Windows 11 SR-IOV Passthrough (Headless) on CachyOS
- OS: CachyOS (Arch-based)
- CPU: Intel 12th/13th/14th Gen (e.g., i5-13600K) with UHD 770
- GPU Strategy: SR-IOV (Single Root I/O Virtualization) to create virtual GPU slices.
- BIOS Settings:
- VT-d: Enabled
- Above 4G Decoding: Enabled
- Re-Size BAR: DISABLED (Crucial for 13th Gen iGPU passthrough stability)
- DVMT Pre-Allocated: 64MB (Recommended)
Install QEMU, KVM, and headers required for the SR-IOV driver.
sudo pacman -Syu qemu-full virt-manager virt-viewer dnsmasq vde2 bridge-utils openbsd-netcat libguestfs swtpm linux-cachyos-headers ethtoolWe use the custom driver to unlock 7 Virtual Functions on the consumer iGPU.
Bash
paru -S i915-sriov-dkms
# OR
yay -S i915-sriov-dkms
Enable IOMMU and create the virtual GPU slices at boot.
-
Edit config:
sudo nano /boot/limine.conf -
Append to
cmdline:Plaintext
intel_iommu=on iommu=pt i915.enable_guc=3 i915.max_vfs=7 kvm.ignore_msrs=1 report_ignored_msrs=0 -
Reboot Host.
Verification: Run lspci | grep VGA. You should see 00:02.0 (Physical) AND 00:02.1 through 00:02.7 (Virtual Slices).
Docker breaks KVM networking, and VirtIO causes DNS failures.
-
Allow KVM Traffic (Fix "No Internet" in VM):
Bash
# Allow forwarding sudo iptables -P FORWARD ACCEPT # Save persistence sudo iptables-save | sudo tee /etc/iptables/iptables.rules sudo systemctl enable --now iptables -
Fix DNS/Packet Corruption (Checksum Offload):
Bash
sudo ethtool -K virbr0 tx off(Note: This might need a script to run on boot).
-
ISO: Windows 11
-
Firmware: UEFI (OVMF)
-
TPM: CRB (Emulated via swtpm)
-
Network: Virtual Network 'default' : NAT (e1000e or virtio)
-
Bypass MS Account: Shift+F10 during setup ->
OOBE\BYPASSNRO.
Crucial Settings:
-
Use
00:02.1(Slice 1), NOT00:02.0(Physical). -
Remove all legacy hacks (
rom bar=on,x-vga=on,opregion). -
Topology: Ensure GPU is NOT on Bus 0 or 1. Let Libvirt auto-assign (e.g., Bus 5-9).
Final Working Device Block:
XML
<hostdev mode="subsystem" type="pci" managed="yes">
<source>
<address domain="0x0000" bus="0x00" slot="0x02" function="0x1"/>
</source>
<rom bar="off"/>
</hostdev>
QEMU Args (Spoofing Only):
XML
<qemu:commandline>
<qemu:arg value="-global"/>
<qemu:arg value="vfio-pci.x-pci-sub-vendor-id=0x1043"/>
<qemu:arg value="-global"/>
<qemu:arg value="vfio-pci.x-pci-sub-device-id=0x8882"/>
</qemu:commandline>
Hyper-V Spoofing (Hide VM status):
Inside -> :
XML
<vendor_id state="on" value="1234567890ab"/>
Inside <features>:
XML
<kvm>
<hidden state="on"/>
</kvm>
-
VirtIO Drivers: Install
virtio-win-guest-tools.exe. -
Intel Graphics: Install standard Intel drivers (Device should show "Intel UHD 770" with NO Code 43).
Since there is no physical monitor, Windows defaults to low res.
-
Download IddSampleDriver (MikeTheTech/Roshkins).
-
Extract to
C:\IddSampleDriver. -
Install Certificate Manually: Right-click
IddSampleDriver.cer-> Install -> Local Machine -> Trusted Root Certification Authorities. -
Run
install.batas Admin. -
Reboot VM.
-
Display Settings: Select "Display 2" (Idd) -> "Show Only on 2". Set 1080p/1440p and 60/120Hz.
-
VM: Install Sunshine.
-
Config -> Audio/Video -> Encoder: Intel QuickSync.
-
Applications -> Add "Fusion 360" (Path to exe) for seamless launching.
-
-
Host: Install Moonlight-qt.
-
Settings -> V-Sync: OFF (Fixes "floaty" mouse).
-
Bitrate: 150 Mbps.
-
Connect via IP (e.g.,
192.168.122.x).
-
-
Host:
mkdir ~/FusionShare -
XML:
XML
<memoryBacking> <source type="memfd"/> <access mode="shared"/> </memoryBacking> <filesystem type="mount" accessmode="passthrough"> <driver type="virtiofs"/> <source dir="/home/user/FusionShare"/> <target dir="host_share"/> </filesystem> -
Guest: Install WinFSP (Select "Core").
-
Guest: Start service
VirtIO-FS Service(Auto). -
Result: Drive
Z:appears in Windows.
- Fusion 360 Performance: Windows Settings -> System -> Display -> Graphics -> Fusion 360 -> High Performance (Intel UHD 770).