Kernel package CI for Linux with PVM patches applied

This project builds the Linux kernel as RPM packages for various Linux distros and cloud-provider specific configurations with the PVM patches applied. It also adds a few custom patches to allow snapshot/restore across heterogeneous systems, such as between different cloud providers.

Interested in using PVM to live migrate VMs between cloud providers or need guest kernel builds? Check out Loophole Labs Architect and Loophole Labs Drafter!

Replace all occurrences of fedora to your distribution of choice (valid values are: fedora, rocky, alma) and hetzner to your cloud provider of choice (valid values are: baremetal, hetzner, digitalocean, aws, gcp, equinix, ovh, azure, civo, linode)

Note that saving and restoring a snapshot between 4-level paging mode hosts (such as older AWS machine models) and 5-level paging mode hosts (such as newer GCP machine models) is not possible at this time (see virt-pvm/linux#6 (comment))

We set lapic=notscdeadline on the host to fix freezes during snapshot restores to work around firecracker-microvm/firecracker#4099

#cloud-config
runcmd:
  - dnf config-manager --add-repo 'https://loopholelabs.github.io/linux-pvm-ci/fedora/hetzner/repodata/linux-pvm-ci.repo'
  - dnf install -y kernel-6.7.12_pvm_host_fedora_hetzner-1.x86_64
  - grubby --set-default /boot/vmlinuz-6.7.12-pvm-host-fedora-hetzner
  - grubby --copy-default --args="pti=off nokaslr lapic=notscdeadline" --update-kernel /boot/vmlinuz-6.7.12-pvm-host-fedora-hetzner
  - dracut --force --kver 6.7.12-pvm-host-fedora-hetzner
  - reboot

write_files:
  - path: /etc/modprobe.d/kvm-intel-amd-blacklist.conf
    permissions: "0644"
    content: |
      blacklist kvm-intel
      blacklist kvm-amd
  - path: /etc/modules-load.d/kvm-pvm.conf
    permissions: "0644"
    content: |
      kvm-pvm

power_state:
  mode: reboot
  condition: True

sudo dnf config-manager --add-repo 'https://loopholelabs.github.io/linux-pvm-ci/fedora/hetzner/repodata/linux-pvm-ci.repo'
sudo dnf install -y kernel-6.7.12_pvm_host_fedora_hetzner-1.x86_64

sudo grubby --set-default /boot/vmlinuz-6.7.12-pvm-host-fedora-hetzner
sudo grubby --copy-default --args="pti=off nokaslr lapic=notscdeadline" --update-kernel /boot/vmlinuz-6.7.12-pvm-host-fedora-hetzner
sudo dracut --force --kver 6.7.12-pvm-host-fedora-hetzner

sudo tee /etc/modprobe.d/kvm-intel-amd-blacklist.conf <<EOF
blacklist kvm-intel
blacklist kvm-amd
EOF
echo "kvm-pvm" | sudo tee /etc/modules-load.d/kvm-pvm.conf

sudo reboot

lsmod | grep pvm # Check if PVM is available

Bug reports and pull requests are welcome on GitHub at https://github.com/loopholelabs/linux-pvm-ci. For more contribution information check out the contribution guide.

The Linux PVM CI project is available as open source under the terms of the GNU General Public License, Version 2.

Everyone interacting in the Linux PVM CI project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the CNCF Code of Conduct.