QEMU-GA-REF(7) | QEMU | QEMU-GA-REF(7) |
qemu-ga-ref - QEMU Guest Agent Protocol Reference
"unsupported" is a higher-level error than the errors that individual commands might document. The caller should always be prepared to receive QERR_UNSUPPORTED, even if the given command doesn't specify it, or doesn't document any failure mode at all.
Echo back a unique integer value, and prepend to response a leading sentinel byte (0xFF) the client can check scan for.
This is used by clients talking to the guest agent over the wire to ensure the stream is in sync and doesn't contain stale data from previous client. It must be issued upon initial connection, and after any client-side timeouts (including timeouts on receiving a response to this command).
After issuing this request, all guest agent responses should be ignored until the response containing the unique integer value the client passed in is returned. Receival of the 0xFF sentinel byte must be handled as an indication that the client's lexer/tokenizer/parser state should be flushed/reset in preparation for reliably receiving the subsequent response. As an optimization, clients may opt to ignore all data until a sentinel value is receiving to avoid unnecessary processing of stale data.
Similarly, clients should also precede this request with a 0xFF byte to make sure the guest agent flushes any partially read JSON data from a previous client connection.
The unique integer id passed in by the client
1.1
Echo back a unique integer value
This is used by clients talking to the guest agent over the wire to ensure the stream is in sync and doesn't contain stale data from previous client. All guest agent responses should be ignored until the provided unique integer value is returned, and it is up to the client to handle stale whole or partially-delivered JSON text in such a way that this response can be obtained.
In cases where a partial stale response was previously received by the client, this cannot always be done reliably. One particular scenario being if qemu-ga responses are fed character-by-character into a JSON parser. In these situations, using guest-sync-delimited may be optimal.
For clients that fetch responses line by line and convert them to JSON objects, guest-sync should be sufficient, but note that in cases where the channel is dirty some attempts at parsing the response may result in a parser error.
Such clients should also precede this command with a 0xFF byte to make sure the guest agent flushes any partially read JSON data from a previous session.
The unique integer id passed in by the client
0.15.0
Ping the guest agent, a non-error return implies success
0.15.0
Get the information about guest's System Time relative to the Epoch of 1970-01-01 in UTC.
Time in nanoseconds.
1.5
Set guest time.
When a guest is paused or migrated to a file then loaded from that file, the guest OS has no idea that there was a big gap in the time. Depending on how long the gap was, NTP might not be able to resynchronize the guest.
This command tries to set guest's System Time to the given value, then sets the Hardware Clock (RTC) to the current System Time. This will make it easier for a guest to resynchronize without waiting for NTP. If no time is specified, then the time to set is read from RTC. However, this may not be supported on all platforms (i.e. Windows). If that's the case users are advised to always pass a value.
Nothing on success.
1.5
Information about guest agent commands.
1.1.0
Information about guest agent.
0.15.0
Get some information about the guest agent.
GuestAgentInfo
0.15.0
Initiate guest-activated shutdown. Note: this is an asynchronous shutdown request, with no guarantee of successful shutdown.
This command does NOT return a response on success. Success condition is indicated by the VM exiting with a zero exit status or, when running with --no-shutdown, by issuing the query-status QMP command to confirm the VM status is "shutdown".
0.15.0
Open a file in the guest and retrieve a file handle for it
Guest file handle on success.
0.15.0
Close an open file in the guest
Nothing on success.
0.15.0
Result of guest agent file-read operation
0.15.0
Read from an open file in the guest. Data will be base64-encoded. As this command is just for limited, ad-hoc debugging, such as log file access, the number of bytes to read is limited to 48 MB.
GuestFileRead on success.
0.15.0
Result of guest agent file-write operation
0.15.0
Write to an open file in the guest.
GuestFileWrite on success.
0.15.0
Result of guest agent file-seek operation
0.15.0
Symbolic names for use in guest-file-seek
2.6
Controls the meaning of offset to guest-file-seek.
2.6
Seek to a position in the file, as with fseek(), and return the current file position afterward. Also encapsulates ftell()'s functionality, with offset=0 and whence=1.
GuestFileSeek on success.
0.15.0
Write file changes bufferred in userspace to disk/kernel buffers
Nothing on success.
0.15.0
An enumeration of filesystem freeze states
0.15.0
Get guest fsfreeze state. error state indicates
GuestFsfreezeStatus ("thawed", "frozen", etc., as defined below)
This may fail to properly report the current state as a result of some other guest processes having issued an fs freeze/thaw.
0.15.0
Sync and freeze all freezable, local guest filesystems. If this command succeeded, you may call guest-fsfreeze-thaw later to unfreeze.
On Windows, the command is implemented with the help of a Volume Shadow-copy Service DLL helper. The frozen state is limited for up to 10 seconds by VSS.
Number of file systems currently frozen. On error, all filesystems will be thawed. If no filesystems are frozen as a result of this call, then guest-fsfreeze-status will remain "thawed" and calling guest-fsfreeze-thaw is not necessary.
0.15.0
Sync and freeze specified guest filesystems. See also guest-fsfreeze-freeze.
Number of file systems currently frozen. On error, all filesystems will be thawed.
2.2
Unfreeze all frozen guest filesystems
Number of file systems thawed by this call
if return value does not match the previous call to guest-fsfreeze-freeze, this likely means some freezable filesystems were unfrozen before this call, and that the filesystem state may have changed before issuing this command.
0.15.0
2.4
2.4
Discard (or "trim") blocks which are not in use by the filesystem.
A GuestFilesystemTrimResponse which contains the status of all trimmed paths. (since 2.4)
1.2
Suspend guest to disk.
This command attempts to suspend the guest using three strategies, in this order:
This command does NOT return a response on success. There is a high chance the command succeeded if the VM exits with a zero exit status or, when running with --no-shutdown, by issuing the query-status QMP command to to confirm the VM status is "shutdown". However, the VM could also exit (or set its status to "shutdown") due to other reasons.
The following errors may be returned:
It's strongly recommended to issue the guest-sync command before sending commands when the guest resumes
1.1
Suspend guest to ram.
This command attempts to suspend the guest using three strategies, in this order:
IMPORTANT: guest-suspend-ram requires working wakeup support in QEMU. You should check QMP command query-current-machine returns wakeup-suspend-support: true before issuing this command. Failure in doing so can result in a suspended guest that QEMU will not be able to awaken, forcing the user to power cycle the guest to bring it back.
This command does NOT return a response on success. There are two options to check for success:
The following errors may be returned:
It's strongly recommended to issue the guest-sync command before sending commands when the guest resumes
1.1
Save guest state to disk and suspend to ram.
This command attempts to suspend the guest by executing, in this order:
IMPORTANT: guest-suspend-hybrid requires working wakeup support in QEMU. You should check QMP command query-current-machine returns wakeup-suspend-support: true before issuing this command. Failure in doing so can result in a suspended guest that QEMU will not be able to awaken, forcing the user to power cycle the guest to bring it back.
This command does NOT return a response on success. There are two options to check for success:
The following errors may be returned:
It's strongly recommended to issue the guest-sync command before sending commands when the guest resumes
1.1
An enumeration of supported IP address types
1.1
1.1
2.11
1.1
Get list of guest IP addresses, MAC addresses and netmasks.
List of GuestNetworkInfo on success.
1.1
1.5
Retrieve the list of the guest's logical processors.
This is a read-only operation.
The list of all VCPUs the guest knows about. Each VCPU is put on the list exactly once, but their order is unspecified.
1.5
Attempt to reconfigure (currently: enable/disable) logical processors inside the guest.
The input list is processed node by node in order. In each node logical-id is used to look up the guest VCPU, for which online specifies the requested state. The set of distinct logical-id's is only required to be a subset of the guest-supported identifiers. There's no restriction on list length or on repeating the same logical-id (with possibly different online field). Preferably the input list should describe a modified subset of guest-get-vcpus' return value.
The length of the initial sublist that has been successfully processed. The guest agent maximizes this value. Possible cases:
1.5
An enumeration of bus type of disks
2.2; 'Unknown' and all entries below since 2.4
2.2
2.2
Since 5.2
The list of disks in the guest. For Windows these are only the physical disks. On Linux these are all root block devices of non-zero size including e.g. removable devices, loop devices, NBD, etc.
5.2
2.2
The list of filesystems information mounted in the guest. The returned mountpoints may be specified to guest-fsfreeze-freeze-list. Network filesystems (such as CIFS and NFS) are not listed.
2.2
If the crypted flag is true, it is the caller's responsibility to ensure the correct crypt() encryption scheme is used. This command does not attempt to interpret or report on the encryption scheme. Refer to the documentation of the guest operating system in question to determine what is supported.
Not all guest operating systems will support use of the crypted flag, as they may require the clear-text password
The password parameter must always be base64 encoded before transmission, even if already crypt()d, to ensure it is 8-bit safe when passed as JSON.
Nothing on success.
2.3
2.3
Retrieve the list of the guest's memory blocks.
This is a read-only operation.
The list of all memory blocks the guest knows about. Each memory block is put on the list exactly once, but their order is unspecified.
2.3
An enumeration of memory block operation result.
2.3
2.3
Attempt to reconfigure (currently: enable/disable) state of memory blocks inside the guest.
The input list is processed node by node in order. In each node phys-index is used to look up the guest MEMORY BLOCK, for which online specifies the requested state. The set of distinct phys-index's is only required to be a subset of the guest-supported identifiers. There's no restriction on list length or on repeating the same phys-index (with possibly different online field). Preferably the input list should describe a modified subset of guest-get-memory-blocks' return value.
The operation results, it is a list of GuestMemoryBlockResponse, which is corresponding to the input list.
Note: it will return NULL if the mem-blks list was empty on input, or there is an error, and in this case, guest state will not be changed.
2.3
2.3
Get information relating to guest memory blocks.
GuestMemoryBlockInfo
2.3
2.5
Check status of process associated with PID retrieved via guest-exec. Reap the process and associated metadata if it has exited.
GuestExecStatus on success.
2.5
2.5
Execute a command in the guest
PID on success.
2.5
2.10
Return a name for the machine.
The returned name is not necessarily a fully-qualified domain name, or even present in DNS or some other name service at all. It need not even be unique on your local network or site, but usually it is.
the host name of the machine on success
2.10
2.10
Retrieves a list of currently active users on the VM.
A unique list of users.
2.10
2.10
Retrieves the timezone information from the guest.
A GuestTimezone dictionary.
2.10
On POSIX systems the fields id, name, pretty-name, version, version-id, variant and variant-id follow the definition specified in os-release(5). Refer to the manual page for exact description of the fields. Their values are taken from the os-release file. If the file is not present in the system, or the values are not present in the file, the fields are not included.
On Windows the values are filled from information gathered from the system.
2.10
Retrieve guest operating system information
GuestOSInfo
2.10
5.2
Id of the device - pci: PCI ID, since: 5.2
5.2
5.2
Retrieve information about device drivers in Windows guest
GuestDeviceInfo
5.2
5.2
defined(CONFIG_POSIX).SS guest-ssh-get-authorized-keys (Command)
Return the public keys from user .ssh/authorized_keys on Unix systems (not implemented for other systems).
GuestAuthorizedKeys
5.2
defined(CONFIG_POSIX).SS guest-ssh-add-authorized-keys (Command)
Append public keys to user .ssh/authorized_keys on Unix systems (not implemented for other systems).
Nothing on success.
5.2
defined(CONFIG_POSIX).SS guest-ssh-remove-authorized-keys (Command)
Remove public keys from the user .ssh/authorized_keys on Unix systems (not implemented for other systems). It's not an error if the key is already missing.
Nothing on success.
5.2
defined(CONFIG_POSIX).SH COPYRIGHT 2023, The QEMU Project Developers
September 4, 2023 | 5.2.0 |