40 Using the Quick EMUlator (QEMU)
The Yocto Project uses an implementation of the Quick EMUlator (QEMU) Open Source project as part of the Yocto Project development “tool set”. This chapter provides both procedures that show you how to use the Quick EMUlator (QEMU) and other QEMU information helpful for development purposes.
Within the context of the Yocto Project, QEMU is an emulator and virtualization machine that allows you to run a complete image you have built using the Yocto Project as just another task on your build system. QEMU is useful for running and testing images and applications on supported Yocto Project architectures without having actual hardware. Among other things, the Yocto Project uses QEMU to run automated Quality Assurance (QA) tests on final images shipped with each release.
This implementation is not the same as QEMU in general.
This section provides a brief reference for the Yocto Project implementation of QEMU.
For official information and documentation on QEMU in general, see the following references:
40.2 Running QEMU
To use QEMU, you need to have QEMU installed and initialized as well as have the proper artifacts (i.e. image files and root filesystems) available. Follow these general steps to run QEMU:
Install QEMU: QEMU is made available with the Yocto Project a number of ways. One method is to install a Software Development Kit (SDK). See “The QEMU Emulator” section in the Yocto Project Application Development and the Extensible Software Development Kit (eSDK) manual for information on how to install QEMU.
Setting Up the Environment: How you set up the QEMU environment depends on how you installed QEMU:
If you cloned the
pokyrepository or you downloaded and unpacked a Yocto Project release tarball, you can source the build environment script (i.e. oe-init-build-env):
$ cd poky $ source oe-init-build-env
If you installed a cross-toolchain, you can run the script that initializes the toolchain. For example, the following commands run the initialization script from the default
Ensure the Artifacts are in Place: You need to be sure you have a pre-built kernel that will boot in QEMU. You also need the target root filesystem for your target machine’s architecture:
If you have previously built an image for QEMU (e.g.
qemuarm, and so forth), then the artifacts are in place in your Build Directory.
If you have not built an image, you can go to the machines/qemu area and download a pre-built image that matches your architecture and can be run on QEMU.
See the “Extracting the Root Filesystem” section in the Yocto Project Application Development and the Extensible Software Development Kit (eSDK) manual for information on how to extract a root filesystem.
Run QEMU: The basic
runqemucommand syntax is as follows:
$ runqemu [option ] [...]
Based on what you provide on the command line,
runqemudoes a good job of figuring out what you are trying to do. For example, by default, QEMU looks for the most recently built image according to the timestamp when it needs to look for an image. Minimally, through the use of options, you must provide either a machine name, a virtual machine image (
*wic.vmdk), or a kernel image (
Here are some additional examples to help illustrate further QEMU:
This example starts QEMU with MACHINE set to “qemux86-64”. Assuming a standard Build Directory,
runqemuautomatically finds the
bzImage-qemux86-64.binimage file and the
core-image-minimal-qemux86-64-20200218002850.rootfs.ext4(assuming the current build created a
$ runqemu qemux86-64
When more than one image with the same name exists, QEMU finds and uses the most recently built image according to the timestamp.
This example produces the exact same results as the previous example. This command, however, specifically provides the image and root filesystem type:
$ runqemu qemux86-64 core-image-minimal ext4
This example specifies to boot an Initramfs image and to enable audio in QEMU. For this case,
runqemusets the internal variable
cpio.gz. Also, for audio to be enabled, an appropriate driver must be installed (see the
audiooption in runqemu Command-Line Options for more information):
$ runqemu qemux86-64 ramfs audio
This example does not provide enough information for QEMU to launch. While the command does provide a root filesystem type, it must also minimally provide a MACHINE, KERNEL, or VM option:
$ runqemu ext4
This example specifies to boot a virtual machine image (
.wic.vmdkfile). From the
runqemudetermines the QEMU architecture (MACHINE) to be “qemux86-64” and the root filesystem type to be “vmdk”:
$ runqemu /home/scott-lenovo/vm/core-image-minimal-qemux86-64.wic.vmdk
40.3 Switching Between Consoles
When booting or running QEMU, you can switch between supported consoles by using Ctrl+Alt+number. For example, Ctrl+Alt+3 switches you to the serial console as long as that console is enabled. Being able to switch consoles is helpful, for example, if the main QEMU console breaks for some reason.
Usually, “2” gets you to the main console and “3” gets you to the serial console.
40.4 Removing the Splash Screen
You can remove the splash screen when QEMU is booting by using Alt+left. Removing the splash screen allows you to see what is happening in the background.
40.5 Disabling the Cursor Grab
The default QEMU integration captures the cursor within the main window. It does this since standard mouse devices only provide relative input and not absolute coordinates. You then have to break out of the grab using the “Ctrl+Alt” key combination. However, the Yocto Project’s integration of QEMU enables the wacom USB touch pad driver by default to allow input of absolute coordinates. This default means that the mouse can enter and leave the main window without the grab taking effect leading to a better user experience.
40.6 Running Under a Network File System (NFS) Server
One method for running QEMU is to run it on an NFS server. This is useful when you need to access the same file system from both the build and the emulated system at the same time. It is also worth noting that the system does not need root privileges to run. It uses a user space NFS server to avoid that. Follow these steps to set up for running QEMU using an NFS server.
Extract a Root Filesystem: Once you are able to run QEMU in your environment, you can use the
runqemu-extract-sdkscript, which is located in the
scriptsdirectory along with the
runqemu-extract-sdktakes a root filesystem tarball and extracts it into a location that you specify. Here is an example that takes a file system and extracts it to a directory named
runqemu-extract-sdk ./tmp/deploy/images/qemux86-64/core-image-sato-qemux86-64.tar.bz2 test-nfs
Start QEMU: Once you have extracted the file system, you can run
runqemunormally with the additional location of the file system. You can then also make changes to the files within
./test-nfsand see those changes appear in the image in real time. Here is an example using the
runqemu qemux86-64 ./test-nfs
Should you need to start, stop, or restart the NFS share, you can use the following commands:
To start the NFS share:
runqemu-export-rootfs start file-system-location
To stop the NFS share:
runqemu-export-rootfs stop file-system-location
To restart the NFS share:
runqemu-export-rootfs restart file-system-location
40.7 QEMU CPU Compatibility Under KVM
By default, the QEMU build compiles for and targets 64-bit and x86 Intel Core2 Duo processors and 32-bit x86 Intel Pentium II processors. QEMU builds for and targets these CPU types because they display a broad range of CPU feature compatibility with many commonly used CPUs.
Despite this broad range of compatibility, the CPUs could support a
feature that your host CPU does not support. Although this situation is
not a problem when QEMU uses software emulation of the feature, it can
be a problem when QEMU is running with KVM enabled. Specifically,
software compiled with a certain CPU feature crashes when run on a CPU
under KVM that does not support that feature. To work around this
problem, you can override QEMU’s runtime CPU setting by changing the
QB_CPU_KVM variable in
qemuboot.conf in the Build Directory
deploy/image directory. This setting specifies a
-cpu option passed
into QEMU in the
runqemu script. Running
qemu -cpu help returns a
list of available supported CPU types.
40.8 QEMU Performance
Using QEMU to emulate your hardware can result in speed issues depending
on the target and host architecture mix. For example, using the
qemux86 image in the emulator on an Intel-based 32-bit (x86) host
machine is fast because the target and host architectures match. On the
other hand, using the
qemuarm image on the same Intel-based host can
be slower. But, you still achieve faithful emulation of ARM-specific
To speed things up, the QEMU images support using
distcc to call a
cross-compiler outside the emulated system. If you used
start QEMU, and the
distccd application is present on the host
system, any BitBake cross-compiling toolchain available from the build
system is automatically used from within QEMU simply by calling
distcc. You can accomplish this by defining the cross-compiler
export CC="distcc"). Alternatively, if you are using
a suitable SDK image or the appropriate stand-alone toolchain is
present, the toolchain is also automatically used.
There are several mechanisms to connect to the system running on the QEMU emulator:
QEMU provides a framebuffer interface that makes standard consoles available.
Generally, headless embedded devices have a serial port. If so, you can configure the operating system of the running image to use that port to run a console. The connection uses standard IP networking.
SSH servers are available in some QEMU images. The
core-image-satoQEMU image has a Dropbear secure shell (SSH) server that runs with the root password disabled. The
core-image-lsbQEMU images have OpenSSH instead of Dropbear. Including these SSH servers allow you to use standard
core-image-minimalQEMU image, however, contains no SSH server.
You can use a provided, user-space NFS server to boot the QEMU session using a local copy of the root filesystem on the host. In order to make this connection, you must extract a root filesystem tarball by using the
runqemu-extract-sdkcommand. After running the command, you must then point the
runqemuscript to the extracted directory instead of a root filesystem image file. See the “Running Under a Network File System (NFS) Server” section for more information.
40.9 QEMU Command-Line Syntax
runqemu command syntax is as follows:
$ runqemu [option ] [...]
Based on what you provide on the command line,
runqemu does a
good job of figuring out what you are trying to do. For example, by
default, QEMU looks for the most recently built image according to the
timestamp when it needs to look for an image. Minimally, through the use
of options, you must provide either a machine name, a virtual machine
*wic.vmdk), or a kernel image (
Following is the command-line help output for the
$ runqemu --help
Usage: you can run this script with any valid combination
of the following environment variables (in any order):
KERNEL - the kernel image file to use
ROOTFS - the rootfs image file or nfsroot directory to use
MACHINE - the machine name (optional, autodetected from KERNEL filename if unspecified)
Simplified QEMU command-line options can be passed with:
nographic - disable video console
serial - enable a serial console on /dev/ttyS0
slirp - enable user networking, no root privileges required
kvm - enable KVM when running x86/x86_64 (VT-capable CPU required)
kvm-vhost - enable KVM with vhost when running x86/x86_64 (VT-capable CPU required)
publicvnc - enable a VNC server open to all hosts
audio - enable audio
[*/]ovmf* - OVMF firmware file or base name for booting with UEFI
tcpserial=<port> - specify tcp serial port number
biosdir=<dir> - specify custom bios dir
biosfilename=<filename> - specify bios filename
qemuparams=<xyz> - specify custom parameters to QEMU
bootparams=<xyz> - specify custom kernel parameters during boot
help, -h, --help: print this text
runqemu qemux86-64 core-image-sato ext4
runqemu qemux86-64 wic-image-minimal wic
runqemu path/to/bzImage-qemux86.bin path/to/nfsrootdir/ serial
runqemu qemux86 iso/hddimg/wic.vmdk/wic.qcow2/wic.vdi/ramfs/cpio.gz...
runqemu qemux86 qemuparams="-m 256"
runqemu qemux86 bootparams="psplash=false"
runqemu Command-Line Options
Following is a description of
runqemu options you can provide on the
If you do provide some “illegal” option combination or perhaps you do
not provide enough in the way of options,
provides appropriate error messaging to help you correct the problem.
QEMUARCH: The QEMU machine architecture, which must be “qemuarm”, “qemuarm64”, “qemumips”, “qemumips64”, “qemuppc”, “qemux86”, or “qemux86-64”.
VM: The virtual machine image, which must be a
.wic.vmdkfile. Use this option when you want to boot a
.wic.vmdkimage. The image filename you provide must contain one of the following strings: “qemux86-64”, “qemux86”, “qemuarm”, “qemumips64”, “qemumips”, “qemuppc”, or “qemush4”.
ROOTFS: A root filesystem that has one of the following filetype extensions: “ext2”, “ext3”, “ext4”, “jffs2”, “nfs”, or “btrfs”. If the filename you provide for this option uses “nfs”, it must provide an explicit root filesystem path.
KERNEL: A kernel image, which is a
.binfile. When you provide a
runqemudetects it and assumes the file is a kernel image.
MACHINE: The architecture of the QEMU machine, which must be one of the following: “qemux86”, “qemux86-64”, “qemuarm”, “qemuarm64”, “qemumips”, “qemumips64”, or “qemuppc”. The MACHINE and QEMUARCH options are basically identical. If you do not provide a MACHINE option,
runqemutries to determine it based on other options.
ramfs: Indicates you are booting an Initramfs image, which means the
iso: Indicates you are booting an ISO image, which means the
nographic: Disables the video console, which sets the console to “ttys0”. This option is useful when you have logged into a server and you do not want to disable forwarding from the X Window System (X11) to your workstation or laptop.
serial: Enables a serial console on
biosdir: Establishes a custom directory for BIOS, VGA BIOS and keymaps.
biosfilename: Establishes a custom BIOS name.
qemuparams=\"xyz\": Specifies custom QEMU parameters. Use this option to pass options other than the simple “kvm” and “serial” options.
bootparams=\"xyz\": Specifies custom boot parameters for the kernel.
audio: Enables audio in QEMU. The MACHINE option must be either “qemux86” or “qemux86-64” in order for audio to be enabled. Additionally, the
snd_ens1370driver must be installed in linux guest.
slirp: Enables “slirp” networking, which is a different way of networking that does not need root access but also is not as easy to use or comprehensive as the default.
slirpby default will forward the guest machine’s 22 and 23 TCP ports to host machine’s 2222 and 2323 ports (or the next free ports). Specific forwarding rules can be configured by setting
QB_SLIRP_OPTas environment variable or in
qemuboot.confin the Build Directory
QB_SLIRP_OPT="-netdev user,id=net0,hostfwd=tcp::8080-:80" QB_SLIRP_OPT="-netdev user,id=net0,hostfwd=tcp::8080-:80,hostfwd=tcp::2222-:22"
The first example forwards TCP port 80 from the emulated system to port 8080 (or the next free port) on the host system, allowing access to an http server running in QEMU from
The second example does the same, but also forwards TCP port 22 on the guest system to 2222 (or the next free port) on the host system, allowing ssh access to the emulated system using
ssh -P 2222 <user>@<host ip>.
Keep in mind that proper configuration of firewall software is required.
kvm: Enables KVM when running “qemux86” or “qemux86-64” QEMU architectures. For KVM to work, all the following conditions must be met:
Your MACHINE must be either qemux86” or “qemux86-64”.
Your build host has to have the KVM modules installed, which are
The build host
/dev/kvmdirectory has to be both writable and readable.
kvm-vhost: Enables KVM with VHOST support when running “qemux86” or “qemux86-64” QEMU architectures. For KVM with VHOST to work, the following conditions must be met:
kvmoption conditions defined above must be met.
Your build host has to have virtio net device, which are
The build host
/dev/vhost-netdirectory has to be either readable or writable and “slirp-enabled”.
publicvnc: Enables a VNC server open to all hosts.