1.\" Copyright (c) 2013 Peter Grehan 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd Jul 11, 2018 28.Dt BHYVE 8 29.Os 30.Sh NAME 31.Nm bhyve 32.Nd "run a guest operating system inside a virtual machine" 33.Sh SYNOPSIS 34.Nm 35.Op Fl abehuwxACHPSWY 36.Oo 37.Fl c\~ Ns 38.Oo 39.Op Ar cpus= Ns 40.Ar numcpus Ns 41.Oc Ns 42.Op Ar ,sockets=n Ns 43.Op Ar ,cores=n Ns 44.Op Ar ,threads=n 45.Oc 46.Op Fl g Ar gdbport 47.Op Fl l Ar lpcdev Ns Op , Ns Ar conf 48.Op Fl m Ar memsize Ns Op Ar K|k|M|m|G|g|T|t 49.Op Fl p Ar vcpu:hostcpu 50.Op Fl s Ar slot,emulation Ns Op , Ns Ar conf 51.Op Fl G Ar port 52.Op Fl U Ar uuid 53.Ar vmname 54.Sh DESCRIPTION 55.Nm 56is a hypervisor that runs guest operating systems inside a 57virtual machine. 58.Pp 59Parameters such as the number of virtual CPUs, amount of guest memory, and 60I/O connectivity can be specified with command-line parameters. 61.Pp 62If not using a boot ROM, the guest operating system must be loaded with 63.Xr bhyveload 8 64or a similar boot loader before running 65.Nm , 66otherwise, it is enough to run 67.Nm 68with a boot ROM of choice. 69.Pp 70.Nm 71runs until the guest operating system reboots or an unhandled hypervisor 72exit is detected. 73.Sh OPTIONS 74.Bl -tag -width 10n 75.It Fl a 76The guest's local APIC is configured in xAPIC mode. 77The xAPIC mode is the default setting so this option is redundant. 78It will be deprecated in a future version. 79.It Fl A 80Generate ACPI tables. 81Required for 82.Fx Ns /amd64 83guests. 84.It Fl b 85Enable a low-level console device supported by 86.Fx 87kernels compiled with 88.Cd "device bvmconsole" . 89This option will be deprecated in a future version. 90.It Fl c Op Ar setting ... 91Number of guest virtual CPUs 92and/or the CPU topology. 93The default value for each of 94.Ar numcpus , 95.Ar sockets , 96.Ar cores , 97and 98.Ar threads 99is 1. 100The current maximum number of guest virtual CPUs is 16. 101If 102.Ar numcpus 103is not specified then it will be calculated from the other arguments. 104The topology must be consistent in that the 105.Ar numcpus 106must equal the product of 107.Ar sockets , 108.Ar cores , 109and 110.Ar threads . 111If a 112.Ar setting 113is specified more than once the last one has precedence. 114.It Fl C 115Include guest memory in core file. 116.It Fl e 117Force 118.Nm 119to exit when a guest issues an access to an I/O port that is not emulated. 120This is intended for debug purposes. 121.It Fl g Ar gdbport 122For 123.Fx 124kernels compiled with 125.Cd "device bvmdebug" , 126allow a remote kernel kgdb to be relayed to the guest kernel gdb stub 127via a local IPv4 address and this port. 128This option will be deprecated in a future version. 129.It Fl G Ar port 130Start a debug server that uses the GDB protocol to export guest state to a 131debugger. 132An IPv4 TCP socket will be bound to the supplied 133.Ar port 134to listen for debugger connections. 135Only a single debugger may be attached to the debug server at a time. 136If 137.Ar port 138begins with 139.Sq w , 140.Nm 141will pause execution at the first instruction waiting for a debugger to attach. 142.It Fl h 143Print help message and exit. 144.It Fl H 145Yield the virtual CPU thread when a HLT instruction is detected. 146If this option is not specified, virtual CPUs will use 100% of a host CPU. 147.It Fl l Ar lpcdev Ns Op , Ns Ar conf 148Allow devices behind the LPC PCI-ISA bridge to be configured. 149The only supported devices are the TTY-class devices 150.Ar com1 151and 152.Ar com2 153and the boot ROM device 154.Ar bootrom . 155.It Fl m Ar memsize Ns Op Ar K|k|M|m|G|g|T|t 156Guest physical memory size in bytes. 157This must be the same size that was given to 158.Xr bhyveload 8 . 159.Pp 160The size argument may be suffixed with one of K, M, G or T (either upper 161or lower case) to indicate a multiple of kilobytes, megabytes, gigabytes, 162or terabytes. 163If no suffix is given, the value is assumed to be in megabytes. 164.Pp 165.Ar memsize 166defaults to 256M. 167.It Fl p Ar vcpu:hostcpu 168Pin guest's virtual CPU 169.Em vcpu 170to 171.Em hostcpu . 172.It Fl P 173Force the guest virtual CPU to exit when a PAUSE instruction is detected. 174.It Fl s Ar slot,emulation Ns Op , Ns Ar conf 175Configure a virtual PCI slot and function. 176.Pp 177.Nm 178provides PCI bus emulation and virtual devices that can be attached to 179slots on the bus. 180There are 32 available slots, with the option of providing up to 8 functions 181per slot. 182.Bl -tag -width 10n 183.It Ar slot 184.Ar pcislot[:function] 185.Ar bus:pcislot:function 186.Pp 187The 188.Ar pcislot 189value is 0 to 31. 190The optional 191.Ar function 192value is 0 to 7. 193The optional 194.Ar bus 195value is 0 to 255. 196If not specified, the 197.Ar function 198value defaults to 0. 199If not specified, the 200.Ar bus 201value defaults to 0. 202.It Ar emulation 203.Bl -tag -width 10n 204.It Li hostbridge | Li amd_hostbridge 205.Pp 206Provide a simple host bridge. 207This is usually configured at slot 0, and is required by most guest 208operating systems. 209The 210.Li amd_hostbridge 211emulation is identical but uses a PCI vendor ID of 212.Li AMD . 213.It Li passthru 214PCI pass-through device. 215.It Li virtio-net 216Virtio network interface. 217.It Li virtio-blk 218Virtio block storage interface. 219.It Li virtio-scsi 220Virtio SCSI interface. 221.It Li virtio-rnd 222Virtio RNG interface. 223.It Li virtio-console 224Virtio console interface, which exposes multiple ports 225to the guest in the form of simple char devices for simple IO 226between the guest and host userspaces. 227.It Li ahci 228AHCI controller attached to arbitrary devices. 229.It Li ahci-cd 230AHCI controller attached to an ATAPI CD/DVD. 231.It Li ahci-hd 232AHCI controller attached to a SATA hard-drive. 233.It Li e1000 234Intel e82545 network interface. 235.It Li uart 236PCI 16550 serial device. 237.It Li lpc 238LPC PCI-ISA bridge with COM1 and COM2 16550 serial ports and a boot ROM. 239The LPC bridge emulation can only be configured on bus 0. 240.It Li fbuf 241Raw framebuffer device attached to VNC server. 242.It Li xhci 243eXtensible Host Controller Interface (xHCI) USB controller. 244.It Li nvme 245NVM Express (NVMe) controller. 246.El 247.It Op Ar conf 248This optional parameter describes the backend for device emulations. 249If 250.Ar conf 251is not specified, the device emulation has no backend and can be 252considered unconnected. 253.Pp 254Network devices: 255.Bl -tag -width 10n 256.It Ar tapN Ns Op , Ns Ar mac=xx:xx:xx:xx:xx:xx 257.It Ar vmnetN Ns Op , Ns Ar mac=xx:xx:xx:xx:xx:xx 258.Pp 259If 260.Ar mac 261is not specified, the MAC address is derived from a fixed OUI and the 262remaining bytes from an MD5 hash of the slot and function numbers and 263the device name. 264.Pp 265The MAC address is an ASCII string in 266.Xr ethers 5 267format. 268.El 269.Pp 270Block storage devices: 271.Bl -tag -width 10n 272.It Pa /filename Ns Oo , Ns Ar block-device-options Oc 273.It Pa /dev/xxx Ns Oo , Ns Ar block-device-options Oc 274.El 275.Pp 276The 277.Ar block-device-options 278are: 279.Bl -tag -width 8n 280.It Li nocache 281Open the file with 282.Dv O_DIRECT . 283.It Li direct 284Open the file using 285.Dv O_SYNC . 286.It Li ro 287Force the file to be opened read-only. 288.It Li sectorsize= Ns Ar logical Ns Oo / Ns Ar physical Oc 289Specify the logical and physical sector sizes of the emulated disk. 290The physical sector size is optional and is equal to the logical sector size 291if not explicitly specified. 292.El 293.Pp 294SCSI devices: 295.Bl -tag -width 10n 296.It Pa /dev/cam/ Ns Oo , Ns Ar port and initiator_id Oc 297.El 298.Pp 299TTY devices: 300.Bl -tag -width 10n 301.It Li stdio 302Connect the serial port to the standard input and output of 303the 304.Nm 305process. 306.It Pa /dev/xxx 307Use the host TTY device for serial port I/O. 308.El 309.Pp 310Boot ROM device: 311.Bl -tag -width 10n 312.It Pa romfile 313Map 314.Ar romfile 315in the guest address space reserved for boot firmware. 316.El 317.Pp 318Pass-through devices: 319.Bl -tag -width 10n 320.It Ns Ar slot Ns / Ns Ar bus Ns / Ns Ar function 321Connect to a PCI device on the host at the selector described by 322.Ar slot , 323.Ar bus , 324and 325.Ar function 326numbers. 327.El 328.Pp 329Guest memory must be wired using the 330.Fl S 331option when a pass-through device is configured. 332.Pp 333The host device must have been reserved at boot-time using the 334.Va pptdev 335loader variable as described in 336.Xr vmm 4 . 337.Pp 338Virtio console devices: 339.Bl -tag -width 10n 340.It Li port1= Ns Pa /path/to/port1.sock Ns ,anotherport= Ns Pa ... 341A maximum of 16 ports per device can be created. 342Every port is named and corresponds to a Unix domain socket created by 343.Nm . 344.Nm 345accepts at most one connection per port at a time. 346.Pp 347Limitations: 348.Bl -bullet -offset 2n 349.It 350Due to lack of destructors in 351.Nm , 352sockets on the filesystem must be cleaned up manually after 353.Nm 354exits. 355.It 356There is no way to use the "console port" feature, nor the console port 357resize at present. 358.It 359Emergency write is advertised, but no-op at present. 360.El 361.El 362.Pp 363Framebuffer devices: 364.Bl -tag -width 10n 365.It Oo rfb= Ns Oo Ar IP: Oc Ns Ar port Oc Ns Oo ,w= Ns Ar width Oc Ns Oo ,h= Ns Ar height Oc Ns Oo ,vga= Ns Ar vgaconf Oc Ns Oo Ns ,wait Oc Ns Oo ,password= Ns Ar password Oc 366.Bl -tag -width 8n 367.It Ar IP:port 368An 369.Ar IP 370address and a 371.Ar port 372VNC should listen on. 373The default is to listen on localhost IPv4 address and default VNC port 5900. 374Listening on an IPv6 address is not supported. 375.It Ar width No and Ar height 376A display resolution, width and height, respectively. 377If not specified, a default resolution of 1024x768 pixels will be used. 378Minimal supported resolution is 640x480 pixels, 379and maximum is 1920x1200 pixels. 380.It Ar vgaconf 381Possible values for this option are 382.Dq io 383(default), 384.Dq on 385, and 386.Dq off . 387PCI graphics cards have a dual personality in that they are 388standard PCI devices with BAR addressing, but may also 389implicitly decode legacy VGA I/O space 390.Pq Ad 0x3c0-3df 391and memory space 392.Pq 64KB at Ad 0xA0000 . 393The default 394.Dq io 395option should be used for guests that attempt to issue BIOS 396calls which result in I/O port queries, and fail to boot if I/O decode is disabled. 397.Pp 398The 399.Dq on 400option should be used along with the CSM BIOS capability in UEFI 401to boot traditional BIOS guests that require the legacy VGA I/O and 402memory regions to be available. 403.Pp 404The 405.Dq off 406option should be used for the UEFI guests that assume that 407VGA adapter is present if they detect the I/O ports. 408An example of such a guest is 409.Ox 410in UEFI mode. 411.Pp 412Please refer to the 413.Nm 414.Fx 415wiki page 416.Pq Lk https://wiki.freebsd.org/bhyve 417for configuration notes of particular guests. 418.It wait 419Instruct 420.Nm 421to only boot upon the initiation of a VNC connection, simplifying the installation 422of operating systems that require immediate keyboard input. 423This can be removed for post-installation use. 424.It password 425This type of authentication is known to be cryptographically weak and is not 426intended for use on untrusted networks. 427Many implementations will want to use stronger security, such as running 428the session over an encrypted channel provided by IPsec or SSH. 429.El 430.El 431.Pp 432xHCI USB devices: 433.Bl -tag -width 10n 434.It Li tablet 435A USB tablet device which provides precise cursor synchronization 436when using VNC. 437.El 438.Pp 439NVMe devices: 440.Bl -tag -width 10n 441.It Li devpath 442Accepted device paths are: 443.Ar /dev/blockdev 444or 445.Ar /path/to/image 446or 447.Ar ram=size_in_MiB . 448.It Li maxq 449Max number of queues. 450.It Li qsz 451Max elements in each queue. 452.It Li ioslots 453Max number of concurrent I/O requests. 454.It Li sectsz 455Sector size (defaults to blockif sector size). 456.It Li ser 457Serial number with maximum 20 characters. 458.El 459.El 460.It Fl S 461Wire guest memory. 462.It Fl u 463RTC keeps UTC time. 464.It Fl U Ar uuid 465Set the universally unique identifier 466.Pq UUID 467in the guest's System Management BIOS System Information structure. 468By default a UUID is generated from the host's hostname and 469.Ar vmname . 470.It Fl w 471Ignore accesses to unimplemented Model Specific Registers (MSRs). 472This is intended for debug purposes. 473.It Fl W 474Force virtio PCI device emulations to use MSI interrupts instead of MSI-X 475interrupts. 476.It Fl x 477The guest's local APIC is configured in x2APIC mode. 478.It Fl Y 479Disable MPtable generation. 480.It Ar vmname 481Alphanumeric name of the guest. 482This should be the same as that created by 483.Xr bhyveload 8 . 484.El 485.Sh DEBUG SERVER 486The current debug server provides limited support for debuggers. 487.Ss Registers 488Each virtual CPU is exposed to the debugger as a thread. 489.Pp 490General purpose registers can be queried for each virtual CPU, but other 491registers such as floating-point and system registers cannot be queried. 492.Ss Memory 493Memory (including memory mapped I/O regions) can be read by the debugger, 494but not written. Memory operations use virtual addresses that are resolved 495to physical addresses via the current virtual CPU's active address translation. 496.Ss Control 497The running guest can be interrupted by the debugger at any time 498.Pq for example, by pressing Ctrl-C in the debugger . 499.Pp 500Single stepping is only supported on Intel CPUs supporting the MTRAP VM exit. 501.Pp 502Breakpoints are not supported. 503.Sh SIGNAL HANDLING 504.Nm 505deals with the following signals: 506.Pp 507.Bl -tag -width indent -compact 508.It SIGTERM 509Trigger ACPI poweroff for a VM 510.El 511.Sh EXIT STATUS 512Exit status indicates how the VM was terminated: 513.Pp 514.Bl -tag -width indent -compact 515.It 0 516rebooted 517.It 1 518powered off 519.It 2 520halted 521.It 3 522triple fault 523.It 4 524exited due to an error 525.El 526.Sh EXAMPLES 527If not using a boot ROM, the guest operating system must have been loaded with 528.Xr bhyveload 8 529or a similar boot loader before 530.Xr bhyve 4 531can be run. 532Otherwise, the boot loader is not needed. 533.Pp 534To run a virtual machine with 1GB of memory, two virtual CPUs, a virtio 535block device backed by the 536.Pa /my/image 537filesystem image, and a serial port for the console: 538.Bd -literal -offset indent 539bhyve -c 2 -s 0,hostbridge -s 1,lpc -s 2,virtio-blk,/my/image \\ 540 -l com1,stdio -A -H -P -m 1G vm1 541.Ed 542.Pp 543Run a 24GB single-CPU virtual machine with three network ports, one of which 544has a MAC address specified: 545.Bd -literal -offset indent 546bhyve -s 0,hostbridge -s 1,lpc -s 2:0,virtio-net,tap0 \\ 547 -s 2:1,virtio-net,tap1 \\ 548 -s 2:2,virtio-net,tap2,mac=00:be:fa:76:45:00 \\ 549 -s 3,virtio-blk,/my/image -l com1,stdio \\ 550 -A -H -P -m 24G bigvm 551.Ed 552.Pp 553Run an 8GB quad-CPU virtual machine with 8 AHCI SATA disks, an AHCI ATAPI 554CD-ROM, a single virtio network port, an AMD hostbridge, and the console 555port connected to an 556.Xr nmdm 4 557null-modem device. 558.Bd -literal -offset indent 559bhyve -c 4 \\ 560 -s 0,amd_hostbridge -s 1,lpc \\ 561 -s 1:0,ahci,hd:/images/disk.1,hd:/images/disk.2,\\ 562hd:/images/disk.3,hd:/images/disk.4,\\ 563hd:/images/disk.5,hd:/images/disk.6,\\ 564hd:/images/disk.7,hd:/images/disk.8,\\ 565cd:/images/install.iso \\ 566 -s 3,virtio-net,tap0 \\ 567 -l com1,/dev/nmdm0A \\ 568 -A -H -P -m 8G 569.Ed 570.Pp 571Run a UEFI virtual machine with a display resolution of 800 by 600 pixels 572that can be accessed via VNC at: 0.0.0.0:5900. 573.Bd -literal -offset indent 574bhyve -c 2 -m 4G -w -H \\ 575 -s 0,hostbridge \\ 576 -s 3,ahci-cd,/path/to/uefi-OS-install.iso \\ 577 -s 4,ahci-hd,disk.img \\ 578 -s 5,virtio-net,tap0 \\ 579 -s 29,fbuf,tcp=0.0.0.0:5900,w=800,h=600,wait \\ 580 -s 30,xhci,tablet \\ 581 -s 31,lpc -l com1,stdio \\ 582 -l bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd \\ 583 uefivm 584.Ed 585.Sh SEE ALSO 586.Xr bhyve 4 , 587.Xr nmdm 4 , 588.Xr vmm 4 , 589.Xr ethers 5 , 590.Xr bhyvectl 8 , 591.Xr bhyveload 8 592.Sh HISTORY 593.Nm 594first appeared in 595.Fx 10.0 . 596.Sh AUTHORS 597.An Neel Natu Aq Mt neel@freebsd.org 598.An Peter Grehan Aq Mt grehan@freebsd.org 599