I'm currently trying to pass a nvidia GPU to Windows 10 guest using qemu 2.5 and libvirt 1.3.5.
I see "Error 43" on Nvidia GPU in Device Manager.
I had tried to hide the hypervisor by adding "kvm=off" and "hv_vendor_id=123456780ab", but it does not work for me. I searched in google and people solved the problem in this way.
And I also saw Virtual Machine : Yes in task manager.
Did I use in the wrong way? I can pass a AMD gpu to windows guest(AMD does not check the kvm virtualization).
Can I spoof nvidia in other way?
My system information:
#uname -a
Linux ns.mqcache.net 4.2.0-1.el7.elrepo.x86_64 #1 SMP Sun Aug 30 21:25:29 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
#/root/qemu25/qemu/x86_64-softmmu/qemu-system-x86_64 --version
QEMU emulator version 2.5.1.1, Copyright (c) 2003-2008 Fabrice Bellard
GPU:
02:00.0 VGA compatible controller: NVIDIA Corporation GF119 [GeForce GT 620 OEM] (rev a1)
02:00.1 Audio device: NVIDIA Corporation GF119 HDMI Audio Controller (rev a1)
libvirt.xml
<domain xmlns:qemu="http://libvirt.org/schemas/domain/qemu/1.0" type="kvm">
<name>win10</name>
<os>
<type machine="q35">hvm</type>
<boot dev="hd"/>
<boot dev="cdrom"/>
</os>
<features>
<acpi/>
<apic/>
<hyperv>
<vendor_id state='on' value='1234567890ab'/>
</hyperv>
<kvm>
<hidden state='on'/>
</kvm>
</features>
<clock offset="localtime">
<timer name="rtc" tickpolicy="catchup"/>
<timer name="pit" tickpolicy="delay"/>
<timer name="hpet" present="no"/>
<timer name='hypervclock' present='yes'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<vcpu current="4">4</vcpu>
<cpu mode="host-passthrough">
<topology sockets="1" cores="4" threads="1"/>
</cpu>
<memory>8388608</memory>
<currentMemory>8388608</currentMemory>
<devices>
<emulator>/root/qemu25/qemu/x86_64-softmmu/qemu-system-x86_64</emulator>
<disk device="disk" type="file">
<driver name="qemu" type="qcow2"/>
<source file="/root/vm/win10/image.qcow2"/>
<target bus="virtio" dev="vda"/>
</disk>
<sound model="ac97"/>
<interface type="bridge">
<mac address="fa:16:3e:81:00:03"/>
<source bridge="eucabr"/>
<model type="virtio"/>
<driver name="qemu"/>
<alias name="net0"/>
</interface>
<hostdev mode="subsystem" type="pci" managed="yes">
<source>
<address domain="0x0000" bus="0x02" slot="0x00" function="0x1"/>
</source>
</hostdev>
</devices>
<qemu:commandline>
<qemu:arg value="-machine"/>
<qemu:arg value="smm=off"/>
<qemu:arg value="-device"/>
<qemu:arg value="ioh3420,bus=pcie.0,addr=1c.0,multifunction=on,port=1,chassis=1,id=root.1"/>
<qemu:arg value="-device"/>
<qemu:arg value="vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on"/>
<qemu:arg value="-vga"/>
<qemu:arg value="none"/>
</qemu:commandline>
</domain>
qemu command
/root/qemu25/qemu/x86_64-softmmu/qemu-system-x86_64 \
-name win10 \
-machine q35,accel=kvm,usb=off \
-cpu host,kvm=off,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time,hv_vendor_id=blah \
-m 2048 \
-realtime mlock=off \
-smp 2,sockets=1,cores=2,threads=1 \
-no-user-config \
-nodefaults \
-rtc base=localtime \
-no-shutdown \
-boot strict=on \
-device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e \
-device pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x1 \
-drive file=/root/vm/win10/snap.qcow2,if=none,id=drive-virtio-disk0,format=qcow2 \
-device virtio-blk-pci,scsi=off,bus=pci.2,addr=0x2,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
-k en-us \
-device virtio-balloon-pci,id=balloon0,bus=pci.2,addr=0x4 \
-machine smm=off \
-device ioh3420,bus=pcie.0,addr=1c.0,multifunction=on,port=1,chassis=1,id=root.1 \
-device vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on \
-device vfio-pci,host=02:00.1,bus=root.1,addr=00.1 \
-msg timestamp=on \
-vga none
Look forward to your help!
You need to pass copy of unmodified videocard ROM to VM.
You need a secondary GPU that you can use as the primary for this
process. You cannot dump a clean copy of the BIOS without having the
passthrough GPU as a secondary card
Put the extra card in the primary slot and the intended passthrough card in another pci-e port and bootup.
Find your intended GPU again via lspci -v. In my case it had about the same address.
Now you can dump the ROM to a file:
# echo "0000:05:00.0" > /sys/bus/pci/drivers/vfio-pci/unbind
# cd /sys/bus/pci/devices/0000\:05\:00.0
# echo 1 > rom
# cat rom > /home/username/KVM/evga_gtx970.dump
# echo 0 > rom
# echo "0000:05:00.0" > /sys/bus/pci/drivers/vfio-pci/bind
In this case, 0000:05:00.0 is my PCI card address. You don't really need the bind step at the bottom since you'll be rebooting anyways.
You can check the integrity of the ROM dump with this handy utility at https://github.com/awilliam/rom-parser. My rom looks like:
# ./rom-parser evga_gtx970.dump
Valid ROM signature found #0h, PCIR offset 1a0h
PCIR: type 0 (x86 PC-AT), vendor: 10de, device: 13c2, class: 030000
PCIR: revision 0, vendor revision: 1
Valid ROM signature found #f400h, PCIR offset 1ch
PCIR: type 3 (EFI), vendor: 10de, device: 13c2, class: 030000
PCIR: revision 3, vendor revision: 0
EFI: Signature Valid, Subsystem: Boot, Machine: X64
Last image
You should have both an EFI and a non-EFI x86 ROM in the dump ( I think most cards have both)
Turn off the machine and put your GTX 1070 back in the primary slot.
After booting, edit your VM xml and in the section for your GPU (if you have already assigned the GPU to the VM) there should be a section. Add a file='path/to/dump/here' statement to it. My full section looks like:
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</source>
<rom bar='on' file='/home/username/KVM/evga_gtx970.dump'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</hostdev>
This will have the VM start the card with that BIOS instead of whatever the kernel gives it.
source
Please note that you have to use OVMF (EFI) because SeaBIOS does not use card ROM properly.
If you're on OVMF or some other UEFI, make sure to triple-check that your card is UEFI-ready, especially on stuff that is older than ~2014.
I was under false impression that mine was (GTX 770), while, in fact, it wasn't (looked at the wrong version of ROM online) and wasted almost 2 days ripping my hair out. Look up UEFI support like so and look for ROM updates here.
I flashed my card, but I think you can put an UEFI-enabled ROM as romfile=. It appears that other manufacturers' ROMs could work too, if yours doesn't have an UEFI fix for you.
Related
Assumptions
Guest VM has been installed.
Guest VM is running: virsh start <vm_domain_name>.
Verify it with virsh list --all
Target PCI devices have been detached from the host with virsh nodedev-detach <pci_<domain>_<bus>_<slot>_<function>>. One can see a list of PCI targets by verifying the output of virsh nodedev-list. One can see that the tag format (<pci__>) may differ from the example here.
Problem Description
error: Failed to attach device from add_pci_vf.xml
error: internal error: No more available PCI slots
This error appears when trying to add multiple PCI devices to a guest virtual machine.
If one just needs to add a single PCI device, then the following command suffice to enable its PCI passthrough:
virsh attach-device ubuntu-guest add_pci_vf.xml --live
The option --live at the end of the command allows the PCI passthrough to be effective immediately. Access the guest and run lspci -nn to assert that the device can now be seen by the guest.
Solution
If one wish to add additional devices, one must replace --live by --config. The changes will not be effective immediately. Follow the recipe below to add multiple PCI devices and avoid the aforementioned error.
virsh attach-device <vm_domain_name> <pci_device_0.xml> --config
virsh attach-device <vm_domain_name> <pci_device_1.xml> --config
virsh attach-device <vm_domain_name> <pci_device_2.xml> --config
virsh destroy <vm_domain_name>
virsh start <vm_domain_name>
The syntax of pci_device_?.xml files should look like the following (may vary depending on the target co-processor):
<hostdev mode='subsystem' type='pci' managed='yes'>
<driver name='vfio' />
<source>
<address domain='0x0000' bus='0x6b' slot='0x00' function='0x01' />
</source>
</hostdev>
Note: The attribute managed='yes' is essential as per my experience.
The solution described in the original post worked for me. Since I had trouble finding it online, I am posting it here for others facing similar issues.
Summary
Add the devices (VFs) one by one.
virsh attach-device <vm_domain_name> <pci_device_0.xml> --config
virsh attach-device <vm_domain_name> <pci_device_1.xml> --config
virsh attach-device <vm_domain_name> <pci_device_2.xml> --config
Then,
virsh destroy <vm_domain_name>
virsh start <vm_domain_name>
The syntax of pci_device_?.xml files is similar to:
<hostdev mode='subsystem' type='pci' managed='yes'>
<driver name='vfio' />
<source>
<address domain='0x0000' bus='0x6b' slot='0x00' function='0x01' />
</source>
</hostdev>
I'm trying to start hashcat on Win10 using my GPU AMD RX580.
What I did so far is:
Uninstalled all AMD drivers and rebooted
Started Driver Fusion cleaned all AMD Display drivers and rebooted
Manually removed OpenCL.dll from C:\windows\system32\ and c:\windows\syswow64 and rebooted
Installed AMD Crimsson driver edition - tried 17.8.2, 17.11.1, 17.11.4
My problem:
When I try to start a benchmark for WPA2 hash with PS D:\crack\hashcat-5.1.0> .\hashcat64.exe -m 2500 -b
It starts and just quits without any output:
PS D:\crack\hashcat-5.1.0> .\hashcat64.exe -m 2500 -b
hashcat (v5.1.0) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
* Device #2: Not a native Intel OpenCL runtime. Expect massive speed loss.
You can use --force to override, but do not report related errors.
OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Ellesmere, 3264/4096 MB allocatable, 36MCU
* Device #2: Intel(R) Core(TM) i7-4790 CPU # 3.60GHz, skipped.
Benchmark relevant options:
===========================
* --optimized-kernel-enable
Hashmode: 2500 - WPA-EAPOL-PBKDF2 (Iterations: 4096)
PS D:\crack\hashcat-5.1.0>
Output from hashcat -I:
PS D:\crack\hashcat-5.1.0> .\hashcat64.exe -I
hashcat (v5.1.0) starting...
OpenCL Info:
Platform ID #1
Vendor : Advanced Micro Devices, Inc.
Name : AMD Accelerated Parallel Processing
Version : OpenCL 2.0 AMD-APP (2442.8)
Device ID #1
Type : GPU
Vendor ID : 1
Vendor : Advanced Micro Devices, Inc.
Name : Ellesmere
Version : OpenCL 2.0 AMD-APP (2442.8)
Processor(s) : 36
Clock : 1366
Memory : 3264/4096 MB allocatable
OpenCL Version : OpenCL C 2.0
Driver Version : 2442.8
Device ID #2
Type : CPU
Vendor ID : 128
Vendor : GenuineIntel
Name : Intel(R) Core(TM) i7-4790 CPU # 3.60GHz
Version : OpenCL 1.2 AMD-APP (2442.8)
Processor(s) : 8
Clock : 3599
Memory : 6131/24526 MB allocatable
OpenCL Version : OpenCL C 1.2
Driver Version : 2442.8 (sse2,avx)
PS D:\crack\hashcat-5.1.0>
The same happens if I try to start mask attack.
Other benchmarks seems to work but when it reaches the WPA2 it just returns me to the command prompt:
PS D:\crack\hashcat-5.1.0> .\hashcat64.exe -b
hashcat (v5.1.0) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
* Device #2: Not a native Intel OpenCL runtime. Expect massive speed loss.
You can use --force to override, but do not report related errors.
OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Ellesmere, 3264/4096 MB allocatable, 36MCU
* Device #2: Intel(R) Core(TM) i7-4790 CPU # 3.60GHz, skipped.
Benchmark relevant options:
===========================
* --optimized-kernel-enable
Hashmode: 0 - MD5
Speed.#1.........: 12381.1 MH/s (96.87ms) # Accel:256 Loops:512 Thr:256 Vec:1
Hashmode: 100 - SHA1
Speed.#1.........: 4268.9 MH/s (70.02ms) # Accel:256 Loops:128 Thr:256 Vec:1
Hashmode: 1400 - SHA2-256
Speed.#1.........: 1870.1 MH/s (80.00ms) # Accel:256 Loops:64 Thr:256 Vec:1
Hashmode: 1700 - SHA2-512
Speed.#1.........: 461.1 MH/s (81.22ms) # Accel:128 Loops:32 Thr:256 Vec:1
Hashmode: 2500 - WPA-EAPOL-PBKDF2 (Iterations: 4096)
PS D:\crack\hashcat-5.1.0>
Any idea what could cause this behavior?
It looks like it was a crash in the OpenCL runtime. I have installed the newest Adrenalin Drivers - 19.3.2 , but went into another issue :
PS D:\crack\hashcat-5.1.0> .\hashcat64.exe -b -m 2500
hashcat (v5.1.0) starting in benchmark mode...
Benchmarking uses hand-optimized kernel code by default.
You can use it in your cracking session by setting the -O option.
Note: Using optimized kernel code limits the maximum supported password length.
To disable the optimized kernel code in benchmark mode, use the -w option.
OpenCL Platform #1: Advanced Micro Devices, Inc.
================================================
* Device #1: Ellesmere, 3264/4096 MB allocatable, 36MCU
Benchmark relevant options:
===========================
* --optimized-kernel-enable
Hashmode: 2500 - WPA-EAPOL-PBKDF2 (Iterations: 4096)
* Device #1: ATTENTION! OpenCL kernel self-test failed.
Your device driver installation is probably broken.
See also: https://hashcat.net/faq/wrongdriver
Speed.#1.........: 179.3 kH/s (87.14ms) # Accel:128 Loops:64 Thr:256 Vec:1
Started: Mon Mar 18 19:05:55 2019
Stopped: Mon Mar 18 19:06:26 2019
PS D:\crack\hashcat-5.1.0>
Then I used the --self-test-disable option and it started . I have also created a post in the hashcat forum : https://hashcat.net/forum/thread-8226-post-44141.html#pid44141 in case anyone is interested .
Error in Qt while deploying Qt program in Beaglebone Black
I have Debian 9 (stretch) in Beaglebone Black and workstation is Ubuntu 16.04. I have cross-compiled Qt5 for Beaglebone Black. BBB OS sysroot is mounted in /mnt/bbb-rootfs folder. What I need to install to remove these errors.
Configure command is with following arguments:-
./configure -device linux-beagleboard-g++ -device-option CROSS_COMPILE=/home/gunjan/qt5bbb/gcc-linaro-6.3.1-2017.02-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf- -sysroot /mnt/bbb-rootfs -opensource -confirm-license -optimized-qmake -reduce-exports -release -make libs -prefix /usr/local/qt5bbb -hostprefix /usr/local/qt5bbb -qt-zlib -no-opengl -qt-libpng -nomake examples -nomake tests -no-xkb -no-kms -no-eglfs -xcb -no-opengl -no-egl -gui -widgets -openssl -no-qml-debug -v 2>&1 | tee -a /home/gunjan/qt5bbb/qtbase-configure2-log.txt
I want to measure shadow page table performance vs EPT. I know in kvm code path, EPT and shadow page table share some code path. There is a switch to check if EPT is enabled.
So, I turn off EPT, I think this is a way to use shadow page table in KVM VM.
I exec some commands on host:
# cat /sys/module/kvm_intel/parameters/ept
Y //check if EPT is enabled, Yes it is
# rmmod kvm_intel
# modprobe kvm_intel ept=0,vpid=0 //Re-modprobe kvm_intel, but turn off EPT and VPID
# cat /sys/module/kvm_intel/parameters/ept
N // EPT is disabled
# cat /sys/module/kvm_intel/parameters/vpid
Y //VPID is still enabled
After these commads, I expect the EPT is disabled, However, I create a VM with 4 vcpu, but in VM, I use htop in VM only find i vcpu. I don't know why.
So, I turn on ept again, I can see 4 vcpu in vm using htop. But, on another server, I turn off ept, in VM, I still can find 4 vcpu.
In host, I test qemu thread num:
pstree -p | grep qemu
|-qemu-kvm(20594)-+-{qemu-kvm}(20612)
| |-{qemu-kvm}(20613)
| |-{qemu-kvm}(20614)
| |-{qemu-kvm}(20615)
| |-{qemu-kvm}(20618)
| `-{qemu-kvm}(23429)
There are still muti threads.
In KVM VM, I use lscpu to check:
# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0
Off-line CPU(s) list: 1-3
Thread(s) per core: 1
Core(s) per socket: 1
座: 1
NUMA 节点: 1
厂商 ID: GenuineIntel
CPU 系列: 6
型号: 62
型号名称: Intel(R) Xeon(R) CPU E5-2640 v2 # 2.00GHz
步进: 4
CPU MHz: 1999.999
BogoMIPS: 3999.99
超管理器厂商: KVM
虚拟化类型: 完全
L1d 缓存: 32K
L1i 缓存: 32K
L2 缓存: 4096K
NUMA 节点0 CPU: 0
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon rep_good nopl eagerfpu pni pclmulqdq ssse3 cx16 pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm fsgsbase tsc_adjust smep erms xsaveopt
VPID is still enabled cause your command format was incorrect
# modprobe kvm_intel ept=0 vpid=0(Use spaces instead of commas)
It seems I am one of the few trying to get Mono's mod_mono to run on httpd on Fedora 10.
Mono is installed and the httpd is configured to use mod_mono.conf
But when I do this:
service httpd start
I get this error:
Starting httpd: [crit] (13)Permission denied:
Failed to attach to existing dashboard,
and removing dashboard file '/var/run/mod_mono_dashboard_XXGLOBAL_1' failed
(Permission denied).
When I do this:
xsp
I get this error:
At System.OutOfMemoryException:.ctor (string), offset 0x18
Addr: 0x7f8e73d6e150
Callee: System.SystemException:.ctor (string)
**
ERROR:tramp-amd64.c:99:mono_arch_patch_callsite: code should not be reached
Stacktrace:
at System.OutOfMemoryException..ctor (string) <0xffffffff>
at System.OutOfMemoryException..ctor (string) <0x00018>
at (wrapper runtime-invoke) System.Object.runtime_invoke_void__this___string (object,intptr,intptr,intptr) <0xffffffff>
Native stacktrace:
/usr/lib64/libmono.so.0 [0x34f1a76812]
/lib64/libpthread.so.0 [0x315180f0f0]
/lib64/libc.so.6(gsignal+0x35) [0x3150c32f05]
/lib64/libc.so.6(abort+0x183) [0x3150c34a73]
/lib64/libglib-2.0.so.0(g_assertion_message+0x113) [0x34f125d7f3]
/usr/lib64/libmono.so.0 [0x34f1a9e7a8]
/usr/lib64/libmono.so.0 [0x34f1a7d080]
[0x7f8e741d016e]
Debug info from gdb:
=================================================================
Got a SIGABRT while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries
used by your application.
=================================================================
Aborted
Linux version:
Fedora release 10 (Cambridge)
Apache (httpd) version:
Server version: Apache/2.2.11 (Unix)
Server built: Mar 6 2009 09:12:52
Server's Module Magic Number: 20051115:21
Server loaded: APR 1.3.3, APR-Util 1.3.4
Compiled using: APR 1.3.3, APR-Util 1.3.4
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Mono version is 2.4 and Mono -V gives me this:
Mono JIT compiler version 2.0.1 (tarball)
Copyright (C) 2002-2008 Novell, Inc and Contributors. www.mono-project.com
TLS: __thread
GC: Included Boehm (with typed GC)
SIGSEGV: altstack
Notifications: epoll
Architecture: amd64
Disabled: none
Please help?
Thanks.
The first error you're getting is a known issue that shouldn't affect you. See this post.
As for the second error, shouldn't you be using "xsp2" instead of just "xsp"?
If that doesn't work, I would suggest you rather just try and install the latest Mono build from source. There are instructions here for Ubuntu, but it should be similar enough for you to follow.
I have tried to install again mono, mod_mono, xsp form distribution, then
from source using 2.2, 2.4 and svn.
The problem is with the kernel 2.6.24-23-xen present on both servers. It
has a bug that has been fixed in the following versions . The problem is
the 64bit XEN kernel does not honour the MAP_32BIT flag.
And to add insult to injury, i cannot upgrade the kernels because it's a
VPS and i cannot install kernels.