133 lines
5.4 KiB
Bash
Executable file
133 lines
5.4 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
set -x
|
|
|
|
vmname="win10vm"
|
|
gpu_id="0000:65:00.0"
|
|
audio_id="0000:65:00.1"
|
|
ssd_id="0000:02:00.0"
|
|
hdd_path=/dev/disk/by-id/ata-WDC_WD2003FZEX-00SRLA0_WD-WMC6N0L0MZFH
|
|
sata_id="0000:07:00.0"
|
|
bridge_name="br-qemu-win-vm"
|
|
tap_name="tap-qemu-win-vm"
|
|
dhcp_subnet=172.254.0.1/16
|
|
dhcp_range=172.254.0.2,172.254.255.254
|
|
iface_forward="wlp4s0 eno1"
|
|
|
|
# graphical sudo
|
|
if [ -n "$SUDO" ]; then
|
|
SUDO="$SUDO"
|
|
elif [ -t 1 ]; then
|
|
SUDO=sudo
|
|
else
|
|
export SUDO_ASKPASS=/usr/lib/ssh/ssh-askpass
|
|
SUDO='sudo --askpass'
|
|
fi
|
|
if ! which $SUDO 2>&1 >/dev/null; then
|
|
SUDO=sudo
|
|
fi
|
|
|
|
if ps -A | grep -q $vmname; then
|
|
echo "$vmname is already running." &
|
|
exit 1
|
|
else
|
|
efi_vars="/tmp/$vmname-efi-vars.fs"
|
|
cp /usr/share/ovmf/x64/OVMF_VARS.fd "$efi_vars"
|
|
|
|
# rebind ssd to vfio-pci driver
|
|
# this is needed since the nvme driver claims this device
|
|
# before the module load vfio-pci can claim it.
|
|
echo "$ssd_id" | sudo tee '/sys/bus/pci/drivers/nvme/unbind'
|
|
echo "$ssd_id" | sudo tee '/sys/bus/pci/drivers/vfio-pci/bind'
|
|
|
|
echo "$sata_id" | sudo tee '/sys/bus/pci/drivers/ahci/unbind'
|
|
echo "$sata_id" | sudo tee '/sys/bus/pci/drivers/vfio-pci/bind'
|
|
|
|
# unbind the efifb driver from the primary gpu
|
|
echo efi-framebuffer.0 | sudo tee \
|
|
'/sys/bus/platform/devices/efi-framebuffer.0/driver/unbind'
|
|
|
|
# create bridge
|
|
$SUDO ip link add name $bridge_name type bridge
|
|
$SUDO ip addr add "$dhcp_subnet" dev $bridge_name
|
|
$SUDO ip link set dev $bridge_name up
|
|
$SUDO ip tuntap add $tap_name mode tap
|
|
$SUDO ip link set $tap_name up
|
|
$SUDO ip link set dev $tap_name master $bridge_name
|
|
$SUDO dnsmasq --interface=$bridge_name --bind-interface --dhcp-range=$dhcp_range
|
|
# instead just specify dns server for adapter in windows
|
|
|
|
nft_restore_rules="$($SUDO nft -s list ruleset)"
|
|
|
|
# for dhcp and stuff
|
|
$SUDO nft add rule ip filter INPUT udp dport 67 accept
|
|
$SUDO nft add rule ip filter INPUT tcp dport 67 accept
|
|
$SUDO nft add rule ip filter INPUT udp dport 53 accept
|
|
$SUDO nft add rule ip filter INPUT tcp dport 53 accept
|
|
# barrier and scream
|
|
$SUDO nft add rule ip filter INPUT udp dport 4010 accept
|
|
$SUDO nft add rule ip filter INPUT tcp dport 4010 accept
|
|
# $SUDO nft add rule ip filter INPUT udp dport 24800 accept
|
|
# $SUDO nft add rule ip filter INPUT tcp dport 24800 accept
|
|
# forward to interfaces
|
|
$SUDO nft add rule ip filter FORWARD iifname "$bridge_name" counter packets 0 bytes 0 accept
|
|
$SUDO nft add rule ip filter FORWARD oifname "$bridge_name" counter packets 0 bytes 0 accept
|
|
for iface in $iface_forward; do
|
|
$SUDO nft add rule ip nat POSTROUTING oifname "$iface" counter masquerade
|
|
done
|
|
|
|
scream -i $bridge_name &
|
|
|
|
|
|
# -cpu host,kvm=off,hv-vendor-id=null,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff,-hypervisor \
|
|
# -device vfio-pci,host=$gpu_id,multifunction=on,id=gpu,romfile=/opt/vm/1080ti_asus.rom \
|
|
# -cpu host,topoext,tsc_deadline,tsc_adjust,kvm=on,hv_vendor_id=null,hv_vpindex,hv_runtime,hv_synic,hv_stimer,hv_reset,hv_frequencies,hv_tlbflush,hv_reenlightenment,hv_ipi,l3-cache,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff \
|
|
|
|
$SUDO nice --adjustment=-20 taskset --cpu-list '1-5,7-11' qemu-system-x86_64 \
|
|
-name $vmname,process=$vmname \
|
|
-machine type=q35,accel=kvm,kernel_irqchip=on \
|
|
-smp 10,sockets=1,cores=5,threads=2 \
|
|
-enable-kvm \
|
|
-cpu host,topoext,tsc_deadline,tsc_adjust,kvm=on,hv_vendor_id=null,hv_vpindex,hv_runtime,hv_synic,hv_stimer,hv_reset,hv_frequencies,hv_tlbflush,hv_reenlightenment,hv_ipi,l3-cache,hv_time,hv_relaxed,hv_vapic,hv_spinlocks=0x1fff \
|
|
-m 12G \
|
|
-mem-prealloc -mem-path /dev/hugepages \
|
|
-vga none -nographic \
|
|
-parallel none \
|
|
-serial none \
|
|
-rtc clock=host,base=localtime,driftfix=none \
|
|
-usb \
|
|
-device usb-host,hostbus=1,hostport=6.1 \
|
|
-device usb-host,hostbus=1,hostport=6.2 \
|
|
-device usb-host,hostbus=1,hostport=6.3 \
|
|
-device usb-host,hostbus=1,hostport=6.4 \
|
|
-netdev tap,id=net0,br=$bridge_name,ifname=$tap_name,script=no,downscript=no \
|
|
-device e1000,netdev=net0 \
|
|
-audiodev pa,id=snd0,server=unix:/run/user/$(id -u)/pulse/native \
|
|
-device intel-hda -device hda-duplex,audiodev=snd0 \
|
|
-drive if=pflash,format=raw,readonly=on,file=/usr/share/ovmf/x64/OVMF_CODE.fd \
|
|
-drive if=pflash,format=raw,file="$efi_vars" \
|
|
-device vfio-pci,host=$gpu_id,multifunction=on,id=gpu,romfile=/opt/vm/1080ti_asus.rom \
|
|
-device vfio-pci,host=$audio_id,id=audio \
|
|
-device vfio-pci,host=$ssd_id,id=sdd \
|
|
-device vfio-pci,host=$sata_id,id=sata \
|
|
-boot order=dc \
|
|
-drive file=/opt/vm/virtio-win-0.1.185.iso,media=cdrom \
|
|
-drive file=/opt/vm/Win10_21H1_EnglishInternational_x64.iso,media=cdrom \
|
|
-device ivshmem-plain,memdev=ivshmem \
|
|
-object memory-backend-file,id=ivshmem,share=on,mem-path=/dev/shm/looking-glass,size=64 \
|
|
-d int -D /var/log/qemu.log
|
|
# -object iothread,id=io1 \
|
|
# -drive id=hdd,if=none,cache=none,format=raw,aio=threads,file=$hdd_path \
|
|
# -device virtio-blk-pci,drive=hdd,iothread=io1 \
|
|
# -device virtio-serial \
|
|
# -spice port=5900,addr=127.0.0.1,disable-ticketing \
|
|
exit_code=$?
|
|
|
|
$SUDO nft flush ruleset
|
|
$SUDO nft -f - <<< "$nft_restore_rules"
|
|
$SUDO ip link del "$tap_name"
|
|
$SUDO ip link del "$bridge_name"
|
|
killall scream
|
|
$SUDO killall dnsmasq
|
|
exit $exit_code
|
|
fi
|