QEMU的基本使⽤⽅法(MIPS)
⼀、QEMU的运⾏模式
直接摘抄⾃⼰《揭秘家⽤路由器0day漏洞挖掘技术》,⽹上查了⼀下也没有找到令⼈满意的QEMU的使⽤说明,就采⽤这本书上的介绍。如果后期能够找到⽐较满意的QEMU 的使⽤⽅法的说明,再添加上来。
QEMU模拟器主要有两种⽐较常见的运作模式:Ur Mode(使⽤者模式)、System Mode(系统模式)。Ur Mode模式下,⽤户只需要将各种不同平台的处理编译得到的Linux程序放在QEMU虚拟中运⾏即可,其他的事情全部由QEMU虚拟机来完成,不需要⽤户⾃定义内核和虚拟磁盘等⽂件;System Mode模式下,最明显的特点是⽤户可以为QEMU虚拟机指定运⾏的内核或者虚拟硬盘等⽂件,简单来说系统模式下QEMU虚拟机是可根据⽤户的要求配置的。
⼆、QEMU在使⽤者模式下执⾏程序
当程序是静态编译(gcc编译的时候,加了静态编译选项 "-static" )完成,运⾏时 不需要依赖动态链接库 ,在使⽤QEMU运⾏编译好的Linux程序使⽤下⾯的命令就好:explained
1. # 查看可执⾏程序hello的⽂件类型MIPS32
2. $ file hello
3. hello: ELF 32-bit MSB executable, MIPS, MIPS32 version 1 (SYSV), statically linked, not stripped
4.
5. $ cp $(which qemu-mips) ./
square怎么读
6.
7. # 使⽤qemu-mips加载hello程序
8. $ ./qemu-mips hello "Hello World"
9. Hello World
执⾏结果截图:
当程序是动态编译(gcc编译的时候,没有静态编译选项 "-static" )完成,程序运⾏时 需要依赖动态链接库 ,在使⽤QEMU运⾏编译好的Linux程序使⽤下⾯的命令就好:
1. # 查看即将执⾏的⽂件的类型
2. $ file bin/busybox
3.
英语口语大赛4. # 拷贝qemu-mips到当前⽬录
5. $ cp $(which qemu-mips) ./
6.
7. # 直接运⾏报错
8. $ ./qemu-mips bin/busybox
9.
10. # 更改QEMU-MIPS执⾏的根⽬录到当前⽬录
11. $ sudo chroot . ./qemu-mips ./bin/busybox
执⾏的结果截图:
QEMU使⽤者模式下使⽤的命令⾏帮助,以 qemu-mipl 为例:
1. fly2016@ubuntu:~$ qemu-mipl --help
2. usage: qemu-mipl [options] program []
3. Linux CPU emulator (compiled for mipl emulation)
4.
5. Options and associated environment variables:
6.
7. Argument Env-variable Description
8. -h print this help
9. -help
10. -g port QEMU_GDB wait gdb connection to 'port'
11. -L path QEMU_LD_PREFIX t the elf interpreter prefix to 'path'
12. -s size QEMU_STACK_SIZE t the stack size to 'size' bytes
13. -cpu model QEMU_CPU lect CPU (-cpu help for list)
14. -E var=value QEMU_SET_ENV ts targets environment variable (e below)
15. -U var QEMU_UNSET_ENV unts targets environment variable (e below)
16. -0 argv0 QEMU_ARGV0 forces target process argv[0] to be 'argv0'
17. -r uname QEMU_UNAME t qemu uname relea string to 'uname'
18. -B address QEMU_GUEST_BASE t guest_ba address to 'address'
19. -R size QEMU_RESERVED_VA rerve 'size' bytes for guest virtual address space
20. -d item[,...] QEMU_LOG enable logging of specified items (u '-d help' for a list of items)
21. -D logfile QEMU_LOG_FILENAME write logs to 'logfile' (default stderr)
22. -p pagesize QEMU_PAGESIZE t the host page size to 'pagesize'
23. -singlestep QEMU_SINGLESTEP run in singlestep mode
24. -strace QEMU_STRACE log system calls
25. -ed QEMU_RAND_SEED Seed for pudo-random number generator
26. -trace QEMU_TRACE [[enable=]<pattern>][,events=<file>][,file=<file>]
27. -version QEMU_VERSION display version information and exit
28.
29. Defaults:
当幸福来敲门电影下载30. QEMU_LD_PREFIX = /usr/gnemul/qemu-mipl
31. QEMU_STACK_SIZE = 8388608 byte
32.
33. You can u -E and -U options or the QEMU_SET_ENV and
34. QEMU_UNSET_ENV environment variables to t and unt
35. environment variables for the target process.功夫熊猫英文字幕
36. It is possible to provide veral variables by parating them
37. by commas in getsubopt(3) style. Additionally it is possible to
北京外教口语38. provide the -E and -U options multiple times.
39. The following lines are equivalent:
40. -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG
41. -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG
42. QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG
43. Note that if you provide veral changes to a single variable
44. the last change will stay in effect.
三、QEMU的系统模式使⽤
1. Debian Squeeze and Wheezy mips images for QEMU
2. ==============================================
3.
4. This directory contains Debian Squeeze and Wheezy mips images for QEMU and
5. the corresponding kernels and initrds:
6. 1d58f831f5e5064753c0c138d8d74057 debian_squeeze_mips_standard.qcow2
7. cb56139b63b88fdb38776051d28bb750 vmlinux-2.6.32-5-4kc-malta
8. 7165e80b0e5c5c3e40f2ca46401373ce vmlinux-2.6.32-5-5kc-malta
9. bf699f435160b0bd9ac62905fa64701e debian_wheezy_mips_standard.qcow2
10. 1fecbe19ff49a6fd715901483b23647c vmlinux-3.2.0-4-4kc-malta
11. 19e6e853d4a7a7b9ed5e787b7f875835 vmlinux-3.2.0-4-5kc-malta
12.
13. Both images are 25GiB images in QCOW2 format on which a Debian Squeeze or
14. Wheezy "Standard system" installation has been performed. The other
15. installation options are the following:
16. - Keyboard: US
17. - Locale: en_US
18. - Mirror: ftp.debianinformationization
19. - Hostname: debian-mips
20. - Root password: root
distribution
21. - Ur account: ur
22. - Ur password: ur
23.
24. To u this image, you need to install QEMU 1.1.0 (or later). Start QEMU
25. with the following arguments for a 32-bit machine:
26. - qemu-system-mips -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mips_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
27. - qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
28.
29. Start QEMU with the following arguments for a 64-bit machine:
30. - qemu-system-mips64 -M malta -kernel vmlinux-2.6.32-5-5kc-malta -hda debian_squeeze_mips_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
31. - qemu-system-mips64 -M malta -kernel vmlinux-3.2.0-4-5kc-malta -hda debian_wheezy_mips_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
32.
33. By default QEMU emulates a machine with 128MiB of RAM. You can u the -m option
34. to increa or decrea the size of the RAM. It is however limited to 256MiB
35. with a 32-bit kernel. With a 64-bit kernel and QEMU >= 1.7, it is possible to
36. u up to 2047MiB of RAM, passing the memory map to the kernel, adding a mem=
37. argument to the append parameters as follow: "mem=256m@0x0 mem=XXXm@0x90000000"
38. where XXX reprents the total memory size minus 256MiB. If you don't want to
39. start QEMU in graphic mode, you can u the -nographic option. The image is
40. configured to display a login prompt on the first rial port (ttys0). If you
41. want to switch the boot messages to the rial port, you need to replace
42. "console=tty0" by "console=ttyS0".
这⾥下载内核⽂件 vmlinux-2.6.32-5-4kc-malta,磁盘镜像 debian_squeeze_mips_standard.qcow2 作为mips虚拟机的配置⽂件。
ubuntu下可以使⽤下⾯的命令进⾏mips和mipl虚拟机镜像配置⽂件的下载:
1. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2. # Start QEMU with the following arguments for a 32-bit machine:
3. $ qemu-system-mips -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mips_st
andard.qcow2 -
append "root=/dev/sda1 console=tty0"
4. $ qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1 console=tty0"
5.
大专生可以考研吗6. # for MIPS 32bit >>>:7. # 内核版本为2.6.x
8. $ wget people.debian/~aurel32/qemu/mips/vmlinux-2.6.32-5-4kc-malta
9. $ wget people.debian/~aurel32/qemu/mips/debian_squeeze_mips_standard.qcow2
10.
11. # 内核版本为3.2.x
12. $ wget people.debian/~aurel32/qemu/mips/vmlinux-3.2.0-4-4kc-malta
maz
13. $ wget people.debian/~aurel32/qemu/mips/debian_wheezy_mips_standard.qcow2
14.
15. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
16. # Start QEMU with the following arguments for a 64-bit machine:
17. $ qemu-system-mips64 -M malta -kernel vmlinux-2.6.32-5-5kc-malta -hda debian_squeeze_mips_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
18. $ qemu-system-mips64 -M malta -kernel vmlinux-3.2.0-4-5kc-malta -hda debian_wheezy_mips_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
19.
20. # for MIPS 64bit >>>:21. # 内核版本为2.6.x
22. $ wget people.debian/~aurel32/qemu/mips/vmlinux-2.6.32-5-5kc-malta
23. $ wget people.debian/~aurel32/qemu/mips/debian_squeeze_mips_standard.qcow2
24.
25. # 内核版本为3.2.x
26. $ wget people.debian/~aurel32/qemu/mips/vmlinux-3.2.0-4-5kc-malta
27. $ wget people.debian/~aurel32/qemu/mips/debian_wheezy_mips_standard.qcow2
28.
29.
30. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
31. # Start QEMU with the following arguments for a 32-bit machine:
32. $ qemu-system-mipl -M malta -kernel vmlinux-2.6.32-5-4kc-malta -hda debian_squeeze_mipl_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
33. $ qemu-system-mipl -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mipl_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
34.
35. # for MIPSEL 32bit >>>:36. # 内核版本为2.6.x
37. $ wget people.debian/~aurel32/qemu/mipl/vmlinux-2.6.32-5-4kc-malta
38. $ wget people.debian/~aurel32/qemu/mipl/debian_squeeze_mipl_standard.qcow
2
39.
40. # 内核版本为3.2.x
41. $ wget people.debian/~aurel32/qemu/mipl/vmlinux-3.2.0-4-4kc-malta
42. $ wget people.debian/~aurel32/qemu/mipl/debian_wheezy_mipl_standard.qcow2
43.
44. # +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
45. # Start QEMU with the following arguments for a 64-bit machine:
46. $ qemu-system-mips64el -M malta -kernel vmlinux-2.6.32-5-5kc-malta -hda debian_squeeze_mipl_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
47. $ qemu-system-mips64el -M malta -kernel vmlinux-3.2.0-4-5kc-malta -hda debian_wheezy_mipl_standard.qcow2 -
append "root=/dev/sda1 console=tty0"
48.
49. # for MIPSEL 64bit >>>:50. # 内核版本为2.6.x
51. $ wget people.debian/~aurel32/qemu/mipl/vmlinux-2.6.32-5-5kc-malta
52. $ wget people.debian/~aurel32/qemu/mipl/debian_squeeze_mipl_standard.qcow2
53.
54. # 内核版本为3.2.x
55. $ wget people.debian/~aurel32/qemu/mipl/vmlinux-3.2.0-4-5kc-malta
56. $ wget people.debian/~aurel32/qemu/mipl/debian_wheezy_mipl_standard.qcow2
使⽤ qemu-system-mips 启动内核2.6.x版本MIPS 32bit的QEMU虚拟机镜像,QEMU启动失败,结果如下图:
1. $ sudo qemu-system-mips -M malta -kernel vmlinux-
2.6.32-5-4kc-malta -hda debian_squeeze_mips_standard.qcow2 -
append "root=/dev/sda1 console=tty0" -nographic
以控制台的形式启动QEMU虚拟机成功,结果如图: