qemu是一个通用和开源的软件,用于设备模拟和虚拟化。
支持使用qemu的平台
qemu软件本身可以在不同平台上运行,官方支持的运行环境主要有:
| CPU Architecture | Accelerators |
|---|---|
| Arm | kvm (64 bit only), tcg, xen |
| MIPS (little endian only) | kvm, tcg |
| PPC | kvm, tcg |
| RISC-V | kvm, tcg |
| s390x | kvm, tcg |
| SPARC | tcg |
| x86 | hax, hvf (64 bit only), kvm, nvmm, tcg, whpx (64 bit only), xen |
官方支持的环境,可以使用一些虚拟化手段加速运行。其他不支持的环境不建议编译运行,虽然也有办法运行,但速度会非常慢。
此外,qemu软件的更新也类似linux发行版,5年一个主要版本,会始终支持,在新的主流版本退出后,上一个主流版本会逐渐 放弃支持,所以一般使用qemu时,可以选用较近版本的。
qemu在更新中也会移除一些旧的特性,包括准备移除的和特性和已经移除的特性列表,可以参考
Deprecated features
Removed features
模拟支持
QEMU的Tiny Code Generator (TCG)机制提供了在任何受支持的主机平台上模拟多种CPU架构的能力。根据客户机体系结构,支持系统级仿真和用户级仿真。
Supported Guest Architectures for Emulation,比如几个常见的
| Architecture (qemu name) | System | User | Notes |
|---|---|---|---|
| Arm (arm, aarch64) | Yes | Yes | Wide range of features, see A-profile CPU architecture support for details |
| x86 (i386, x86_64) | Yes | Yes | The ubiquitous desktop PC CPU architecture, 32 and 64 bit. |
| RISC-V | Yes | Yes | An open standard RISC ISA maintained by RISC-V International |
| others | ? | ? | ex:MIPS ,Loongarch ,m68k,Microblaze,PowerPC,Xtensa… |
Semihosting半主机支持
qemu也支持Semihosting模式,让guest 借用主机的输入输出来调试,一般只用来调试一些“bare-metal”的裸机代码。
支持的虚拟化加速器
QEMU的系统仿真提供了一台设备的虚拟模型,包括CPU、内存和模拟的设备,并运行guest OS。 它现在支持许多Hypervisor(虚拟化管理程序),以帮助加速。同时也保留有使用类似JIT的模拟技术,纯模拟运行的的Tiny Code Generator (TCG) 。
| Supported Accelerators | Accelerator | Host OS | Host Architectures |
|---|---|---|---|
| KVM | Linux | Arm (64 bit only), MIPS, PPC, RISC-V, s390x, x86 | |
| Xen | Linux (as dom0) | Arm, x86 | |
| Intel HAXM (hax) | Linux, Windows | x86 | |
| Hypervisor Framework (hvf) | MacOS | x86 (64 bit only), Arm (64 bit only) | |
| Windows Hypervisor Platform (whpx) | Windows | x86 | |
| NetBSD Virtual Machine Monitor (nvmm) | NetBSD | x86 | |
| Tiny Code Generator (tcg) | Linux, other POSIX, Windows, MacOS | Arm, x86, Loongarch64, MIPS, PPC, s390x, Sparc64 |
安装qemu
使用atp工具安装
1
sudo apt install qemu qemu-system qemu-user
编译安装
1
2
3
4
5
6
7
8
wget https://download.qemu.org/qemu-8.0.0.tar.xz
tar xvJf qemu-8.0.0.tar.xz
cd qemu-8.0.0
./configure
# 仅安装arm模拟器
# ./configure --target-list=aarch64-softmmu,arm-softmmu,aarch64-linux-user,arm-linux-user
make
make install
configure时出现问题,根据提示安装相关依赖软件包,或安装meson,ninja等工具。 默认编译生成的可执行文件在build下,对应版本的文档则在 build/docs,编译文档依赖spinx工具,需要先安装。
基本使用
qemu提供的API非常复杂,对于非x86的系统,通常需要在命令行提供更加明确的参数,命令行示例可以参考这里: QEMU System Emulator Targets 列举了各个CPU架构的特别参数。另外还有很多参数是通用的。
QEMU命令行的一般形式可以表示为:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# 基本使用
$ qemu-system-x86_64 [machine opts] \
[cpu opts] \
[accelerator opts] \
[device opts] \
[backend opts] \
[interface opts] \
[boot opts]
# 查看帮助
$ qemu-system-x86_64 -M help
# Help也可以作为参数传递给另一个选项,
# 如列出可以控制scsi-hd设备行为的其他选项的参数及其默认值
$ qemu-system-x86_64 -device scsi-hd,help
选项概览
| Options | Description |
|---|---|
| Machine | Define the machine type, amount of memory etc |
| CPU | Type and number/topology of vCPUs. Most accelerators offer a host cpu option which simply passes through your host CPU configuration without filtering out any features. |
| Accelerator | This will depend on the hypervisor you run. Note that the default is TCG, which is purely emulated, so you must specify an accelerator type to take advantage of hardware virtualization. |
| Devices | Additional devices that are not defined by default with the machine type. |
| Backends | Backends are how QEMU deals with the guest’s data, for example how a block device is stored, how network devices see the network or how a serial device is directed to the outside world. |
| Interfaces | How the system is displayed, how it is managed and controlled or debugged. |
| Boot | How the system boots, via firmware or direct kernel boot. |