51 lines
1.5 KiB
Nix
51 lines
1.5 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: {
|
|
virtualisation.libvirtd.qemu.verbatimConfig = ''
|
|
namespaces = []
|
|
user = "+1000"
|
|
cgroup_device_acl = [
|
|
"/dev/null", "/dev/full", "/dev/zero",
|
|
"/dev/random", "/dev/urandom",
|
|
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
|
|
"/dev/rtc","/dev/hpet", "/dev/vfio/vfio",
|
|
"/dev/kvmfr0",
|
|
]
|
|
'';
|
|
boot = {
|
|
initrd.kernelModules = ["vfio_pci" "vfio_iommu_type1" "vfio"];
|
|
kernelModules = ["kvmfr"];
|
|
kernelParams = ["amd_iommu=on" "amd_iommu=pt" "kvm.ignore_msrs=1"];
|
|
extraModulePackages = [config.boot.kernelPackages.kvmfr];
|
|
extraModprobeConfig = ''
|
|
options vfio-pci ids=10de:2b85,10de:22e8
|
|
options kvmfr static_size_mb=64
|
|
options kvm_amd avic=1
|
|
'';
|
|
};
|
|
services.udev.extraRules = ''
|
|
SUBSYSTEM=="kvmfr", GROUP="kvm", MODE="0660"
|
|
'';
|
|
environment.systemPackages = [pkgs.looking-glass-client];
|
|
virtualisation.libvirtd.hooks.qemu = {
|
|
"isolatecpu.sh" =
|
|
pkgs.writeShellScript "isolatecpu.sh"
|
|
''
|
|
#!/bin/sh
|
|
PIN="AllowedCPUs=8-15,24-31"
|
|
ALL="AllowedCPUs=0-31"
|
|
if [ "$2" = "started" ]; then
|
|
systemctl set-property --runtime -- system.slice $PIN
|
|
systemctl set-property --runtime -- user.slice $PIN
|
|
systemctl set-property --runtime -- init.scope $PIN
|
|
elif [ "$2" = "release" ]; then
|
|
systemctl set-property --runtime -- system.slice $ALL
|
|
systemctl set-property --runtime -- user.slice $ALL
|
|
systemctl set-property --runtime -- init.scope $ALL
|
|
fi
|
|
'';
|
|
};
|
|
}
|