This is a possible sequence of commands similar to the one I
demonstrated in class on June 14, 2006. The commands actually work for
me - I did this all several times to verify it works. However, in your
particular setting (different environment, different image, etc.) some
of the things may differ. Do not expect all of what follows to work
for you exactly as shown, consult the appropriate documentation, etc.

In what follows, "$ " represents the normal user shell prompt on your
host machine in the lab, "uml# " is the root shell prompt inside UML,
"qemu# " is the root prompt inside qemu. Anything in the command line
after "#" (except the # in the root propmpt) is a comment. The outputs
of the commands are not shown.

$ # let's create a directory for the project
$ mkdir project
$ cd project
$ # download the qemu patch from the course site
$ wget http://cs.haifa.ac.il/courses/OS/Project/qemu-wc.patch
$ # download and untar the qemu source
$ wget http://fabrice.bellard.free.fr/qemu/qemu-0.8.1.tar.gz
$ tar zxvf qemu-0.8.1.tar.gz
$ # apply the patch, as explained on the project page
$ cd qemu-0.8.1
$ patch -p1 < ../qemu-wc.patch
$ # configure and build qemu
$ ./configure --prefix=/home/<user>/project/qemu --target-list=i386-softmmu --disable-kqemu --cc=gcc32
$ make
$ make install
$ # verify that qemu is installed and works (assume an image file was
$ # transferred to the project directory, e.g., sarge.img); in particular,
$ # you may login as root and try lspci to verify that the device is there
$ cd ..
$ ls -l qemu/bin
$ ./qemu/bin/qemu -hda sarge.img
$ # in order to be able to mount the image, convert it to the raw format
$ # this may take some time
$ ./qemu/bin/qemu-img convert sarge.img -O raw sarge.raw
$ # verify that qemu works with the raw image as well
$ ./qemu/bin/qemu -hda sarge.raw &
$ # download a linux kernel - not necessarily this version
$ wget http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.20.tar.bz2
$ # download the configuration file from the project page
$ wget http://cs.haifa.ac.il/courses/OS/Project/kernel-qemu.config
$ # build the kernel - here is a possible sequence, more information
$ # in the kernel Documentation
$ tar jxvf linux-2.6.16.20.tar.bz2
$ cd linux-2.6.16.20
$ make mrproper
$ cp ../kernel-qemu.config .config
$ # just use the defaults for all the questions the following command asks
$ make oldconfig
$ make bzImage
$ make modules
$ # prepare private directories for the stuff you need to put onto qemu
$ mkdir ../boot
$ mkdir -p ../lib/modules
$ # install the kernel and the modules, if any
$ make install INSTALL_PATH=../boot INSTALL_MOD_PATH=..
$ make modules_install INSTALL_PATH=../boot INSTALL_MOD_PATH=..
$ # we are done with kernel compilation
$ cd ..
$ # transfer the kernel using mount under UML
$ # start UML as described on the project page and login as root
$ linux con0=fd:0,fd:1 mem=128M ubd0=root_fs_cow,/usr/local/uml/root_fs eth0=tuntap,,,192.168.0.2
uml# # mount the project space under /project
uml# mkdir /project
uml# mount none /project -t hostfs -o /home/<user>/project
uml# ls /project
uml# # mount the qemu image
uml# mkdir /qemu
uml# mount -o loop,offset=32256 -t auto /project/sarge.raw /qemu
uml# # copy the contents of /project/boot to /qemu/boot
uml# # note: cp -d does not dereference symbolic links
uml# cp -d /project/boot/* /qemu/boot
uml# # copy the contents of /project/lib/modules to /qemu/lib/modules
uml# cp -dr /project/lib/modules/* /qemu/lib/modules
uml# # verify that everything is in place
uml# ls -l /qemu/boot
uml# ls -l /qemu/lib/modules/2.6.16.20
uml# # we are through with UML
uml# umount /qemu
uml# umount /project
uml# halt
$ # start qemu with the original kernel again
$ ./qemu/bin/qemu -hda sarge.raw &
qemu# # inside qemu, login as root and verify that the new stuff is there
qemu# ls -l /lib/modules/2.6.16.20
qemu# ls -l /boot
qemu# # note: if your networking is set up correctly (hint, use a
qemu# # recent image), you may transfer files from host without UML,
qemu# # e.g., as in
qemu# # mkdir /lib/modules/2.6.16.20
qemu# # cd /lib/modules/2.6.16.20
qemu# # scp <user>@10.0.2.2:project/lib/modules/2.6.16.20/modules.* .
qemu# # scp -r <user>@10.0.2.2:project/lib/modules/2.6.16.20/kernel .
qemu# # You may also want to build an initial ramdisk (see kernel Documentation):
qemu# mkinitrd -o /boot/initrd.img-2.6.16.20 2.6.16.20
qemu# # note: the exact mkinitrd invocation may differ between images
qemu# # edit the bootloader's configuration file, e.g.,
qemu# nano /boot/grub/menu.lst
qemu# # duplicate one of the existing entries, and change the title to
qemu# # something appropriately descriptive, and point to the right
qemu# # kernel and initrd if you use one
qemu# # we are done with qemu:
qemu# poweroff
$ # start qemu again, but this time choose the new kernel in the
$ # bootloader menu:
$ ./qemu/bin/qemu -hda sarge.raw &

From this point on you are equipped to install your modified kernel in
qemu. Develop your driver on the host, transfer it to qemu as
described above, and load.