Unman:
On Mon, Oct 22, 2018 at 10:40:23AM -0300, Franz wrote:
On Mon, Oct 22, 2018 at 10:29 AM unman <un...@thirdeyesecurity.org> wrote:
On Mon, Oct 22, 2018 at 09:13:46AM -0300, Franz wrote:
On Mon, Oct 22, 2018 at 12:42 AM taii...@gmx.com <taii...@gmx.com>
wrote:
No it won't.
Expresscard > PCI-e
PCI anything WILL NOT WORK - ALL IN SAME IOMMU GROUP.
Save money buy one marketed for egpu gaming for $100 or so from bplus
tech taiwan - expresscard>pci-e then buy a Sonnet Allegro Pro which is
4
separate USB controllers which will work fine AS LONG AS YOUR LAPTOPS
ROOT PORTS SUPPORT ACS otherwise it won't work they will all be the
same
group. I have no idea what laptops do however.
It seems my processor i7 3520m does not support ACS. So this should mean
that even if I use 4 different PCI cards, in the best case scenario they
can only be assigned to the same VM.
On the same laptop Lenovo x230 a similar problem was that it has two
native
USB controllers, but there is some connection between them so that they
can
only be assigned to the same VM.
Not in my experience with x230. Three controllers, and you can separate
ports on Left and Right between two usbVM.
with 3.2 or 4?
I tried various times with 3.2 and it replies something like that it does
not want to do that because the two controllers are somehow connected and
therefore there is a security risk isolating them when they are not really
isolated.
But of course you understand all that much better than me Unman :-)
Blind leading the blind, I'm afraid.
This is with 4. I'll try it with 3.2.1 in the morning.
@taiidan- I based that from some code I saw in Xen that seemed to
support classic PCI passthrough. See also the last entry on this page
for example: https://wiki.xen.org/wiki/Xen_PCI_Passthrough. Agree it's
not the most secure approach with Qubes, if it works at all.
@franz- I think the warning you were getting on 3.2 was caused by strict
reset mode. 4.0 disables strict reset by default in sys-usb, IIRC. So
you might want to go ahead and try it by following the 3.2 no
strict-reset section in
https://www.qubes-os.org/doc/assigning-devices/#pci-passthrough-issues.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/f7aa2412-4f29-d667-2d95-fa00beace577%40danwin1210.me.
For more options, visit https://groups.google.com/d/optout.
