1.\" Copyright (c) 2013 Peter Grehan 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd Jun 25, 2020 28.Dt BHYVE 8 29.Os 30.Sh NAME 31.Nm bhyve 32.Nd "run a guest operating system inside a virtual machine" 33.Sh SYNOPSIS 34.Nm 35.Op Fl AabCDeHhPSuWwxY 36.Oo 37.Sm off 38.Fl c\~ 39.Oo 40.Op Cm cpus= 41.Ar numcpus 42.Oc 43.Op Cm ,sockets= Ar n 44.Op Cm ,cores= Ar n 45.Op Cm ,threads= Ar n 46.Oc 47.Sm on 48.Op Fl G Ar port 49.Op Fl g Ar gdbport 50.Oo Fl l 51.Sm off 52.Cm help | Ar lpcdev Op Cm \&, Ar conf 53.Sm on 54.Oc 55.Oo Fl m 56.Sm off 57.Ar memsize 58.Oo 59.Cm K No | Cm k No | Cm M No | Cm m No | Cm G No | Cm g No | Cm T No | Cm t 60.Oc 61.Sm on 62.Oc 63.Op Fl p Ar vcpu Ns Cm \&: Ns Ar hostcpu 64.Op Fl r Ar file 65.Oo Fl s 66.Sm off 67.Cm help | Ar slot Cm \&, Ar emulation Op Cm \&, Ar conf 68.Sm on 69.Oc 70.Op Fl U Ar uuid 71.Ar vmname 72.Sh DESCRIPTION 73.Nm 74is a hypervisor that runs guest operating systems inside a 75virtual machine. 76.Pp 77Parameters such as the number of virtual CPUs, amount of guest memory, and 78I/O connectivity can be specified with command-line parameters. 79.Pp 80If not using a boot ROM, the guest operating system must be loaded with 81.Xr bhyveload 8 82or a similar boot loader before running 83.Nm , 84otherwise, it is enough to run 85.Nm 86with a boot ROM of choice. 87.Pp 88.Nm 89runs until the guest operating system reboots or an unhandled hypervisor 90exit is detected. 91.Sh OPTIONS 92.Bl -tag -width 10n 93.It Fl a 94The guest's local APIC is configured in xAPIC mode. 95The xAPIC mode is the default setting so this option is redundant. 96It will be deprecated in a future version. 97.It Fl A 98Generate ACPI tables. 99Required for 100.Fx Ns /amd64 101guests. 102.It Fl b 103Enable a low-level console device supported by 104.Fx 105kernels compiled with 106.Cd "device bvmconsole" . 107This option will be deprecated in a future version. 108.It Fl c Op Ar setting ... 109Number of guest virtual CPUs 110and/or the CPU topology. 111The default value for each of 112.Ar numcpus , 113.Ar sockets , 114.Ar cores , 115and 116.Ar threads 117is 1. 118The current maximum number of guest virtual CPUs is 16. 119If 120.Ar numcpus 121is not specified then it will be calculated from the other arguments. 122The topology must be consistent in that the 123.Ar numcpus 124must equal the product of 125.Ar sockets , 126.Ar cores , 127and 128.Ar threads . 129If a 130.Ar setting 131is specified more than once the last one has precedence. 132.It Fl C 133Include guest memory in core file. 134.It Fl D 135Destroy the VM on guest initiated power-off. 136.It Fl e 137Force 138.Nm 139to exit when a guest issues an access to an I/O port that is not emulated. 140This is intended for debug purposes. 141.It Fl g Ar gdbport 142For 143.Fx 144kernels compiled with 145.Cd "device bvmdebug" , 146allow a remote kernel kgdb to be relayed to the guest kernel gdb stub 147via a local IPv4 address and this port. 148This option will be deprecated in a future version. 149.It Fl G Ar port 150Start a debug server that uses the GDB protocol to export guest state to a 151debugger. 152An IPv4 TCP socket will be bound to the supplied 153.Ar port 154to listen for debugger connections. 155Only a single debugger may be attached to the debug server at a time. 156If 157.Ar port 158begins with 159.Sq w , 160.Nm 161will pause execution at the first instruction waiting for a debugger to attach. 162.It Fl h 163Print help message and exit. 164.It Fl H 165Yield the virtual CPU thread when a HLT instruction is detected. 166If this option is not specified, virtual CPUs will use 100% of a host CPU. 167.It Fl l Op Ar help|lpcdev Ns Op , Ns Ar conf 168Allow devices behind the LPC PCI-ISA bridge to be configured. 169The only supported devices are the TTY-class devices 170.Ar com1 171and 172.Ar com2 173and the boot ROM device 174.Ar bootrom . 175.Pp 176.Ar help 177print a list of supported LPC devices. 178.It Fl m Ar memsize Ns Op Ar K|k|M|m|G|g|T|t 179Guest physical memory size in bytes. 180This must be the same size that was given to 181.Xr bhyveload 8 . 182.Pp 183The size argument may be suffixed with one of K, M, G or T (either upper 184or lower case) to indicate a multiple of kilobytes, megabytes, gigabytes, 185or terabytes. 186If no suffix is given, the value is assumed to be in megabytes. 187.Pp 188.Ar memsize 189defaults to 256M. 190.It Fl p Ar vcpu:hostcpu 191Pin guest's virtual CPU 192.Em vcpu 193to 194.Em hostcpu . 195.It Fl P 196Force the guest virtual CPU to exit when a PAUSE instruction is detected. 197.It Fl r Ar file 198Resume a guest from a snapshot. 199The guest memory contents are restored from 200.Ar file , 201and the guest device and vCPU state are restored from the file 202.Dq Ar file Ns .kern . 203.Pp 204Note that the current snapshot file format requires that the configuration of 205devices in the new VM match the VM from which the snapshot was taken by specifying the 206same 207.Op Fl s 208and 209.Op Fl l 210options. 211The count of vCPUs and memory configuration are read from the snapshot. 212.It Fl s Op Ar help|slot,emulation Ns Op , Ns Ar conf 213Configure a virtual PCI slot and function. 214.Pp 215.Nm 216provides PCI bus emulation and virtual devices that can be attached to 217slots on the bus. 218There are 32 available slots, with the option of providing up to 8 functions 219per slot. 220.Bl -tag -width 10n 221.It Ar help 222print a list of supported PCI devices. 223.It Ar slot 224.Ar pcislot[:function] 225.Ar bus:pcislot:function 226.Pp 227The 228.Ar pcislot 229value is 0 to 31. 230The optional 231.Ar function 232value is 0 to 7. 233The optional 234.Ar bus 235value is 0 to 255. 236If not specified, the 237.Ar function 238value defaults to 0. 239If not specified, the 240.Ar bus 241value defaults to 0. 242.It Ar emulation 243.Bl -tag -width 10n 244.It Li hostbridge | Li amd_hostbridge 245.Pp 246Provide a simple host bridge. 247This is usually configured at slot 0, and is required by most guest 248operating systems. 249The 250.Li amd_hostbridge 251emulation is identical but uses a PCI vendor ID of 252.Li AMD . 253.It Li passthru 254PCI pass-through device. 255.It Li virtio-net 256Virtio network interface. 257.It Li virtio-blk 258Virtio block storage interface. 259.It Li virtio-scsi 260Virtio SCSI interface. 261.It Li virtio-rnd 262Virtio RNG interface. 263.It Li virtio-console 264Virtio console interface, which exposes multiple ports 265to the guest in the form of simple char devices for simple IO 266between the guest and host userspaces. 267.It Li ahci 268AHCI controller attached to arbitrary devices. 269.It Li ahci-cd 270AHCI controller attached to an ATAPI CD/DVD. 271.It Li ahci-hd 272AHCI controller attached to a SATA hard-drive. 273.It Li e1000 274Intel e82545 network interface. 275.It Li uart 276PCI 16550 serial device. 277.It Li lpc 278LPC PCI-ISA bridge with COM1 and COM2 16550 serial ports and a boot ROM. 279The LPC bridge emulation can only be configured on bus 0. 280.It Li fbuf 281Raw framebuffer device attached to VNC server. 282.It Li xhci 283eXtensible Host Controller Interface (xHCI) USB controller. 284.It Li nvme 285NVM Express (NVMe) controller. 286.It Li hda 287High Definition Audio Controller. 288.El 289.It Op Ar conf 290This optional parameter describes the backend for device emulations. 291If 292.Ar conf 293is not specified, the device emulation has no backend and can be 294considered unconnected. 295.Pp 296Network backends: 297.Bl -tag -width 10n 298.It Ar tapN Ns Oo , Ns Ar mac=xx:xx:xx:xx:xx:xx Oc Ns Oo , Ns Ar mtu=N Oc 299.It Ar vmnetN Ns Oo , Ns Ar mac=xx:xx:xx:xx:xx:xx Oc Ns Oo , Ns Ar mtu=N Oc 300.It Ar netgraph,path=ADDRESS,peerhook=HOOK Ns Oo , Ns Ar socket=NAME Oc Ns Oo , Ns Ar hook=HOOK Oc Ns Oo , Ns Ar mac=xx:xx:xx:xx:xx:xx Oc Ns Oo , Ns Ar mtu=N Oc 301.Pp 302If 303.Ar mac 304is not specified, the MAC address is derived from a fixed OUI and the 305remaining bytes from an MD5 hash of the slot and function numbers and 306the device name. 307.Pp 308The MAC address is an ASCII string in 309.Xr ethers 5 310format. 311.Pp 312With virtio-net devices, the 313.Ar mtu 314parameter can be specified to inform the guest about the largest MTU 315that should be allowed, expressed in bytes. 316.Pp 317With netgraph backend, the 318.Ar path 319and 320.Ar peerhook 321parameters must be specified to set the destination node and corresponding hook. 322The optional parameters 323.Ar socket 324and 325.Ar hook 326may be used to set the 327.Xr ng_socket 4 328node name and source hook. 329The 330.Ar ADDRESS , 331.Ar HOOK 332and 333.Ar NAME 334must comply with 335.Xr netgraph 4 336addressing rules. 337.El 338.Pp 339Block storage devices: 340.Bl -tag -width 10n 341.It Pa /filename Ns Oo , Ns Ar block-device-options Oc 342.It Pa /dev/xxx Ns Oo , Ns Ar block-device-options Oc 343.El 344.Pp 345The 346.Ar block-device-options 347are: 348.Bl -tag -width 8n 349.It Li nocache 350Open the file with 351.Dv O_DIRECT . 352.It Li direct 353Open the file using 354.Dv O_SYNC . 355.It Li ro 356Force the file to be opened read-only. 357.It Li sectorsize= Ns Ar logical Ns Oo / Ns Ar physical Oc 358Specify the logical and physical sector sizes of the emulated disk. 359The physical sector size is optional and is equal to the logical sector size 360if not explicitly specified. 361.El 362.Pp 363SCSI devices: 364.Bl -tag -width 10n 365.It Pa /dev/cam/ctl Ns Oo Ar pp . Ns Ar vp Oc Ns Oo , Ns Ar scsi-device-options Oc 366.El 367.Pp 368The 369.Ar scsi-device-options 370are: 371.Bl -tag -width 10n 372.It Li iid= Ns Ar IID 373Initiator ID to use when sending requests to specified CTL port. 374The default value is 0. 375.El 376.Pp 377TTY devices: 378.Bl -tag -width 10n 379.It Li stdio 380Connect the serial port to the standard input and output of 381the 382.Nm 383process. 384.It Pa /dev/xxx 385Use the host TTY device for serial port I/O. 386.El 387.Pp 388Boot ROM device: 389.Bl -tag -width 10n 390.It Pa romfile 391Map 392.Ar romfile 393in the guest address space reserved for boot firmware. 394.El 395.Pp 396Pass-through devices: 397.Bl -tag -width 10n 398.It Ns Ar slot Ns / Ns Ar bus Ns / Ns Ar function 399Connect to a PCI device on the host at the selector described by 400.Ar slot , 401.Ar bus , 402and 403.Ar function 404numbers. 405.El 406.Pp 407Guest memory must be wired using the 408.Fl S 409option when a pass-through device is configured. 410.Pp 411The host device must have been reserved at boot-time using the 412.Va pptdevs 413loader variable as described in 414.Xr vmm 4 . 415.Pp 416Virtio console devices: 417.Bl -tag -width 10n 418.It Li port1= Ns Pa /path/to/port1.sock Ns ,anotherport= Ns Pa ... 419A maximum of 16 ports per device can be created. 420Every port is named and corresponds to a Unix domain socket created by 421.Nm . 422.Nm 423accepts at most one connection per port at a time. 424.Pp 425Limitations: 426.Bl -bullet -offset 2n 427.It 428Due to lack of destructors in 429.Nm , 430sockets on the filesystem must be cleaned up manually after 431.Nm 432exits. 433.It 434There is no way to use the "console port" feature, nor the console port 435resize at present. 436.It 437Emergency write is advertised, but no-op at present. 438.El 439.El 440.Pp 441Framebuffer devices: 442.Bl -tag -width 10n 443.It Xo 444.Oo rfb= Ns Oo Ar IP\&: Oc Ns Ar port Oc Ns Oo ,w= Ns Ar width Oc Ns Oo ,h= Ns 445.Ar height Oc Ns Oo ,vga= Ns Ar vgaconf Oc Ns Oo Ns ,wait Oc Ns Oo ,password= Ns 446.Ar password Oc 447.Xc 448.Bl -tag -width 8n 449.It Ar IPv4:port No or Ar [IPv6%zone]:port 450An 451.Ar IP 452address and a 453.Ar port 454VNC should listen on. 455The default is to listen on localhost IPv4 address and default VNC port 5900. 456An IPv6 address must be enclosed in square brackets and may contain an 457optional zone identifier. 458.It Ar width No and Ar height 459A display resolution, width and height, respectively. 460If not specified, a default resolution of 1024x768 pixels will be used. 461Minimal supported resolution is 640x480 pixels, 462and maximum is 1920x1200 pixels. 463.It Ar vgaconf 464Possible values for this option are 465.Dq io 466(default), 467.Dq on 468, and 469.Dq off . 470PCI graphics cards have a dual personality in that they are 471standard PCI devices with BAR addressing, but may also 472implicitly decode legacy VGA I/O space 473.Pq Ad 0x3c0-3df 474and memory space 475.Pq 64KB at Ad 0xA0000 . 476The default 477.Dq io 478option should be used for guests that attempt to issue BIOS calls which result 479in I/O port queries, and fail to boot if I/O decode is disabled. 480.Pp 481The 482.Dq on 483option should be used along with the CSM BIOS capability in UEFI 484to boot traditional BIOS guests that require the legacy VGA I/O and 485memory regions to be available. 486.Pp 487The 488.Dq off 489option should be used for the UEFI guests that assume that 490VGA adapter is present if they detect the I/O ports. 491An example of such a guest is 492.Ox 493in UEFI mode. 494.Pp 495Please refer to the 496.Nm 497.Fx 498wiki page 499.Pq Lk https://wiki.freebsd.org/bhyve 500for configuration notes of particular guests. 501.It wait 502Instruct 503.Nm 504to only boot upon the initiation of a VNC connection, simplifying the 505installation of operating systems that require immediate keyboard input. 506This can be removed for post-installation use. 507.It password 508This type of authentication is known to be cryptographically weak and is not 509intended for use on untrusted networks. 510Many implementations will want to use stronger security, such as running 511the session over an encrypted channel provided by IPsec or SSH. 512.El 513.El 514.Pp 515xHCI USB devices: 516.Bl -tag -width 10n 517.It Li tablet 518A USB tablet device which provides precise cursor synchronization 519when using VNC. 520.El 521.Pp 522NVMe devices: 523.Bl -tag -width 10n 524.It Li devpath 525Accepted device paths are: 526.Ar /dev/blockdev 527or 528.Ar /path/to/image 529or 530.Ar ram=size_in_MiB . 531.It Li maxq 532Max number of queues. 533.It Li qsz 534Max elements in each queue. 535.It Li ioslots 536Max number of concurrent I/O requests. 537.It Li sectsz 538Sector size (defaults to blockif sector size). 539.It Li ser 540Serial number with maximum 20 characters. 541.El 542.Pp 543HD Audio devices: 544.Bl -tag -width 10n 545.It Li play 546Playback device, typically 547.Ar /dev/dsp0 . 548.It Li rec 549Recording device, typically 550.Ar /dev/dsp0 . 551.El 552.El 553.It Fl S 554Wire guest memory. 555.It Fl u 556RTC keeps UTC time. 557.It Fl U Ar uuid 558Set the universally unique identifier 559.Pq UUID 560in the guest's System Management BIOS System Information structure. 561By default a UUID is generated from the host's hostname and 562.Ar vmname . 563.It Fl w 564Ignore accesses to unimplemented Model Specific Registers (MSRs). 565This is intended for debug purposes. 566.It Fl W 567Force virtio PCI device emulations to use MSI interrupts instead of MSI-X 568interrupts. 569.It Fl x 570The guest's local APIC is configured in x2APIC mode. 571.It Fl Y 572Disable MPtable generation. 573.It Ar vmname 574Alphanumeric name of the guest. 575This should be the same as that created by 576.Xr bhyveload 8 . 577.El 578.Sh DEBUG SERVER 579The current debug server provides limited support for debuggers. 580.Ss Registers 581Each virtual CPU is exposed to the debugger as a thread. 582.Pp 583General purpose registers can be queried for each virtual CPU, but other 584registers such as floating-point and system registers cannot be queried. 585.Ss Memory 586Memory (including memory mapped I/O regions) can be read and written by the debugger. 587Memory operations use virtual addresses that are resolved to physical addresses 588via the current virtual CPU's active address translation. 589.Ss Control 590The running guest can be interrupted by the debugger at any time 591.Pq for example, by pressing Ctrl-C in the debugger . 592.Pp 593Single stepping is only supported on Intel CPUs supporting the MTRAP VM exit. 594.Pp 595Breakpoints are supported on Intel CPUs that support single stepping. 596Note that continuing from a breakpoint while interrupts are enabled in the 597guest may not work as expected due to timer interrupts firing while single 598stepping over the breakpoint. 599.Sh SIGNAL HANDLING 600.Nm 601deals with the following signals: 602.Pp 603.Bl -tag -width indent -compact 604.It SIGTERM 605Trigger ACPI poweroff for a VM 606.El 607.Sh EXIT STATUS 608Exit status indicates how the VM was terminated: 609.Pp 610.Bl -tag -width indent -compact 611.It 0 612rebooted 613.It 1 614powered off 615.It 2 616halted 617.It 3 618triple fault 619.It 4 620exited due to an error 621.El 622.Sh EXAMPLES 623If not using a boot ROM, the guest operating system must have been loaded with 624.Xr bhyveload 8 625or a similar boot loader before 626.Xr bhyve 4 627can be run. 628Otherwise, the boot loader is not needed. 629.Pp 630To run a virtual machine with 1GB of memory, two virtual CPUs, a virtio 631block device backed by the 632.Pa /my/image 633filesystem image, and a serial port for the console: 634.Bd -literal -offset indent 635bhyve -c 2 -s 0,hostbridge -s 1,lpc -s 2,virtio-blk,/my/image \\ 636 -l com1,stdio -A -H -P -m 1G vm1 637.Ed 638.Pp 639Run a 24GB single-CPU virtual machine with three network ports, one of which 640has a MAC address specified: 641.Bd -literal -offset indent 642bhyve -s 0,hostbridge -s 1,lpc -s 2:0,virtio-net,tap0 \\ 643 -s 2:1,virtio-net,tap1 \\ 644 -s 2:2,virtio-net,tap2,mac=00:be:fa:76:45:00 \\ 645 -s 3,virtio-blk,/my/image -l com1,stdio \\ 646 -A -H -P -m 24G bigvm 647.Ed 648.Pp 649Run an 8GB quad-CPU virtual machine with 8 AHCI SATA disks, an AHCI ATAPI 650CD-ROM, a single virtio network port, an AMD hostbridge, and the console 651port connected to an 652.Xr nmdm 4 653null-modem device. 654.Bd -literal -offset indent 655bhyve -c 4 \\ 656 -s 0,amd_hostbridge -s 1,lpc \\ 657 -s 1:0,ahci,hd:/images/disk.1,hd:/images/disk.2,\\ 658hd:/images/disk.3,hd:/images/disk.4,\\ 659hd:/images/disk.5,hd:/images/disk.6,\\ 660hd:/images/disk.7,hd:/images/disk.8,\\ 661cd:/images/install.iso \\ 662 -s 3,virtio-net,tap0 \\ 663 -l com1,/dev/nmdm0A \\ 664 -A -H -P -m 8G 665.Ed 666.Pp 667Run a UEFI virtual machine with a display resolution of 800 by 600 pixels 668that can be accessed via VNC at: 0.0.0.0:5900. 669.Bd -literal -offset indent 670bhyve -c 2 -m 4G -w -H \\ 671 -s 0,hostbridge \\ 672 -s 3,ahci-cd,/path/to/uefi-OS-install.iso \\ 673 -s 4,ahci-hd,disk.img \\ 674 -s 5,virtio-net,tap0 \\ 675 -s 29,fbuf,tcp=0.0.0.0:5900,w=800,h=600,wait \\ 676 -s 30,xhci,tablet \\ 677 -s 31,lpc -l com1,stdio \\ 678 -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \\ 679 uefivm 680.Ed 681.Pp 682Run a UEFI virtual machine with a VNC display that is bound to all IPv6 683addresses on port 5900. 684.Bd -literal -offset indent 685bhyve -c 2 -m 4G -w -H \\ 686 -s 0,hostbridge \\ 687 -s 4,ahci-hd,disk.img \\ 688 -s 5,virtio-net,tap0 \\ 689 -s 29,fbuf,tcp=[::]:5900,w=800,h=600 \\ 690 -s 30,xhci,tablet \\ 691 -s 31,lpc -l com1,stdio \\ 692 -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \\ 693 uefivm 694.Ed 695.Sh SEE ALSO 696.Xr bhyve 4 , 697.Xr netgraph 4 , 698.Xr ng_socket 4 , 699.Xr nmdm 4 , 700.Xr vmm 4 , 701.Xr ethers 5 , 702.Xr bhyvectl 8 , 703.Xr bhyveload 8 704.Pp 705.Rs 706.%A Intel 707.%B 64 and IA-32 Architectures Software Developer’s Manual 708.%V Volume 3 709.Re 710.Sh HISTORY 711.Nm 712first appeared in 713.Fx 10.0 . 714.Sh AUTHORS 715.An Neel Natu Aq Mt neel@freebsd.org 716.An Peter Grehan Aq Mt grehan@freebsd.org 717