I have an Asus Zephyrus G14 2023 model. I will make a detailed HCL report once I have thoroughly tested it.
I am installing qubes with the bootloader and EFI partitions on a USB flash drive, as the system only takes a single nvme drive and I need multiple operating systems. The flash drive has signed firmware and a physical write protect switch. I am unable to use AEM as it is AMD ryzen with TPM 2.0.
The laptop has four USB controllers. It seems that the keyboard and bluetooth are on the same controller as the external USB-A ports (why…).
Simply using salt to automatically set up sys-usb and pass raw keyboard input to dom0 ‘safely’ works, but with the caveat that the keyboard backlight doesn’t function. This is unworkable for me. I believe it is to do with a separate ‘AsusTek N-KEY’ device on the same controller not being accessible to dom0. An option that does allow the backlight to work is to assign the entire controller to dom0. The caveat to this is not having bluetooth device accessible to pass through to VMs. And not being able to attach block devices via USB-A ports if usbcore.authorized_default=0 is used.
Even if there were a way to passthrough this Asus N-KEY device to dom0 such that the backlight would function, would this render the entire exercise pointless? Am I basically stuck without a keyboard backlight if I want to isolate usb devices from dom0 and still have access to the bluetooth and the USB-A ports? The only reason I would need bluetooth is to use my headphones OTG. The laptop does have a physical audio port but i’d rather not buy a 3rd set of headphones if I can avoid it.
Does anyone have any ideas for how I can better manage this hardware? Other than live without a backlight, but the keys are unreadable to me half the time without it.