Greetings,
I'm trying to boot a VM with pi of the on sound card and the gpu using libvirt[1] and
qemu
I have a script that loads the needed KVM mods, starts libvirt and press the HDD
Then starts the VM with virus.
I've configured qemu hooks to run scripts in the relevant events.
In prepare, I disable active ui, unbind the screen and consoles, unload all the mods of
the hw and load the vfio mods with the IDs of the devs and allow unsafe intrs.
Then libvirt tries to start the VM and fails with the this error:
error: Failed to start domain 'win_user_home'
error: internal error: qemu unexpectedly closed the monitor: 2023-05-01T14:59:49.968252Z
qemu-system-x86_64: -device
{"driver":"vfio-pci","host":"0000:05:00.0","id":"hostdev0","bus":"pci.5","multifunction":true,"addr":"0x0"}:
vfio 0000:05:00.0: failed to setup container for group 14: Failed to set iommu for
container: Operation not permitted
The GPU has its own iommu group[2] and I pass the soundcard too.
Why am I getting this error?
I did got the VM to start in earlier more simple setup with less devices so I know it
boots.
thanks,
Dagg
1. xml file:
<domain type='kvm'>
<name>win_user_home</name>
<uuid>f17be092-0fcb-47b6-b717-d4b8052ed289</uuid>
<metadata>
<libosinfo:libosinfo
xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0"...
<libosinfo:os
id="http://microsoft.com/win/11"/>
</libosinfo:libosinfo>
</metadata>
<memory unit='KiB'>24582834</memory>
<currentMemory unit='KiB'>24582834</currentMemory>
<vcpu placement='static'>12</vcpu>
<os firmware='efi'>
<type arch='x86_64' machine='pc-q35-7.1'>hvm</type>
<firmware>
<feature enabled='no' name='enrolled-keys'/>
<feature enabled='yes' name='secure-boot'/>
</firmware>
<loader readonly='yes' secure='yes'
type='pflash'>/usr/share/edk2-ovmf/OVMF_CODE.secboot.fd</loader>
<nvram
template='/usr/share/edk2-ovmf/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/win_user_home_VARS.fd</nvram>
<boot dev='cdrom'/>
<bootmenu enable='no'/>
</os>
<features>
<acpi/>
<apic/>
<hyperv mode='custom'>
<relaxed state='on'/>
<vapic state='on'/>
<spinlocks state='on' retries='8191'/>
<vpindex state='on'/>
<runtime state='on'/>
<synic state='on'/>
<reset state='on'/>
<vendor_id state='on' value='wateverr'/>
<frequencies state='on'/>
</hyperv>
<kvm>
<hidden state='on'/>
</kvm>
<vmport state='off'/>
<smm state='on'/>
<ioapic driver='kvm'/>
</features>
<cpu mode='host-passthrough' check='none'
migratable='on'>
<topology sockets='1' dies='1' cores='6'
threads='2'/>
<cache level='3' mode='emulate'/>
<feature policy='require' name='topoext'/>
</cpu>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
<timer name='kvmclock' present='yes'/>
<timer name='hypervclock' present='yes'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none'
io='native' discard='unmap' detect_zeroes='unmap'/>
<source dev='/dev/loop0p2'/>
<target dev='vdb' bus='virtio'/>
<address type='pci' domain='0x0000' bus='0x03'
slot='0x00' function='0x0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<source
file='/home/virt_admin/Win11_22H2_EnglishInternational_x64v1.iso'/>
<target dev='sda' bus='sata'/>
<readonly/>
<address type='drive' controller='0' bus='0'
target='0' unit='1'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci'
ports='15'>
<address type='pci' domain='0x0000' bus='0x02'
slot='0x00' function='0x0'/>
</controller>
<controller type='sata' index='0'>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x1f' function='0x2'/>
</controller>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x8'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x9'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x1'/>
</controller>
<controller type='pci' index='3'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0xa'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x2'/>
</controller>
<controller type='pci' index='4'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0xb'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x3'/>
</controller>
<controller type='pci' index='5'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0xc'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x4'/>
</controller>
<controller type='pci' index='6'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0xd'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x5'/>
</controller>
<controller type='pci' index='7'
model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0xe'/>
<address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x6'/>
</controller>
<interface type='bridge'>
<mac address='52:54:00:85:5b:21'/>
<source bridge='br0'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x01'
slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<tpm model='tpm-tis'>
<backend type='emulator' version='2.0'/>
</tpm>
<audio id='1' type='none'/>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x05' slot='0x00'
function='0x0'/>
</source>
<address type='pci' domain='0x0000' bus='0x05'
slot='0x00' function='0x0' multifunction='on'/>
</hostdev>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x05' slot='0x00'
function='0x1'/>
</source>
<address type='pci' domain='0x0000' bus='0x05'
slot='0x00' function='0x1'/>
</hostdev>
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x07' slot='0x00'
function='0x4'/>
</source>
<address type='pci' domain='0x0000' bus='0x07'
slot='0x00' function='0x4'/>
</hostdev>
<watchdog model='itco' action='reset'/>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x04'
slot='0x00' function='0x0'/>
</memballoon>
</devices>
</domain>
2. iommu list:
IOMMU Group 0:
00:01.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 1:
00:01.2 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP
Bridge [1022:1483]
IOMMU Group 2:
00:02.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 3:
00:03.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 4:
00:03.1 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse GPP
Bridge [1022:1483]
IOMMU Group 5:
00:04.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 6:
00:05.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 7:
00:07.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 8:
00:07.1 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
Internal PCIe GPP Bridge 0 to bus[E:B] [1022:1484]
IOMMU Group 9:
00:08.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
PCIe Dummy Host Bridge [1022:1482]
IOMMU Group 10:
00:08.1 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
Internal PCIe GPP Bridge 0 to bus[E:B] [1022:1484]
IOMMU Group 11:
00:14.0 SMBus [0c05]: Advanced Micro Devices, Inc. [AMD] FCH SMBus Controller
[1022:790b] (rev 61)
00:14.3 ISA bridge [0601]: Advanced Micro Devices, Inc. [AMD] FCH LPC Bridge
[1022:790e] (rev 51)
IOMMU Group 12:
00:18.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 0 [1022:1440]
00:18.1 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 1 [1022:1441]
00:18.2 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 2 [1022:1442]
00:18.3 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 3 [1022:1443]
00:18.4 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 4 [1022:1444]
00:18.5 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 5 [1022:1445]
00:18.6 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 6 [1022:1446]
00:18.7 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Matisse/Vermeer
Data Fabric: Device 18h; Function 7 [1022:1447]
IOMMU Group 13:
01:00.0 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD] 500 Series
Chipset USB 3.1 XHCI Controller [1022:43ee]
01:00.1 SATA controller [0106]: Advanced Micro Devices, Inc. [AMD] 500 Series
Chipset SATA Controller [1022:43eb]
01:00.2 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] 500 Series Chipset
Switch Upstream Port [1022:43e9]
02:08.0 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Device [1022:43ea]
02:09.0 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Device [1022:43ea]
03:00.0 Network controller [0280]: Intel Corporation Wi-Fi 6 AX200 [8086:2723]
(rev 1a)
04:00.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. RTL8125 2.5GbE
Controller [10ec:8125] (rev 04)
IOMMU Group 14:
05:00.0 VGA compatible controller [0300]: NVIDIA Corporation GP107 [GeForce GTX
1050 Ti] [10de:1c82] (rev a1)
05:00.1 Audio device [0403]: NVIDIA Corporation GP107GL High Definition Audio
Controller [10de:0fb9] (rev a1)
IOMMU Group 15:
06:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD]
Starship/Matisse PCIe Dummy Function [1022:148a]
IOMMU Group 16:
07:00.0 Non-Essential Instrumentation [1300]: Advanced Micro Devices, Inc. [AMD]
Starship/Matisse Reserved SPP [1022:1485]
IOMMU Group 17:
07:00.1 Encryption controller [1080]: Advanced Micro Devices, Inc. [AMD]
Starship/Matisse Cryptographic Coprocessor PSPCPP [1022:1486]
IOMMU Group 18:
07:00.3 USB controller [0c03]: Advanced Micro Devices, Inc. [AMD] Matisse USB 3.0
Host Controller [1022:149c]
IOMMU Group 19:
07:00.4 Audio device [0403]: Advanced Micro Devices, Inc. [AMD] Starship/Matisse
HD Audio Controller [1022:1487]