target/mips: Style improvements in cpu.c

[qemu.git] / qemu-nbd.texi

diff --git a/qemu-nbd.texi b/qemu-nbd.texi
index ff2f207922e049d938481f0e035ab3cd50f4d5d9..7f55657722bdc1d77eacd6ed38f6076d5d8ee16f 100644 (file)
--- a/qemu-nbd.texi
+++ b/qemu-nbd.texi
@@ -1,53 +1,201 @@
 @example
 @c man begin SYNOPSIS
 @example
 @c man begin SYNOPSIS

-usage: qemu-nbd [OPTION]...  @var{filename}
+@command{qemu-nbd} [OPTION]... @var{filename}
+
+@command{qemu-nbd} @option{-L} [OPTION]...
+
+@command{qemu-nbd} @option{-d} @var{dev}

 @c man end
 @end example
 
 @c man begin DESCRIPTION
 
 @c man end
 @end example
 
 @c man begin DESCRIPTION
 

-Export Qemu disk image using NBD protocol.
+Export a QEMU disk image using the NBD protocol.
+
+Other uses:
+@itemize
+@item
+Bind a /dev/nbdX block device to a QEMU server (on Linux).
+@item
+As a client to query exports of a remote NBD server.
+@end itemize

 
 @c man end
 
 @c man begin OPTIONS
 
 @c man end
 
 @c man begin OPTIONS

-@table @var
-@item filename
- is a disk image filename
-@item -p, --port=PORT
-  port to listen on (default `1024')
-@item -o, --offset=OFFSET
-  offset into the image
-@item -b, --bind=IFACE
-  interface to bind to (default `0.0.0.0')
-@item -k, --socket=PATH
-  Use a unix socket with path PATH
+@var{filename} is a disk image filename, or a set of block
+driver options if @option{--image-opts} is specified.
+
+@var{dev} is an NBD device.
+
+@table @option
+@item --object type,id=@var{id},...props...
+Define a new instance of the @var{type} object class identified by @var{id}.
+See the @code{qemu(1)} manual page for full details of the properties
+supported. The common object types that it makes sense to define are the
+@code{secret} object, which is used to supply passwords and/or encryption
+keys, and the @code{tls-creds} object, which is used to supply TLS
+credentials for the qemu-nbd server or client.
+@item -p, --port=@var{port}
+The TCP port to listen on as a server, or connect to as a client
+(default @samp{10809}).
+@item -o, --offset=@var{offset}
+The offset into the image.
+@item -b, --bind=@var{iface}
+The interface to bind to as a server, or connect to as a client
+(default @samp{0.0.0.0}).
+@item -k, --socket=@var{path}
+Use a unix socket with path @var{path}.
+@item --image-opts
+Treat @var{filename} as a set of image options, instead of a plain
+filename. If this flag is specified, the @var{-f} flag should
+not be used, instead the '@code{format=}' option should be set.
+@item -f, --format=@var{fmt}
+Force the use of the block driver for format @var{fmt} instead of
+auto-detecting.

 @item -r, --read-only
 @item -r, --read-only

-  export read-only
-@item -P, --partition=NUM
-  only expose partition NUM
+Export the disk as read-only.
+@item -P, --partition=@var{num}
+Deprecated: Only expose MBR partition @var{num}.  Understands physical
+partitions 1-4 and logical partition 5. New code should instead use
+@option{--image-opts} with the raw driver wrapping a subset of the
+original image.
+@item -B, --bitmap=@var{name}
+If @var{filename} has a qcow2 persistent bitmap @var{name}, expose
+that bitmap via the ``qemu:dirty-bitmap:@var{name}'' context
+accessible through NBD_OPT_SET_META_CONTEXT.

 @item -s, --snapshot
 @item -s, --snapshot

-  use snapshot file
+Use @var{filename} as an external snapshot, create a temporary
+file with backing_file=@var{filename}, redirect the write to
+the temporary one.
+@item -l, --load-snapshot=@var{snapshot_param}
+Load an internal snapshot inside @var{filename} and export it
+as an read-only device, @var{snapshot_param} format is
+'snapshot.id=[ID],snapshot.name=[NAME]' or '[ID_OR_NAME]'

 @item -n, --nocache
 @item -n, --nocache

-  disable host cache
-@item -c, --connect
-  connect FILE to NBD device DEV
+@itemx --cache=@var{cache}
+The cache mode to be used with the file.  See the documentation of
+the emulator's @code{-drive cache=...} option for allowed values.
+@item --aio=@var{aio}
+Set the asynchronous I/O mode between @samp{threads} (the default)
+and @samp{native} (Linux only).
+@item --discard=@var{discard}
+Control whether @dfn{discard} (also known as @dfn{trim} or @dfn{unmap})
+requests are ignored or passed to the filesystem.  @var{discard} is one of
+@samp{ignore} (or @samp{off}), @samp{unmap} (or @samp{on}).  The default is
+@samp{ignore}.
+@item --detect-zeroes=@var{detect-zeroes}
+Control the automatic conversion of plain zero writes by the OS to
+driver-specific optimized zero write commands.  @var{detect-zeroes} is one of
+@samp{off}, @samp{on} or @samp{unmap}.  @samp{unmap}
+converts a zero write to an unmap operation and can only be used if
+@var{discard} is set to @samp{unmap}.  The default is @samp{off}.
+@item -c, --connect=@var{dev}
+Connect @var{filename} to NBD device @var{dev} (Linux only).

 @item -d, --disconnect
 @item -d, --disconnect

-  disconnect the specified device
-@item -e, --shared=NUM
-  device can be shared by NUM clients (default '1')
+Disconnect the device @var{dev} (Linux only).
+@item -e, --shared=@var{num}
+Allow up to @var{num} clients to share the device (default
+@samp{1}). Safe for readers, but for now, consistency is not
+guaranteed between multiple writers.

 @item -t, --persistent
 @item -t, --persistent

-  don't exit on the last connection
+Don't exit on the last connection.
+@item -x, --export-name=@var{name}
+Set the NBD volume export name (default of a zero-length string).
+@item -D, --description=@var{description}
+Set the NBD volume export description, as a human-readable
+string.
+@item -L, --list
+Connect as a client and list all details about the exports exposed by
+a remote NBD server.  This enables list mode, and is incompatible
+with options that change behavior related to a specific export (such as
+@option{--export-name}, @option{--offset}, ...).
+@item --tls-creds=ID
+Enable mandatory TLS encryption for the server by setting the ID
+of the TLS credentials object previously created with the --object
+option; or provide the credentials needed for connecting as a client
+in list mode.
+@item --fork
+Fork off the server process and exit the parent once the server is running.
+@item --pid-file=PATH
+Store the server's process ID in the given file.
+@item --tls-authz=ID
+Specify the ID of a qauthz object previously created with the
+--object option. This will be used to authorize connecting users
+against their x509 distinguished name.

 @item -v, --verbose
 @item -v, --verbose

-  display extra debugging information
+Display extra debugging information.

 @item -h, --help
 @item -h, --help

-  display this help and exit
+Display this help and exit.

 @item -V, --version
 @item -V, --version

-  output version information and exit
+Display version information and exit.
+@item -T, --trace [[enable=]@var{pattern}][,events=@var{file}][,file=@var{file}]
+@findex --trace
+@include qemu-option-trace.texi

 @end table
 
 @c man end
 
 @end table
 
 @c man end
 

+@c man begin EXAMPLES
+Start a server listening on port 10809 that exposes only the
+guest-visible contents of a qcow2 file, with no TLS encryption, and
+with the default export name (an empty string). The command is
+one-shot, and will block until the first successful client
+disconnects:
+
+@example
+qemu-nbd -f qcow2 file.qcow2
+@end example
+
+Start a long-running server listening with encryption on port 10810,
+and whitelist clients with a specific X.509 certificate to connect to
+a 1 megabyte subset of a raw file, using the export name 'subset':
+
+@example
+qemu-nbd \
+  --object tls-creds-x509,id=tls0,endpoint=server,dir=/path/to/qemutls \
+  --object 'authz-simple,id=auth0,identity=CN=laptop.example.com,,\
+            O=Example Org,,L=London,,ST=London,,C=GB' \
+  --tls-creds tls0 --tls-authz auth0 \
+  -t -x subset -p 10810 \
+  --image-opts driver=raw,offset=1M,size=1M,file.driver=file,file.filename=file.raw
+@end example
+
+Serve a read-only copy of just the first MBR partition of a guest
+image over a Unix socket with as many as 5 simultaneous readers, with
+a persistent process forked as a daemon:
+
+@example
+qemu-nbd --fork --persistent --shared=5 --socket=/path/to/sock \
+  --partition=1 --read-only --format=qcow2 file.qcow2
+@end example
+
+Expose the guest-visible contents of a qcow2 file via a block device
+/dev/nbd0 (and possibly creating /dev/nbd0p1 and friends for
+partitions found within), then disconnect the device when done.
+Access to bind qemu-nbd to an /dev/nbd device generally requires root
+privileges, and may also require the execution of @code{modprobe nbd}
+to enable the kernel NBD client module.  @emph{CAUTION}: Do not use
+this method to mount filesystems from an untrusted guest image - a
+malicious guest may have prepared the image to attempt to trigger
+kernel bugs in partition probing or file system mounting.
+
+@example
+qemu-nbd -c /dev/nbd0 -f qcow2 file.qcow2
+qemu-nbd -d /dev/nbd0
+@end example
+
+Query a remote server to see details about what export(s) it is
+serving on port 10809, and authenticating via PSK:
+
+@example
+qemu-nbd \
+  --object tls-creds-psk,id=tls0,dir=/tmp/keys,username=eblake,endpoint=client \
+  --tls-creds tls0 -L -b remote.example.com
+@end example
+
+@c man end
+

 @ignore
 
 @setfilename qemu-nbd
 @ignore
 
 @setfilename qemu-nbd


@@ -60,7 +208,7 @@ warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 @c man end
 
 @c man begin SEEALSO
 @c man end
 
 @c man begin SEEALSO

-qemu-img(1)
+qemu(1), qemu-img(1)

 @c man end
 
 @end ignore
 @c man end
 
 @end ignore