XNU in Mac OS X Snow Leopard, v10.6, (Darwin version 10) comes in two varieties, a 32-bit version called K32 and a 64-bit version called K64. K32 can run 64-bit applications in userland. What was new in Mac OS X 10.6 was the ability to run XNU in 64-bit kernel space.K32 was the default kernel for 10.6 Server when used on all machines except Mac Pro and Xserve models from 2008 onwards and can.
Macbook Pro, Mac OS X (10.6.6)
Posted on Feb 6, 2011 2:58 PM
We’ve made every attempt to make this as straightforward as possible, but there’s a lot more ground to cover here than in the first part of the guide. If you find glaring errors or have suggestions to make the process easier, let us know on our discord.
With that out of the way, let’s talk about what you need to get 3D acceleration up and running:
If you’ve arrived here without context, check out part one of the guide here.
lspci
.Provided you have hardware that supports this process, it should be relatively straightforward.
First, you want to enable virtualization extensions and IOMMU in your uefi. The exact name and locations varies by vendor and motherboard. These features are usually titled something like “virtualization support” “VT-x” or “SVM” — IOMMU is usually labelled “VT-d” or “AMD-Vi” if not just “IOMMU support.”
Once you’ve enabled these features, you need to tell Linux to use them, as well as what PCI devices to reserve for your vm. The best way of going about this is changing your kernel commandline boot options, which you do by editing your bootloader’s configuration files. We’ll be covering Grub 2 here because it’s the most common. Systemd-boot distributions like Pop!OS will have to do things differently.
run lspci -nnk grep 'VGA Audio'
— this will output a list of installed devices relevant to your GPU. You can also just run lspci -nnk
to get all attached devices, in case you want to pass through something else, like an NVMe drive or a usb controller. Look for the device ids for each device you intend to pass through, for example, my GTX 1070 is listed as [10de:1b81]
and [10de:10f0]
for the HDMI audio. You need to use every device ID associated with your device, and most GPUs have both an audio controller and VGA. Some cards, in particular VR-ready nvidia GPUs and the new 20 series GPUs will have more devices you’ll need to pass, so refer to the full output to make sure you got all of them.
If two devices you intend to pass through have the same ID, you will have to use a workaround to make them functional. Check the troubleshooting section for more information.
Once you have the IDs of all the devices you intend to pass through taken down, it’s time to edit your grub config:
It should look something like this:
In the line GRUB_CMDLINE_LINUX=
add these arguments, separated by spaces: intel_iommu=on
OR amd_iommu=on
, iommu=pt
and vfio-pci.ids=
followed by the device IDs you want to use on the VM separated by commas. For example, if I wanted to pass through my GTX 1070, I’d add vfio-pci.ids=10de:1b81,10de:10f0
. Save and exit your editor.
Run grub-mkconfig -o /boot/grub/grub.cfg
. This path may be different for you on different distros, so make sure to check that this is the location of your grub.cfg prior to running this and change it as necessary. The tool to do this may also be different on certain distributions, e.g. update-grub
.
Reboot.
Now that you have your devices isolated and the relevant features enabled, it’s time to check that your machine is registering them properly.
grab iommu.sh from our companion repo, make it executable with chmod +x iommu.sh
and run it with ./iommu.sh
to see your iommu groups. No output means you didn’t enable one of the relevant UEFI features, or didn’t revise your kernel commandline options correctly. If the GPU and your other devices you want to pass to the host are in their own groups, move on to the next section. If not, refer to the troubleshooting section.
Run dmesg grep vfio
to ensure that your devices are being isolated. No output means that the vfio-pci module isn’t loading and/or you did not enter the correct values in your kernel commandline options.
From here the process is straightforward. Start virt-manager (conversion from raw qemu covered in part one) and make sure the native resolution of both the config.plist and the OVMF options match each other and the display resolution you intend to use on the GPU. if you aren’t sure, just use 1080p.
Click Add Hardware in the VM details, select PCI host device, select a device you’ve isolated with vfio-pci, and hit OK. Repeat for each device you want to pass through. Remove all spice and Qxl devices (including spice:channel), attach a monitor to the gpu and boot into the VM. Install 3d drivers, and you’re ready to go. Note that you’ll need to add your mouse and keyboard to the VM as usb devices, pass through a usb controller, or set up evdev to get input in the host at this point as well.
If all goes well, you just need to install drivers and you’re ready to use 3d on your OSX VM.
Fixing What Ain’t Broke:
NAT is fine for most people, but if you use SMB shares or need to access a NAS or other networked device, it can make that difficult. You can switch your network device to macvtap, but that isolates your VM from the host machine, which can also present problems.
If you want access to other networked devices on your guest machine without stopping guest-host communication, you’ll have to set up a bridged network for it. There are several ways to do this, but we’ll be covering the methods that use NetworkManager, since that’s the most common backend. If you use wicd or systemd-networkd, refer to documentation on those packages for bridge creation and configuration.
Via Network GUI:
This process can be done completely in the GUI on modern desktop environment by going to the network settings dialog, by adding a connection, selecting bridge as the type, adding your network interface as the slave device, and then activating the bridge (sometimes you need to restart network manager if the changes don’t take effect immediately.) From there all you need to do is add the bridge as a network device in virt-manager.
Via NMCLI:
Not everyone uses a full desktop environment, but you can do this with nmcli
as well:
Run ifconfig or nmcli to get the names of your devices, they’ll be relevant in the next steps. take down or copy the name of the adapter you use to connect to the internet.
Next, run these commands, substituting the placeholders with the device name of the network adapter you want to bridge to the guest. They create a bridge device, connect the bridge to your network adapter, and create a tap for the guest system, respectively:
From here, remove the NAT device in virt-manager, and add a new network device with the connection set to br1: host device tap0. You may need to restart network manager for the device to activate properly.
NOTE: Wireless adapters may not work with this method. The ones that do need to support AP/Mesh Point mode and have multiple channels available. Check for these by running iw list
. From there you can set up a virtual AP with hostapd and connect to that with the bridge. We won’t be covering the details of this process here because it’s very involved and requires a lot of prior knowledge about linux networking to set up correctly.
Other Options:
You can also pass through a PCIe NIC to the device if you happen to have a Mac OS compatible model laying around, and you’re comfortable with adding kexts to clover. This is also the best way to get AirDrop working if you need it.
If all else fails, you can manually specify routes between the host and guest using macvtap and ip
, or set up a macvlan. Both are complex and require networking knowledge.
Emulated input might be laggy, or give you problems with certain input combinations. This can be fixed using several methods.
Attach HIDs as USB Host devices
This method is the easiest, but has a few drawbacks. Chiefly, you can’t switch your keyboard and mouse back to the host system if the VM crashes. It may also need to be adjusted if you change where your devices are plugged in on the host. Just click the add hardware button, select usb host device, and then select your keyboard and mouse. When you start your VM, the devices will be handed off.
Use Evdev
This method uses a technique that allows both good performance and switchable inputs. We have a guide on how to set it up here. Note that because OS X does not support PS2 Input out of the box, you need to replace your ps/2 devices as follows in your xml:
If you can’t get usb devices working for whatever reason (usually due to an outdated qemu version) you can add the VoodooPS2 Kext to your ESP to enable ps2 input. This may limit compatibility with new releases, so make sure to check that you have an alternative before committing.
Use Barrier/Synergy
Synergy and barrier are networked input packages that allow you to control your host and/or guest on the same machine, or remotely. They offer convenient input, but will not work with certain networking configurations. Synergy is paid software, but Barrier is free, and isn’t hard to set up. with one caveat on MacOS. You either want to stick with a version prior to 1.3.6 or install the binary manually like so:
After that, just follow a synergy configuration guide (barrier is just an open source fork of synergy) to set up your merged input. It’s usually as simple as opening the app, setting one as server, entering the network address of the other, and then arranging the virtual merged screens accordingly. Note that if you experience bad performance on your guest with synergy/barrier, you can make the guest the server and pass usb devices as described above, but this will make your input devices unavailable on the host if the VM crashes.
Use a USB Controller and Hardware KVM Switch
Probably the most elegant solution. You need $20-60 in hardware to do it, but it allows switching your inputs without prior configuration or problems if the guest VM crashes. Simply isolate and pass through a usb controller (as you would a gpu in the section above) and plug a usb kvm switch into a port on that controller as well as a usb controller on the host. Plug your keyboard and mouse into the kvm switch, and press the button to switch your inputs from one to the other.
Some USB3 controllers are temperamental and don’t like being passed through, so stick to usb2 or experiment with the ones you have. Typically newer Asmedia and Intel ones work best. If your built-in USB controller has issues it may still be possible to get it working using a 3rd party script, but this will heavily depend on how your kvm switch operates as well. Your best bet is just to buy a PCIe controller if the one you have doesn’t work.
By default, audio quality isn’t the best on OS X guest VMs. There are a few ways around it, but we suggest a hardware-based approach for the best reliability.
Hardware-Based Audio Passthrough
This method is fairly simple. Just buy a class compliant USB audio interface advertised as working in Mac OS, and plug it into a USB controller that you’ve passed through to the VM as described in the KVM switch section. If you need seamless audio between host and guest systems, we have a guide on how to get that working as well. We regard this option as the best solution if you plan on using both the host and guest system regularly.
HDMI Audio Extraction
If you’re already passing through a GPU, you can just use that as your audio output for the VM. Just use your monitor’s line out, or grab an audio extractor as described in the linked article above.
Pulseaudio/ALSA passthrough
You can pass through your VM audio via the ich9 device to your host systems’ audio server. We have a guide that goes into detail on this process here.
CoreAudio to Jack
CoreAudio supports sending system sound through Jack, a versatile and powerful unix sound system. Jack supports networking, so it’s possible to connect the guest to the host over the network via Jack. Because Jack is fairly complex and this method requires a specific network setup to get it working, we’ll be saving the specifics of it for a future article. On Linux host systems, tools like Carla can make initial Jack setup easier.
If you find yourself doing a lot of workarounds or want to customize things even further, these are some tools and resources that can make your life easier.
Clover Configurator
This is a tool that automates some aspects of managing clover and your ESP configuration. It can make things like adding kexts and defining hardware details (needed to get iMessage and other things working) easier. It may change your config.plist in a way that reduces compatibility, so be careful if you elect to use it.
InsanelyMac and AMD-OSX
Forums where people discuss hackintosh installation and maintenance. Many things that work in baremetal hackintoshes will work in a VM, so if you’re looking for tweaks that are only relevant to your software configuration, this is a good place to start.
As always, first steps when running into issues should be to read through dmesg
output on the host after starting the VM and searching for common problems.
No output after passing through my GPU
Make sure you have a compatible version of Mac OS, most Nvidia cards will only work on High Sierra and earlier, and 20 series cards will not work at all. Make sure you don’t have spice or QXL devices attached, and follow the steps in the verification section to make sure that your vfio-pci configuration works. If it doesn’t you may have to load the driver manually, but this isn’t the case on most modern linux distributions.
Make sure that your config.plist and OVMF resolution match your monitor’s native resolution. How to edit these settings is covered in Part 1.
If all else fails, you can try passing a vbios to the card by downloading the relevant files from techpowerup and adding the path to them in your XML, usually something like <rom bar='on' file='/var/lib/libvirt/vbios/vbios.rom'/>
in the pci device section that corresponds to the GPU.
Can’t Connect to SMB shares or see other networked devices
Change to a different networking setup as described in the networking section
iMessage/AirDrop/Apple Services not working
You have to configure these just like any other hackintosh. Consult online guides for procedure specifics.
Multiple PCI devices in the same IOMMU group
You need to install the ACS patch. Arch, fedora and Ubuntu all have prepatched kernel repos. Systemd-boot based ubuntu distributions like Pop!OS will need further work to get an installed kernel working. Refer to your distro documentation for exact procedure needed to switch or patch kernels otherwise. You’ll also need to add
2 identical PCI IDs
You’re going to have to add a script that isolates only 1 card early in the boot process. There’s several ways to do this, and our method may not work for you, but this is the methodology we suggest:
open up a text editor as root and and copy/paste this script:
Save it as /usr/bin/vfioverride.sh
.
from there run these commands as root:
On Arch, as root, make a new file called pci-isolate.conf
in /etc/modprobe.d
, open it in an editor and add the line install/usr/bin/init-top/vfioverride.sh
to it. Save it. Make sure modconf
is listed in the HOOKS=(
array section of your initrd config file, mkinitcpio.conf
.
If you’re on fedora or RHEL, you can simply add the install line to install_items+=
array and modconf/vfio-pci to the add_drivers+=
array.
And update your initial ramdisk using mkinitcpio
, dracut
, or update-initramfs
depending on your distribution (Arch, RHEL/Fedora and *Buntu respectively.)
NOTE: script installation methodology varies from distro to distro. You may have to add initramfs hooks for the script to take effect, or force graphics drivers to load later to prevent the card from being captured before it can be isolated. refer to the Arch Wiki article for a different installation methodology if this one fails. You may also have to add the vfio-pci modules to initramfs hooks if your kernel doesn’t load the vfio-pci module automatically.
Reboot and verify your devices are isolated by checking lspci
for them (if they’re missing you’re good to go.)
If not, set vfio-pci to load early with hooks and try again. If it still doesn’t work, you may need to compile a kernel that does not load the module and follow the archwiki guide on traditional setup.
The best preventative measure for this problem is to buy different cards in the first place.
I did everything instructed but the GPU still won’t isolate/VM crashes or hardlocks system on startup
Your Graphics drivers are probably set to load earlier in the boot process than vfio-pci. You can fix this one of 2 ways:
The first option can be achieved by adding amdgpu,radeon
or nouveau
to module_blacklist=
in your kernel command line options (same way you added vfio device IDs in the first section of this tutorial.)
The second is done by adding vfio_pci vfio vfio_iommu_type1 vfio_virqfd
to your initramfs early modules list, and removing any graphics drivers set to load at the same time. This process varies depending on your distro.
Onmkinitcpio
systems (Arch,) you add these to the MODULES=
section of /etc/mkinitcpio.conf
and then rebuild your initramfs by running mkinitcpio -P
.
On dracut
systems (Fedora, RHEL, Centos, Arch in future releases,) you add these to a .conf file in the /etc/modules-load.d/
folder.
Images Courtesy Foxlet, Pixabay
Consider Supporting us on Patreon if you like our work, and if you need help or have questions about any of our articles, you can find us on our Discord. We provide RSS feeds as well as regular updates on Twitter if you want to be the first to know about the next part in this series or other projects we’re working on.