Provided by: xen-utils-common_4.4.2-0ubuntu0.14.04.14_all bug

NAME

       xl.cfg - XL Domain Configuration File Syntax

SYNOPSIS

        /etc/xen/xldomain

DESCRIPTION

       To create a VM (a domain in Xen terminology, sometimes called a guest) with xl requires
       the provision of a domain config file.  Typically these live in `/etc/xen/DOMAIN.cfg`
       where DOMAIN is the name of the domain.

SYNTAX

       A domain config file consists of a series of "KEY=VALUE" pairs.

       Some "KEY"s are mandatory, others are general options which apply to any guest type while
       others relate only to specific guest types (e.g. PV or HVM guests).

       A value "VALUE" is one of:

       "STRING"
           A string, surrounded by either single or double quotes.

       NUMBER
           A number, in either decimal, octal (using a 0 prefix) or hexadecimal (using an "0x"
           prefix).

       BOOLEAN
           A "NUMBER" interpreted as "False" (0) or "True" (any other value).

       [ VALUE, VALUE, ... ]
           A list of "VALUES" of the above types. Lists are homogeneous and are not nested.

       The semantics of each "KEY" defines which form of "VALUE" is required.

OPTIONS

   Mandatory Configuration Items
       The following key is mandatory for any guest type:

       name="NAME"
           Specifies the name of the domain.  Names of domains existing on a single host must be
           unique.

   Selecting Guest Type
       builder="generic"
           Specifies that this is to be a PV domain. This is the default.

       builder="hvm"
           Specifies that this is to be an HVM domain.  That is, a fully virtualised computer
           with emulated BIOS, disk and network peripherals, etc.  The default is a PV domain,
           suitable for hosting Xen-aware guest operating systems.

   General Options
       The following options apply to guests of any type.

       CPU Allocation

       pool="CPUPOOLNAME"
           Put the guest's vcpus into the named cpu pool.

       vcpus=N
           Start the guest with N vcpus initially online.

       maxvcpus=M
           Allow the guest to bring up a maximum of M vcpus. At start of day if `vcpus=N` is less
           than `maxvcpus=M` then the first `N` vcpus will be created online and the remainder
           will be offline.

       cpus="CPU-LIST"
           List of which cpus the guest is allowed to use. Default is no pinning at all (more on
           this below). A "CPU-LIST" may be specified as follows:

           "all"
               To allow all the vcpus of the guest to run on all the cpus on the host.

           "0-3,5,^1"
               To allow all the vcpus of the guest to run on cpus 0,2,3,5. Combining this with
               "all" is possible, meaning "all,^7" results in all the vcpus of the guest running
               on all the cpus on the host except cpu 7.

           "nodes:0-3,node:^2"
               To allow all the vcpus of the guest to run on the cpus from NUMA nodes 0,1,3 of
               the host. So, if cpus 0-3 belongs to node 0, cpus 4-7 belongs to node 1 and cpus
               8-11 to node 3, the above would mean all the vcpus of the guest will run on cpus
               0-3,8-11.

               Combining this notation with the one above is possible. For instance,
               "1,node:2,^6", means all the vcpus of the guest will run on cpu 1 and on all the
               cpus of NUMA node 2, but not on cpu 6. Following the same example as above, that
               would be cpus 1,4,5,7.

               Combining this with "all" is also possible, meaning "all,^nodes:1" results in all
               the vcpus of the guest running on all the cpus on the host, except for the cpus
               belonging to the host NUMA node 1.

           ["2", "3"] (or [2, 3])
               To ask for specific vcpu mapping. That means (in this example), vcpu #0 of the
               guest will run on cpu #2 of the host and vcpu #1 of the guest will run on cpu #3
               of the host.

           If this option is not specified, no vcpu to cpu pinning is established, and the vcpus
           of the guest can run on all the cpus of the host.

           If we are on a NUMA machine (i.e., if the host has more than one NUMA node) and this
           option is not specified, libxl automatically tries to place the guest on the least
           possible number of nodes. That, however, will not affect vcpu pinning, so the guest
           will still be able to run on all the cpus, it will just prefer the ones from the node
           it has been placed on. A heuristic approach is used for choosing the best node (or set
           of nodes), with the goals of maximizing performance for the guest and, at the same
           time, achieving efficient utilization of host cpus and memory. See
           docs/misc/xl-numa-placement.markdown for more details.

       CPU Scheduling

       cpu_weight=WEIGHT
           A domain with a weight of 512 will get twice as much CPU as a domain with a weight of
           256 on a contended host.  Legal weights range from 1 to 65535 and the default is 256.
           Honoured by the credit, credit2 and sedf schedulers.

       cap=N
           The cap optionally fixes the maximum amount of CPU a domain will be able to consume,
           even if the host system has idle CPU cycles.  The cap is expressed in percentage of
           one physical CPU: 100 is 1 physical CPU, 50 is half a CPU, 400 is 4 CPUs, etc.  The
           default, 0, means there is no upper cap.  Honoured by the credit and credit2
           schedulers.

           NB: Many systems have features that will scale down the computing power of a cpu that
           is not 100% utilized.  This can be in the operating system, but can also sometimes be
           below the operating system in the BIOS.  If you set a cap such that individual cores
           are running at less than 100%, this may have an impact on the performance of your
           workload over and above the impact of the cap. For example, if your processor runs at
           2GHz, and you cap a vm at 50%, the power management system may also reduce the clock
           speed to 1GHz; the effect will be that your VM gets 25% of the available power (50% of
           1GHz) rather than 50% (50% of 2GHz).  If you are not getting the performance you
           expect, look at performance and cpufreq options in your operating system and your
           BIOS.

       period=NANOSECONDS
           The normal EDF scheduling usage in nanoseconds. This means every period the domain
           gets cpu time defined in slice.  Honoured by the sedf scheduler.

       slice=NANOSECONDS
           The normal EDF scheduling usage in nanoseconds. it defines the time a domain get every
           period time.  Honoured by the sedf scheduler.

       latency=N
           Scaled period if domain is doing heavy I/O.  Honoured by the sedf scheduler.

       extratime=BOOLEAN
           Flag for allowing domain to run in extra time.  Honoured by the sedf scheduler.

       Memory Allocation

       memory=MBYTES
           Start the guest with MBYTES megabytes of RAM.

       maxmem=MBYTES
           Specifies the maximum amount of memory a guest can ever see.  The value of maxmem=
           must be equal or greater than memory=.

           In combination with memory= it will start the guest "pre-ballooned", if the values of
           memory= and maxmem= differ.  A "pre-ballooned" HVM guest needs a balloon driver,
           without a balloon driver it will crash.

       Event Actions

       on_poweroff="ACTION"
           Specifies what should be done with the domain if it shuts itself down.  The "ACTION"s
           are:

           destroy
               destroy the domain

           restart
               destroy the domain and immediately create a new domain with the same configuration

           rename-restart
               rename the domain which terminated, and then immediately create a new domain with
               the same configuration as the original

           preserve
               keep the domain.  It can be examined, and later destroyed with `xl destroy`.

           coredump-destroy
               write a "coredump" of the domain to /var/xen/dump/NAME and then destroy the
               domain.

           coredump-restart
               write a "coredump" of the domain to /var/xen/dump/NAME and then restart the
               domain.

           The default for "on_poweroff" is "destroy".

       on_reboot="ACTION"
           Action to take if the domain shuts down with a reason code requesting a reboot.
           Default is "restart".

       on_watchdog="ACTION"
           Action to take if the domain shuts down due to a Xen watchdog timeout.  Default is
           "destroy".

       on_crash="ACTION"
           Action to take if the domain crashes.  Default is "destroy".

       Other Options

       uuid="UUID"
           Specifies the UUID of the domain.  If not specified, a fresh unique UUID will be
           generated.

       seclabel="LABEL"
           Assign an XSM security label to this domain.

       init_seclabel="LABEL"
           Specify an XSM security label used for this domain temporarily during its build. The
           domain's XSM label will be changed to the execution seclabel (specified by "seclabel")
           once the build is complete, prior to unpausing the domain. With a properly constructed
           security policy (such as nomigrate_t in the example policy), this can be used to build
           a domain whose memory is not accessible to the toolstack domain.

       nomigrate=BOOLEAN
           Disable migration of this domain.  This enables certain other features which are
           incompatible with migration. Currently this is limited to enabling the invariant TSC
           feature flag in cpuid results when TSC is not emulated.

       driver_domain=BOOLEAN
           Specify that this domain is a driver domain. This enables certain features needed in
           order to run a driver domain.

   Devices
       The following options define the paravirtual, emulated and physical devices which the
       guest will contain.

       disk=[ "DISK_SPEC_STRING", "DISK_SPEC_STRING", ...]
           Specifies the disks (both emulated disks and Xen virtual block devices) which are to
           be provided to the guest, and what objects on the they should map to.  See
           docs/misc/xl-disk-configuration.txt.

       vif=[ "NET_SPEC_STRING", "NET_SPEC_STRING", ...]
           Specifies the networking provision (both emulated network adapters, and Xen virtual
           interfaces) to provided to the guest.  See
           docs/misc/xl-network-configuration.markdown.

       vtpm=[ "VTPM_SPEC_STRING", "VTPM_SPEC_STRING", ...]
           Specifies the virtual trusted platform module to be provided to the guest. Please see
           docs/misc/vtpm.txt for more details.

           Each VTPM_SPEC_STRING is a comma-separated list of "KEY=VALUE" settings, from the
           following list:

           "backend=DOMAIN"
               Specify the backend domain name of id. This value is required!  If this domain is
               a guest, the backend should be set to the vtpm domain name. If this domain is a
               vtpm, the backend should be set to the vtpm manager domain name.

           "uuid=UUID"
               Specify the uuid of this vtpm device. The uuid is used to uniquely identify the
               vtpm device. You can create one using the uuidgen program on unix systems. If left
               unspecified, a new uuid will be randomly generated every time the domain boots.
               If this is a vtpm domain, you should specify a value. The value is optional if
               this is a guest domain.

       vfb=[ "VFB_SPEC_STRING", "VFB_SPEC_STRING", ...]
           Specifies the paravirtual framebuffer devices which should be supplied to the domain.

           This options does not control the emulated graphics card presented to an HVM guest.
           See "Emulated VGA Graphics Device" below for how to configure the emulated device. If
           "Emulated VGA Graphics Device" options are used in a PV guest configuration, xl will
           pick up vnc, vnclisten, vncpasswd, vncdisplay and vncunused to construct paravirtual
           framebuffer device for the guest.

           Each VFB_SPEC_STRING is a comma-separated list of "KEY=VALUE" settings, from the
           following list:

           "vnc=BOOLEAN"
               Allow access to the display via the VNC protocol.  This enables the other VNC-
               related settings.  The default is to enable this.

           "vnclisten="ADDRESS[:DISPLAYNUM]""
               Specifies the IP address, and optionally VNC display number, to use.

               NB that if you specify the display number here, you should not use vncdisplay.

           "vncdisplay=DISPLAYNUM"
               Specifies the VNC display number to use.  The actual TCP port number will be
               DISPLAYNUM+5900.

               NB that you should not use this option if you set the displaynum in the vnclisten
               string.

           "vncunused=BOOLEAN"
               Requests that the VNC display setup search for a free TCP port to use.  The actual
               display used can be accessed with "xl vncviewer".

           "vncpasswd="PASSWORD""
               Specifies the password for the VNC server.

           "sdl=BOOLEAN"
               Specifies that the display should be presented via an X window (using Simple
               DirectMedia Layer). The default is to not enable this mode.

           "display=DISPLAY"
               Specifies the X Window display that should be used when the sdl option is used.
               Note: passing this value to the device-model is not currently implemented, so
               providing this option will have no effect.

           "xauthority=XAUTHORITY"
               Specifies the path to the X authority file that should be used to connect to the X
               server when the sdl option is used. Note: passing this value to the device-model
               is not currently implemented, so providing this option will have no effect.

           "opengl=BOOLEAN"
               Enable OpenGL acceleration of the SDL display. Only effects machines using
               "device_model_version="qemu-xen-traditional"" and only if the device-model was
               compiled with OpenGL support. Disabled by default.

           "keymap="LANG""
               Configure the keymap to use for the keyboard associated with this display. If the
               input method does not easily support raw keycodes (e.g. this is often the case
               when using VNC) then this allows us to correctly map the input keys into keycodes
               seen by the guest. The specific values which are accepted are defined by the
               version of the device-model which you are using. See "Keymaps" below or consult
               the qemu(1) manpage. The default is en-us.

       pci=[ "PCI_SPEC_STRING", "PCI_SPEC_STRING", ... ]
           Specifies the host PCI devices to passthrough to this guest. Each PCI_SPEC_STRING has
           the form "[DDDD:]BB:DD.F[@VSLOT],KEY=VALUE,KEY=VALUE,..." where:

           DDDD:BB:DD.F
               Identifies the PCI device from the host perspective in domain (DDDD), Bus (BB),
               Device (DD) and Function (F) syntax. This is the same scheme as used in the output
               of "lspci" for the device in question. Note: By default "lspci" will omit the
               domain (DDDD) if it is zero and it is optional here also. You may specify the
               function (F) as * to indicate all functions.

           @VSLOT
               Specifies the virtual device where the guest will see this device. This is
               equivalent to the DD which the guest sees. In a guest DDDD and BB are "0000:00".

           KEY=VALUE
               Possible KEYs are:

               permissive=BOOLEAN
                   (PV only) By default pciback only allows PV guests to write "known safe"
                   values into PCI config space.  But many devices require writes to other areas
                   of config space in order to operate properly.  This tells the pciback driver
                   to allow all writes to PCI config space of this device by this domain.  This
                   option should be enabled with caution: it gives the guest much more control
                   over the device, which may have security or stability implications.  It is
                   recommended to enable this option only for trusted VMs under administrator
                   control.

               msitranslate=BOOLEAN
                   Specifies that MSI-INTx translation should be turned on for the PCI device.
                   When enabled, MSI-INTx translation will always enable MSI on the PCI device
                   regardless whether the guest uses INTx or MSI. Some device drivers, such as
                   NVIDIA's, detect an inconsistency and do not function when this option is
                   enabled. Therefore the default is false (0).

               power_mgmt=BOOLEAN
                   (HVM only) Specifies that the VM should be able to program the D0-D3hot power
                   management states for the PCI device. False (0) by default.

       pci_permissive=BOOLEAN
           (PV only) Changes the default value of 'permissive' for all PCI devices passed through
           to this VM. See permissive above.

       pci_msitranslate=BOOLEAN
           Changes the default value of 'msitranslate' for all PCI devices passed through to this
           VM. See msitranslate above.

       pci_power_mgmt=BOOLEAN
           (HVM only) Changes the default value of 'power_mgmt' for all PCI devices passed
           through to this VM. See power_mgt above.

       gfx_passthru=BOOLEAN
           Enable graphics device PCI passthrough. This option makes an assigned PCI graphics
           card become primary graphics card in the VM. The QEMU emulated graphics adapter is
           disabled and the VNC console for the VM will not have any graphics output. All
           graphics output, including boot time QEMU BIOS messages from the VM, will go to the
           physical outputs of the passedthrough physical graphics card.

           The graphics card PCI device to passthrough is chosen with pci option, exactly in the
           same way as normal Xen PCI device passthrough/assignment is done.  Note that
           gfx_passthru does not do any kind of sharing of the GPU, so you can only assign the
           GPU to one single VM at a time.

           gfx_passthru also enables various legacy VGA memory ranges, BARs, MMIOs, and ioports
           to be passed thru to the VM, since those are required for correct operation of things
           like VGA BIOS, text mode, VBE, etc.

           Enabling gfx_passthru option also copies the physical graphics card video BIOS to the
           guest memory, and executes the VBIOS in the guest to initialize the graphics card.

           Most graphics adapters require vendor specific tweaks for properly working graphics
           passthrough. See the XenVGAPassthroughTestedAdapters
           <http://wiki.xen.org/wiki/XenVGAPassthroughTestedAdapters> wiki page for currently
           supported graphics cards for gfx_passthru.

           gfx_passthru is currently only supported with the qemu-xen-traditional device-model.
           Upstream qemu-xen device-model currently does not have support for gfx_passthru.

           Note that some graphics adapters (AMD/ATI cards, for example) do not necessarily
           require gfx_passthru option, so you can use the normal Xen PCI passthrough to assign
           the graphics card as a secondary graphics card to the VM. The QEMU-emulated graphics
           card remains the primary graphics card, and VNC output is available from the QEMU-
           emulated primary adapter.

           More information about Xen gfx_passthru feature is available on the XenVGAPassthrough
           <http://wiki.xen.org/wiki/XenVGAPassthrough> wiki page.

       ioports=[ "IOPORT_RANGE", "IOPORT_RANGE", ... ]
           Allow guest to access specific legacy I/O ports. Each IOPORT_RANGE is given in
           hexadecimal and may either a span e.g. "2f8-2ff" (inclusive) or a single I/O port
           "2f8".

           It is recommended to use this option only for trusted VMs under administrator control.

       iomem=[ "IOMEM_START,NUM_PAGES", "IOMEM_START,NUM_PAGES", ... ]
           Allow guest to access specific hardware I/O memory pages. IOMEM_START is a physical
           page number. NUM_PAGES is the number of pages beginning with START_PAGE to allow
           access. Both values must be given in hexadecimal.

           It is recommended to use this option only for trusted VMs under administrator control.

       irqs=[ NUMBER, NUMBER, ... ]
           Allow a guest to access specific physical IRQs.

           It is recommended to use this option only for trusted VMs under administrator control.

       max_event_channels=N
           Limit the guest to using at most N event channels (PV interrupts).  Guests use
           hypervisor resources for each event channel they use.

           The default of 1023 should be sufficient for typical guests.  The maximum value
           depends what the guest supports.  Guests supporting the FIFO-based event channel ABI
           support up to 131,071 event channels.  Other guests are limited to 4095 (64-bit x86
           and ARM) or 1023 (32-bit x86).

   Paravirtualised (PV) Guest Specific Options
       The following options apply only to Paravirtual guests.

       kernel="PATHNAME"
           Load the specified file as the kernel image.  Either kernel or bootloader must be
           specified for PV guests.

       ramdisk="PATHNAME"
           Load the specified file as the ramdisk.

       bootloader="PROGRAM"
           Run "PROGRAM" to find the kernel image and ramdisk to use.  Normally "PROGRAM" would
           be "pygrub", which is an emulation of grub/grub2/syslinux.

       bootloader_args=[ "ARG", "ARG", ...]
           Append ARGs to the arguments to the bootloader program. Alternatively if the argument
           is a simple string then it will be split into words at whitespace (this second option
           is deprecated).

       root="STRING"
           Append root="STRING" to the kernel command line (Note: it is guest specific what
           meaning this has).

       extra="STRING"
           Append STRING to the kernel command line. Note: it is guest specific what meaning this
           has).

       e820_host=BOOLEAN
           Selects whether to expose the host e820 (memory map) to the guest via the virtual
           e820. When this option is false (0) the guest pseudo-physical address space consists
           of a single contiguous RAM region. When this option is specified the virtual e820
           instead reflects the host e820 and contains the same PCI holes. The total amount of
           RAM represented by the memory map is always the same, this option configures only how
           it is laid out.

           Exposing the host e820 to the guest gives the guest kernel the opportunity to set
           aside the required part of its pseudo-physical address space in order to provide
           address space to map passedthrough PCI devices. It is guest Operating System dependent
           whether this option is required, specifically it is required when using a mainline
           Linux ("pvops") kernel. This option defaults to true (1) if any PCI passthrough
           devices are configured and false (0) otherwise. If you do not configure any
           passthrough devices at domain creation time but expect to hotplug devices later then
           you should set this option. Conversely if your particular guest kernel does not
           require this behaviour then it is safe to allow this to be enabled but you may wish to
           disable it anyway.

       pvh=BOOLEAN Selects whether to run this PV guest in an HVM container. Default is 0.

   Fully-virtualised (HVM) Guest Specific Options
       The following options apply only to HVM guests.

       Boot Device

       boot=[c|d|n]
           Selects the emulated virtual device to boot from. Options are hard disk (c), cd-rom
           (d) or network/PXE (n). Multiple options can be given and will be attempted in the
           order they are given. e.g. to boot from cd-rom but fallback to the hard disk you can
           give dc. The default is cd.

       Paging

       The following options control the mechanisms used to virtualise guest memory.  The
       defaults are selected to give the best results for the common case and so you should
       normally leave these options unspecified.

       hap=BOOLEAN
           Turns "hardware assisted paging" (the use of the hardware nested page table feature)
           on or off.  This feature is called EPT (Extended Page Tables) by Intel and NPT (Nested
           Page Tables) or RVI (Rapid Virtualisation Indexing) by AMD.  Affects HVM guests only.
           If turned off, Xen will run the guest in "shadow page table" mode where the guest's
           page table updates and/or TLB flushes etc. will be emulated.  Use of HAP is the
           default when available.

       oos=BOOLEAN
           Turns "out of sync pagetables" on or off.  When running in shadow page table mode, the
           guest's page table updates may be deferred as specified in the Intel/AMD architecture
           manuals.  However this may expose unexpected bugs in the guest, or find bugs in Xen,
           so it is possible to disable this feature.  Use of out of sync page tables, when Xen
           thinks it appropriate, is the default.

       shadow_memory=MBYTES
           Number of megabytes to set aside for shadowing guest pagetable pages (effectively
           acting as a cache of translated pages) or to use for HAP state. By default this is 1MB
           per guest vcpu plus 8KB per MB of guest RAM. You should not normally need to adjust
           this value. However if you are not using hardware assisted paging (i.e. you are using
           shadow mode) and your guest workload consists of a a very large number of similar
           processes then increasing this value may improve performance.

       Processor and Platform Features

       The following options allow various processor and platform level features to be hidden or
       exposed from the guest's point of view. This can be useful when running older guest
       Operating Systems which may misbehave when faced with more modern features. In general you
       should accept the defaults for these options wherever possible.

       bios="STRING"
           Select the virtual firmware that is exposed to the guest.  By default, a guess is made
           based on the device model, but sometimes it may be useful to request a different one,
           like UEFI.

           rombios
               Loads ROMBIOS, a 16-bit x86 compatible BIOS. This is used by default when
               device_model_version=qemu-xen-traditional. This is the only BIOS option supported
               when device_model_version=qemu-xen-traditional. This is the BIOS used by all
               previous Xen versions.

           seabios
               Loads SeaBIOS, a 16-bit x86 compatible BIOS. This is used by default with
               device_model_version=qemu-xen.

           ovmf
               Loads OVMF, a standard UEFI firmware by Tianocore project.  Requires
               device_model_version=qemu-xen.

       pae=BOOLEAN
           Hide or expose the IA32 Physical Address Extensions. These extensions make it possible
           for a 32 bit guest Operating System to access more than 4GB of RAM. Enabling PAE also
           enabled other features such as NX. PAE is required if you wish to run a 64-bit guest
           Operating System. In general you should leave this enabled and allow the guest
           Operating System to choose whether or not to use PAE. (X86 only)

       acpi=BOOLEAN
           Expose ACPI (Advanced Configuration and Power Interface) tables from the virtual
           firmware to the guest Operating System. ACPI is required by most modern guest
           Operating Systems. This option is enabled by default and usually you should omit it.
           However it may be necessary to disable ACPI for compatibility with some guest
           Operating Systems.

       acpi_s3=BOOLEAN
           Include the S3 (suspend-to-ram) power state in the virtual firmware ACPI table. True
           (1) by default.

       acpi_s4=BOOLEAN
           Include S4 (suspend-to-disk) power state in the virtual firmware ACPI table. True (1)
           by default.

       apic=BOOLEAN
           Include information regarding APIC (Advanced Programmable Interrupt Controller) in the
           firmware/BIOS tables on a single processor guest. This causes the MP (multiprocessor)
           and PIR (PCI Interrupt Routing) tables to be exported by the virtual firmware. This
           option has no effect on a guest with multiple virtual CPUS as they must always include
           these tables. This option is enabled by default and you should usually omit it but it
           may be necessary to disable these firmware tables when using certain older guest
           Operating Systems. These tables have been superseded by newer constructs within the
           ACPI tables. (X86 only)

       nx=BOOLEAN
           Hides or exposes the No-eXecute capability. This allows a guest Operating system to
           map pages such that they cannot be executed which can enhance security. This options
           requires that PAE also be enabled. (X86 only)

       hpet=BOOLEAN
           Enables or disables HPET (High Precision Event Timer). This option is enabled by
           default and you should usually omit it. It may be necessary to disable the HPET in
           order to improve compatibility with guest Operating Systems (X86 only)

       nestedhvm=BOOLEAN
           Enable or disables guest access to hardware virtualisation features, e.g. it allows a
           guest Operating System to also function as a hypervisor. This option is disabled by
           default. You may want this option if you want to run another hypervisor (including
           another copy of Xen) within a Xen guest or to support a guest Operating System which
           uses hardware virtualisation extensions (e.g. Windows XP compatibility mode on more
           modern Windows OS).

       cpuid="LIBXL_STRING" or cpuid=[ "XEND_STRING", "XEND_STRING" ]
           Configure the value returned when a guest executes CPUID instruction.  Two versions of
           config syntax are recognized: libxl and xend.

           The libxl syntax is a comma separated list of key=value pairs, preceded by the word
           "host". A few keys take a numerical value, all others take a single character which
           describes what to do with the feature bit.

           Possible values for a single feature bit:
             '1' -> force the corresponding bit to 1
             '0' -> force to 0
             'x' -> Get a safe value (pass through and mask with the default policy)
             'k' -> pass through the host bit value
             's' -> as 'k' but preserve across save/restore and migration (not implemented)

           List of keys taking a value: apicidsize brandid clflush family localapicid maxleaf
           model nc proccount procpkg stepping

           List of keys taking a character: 3dnow 3dnowext 3dnowprefetch abm acpi aes altmovcr8
           apic avx clfsh cmov cmplegacy cmpxchg16 cmpxchg8 cntxid dca de ds dscpl dtes64 est
           extapic f16c ffxsr fma4 fpu fxsr htt hypervisor ia64 ibs lahfsahf lm lwp mca mce
           misalignsse mmx mmxext monitor movbe msr mtrr nodeid nx osvw osxsave pae page1gb pat
           pbe pclmulqdq pdcm pge popcnt pse pse36 psn rdtscp skinit smx ss sse sse2 sse3 sse4_1
           sse4_2 sse4a ssse3 svm svm_decode svm_lbrv svm_npt svm_nrips svm_pausefilt svm_tscrate
           svm_vmcbclean syscall sysenter tbm tm tm2 topoext tsc vme vmx wdt x2apic xop xsave
           xtpr

           The xend syntax is a list of values in the form of
           'leafnum:register=bitstring,register=bitstring'
             "leafnum" is the requested function,
             "register" is the response register to modify
             "bitstring" represents all bits in the register, its length must be 32 chars.
             Each successive character represent a lesser-significant bit, possible values
             are listed above in the libxl section.

           Example to hide two features from the guest: 'tm', which is bit #29 in EDX, and 'pni'
           (SSE3), which is bit #0 in ECX:

           xend: [ '1:ecx=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx0,edx=xx0xxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
           ]

           libxl: 'host,tm=0,sse3=0'

           More info about the CPUID instruction can be found in the processor manuals, and in
           Wikipedia: <http://en.wikipedia.org/wiki/CPUID>

       acpi_firmware="STRING"
           Specify a path to a file that contains extra ACPI firmware tables to pass in to a
           guest. The file can contain several tables in their binary AML form concatenated
           together. Each table self describes its length so no additional information is needed.
           These tables will be added to the ACPI table set in the guest. Note that existing
           tables cannot be overridden by this feature. For example this cannot be used to
           override tables like DSDT, FADT, etc.

       smbios_firmware="STRING"
           Specify a path to a file that contains extra SMBIOS firmware structures to pass in to
           a guest. The file can contain a set DMTF predefined structures which will override the
           internal defaults. Not all predefined structures can be overridden, only the following
           types: 0, 1, 2, 3, 11, 22, 39. The file can also contain any number of vendor defined
           SMBIOS structures (type 128 - 255). Since SMBIOS structures do not present their
           overall size, each entry in the file must be preceded by a 32b integer indicating the
           size of the next structure.

       Guest Virtual Time Controls

       tsc_mode="MODE"
           Specifies how the TSC (Time Stamp Counter) should be provided to the guest (X86 only).
           Specifying this option as a number is deprecated. Options are:

           "default"
               Guest rdtsc/p executed natively when monotonicity can be guaranteed and emulated
               otherwise (with frequency scaled if necessary).

           "always_emulate"
               Guest rdtsc/p always emulated at 1GHz (kernel and user). Guest rdtsc/p always
               emulated and the virtual TSC will appear to increment (kernel and user) at a fixed
               1GHz rate, regardless of the PCPU HZ rate or power state; Although there is an
               overhead associated with emulation this will NOT affect underlying CPU
               performance.

           "native"
               Guest rdtsc always executed natively (no monotonicity/frequency guarantees); guest
               rdtscp emulated at native frequency if unsupported by h/w, else executed natively.

           "native_paravirt"
               Same as native, except xen manages TSC_AUX register so guest can determine when a
               restore/migration has occurred and assumes guest obtains/uses pvclock-like
               mechanism to adjust for monotonicity and frequency changes.

           Please see docs/misc/tscmode.txt for more information on this option.

       localtime=BOOLEAN
           Set the real time clock to local time or to UTC. False (0) by default, i.e. set to
           UTC.

       rtc_timeoffset=SECONDS
           Set the real time clock offset in seconds. False (0) by default.

       vpt_align=BOOLEAN
           Specifies that periodic Virtual Platform Timers should be aligned to reduce guest
           interrupts. Enabling this option can reduce power consumption, especially when a guest
           uses a high timer interrupt frequency (HZ) values. The default is true (1).

       timer_mode=MODE
           Specifies the mode for Virtual Timers. The valid values are as follows:

           "delay_for_missed_ticks"
               Delay for missed ticks. Do not advance a vcpu's time beyond the correct delivery
               time for interrupts that have been missed due to preemption. Deliver missed
               interrupts when the vcpu is rescheduled and advance the vcpu's virtual time
               stepwise for each one.

           "no_delay_for_missed_ticks"
               No delay for missed ticks. As above, missed interrupts are delivered, but guest
               time always tracks wallclock (i.e., real) time while doing so.

           "no_missed_ticks_pending"
               No missed interrupts are held pending. Instead, to ensure ticks are delivered at
               some non-zero rate, if we detect missed ticks then the internal tick alarm is not
               disabled if the VCPU is preempted during the next tick period.

           "one_missed_tick_pending"
               One missed tick pending. Missed interrupts are collapsed together and delivered as
               one 'late tick'.  Guest time always tracks wallclock (i.e., real) time.

       Support for Paravirtualisation of HVM Guests

       The following options allow Paravirtualised features (such as devices) to be exposed to
       the guest Operating System in an HVM guest.  Utilising these features requires specific
       guest support but when available they will result in improved performance.

       xen_platform_pci=BOOLEAN
           Enable or disable the Xen platform PCI device.  The presence of this virtual device
           enables a guest Operating System (subject to the availability of suitable drivers) to
           make use of paravirtualisation features such as disk and network devices etc. Enabling
           these drivers improves performance and is strongly recommended when available. PV
           drivers are available for various Operating Systems including HVM Linux
           <http://wiki.xen.org/wiki/XenLinuxPVonHVMdrivers> and Microsoft Windows
           <http://wiki.xen.org/wiki/XenWindowsGplPv>.

           Setting xen_platform_pci=0 with the default device_model "qemu-xen" requires at least
           QEMU 1.6.

       viridian=BOOLEAN
           Turns on or off the exposure of MicroSoft Hyper-V (AKA viridian) compatible
           enlightenments to the guest.  These can improve performance of Microsoft Windows
           guests from Windows Vista and Windows 2008 onwards and setting this option for such
           guests is strongly recommended. This option should be harmless for other versions of
           Windows (although it will not give any benefit) and the majority of other non-Windows
           OSes. However it is known to be incompatible with some other Operating Systems and in
           some circumstance can prevent Xen's own paravirtualisation interfaces for HVM guests
           from being used.

       Emulated VGA Graphics Device

       The following options control the features of the emulated graphics device.  Many of these
       options behave similarly to the equivalent key in the VFB_SPEC_STRING for configuring
       virtual frame buffer devices (see above).

       videoram=MBYTES
           Sets the amount of RAM which the emulated video card will contain, which in turn
           limits the resolutions and bit depths which will be available.

           When using the qemu-xen-traditional device-model, the default as well as minimum
           amount of video RAM for stdvga is 8 MB, which is sufficient for e.g.  1600x1200 at
           32bpp. For the upstream qemu-xen device-model, the default and minimum is 16 MB.

           When using the emulated Cirrus graphics card (vga="cirrus") and the qemu-xen-
           traditional device-model, the amount of video RAM is fixed at 4 MB, which is
           sufficient for 1024x768 at 32 bpp. For the upstream qemu-xen device-model, the default
           and minimum is 8 MB.

       stdvga=BOOLEAN
           Select a standard VGA card with VBE (VESA BIOS Extensions) as the emulated graphics
           device. The default is false (0) which means to emulate a Cirrus Logic GD5446 VGA
           card. If your guest supports VBE 2.0 or later (e.g. Windows XP onwards) then you
           should enable this.  stdvga supports more video ram and bigger resolutions than
           Cirrus.  This option is deprecated, use vga="stdvga" instead.

       vga="STRING"
           Selects the emulated video card (stdvga|cirrus).  The default is cirrus.

       vnc=BOOLEAN
           Allow access to the display via the VNC protocol.  This enables the other VNC-related
           settings.  The default is to enable this.

       vncviewer=BOOLEAN
           Automatically spawn a vncviewer when creating/restoring a guest.

       vnclisten="ADDRESS[:DISPLAYNUM]"
           Specifies the IP address, and optionally VNC display number, to use.

       vncdisplay=DISPLAYNUM
           Specifies the VNC display number to use. The actual TCP port number will be
           DISPLAYNUM+5900.

       vncunused=BOOLEAN
           Requests that the VNC display setup search for a free TCP port to use.  The actual
           display used can be accessed with "xl vncviewer".

       vncpasswd="PASSWORD"
           Specifies the password for the VNC server.

       keymap="LANG"
           Configure the keymap to use for the keyboard associated with this display. If the
           input method does not easily support raw keycodes (e.g. this is often the case when
           using VNC) then this allows us to correctly map the input keys into keycodes seen by
           the guest. The specific values which are accepted are defined by the version of the
           device-model which you are using. See "Keymaps" below or consult the qemu(1) manpage.
           The default is en-us.

       sdl=BOOLEAN
           Specifies that the display should be presented via an X window (using Simple
           DirectMedia Layer). The default is not to enable this mode.

       opengl=BOOLEAN
           Enable OpenGL acceleration of the SDL display. Only effects machines using
           device_model_version="qemu-xen-traditional" and only if the device-model was compiled
           with OpenGL support. False (0) by default.

       nographic=BOOLEAN
           Enable or disable the virtual graphics device.  The default is to provide a VGA
           graphics device but this option can be used to disable it.

       Spice Graphics Support

       The following options control the features of SPICE.

       spice=BOOLEAN
           Allow access to the display via the SPICE protocol.  This enables the other SPICE-
           related settings.

       spicehost="ADDRESS"
           Specify the interface address to listen on if given, otherwise any interface.

       spiceport=NUMBER
           Specify the port to listen on by the SPICE server if the SPICE is enabled.

       spicetls_port=NUMBER
           Specify the secure port to listen on by the SPICE server if the SPICE is enabled. At
           least one of the spiceport or spicetls_port must be given if SPICE is enabled.  NB.
           the options depending on spicetls_port have not been supported.

       spicedisable_ticketing=BOOLEAN
           Enable client connection without password. When disabled, spicepasswd must be set. The
           default is false (0).

       spicepasswd="PASSWORD"
           Specify the ticket password which is used by a client for connection.

       spiceagent_mouse=BOOLEAN
           Whether SPICE agent is used for client mouse mode. The default is true (1) (turn on)

       spicevdagent=BOOLEAN
           Enables spice vdagent. The Spice vdagent is an optional component for enhancing user
           experience and performing guest-oriented management tasks. Its features includes:
           client mouse mode (no need to grab mouse by client, no mouse lag), automatic
           adjustment of screen resolution, copy and paste (text and image) between client and
           domU. It also requires vdagent service installed on domU o.s. to work. The default is
           0.

       spice_clipboard_sharing=BOOLEAN
           Enables Spice clipboard sharing (copy/paste). It requires spicevdagent enabled. The
           default is false (0).

       spiceusbredirection=NUMBER
           Enables spice usbredirection. Creates NUMBER usbredirection channels for redirection
           of up to 4 usb devices from spice client to domU's qemu.  It requires an usb
           controller and if not defined it will automatically adds an usb2 controller. The
           default is disabled (0).

       Miscellaneous Emulated Hardware

       serial=DEVICE
           Redirect the virtual serial port to DEVICE. Please see the -serial option in the
           qemu(1) manpage for details of the valid DEVICE options. Default is vc when in
           graphical mode and stdio if nographics=1 is used.

       soundhw=DEVICE
           Select the virtual sound card to expose to the guest. The valid devices are defined by
           the device model configuration, please see the qemu(1) manpage for details. The
           default is not to export any sound device.

       usb=BOOLEAN
           Enables or disables an emulated USB bus in the guest.

       usbversion=NUMBER
           Specifies the type of an emulated USB bus in the guest. 1 for usb1, 2 for usb2 and 3
           for usb3, it is available only with upstream qemu.  Due to implementation limitations
           this is not compatible with the usb and usbdevice parameters.  Default is 0 (no usb
           controller defined).

       usbdevice=[ "DEVICE", "DEVICE", ...]
           Adds DEVICEs to the emulated USB bus. The USB bus must also be enabled using usb=1.
           The most common use for this option is usbdevice=['tablet'] which adds pointer device
           using absolute coordinates. Such devices function better than relative coordinate
           devices (such as a standard mouse) since many methods of exporting guest graphics
           (such as VNC) work better in this mode. Note that this is independent of the actual
           pointer device you are using on the host/client side.

           Host devices can also be passed through in this way, by specifying host:USBID, where
           USBID is of the form xxxx:yyyy.  The USBID can typically be found by using lsusb or
           usb-devices.

           If you wish to use the "host:bus.addr" format, remove any leading '0' from the bus and
           addr. For example, for the USB device on bus 008 dev 002, you should write "host:8.2".

           The form usbdevice=DEVICE is also accepted for backwards compatibility.

           More valid options can be found in the "usbdevice" section of the qemu documentation.

       vendor_device="VENDOR_DEVICE"
           Selects which variant of the QEMU xen-pvdevice should be used for this guest. Valid
           values are:

           none
               The xen-pvdevice should be omitted. This is the default.

           xenserver
               The xenserver variant of the xen-pvdevice (device-id=C000) will be specified,
               enabling the use of XenServer PV drivers in the guest.

           This parameter only takes effect when device_model_version=qemu-xen.  See
           docs/misc/pci-device-reservations.txt for more information.

   Device-Model Options
       The following options control the selection of the device-model.  This is the component
       which provides emulation of the virtual devices to an HVM guest.  For a PV guest a device-
       model is sometimes used to provide backends for certain PV devices (most usually a virtual
       framebuffer device).

       device_model_version="DEVICE-MODEL"
           Selects which variant of the device-model should be used for this guest. Valid values
           are:

           qemu-xen
               Use the device-model merged into the upstream QEMU project.  This device-model is
               the default for Linux dom0.

           qemu-xen-traditional
               Use the device-model based upon the historical Xen fork of Qemu.  This device-
               model is still the default for NetBSD dom0.

           It is recommended to accept the default value for new guests.  If you have existing
           guests then, depending on the nature of the guest Operating System, you may wish to
           force them to use the device model which they were installed with.

       device_model_override="PATH"
           Override the path to the binary to be used as the device-model. The binary provided
           here MUST be consistent with the `device_model_version` which you have specified. You
           should not normally need to specify this option.

       device_model_stubdomain_override=BOOLEAN
           Override the use of stubdomain based device-model.  Normally this will be
           automatically selected based upon the other features and options you have selected.

       device_model_stubdomain_seclabel="LABEL"
           Assign an XSM security label to the device-model stubdomain.

       device_model_args=[ "ARG", "ARG", ...]
           Pass additional arbitrary options on the device-model command line. Each element in
           the list is passed as an option to the device-model.

       device_model_args_pv=[ "ARG", "ARG", ...]
           Pass additional arbitrary options on the device-model command line for a PV device
           model only. Each element in the list is passed as an option to the device-model.

       device_model_args_hvm=[ "ARG", "ARG", ...]
           Pass additional arbitrary options on the device-model command line for an HVM device
           model only. Each element in the list is passed as an option to the device-model.

   Keymaps
       The keymaps available are defined by the device-model which you are using. Commonly this
       includes:

               ar  de-ch  es  fo     fr-ca  hu  ja  mk     no  pt-br  sv
               da  en-gb  et  fr     fr-ch  is  lt  nl     pl  ru     th
               de  en-us  fi  fr-be  hr     it  lv  nl-be  pt  sl     tr

       The default is en-us.

       See qemu(1) for more information.

SEE ALSO

       xl(1)
       xlcpupool.cfg(5)
       xl-disk-configuration
       xl-network-configuration
       docs/misc/tscmode.txt

FILES

       /etc/xen/NAME.cfg /var/xen/dump/NAME

BUGS

       This document may contain items which require further documentation. Patches to improve
       incomplete items (or any other item) are gratefully received on the
       xen-devel@lists.xen.org mailing list. Please see
       <http://wiki.xen.org/wiki/SubmittingXenPatches> for information on how to submit a patch
       to Xen.