QEMU: disable unneeded options

[simondeziel]

The list of options was obtained by running the following in a git clone of QEMU's source:

$ . scripts/meson-buildoptions.sh
$ meson_options_help
  --audio-drv-list=CHOICES Set audio driver list [default] (choices: alsa/co
                           reaudio/default/dsound/jack/oss/pa/pipewire/sdl/s
                           ndio)
  --bindir=VALUE           Executable directory [bin]
  --block-drv-ro-whitelist=VALUE
                           set block driver read-only whitelist (by default
                           affects only QEMU, not tools like qemu-img)
  --block-drv-rw-whitelist=VALUE
                           set block driver read-write whitelist (by default
                           affects only QEMU, not tools like qemu-img)
  --datadir=VALUE          Data file directory [share]
  --disable-coroutine-pool coroutine freelist (better performance)
  --disable-debug-info     Enable debug symbols and other information
  --disable-hexagon-idef-parser
                           use idef-parser to automatically generate TCG
                           code for the Hexagon frontend
  --disable-install-blobs  install provided firmware blobs
  --disable-qom-cast-debug cast debugging support
  --disable-relocatable    toggle relocatable install
  --docdir=VALUE           Base directory for documentation installation
                           (can be empty) [share/doc]
  --enable-block-drv-whitelist-in-tools
                           use block whitelist also in tools instead of only
                           QEMU
  --enable-cfi             Control-Flow Integrity (CFI)
  --enable-cfi-debug       Verbose errors in case of CFI violation
  --enable-debug-graph-lock
                           graph lock debugging support
  --enable-debug-mutex     mutex debugging support
  --enable-debug-stack-usage
                           measure coroutine stack usage
  --enable-debug-tcg       TCG debugging
  --enable-fdt[=CHOICE]    Whether and how to find the libfdt library
                           (choices: auto/disabled/enabled/internal/system)
  --enable-fuzzing         build fuzzing targets
  --enable-gcov            Enable coverage tracking.
  --enable-lto             Use link time optimization
  --enable-malloc=CHOICE   choose memory allocator to use [system] (choices:
                           jemalloc/system/tcmalloc)
  --enable-module-upgrades try to load modules from alternate paths for
                           upgrades
  --enable-rng-none        dummy RNG, avoid using /dev/(u)random and
                           getrandom()
  --enable-safe-stack      SafeStack Stack Smash Protection (requires
                           clang/llvm and coroutine backend ucontext)
  --enable-sanitizers      enable default sanitizers
  --enable-strip           Strip targets on install
  --enable-tcg-interpreter TCG with bytecode interpreter (slow)
  --enable-trace-backends=CHOICES
                           Set available tracing backends [log] (choices:
                           dtrace/ftrace/log/nop/simple/syslog/ust)
  --enable-tsan            enable thread sanitizer
  --firmwarepath=VALUES    search PATH for firmware files [share/qemu-
                           firmware]
  --iasl=VALUE             Path to ACPI disassembler
  --includedir=VALUE       Header file directory [include]
  --interp-prefix=VALUE    where to find shared libraries etc., use %M for
                           cpu name [/usr/gnemul/qemu-%M]
  --libdir=VALUE           Library directory [system default]
  --libexecdir=VALUE       Library executable directory [libexec]
  --localedir=VALUE        Locale data directory [share/locale]
  --localstatedir=VALUE    Localstate data directory [/var/local]
  --mandir=VALUE           Manual page directory [share/man]
  --prefix=VALUE           Installation prefix [/usr/local]
  --qemu-ga-distro=VALUE   second path element in qemu-ga registry entries
                           [Linux]
  --qemu-ga-manufacturer=VALUE
                           "manufacturer" name for qemu-ga registry entries
                           [QEMU]
  --qemu-ga-version=VALUE  version number for qemu-ga installer
  --smbd=VALUE             Path to smbd for slirp networking
  --sysconfdir=VALUE       Sysconf data directory [etc]
  --tls-priority=VALUE     Default TLS protocol/cipher priority string
                           [NORMAL]
  --with-coroutine=CHOICE  coroutine backend to use (choices:
                           auto/sigaltstack/ucontext/windows)
  --with-pkgversion=VALUE  use specified string as sub-version of the
                           package
  --with-suffix=VALUE      Suffix for QEMU data/modules/config directories
                           (can be empty) [qemu]
  --with-trace-file=VALUE  Trace file prefix for simple backend [trace]

Optional features, enabled with --enable-FEATURE and
disabled with --disable-FEATURE, default is enabled if available
(unless built with --without-default-features):

  af-xdp          AF_XDP network backend support
  alsa            ALSA sound support
  attr            attr/xattr support
  auth-pam        PAM access control
  avx2            AVX2 optimizations
  avx512bw        AVX512BW optimizations
  avx512f         AVX512F optimizations
  blkio           libblkio block device driver
  bochs           bochs image format support
  bpf             eBPF support
  brlapi          brlapi character device driver
  bzip2           bzip2 support for DMG images
  canokey         CanoKey support
  cap-ng          cap_ng support
  capstone        Whether and how to find the capstone library
  cloop           cloop image format support
  cocoa           Cocoa user interface (macOS only)
  colo-proxy      colo-proxy support
  coreaudio       CoreAudio sound support
  crypto-afalg    Linux AF_ALG crypto backend driver
  curl            CURL block device driver
  curses          curses UI
  dbus-display    -display dbus support
  dmg             dmg image format support
  docs            Documentations build support
  dsound          DirectSound sound support
  fuse            FUSE block device export
  fuse-lseek      SEEK_HOLE/SEEK_DATA support for FUSE exports
  gcrypt          libgcrypt cryptography support
  gettext         Localization of the GTK+ user interface
  gio             use libgio for D-Bus support
  glusterfs       Glusterfs block device driver
  gnutls          GNUTLS cryptography support
  gtk             GTK+ user interface
  gtk-clipboard   clipboard support for the gtk UI (EXPERIMENTAL, MAY HANG)
  guest-agent     Build QEMU Guest Agent
  guest-agent-msi Build MSI package for the QEMU Guest Agent
  hv-balloon      hv-balloon driver (requires Glib 2.68+ GTree API)
  hvf             HVF acceleration support
  iconv           Font glyph conversion support
  jack            JACK sound support
  keyring         Linux keyring support
  kvm             KVM acceleration support
  l2tpv3          l2tpv3 network backend support
  libdaxctl       libdaxctl support
  libdw           debuginfo support
  libiscsi        libiscsi userspace initiator
  libkeyutils     Linux keyutils support
  libnfs          libnfs block device driver
  libpmem         libpmem support
  libssh          ssh block device support
  libudev         Use libudev to enumerate host devices
  libusb          libusb support for USB passthrough
  libvduse        build VDUSE Library
  linux-aio       Linux AIO support
  linux-io-uring  Linux io_uring support
  live-block-migration
                  block migration in the main migration stream
  lzfse           lzfse support for DMG images
  lzo             lzo compression support
  malloc-trim     enable libc malloc_trim() for memory optimization
  membarrier      membarrier system call (for Linux 4.14+ or Windows
  modules         modules support (non Windows)
  mpath           Multipath persistent reservation passthrough
  multiprocess    Out of process device emulation support
  netmap          netmap network backend support
  nettle          nettle cryptography support
  numa            libnuma support
  nvmm            NVMM acceleration support
  opengl          OpenGL support
  oss             OSS sound support
  pa              PulseAudio sound support
  parallels       parallels image format support
  pipewire        PipeWire sound support
  pixman          pixman support
  plugins         TCG plugins via shared library loading
  png             PNG support with libpng
  pvrdma          Enable PVRDMA support
  qcow1           qcow1 image format support
  qed             qed image format support
  qga-vss         build QGA VSS support (broken with MinGW)
  rbd             Ceph block device driver
  rdma            Enable RDMA-based migration
  replication     replication support
  rutabaga-gfx    rutabaga_gfx support
  sdl             SDL user interface
  sdl-image       SDL Image support for icons
  seccomp         seccomp support
  selinux         SELinux support in qemu-nbd
  slirp           libslirp user mode network backend support
  slirp-smbd      use smbd (at path --smbd=*) in slirp networking
  smartcard       CA smartcard emulation support
  snappy          snappy compression support
  sndio           sndio sound support
  sparse          sparse checker
  spice           Spice server support
  spice-protocol  Spice protocol support
  stack-protector compiler-provided stack protection
  tcg             TCG support
  tools           build support utilities that come with QEMU
  tpm             TPM support
  u2f             U2F emulation support
  usb-redir       libusbredir support
  vde             vde network backend support
  vdi             vdi image format support
  vduse-blk-export
                  VDUSE block export support
  vfio-user-server
                  vfio-user server support
  vhdx            vhdx image format support
  vhost-crypto    vhost-user crypto backend support
  vhost-kernel    vhost kernel backend support
  vhost-net       vhost-net kernel acceleration support
  vhost-user      vhost-user backend support
  vhost-user-blk-server
                  build vhost-user-blk server
  vhost-vdpa      vhost-vdpa kernel backend support
  virglrenderer   virgl rendering support
  virtfs          virtio-9p support
  virtfs-proxy-helper
                  virtio-9p proxy helper support
  vmdk            vmdk image format support
  vmnet           vmnet.framework network backend support
  vnc             VNC server
  vnc-jpeg        JPEG lossy compression for VNC server
  vnc-sasl        SASL authentication for VNC server
  vpc             vpc image format support
  vte             vte support for the gtk UI
  vvfat           vvfat image format support
  werror          Treat warnings as errors
  whpx            WHPX acceleration support
  xen             Xen backend support
  xen-pci-passthrough
                  Xen PCI passthrough support
  xkbcommon       xkbcommon support
  zstd            zstd compression support

Note: --disable-tcg is still not possible as the qemu-ovmf-secureboot part still depends on it as before (#454 (comment)).

[simondeziel]

The size of the actual compiled binaries didn't change much:

$ ll /snap/lxd/*[0-9]/bin/qemu-*
-rwxr-xr-x 1 root root  2012088 Sep 12 06:38 /snap/lxd/30234/bin/qemu-img*
-rwxr-xr-x 1 root root 24564696 Sep 12 06:38 /snap/lxd/30234/bin/qemu-system-x86_64*
-rwxr-xr-x 1 root root  1965240 Sep 12 13:59 /snap/lxd/x1/bin/qemu-img*
-rwxr-xr-x 1 root root 24471608 Sep 12 13:59 /snap/lxd/x1/bin/qemu-system-x86_64*

But the reduction of dependencies is rather pleasant to look at:

$ ldd /snap/lxd/*[0-9]/bin/qemu-img
/snap/lxd/30234/bin/qemu-img:
/snap/lxd/30234/bin/qemu-img: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.38' not found (required by /snap/lxd/30234/bin/qemu-img)
	linux-vdso.so.1 (0x00007ffd551de000)
	libnuma.so.1 => not found
	liburing.so.2 => not found
	libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007c1c955fd000)
	libgnutls.so.30 => /lib/x86_64-linux-gnu/libgnutls.so.30 (0x00007c1c95412000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007c1c9532b000)
	libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x00007c1c95317000)
	libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x00007c1c95248000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007c1c9522c000)
	libaio.so.1t64 => not found
	librbd.so.1 => not found
	librados.so.2 => not found
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007c1c95000000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007c1c94f8a000)
	libp11-kit.so.0 => /lib/x86_64-linux-gnu/libp11-kit.so.0 (0x00007c1c94e4f000)
	libidn2.so.0 => /lib/x86_64-linux-gnu/libidn2.so.0 (0x00007c1c94e2e000)
	libunistring.so.2 => /lib/x86_64-linux-gnu/libunistring.so.2 (0x00007c1c94c84000)
	libtasn1.so.6 => /lib/x86_64-linux-gnu/libtasn1.so.6 (0x00007c1c94c6c000)
	libnettle.so.8 => /lib/x86_64-linux-gnu/libnettle.so.8 (0x00007c1c94c24000)
	libhogweed.so.6 => /lib/x86_64-linux-gnu/libhogweed.so.6 (0x00007c1c94bdc000)
	libgmp.so.10 => /lib/x86_64-linux-gnu/libgmp.so.10 (0x00007c1c94b5a000)
	/lib64/ld-linux-x86-64.so.2 (0x00007c1c95933000)
	libaudit.so.1 => /lib/x86_64-linux-gnu/libaudit.so.1 (0x00007c1c94b2c000)
	libffi.so.8 => /lib/x86_64-linux-gnu/libffi.so.8 (0x00007c1c94b1f000)
	libcap-ng.so.0 => /lib/x86_64-linux-gnu/libcap-ng.so.0 (0x00007c1c94b15000)
/snap/lxd/x1/bin/qemu-img:
/snap/lxd/x1/bin/qemu-img: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.38' not found (required by /snap/lxd/x1/bin/qemu-img)
	linux-vdso.so.1 (0x00007ffcdcd9b000)
	libnuma.so.1 => not found
	liburing.so.2 => not found
	libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x0000725f8bbc8000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x0000725f8bae1000)
	libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x0000725f8ba12000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x0000725f8b9f4000)
	libaio.so.1t64 => not found
	librbd.so.1 => not found
	librados.so.2 => not found
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x0000725f8b600000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x0000725f8b97e000)
	/lib64/ld-linux-x86-64.so.2 (0x0000725f8bef3000)

$ ldd /snap/lxd/*[0-9]/bin/qemu-system-x86_64
/snap/lxd/30234/bin/qemu-system-x86_64:
/snap/lxd/30234/bin/qemu-system-x86_64: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.38' not found (required by /snap/lxd/30234/bin/qemu-system-x86_64)
	linux-vdso.so.1 (0x00007ffda23b9000)
	libpixman-1.so.0 => /lib/x86_64-linux-gnu/libpixman-1.so.0 (0x00007bcc49336000)
	libspice-server.so.1 => not found
	libgnutls.so.30 => /lib/x86_64-linux-gnu/libgnutls.so.30 (0x00007bcc4914b000)
	libfdt.so.1 => not found
	libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007bcc49121000)
	libusb-1.0.so.0 => /lib/x86_64-linux-gnu/libusb-1.0.so.0 (0x00007bcc49101000)
	libseccomp.so.2 => /lib/x86_64-linux-gnu/libseccomp.so.2 (0x00007bcc490e1000)
	libnuma.so.1 => not found
	libgio-2.0.so.0 => /lib/x86_64-linux-gnu/libgio-2.0.so.0 (0x00007bcc48f07000)
	libgobject-2.0.so.0 => /lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x00007bcc48ea7000)
	libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007bcc48d6d000)
	libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x00007bcc48c9c000)
	libusbredirparser.so.1 => /lib/x86_64-linux-gnu/libusbredirparser.so.1 (0x00007bcc48c91000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007bcc48c75000)
	liburing.so.2 => not found
	libgmodule-2.0.so.0 => /lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x00007bcc48c6e000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007bcc48b87000)
	libpam.so.0 => /lib/x86_64-linux-gnu/libpam.so.0 (0x00007bcc48b73000)
	libfuse3.so.3 => /lib/x86_64-linux-gnu/libfuse3.so.3 (0x00007bcc48b34000)
	libaio.so.1t64 => not found
	librbd.so.1 => not found
	librados.so.2 => not found
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007bcc48800000)
	/lib64/ld-linux-x86-64.so.2 (0x00007bcc4ab81000)
	libp11-kit.so.0 => /lib/x86_64-linux-gnu/libp11-kit.so.0 (0x00007bcc486c5000)
	libidn2.so.0 => /lib/x86_64-linux-gnu/libidn2.so.0 (0x00007bcc48b11000)
	libunistring.so.2 => /lib/x86_64-linux-gnu/libunistring.so.2 (0x00007bcc4851b000)
	libtasn1.so.6 => /lib/x86_64-linux-gnu/libtasn1.so.6 (0x00007bcc48af9000)
	libnettle.so.8 => /lib/x86_64-linux-gnu/libnettle.so.8 (0x00007bcc48ab3000)
	libhogweed.so.6 => /lib/x86_64-linux-gnu/libhogweed.so.6 (0x00007bcc48a6b000)
	libgmp.so.10 => /lib/x86_64-linux-gnu/libgmp.so.10 (0x00007bcc48499000)
	libmount.so.1 => /lib/x86_64-linux-gnu/libmount.so.1 (0x00007bcc48455000)
	libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x00007bcc48a3d000)
	libffi.so.8 => /lib/x86_64-linux-gnu/libffi.so.8 (0x00007bcc48a30000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007bcc483df000)
	libaudit.so.1 => /lib/x86_64-linux-gnu/libaudit.so.1 (0x00007bcc483b1000)
	libblkid.so.1 => /lib/x86_64-linux-gnu/libblkid.so.1 (0x00007bcc4837a000)
	libpcre2-8.so.0 => /lib/x86_64-linux-gnu/libpcre2-8.so.0 (0x00007bcc482e3000)
	libcap-ng.so.0 => /lib/x86_64-linux-gnu/libcap-ng.so.0 (0x00007bcc482db000)
/snap/lxd/x1/bin/qemu-system-x86_64:
/snap/lxd/x1/bin/qemu-system-x86_64: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.38' not found (required by /snap/lxd/x1/bin/qemu-system-x86_64)
	linux-vdso.so.1 (0x00007ffc8a7bf000)
	libpixman-1.so.0 => /lib/x86_64-linux-gnu/libpixman-1.so.0 (0x000077a7d8898000)
	libspice-server.so.1 => not found
	libfdt.so.1 => not found
	libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x000077a7d886e000)
	libusb-1.0.so.0 => /lib/x86_64-linux-gnu/libusb-1.0.so.0 (0x000077a7d8850000)
	libseccomp.so.2 => /lib/x86_64-linux-gnu/libseccomp.so.2 (0x000077a7d882e000)
	libnuma.so.1 => not found
	libgio-2.0.so.0 => /lib/x86_64-linux-gnu/libgio-2.0.so.0 (0x000077a7d8654000)
	libgobject-2.0.so.0 => /lib/x86_64-linux-gnu/libgobject-2.0.so.0 (0x000077a7d85f4000)
	libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x000077a7d84ba000)
	libzstd.so.1 => /lib/x86_64-linux-gnu/libzstd.so.1 (0x000077a7d83eb000)
	libusbredirparser.so.1 => /lib/x86_64-linux-gnu/libusbredirparser.so.1 (0x000077a7d83de000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x000077a7d83c2000)
	liburing.so.2 => not found
	libgmodule-2.0.so.0 => /lib/x86_64-linux-gnu/libgmodule-2.0.so.0 (0x000077a7d83bb000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x000077a7d82d4000)
	libaio.so.1t64 => not found
	librbd.so.1 => not found
	librados.so.2 => not found
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x000077a7d8000000)
	/lib64/ld-linux-x86-64.so.2 (0x000077a7da0cc000)
	libmount.so.1 => /lib/x86_64-linux-gnu/libmount.so.1 (0x000077a7d828e000)
	libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x000077a7d8262000)
	libffi.so.8 => /lib/x86_64-linux-gnu/libffi.so.8 (0x000077a7d8253000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x000077a7d7f8a000)
	libblkid.so.1 => /lib/x86_64-linux-gnu/libblkid.so.1 (0x000077a7d7f53000)
	libpcre2-8.so.0 => /lib/x86_64-linux-gnu/libpcre2-8.so.0 (0x000077a7d7ebc000)

The not found and GLIBC_2.38 errors can be ignored as I'm running ldd on my 22.04 host while the snap uses a 24.04 base.

[simondeziel]

This was tested by installing the snap in my host and then in a VM running on it:

$ lxc start --console=vga v1
$ lxc exec v1 -- lxc exec vv1 -- systemd-detect-virt
kvm

This confirms that importing an image worked so qemu-img can take a QCoW2 image and return a raw one. It also confirms the spice stuff still works.

[simondeziel]

TIL that Multipass disables some of those options (https://github.com/canonical/multipass/blob/main/snap/snapcraft.yaml#L236-L279):

--disable-gnutls
--disable-libiscsi
--disable-nettle
--disable-vvfat

[simondeziel]

@tomponline is now a good time to consider this for merging?

[tomponline]

@tomponline is now a good time to consider this for merging?

ill save this for 6.3