Ubuntu KVM to Windows 10 - Thinkpad T470 - Razer Core X - GTX 970
| Please Select a Licence from the LICENCE_HEADERS page |
And place at top of your page |
If no Licence is Selected/Appended, Default will be CC0 Default Licence IF there is no Licence placed below this notice!
When you edit this page, you agree to release your contribution under the CC0 Licence LICENCE:
More information about the cc0 licence can be found here: You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. Licence: Statement of Purpose The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work"). Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others. For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights. 1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following: the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work; moral rights retained by the original author(s) and/or performer(s); publicity and privacy rights pertaining to a person's image or likeness depicted in a Work; rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below; rights protecting the extraction, dissemination, use and reuse of data in a Work; database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof. 2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose. 3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose. 4. Limitations and Disclaimers. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. |
Ubuntu Kvm Windows 10 - Thinkpad T470 with Razer Core X
Hardware:
- Thinkpad t470 - 256GB HD, 8GB RAM
- razer core x
- GTX 970 GT
- Ubuntu Desktop 22.04 installed.
Thunderbolt 3 - detected as USB3.0 (5000M). But works :)
lsusb -t OutPut:
/: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/6p, 5000M
|__ Port 3: Dev 2, If 0, Class=Mass Storage, Driver=usb-storage, 5000M
/: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/12p, 480M
|__ Port 7: Dev 2, If 0, Class=Wireless, Driver=btusb, 12M
|__ Port 7: Dev 2, If 1, Class=Wireless, Driver=btusb, 12M
|__ Port 8: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M
|__ Port 8: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M
|__ Port 9: Dev 4, If 0, Class=Vendor Specific Class, Driver=, 12M
sudo lshw | grep -A10 -i usb OutPut:
capabilities: pci pnp upgrade shadowing cdboot bootselect edd int13floppy720 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi
*-pci
description: Host bridge
product: Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers
vendor: Intel Corporation
physical id: 100
bus info: pci@0000:00:00.0
version: 08
width: 32 bits
clock: 33MHz
configuration: driver=skl_uncore
--
*-usb
description: USB controller
product: Sunrise Point-LP USB 3.0 xHCI Controller
vendor: Intel Corporation
physical id: 14
bus info: pci@0000:00:14.0
version: 21
width: 64 bits
clock: 33MHz
capabilities: pm msi xhci bus_master cap_list
configuration: driver=xhci_hcd latency=0
resources: irq:127 memory:ec220000-ec22ffff
*-usbhost:0
product: xHCI Host Controller
vendor: Linux 5.19.0-35-generic xhci-hcd
physical id: 0
bus info: usb@1
logical name: usb1
version: 5.19
capabilities: usb-2.00
configuration: driver=hub slots=12 speed=480Mbit/s
*-usb:0
description: Bluetooth wireless interface
product: Bluetooth wireless interface
vendor: Intel Corp.
physical id: 7
bus info: usb@1:7
version: 0.01
capabilities: bluetooth usb-2.00
configuration: driver=btusb maxpower=100mA speed=12Mbit/s
*-usb:1
description: Video
product: Integrated Camera: Integrated C
vendor: SunplusIT Inc
physical id: 8
bus info: usb@1:8
logical name: input8
logical name: /dev/input/event6
version: 0.10
capabilities: usb-2.00 usb
configuration: driver=uvcvideo maxpower=500mA speed=480Mbit/s
*-usb:2 UNCLAIMED
description: Generic USB device
vendor: Validity Sensors, Inc.
physical id: 9
bus info: usb@1:9
version: 1.64
serial: ff1e8c196451
capabilities: usb-2.00
configuration: maxpower=100mA speed=12Mbit/s
*-usbhost:1
product: xHCI Host Controller
vendor: Linux 5.19.0-35-generic xhci-hcd
physical id: 1
bus info: usb@2
logical name: usb2
version: 5.19
capabilities: usb-3.00
configuration: driver=hub slots=6 speed=5000Mbit/s
*-usb
description: Mass storage device
product: USB3.0-CRW
vendor: Generic
physical id: 3
bus info: usb@2:3
logical name: scsi0
version: 2.04
serial: 20120501030900000
capabilities: usb-3.00 scsi emulated scsi-host
configuration: driver=usb-storage maxpower=800mA speed=5000Mbit/s
*-disk
description: SCSI Disk
product: SD/MMC
vendor: Generic-
physical id: 0.0.0
bus info: scsi@0:0.0.0
logical name: /dev/sda
version: 1.00
serial: 2012090114345300
capabilities: removable
Windows 10 ISO
Download a Windows 10 ISO for the Virtual Machine
https://www.microsoft.com/en-us/software-download/windows10ISO
VT-d - bios
Check VT-d enabled on bios
When you press the power button, press and hold F1 to enter into bios mode.
Security > Virtualization
Intel (R) Virtualization Technology [ENABLE]
Inter (R) VT-d Feature [ENABLE]
Check
cat /proc/cpuinfo | grep --color vmx
cat /proc/cpuinfo | grep --color vmx Explained:
The command "cat /proc/cpuinfo" displays detailed information about the processor(s) installed on your system. The output of this command includes a lot of information, such as processor model, speed, cache size, and other features.
The pipe symbol "|" is used to pass the output of the first command as input to the second command. In this case, the output of "cat /proc/cpuinfo" is being passed as input to "grep".
The "grep" command is used to search for a specific pattern in the input data. In this case, the pattern being searched for is "vmx".
The "--color" option is used to highlight the search pattern in the output, making it easier to identify.
So, the entire command "cat /proc/cpuinfo | grep --color vmx" is searching the processor information for the "vmx" feature and highlighting it in the output. The "vmx" feature refers to Intel's Virtualization Technology, which allows a processor to run multiple operating systems on the same computer simultaneously.
cat /proc/cpuinfo | grep --color vmx Returned Output:
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml
Grub
sudo $EDITOR /etc/default/grub
Insert the option to GRUB_CMDLINE_LINUX_DEFAULT=""
intel_iommu=on kvm.ignore_msrs=1
Before
# If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1"
After
# If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=0 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1"
Info intel_iommu=on kvm.ignore_msrs=1
intel_iommu=on and kvm.ignore_msrs=1 are kernel boot parameters that can be set in the GRUB configuration file in Linux systems. Here's what they mean:
intel_iommu=on: This parameter enables Intel VT-d (Virtualization Technology for Directed I/O), which allows for hardware-based virtualization of I/O devices. This can improve performance and security for virtual machines by allowing them to directly access hardware devices, rather than relying on the host operating system to handle the device access.
kvm.ignore_msrs=1: This parameter disables the handling of MSR (Model Specific Register) virtualization by the kernel-based Virtual Machine (KVM) hypervisor. This can improve performance for certain workloads that rely heavily on MSR access, such as virtualization workloads.
Info the /etc/defaults directory
In Ubuntu and many other Linux-based operating systems, the /etc/default directory contains configuration files for various system services and applications. These configuration files contain default values for the settings and options that are used by these services and applications. The /etc/default directory is typically organized by service or application, with each subdirectory containing one or more configuration files for that service or application. For example, the /etc/default/grub directory contains the default configuration file for the GRUB bootloader, while the /etc/default/apache2 directory contains the default configuration file for the Apache web server. These configuration files are often used by system administrators to customize the behavior of these services and applications by modifying the default values of their settings and options. For example, the GRUB configuration file in /etc/default/grub can be used to specify the default operating system to boot, the timeout for the boot menu, and other options.
Update Grub
sudo grub-mkconfig -o /boot/grub/grub.cfg
Reboot so kernel boot parameters can be applied.
reboot
Info: sudo grub-mkconfig -o /boot/grub/grub.cfg
grub-mkconfig: This is a command that generates a new configuration file for the GRUB bootloader. It scans the system for installed kernels, operating systems, and other boot options, and creates a configuration file based on that information.
-o /boot/grub/grub.cfg: This option tells grub-mkconfig to write the generated configuration file to the file /boot/grub/grub.cfg. This is the default location for the GRUB configuration file in most Linux systems.
Check that IOMMU is enabled
sudo dmesg | grep -i -e DMAR -e IOMMU
Return Output: Before editing Grub
[ 0.013929] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013974] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.124130] DMAR: Host address width 39 [ 0.124131] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.124140] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.124143] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.124147] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.124150] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.124152] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.124154] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.124156] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.124158] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.126384] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.346448] iommu: Default domain type: Translated [ 0.346448] iommu: DMA domain TLB invalidation policy: lazy mode
After editing Grub
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.013471] ACPI: DMAR 0x000000008FFBE000 0000A8 (v01 LENOVO TP-N1Q 00001720 PTEC 00000002) [ 0.013516] ACPI: Reserving DMAR table memory at [mem 0x8ffbe000-0x8ffbe0a7] [ 0.035822] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.19.0-35-generic root=UUID=2f687e47-7e3b-4aad-830d-2be9821522c1 ro quiet splash intel_iommu=on kvm.ignore_msrs=1 vt.handoff=7 [ 0.035915] DMAR: IOMMU enabled [ 0.094689] DMAR: Host address width 39 [ 0.094691] DMAR: DRHD base: 0x000000fed90000 flags: 0x0 [ 0.094699] DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 7e3ff0505e [ 0.094702] DMAR: DRHD base: 0x000000fed91000 flags: 0x1 [ 0.094706] DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da [ 0.094708] DMAR: RMRR base: 0x0000008f49f000 end: 0x0000008f4befff [ 0.094710] DMAR: RMRR base: 0x0000009a000000 end: 0x0000009c7fffff [ 0.094713] DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 [ 0.094715] DMAR-IR: HPET id 0 under DRHD base 0xfed91000 [ 0.094716] DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. [ 0.096599] DMAR-IR: Enabled IRQ remapping in x2apic mode [ 0.324622] iommu: Default domain type: Translated [ 0.324622] iommu: DMA domain TLB invalidation policy: lazy mode [ 0.346100] DMAR: No ATSR found [ 0.346101] DMAR: No SATC found [ 0.346103] DMAR: IOMMU feature fl1gp_support inconsistent [ 0.346105] DMAR: IOMMU feature pgsel_inv inconsistent [ 0.346106] DMAR: IOMMU feature nwfs inconsistent [ 0.346107] DMAR: IOMMU feature eafs inconsistent [ 0.346108] DMAR: IOMMU feature prs inconsistent [ 0.346108] DMAR: IOMMU feature nest inconsistent [ 0.346109] DMAR: IOMMU feature mts inconsistent [ 0.346110] DMAR: IOMMU feature sc_support inconsistent [ 0.346111] DMAR: IOMMU feature dev_iotlb_support inconsistent [ 0.346113] DMAR: dmar0: Using Queued invalidation [ 0.346117] DMAR: dmar1: Using Queued invalidation [ 0.346409] pci 0000:00:00.0: Adding to iommu group 0 [ 0.346423] pci 0000:00:02.0: Adding to iommu group 1 [ 0.346441] pci 0000:00:14.0: Adding to iommu group 2 [ 0.346450] pci 0000:00:14.2: Adding to iommu group 2 [ 0.346466] pci 0000:00:16.0: Adding to iommu group 3 [ 0.346475] pci 0000:00:16.3: Adding to iommu group 3 [ 0.346499] pci 0000:00:1c.0: Adding to iommu group 4 [ 0.346520] pci 0000:00:1c.6: Adding to iommu group 5 [ 0.346539] pci 0000:00:1d.0: Adding to iommu group 6 [ 0.346557] pci 0000:00:1d.2: Adding to iommu group 7 [ 0.346582] pci 0000:00:1f.0: Adding to iommu group 8 [ 0.346595] pci 0000:00:1f.2: Adding to iommu group 8 [ 0.346604] pci 0000:00:1f.3: Adding to iommu group 8 [ 0.346615] pci 0000:00:1f.4: Adding to iommu group 8 [ 0.346625] pci 0000:00:1f.6: Adding to iommu group 8 [ 0.346646] pci 0000:04:00.0: Adding to iommu group 9 [ 0.346664] pci 0000:3e:00.0: Adding to iommu group 10 [ 0.348306] DMAR: Intel(R) Virtualization Technology for Directed I/O
Info sudo dmesg | grep -i -e DMAR -e IOMMU
dmesg: This command is used in Linux systems to display the kernel message buffer, which contains information about the system's hardware and software components, as well as any error or warning messages generated by the kernel.
|: This symbol is called a pipe and it allows the output of one command to be used as input for another command. In this case, it sends the output of the dmesg command to the next command in the pipeline, which is grep.
grep: This command is used in Linux systems to search for text patterns in a file or output. In this case, it's used to search the output of the dmesg command for lines that contain the strings "DMAR" or "IOMMU".
-i: This option tells grep to perform a case-insensitive search, meaning it will match the strings "DMAR" or "IOMMU" regardless of their case.
-e: This option tells grep to specify the pattern to search for. In this case, it's used to specify two patterns to search for: "DMAR" and "IOMMU".
- DMAR: DMA Remapping (DMAR) is a feature of modern computer systems that provides additional security for input/output (I/O) devices. It allows for the isolation of memory regions used by I/O devices, which prevents them from accessing other parts of the system's memory. This helps to prevent attacks that could exploit vulnerabilities in I/O device drivers to gain access to sensitive data or take control of the system.
- IOMMU: The I/O Memory Management Unit (IOMMU) is a hardware component that provides support for DMA remapping. It allows for the virtualization of I/O devices and provides an additional layer of security by isolating the memory used by these devices.
Find your GPU
lspci -nnk
Info lspci -nnk
lspci is a command-line utility that is used to display information about all the PCI buses and devices connected to them in a Linux system. The -nnk option is used to display the following information:
- -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device.
- -n: Display the vendor and device IDs in numeric format. This option is useful when you want to look up device IDs online to identify the manufacturer and model of a device.
- -k: Display the kernel driver currently bound to each device. This option is useful when you want to check which driver is being used for a particular device.
When you run the lspci -nnk command, you will get a list of all the PCI devices in your system, along with their vendor and device IDs, and the kernel driver currently in use.
lspci -nnk OutPut Before plugging in 'Razer Core X'
00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme
lspci -nnk OutPut After plugging in Razer Core X
00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [8086:1904] (rev 08) Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers [17aa:2245] Kernel driver in use: skl_uncore 00:02.0 VGA compatible controller [0300]: Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) Subsystem: Lenovo Skylake GT2 [HD Graphics 520] [17aa:2245] Kernel driver in use: i915 Kernel modules: i915 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller [8086:9d2f] (rev 21) Subsystem: Lenovo Sunrise Point-LP USB 3.0 xHCI Controller [17aa:2245] Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21) Subsystem: Lenovo Sunrise Point-LP Thermal subsystem [17aa:2245] Kernel driver in use: intel_pch_thermal Kernel modules: intel_pch_thermal 00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-LP CSME HECI #1 [8086:9d3a] (rev 21) Subsystem: Lenovo Sunrise Point-LP CSME HECI [17aa:2245] Kernel driver in use: mei_me Kernel modules: mei_me 00:16.3 Serial controller [0700]: Intel Corporation Sunrise Point-LP Active Management Technology - SOL [8086:9d3d] (rev 21) Subsystem: Lenovo Sunrise Point-LP Active Management Technology - SOL [17aa:2245] Kernel driver in use: serial 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #1 [8086:9d10] (rev f1) Kernel driver in use: pcieport 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #7 [8086:9d16] (rev f1) Kernel driver in use: pcieport 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 [8086:9d18] (rev f1) Kernel driver in use: pcieport 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI Express Root Port #11 [8086:9d1a] (rev f1) Kernel driver in use: pcieport 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC Controller [8086:9d48] (rev 21) Subsystem: Lenovo Sunrise Point-LP LPC Controller [17aa:2245] 00:1f.2 Memory controller [0580]: Intel Corporation Sunrise Point-LP PMC [8086:9d21] (rev 21) Subsystem: Lenovo Sunrise Point-LP PMC [17aa:2245] 00:1f.3 Audio device [0403]: Intel Corporation Sunrise Point-LP HD Audio [8086:9d70] (rev 21) Subsystem: Lenovo Sunrise Point-LP HD Audio [17aa:2245] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel, snd_soc_skl, snd_soc_avs 00:1f.4 SMBus [0c05]: Intel Corporation Sunrise Point-LP SMBus [8086:9d23] (rev 21) Subsystem: Lenovo Sunrise Point-LP SMBus [17aa:2245] Kernel driver in use: i801_smbus Kernel modules: i2c_i801 00:1f.6 Ethernet controller [0200]: Intel Corporation Ethernet Connection I219-LM [8086:156f] (rev 21) Subsystem: Lenovo Ethernet Connection I219-LM [17aa:2245] Kernel driver in use: e1000e Kernel modules: e1000e 04:00.0 Network controller [0280]: Intel Corporation Wireless 8260 [8086:24f3] (rev 3a) Subsystem: Intel Corporation Dual Band Wireless-AC 8260 [8086:0010] Kernel driver in use: iwlwifi Kernel modules: iwlwifi 05:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:00.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:01.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 06:02.0 PCI bridge [0604]: Intel Corporation JHL6240 Thunderbolt 3 Bridge (Low Power) [Alpine Ridge LP 2016] [8086:15c0] (rev 01) Kernel driver in use: pcieport 07:00.0 System peripheral [0880]: Intel Corporation JHL6240 Thunderbolt 3 NHI (Low Power) [Alpine Ridge LP 2016] [8086:15bf] (rev 01) Subsystem: Device [2222:1111] Kernel driver in use: thunderbolt Kernel modules: thunderbolt 08:00.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 09:01.0 PCI bridge [0604]: Intel Corporation JHL6340 Thunderbolt 3 Bridge (C step) [Alpine Ridge 2C 2016] [8086:15da] (rev 02) Kernel driver in use: pcieport 0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel 3e:00.0 Non-Volatile memory controller [0108]: Samsung Electronics Co Ltd NVMe SSD Controller SM961/PM961/SM963 [144d:a804] Subsystem: Samsung Electronics Co Ltd SM963 2.5" NVMe PCIe SSD [144d:a801] Kernel driver in use: nvme Kernel modules: nvme
0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel driver in use: nouveau Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel driver in use: snd_hda_intel Kernel modules: snd_hda_intel
vfio.conf
Info vfio.conf
vfio.conf is a configuration file used by the VFIO driver in Linux.
The VFIO driver is a kernel module that allows users to assign devices, such as GPUs or network interfaces, directly to virtual machines, bypassing the host operating system.
The vfio.conf file is used to specify which devices should be assigned to VFIO, and it is typically located in the /etc/modprobe.d/ directory. When the VFIO driver is loaded, it will read this file and use the settings specified within it.
The contents of vfio.conf can vary depending on the specific use case, but some common configurations include:
- Device IDs: The vfio.conf file can be used to specify the vendor and device IDs of the devices that should be assigned to VFIO. For example:
options vfio-pci ids=10de:13c2,10de:0fbb
This configuration specifies that two NVIDIA GPUs with the IDs 10de:13c2 and 10de:0fbb should be assigned to VFIO.
This configuration assigns two NVIDIA GPUs to VFIO and blacklists the nouveau and nvidiafb kernel drivers so that they don't claim the GPUs.
options vfio-pci ids=10de:13c2,10de:0fbb blacklist nouveau blacklist nvidiafb
- Additional options: The vfio.conf file can also be used to specify additional options for the VFIO driver, such as setting the IOMMU mode. For example:
This configuration sets the VFIO driver to use IOMMU mode 1 and allows unsafe interrupts.
options vfio_iommu_type1 allow_unsafe_interrupts=1
Overall, vfio.conf provides a way to configure the VFIO driver and specify which devices should be assigned to it, helping to facilitate GPU or other hardware passthrough to virtual machines.
Create a new file called vfio.conf in the /etc/modprobe.d/ directory.
The /etc/modprobe.d/ directory explanation:
The /etc/modprobe.d/ directory is a system directory in Linux that contains configuration files for kernel modules. When the Linux kernel boots up, it loads various modules (also called drivers) to support the hardware and other system functions.
Each configuration file in /etc/modprobe.d/ specifies options for one or more kernel modules, which are loaded by the kernel when a system boots or when a module is explicitly loaded. The options specified in these files can be used to modify the behavior of the kernel modules, or to blacklist certain modules to prevent them from being loaded.
The name of each configuration file in the /etc/modprobe.d/ directory must end with the .conf extension. The contents of each file consist of a series of directives, which specify module options, aliases, or blacklist information. These directives can be written in plain text format or in shell scripts.
Here are some examples of how you might use the /etc/modprobe.d/ directory:
- Blacklisting modules: You can use the /etc/modprobe.d/ directory to prevent certain kernel modules from loading. For example, you can create a file called /etc/modprobe.d/blacklist-nouveau.conf with the following contents to prevent the nouveau driver (used for NVIDIA graphics cards) from being loaded:
blacklist nouveau
- Setting module options: You can also use the /etc/modprobe.d/ directory to specify options for a particular kernel module. For example, you can create a file called /etc/modprobe.d/alsa-base.conf with the following contents to set the default sound card to the second card on the system:
options snd_hda_intel index=1
- Loading modules: You can use the /etc/modprobe.d/ directory to load kernel modules at boot time. For example, you can create a file called /etc/modprobe.d/local.conf with the following contents to load the acpi_call module at boot time:
# Load acpi_call at boot time acpi_call
Overall, the /etc/modprobe.d/ directory is an important location for managing kernel modules in Linux. It provides a centralized location for managing module options, aliases, and blacklists, making it easier to configure and maintain a Linux system.
sudo $EDITOR /etc/modprobe.d/vfio.conf
blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb
Update initramfs
Info initramfs:
The initramfs (initial RAM file system) is a temporary file system that is loaded into memory during the Linux boot process. It contains essential system files and utilities that are necessary to boot the Linux kernel and mount the root file system.
When the Linux kernel is booted, it first loads the initramfs into memory and sets it up as the root file system. The initramfs then runs the init script, which is responsible for initializing the system and mounting the real root file system. The init script may also perform other tasks, such as loading kernel modules, setting up network interfaces, and configuring system services.
The initramfs is typically used in situations where the root file system is located on a storage device that requires additional drivers or modules to be loaded before it can be mounted. For example, if the root file system is located on a RAID array, a network file system, or an encrypted disk, the necessary drivers or modules may need to be loaded into memory before the root file system can be mounted.
The initramfs can also be customized to include additional files or utilities that may be necessary for the boot process. This is done by modifying the initramfs image, which is a compressed archive file that contains the file system contents.
Overall, the initramfs is an essential component of the Linux boot process, providing a temporary file system that is necessary for initializing the system and mounting the root file system.
sudo update-initramfs -u
And reboot your computer:
reboot
Note:Sound will not work on Host Ubuntu now we have blacklisted snd_hda_intel to return sound to laptop read Undo Passthrough.
Check Kernel driver not in use
lspci -nnk
OutPut:
0a:00.0 VGA compatible controller [0300]: NVIDIA Corporation GM204 [GeForce GTX 970] [10de:13c2] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 [GeForce GTX 970] [1043:8508] Kernel modules: nvidiafb, nouveau 0a:00.1 Audio device [0403]: NVIDIA Corporation GM204 High Definition Audio Controller [10de:0fbb] (rev a1) Subsystem: ASUSTeK Computer Inc. GM204 High Definition Audio Controller [1043:8508] Kernel modules: snd_hda_intel
Installing KVM and VirtManager to Create a VM
To install the required packages, run the following command:
sudo apt-get install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils
To create a group and add your user to the group, run the following commands:
getent group libvirtd Check if the group already exists:
To check if a group is already present on an Ubuntu system, you can use the getent command along with the group argument and specify the name of the group as a parameter.
For example, to check if the sudo group exists on the system, you can run the following command in a terminal:
getent group sudo
If the group exists, the command will output information about the group, including its name, group ID (GID), and a list of users who are members of the group. If the group does not exist, the command will not produce any output.
Alternatively, you can use the grep command to search for the group name in the /etc/group file, which is the file that stores information about system groups on Ubuntu. For example, to search for the sudo group, you can run the following command:
grep "^sudo:" /etc/group
If the group exists, the command will output information about the group in the same format as the getent command. If the group does not exist, the command will not produce any output.
sudo addgroup libvirtd
sudo adduser $USER libvirtd
sudo apt-get install virt-manager
After installing the packages and adding your user to the group, reboot your system:
reboot
This will avoid the following error when trying to connect to libvirt:
virtual machine manager connection failure unable to connect to libvirt qemu:///system. verify that the 'libvirtd' daemon is running
Virtual Machine Manager
Start Virtual Machine Manager:
virt-manager
Create a new virtual machine
Step 1
Local install media (ISO image or CDROM)
Step 2
Choose ISO or CDROM install media: Click Browse and select your windows10.iso
Choose the operating system you are installing: untick( Automatically detect from installation media / source) and enter Microsoft Windows 10 in search bar.
Step 3
Choose Memory and CPU settings:
Memory: 4096MiB
CPUs: 2
Step 4
Tick Enable storage for this virtual machine
Tick create a disk image for the virtual machine 140 GiB
Step 5
Name:NAME_OF_VM
Tick Customize configuration before install
Config VM before booting
OverView:
Hypervisor Details
'Chipset' = 'Q35'
'Firmware' = 'x86_64:/usr/share/OVMF/OVMF_CODE_4M.ms.fd'
Boot Options:
Boot device order:
Untick - Enable boot menu
Select/Tick
SATA CDROM1
SATA Disk 1
Display Spice:
Spice Server:
Type: Spice server
Listen type: Address
Address: Hypervisor default
Port: tick 'Auto'
Click 'Add Hardware' button at bottom left - new window 'Add New Virtual Hardware' will pop up. Click 'PCI Host Device' on the left hand side Select your GPU and GPU Audio Controller:
'0000:0A:00:0 NVIDIA Corporation GM204 [GeForce GTX 970]'
'0000:0A:00:1 NVIDIA Corporation GM204 High Definition Audio Controller'
Select and click 'Finish' - reopen 'Add hardware' and repeat for Audio.
Install Windows 10 and update
Install windows 10 then update windows to get the graphics card drivers working.
Once done shoutdown.
After shutting down windows edit the VM's Config file
To find/confirm your VM's name:
virsh list --all
Syntax:sudo virsh edit YOUR_VM_NAME
sudo virsh edit win10
Going to edit in between the <features> </features> Brackets, 17 lines down.
<features>
<acpi/>
<apic/>
<hyperv mode='custom'>
<relaxed state='on'/>
<vapic state='on'/>
<spinlocks state='on' retries='8191'/>
</hyperv>
<vmport state='off'/>
</features>
<features>
<acpi/>
<apic/>
<hyperv mode='custom'>
<relaxed state='on'/>
<vapic state='on'/>
<spinlocks state='on' retries='8191'/>
<vendor_id state='on' value='1234567890ab'/>
</hyperv>
<kvm>
<hidden state='on'/>
</kvm>
<vmport state='off'/>
<ioapic driver='kvm'/>
</features>
What these values do
<vendor_id state='on' value='1234567890ab'/>
In Linux KVM, the <vendor_id> tag is used to specify the vendor ID that is presented to the guest virtual machine when it is running on top of the KVM hypervisor. This vendor ID can be customized by the user to any 12-digit hexadecimal value using the value attribute.
The purpose of the vendor ID is to provide a way for virtual machines to identify the type of hypervisor they are running on, and to adjust their behavior accordingly. This is particularly important for operating systems that have special optimizations or workarounds for specific hypervisors.
By default, KVM presents a vendor ID of "KVMKVMKVM" to the guest virtual machine. However, this can be changed by adding the <vendor_id> tag to the XML definition of the virtual machine, as follows:
<cpu> <vendor_id state='on' value='1234567890ab'/> ... </cpu>
In this example, the vendor ID is set to the value "1234567890ab". The state attribute is set to 'on' to enable the use of the custom vendor ID.
It's worth noting that changing the vendor ID can have some unexpected consequences. For example, some operating systems may have specific code paths or optimizations for certain hypervisors, and changing the vendor ID may cause them to behave differently or even malfunction. Additionally, some virtualization security features may depend on the vendor ID, so changing it may impact the security of the virtual machine. As such, it is important to carefully consider the implications before changing the vendor ID in a KVM virtual machine.
<kvm> <hidden state='on'/> </kvm>
In Linux KVM, the <kvm> tag is used to specify additional configuration options for the virtual machine that are specific to KVM. The <hidden> tag is a sub-tag of <kvm> and is used to enable or disable the hiding of the KVM hypervisor from the guest operating system.
When the <hidden> tag is set to state='on', the KVM hypervisor is hidden from the guest operating system. This means that the guest operating system will not be able to detect that it is running in a virtualized environment and will behave as if it is running directly on physical hardware.
This can be useful for security reasons, as it can make it more difficult for attackers to detect that they are running in a virtualized environment and attempt to exploit vulnerabilities that are specific to virtualization. Additionally, some software applications may behave differently or refuse to run in a virtualized environment, so hiding the KVM hypervisor can help ensure that these applications run properly.
To use the <hidden> tag, it should be included as a sub-tag of the <kvm> tag, as follows:
<kvm> <hidden state='on'/> ... </kvm>
It's important to note that hiding the KVM hypervisor can have some downsides as well. For example, it may make it more difficult to diagnose problems with the virtual machine, as the hypervisor will not be visible in the guest operating system. Additionally, some virtualization features may depend on the hypervisor being visible to the guest operating system, so hiding it may cause these features to stop working properly.
As such, the decision to hide the KVM hypervisor using the <hidden> tag should be carefully considered based on the specific needs and requirements of the virtualized environment.
<ioapic driver='kvm'/>
In Linux KVM, the <ioapic> tag is used to enable or disable the use of the IOAPIC (Input/Output Advanced Programmable Interrupt Controller) device in the virtual machine. The driver attribute is used to specify the driver that should be used for the IOAPIC device, with the value kvm indicating that KVM's built-in IOAPIC driver should be used.
The IOAPIC device is a type of interrupt controller that is used to manage interrupts in a virtual machine. It provides a way for devices in the virtual machine to generate interrupts, and for the virtual machine to route those interrupts to the appropriate virtual CPU.
To enable the IOAPIC device and specify the kvm driver, the <ioapic> tag should be included in the XML definition of the virtual machine, as follows:
<ioapic driver='kvm'/>
With this configuration, KVM's built-in IOAPIC driver will be used to manage interrupts in the virtual machine.
It's worth noting that while KVM's built-in IOAPIC driver is generally sufficient for most virtualization needs, there are some situations where a different driver may be preferred. For example, some applications or workloads may require more advanced IOAPIC functionality that is not available in KVM's built-in driver. In these cases, it may be necessary to use a different driver, or to implement custom code to support the required functionality.
Overall, the <ioapic> tag with the driver='kvm' attribute is a simple and effective way to enable the IOAPIC device and ensure that interrupts are properly managed in a KVM virtual machine.
Full Config file - before and after
Full Config file before any changes with virsh edit
<domain type='kvm'>
<name>win10</name>
<uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid>
<metadata>
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
<libosinfo:os id="http://microsoand of course the content when expanded.<br \>
<code>print "hello content"</code>ft.com/win/10"/>
</libosinfo:libosinfo>=====Notes=====
By default it will pass 2 usb ports to your VM, If you want to increase this to 3<br>
1. Mouse 2. Keyboard 3. USB Headfones/Speakers<br>
Add a 'USB Redirection' which you can find in 'Add Hardware'<br>
'<b>Add Hardware</b>' > '<b>USB Redirection</b>'<br>
<br>
If you want to revisit the 'Add Hardware' Section later:
<code>virt-manager</code> highlight the VM - '<b>Edit</b>' - '<b>Virtual Machine Details</b>' - '<b>Show virtual hardware details</b>' (The Blue (!) button , second from top left of window).<br>
<br>
To <b>Redirect USB</b> device to VM, when VM running <b>'Virtual Machine Details'</b> Click the <b>Virtual Machine</b> Tab, and <b>Redirect USB device</b> you will see your connected USB devices which you can passthrough to VM.
</metadata>
<memory unit='KiB'>4194304</memory>
<currentMemory unit='KiB'>4194304</currentMemory>
<vcpu placement='static'>2</vcpu>
<os>
<type arch='x86_64' machine='pc-q35-6.2'>hvm</type>
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader>
<nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram>
</os>
<features>
<acpi/>
<apic/>
<hyperv mode='custom'>
<relaxed state='on'/>
<vapic state='on'/>
<spinlocks state='on' retries='8191'/>
</hyperv>
<vmport state='off'/>
</features>
<cpu mode='host-passthrough' check='none' migratable='on'/>
<clock offset='localtime'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
<timer name='hypervclock' present='yes'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' discard='unmap'/>
<source file='/var/lib/libvirt/images/win10.qcow2'/>
<target dev='sda' bus='sata'/>
<boot order='1'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source file='/home/bunix/Downloads/Windows.iso'/>
<target dev='sdb' bus='sata'/>
<readonly/>
<boot order='2'/>
<address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x10'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x11'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
</controller>
<controller type='pci' index='3' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0x12'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
</controller>
<controller type='pci' index='4' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0x13'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
</controller>
<controller type='pci' index='5' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0x14'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0x15'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0x16'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='8' port='0x17'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x18'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x19'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x1a'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
</controller>
<controller type='pci' index='12' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='12' port='0x1b'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='13' port='0x1c'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='14' port='0x1d'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
</controller>
<controller type='sata' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='virtio-serial' index='0'>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:7e:3e:84'/>
<source network='default'/>
<model type='e1000e'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<graphics type='spice' autoport='yes'>
<listen type='address'/>
<image compression='off'/>
</graphics>
<sound model='ich9'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
</sound>
<audio id='1' type='spice'/>
<video>
<model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/>
</source>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</hostdev>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/>
</source>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</hostdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='3'/>
</redirdev>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</memballoon>
</devices>
</domain>
Full Config file After changes made with virsh edit
<domain type='kvm'>
<name>win10</name>
<uuid>6ec34fc4-f7d9-451c-a985-598b5029cd4c</uuid>
<metadata>
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
<libosinfo:os id="http://microsoft.com/win/10"/>
</libosinfo:libosinfo>
</metadata>
<memory unit='KiB'>4194304</memory>
<currentMemory unit='KiB'>4194304</currentMemory>
<vcpu placement='static'>2</vcpu>
<os>
<type arch='x86_64' machine='pc-q35-6.2'>hvm</type>
<loader readonly='yes' type='pflash'>/usr/share/OVMF/OVMF_CODE_4M.ms.fd</loader>
<nvram>/var/lib/libvirt/qemu/nvram/win10_VARS.fd</nvram>
</os>
<features>
<acpi/>
<apic/>
<hyperv mode='custom'>
<relaxed state='on'/>
<vapic state='on'/>
<spinlocks state='on' retries='8191'/>
<vendor_id state='on' value='1234567890ab'/>
</hyperv>
<kvm>
<hidden state='on'/>
</kvm>
<vmport state='off'/>
<ioapic driver='kvm'/>
</features>
<cpu mode='host-passthrough' check='none' migratable='on'/>
<clock offset='localtime'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
<timer name='hypervclock' present='yes'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' discard='unmap'/>
<source file='/var/lib/libvirt/images/win10.qcow2'/>
<target dev='sda' bus='sata'/>
<boot order='1'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source file='/home/bunix/Downloads/Windows.iso'/>
<target dev='sdb' bus='sata'/>
<readonly/>
<boot order='2'/>
<address type='drive' controller='0' bus='0' target='0' unit='1'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x10'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x11'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
</controller>
<controller type='pci' index='3' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0x12'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
</controller>
<controller type='pci' index='4' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0x13'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
</controller>
<controller type='pci' index='5' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0x14'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0x15'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0x16'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='8' port='0x17'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x18'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x19'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x1a'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
</controller>
<controller type='pci' index='12' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='12' port='0x1b'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='13' port='0x1c'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='14' port='0x1d'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
</controller>
<controller type='sata' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='virtio-serial' index='0'>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:7e:3e:84'/>
<source network='default'/>
<model type='e1000e'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<graphics type='spice' autoport='yes'>
<listen type='address'/>
<image compression='off'/>
</graphics>
<sound model='ich9'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
</sound>
<audio id='1' type='spice'/>
<video>
<model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x0a' slot='0x00' function='0x0'/>
</source>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</hostdev>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/>
</source>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</hostdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='3'/>
</redirdev>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</memballoon>
</devices>
</domain>
Note: Not the place to edit (use 'virsh'), but you config file can be found here:/etc/libvirt/qemu/
Notes - Mouse and Keyboard Redirect
By default it will pass 2 usb ports to your VM, If you want to increase this to 3
1. Mouse 2. Keyboard 3. USB Headfones/Speakers
Add a 'USB Redirection' which you can find in 'Add Hardware'
'Add Hardware' > 'USB Redirection'
If you want to revisit the 'Add Hardware' Section later:
virt-manager highlight the VM - 'Edit' - 'Virtual Machine Details' - 'Show virtual hardware details' (The Blue (!) button , second from top left of window).
To Redirect USB device to VM, when VM running 'Virtual Machine Details' Click the Virtual Machine Tab, and Redirect USB device you will see your connected USB devices which you can passthrough to VM.
Undo Passthrough
Grub
sudo $EDITOR /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on kvm.ignore_msrs=1"
Remove intel_iommu=on kvm.ignore_msrs=1 and save changes.
GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
rebuild grub
sudo grub-mkconfig -o /boot/grub/grub.cfg
vfio
This step will restore sound to Host Ubuntu.
Comment out changes to vfio.conf
sudo $EDITOR /etc/modprobe.d/vfio.conf
blacklist nouveau blacklist snd_hda_intel options vfio-pci ids=10de:13c2,10de:0fbb
Comment out by placing a # in front of the line, save and exit.
#blacklist nouveau #blacklist snd_hda_intel #options vfio-pci ids=10de:13c2,10de:0fbb
update initramfs:
sudo update-initramfs -u
Reboot for changes to take effect
reboot
End Notes
Plug in external monitor to the GPU 'Razer Core X' for output and no screen lag.
Tested with 'sniper ghost warrior' works fine.
Sound will come out of HDMI, If using monitor with no speakers, you can pass through USB headfones or speakers.
References
https://askubuntu.com/questions/1406888/ubuntu-22-04-gpu-passthrough-qemu