{"id":21634075,"url":"https://github.com/bedrocksystems/nova","last_synced_at":"2025-04-11T15:30:35.295Z","repository":{"id":44096635,"uuid":"237692476","full_name":"bedrocksystems/NOVA","owner":"bedrocksystems","description":"NOVA Microhypervisor","archived":false,"fork":false,"pushed_at":"2025-03-04T12:07:05.000Z","size":22058,"stargazers_count":18,"open_issues_count":1,"forks_count":2,"subscribers_count":2,"default_branch":"release","last_synced_at":"2025-03-25T11:39:09.027Z","etag":null,"topics":["aarch64","cplusplus","hypervisor","kernel","microhypervisor","microkernel","performance","security","virtualization","x86-64"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bedrocksystems.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".gitlab/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-02-01T23:26:45.000Z","updated_at":"2025-03-04T12:07:27.000Z","dependencies_parsed_at":"2025-03-04T13:20:55.626Z","dependency_job_id":"70131241-9b61-43ea-9633-e9b157bca82f","html_url":"https://github.com/bedrocksystems/NOVA","commit_stats":null,"previous_names":[],"tags_count":29,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bedrocksystems%2FNOVA","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bedrocksystems%2FNOVA/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bedrocksystems%2FNOVA/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bedrocksystems%2FNOVA/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bedrocksystems","download_url":"https://codeload.github.com/bedrocksystems/NOVA/tar.gz/refs/heads/release","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248431219,"owners_count":21102157,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aarch64","cplusplus","hypervisor","kernel","microhypervisor","microkernel","performance","security","virtualization","x86-64"],"created_at":"2024-11-25T03:15:39.776Z","updated_at":"2025-04-11T15:30:35.270Z","avatar_url":"https://github.com/bedrocksystems.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NOVA Microhypervisor\n\nThis is the source code for the NOVA microhypervisor.\n\nThe NOVA microhypervisor combines microkernel and hypervisor functionality\nand provides an extremely small trusted computing base for user applications\nand virtual machines running on top of it. The microhypervisor implements a\ncapability-based authorization model and provides basic mechanisms for\nvirtualization, spatial and temporal separation, scheduling, communication,\nand management of platform resources.\n\nNOVA can be used with a multi-server environment that implements additional\noperating-system services in user mode, such as device drivers, protocol\nstacks, and policies. On machines with hardware virtualization features,\nmultiple unmodified guest operating systems can run concurrently on top of\nthe microhypervisor.\n\n**This code is experimental and not feature complete. If it breaks, you get\n  to keep both pieces.**\n\n## Building\n\n### Required Tools\n\nThe following tools are required to compile the source code:\n\n| **Tool** | **Minimum Version** | **Available From**                |\n| :------- | :-----------------: | :-------------------------------- |\n| binutils | 2.38                | https://ftp.gnu.org/gnu/binutils/ |\n| gcc      | 12.4                | https://ftp.gnu.org/gnu/gcc/      |\n| make     | 4.0                 | https://ftp.gnu.org/gnu/make/     |\n\n### Build Environment\n\nThe build environment can be customized permanently in `Makefile.conf` or\nad hoc by passing the applicable `ARCH`, `BOARD` and `PREFIX_` variables to\nthe invocation of `make` as described below.\n\n- `PREFIX_aarch64` sets the path for an **ARMv8-A** cross-toolchain\n- `PREFIX_x86_64` sets the path for an **x86 (64bit)** cross-toolchain\n\nFor example, if the ARMv8-A cross-toolchain is located at\n```\n/opt/aarch64-linux/bin/aarch64-linux-gcc\n/opt/aarch64-linux/bin/aarch64-linux-as\n/opt/aarch64-linux/bin/aarch64-linux-ld\n```\n\nthen set `PREFIX_aarch64=/opt/aarch64-linux/bin/aarch64-linux-`\n\n### Supported Architectures\n\n#### ARMv8-A (64bit)\n\nFor CPUs with ARMv8-A architecture and boards with\n- either Advanced Configuration and Power Interface (ACPI)\n- or Flattened Device Tree (FDT)\n\n| **Platform**                          | **Build Command**                            |\n| :------------------------------------ | :------------------------------------------- |\n| Generic Arm ACPI Platform             | `make ARCH=aarch64 BOARD=acpi`               |\n| QEMU Virt Platform                    | `make ARCH=aarch64 BOARD=qemu`               |\n| Allwinner A64                         | `make ARCH=aarch64 BOARD=allwinner_a64`      |\n| Amlogic G12B                          | `make ARCH=aarch64 BOARD=amlogic_g12b`       |\n| Amlogic SM1                           | `make ARCH=aarch64 BOARD=amlogic_sm1`        |\n| Broadcom BCM2711                      | `make ARCH=aarch64 BOARD=broadcom_bcm2711`   |\n| HiSilicon Hi3660                      | `make ARCH=aarch64 BOARD=hisilicon_hi3660`   |\n| NVIDIA Tegra X1                       | `make ARCH=aarch64 BOARD=nvidia_tegrax1`     |\n| NVIDIA Tegra X2                       | `make ARCH=aarch64 BOARD=nvidia_tegrax2`     |\n| NVIDIA Xavier                         | `make ARCH=aarch64 BOARD=nvidia_xavier`      |\n| NXP i.MX 8M                           | `make ARCH=aarch64 BOARD=nxp_imx8m`          |\n| Qualcomm Snapdragon 670               | `make ARCH=aarch64 BOARD=qualcomm_sdm670`    |\n| Renesas R-Car M3                      | `make ARCH=aarch64 BOARD=renesas_rcar3`      |\n| Rockchip RK3399                       | `make ARCH=aarch64 BOARD=rockchip_rk3399`    |\n| Texas Instruments AM62x               | `make ARCH=aarch64 BOARD=ti_am62x`           |\n| Texas Instruments J721E               | `make ARCH=aarch64 BOARD=ti_j721e`           |\n| Xilinx Zynq Ultrascale+ MPSoC CG      | `make ARCH=aarch64 BOARD=xilinx_zynq_cg`     |\n| Xilinx Zynq Ultrascale+ MPSoC Ultra96 | `make ARCH=aarch64 BOARD=xilinx_zynq_u96`    |\n| Xilinx Zynq Ultrascale+ MPSoC ZCU102  | `make ARCH=aarch64 BOARD=xilinx_zynq_zcu102` |\n\n#### x86 (64bit)\n\nFor CPUs with x86 architecture\n- Intel VT-x (VMX+EPT) + optionally VT-d\n- AMD-V (SVM+NPT)\n\nand boards with Advanced Configuration and Power Interface (ACPI).\n\n| **Platform**                          | **Build Command**  |\n| :------------------------------------ | :----------------- |\n| Generic x86 ACPI Platform             | `make ARCH=x86_64` |\n\n##### Control-Flow Enforcement Technology (CET)\n\nNOVA can be built with support for control-flow protection. Because\ncontrol-flow protected binaries require a CPU with CET support and because\nof the resulting performance overhead, CFP is disabled by default.\nProtection features can be enabled at build time as follows:\n\n| **Feature Level**                     | **Build Command**             |\n| :------------------------------------ | :---------------------------- |\n| No Control-Flow Protection (Default)  | `make ARCH=x86_64 CFP=none`   |\n| CET Indirect Branch Tracking (IBT)    | `make ARCH=x86_64 CFP=branch` |\n| CET Supervisor Shadow Stacks (SSS)    | `make ARCH=x86_64 CFP=return` |\n| CET IBT and CET SSS                   | `make ARCH=x86_64 CFP=full`   |\n\n##### Trusted Execution Technology (TXT)\n\nOn TXT-enabled platforms, NOVA performs a measured launch to establish a\nDynamic Root of Trust for Measurement (DRTM) if an SINIT Authenticated Code\nModule (ACM) matching the platform is present in TXT memory.\n\nThe SINIT ACM is typically loaded into TXT memory\n- on server platforms: by the firmware\n- on client platforms: by the bootloader\n\n## Booting\n\nSee the NOVA interface specification in the `doc` directory for details\nregarding booting the NOVA microhypervisor.\n\n## License\n\nThe NOVA source code is licensed under the **GPL version 2**.\n\n```\nCopyright (C) 2009-2011 Udo Steinberg \u003cudo@hypervisor.org\u003e\nEconomic rights: Technische Universitaet Dresden (Germany)\n\nCopyright (C) 2012-2013 Udo Steinberg, Intel Corporation.\nCopyright (C) 2014 Udo Steinberg, FireEye, Inc.\nCopyright (C) 2019-2025 Udo Steinberg, BlueRock Security, Inc.\n\nNOVA is free software: you can redistribute it and/or modify it\nunder the terms of the GNU General Public License version 2 as\npublished by the Free Software Foundation.\n\nNOVA is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\nGNU General Public License version 2 for more details.\n```\n\n## Contact\n\nFeedback and comments should be sent to udo@hypervisor.org\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbedrocksystems%2Fnova","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbedrocksystems%2Fnova","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbedrocksystems%2Fnova/lists"}