Xilinx actively develops a QEMU tree for both Microblaze, Zynq and Zynq UltraScale+. The Xilinx QEMU git tree follows mainline QEMU development continuously and developers make effort to push all developments upstream. The Xilinx tree is however more complete that the QEMU upstream (https://github.com/qemu/QEMU), and it is recommended that customers use the QEMU tree provided at https://github.com/Xilinx/qemu.

Using QEMU

It is recommended that you use the QEMU commands that are included in PetaLinux (http://www.xilinx.com/tools/petalinux-sdk.htm ) or in Yocto (http://www.wiki.xilinx.com/Yocto) to boot your images, as PetaLinux will simplify the process. Although if you would like to compile QEMU from source and use that you are welcome to.

Note for long term users

Versions of QEMU from Xilinx released after PetaLinux 2015.2 include substantial command line changes from previous versions.

Building QEMU Source Code

Downloading QEMU from Xilinx

The Xilinx Zynq QEMU source code is available on the Xilinx Git server and can be downloaded using the following command.
$ git clone git://github.com/Xilinx/qemu.git
$ cd qemu
The command above will by default clone the master branch of QEMU. This generally is ahead of the version of QEMU released with PetaLinux. This means it has improvements and new features compared to the released version, but is also is less thoroughly tested and could have unknown bugs. If you want to build the source that was used for the released version of QEMU, please checkout the appropriate tag instead of the master branch.
As of QEMU released with 2016.2 all tags created by Xilinx will be signed and verified by a valid PGP signature.

QEMU Dependencies

If the configure or build steps fail it is possible because you are missing some build dependencies. On Ubuntu use this command to install most of the dependencies. If you get stuck at any stage try searching the error printed on the internet.
$ sudo apt install libglib2.0-dev libgcrypt20-dev zlib1g-dev autoconf automake libtool bison flex
QEMU also includes sub modules that will need to be checked out. Use the follow command to checkout the appropriate sub modules.
$ git submodule update --init pixman dtc

Configuring QEMU

QEMU must be configured to build on the Linux host. This can be accomplished using the following command line.
$ ./configure --target-list="aarch64-softmmu,microblazeel-softmmu" --enable-fdt --disable-kvm --disable-xen

Building QEMU

The following command line builds QEMU to run on the host computer.
$ make -j4
If the build is successful, an executable named qemu-system-aarch64 and qemu-system-microblazeel will be created in the aarch64-softmmu and microblazeel-softmmu sub-directory respectively.

Running QEMU

Xilinx QEMU implements a framework for generating custom machine models based on a device tree (dtb).
QEMU expects a device tree blob to be passed to it on the command line using the -dtb option. A device tree file, *.dts, is compiled to a device tree blob, *.dtb, using the device tree compiler as shown at Zynq Linux.
After compiling a device tree into a device tree blob, the file path is specified on the command line of QEMU. QEMU will then create a custom machine model that matches the passed in dtb. Devices not supported by QEMU will have their compatible properties invalidated if booting Linux.
NOTE: It is still up to the user to select the correct machine model for their architecture, see below.

Standard Arguments Required

Below are some of the standard QEMU arguments to boot Xilinx machines. See the QEMU documentation for more information.
Argument
Standard Options
Explanation
-M
microblaze-fdt-plnx
arm-generic-fdt-plnx
Specifies what machine QEMU should use. In this case it's either a MicroBlaze or Zynq generic machine based on the DTB.
-m
<integer>
Specifies the amount of memory. Generally for MicroBlaze use 256
-serial
mon:stdio
Specifies where to connect the serial to. There are more advanced options available, but this connections the QEMU monitor and first serial device to standard IO.
display
none
Tells QEMU not to try and create a display.
-kernel
<boot_image>
Specifies the boot image.
-gdb
tcp:9000
Opens a connection for GDB debugging
-dtb
<dtb>
Specifies a DTB to use to create the machine and pass to the guest
-machine
linux=on
Tells QEMU to boot Linux

Running a Linux Kernel Image In QEMU

Running a Zynq UltraScale+ Guest Image on QEMU

Running a Zynq Guest Image on QEMU

Running a MicroBlaze Guest Image on QEMU

Running QEMU as a CoSimulator

QEMU with SystemC/TLM-2.0 CoSimulation

Running Yocto Images on QEMU

Booting Yocto Images on QEMU

1. Networking
The following command line switch examples which are not specific to Xilinx QEMU can also be added to the QEMU command line for networking.
These options should be added as extra options to the networking command, something like this:
-net nic -net user,...
Command line switch
Purpose
,tftp=/path-to-your-home-directory
sets up a TFTP server to the specified directory
,hostfwd=tcp:127.0.0.1:10021-10.0.2.15:21
redirects port 10021 on the host to port 21 (ftp) in the guest
,hostfwd=tcp:127.0.0.1:10023-10.0.2.15:23
redirects port 10023 on the host to port 23 (telnet) in the guest
,hostfwd=tcp:127.0.0.1:10080-10.0.2.15:80
redirects port 10080 on the host to port 80 (http) in the guest
,hostfwd=tcp:127.0.0.1:10022-10.0.2.15:22
redirects port 10022 on the host to port 22 (ssh) in the guest
2. Using SSH From Host To Guest
To avoid issues with passwords, an SSH configuration file is recommended on the Linux host which removes the host authentication for the local host. Add the following line to the file .ssh/config of the user home area on the Linux host to avoid password issues.
NoHostAuthenticationForLocalhost=yes
Assuming port 10022 was redirected in the QEMU command line, as illustrated above, the following command can be used to SSH to the guest on the Linux host (user = root, password = root).
$ ssh localhost -p 10022 -l root
3. Running With USB Support
Before starting QEMU on the Linux host, information about the USB devices needs to be discovered. The method to discover this can be different across Linux distributions (RedHat vs Ubuntu) and this may be dependent more on the kernel version than the distribution. The following command is used to discover the USB device information for Redhat.
$ cat /proc/bus/usb/devices

This command will show all the USB devices connected to your host. It is be displayed as a paragraph for each device. For example if you are looking for mass storage device, look for a line in a paragraph that starts with (S) and has Product=Mass Storage. In the same paragraph look for the line that starts with the letter (P), you should see Vendor=xxxx ProdID=xxxx.

To enable USB host support with QEMU, add "-usb -usbdevice host:<vendor ID>:<product ID>" to the QEMU command line. The vender ID and product ID in the command line should be replaced by the vendor ID and product ID found discovered for the USB device on the host.

Please notice that QEMU emulates OTG USB Controller when it is configured as a host controller since a typical PC has only A-type USB receptacles.

Change Log

Below is the change log with the released versions of QEMU (tagged on GitHub):
PetaLinux 2016.4:
  • Update to be based on mainline QEMU release 2.6.0
  • Fully support running on Windows hosts
PetaLinux 2016.3:
  • General bug fixes and memory improvements
  • Improve the guests ability to inject hardware errors
  • Add a fault injection mechanism to inject faults into QEMU externally
  • Add the SWDT device
  • Allow all QEMU targets to be built
  • Update the PMU Global register set
  • Fix the GIC memory region mappings
  • Add support for new MicroBlaze instructions
  • Add initial Windows support
PetaLinux 2016.2:
  • Introduce the Xilinx LPD GPV device
  • Update the System Monitor and LPD SLCR register sets
  • Expose more R5 registers to GDB
  • Support self-refresh mode for the DDR Controller
  • Add initial Windows build support
PetaLinux 2016.1:
  • A model for SERDES to support GTs and DDR for the FSBL
  • Add basic support for the SI570 clock
  • Improvements to the RPU power management
  • Add support for the ADC on Zynq-7000
  • ARM GIC improvements
  • Add functionality to the ARM Core Timer
  • ARM SMMU improvements
  • ARM Performance Monitoring Unit improvements
  • XPPPU improvements
  • Add MDIO and Ethernet Phy models
  • Add the Xilinx AXI GPIO device
  • Improve support for R5 memory configuartion options
  • Overall improvements and increased support for all platforms and boards
PetaLinux 2015.4:
  • Add the Xilinx EP108 model
  • Add support for USB-PHY emulation and implement missing USB device registers
  • Added support for SPSR_(ABT|UND|IRQ|FIQ)
  • Support re-enabled for gem priority queues
  • Support DCC for ARMV7 targets
  • Implement uniprocessor with MP config
  • Unhalt of the CPUS base on halt pins
  • Multiple Cadence GEM fixes
  • Multiple Xilinx SSI fixes
  • M25P80 Implement more advanced modes
  • Updates to the MicroBlaze CPU based on QEMU mainline
  • Multiple SD and SDHCI fixes
  • Expose more TTBR registers to GDB
  • Update the QEMU sub modules (Pixman and DTC)
  • Multiple fixes for general ARM support and CPUs
  • General code clean-ups

Known Issues

Below are the known issues with the released versions of QEMU (tagged on GitHub):
PetaLinux 2016.4:
  • There is a size limit on the images you can load using the -device argument. This can be overcom by adding '-m 4GB' as a command line argument when running QEMU.
PetaLinux 2016.3:
  • No known issues
PetaLinux 2016.2:
  • The Xen build included with PetaLinux fails to boot when running on any version of QEMU
PetaLinux 2016.1:
  • No known issues
PetaLinux 2015.4:
  • The Display Port DMA Interrupts aren't correctly triggered [Fixed with commit: 88b331c5f0bcd9ac5a8cfc2f49770601f74c3adb]

Related Links