lirent/qemu-spoof
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5 Commits 1 Branch 0 Tags
4998af9cd1d7c8787ae79b77fa5289502dc56e3f
Commit Graph

5 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
lirent 4998af9cd1 spoof: SMBIOS type 8 (ports) + type 9 (slots) defaults (patch 0025) 
Phase 1. Real boards expose port connectors and expansion slots; QEMU emits none, so a
guest dmidecode looks conspicuously empty. Inject a plausible desktop default set
(USB/LAN/audio ports + PCIe/M.2 slots) via the existing type8/type9 build path when none
were configured. Inert without a seed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-11 23:20:51 +03:00
lirent ec27a8f4e5 spoof: spoof-mode master fork (none/hyperv/vbs/physical) + microsoft-vm persona 
Phase 0. Replace the spoof-hv knob with spoof-mode, a first-class selector modeled as
two axes (persona x presence) exposed as 4 presets:
- none: stock (spoof_on now requires mode != none, killing half-spoof states)
- hyperv: Microsoft Virtual Machine persona + Hyper-V presence (honest child VM)
- vbs (seeded default): real-OEM persona + Hyper-V presence (mimic physical Win11+VBS)
- physical: real-OEM persona + bare metal

Engine: spoof_mode()/spoof_persona_msvm()/spoof_presence_hyperv() in spoof-core; the
hv/waet/pvpanic/vmgenid policies now derive from the mode. microsoft-vm persona wired
across platform (ACPI OEM VRTUAL/MICROSFT, Microsoft Corporation), system type1
(Virtual Machine), storage (Virtual HD / Msft Virtual DVD-ROM) and EDID (MSF/Hyper-V).
New getters spoof_system_manufacturer/product (type1, real-OEM or Hyper-V). Patches:
0002 registers spoof-mode; 0024 now also forces type1 system identity. spoof-hv kept
as a back-compat alias. Inert without a seed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-11 23:15:15 +03:00
lirent 3268fe11e1 spoof: class-bound nvme PCI vendor:device (extend 0018) 
Override the qemu-nvme controller vendor:device (Red Hat 1b36:0010) to a real NVMe
vendor matched to the spoofed model brand (Samsung/WD/Kioxia/Kingston/Intel/SMI/
hynix/Micron/Phison), with a coherent subsystem. Safe: NVMe binds by class code,
not id, and this runs before nvme_init_ctrl so the IDENTIFY vid/ssvid stay aligned.
virtio/GPU vendor:device untouched (load-bearing). Inert without a seed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-11 22:35:47 +03:00
lirent 9b17bdfa33 spoof: SMBIOS type0 BIOS vendor/version/date 
Force a real, platform-anchored OEM BIOS identity into SMBIOS type0 (patch 0024 +
spoof_bios_version/spoof_bios_date getters) so the guest does not read an empty or
firmware-default BIOS vendor via WMI/dmidecode. Vendor coheres with the board;
version uses the vendor real format. Inert without a seed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-06-11 22:14:12 +03:00
lirent 06463ee65c qemu-spoof: seed-driven per-VM hardware-identity anti-detection for pve-qemu 2026-06-11 17:34:09 +03:00