I have a Bluetooth headset that I'd like to use with multiple VMs. Assigning the Bluetooth controller to each VM (at either the PCI or USB level) when I want to use that VM isn't an ideal solution because each VM needs a pairing key to secure the Bluetooth connection to the headset. If I copy the same pairing key to all of the VMs, then an attacker within Bluetooth range who had access to one VM could intercept the audio connection when I'm using the headset with a different VM. It might work to have each VM use a different Bluetooth device address and share a separate pairing key with the headset, but I'm liable to reach the headset's limit on number of paired devices.
So I'd like to try to implement a better solution: assigning the Bluetooth controller to one VM (call it the "AudioVM") and routing the Qubes master audio source and sink to that VM. I can think of two basic ways to do this: 1. Run all the pacat-simple-vchan processes in the AudioVM instead of Dom0. Will it just work for client VMs to specify the domain ID of the AudioVM when creating the vchan, or are there restrictions? A new protocol would be needed for Dom0 to control the lifecycle and the recording-allowed state of the pacat-simple-vchan processes. 2. Run one more module-vchan-sink / pacat-simple-vchan pair (but without recording restrictions) from Dom0 to the AudioVM. Might increase latency. Are there any issues I should be aware of before starting implementation? If I'm just doing this for myself, I'm inclined to try #2 first because it should require less new code and high latency isn't a big problem for me (as long as it's stable, which it has been so far: I play StepMania!). But if Qubes maintainers are interested in having the feature upstream and prefer #1, I'll do that instead. I found a previous thread about roughly the same problem. The author proposed approach #2, but apparently it wasn't implemented. https://groups.google.com/d/topic/qubes-users/GrN5OhCwttw/discussion Thanks, Matt -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/1497799022.4151.2.camel%40mattmccutchen.net. For more options, visit https://groups.google.com/d/optout.
