Installing passthrough for virt-manager

I'm on MX25 Linux. I need a step by step guide to installing passthrough for virt-manager. My GPU specs are nvidia-smi

#Computer

https://www.perplexity.ai/search/i-m-on-mx25-linux-i-need-a-ste-aVlY7O0_TgSURrgDk1QtVA

uwzisGPU-Passthrough-Manager GPU passthrough made easy.

You can do GPU passthrough for your RTX 4070 on MX Linux (Debian-based) using the standard KVM/VFIO approach; the main steps are: enable IOMMU/virtualization in BIOS, configure the kernel with VFIO options, isolate the GPU from the host using vfio-pci, and then attach the GPU to your VM in virt‑manager while also handling NVIDIA’s anti-VM behavior.[7][9]

Below is a concise, practical step‑by‑step focused on MX25 + NVIDIA + virt‑manager.

1. Check hardware & install KVM stack

  1. Reboot into BIOS/UEFI and enable:

    • Intel: VT‑d / Intel IOMMU / “Intel Virtualization for Directed I/O”.
    • AMD: SVM / AMD‑V and IOMMU / AMD‑Vi.[7]

  2. Boot MX25 and install KVM+virt‑manager and UEFI firmware:

    sudo apt update
sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients virt-manager ovmf

  3. Add your user to libvirt and kvm groups, then re‑login:

    sudo usermod -aG libvirt,kvm $USER

    This is the typical setup on Debian/MX for virt‑manager.[9][7]

2. Enable IOMMU in the kernel

  1. Find if you are on GRUB (most MX installs are). Edit:

    sudo nano /etc/default/grub

  2. In the line starting with GRUB_CMDLINE_LINUX_DEFAULT, add:

    • For Intel CPU:
      • intel_iommu=on iommu=pt
    • For AMD CPU:
      • amd_iommu=on iommu=pt[8][7]

    Example:

    GRUB_CMDLINE_LINUX_DEFAULT="quiet splash intel_iommu=on iommu=pt"

  3. Update GRUB and reboot:

    sudo update-grub
sudo reboot

  4. After reboot, verify IOMMU:

    dmesg | grep -e IOMMU -e DMAR

    You should see lines indicating IOMMU enabled / DMAR active.[8][7]

3. Inspect IOMMU groups and get GPU IDs

You want the RTX 4070 (and its audio function) in their own IOMMU group or in a group where everything can be passed to the VM.

  1. Install pciutils if missing and list groups:

    sudo apt install pciutils
find /sys/kernel/iommu_groups/ -type l

  2. Identify the GPU and its audio device:

    lspci -nn | grep -E "NVIDIA|VGA|Audio"

    On a 4070, you’ll see something like:

    • 01:00.0 VGA compatible controller: NVIDIA Corporation ... [10de:XXXX]
    • 01:00.1 Audio device: NVIDIA Corporation ... [10de:YYYY]

    Note both IDs in the [vendor:device] form (for example, 10de:2786 and 10de:22bc).[7][8]

4. Bind GPU to vfio-pci (hide it from host Xorg)

Because your Xorg and desktop currently use the 4070, you need to move it to vfio-pci so only the VM can use it.[8][7]

  1. Create a modprobe file:

    sudo nano /etc/modprobe.d/vfio.conf

  2. Add (using your own IDs from lspci):

    options vfio-pci ids=10de:XXXX,10de:YYYY
options vfio-pci disable_vga=1

  3. Ensure required modules load early:

    echo -e "vfio\nvfio_pci\nvfio_iommu_type1\nvfio_virqfd" | sudo tee /etc/modules-load.d/vfio.conf

  4. Blacklist the regular NVIDIA stack for the host:

    sudo nano /etc/modprobe.d/blacklist-nvidia-gpu-passthrough.conf

    Add:

    blacklist nvidia
blacklist nvidia_drm
blacklist nvidia_modeset
blacklist nouveau

    This prevents the host Xorg from grabbing the 4070.[7][8]

  5. Rebuild initramfs and reboot:

    sudo update-initramfs -u
sudo reboot

  6. After reboot, confirm vfio-pci is in use:

    lspci -nnk -d 10de:XXXX

    The “Kernel driver in use” should show vfio-pci.[8][7]

5. Prepare Windows VM in virt‑manager

You should ideally have a second GPU or iGPU for the Linux host’s display; otherwise you’ll be headless on the host and manage it over SSH. Most passthrough guides assume two GPUs.[3][7]

  1. Start virt‑manager, create a new VM:

    • OS type: Windows 10/11 (depending on ISO).
    • Firmware: choose UEFI (OVMF) in the Overview → Firmware field.[7]
    • Storage: place VM image on a fast disk.

  2. Before first boot, go to:

    • “Add Hardware” → “PCI Host Device”
    • Add:
      • The RTX 4070 (VGA device).
      • The NVIDIA audio device on the same bus (01:00.1 etc.).[10][7]

  3. For better performance:

    • Set CPU model to “host‑passthrough” in CPU settings.
    • Use VirtIO disk and network drivers for Windows (via VirtIO ISO).

6. Fix NVIDIA drivers detecting a VM

Recent NVIDIA Windows drivers may refuse to work if they detect they are inside a VM. You can hide KVM from the guest via XML changes.[2][7]

  1. In virt‑manager, open the VM → “Overview” → “XML” or “Edit XML” (enable XML editing in preferences if needed).[2][7]

  2. Inside the <features> section, add:

    <kvm>
  <hidden state='on'/>
</kvm>

    This is equivalent to setting kvm=off and helps NVIDIA drivers load correctly in the guest.[2][7]

  3. Ensure the <hyperv> feature is either disabled or minimally used if you run into error 43‑style driver issues.

7. Boot VM and install drivers

  1. Boot the VM; it should show output on the monitor connected to the 4070 (if directly cabled) or via SPICE/VNC (though performance is on the passed‑through GPU).[7]
  2. In Windows, install:
    • Chipset drivers, if needed.
    • Latest NVIDIA Game Ready or Studio drivers for the RTX 4070.[1][7]
  3. Check Device Manager:
    • No yellow exclamation on the NVIDIA GPU.
    • NVIDIA Control Panel opens normally.

If the driver refuses to load or you get code 43–type symptoms:

  • Double‑check the <kvm hidden='on'> feature is present.
  • Confirm the host is not loading any NVIDIA driver for that card (lspci -nnk shows vfio-pci only).[2][7]

8. Quick comparison: host vs VM setup focus

Aspect Host (MX25) setup goal VM (Windows) setup goal
IOMMU/BIOS Enable VT‑d / IOMMU / AMD‑Vi Not applicable
Kernel params intel_iommu=on or amd_iommu=on iommu=pt Not applicable
Driver binding RTX 4070 bound to vfio-pci, not nvidia NVIDIA Windows driver sees bare‑metal GPU
virt‑manager config OVMF firmware, PCI passthrough devices added OS type set to Windows, CPU host‑passthrough
Anti‑VM handling <kvm hidden='on'/> in XML NVIDIA driver loads without error 43‑style issue

[9][2][8][7]

If you paste the output of lspci -nn | grep -E "NVIDIA|VGA|Audio" and confirm whether you have an iGPU or second card for the host, a tailored set of exact lines for your vfio.conf and GRUB entry can be provided.

1
2
3
4
5
6
7
8
9
10