Init commit.

2021-09-29 11:53:05 +02:00 · 2021-09-29 11:53:05 +02:00 · a90b42d1ad
commit a90b42d1ad
2 changed files with 138 additions and 0 deletions
--- a/win10vm.bash
+++ b/win10vm.bash
@ -0,0 +1,133 @@
+#!/usr/bin/env bash
+
+set -x
+
+vmname="win10vm"
+gpu_id="0000:65:00.0"
+audio_id="0000:65:00.1"
+ssd_id="0000:02:00.0"
+hdd_path=/dev/disk/by-id/ata-WDC_WD2003FZEX-00SRLA0_WD-WMC6N0L0MZFH
+sata_id="0000:07:00.0"
+bridge_name="br-qemu-win-vm"
+tap_name="tap-qemu-win-vm"
+dhcp_subnet=172.254.0.1/16
+dhcp_range=172.254.0.2,172.254.255.254
+iface_forward="wlp4s0 eno1"
+
+# graphical sudo
+if [ -n "$SUDO" ]; then
+    SUDO="$SUDO"
+elif [ -t 1 ]; then
+    SUDO=sudo
+else
+    export SUDO_ASKPASS=/usr/lib/ssh/ssh-askpass
+    SUDO='sudo --askpass'
+fi
+if ! which $SUDO 2>&1 >/dev/null; then
+    SUDO=sudo
+fi
+
+if ps -A | grep -q $vmname; then
+	echo "$vmname is already running." &
+	exit 1
+else
+    efi_vars="/tmp/$vmname-efi-vars.fs"
+    cp /usr/share/ovmf/x64/OVMF_VARS.fd "$efi_vars"
+
+    # rebind ssd to vfio-pci driver
+    # this is needed since the nvme driver claims this device
+    # before the module load vfio-pci can claim it.
+    echo "$ssd_id" | sudo tee '/sys/bus/pci/drivers/nvme/unbind'
+    echo "$ssd_id" | sudo tee '/sys/bus/pci/drivers/vfio-pci/bind'
+
+    echo "$sata_id" | sudo tee '/sys/bus/pci/drivers/ahci/unbind'
+    echo "$sata_id" | sudo tee '/sys/bus/pci/drivers/vfio-pci/bind'
+
+    # unbind the efifb driver from the primary gpu
+    echo efi-framebuffer.0 | sudo tee \
+        '/sys/bus/platform/devices/efi-framebuffer.0/driver/unbind'
+
+    # create bridge
+    $SUDO ip link add name $bridge_name type bridge
+    $SUDO ip addr add "$dhcp_subnet" dev $bridge_name
+    $SUDO ip link set dev $bridge_name up
+    $SUDO ip tuntap add $tap_name mode tap
+    $SUDO ip link set $tap_name up
+    $SUDO ip link set dev $tap_name master $bridge_name
+    $SUDO dnsmasq --interface=$bridge_name --bind-interface --dhcp-range=$dhcp_range
+    # instead just specify dns server for adapter in windows
+
+    nft_restore_rules="$($SUDO nft -s list ruleset)"
+
+    # for dhcp and stuff
+    $SUDO nft add rule ip filter INPUT udp dport 67 accept
+    $SUDO nft add rule ip filter INPUT tcp dport 67 accept
+    $SUDO nft add rule ip filter INPUT udp dport 53 accept
+    $SUDO nft add rule ip filter INPUT tcp dport 53 accept
+    # barrier and scream
+    $SUDO nft add rule ip filter INPUT udp dport 4010 accept
+    $SUDO nft add rule ip filter INPUT tcp dport 4010 accept
+    # $SUDO nft add rule ip filter INPUT udp dport 24800 accept
+    # $SUDO nft add rule ip filter INPUT tcp dport 24800 accept
+    # forward to interfaces
+    $SUDO nft add rule ip filter FORWARD iifname "$bridge_name" counter packets 0 bytes 0 accept
+    $SUDO nft add rule ip filter FORWARD oifname "$bridge_name" counter packets 0 bytes 0 accept
+    for iface in $iface_forward; do
+        $SUDO nft add rule ip nat POSTROUTING oifname "$iface" counter masquerade
+    done
+
+    scream -i $bridge_name &
+
+    
+        # -cpu host,kvm=off,hv-vendor-id=null,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,-hypervisor \
+        # -device vfio-pci,host=$gpu_id,multifunction=on,id=gpu,romfile=/opt/vm/1080ti_asus.rom \
+        # -cpu host,topoext,tsc_deadline,tsc_adjust,kvm=on,hv_vendor_id=null,hv_vpindex,hv_runtime,hv_synic,hv_stimer,hv_reset,hv_frequencies,hv_tlbflush,hv_reenlightenment,hv_ipi,l3-cache,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff \
+
+    $SUDO nice --adjustment=-20 taskset --cpu-list '1-5,7-11' qemu-system-x86_64 \
+        -name $vmname,process=$vmname \
+        -machine type=q35,accel=kvm,kernel_irqchip=on \
+        -smp 10,sockets=1,cores=5,threads=2 \
+	-enable-kvm \
+        -cpu host,topoext,tsc_deadline,tsc_adjust,kvm=on,hv_vendor_id=null,hv_vpindex,hv_runtime,hv_synic,hv_stimer,hv_reset,hv_frequencies,hv_tlbflush,hv_reenlightenment,hv_ipi,l3-cache,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff \
+	-m 12G \
+        -mem-prealloc -mem-path /dev/hugepages \
+        -vga none -nographic \
+        -parallel none \
+        -serial none \
+        -rtc clock=host,base=localtime,driftfix=none \
+	-usb \
+        -device usb-host,hostbus=1,hostport=6.1 \
+        -device usb-host,hostbus=1,hostport=6.2 \
+        -device usb-host,hostbus=1,hostport=6.3 \
+        -device usb-host,hostbus=1,hostport=6.4 \
+        -netdev tap,id=net0,br=$bridge_name,ifname=$tap_name,script=no,downscript=no \
+        -device e1000,netdev=net0 \
+        -audiodev pa,id=snd0,server=unix:/run/user/$(id -u)/pulse/native \
+        -device intel-hda -device hda-duplex,audiodev=snd0 \
+        -drive if=pflash,format=raw,readonly=on,file=/usr/share/ovmf/x64/OVMF_CODE.fd \
+        -drive if=pflash,format=raw,file="$efi_vars" \
+        -device vfio-pci,host=$gpu_id,multifunction=on,id=gpu,romfile=/opt/vm/1080ti_asus.rom \
+        -device vfio-pci,host=$audio_id,id=audio \
+        -device vfio-pci,host=$ssd_id,id=sdd \
+	-device vfio-pci,host=$sata_id,id=sata \
+        -boot order=dc \
+        -drive file=/opt/vm/virtio-win-0.1.185.iso,media=cdrom \
+        -drive file=/opt/vm/Win10_21H1_EnglishInternational_x64.iso,media=cdrom \
+        -device ivshmem-plain,memdev=ivshmem \
+        -object memory-backend-file,id=ivshmem,share=on,mem-path=/dev/shm/looking-glass,size=64 \
+	-d int -D /var/log/qemu.log
+	# -object iothread,id=io1 \
+	# -drive id=hdd,if=none,cache=none,format=raw,aio=threads,file=$hdd_path \
+	# -device virtio-blk-pci,drive=hdd,iothread=io1 \
+	# -device virtio-serial \
+	# -spice port=5900,addr=127.0.0.1,disable-ticketing \
+	exit_code=$?
+
+    $SUDO nft flush ruleset
+    $SUDO nft -f - <<< "$nft_restore_rules"
+    $SUDO ip link del "$tap_name"
+    $SUDO ip link del "$bridge_name"
+    killall scream
+    $SUDO killall dnsmasq
+    exit $exit_code
+fi
--- a/win10vm.desktop
+++ b/win10vm.desktop
@ -0,0 +1,5 @@
+[Desktop Entry]
+Name=Windows 10 VM
+Exec=/opt/vm/win10vm.bash
+Type=Application
+Categories=Game;Utility;