-
Notifications
You must be signed in to change notification settings - Fork 0
/
pciPassthrough.nix
executable file
·105 lines (88 loc) · 2.83 KB
/
pciPassthrough.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# Courtesy of https://gist.github.com/techhazard/1be07805081a4d7a51c527e452b87b26
{config, pkgs, lib, ... }:
with lib;
let
cfg = config.pciPassthrough;
reduce = f: init: xs: builtins.foldl' (a: b: f a b) init xs;
getFileName = s: (replaceStrings [" "] ["" ] s);
getUSBDeviceFileConfig = devices: (reduce
(cfgMap: {vendorId, productId, name, ...}:
(recursiveUpdate cfgMap {
"virt/${(getFileName name)}.xml".text = ''
<hostdev mode='subsystem' type='usb'>
<source>
<vendor id='0x${vendorId}'/>
<product id='0x${productId}'/>
</source>
</hostdev>
'';
}))
{}
devices);
getUSBUdevRules = devices: (reduce
(rulesStr: {vendorId, productId, name, vmName, ...}:
(rulesStr + ''
ACTION=="add", \
SUBSYSTEM=="usb", \
ATTRS{idVendor}=="${vendorId}", \
ATTRS{idProduct}=="${productId}", \
RUN+="${pkgs.libvirt}/bin/virsh attach-device ${vmName} /etc/virt/${(getFileName name)}.xml"
ACTION=="remove", \
SUBSYSTEM=="usb", \
ATTRS{idVendor}=="${vendorId}", \
ATTRS{idProduct}=="${productId}", \
RUN+="${pkgs.libvirt}/bin/virsh detach-device ${vmName} /etc/virt/${(getFileName name)}.xml"
''))
""
devices);
in
{
###### interface
options.pciPassthrough = {
enable = mkEnableOption "PCI Passthrough";
cpuType = mkOption {
description = "One of `intel` or `amd`";
default = "intel";
type = types.str;
};
pciIDs = mkOption {
description = "Comma-separated list of PCI IDs to pass-through";
type = types.str;
};
libvirtUsers = mkOption {
description = "Extra users to add to libvirtd (root is already included)";
type = types.listOf types.str;
default = [];
};
audioUser = mkOption {
default = "";
};
usbDevices = mkOption {
default = [];
};
};
###### implementation
config = (mkIf cfg.enable
{ boot.kernelParams = [ "${cfg.cpuType}_iommu=on" ];
# These modules are required for PCI passthrough, and must come before early modesetting stuff
boot.kernelModules = [ "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
boot.extraModprobeConfig ="options vfio-pci ids=${cfg.pciIDs}";
environment.systemPackages = with pkgs; [
virtmanager
qemu
OVMF
];
environment.etc = (getUSBDeviceFileConfig cfg.usbDevices);
services.udev.extraRules = (getUSBUdevRules cfg.usbDevices);
virtualisation.libvirtd.enable = true;
virtualisation.libvirtd.qemuPackage = pkgs.qemu_kvm;
users.groups.libvirtd.members = [ "root" ] ++ cfg.libvirtUsers;
virtualisation.libvirtd.qemuVerbatimConfig = ''
nvram = [
"${pkgs.OVMF}/FV/OVMF.fd:${pkgs.OVMF}/FV/OVMF_VARS.fd"
]
user = "${cfg.audioUser}"
'';
}
);
}