xref: /freebsd/usr.sbin/bhyve/bhyve.8 (revision 05427f4639bcf2703329a9be9d25ec09bb782742)
1.\" Copyright (c) 2013 Peter Grehan
2.\" All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\"
13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
23.\" SUCH DAMAGE.
24.\"
25.Dd August 21, 2024
26.Dt BHYVE 8
27.Os
28.Sh NAME
29.Nm bhyve
30.Nd "run a guest operating system inside a virtual machine"
31.Sh SYNOPSIS
32.Nm
33.Op Fl aCDeHhPSuWwxY
34.Oo
35.Sm off
36.Fl c\~
37.Oo
38.Op Cm cpus=
39.Ar numcpus
40.Oc
41.Op Cm ,sockets= Ar n
42.Op Cm ,cores= Ar n
43.Op Cm ,threads= Ar n
44.Oc
45.Sm on
46.Oo Fl f
47.Sm off
48.Ar name Cm \&,
49.Oo
50.Cm string No | Cm file
51.Oc
52.Cm \&= Ar data
53.Sm on
54.Oc
55.Oo
56.Sm off
57.Fl G\~
58.Oo Ar w Oc
59.Oo Ar bind_address Cm \&: Oc
60.Ar port
61.Sm on
62.Oc
63.Op Fl k Ar config_file
64.Op Fl K Ar layout
65.Oo Fl l
66.Sm off
67.Ar lpcdev Op Cm \&, Ar conf
68.Sm on
69.Oc
70.Sm off
71.Oo Fl m\~
72.Ar memsize
73.Oo
74.Cm K | Cm k | Cm M | Cm m | Cm G | Cm g | Cm T | Cm t
75.Oc
76.Sm on
77.Oc
78.Op Fl o Ar var Ns Cm = Ns Ar value
79.Op Fl p Ar vcpu Ns Cm \&: Ns Ar hostcpu
80.Op Fl r Ar file
81.Sm off
82.Oo Fl s\~
83.Ar slot Cm \&, Ar emulation Op Cm \&, Ar conf
84.Sm on
85.Oc
86.Op Fl U Ar uuid
87.Ar vmname
88.Nm
89.Fl l Cm help
90.Nm
91.Fl s Cm help
92.Sh DESCRIPTION
93.Nm
94is a hypervisor that runs guest operating systems inside a
95virtual machine.
96It can run guests on amd64 and arm64 platforms with suitable hardware support.
97.Pp
98Parameters such as the number of virtual CPUs, amount of guest memory, and
99I/O connectivity can be specified with command-line parameters.
100.Pp
101.Nm
102is typically used with a boot ROM that can load the guest operating system.
103On arm64 platforms, this is currently required.
104If not using a boot ROM, the guest operating system must be loaded with
105.Xr bhyveload 8
106or a similar boot loader before running
107.Nm ,
108otherwise.
109On amd64, the
110.Pa edk2-bhyve
111package provides a UEFI firmware that can be used to boot the guest;
112on arm64 the
113.Pa u-boot-bhyve-arm64
114package provides a U-Boot image that can be used to boot the guest.
115.Pp
116.Nm
117runs until the guest operating system reboots or an unhandled hypervisor
118exit is detected.
119.Sh OPTIONS
120.Bl -tag -width 10n
121.It Fl a
122The guest's local APIC is configured in xAPIC mode.
123This option only applies to the amd64 platform.
124xAPIC mode is the default setting so this option is redundant.
125It will be deprecated in a future version.
126.It Fl C
127Include guest memory in core files.
128.It Fl c Op Ar setting ...
129Number of guest virtual CPUs
130and/or the CPU topology.
131The default value for each of
132.Ar numcpus ,
133.Ar sockets ,
134.Ar cores ,
135and
136.Ar threads
137is 1.
138If
139.Ar numcpus
140is not specified then it will be calculated from the other arguments.
141The topology must be consistent in that the
142.Ar numcpus
143must equal the product of
144.Ar sockets ,
145.Ar cores ,
146and
147.Ar threads .
148If a
149.Ar setting
150is specified more than once the last one has precedence.
151.Pp
152The maximum number of virtual CPUs defaults to the number of active
153physical CPUs in the system available via the
154.Va hw.vmm.maxcpu
155.Xr sysctl 8
156variable.
157The limit can be adjusted via the
158.Va hw.vmm.maxcpu
159loader tunable.
160.It Fl D
161Destroy the VM on guest initiated power-off.
162.It Fl e
163Force
164.Nm
165to exit when a guest issues an access to an I/O port that is not emulated.
166This is intended for debug purposes and only applies to the amd64 platform.
167.It Fl f Ar name Ns Cm \&, Ns Oo Cm string Ns No | Ns Cm file Ns Oc Ns Cm \&= Ns Ar data
168Add a fw_cfg file
169.Ar name
170to the fw_cfg interface.
171If a
172.Cm string
173is specified, the fw_cfg file contains the string as data.
174If a
175.Cm file
176is specified, bhyve reads the file and adds the file content as fw_cfg data.
177.It Fl G Xo
178.Sm off
179.Oo Ar w Oc
180.Oo Ar bind_address Cm \&: Oc
181.Ar port
182.Sm on
183.Xc
184Start a debug server that uses the GDB protocol to export guest state to a
185debugger.
186An IPv4 TCP socket will be bound to the supplied
187.Ar bind_address
188and
189.Ar port
190to listen for debugger connections.
191Only a single debugger may be attached to the debug server at a time.
192If the option begins with
193.Sq w ,
194.Nm
195will pause execution at the first instruction waiting for a debugger to attach.
196.It Fl H
197Yield the virtual CPU thread when a HLT instruction is detected.
198If this option is not specified, virtual CPUs will use 100% of a host CPU.
199This option applies only to the amd64 platform.
200.It Fl h
201Print help message and exit.
202.It Fl k Ar config_file
203Set configuration variables from a simple, key-value config file.
204Each line of the config file is expected to consist of a config variable
205name, an equals sign
206.Pq Sq = ,
207and a value.
208No spaces are permitted between the variable name, equals sign, or
209value.
210Blank lines and lines starting with
211.Sq #
212are ignored.
213See
214.Xr bhyve_config 5
215for more details.
216.It Fl K Ar layout
217Specify the keyboard layout.
218The value that can be specified sets the file name in
219.Ar /usr/share/bhyve/kbdlayout .
220This specification only works when loaded with UEFI mode for VNC.
221When using a VNC client that supports QEMU Extended Key Event Message (e.g.
222TigerVNC), this option isn't needed.
223When using a VNC client that doesn't support QEMU Extended Key Event Message
224(e.g. tightVNC), the layout defaults to the US keyboard unless specified
225otherwise.
226.It Fl l Cm help
227Print a list of supported LPC devices.
228.It Fl l Ar lpcdev Ns Op Cm \&, Ns Ar conf
229Allow devices behind the LPC PCI-ISA bridge to be configured.
230The only supported devices are the TTY-class devices
231.Cm com1 , com2 , com3 ,
232and
233.Cm com4 ,
234the TPM module
235.Cm tpm ,
236the boot ROM device
237.Cm bootrom ,
238the
239.Cm fwcfg
240type and the debug/test device
241.Cm pc-testdev .
242.Pp
243The possible values for the
244.Ar conf
245argument are listed in the
246.Fl s
247flag description.
248.Pp
249This option applies only to the amd64 platform.
250On arm64, the console and boot ROM devices are configured using the
251more generic
252.Fl o
253option.
254.It Xo
255.Fl m Ar memsize Ns Oo
256.Sm off
257.Cm K | k | M | m | G | g | T | t
258.Sm on
259.Oc
260.Xc
261Set the guest physical memory size.
262This must be the same size that was given to
263.Xr bhyveload 8 .
264.Pp
265The size argument may be suffixed with one of
266.Cm K , M , G
267or
268.Cm T
269(either upper or lower case)
270to indicate a multiple of kilobytes, megabytes, gigabytes, or terabytes.
271If no suffix is given, the value is assumed to be in megabytes.
272.Pp
273The default is 256M.
274.It Fl o Ar var Ns Cm = Ns Ar value
275Set the configuration variable
276.Ar var
277to
278.Ar value .
279See
280.Xr bhyve_config 5
281for configuration options.
282.It Fl P
283Force the guest virtual CPU to exit when a PAUSE instruction is detected.
284This option applies only to the amd64 platform.
285.It Fl p Ar vcpu Ns Cm \& : Ns Ar hostcpu
286Pin guest's virtual CPU
287.Em vcpu
288to
289.Em hostcpu .
290Host CPUs and guest virtual CPUs are numbered starting from 0.
291A
292.Fl p
293option is required for every guest vCPU to be pinned.
294To map a 4 vCPU guest to host CPUs 12-15:
295.Bd -literal
296-p 0:12 -p 1:13 -p 2:14 -p 3:15
297.Ed
298.It Fl r Ar file
299Resume a guest from a snapshot.
300The guest memory contents are restored from
301.Ar file ,
302and the guest device and vCPU state are restored from the file
303.Dq Ar file Ns .kern .
304.Pp
305Note that the current snapshot file format requires that the
306configuration of devices in the new VM match the VM from which the
307snapshot was taken by specifying the same
308.Fl s
309and
310.Fl l
311options.
312The count of vCPUs and memory configuration are read from the snapshot.
313.It Fl S
314Wire guest memory.
315.It Fl s Cm help
316Print a list of supported PCI devices.
317.It Fl s Ar slot Ns Cm \&, Ns Ar emulation Ns Op Cm \&, Ns Ar conf
318Configure a virtual PCI slot and function.
319.Pp
320.Nm
321provides PCI bus emulation and virtual devices that can be attached to
322slots on the bus.
323There are 32 available slots, with the option of providing up to 8 functions
324per slot.
325.Pp
326The
327.Ar slot
328can be specified in one of the following formats:
329.Pp
330.Bl -bullet -compact
331.It
332.Ar pcislot
333.It
334.Sm off
335.Ar pcislot Cm \&: Ar function
336.Sm on
337.It
338.Sm off
339.Ar bus Cm \&: Ar pcislot Cm \&: Ar function
340.Sm on
341.El
342.Pp
343The
344.Ar pcislot
345value is 0 to 31.
346The optional
347.Ar function
348value is 0 to 7.
349The optional
350.Ar bus
351value is 0 to 255.
352If not specified, the
353.Ar function
354value defaults to 0.
355If not specified, the
356.Ar bus
357value defaults to 0.
358.Pp
359See
360.Sx "PCI EMULATION"
361for available options for the
362.Ar emulation
363argument.
364.It Fl U Ar uuid
365Set the universally unique identifier
366.Pq UUID
367in the guest's System Management BIOS System Information structure.
368By default a UUID is generated from the host's hostname and
369.Ar vmname .
370.It Fl u
371RTC keeps UTC time.
372.It Fl W
373Force virtio PCI device emulations to use MSI interrupts instead of MSI-X
374interrupts.
375.It Fl w
376Ignore accesses to unimplemented Model Specific Registers (MSRs).
377This is intended for debug purposes.
378.It Fl x
379The guest's local APIC is configured in x2APIC mode.
380This option applies only to the amd64 platform.
381.It Fl Y
382Disable MPtable generation.
383This option applies only to the amd64 platform.
384.It Ar vmname
385Alphanumeric name of the guest.
386This should be the same as that created by
387.Xr bhyveload 8 .
388.El
389.Sh PCI EMULATION
390.Nm
391provides emulation for various PCI devices.
392They are specified by the
393.Fl s
394.Ar slot,emulation,conf
395configuration's
396.Ar emulation
397argument, which can be one of the following:
398.Bl -tag -width "amd_hostbridge"
399.It Cm hostbridge
400A simple host bridge.
401This is usually configured at slot 0, and is required by most guest
402operating systems.
403.It Cm amd_hostbridge
404Emulation identical to
405.Cm hostbridge
406using a PCI vendor ID of AMD.
407.It Cm passthru
408PCI pass-through device.
409.It Cm virtio-net
410Virtio network interface.
411.It Cm virtio-blk
412Virtio block storage interface.
413.It Cm virtio-scsi
414Virtio SCSI interface.
415.It Cm virtio-9p
416Virtio 9p (VirtFS) interface.
417.It Cm virtio-rnd
418Virtio RNG interface.
419.It Cm virtio-console
420Virtio console interface, which exposes multiple ports
421to the guest in the form of simple char devices for simple IO
422between the guest and host userspaces.
423.It Cm virtio-input
424Virtio input interface.
425.It Cm ahci
426AHCI controller attached to arbitrary devices.
427.It Cm ahci-cd
428AHCI controller attached to an ATAPI CD/DVD.
429.It Cm ahci-hd
430AHCI controller attached to a SATA hard drive.
431.It Cm e1000
432Intel e82545 network interface.
433.It Cm uart
434PCI 16550 serial device.
435.It Cm lpc
436LPC PCI-ISA bridge with COM1, COM2, COM3, and COM4 16550 serial ports,
437a boot ROM, and,
438optionally, a TPM module, a fwcfg type, and the debug/test device.
439The LPC bridge emulation can only be configured on bus 0.
440.It Cm fbuf
441Raw framebuffer device attached to VNC server.
442.It Cm xhci
443eXtensible Host Controller Interface (xHCI) USB controller.
444.It Cm nvme
445NVM Express (NVMe) controller.
446.It Cm hda
447High Definition Audio Controller.
448.El
449.Pp
450The optional parameter
451.Ar conf
452describes the backend for device emulations.
453If
454.Ar conf
455is not specified, the device emulation has no backend and can be
456considered unconnected.
457.Ss Network device backends
458.Sm off
459.Bl -bullet
460.It
461.Xo
462.Cm tap Ar N
463.Op Cm \&,mac= Ar xx:xx:xx:xx:xx:xx
464.Op Cm \&,mtu= Ar N
465.Xc
466.It
467.Xo
468.Cm vmnet Ar N
469.Op Cm \&,mac= Ar xx:xx:xx:xx:xx:xx
470.Op Cm \&,mtu= Ar N
471.Xc
472.It
473.Xo
474.Cm netgraph,path= Ar ADDRESS Cm \&,peerhook= Ar HOOK
475.Op Cm \&,socket= Ar NAME
476.Op Cm \&,hook= Ar HOOK
477.Op Cm \&,mac= Ar xx:xx:xx:xx:xx:xx
478.Op Cm \&,mtu= Ar N
479.Xc
480.It
481.Xo
482.Cm slirp,hostfwd= Ar proto : Ar hostaddr : Ar hostport - Ar guestaddr : Ar guestport
483.Xc
484.El
485.Sm on
486.Pp
487If
488.Cm mac
489is not specified, the MAC address is derived from a fixed OUI, and the
490remaining bytes from an MD5 hash of the slot and function numbers and
491the device name.
492.Pp
493The MAC address is an ASCII string in
494.Xr ethers 5
495format.
496.Pp
497With
498.Cm virtio-net
499devices, the
500.Cm mtu
501parameter can be specified to inform the guest about the largest MTU
502that should be allowed, expressed in bytes.
503.Pp
504With
505.Cm netgraph
506backend, the
507.Cm path
508and
509.Cm peerhook
510parameters must be specified to set the destination node and corresponding hook.
511The optional parameters
512.Cm socket
513and
514.Cm hook
515may be used to set the
516.Xr ng_socket 4
517node name and source hook.
518The
519.Ar ADDRESS ,
520.Ar HOOK ,
521and
522.Ar NAME
523must comply with
524.Xr netgraph 4
525addressing rules.
526.Pp
527The slirp backend can be used to provide a NATed network to the guest.
528This backend has poor performance but does not require any network
529configuration on the host system.
530It depends on the
531.Pa net/libslirp
532port.
533The
534.Cm hostfwd
535option takes a 5-tuple describing how connections from the host are to be
536forwarded to the guest.
537Multiple rules can be specified, separated by semicolons.
538Note that semicolons must be escaped or quoted to prevent the shell from
539interpreting them.
540.Ss Block storage device backends:
541.Bl -bullet
542.Sm off
543.It
544.Ar /filename Op Cm \&, Ar block-device-options
545.It
546.Ar /dev/xxx Op Cm \&, Ar block-device-options
547.Sm on
548.El
549.Pp
550The
551.Ar block-device-options
552are:
553.Bl -tag -width 10n
554.It Cm nocache
555Open the file with
556.Dv O_DIRECT .
557.It Cm direct
558Open the file using
559.Dv O_SYNC .
560.It Cm ro
561Force the file to be opened read-only.
562.It Cm sectorsize= Ns Ar logical Ns Oo Cm \&/ Ns Ar physical Oc
563Specify the logical and physical sector sizes of the emulated disk.
564The physical sector size is optional and is equal to the logical sector size
565if not explicitly specified.
566.It Cm nodelete
567Disable emulation of guest trim requests via
568.Dv DIOCGDELETE
569requests.
570.It Li bootindex= Ns Ar index
571Add the device to the bootorder at
572.Ar index .
573A fwcfg file is used to specify the bootorder.
574The guest firmware may ignore or doesn't support this fwcfg file.
575In that case, this feature doesn't work as expected.
576.El
577.Ss SCSI device backends
578.Bl -bullet
579.Sm off
580.It
581.Pa /dev/cam/ctl Oo Ar pp Cm \&. Ar vp Oc Oo Cm \&, Ar scsi-device-options Oc
582.Sm on
583.El
584.Pp
585The
586.Ar scsi-device-options
587are:
588.Bl -tag -width 10n
589.It Cm iid= Ns Ar IID
590Initiator ID to use when sending requests to specified CTL port.
591The default value is 0.
592.It Li bootindex= Ns Ar index
593Add the device to the bootorder at
594.Ar index .
595A fwcfg file is used to specify the bootorder.
596The guest firmware may ignore or doesn't support this fwcfg file.
597In that case, this feature doesn't work as expected.
598.El
599.Ss 9P device backends
600.Bl -bullet
601.Sm off
602.It
603.Ar sharename Cm = Ar /path/to/share Op Cm \&, Ar 9p-device-options
604.Sm on
605.El
606.Pp
607The
608.Ar 9p-device-options
609are:
610.Bl -tag -width 10n
611.It Cm ro
612Expose the share in read-only mode.
613.El
614.Ss TTY device backends
615.Bl -tag -width 10n
616.It Cm stdio
617Connect the serial port to the standard input and output of
618the
619.Nm
620process.
621.It Ar /dev/xxx
622Use the host TTY device for serial port I/O.
623.It Ar tcp=ip:port
624Use the TCP server for serial port I/O.
625Configuring this option will start a TCP server that waits for connections.
626Only one connection is allowed at any time. Other connection try to connect
627to TCP server will be disconnected immediately. Note that this feature
628allows unprivileged users to access the guest console, so ensure that
629access is appropriately restricted.
630.El
631.Ss TPM device backends
632.Bl -bullet
633.Sm off
634.It
635.Ar type Ns \&, Ns Ar path Ns Op Cm \&, Ns Ar tpm-device-options
636.Sm on
637.El
638.Pp
639Emulate a TPM device.
640Supported options for
641.Ar type :
642.Bl -tag -width 10n
643.It Cm passthru
644Use a physical TPM device.
645The argument
646.Ar path
647needs to point to a valid TPM device path, i.e.
648.Pa /dev/tpm0 .
649.It Cm swtpm
650Connect to a running
651.Cm swtpm
652instance.
653The argument
654.Ar path
655needs to point to a UNIX domain socket that a
656.Cm swtpm
657process is listening on.
658.El
659.Pp
660The
661.Ar tpm-device-options
662are:
663.Bl -tag -width 10n
664.It Cm version= Ns Ar version
665Version of the TPM device according to the TCG specification.
666Defaults to
667.Cm 2.0 ,
668which is the only version currently supported.
669.El
670.Ss Boot ROM device backends
671.Sm off
672.Bl -bullet
673.It
674.Ar romfile Ns Op Cm \&, Ns Ar varfile
675.El
676.Sm on
677.Pp
678Map
679.Ar romfile
680in the guest address space reserved for boot firmware.
681.Pp
682If
683.Ar varfile
684is provided, that file is also mapped in the boot firmware guest
685address space, and any modifications the guest makes will be saved
686to that file.
687.Pp
688Fwcfg types:
689.Bl -tag -width 10n
690.It Ar fwcfg
691The fwcfg interface is used to pass information such as the CPU count
692or ACPI tables to the guest firmware.
693Supported values are
694.Ql bhyve
695and
696.Ql qemu .
697Due to backward compatibility reasons,
698.Ql bhyve
699is the default option.
700When
701.Ql bhyve
702is used, bhyve's fwctl interface is used.
703It currently reports only the CPU count to the guest firmware.
704The
705.Ql qemu
706option uses QEMU's fwcfg interface.
707This interface is widely used and allows user-defined information to
708be passed to the guest.
709It is used for passing the CPU count, ACPI tables, a boot order and
710many other things to the guest.
711Some operating systems such as Fedora CoreOS can be configured by
712qemu's fwcfg interface as well.
713.El
714.Ss Pass-through device backends
715.Sm off
716.Bl -bullet
717.It
718.Cm ppt Ar N Oo , Ar passthru-device-options Oc
719.It
720.Ns Ar bus Cm \&/ Ar slot Cm \&/ Ar function
721.Op , Ar passthru-device-options
722.It
723.Cm pci Ar bus Cm : Ar slot Cm : Ns Ar function
724.Op , Ar passthru-device-options
725.El
726.Sm on
727.Pp
728Connect to a PCI device on the host either named ppt
729.Ns Ar N
730or at the selector described by
731.Ar slot ,
732.Ar bus ,
733and
734.Ar function
735numbers.
736.Pp
737The
738.Ar passthru-device-options
739are:
740.Bl -tag -width 10n
741.It Cm rom= Ns Ar romfile
742Add
743.Ar romfile
744as option ROM to the PCI device.
745The ROM will be loaded by firmware and should be capable of
746initializing the device.
747.It Li bootindex= Ns Ar index
748Add the device to the bootorder at
749.Ar index .
750A fwcfg file is used to specify the bootorder.
751The guest firmware may ignore or doesn't support this fwcfg file.
752In that case, this feature doesn't work as expected.
753.El
754.Pp
755Guest memory must be wired using the
756.Fl S
757option when a pass-through device is configured.
758.Pp
759The host device must have been reserved at boot-time using the
760.Va pptdevs
761loader variable as described in
762.Xr vmm 4 .
763.Ss Virtio console device backends
764.Bl -bullet
765.Sm off
766.It
767.Cm port1= Ns Ar /path/to/port1.sock Ns Op Cm ,port Ns Ar N Cm \&= Ns Ar /path/to/port2.sock No \~ Ar ...
768.Sm on
769.El
770.Pp
771A maximum of 16 ports per device can be created.
772Every port is named and corresponds to a Unix domain socket created by
773.Nm .
774.Nm
775accepts at most one connection per port at a time.
776.Pp
777Limitations:
778.Bl -bullet
779.It
780Due to the lack of destructors in
781.Nm ,
782sockets on the filesystem must be cleaned up manually after
783.Nm
784exits.
785.It
786There is no way to use the
787.Dq console port
788feature, nor the console port
789resize at present.
790.It
791Emergency write is advertised, but no-op at present.
792.El
793.Ss Virtio input device backends:
794.Bl -bullet
795.Sm off
796.It
797.Ar /dev/input/eventX
798.Sm on
799.El
800.Pp
801Send input events of
802.Ar /dev/input/eventX
803to guest by VirtIO Input Interface.
804.Ss Framebuffer device backends
805.Bl -bullet
806.Sm off
807.It
808.Op Cm rfb= Ar ip-and-port
809.Op Cm ,w= Ar width
810.Op Cm ,h= Ar height
811.Op Cm ,vga= Ar vgaconf
812.Op Cm ,wait
813.Op Cm ,password= Ar password
814.Sm on
815.El
816.Pp
817Configuration options are defined as follows:
818.Bl -tag -width 10n
819.It Cm rfb= Ns Ar ip-and-port Pq or Cm tcp= Ns Ar ip-and-port
820An IP address and a port VNC should listen on.
821There are two formats:
822.Pp
823.Bl -bullet -compact
824.It
825.Sm off
826.Op Ar IPv4 Cm \&:
827.Ar port
828.Sm on
829.It
830.Sm off
831.Cm \&[ Ar IPv6%zone Cm \&] Cm \&: Ar port
832.Sm on
833.El
834.Pp
835The default is to listen on localhost IPv4 address and default VNC port 5900.
836An IPv6 address must be enclosed in square brackets and may contain an
837optional zone identifier.
838.It Cm w= Ns Ar width No and Cm h= Ns Ar height
839A display resolution, width and height, respectively.
840If not specified, a default resolution of 1024x768 pixels will be used.
841Minimal supported resolution is 640x480 pixels,
842and maximum is 3840x2160 pixels.
843.It Cm vga= Ns Ar vgaconf
844Possible values for this option are
845.Cm io
846(default),
847.Cm on ,
848and
849.Cm off .
850PCI graphics cards have a dual personality in that they are
851standard PCI devices with BAR addressing, but may also
852implicitly decode legacy VGA I/O space
853.Pq Ad 0x3c0-3df
854and memory space
855.Pq 64KB at Ad 0xA0000 .
856The default
857.Cm io
858option should be used for guests that attempt to issue BIOS calls which result
859in I/O port queries, and fail to boot if I/O decode is disabled.
860.Pp
861The
862.Cm on
863option should be used along with the CSM BIOS capability in UEFI
864to boot traditional BIOS guests that require the legacy VGA I/O and
865memory regions to be available.
866.Pp
867The
868.Cm off
869option should be used for the UEFI guests that assume that
870VGA adapter is present if they detect the I/O ports.
871An example of such a guest is
872.Ox
873in UEFI mode.
874.Pp
875Please refer to the
876.Nm
877.Fx
878wiki page
879.Pq Lk https://wiki.freebsd.org/bhyve
880for configuration notes of particular guests.
881.It Cm wait
882Instruct
883.Nm
884to only boot upon the initiation of a VNC connection, simplifying the
885installation of operating systems that require immediate keyboard input.
886This can be removed for post-installation use.
887.It Cm password= Ns Ar password
888This type of authentication is known to be cryptographically weak and is not
889intended for use on untrusted networks.
890Many implementations will want to use stronger security, such as running
891the session over an encrypted channel provided by IPsec or SSH.
892.El
893.Ss xHCI USB device backends
894.Bl -bullet
895.Sm off
896.It
897.Ar tablet
898.Sm on
899.El
900.Pp
901A USB tablet device that provides precise cursor synchronization
902when using VNC.
903.Ss NVMe device backends
904.Bl -bullet
905.Sm off
906.It
907.Ar devpath
908.Op Cm ,maxq= Ar #
909.Op Cm ,qsz= Ar #
910.Op Cm ,ioslots= Ar #
911.Op Cm ,sectsz= Ar #
912.Op Cm ,ser= Ar #
913.Op Cm ,eui64= Ar #
914.Op Cm ,dsm= Ar opt
915.Sm on
916.El
917.Pp
918Configuration options are defined as follows:
919.Bl -tag -width 10n
920.It Ar devpath
921Accepted device paths are:
922.Ar /dev/blockdev
923or
924.Ar /path/to/image
925or
926.Cm ram= Ns Ar size_in_MiB .
927.It Cm maxq
928Max number of queues.
929.It Cm qsz
930Max elements in each queue.
931.It Cm ioslots
932Max number of concurrent I/O requests.
933.It Cm sectsz
934Sector size (defaults to blockif sector size).
935.It Cm ser
936Serial number with maximum 20 characters.
937.It Cm eui64
938IEEE Extended Unique Identifier (8 byte value).
939.It Cm dsm
940DataSet Management support.
941Supported values are:
942.Cm auto , enable ,
943and
944.Cm disable .
945.El
946.Ss AHCI device backends
947.Bl -bullet
948.It
949.Sm off
950.Op Oo Cm hd\&: | cd\&: Oc Ar path
951.Op Cm ,nmrr= Ar nmrr
952.Op Cm ,ser= Ar #
953.Op Cm ,rev= Ar #
954.Op Cm ,model= Ar #
955.Sm on
956.El
957.Pp
958Configuration options are defined as follows:
959.Bl -tag -width 10n
960.It Cm nmrr
961Nominal Media Rotation Rate, known as RPM.
962Value 1 will indicate device as Solid State Disk.
963Default value is 0, not report.
964.It Cm ser
965Serial Number with maximum 20 characters.
966.It Cm rev
967Revision Number with maximum 8 characters.
968.It Cm model
969Model Number with maximum 40 characters.
970.El
971.Ss HD Audio device backends
972.Bl -bullet
973.It
974.Sm off
975.Op Cm play= Ar playback
976.Op Cm ,rec= Ar recording
977.Sm on
978.El
979.Pp
980Configuration options are defined as follows:
981.Bl -tag -width 10n
982.It Cm play
983Playback device, typically
984.Ar /dev/dsp0 .
985.It Cm rec
986Recording device, typically
987.Ar /dev/dsp0 .
988.El
989.Sh CONFIGURATION VARIABLES
990.Nm
991uses an internal tree of configuration variables to describe global and
992per-device settings.
993When
994.Nm
995starts,
996it parses command line options (including config files) in the order given
997on the command line.
998Each command line option sets one or more configuration variables.
999For example,
1000the
1001.Fl s
1002option creates a new tree node for a PCI device and sets one or more variables
1003under that node including the device model and device model-specific variables.
1004Variables may be set multiple times during this parsing stage with the final
1005value overriding previous values.
1006.Pp
1007Once all of the command line options have been processed,
1008the configuration values are frozen.
1009.Nm
1010then uses the value of configuration values to initialize device models
1011and global settings.
1012.Pp
1013More details on configuration variables can be found in
1014.Xr bhyve_config 5 .
1015.Sh CONFIGURATION FILE CREATION
1016The
1017.Fl k
1018flag allows one to provide a path to a configuration file holding all
1019settings, which otherwise would need to be defined by providing a long
1020list of program arguments to
1021.Nm .
1022.Pp
1023There is a very simple way to translate a complex set of program
1024arguments to an equivalent configuration file in
1025.Xr bhyve_config 5
1026format.
1027.Pp
1028Use
1029.Fl o
1030.Ar config.dump=1
1031to make
1032.Nm
1033dump a configuration file representing the used flags and arguments to
1034stdout. You can pipe the output into a file to persist the generated settings.
1035.Pp
1036Make sure to remove the
1037.Ar config.dump
1038line from the resulting configuration file before using it to start
1039.Nm .
1040.Sh DEBUG SERVER
1041The current debug server provides limited support for debuggers.
1042.Ss Registers
1043Each virtual CPU is exposed to the debugger as a thread.
1044.Pp
1045General purpose registers can be queried for each virtual CPU, but other
1046registers such as floating-point and system registers cannot be queried.
1047.Ss Memory
1048Memory (including memory mapped I/O regions) can be read and written
1049by the debugger.
1050Memory operations use virtual addresses that are resolved to physical
1051addresses via the current virtual CPU's active address translation.
1052.Ss Control
1053The running guest can be interrupted by the debugger at any time
1054.Pq for example, by pressing Ctrl-C in the debugger .
1055.Pp
1056Single stepping is only supported on Intel CPUs supporting the MTRAP VM exit.
1057.Pp
1058Breakpoints are supported on Intel CPUs that support single stepping.
1059Note that continuing from a breakpoint while interrupts are enabled in the
1060guest may not work as expected due to timer interrupts firing while single
1061stepping over the breakpoint.
1062.Sh SIGNAL HANDLING
1063.Nm
1064deals with the following signals:
1065.Pp
1066.Bl -tag -width SIGTERM -compact
1067.It SIGTERM
1068Trigger ACPI poweroff for a VM
1069.El
1070.Sh EXIT STATUS
1071Exit status indicates how the VM was terminated:
1072.Pp
1073.Bl -tag -width indent -compact
1074.It 0
1075rebooted
1076.It 1
1077powered off
1078.It 2
1079halted
1080.It 3
1081triple fault
1082.It 4
1083exited due to an error
1084.El
1085.Sh EXAMPLES
1086If not using a boot ROM, the guest operating system must have been loaded with
1087.Xr bhyveload 8
1088or a similar boot loader before
1089.Xr bhyve 4
1090can be run.
1091Otherwise, the boot loader is not needed.
1092.Pp
1093To run a virtual machine with 1GB of memory, two virtual CPUs, a virtio
1094block device backed by the
1095.Pa /my/image
1096filesystem image, and a serial port for the console:
1097.Bd -literal -offset indent
1098bhyve -c 2 -s 0,hostbridge -s 1,lpc -s 2,virtio-blk,/my/image \\
1099  -l com1,stdio -H -P -m 1G vm1
1100.Ed
1101.Pp
1102To do the same on arm64:
1103.Bd -literal -offset indent
1104.Ed
1105bhyve -c 2 -s 0,hostbridge -s 1,virtio-blk,/my/image -o console=stdio \\
1106  -o bootrom=/usr/local/share/u-boot/u-boot-bhyve-arm64/u-boot.bin -m 1G vm1
1107.Pp
1108Run a 24GB single-CPU virtual machine with three network ports, one of which
1109has a MAC address specified:
1110.Bd -literal -offset indent
1111bhyve -s 0,hostbridge -s 1,lpc -s 2:0,virtio-net,tap0 \\
1112  -s 2:1,virtio-net,tap1 \\
1113  -s 2:2,virtio-net,tap2,mac=00:be:fa:76:45:00 \\
1114  -s 3,virtio-blk,/my/image -l com1,stdio \\
1115  -H -P -m 24G bigvm
1116.Ed
1117.Pp
1118Run an 8GB quad-CPU virtual machine with 8 AHCI SATA disks, an AHCI ATAPI
1119CD-ROM, a single virtio network port, an AMD hostbridge, and the console
1120port connected to an
1121.Xr nmdm 4
1122null-modem device.
1123.Bd -literal -offset indent
1124bhyve -c 4 \\
1125  -s 0,amd_hostbridge -s 1,lpc \\
1126  -s 1:0,ahci,hd:/images/disk.1,hd:/images/disk.2,\\
1127hd:/images/disk.3,hd:/images/disk.4,\\
1128hd:/images/disk.5,hd:/images/disk.6,\\
1129hd:/images/disk.7,hd:/images/disk.8,\\
1130cd:/images/install.iso \\
1131  -s 3,virtio-net,tap0 \\
1132  -l com1,/dev/nmdm0A \\
1133  -H -P -m 8G
1134.Ed
1135.Pp
1136Run a UEFI virtual machine with a display resolution of 800 by 600 pixels
1137that can be accessed via VNC at: 0.0.0.0:5900 or via serial console over
1138TCP at: 127.0.0.1:1234 (unsafe if you expose serial console without protection).
1139.Bd -literal -offset indent
1140bhyve -c 2 -m 4G -w -H \\
1141  -s 0,hostbridge \\
1142  -s 3,ahci-cd,/path/to/uefi-OS-install.iso \\
1143  -s 4,ahci-hd,disk.img \\
1144  -s 5,virtio-net,tap0 \\
1145  -s 29,fbuf,tcp=0.0.0.0:5900,w=800,h=600,wait \\
1146  -s 30,xhci,tablet \\
1147  -s 31,lpc -l com1,tcp=127.0.0.1:1234 \\
1148  -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \\
1149   uefivm
1150.Ed
1151.Pp
1152Run a UEFI virtual machine with a VNC display that is bound to all IPv6
1153addresses on port 5900 and a serial I/O port bound to TCP port 1234 of
1154loopback address (unsafe if you expose serial console without protection).
1155.Bd -literal -offset indent
1156bhyve -c 2 -m 4G -w -H \\
1157  -s 0,hostbridge \\
1158  -s 4,ahci-hd,disk.img \\
1159  -s 5,virtio-net,tap0 \\
1160  -s 29,fbuf,tcp=[::]:5900,w=800,h=600 \\
1161  -s 30,xhci,tablet \\
1162  -s 31,lpc -l com1,tcp=[::1]:1234 \\
1163  -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \\
1164   uefivm
1165.Ed
1166.Pp
1167Run a UEFI virtual machine with a VARS file to save EFI variables.
1168Note that
1169.Nm
1170will write guest modifications to the given VARS file.
1171Be sure to create a per-guest copy of the template VARS file from
1172.Pa /usr .
1173.Bd -literal -offset indent
1174bhyve -c 2 -m 4g -w -H \\
1175  -s 0,hostbridge \\
1176  -s 31,lpc -l com1,stdio \\
1177  -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI_CODE.fd,BHYVE_UEFI_VARS.fd
1178   uefivm
1179.Ed
1180.Pp
1181To create a configuration file
1182.Pa configfile
1183for a virtual machine, use
1184.Fl o
1185.Ar config.dump=1 :
1186.Bd -literal -offset indent
1187/usr/sbin/bhyve -c 2 -m 256 -H -P \\
1188  -s 0:0,hostbridge -s 1:0,virtio-net,tap0 \\
1189  -s 2:0,ahci-hd,./vm0.img \\
1190  -s 31,lpc -l com1,stdio \\
1191  -o config.dump=1 vm0 > configfile
1192.Ed
1193.Pp
1194Then use an editor of your choice to remove the line "config.dump=1"
1195from the newly generated
1196.Pa configfile .
1197.Pp
1198To start
1199.Nm
1200using this configuration file, use flag
1201.Fl k :
1202.Bd -literal -offset indent
1203/usr/sbin/bhyve -k configfile vm0
1204.Ed
1205.Sh SEE ALSO
1206.Xr bhyve 4 ,
1207.Xr netgraph 4 ,
1208.Xr ng_socket 4 ,
1209.Xr nmdm 4 ,
1210.Xr vmm 4 ,
1211.Xr bhyve_config 5 ,
1212.Xr ethers 5 ,
1213.Xr bhyvectl 8 ,
1214.Xr bhyveload 8
1215.Pp
1216.Rs
1217.%A Intel
1218.%B 64 and IA-32 Architectures Software Developer’s Manual
1219.%V Volume 3
1220.Re
1221.Sh HISTORY
1222.Nm
1223first appeared in
1224.Fx 10.0 .
1225.Sh AUTHORS
1226.An Neel Natu Aq Mt neel@freebsd.org
1227.An Peter Grehan Aq Mt grehan@freebsd.org
1228