forked from tiiuae/ghaf
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Yuri Nesterov <[email protected]>
- Loading branch information
1 parent
3105ca4
commit 4c568da
Showing
8 changed files
with
267 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,192 @@ | ||
# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors | ||
# SPDX-License-Identifier: Apache-2.0 | ||
{ | ||
config, | ||
lib, | ||
pkgs, | ||
... | ||
}: | ||
let | ||
cfg = config.ghaf.hardware.usb.vhotplug; | ||
inherit (lib) | ||
mkEnableOption | ||
mkOption | ||
types | ||
mkIf | ||
literalExpression | ||
; | ||
|
||
vhotplug = pkgs.callPackage ../../../../packages/vhotplug { }; | ||
defaultRules = [ | ||
{ | ||
name = "GUIVM"; | ||
qmpSocket = "/var/lib/microvms/gui-vm/gui-vm.sock"; | ||
usbPassthrough = [ | ||
{ | ||
class = 3; | ||
protocol = 1; | ||
description = "HID Keyboard"; | ||
} | ||
{ | ||
class = 3; | ||
protocol = 2; | ||
description = "HID Mouse"; | ||
} | ||
{ | ||
class = 11; | ||
description = "Chip/SmartCard (e.g. YubiKey)"; | ||
} | ||
{ | ||
class = 224; | ||
subclass = 1; | ||
protocol = 1; | ||
description = "Bluetooth"; | ||
disable = true; | ||
} | ||
{ | ||
# Currently disabled to leave USB drives connected to the host | ||
class = 8; | ||
sublass = 6; | ||
description = "Mass Storage - SCSI (USB drives)"; | ||
disable = true; | ||
} | ||
]; | ||
evdevPassthrough = { | ||
enable = cfg.enableEvdevPassthrough; | ||
inherit (cfg) pcieBusPrefix; | ||
}; | ||
} | ||
{ | ||
name = "NetVM"; | ||
qmpSocket = "/var/lib/microvms/net-vm/net-vm.sock"; | ||
usbPassthrough = [ | ||
{ | ||
# Currently disabled to avoid breaking remote nixos-rebuild, | ||
# which requires an Ethernet adapter connected to the host | ||
class = 2; | ||
sublass = 6; | ||
description = "Communications - Ethernet Networking"; | ||
disable = true; | ||
} | ||
]; | ||
} | ||
{ | ||
name = "ChromiumVM"; | ||
qmpSocket = "/var/lib/microvms/chromium-vm/chromium-vm.sock"; | ||
usbPassthrough = [ | ||
{ | ||
class = 14; | ||
description = "Video (USB Webcams)"; | ||
} | ||
]; | ||
} | ||
{ | ||
name = "AudioVM"; | ||
qmpSocket = "/var/lib/microvms/audio-vm/audio-vm.sock"; | ||
usbPassthrough = [ | ||
{ | ||
class = 1; | ||
description = "Audio"; | ||
} | ||
]; | ||
} | ||
]; | ||
in | ||
{ | ||
options.ghaf.hardware.usb.vhotplug = { | ||
enable = mkEnableOption "Enable hot plugging of USB devices"; | ||
|
||
rules = mkOption { | ||
type = types.listOf types.attrs; | ||
default = defaultRules; | ||
description = '' | ||
List of virtual machines with USB hot plugging rules. | ||
''; | ||
example = literalExpression '' | ||
[ | ||
{ | ||
name = "GUIVM"; | ||
qmpSocket = "/var/lib/microvms/gui-vm/gui-vm.sock"; | ||
usbPassthrough = [ | ||
{ | ||
class = 3; | ||
protocol = 1; | ||
description = "HID Keyboard"; | ||
ignore = [ | ||
{ | ||
vendorId = "046d"; | ||
productId = "c52b"; | ||
description = "Logitech, Inc. Unifying Receiver"; | ||
} | ||
]; | ||
} | ||
{ | ||
vendorId = "067b"; | ||
productId = "23a3"; | ||
description = "Prolific Technology, Inc. USB-Serial Controller"; | ||
disable = true; | ||
} | ||
]; | ||
} | ||
{ | ||
name = "NetVM"; | ||
qmpSocket = "/var/lib/microvms/net-vm/net-vm.sock"; | ||
usbPassthrough = [ | ||
{ | ||
productName = ".*ethernet.*"; | ||
description = "Ethernet devices"; | ||
} | ||
]; | ||
} | ||
]; | ||
''; | ||
}; | ||
|
||
enableEvdevPassthrough = mkOption { | ||
description = '' | ||
Enable passthrough of non-USB input devices on startup using QEMU virtio-input-host-pci device. | ||
''; | ||
type = types.bool; | ||
default = true; | ||
}; | ||
|
||
pcieBusPrefix = mkOption { | ||
type = types.nullOr types.str; | ||
default = "rp"; | ||
description = '' | ||
PCIe bus prefix used for the pcie-root-port QEMU device when evdev passthrough is enabled. | ||
''; | ||
}; | ||
|
||
pciePortCount = lib.mkOption { | ||
type = lib.types.int; | ||
default = 5; | ||
description = '' | ||
The number of PCIe ports used for hot-plugging virtio-input-host-pci devices. | ||
''; | ||
}; | ||
}; | ||
|
||
config = mkIf cfg.enable { | ||
services.udev.extraRules = '' | ||
SUBSYSTEM=="usb", GROUP="kvm" | ||
KERNEL=="event*", GROUP="kvm" | ||
''; | ||
|
||
environment.etc."vhotplug.conf".text = builtins.toJSON { vms = cfg.rules; }; | ||
|
||
systemd.services.vhotplug = { | ||
enable = true; | ||
description = "vhotplug"; | ||
wantedBy = [ "microvms.target" ]; | ||
after = [ "microvms.target" ]; | ||
serviceConfig = { | ||
Type = "simple"; | ||
Restart = "always"; | ||
RestartSec = "1"; | ||
ExecStart = "${vhotplug}/bin/vhotplug -a -c /etc/vhotplug.conf"; | ||
}; | ||
startLimitIntervalSec = 0; | ||
}; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors | ||
# SPDX-License-Identifier: Apache-2.0 | ||
{ | ||
python3Packages, | ||
fetchPypi, | ||
lib, | ||
}: | ||
python3Packages.buildPythonPackage rec { | ||
pname = "qemu.qmp"; | ||
version = "0.0.3"; | ||
|
||
src = fetchPypi { | ||
inherit pname version; | ||
sha256 = "sha256-y8iPvMEV7pQ9hER9FyxkLaEgIgRRQWwvYhrPM98eEBA="; | ||
}; | ||
|
||
pyproject = true; | ||
|
||
nativeBuildInputs = [ python3Packages.setuptools-scm ]; | ||
|
||
meta = { | ||
homepage = "https://www.qemu.org/"; | ||
description = "QEMU Monitor Protocol library"; | ||
license = lib.licenses.lgpl2Plus; | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors | ||
# SPDX-License-Identifier: Apache-2.0 | ||
{ | ||
python3Packages, | ||
pkgs, | ||
fetchFromGitHub, | ||
}: | ||
let | ||
qemuqmp = pkgs.callPackage ../qemuqmp { }; | ||
in | ||
python3Packages.buildPythonApplication rec { | ||
pname = "vhotplug"; | ||
version = "0.1"; | ||
|
||
propagatedBuildInputs = [ | ||
python3Packages.pyudev | ||
python3Packages.psutil | ||
qemuqmp | ||
]; | ||
|
||
doCheck = false; | ||
|
||
src = fetchFromGitHub { | ||
owner = "tiiuae"; | ||
repo = "vhotplug"; | ||
rev = "fd05361ed893d06cdb5ac4a538c171e4a86b6f5a"; | ||
hash = "sha256-6fl5xeSpcIIBKn3dZUAEHiNRRpn9LbYC4Imap5KBH2M="; | ||
}; | ||
} |