst + +The URI syntax for NBD is supported since QEMU 1.3. An alternative syntax= is +also available. Here are some example of the older syntax: + +.. parsed-literal:: + + |qemu_system| linux.img -hdb nbd:my_nbd_server.mydomain.org:1024 + |qemu_system| linux2.img -hdb nbd:unix:/tmp/my_socket + |qemu_system| -cdrom nbd:localhost:10809:exportname=3Ddebian-500-ppc-net= inst + + + +Sheepdog disk images +-------------------- + +Sheepdog is a distributed storage system for QEMU. It provides highly +available block level storage volumes that can be attached to +QEMU-based virtual machines. + +You can create a Sheepdog disk image with the command: + +.. parsed-literal:: + + qemu-img create sheepdog:///IMAGE SIZE + +where *IMAGE* is the Sheepdog image name and *SIZE* is its +size. + +To import the existing *FILENAME* to Sheepdog, you can use a +convert command. + +.. parsed-literal:: + + qemu-img convert FILENAME sheepdog:///IMAGE + +You can boot from the Sheepdog disk image with the command: + +.. parsed-literal:: + + |qemu_system| sheepdog:///IMAGE + +You can also create a snapshot of the Sheepdog image like qcow2. + +.. parsed-literal:: + + qemu-img snapshot -c TAG sheepdog:///IMAGE + +where *TAG* is a tag name of the newly created snapshot. + +To boot from the Sheepdog snapshot, specify the tag name of the +snapshot. + +.. parsed-literal:: + + |qemu_system| sheepdog:///IMAGE#TAG + +You can create a cloned image from the existing snapshot. + +.. parsed-literal:: + + qemu-img create -b sheepdog:///BASE#TAG sheepdog:///IMAGE + +where *BASE* is an image name of the source snapshot and *TAG* +is its tag name. + +You can use an unix socket instead of an inet socket: + +.. parsed-literal:: + + |qemu_system| sheepdog+unix:///IMAGE?socket=3DPATH + +If the Sheepdog daemon doesn't run on the local host, you need to +specify one of the Sheepdog servers to connect to. + +.. parsed-literal:: + + qemu-img create sheepdog://HOSTNAME:PORT/IMAGE SIZE + |qemu_system| sheepdog://HOSTNAME:PORT/IMAGE + +iSCSI LUNs +---------- + +iSCSI is a popular protocol used to access SCSI devices across a computer +network. + +There are two different ways iSCSI devices can be used by QEMU. + +The first method is to mount the iSCSI LUN on the host, and make it appear= as +any other ordinary SCSI device on the host and then to access this device = as a +/dev/sd device from QEMU. How to do this differs between host OSes. + +The second method involves using the iSCSI initiator that is built into +QEMU. This provides a mechanism that works the same way regardless of which +host OS you are running QEMU on. This section will describe this second me= thod +of using iSCSI together with QEMU. + +In QEMU, iSCSI devices are described using special iSCSI URLs. URL syntax: + +:: + + iscsi://[[%]@][:]// + +Username and password are optional and only used if your target is set up +using CHAP authentication for access control. +Alternatively the username and password can also be set via environment +variables to have these not show up in the process list: + +:: + + export LIBISCSI_CHAP_USERNAME=3D + export LIBISCSI_CHAP_PASSWORD=3D + iscsi://// + +Various session related parameters can be set via special options, either +in a configuration file provided via '-readconfig' or directly on the +command line. + +If the initiator-name is not specified qemu will use a default name +of 'iqn.2008-11.org.linux-kvm[:'] where is the UUID of the +virtual machine. If the UUID is not specified qemu will use +'iqn.2008-11.org.linux-kvm[:'] where is the name of the +virtual machine. + +Setting a specific initiator name to use when logging in to the target: + +:: + + -iscsi initiator-name=3Diqn.qemu.test:my-initiator + +Controlling which type of header digest to negotiate with the target: + +:: + + -iscsi header-digest=3DCRC32C|CRC32C-NONE|NONE-CRC32C|NONE + +These can also be set via a configuration file: + +:: + + [iscsi] + user =3D "CHAP username" + password =3D "CHAP password" + initiator-name =3D "iqn.qemu.test:my-initiator" + # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE + header-digest =3D "CRC32C" + +Setting the target name allows different options for different targets: + +:: + + [iscsi "iqn.target.name"] + user =3D "CHAP username" + password =3D "CHAP password" + initiator-name =3D "iqn.qemu.test:my-initiator" + # header digest is one of CRC32C|CRC32C-NONE|NONE-CRC32C|NONE + header-digest =3D "CRC32C" + +How to use a configuration file to set iSCSI configuration options: + +.. parsed-literal:: + + cat >iscsi.conf < /sys/bus/pci/devices/0000:06:0d.0/driver/unbind + # echo 1102 0002 > /sys/bus/pci/drivers/vfio-pci/new_id + + # |qemu_system| -drive file=3Dnvme://HOST:BUS:SLOT.FUNC/NAMESPACE + +Alternative syntax using properties: + +.. parsed-literal:: + + |qemu_system| -drive file.driver=3Dnvme,file.device=3DHOST:BUS:SLOT.FUNC= ,file.namespace=3DNAMESPACE + +*HOST*:*BUS*:*SLOT*.\ *FUNC* is the NVMe controller's PCI device +address on the host. + +*NAMESPACE* is the NVMe namespace number, starting from 1. + +Disk image file locking +----------------------- + +By default, QEMU tries to protect image files from unexpected concurrent +access, as long as it's supported by the block protocol driver and host +operating system. If multiple QEMU processes (including QEMU emulators and +utilities) try to open the same image with conflicting accessing modes, al= l but +the first one will get an error. + +This feature is currently supported by the file protocol on Linux with the= Open +File Descriptor (OFD) locking API, and can be configured to fall back to P= OSIX +locking if the POSIX host doesn't support Linux OFD locking. + +To explicitly enable image locking, specify "locking=3Don" in the file pro= tocol +driver options. If OFD locking is not possible, a warning will be printed = and +the POSIX locking API will be used. In this case there is a risk that the = lock +will get silently lost when doing hot plugging and block jobs, due to the +shortcomings of the POSIX locking API. + +QEMU transparently handles lock handover during shared storage migration. = For +shared virtual disk images between multiple VMs, the "share-rw" device opt= ion +should be used. + +By default, the guest has exclusive write access to its disk image. If the +guest can safely share the disk image with other writers the +``-device ...,share-rw=3Don`` parameter can be used. This is only safe if +the guest is running software, such as a cluster file system, that +coordinates disk accesses to avoid corruption. + +Note that share-rw=3Don only declares the guest's ability to share the dis= k. +Some QEMU features, such as image file formats, require exclusive write ac= cess +to the disk image and this is unaffected by the share-rw=3Don option. + +Alternatively, locking can be fully disabled by "locking=3Doff" block devi= ce +option. In the command line, the option is usually in the form of +"file.locking=3Doff" as the protocol driver is normally placed as a "file"= child +under a format driver. For example: + +:: + + -blockdev driver=3Dqcow2,file.filename=3D/path/to/image,file.locking=3Do= ff,file.driver=3Dfile + +To check if image locking is active, check the output of the "lslocks" com= mand +on host and see if there are locks held by the QEMU process on the image f= ile. +More than one byte could be locked by the QEMU instance, each byte of which +reflects a particular permission that is acquired or protected by the runn= ing +block driver. + +.. only:: man + + See also + -------- + + The HTML documentation of QEMU for more precise information and Linux + user mode emulator invocation. diff --git a/qemu-doc.texi b/qemu-doc.texi index 617485d1461..2328e7ea476 100644 --- a/qemu-doc.texi +++ b/qemu-doc.texi @@ -633,16 +633,6 @@ encrypted disk images. * disk_images_snapshot_mode:: Snapshot mode * vm_snapshots:: VM snapshots * qemu_img_invocation:: qemu-img Invocation -* disk_images_formats:: Disk image file formats -* host_drives:: Using host drives -* disk_images_fat_images:: Virtual FAT disk images -* disk_images_nbd:: NBD access -* disk_images_sheepdog:: Sheepdog disk images -* disk_images_iscsi:: iSCSI LUNs -* disk_images_gluster:: GlusterFS disk images -* disk_images_ssh:: Secure Shell (ssh) disk images -* disk_images_nvme:: NVMe userspace driver -* disk_image_locking:: Disk image file locking @end menu =20 @node disk_images_quickstart @@ -723,8 +713,6 @@ state is not saved or restored properly (in particular = USB). =20 @include qemu-img.texi =20 -@include docs/qemu-block-drivers.texi - @node pcsys_network @section Network emulation =20 diff --git a/qemu-options.hx b/qemu-options.hx index 709162c159a..224a8e8712a 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -953,7 +953,7 @@ STEXI @findex -cdrom Use @var{file} as CD-ROM image (you cannot use @option{-hdc} and @option{-cdrom} at the same time). You can use the host CD-ROM by -using @file{/dev/cdrom} as filename (@pxref{host_drives}). +using @file{/dev/cdrom} as filename. ETEXI =20 DEF("blockdev", HAS_ARG, QEMU_OPTION_blockdev, --=20 2.20.1