Magic Trackpad 2 causes kernel heap corruption when passed to a Proxmox guest, GPFs

In mid-December I rebooted to upgrade my Proxmox kernel to pve-kernel-5.4.78-2-pve, but I immediately started having an issue where the kernel would trigger a GPF (general protection fault) and reset about 5-20 minutes after starting my macOS VM. I suspected that the new kernel was at fault, but I rolled back to the previous kernel and the problem persisted. I hadn’t experienced this fault before so I was a bit baffled about what change I made before that reboot could have triggered it.

To track down the issue, I built a version of Proxmox’s kernel with KASAN enabled. KASAN is the Kernel Address Sanitiser, it can detect kernel bugs like double-frees or out-of-bounds reads and writes by instrumenting the kernel to add checks around every memory access. This adds a bunch of CPU and memory space overhead, but the impact is bearable so long as your guest doesn’t need much service from the host kernel.

Continue reading Magic Trackpad 2 causes kernel heap corruption when passed to a Proxmox guest, GPFs

Running Tails as a VM with persistence on Proxmox

In this guide I’ll explain how you can run Tails as a VM in Proxmox while retaining the persistence feature, and keeping support for Proxmox backups and snapshots.

Firstly, note that running Tails as a VM defeats a lot of the security features it offers, since you now need to trust the hypervisor to be secure. The VM’s memory could be swapped to disk in the host’s swapfile or persisted in a guest snapshot (if the “include RAM” option is ticked), which will leak the contents of the guest onto the host’s persistent storage, including secret encryption key material.

Continue reading Running Tails as a VM with persistence on Proxmox

Working around the AMD GPU Reset bug on Proxmox using vendor-reset

Most modern AMD GPUs suffer from the AMD Reset Bug: The card cannot be reset properly, so it can only be used once per host power-on. The second time the card is tried to be used Linux will attempt to reset it and fail, causing the VM launch to fail, or the guest, host or both to hang.

This is especially a problem if you only have one GPU in your system, because it will be your primary GPU and so be initialised by the host UEFI during boot, rendering it unusable for passthrough even a single time.

gnif’s new vendor-reset project is an attempt to work around this AMD reset issue by replacing AMD’s missing FLR support with vendor-specific reset quirks.

Continue reading Working around the AMD GPU Reset bug on Proxmox using vendor-reset

Solving macOS VM kernel panics on heavily-loaded Proxmox/QEMU/KVM servers

Recently I needed to solve a problem where macOS VMs running on an overloaded Proxmox server (regularly pegged at 100% CPU, load >100) would kernel-panic and reboot about once every 15 minutes. All of the VMs on the box were running a CI workload, so Proxmox was effectively running a CPU torture-test similar to building Chrome in a loop. However, only the macOS guests were experiencing kernel panics.

Continue reading Solving macOS VM kernel panics on heavily-loaded Proxmox/QEMU/KVM servers

Installing macOS 11 “Big Sur” on Proxmox 6

macOS 12 Monterey is now available! If you want to install that instead, check out my newer guide!

This tutorial for installing macOS Big Sur using OpenCore has been adapted for Proxmox from Kholia’s OSX-KVM project and Leoyzen’s OpenCore configuration for KVM. You can get the full sourcecode on my GitHub here.

Requirements

I’ll assume you already have Proxmox 6 installed. You also need a real Mac available in order to fetch the OSK key.

Your Proxmox host computer’s CPU must support SSE 4.2, so for Intel your CPU must be at least as new as Nehalem, which was the first CPU generation to bear the “Core” i5/i7 branding. Older CPUs will cause the finder to repeatedly crash after installation completes (with an Illegal Instruction exception in the graphics code).

Modern AMD CPUs also support SSE 4.2 and will work with this guide.

Continue reading Installing macOS 11 “Big Sur” on Proxmox 6

Installing macOS Catalina 10.15 on Proxmox 6.1 or 6.2 using OpenCore

macOS 11 Big Sur has now been released! If you’d like that version instead then please use my new Big Sur installation guide!

This tutorial for installing macOS Catalina using OpenCore has been adapted for Proxmox from Kholia’s OSX-KVM project and Leoyzen’s OpenCore configuration for KVM. You can get the full sourcecode on my GitHub here.

If you’d like to use Clover instead, use my older tutorial, but OpenCore works better!

Requirements

I’ll assume you already have Proxmox 6.1 or 6.2 installed. You also need a real Mac available in order to fetch the OSK key.

Your Proxmox host computer’s CPU must support SSE 4.2, so for Intel your CPU must be at least as new as Nehalem, which was the first CPU generation to bear the “Core” i5/i7 branding. Older CPUs will cause the finder to repeatedly crash after installation completes (with an Illegal Instruction exception in the graphics code).

Modern AMD CPUs also support SSE 4.2 and will work with this guide.

Continue reading Installing macOS Catalina 10.15 on Proxmox 6.1 or 6.2 using OpenCore

Using a Canon DSLR as a webcam on macOS with Zoom

With the COVID-19 lockdown, I needed to do some videoconferencing with zoom.us, but I wanted something higher quality than my MacBook’s built-in webcam. So instead I wanted to use my Canon 5D III. (These instructions are for macOS only, not Windows)

First we need to export your camera’s proprietary liveview into a video stream we can use. To do this you can install v002-Camera-Live:

https://github.com/v002/v002-Camera-Live

Turn on your camera and connect it to your computer with USB, then run Camera Live and double click your camera in the list to activate it. This makes the liveview output from your Canon camera available as a Syphon video stream.

But zoom.us doesn’t support Syphon video directly, it only supports webcams. So you now need to convert the Syphon stream into a virtual webcam using CamTwist Studio:

Continue reading Using a Canon DSLR as a webcam on macOS with Zoom

createinstallmedia for macOS Sierra is a fork bomb!

Apple have posted a set of download links for installers for older versions of macOS on their website here:

https://support.apple.com/en-us/HT201372

There’s a teeny-tiny problem with the macOS Sierra installer though: running the createinstallmedia command as suggested ends up with an infinite loop of createinstallmedia spawning new copies of itself, until the computer’s resources are exhausted (a fork bomb)!

Continue reading createinstallmedia for macOS Sierra is a fork bomb!

Installing macOS Catalina 10.15 on Proxmox 6 using Clover

I’ve now created a new tutorial that uses OpenCore instead of Clover, and it fixes a lot of problems. I recommend using the new tutorial for all new builds

This tutorial for installing macOS Catalina has been adapted for Proxmox 6 from Kholia’s GitHub project for installing into vanilla KVM. There is more documentation there which will help out with enabling extra features and diagnosing problems!

If you run into trouble, also check out the comment section of my previous tutorial on Mojave – these two versions are very similar so the problems and solutions are likely to be the same.

Requirements

I’ll assume you already have Proxmox 6 installed. You also need a real Mac available in order to fetch the OSK key.

Your Proxmox host computer’s CPU must support SSE 4.2, so for Intel your CPU must be at least as new as Nehalem, which was the first CPU generation to bear the “Core” i5/i7 branding. Older CPUs will cause the finder to repeatedly crash after installation completes (with an Illegal Instruction exception in the graphics code).

Apparently modern AMD CPUs also support SSE 4.2 and can be used with this guide without any modification (maybe Bulldozer and certainly Ryzen), but I haven’t tested this myself.

Continue reading Installing macOS Catalina 10.15 on Proxmox 6 using Clover

My macOS Monterey / Proxmox setup

I thought it might be helpful for people following my guide for installing macOS 12 Monterey on Proxmox if I described my setup and how I’m using macOS.

Proxmox hardware specs

  • Motherboard: Asrock EP2C602
  • RAM: 64GB
  • CPU: 2 x Intel E5-2687W v2 for a total of 16 cores / 32 threads
  • Storage
    • ASUS Hyper M.2 X16 PCIe 4.0 X4 Expansion Card
      • Samsung 970 Evo 1TB NVMe SSD for macOS
      • Samsung 950 Pro 512GB NVMe SSD
    • 38TB of spinning disks in various ZFS configurations
    • 1TB SATA SSD for Proxmox’s root device
  • Graphics
    • EVGA GeForce GTX 1060 6GB
    • AMD Radeon R9 280X (HD 7970 / Tahiti XTL) (not currently installed)
    • AMD Sapphire Radeon RX 580 Pulse 8GB (11265-05-20G)
  • IO
    • 2x onboard Intel C600 USB 2 controllers
    • Inateck USB 3 PCIe card (Fresco Logic FL1100 chipset)
    • 2x onboard Intel 82574L gigabit network ports
  • Case
    • Lian Li PC-X2000F full tower (sadly, long discontinued!)
    • Lian Li EX-H35 HDD Hot Swap Module (to add 3 x 3.5″ drive bays into 3 of the 4 x 5.25″ drive mounts), with Lian Li BZ-503B filter door, and Lian Li BP3SATA hot swap backplane. Note that because of the sideways-mounted 5.25″ design on this case, the door will fit flush with the left side of the case, while the unfiltered exhaust fan sits some 5-10mm proud of the right side of the case.
  • CPU cooler
    • 2 x Noctua NH-U14S coolers
  • Power
    • EVGA SuperNOVA 750 G2 750W

My Proxmox machine is my desktop computer, so I pass most of this hardware straight through to the macOS Monterey VM that I use as my daily-driver machine. I pass through both USB 2 controllers, the USB 3 controller, an NVMe SSD, and one of the gigabit network ports, plus the RX 580 graphics card.

Continue reading My macOS Monterey / Proxmox setup