I have an HP Z820 with all the latest BIOS updates. I am trying to enable some of my PCIe devices to pass through to a Server 2016 VM as detailed here:
*None* of my PCIe devices are allowed to be mapped to a VM and the PowerShell cmdlet they provide ends with this update:
Unfortunately, this machine doesn't support using them in a VM. To use SR-IOV on this system, the system BIOS must be updated to allow Windows to control PCI Expre ss. Contact your system manufacturer for an update. SR-IOV cannot be used on this system as the PCI Express hardware does not support Access Control Se rvices (ACS) at any root port. Contact your system vendor for further information. This system has a security vulnerability in the system I/O remapping hardware. As a precaution, the ability to use SR-IOV has been disabled. You should contact your system manufacturer for an update d BIOS which enables Root Port Alternate Error Delivery mechanism. If all Virtual Machines intended to use SR-IOV run trusted workloads, SR-IOV may be enabled by adding a registry key of type DWORD with value 1 named IOVEnableOverride under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Virtualization and changing state of the trusted virtual machines. If the system exhibits r educed performance or instability after SR-IOV devices are assigned to Virtual Machines, consider d isabling the use of SR-IOV.
I've made sure VT-d is enabled. Everything else looks good. What is it that Windows doesn't like about the HP Z820? How do I enable ACS at any root port? How do I resolve that security vulnerability they're reporting?