Arch QEMU-KVM OVMF GPT Passthrough
I . Packages to install :
pacman -S qemu virt-manager virtviewer dnsmasq iptables ebtables
II. Configuring Host before passing through :
modprobe -r kvm_intel
modprobe kvm_intel nested=1
Make sure you do not have the GPU you want to passthrough in your slot #0 of your PCI lanes. This will alter the ROM as soon as the host is booted, and you will be unable to use your GPU properly on your guest.
III. The script below will show you all PCI devices and their mapping to their respective IOMMU groups. If the output is blank, you do not have IOMMU enabled.
#!/bin/bash
shopt -s nullglob
for d in /sys/kernel/iommu_groups/*/devices/*; do
n=${d#*/iommu_groups/*}; n=${n%%/*}
printf 'IOMMU Group %s ' "$n"
lspci -nns "${d##*/}"
done;
Enabling IOMMU :
You will need to add a boot load kernel option. :
For Intel CPUs : intel_iommu=on
For AMD CPUs: amd_iommu=on
Example output :
IOMMU Group 30 00:1d.0 USB controller [0c03]: Intel Corporation C610/X99 series chipset USB Enhanced Host Controller #1 [8086:8d26] (rev 05)
IOMMU Group 31 00:1f.0 ISA bridge [0601]: Intel Corporation C610/X99 series chipset LPC Controller [8086:8d47] (rev 05)
IOMMU Group 31 00:1f.2 SATA controller [0106]: Intel Corporation C610/X99 series chipset 6-Port SATA Controller [AHCI mode] [8086:8d02] (rev 05)
IOMMU Group 31 00:1f.3 SMBus [0c05]: Intel Corporation C610/X99 series chipset SMBus Controller [8086:8d22] (rev 05)
IOMMU Group 32 06:00.0 VGA compatible controller [0300]: NVIDIA Corporation GP104 [GeForce GTX 1080] [10de:1b80] (rev a1)
IOMMU Group 32 06:00.1 Audio device [0403]: NVIDIA Corporation GP104 High Definition Audio Controller [10de:10f0] (rev a1)
IOMMU Group 33 07:00.0 VGA compatible controller [0300]: NVIDIA Corporation GP107 [GeForce GTX 1050] [10de:1c81] (rev a1)
IOMMU Group 33 07:00.1 Audio device [0403]: NVIDIA Corporation GP107GL High Definition Audio Controller [10de:0fb9] (rev a1)
IOMMU Group 34 09:00.0 USB controller [0c03]: VIA Technologies, Inc. VL805 USB 3.0 Host Controller [1106:3483] (rev 01)
IOMMU Group 35 0a:00.0 USB controller [0c03]: ASMedia Technology Inc. ASM1042A USB 3.0 Host Controller [1b21:1142]
IV. Isolating your GPU
To assign a GPU device to a Virtual machine, you will need to use a place holder driver to prevent the host from interacting with it on boot. You cannot dynamically re-assign a GPU device on a VM after you booted due to its complexity. You can use either VFIO or pci-stub.
Most newer machines will have VFIO by default, which we will be using here.
If your system supports it, which you can try by running the following command, you should use it. If it returns an error, use pci-stub instead.
[]# modinfo vfio-pci
-----
filename: /lib/modules/4.9.53-1-lts/kernel/drivers/vfio/pci/vfio-pci.ko.gz
description: VFIO PCI - User Level meta-driver
author: Alex Williamson <alex.williamson@redhat.com>
license: GPL v2
In this case here I'm interested in the following groups to passthrough :
IOMMU Group 32 06:00.0 VGA compatible controller [0300]: NVIDIA Corporation GP104 [GeForce GTX 1080] [10de:1b80] (rev a1)
IOMMU Group 32 06:00.1 Audio device [0403]: NVIDIA Corporation GP104 High Definition Audio Controller [10de:10f0] (rev a1)
Adding their relevant IDs to the VFIO driver :
After you completed the below steps, your GPU will no longer be detected by your host, make sure you have a secondary GPU available.
/etc/modprobe.d/vfio.conf
options vfio-pci ids=10de:1b80,10de:10f0
Make sure that your vfio-pci driver will be loaded before other graphics driver. Their modules need to be added before any other graphical drivers :
/etc/mkinitcpio.conf
MODULES= vfio vfio_iommu_type1 vfio_pci vfio_virqfd
If you added modules, make sure to regenerate your kernel image configuration. :
mkinitcpio -p linux