roots/wiki
1
0
Fork 0
Code Pull Requests Activity

reorganize the curated ressources file

Browse Source
This commit is contained in:
lukas 2021-06-23 17:12:01 +02:00
parent da2c511918
commit 58d942cafa
1 changed files with 385 additions and 436 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

821
ressources.md
View File

@ -10,35 +10,315 @@ dateCreated: 2021-06-23T12:36:12.051Z
# Curated ressources # Curated ressources
## Meta ## Hypervisors
* [Awesome Virtualization](https://github.com/Wenzel/awesome-virtualization), A curated list of awesome resources about virtualization ### KVM
## Communities * "kvmtool is a lightweight tool for hosting KVM guests. As a pure virtualization tool it only supports guests using the same architecture, though it supports running 32-bit guests on those 64-bit architectures that allow this." : https://github.com/kvmtool/kvmtool
* Sparkler: A KVM-based Virtual Machine Manager : https://unixism.net/2019/10/sparkler-kvm-based-virtual-machine-manager/
* https://www.linux-kvm.org/page/KVM_Features
* https://www.redhat.com/en/blog/all-you-need-know-about-kvm-userspace
* Using the KVM API https://lwn.net/Articles/658511/
* [2016] Performant Security Hardening of KVM by Steve Rutherford : https://www.youtube.com/watch?v=vj5PA_D03Vg
* To-do #### Nested-virtualization
## Unsorted * https://www.rdoxenham.com/?p=275
* https://docs.fedoraproject.org/en-US/quick-docs/using-nested-virtualization-in-kvm/
* (Mostly) Exitless VM Protection from Untrusted Hypervisor through Disaggregated Nested Virtualization : https://www.usenix.org/conference/usenixsecurity20/presentation/mi
* https://www.researchgate.net/publication/261020814_Architecture_support_for_guest-transparent_VM_protection_from_untrusted_hypervisor_and_physical_attacks
* Nested virtualization support on Intel HAXM: https://github.com/intel/haxm/issues/51
* [Index of Documentation for People Interested in Writing and/or Understanding the Linux Kernel](http://www.dit.upm.es/~jmseyas/linux/kernel/hackers-docs.html) ### CROSVM/KVM
## Books #### Spectrum OS
### On Linux * https://spectrum-os.org/
* https://github.com/sponsors/alyssais
* https://liberapay.com/qyliss/
* The Linux Command Line, 2nd Edition: A Complete Introduction ### QEMU/KVM
* Understanding the Linux Kernel 3e
* Linux System Programming 2ed * This is a port of QEMU machine emulator to JavaScript using Emscripten : https://github.com/atrosinenko/qemujs
* The Linux Programming Interface: A Linux and UNIX System Programming Handbook (English Edition) * Intel Hardware Accelerated Execution Manager (HAXM) : https://github.com/intel/haxm
#### On Fedora host
* [Virtualization Deployment and Administration Guide](https://docs.fedoraproject.org/en-US/Fedora_Draft_Documentation/0.1/html/Virtualization_Deployment_and_Administration_Guide/index.html)
#### On Unraid (Debian-based) host
* https://forums.unraid.net/topic/54834-video-guideall-about-docker-in-unraid-docker-principles-and-setup/
* https://forums.unraid.net/topic/84226-wireguard-quickstart/
* https://forums.unraid.net/topic/80251-unraid-beginners-tutorial/
* https://forums.unraid.net/topic/84316-wireguard-vpn-tunneled-access/
* https://forums.unraid.net/topic/84226-wireguard-quickstart/
* https://forums.unraid.net/topic/51230-video-guidehow-to-pass-through-an-nvidia-gpu-as-primary-or-only-gpu-in-unraid/
### QEMU
#### On macOS host
* Virtualizing OpenCore and x86 macOS on Apple Silicon (and even iOS!) https://khronokernel.github.io/apple/silicon/2021/01/17/QEMU-AS.html
* UTM App :
* https://mac.getutm.app/
* https://github.com/utmapp/UTM
### Cloud Hypervisor/KVM
* Docs ; https://github.com/cloud-hypervisor/cloud-hypervisor/tree/master/docs
* Cloud Hypervisor API : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/api.md
* Device model : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/device_model.md
* FUzzing : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/fuzzing.md
* Using MACVTAP to Bridge onto Host Network : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/macvtap-bridge.md
* Networking : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/networking.md
* UEFI Boot : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/uefi.md
* VFIO : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/vfio.md
---
## Virtual chipsets
* i440fx vs Q35 : https://www.reddit.com/r/VFIO/comments/5ireij/differencesbenefits_between_i440fx_and_q35/
### i440fx
### Q35
* https://wiki.qemu.org/Features/Q35
### microvm
### virt
## Emulated-devices
## Virtual-devices (Paravirtualization)
* [Virtual I/O Device (VIRTIO) specification, version 1.1](http://docs.oasis-open.org/virtio/virtio/v1.1/virtio-v1.1.html)
* Host device management with libvirt : https://libvirt.org/drvnodedev.html
### vfio-mdev
#### Nvidia
* https://reposhub.com/cpp/miscellaneous/DualCoder-vgpu_unlock.html
#### Intel GVT-g
* https://wiki.gentoo.org/wiki/User:Shunlir/Intel_GVT-g
* https://blog.tmm.cx/2020/05/15/passing-an-intel-gpu-to-a-linux-kvm-virtual-machine/
* https://blog.bepbep.co/posts/gvt/
* https://lantian.pub/en/article/modify-computer/laptop-intel-nvidia-optimus-passthrough.lantian/
* https://wiki.archlinux.org/title/Intel_GVT-g
### vfio-gpu
* Virglrenderer and the state of virtualized virtual worlds, 2019. https://www.collabora.com/news-and-blog/blog/2019/08/28/virglrenderer-state-of-virtualized-virtual-worlds/
* Virtualizing GPU Access https://www.collabora.com/news-and-blog/blog/2018/02/12/virtualizing-gpu-access/
* Android https://linuxhint.com/android_qemu_play_3d_games_linux/
* https://www.kraxel.org/blog/2016/09/using-virtio-gpu-with-libvirt-and-spice/
* https://src.fedoraproject.org/rpms/virglrenderer
* https://virtualgl.org/About/Introduction
* http://virgil3d.github.io/
* https://www.studiopixl.com/2017-08-27/3d-acceleration-using-virtio.html
* https://cgit.freedesktop.org/virglrenderer
* https://github.com/Keenuts/virtio-gpu-documentation
* https://at.projects.genivi.org/wiki/display/DIRO/VIRTIO+GPU+Operation+Highlights
* https://www.reddit.com/r/archlinux/comments/7nmceg/kvmqemu_with_virtiogpu_virgl_support_enabled/
* https://forums.unraid.net/topic/62276-gpu-virtualization-virtio-gpu-virgl-sr-iov-mxgpu-vdi-spice/
* http://events17.linuxfoundation.org/sites/events/files/slides/KVM%20Forum%202014%20-%20VFIO%2C%20OVMF%2C%20GPU%2C%20and%20You%20-%20Alex%20Williamson.pdf
* Virgil 3d project homepage : http://virgil3d.github.io/
* Introducing Virgil - 3D virtual GPU for qemu : https://airlied.livejournal.com/77553.html
* https://czak.pl/2020/04/09/three-levels-of-qemu-graphics.html
#### vfio-pci
* https://github.com/ekistece/Fedora-33-VFIO-guide/
* www.reddit.com/r/VFIO/comments/h9zijx/fedora_32_and_gpu_passthrough_vfio/
---
## Guests
### Android
* Building Android for Qemu: A Step-by-Step Guide https://www.collabora.com/news-and-blog/blog/2016/09/02/building-android-for-qemu-a-step-by-step-guide/
* Vfio for Android : https://github.com/robherring/generic_device/wiki
* adb cheat sheet : https://www.automatetheplanet.com/adb-cheat-sheet/
### Lakka
* Proxmox : https://forums.libretro.com/t/video-guide-how-to-install-lakka-as-a-vm-using-kvm-in-unraid/6319
### macOS kvm guest
* https://github.com/kholia/OSX-KVM
* https://github.com/yoonsikp/macos-kvm-pci-passthrough
* https://github.com/foxlet/macOS-Simple-KVM
* https://www.nicksherlock.com/2019/10/installing-macos-catalina-10-15-on-proxmox-6/
* Virgil 3D renderer for macos : https://mail.gnu.org/archive/html/qemu-devel/2021-02/msg04235.html
* OSX-KVM : https://gitlab.com/sanselme/OSX-KVM
### PS4
* Orbital : Virtualization-based PlayStation 4 emulator : https://github.com/AlexAltea/orbital
### Windows
* https://wiki.unraid.net/UnRAID_6/VM_Guest_Support
* "Additionally, in case you are using QEMU 4.0 (or higher) in combination with a Q35 chip, the flag ioapic driver='kvm' needs to be added in the features section (see excerpt marked blue)."
https://mathiashueber.com/fighting-error-43-nvidia-gpu-virtual-machine/
### Fedora
* fedora cloud images : https://alt.fedoraproject.org/cloud/
---
## GPU-related
### Modes of 3D acceleration in a VM explained
https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/
### Android
* Android GPU Compute Going Forward : https://android-developers.googleblog.com/2021/04/android-gpu-compute-going-forward.html?m=1
* GPU Emulation plans : https://groups.google.com/g/android-emulator-dev/c/9o8OZezxq9c?pli=1
### Single GPU passthrough
* https://github.com/cosminmocan/vfio-single-amdgpu-passthrough
* https://gitlab.com/Karuri/vfio
* https://github.com/bducha/single-gpu-passthrough
* bugs : https://gitlab.freedesktop.org/mesa/mesa/-/issues/2678
* Windows Gaming on Linux: Single GPU Passthrough Guide https://www.youtube.com/watch?v=3BxAaaRDEEw
---
## CPU-related
* QEMU / KVM CPU model configuration : https://qemu.readthedocs.io/en/latest/system/qemu-cpu-models.html
* My QEMU fork with pinning (affinity) support and a few tweaks. : https://github.com/saveriomiroddi/qemu-pinning
---
## Networking-related
### Bridge
* How To Create and Configure Bridge Networking For KVM in Linux : https://computingforgeeks.com/how-to-create-and-configure-bridge-networking-for-kvm-in-linux/
* https://docs.fedoraproject.org/en-US/Fedora/13/html/Virtualization_Guide/sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt.html
* Networking in Libvirt : https://wiki.libvirt.org/page/Networking
* https://lukas.zapletalovi.com/2015/09/fedora-22-libvirt-with-bridge.html
* How to Setup Bridge Networking with KVM on Ubuntu 20.04 : https://levelup.gitconnected.com/how-to-setup-bridge-networking-with-kvm-on-ubuntu-20-04-9c560b3e3991
### Bridge Wireless Cards
* https://shanetomlinson.com/bridging-a-wireless-card-in-kvmqemu/
* https://web.archive.org/web/20160821085327/http://blog.bodhizazen.net/linux/bridge-wireless-cards/
* https://gist.github.com/Jiab77/4cf278ac3ad59665969bdf73e083a847
* https://unix.stackexchange.com/questions/159191/setup-kvm-on-a-wireless-interface-on-a-laptop-machine
---
## Storage-related
### TRIM in VM
https://chrisirwin.ca/posts/discard-with-kvm/
### Drive options
https://heiko-sieger.info/qemu-system-x86_64-drive-options/
### Virtio-FS
https://www.tauceti.blog/post/qemu-kvm-share-host-directory-with-vm-with-virtio/
### RAW versus QCOW2
https://www.tutos.snatch-crash.fr/proxmox-raw-vs-qcow2-vs-vmdk/
### Snapshot of efi-based VM
* https://lists.gnu.org/archive/html/qemu-devel/2020-09/msg05221.html
* https://bugzilla.redhat.com/show_bug.cgi?id=1881850
## Boot-related firmware
### SeaBIOS versus edk2
* https://mail.coreboot.org/pipermail/seabios/2014-February/007689.html
## Hackintosh
* https://dortania.github.io/OpenCore-Install-Guide/installer-guide/linux-install.html#downloading-macos
---
## Security-related
### QCOW Encryption
* https://github.com/qemu/qemu/commit/12f7efd02ee4e7144b842a1437defb997b9ae66b
* https://libvirt.org/formatstorageencryption.html
* https://patchwork.kernel.org/project/qemu-devel/patch/20170210170910.8867-14-berrange@redhat.com/
* https://patchwork.kernel.org/project/qemu-devel/patch/20170126101827.22378-13-berrange@redhat.com/
* https://www.berrange.com/posts/2015/03/17/qemu-qcow2-built-in-encryption-just-say-no-deprecated-now-to-be-deleted-soon/
### Secure Boot
* https://www.kraxel.org/slides/virtual-secure-boot/#hands-on-libvirt
* [Openstack] Allow Secure Boot (SB) for QEMU- and KVM-based guests :
https://specs.openstack.org/openstack/nova-specs/specs/train/approved/allow-secure-boot-for-qemu-kvm-guests.html
### sVirt
* KVM and sVirt : http://www.virtualopensystems.com/en/solutions/guides/kvm-svirt-omap5/
* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/ch07s02
* sVirt: Hardening Linux Virtualization with Mandatory Access Control https://www.youtube.com/watch?v=1e1gHOBduuQ
### gVisor
### QEMU
* https://qemu.readthedocs.io/en/latest/system/security.html
### vTPM
* Virtual TPM (vTPM) : https://fossies.org/linux/qemu/docs/specs/tpm.rst
### Other ressources
* ERNW_Hardening_KVM : https://github.com/ernw/hardening/blob/master/hypervisor/kvm/ERNW_Hardening_KVM.md
* Security in QEMUHow Virtual Machines provide Isolation : https://vmsplice.net/~stefan/stefanha-kvm-forum-2018.pdf
* Qemu hardening with CT: https://www.redhat.com/en/blog/hardening-qemu-through-continuous-security-testing
* Thunderclap IOMMU Exploit : https://www.ndss-symposium.org/wp-content/uploads/ndss2019_05A-1_Markettos_slides.pdf
* https://www.computer.org/csdl/proceedings-article/hpca/2018/365901a441/12OmNzkMlRm
* https://ipads.se.sjtu.edu.cn/_media/publications/fidelius_hpca18.pdf
---
## Tools ## Tools
## Libvirt
* https://wiki.archlinux.org/title/Libvirt
### VMs management ### VMs management
* [Ignite from Weaveworks](https://github.com/weaveworks/ignite) * [Ignite from Weaveworks](https://github.com/weaveworks/ignite)
### Virt-* tools ### Virt-* tools
* 'virt-host-validate' to check whether QEMU and LXC are setup correctly
* virt-install --cloud-init support : https://blog.wikichoon.com/2020/09/virt-install-cloud-init.html
* virt-install and cloud-init : https://blog.wikichoon.com/2020/09/virt-install-cloud-init.html * virt-install and cloud-init : https://blog.wikichoon.com/2020/09/virt-install-cloud-init.html
* virt-builder and virsh : https://developer.fedoraproject.org/tools/virt-builder/about.html * virt-builder and virsh : https://developer.fedoraproject.org/tools/virt-builder/about.html
* virt-builder : https://www.admin-magazine.com/Articles/Generate-VM-Images-with-virt-builder * virt-builder : https://www.admin-magazine.com/Articles/Generate-VM-Images-with-virt-builder
@ -46,6 +326,7 @@ dateCreated: 2021-06-23T12:36:12.051Z
* https://www.golinuxcloud.com/virt-install-examples-kvm-virt-commands-linux/ * https://www.golinuxcloud.com/virt-install-examples-kvm-virt-commands-linux/
* virt* cheatsheet : https://www.cyberithub.com/virsh-commands-examples-virt-df-virt-top-kvm/ * virt* cheatsheet : https://www.cyberithub.com/virsh-commands-examples-virt-df-virt-top-kvm/
* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-guest_virtual_machine_installation_overview-creating_guests_with_virt_install * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-guest_virtual_machine_installation_overview-creating_guests_with_virt_install
* https://docs.fedoraproject.org/en-US/Fedora/23/html/Virtualization_Getting_Started_Guide/sec-Other-Useful-tools.html
### Kickstart ### Kickstart
@ -68,127 +349,86 @@ dateCreated: 2021-06-23T12:36:12.051Z
### YaST ### YaST
The best/only comprehensive Linux system configuration & installation tool : https://yast.opensuse.org/documentation * The best/only comprehensive Linux system configuration & installation tool : https://yast.opensuse.org/documentation
### Kiwi ### Kiwi
Create Linux images for deployment on real hardware, virtualisation, and now even container systems like Docker. Kiwi is the engine that builds the openSUSE release images. * "Create Linux images for deployment on real hardware, virtualisation, and now even container systems like Docker. Kiwi is the engine that builds the openSUSE release images."
* http://osinside.github.io/kiwi/self_contained.html
* http://osinside.github.io/kiwi/building_images/build_live_iso.html
* http://osinside.github.io/kiwi/building_images/build_simple_disk.html
* http://osinside.github.io/kiwi/building_images/build_kis.html
* http://osinside.github.io/kiwi/self_contained.html ---
* http://osinside.github.io/kiwi/building_images/build_live_iso.html
* http://osinside.github.io/kiwi/building_images/build_simple_disk.html
* http://osinside.github.io/kiwi/building_images/build_kis.html
## Virtual chipsets
### i440fx
### Q35
### microvm
### virt
## Devices
### Emulated
### Paravirtualization
* [Virtual I/O Device (VIRTIO) specification, version 1.1](http://docs.oasis-open.org/virtio/virtio/v1.1/virtio-v1.1.html)
#### vfio-mdev
#### vfio-gpu
## KVM hypervisors
### CROSVM/KVM
#### Spectrum OS
* https://github.com/sponsors/alyssais
* https://liberapay.com/qyliss/
* https://spectrum-os.org/
### QEMU/KVM
* QEMU / KVM CPU model configuration : https://qemu.readthedocs.io/en/latest/system/qemu-cpu-models.html
* This is a port of QEMU machine emulator to JavaScript using Emscripten : https://github.com/atrosinenko/qemujs
* My QEMU fork with pinning (affinity) support and a few tweaks. : https://github.com/saveriomiroddi/qemu-pinning
#### QEMU virtualization on Fedora host
* [Virtualization Deployment and Administration Guide](https://docs.fedoraproject.org/en-US/Fedora_Draft_Documentation/0.1/html/Virtualization_Deployment_and_Administration_Guide/index.html)
* https://docs.fedoraproject.org/en-US/Fedora/26/html/Installation_Guide/index.html
* fedora cloud images : https://alt.fedoraproject.org/cloud/
#### QEMU virtualization on macOS host
* Virtualizing OpenCore and x86 macOS on Apple Silicon (and even iOS!) https://khronokernel.github.io/apple/silicon/2021/01/17/QEMU-AS.html
* UTM App :
* https://mac.getutm.app/
* https://github.com/utmapp/UTM
### Cloud Hypervisor/KVM
* Docs ; https://github.com/cloud-hypervisor/cloud-hypervisor/tree/master/docs
* Cloud Hypervisor API : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/api.md
* Device model : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/device_model.md
* FUzzing : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/fuzzing.md
* Using MACVTAP to Bridge onto Host Network : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/macvtap-bridge.md
* Networking : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/networking.md
* UEFI Boot : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/uefi.md
* VFIO : https://github.com/cloud-hypervisor/cloud-hypervisor/blob/master/docs/vfio.md
## Guests
### Android
* adb cheat sheet : https://www.automatetheplanet.com/adb-cheat-sheet/
* Building Android for Qemu: A Step-by-Step Guide https://www.collabora.com/news-and-blog/blog/2016/09/02/building-android-for-qemu-a-step-by-step-guide/
* Vifio for Android : https://github.com/robherring/generic_device/wiki
### Lakka
* Proxmox : https://forums.libretro.com/t/video-guide-how-to-install-lakka-as-a-vm-using-kvm-in-unraid/6319
### macOS kvm guest
* https://github.com/kholia/OSX-KVM
* https://github.com/yoonsikp/macos-kvm-pci-passthrough
* https://github.com/foxlet/macOS-Simple-KVM
* https://www.nicksherlock.com/2019/10/installing-macos-catalina-10-15-on-proxmox-6/
* Virgil 3D renderer for macos : https://mail.gnu.org/archive/html/qemu-devel/2021-02/msg04235.html
* OSX-KVM : https://gitlab.com/sanselme/OSX-KVM
### PS4
* Orbital : Virtualization-based PlayStation 4 emulator : https://github.com/AlexAltea/orbital
## Themes
### GPU-related
#### Android
* Android GPU Compute Going Forward : https://android-developers.googleblog.com/2021/04/android-gpu-compute-going-forward.html?m=1
* GPU Emulation plans : https://groups.google.com/g/android-emulator-dev/c/9o8OZezxq9c?pli=1
#### Single GPU passthrough
* https://github.com/cosminmocan/vfio-single-amdgpu-passthrough
* https://gitlab.com/Karuri/vfio
* https://github.com/bducha/single-gpu-passthrough
* bugs : https://gitlab.freedesktop.org/mesa/mesa/-/issues/2678
## Guides ## Guides
* Great in-depth article : https://stewartadam.io/howtos/fedora-20/create-gaming-virtual-machine-using-vfio-pci-passthrough-kvm * Great in-depth article : https://stewartadam.io/howtos/fedora-20/create-gaming-virtual-machine-using-vfio-pci-passthrough-kvm
* UEFI ! https://blog.system76.com/post/139138591598/howto-uefi-qemu-guest-on-ubuntu-xenial-host * UEFI ! https://blog.system76.com/post/139138591598/howto-uefi-qemu-guest-on-ubuntu-xenial-host
* Getting started with qemu : https://drewdevault.com/2018/09/10/Getting-started-with-qemu.html * Getting started with qemu : https://drewdevault.com/2018/09/10/Getting-started-with-qemu.html
* Great guide : https://github.com/ekistece/Fedora-33-VFIO-guide/
* https://www.cyberciti.biz/faq/how-to-install-kvm-on-centos-8-headless-server/
* https://ostechnix.com/install-and-configure-kvm-in-ubuntu-20-04-headless-server/
* https://www.cyberciti.biz/faq/how-to-install-kvm-on-ubuntu-20-04-lts-headless-server/
* https://computingforgeeks.com/how-to-install-kvm-on-fedora/
* https://www.server-world.info/en/note?os=CentOS_7&p=kvm&f=10
* https://scottlinux.com/2017/05/10/how-to-enable-iommu-support-in-fedora-linux/
* https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF
* https://heiko-sieger.info/creating-a-windows-10-vm-on-the-amd-ryzen-9-3900x-using-qemu-4-0-and-vga-passthrough/
* https://marzukia.github.io/post/fedora-32-and-gpu-passthrough-vfio/
* https://forum.level1techs.com/t/vfio-in-2019-fedora-workstation-general-guide-though-branch-draft/145106
* https://marzukia.github.io/post/fedora-32-and-gpu-passthrough-vfio/
* https://gitlab.com/Karuri/vfio
* https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF
* https://thereisnospoon.ews-network.net/posts/fedora-30-win10-nvidia-gpu-passthrough/
* https://mathiashueber.com/performance-tweaks-gaming-on-virtual-machines/
## Package management ---
## Misc
### XML
* http://functionx.com/xml/Lesson04.htm
### Communities
* To-do
### Unsorted
* [Index of Documentation for People Interested in Writing and/or Understanding the Linux Kernel](http://www.dit.upm.es/~jmseyas/linux/kernel/hackers-docs.html)
### Wayland
* GUI : http://bhepple.com/doku/doku.php?id=sway:sway-apps
* Wayland on archlinux : https://www.fosskers.ca/en/blog/wayland
### Cloud gaming
* Gaming Anywhere : https://github.com/chunying/gaminganywhere
### Cloud-init
* https://wiki.archlinux.org/title/Cloud-init
### Headless virtualization
* https://www.ostechnix.com/setup-headless-virtualization-server-using-kvm-ubuntu/
* https://www.cyberciti.biz/faq/installing-kvm-on-ubuntu-16-04-lts-server/
* fedora headless virt group (`dnf groupinstall -y "Headless Virtualization")
### ACS Override
* Fedora ACS override https://github.com/Somersall-Natalie/fedora-acs-override
* ACS Override Kernel Builds https://queuecumber.gitlab.io/linux-acs-override/
* Fedora Build ACS Override Patch Kernel https://wiki.myhypervisor.ca/books/linux/page/fedora-build-acs-override-patch-kernel
* ACS Overrride patch for debian https://github.com/raphendyr/acs-override
* [PATCH] pci: Enable overrides for missing ACS capabilities PCIe ACS (Access Control Services) : https://lkml.org/lkml/2013/5/30/513
* IOMMU Groups, inside and out http://vfio.blogspot.com/2014/08/iommu-groups-inside-and-out.html
### Package management
* RPM Packaging Guide : https://rpm-packaging-guide.github.io/#preparing-software-for-packaging * RPM Packaging Guide : https://rpm-packaging-guide.github.io/#preparing-software-for-packaging
* Join the package collection maintainers : https://fedoraproject.org/wiki/Join_the_package_collection_maintainers * Join the package collection maintainers : https://fedoraproject.org/wiki/Join_the_package_collection_maintainers
@ -201,7 +441,20 @@ Create Linux images for deployment on real hardware, virtualisation, and now eve
* alux - a minimal Linux kernel distribution : https://github.com/alexhultman/alux * alux - a minimal Linux kernel distribution : https://github.com/alexhultman/alux
* Build and run minimal linux with QEMU : https://gist.github.com/seokbeomKim/9cff93b073573fe535534c522c6e53e1 * Build and run minimal linux with QEMU : https://gist.github.com/seokbeomKim/9cff93b073573fe535534c522c6e53e1
## Communication ### VDI-related
* Isaard vdi : https://isard.gitlab.io/isardvdi-docs/#why-choose-isardvdi
* VirtualGL https://github.com/VirtualGL/virtualgl/releases
---
## Meta
* [Awesome Virtualization](https://github.com/Wenzel/awesome-virtualization), A curated list of awesome resources about virtualization
---
## Project
### Mascot ### Mascot
@ -209,319 +462,15 @@ Create Linux images for deployment on real hardware, virtualisation, and now eve
## Funding ## Funding
NGI Open Calls : https://www.ngi.eu/opencalls/#ngi-zero-pet-opencall * NGI Open Calls : https://www.ngi.eu/opencalls/#ngi-zero-pet-opencall
## MISC ----
* Isaard vdi : https://isard.gitlab.io/isardvdi-docs/#why-choose-isardvdi
## Desktop environment ## Books
### Wayland ### On Linux
* GUI : http://bhepple.com/doku/doku.php?id=sway:sway-apps
* Wayland on archlinux : https://www.fosskers.ca/en/blog/wayland
## Virtualization tool
* https://docs.fedoraproject.org/en-US/Fedora/23/html/Virtualization_Getting_Started_Guide/sec-Other-Useful-tools.html
* https://github.com/kvmtool/kvmtool kvmtool is a lightweight tool for hosting KVM guests. As a pure virtualization tool it only supports guests using the same architecture, though it supports running 32-bit guests on those 64-bit architectures that allow this.
## Networking
### Bridge
* How To Create and Configure Bridge Networking For KVM in Linux : https://computingforgeeks.com/how-to-create-and-configure-bridge-networking-for-kvm-in-linux/
* https://docs.fedoraproject.org/en-US/Fedora/13/html/Virtualization_Guide/sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt.html
* Networking in Libvirt : https://wiki.libvirt.org/page/Networking
* https://lukas.zapletalovi.com/2015/09/fedora-22-libvirt-with-bridge.html
* How to Setup Bridge Networking with KVM on Ubuntu 20.04 : https://levelup.gitconnected.com/how-to-setup-bridge-networking-with-kvm-on-ubuntu-20-04-9c560b3e3991
### Bridge Wireless Cards
* https://shanetomlinson.com/bridging-a-wireless-card-in-kvmqemu/
* https://web.archive.org/web/20160821085327/http://blog.bodhizazen.net/linux/bridge-wireless-cards/
* https://gist.github.com/Jiab77/4cf278ac3ad59665969bdf73e083a847
* https://unix.stackexchange.com/questions/159191/setup-kvm-on-a-wireless-interface-on-a-laptop-machine
## Cloud gaming
* Gaming Anywhere : https://github.com/chunying/gaminganywhere
## Linux KVM
https://thereisnospoon.ews-network.net/posts/fedora-30-win10-nvidia-gpu-passthrough/
https://www.redhat.com/en/blog/all-you-need-know-about-kvm-userspace
Windows Gaming on Linux: Single GPU Passthrough Guide https://www.youtube.com/watch?v=3BxAaaRDEEw
Using the KVM API https://lwn.net/Articles/658511/
Sparkler: A KVM-based Virtual Machine Manager : https://unixism.net/2019/10/sparkler-kvm-based-virtual-machine-manager/
## 3D in a VM virtual gpu virtugl virtio-gl virgil
* Virglrenderer and the state of virtualized virtual worlds, 2019. https://www.collabora.com/news-and-blog/blog/2019/08/28/virglrenderer-state-of-virtualized-virtual-worlds/
* Virtualizing GPU Access https://www.collabora.com/news-and-blog/blog/2018/02/12/virtualizing-gpu-access/
* Android https://linuxhint.com/android_qemu_play_3d_games_linux/
* https://www.kraxel.org/blog/2016/09/using-virtio-gpu-with-libvirt-and-spice/
* https://src.fedoraproject.org/rpms/virglrenderer
* https://github.com/VirtualGL/virtualgl/releases
* https://virtualgl.org/About/Introduction
* http://virgil3d.github.io/
* https://www.studiopixl.com/2017-08-27/3d-acceleration-using-virtio.html
* https://cgit.freedesktop.org/virglrenderer
* https://github.com/Keenuts/virtio-gpu-documentation
* https://at.projects.genivi.org/wiki/display/DIRO/VIRTIO+GPU+Operation+Highlights
* https://www.reddit.com/r/archlinux/comments/7nmceg/kvmqemu_with_virtiogpu_virgl_support_enabled/
* https://forums.unraid.net/topic/62276-gpu-virtualization-virtio-gpu-virgl-sr-iov-mxgpu-vdi-spice/
* https://github.com/ekistece/Fedora-33-VFIO-guide/
* www.reddit.com/r/VFIO/comments/h9zijx/fedora_32_and_gpu_passthrough_vfio/
* https://czak.pl/2020/04/09/three-levels-of-qemu-graphics.html
* http://events17.linuxfoundation.org/sites/events/files/slides/KVM%20Forum%202014%20-%20VFIO%2C%20OVMF%2C%20GPU%2C%20and%20You%20-%20Alex%20Williamson.pdf
* Virgil 3d project homepage : http://virgil3d.github.io/
* Introducing Virgil - 3D virtual GPU for qemu : https://airlied.livejournal.com/77553.html
## Modes of 3D acceleration in a VM explained
https://www.kraxel.org/blog/2019/09/display-devices-in-qemu/
## Intel HAXM
Nested virtualization support : https://github.com/intel/haxm/issues/51
# Gitea awesome list
Awesome Gitea : https://gitea.com/gitea/awesome-gitea
## Cloud-init
https://wiki.archlinux.org/title/Cloud-init
virt-install --cloud-init support : https://blog.wikichoon.com/2020/09/virt-install-cloud-init.html
## KVM server
[2016] Performant Security Hardening of KVM by Steve Rutherford : https://www.youtube.com/watch?v=vj5PA_D03Vg
Great guide : https://github.com/ekistece/Fedora-33-VFIO-guide/
https://mathiashueber.com/performance-tweaks-gaming-on-virtual-machines/
https://www.cyberciti.biz/faq/how-to-install-kvm-on-centos-8-headless-server/
https://ostechnix.com/install-and-configure-kvm-in-ubuntu-20-04-headless-server/
https://www.cyberciti.biz/faq/how-to-install-kvm-on-ubuntu-20-04-lts-headless-server/
https://computingforgeeks.com/how-to-install-kvm-on-fedora/
https://www.server-world.info/en/note?os=CentOS_7&p=kvm&f=10
'virt-host-validate' to check whether QEMU and LXC are setup correctly
https://scottlinux.com/2017/05/10/how-to-enable-iommu-support-in-fedora-linux/
https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF
https://heiko-sieger.info/creating-a-windows-10-vm-on-the-amd-ryzen-9-3900x-using-qemu-4-0-and-vga-passthrough/
https://marzukia.github.io/post/fedora-32-and-gpu-passthrough-vfio/
https://forum.level1techs.com/t/vfio-in-2019-fedora-workstation-general-guide-though-branch-draft/145106
https://marzukia.github.io/post/fedora-32-and-gpu-passthrough-vfio/
https://gitlab.com/Karuri/vfio
https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF
https://www.linux-kvm.org/page/KVM_Features
## Libvirt
https://wiki.archlinux.org/title/Libvirt
## Guest protection
https://www.computer.org/csdl/proceedings-article/hpca/2018/365901a441/12OmNzkMlRm
https://ipads.se.sjtu.edu.cn/_media/publications/fidelius_hpca18.pdf
## Nested virt. with KVM
https://www.rdoxenham.com/?p=275
https://docs.fedoraproject.org/en-US/quick-docs/using-nested-virtualization-in-kvm/
(Mostly) Exitless VM Protection from Untrusted Hypervisor through Disaggregated Nested Virtualization
https://www.usenix.org/conference/usenixsecurity20/presentation/mi
https://www.researchgate.net/publication/261020814_Architecture_support_for_guest-transparent_VM_protection_from_untrusted_hypervisor_and_physical_attacks
## Hackintosh
https://dortania.github.io/OpenCore-Install-Guide/installer-guide/linux-install.html#downloading-macos
## ACS Override
* Fedora ACS override https://github.com/Somersall-Natalie/fedora-acs-override
* ACS Override Kernel Builds https://queuecumber.gitlab.io/linux-acs-override/
* Fedora Build ACS Override Patch Kernel https://wiki.myhypervisor.ca/books/linux/page/fedora-build-acs-override-patch-kernel
* ACS Overrride patch for debian https://github.com/raphendyr/acs-override
* [PATCH] pci: Enable overrides for missing ACS capabilities PCIe ACS (Access Control Services) : https://lkml.org/lkml/2013/5/30/513
* IOMMU Groups, inside and out http://vfio.blogspot.com/2014/08/iommu-groups-inside-and-out.html
## Security
### Secure Boot
https://www.kraxel.org/slides/virtual-secure-boot/#hands-on-libvirt
* [Openstack] Allow Secure Boot (SB) for QEMU- and KVM-based guests :
https://specs.openstack.org/openstack/nova-specs/specs/train/approved/allow-secure-boot-for-qemu-kvm-guests.html
### sVirt
http://www.virtualopensystems.com/en/solutions/guides/kvm-svirt-omap5/
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/ch07s02
sVirt: Hardening Linux Virtualization with Mandatory Access Control https://www.youtube.com/watch?v=1e1gHOBduuQ
### Qemu
https://qemu.readthedocs.io/en/latest/system/security.html
### TPM
https://fossies.org/linux/qemu/docs/specs/tpm.rst
### Ideas from hackernews blog post (as used by Red Hat)
* Aggressively compile out unused features/devices.
* Confine each VM with separate SELinux contexts (sVirt).
* Run qemu as a special non-root user.
* Use seccomp to confine the system calls.
* Pass in pre-opened file descriptors to qemu, so qemu doesn't need to open files (helps with writing tightly confined SELinux policy).
* Run qemu in a cgroup.
* Run qemu-img with resource limits.
* Compile qemu with all hardening features enabled like RELRO, PIE, etc.
* Audit the code manually and with Coverity.
* Take security reports seriously and have a fast patching mechanism (you can effectively "live patch" qemu by migrating a VM off the old qemu and on to the new qemu).
Probably more that I've forgotten about ...
https://news.ycombinator.com/item?id=18588899
### Other ressources
ERNW_Hardening_KVM : https://github.com/ernw/hardening/blob/master/hypervisor/kvm/ERNW_Hardening_KVM.md
Security in QEMUHow Virtual Machines provide Isolation : https://vmsplice.net/~stefan/stefanha-kvm-forum-2018.pdf
Qemu hardening with CT: https://www.redhat.com/en/blog/hardening-qemu-through-continuous-security-testing
## Headless virtualization
https://www.ostechnix.com/setup-headless-virtualization-server-using-kvm-ubuntu/
https://www.cyberciti.biz/faq/installing-kvm-on-ubuntu-16-04-lts-server/
fedora headless virt group
## RESSOURCES Unraid
https://forums.unraid.net/topic/54834-video-guideall-about-docker-in-unraid-docker-principles-and-setup/
https://forums.unraid.net/topic/84226-wireguard-quickstart/
https://forums.unraid.net/topic/80251-unraid-beginners-tutorial/
https://forums.unraid.net/topic/84316-wireguard-vpn-tunneled-access/
https://forums.unraid.net/topic/84226-wireguard-quickstart/
https://vfio.blogspot.com/2014/08/iommu-groups-inside-and-out.html ACS Override
https://forums.unraid.net/topic/51230-video-guidehow-to-pass-through-an-nvidia-gpu-as-primary-or-only-gpu-in-unraid/ gpu primary
Add that line to network boot loader
<boot order='2'/>
## windows guest tweaking :
https://wiki.unraid.net/UnRAID_6/VM_Guest_Support
Additionally, in case you are using QEMU 4.0 (or higher) in combination with a Q35 chip, the flag ioapic driver='kvm' needs to be added in the features section (see excerpt marked blue).
https://mathiashueber.com/fighting-error-43-nvidia-gpu-virtual-machine/
## Q35 Versus i440fx
https://www.reddit.com/r/VFIO/comments/5ireij/differencesbenefits_between_i440fx_and_q35/
https://wiki.qemu.org/Features/Q35
## Storage-related file
### TRIM in VM
https://chrisirwin.ca/posts/discard-with-kvm/
### Drive options
https://heiko-sieger.info/qemu-system-x86_64-drive-options/
### Virtio-FS
https://www.tauceti.blog/post/qemu-kvm-share-host-directory-with-vm-with-virtio/
### RAW versus QCOW2
https://www.tutos.snatch-crash.fr/proxmox-raw-vs-qcow2-vs-vmdk/
### QCOW Encryption
https://github.com/qemu/qemu/commit/12f7efd02ee4e7144b842a1437defb997b9ae66b
https://libvirt.org/formatstorageencryption.html
https://patchwork.kernel.org/project/qemu-devel/patch/20170210170910.8867-14-berrange@redhat.com/
https://patchwork.kernel.org/project/qemu-devel/patch/20170126101827.22378-13-berrange@redhat.com/
https://www.berrange.com/posts/2015/03/17/qemu-qcow2-built-in-encryption-just-say-no-deprecated-now-to-be-deleted-soon/
### SeaBIOS versus edk2
https://mail.coreboot.org/pipermail/seabios/2014-February/007689.html
### Snapshot of efi-based VM
https://lists.gnu.org/archive/html/qemu-devel/2020-09/msg05221.html
https://bugzilla.redhat.com/show_bug.cgi?id=1881850
## IOMMU Exploit
* Thunderclap : https://www.ndss-symposium.org/wp-content/uploads/ndss2019_05A-1_Markettos_slides.pdf
## XML
* http://functionx.com/xml/Lesson04.htm
## Intel GVT-g
* https://wiki.gentoo.org/wiki/User:Shunlir/Intel_GVT-g
* https://libvirt.org/drvnodedev.html
* https://blog.tmm.cx/2020/05/15/passing-an-intel-gpu-to-a-linux-kvm-virtual-machine/
* https://blog.bepbep.co/posts/gvt/
* https://reposhub.com/cpp/miscellaneous/DualCoder-vgpu_unlock.html
* https://lantian.pub/en/article/modify-computer/laptop-intel-nvidia-optimus-passthrough.lantian/
* https://wiki.archlinux.org/title/Intel_GVT-g
* The Linux Command Line, 2nd Edition: A Complete Introduction
* Understanding the Linux Kernel 3e
* Linux System Programming 2ed
* The Linux Programming Interface: A Linux and UNIX System Programming Handbook (English Edition)