diff --git a/.buildkite/pipeline_pr.py b/.buildkite/pipeline_pr.py index bc701577d98..b81c8145f42 100755 --- a/.buildkite/pipeline_pr.py +++ b/.buildkite/pipeline_pr.py @@ -4,6 +4,8 @@ """Generate Buildkite pipelines dynamically""" +from pathlib import Path + from common import ( BKPipeline, ci_artifacts_change_mode, @@ -11,6 +13,47 @@ run_all_tests, ) +# Secret hiding kernel variants live in per-variant subfolders here. The +# generator runs from the repo root, hence the repo-relative path. +HIDING_KERNELS_DIR = Path("resources/hiding_ci/kernels") + + +def hiding_kernel_variants(): + """Discover the secret hiding kernel variants to build.""" + if not HIDING_KERNELS_DIR.is_dir(): + return [] + return sorted(p.name for p in HIDING_KERNELS_DIR.iterdir() if p.is_dir()) + + +def affected_hiding_kernel_variants(changed_files): + """Return hiding kernel variants whose inputs changed.""" + variants = hiding_kernel_variants() + + if not changed_files: + return variants + + affected = set() + shared_hiding_ci_changed = False + + for path in changed_files: + parts = path.parts + + if len(parts) < 2 or parts[:2] != ("resources", "hiding_ci"): + continue + + if len(parts) >= 4 and parts[:3] == ("resources", "hiding_ci", "kernels"): + variant = parts[3] + if variant in variants: + affected.add(variant) + else: + shared_hiding_ci_changed = True + + if shared_hiding_ci_changed: + return variants + + return sorted(affected) + + # Buildkite default job priority is 0. Setting this to 1 prioritizes PRs over # scheduled jobs and other batch jobs. DEFAULT_PRIORITY = 1 @@ -85,13 +128,17 @@ depends_on_build=False, ) -if not changed_files or ( - any(parent.name == "hiding_ci" for x in changed_files for parent in x.parents) -): +for variant in affected_hiding_kernel_variants(changed_files): + # One build job per variant x arch, so each variant gets parallel + # wall-clock and its own pass/fail signal in the Buildkite UI. pipeline.build_group_per_arch( - "🕵️ Build Secret Hiding Kernel", + f"🕵️ Build Secret Hiding Kernel [{variant}]", pipeline.devtool_test( - pytest_opts="-m secret_hiding integration_tests/build/test_hiding_kernel.py", + pytest_opts=( + "-m secret_hiding " + f'-k "test_build_hiding_kernel[{variant}]" ' + "integration_tests/build/test_hiding_kernel.py" + ), ), depends_on_build=False, ) diff --git a/resources/hiding_ci/README.md b/resources/hiding_ci/README.md new file mode 100644 index 00000000000..1d773b0650c --- /dev/null +++ b/resources/hiding_ci/README.md @@ -0,0 +1,74 @@ +# Secret Hiding kernel CI + +This directory builds the "Secret Freedom" / direct-map-removal kernels used by +Firecracker's secret-hiding CI. Its layout lets you build **multiple kernel +variants of different versions** while sharing as much as possible between them. + +## Layout + +``` +resources/hiding_ci/ +├── build_and_install_kernel.sh # builds (and optionally installs) a variant +├── apply_kernel_patches.sh # applies a variant's patch series to a kernel tree +├── dkms.conf # shared ENA driver DKMS config (AL2023) +├── install_ena.sh # shared ENA driver installer (AL2023) +├── kernel_url # shared default git repo to clone from +├── base_config # shared base kernel config overrides +└── kernels/ + └── -/ # one subfolder per variant, e.g. 6.18-secret-hiding + ├── kernel_commit_hash # REQUIRED: base commit to check out + ├── kernel_url # OPTIONAL: repo override (defaults to ../../kernel_url) + ├── config_overrides # OPTIONAL: config overrides merged on top of base_config + └── linux_patches/ # REQUIRED: patch series applied on top of the base commit + ├── GPL-2.0 # license for the patches (travels with them) + ├── README.md + └── NN-feature/*.patch +``` + +### Shared vs per-variant + +- **Shared (root):** the build scripts, the ENA helpers, the default + `kernel_url`, and `base_config` (config knobs common to every hiding kernel). +- **Per-variant (`kernels//`):** the base commit, the patch series, and + any version-specific config or repo overrides. + +The build layers config overrides **base first, then the variant's +`config_overrides` on top** (later values win), matching +`scripts/kconfig/merge_config.sh -m` semantics. `resources/rebuild.sh` uses the +same approach for guest kernels. + +## Naming convention + +Name variant folders `-`, e.g. `6.18-secret-hiding`. The +version prefix is the upstream kernel version of the pinned base commit +(`make -s kernelversion` at that commit). + +## Adding a new variant + +1. Create `kernels/-/`. +1. Add `kernel_commit_hash` with the base commit to check out. +1. Add a `linux_patches/` directory with the patch series (include a `GPL-2.0` + copy alongside the patches, since the license must travel with them). +1. Optionally add `kernel_url` if the variant pulls from a different repo than + the shared root default. +1. Optionally add `config_overrides` for config knobs specific to this variant; + anything common to all variants belongs in the root `base_config`. + +The pytest test (`tests/integration_tests/build/test_hiding_kernel.py`) and the +Buildkite PR pipeline (`.buildkite/pipeline_pr.py`) discover variants from +`kernels/`, so a new variant gets its own build job with no further wiring. + +## Building locally + +```sh +cd resources/hiding_ci +# Build a specific variant without installing it, cleaning up the temp tree after: +./build_and_install_kernel.sh 6.18-secret-hiding --no-install --tidy + +# If exactly one variant exists, the selector may be omitted: +./build_and_install_kernel.sh --no-install --tidy +``` + +Pass `--install` (or answer the prompt) to install the built kernel. Use +`apply_kernel_patches.sh ` from inside an already checked-out kernel +tree to apply the patch series on its own. diff --git a/resources/hiding_ci/apply_kernel_patches.sh b/resources/hiding_ci/apply_kernel_patches.sh index 96b0d429acc..c6d3472228e 100755 --- a/resources/hiding_ci/apply_kernel_patches.sh +++ b/resources/hiding_ci/apply_kernel_patches.sh @@ -34,9 +34,38 @@ apply_all_patches() { done } -SCRIPT_DIR="$(dirname "$0")" -KERNEL_COMMIT_HASH=$(cat "$SCRIPT_DIR"/kernel_commit_hash) -KERNEL_PATCHES_DIR="$SCRIPT_DIR"/linux_patches +SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" + +list_variants() { + for d in "$SCRIPT_DIR"/kernels/*/; do + [ -d "$d" ] && basename "$d" + done +} + +# The variant is the first argument. Default to the sole variant if exactly one +# exists, otherwise require an explicit choice. +VARIANT="${1:-}" +if [ -z "$VARIANT" ]; then + mapfile -t _variants < <(list_variants) + if [ "${#_variants[@]}" -eq 1 ]; then + VARIANT="${_variants[0]}" + else + echo "Usage: $0 " >&2 + echo "Available variants:" >&2 + list_variants | sed 's/^/ - /' >&2 + exit 1 + fi +fi + +VARIANT_DIR="$SCRIPT_DIR/kernels/$VARIANT" +if [ ! -d "$VARIANT_DIR" ]; then + echo "Unknown variant '$VARIANT'. Available variants:" >&2 + list_variants | sed 's/^/ - /' >&2 + exit 1 +fi + +KERNEL_COMMIT_HASH=$(cat "$VARIANT_DIR"/kernel_commit_hash) +KERNEL_PATCHES_DIR="$VARIANT_DIR"/linux_patches HEAD_HASH="$(git rev-parse HEAD)" if [ $? != 0 ]; then diff --git a/resources/hiding_ci/kernel_config_overrides b/resources/hiding_ci/base_config similarity index 100% rename from resources/hiding_ci/kernel_config_overrides rename to resources/hiding_ci/base_config diff --git a/resources/hiding_ci/build_and_install_kernel.sh b/resources/hiding_ci/build_and_install_kernel.sh index ea87cc7450a..1be85a37cf7 100755 --- a/resources/hiding_ci/build_and_install_kernel.sh +++ b/resources/hiding_ci/build_and_install_kernel.sh @@ -116,12 +116,26 @@ check_new_config() { } check_override_presence() { - while IFS= read -r line; do - if ! grep -Fq "$line" .config; then + # Build the effective set of overrides across all override files. Later files + # win, so resolving the last value per CONFIG_* key avoids false failures when + # a variant deliberately overrides a base value (e.g. base X=y, variant X=n). + declare -A effective + local f line key + for f in "${CONFIG_OVERRIDE_FILES[@]}"; do + while IFS= read -r line; do + [ -z "$line" ] && continue + case "$line" in \#*) continue ;; esac + key="${line%%=*}" + effective["$key"]="$line" + done <"$f" + done + + for line in "${effective[@]}"; do + if ! grep -Fxq "$line" .config; then echo "Missing config: $line" exit 1 fi - done <"$KERNEL_CONFIG_OVERRIDES" + done echo "All overrides correctly applied.." } @@ -166,17 +180,80 @@ update_boot_config() { esac } +list_variants() { + for d in "$START_DIR"/kernels/*/; do + [ -d "$d" ] && basename "$d" + done +} + +die_with_variants() { + echo "$1" >&2 + echo "Available variants:" >&2 + list_variants | sed 's/^/ - /' >&2 + exit 1 +} + check_userspace install_build_deps -KERNEL_URL=$(cat kernel_url) -KERNEL_COMMIT_HASH=$(cat kernel_commit_hash) -KERNEL_PATCHES_DIR=$(pwd)/linux_patches -KERNEL_CONFIG_OVERRIDES=$(pwd)/kernel_config_overrides +START_DIR=$(pwd) -TMP_BUILD_DIR=$(mktemp -d -t kernel-build-XXXX) +# Separate the variant selector (first positional arg) from the --flags. The +# flags are forwarded verbatim to `confirm`, so the variant name can never be +# mistaken for an --install/--no-install/--tidy flag. +VARIANT="" +FLAGS=() +for arg in "$@"; do + case "$arg" in + --*) FLAGS+=("$arg") ;; + *) + if [ -z "$VARIANT" ]; then + VARIANT="$arg" + else + echo "Unexpected extra argument: $arg" >&2 + exit 1 + fi + ;; + esac +done + +# Default to the sole variant if exactly one exists, otherwise require a choice. +if [ -z "$VARIANT" ]; then + mapfile -t _variants < <(list_variants) + if [ "${#_variants[@]}" -eq 1 ]; then + VARIANT="${_variants[0]}" + echo "No variant specified; defaulting to the only one: $VARIANT" + else + die_with_variants "No variant specified and multiple are available." + fi +fi -START_DIR=$(pwd) +VARIANT_DIR="$START_DIR/kernels/$VARIANT" +[ -d "$VARIANT_DIR" ] || die_with_variants "Unknown variant '$VARIANT'." + +echo "Building kernel variant: $VARIANT" + +# Repository URL: per-variant override falls back to the shared root default. +if [ -f "$VARIANT_DIR/kernel_url" ]; then + KERNEL_URL=$(cat "$VARIANT_DIR/kernel_url") +else + KERNEL_URL=$(cat "$START_DIR/kernel_url") +fi + +# Commit hash and patches are per-variant. +[ -f "$VARIANT_DIR/kernel_commit_hash" ] || + die_with_variants "Variant '$VARIANT' is missing kernel_commit_hash." +KERNEL_COMMIT_HASH=$(cat "$VARIANT_DIR/kernel_commit_hash") +KERNEL_PATCHES_DIR="$VARIANT_DIR/linux_patches" + +# Config overrides: shared base first, then optional per-variant file on top. +# Order matters: merge_config.sh -m applies later files over earlier ones. +CONFIG_OVERRIDE_FILES=("$START_DIR/base_config") +if [ -f "$VARIANT_DIR/config_overrides" ]; then + CONFIG_OVERRIDE_FILES+=("$VARIANT_DIR/config_overrides") +fi + +TMP_BUILD_DIR=$(mktemp -d -t kernel-build-XXXX) cd $TMP_BUILD_DIR @@ -202,8 +279,8 @@ make olddefconfig scripts/config --disable SYSTEM_TRUSTED_KEYS scripts/config --disable SYSTEM_REVOCATION_KEYS -# Apply our config overrides on top of the config -scripts/kconfig/merge_config.sh -m .config $KERNEL_CONFIG_OVERRIDES +# Apply our config overrides on top of the config (base first, variant on top) +scripts/kconfig/merge_config.sh -m .config "${CONFIG_OVERRIDE_FILES[@]}" check_override_presence @@ -222,7 +299,8 @@ KERNEL_VERSION=$(KERNELVERSION=$(make -s kernelversion) ./scripts/setlocalversio echo "New kernel version:" $KERNEL_VERSION # Make sure a user really wants to install this kernel -confirm "$@" +# Forward only the --flags, never the variant selector. +confirm "${FLAGS[@]}" check_root diff --git a/resources/hiding_ci/kernels/6.18-amazon-linux/kernel_commit_hash b/resources/hiding_ci/kernels/6.18-amazon-linux/kernel_commit_hash new file mode 100644 index 00000000000..cbe73287733 --- /dev/null +++ b/resources/hiding_ci/kernels/6.18-amazon-linux/kernel_commit_hash @@ -0,0 +1 @@ +275d294b2b24abcd65452198551cd8a5b8d4f775 diff --git a/resources/hiding_ci/kernels/6.18-amazon-linux/kernel_url b/resources/hiding_ci/kernels/6.18-amazon-linux/kernel_url new file mode 100644 index 00000000000..e7816e768ef --- /dev/null +++ b/resources/hiding_ci/kernels/6.18-amazon-linux/kernel_url @@ -0,0 +1 @@ +https://github.com/amazonlinux/linux.git diff --git a/resources/hiding_ci/kernel_commit_hash b/resources/hiding_ci/kernels/6.18-secret-hiding/kernel_commit_hash similarity index 100% rename from resources/hiding_ci/kernel_commit_hash rename to resources/hiding_ci/kernels/6.18-secret-hiding/kernel_commit_hash diff --git a/resources/hiding_ci/linux_patches/05-numa/0001-mm-filemap-Add-NUMA-mempolicy-support-to-filemap_all.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0001-mm-filemap-Add-NUMA-mempolicy-support-to-filemap_all.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0001-mm-filemap-Add-NUMA-mempolicy-support-to-filemap_all.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0001-mm-filemap-Add-NUMA-mempolicy-support-to-filemap_all.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0002-mm-filemap-Extend-__filemap_get_folio-to-support-NUM.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0002-mm-filemap-Extend-__filemap_get_folio-to-support-NUM.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0002-mm-filemap-Extend-__filemap_get_folio-to-support-NUM.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0002-mm-filemap-Extend-__filemap_get_folio-to-support-NUM.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0003-mm-mempolicy-Export-memory-policy-symbols.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0003-mm-mempolicy-Export-memory-policy-symbols.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0003-mm-mempolicy-Export-memory-policy-symbols.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0003-mm-mempolicy-Export-memory-policy-symbols.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0004-KVM-guest_memfd-move-kvm_gmem_get_index-and-use-in-k.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0004-KVM-guest_memfd-move-kvm_gmem_get_index-and-use-in-k.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0004-KVM-guest_memfd-move-kvm_gmem_get_index-and-use-in-k.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0004-KVM-guest_memfd-move-kvm_gmem_get_index-and-use-in-k.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0005-KVM-guest_memfd-remove-redundant-gmem-variable-initi.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0005-KVM-guest_memfd-remove-redundant-gmem-variable-initi.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0005-KVM-guest_memfd-remove-redundant-gmem-variable-initi.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0005-KVM-guest_memfd-remove-redundant-gmem-variable-initi.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0006-KVM-guest_memfd-use-folio_nr_pages-instead-of-shift-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0006-KVM-guest_memfd-use-folio_nr_pages-instead-of-shift-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0006-KVM-guest_memfd-use-folio_nr_pages-instead-of-shift-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0006-KVM-guest_memfd-use-folio_nr_pages-instead-of-shift-.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0007-KVM-guest_memfd-Drop-a-superfluous-local-var-in-kvm_.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0007-KVM-guest_memfd-Drop-a-superfluous-local-var-in-kvm_.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0007-KVM-guest_memfd-Drop-a-superfluous-local-var-in-kvm_.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0007-KVM-guest_memfd-Drop-a-superfluous-local-var-in-kvm_.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0008-Revert-KVM-guest_memfd-Remove-bindings-on-memslot-de.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0008-Revert-KVM-guest_memfd-Remove-bindings-on-memslot-de.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0008-Revert-KVM-guest_memfd-Remove-bindings-on-memslot-de.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0008-Revert-KVM-guest_memfd-Remove-bindings-on-memslot-de.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0009-KVM-guest_memfd-Rename-struct-kvm_gmem-to-struct-gme.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0009-KVM-guest_memfd-Rename-struct-kvm_gmem-to-struct-gme.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0009-KVM-guest_memfd-Rename-struct-kvm_gmem-to-struct-gme.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0009-KVM-guest_memfd-Rename-struct-kvm_gmem-to-struct-gme.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0010-KVM-guest_memfd-Add-macro-to-iterate-over-gmem_files.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0010-KVM-guest_memfd-Add-macro-to-iterate-over-gmem_files.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0010-KVM-guest_memfd-Add-macro-to-iterate-over-gmem_files.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0010-KVM-guest_memfd-Add-macro-to-iterate-over-gmem_files.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0011-KVM-guest_memfd-Use-guest-mem-inodes-instead-of-anon.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0011-KVM-guest_memfd-Use-guest-mem-inodes-instead-of-anon.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0011-KVM-guest_memfd-Use-guest-mem-inodes-instead-of-anon.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0011-KVM-guest_memfd-Use-guest-mem-inodes-instead-of-anon.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0012-KVM-guest_memfd-Add-slab-allocated-inode-cache.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0012-KVM-guest_memfd-Add-slab-allocated-inode-cache.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0012-KVM-guest_memfd-Add-slab-allocated-inode-cache.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0012-KVM-guest_memfd-Add-slab-allocated-inode-cache.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0013-KVM-guest_memfd-Enforce-NUMA-mempolicy-using-shared-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0013-KVM-guest_memfd-Enforce-NUMA-mempolicy-using-shared-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0013-KVM-guest_memfd-Enforce-NUMA-mempolicy-using-shared-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0013-KVM-guest_memfd-Enforce-NUMA-mempolicy-using-shared-.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0014-KVM-selftests-Define-wrappers-for-common-syscalls-to.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0014-KVM-selftests-Define-wrappers-for-common-syscalls-to.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0014-KVM-selftests-Define-wrappers-for-common-syscalls-to.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0014-KVM-selftests-Define-wrappers-for-common-syscalls-to.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0015-KVM-selftests-Report-stacktraces-SIGBUS-SIGSEGV-SIGI.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0015-KVM-selftests-Report-stacktraces-SIGBUS-SIGSEGV-SIGI.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0015-KVM-selftests-Report-stacktraces-SIGBUS-SIGSEGV-SIGI.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0015-KVM-selftests-Report-stacktraces-SIGBUS-SIGSEGV-SIGI.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0016-KVM-selftests-Add-additional-equivalents-to-libnuma-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0016-KVM-selftests-Add-additional-equivalents-to-libnuma-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0016-KVM-selftests-Add-additional-equivalents-to-libnuma-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0016-KVM-selftests-Add-additional-equivalents-to-libnuma-.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0017-KVM-selftests-Use-proper-uAPI-headers-to-pick-up-mem.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0017-KVM-selftests-Use-proper-uAPI-headers-to-pick-up-mem.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0017-KVM-selftests-Use-proper-uAPI-headers-to-pick-up-mem.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0017-KVM-selftests-Use-proper-uAPI-headers-to-pick-up-mem.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0018-KVM-selftests-Add-helpers-to-probe-for-NUMA-support-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0018-KVM-selftests-Add-helpers-to-probe-for-NUMA-support-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0018-KVM-selftests-Add-helpers-to-probe-for-NUMA-support-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0018-KVM-selftests-Add-helpers-to-probe-for-NUMA-support-.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0019-KVM-selftests-Add-guest_memfd-tests-for-mmap-and-NUM.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0019-KVM-selftests-Add-guest_memfd-tests-for-mmap-and-NUM.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0019-KVM-selftests-Add-guest_memfd-tests-for-mmap-and-NUM.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0019-KVM-selftests-Add-guest_memfd-tests-for-mmap-and-NUM.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0020-KVM-guest_memfd-Add-gmem_inode.flags-field-instead-o.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0020-KVM-guest_memfd-Add-gmem_inode.flags-field-instead-o.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0020-KVM-guest_memfd-Add-gmem_inode.flags-field-instead-o.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0020-KVM-guest_memfd-Add-gmem_inode.flags-field-instead-o.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0021-KVM-guest_memfd-Define-a-CLASS-to-get-put-guest_memf.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0021-KVM-guest_memfd-Define-a-CLASS-to-get-put-guest_memf.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0021-KVM-guest_memfd-Define-a-CLASS-to-get-put-guest_memf.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0021-KVM-guest_memfd-Define-a-CLASS-to-get-put-guest_memf.patch diff --git a/resources/hiding_ci/linux_patches/05-numa/0022-KVM-selftests-Rename-guest_paddr-variables-to-gpa.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0022-KVM-selftests-Rename-guest_paddr-variables-to-gpa.patch similarity index 100% rename from resources/hiding_ci/linux_patches/05-numa/0022-KVM-selftests-Rename-guest_paddr-variables-to-gpa.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/05-numa/0022-KVM-selftests-Rename-guest_paddr-variables-to-gpa.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0023-set_memory-set_direct_map_-to-take-address.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0023-set_memory-set_direct_map_-to-take-address.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0023-set_memory-set_direct_map_-to-take-address.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0023-set_memory-set_direct_map_-to-take-address.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0024-set_memory-add-folio_-zap-restore-_direct_map-helper.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0024-set_memory-add-folio_-zap-restore-_direct_map-helper.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0024-set_memory-add-folio_-zap-restore-_direct_map-helper.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0024-set_memory-add-folio_-zap-restore-_direct_map-helper.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0025-mm-secretmem-make-use-of-folio_-zap-restore-_direct_.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0025-mm-secretmem-make-use-of-folio_-zap-restore-_direct_.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0025-mm-secretmem-make-use-of-folio_-zap-restore-_direct_.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0025-mm-secretmem-make-use-of-folio_-zap-restore-_direct_.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0026-mm-gup-drop-secretmem-optimization-from-gup_fast_fol.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0026-mm-gup-drop-secretmem-optimization-from-gup_fast_fol.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0026-mm-gup-drop-secretmem-optimization-from-gup_fast_fol.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0026-mm-gup-drop-secretmem-optimization-from-gup_fast_fol.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0027-mm-gup-drop-local-variable-in-gup_fast_folio_allowed.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0027-mm-gup-drop-local-variable-in-gup_fast_folio_allowed.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0027-mm-gup-drop-local-variable-in-gup_fast_folio_allowed.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0027-mm-gup-drop-local-variable-in-gup_fast_folio_allowed.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0028-mm-introduce-AS_NO_DIRECT_MAP.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0028-mm-introduce-AS_NO_DIRECT_MAP.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0028-mm-introduce-AS_NO_DIRECT_MAP.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0028-mm-introduce-AS_NO_DIRECT_MAP.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0029-KVM-guest_memfd-Add-stub-for-kvm_arch_gmem_invalidat.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0029-KVM-guest_memfd-Add-stub-for-kvm_arch_gmem_invalidat.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0029-KVM-guest_memfd-Add-stub-for-kvm_arch_gmem_invalidat.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0029-KVM-guest_memfd-Add-stub-for-kvm_arch_gmem_invalidat.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0030-KVM-x86-define-kvm_arch_gmem_supports_no_direct_map.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0030-KVM-x86-define-kvm_arch_gmem_supports_no_direct_map.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0030-KVM-x86-define-kvm_arch_gmem_supports_no_direct_map.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0030-KVM-x86-define-kvm_arch_gmem_supports_no_direct_map.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0031-KVM-arm64-define-kvm_arch_gmem_supports_no_direct_ma.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0031-KVM-arm64-define-kvm_arch_gmem_supports_no_direct_ma.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0031-KVM-arm64-define-kvm_arch_gmem_supports_no_direct_ma.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0031-KVM-arm64-define-kvm_arch_gmem_supports_no_direct_ma.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0032-KVM-guest_memfd-Add-flag-to-remove-from-direct-map.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0032-KVM-guest_memfd-Add-flag-to-remove-from-direct-map.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0032-KVM-guest_memfd-Add-flag-to-remove-from-direct-map.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0032-KVM-guest_memfd-Add-flag-to-remove-from-direct-map.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0033-KVM-selftests-load-elf-via-bounce-buffer.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0033-KVM-selftests-load-elf-via-bounce-buffer.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0033-KVM-selftests-load-elf-via-bounce-buffer.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0033-KVM-selftests-load-elf-via-bounce-buffer.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0034-KVM-selftests-set-KVM_MEM_GUEST_MEMFD-in-vm_mem_add-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0034-KVM-selftests-set-KVM_MEM_GUEST_MEMFD-in-vm_mem_add-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0034-KVM-selftests-set-KVM_MEM_GUEST_MEMFD-in-vm_mem_add-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0034-KVM-selftests-set-KVM_MEM_GUEST_MEMFD-in-vm_mem_add-.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0035-KVM-selftests-Add-guest_memfd-based-vm_mem_backing_s.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0035-KVM-selftests-Add-guest_memfd-based-vm_mem_backing_s.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0035-KVM-selftests-Add-guest_memfd-based-vm_mem_backing_s.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0035-KVM-selftests-Add-guest_memfd-based-vm_mem_backing_s.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0036-KVM-selftests-cover-GUEST_MEMFD_FLAG_NO_DIRECT_MAP-i.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0036-KVM-selftests-cover-GUEST_MEMFD_FLAG_NO_DIRECT_MAP-i.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0036-KVM-selftests-cover-GUEST_MEMFD_FLAG_NO_DIRECT_MAP-i.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0036-KVM-selftests-cover-GUEST_MEMFD_FLAG_NO_DIRECT_MAP-i.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0037-KVM-selftests-stuff-vm_mem_backing_src_type-into-vm_.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0037-KVM-selftests-stuff-vm_mem_backing_src_type-into-vm_.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0037-KVM-selftests-stuff-vm_mem_backing_src_type-into-vm_.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0037-KVM-selftests-stuff-vm_mem_backing_src_type-into-vm_.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0038-KVM-selftests-Test-guest-execution-from-direct-map-r.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0038-KVM-selftests-Test-guest-execution-from-direct-map-r.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0038-KVM-selftests-Test-guest-execution-from-direct-map-r.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0038-KVM-selftests-Test-guest-execution-from-direct-map-r.patch diff --git a/resources/hiding_ci/linux_patches/10-direct-map-removal/0039-internal-x86-conditional-tlb-flush-after-zapping-dir.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0039-internal-x86-conditional-tlb-flush-after-zapping-dir.patch similarity index 100% rename from resources/hiding_ci/linux_patches/10-direct-map-removal/0039-internal-x86-conditional-tlb-flush-after-zapping-dir.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/10-direct-map-removal/0039-internal-x86-conditional-tlb-flush-after-zapping-dir.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0040-KVM-pfncache-Add-guest_memfd-support-to-pfncache.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0040-KVM-pfncache-Add-guest_memfd-support-to-pfncache.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0040-KVM-pfncache-Add-guest_memfd-support-to-pfncache.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0040-KVM-pfncache-Add-guest_memfd-support-to-pfncache.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0041-KVM-pfncache-Resolve-PFNs-via-kvm_gmem_get_pfn-for-g.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0041-KVM-pfncache-Resolve-PFNs-via-kvm_gmem_get_pfn-for-g.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0041-KVM-pfncache-Resolve-PFNs-via-kvm_gmem_get_pfn-for-g.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0041-KVM-pfncache-Resolve-PFNs-via-kvm_gmem_get_pfn-for-g.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0042-KVM-pfncache-Obtain-KHVA-via-vmap-for-gmem-with-NO_D.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0042-KVM-pfncache-Obtain-KHVA-via-vmap-for-gmem-with-NO_D.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0042-KVM-pfncache-Obtain-KHVA-via-vmap-for-gmem-with-NO_D.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0042-KVM-pfncache-Obtain-KHVA-via-vmap-for-gmem-with-NO_D.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0043-KVM-Rename-invalidate_begin-to-invalidate_start-for-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0043-KVM-Rename-invalidate_begin-to-invalidate_start-for-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0043-KVM-Rename-invalidate_begin-to-invalidate_start-for-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0043-KVM-Rename-invalidate_begin-to-invalidate_start-for-.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0044-KVM-pfncache-Rename-invalidate_start-helper.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0044-KVM-pfncache-Rename-invalidate_start-helper.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0044-KVM-pfncache-Rename-invalidate_start-helper.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0044-KVM-pfncache-Rename-invalidate_start-helper.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0045-KVM-Rename-mn_-invalidate-related-fields-to-generic-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0045-KVM-Rename-mn_-invalidate-related-fields-to-generic-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0045-KVM-Rename-mn_-invalidate-related-fields-to-generic-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0045-KVM-Rename-mn_-invalidate-related-fields-to-generic-.patch diff --git a/resources/hiding_ci/linux_patches/11-kvm-clock/0046-KVM-pfncache-Invalidate-on-gmem-invalidation-and-mem.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0046-KVM-pfncache-Invalidate-on-gmem-invalidation-and-mem.patch similarity index 100% rename from resources/hiding_ci/linux_patches/11-kvm-clock/0046-KVM-pfncache-Invalidate-on-gmem-invalidation-and-mem.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/11-kvm-clock/0046-KVM-pfncache-Invalidate-on-gmem-invalidation-and-mem.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0047-KVM-Add-KVM_MEM_USERFAULT-memslot-flag-and-bitmap.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0047-KVM-Add-KVM_MEM_USERFAULT-memslot-flag-and-bitmap.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0047-KVM-Add-KVM_MEM_USERFAULT-memslot-flag-and-bitmap.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0047-KVM-Add-KVM_MEM_USERFAULT-memslot-flag-and-bitmap.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0048-KVM-Add-KVM_MEMORY_EXIT_FLAG_USERFAULT.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0048-KVM-Add-KVM_MEMORY_EXIT_FLAG_USERFAULT.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0048-KVM-Add-KVM_MEMORY_EXIT_FLAG_USERFAULT.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0048-KVM-Add-KVM_MEMORY_EXIT_FLAG_USERFAULT.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0049-KVM-Allow-late-setting-of-KVM_MEM_USERFAULT-on-guest.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0049-KVM-Allow-late-setting-of-KVM_MEM_USERFAULT-on-guest.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0049-KVM-Allow-late-setting-of-KVM_MEM_USERFAULT-on-guest.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0049-KVM-Allow-late-setting-of-KVM_MEM_USERFAULT-on-guest.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0050-KVM-x86-mmu-Add-support-for-KVM_MEM_USERFAULT.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0050-KVM-x86-mmu-Add-support-for-KVM_MEM_USERFAULT.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0050-KVM-x86-mmu-Add-support-for-KVM_MEM_USERFAULT.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0050-KVM-x86-mmu-Add-support-for-KVM_MEM_USERFAULT.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0051-KVM-Advertise-KVM_CAP_USERFAULT-in-KVM_CHECK_EXTENSI.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0051-KVM-Advertise-KVM_CAP_USERFAULT-in-KVM_CHECK_EXTENSI.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0051-KVM-Advertise-KVM_CAP_USERFAULT-in-KVM_CHECK_EXTENSI.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0051-KVM-Advertise-KVM_CAP_USERFAULT-in-KVM_CHECK_EXTENSI.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0052-KVM-selftests-Fix-vm_mem_region_set_flags-docstring.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0052-KVM-selftests-Fix-vm_mem_region_set_flags-docstring.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0052-KVM-selftests-Fix-vm_mem_region_set_flags-docstring.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0052-KVM-selftests-Fix-vm_mem_region_set_flags-docstring.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0053-KVM-arm64-Add-support-for-KVM_MEM_USERFAULT.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0053-KVM-arm64-Add-support-for-KVM_MEM_USERFAULT.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0053-KVM-arm64-Add-support-for-KVM_MEM_USERFAULT.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0053-KVM-arm64-Add-support-for-KVM_MEM_USERFAULT.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0054-KVM-selftests-Fix-prefault_mem-logic.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0054-KVM-selftests-Fix-prefault_mem-logic.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0054-KVM-selftests-Fix-prefault_mem-logic.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0054-KVM-selftests-Fix-prefault_mem-logic.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0055-KVM-selftests-Add-va_start-end-into-uffd_desc.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0055-KVM-selftests-Add-va_start-end-into-uffd_desc.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0055-KVM-selftests-Add-va_start-end-into-uffd_desc.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0055-KVM-selftests-Add-va_start-end-into-uffd_desc.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0056-KVM-selftests-Add-KVM-Userfault-mode-to-demand_pagin.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0056-KVM-selftests-Add-KVM-Userfault-mode-to-demand_pagin.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0056-KVM-selftests-Add-KVM-Userfault-mode-to-demand_pagin.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0056-KVM-selftests-Add-KVM-Userfault-mode-to-demand_pagin.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0057-KVM-selftests-Inform-set_memory_region_test-of-KVM_M.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0057-KVM-selftests-Inform-set_memory_region_test-of-KVM_M.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0057-KVM-selftests-Inform-set_memory_region_test-of-KVM_M.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0057-KVM-selftests-Inform-set_memory_region_test-of-KVM_M.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0058-KVM-selftests-Add-KVM_MEM_USERFAULT-guest_memfd-togg.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0058-KVM-selftests-Add-KVM_MEM_USERFAULT-guest_memfd-togg.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0058-KVM-selftests-Add-KVM_MEM_USERFAULT-guest_memfd-togg.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0058-KVM-selftests-Add-KVM_MEM_USERFAULT-guest_memfd-togg.patch diff --git a/resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0059-KVM-Documentation-Add-KVM_CAP_USERFAULT-and-KVM_MEM_.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0059-KVM-Documentation-Add-KVM_CAP_USERFAULT-and-KVM_MEM_.patch similarity index 100% rename from resources/hiding_ci/linux_patches/15-kvm-mem-userfault/0059-KVM-Documentation-Add-KVM_CAP_USERFAULT-and-KVM_MEM_.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/15-kvm-mem-userfault/0059-KVM-Documentation-Add-KVM_CAP_USERFAULT-and-KVM_MEM_.patch diff --git a/resources/hiding_ci/linux_patches/20-gmem-write/0060-KVM-guest_memfd-add-generic-population-via-write.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/20-gmem-write/0060-KVM-guest_memfd-add-generic-population-via-write.patch similarity index 100% rename from resources/hiding_ci/linux_patches/20-gmem-write/0060-KVM-guest_memfd-add-generic-population-via-write.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/20-gmem-write/0060-KVM-guest_memfd-add-generic-population-via-write.patch diff --git a/resources/hiding_ci/linux_patches/20-gmem-write/0061-KVM-selftests-update-guest_memfd-write-tests.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/20-gmem-write/0061-KVM-selftests-update-guest_memfd-write-tests.patch similarity index 100% rename from resources/hiding_ci/linux_patches/20-gmem-write/0061-KVM-selftests-update-guest_memfd-write-tests.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/20-gmem-write/0061-KVM-selftests-update-guest_memfd-write-tests.patch diff --git a/resources/hiding_ci/linux_patches/20-gmem-write/0062-fixup-for-write-and-direct-map-removal.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/20-gmem-write/0062-fixup-for-write-and-direct-map-removal.patch similarity index 100% rename from resources/hiding_ci/linux_patches/20-gmem-write/0062-fixup-for-write-and-direct-map-removal.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/20-gmem-write/0062-fixup-for-write-and-direct-map-removal.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0063-userfaultfd-introduce-mfill_copy_folio_locked-helper.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0063-userfaultfd-introduce-mfill_copy_folio_locked-helper.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0063-userfaultfd-introduce-mfill_copy_folio_locked-helper.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0063-userfaultfd-introduce-mfill_copy_folio_locked-helper.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0064-userfaultfd-introduce-struct-mfill_state.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0064-userfaultfd-introduce-struct-mfill_state.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0064-userfaultfd-introduce-struct-mfill_state.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0064-userfaultfd-introduce-struct-mfill_state.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0065-userfaultfd-introduce-mfill_get_pmd-helper.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0065-userfaultfd-introduce-mfill_get_pmd-helper.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0065-userfaultfd-introduce-mfill_get_pmd-helper.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0065-userfaultfd-introduce-mfill_get_pmd-helper.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0066-userfaultfd-introduce-mfill_get_vma-and-mfill_put_vm.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0066-userfaultfd-introduce-mfill_get_vma-and-mfill_put_vm.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0066-userfaultfd-introduce-mfill_get_vma-and-mfill_put_vm.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0066-userfaultfd-introduce-mfill_get_vma-and-mfill_put_vm.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0067-WARNING-in-folio_add_new_anon_rmap.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0067-WARNING-in-folio_add_new_anon_rmap.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0067-WARNING-in-folio_add_new_anon_rmap.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0067-WARNING-in-folio_add_new_anon_rmap.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0068-userfaultfd-unassigned-vma-leads-to-a-potential-unre.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0068-userfaultfd-unassigned-vma-leads-to-a-potential-unre.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0068-userfaultfd-unassigned-vma-leads-to-a-potential-unre.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0068-userfaultfd-unassigned-vma-leads-to-a-potential-unre.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0069-userfaultfd-retry-copying-with-locks-dropped-in-mfil.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0069-userfaultfd-retry-copying-with-locks-dropped-in-mfil.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0069-userfaultfd-retry-copying-with-locks-dropped-in-mfil.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0069-userfaultfd-retry-copying-with-locks-dropped-in-mfil.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0070-userfaultfd-move-vma_can_userfault-out-of-line.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0070-userfaultfd-move-vma_can_userfault-out-of-line.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0070-userfaultfd-move-vma_can_userfault-out-of-line.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0070-userfaultfd-move-vma_can_userfault-out-of-line.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0071-userfaultfd-introduce-vm_uffd_ops.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0071-userfaultfd-introduce-vm_uffd_ops.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0071-userfaultfd-introduce-vm_uffd_ops.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0071-userfaultfd-introduce-vm_uffd_ops.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0072-userfaultfd-introduce-vm_uffd_ops.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0072-userfaultfd-introduce-vm_uffd_ops.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0072-userfaultfd-introduce-vm_uffd_ops.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0072-userfaultfd-introduce-vm_uffd_ops.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0073-shmem-userfaultfd-use-a-VMA-callback-to-handle-UFFDI.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0073-shmem-userfaultfd-use-a-VMA-callback-to-handle-UFFDI.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0073-shmem-userfaultfd-use-a-VMA-callback-to-handle-UFFDI.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0073-shmem-userfaultfd-use-a-VMA-callback-to-handle-UFFDI.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0074-userfaultfd-introduce-vm_uffd_ops-alloc_folio.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0074-userfaultfd-introduce-vm_uffd_ops-alloc_folio.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0074-userfaultfd-introduce-vm_uffd_ops-alloc_folio.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0074-userfaultfd-introduce-vm_uffd_ops-alloc_folio.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0075-shmem-userfaultfd-implement-shmem-uffd-operations-us.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0075-shmem-userfaultfd-implement-shmem-uffd-operations-us.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0075-shmem-userfaultfd-implement-shmem-uffd-operations-us.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0075-shmem-userfaultfd-implement-shmem-uffd-operations-us.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0076-userfaultfd-mfill_atomic-remove-retry-logic.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0076-userfaultfd-mfill_atomic-remove-retry-logic.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0076-userfaultfd-mfill_atomic-remove-retry-logic.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0076-userfaultfd-mfill_atomic-remove-retry-logic.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0077-mm-generalize-handling-of-userfaults-in-__do_fault.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0077-mm-generalize-handling-of-userfaults-in-__do_fault.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0077-mm-generalize-handling-of-userfaults-in-__do_fault.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0077-mm-generalize-handling-of-userfaults-in-__do_fault.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0078-KVM-guest_memfd-implement-userfaultfd-operations.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0078-KVM-guest_memfd-implement-userfaultfd-operations.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0078-KVM-guest_memfd-implement-userfaultfd-operations.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0078-KVM-guest_memfd-implement-userfaultfd-operations.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0079-KVM-selftests-test-userfaultfd-minor-for-guest_memfd.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0079-KVM-selftests-test-userfaultfd-minor-for-guest_memfd.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0079-KVM-selftests-test-userfaultfd-minor-for-guest_memfd.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0079-KVM-selftests-test-userfaultfd-minor-for-guest_memfd.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0080-KVM-selftests-test-userfaultfd-missing-for-guest_mem.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0080-KVM-selftests-test-userfaultfd-missing-for-guest_mem.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0080-KVM-selftests-test-userfaultfd-missing-for-guest_mem.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0080-KVM-selftests-test-userfaultfd-missing-for-guest_mem.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0081-fixup-for-uffd-export-mm-symbols.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0081-fixup-for-uffd-export-mm-symbols.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0081-fixup-for-uffd-export-mm-symbols.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0081-fixup-for-uffd-export-mm-symbols.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0082-fixup-for-uffd-v6.18.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0082-fixup-for-uffd-v6.18.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0082-fixup-for-uffd-v6.18.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0082-fixup-for-uffd-v6.18.patch diff --git a/resources/hiding_ci/linux_patches/25-gmem-uffd/0083-fixup-for-uffd-dmr.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0083-fixup-for-uffd-dmr.patch similarity index 100% rename from resources/hiding_ci/linux_patches/25-gmem-uffd/0083-fixup-for-uffd-dmr.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/25-gmem-uffd/0083-fixup-for-uffd-dmr.patch diff --git a/resources/hiding_ci/linux_patches/50-srcu/0084-srcu-Declare-exported-symbols-before-including-srcu-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/50-srcu/0084-srcu-Declare-exported-symbols-before-including-srcu-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/50-srcu/0084-srcu-Declare-exported-symbols-before-including-srcu-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/50-srcu/0084-srcu-Declare-exported-symbols-before-including-srcu-.patch diff --git a/resources/hiding_ci/linux_patches/50-srcu/0085-srcu-Add-and-export-call_srcu_expedited-to-avoid-tra.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/50-srcu/0085-srcu-Add-and-export-call_srcu_expedited-to-avoid-tra.patch similarity index 100% rename from resources/hiding_ci/linux_patches/50-srcu/0085-srcu-Add-and-export-call_srcu_expedited-to-avoid-tra.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/50-srcu/0085-srcu-Add-and-export-call_srcu_expedited-to-avoid-tra.patch diff --git a/resources/hiding_ci/linux_patches/50-srcu/0086-KVM-Expedite-SRCU-callbacks-when-freeing-objects-dur.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/50-srcu/0086-KVM-Expedite-SRCU-callbacks-when-freeing-objects-dur.patch similarity index 100% rename from resources/hiding_ci/linux_patches/50-srcu/0086-KVM-Expedite-SRCU-callbacks-when-freeing-objects-dur.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/50-srcu/0086-KVM-Expedite-SRCU-callbacks-when-freeing-objects-dur.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0087-KVM-async_pf-Convert-queued-count-to-atomic-and-tigh.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0087-KVM-async_pf-Convert-queued-count-to-atomic-and-tigh.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0087-KVM-async_pf-Convert-queued-count-to-atomic-and-tigh.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0087-KVM-async_pf-Convert-queued-count-to-atomic-and-tigh.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0088-KVM-async_pf-Add-userfaultfd-async-page-fault-defini.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0088-KVM-async_pf-Add-userfaultfd-async-page-fault-defini.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0088-KVM-async_pf-Add-userfaultfd-async-page-fault-defini.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0088-KVM-async_pf-Add-userfaultfd-async-page-fault-defini.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0089-KVM-async_pf-Implement-userfaultfd-async-page-fault-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0089-KVM-async_pf-Implement-userfaultfd-async-page-fault-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0089-KVM-async_pf-Implement-userfaultfd-async-page-fault-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0089-KVM-async_pf-Implement-userfaultfd-async-page-fault-.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0090-KVM-Add-KVM_ASYNC_PF-ioctl-and-auto-complete-pending.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0090-KVM-Add-KVM_ASYNC_PF-ioctl-and-auto-complete-pending.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0090-KVM-Add-KVM_ASYNC_PF-ioctl-and-auto-complete-pending.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0090-KVM-Add-KVM_ASYNC_PF-ioctl-and-auto-complete-pending.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0091-KVM-x86-mmu-Integrate-userfaultfd-async-page-faults-.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0091-KVM-x86-mmu-Integrate-userfaultfd-async-page-faults-.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0091-KVM-x86-mmu-Integrate-userfaultfd-async-page-faults-.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0091-KVM-x86-mmu-Integrate-userfaultfd-async-page-faults-.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0092-KVM-x86-Advertise-userfault-async-page-faults.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0092-KVM-x86-Advertise-userfault-async-page-faults.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0092-KVM-x86-Advertise-userfault-async-page-faults.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0092-KVM-x86-Advertise-userfault-async-page-faults.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0093-KVM-x86-Add-exitless-async-page-fault-notification-v.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0093-KVM-x86-Add-exitless-async-page-fault-notification-v.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0093-KVM-x86-Add-exitless-async-page-fault-notification-v.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0093-KVM-x86-Add-exitless-async-page-fault-notification-v.patch diff --git a/resources/hiding_ci/linux_patches/60-async-pf/0094-KVM-x86-Advertise-exitless-userfault-async-page-faul.patch b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0094-KVM-x86-Advertise-exitless-userfault-async-page-faul.patch similarity index 100% rename from resources/hiding_ci/linux_patches/60-async-pf/0094-KVM-x86-Advertise-exitless-userfault-async-page-faul.patch rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/60-async-pf/0094-KVM-x86-Advertise-exitless-userfault-async-page-faul.patch diff --git a/resources/hiding_ci/linux_patches/GPL-2.0 b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/GPL-2.0 similarity index 100% rename from resources/hiding_ci/linux_patches/GPL-2.0 rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/GPL-2.0 diff --git a/resources/hiding_ci/linux_patches/README.md b/resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/README.md similarity index 100% rename from resources/hiding_ci/linux_patches/README.md rename to resources/hiding_ci/kernels/6.18-secret-hiding/linux_patches/README.md diff --git a/tests/integration_tests/build/test_hiding_kernel.py b/tests/integration_tests/build/test_hiding_kernel.py index 1d76b31260f..637c52cad80 100644 --- a/tests/integration_tests/build/test_hiding_kernel.py +++ b/tests/integration_tests/build/test_hiding_kernel.py @@ -1,17 +1,33 @@ # Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 -"""A test which checks that the secret hiding enable kernel builds successfully.""" +"""A test which checks that the secret hiding kernel variants build successfully.""" + +from pathlib import Path import pytest from framework import utils +# Tests run with `tests/` as the working directory, so the hiding CI assets live +# one level up under `resources/`. +HIDING_CI_DIR = Path("../resources/hiding_ci") +KERNELS_DIR = HIDING_CI_DIR / "kernels" + + +def _discover_variants(): + """Discover the kernel variants available under hiding_ci/kernels.""" + if not KERNELS_DIR.is_dir(): + return [] + return sorted(p.name for p in KERNELS_DIR.iterdir() if p.is_dir()) + @pytest.mark.timeout(600) @pytest.mark.secret_hiding -def test_build_hiding_kernel(): +@pytest.mark.parametrize("variant", _discover_variants()) +def test_build_hiding_kernel(variant): """ - In the test we will run our kernel build script to check it succeeds and builds the hidden kernel + In the test we will run our kernel build script for each secret hiding + variant to check it succeeds and builds the hidden kernel """ # We have some extra deps for building the kernel that are not in the dev container @@ -26,5 +42,5 @@ def test_build_hiding_kernel(): utils.check_output('git config --global user.email "ci@email.com"') utils.check_output( - "cd ../resources/hiding_ci; ./build_and_install_kernel.sh --no-install --tidy" + f"cd {HIDING_CI_DIR}; ./build_and_install_kernel.sh {variant} --no-install --tidy" )