I’ve developed a virtual machine manager application using the macOS Virtualization framework. The application currently supports both NAT and bridged networking configurations. I’m now looking to implement host-only networking, where the guest VM can communicate with the host but not with external networks. Is this networking mode supported by the Virtualization framework, and if so, what is the recommended approach to set it up? Additionally, I would like to implement port forwarding from the host to the guest (e.g., redirecting traffic from a specific port on the host to a port on the guest). Is there a way to configure port forwarding using the built-in APIs of the Virtualization framework, or would this require a custom networking solution? Any guidance or best practices for implementing these features within the constraints of the framework would be greatly appreciated.

Hi, been exploring macOS VM on both Parallels and UTM and they lack some "GPU/graphics" things vs native MacOS which could be useful on some situations (testing some non trusted graphics apps on a Mac VM) so providing similar usefulness as Windows Sandbox.. Current limitations: 1)In MacOS VM night mode doesn't work.. 2)HDR support isn't exposed even when enabling HDR on host 3)missing GPTK support for the Paravirtual GPU (Paravitual GPU supports Metal but isn't enough for GPTK to work which complains about unsupported GPU).. 4)OpenCL is supported but only the CPU device.. so expose GPU device in addition to current CPU only device.. 5)OpenGL only supports the software renderer.. I assume OpenGL driver on Apple M1-4 GPUs being Metal based, and being Metal supported no reason for software renderer only thanks..

Hi, REQUEST 1: seems Microsoft is ahead of Apple in X86 ARM emulation support at least in features supported.. see: https://blogs.windows.com/windows-insider/2024/11/06/announcing-windows-11-insider-preview-build-27744-canary-channel/ x64 emulated applications through Prism will now have support for additional extensions to the x86 instruction set architecture. These extensions include AVX and AVX2, as well as BMI, FMA, F16C BMI1/2 and F16C aren't yet supported by Rosetta.. would be useful for games like Alan Wake 2.. so asking for Rosetta equaling features to Prism emulator.. REQUEST 2: there is no way to currently enable AVX1/2 on Rosetta Linux.. on macOS using export ROSETTA_ADVERTISE_AVX=1 does the trick.. but not on Linux VM's.. tested setting this via: /bin/launchctl setenv ROSETTA_ADVERTISE_AVX 1 on Mac before VM launch and inside Linux VM but AVX2 isn't exposed..

Hi, Since recently there is interest in having faster x87 translation speeds than Rosetta offers.. mainly some old PC games getting stuck at less than 5fps using Wine that uses Rosetta..( some world of warcraft game for ex.).. so main case right now, is games using old fmodex library versions (dll or statically)that uses heavy x87 instructions for audio processing , and such games not being threaded ,stalls the render threead, which is the same thread.. Luckily there is a hack, see: https://github.com/Lifeisawful/rosettax87 ”This is an experimental project that modifies Apple's Rosetta technology to use less precise but significantly faster x87 instruction handlers. The benchmarks show approximately 4-5x performance improvement for x87 floating-point operations.” but limitations are: 1)it runs only on specific Mac version (15.4.1) due to searching some fixed offsets in current rosetta library that may change with mac updates.. 2)requires to run two binaries (a server and the launcher program).. 3)currently doesn’t seem to accelerating x87 instruction on Linux programs/binaries i.e. lacking support for Rosetta on Linux if Apple supports similar technology, it could providing some enviroment variable like ROSETTA_FAST_X87 for enabling/disabling this fast emulation similar to how Rosetta AVX support not enabled by default.. thanks..

Hi, I'm trying save and restore features of VZ Framework with saveMachineStateTo and restoreMachineStateFrom(vzvmsaveFilePath) with completionHandler. Saving feature works well without any errors, .vzvmsave file created on my local mac, but the problem occurs on restore. After creating VM with the same volume mounts I used to make .vzvmsave, restoreMachineStateFrom method sends error. Failed to load VM from .vzvmsave file with Error Domain=VZErrorDomain Code=12 UserInfo={NSLocalizedFailure=<private>, NSLocalizedFailureReason=<private>} Because Localized Failure and its reason are both 'private', I cannot get what exactly happened to this VM app. Only thing I know here is the Code of VZError but nobody summarized what exactly the error code means. Could anyone give me the list of VZError code list please?

Hey there! I’ve got some exciting news about Apple’s virtio_net_hdr implementation on macOS 15.4. It’s making communication a lot smoother, with a noticeable improvement! Now, I’d love to hear your thoughts on a couple of things. First, how do you think we can validate the populated values? And secondly, should we consider reusing populated values for the other endpoint, like the ‘flags’ field? Your insights would be invaluable!

I am using macOS virtualization farmework and able to create nad and run VMS. I need to resize the disk images using hdiutil in app sandbox environment. Is that possible? i tried disabling sandbox and it worked ok. But with sandbox i get the error message device is not configured. If this cant be done in sandbox what could be the alternative way to to achive this in sandboxed app. thanks

I have developed an app to create and run virual machines using mac os virtualization framework for apple siicon and intel macs. I have tried ubuntu, fedora, debian & linux mint distros and they all worked fine with intel macs. But when i try to run other distros like mx linux, manjaro, pop os, endevour os etc on intel mac they all on booting iso just shows the black screen. is there any list of officilay support linux distros for intel macs and apple silicon. the support of linux distros are fairly limited or am i missing something.

Works: runs-on: ubuntu-24.04-arm container: image: ubuntu:latest env: DEBIAN_FRONTEND: noninteractive steps: - uses: actions/checkout@v4 - run: | apt-get --assume-yes update apt-get --assume-yes install linux-image-generic dracut binutils - run: | dracut --conf $(mktemp) \ --confdir $(mktemp --directory) \ --verbose \ --modules "base bash" \ --add-drivers "virtio-rng bcachefs btrfs virtiofs overlay xfs" \ --kernel-cmdline "console=hvc0" \ --no-early-microcode \ --no-hostonly \ --no-compress \ --no-uefi \ initramfs \ $(ls /lib/modules/) - run: | cp /boot/vmlinuz-$(ls /lib/modules/) vmlinuz - uses: actions/upload-artifact@v4 with: path: | vmlinuz initramfs Will NOT work: runs-on: ubuntu-24.04-arm container: image: ubuntu:latest env: DEBIAN_FRONTEND: noninteractive steps: - uses: actions/checkout@v4 - run: | apt-get --assume-yes update apt-get --assume-yes install linux-image-generic-64k dracut binutils - run: | dracut --conf $(mktemp) \ --confdir $(mktemp --directory) \ --verbose \ --modules "base bash" \ --add-drivers "virtio-rng bcachefs btrfs virtiofs overlay xfs" \ --kernel-cmdline "console=hvc0" \ --no-early-microcode \ --no-hostonly \ --no-compress \ --no-uefi \ initramfs \ $(ls /lib/modules/) - run: | cp /boot/vmlinuz-$(ls /lib/modules/) vmlinuz - uses: actions/upload-artifact@v4 with: path: | vmlinuz initramfs You can try it on Github Actions

Using VZVirtioFileSystemDeviceConfiguration allows a Linux guest OS to access folders on macOS. However, modifications to the file's uid/gid by the Linux guest OS have no effect, and the file's uid/gid will always appear as the uid/gid of the Linux user currently accessing the file, as if the uid/gid were not stored at all.I hope there’s a way to at least pass through the uid/gid without any mapping.

This morning I installed podman on my new Apple laptop. It can be inited successfully but failed to start. The error is: Error: Error Domain=VZErrorDomain Code=1 Description="Internal Virtualization error. The virtual machine failed to start." UserInfo={ NSLocalizedFailure = "Internal Virtualization error."; NSLocalizedFailureReason = "The virtual machine failed to start."; My new Mac laptop with the latest OS version: 15.3.1 and it is Apple M4 chip. I verified that my Virtualization.framework is good by ls -l /System/Library/Frameworks/Virtualization.framework also my MacOS support virtualization because sysctl kern.hv_support returns kern.hv_support: 1. I tried to install it on my old Apple laptop which is intel core, same OS version - everything is good. How to fix this issue?

I can see that a MacOS VM guest running on top of an Apple Silicon MacOS host has GPU acceleration - indicating GPU sharing capabilities for the hardware. Is there also a way to have GPU acceleration in Linux guests (with Vulkan/Mesa drivers)?

Sometimes, during Recovery, when choosing "Options" I'm presented with the Language chooser before going into the Recovery options. Other times the process moves directly into Recovery options, without any language choice. I'm running in recovery mode, after completing a fresh installation of macOS (including setting a language) and fully shutting down the OS via the menu. This happens seemingly randomly, which affects the ability to automate the process. So far I've only seen it on macOS 15. Is there some logic to why this language chooser pops up, and any way I can make it consistent (in either direction)?

Windows 10 使用 VirtualBox 创建的 Monterey 12.6.7 macOS 虚拟机不能识别到 iPhone 7 手机。 iPhone 7 已经连接到电脑主机 (win 10) 的 USB 3.0 口子，手机已经信任电脑。 在 win 10，我看到了 “此电脑\Apple iPhone”，就是说，宿主机识别到了 手机。 现在，开启macOS 虚拟机，虚拟机右下角的 usb 图标，显示并且勾选到了 "Apple Inc. iPhone [0901]"，但虚拟机还是没看到手机设备，导致 Xcode 也看不到手机设备。 虚拟机运行后，插拔 iPhone 7 手机，通过 sudo log show --predicate 'eventMessage contains "usbmuxd"' --info 看到了报错信息： 2025-02-13 10:31:06.541201+0800 0xa3c Error 0x0 0 0 kernel: (Sandbox) 1 duplicate report for System Policy: usbmuxd(22583) deny(1) file-write-mode /private/var/db/lockdown 2025-02-13 10:31:07.090321+0800 0xf807 Error 0x0 140 0 sandboxd: [com.apple.sandbox.reporting:violation] System Policy: usbmuxd(22583) deny(1) file-write-mode /private/var/db/lockdown Violation: deny(1) file-write-mode /private/var/db/lockdown Process: usbmuxd [22583] Path: /usr/local/sbin/usbmuxd Load Address: 0x10564b000 Identifier: usbmuxd Version: ??? (???) Code Type: x86_64 (Native) Parent Process: sudo [22582] Responsible: /System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal User ID: 0 Date/Time: 2025-02-13 10:31:06.793 GMT+8 OS Version: macOS 12.6.7 (21G651) Release Type: User Report Version: 8 MetaData: {"vnode-type":"DIRECTORY","hardlinked":false,"pid":22583,"process":"usbmuxd","primary-filter-value":"/private/var/db/lockdown","platform-policy":true,"binary-in-trust-cache":false,"path":"/private/var/db/lockdown","primary-filter":"path","action":"deny","matched-extension":false,"process-path":"/usr/local/sbin/usbmuxd","file-flags":0,"responsible-process-path":"/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal","flags":21,"platform-binary":false,"rdev":0,"summary":"deny(1) file-write-mode /private/var/db/lockdown","target":"/private/var/db/lockdown","mount-flags":76582912,"profile":"platform","matched-user-intent-extension":false,"apple-internal":false,"storage-class":"Lockdown","platform_binary":"no","operation":"file-write-mode","profile-flags":0,"normalized_target":["private","var","db","lockdown"],"file-mode":448,"errno":1,"build":"macOS 12.6.7 (21G651)","policy-description":"System Policy","responsible-process-signing-id":"com.apple.Terminal","hardware":"Mac","uid":0,"release-type":"User"} Thread 0 (id: 63477): 0 libsystem_kernel.dylib 0x00007ff80d8368ae __chmod + 10 1 usbmuxd 0x000000010565584e main + 3582 (main.c:816) 2 dyld 0x0000000114e3f52e start + 462 Binary Images: 0x10564b000 - 0x10565afff usbmuxd (0) <0fc9b657-d311-38b5-bf02-e294b175a615> /usr/local/sbin/usbmuxd 0x114e3a000 - 0x114ea3567 dyld (960) <2517e9fe-884a-3855-8532-92bffba3f81c> /usr/lib/dyld 0x7ff80d832000 - 0x7ff80d869fff libsystem_kernel.dylib (8020.240.18.701.6) /usr/lib/system/libsystem_kernel.dylib 2025-02-13 10:35:39.751714+0800 0x27f Default 0x0 0 0 kernel: (Sandbox) Sandbox: usbmuxd(119) allow iokit-get-properties kCDCDoNotMatchThisDevice 2025-02-13 10:35:45.025063+0800 0x27f Default 0x0 0 0 kernel: (Sandbox) Sandbox: usbmuxd(119) allow iokit-get-properties kCDCDoNotMatchThisDevice

I have a MacMini M2 machine running Sequoia 15.1 OS. On this machine, I am running a Virtual Machine, utilizing the Virtualization.Framework, with the same OS version, 15.1. Logging into my account in the System Settings is successful. Next, I need to add my account in Xcode 16.1. While the initial login is successful, Xcode immediately displays the following error: Decoding Error. There was a failure decoding response: (HTTP 401, 60 bytes) The data couldn’t be read because it isn’t in the correct format. As a result, I cannot see any account information, teams, etc. A very similar bug has been reported at this issue - https://developer.apple.com/forums/thread/759877, but there has been no progress or updates there. Is there any chance to fix this and get it working?

I want to use the com.apple.vm.networking entitlement which has a note: This entitlement is restricted to developers of virtualization software. To request this entitlement, contact your Apple representative. https://developer.apple.com/support/technical/ says: « Request entitlements using entitlement forms and ask for status updates in the resulting email thread. » but I haven't been able to find these "entitlement forms". Does anyone know what the right process is to request an entitlement?

Description When starting the iOS simulators on macOS-15 intel image, the following assertion happens: The same issue not showing for macOS 15-arm64 image. Here is the issue details: https://github.com/actions/runner-images/issues/10925 raised by multiple users. AVPIdentity: AppleVirtualPlatformHostKey.mm:234: Assert: platformExpert, value: 0 AVPIdentity: AppleVirtualPlatformHostKey.mm:234: Failed to get AppleVirtualPlatformARMPE service. The Simulators worked fine the day before the above issue was posted. What changed? Did something update?

Hi everyone! I'm developing a system where an application running in a VM communicates with the host operating system's components using vsock sockets (VZVirtioSocketDevice in Virtualization.framework). Both systems are running macOS. There may be multiple guests, and the existing implementation for other OSes relies on VM's CID to differentiate them. In macOS, getting the CID from inside the guest VM is straightforward—it is returned by IOCTL_VM_SOCKETS_GET_LOCAL_CID. However, in macOS the regular vsock API is not available on the host side, replaced by Virtualization.framework. I could not find anything in the Virtualization.framework's documentation that could be used to query (or set?) the CID for the specific virtual machine instance (which is certainly possible on other platforms utilizing Virtio drivers, e.g. Linux/QEMU). Am I overlooking something?

hello developers, First priority I couldn't find a proper title for the question :( The reason why I open a topic here is not to find the answer by direct point shooting; My goal is what do Apple, Developer, Companies and Devops teams think and comments about the subject I'm going to ask here? We use Jenkins as the Devops CI/CD tool at our company, and in Macos/Apple/iOS development, we use a lot of Mac Mini devices. Since we build/compilers on a project-based, version-based basis, we cannot get 100% efficiency from our devices. (For example, because the dependencies of a project are different from other projects; we dedicate only 1 Mac Mini to that project. (As the dependecys of the projects are too many and large, the migration process is very difficult for us, the cost of moving to a lower-level Mac Mini device is high / but this is just an example)) While researching, I saw that there is no docker container image for MacOs X (enterprise or legal) and I know about the Apple EULA. (For virtualization, Apple hardware must be used as a basis. Because the MacOs system is paid for on a device-based basis.) What I want to ask here is can I find or create a MacOs docker container image legally? How is the structure of other companies in their CI processes? If I install MacOs with more than one VMware/VirtualBox on Mac Mini, What harm could it do me in Jenkins? (I'm curious about people's comments on this.)

I am trying to play with the sample code that you provided to run the fedora distribution. However, when I compiled it with swift terminal, I get the following error. error: 'VZVirtualMachineConfiguration' is only available in macOS 11.0 or newer How can I instruct swift to fetch the proper framework? PS: I am running all from my terminal, I am not an IDE user