├── .github └── workflows │ ├── build-sev.yml │ ├── build-tdx.yml │ ├── build-x86_64.yml │ ├── cross-build-aarch64.yml │ └── cross-build-riscv64.yml ├── .gitignore ├── CODEOWNERS ├── LICENSE-GPL-2.0-only ├── LICENSE-LGPL-2.1-only ├── Makefile ├── README.md ├── bin2cbundle.py ├── config-libkrunfw-sev_x86_64 ├── config-libkrunfw-tdx_x86_64 ├── config-libkrunfw_aarch64 ├── config-libkrunfw_riscv64 ├── config-libkrunfw_x86_64 ├── initrd └── initrd.gz ├── patches-tee ├── 0001-virtio-enable-DMA-API-if-memory-is-restricted.patch ├── 0002-x86-sev-write-AP-reset-vector.patch ├── 0003-Implement-driver-to-retrieve-secrets-from-cmdline.patch └── 0004-x86-sev-Avoid-using-native_cpuid.patch ├── patches ├── 0001-krunfw-Don-t-panic-when-init-dies.patch ├── 0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch ├── 0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch ├── 0004-vsock-refactor-transport-lookup-code.patch ├── 0005-vsock-support-multi-transport-datagrams.patch ├── 0006-vsock-make-vsock-bind-reusable.patch ├── 0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch ├── 0008-virtio-vsock-support-dgrams.patch ├── 0009-Transparent-Socket-Impersonation-implementation.patch ├── 0010-tsi-allow-hijacking-sockets-tsi_hijack.patch ├── 0011-arm64-cpufeature-Unify-SCOPE_LOCAL_CPU-early-late-be.patch ├── 0012-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch ├── 0013-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch ├── 0014-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch ├── 0015-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch ├── 0016-drm-virtio-Support-fence-passing-feature.patch ├── 0017-Enable-64-bit-processes-to-use-compat-input-syscalls.patch ├── 0018-dax-Allow-block-size-PAGE_SIZE.patch ├── 0019-mm-Fix-__wp_page_copy_user-fallback-path-for-remote-.patch ├── 0020-virtgpu-gem-partial-map.patch └── 0021-virtgpu-mixed-page-size.patch ├── qboot ├── sev │ └── bios.bin └── tdx │ └── bios.bin └── utils ├── Makefile ├── kernel_size_time.sh ├── krunfw_measurement.c └── vmsa.h /.github/workflows/build-sev.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/.github/workflows/build-sev.yml -------------------------------------------------------------------------------- /.github/workflows/build-tdx.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/.github/workflows/build-tdx.yml -------------------------------------------------------------------------------- /.github/workflows/build-x86_64.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/.github/workflows/build-x86_64.yml -------------------------------------------------------------------------------- /.github/workflows/cross-build-aarch64.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/.github/workflows/cross-build-aarch64.yml -------------------------------------------------------------------------------- /.github/workflows/cross-build-riscv64.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/.github/workflows/cross-build-riscv64.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/.gitignore -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @MatiasVara @slp @tylerfanelli 2 | -------------------------------------------------------------------------------- /LICENSE-GPL-2.0-only: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/LICENSE-GPL-2.0-only -------------------------------------------------------------------------------- /LICENSE-LGPL-2.1-only: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/LICENSE-LGPL-2.1-only -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/README.md -------------------------------------------------------------------------------- /bin2cbundle.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/bin2cbundle.py -------------------------------------------------------------------------------- /config-libkrunfw-sev_x86_64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/config-libkrunfw-sev_x86_64 -------------------------------------------------------------------------------- /config-libkrunfw-tdx_x86_64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/config-libkrunfw-tdx_x86_64 -------------------------------------------------------------------------------- /config-libkrunfw_aarch64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/config-libkrunfw_aarch64 -------------------------------------------------------------------------------- /config-libkrunfw_riscv64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/config-libkrunfw_riscv64 -------------------------------------------------------------------------------- /config-libkrunfw_x86_64: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/config-libkrunfw_x86_64 -------------------------------------------------------------------------------- /initrd/initrd.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/initrd/initrd.gz -------------------------------------------------------------------------------- /patches-tee/0001-virtio-enable-DMA-API-if-memory-is-restricted.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches-tee/0001-virtio-enable-DMA-API-if-memory-is-restricted.patch -------------------------------------------------------------------------------- /patches-tee/0002-x86-sev-write-AP-reset-vector.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches-tee/0002-x86-sev-write-AP-reset-vector.patch -------------------------------------------------------------------------------- /patches-tee/0003-Implement-driver-to-retrieve-secrets-from-cmdline.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches-tee/0003-Implement-driver-to-retrieve-secrets-from-cmdline.patch -------------------------------------------------------------------------------- /patches-tee/0004-x86-sev-Avoid-using-native_cpuid.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches-tee/0004-x86-sev-Avoid-using-native_cpuid.patch -------------------------------------------------------------------------------- /patches/0001-krunfw-Don-t-panic-when-init-dies.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0001-krunfw-Don-t-panic-when-init-dies.patch -------------------------------------------------------------------------------- /patches/0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0002-krunfw-Ignore-run_cmd-on-orderly-reboot.patch -------------------------------------------------------------------------------- /patches/0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0003-vsock-dgram-generalize-recvmsg-and-drop-transport-dg.patch -------------------------------------------------------------------------------- /patches/0004-vsock-refactor-transport-lookup-code.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0004-vsock-refactor-transport-lookup-code.patch -------------------------------------------------------------------------------- /patches/0005-vsock-support-multi-transport-datagrams.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0005-vsock-support-multi-transport-datagrams.patch -------------------------------------------------------------------------------- /patches/0006-vsock-make-vsock-bind-reusable.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0006-vsock-make-vsock-bind-reusable.patch -------------------------------------------------------------------------------- /patches/0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0007-virtio-vsock-add-VIRTIO_VSOCK_F_DGRAM-feature-bit.patch -------------------------------------------------------------------------------- /patches/0008-virtio-vsock-support-dgrams.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0008-virtio-vsock-support-dgrams.patch -------------------------------------------------------------------------------- /patches/0009-Transparent-Socket-Impersonation-implementation.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0009-Transparent-Socket-Impersonation-implementation.patch -------------------------------------------------------------------------------- /patches/0010-tsi-allow-hijacking-sockets-tsi_hijack.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0010-tsi-allow-hijacking-sockets-tsi_hijack.patch -------------------------------------------------------------------------------- /patches/0011-arm64-cpufeature-Unify-SCOPE_LOCAL_CPU-early-late-be.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0011-arm64-cpufeature-Unify-SCOPE_LOCAL_CPU-early-late-be.patch -------------------------------------------------------------------------------- /patches/0012-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0012-prctl-Introduce-PR_-SET-GET-_MEM_MODEL.patch -------------------------------------------------------------------------------- /patches/0013-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0013-arm64-Implement-PR_-GET-SET-_MEM_MODEL-for-always-TS.patch -------------------------------------------------------------------------------- /patches/0014-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0014-arm64-Introduce-scaffolding-to-add-ACTLR_EL1-to-thre.patch -------------------------------------------------------------------------------- /patches/0015-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0015-arm64-Implement-Apple-IMPDEF-TSO-memory-model-contro.patch -------------------------------------------------------------------------------- /patches/0016-drm-virtio-Support-fence-passing-feature.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0016-drm-virtio-Support-fence-passing-feature.patch -------------------------------------------------------------------------------- /patches/0017-Enable-64-bit-processes-to-use-compat-input-syscalls.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0017-Enable-64-bit-processes-to-use-compat-input-syscalls.patch -------------------------------------------------------------------------------- /patches/0018-dax-Allow-block-size-PAGE_SIZE.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0018-dax-Allow-block-size-PAGE_SIZE.patch -------------------------------------------------------------------------------- /patches/0019-mm-Fix-__wp_page_copy_user-fallback-path-for-remote-.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0019-mm-Fix-__wp_page_copy_user-fallback-path-for-remote-.patch -------------------------------------------------------------------------------- /patches/0020-virtgpu-gem-partial-map.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0020-virtgpu-gem-partial-map.patch -------------------------------------------------------------------------------- /patches/0021-virtgpu-mixed-page-size.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/patches/0021-virtgpu-mixed-page-size.patch -------------------------------------------------------------------------------- /qboot/sev/bios.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/qboot/sev/bios.bin -------------------------------------------------------------------------------- /qboot/tdx/bios.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/qboot/tdx/bios.bin -------------------------------------------------------------------------------- /utils/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/utils/Makefile -------------------------------------------------------------------------------- /utils/kernel_size_time.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/utils/kernel_size_time.sh -------------------------------------------------------------------------------- /utils/krunfw_measurement.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/utils/krunfw_measurement.c -------------------------------------------------------------------------------- /utils/vmsa.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/containers/libkrunfw/HEAD/utils/vmsa.h --------------------------------------------------------------------------------