Skip to content
Ghaf Framework

Release ghaf-26.04.1

This is monthly Ghaf release which has been fully tested on Nvidia Orin NX, Nvidia Orin AGX, Lenovo X1 Carbon Gen11 and System76 Darter Pro platforms

Release Tag

Section titled “Release Tag”

https://github.com/tiiuae/ghaf/releases/tag/ghaf-26.04.1

Supported Hardware

Section titled “Supported Hardware”

The following target hardware is supported by this release:

  • NVIDIA Jetson Orin AGX
  • NVIDIA Jetson Orin NX
  • Lenovo ThinkPad X1 Carbon Gen 10/11/12/13, Gen9 2-in-1
  • Lenovo T14 AMD
  • Dell Latitude 7230, 7330
  • Alienware M18
  • System76 Darter Pro
  • NXP i.MX 8M Plus

What’s Changed

Section titled “What’s Changed”
  • overlay hunt: refactor qemu_kvm from global overlay to module by @vadika in https://github.com/tiiuae/ghaf/pull/1844
  • docs: add 26.03.1 release note by @clayhill66 in https://github.com/tiiuae/ghaf/pull/1878
  • version bump by @brianmcgillion in https://github.com/tiiuae/ghaf/pull/1879
  • Bump: March end and few improvements by @vunnyso in https://github.com/tiiuae/ghaf/pull/1859
  • optimize(eval): template installer ISOs to single NixOS evaluation by @henrirosten in https://github.com/tiiuae/ghaf/pull/1877
  • docs: bump versions by @brianmcgillion in https://github.com/tiiuae/ghaf/pull/1880
  • overlay hunt: remove unused gtklock overlay and leftover .orig file by @vadika in https://github.com/tiiuae/ghaf/pull/1874
  • fix(systemd): suppress tmpfiles %b specifier errors by @vadika in https://github.com/tiiuae/ghaf/pull/1873
  • fix(firewall): preserve blacklist mark through nat prerouting by @enesoztrk in https://github.com/tiiuae/ghaf/pull/1885
  • jetson-orin: use XML-aware splicing for flash partition layout by @Mic92 in https://github.com/tiiuae/ghaf/pull/1849
  • SPIRE integration by @gngram in https://github.com/tiiuae/ghaf/pull/1837
  • givc: systray support via dbus proxy by @enesoztrk in https://github.com/tiiuae/ghaf/pull/1791
  • [spire] enable join token node attestation by @gngram in https://github.com/tiiuae/ghaf/pull/1881
  • fix(power): keep display on during suspension; virtiofs: enable cache by @kajusnau in https://github.com/tiiuae/ghaf/pull/1887
  • build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1891
  • build(deps): bump cachix/install-nix-action from 31.10.3 to 31.10.4 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1893
  • build(deps): bump step-security/harden-runner from 2.16.0 to 2.17.0 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1892
  • fix(suspend): fix lid close suspend not resuming properly by @kajusnau in https://github.com/tiiuae/ghaf/pull/1901
  • Clean up verity code, fix known issues by @avnik in https://github.com/tiiuae/ghaf/pull/1861
  • optimize(eval): make cross target packages lazy by @henrirosten in https://github.com/tiiuae/ghaf/pull/1890
  • Fix intel-laptop target by @nesteroff in https://github.com/tiiuae/ghaf/pull/1875
  • Apply firewall dynamic rules through policy update using iptables by @gngram in https://github.com/tiiuae/ghaf/pull/1886
  • ci: add conventional commits check github action by @kajusnau in https://github.com/tiiuae/ghaf/pull/1897
  • ci: add workflow to label stale issues and PRs by @kajusnau in https://github.com/tiiuae/ghaf/pull/1898
  • bump: april bump by @kajusnau in https://github.com/tiiuae/ghaf/pull/1900
  • build(deps): bump github/codeql-action from 4.35.1 to 4.35.2 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1903
  • build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1905
  • build(deps): bump tj-actions/changed-files from 47.0.5 to 47.0.6 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1902
  • fix(audit): gate verbose audit OSPP success rules by @everton-dematos in https://github.com/tiiuae/ghaf/pull/1889
  • fix(sys-tray): hide waypipe apps to tray on window close by @enesoztrk in https://github.com/tiiuae/ghaf/pull/1907
  • refactor(zathura): rename, refactor, add video file handling by @kajusnau in https://github.com/tiiuae/ghaf/pull/1908
  • build(deps): bump step-security/harden-runner from 2.17.0 to 2.19.0 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1904
  • build(deps): bump cachix/install-nix-action from 31.10.4 to 31.10.5 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1910
  • build(deps): bump webiny/action-conventional-commits from 1.3.1 to 1.4.2 by @dependabot[bot] in https://github.com/tiiuae/ghaf/pull/1911
  • fix(intel-laptop): add store disk variants and fix PCI hotplug by @nesteroff in https://github.com/tiiuae/ghaf/pull/1914
  • feat(spire): add x509pop attestation support by @gngram in https://github.com/tiiuae/ghaf/pull/1853
  • fix(shutdown): fix backlight going to 0% on shutdown by @kajusnau in https://github.com/tiiuae/ghaf/pull/1916
  • feat(installer): rework to TUI, improve UX by @kajusnau in https://github.com/tiiuae/ghaf/pull/1909
  • fix(flash-script): fix prebuilt bmap detection by @kajusnau in https://github.com/tiiuae/ghaf/pull/1915

Full Changelog: https://github.com/tiiuae/ghaf/compare/ghaf-26.03.1…ghaf-26.04.1

Bug fixes

Section titled “Bug fixes”

Fixed bugs that were present in the previous release

  • MultiFactor Authentication doesn’t work
  • Screenshot is not saved to Pictures
  • Display stays black when re-opening the lid
  • Yubikey login doesn’t work

Known Issues and Limitations

Section titled “Known Issues and Limitations”

| Issue | Status | Comments | | --------------------------------------------------------------------------------------------------------- | ----------- | -------------------------------------------------------------------------- | | x86 | | | | (System76) Secure Boot key enrollment doesn’t work | In Progress | Will be fixed in next release | | Reboot and shutdown takes long time | In Progress | Will be fixed in next release | | Audio lost after suspend/resume | In Progress | Issue is under investigation | | Occasional black screen and wifi connectivity issues after suspend/resume | In Progress | Issue is under investigation | | (X1) Unlock with fingerprint doesn’t work In Progress Issue is under investigation | | NVIDIA Jetson AGX Orin / Orin NX | | | | GUI login does not work | On Hold | | | Device boots to black screen with only cursor blinking | On Hold | | | If suspended, device doesn’t wake-up | On Hold | | | Locking the device from power menu doesn’t work | On Hold | | | Unlocking from lock screen does not work | On Hold | |

Installation Instructions

Section titled “Installation Instructions”

Released images are available at https://archive.vedenemo.dev/

Download the required image and use the following instructions: Build and Run.