Spoofing CPUID Results in the Linux-Stubdom Crashing

[dylangerdaly]

Qubes OS version
R4.0

Affected component(s) or functionality
Linux Stub-dom

Brief summary
If you have Xen Spoof the CPU ID (XenVMMXenVMM to ZenVMMZenVMM) the Linux-Stubdom Crashes.

To Reproduce
Spoof the CPU ID and start an HVM appVM

How?

Apply these patches to vmm-xen and core-libvirt
https://gist.github.com/dylangerdaly/2ec8172116e63fd56feb0cf95f4d5a69
https://gist.github.com/dylangerdaly/74be3f316ce8f0ddfb27b0202aa5ec2d

Expected behavior
The VM to boot without crashing

Actual behavior
The Stubdomain Crashes causing the HVM to not boot.

Screenshots
Xen Hypervisor Log: https://imgur.com/a/wE7E3Dj
Stubdom Console Log: https://pastebin.com/fsX2bhh3

Additional context
Would be useful to get this working for Nvidia GPU Pass-through to HVMs

Solutions you've tried
Using MiniOS Stubdom dosen't work and will likely be removed from later Qubes Releases.

Relevant documentation you've consulted
A list of links to the Qubes documentation (or other relevant software documentation) pages you have already consulted.

Related, non-duplicate issues
A list of links to other bug reports, feature requests, or tasks in the qubes-issues tracker. Do not describe any other unreported bugs, features, or tasks here.

[marmarek]

Do you have some more of this hypervisor message?

[dylangerdaly]

That's all it gives me, maybe I can compile Xen to be verbose?

[marmarek]

Yes, set CONFIG_DEBUG=y in qubes-src/vmm-xen/config. CONFIG_FRAME_POINTER=y may also be useful.

[dylangerdaly]

Is it worth waiting for Xen 4.12 release? Or directly working on 4.12/Qubes 4.1?

All of these patches are applying to Xen 4.8

[marmarek]

Generally, it's better to develop new xen patches on top of latest development version and then possibly backport to older version.
That said, it isn't easy to get Qubes 4.1 working setup yet...

[dylangerdaly]

Roger that, I think I'll wait until it's possible to get a "stable" Qubes 4.1 Dev Environment (Assuming 4.1 will be using Xen 4.12)

Maybe they've made it easier for spoofing the CPUID in 4.12?

[marmarek]

In the meantime, there are testable images of Qubes 4.1, you can build it yourself or download from openqa.qubes-os.org (look for 4.1 build in the top section). Some more context and links in #5529

[khmartinsen]

I also tried patching Xen following what @dylangerdaly did but on a test image of 4.1 and had issues with libxl where no vms were able to launch.

What resources are there to learn more about the linux stub domain? I couldnt find much information related to it and pci passthrough.
Is there anywhere else people are working on doing this?

[github-actions]

This issue is being closed because:

• This issue is on the "Release 4.0 updates" milestone.
• Qubes OS 4.0 reached EOL (end-of-life) over one year ago.
• There has not been any activity on this issue in over one year.

If anyone believes that this issue should be reopened and reassigned to an active milestone, please leave a brief comment.
(For example, if a bug still affects Qubes OS 4.1, then the comment "Affects 4.1" will suffice.)