Releases: IntelLabs/kafl.linux
Prebuild host kernel package for kvm-nyx-6.8
Generated kernel packages for kvm-nyx-6.8
This release is now based on Ubuntu 22.04 kernel config (6.5.0-27-generic).
See the build-deb.yml workflow for more information.
Configuration tweaks:
# disable kernel signature
./scripts/config --disable SYSTEM_TRUSTED_KEYS
./scripts/config --disable SYSTEM_REVOCATION_KEYS
# compress debug info (otherwise might fail with 'no space left on device' on the runnner)
./scripts/config --enable DEBUG_INFO_COMPRESSED
# enable KVM
./scripts/config --module CONFIG_KVM
# enable Nyx
./scripts/config --enable CONFIG_KVM_NYX
# tweak locaversion
./scripts/config --set-str CONFIG_LOCALVERSION -nyxPrebuild host kernel package for kafl/sdv-6.1 (v3)
kafl/sdv-6.1-3 ci: fix using contains function
Prebuild host kernel package for kafl/sdv-6.1-2
ci: fix using contains function
Prebuild host kernel package for kafl/sdv-6.1
ci: fix forbidden slash character in artifact name
Prebuild host kernel package for kvm-nyx-6.0
Generated kernel packages for kvm-nyx-6.0
This release is now based on Ubuntu 22.04 kernel config (5.15.0-25-generic).
See the build-deb.yml workflow for more information.
Configuration tweaks:
# disable kernel signature
./scripts/config --disable SYSTEM_TRUSTED_KEYS
./scripts/config --disable SYSTEM_REVOCATION_KEYS
# compress debug info (otherwise might fail with 'no space left on device' on the runnner)
./scripts/config --enable DEBUG_INFO_COMPRESSED
# enable KVM
./scripts/config --module CONFIG_KVM
# enable Nyx
./scripts/config --enable CONFIG_KVM_NYX
# tweak locaversion
./scripts/config --set-str CONFIG_LOCALVERSION -nyxPrebuild host kernel package for gvtd/kvm-nyx-5.10.73
KVM-Nyx variant with backported fixes for GVT-d / VFIO passthrough.
- Kernel config based on Ubuntu generic
- enable xfs, btrfs to support more systems
- set CONFIG_LOCALVERSION="-kafl-gvtd"
Packaged on Debian 11/bullseye, should work fine on recent Ubuntu and Debian.
To verify successful boot:
uname -r
> 5.10.73-kafl-gvtd+
dmesg|grep KVM
> [ 3.928626] [KVM-NYX] Info: CPU is supported!
> [ 3.928629] [KVM-NYX] Info: LVT PMI handler registrated!
Prebuild host kernel package for kafl/sdv-5.6-rc1 (v3)
Prebuild host kernel for kafl/sdv-5.6-rc1 v3 (SDV + kAFL patches)
Changes:
- fix register clobbing when returning from SEAM after snapshot
- enable xfs, btrfs to support more systems
- set CONFIG_LOCALVERSION="-tdfl3" to identify this release
As always:
- tested for recent Ubuntu and Debian distributions
- not tested for regular VM guests, only TDX SDV emulation
Manual installation:
sudo dpkg -i linux-image-5.6.0-rc1-tdfl+_5.6.0-rc1-tdfl+-15_amd64.deb
echo "options kvm-intel ve_injection=1 halt_on_triple_fault=1" | sudo tee /etc/modprobe.d/kvm-intel.conf
Check successful boot:
uname -a
> Linux tdx-fuzz0 5.6.0-rc1-tdfl3+ #2 SMP Mon Oct 31 17:40:13 PDT 2022 x86_64 x86_64 x86_64 GNU/Linux
dmesg|grep KVM
> [ 13.511804] [KVM-PT] Info: CPU is supported!
> [ 13.511805] [KVM-PT] Info: LVT PMI handler registrated!
Prebuild host kernel package for kafl/sdv-5.6-rc1-v2
Prebuild host kernel for kafl/sdv-5.6-rc1 (SDV + kAFL patches)
- config based on generic Ubuntu kernel, should work for most platforms
- tested for recent Ubuntu and Debian distributions
- not tested for regular KVM guests, only TDX SDV emulation
Putting all files for reference. Typically you just need linux-image:
sudo dpkg -i linux-image-5.6.0-rc1-tdfl+_5.6.0-rc1-tdfl+-15_amd64.debRemember to set ve_injection=1 in kvm-intel module options.
Prebuild host kernel package for kvm-nyx-5.10.73
Prebuild Linux kernel 5.10.73 with kAFL/Nyx patches.
- Build using generic Ubuntu kernel config + upstream KVM-Nyx sources
- Tested on recent Debian + Ubuntu (buster, bullseye, 20.04 and later)
- Publish complete kernel package here for easy install
Prebuild host kernel package for kafl/sdv-5.6-rc1
Prebuild host kernel for kafl/sdv-5.6-rc1 (SDV + kAFL patches)
- config based on generic Ubuntu kernel, should work for most platforms
- tested for recent Ubuntu and Debian distributions
- not tested for regular KVM guests, only TDX SDV emulation
Putting all files for reference. Typically you just need linux-image:
sudo dpkg -i linux-image-5.6.0-rc1-tdfl+_5.6.0-rc1-tdfl+-7_amd64.debRemember to set ve_injection=1 in kvm-intel module options.