Salt recipes for easier switching sys-gui-gpu on/off

yann · September 29, 2021, 7:17pm

There are sys-gui-gpu-attach-gpu and sys-gui-gpu-detach-gpu, but they suffer from a couple of issues IMHO:

(known) targeted at particular hardware (Intel) which is not mine (AMD)
especially does not handle a GPU sharing the same iommu group with tons of other devices
does not restore a working sys-usb state on detach
does not change default_guivm
does not help in preventing dom0 from loading a drm driver (which happens to refuse the release of the GPU in my case)

I find the files below help me file experimenting (with the hope of one day getting sys-gui-gpu to work, which is not yet the case), especially helping in not forgetting any detail when testing something new. They mostly contain pieces adapted from other Salt recipes under /srv, I cannot claim any deep understanding of Salt. They do not address for now:

genericity in selection of the GPU device
modification of the kernel command line

So here they are, as much for recieving comments as for using as a basis for improvement (after all they are not sufficient yet on my Bravo 17 laptop…)

sys-gui-gpu-on.sls

# -*- coding: utf-8 -*-
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :

##
# qvm.sys-gui-gpu-on
# ===========
##

# FIXME - lacks at least:
# - pci-stub for 1002:1636

attach:
  qvm.devices:
    - name: sys-gui-gpu
    - order: 1
    - attach:
      # GPU
      - pci:dom0:07_00.0:
        - permissive: true
        - no-strict-reset: true

prefs-sysgui:
  qvm.prefs:
    - name: sys-gui-gpu
    - autostart: true

# Setup Qubes RPC policy for sys-usb to sys-gui-gpu
sys-usb-input-proxy:
  file.prepend:
    - name: /etc/qubes-rpc/policy/qubes.InputMouse
    - text: {{ salt['pillar.get']('qvm:sys-usb:name', 'sys-usb') }} dom0 allow,user=root,target=sys-gui-gpu
    - require:
      - file: sys-usb-previous-rpc

sys-usb-previous-rpc:
  file.line:
    - name: /etc/qubes-rpc/policy/qubes.InputMouse
    - match: {{ salt['pillar.get']('qvm:sys-usb:name', 'sys-usb') }} dom0 allow,user=root
    - mode: delete

sys-gui-default-guivm:
  cmd.run:
    - name: qubes-prefs default_guivm sys-gui-gpu

sys-gui-gpu-off.sls

# -*- coding: utf-8 -*-
# vim: set syntax=yaml ts=2 sw=2 sts=2 et :

##
# qvm.sys-gui-gpu-off
# ===========
##

detach:
  qvm.devices:
    - name: sys-gui-gpu
    - order: 1
    # GPU
    - detach:
      - pci:dom0:07_00.0: []
    # audio
#      - pci:dom0:07_00.5: []
#      - pci:dom0:07_00.6: []

prefs-sysgui:
  qvm.prefs:
    - name: sys-gui-gpu
    - autostart: false

# Revert "Setup Qubes RPC policy for sys-usb to sys-gui-gpu"
sys-usb-input-proxy:
  file.prepend:
    - name: /etc/qubes-rpc/policy/qubes.InputMouse
    - text: {{ salt['pillar.get']('qvm:sys-usb:name', 'sys-usb') }} dom0 allow,user=root
    - require:
      - file: sys-usb-previous-rpc

sys-usb-previous-rpc:
  file.line:
    - name: /etc/qubes-rpc/policy/qubes.InputMouse
    - match: {{ salt['pillar.get']('qvm:sys-usb:name', 'sys-usb') }} dom0 allow,user=root
    - mode: delete

sys-gui-default-guivm:
  cmd.run:
    - name: qubes-prefs --default default_guivm