Enable PCI_HOTPLUG
Fabrizio Romano Genovese
As in
https://github.com/QubesOS/qubes-issues/issues/1673
It looks like PCI Hotplug is disabled by default in Qubes. I just bought a new laptop with thunderbolt port, and I really need PCI hotplug since I attach and detach it from my dockstation multiple times per day.
I am aware of the risks of having PCI hotplug enabled, but I do not take my PC out of my house very often, so it is in general quite difficult for someone to have physical access to it. Moreover, I also use thunderbird port blockers (that are just some plastic caps that you stick into your port and can't take out without a particular key). Obviously this solution is still not 100% secure but, all things considered, it is enough for my use case.
So, how do I enable PCI hotplug? Do I have to manually compile the kernel? I'm a total noob when it comes to this sort of things so if someone could at least redirect me to a guide to do this I'd really appreciate it!
Cheers,
Fab
Connor Page
fabr...@statebox.io
Sorry for the very late reply, I just started looking again at this problem now. Well, I am not asking to change how Qubes is, I know that enabling PCI hotplug can be very dangerous in some contexts.
What I'd like to have is just some suggestions about how to enable it for myself. Looking around it looks like the only real way to do this is to recompile the kernel, which I believe to be quite difficult for me.
I do believe that when the Qubes team takes decisions that can be very problematic for some users (like this one or, say, disabling bluetooth by default etc), even if it is in their own interest, it would be nice to sketch a guide detailing how to get those features back if needed.
I understand that this is time consuming and people here have much more important stuff to do, and I am more than willing to write such guide myself. But I need at least to be pointed out in the right direction since, frankly, I don't even know where to begin... :/
Fab