From 85aae79ca1dbdd592f631ce2d6719f648c35f0e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 13 Mar 2020 06:58:29 +0000 Subject: [PATCH 1/2] nixos/kvmgt: fix driver option extraModprobeConfig could be applied too late i.e. if the driver has been loaded in initrd, while the harddrive is still encrypted. Using a kernelParams works in all cases however. --- nixos/modules/virtualisation/kvmgt.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/nixos/modules/virtualisation/kvmgt.nix b/nixos/modules/virtualisation/kvmgt.nix index 36ef6d17df6..355f4770c50 100644 --- a/nixos/modules/virtualisation/kvmgt.nix +++ b/nixos/modules/virtualisation/kvmgt.nix @@ -50,10 +50,7 @@ in { }; boot.kernelModules = [ "kvmgt" ]; - - boot.extraModprobeConfig = '' - options i915 enable_gvt=1 - ''; + boot.kernelParams = [ "i915.enable_gvt=1" ]; systemd.paths = mapAttrs' (name: value: nameValuePair "kvmgt-${name}" { From 505d241ee3905166206d9a8a2f13a01b60659ed2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 13 Mar 2020 07:00:17 +0000 Subject: [PATCH 2/2] nixos/kvmgt: add udev rules for unprivileged access --- nixos/modules/virtualisation/kvmgt.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/nixos/modules/virtualisation/kvmgt.nix b/nixos/modules/virtualisation/kvmgt.nix index 355f4770c50..0902d2dc2cb 100644 --- a/nixos/modules/virtualisation/kvmgt.nix +++ b/nixos/modules/virtualisation/kvmgt.nix @@ -19,7 +19,8 @@ in { virtualisation.kvmgt = { enable = mkEnableOption '' KVMGT (iGVT-g) VGPU support. Allows Qemu/KVM guests to share host's Intel integrated graphics card. - Currently only one graphical device can be shared + Currently only one graphical device can be shared. To allow users to access the device without root add them + to the kvm group: users.extraUsers.<yourusername>.extraGroups = [ "kvm" ]; ''; # multi GPU support is under the question device = mkOption { @@ -35,9 +36,7 @@ in { and find info about device via cat /sys/bus/pci/devices/*/mdev_supported_types/i915-GVTg_V5_4/description ''; example = { - i915-GVTg_V5_8 = { - uuid = "a297db4a-f4c2-11e6-90f6-d3b88d6c9525"; - }; + i915-GVTg_V5_8.uuid = "a297db4a-f4c2-11e6-90f6-d3b88d6c9525"; }; }; }; @@ -62,6 +61,10 @@ in { } ) cfg.vgpus; + services.udev.extraRules = '' + SUBSYSTEM=="vfio", OWNER="root", GROUP="kvm" + ''; + systemd.services = mapAttrs' (name: value: nameValuePair "kvmgt-${name}" { description = "KVMGT VGPU ${name}";