Good to hear (and thanks for the great guide)!
In theory, is it possible that sys-audio makes your VMs more unique, therefore more fingerprintable? I hope not, just wondering as a half amateur Q user.
Good to hear (and thanks for the great guide)!
In theory, is it possible that sys-audio makes your VMs more unique, therefore more fingerprintable? I hope not, just wondering as a half amateur Q user.
More unique for which attacker? You mean for websites or for local users? If itās the former, then I find it unlikely. Do websites have access to the audio system?
If itās the latter, then Qubes doesnāt try to prevent such fingerprinting.
Websites. And I donāt know. Do they? They can play audio for sure. Iām also not sure about the scenario when audio is disabled by default. Can a website see that you donāt have any audio in your OS? In my mind this can be unique, but I maybe wrong as all of these are just my speculations.
Hi,
My bluetooth device is a Network controller: Intel Corporation Wi-Fi 6 AX201** that includes Bluetooth functionality, the Intel AX201 is known to be a combo card that supports both Wi-Fi 6 and Bluetooth 5.x.
When restarting the sys-audio cube i have following error:
Start failed: Requested operation is not valid: PCI device 0000:00:14.3 is in use by driver xenlight, domain sys-net, see /var/log/libvirt/libxl/libxl-driver.log for details
A restart of other qubes does not fix the problem.
I think the AX201 consists of two devices:
So you donāt need to attach PCI Wireless controller to sys-audio for bluetooth to work there.
These are all my devices (excluding my audio ones):
00:00.0 Host bridge: Intel Corporation 11th Gen Core Processor Host Bridge/DRAM Registers
00:01.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #1
00:02.0 VGA compatible controller: Intel Corporation Tiger Lake-H GT1 [UHD Graphics]
00:04.0 Signal processing controller: Intel Corporation Tiger Lake-H Dynamic Tuning Processor Participant
00:05.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #0
00:06.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #2
00:07.0 PCI bridge: Intel Corporation Tiger Lake-H GNA Scoring Accelerator module
00:08.0 Signal processing controller: Intel Corporation Tiger Lake-H Gaussian Mixture Model
00:0d.0 USB controller: Intel Corporation Tiger Lake-H USB 3.1 xHCI Host Controller
00:0d.2 USB controller: Intel Corporation Tiger Lake-H NHI #0
00:0d.3 USB controller: Intel Corporation Tiger Lake-H NHI #1
00:0e.0 USB controller: Intel Corporation Tiger Lake-H xHCI Host Controller
00:14.0 USB controller: Intel Corporation Tiger Lake-H USB 3.2 xHCI Host Controller
00:14.2 RAM memory: Intel Corporation Tiger Lake-H Shared SRAM
00:14.3 Network controller: Intel Corporation Wi-Fi 6 AX201
00:15.0 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #0
00:15.1 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #1
00:16.0 Communication controller: Intel Corporation Tiger Lake-H Management Engine Interface
00:17.0 SATA controller: Intel Corporation Tiger Lake-H SATA AHCI Controller
00:1c.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #9
00:1d.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #11
00:1f.0 ISA bridge: Intel Corporation HM570 LPC/eSPI Controller
00:1f.3 SMBus: Intel Corporation Tiger Lake-H SMBus Controller
00:1f.4 SMBus: Intel Corporation Tiger Lake-H SPI Controller
01:00.0 VGA compatible controller: NVIDIA Corporation GA104M [GeForce RTX 3080 Mobile / Max-Q 8GB/16GB]
02:00.0 Non-Volatile memory controller: Samsung Electronics Co Ltd NVMe SSD Controller PM9A1/PM9A3/980PRO
52:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8125 2.5GbE Controller
These are my devices, excluding my audio ones:
00:00.0 Host bridge: Intel Corporation 11th Gen Core Processor Host Bridge/DRAM Registers
00:01.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #1
00:02.0 VGA compatible controller: Intel Corporation Tiger Lake-H GT1 [UHD Graphics]
00:04.0 Signal processing controller: Intel Corporation Tiger Lake-H Dynamic Tuning Processor Participant
00:05.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #0
00:06.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #2
00:07.0 PCI bridge: Intel Corporation Tiger Lake-H GNA Scoring Accelerator module
00:08.0 Signal processing controller: Intel Corporation Tiger Lake-H Gaussian Mixture Model
00:0d.0 USB controller: Intel Corporation Tiger Lake-H USB 3.1 xHCI Host Controller
00:0d.2 USB controller: Intel Corporation Tiger Lake-H NHI #0
00:0d.3 USB controller: Intel Corporation Tiger Lake-H NHI #1
00:0e.0 USB controller: Intel Corporation Tiger Lake-H xHCI Host Controller
00:14.0 USB controller: Intel Corporation Tiger Lake-H USB 3.2 xHCI Host Controller
00:14.2 RAM memory: Intel Corporation Tiger Lake-H Shared SRAM
00:14.3 Network controller: Intel Corporation Wi-Fi 6 AX201
00:15.0 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #0
00:15.1 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #1
00:16.0 Communication controller: Intel Corporation Tiger Lake-H Management Engine Interface
00:17.0 SATA controller: Intel Corporation Tiger Lake-H SATA AHCI Controller
00:1c.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #9
00:1d.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #11
00:1f.0 ISA bridge: Intel Corporation HM570 LPC/eSPI Controller
00:1f.3 SMBus: Intel Corporation Tiger Lake-H SMBus Controller
00:1f.4 SMBus: Intel Corporation Tiger Lake-H SPI Controller
01:00.0 VGA compatible controller: NVIDIA Corporation GA104M [GeForce RTX 3080 Mobile / Max-Q 8GB/16GB]
02:00.0 Non-Volatile memory controller: Samsung Electronics Co Ltd NVMe SSD Controller PM9A1/PM9A3/980PRO
52:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8125 2.5GbE Controller
Whatās the output of this command in sys-usb?
lsusb
user@sys-usb:~$ lsusb
Bus 005 Device 002: ID 0bda:0411 Realtek Semiconductor Corp. Hub
Bus 005 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 004 Device 004: ID 048d:c968 Integrated Technology Express, Inc. ITE Device(8258)
Bus 004 Device 003: ID 04f2:b67d Chicony Electronics Co., Ltd Integrated Camera
Bus 004 Device 002: ID 1050:0407 Yubico.com Yubikey 4/5 OTP+U2F+CCID
Bus 004 Device 006: ID 8087:0026 Intel Corp. AX201 Bluetooth
Bus 004 Device 009: ID 31e3:1312 Wooting Wooting 60HE (ARM)
Bus 004 Device 007: ID 1532:007b Razer USA, Ltd RC30-0305 Gaming Mouse Dongle [Viper Ultimate (Wireless)]
Bus 004 Device 005: ID 0bda:5411 Realtek Semiconductor Corp. RTS5411 Hub
Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd QEMU Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
user@sys-usb:~$
This is your USB Bluetooth adapter from AX201.
Thanks! Interesting tough, I donāt see any mention of bluetooth in the connected devices under the sys-usb qubeā¦
Connected devices:
00:0d.0 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 USB Controller
00:0d.2 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #0
00:0d.3 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #1
00:14.0 USB controller: Intel Corporation Tiger Lake-H USB 3.2 Gen 2x1 XHCI Host Controller
You need to install blueman and configure the bluetooth in the sys-usb for it to work there:
I have installed and started the bluetooth service in the sys-usb template but nothing really changesā¦
The availlable devices I can to add to sys-audio are:
00:00.0 Host bridge: Intel Corporation 11th Gen Core Processor Host Bridge/DRAM Registers
00:01.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #1
00:02.0 VGA compatible controller: Intel Corporation TigerLake-H GT1 [UHD Graphics]
00:04.0 Signal processing controller: Intel Corporation TigerLake-LP Dynamic Tuning Processor Participant
00:06.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #0
00:07.0 PCI bridge: Intel Corporation Tiger Lake-H Thunderbolt 4 PCI Express Root Port #0
00:07.2 PCI bridge: Intel Corporation Tiger Lake-H Thunderbolt 4 PCI Express Root Port #2
00:0a.0 Signal processing controller: Intel Corporation Tigerlake Telemetry Aggregator Driver
00:0d.0 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 USB Controller
00:0d.2 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #0
00:0d.3 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #1
00:14.0 USB controller: Intel Corporation Tiger Lake-H USB 3.2 Gen 2x1 xHCI Host Controller
00:14.2 RAM memory: Intel Corporation Tiger Lake-H Shared SRAM
00:14.3 Network controller: Intel Corporation Tiger Lake PCH CNVi WiFi
00:15.0 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #0
00:15.1 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #1
00:15.2 Serial bus controller: Intel Corporation
00:16.0 Communication controller: Intel Corporation Tiger Lake-H Management Engine Interface
00:17.0 SATA controller: Intel Corporation Tiger Lake SATA AHCI Controller
00:1d.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #9
00:1d.6 PCI bridge: Intel Corporation
00:1f.0 ISA bridge: Intel Corporation HM570 LPC/eSPI Controller
00:1f.4 SMBus: Intel Corporation Tiger Lake-H SMBus Controller
00:1f.5 Serial bus controller: Intel Corporation Tiger Lake-H SPI Controller
01:00.0 VGA compatible controller: NVIDIA Corporation GA104M [GeForce RTX 3080 Mobile / Max-Q 8GB/16GB]
02:00.0 Non-Volatile memory controller: Samsung Electronics Co Ltd NVMe SSD Controller PM9A1/PM9A3/980PRO
5c:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
sys-usb qube: lsusb -t
user@sys-usb:~$ lsusb -t
/: Bus 05.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/8p, 20000M/x2
|__ Port 5: Dev 2, If 0, Class=Hub, Driver=hub/2p, 5000M
/: Bus 04.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/16p, 480M
|__ Port 3: Dev 2, If 2, Class=Chip/SmartCard, Driver=, 12M
|__ Port 3: Dev 2, If 0, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 3: Dev 2, If 1, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 6: Dev 3, If 0, Class=Video, Driver=uvcvideo, 480M
|__ Port 6: Dev 3, If 1, Class=Video, Driver=uvcvideo, 480M
|__ Port 9: Dev 4, If 0, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 10: Dev 5, If 0, Class=Hub, Driver=hub/2p, 480M
|__ Port 1: Dev 7, If 0, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 1: Dev 7, If 1, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 1: Dev 7, If 2, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 2: Dev 8, If 4, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 2: Dev 8, If 2, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 2: Dev 8, If 0, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 2: Dev 8, If 5, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 2: Dev 8, If 3, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 2: Dev 8, If 1, Class=Human Interface Device, Driver=usbhid, 12M
|__ Port 14: Dev 6, If 0, Class=Wireless, Driver=btusb, 12M
|__ Port 14: Dev 6, If 1, Class=Wireless, Driver=btusb, 12M
/: Bus 03.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/4p, 10000M
/: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/1p, 480M
/: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=ehci-pci/6p, 480M
|__ Port 1: Dev 2, If 0, Class=Human Interface Device, Driver=usbhid, 480M
user@sys-usb:~$ lsusb
Bus 005 Device 002: ID 0bda:0411 Realtek Semiconductor Corp. Hub
Bus 005 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 004 Device 004: ID 048d:c968 Integrated Technology Express, Inc. ITE Device(8258)
Bus 004 Device 003: ID 04f2:b67d Chicony Electronics Co., Ltd Integrated Camera
Bus 004 Device 002: ID 1050:0407 Yubico.com Yubikey 4/5 OTP+U2F+CCID
Bus 004 Device 006: ID 8087:0026 Intel Corp. AX201 Bluetooth
Bus 004 Device 008: ID 31e3:1312 Wooting Wooting 60HE (ARM)
Bus 004 Device 007: ID 1532:007b Razer USA, Ltd RC30-0305 Gaming Mouse Dongle [Viper Ultimate (Wireless)]
Bus 004 Device 005: ID 0bda:5411 Realtek Semiconductor Corp. RTS5411 Hub
Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd QEMU Tablet
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
When I add a USB device that is allready in use by sys-usb, I get:
When I move the USB device from sys-usb to sys-audio, I have no usb devices anymoreā¦
Am I missing something?
Attach this USB device not PCI USB Controller from sys-usb to sys-audio:
Bus 004 Device 006: ID 8087:0026 Intel Corp. AX201 Bluetooth
Use Qubes Devices widget in system tray for this, not qubeās Settings ā Devices tab.
Then you can use blueman-manager in sys-audio to pair with your Bluetooth devices.
Thanks for helping, sadly enough that is not an option between my devicesā¦
This is what I have:
[x@dom0 ~]$ qvm-usb
BACKEND:DEVID DESCRIPTION USED BY
sys-usb:4-10.1 1532:007b_Razer_Razer_Viper_Ultimate_Dongle
sys-usb:4-10.2 31e3:1312_Wooting_Wooting_60HE__ARM__A02B2315W052H36407
sys-usb:4-14 8087:0026_8087_0026
sys-usb:4-3 1050:0407_Yubico_YubiKey_OTP+FIDO+CCID_0020637187
sys-usb:4-6 04f2:b67d_Sonix_Technology_Co.__Ltd._Integrated_Camera
sys-usb:4-9 048d:c968_ITE_Tech._Inc._ITE_Device_8258_ disp4018 (identity=0000:0000::'?''*''*''*''*''*''*')
[x@dom0 ~]$ lsusb
[x@dom0 ~]$ qvm-pci
BACKEND:DEVID DESCRIPTION USED BY
dom0:00_00.0 Host bridge: Intel Corporation 11th Gen Core Processor Host Bridge/DRAM Registers
dom0:00_01.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #1
dom0:00_02.0 VGA compatible controller: Intel Corporation TigerLake-H GT1 [UHD Graphics]
dom0:00_04.0 Signal processing controller: Intel Corporation TigerLake-LP Dynamic Tuning Processor Participant
dom0:00_06.0 PCI bridge: Intel Corporation 11th Gen Core Processor PCIe Controller #0
dom0:00_07.0 PCI bridge: Intel Corporation Tiger Lake-H Thunderbolt 4 PCI Express Root Port #0
dom0:00_07.2 PCI bridge: Intel Corporation Tiger Lake-H Thunderbolt 4 PCI Express Root Port #2
dom0:00_0a.0 Signal processing controller: Intel Corporation Tigerlake Telemetry Aggregator Driver
dom0:00_0d.0 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 USB Controller sys-usb (no-strict-reset=True)
dom0:00_0d.2 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #0 sys-usb (no-strict-reset=True)
dom0:00_0d.3 USB controller: Intel Corporation Tiger Lake-H Thunderbolt 4 NHI #1 sys-usb (no-strict-reset=True)
dom0:00_14.0 USB controller: Intel Corporation Tiger Lake-H USB 3.2 Gen 2x1 xHCI Host Controller sys-usb (no-strict-reset=True)
dom0:00_14.2 RAM memory: Intel Corporation Tiger Lake-H Shared SRAM
dom0:00_14.3 Network controller: Intel Corporation Tiger Lake PCH CNVi WiFi sys-net
dom0:00_15.0 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #0
dom0:00_15.1 Serial bus controller: Intel Corporation Tiger Lake-H Serial IO I2C Controller #1
dom0:00_15.2 Serial bus controller: Intel Corporation
dom0:00_16.0 Communication controller: Intel Corporation Tiger Lake-H Management Engine Interface
dom0:00_17.0 SATA controller: Intel Corporation Tiger Lake SATA AHCI Controller
dom0:00_1d.0 PCI bridge: Intel Corporation Tiger Lake-H PCI Express Root Port #9
dom0:00_1d.6 PCI bridge: Intel Corporation
dom0:00_1f.0 ISA bridge: Intel Corporation HM570 LPC/eSPI Controller
dom0:00_1f.3 Audio device: Intel Corporation Tiger Lake-H HD Audio Controller sys-audio (no-strict-reset=True)
dom0:00_1f.4 SMBus: Intel Corporation Tiger Lake-H SMBus Controller
dom0:00_1f.5 Serial bus controller: Intel Corporation Tiger Lake-H SPI Controller
dom0:01_00.0 VGA compatible controller: NVIDIA Corporation GA104M [GeForce RTX 3080 Mobile / Max-Q 8GB/16GB]
dom0:01_00.1 Audio device: NVIDIA Corporation GA104 High Definition Audio Controller sys-audio (no-strict-reset=True)
dom0:02_00.0 Non-Volatile memory controller: Samsung Electronics Co Ltd NVMe SSD Controller PM9A1/PM9A3/980PRO
dom0:5c_00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller sys-net
[x@dom0 ~]$
I think I will just the blueman-manager from sys-usb since replacing the usb controller with Bluetooth functionality from sys-usb to sys-audio also replaces all the other devices on my usb controller
What problem do you have with attaching USB Bluetooth adapter from sys-usb to sys-audio?
sys-usb:4-14 8087:0026_8087_0026
- is your USB Bluetooth adapter.
You can do this using Qubes Devices widget in system tray or by running this command in dom0 terminal:
qvm-usb attach sys-audo sys-usb:4-14
Iāve tried attaching 4-14 and 4-9 but none of those devices show up in lsusb within sys-audio qubeā¦ blueman-manager does not recognize any bluetooth device as well
Are you able to attach any USB device to any qube at all?
@neowutran it worked perfectly for me, thanks! I did not expect the recording to be passed as well from a bluetooth headsets
I just need to figure why the bluetooth applet does not start automatically now
Did you enable blueman
service in the sys-audio Settings ā Services?