More detailed documentation on how to modify kvm-qemu.sh is needed

[seanthegeek]

The CAPE installation documentation states:

While you can install and use any hypervisor you like, we recommend using KVM. The script to install everything related to KVM (including KVM itself) can be found here: kvm-qemu.sh. Note We recommend using the script to install everything related with KVM-Qemu since the script performs a stealthier configuration and achieves better performance than the installation from APT. BEFORE executing the script, you should replace the occurrences withing the script itself with real hardware patterns. You can use acpidump in Linux and acpiextract in Windows to obtain such patterns, as stated in the script itself. Warning If you are installing or using CAPE in a laboratory environment you can replace with any random 4 chars you like. However, if you are planning to use CAPE in real production environments and you want to hinder the sandbox/VM detection, you should use REAL hardware 4 chars. To find out which chars correspond to each piece of HW, you should use ACPIDUMP/ACPIEXTRACT and Google.

The comments linked to in the script itself show various commands to run, but there is no documentation on what to do with the output of these commands.

# ACPI tables related
# https://wiki.archlinux.org/index.php/DSDT
# Dump on linux
#   acpidump > acpidump.out
# Dump on Windows
#   https://acpica.org/downloads/binary-tools
#    acpixtract -a acpi/4/acpi.dump

# acpixtract -a acpidump.out
# iasl -d DSDT.dat
# Decompile: iasl -d dsdt.dat
# Recompile: iasl -tc dsdt.dsl

acpixtract must be run as sudo/root, which is not reflected in the documentation in the script comments. The comments in the script say to run iasl -d DSDT.dat, DSDT.dat does not exist, but dsdt.dat does, so I think that is a typo.

So, I ended up running the following commands:

sudo acpidump > acpidump.out
acpixtract -a acpidump.out
iasl -d dsdt.dat

I'm guessing dsdt.dsl (i.e., the decompiled dsdt.dat) contains the values that should be used to replace the <WOOT> values in kvm-qemu.sh, but I have no idea where to look for each value. Any tips?

Also, it doesn't seem to be necessary to recompile if file, since we are just using the values from the decompiled source file?

It would also be good to include tips to use lscpu to get your own CPU ID string, and lspci to get models of drives. That way, the person following the guide can use their own values, instead of providing another common identifier.

Any tips for picking our own BIOS table dates to make them more realistic?

[github-actions[bot]]

@seanthegeek: hello! :wave:

This issue is being automatically closed because it does not follow the issue template. If you don't care to provide proper details. I won't waste my time here

[seanthegeek]

Having a bot auto reopen an issue three minutes after auto closing it is interesting...

[doomedraven]

drunk bot :D

thanks for spot i have to remove any ref from cape docs to my personal repo. i don't have more docs for that. i did my patched private version years ago. but there is link to arch wiki which i used so you have a good start point