From 15f2fd623670438624b311813b0353bf036cc875 Mon Sep 17 00:00:00 2001
From: Vunny Sodhi <vunny.sodhi@unikie.com>
Date: Fri, 30 Aug 2024 09:16:40 +0300
Subject: [PATCH] gui-vm: Enable GPU acceleration

This patch will enable hardware accelerated display
for renderering along with media hardware codecs.
Also we are patching Intel i915 driver in gui-vm to
avoid reserving Intel graphics memory during boot
time which in turn fixes DMA Fault error on the
ghaf-host.

Signed-off-by: Vunny Sodhi <vunny.sodhi@unikie.com>
---
 REUSE.toml                                    |  1 +
 modules/desktop/profiles/graphics.nix         | 13 +++++++--
 .../lenovo-x1/definitions/x1-gen11.nix        |  2 +-
 ...serve-stolen-memory-for-GPU-passthro.patch | 27 +++++++++++++++++
 .../microvm/virtualization/microvm/guivm.nix  | 29 ++++++++++++++++---
 5 files changed, 64 insertions(+), 8 deletions(-)
 create mode 100644 modules/microvm/virtualization/microvm/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch

diff --git a/REUSE.toml b/REUSE.toml
index bc599fa34..1d5a9f89c 100644
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -104,6 +104,7 @@ path = [
 	"modules/jetpack-microvm/*.patch",
 	"modules/jetpack/nvidia-jetson-orin/virtualization/passthrough/uarti-net-vm/patches/net_vm_dtb_with_uarti.patch",
 	"modules/common/virtualization/pkvm/0001-pkvm-enable-pkvm-on-intel-x86-6.1-lts.patch",
+	"modules/microvm/virtualization/microvm/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch",
 ]
 
 [[annotations]]
diff --git a/modules/desktop/profiles/graphics.nix b/modules/desktop/profiles/graphics.nix
index 426a908b7..b98ea90a6 100644
--- a/modules/desktop/profiles/graphics.nix
+++ b/modules/desktop/profiles/graphics.nix
@@ -38,7 +38,7 @@ in
     };
     renderer = lib.mkOption {
       type = lib.types.enum renderers;
-      default = "pixman";
+      default = "gles2";
       description = ''
         Which wlroots renderer to use.
 
@@ -74,12 +74,19 @@ in
   };
 
   config = mkIf cfg.enable {
-    hardware.graphics.enable = true;
+    hardware.graphics = {
+      enable = true;
+      extraPackages = mkIf pkgs.stdenv.hostPlatform.isx86 [ pkgs.intel-media-driver ];
+    };
     environment.noXlibs = false;
     environment.sessionVariables = {
       WLR_RENDERER = cfg.renderer;
       XDG_SESSION_TYPE = "wayland";
-      WLR_NO_HARDWARE_CURSORS = 1;
+      WLR_NO_HARDWARE_CURSORS = if (cfg.renderer == "pixman") then 1 else 0;
+      # 24 is default value set in labwc
+      XCURSOR_SIZE = 24;
+      # To Fix "Fontconfig error : No writable cache directories" during new session login
+      XDG_CACHE_HOME = "$(mktemp -d)";
       XKB_DEFAULT_LAYOUT = "us,ara,fi";
       XKB_DEFAULT_OPTIONS = "grp:alt_shift_toggle";
       # Set by default in labwc, but possibly not in other compositors
diff --git a/modules/hardware/lenovo-x1/definitions/x1-gen11.nix b/modules/hardware/lenovo-x1/definitions/x1-gen11.nix
index ea9e01323..3c9aae697 100644
--- a/modules/hardware/lenovo-x1/definitions/x1-gen11.nix
+++ b/modules/hardware/lenovo-x1/definitions/x1-gen11.nix
@@ -15,7 +15,7 @@
     kernelConfig.kernelParams = [
       "intel_iommu=on,sm_on"
       "iommu=pt"
-      "module_blacklist=i915" # Prevent i915 module from being accidentally used by host
+      "module_blacklist=i915,xe" # Prevent i915,xe modules from being accidentally used by host
       "acpi_backlight=vendor"
       "acpi_osi=linux"
     ];
diff --git a/modules/microvm/virtualization/microvm/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch b/modules/microvm/virtualization/microvm/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch
new file mode 100644
index 000000000..cfca3b908
--- /dev/null
+++ b/modules/microvm/virtualization/microvm/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch
@@ -0,0 +1,27 @@
+From 13c0345fc3e5ed8b6c28d1f272bb2630881d4714 Mon Sep 17 00:00:00 2001
+From: Vunny Sodhi <vunny.sodhi@unikie.com>
+Date: Thu, 29 Aug 2024 19:46:24 +0300
+Subject: [PATCH] x86/gpu: Don't reserve stolen memory for GPU passthrough
+
+Signed-off-by: Vunny Sodhi <vunny.sodhi@unikie.com>
+---
+ arch/x86/kernel/early-quirks.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/arch/x86/kernel/early-quirks.c b/arch/x86/kernel/early-quirks.c
+index 59f4aefc6..3b735eea9 100644
+--- a/arch/x86/kernel/early-quirks.c
++++ b/arch/x86/kernel/early-quirks.c
+@@ -596,6 +596,9 @@ static void __init intel_graphics_quirks(int num, int slot, int func)
+ 	u16 device;
+ 	int i;
+ 
++	// Nothing to do for GPU passthrough case
++	return;
++
+ 	/*
+ 	 * Reserve "stolen memory" for an integrated GPU.  If we've already
+ 	 * found one, there's nothing to do for other (discrete) GPUs.
+-- 
+2.40.1
+
diff --git a/modules/microvm/virtualization/microvm/guivm.nix b/modules/microvm/virtualization/microvm/guivm.nix
index c86ff6222..fde58eea4 100644
--- a/modules/microvm/virtualization/microvm/guivm.nix
+++ b/modules/microvm/virtualization/microvm/guivm.nix
@@ -110,7 +110,12 @@ let
               ]
               ++ (lib.optional (
                 config.ghaf.profiles.debug.enable && config.ghaf.virtualization.microvm.idsvm.mitmproxy.enable
-              ) pkgs.mitmweb-ui);
+              ) pkgs.mitmweb-ui)
+              # Packages for checking hardware acceleration
+              ++ lib.optionals config.ghaf.profiles.debug.enable [
+                pkgs.glxinfo
+                pkgs.libva-utils
+              ];
           };
 
           time.timeZone = config.time.timeZone;
@@ -190,6 +195,7 @@ let
   buildKernel = import ../../../../packages/kernel { inherit config pkgs lib; };
   config_baseline = ../../../hardware/x86_64-generic/kernel/configs/ghaf_host_hardened_baseline-x86;
   guest_graphics_hardened_kernel = buildKernel { inherit config_baseline; };
+
 in
 {
   options.ghaf.virtualization.microvm.guivm = {
@@ -230,9 +236,24 @@ in
     microvm.vms."${vmName}" = {
       autostart = true;
       config = guivmBaseConfiguration // {
-        boot.kernelPackages = lib.mkIf config.ghaf.guest.kernel.hardening.graphics.enable (
-          pkgs.linuxPackagesFor guest_graphics_hardened_kernel
-        );
+        boot.kernelPackages =
+          if config.ghaf.guest.kernel.hardening.graphics.enable then
+            pkgs.linuxPackagesFor guest_graphics_hardened_kernel
+          else
+            # TODO: with pkgs.linuxPackages_latest (6.10.2) default brightness
+            # value of ghaf system will change from 96000 (max brightness) to
+            # 4800 (5% of max brightness) which need to be debugged
+            # so, currently align Kernel version which is used by ghaf-host
+            config.boot.zfs.package.latestCompatibleLinuxPackages;
+
+        # We need this patch to avoid reserving Intel graphics stolen memory for vm
+        # https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12103
+        boot.kernelPatches = [
+          {
+            name = "gpu-passthrough-fix";
+            patch = ./0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch;
+          }
+        ];
 
         imports = guivmBaseConfiguration.imports ++ cfg.extraModules;
       };