My laptop (Lenovo P51) works fantastically with QubesOS. It has two GPUs: Intel integrated graphics and a discrete NVIDIA card. For gaming, I am interested in pass-through of one (NOT both) to a VM.
I believe that the integrated graphics controls the internal monitor, and that all external monitors are connected to the dedicated graphics card. Can someone confirm this, and can this be changed? I will not give another VM control of my primary display, for obvious reasons. I also consider the VM that I would like to give GPU access to to be highly untrustworthy and potentially compromised, since it will be running untrustworthy games. My current plan is to give the gaming VM access to one monitor, while I use the other monitor for normal operation of QubesOS. My main questions are: * How feasible are firmware attacks on the graphics card, if I choose the NVIDIA card? I trust that the IOMMU will keep me safe from a compromised card, but only if the compromise does not persist across reboots. In the case of the integrated graphics, the GPU has no persistent storage, but I am nervous about possible compromise of the internal display, which would be fatal. For the dedicated graphics, I am worried that the graphics card’s firmware could be overwritten. Is this possible without PCI configuration space access? Finally, can NVIDIA cards work with PCI pass-through? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/237511cd-8456-4862-93b2-d84027689850%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
