From de21bd266d484ba93375cb0598a04c93c04b29e4 Mon Sep 17 00:00:00 2001 From: Brian McGillion Date: Sun, 15 Feb 2026 12:16:10 +0400 Subject: [PATCH] fix: switch darp11-b to S3 deep sleep and harden PCI suspend S3 deep sleep fully powers down the PCIe bus, eliminating VFIO FLR config space corruption on the Intel BE200 WiFi after resume. Also add error handling to the pci-suspend path in power.nix, mirroring the existing resume fallback (VM restart on failure). Update vhotplug to include post-attach VID/DID verification. Signed-off-by: Brian McGillion --- flake.lock | 11 ++++++----- flake.nix | 2 +- modules/common/services/power.nix | 7 +++++-- targets/laptop/flake-module.nix | 8 ++++---- 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/flake.lock b/flake.lock index d5bfbef760..41e204d778 100644 --- a/flake.lock +++ b/flake.lock @@ -751,15 +751,16 @@ ] }, "locked": { - "lastModified": 1769806076, - "narHash": "sha256-i89OFmUj32fTi0xRa2Z8QywysIhIhY6sbpDHakiO43Y=", - "owner": "tiiuae", + "lastModified": 1771140376, + "narHash": "sha256-tYH0yVLL8/9/LmqAY130SAALlI7VqkcQzlXniKLbfwc=", + "owner": "brianmcgillion", "repo": "vhotplug", - "rev": "2fed6103e62fc5de1910cdb903f9016759926e09", + "rev": "5ab9cd560d027687975daeff7cef94d24d16feaf", "type": "github" }, "original": { - "owner": "tiiuae", + "owner": "brianmcgillion", + "ref": "fix-device-recheck", "repo": "vhotplug", "type": "github" } diff --git a/flake.nix b/flake.nix index 5d87a4fdfb..23b07176b7 100644 --- a/flake.nix +++ b/flake.nix @@ -186,7 +186,7 @@ # Hot-plugging USB devices into virtual machines vhotplug = { - url = "github:tiiuae/vhotplug"; + url = "github:brianmcgillion/vhotplug/fix-device-recheck"; inputs = { nixpkgs.follows = "nixpkgs"; flake-parts.follows = "flake-parts"; diff --git a/modules/common/services/power.nix b/modules/common/services/power.nix index de662600a2..8a5acfc4ec 100644 --- a/modules/common/services/power.nix +++ b/modules/common/services/power.nix @@ -153,8 +153,11 @@ let case "$action" in suspend) echo "Suspending PCI devices for $vm_name..." - vhotplugcli pci suspend --vm "$vm_name" - + if ! vhotplugcli pci suspend --vm "$vm_name"; then + echo "Failed to detach PCI devices for $vm_name. Please check the logs." + echo "Fallback: restarting $vm_name to ensure clean state before suspend..." + systemctl restart microvm@"$vm_name".service + fi ;; resume) echo "Resuming PCI devices for $vm_name..." diff --git a/targets/laptop/flake-module.nix b/targets/laptop/flake-module.nix index 20e6941b6c..c19d3b54d6 100644 --- a/targets/laptop/flake-module.nix +++ b/targets/laptop/flake-module.nix @@ -276,7 +276,7 @@ let extraConfig = { reference.profiles.mvp-user-trial.enable = true; partitioning.disko.enable = true; - services.power-manager.suspend.mode = "s2idle"; + services.power-manager.suspend.mode = "deep"; # Enable PCI ACS override to split IOMMU groups # Needed to separate Ethernet (8086:550a) from Audio devices hardware.passthrough.pciAcsOverride = { @@ -310,7 +310,7 @@ let extraConfig = { reference.profiles.mvp-user-trial.enable = true; partitioning.disko.enable = true; - services.power-manager.suspend.mode = "s2idle"; + services.power-manager.suspend.mode = "deep"; virtualization.microvm.storeOnDisk = true; hardware.passthrough.pciAcsOverride = { enable = true; @@ -531,7 +531,7 @@ let extraConfig = { reference.profiles.mvp-user-trial.enable = true; partitioning.disko.enable = true; - services.power-manager.suspend.mode = "s2idle"; + services.power-manager.suspend.mode = "deep"; hardware.passthrough.pciAcsOverride = { enable = true; ids = [ "8086:550a" ]; @@ -562,7 +562,7 @@ let extraConfig = { reference.profiles.mvp-user-trial.enable = true; partitioning.disko.enable = true; - services.power-manager.suspend.mode = "s2idle"; + services.power-manager.suspend.mode = "deep"; virtualization.microvm.storeOnDisk = true; hardware.passthrough.pciAcsOverride = { enable = true;