NoteBefore creating a discussion or leaving a comment, please read about
using talk pages. To create a new discussion, click
here. Comments on an existing discussion should be
signed using ~~~~
:
A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC)
: A reply [[User:Sally|Sally]] 12:26, 19 February 2025 (UTC)
:: Your reply ~~~~
egrep -E
Talk status
This discussion is done.
Isn't it redundant to say "egrep -E"? "egrep" is supposed to just be a shorter/alternative way of saying "grep -E". -- Luiji 03:43, 31 December 2014 (UTC)
- According to grep(1), "egrep is the same as grep -E" and direct egrep invocation is deprecated. So changed "egrep" to "grep" in the article. -- 0x6177 17:30, 31 December 2014 (UTC)
- Feel free to make the article better, Luiji . :) --Maffblaster (talk) 06:40, 31 December 2016 (UTC)
file capabilities
Talk status
This discussion is done.
Is there some documentation on USE="filecaps" actually needing DebugFS in kernel? I see DebugFS used for perf stats, but filecaps seems unrelated. Petteyg (talk) 19:16, 13 March 2015 (UTC)
Try: https://packages.gentoo.org/useflags/filecaps
and: https://devmanual.gentoo.org/eclass-reference/fcaps.eclass/index.html
--MiroR (talk) 19:52, 7 August 2016 (UTC)
I did more research, as: /usr/portage/profiles/use.desc:
caps - Use Linux capabilities library to control privilege
filecaps - Use Linux file capabilities to control privilege rather than set*id (this is orthogonal to USE=caps which uses capabilities at runtime e.g. libcap)
didn't tell me enough.
On Gentoo Wiki:
Hardened/Overview_of_POSIX_capabilities
(and that link should be included in the article IMO)
It's the same capabilities in both the flags, caps and filecaps, just in caps, they are applied on the fly (strace
( emerge strace
if you don't have it installed ) the /bin/ping command and you'll see capget and capset called for the command, and /bin/ping is not suid and it does not have filecaps set, not in my machine)
and the: /usr/libexec/qemu-bridge-helper
from your qemu installation has those capabilities set in file attributes (if you set the filecaps on, still uncertain if that is the good way to go for a grsecurity-hardened, because it cost me the CONFIG_GRKERNSEC_KMEM (see: Use Tor browser on grsecurity-hardened system?))
The base address for understanding of file capabilities is the inventor's page:
http://www.friedhoff.org/posixfilecaps.html#POSIX%20Capabilities%20-%20Capability%20Rules
( or http://www.friedhoff.org/posixfilecaps.html from top of page for those who have the time )
Also worth reading is the:
Archlinux Wiki Page on Capabilities
( but if you do the example at the top, replace /bin/ping with /usr/libexec/qemu-bridge-helper, remember /bin/ping is runtime caps, qemu-bridge-helper is filecaps in Gentoo, IIUC )
It is very good and important to know that capabilites can be very much abused:
False Boundaries and Arbitrary Code Execution
And also there's something wrongly named that has nothing to do with Linux Capabilites too:
A concept wrongly named (capabilities were invented previous)
--MiroR (talk) 12:55, 14 August 2016 (UTC)
- The formatting for this discussion was not good so I cleaned it up a bit. :P Thanks for the info, though. --Maffblaster (talk) 06:40, 31 December 2016 (UTC)
very frustrating
Talk status
This discussion is done.
I had a very frustrating time trying to get this working. I don't want to be all crappy criticism, so I'll come back after I have things working well. There are a lot of kernel options that are missing from this page. I found http://www.linux-kvm.org/page/Tuning_Kernel this little guide] that gave a lot more, but some of this seems to be outdated already. Also, this section needs to distinguish between the kernel config on the host & guest. I finally had to boot the livecd and carefully examine lspci, /proc/config.gz, etc. to figure out what it was doing 'right' and that my guest kernel was doing 'wrong'.
Further, I suspect that grub2 with --target=i386-qemu may be preferable (I haven't actually gotten it working yet), but I was baffled by the lack of documentation. One of the reasons that I suspect that it may be preferable is that it will install on a device (or image file) that is not fdisk-ed, because you may just want to put a single file system on an image file. Grub2 does not like installing there, but it doesn't seem to mind if --target=i386-qemu. The flip side of this mystery I think I've figured out today -- when you start qemu, you can pass -bios xxx. But xxx isn't just "qemu", it wants a bios file! I had no fucking clue where that was, now I think it's /usr/share/qemu/bios.bin (ran qlist qemu|grep -i bios). I'll try this one out later. Daniel Santos (talk) 23:57, 27 January 2016 (UTC)
Daniel Santos (talk) 23:57, 27 January 2016 (UTC)
- Thanks for the input. Feel free to improve the article if things are lacking/missing. Myself and others in the Gentoo community would appreciate it! I'll mark this dicussion as closed for now, since there's really no action myself or others can take on it. --Maffblaster (talk) 06:40, 31 December 2016 (UTC)
/dev/kvm line to change more to the point
Talk status
This discussion is done.
This line:
If KVM support is available there should be a "kvm" device listed at /dev/kvm
should read:
If KVM support is available there should be a "kvm" device listed as /dev/kvm after you boot into the kvm enabled kernel.
It does not show before, as one might interpret the line as it currently is.--MiroR (talk) 20:06, 7 August 2016 (UTC)
- Thanks for the input! I'll make the edit this time, but next time feel free to make the edit yourself. This is a publicly modifiable wiki. :) --Maffblaster (talk) 06:40, 31 December 2016 (UTC)
iptables NAT rules
Talk status
This discussion is done as of May 21, 2018.
Just wanted to confirm whether or not the masquerade rule in the article is correct. Under the Configuration section, one of the iptables rules says:
root #
iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
Shouldn't that -o option be eth1, instead of br0, so that packets are rewritten with the ip address of eth1 (that way, external routers know where to deliver response packets)? --niteLite (talk) 01:30, 25 January 2017 (UTC)
- I agree, eth1 should be masquaraded instead of br0. --Mlyszczek (talk) 18:24, 20 gru 2017 (UTC)
Since no action on this item has been take for many months, I'll apply the fix to this article and close the discussion. --Maffblaster (talk) 16:14, 21 May 2018 (UTC)
module loading
Talk status
This discussion is done.
Reading on another page of wiki, kernel module loading is different on OpenRC from systemd. Why describe only systemd configuration?
I have added the OpenRC version but was deleted. --xdarma (talk) 09:24, 26 Feb 2019 (UTC)
- xdarma , I removed the conf.d/modules file as OpenRC can now read the same file(s) as systemd does for modules and has been able to for quite a while. This makes explanations easier with just one method for everyone. --Grknight (talk) 14:07, 26 February 2019 (UTC)
- Good for OpenRC, but if the default configuration of OpenRC is to read the old file, I think is correct to keep the original configuration. I think systemd users don't care about OpenRC, so why OpenRC users should take care of systemd? --xdarma (talk) 16:04, 01 Mar 2019 (UTC)
- OpenRC reads both locations by default with no intervention of the user. If we describe a common location for everyone, then there is less chance of error and frustration. This is about ease of use for users not init1 vs init2. --Grknight (talk) 18:06, 1 March 2019 (UTC)
- Only if you write information correctly: there's less chance of error and frustration. Just add that OpenRC can use systemd configuration, why hide something? I think the original configuration of OpenRC has to be write down. As for every piece of software. --xdarma (talk) 15:06, 05 Mar 2019 (UTC)
Kernel Config for vhost-net
Talk status
This discussion is done as of 2022-02-07.
Recently, I made an edit to the Kernel section on this page (specifically the kernel options for the vhost-net useflag) that updates it to be in line with the most recent stable kernel version (5.10.76-gentoo-r1). Does anyone know the specifics of exactly which versions the "Kernel 5.4.92" kernel options apply to? Is it specifically that version, or anything less than that? Asking because I have exactly 0 experience with the version in question. --Slips (talk) 17:46, 15 November 2021 (UTC)
- It is just text on the wiki page. Depends on the user's editing/ kernel configuration practice. With some effort you could go through all the kernel versions of interest and check whether this option exists/ find the kernel version this was added.--Onkobu (talk) 14:21, 18 November 2021 (UTC)
- Generally for kernel symbols / config options we try to define configuration options for sys-kernel/gentoo-sources kernel versions available within gentoo::. If only one kernel target is to be supported, choose the latest upstream stable version that aligns with versions available within gentoo::. As of today, this is presently v5.16.7 according to https://kernel.org/ Although v5.16.7 is considered unstable within Gentoo (due to at least a 30 testing window), it is considered stable by upstream. Hope this helps! --Maffblaster (talk) 19:10, 7 February 2022 (UTC)
QEMU Project Infobox
Talk status
This discussion is done as of 2023-09-05.
I plan to remove the Project link to QEMU because it points to an empty project:QEMU page.
Is this ok, Jacob (Jacob) ?
Egberts (talk) 19:09, 5 September 2023 (UTC)
- Sounds sensible, please do it.
- Immolo (talk) 19:19, 5 September 2023 (UTC)
Splitting Usage into Configuration/Usage sections
Talk status
This discussion is done.
I'm splitting the Usage section into both Configuration section and Usage section of QEMU page in accordance with this Gentoo-Wiki guideline.
My rough draft is located in User:Egberts/Drafts/QEMU_Configuration_Usage_section.
Also, I will roll-up previous talk of Alexander-n8hgeg5e 's input as well.
Egberts (talk) 18:54, 6 June 2024 (UTC)
ignore_msrs
Not Working via Modprobe.d File
Talk status
This discussion is done as of February 2, 2026.
The steps to make ignore_msrs
take effect on boot don't appear to work in Kernel 6.6.30. When I create /etc/modprobe.d/kvm.conf
with the specified value and reboot, /sys/module/kvm/parameters/ignore_msrs
is still N
.
I can confirm that on Windows 11, setting this value manually after boot to 1
helps avoid a crash on boot.
--GuyEP (talk) 00:54, 21 June 2024 (UTC)
- The command to do this is: `echo 1 | sudo tee /sys/module/kvm/parameters/ignore_msrs`
- More details at https://bugzilla.kernel.org/show_bug.cgi?id=205801
- Egberts (talk)
- More details https://lore.kernel.org/all/20200625162540.GC3437@linux.intel.com/T/
- Egberts (talk)
- find how to solve this spam messges from dmesg
- echo 1 > /sys/module/kvm/parameters/ignore_msrs
- echo 0 > /sys/module/kvm/parameters/report_ignored_msrs
- or as permanent
- /etc/modprobe.d/kvm.conf
- options kvm ignore_msrs=Y
- options kvm report_ignored_msrs=N
- this work with latest kernel - did not test with other
- boot cmdline option would be: KVM.ignore_msrs=1
- I knew the command for it to apply temporarily; the issue is that the documentation on this page doesn't mention it, and the instructions on the page only appear to work if KVM is installed as a module. I was able to make the command-line option work by editing the
GRUB_CMDLINE_LINUX_DEFAULT
option in /etc/defaults/grub
. --GuyEP (talk) 14:07, 22 June 2024 (UTC)
- Can you tweak this page to reflect your
GRUB_CMDLINE_LINUX_DEFAULT
option? Egberts (talk) 23:19, 1 February 2025 (UTC)
- Please don't - I updated the page to mention both options already along with the proper fix; a kconfig. Frankly it should be understood that you can't control built-in options with module loading settings Kangie (talk) 04:07, 2 February 2025 (UTC)
Reorder Translated paragraphs
Talk status
This discussion is still ongoing as of February 2, 2026.
What is the proper procedure for reordering a "translated" paragraphs around?
Actual desired example:
To get a list of cpus:
user $
qemu-system-x86_64 -cpu help
ExpandAvailable CPUs:
x86 486 (alias configured by machine type)
x86 486-v1
x86 Broadwell (alias configured by machine type)
x86 Broadwell-IBRS (alias of Broadwell-v3)
x86 Broadwell-noTSX (alias of Broadwell-v2)
x86 Broadwell-noTSX-IBRS (alias of Broadwell-v4)
x86 Broadwell-v1 Intel Core Processor (Broadwell)
x86 Broadwell-v2 Intel Core Processor (Broadwell, no TSX)
x86 Broadwell-v3 Intel Core Processor (Broadwell, IBRS)
x86 Broadwell-v4 Intel Core Processor (Broadwell, no TSX, IBRS)
x86 Cascadelake-Server (alias configured by machine type)
x86 Cascadelake-Server-noTSX (alias of Cascadelake-Server-v3)
x86 Cascadelake-Server-v1 Intel Xeon Processor (Cascadelake)
x86 Cascadelake-Server-v2 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES]
x86 Cascadelake-Server-v3 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, no TSX]
x86 Cascadelake-Server-v4 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, no TSX]
x86 Cascadelake-Server-v5 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX]
x86 Conroe (alias configured by machine type)
x86 Conroe-v1 Intel Celeron_4x0 (Conroe/Merom Class Core 2)
x86 Cooperlake (alias configured by machine type)
x86 Cooperlake-v1 Intel Xeon Processor (Cooperlake)
x86 Cooperlake-v2 Intel Xeon Processor (Cooperlake) [XSAVES]
x86 Denverton (alias configured by machine type)
x86 Denverton-v1 Intel Atom Processor (Denverton)
x86 Denverton-v2 Intel Atom Processor (Denverton) [no MPX, no MONITOR]
x86 Denverton-v3 Intel Atom Processor (Denverton) [XSAVES, no MPX, no MONITOR]
x86 Dhyana (alias configured by machine type)
x86 Dhyana-v1 Hygon Dhyana Processor
x86 Dhyana-v2 Hygon Dhyana Processor [XSAVES]
x86 EPYC (alias configured by machine type)
x86 EPYC-IBPB (alias of EPYC-v2)
x86 EPYC-Milan (alias configured by machine type)
x86 EPYC-Milan-v1 AMD EPYC-Milan Processor
x86 EPYC-Rome (alias configured by machine type)
x86 EPYC-Rome-v1 AMD EPYC-Rome Processor
x86 EPYC-Rome-v2 AMD EPYC-Rome Processor
x86 EPYC-v1 AMD EPYC Processor
x86 EPYC-v2 AMD EPYC Processor (with IBPB)
x86 EPYC-v3 AMD EPYC Processor
x86 Haswell (alias configured by machine type)
x86 Haswell-IBRS (alias of Haswell-v3)
x86 Haswell-noTSX (alias of Haswell-v2)
x86 Haswell-noTSX-IBRS (alias of Haswell-v4)
x86 Haswell-v1 Intel Core Processor (Haswell)
x86 Haswell-v2 Intel Core Processor (Haswell, no TSX)
x86 Haswell-v3 Intel Core Processor (Haswell, IBRS)
x86 Haswell-v4 Intel Core Processor (Haswell, no TSX, IBRS)
x86 Icelake-Server (alias configured by machine type)
x86 Icelake-Server-noTSX (alias of Icelake-Server-v2)
x86 Icelake-Server-v1 Intel Xeon Processor (Icelake)
x86 Icelake-Server-v2 Intel Xeon Processor (Icelake) [no TSX]
x86 Icelake-Server-v3 Intel Xeon Processor (Icelake)
x86 Icelake-Server-v4 Intel Xeon Processor (Icelake)
x86 Icelake-Server-v5 Intel Xeon Processor (Icelake) [XSAVES]
x86 Icelake-Server-v6 Intel Xeon Processor (Icelake) [5-level EPT]
x86 IvyBridge (alias configured by machine type)
x86 IvyBridge-IBRS (alias of IvyBridge-v2)
x86 IvyBridge-v1 Intel Xeon E3-12xx v2 (Ivy Bridge)
x86 IvyBridge-v2 Intel Xeon E3-12xx v2 (Ivy Bridge, IBRS)
x86 KnightsMill (alias configured by machine type)
x86 KnightsMill-v1 Intel Xeon Phi Processor (Knights Mill)
x86 Nehalem (alias configured by machine type)
x86 Nehalem-IBRS (alias of Nehalem-v2)
x86 Nehalem-v1 Intel Core i7 9xx (Nehalem Class Core i7)
x86 Nehalem-v2 Intel Core i7 9xx (Nehalem Core i7, IBRS update)
x86 Opteron_G1 (alias configured by machine type)
x86 Opteron_G1-v1 AMD Opteron 240 (Gen 1 Class Opteron)
x86 Opteron_G2 (alias configured by machine type)
x86 Opteron_G2-v1 AMD Opteron 22xx (Gen 2 Class Opteron)
x86 Opteron_G3 (alias configured by machine type)
x86 Opteron_G3-v1 AMD Opteron 23xx (Gen 3 Class Opteron)
x86 Opteron_G4 (alias configured by machine type)
x86 Opteron_G4-v1 AMD Opteron 62xx class CPU
x86 Opteron_G5 (alias configured by machine type)
x86 Opteron_G5-v1 AMD Opteron 63xx class CPU
x86 Penryn (alias configured by machine type)
x86 Penryn-v1 Intel Core 2 Duo P9xxx (Penryn Class Core 2)
x86 SandyBridge (alias configured by machine type)
x86 SandyBridge-IBRS (alias of SandyBridge-v2)
x86 SandyBridge-v1 Intel Xeon E312xx (Sandy Bridge)
x86 SandyBridge-v2 Intel Xeon E312xx (Sandy Bridge, IBRS update)
x86 Skylake-Client (alias configured by machine type)
x86 Skylake-Client-IBRS (alias of Skylake-Client-v2)
x86 Skylake-Client-noTSX-IBRS (alias of Skylake-Client-v3)
x86 Skylake-Client-v1 Intel Core Processor (Skylake)
x86 Skylake-Client-v2 Intel Core Processor (Skylake, IBRS)
x86 Skylake-Client-v3 Intel Core Processor (Skylake, IBRS, no TSX)
x86 Skylake-Client-v4 Intel Core Processor (Skylake, IBRS, no TSX) [IBRS, XSAVES, no TSX]
x86 Skylake-Server (alias configured by machine type)
x86 Skylake-Server-IBRS (alias of Skylake-Server-v2)
x86 Skylake-Server-noTSX-IBRS (alias of Skylake-Server-v3)
x86 Skylake-Server-v1 Intel Xeon Processor (Skylake)
x86 Skylake-Server-v2 Intel Xeon Processor (Skylake, IBRS)
x86 Skylake-Server-v3 Intel Xeon Processor (Skylake, IBRS, no TSX)
x86 Skylake-Server-v4 Intel Xeon Processor (Skylake, IBRS, no TSX)
x86 Skylake-Server-v5 Intel Xeon Processor (Skylake, IBRS, no TSX) [IBRS, XSAVES, EPT switching, no TSX]
x86 Snowridge (alias configured by machine type)
x86 Snowridge-v1 Intel Atom Processor (SnowRidge)
x86 Snowridge-v2 Intel Atom Processor (Snowridge, no MPX)
x86 Snowridge-v3 Intel Atom Processor (Snowridge, no MPX) [XSAVES, no MPX]
x86 Snowridge-v4 Intel Atom Processor (Snowridge, no MPX) [no split lock detect, no core-capability]
x86 Westmere (alias configured by machine type)
x86 Westmere-IBRS (alias of Westmere-v2)
x86 Westmere-v1 Westmere E56xx/L56xx/X56xx (Nehalem-C)
x86 Westmere-v2 Westmere E56xx/L56xx/X56xx (IBRS update)
x86 athlon (alias configured by machine type)
x86 athlon-v1 QEMU Virtual CPU version 2.5+
x86 core2duo (alias configured by machine type)
x86 core2duo-v1 Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz
x86 coreduo (alias configured by machine type)
x86 coreduo-v1 Genuine Intel(R) CPU T2600 @ 2.16GHz
x86 kvm32 (alias configured by machine type)
x86 kvm32-v1 Common 32-bit KVM processor
x86 kvm64 (alias configured by machine type)
x86 kvm64-v1 Common KVM processor
x86 n270 (alias configured by machine type)
x86 n270-v1 Intel(R) Atom(TM) CPU N270 @ 1.60GHz
x86 pentium (alias configured by machine type)
x86 pentium-v1
x86 pentium2 (alias configured by machine type)
x86 pentium2-v1
x86 pentium3 (alias configured by machine type)
x86 pentium3-v1
x86 phenom (alias configured by machine type)
x86 phenom-v1 AMD Phenom(tm) 9550 Quad-Core Processor
x86 qemu32 (alias configured by machine type)
x86 qemu32-v1 QEMU Virtual CPU version 2.5+
x86 qemu64 (alias configured by machine type)
x86 qemu64-v1 QEMU Virtual CPU version 2.5+
x86 base base CPU model type with no features enabled
x86 host processor with all supported host features
x86 max Enables all features supported by the accelerator in the current host
Recognized CPUID flags:
3dnow 3dnowext 3dnowprefetch abm ace2 ace2-en acpi adx aes amd-no-ssb
amd-ssbd amd-stibp amx-bf16 amx-int8 amx-tile apic arat arch-capabilities
arch-lbr avic avx avx-vnni avx2 avx512-4fmaps avx512-4vnniw avx512-bf16
avx512-fp16 avx512-vp2intersect avx512-vpopcntdq avx512bitalg avx512bw
avx512cd avx512dq avx512er avx512f avx512ifma avx512pf avx512vbmi
avx512vbmi2 avx512vl avx512vnni bmi1 bmi2 bus-lock-detect cid cldemote
clflush clflushopt clwb clzero cmov cmp-legacy core-capability cr8legacy
cx16 cx8 dca de decodeassists ds ds-cpl dtes64 erms est extapic f16c
flushbyasid fma fma4 fpu fsgsbase fsrm full-width-write fxsr fxsr-opt
gfni hle ht hypervisor ia64 ibpb ibrs ibrs-all ibs intel-pt intel-pt-lip
invpcid invtsc kvm-asyncpf kvm-asyncpf-int kvm-hint-dedicated kvm-mmu
kvm-msi-ext-dest-id kvm-nopiodelay kvm-poll-control kvm-pv-eoi kvm-pv-ipi
kvm-pv-sched-yield kvm-pv-tlb-flush kvm-pv-unhalt kvm-steal-time kvmclock
kvmclock kvmclock-stable-bit la57 lahf-lm lbrv lm lwp mca mce md-clear
mds-no misalignsse mmx mmxext monitor movbe movdir64b movdiri mpx msr
mtrr nodeid-msr npt nrip-save nx osvw pae pat pause-filter pbe pcid
pclmulqdq pcommit pdcm pdpe1gb perfctr-core perfctr-nb pfthreshold pge
phe phe-en pks pku pmm pmm-en pn pni popcnt pschange-mc-no pse pse36
rdctl-no rdpid rdrand rdseed rdtscp rsba rtm sep serialize sgx sgx-debug
sgx-exinfo sgx-kss sgx-mode64 sgx-provisionkey sgx-tokenkey sgx1 sgx2
sgxlc sha-ni skinit skip-l1dfl-vmentry smap smep smx spec-ctrl
split-lock-detect ss ssb-no ssbd sse sse2 sse4.1 sse4.2 sse4a ssse3 stibp
svm svm-lock svme-addr-chk syscall taa-no tbm tce tm tm2 topoext tsc
tsc-adjust tsc-deadline tsc-scale tsx-ctrl tsx-ldtrk umip v-vmsave-vmload
vaes vgif virt-ssbd vmcb-clean vme vmx vmx-activity-hlt
vmx-activity-shutdown vmx-activity-wait-sipi vmx-apicv-register
vmx-apicv-vid vmx-apicv-x2apic vmx-apicv-xapic vmx-cr3-load-noexit
vmx-cr3-store-noexit vmx-cr8-load-exit vmx-cr8-store-exit vmx-desc-exit
vmx-encls-exit vmx-entry-ia32e-mode vmx-entry-load-bndcfgs
vmx-entry-load-efer vmx-entry-load-pat vmx-entry-load-perf-global-ctrl
vmx-entry-load-pkrs vmx-entry-load-rtit-ctl vmx-entry-noload-debugctl
vmx-ept vmx-ept-1gb vmx-ept-2mb vmx-ept-advanced-exitinfo
vmx-ept-execonly vmx-eptad vmx-eptp-switching vmx-exit-ack-intr
vmx-exit-clear-bndcfgs vmx-exit-clear-rtit-ctl vmx-exit-load-efer
vmx-exit-load-pat vmx-exit-load-perf-global-ctrl vmx-exit-load-pkrs
vmx-exit-nosave-debugctl vmx-exit-save-efer vmx-exit-save-pat
vmx-exit-save-preemption-timer vmx-flexpriority vmx-hlt-exit vmx-ins-outs
vmx-intr-exit vmx-invept vmx-invept-all-context vmx-invept-single-context
vmx-invept-single-context vmx-invept-single-context-noglobals
vmx-invlpg-exit vmx-invpcid-exit vmx-invvpid vmx-invvpid-all-context
vmx-invvpid-single-addr vmx-io-bitmap vmx-io-exit vmx-monitor-exit
vmx-movdr-exit vmx-msr-bitmap vmx-mtf vmx-mwait-exit vmx-nmi-exit
vmx-page-walk-4 vmx-page-walk-5 vmx-pause-exit vmx-ple vmx-pml
vmx-posted-intr vmx-preemption-timer vmx-rdpmc-exit vmx-rdrand-exit
vmx-rdseed-exit vmx-rdtsc-exit vmx-rdtscp-exit vmx-secondary-ctls
vmx-shadow-vmcs vmx-store-lma vmx-true-ctls vmx-tsc-offset
vmx-tsc-scaling vmx-unrestricted-guest vmx-vintr-pending vmx-vmfunc
vmx-vmwrite-vmexit-fields vmx-vnmi vmx-vnmi-pending vmx-vpid
vmx-wbinvd-exit vmx-xsaves vmx-zero-len-inject vpclmulqdq waitpkg
wbnoinvd wdt x2apic xcrypt xcrypt-en xfd xgetbv1 xop xsave xsavec
xsaveerptr xsaveopt xsaves xstore xstore-en xtpr
QEMU CPU selections have additional support for "accelerators", like kvm(Kernel Virtual Machine) or tcg (Tiny Code Generator) or Xen(wikip[1]).
Show the available accelerators:
user $
qemu-system-x86_64 -accel help
ExpandAccelerators supported in QEMU binary:
tcg
kvm
hvf
whpx
haxm
The accelerator can usually only "accelerate" the features that are available on the host cpu.
So the selection of the cpu affects the performance.