1'virt' generic virtual platform (``virt``) 2========================================== 3 4The ``virt`` board is a platform which does not correspond to any 5real hardware; it is designed for use in virtual machines. 6It is the recommended board type if you simply want to run 7a guest such as Linux and do not care about reproducing the 8idiosyncrasies and limitations of a particular bit of real-world 9hardware. 10 11This is a "versioned" board model, so as well as the ``virt`` machine 12type itself (which may have improvements, bugfixes and other minor 13changes between QEMU versions) a version is provided that guarantees 14to have the same behaviour as that of previous QEMU releases, so 15that VM migration will work between QEMU versions. For instance the 16``virt-5.0`` machine type will behave like the ``virt`` machine from 17the QEMU 5.0 release, and migration should work between ``virt-5.0`` 18of the 5.0 release and ``virt-5.0`` of the 5.1 release. Migration 19is not guaranteed to work between different QEMU releases for 20the non-versioned ``virt`` machine type. 21 22Supported devices 23""""""""""""""""" 24 25The virt board supports: 26 27- PCI/PCIe devices 28- Flash memory 29- Either one or two PL011 UARTs for the NonSecure World 30- An RTC 31- The fw_cfg device that allows a guest to obtain data from QEMU 32- A PL061 GPIO controller 33- An optional SMMUv3 IOMMU 34- hotpluggable DIMMs 35- hotpluggable NVDIMMs 36- An MSI controller (GICv2M or ITS). GICv2M is selected by default along 37 with GICv2. ITS is selected by default with GICv3 (>= virt-2.7). Note 38 that ITS is not modeled in TCG mode. 39- 32 virtio-mmio transport devices 40- running guests using the KVM accelerator on aarch64 hardware 41- large amounts of RAM (at least 255GB, and more if using highmem) 42- many CPUs (up to 512 if using a GICv3 and highmem) 43- Secure-World-only devices if the CPU has TrustZone: 44 45 - A second PL011 UART 46 - A second PL061 GPIO controller, with GPIO lines for triggering 47 a system reset or system poweroff 48 - A secure flash memory 49 - 16MB of secure RAM 50 51The second NonSecure UART only exists if a backend is configured 52explicitly (e.g. with a second -serial command line option) and 53TrustZone emulation is not enabled. 54 55Supported guest CPU types: 56 57- ``cortex-a7`` (32-bit) 58- ``cortex-a15`` (32-bit; the default) 59- ``cortex-a35`` (64-bit) 60- ``cortex-a53`` (64-bit) 61- ``cortex-a55`` (64-bit) 62- ``cortex-a57`` (64-bit) 63- ``cortex-a72`` (64-bit) 64- ``cortex-a76`` (64-bit) 65- ``cortex-a710`` (64-bit) 66- ``a64fx`` (64-bit) 67- ``host`` (with KVM only) 68- ``neoverse-n1`` (64-bit) 69- ``neoverse-v1`` (64-bit) 70- ``neoverse-n2`` (64-bit) 71- ``max`` (same as ``host`` for KVM; best possible emulation with TCG) 72 73Note that the default is ``cortex-a15``, so for an AArch64 guest you must 74specify a CPU type. 75 76Also, please note that passing ``max`` CPU (i.e. ``-cpu max``) won't 77enable all the CPU features for a given ``virt`` machine. Where a CPU 78architectural feature requires support in both the CPU itself and in the 79wider system (e.g. the MTE feature), it may not be enabled by default, 80but instead requires a machine option to enable it. 81 82For example, MTE support must be enabled with ``-machine virt,mte=on``, 83as well as by selecting an MTE-capable CPU (e.g., ``max``) with the 84``-cpu`` option. 85 86See the machine-specific options below, or check them for a given machine 87by passing the ``help`` suboption, like: ``-machine virt-9.0,help``. 88 89Graphics output is available, but unlike the x86 PC machine types 90there is no default display device enabled: you should select one from 91the Display devices section of "-device help". The recommended option 92is ``virtio-gpu-pci``; this is the only one which will work correctly 93with KVM. You may also need to ensure your guest kernel is configured 94with support for this; see below. 95 96Machine-specific options 97"""""""""""""""""""""""" 98 99The following machine-specific options are supported: 100 101secure 102 Set ``on``/``off`` to enable/disable emulating a guest CPU which implements the 103 Arm Security Extensions (TrustZone). The default is ``off``. 104 105virtualization 106 Set ``on``/``off`` to enable/disable emulating a guest CPU which implements the 107 Arm Virtualization Extensions. The default is ``off``. 108 109mte 110 Set ``on``/``off`` to enable/disable emulating a guest CPU which implements the 111 Arm Memory Tagging Extensions. The default is ``off``. 112 113highmem 114 Set ``on``/``off`` to enable/disable placing devices and RAM in physical 115 address space above 32 bits. The default is ``on`` for machine types 116 later than ``virt-2.12`` when the CPU supports an address space 117 bigger than 32 bits (i.e. 64-bit CPUs, and 32-bit CPUs with the 118 Large Physical Address Extension (LPAE) feature). If you want to 119 boot a 32-bit kernel which does not have ``CONFIG_LPAE`` enabled on 120 a CPU type which implements LPAE, you will need to manually set 121 this to ``off``; otherwise some devices, such as the PCI controller, 122 will not be accessible. 123 124compact-highmem 125 Set ``on``/``off`` to enable/disable the compact layout for high memory regions. 126 The default is ``on`` for machine types later than ``virt-7.2``. 127 128highmem-redists 129 Set ``on``/``off`` to enable/disable the high memory region for GICv3 or 130 GICv4 redistributor. The default is ``on``. Setting this to ``off`` will 131 limit the maximum number of CPUs when GICv3 or GICv4 is used. 132 133highmem-ecam 134 Set ``on``/``off`` to enable/disable the high memory region for PCI ECAM. 135 The default is ``on`` for machine types later than ``virt-3.0``. 136 137highmem-mmio 138 Set ``on``/``off`` to enable/disable the high memory region for PCI MMIO. 139 The default is ``on``. 140 141gic-version 142 Specify the version of the Generic Interrupt Controller (GIC) to provide. 143 Valid values are: 144 145 ``2`` 146 GICv2. Note that this limits the number of CPUs to 8. 147 ``3`` 148 GICv3. This allows up to 512 CPUs. 149 ``4`` 150 GICv4. Requires ``virtualization`` to be ``on``; allows up to 317 CPUs. 151 ``host`` 152 Use the same GIC version the host provides, when using KVM 153 ``max`` 154 Use the best GIC version possible (same as host when using KVM; 155 with TCG this is currently ``3`` if ``virtualization`` is ``off`` and 156 ``4`` if ``virtualization`` is ``on``, but this may change in future) 157 158its 159 Set ``on``/``off`` to enable/disable ITS instantiation. The default is ``on`` 160 for machine types later than ``virt-2.7``. 161 162iommu 163 Set the IOMMU type to create for the guest. Valid values are: 164 165 ``none`` 166 Don't create an IOMMU (the default) 167 ``smmuv3`` 168 Create an SMMUv3 169 170default-bus-bypass-iommu 171 Set ``on``/``off`` to enable/disable `bypass_iommu 172 <https://gitlab.com/qemu-project/qemu/-/blob/master/docs/bypass-iommu.txt>`_ 173 for default root bus. 174 175ras 176 Set ``on``/``off`` to enable/disable reporting host memory errors to a guest 177 using ACPI and guest external abort exceptions. The default is off. 178 179acpi 180 Set ``on``/``off``/``auto`` to enable/disable ACPI. 181 182dtb-randomness 183 Set ``on``/``off`` to pass random seeds via the guest DTB 184 rng-seed and kaslr-seed nodes (in both "/chosen" and 185 "/secure-chosen") to use for features like the random number 186 generator and address space randomisation. The default is 187 ``on``. You will want to disable it if your trusted boot chain 188 will verify the DTB it is passed, since this option causes the 189 DTB to be non-deterministic. It would be the responsibility of 190 the firmware to come up with a seed and pass it on if it wants to. 191 192dtb-kaslr-seed 193 A deprecated synonym for dtb-randomness. 194 195x-oem-id 196 Set string (up to 6 bytes) to override the default value of field OEMID in ACPI 197 table header. 198 199x-oem-table-id 200 Set string (up to 8 bytes) to override the default value of field OEM Table ID 201 in ACPI table header. 202 203Linux guest kernel configuration 204"""""""""""""""""""""""""""""""" 205 206The 'defconfig' for Linux arm and arm64 kernels should include the 207right device drivers for virtio and the PCI controller; however some older 208kernel versions, especially for 32-bit Arm, did not have everything 209enabled by default. If you're not seeing PCI devices that you expect, 210then check that your guest config has:: 211 212 CONFIG_PCI=y 213 CONFIG_VIRTIO_PCI=y 214 CONFIG_PCI_HOST_GENERIC=y 215 216If you want to use the ``virtio-gpu-pci`` graphics device you will also 217need:: 218 219 CONFIG_DRM=y 220 CONFIG_DRM_VIRTIO_GPU=y 221 222Hardware configuration information for bare-metal programming 223""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" 224 225The ``virt`` board automatically generates a device tree blob ("dtb") 226which it passes to the guest. This provides information about the 227addresses, interrupt lines and other configuration of the various devices 228in the system. Guest code can rely on and hard-code the following 229addresses: 230 231- Flash memory starts at address 0x0000_0000 232 233- RAM starts at 0x4000_0000 234 235All other information about device locations may change between 236QEMU versions, so guest code must look in the DTB. 237 238QEMU supports two types of guest image boot for ``virt``, and 239the way for the guest code to locate the dtb binary differs: 240 241- For guests using the Linux kernel boot protocol (this means any 242 non-ELF file passed to the QEMU ``-kernel`` option) the address 243 of the DTB is passed in a register (``r2`` for 32-bit guests, 244 or ``x0`` for 64-bit guests) 245 246- For guests booting as "bare-metal" (any other kind of boot), 247 the DTB is at the start of RAM (0x4000_0000) 248