When ever I launch steam from the terminal I get this message in the logs
MESA-INTEL: warning: Performance support disabled, consider sysctl dev.i915.perf_stream_paranoid=0
Why does steam want me to run this? My best guess is its some mitigation for a vulnerability that isn’t necessary but decreases performance.
How do I do this from my configuration.nix?
do i put dev.i915.perf_stream_paranoid=0 in boot.kernelParams ?
Steam couldn’t care less, it’s your graphics driver (mesa-intel) that’s warning you that something is trying to use a kernel interface that it’s not allowed to. And helpfully suggesting a command to permit it.
It’s basically a “Some program is trying to read your passwords. Allow?”, excellent UX design.
Kind of, it allows programs to look at performance data, i.e. very accurately measure things like CPU usage over a period of time. There’s some docs (including a nice explanation of the risks) here: Perf events and tool security — The Linux Kernel documentation
It potentially allows side channel attacks for exploits like spectre/meltdown and should therefore not be enabled most of the time.
That said, this particular setting only affects your GPU, which makes the risk of exposing anything sensitive quite low (because, well, encryption keys almost never make it into the GPU).
On the other hand, I have no clue why games would be trying to use this interface, so it’s probably not necessary either? My best guess is that your FPS counters in some games might be imperceivably less accurate. Or maybe steam’s hardware survey will have less info.
I probably would leave it disabled unless I noticed anything being wrong. I also wouldn’t lose any sleep over enabling it.
You can use boot.kernel.sysctl.
I think for this to work you also need to have early KMS set up, but I think that’s the default for intel drivers. If adding that sysctl setting doesn’t work feel free to check back.
Thank you for the explanation.
boot.kernel.sysctl = { “dev.i915.perf_stream_paranoid” = 0; }; does not work. I have a feeling it might be syntax errors. Anyway I will update tomorrow its getting late.
Sorry for not giving any update, I got distracted and never got to testing it out but I think the line syntax is correct. If i run the command launch steam gets rid of that line but that is impure and doesn’t stay after reboot, I think i might look into kernel modules as there is some other stuff i want with kernel modules but I’m on intel so they should be working
You can check if it’s actually disabled with sudo sysctl dev.i915.perf_stream_paranoid. If that tells you 1, it’s not applied at boot.
yeah its not applied. I don’t know what early kms or how to confirm if it is working but I think it has something to do with modules and I have confirmed kernel modules are working and have manually reloaded one.
So this is how that option is actually applied: nixpkgs/nixos/modules/config/sysctl.nix at 44fc3cb097324c9f9f93313dd3f103e78d722968 · NixOS/nixpkgs · GitHub
I.e., there are configuration files in /etc/sysctl.d, one of which 60-nixos.conf, which should contain your sysctl option. systemd then applies those settings during boot with systemd-sysctl.service.
If there are errors, I think you should be able to see them with sudo systemctl status systemd-sysctl.service.
dmesg may also be helpful.
KMS is short for “kernel mode setting” - “mode setting” in turn is setting the resolution of your output. KMS refers to making the kernel do this, instead of a userspace process.
To prevent flickering due to resolution changes and enable prettier boot graphics, this is often done “early”, i.e., during the initramfs stage of the boot (i.e., before your actual system has loaded, instead in the system-loading-system that is just a ram snapshot of the kernel that is loaded directly into memory and responsible for mounting disks and stuff that you need to complete the rest of the boot).
This is relevant here, because the graphics driver needs to be loaded during initramfs for this to occur during initramfs. And since sysctl sets graphics driver settings, it must happen after the driver is loaded. I.e., if you don’t use early KMS, your sysctl settings are probably applied too early, and they don’t carry over into the running system. This is conjecture on my part, but I suspect that may be what’s happening (but check the systemd service first, and make sure the setting is actually in your config file).
I believed that the intel driver is set to load early by default (because unlike older/Nvidia drivers they just work when doing this). But if it is indeed not, you probably just need to add it to boot.initrd.kernelModules like so:
boot.initrd.kernelModules = [ "i915" ];
It worked here is the output before and after adding the option if you are interested
Loaded: loaded (/etc/systemd/system/systemd-sysctl.service; enabled; preset: enabled)
Drop-In: /nix/store/n5f7653i2bi71figcaw4346ffnvbypbq-system-units/systemd-sysctl.service.d
└─overrides.conf
Active: active (exited) since Fri 2022-10-21 08:55:54 CDT; 9h ago
Docs: man:systemd-sysctl.service(8)
man:sysctl.d(5)
Main PID: 517 (code=exited, status=0/SUCCESS)
CPU: 5ms
Oct 21 08:55:54 nixos systemd[1]: Starting Apply Kernel Variables...
Oct 21 08:55:54 nixos systemd[1]: Finished Apply Kernel Variables.
Loaded: loaded (/etc/systemd/system/systemd-sysctl.service; enabled; preset: enabled)
Drop-In: /nix/store/n5f7653i2bi71figcaw4346ffnvbypbq-system-units/systemd-sysctl.service.d
└─overrides.conf
Active: active (exited) since Fri 2022-10-21 17:57:24 CDT; 6min ago
Docs: man:systemd-sysctl.service(8)
man:sysctl.d(5)
Process: 652 ExecStart=/nix/store/wv5321690mvbf1da065dg53h7drcdl9z-systemd-251.4/lib/systemd/systemd-sysctl (code=exited, status=0/SUCCESS)
Main PID: 652 (code=exited, status=0/SUCCESS)
IP: 0B in, 0B out
CPU: 18ms
Oct 21 17:57:24 nixos systemd[1]: Starting Apply Kernel Variables...
Oct 21 17:57:24 nixos systemd[1]: Finished Apply Kernel Variables.
1 Like
Interesting! Well, today I learned we don’t have an option for early KMS.