I’m currently attempting to passthrough a ThunderboltEX 4 card into a Windows 11 guest on virtmanager. I have VT-x
and HyperV
enabled but Kernel DMA Protection is off
according to MSINFO32.exe. The only feature I don’t have running is VT-d
, and is provided by configuring vIOMMU in virtmanager. This is my progress so far:
<!-- Each pci-root-port has its own iommu driver.
No driver is present in the other controller types. -->
<controller type="pci" index="2" model="pcie-root-port">
<model name="pcie-root-port"/>
<target chassis="2" port="0x11"/>
<driver iommu="on" ats="on"/>
<address type="pci" domain="0x0000" bus="0x00" slot="0x02" function="0x0"/>
</controller>
<!-- This is how the vIOMMU model is decalred -->
<iommu model="intel">
<driver intremap="on" caching_mode="on" iotlb="on"/>
</iommu>
Even with these additions DMA protection is off
, and if I attempt to passthrough the Thunderbolt 4 NHI
i.e. USB controller: Intel Corporation Thunderbolt 4 NHI [Maple Ridge 4C 2020]
the VM hangs during boot and doesn’t proceed to the login page. The ThunderboltEX 4 card has successfully passthrough on macOS and Ubuntu guests. The only thing that makes Windows different, from my research, is their virtualization-based security from builds 1803
and above. Any insights into enabling Kernel DMA protection or setting up vIOMMU properly would be much appreciated.