I see an error in boot where short form boolean passwords is disabled you should use password=on instead.
I am assuming this has something to do with cloudmin or scripting for it needing an upgrade maybe to remove this.
Not sure but this article in Qemu may be of relation to it? Discussing Depreciated Features.
Deprecated features
In general features are intended to be supported indefinitely once introduced into QEMU. In the event that a feature needs to be removed, it will be listed in this section. The feature will remain functional for the release in which it was deprecated and one further release. After these two releases, the feature is liable to be removed. Deprecated features may also generate warnings on the console when QEMU starts up, or if activated via a monitor command, however, this is not a mandatory requirement.
Prior to the 2.10.0 release there was no official policy on how long features would be deprecated prior to their removal, nor any documented list of which features were deprecated. Thus any features deprecated prior to 2.10.0 will be treated as if they were first deprecated in the 2.10.0 release.
What follows is a list of all features currently marked as deprecated.
System emulator command line arguments
Short-form boolean options (since 6.0)
Boolean options such as share=on/share=off could be written in short form as share and noshare. This is now deprecated and will cause a warning.
delay option for socket character devices (since 6.0)
The replacement for the nodelay short-form boolean option is nodelay=on rather than delay=off.
-smp (“parameter=0” SMP configurations) (since 6.2)
Specified CPU topology parameters must be greater than zero.
In the SMP configuration, users should either provide a CPU topology parameter with a reasonable value (greater than zero) or just omit it and QEMU will compute the missing value.
However, historically it was implicitly allowed for users to provide a parameter with zero value, which is meaningless and could also possibly cause unexpected results in the -smp parsing. So support for this kind of configurations (e.g. -smp 8,sockets=0) is deprecated since 6.2 and will be removed in the near future, users have to ensure that all the topology members described with -smp are greater than zero.
Plugin argument passing through arg=<string> (since 6.1)
Passing TCG plugins arguments through arg= is redundant is makes the command-line less readable, especially when the argument itself consist of a name and a value, e.g. -plugin plugin_name,arg="arg_name=arg_value". Therefore, the usage of arg is redundant. Single-word arguments are treated as short-form boolean values, and passed to plugins as arg_name=on. However, short-form booleans are deprecated and full explicit arg_name=on form is preferred.
-no-hpet (since 8.0)
The HPET setting has been turned into a machine property. Use -machine hpet=off instead.
-no-acpi (since 8.0)
The -no-acpi setting has been turned into a machine property. Use -machine acpi=off instead.
-async-teardown (since 8.1)
Use -run-with async-teardown=on instead.
-chroot (since 8.1)
Use -run-with chroot=dir instead.
-singlestep (since 8.1)
The -singlestep option has been turned into an accelerator property, and given a name that better reflects what it actually does. Use -accel tcg,one-insn-per-tb=on instead.
User-mode emulator command line arguments
-singlestep (since 8.1)
The -singlestep option has been given a name that better reflects what it actually does. For both linux-user and bsd-user, use the new -one-insn-per-tb option instead.
QEMU Machine Protocol (QMP) commands
blockdev-open-tray, blockdev-close-tray argument device (since 2.8)
Use argument id instead.
eject argument device (since 2.8)
Use argument id instead.
blockdev-change-medium argument device (since 2.8)
Use argument id instead.
block_set_io_throttle argument device (since 2.8)
Use argument id instead.
blockdev-add empty string argument backing (since 2.10)
Use argument value null instead.
block-commit arguments base and top (since 3.1)
Use arguments base-node and top-node instead.
nbd-server-add and nbd-server-remove (since 5.2)
Use the more generic commands block-export-add and block-export-del instead. As part of this deprecation, where nbd-server-add used a single bitmap, the new block-export-add uses a list of bitmaps.
query-qmp-schema return value member values (since 6.2)
Member values in return value elements with meta-type enum is deprecated. Use members instead.
drive-backup (since 6.2)
Use blockdev-backup in combination with blockdev-add instead. This change primarily separates the creation/opening process of the backup target with explicit, separate steps. blockdev-backup uses mostly the same arguments as drive-backup, except the format and mode options are removed in favor of using explicit blockdev-create and blockdev-add calls. See Live Block Device Operations for details.
Incorrectly typed device_add arguments (since 6.2)
Due to shortcomings in the internal implementation of device_add, QEMU incorrectly accepts certain invalid arguments: Any object or list arguments are silently ignored. Other argument types are not checked, but an implicit conversion happens, so that e.g. string values can be assigned to integer device properties or vice versa.
This is a bug in QEMU that will be fixed in the future so that previously accepted incorrect commands will return an error. Users should make sure that all arguments passed to device_add are consistent with the documented property types.
StatusInfo member singlestep (since 8.1)
The singlestep member of the StatusInfo returned from the query-status command is deprecated. This member has a confusing name and it never did what the documentation claimed or what its name suggests. We do not believe that anybody is actually using the information provided in this member.
The information it reports is whether the TCG JIT is in “one instruction per translated block” mode (which can be set on the command line or via the HMP, but not via QMP). The information remains available via the HMP ‘info jit’ command.
QEMU Machine Protocol (QMP) events
MEM_UNPLUG_ERROR (since 6.2)
Use the more generic event DEVICE_UNPLUG_GUEST_ERROR instead.
vcpu trace events (since 8.1)
The ability to instrument QEMU helper functions with vCPU-aware trace points was removed in 7.0. However QMP still exposed the vcpu parameter. This argument has now been deprecated and the remaining remaining trace points that used it are selected just by name.
Human Monitor Protocol (HMP) commands
singlestep (since 8.1)
The singlestep command has been replaced by the one-insn-per-tb command, which has the same behaviour but a less misleading name.
Host Architectures
BE MIPS (since 7.2)
As Debian 10 (“Buster”) moved into LTS the big endian 32 bit version of MIPS moved out of support making it hard to maintain our cross-compilation CI tests of the architecture. As we no longer have CI coverage support may bitrot away before the deprecation process completes. The little endian variants of MIPS (both 32 and 64 bit) are still a supported host architecture.
System emulation on 32-bit x86 hosts (since 8.0)
Support for 32-bit x86 host deployments is increasingly uncommon in mainstream OS distributions given the widespread availability of 64-bit x86 hardware. The QEMU project no longer considers 32-bit x86 support for system emulation to be an effective use of its limited resources, and thus intends to discontinue it. Since all recent x86 hardware from the past >10 years is capable of the 64-bit x86 extensions, a corresponding 64-bit OS should be used instead.
System emulator CPUs
Nios II CPU (since 8.2)
The Nios II architecture is orphan. The nios2 guest CPU support is deprecated and will be removed in a future version of QEMU.
System emulator machines
Arm virt machine dtb-kaslr-seed property (since 7.1)
The dtb-kaslr-seed property on the virt board has been deprecated; use the new name dtb-randomness instead. The new name better reflects the way this property affects all random data within the device tree blob, not just the kaslr-seed node.
pc-i440fx-2.0 up to pc-i440fx-2.3 (since 8.2)
These old machine types are quite neglected nowadays and thus might have various pitfalls with regards to live migration. Use a newer machine type instead.
Nios II 10m50-ghrd and nios2-generic-nommu machines (since 8.2)
The Nios II architecture is orphan.
Backend options
Using non-persistent backing file with pmem=on (since 6.1)
This option is used when memory-backend-file is consumed by emulated NVDIMM device. However enabling memory-backend-file.pmem option, when backing file is (a) not DAX capable or (b) not on a filesystem that support direct mapping of persistent memory, is not safe and may lead to data loss or corruption in case of host crash. Options are:
- modify VM configuration to set
pmem=offto continue using fake NVDIMM (without persistence guaranties) with backing file on non DAX storage- move backing file to NVDIMM storage and keep
pmem=on(to have NVDIMM with persistence guaranties).
Device options
Emulated device options
-device virtio-blk,scsi=on|off (since 5.0)
The virtio-blk SCSI passthrough feature is a legacy VIRTIO feature. VIRTIO 1.0 and later do not support it because the virtio-scsi device was introduced for full SCSI support. Use virtio-scsi instead when SCSI passthrough is required.
Note this also applies to -device virtio-blk-pci,scsi=on|off, which is an alias.
-device nvme-ns,eui64-default=on|off (since 7.1)
In QEMU versions 6.1, 6.2 and 7.0, the nvme-ns generates an EUI-64 identifier that is not globally unique. If an EUI-64 identifier is required, the user must set it explicitly using the nvme-ns device parameter eui64.
-device nvme,use-intel-id=on|off (since 7.1)
The nvme device originally used a PCI Vendor/Device Identifier combination from Intel that was not properly allocated. Since version 5.2, the controller has used a properly allocated identifier. Deprecate the use-intel-id machine compatibility parameter.
-device cxl-type3,memdev=xxxx (since 8.0)
The cxl-type3 device initially only used a single memory backend. With the addition of volatile memory support, it is now necessary to distinguish between persistent and volatile memory backends. As such, memdev is deprecated in favor of persistent-memdev.
-fsdev proxy and -virtfs proxy (since 8.1)
The 9p proxy filesystem backend driver has been deprecated and will be removed (along with its proxy helper daemon) in a future version of QEMU. Please use -fsdev local or -virtfs local for using the 9p local filesystem backend, or alternatively consider deploying virtiofsd instead.
The 9p proxy backend was originally developed as an alternative to the 9p local backend. The idea was to enhance security by dispatching actual low level filesystem operations from 9p server (QEMU process) over to a separate process (the virtfs-proxy-helper binary). However this alternative never gained momentum. The proxy backend is much slower than the local backend, hasn’t seen any development in years, and showed to be less secure, especially due to the fact that its helper daemon must be run as root, whereas with the local backend QEMU is typically run as unprivileged user and allows to tighten behaviour by mapping permissions et al by using its ‘mapped’ security model option.
Nowadays it would make sense to reimplement the proxy backend by using QEMU’s vhost feature, which would eliminate the high latency costs under which the 9p proxy backend currently suffers. However as of to date nobody has indicated plans for such kind of reimplementation unfortunately.
RISC-V ‘any’ CPU type -cpu any (since 8.2)
The ‘any’ CPU type was introduced back in 2018 and has been around since the initial RISC-V QEMU port. Its usage has always been unclear: users don’t know what to expect from a CPU called ‘any’, and in fact the CPU does not do anything special that isn’t already done by the default CPUs rv32/rv64.
After the introduction of the ‘max’ CPU type, RISC-V now has a good coverage of generic CPUs: rv32 and rv64 as default CPUs and ‘max’ as a feature complete CPU for both 32 and 64 bit builds. Users are then discouraged to use the ‘any’ CPU type starting in 8.2.
RISC-V CPU properties which start with capital ‘Z’ (since 8.2)
All RISC-V CPU properties which start with capital ‘Z’ are being deprecated starting in 8.2. The reason is that they were wrongly added with capital ‘Z’ in the past. CPU properties were later added with lower-case names, which is the format we want to use from now on.
Users which try to use these deprecated properties will receive a warning recommending to switch to their stable counterparts:
- “Zifencei” should be replaced with “zifencei”
- “Zicsr” should be replaced with “zicsr”
- “Zihintntl” should be replaced with “zihintntl”
- “Zihintpause” should be replaced with “zihintpause”
- “Zawrs” should be replaced with “zawrs”
- “Zfa” should be replaced with “zfa”
- “Zfh” should be replaced with “zfh”
- “Zfhmin” should be replaced with “zfhmin”
- “Zve32f” should be replaced with “zve32f”
- “Zve64f” should be replaced with “zve64f”
- “Zve64d” should be replaced with “zve64d”
-device pvrdma and the rdma subsystem (since 8.2)
The pvrdma device and the whole rdma subsystem are in a bad shape and without active maintenance. The QEMU project intends to remove this device and subsystem from the code base in a future release without replacement unless somebody steps up and improves the situation.
Block device options
"backing": "" (since 2.12)
In order to prevent QEMU from automatically opening an image’s backing chain, use "backing": null instead.
rbd keyvalue pair encoded filenames: "" (since 3.1)
Options for rbd should be specified according to its runtime options, like other block drivers. Legacy parsing of keyvalue pair encoded filenames is useful to open images with the old format for backing files; These image files should be updated to use the current format.
Example of legacy encoding:
json:{“file.driver”:“rbd”, “file.filename”:“rbd:rbd/name”}
The above, converted to the current supported format:
json:{“file.driver”:“rbd”, “file.pool”:“rbd”, “file.image”:“name”}
iscsi,password=xxx (since 8.0)
Specifying the iSCSI password in plain text on the command line using the password option is insecure. The password-secret option should be used instead, to refer to a --object secret... instance that provides a password via a file, or encrypted.
CPU device properties
pmu-num=n on RISC-V CPUs (since 8.2)
In order to support more flexible counter configurations this has been replaced by a pmu-mask property. If set of counters is continuous then the mask can be calculated with ((2 ^ n) - 1) << 3. The least significant three bits must be left clear.
Backwards compatibility
Runnability guarantee of CPU models (since 4.1)
Previous versions of QEMU never changed existing CPU models in ways that introduced additional host software or hardware requirements to the VM. This allowed management software to safely change the machine type of an existing VM without introducing new requirements (“runnability guarantee”). This prevented CPU models from being updated to include CPU vulnerability mitigations, leaving guests vulnerable in the default configuration.
The CPU model runnability guarantee won’t apply anymore to existing CPU models. Management software that needs runnability guarantees must resolve the CPU model aliases using the alias-of field returned by the query-cpu-definitions QMP command.
While those guarantees are kept, the return value of query-cpu-definitions will have existing CPU model aliases point to a version that doesn’t break runnability guarantees (specifically, version 1 of those CPU models). In future QEMU versions, aliases will point to newer CPU model versions depending on the machine type, so management software must resolve CPU model aliases before starting a virtual machine.
QEMU guest agent
--blacklist command line option (since 7.2)
--blacklist has been replaced by --block-rpcs (which is a better wording for what this option does). The short form -b still stays the same and thus is the preferred way for scripts that should run with both, older and future versions of QEMU.
blacklist config file option (since 7.2)
The blacklist config file option has been renamed to block-rpcs (to be in sync with the renaming of the corresponding command line option).
Migration
skipped MigrationStats field (since 8.1)
skipped field in Migration stats has been deprecated. It hasn’t been used for more than 10 years.
inc migrate command option (since 8.2)
Use blockdev-mirror with NBD instead.
As an intermediate step the inc functionality can be achieved by setting the block-incremental migration parameter to true. But this parameter is also deprecated.
blk migrate command option (since 8.2)
Use blockdev-mirror with NBD instead.
As an intermediate step the blk functionality can be achieved by setting the block migration capability to true. But this capability is also deprecated.
block migration (since 8.2)
Block migration is too inflexible. It needs to migrate all block devices or none.
Please see “QMP invocation for live storage migration with blockdev-mirror + NBD” in docs/interop/live-block-operations.rst for a detailed explanation.
old compression method (since 8.2)
Compression method fails too much. Too many races. We are going to remove it if nobody fixes it. For starters, migration-test compression tests are disabled because they fail randomly. If you need compression, use multifd compression methods.