In Nixpkgs kernels, Intel IOMMUs are disabled by default (CONFIG_INTEL_IOMMU_DEFAULT_ON=n), so it needs to be explicitly enabled on the kernel command line. This was already done in the rootfs run make target, which is what I mostly use for testing, which is why I hadn't noticed until now. We could also set CONFIG_INTEL_IOMMU_DEFAULT_ON, but I think it's better to avoid changing our kernel configuration too much at the moment. (This might change in future if we want to go all in.) No changes are required for AMD IOMMUs, which are enabled by default. Reported-by: Vadim Likholetov <vadim.likholetov@unikie.com> Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/initramfs/Makefile | 2 +- img/live/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/host/initramfs/Makefile b/host/initramfs/Makefile index 1bdc407..596b15e 100644 --- a/host/initramfs/Makefile +++ b/host/initramfs/Makefile @@ -67,7 +67,7 @@ run: build/initramfs build/rootfs.verity.roothash build/live.img $(QEMU_KVM) -m 4G \ -kernel $(KERNEL) \ -initrd build/initramfs \ - -append "ro console=ttyS0 ext=vda roothash=$$(< build/rootfs.verity.roothash)" \ + -append "ro console=ttyS0 ext=vda intel_iommu=on roothash=$$(< build/rootfs.verity.roothash)" \ -cpu host \ -display gtk,gl=on \ -device virtio-vga-gl \ diff --git a/img/live/Makefile b/img/live/Makefile index 9815c88..f13dd26 100644 --- a/img/live/Makefile +++ b/img/live/Makefile @@ -26,7 +26,7 @@ build/spectrum.conf: build/rootfs.verity.roothash printf "title Spectrum\n" > $@ printf "linux /spectrum/linux\n" >> $@ printf "initrd /spectrum/initrd\n" >> $@ - printf "options ro console=tty console=ttyS0 roothash=" >> $@ + printf "options ro console=tty console=ttyS0 intel_iommu=on roothash=" >> $@ cat build/rootfs.verity.roothash >> $@ build/boot.fat: $(KERNEL) $(INITRAMFS) $(SYSTEMD_BOOT_EFI) build/spectrum.conf -- 2.37.1