From 0bfde48e3a4d7b29e08e7afc239bd18a45f84ea3 Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Fri, 5 Dec 2025 16:10:25 +0100
Subject: [PATCH 1/8] feat: add patch to support aarch64.

---
 pkgs/pve-qemu-server/default.nix              |  4 ++
 .../query-machine-capabilities-non-x86.patch  | 47 +++++++++++++++++++
 2 files changed, 51 insertions(+)
 create mode 100644 pkgs/pve-qemu-server/query-machine-capabilities-non-x86.patch

diff --git a/pkgs/pve-qemu-server/default.nix b/pkgs/pve-qemu-server/default.nix
index 559cf052..6f49044f 100644
--- a/pkgs/pve-qemu-server/default.nix
+++ b/pkgs/pve-qemu-server/default.nix
@@ -68,6 +68,10 @@ perl540.pkgs.toPerlModule (
 
     sourceRoot = "${src.name}/src";
 
+    patches = [
+      ./query-machine-capabilities-non-x86.patch
+    ];
+
     postPatch = ''
       sed -i {qmeventd/,bin/}Makefile \
         -e "/GITVERSION/d" \
diff --git a/pkgs/pve-qemu-server/query-machine-capabilities-non-x86.patch b/pkgs/pve-qemu-server/query-machine-capabilities-non-x86.patch
new file mode 100644
index 00000000..8adab1ad
--- /dev/null
+++ b/pkgs/pve-qemu-server/query-machine-capabilities-non-x86.patch
@@ -0,0 +1,47 @@
+# Source: [PATCH qemu-server] query-machine-capabilities: make it work on non-x86 arch
+# From the pve-devel public inbox: https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
+
+diff --git a/query-machine-capabilities/Makefile b/query-machine-capabilities/Makefile
+index 5db2bf97..cd55369c 100644
+--- a/query-machine-capabilities/Makefile
++++ b/query-machine-capabilities/Makefile
+@@ -6,6 +6,11 @@ SERVICEDIR=/lib/systemd/system
+ CC ?= gcc
+ CFLAGS += -O2 -fanalyzer -Werror -Wall -Wextra -Wpedantic -Wtype-limits -Wl,-z,relro -std=gnu11
+
++DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
++ifneq ($(DEB_HOST_ARCH),amd64)
++	CFLAGS += -DNOT_X86
++endif
++
+ query-machine-capabilities: query-machine-capabilities.c
+ 	$(CC) $(CFLAGS) -o $@ $< $(LDFLAGS)
+
+diff --git a/query-machine-capabilities/query-machine-capabilities.c b/query-machine-capabilities/query-machine-capabilities.c
+index 0c522afc..53a6badb 100644
+--- a/query-machine-capabilities/query-machine-capabilities.c
++++ b/query-machine-capabilities/query-machine-capabilities.c
+@@ -21,6 +21,7 @@ typedef struct {
+ } cpu_caps_t;
+
+ void query_cpu_capabilities(cpu_caps_t *res) {
++#ifndef NOT_X86
+     uint32_t eax, ebx, ecx, edx;
+
+     // query Encrypted Memory Capabilities, see:
+@@ -37,6 +38,14 @@ void query_cpu_capabilities(cpu_caps_t *res) {
+
+     res->cbitpos = ebx & 0x3f;
+     res->reduced_phys_bits = (ebx >> 6) & 0x3f;
++#else
++    res->sev_support = false;
++    res->sev_es_support = false;
++    res->sev_snp_support = false;
++
++    res->cbitpos = 0;
++    res->reduced_phys_bits = 0;
++#endif
+ }
+
+ int prepare_output_directory() {
+

From f93832c1752e78b4a6647b3d8c01d33be88d9049 Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sat, 6 Dec 2025 12:04:56 +0100
Subject: [PATCH 2/8] feat: add asm/unistd for aarch64.

---
 pkgs/pve-common/default.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/pve-common/default.nix b/pkgs/pve-common/default.nix
index 3a860996..889c4c73 100644
--- a/pkgs/pve-common/default.nix
+++ b/pkgs/pve-common/default.nix
@@ -117,6 +117,8 @@ perl540.pkgs.toPerlModule (
           + (
             if (stdenv.buildPlatform.system == "x86_64-linux") then
               "asm/unistd{,_64}.h"
+            else if (stdenv.buildPlatform.system == "aarch64-linux") then
+              "asm/unistd{,_64}.h asm-generic/{unistd,bitsperlong}.h"
             else
               "asm{,-generic}/{unistd,bitsperlong}.h"
           );

From fe33f7c4775d01e6830720db9e72030e7cd08d7d Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sat, 6 Dec 2025 14:04:45 +0100
Subject: [PATCH 3/8] feat: allow "virt" machine type for aarch64.

---
 pkgs/pve-qemu/default.nix                 |  8 +++++++-
 pkgs/pve-qemu/machine-types-non-x86.patch | 22 ++++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 pkgs/pve-qemu/machine-types-non-x86.patch

diff --git a/pkgs/pve-qemu/default.nix b/pkgs/pve-qemu/default.nix
index 6b500831..5dcda340 100644
--- a/pkgs/pve-qemu/default.nix
+++ b/pkgs/pve-qemu/default.nix
@@ -54,7 +54,7 @@ in
       );
       patchPathsList = map (patch: "${src}/debian/patches/${patch}") patchList;
     in
-    old.patches ++ patchPathsList;
+    old.patches ++ patchPathsList ++ [ ./machine-types-non-x86.patch ];
 
   sourceRoot = "${src.name}/qemu";
 
@@ -77,8 +77,14 @@ in
   postInstall = old.postInstall + ''
     $out/bin/qemu-system-x86_64 -cpu help \
       | ${perlEnv}/bin/perl ${src}/debian/parse-cpu-flags.pl > $out/share/qemu/recognized-CPUID-flags-x86_64
+
     $out/bin/qemu-system-x86_64 -machine help \
       | ${perlEnv}/bin/perl ${src}/debian/parse-machines.pl > $out/share/qemu/machine-versions-x86_64.json
+    $out/bin/qemu-system-x86_64 -machine help \
+      | ${perlEnv}/bin/perl ${src}/debian/parse-machines.pl > $out/share/qemu/machine-versions-aarch.json
+
+    # Concatenate machine types for all architectures
+    jq -s 'add' $out/share/qemu/machine-versions-*.json > $out/share/qemu/machine-versions.json
   '';
 
   passthru.updateScript = pve-update-script {
diff --git a/pkgs/pve-qemu/machine-types-non-x86.patch b/pkgs/pve-qemu/machine-types-non-x86.patch
new file mode 100644
index 00000000..bcf48866
--- /dev/null
+++ b/pkgs/pve-qemu/machine-types-non-x86.patch
@@ -0,0 +1,22 @@
+diff --git a/src/PVE/API2/Qemu/Machine.pm b/src/PVE/API2/Qemu/Machine.pm
+index 0fc1ea6c..ae10ec0d 100644
+--- a/src/PVE/API2/Qemu/Machine.pm
++++ b/src/PVE/API2/Qemu/Machine.pm
+@@ -39,7 +39,7 @@ __PACKAGE__->register_method({
+                 },
+                 type => {
+                     type => 'string',
+-                    enum => ['q35', 'i440fx'],
++                    enum => ['q35', 'i440fx', 'virt'],
+                     description => "The machine type.",
+                 },
+                 version => {
+@@ -57,7 +57,7 @@ __PACKAGE__->register_method({
+     },
+     code => sub {
+         my $supported_machine_list = eval {
+-            my $raw = file_get_contents('/usr/share/kvm/machine-versions-x86_64.json');
++            my $raw = file_get_contents('/usr/share/kvm/machine-versions.json');
+             my $machines = from_json($raw, { utf8 => 1 });
+
+             my $pve_machines = [];

From 566c60b9864a3f8f362567e62bd9749f48843a23 Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sat, 6 Dec 2025 15:02:25 +0100
Subject: [PATCH 4/8] fix: move patch.

---
 pkgs/pve-qemu-server/default.nix                               | 1 +
 pkgs/{pve-qemu => pve-qemu-server}/machine-types-non-x86.patch | 0
 pkgs/pve-qemu/default.nix                                      | 2 +-
 3 files changed, 2 insertions(+), 1 deletion(-)
 rename pkgs/{pve-qemu => pve-qemu-server}/machine-types-non-x86.patch (100%)

diff --git a/pkgs/pve-qemu-server/default.nix b/pkgs/pve-qemu-server/default.nix
index 6f49044f..86112169 100644
--- a/pkgs/pve-qemu-server/default.nix
+++ b/pkgs/pve-qemu-server/default.nix
@@ -70,6 +70,7 @@ perl540.pkgs.toPerlModule (
 
     patches = [
       ./query-machine-capabilities-non-x86.patch
+      ./machine-types-non-x86.patch
     ];
 
     postPatch = ''
diff --git a/pkgs/pve-qemu/machine-types-non-x86.patch b/pkgs/pve-qemu-server/machine-types-non-x86.patch
similarity index 100%
rename from pkgs/pve-qemu/machine-types-non-x86.patch
rename to pkgs/pve-qemu-server/machine-types-non-x86.patch
diff --git a/pkgs/pve-qemu/default.nix b/pkgs/pve-qemu/default.nix
index 5dcda340..d4c583b9 100644
--- a/pkgs/pve-qemu/default.nix
+++ b/pkgs/pve-qemu/default.nix
@@ -54,7 +54,7 @@ in
       );
       patchPathsList = map (patch: "${src}/debian/patches/${patch}") patchList;
     in
-    old.patches ++ patchPathsList ++ [ ./machine-types-non-x86.patch ];
+    old.patches ++ patchPathsList;
 
   sourceRoot = "${src.name}/qemu";
 

From 874546cfdc6b1399db7d7c629f03c64285786bed Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sat, 6 Dec 2025 16:21:30 +0100
Subject: [PATCH 5/8] fix: add jq.

---
 pkgs/pve-qemu/default.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/pve-qemu/default.nix b/pkgs/pve-qemu/default.nix
index d4c583b9..f1681407 100644
--- a/pkgs/pve-qemu/default.nix
+++ b/pkgs/pve-qemu/default.nix
@@ -1,4 +1,5 @@
 {
+  pkgs,
   lib,
   qemu,
   fetchgit,
@@ -70,6 +71,7 @@ in
     proxmox-backup-qemu
     perlEnv
     pkg-config
+    pkgs.jq
   ];
 
   # Generate cpu flag files and machine versions json

From c1b3e0d4f7dfe583c3a0cb68be2455ea0cd2ae19 Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sat, 6 Dec 2025 17:19:12 +0100
Subject: [PATCH 6/8] fix: patch.

---
 pkgs/pve-qemu-server/machine-types-non-x86.patch | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/pkgs/pve-qemu-server/machine-types-non-x86.patch b/pkgs/pve-qemu-server/machine-types-non-x86.patch
index bcf48866..859bd419 100644
--- a/pkgs/pve-qemu-server/machine-types-non-x86.patch
+++ b/pkgs/pve-qemu-server/machine-types-non-x86.patch
@@ -1,7 +1,7 @@
-diff --git a/src/PVE/API2/Qemu/Machine.pm b/src/PVE/API2/Qemu/Machine.pm
+diff --git a/PVE/API2/Qemu/Machine.pm b/PVE/API2/Qemu/Machine.pm
 index 0fc1ea6c..ae10ec0d 100644
---- a/src/PVE/API2/Qemu/Machine.pm
-+++ b/src/PVE/API2/Qemu/Machine.pm
+--- a/PVE/API2/Qemu/Machine.pm
++++ b/PVE/API2/Qemu/Machine.pm
 @@ -39,7 +39,7 @@ __PACKAGE__->register_method({
                  },
                  type => {
@@ -18,5 +18,3 @@ index 0fc1ea6c..ae10ec0d 100644
 -            my $raw = file_get_contents('/usr/share/kvm/machine-versions-x86_64.json');
 +            my $raw = file_get_contents('/usr/share/kvm/machine-versions.json');
              my $machines = from_json($raw, { utf8 => 1 });
-
-             my $pve_machines = [];

From c7c850a106a9b6c633961db159f00bc4251efc6a Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sat, 6 Dec 2025 21:22:33 +0100
Subject: [PATCH 7/8] feat: add virt machine type to ui selector.

---
 .../0003-virt-machine-type-aarch64.patch      | 22 +++++++++++++++++++
 pkgs/pve-manager/default.nix                  |  3 ++-
 2 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 pkgs/pve-manager/0003-virt-machine-type-aarch64.patch

diff --git a/pkgs/pve-manager/0003-virt-machine-type-aarch64.patch b/pkgs/pve-manager/0003-virt-machine-type-aarch64.patch
new file mode 100644
index 00000000..6e86917d
--- /dev/null
+++ b/pkgs/pve-manager/0003-virt-machine-type-aarch64.patch
@@ -0,0 +1,22 @@
+diff --git a/www/manager6/qemu/MachineEdit.js b/www/manager6/qemu/MachineEdit.js
+index 1b1989e8..d7cb9faa 100644
+--- a/www/manager6/qemu/MachineEdit.js
++++ b/www/manager6/qemu/MachineEdit.js
+@@ -24,7 +24,7 @@ Ext.define('PVE.qemu.MachineInputPanel', {
+             let version = me.lookup('version');
+             let store = version.getStore();
+             let oldRec = store.findRecord('id', version.getValue(), 0, false, false, true);
+-            let type = value === 'q35' ? 'q35' : 'i440fx';
++            let type = ['q35', 'i440fx', 'virt'].find(t => t === value) ?? 'i440fx';
+             store.clearFilter();
+             store.addFilter((val) => val.data.id === 'latest' || val.data.type === type);
+             if (!me.getView().isWindows) {
+@@ -102,6 +102,7 @@ Ext.define('PVE.qemu.MachineInputPanel', {
+         comboItems: [
+             ['__default__', PVE.Utils.render_qemu_machine('')],
+             ['q35', 'q35'],
++            ['virt', 'virt'],
+         ],
+         bind: {
+             value: '{type}',
+
diff --git a/pkgs/pve-manager/default.nix b/pkgs/pve-manager/default.nix
index 4c0b8689..21c25aa5 100644
--- a/pkgs/pve-manager/default.nix
+++ b/pkgs/pve-manager/default.nix
@@ -75,6 +75,7 @@ perl540.pkgs.toPerlModule (
     patches = [
       ./0001-no-apt-update.patch
       ./0002-no-repo-status.patch
+      ./0003-virt-machine-type-aarch64.patch
     ];
 
     postPatch = ''
@@ -179,7 +180,7 @@ perl540.pkgs.toPerlModule (
             ]
           } \
           --prefix PERL5LIB : $out/${perl540.libPrefix}/${perl540.version}
-      done      
+      done
     '';
 
     passthru.updateScript = pve-update-script { };

From 4e8317e94464a90d0a99cf488807a1f65e88cedc Mon Sep 17 00:00:00 2001
From: Rune Dahl Billeskov <rune@dahl-billeskov.com>
Date: Sun, 7 Dec 2025 22:35:08 +0100
Subject: [PATCH 8/8] feat: use scsi as virt machines doesn't support legacy
 IDE.

---
 tests/vm.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/vm.nix b/tests/vm.nix
index 2387c8a4..239b76d3 100644
--- a/tests/vm.nix
+++ b/tests/vm.nix
@@ -50,28 +50,28 @@ in
 
     # Seabios VM creation
     machine.succeed(
-      "qm create 101 --kvm 0 --bios seabios -cdrom local:iso/minimal.iso",
+      "qm create 101 --kvm 0 --bios seabios --scsi0 local:iso/minimal.iso,media=cdrom",
       "qm start 101",
       "qm stop 101 --timeout 0"
     )
 
     # Legacy ovmf vm creation
     machine.succeed(
-      "qm create 102 --kvm 0 --bios ovmf -cdrom local:iso/minimal.iso",
+      "qm create 102 --kvm 0 --bios ovmf --scsi0 local:iso/minimal.iso,media=cdrom",
       "qm start 102",
       "qm stop 102 --timeout 0"
     )
 
     # UEFI ovmf vm creation
     machine.succeed(
-      "qm create 103 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m -cdrom local:iso/minimal.iso",
+      "qm create 103 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m --scsi0 local:iso/minimal.iso,media=cdrom",
       "qm start 103",
       "qm stop 103 --timeout 0"
     )
 
     # UEFI ovmf vm creation with secure boot
     machine.succeed(
-      "qm create 104 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m,pre-enrolled-keys=1 -cdrom local:iso/minimal.iso",
+      "qm create 104 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m,pre-enrolled-keys=1 --scsi0 local:iso/minimal.iso,media=cdrom",
       "qm start 104",
       "qm stop 104 --timeout 0"
     )