Reverse Engineeringemulationvirtualizationcpu-emulatorsystem-emulationguest-agent

QEMU

QEMU is a fast processor emulator supporting multiple architectures including ARM, x86-64, RISC-V, and others. It provides full system emulation for testing, debugging, and virtual hosting.

Description

QEMU enables full system emulation across various CPU architectures like Alpha, ARM, MIPS, PowerPC, RISC-V, S390x, SPARC, and x86-64 using dynamic translation for reasonable performance. It emulates complete systems including processors and peripherals, facilitating easier testing and debugging of system code as well as virtual hosting of multiple VMs on a single server.

The tool offers metapackages like qemu-system for all targets and architecture-specific packages such as qemu-system-arm for aarch64 and arm hardware emulation. Additional components include qemu-guest-agent for guest-host communication via virtio-serial, enabling functions like time synchronization, filesystem operations, shutdown, and file access from the host.

qemu-block-extra provides rarely used block backend modules with extra dependencies for advanced storage emulation.

How It Works

QEMU uses dynamic translation to emulate processors and peripherals at reasonable speeds across host CPUs. In system emulation mode, it provides full hardware emulation including CPU topology via -smp, NUMA configuration via -numa, memory management via -m, accelerators like KVM or TCG, block devices via -drive/-blockdev, network backends via -netdev, display options via -display, and character devices via -chardev. Guest agents communicate over virtio-serial channels for host-guest coordination.

Installation

bash

sudo apt install qemu-system

Flags

-machine [type=]nameselects emulated machine ('-machine help' for list)

-cpu cpuselect CPU ('-cpu help' for list)

-smp [[cpus=]n]set the number of initial CPUs to 'n' [default=1]

-m [size=]megsconfigure guest RAM

-drive [file=file]configure a drive with file, format, cache, etc.

-netdev user,id=strconfigure a user mode network backend

-display gtkselect display backend type (default)

-nographicdisable graphical output and redirect serial I/Os to console

Examples

QEMU full system emulation for aarch64/ARM64 with disk image

qemu-system-aarch64 [options] [disk_image]

Display help for QEMU Guest Agent

qemu-ga -h

Run QEMU Guest Agent with virtio-serial transport (default path)

qemu-ga -m virtio-serial -p /dev/virtio-ports/org.qemu.guest_agent.0

List available emulated machine types for aarch64

qemu-system-aarch64 -machine help

List available CPU models for aarch64 emulation

qemu-system-aarch64 -cpu help

Start aarch64 VM with 4 CPUs

qemu-system-aarch64 -smp 4

Configure aarch64 VM with 2GB guest RAM

qemu-system-aarch64 -m 2G

Run aarch64 emulation without graphical output, using console

qemu-system-aarch64 -nographic

Updated 2026-04-16kali.org ↗