Armed Ferret Posted May 25, 2020 Posted May 25, 2020 Hello. When I launch PFSense for the first time I get stuck on the black screen where it says booting... and nothing else happens I see the following errors in the pfsense logs 2020-05-24 02:05:07.735+0000: Domain id=1 is tainted: high-privileges 2020-05-24 02:05:07.735+0000: Domain id=1 is tainted: host-cpu char device redirected to /dev/pts/0 (label charserial0) 2020-05-24T02:05:18.252838Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:08:00.0 Device option ROM contents are probably invalid (check dmesg). Skip option ROM probe with rombar=0, or load from file with romfile= 2020-05-24T02:05:18.254745Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:09:00.0 Device option ROM contents are probably invalid (check dmesg). Skip option ROM probe with rombar=0, or load from file with romfile= 2020-05-24T02:05:18.256320Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:08:00.1 Device option ROM contents are probably invalid (check dmesg). Skip option ROM probe with rombar=0, or load from file with romfile= 2020-05-24T02:05:18.257872Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:09:00.1 Device option ROM contents are probably invalid (check dmesg). Skip option ROM probe with rombar=0, or load from file with romfile= I did some searches and someone mentioned it has to do with the CPU pinning but I pinned 2 threads on 1 core. I even tried switching the pinning to a different core. I had 1 and 7 pinned but now I have 5 and 11. So Im a little lost here. I used the vfio plugin to get passthrough working. I also had to enable ACS override to get the IOMMU groups broken up. Here is my pfsense VM config Part 1 Part 2 I asked on the pfSense thread but nobodw was responding. I have attached my pfsense logs and my IOMMU group in txt files. Any help would be appreciated. IOMMU Groups.txt PFsense logs.txt Quote
Abzstrak Posted May 25, 2020 Posted May 25, 2020 set your machine type to q35-2.6, its due to old qemu drivers in pfsense. 1 Quote
Alexey Vedernikov Posted May 25, 2020 Posted May 25, 2020 11 hours ago, Abzstrak said: set your machine type to q35-2.6, its due to old qemu drivers in pfsense. you my hero!!! half a day could not run pfsense Quote
Armed Ferret Posted May 25, 2020 Author Posted May 25, 2020 (edited) 11 hours ago, Abzstrak said: set your machine type to q35-2.6, its due to old qemu drivers in pfsense. I switched it to q35-2.6 and I get the following when launching VNC. I tried 2.7 and it reverts back to the original issue. Stuck on the boot screen. I have attached log. Also I am using a Ryzen 2700X for my CPU if that matters. pfSense Logs.txt Edited May 25, 2020 by Armed Ferret more info Quote
Abzstrak Posted May 25, 2020 Posted May 25, 2020 did you install on 2.6? if not, reinstall on 2.6 Quote
Armed Ferret Posted May 25, 2020 Author Posted May 25, 2020 (edited) I switched it to 2.6 and uninstalled and reinstalled on 2.6 as well. I tried 2.7 and the if drivers as well. 2.6 is the only one that gives me the guest has not installed the display. The rest get stuck on the boot screen. Edited May 25, 2020 by Armed Ferret fixing info Quote
bastl Posted May 26, 2020 Posted May 26, 2020 12 hours ago, Armed Ferret said: I switched it to 2.6 and uninstalled and reinstalled on 2.6 as well. I tried 2.7 and the if drivers as well. 2.6 is the only one that gives me the guest has not installed the display. The rest get stuck on the boot screen. Use the Q35-2.6 machine type and try to manual edit the xml with the following CPU section. You only have to adjust the amount of cores you're giving to the VM. <cpu mode='custom' match='exact' check='full'> <model fallback='forbid'>Skylake-Client</model> <topology sockets='1' cores='2' threads='1'/> <feature policy='require' name='hypervisor'/> <feature policy='disable' name='pcid'/> <feature policy='disable' name='hle'/> <feature policy='disable' name='erms'/> <feature policy='disable' name='invpcid'/> <feature policy='disable' name='rtm'/> <feature policy='disable' name='mpx'/> <feature policy='disable' name='spec-ctrl'/> </cpu> 1 1 Quote
bza Posted January 18, 2021 Posted January 18, 2021 This was exactly what I have needed for a pfSense VM on threadriper, was running ok on previous build with Intel on it, but after migrating to threadriper, it was not working any more, this has solved the problem 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.