Rebase to Fedora Rawhide

resolves: RHEL-56807
This commit is contained in:
Richard W.M. Jones 2024-09-02 16:35:53 +01:00
parent 9789abb7f5
commit 5ad34c1dd3
24 changed files with 22 additions and 5046 deletions

View File

@ -1,27 +0,0 @@
From a29d4a5632ff9f60f939e4f0f36ce97ed43c5650 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 22 Dec 2022 10:31:47 +0000
Subject: [PATCH] Rearrange lxc test to avoid use of cat
Thanks: Elias Probst <e.probst@ssc-services.de>
---
virt-what.in | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/virt-what.in b/virt-what.in
index d090898e5..170bc24ab 100644
--- a/virt-what.in
+++ b/virt-what.in
@@ -175,7 +175,8 @@ fi
# Added by Marc Fournier
if [ -e "${root}/proc/1/environ" ] &&
- cat "${root}/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container=lxc'; then
+ tr '\000' '\n' < "${root}/proc/1/environ" |
+ grep -Eiq '^container=lxc'; then
echo lxc
fi
--
2.43.0

View File

@ -1,83 +0,0 @@
From 57966df6adddbebc4f4a6b9db7680d99344b0b1c Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 22 Dec 2022 10:34:03 +0000
Subject: [PATCH] Move docker and podman tests up, add comments
Refactor to bring related tests closer together and make the comments
more uniform.
---
virt-what.in | 31 +++++++++++++++----------------
1 file changed, 15 insertions(+), 16 deletions(-)
diff --git a/virt-what.in b/virt-what.in
index 170bc24ab..c6e4a1e00 100644
--- a/virt-what.in
+++ b/virt-what.in
@@ -165,7 +165,6 @@ fi
# /proc/vz - always exists if OpenVZ kernel is running (inside and outside
# container)
# /proc/bc - exists on node, but not inside container.
-
if [ -d "${root}/proc/vz" -a ! -d "${root}/proc/bc" ]; then
echo openvz
fi
@@ -173,13 +172,13 @@ fi
# Check for LXC containers
# http://www.freedesktop.org/wiki/Software/systemd/ContainerInterface
# Added by Marc Fournier
-
if [ -e "${root}/proc/1/environ" ] &&
tr '\000' '\n' < "${root}/proc/1/environ" |
grep -Eiq '^container=lxc'; then
echo lxc
fi
+# Check for Illumos LX
if [ -e "${root}/proc/1/environ" ] &&
tr '\0' '\n' < "${root}/proc/1/environ" | grep -q '^container=zone$' &&
[ -e "${root}/proc/version" ] &&
@@ -187,6 +186,20 @@ if [ -e "${root}/proc/1/environ" ] &&
echo illumos-lx
fi
+# Check for Docker.
+if [ -f "${root}/.dockerenv" ] || [ -f "${root}/.dockerinit" ] || \
+ grep -qF /docker/ "${root}/proc/self/cgroup" 2>/dev/null; then
+ echo docker
+fi
+
+# Check for Podman.
+if [ -e "${root}/proc/1/environ" ] &&
+ cat "${root}/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container=podman'; then
+ echo podman
+elif grep -qF /libpod- "${root}/proc/self/cgroup" 2>/dev/null; then
+ echo podman
+fi
+
# Check for Linux-VServer
if test -e "${root}/proc/self/status" \
&& cat "${root}/proc/self/status" | grep -q "VxID: [0-9]*"; then
@@ -381,20 +394,6 @@ if ! "$skip_lkvm"; then
fi
fi
-# Check for Docker.
-if [ -f "${root}/.dockerenv" ] || [ -f "${root}/.dockerinit" ] || \
- grep -qF /docker/ "${root}/proc/self/cgroup" 2>/dev/null; then
- echo docker
-fi
-
-# Check for Podman.
-if [ -e "${root}/proc/1/environ" ] &&
- cat "${root}/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container=podman'; then
- echo podman
-elif grep -qF /libpod- "${root}/proc/self/cgroup" 2>/dev/null; then
- echo podman
-fi
-
# Check ppc64 lpar, kvm or powerkvm
# example /proc/cpuinfo line indicating 'not baremetal'
--
2.43.0

View File

@ -1,36 +0,0 @@
From 1cbcbb801c86f8f791ecd930c4ac311f034e3e1a Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 5 Jan 2023 12:48:55 +0000
Subject: [PATCH] podman: Fix location of test file /proc/1/environ
Since it was at the wrong location, the file was not even used by the
test.
Fixes: commit 1df728aa4b ("Add podman support")
---
tests/podman/Makefile.am | 2 +-
tests/podman/{ => proc}/1/environ | Bin
2 files changed, 1 insertion(+), 1 deletion(-)
rename tests/podman/{ => proc}/1/environ (100%)
diff --git a/tests/podman/Makefile.am b/tests/podman/Makefile.am
index 2962f3237..1745ef6c6 100644
--- a/tests/podman/Makefile.am
+++ b/tests/podman/Makefile.am
@@ -20,8 +20,8 @@ CLEANFILES = *~
TESTS = test.sh
EXTRA_DIST = \
- 1/environ \
test.sh \
+ proc/1/environ \
proc/cpuinfo \
proc/self/cgroup \
proc/self/status \
diff --git a/tests/podman/1/environ b/tests/podman/proc/1/environ
similarity index 100%
rename from tests/podman/1/environ
rename to tests/podman/proc/1/environ
--
2.43.0

View File

@ -1,888 +0,0 @@
From 54c2ad4a764658ec8a9aadc52c749eabf1de73a0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Thu, 5 Jan 2023 12:34:02 +0000
Subject: [PATCH] Detect OCI containers
Podman using OCI containers sets container=oci in PID 1's environment.
Detect that and print "oci" fact.
This patch was originally contributed by Alessandro Valentini. I
modified it and added tests and documentation.
Reported-by: Alessandro Valentini
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2155233
---
configure.ac | 2 +
tests/oci/Makefile.am | 28 ++
tests/oci/proc/1/environ | Bin 0 -> 124 bytes
tests/oci/proc/cpuinfo | 671 ++++++++++++++++++++++++++
tests/oci/sbin/dmidecode | 7 +
tests/oci/sbin/uname | 2 +
tests/oci/sbin/virt-what-cpuid-helper | 2 +
tests/oci/test.sh | 32 ++
virt-what.in | 6 +
virt-what.pod | 8 +-
10 files changed, 757 insertions(+), 1 deletion(-)
create mode 100644 tests/oci/Makefile.am
create mode 100644 tests/oci/proc/1/environ
create mode 100644 tests/oci/proc/cpuinfo
create mode 100755 tests/oci/sbin/dmidecode
create mode 100755 tests/oci/sbin/uname
create mode 100755 tests/oci/sbin/virt-what-cpuid-helper
create mode 100755 tests/oci/test.sh
diff --git a/configure.ac b/configure.ac
index 8f808a38b..a80a4b6f0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -56,6 +56,7 @@ tests="\
lx86 \
lxc \
nutanix-ahv \
+ oci \
parallels-desktop \
podman \
ppc64-baremetal \
@@ -104,6 +105,7 @@ AC_CONFIG_FILES([Makefile
tests/lx86/Makefile
tests/lxc/Makefile
tests/nutanix-ahv/Makefile
+ tests/oci/Makefile
tests/parallels-desktop/Makefile
tests/podman/Makefile
tests/ppc64-baremetal/Makefile
diff --git a/tests/oci/Makefile.am b/tests/oci/Makefile.am
new file mode 100644
index 000000000..b2f6f2469
--- /dev/null
+++ b/tests/oci/Makefile.am
@@ -0,0 +1,28 @@
+# Makefile for virt-what
+# Copyright (C) 2008-2023 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+CLEANFILES = *~
+
+TESTS = test.sh
+
+EXTRA_DIST = \
+ test.sh \
+ proc/1/environ \
+ proc/cpuinfo \
+ sbin/dmidecode \
+ sbin/uname \
+ sbin/virt-what-cpuid-helper
diff --git a/tests/oci/proc/1/environ b/tests/oci/proc/1/environ
new file mode 100644
index 0000000000000000000000000000000000000000..03d40a45377eaeccef15532734d2f5b7fd42234e
GIT binary patch
literal 124
zcmWG=4DqnlFD)+8&&f|t%+W7S%FMGu;={QJ39t}^3uH2cxCZ&!R+OX`<uWAa=anR8
r=A{<d<|k(|c=-Fe+UghO=a&GP!6AN*KyGSUVw$0Wg<+zpc`5?{dKM{B
literal 0
HcmV?d00001
diff --git a/tests/oci/proc/cpuinfo b/tests/oci/proc/cpuinfo
new file mode 100644
index 000000000..82b147bb4
--- /dev/null
+++ b/tests/oci/proc/cpuinfo
@@ -0,0 +1,671 @@
+processor : 0
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 0
+cpu cores : 12
+apicid : 0
+initial apicid : 0
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 1
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 1
+cpu cores : 12
+apicid : 2
+initial apicid : 2
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 2
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 2
+cpu cores : 12
+apicid : 4
+initial apicid : 4
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 3
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 4
+cpu cores : 12
+apicid : 8
+initial apicid : 8
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 4
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 5
+cpu cores : 12
+apicid : 10
+initial apicid : 10
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 5
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 6
+cpu cores : 12
+apicid : 12
+initial apicid : 12
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 6
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2194.032
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 8
+cpu cores : 12
+apicid : 16
+initial apicid : 16
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 7
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 9
+cpu cores : 12
+apicid : 18
+initial apicid : 18
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 8
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 10
+cpu cores : 12
+apicid : 20
+initial apicid : 20
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 9
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 12
+cpu cores : 12
+apicid : 24
+initial apicid : 24
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 10
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 13
+cpu cores : 12
+apicid : 26
+initial apicid : 26
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 11
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 14
+cpu cores : 12
+apicid : 28
+initial apicid : 28
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 12
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2194.248
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 0
+cpu cores : 12
+apicid : 1
+initial apicid : 1
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 13
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 3973.398
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 1
+cpu cores : 12
+apicid : 3
+initial apicid : 3
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 14
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 2
+cpu cores : 12
+apicid : 5
+initial apicid : 5
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 15
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 4
+cpu cores : 12
+apicid : 9
+initial apicid : 9
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 16
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 5
+cpu cores : 12
+apicid : 11
+initial apicid : 11
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 17
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 6
+cpu cores : 12
+apicid : 13
+initial apicid : 13
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 18
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2195.748
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 8
+cpu cores : 12
+apicid : 17
+initial apicid : 17
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 19
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 9
+cpu cores : 12
+apicid : 19
+initial apicid : 19
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 20
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2196.733
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 10
+cpu cores : 12
+apicid : 21
+initial apicid : 21
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 21
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 12
+cpu cores : 12
+apicid : 25
+initial apicid : 25
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 22
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2200.000
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 13
+cpu cores : 12
+apicid : 27
+initial apicid : 27
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
+
+processor : 23
+vendor_id : AuthenticAMD
+cpu family : 23
+model : 113
+model name : AMD Ryzen 9 3900X 12-Core Processor
+stepping : 0
+microcode : 0x8701013
+cpu MHz : 2194.867
+cache size : 512 KB
+physical id : 0
+siblings : 24
+core id : 14
+cpu cores : 12
+apicid : 29
+initial apicid : 29
+fpu : yes
+fpu_exception : yes
+cpuid level : 16
+wp : yes
+flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf rapl pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate ssbd mba ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr rdpru wbnoinvd arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif v_spec_ctrl umip rdpid overflow_recov succor smca sev sev_es
+bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass retbleed
+bogomips : 7585.66
+TLB size : 3072 4K pages
+clflush size : 64
+cache_alignment : 64
+address sizes : 43 bits physical, 48 bits virtual
+power management: ts ttp tm hwpstate cpb eff_freq_ro [13] [14]
diff --git a/tests/oci/sbin/dmidecode b/tests/oci/sbin/dmidecode
new file mode 100755
index 000000000..48a6de126
--- /dev/null
+++ b/tests/oci/sbin/dmidecode
@@ -0,0 +1,7 @@
+#!/bin/sh -
+cat <<'EOF'
+# dmidecode 3.3
+Scanning /dev/mem for entry point.
+/dev/mem: No such file or directory
+EOF
+exit 1
diff --git a/tests/oci/sbin/uname b/tests/oci/sbin/uname
new file mode 100755
index 000000000..ab0ec896d
--- /dev/null
+++ b/tests/oci/sbin/uname
@@ -0,0 +1,2 @@
+#!/bin/sh -
+echo x86_64
diff --git a/tests/oci/sbin/virt-what-cpuid-helper b/tests/oci/sbin/virt-what-cpuid-helper
new file mode 100755
index 000000000..481e1e67c
--- /dev/null
+++ b/tests/oci/sbin/virt-what-cpuid-helper
@@ -0,0 +1,2 @@
+#!/bin/sh -
+# no output
diff --git a/tests/oci/test.sh b/tests/oci/test.sh
new file mode 100755
index 000000000..5028ebc60
--- /dev/null
+++ b/tests/oci/test.sh
@@ -0,0 +1,32 @@
+# Test for OCI
+# Copyright (C) 2008-2023 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+output="$(PATH=../..:$PATH virt-what --test-root=. 2>&1)"
+expected="oci"
+
+if [ "$output" != "$expected" ]; then
+ echo "$0: test failed because output did not match expected"
+ echo "Expected output was:"
+ echo "----------------------------------------"
+ echo "$expected"
+ echo "----------------------------------------"
+ echo "But the actual output of the program was:"
+ echo "----------------------------------------"
+ echo "$output"
+ echo "----------------------------------------"
+ exit 1
+fi
diff --git a/virt-what.in b/virt-what.in
index c6e4a1e00..102e23f67 100644
--- a/virt-what.in
+++ b/virt-what.in
@@ -192,6 +192,12 @@ if [ -f "${root}/.dockerenv" ] || [ -f "${root}/.dockerinit" ] || \
echo docker
fi
+# Check for OCI.
+if [ -e "${root}/proc/1/environ" ] &&
+ cat "${root}/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container=oci'; then
+ echo oci
+fi
+
# Check for Podman.
if [ -e "${root}/proc/1/environ" ] &&
cat "${root}/proc/1/environ" | tr '\000' '\n' | grep -Eiq '^container=podman'; then
diff --git a/virt-what.pod b/virt-what.pod
index 2c346bded..9dbc079f9 100644
--- a/virt-what.pod
+++ b/virt-what.pod
@@ -203,6 +203,12 @@ The guest is running inside Nutanix Acropolis Hypervisor (AHV).
Status: confirmed by RWMJ.
+=item B<oci>
+
+The guest is running in an OCI container.
+
+Status: contributed by Alessandro Valentini, confirmed by RWMJ
+
=item B<openvz>
The guest appears to be running inside an OpenVZ or Virtuozzo
@@ -226,7 +232,7 @@ Status: contributed by Justin Clift
=item B<podman>
-This is a Podman container.
+This is a Podman container. (See also C<oci> above.)
Status: contributed by Jordan Webb
--
2.43.0

View File

@ -1,371 +0,0 @@
From 034981d94bf4ccac4159f013f2d4e2476a23d7e7 Mon Sep 17 00:00:00 2001
From: Yongkui Guo <yoguo@redhat.com>
Date: Mon, 30 Jan 2023 18:20:32 +0800
Subject: [PATCH] Add support for Alibaba cloud on aarch64
This assumes you are running RHEL or another tenant which supports
ACPI. It probably won't work for guests using device tree.
Also we assume that the hypervisor is KVM. Since the hypervisor
indicates that it is RHEL 7, this is very likely to be true, but hard
to prove since there is no CPUID on Arm.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2165285
(cherry picked from commit 805604762468b754ea60e5dc176fa26f68d211b8)
---
configure.ac | 2 +
tests/alibaba-cloud-arm/Makefile.am | 28 +++++
tests/alibaba-cloud-arm/proc/cpuinfo | 18 +++
tests/alibaba-cloud-arm/proc/self/status | 57 +++++++++
tests/alibaba-cloud-arm/sbin/dmidecode | 116 ++++++++++++++++++
tests/alibaba-cloud-arm/sbin/uname | 2 +
.../sbin/virt-what-cpuid-helper | 3 +
tests/alibaba-cloud-arm/test.sh | 33 +++++
virt-what.in | 5 +
9 files changed, 264 insertions(+)
create mode 100644 tests/alibaba-cloud-arm/Makefile.am
create mode 100644 tests/alibaba-cloud-arm/proc/cpuinfo
create mode 100644 tests/alibaba-cloud-arm/proc/self/status
create mode 100755 tests/alibaba-cloud-arm/sbin/dmidecode
create mode 100755 tests/alibaba-cloud-arm/sbin/uname
create mode 100755 tests/alibaba-cloud-arm/sbin/virt-what-cpuid-helper
create mode 100755 tests/alibaba-cloud-arm/test.sh
diff --git a/configure.ac b/configure.ac
index a80a4b6f0..cfb7ca371 100644
--- a/configure.ac
+++ b/configure.ac
@@ -34,6 +34,7 @@ AM_CONDITIONAL([HOST_CPU_IA64], [ test "x$host_cpu" = "xia64" ])
dnl List of tests.
tests="\
+ alibaba-cloud-arm \
alibaba-cloud-x86 \
aws-baremetal-x86 \
aws-kvm-arm \
@@ -83,6 +84,7 @@ AC_CONFIG_HEADERS([config.h])
AC_CONFIG_FILES([virt-what],[chmod +x virt-what])
AC_CONFIG_FILES([Makefile
tests/Makefile
+ tests/alibaba-cloud-arm/Makefile
tests/alibaba-cloud-x86/Makefile
tests/aws-baremetal-x86/Makefile
tests/aws-kvm-arm/Makefile
diff --git a/tests/alibaba-cloud-arm/Makefile.am b/tests/alibaba-cloud-arm/Makefile.am
new file mode 100644
index 000000000..09ce07861
--- /dev/null
+++ b/tests/alibaba-cloud-arm/Makefile.am
@@ -0,0 +1,28 @@
+# Makefile for virt-what
+# Copyright (C) 2008-2023 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+CLEANFILES = *~
+
+TESTS = test.sh
+
+EXTRA_DIST = \
+ test.sh \
+ proc/cpuinfo \
+ proc/self/status \
+ sbin/dmidecode \
+ sbin/uname \
+ sbin/virt-what-cpuid-helper
diff --git a/tests/alibaba-cloud-arm/proc/cpuinfo b/tests/alibaba-cloud-arm/proc/cpuinfo
new file mode 100644
index 000000000..03dbb22ab
--- /dev/null
+++ b/tests/alibaba-cloud-arm/proc/cpuinfo
@@ -0,0 +1,18 @@
+processor : 0
+BogoMIPS : 50.00
+Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp ssbs
+CPU implementer : 0x41
+CPU architecture: 8
+CPU variant : 0x3
+CPU part : 0xd0c
+CPU revision : 1
+
+processor : 1
+BogoMIPS : 50.00
+Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp ssbs
+CPU implementer : 0x41
+CPU architecture: 8
+CPU variant : 0x3
+CPU part : 0xd0c
+CPU revision : 1
+
diff --git a/tests/alibaba-cloud-arm/proc/self/status b/tests/alibaba-cloud-arm/proc/self/status
new file mode 100644
index 000000000..08c63e9cb
--- /dev/null
+++ b/tests/alibaba-cloud-arm/proc/self/status
@@ -0,0 +1,57 @@
+Name: cat
+Umask: 0022
+State: R (running)
+Tgid: 6341
+Ngid: 0
+Pid: 6341
+PPid: 1588
+TracerPid: 0
+Uid: 0 0 0 0
+Gid: 0 0 0 0
+FDSize: 256
+Groups: 0
+NStgid: 6341
+NSpid: 6341
+NSpgid: 6341
+NSsid: 1588
+VmPeak: 2352 kB
+VmSize: 2352 kB
+VmLck: 0 kB
+VmPin: 0 kB
+VmHWM: 768 kB
+VmRSS: 768 kB
+RssAnon: 80 kB
+RssFile: 688 kB
+RssShmem: 0 kB
+VmData: 348 kB
+VmStk: 132 kB
+VmExe: 24 kB
+VmLib: 1728 kB
+VmPTE: 44 kB
+VmSwap: 0 kB
+HugetlbPages: 0 kB
+CoreDumping: 0
+THP_enabled: 1
+Threads: 1
+SigQ: 0/29002
+SigPnd: 0000000000000000
+ShdPnd: 0000000000000000
+SigBlk: 0000000000000000
+SigIgn: 0000000000000000
+SigCgt: 0000000000000000
+CapInh: 0000000000000000
+CapPrm: 000001ffffffffff
+CapEff: 000001ffffffffff
+CapBnd: 000001ffffffffff
+CapAmb: 0000000000000000
+NoNewPrivs: 0
+Seccomp: 0
+Seccomp_filters: 0
+Speculation_Store_Bypass: thread vulnerable
+SpeculationIndirectBranch: unknown
+Cpus_allowed: 3
+Cpus_allowed_list: 0-1
+Mems_allowed: 00000000,00000001
+Mems_allowed_list: 0
+voluntary_ctxt_switches: 0
+nonvoluntary_ctxt_switches: 0
diff --git a/tests/alibaba-cloud-arm/sbin/dmidecode b/tests/alibaba-cloud-arm/sbin/dmidecode
new file mode 100755
index 000000000..89fa9a34b
--- /dev/null
+++ b/tests/alibaba-cloud-arm/sbin/dmidecode
@@ -0,0 +1,116 @@
+#!/bin/sh -
+cat <<'EOF'
+# dmidecode 3.3
+Getting SMBIOS data from sysfs.
+SMBIOS 3.0.0 present.
+Table at 0x2348C0000.
+
+Handle 0x0100, DMI type 1, 27 bytes
+System Information
+ Manufacturer: Alibaba Cloud
+ Product Name: Alibaba Cloud ECS
+ Version: virt-rhel7.6.0
+ Serial Number: 8c43355a-242e-42c2-bdf7-9fae99316221
+ UUID: 8c43355a-242e-42c2-bdf7-9fae99316221
+ Wake-up Type: Power Switch
+ SKU Number: Not Specified
+ Family: Red Hat Enterprise Linux
+
+Handle 0x0300, DMI type 3, 21 bytes
+Chassis Information
+ Manufacturer: Alibaba Cloud
+ Type: Other
+ Lock: Not Present
+ Version: virt-rhel7.6.0
+ Serial Number: Not Specified
+ Asset Tag: Not Specified
+ Boot-up State: Safe
+ Power Supply State: Safe
+ Thermal State: Safe
+ Security Status: Unknown
+ OEM Information: 0x00000000
+ Height: Unspecified
+ Number Of Power Cords: Unspecified
+ Contained Elements: 0
+
+Handle 0x0400, DMI type 4, 42 bytes
+Processor Information
+ Socket Designation: CPU 0
+ Type: Central Processor
+ Family: Other
+ Manufacturer: Alibaba Cloud
+ ID: 00 00 00 00 00 00 00 00
+ Version: virt-rhel7.6.0
+ Voltage: Unknown
+ External Clock: Unknown
+ Max Speed: 2000 MHz
+ Current Speed: 2000 MHz
+ Status: Populated, Enabled
+ Upgrade: Other
+ L1 Cache Handle: Not Provided
+ L2 Cache Handle: Not Provided
+ L3 Cache Handle: Not Provided
+ Serial Number: Not Specified
+ Asset Tag: Not Specified
+ Part Number: Not Specified
+ Core Count: 2
+ Core Enabled: 2
+ Thread Count: 1
+ Characteristics: None
+
+Handle 0x1000, DMI type 16, 23 bytes
+Physical Memory Array
+ Location: Other
+ Use: System Memory
+ Error Correction Type: Multi-bit ECC
+ Maximum Capacity: 8 GB
+ Error Information Handle: Not Provided
+ Number Of Devices: 1
+
+Handle 0x1100, DMI type 17, 40 bytes
+Memory Device
+ Array Handle: 0x1000
+ Error Information Handle: Not Provided
+ Total Width: Unknown
+ Data Width: Unknown
+ Size: 8 GB
+ Form Factor: DIMM
+ Set: None
+ Locator: DIMM 0
+ Bank Locator: Not Specified
+ Type: RAM
+ Type Detail: Other
+ Speed: Unknown
+ Manufacturer: Alibaba Cloud
+ Serial Number: Not Specified
+ Asset Tag: Not Specified
+ Part Number: Not Specified
+ Rank: Unknown
+ Configured Memory Speed: Unknown
+ Minimum Voltage: Unknown
+ Maximum Voltage: Unknown
+ Configured Voltage: Unknown
+
+Handle 0x2000, DMI type 32, 11 bytes
+System Boot Information
+ Status: No errors detected
+
+Handle 0x0000, DMI type 0, 26 bytes
+BIOS Information
+ Vendor: EFI Development Kit II / OVMF
+ Version: 0.0.0
+ Release Date: 02/06/2015
+ Address: 0xE8000
+ Runtime Size: 96 kB
+ ROM Size: 64 kB
+ Characteristics:
+ BIOS characteristics not supported
+ Targeted content distribution is supported
+ UEFI is supported
+ System is a virtual machine
+ BIOS Revision: 0.0
+
+Handle 0xFEFF, DMI type 127, 4 bytes
+End Of Table
+
+EOF
diff --git a/tests/alibaba-cloud-arm/sbin/uname b/tests/alibaba-cloud-arm/sbin/uname
new file mode 100755
index 000000000..bd33a2d73
--- /dev/null
+++ b/tests/alibaba-cloud-arm/sbin/uname
@@ -0,0 +1,2 @@
+#!/bin/sh -
+echo aarch64
diff --git a/tests/alibaba-cloud-arm/sbin/virt-what-cpuid-helper b/tests/alibaba-cloud-arm/sbin/virt-what-cpuid-helper
new file mode 100755
index 000000000..08e293436
--- /dev/null
+++ b/tests/alibaba-cloud-arm/sbin/virt-what-cpuid-helper
@@ -0,0 +1,3 @@
+#!/bin/sh -
+# Arm, so no cpuid.
+# No output, exits with 0.
diff --git a/tests/alibaba-cloud-arm/test.sh b/tests/alibaba-cloud-arm/test.sh
new file mode 100755
index 000000000..1e7360931
--- /dev/null
+++ b/tests/alibaba-cloud-arm/test.sh
@@ -0,0 +1,33 @@
+# Test for Alibaba Cloud
+# Copyright (C) 2018-2023 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+output="$(PATH=../..:$PATH virt-what --test-root=. 2>&1)"
+expected="alibaba_cloud
+kvm"
+
+if [ "$output" != "$expected" ]; then
+ echo "$0: test failed because output did not match expected"
+ echo "Expected output was:"
+ echo "----------------------------------------"
+ echo "$expected"
+ echo "----------------------------------------"
+ echo "But the actual output of the program was:"
+ echo "----------------------------------------"
+ echo "$output"
+ echo "----------------------------------------"
+ exit 1
+fi
diff --git a/virt-what.in b/virt-what.in
index 102e23f67..fbf8c54c5 100644
--- a/virt-what.in
+++ b/virt-what.in
@@ -354,6 +354,11 @@ if ! "$skip_qemu_kvm"; then
# This is for AWS Graviton (Arm) systems which don't have CPUID.
echo kvm
skip_lkvm=true
+ elif echo "$dmi" | grep -q 'Manufacturer: Alibaba Cloud' &&
+ echo "$dmi" | grep -q 'System is a virtual machine'; then
+ # This is for Alibaba Arm systems which don't have CPUID.
+ echo kvm
+ skip_lkvm=true
elif echo "$dmi" | grep -q 'Manufacturer: QEMU'; then
# The test for KVM above failed, so now we know we're
# not using KVM acceleration.
--
2.43.0

View File

@ -1,38 +0,0 @@
From 5f10aff9e4b06fb07eb09411d58ee8c8209ff477 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Wed, 7 Jun 2023 10:10:03 +0100
Subject: [PATCH] nutanix: Don't match Nutanix-based baremetal systems
Nutanix ship baremetal systems which have modified firmware that
reports similar to:
Manufacturer: Nutanix
Product Name: NX-T00-4NL3-G5
This is not a virtual machine, but was recognised as such. Make sure
we match on 'Product Name: AHV' to identify only virtual machines.
Thanks: Scott Yeager, Shaoyu Shang
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2211980
(cherry picked from commit eeb7d8a1e7c73fc9c5b4e987d92a04136d61b07d)
---
virt-what.in | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/virt-what.in b/virt-what.in
index fbf8c54c5..e310f339b 100644
--- a/virt-what.in
+++ b/virt-what.in
@@ -259,7 +259,8 @@ if echo "$dmi" | grep -q 'Vendor: Parallels'; then
fi
# Check for Nutanix AHV.
-if echo "$dmi" | grep -q 'Manufacturer: Nutanix'; then
+if echo "$dmi" | grep -q 'Manufacturer: Nutanix' &&
+ echo "$dmi" | grep -q 'Product Name: AHV'; then
echo nutanix_ahv
fi
--
2.43.0

File diff suppressed because it is too large Load Diff

View File

@ -1,494 +0,0 @@
From 128d73c47ef90ca871966a5417962836f9f359f1 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 2 Jul 2024 08:45:10 +0000
Subject: [PATCH] Fix support for Hyper-V on Arm
This architecture lacks CPUID so we must fall back to looking
at DMI data instead.
Reported-by: Yuxin Sun
Thanks: Dan Berrange
Fixes: https://issues.redhat.com/browse/RHEL-45834
(cherry picked from commit 49a17ec8438d01280750d52ae661c8c5c9fe9d07)
---
configure.ac | 2 +
tests/hyperv-arm/Makefile.am | 28 +++
tests/hyperv-arm/proc/cpuinfo | 18 ++
tests/hyperv-arm/proc/self/status | 57 +++++
tests/hyperv-arm/sbin/dmidecode | 221 +++++++++++++++++++
tests/hyperv-arm/sbin/uname | 2 +
tests/hyperv-arm/sbin/virt-what-cpuid-helper | 2 +
tests/hyperv-arm/test.sh | 32 +++
virt-what.in | 16 +-
9 files changed, 374 insertions(+), 4 deletions(-)
create mode 100644 tests/hyperv-arm/Makefile.am
create mode 100644 tests/hyperv-arm/proc/cpuinfo
create mode 100644 tests/hyperv-arm/proc/self/status
create mode 100755 tests/hyperv-arm/sbin/dmidecode
create mode 100755 tests/hyperv-arm/sbin/uname
create mode 100755 tests/hyperv-arm/sbin/virt-what-cpuid-helper
create mode 100755 tests/hyperv-arm/test.sh
diff --git a/configure.ac b/configure.ac
index 632e25e91..4dd2c9731 100644
--- a/configure.ac
+++ b/configure.ac
@@ -48,6 +48,7 @@ tests="\
esx4.1 \
google-cloud \
hyperv \
+ hyperv-arm \
illumos-lx \
kvm \
kvm-explicit-cpu \
@@ -99,6 +100,7 @@ AC_CONFIG_FILES([Makefile
tests/esx4.1/Makefile
tests/google-cloud/Makefile
tests/hyperv/Makefile
+ tests/hyperv-arm/Makefile
tests/illumos-lx/Makefile
tests/kvm/Makefile
tests/kvm-explicit-cpu/Makefile
diff --git a/tests/hyperv-arm/Makefile.am b/tests/hyperv-arm/Makefile.am
new file mode 100644
index 000000000..b748df8bc
--- /dev/null
+++ b/tests/hyperv-arm/Makefile.am
@@ -0,0 +1,28 @@
+# Makefile for virt-what
+# Copyright (C) 2008-2011 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+CLEANFILES = *~
+
+TESTS = test.sh
+
+EXTRA_DIST = \
+ test.sh \
+ proc/cpuinfo \
+ proc/self/status \
+ sbin/dmidecode \
+ sbin/uname \
+ sbin/virt-what-cpuid-helper
diff --git a/tests/hyperv-arm/proc/cpuinfo b/tests/hyperv-arm/proc/cpuinfo
new file mode 100644
index 000000000..c492a0024
--- /dev/null
+++ b/tests/hyperv-arm/proc/cpuinfo
@@ -0,0 +1,18 @@
+processor : 0
+BogoMIPS : 50.00
+Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
+CPU implementer : 0x41
+CPU architecture: 8
+CPU variant : 0x3
+CPU part : 0xd0c
+CPU revision : 1
+
+processor : 1
+BogoMIPS : 50.00
+Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp
+CPU implementer : 0x41
+CPU architecture: 8
+CPU variant : 0x3
+CPU part : 0xd0c
+CPU revision : 1
+
diff --git a/tests/hyperv-arm/proc/self/status b/tests/hyperv-arm/proc/self/status
new file mode 100644
index 000000000..129e9c2aa
--- /dev/null
+++ b/tests/hyperv-arm/proc/self/status
@@ -0,0 +1,57 @@
+Name: cat
+Umask: 0022
+State: R (running)
+Tgid: 17916
+Ngid: 0
+Pid: 17916
+PPid: 5880
+TracerPid: 0
+Uid: 1000 1000 1000 1000
+Gid: 1000 1000 1000 1000
+FDSize: 256
+Groups: 4 190 1000
+NStgid: 17916
+NSpid: 17916
+NSpgid: 17916
+NSsid: 5880
+VmPeak: 5284 kB
+VmSize: 5284 kB
+VmLck: 0 kB
+VmPin: 0 kB
+VmHWM: 772 kB
+VmRSS: 772 kB
+RssAnon: 80 kB
+RssFile: 692 kB
+RssShmem: 0 kB
+VmData: 344 kB
+VmStk: 132 kB
+VmExe: 24 kB
+VmLib: 1736 kB
+VmPTE: 48 kB
+VmSwap: 0 kB
+HugetlbPages: 0 kB
+CoreDumping: 0
+THP_enabled: 1
+Threads: 1
+SigQ: 0/30549
+SigPnd: 0000000000000000
+ShdPnd: 0000000000000000
+SigBlk: 0000000000000000
+SigIgn: 0000000000000000
+SigCgt: 0000000000000000
+CapInh: 0000000000000000
+CapPrm: 0000000000000000
+CapEff: 0000000000000000
+CapBnd: 000001ffffffffff
+CapAmb: 0000000000000000
+NoNewPrivs: 0
+Seccomp: 0
+Seccomp_filters: 0
+Speculation_Store_Bypass: not vulnerable
+SpeculationIndirectBranch: unknown
+Cpus_allowed: 3
+Cpus_allowed_list: 0-1
+Mems_allowed: 00000000,00000001
+Mems_allowed_list: 0
+voluntary_ctxt_switches: 0
+nonvoluntary_ctxt_switches: 0
diff --git a/tests/hyperv-arm/sbin/dmidecode b/tests/hyperv-arm/sbin/dmidecode
new file mode 100755
index 000000000..38ac3feac
--- /dev/null
+++ b/tests/hyperv-arm/sbin/dmidecode
@@ -0,0 +1,221 @@
+#!/bin/sh -
+cat <<'EOF'
+# dmidecode 3.3
+Getting SMBIOS data from sysfs.
+SMBIOS 3.1.0 present.
+Table at 0x3FD63000.
+
+Handle 0x0000, DMI type 0, 26 bytes
+BIOS Information
+ Vendor: Microsoft Corporation
+ Version: Hyper-V UEFI Release v4.1
+ Release Date: 11/28/2023
+ ROM Size: 64 kB
+ Characteristics:
+ BIOS characteristics not supported
+ ACPI is supported
+ Targeted content distribution is supported
+ UEFI is supported
+ System is a virtual machine
+ BIOS Revision: 4.1
+
+Handle 0x0001, DMI type 1, 27 bytes
+System Information
+ Manufacturer: Microsoft Corporation
+ Product Name: Virtual Machine
+ Version: Hyper-V UEFI Release v4.1
+ Serial Number: 0000-0011-3798-4833-3781-8467-28
+ UUID: 9ded57c4-3ce3-4ac8-aaaf-2c4ccf6e7a59
+ Wake-up Type: Power Switch
+ SKU Number: None
+ Family: Virtual Machine
+
+Handle 0x0002, DMI type 3, 24 bytes
+Chassis Information
+ Manufacturer: Microsoft Corporation
+ Type: Desktop
+ Lock: Not Present
+ Version: Hyper-V UEFI Release v4.1
+ Serial Number: 6708-6940-4856-4751-7507-5546-20
+ Asset Tag: 7783-7084-3265-9085-8269-3286-77
+ Boot-up State: Safe
+ Power Supply State: Safe
+ Thermal State: Safe
+ Security Status: Unknown
+ OEM Information: 0x00000000
+ Height: Unspecified
+ Number Of Power Cords: Unspecified
+ Contained Elements: 0
+ SKU Number: Virtual Machine
+
+Handle 0x0003, DMI type 2, 17 bytes
+Base Board Information
+ Manufacturer: Microsoft Corporation
+ Product Name: Virtual Machine
+ Version: Hyper-V UEFI Release v4.1
+ Serial Number: 0000-0012-2990-9781-5781-3745-53
+ Asset Tag: None
+ Features:
+ Board is a hosting board
+ Location In Chassis: Virtual Machine
+ Chassis Handle: 0x0002
+ Type: Motherboard
+ Contained Object Handles: 0
+
+Handle 0x0004, DMI type 4, 48 bytes
+Processor Information
+ Socket Designation: None
+ Type: Central Processor
+ Family: ARMv8
+ Manufacturer: Ampere(R)
+ ID: 00 00 00 00 00 00 00 00
+ Version: Ampere(R) Altra(R) Processor
+ Voltage: 1.0 V
+ External Clock: 1650 MHz
+ Max Speed: 3000 MHz
+ Current Speed: 3000 MHz
+ Status: Populated, Enabled
+ Upgrade: None
+ L1 Cache Handle: Not Provided
+ L2 Cache Handle: Not Provided
+ L3 Cache Handle: Not Provided
+ Serial Number: None
+ Asset Tag: None
+ Part Number: None
+ Core Count: 2
+ Core Enabled: 2
+ Thread Count: 1
+ Characteristics:
+ 64-bit capable
+ Multi-Core
+ Power/Performance Control
+ 128-bit Capable
+ Arm64 SoC ID
+
+Handle 0x0005, DMI type 11, 5 bytes
+OEM Strings
+ String 1: [MS_VM_CERT/SHA1/9b80ca0d5dd061ec9da4e494f4c3fd1196270c22]
+ String 2: 00000000000000000000000000000000
+ String 3: To be filled by OEM
+
+Handle 0x0006, DMI type 16, 23 bytes
+Physical Memory Array
+ Location: System Board Or Motherboard
+ Use: System Memory
+ Error Correction Type: None
+ Maximum Capacity: 0 bytes
+ Error Information Handle: Not Provided
+ Number Of Devices: 2
+
+Handle 0x0007, DMI type 17, 92 bytes
+Memory Device
+ Array Handle: 0x0006
+ Error Information Handle: Not Provided
+ Total Width: Unknown
+ Data Width: Unknown
+ Size: 1 GB
+ Form Factor: Unknown
+ Set: None
+ Locator: M0001
+ Bank Locator: None
+ Type: Unknown
+ Type Detail: Unknown
+ Speed: Unknown
+ Manufacturer: Microsoft Corporation
+ Serial Number: None
+ Asset Tag: None
+ Part Number: None
+ Rank: Unknown
+ Configured Memory Speed: Unknown
+ Minimum Voltage: Unknown
+ Maximum Voltage: Unknown
+ Configured Voltage: Unknown
+ Memory Technology: <OUT OF SPEC>
+ Memory Operating Mode Capability: None
+ Firmware Version: Not Specified
+ Module Manufacturer ID: Unknown
+ Module Product ID: Unknown
+ Memory Subsystem Controller Manufacturer ID: Unknown
+ Memory Subsystem Controller Product ID: Unknown
+ Non-Volatile Size: None
+ Volatile Size: None
+ Cache Size: None
+ Logical Size: None
+
+Handle 0x0008, DMI type 19, 31 bytes
+Memory Array Mapped Address
+ Starting Address: 0x00000000000
+ Ending Address: 0x000400003FF
+ Range Size: 1 GB
+ Physical Array Handle: 0x0006
+ Partition Width: 0
+
+Handle 0x0009, DMI type 20, 35 bytes
+Memory Device Mapped Address
+ Starting Address: 0x00000000000
+ Ending Address: 0x000400003FF
+ Range Size: 1 GB
+ Physical Device Handle: 0x0007
+ Memory Array Mapped Address Handle: 0x0008
+ Partition Row Position: Unknown
+
+Handle 0x000A, DMI type 17, 92 bytes
+Memory Device
+ Array Handle: 0x0006
+ Error Information Handle: Not Provided
+ Total Width: Unknown
+ Data Width: Unknown
+ Size: 7 GB
+ Form Factor: Unknown
+ Set: None
+ Locator: M0002
+ Bank Locator: None
+ Type: Unknown
+ Type Detail: Unknown
+ Speed: Unknown
+ Manufacturer: Microsoft Corporation
+ Serial Number: None
+ Asset Tag: None
+ Part Number: None
+ Rank: Unknown
+ Configured Memory Speed: Unknown
+ Minimum Voltage: Unknown
+ Maximum Voltage: Unknown
+ Configured Voltage: Unknown
+ Memory Technology: <OUT OF SPEC>
+ Memory Operating Mode Capability: None
+ Firmware Version: Not Specified
+ Module Manufacturer ID: Unknown
+ Module Product ID: Unknown
+ Memory Subsystem Controller Manufacturer ID: Unknown
+ Memory Subsystem Controller Product ID: Unknown
+ Non-Volatile Size: None
+ Volatile Size: None
+ Cache Size: None
+ Logical Size: None
+
+Handle 0x000B, DMI type 19, 31 bytes
+Memory Array Mapped Address
+ Starting Address: 0x00100000000
+ Ending Address: 0x002C00003FF
+ Range Size: 7 GB
+ Physical Array Handle: 0x0006
+ Partition Width: 0
+
+Handle 0x000C, DMI type 20, 35 bytes
+Memory Device Mapped Address
+ Starting Address: 0x00100000000
+ Ending Address: 0x002C00003FF
+ Range Size: 7 GB
+ Physical Device Handle: 0x000A
+ Memory Array Mapped Address Handle: 0x000B
+ Partition Row Position: Unknown
+
+Handle 0x000D, DMI type 32, 11 bytes
+System Boot Information
+ Status: No errors detected
+
+Handle 0xFEFF, DMI type 127, 4 bytes
+End Of Table
+
+EOF
diff --git a/tests/hyperv-arm/sbin/uname b/tests/hyperv-arm/sbin/uname
new file mode 100755
index 000000000..bd33a2d73
--- /dev/null
+++ b/tests/hyperv-arm/sbin/uname
@@ -0,0 +1,2 @@
+#!/bin/sh -
+echo aarch64
diff --git a/tests/hyperv-arm/sbin/virt-what-cpuid-helper b/tests/hyperv-arm/sbin/virt-what-cpuid-helper
new file mode 100755
index 000000000..77a669235
--- /dev/null
+++ b/tests/hyperv-arm/sbin/virt-what-cpuid-helper
@@ -0,0 +1,2 @@
+#!/bin/sh -
+# nothing
diff --git a/tests/hyperv-arm/test.sh b/tests/hyperv-arm/test.sh
new file mode 100755
index 000000000..50fca7431
--- /dev/null
+++ b/tests/hyperv-arm/test.sh
@@ -0,0 +1,32 @@
+# Test for Microsoft HyperV.
+# Copyright (C) 2008-2024 Red Hat Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+output="$(PATH=../..:$PATH virt-what --test-root=. 2>&1)"
+expected="hyperv"
+
+if [ "$output" != "$expected" ]; then
+ echo "$0: test failed because output did not match expected"
+ echo "Expected output was:"
+ echo "----------------------------------------"
+ echo "$expected"
+ echo "----------------------------------------"
+ echo "But the actual output of the program was:"
+ echo "----------------------------------------"
+ echo "$output"
+ echo "----------------------------------------"
+ exit 1
+fi
diff --git a/virt-what.in b/virt-what.in
index 5c5b54b92..77b385f91 100644
--- a/virt-what.in
+++ b/virt-what.in
@@ -1,6 +1,6 @@
#!/bin/sh -
# @configure_input@
-# Copyright (C) 2008-2022 Red Hat Inc.
+# Copyright (C) 2008-2024 Red Hat Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -136,14 +136,22 @@ fi
# http://blogs.msdn.com/b/sqlosteam/archive/2010/10/30/is-this-real-the-metaphysics-of-hardware-virtualization.aspx
if [ "$cpuid" = "Microsoft Hv" ]; then
echo hyperv
+# Hyper-V on ARM doesn't have CPUID. Use the information in dmidecode
+# instead. Note this is similar to VirtualPC below.
+elif echo "$dmi" | grep -q 'Manufacturer: Microsoft Corporation' &&
+ echo "$dmi" | grep -q 'Product Name: Virtual Machine' &&
+ echo "$dmi" | grep -q 'Version: Hyper-V'; then
+ echo hyperv
fi
# Check for VirtualPC.
-# The negative check for cpuid is to distinguish this from Hyper-V
-# which also has the same manufacturer string in the SM-BIOS data.
+# The negative check for cpuid & Hyper-V is to distinguish this from
+# Hyper-V above which also has the same manufacturer string in the
+# SM-BIOS data.
if [ "$cpuid" != "Microsoft Hv" ] &&
echo "$dmi" | grep -q 'Manufacturer: Microsoft Corporation' &&
- echo "$dmi" | grep -q 'Product Name: Virtual Machine'; then
+ echo "$dmi" | grep -q 'Product Name: Virtual Machine' &&
+ ! echo "$dmi" | grep -q 'Version: Hyper-V'; then
echo virtualpc
fi
--
2.43.0

View File

@ -1,714 +0,0 @@
From 772dfd3a966d766d4566fd048f8b0178f7f827e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Fri, 26 May 2023 12:39:03 +0100
Subject: [PATCH] Introduce 'virt-what-cvm' program
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The 'virt-what' program prints facts that reflect the hypervisor that
the guest is running under.
The new complementary 'virt-what-cvm' program prints facts that reflect
the confidential virtualization technology the guest is running under,
if any.
It is kept as a separate tool, rather than incorporating the facts into
'virt-what' output because it is considering a different aspect of the
virtualization. Furthermore there are specific security concerns around
the usage of facts reported by 'virt-what-cvm'.
The tool has been tested in a number of environments
* Azure confidential guest with AMD SEV-SNP (GA)
* Azure confidential guest with Intel TDX (technology preview)
* Fedora 37 QEMU/KVM guest with AMD SEV (GA)
* Fedora 37 QEMU/KVM guest with AMD SEV-ES (GA)
* Fedora 38 QEMU/KVM guest with AMD SEV-SNP + SVSM (devel snapshot)
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 22e33361e980ddefe08e2c68bf145943af8375f9)
---
.gitignore | 3 +
Makefile.am | 12 +-
configure.ac | 3 +
virt-what-cvm.c | 404 ++++++++++++++++++++++++++++++++++++++++++++++
virt-what-cvm.pod | 195 ++++++++++++++++++++++
5 files changed, 613 insertions(+), 4 deletions(-)
create mode 100644 virt-what-cvm.c
create mode 100644 virt-what-cvm.pod
diff --git a/.gitignore b/.gitignore
index 4833fd6be..ba897a162 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,5 +26,8 @@ Makefile.in
/test-driver
/virt-what
/virt-what-cpuid-helper
+/virt-what-cvm
+/virt-what-cvm.1
+/virt-what-cvm.txt
/virt-what.1
/virt-what.txt
diff --git a/Makefile.am b/Makefile.am
index 543513204..2050bef8d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -24,20 +24,24 @@ EXTRA_DIST = .gitignore virt-what.in virt-what.pod
SUBDIRS = . tests
sbin_SCRIPTS = virt-what
+sbin_PROGRAMS = virt-what-cvm
libexec_PROGRAMS = virt-what-cpuid-helper
if HOST_CPU_IA64
libexec_PROGRAMS += virt-what-ia64-xen-rdtsc-test
endif
+virt_what_cvm_LDADD = $(TPM2_TSS_LIBS)
+virt_what_cvm_CFLAGS = $(TPM2_TSS_CFLAGS)
+
if HAVE_POD2MAN
-CLEANFILES += virt-what.1 virt-what.txt
-man_MANS = virt-what.1
+CLEANFILES += virt-what.1 virt-what-cvm.1 virt-what.txt virt-what-cvm.txt
+man_MANS = virt-what.1 virt-what-cvm.1
-virt-what.1: virt-what.pod
+%.1: %.pod
pod2man -c "Virtualization Support" --release "$(PACKAGE)-$(VERSION)" \
$? > $@
-virt-what.txt: virt-what.pod
+%.txt: %.pod
pod2text $? > $@
endif
diff --git a/configure.ac b/configure.ac
index 4dd2c9731..b1dadd64d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -32,6 +32,9 @@ dnl Architecture we are compiling for.
AC_CANONICAL_HOST
AM_CONDITIONAL([HOST_CPU_IA64], [ test "x$host_cpu" = "xia64" ])
+PKG_HAVE_DEFINE_WITH_MODULES(TPM2_TSS, tss2-esys, [tpm2-tss package])
+
+
dnl List of tests.
tests="\
alibaba-cloud-arm \
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
new file mode 100644
index 000000000..407efb492
--- /dev/null
+++ b/virt-what-cvm.c
@@ -0,0 +1,404 @@
+/* virt-what-cvm-helper: Are we running inside confidential VM
+ * Copyright (C) 2023 Red Hat Inc.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include <stdbool.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <getopt.h>
+#ifdef HAVE_TPM2_TSS
+#include <tss2/tss2_esys.h>
+#include <assert.h>
+#endif
+
+static bool dodebug = false;
+
+#define debug(...) do { if (dodebug) fprintf(stderr, __VA_ARGS__); } while(0)
+
+/*
+ * AMD64 Architecture Programmers Manual Volume 3:
+ * General-Purpose and System Instructions.
+ * Chapter: E4.1 - Maximum Extended Function Number and Vendor String
+ * https://www.amd.com/system/files/TechDocs/24594.pdf
+ */
+#define CPUID_GET_HIGHEST_FUNCTION 0x80000000
+
+/*
+ * AMD64 Architecture Programmers Manual Volume 3:
+ * General-Purpose and System Instructions.
+ * Chapter: E4.17 - Encrypted Memory Capabilities
+ * https://www.amd.com/system/files/TechDocs/24594.pdf
+ */
+#define CPUID_AMD_GET_ENCRYPTED_MEMORY_CAPABILITIES 0x8000001f
+
+/*
+ * AMD64 Architecture Programmers Manual Volume 3:
+ * General-Purpose and System Instructions.
+ * Chapter: 15.34.10 - SEV_STATUS MSR
+ * https://www.amd.com/system/files/TechDocs/24593.pdf
+ */
+#define MSR_AMD64_SEV 0xc0010131
+
+/*
+ * Intel® TDX Module v1.5 Base Architecture Specification
+ * Chapter: 11.2
+ * https://www.intel.com/content/www/us/en/content-details/733575/intel-tdx-module-v1-5-base-architecture-specification.html
+ */
+
+#define CPUID_INTEL_TDX_ENUMERATION 0x21
+
+
+#define CPUID_SIG_AMD "AuthenticAMD"
+#define CPUID_SIG_INTEL "GenuineIntel"
+#define CPUID_SIG_INTEL_TDX "IntelTDX "
+
+/*
+ * This TPM NV data format is not explicitly documented anywhere,
+ * but the header definition is present in code at:
+ *
+ * https://github.com/kinvolk/azure-cvm-tooling/blob/main/az-snp-vtpm/src/hcl.rs
+ */
+#define TPM_AZURE_HCLA_REPORT_INDEX 0x01400001
+
+struct TPMAzureHCLAHeader {
+ uint32_t signature;
+ uint32_t version;
+ uint32_t report_len;
+ uint32_t report_type;
+ uint32_t unknown[4];
+};
+
+/* The bytes for "HCLA" */
+#define TPM_AZURE_HCLA_SIGNATURE 0x414C4348
+#define TPM_AZURE_HCLA_VERSION 0x1
+#define TPM_AZURE_HCLA_REPORT_TYPE_SNP 0x2
+
+#if defined(__x86_64__)
+
+#ifdef HAVE_TPM2_TSS
+static char *
+tpm_nvread(uint32_t nvindex, size_t *retlen)
+{
+ TSS2_RC rc;
+ ESYS_CONTEXT *ctx = NULL;
+ ESYS_TR primary = ESYS_TR_NONE;
+ ESYS_TR session = ESYS_TR_NONE;
+ ESYS_TR nvobj = ESYS_TR_NONE;
+ TPM2B_NV_PUBLIC *pubData = NULL;
+ TPMT_SYM_DEF sym = {
+ .algorithm = TPM2_ALG_AES,
+ .keyBits = { .aes = 128 },
+ .mode = { .aes = TPM2_ALG_CFB }
+ };
+ char *ret;
+ size_t retwant;
+
+ rc = Esys_Initialize(&ctx, NULL, NULL);
+ if (rc != TSS2_RC_SUCCESS)
+ return NULL;
+
+ rc = Esys_Startup(ctx, TPM2_SU_CLEAR);
+ debug("tpm startup %d\n", rc);
+ if (rc != TSS2_RC_SUCCESS)
+ goto error;
+
+ rc = Esys_StartAuthSession(ctx, ESYS_TR_NONE, ESYS_TR_NONE,
+ ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
+ NULL, 0,
+ &sym, TPM2_ALG_SHA256, &session);
+ debug("tpm auth session %d\n", rc);
+ if (rc != TSS2_RC_SUCCESS)
+ goto error;
+
+ rc = Esys_TR_FromTPMPublic(ctx, nvindex, ESYS_TR_NONE,
+ ESYS_TR_NONE, ESYS_TR_NONE, &nvobj);
+ debug("tpm from public %d\n", rc);
+ if (rc != TSS2_RC_SUCCESS)
+ goto error;
+
+ rc = Esys_NV_ReadPublic(ctx, nvobj, ESYS_TR_NONE,
+ ESYS_TR_NONE, ESYS_TR_NONE,
+ &pubData, NULL);
+ debug("tpm read public %d\n", rc);
+ if (rc != TPM2_RC_SUCCESS)
+ goto error;
+
+ retwant = pubData->nvPublic.dataSize;
+ free(pubData);
+ *retlen = 0;
+ ret = malloc(retwant);
+ assert(ret);
+ while (*retlen < retwant) {
+ size_t want = retwant - *retlen;
+ TPM2B_MAX_NV_BUFFER *data = NULL;
+ if (want > 1024)
+ want = 1024;
+ rc = Esys_NV_Read(ctx, ESYS_TR_RH_OWNER, nvobj, session, ESYS_TR_NONE, ESYS_TR_NONE,
+ want, *retlen, &data);
+ debug("tpm nv read %d\n", rc);
+ if (rc != TPM2_RC_SUCCESS) {
+ free(ret);
+ goto error;
+ }
+
+ memcpy(ret + *retlen, data->buffer, data->size);
+ *retlen += data->size;
+ free(data);
+ }
+
+ return ret;
+
+ error:
+ if (nvobj != ESYS_TR_NONE)
+ Esys_FlushContext(ctx, nvobj);
+ if (session != ESYS_TR_NONE)
+ Esys_FlushContext(ctx, session);
+ if (primary != ESYS_TR_NONE)
+ Esys_FlushContext(ctx, primary);
+ Esys_Finalize(&ctx);
+ *retlen = 0;
+ return NULL;
+}
+#else /* ! HAVE_TPM2_TSS */
+static char *
+tpm_nvread(uint32_t nvindex, size_t *retlen)
+{
+ return NULL;
+}
+#endif /* ! HAVE_TPM2_TSS */
+
+/* Copied from the Linux kernel definition in
+ * arch/x86/include/asm/processor.h
+ */
+static inline void
+cpuid (uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
+{
+ debug("CPUID func %x %x\n", *eax, *ecx);
+ asm volatile ("cpuid"
+ : "=a" (*eax), "=b" (*ebx), "=c" (*ecx), "=d" (*edx)
+ : "0" (*eax), "2" (*ecx)
+ : "memory");
+ debug("CPUID result %x %x %x %x\n", *eax, *ebx, *ecx, *edx);
+}
+
+
+static uint32_t
+cpuid_leaf (uint32_t eax, char *sig)
+{
+ uint32_t *sig32 = (uint32_t *) sig;
+
+ cpuid (&eax, &sig32[0], &sig32[2], &sig32[1]);
+ sig[12] = 0; /* \0-terminate the string to make string comparison possible */
+ debug("CPUID sig %s\n", sig);
+ return eax;
+}
+
+#define MSR_DEVICE "/dev/cpu/0/msr"
+
+static uint64_t
+msr (off_t index)
+{
+ uint64_t ret;
+ int fd = open (MSR_DEVICE, O_RDONLY);
+ if (fd < 0) {
+ debug ("Cannot open MSR device %s", MSR_DEVICE);
+ return 0;
+ }
+
+ if (pread (fd, &ret, sizeof(ret), index) != sizeof(ret))
+ ret = 0;
+
+ close (fd);
+
+ debug ("MSR %llx result %llx\n", (unsigned long long)index,
+ (unsigned long long)ret);
+ return ret;
+}
+
+bool
+cpu_sig_amd_azure (void)
+{
+ size_t datalen = 0;
+ char *data = tpm_nvread(TPM_AZURE_HCLA_REPORT_INDEX, &datalen);
+ struct TPMAzureHCLAHeader *header = (struct TPMAzureHCLAHeader *)data;
+ bool ret;
+
+ if (!data)
+ return false;
+
+ if (datalen < sizeof(struct TPMAzureHCLAHeader)) {
+ debug ("TPM data len is too small to be an Azure HCLA report");
+ return false;
+ }
+
+ debug ("Azure TPM HCLA report header sig %x ver %x type %x\n",
+ header->signature, header->version, header->report_type);
+
+ ret = (header->signature == TPM_AZURE_HCLA_SIGNATURE &&
+ header->version == TPM_AZURE_HCLA_VERSION &&
+ header->report_type == TPM_AZURE_HCLA_REPORT_TYPE_SNP);
+ debug ("Azure TPM HCLA report present ? %d\n", ret);
+
+ free(data);
+ return ret;
+}
+
+static void
+cpu_sig_amd (void)
+{
+ uint32_t eax, ebx, ecx, edx;
+ uint64_t msrval;
+
+ eax = CPUID_GET_HIGHEST_FUNCTION;
+ ebx = ecx = edx = 0;
+
+ cpuid (&eax, &ebx, &ecx, &edx);
+
+ if (eax < CPUID_AMD_GET_ENCRYPTED_MEMORY_CAPABILITIES)
+ return;
+
+ eax = CPUID_AMD_GET_ENCRYPTED_MEMORY_CAPABILITIES;
+ ebx = ecx = edx = 0;
+
+ cpuid (&eax, &ebx, &ecx, &edx);
+
+ /* bit 1 == CPU supports SEV feature
+ *
+ * Note, Azure blocks this CPUID leaf from its SEV-SNP
+ * guests, so we must fallback to probing the TPM which
+ * exposes a SEV-SNP attestation report as evidence.
+ */
+ if (!(eax & (1 << 1))) {
+ debug ("No sev in CPUID, try azure TPM NV\n");
+
+ if (cpu_sig_amd_azure()) {
+ puts ("amd-sev-snp");
+ puts ("azure-hcl");
+ } else {
+ debug("No azure TPM NV\n");
+ }
+ return;
+ }
+
+ msrval = msr (MSR_AMD64_SEV);
+
+ /* Test reverse order, since the SEV-SNP bit implies
+ * the SEV-ES bit, which implies the SEV bit */
+ if (msrval & (1 << 2)) {
+ puts ("amd-sev-snp");
+ } else if (msrval & (1 << 1)) {
+ puts ("amd-sev-es");
+ } else if (msrval & (1 << 0)) {
+ puts ("amd-sev");
+ }
+}
+
+static void
+cpu_sig_intel (void)
+{
+ uint32_t eax, ebx, ecx, edx;
+ char sig[13];
+
+ eax = CPUID_GET_HIGHEST_FUNCTION;
+ ebx = ecx = edx = 0;
+
+ cpuid (&eax, &ebx, &ecx, &edx);
+ debug ("CPUID max function: %x %x %x %x\n", eax, ebx, ecx,edx);
+
+ if (eax < CPUID_INTEL_TDX_ENUMERATION)
+ return;
+
+ memset (sig, 0, sizeof sig);
+ cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig);
+
+ if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0)
+ puts ("intel-tdx");
+}
+
+static void
+cpu_sig (void)
+{
+ char sig[13];
+
+ memset (sig, 0, sizeof sig);
+ cpuid_leaf (0, sig);
+
+ if (memcmp (sig, CPUID_SIG_AMD, sizeof(sig)) == 0)
+ cpu_sig_amd ();
+ else if (memcmp (sig, CPUID_SIG_INTEL, sizeof(sig)) == 0)
+ cpu_sig_intel ();
+}
+
+#else /* !x86_64 */
+
+static void
+cpu_sig (void)
+{
+ /* nothing for other architectures */
+}
+
+#endif
+
+int
+main(int argc, char **argv)
+{
+ int c;
+
+ while (true) {
+ int option_index = 0;
+ static struct option long_options[] = {
+ {"debug", no_argument, 0, 'd' },
+ {"version", no_argument, 0, 'v' },
+ {"help", no_argument, 0, 'h'},
+ {0, 0, 0, 0 }
+ };
+
+ c = getopt_long(argc, argv, "dvh",
+ long_options, &option_index);
+ if (c == -1)
+ break;
+
+ switch (c) {
+ case 'd':
+ dodebug = true;
+ break;
+ case 'v':
+ fprintf(stdout, "%s\n", PACKAGE_VERSION);
+ exit(EXIT_SUCCESS);
+ break;
+ case 'h':
+ default: /* '?' */
+ fprintf(c == 'h' ? stdout : stderr,
+ "Usage: %s [--debug|-d] [--help|-h] [--version|-v]\n",
+ argv[0]);
+ exit(c == 'h' ? EXIT_SUCCESS : EXIT_FAILURE);
+ }
+ }
+
+ if (!dodebug)
+ setenv("TSS2_LOG", "all+none", 1);
+
+ cpu_sig ();
+
+ exit(EXIT_SUCCESS);
+}
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
new file mode 100644
index 000000000..12cfc6a96
--- /dev/null
+++ b/virt-what-cvm.pod
@@ -0,0 +1,195 @@
+=encoding utf8
+
+=head1 NAME
+
+virt-what-cvm - detect if we are running in a confidential virtual machine
+
+=head1 SUMMARY
+
+virt-what-cvm [options]
+
+=head1 DESCRIPTION
+
+C<virt-what-cvm> is a tool which can be used to detect if the program
+is running in a confidential virtual machine.
+
+The program prints out a list of "facts" about the confidential virtual
+machine, derived from heuristics. One fact is printed per line.
+
+If nothing is printed and the script exits with code 0 (no error),
+then it can mean I<either> that the program is running on bare-metal
+I<or> the program is running inside a non-confidential virtual machine,
+I<or> inside a type of confidential virtual machine which we don't know
+about or cannot detect.
+
+=head1 FACTS
+
+=over 4
+
+=item B<amd-sev>
+
+This is a confidential guest running with AMD SEV technology
+
+Status: tested on Fedora 37 QEMU+KVM
+
+=item B<amd-sev-es>
+
+This is a confidential guest running with AMD SEV-ES technology
+
+Status: tested on Fedora 37 QEMU+KVM
+
+=item B<amd-sev-snp>
+
+This is a confidential guest running with AMD SEV-SNP technology
+
+Status: tested on Microsoft Azure SEV-SNP CVM
+
+Status: tested on Fedora 38 QEMU+KVM SEV-SNP (devel snapshot)
+
+=item B<intel-tdx>
+
+This is a confidential guest running with Intel TDX technology
+
+Status: tested on Microsoft Azure TDX CVM (preview)
+
+=item B<azure-hcl>
+
+This is a confidential guest running unenlightened under the
+Azure HCL (Host Compatibility Layer). This will be paired with
+B<amd-sev-snp>.
+
+Status: tested on Microsoft Azure SEV-SNP CVM
+
+=back
+
+=head1 EXIT STATUS
+
+Programs that use or wrap C<virt-what-cvm> should check that the exit
+status is 0 before they attempt to parse the output of the command.
+
+A non-zero exit status indicates some error, for example, an
+unrecognized command line argument. If the exit status is non-zero
+then the output "facts" (if any were printed) cannot be guaranteed and
+should be ignored.
+
+The exit status does I<not> have anything to do with whether the
+program is running on baremetal or under confidential virtualization,
+nor with whether C<virt-what-cvm> managed detection "correctly" (which
+is basically unknowable given the large variety of virtualization
+systems out there)
+
+=head1 RUNNING VIRT-WHAT-CVM FROM OTHER PROGRAMS
+
+C<virt-what-cvm> is designed so that you can easily run it from
+other programs or wrap it up in a library.
+
+Your program should check the exit status (see the section above).
+
+=head1 IMPORTANT NOTE
+
+This program detects whether it is likely to be running within a known
+confidential VM, but does I<NOT> prove that the environment is trustworthy.
+To attain trust in the environment requires an attestation report for the
+virtual machine, which is then verified by an already trusted 3rd party.
+
+The hardware features that this program relies on to establish facts
+about the confidential virtualization environment, are those features
+whose behaviour will be proved by verification of an attestation report.
+
+This program I<MAY> have false positives. ie it may report that it is a
+confidential VM when it is in fact a non-confidential VM faking it.
+
+This program I<SHOULD NOT> have false negatives. ie it should not fail to
+report existance of a confidential VM. Caveat that this only applies to
+environments which have been explicitly tested.
+
+If this program does print a fact, this can be used for enabling or
+disabling use of certain features, according to whether they are
+appropriate for a confidential environment. None the less, the VM
+I<MUST NOT> be trusted until an attestation report is verified.
+
+As a protection against false negatives from this tool, environments
+requiring high assurance should take one or more of these measures:
+
+ * The facts reported by this program I<SHOULD> should be measured
+ into one of the TPM PCRs
+ * The attestation report I<SHOULD> cover the facts reported by
+ this program
+ * The attestation report I<SHOULD> should cover the enablement
+ status of any features affected by decisions involving facts
+ reported by this tool
+
+=head1 SEE ALSO
+
+L<http://people.redhat.com/~rjones/virt-what/>,
+L<https://github.com/Azure/confidential-computing-cvm-guest-attestation>,
+L<https://virtee.io/>
+
+=head1 AUTHORS
+
+Daniel P. Berrangé <berrange @ redhat . com>
+
+=head1 COPYRIGHT
+
+(C) Copyright 2023 Red Hat Inc.,
+L<http://people.redhat.com/~rjones/virt-what/>
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+=head1 REPORTING BUGS
+
+Bugs can be viewed on the Red Hat Bugzilla page:
+L<https://bugzilla.redhat.com/>.
+
+If you find a bug in virt-what-cvm, please follow these steps to report it:
+
+=over 4
+
+=item 1. Check for existing bug reports
+
+Go to L<https://bugzilla.redhat.com/> and search for similar bugs.
+Someone may already have reported the same bug, and they may even
+have fixed it.
+
+=item 2. Capture debug and error messages
+
+Run
+
+ virt-what-cvm -d > virt-what-cvm.log 2>&1
+
+and keep I<virt-what-cvm.log>. It may contain error messages which you
+should submit with your bug report.
+
+=item 3. Get version of virt-what-cvm.
+
+Run
+
+ virt-what-cvm --version
+
+=item 4. Submit a bug report.
+
+Go to L<https://bugzilla.redhat.com/> and enter a new bug.
+Please describe the problem in as much detail as possible.
+
+Remember to include the version numbers (step 3) and the debug
+messages file (step 2) and as much other detail as possible.
+
+=item 5. Assign the bug to rjones @ redhat.com
+
+Assign or reassign the bug to B<rjones @ redhat.com> (without the
+spaces). You can also send me an email with the bug number if you
+want a faster response.
+
+=back
--
2.43.0

View File

@ -1,25 +0,0 @@
From dbd90b1a4ceae884b06907da0b7964bcb8ff01d3 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 30 May 2023 08:46:06 +0100
Subject: [PATCH] docs: Add cross reference to virt-what-cvm(1) to virt-what(1)
(cherry picked from commit 52c833c7c6ede0b7fcefa7ad225206f410407eda)
---
virt-what.pod | 1 +
1 file changed, 1 insertion(+)
diff --git a/virt-what.pod b/virt-what.pod
index 45dd7c933..d60449d02 100644
--- a/virt-what.pod
+++ b/virt-what.pod
@@ -409,6 +409,7 @@ specific features your drivers need (eg. for the presence of PCI devices).
=head1 SEE ALSO
+L<virt-what-cvm(1)>,
L<http://people.redhat.com/~rjones/virt-what/>,
L<http://www.vmware.com/>,
L<http://www.microsoft.com/windows/products/winfamily/virtualpc>,
--
2.43.0

View File

@ -1,77 +0,0 @@
From 0b4886bea5fce89f588a1ac3c885b6860bb2deed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Jun 2023 17:51:02 +0100
Subject: [PATCH] virt-what-cvm: check if hypervisor bit is set
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Before doing any probes for a confidential VM, check that the
tool is running under a hypervisor, rather than bare metal
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 64718d09a504bd10c6ab973acc0779925482b62f)
---
virt-what-cvm.c | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 407efb492..f1847688b 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -35,6 +35,9 @@ static bool dodebug = false;
#define debug(...) do { if (dodebug) fprintf(stderr, __VA_ARGS__); } while(0)
+
+#define CPUID_PROCESSOR_INFO_AND_FEATURE_BITS 0x1
+
/*
* AMD64 Architecture Programmers Manual Volume 3:
* General-Purpose and System Instructions.
@@ -72,6 +75,9 @@ static bool dodebug = false;
#define CPUID_SIG_INTEL "GenuineIntel"
#define CPUID_SIG_INTEL_TDX "IntelTDX "
+/* ecx bit 31: set => hyperpvisor, unset => bare metal */
+#define CPUID_FEATURE_HYPERVISOR (1 << 31)
+
/*
* This TPM NV data format is not explicitly documented anywhere,
* but the header definition is present in code at:
@@ -335,11 +341,32 @@ cpu_sig_intel (void)
puts ("intel-tdx");
}
+static bool
+cpu_is_hv (void)
+{
+ uint32_t eax, ebx, ecx, edx;
+ bool is_hv;
+
+ eax = CPUID_PROCESSOR_INFO_AND_FEATURE_BITS;
+ ebx = ecx = edx = 0;
+
+ cpuid(&eax, &ebx, &ecx, &edx);
+
+ is_hv = ecx & CPUID_FEATURE_HYPERVISOR;
+
+ debug ("CPUID is hypervisor: %s\n", is_hv ? "yes" : "no");
+ return is_hv;
+}
+
static void
cpu_sig (void)
{
char sig[13];
+ /* Skip everything on bare metal */
+ if (!cpu_is_hv ())
+ return;
+
memset (sig, 0, sizeof sig);
cpuid_leaf (0, sig);
--
2.43.0

View File

@ -1,59 +0,0 @@
From 56498baf2eddf072b9dcab7570febc6ce8f58504 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Jun 2023 17:51:03 +0100
Subject: [PATCH] virt-what-cvm: support alternative cpuid leaf ordering
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The HyperV CPUID leaf for reporting the vendor string has an
alternative ordering of ecx/edx.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 15d3e4a92fd9c1490fb6f86b7ab3a2dff8364837)
---
virt-what-cvm.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index f1847688b..1e7c50bb0 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -209,11 +209,14 @@ cpuid (uint32_t *eax, uint32_t *ebx, uint32_t *ecx, uint32_t *edx)
static uint32_t
-cpuid_leaf (uint32_t eax, char *sig)
+cpuid_leaf (uint32_t eax, char *sig, bool swapped)
{
uint32_t *sig32 = (uint32_t *) sig;
- cpuid (&eax, &sig32[0], &sig32[2], &sig32[1]);
+ if (swapped)
+ cpuid (&eax, &sig32[0], &sig32[2], &sig32[1]);
+ else
+ cpuid (&eax, &sig32[0], &sig32[1], &sig32[2]);
sig[12] = 0; /* \0-terminate the string to make string comparison possible */
debug("CPUID sig %s\n", sig);
return eax;
@@ -335,7 +338,7 @@ cpu_sig_intel (void)
return;
memset (sig, 0, sizeof sig);
- cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig);
+ cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig, true);
if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0)
puts ("intel-tdx");
@@ -368,7 +371,7 @@ cpu_sig (void)
return;
memset (sig, 0, sizeof sig);
- cpuid_leaf (0, sig);
+ cpuid_leaf (0, sig, true);
if (memcmp (sig, CPUID_SIG_AMD, sizeof(sig)) == 0)
cpu_sig_amd ();
--
2.43.0

View File

@ -1,117 +0,0 @@
From eecffe8b20d7e136e64d7360ef6655c8eee4250e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Jun 2023 17:51:04 +0100
Subject: [PATCH] virt-what-cvm: probe for SNP/HCL on HyperV/Azure via CPUID
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When running a confidential VM on Azure (HyperV) we can probe
CPUID leaf 0x40000003 to detect if VM isolation is present,
and 0x4000000c to detect what kind of isolation is used.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit bb0055b491501e16fca3ab61dc7a969effbf48f3)
---
virt-what-cvm.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 60 insertions(+), 2 deletions(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 1e7c50bb0..a7a224f94 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -70,14 +70,33 @@ static bool dodebug = false;
#define CPUID_INTEL_TDX_ENUMERATION 0x21
+/* Requirements for Implementing the Microsoft Hypervisor Interface
+ * https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/tlfs
+ */
+#define CPUID_HYPERV_VENDOR_AND_MAX_FUNCTIONS 0x40000000
+
+#define CPUID_HYPERV_FEATURES 0x40000003
+
+#define CPUID_HYPERV_ISOLATION_CONFIG 0x4000000C
+
+#define CPUID_HYPERV_MIN 0x40000005
+#define CPUID_HYPERV_MAX 0x4000ffff
#define CPUID_SIG_AMD "AuthenticAMD"
#define CPUID_SIG_INTEL "GenuineIntel"
#define CPUID_SIG_INTEL_TDX "IntelTDX "
+#define CPUID_SIG_HYPERV "Microsoft Hv"
/* ecx bit 31: set => hyperpvisor, unset => bare metal */
#define CPUID_FEATURE_HYPERVISOR (1 << 31)
+/* Linux include/asm-generic/hyperv-tlfs.h */
+#define CPUID_HYPERV_CPU_MANAGEMENT (1 << 12) /* root partition */
+#define CPUID_HYPERV_ISOLATION (1 << 22) /* confidential VM partition */
+
+#define CPUID_HYPERV_ISOLATION_TYPE_MASK 0xf
+#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
+
/*
* This TPM NV data format is not explicitly documented anywhere,
* but the header definition is present in code at:
@@ -272,6 +291,44 @@ cpu_sig_amd_azure (void)
return ret;
}
+static bool
+cpu_sig_amd_hyperv (void)
+{
+ uint32_t eax, ebx, ecx, edx;
+ char sig[13];
+ uint32_t feat;
+
+ feat = cpuid_leaf (CPUID_HYPERV_VENDOR_AND_MAX_FUNCTIONS, sig, false);
+
+ if (feat < CPUID_HYPERV_MIN ||
+ feat > CPUID_HYPERV_MAX)
+ return false;
+
+ if (memcmp (sig, CPUID_SIG_HYPERV, sizeof(sig)) != 0)
+ return false;
+
+ debug ("CPUID is on hyperv\n");
+ eax = CPUID_HYPERV_FEATURES;
+ ebx = ecx = edx = 0;
+
+ cpuid(&eax, &ebx, &ecx, &edx);
+
+ if (ebx & CPUID_HYPERV_ISOLATION &&
+ !(ebx & CPUID_HYPERV_CPU_MANAGEMENT)) {
+
+ eax = CPUID_HYPERV_ISOLATION_CONFIG;
+ ebx = ecx = edx = 0;
+ cpuid(&eax, &ebx, &ecx, &edx);
+
+ if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) ==
+ CPUID_HYPERV_ISOLATION_TYPE_SNP) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
static void
cpu_sig_amd (void)
{
@@ -298,9 +355,10 @@ cpu_sig_amd (void)
* exposes a SEV-SNP attestation report as evidence.
*/
if (!(eax & (1 << 1))) {
- debug ("No sev in CPUID, try azure TPM NV\n");
+ debug ("No sev in CPUID, try hyperv CPUID/azure TPM NV\n");
- if (cpu_sig_amd_azure()) {
+ if (cpu_sig_amd_hyperv () ||
+ cpu_sig_amd_azure()) {
puts ("amd-sev-snp");
puts ("azure-hcl");
} else {
--
2.43.0

View File

@ -1,258 +0,0 @@
From 5658e72cb0de7e0e31fd16df7a3b80015ce6dc71 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Jun 2023 17:51:05 +0100
Subject: [PATCH] virt-what-cvm: drop TPM logic for detecting SNP on
HyperV/Azure
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Now we have proper CPUID detection, we no longer need the TPM
hacks.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 82c0e9c469953a36f18db1e329629cecd950134a)
---
Makefile.am | 3 -
configure.ac | 2 -
virt-what-cvm.c | 161 ++----------------------------------------------
3 files changed, 6 insertions(+), 160 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 2050bef8d..b68540f39 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -30,9 +30,6 @@ if HOST_CPU_IA64
libexec_PROGRAMS += virt-what-ia64-xen-rdtsc-test
endif
-virt_what_cvm_LDADD = $(TPM2_TSS_LIBS)
-virt_what_cvm_CFLAGS = $(TPM2_TSS_CFLAGS)
-
if HAVE_POD2MAN
CLEANFILES += virt-what.1 virt-what-cvm.1 virt-what.txt virt-what-cvm.txt
diff --git a/configure.ac b/configure.ac
index b1dadd64d..0309a80bd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -32,8 +32,6 @@ dnl Architecture we are compiling for.
AC_CANONICAL_HOST
AM_CONDITIONAL([HOST_CPU_IA64], [ test "x$host_cpu" = "xia64" ])
-PKG_HAVE_DEFINE_WITH_MODULES(TPM2_TSS, tss2-esys, [tpm2-tss package])
-
dnl List of tests.
tests="\
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index a7a224f94..8b8a4df09 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -26,10 +26,6 @@
#include <fcntl.h>
#include <unistd.h>
#include <getopt.h>
-#ifdef HAVE_TPM2_TSS
-#include <tss2/tss2_esys.h>
-#include <assert.h>
-#endif
static bool dodebug = false;
@@ -97,121 +93,8 @@ static bool dodebug = false;
#define CPUID_HYPERV_ISOLATION_TYPE_MASK 0xf
#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
-/*
- * This TPM NV data format is not explicitly documented anywhere,
- * but the header definition is present in code at:
- *
- * https://github.com/kinvolk/azure-cvm-tooling/blob/main/az-snp-vtpm/src/hcl.rs
- */
-#define TPM_AZURE_HCLA_REPORT_INDEX 0x01400001
-
-struct TPMAzureHCLAHeader {
- uint32_t signature;
- uint32_t version;
- uint32_t report_len;
- uint32_t report_type;
- uint32_t unknown[4];
-};
-
-/* The bytes for "HCLA" */
-#define TPM_AZURE_HCLA_SIGNATURE 0x414C4348
-#define TPM_AZURE_HCLA_VERSION 0x1
-#define TPM_AZURE_HCLA_REPORT_TYPE_SNP 0x2
-
#if defined(__x86_64__)
-#ifdef HAVE_TPM2_TSS
-static char *
-tpm_nvread(uint32_t nvindex, size_t *retlen)
-{
- TSS2_RC rc;
- ESYS_CONTEXT *ctx = NULL;
- ESYS_TR primary = ESYS_TR_NONE;
- ESYS_TR session = ESYS_TR_NONE;
- ESYS_TR nvobj = ESYS_TR_NONE;
- TPM2B_NV_PUBLIC *pubData = NULL;
- TPMT_SYM_DEF sym = {
- .algorithm = TPM2_ALG_AES,
- .keyBits = { .aes = 128 },
- .mode = { .aes = TPM2_ALG_CFB }
- };
- char *ret;
- size_t retwant;
-
- rc = Esys_Initialize(&ctx, NULL, NULL);
- if (rc != TSS2_RC_SUCCESS)
- return NULL;
-
- rc = Esys_Startup(ctx, TPM2_SU_CLEAR);
- debug("tpm startup %d\n", rc);
- if (rc != TSS2_RC_SUCCESS)
- goto error;
-
- rc = Esys_StartAuthSession(ctx, ESYS_TR_NONE, ESYS_TR_NONE,
- ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
- NULL, 0,
- &sym, TPM2_ALG_SHA256, &session);
- debug("tpm auth session %d\n", rc);
- if (rc != TSS2_RC_SUCCESS)
- goto error;
-
- rc = Esys_TR_FromTPMPublic(ctx, nvindex, ESYS_TR_NONE,
- ESYS_TR_NONE, ESYS_TR_NONE, &nvobj);
- debug("tpm from public %d\n", rc);
- if (rc != TSS2_RC_SUCCESS)
- goto error;
-
- rc = Esys_NV_ReadPublic(ctx, nvobj, ESYS_TR_NONE,
- ESYS_TR_NONE, ESYS_TR_NONE,
- &pubData, NULL);
- debug("tpm read public %d\n", rc);
- if (rc != TPM2_RC_SUCCESS)
- goto error;
-
- retwant = pubData->nvPublic.dataSize;
- free(pubData);
- *retlen = 0;
- ret = malloc(retwant);
- assert(ret);
- while (*retlen < retwant) {
- size_t want = retwant - *retlen;
- TPM2B_MAX_NV_BUFFER *data = NULL;
- if (want > 1024)
- want = 1024;
- rc = Esys_NV_Read(ctx, ESYS_TR_RH_OWNER, nvobj, session, ESYS_TR_NONE, ESYS_TR_NONE,
- want, *retlen, &data);
- debug("tpm nv read %d\n", rc);
- if (rc != TPM2_RC_SUCCESS) {
- free(ret);
- goto error;
- }
-
- memcpy(ret + *retlen, data->buffer, data->size);
- *retlen += data->size;
- free(data);
- }
-
- return ret;
-
- error:
- if (nvobj != ESYS_TR_NONE)
- Esys_FlushContext(ctx, nvobj);
- if (session != ESYS_TR_NONE)
- Esys_FlushContext(ctx, session);
- if (primary != ESYS_TR_NONE)
- Esys_FlushContext(ctx, primary);
- Esys_Finalize(&ctx);
- *retlen = 0;
- return NULL;
-}
-#else /* ! HAVE_TPM2_TSS */
-static char *
-tpm_nvread(uint32_t nvindex, size_t *retlen)
-{
- return NULL;
-}
-#endif /* ! HAVE_TPM2_TSS */
-
/* Copied from the Linux kernel definition in
* arch/x86/include/asm/processor.h
*/
@@ -263,34 +146,6 @@ msr (off_t index)
return ret;
}
-bool
-cpu_sig_amd_azure (void)
-{
- size_t datalen = 0;
- char *data = tpm_nvread(TPM_AZURE_HCLA_REPORT_INDEX, &datalen);
- struct TPMAzureHCLAHeader *header = (struct TPMAzureHCLAHeader *)data;
- bool ret;
-
- if (!data)
- return false;
-
- if (datalen < sizeof(struct TPMAzureHCLAHeader)) {
- debug ("TPM data len is too small to be an Azure HCLA report");
- return false;
- }
-
- debug ("Azure TPM HCLA report header sig %x ver %x type %x\n",
- header->signature, header->version, header->report_type);
-
- ret = (header->signature == TPM_AZURE_HCLA_SIGNATURE &&
- header->version == TPM_AZURE_HCLA_VERSION &&
- header->report_type == TPM_AZURE_HCLA_REPORT_TYPE_SNP);
- debug ("Azure TPM HCLA report present ? %d\n", ret);
-
- free(data);
- return ret;
-}
-
static bool
cpu_sig_amd_hyperv (void)
{
@@ -350,19 +205,18 @@ cpu_sig_amd (void)
/* bit 1 == CPU supports SEV feature
*
- * Note, Azure blocks this CPUID leaf from its SEV-SNP
- * guests, so we must fallback to probing the TPM which
- * exposes a SEV-SNP attestation report as evidence.
+ * Note, HyperV/Azure blocks this CPUID leaf from its SEV-SNP
+ * guests. We already did an alternative detection mechanism
+ * in such VMs, so should not even be running this code.
*/
if (!(eax & (1 << 1))) {
- debug ("No sev in CPUID, try hyperv CPUID/azure TPM NV\n");
+ debug ("No sev in CPUID, try hyperv CPUID\n");
- if (cpu_sig_amd_hyperv () ||
- cpu_sig_amd_azure()) {
+ if (cpu_sig_amd_hyperv ()) {
puts ("amd-sev-snp");
puts ("azure-hcl");
} else {
- debug("No azure TPM NV\n");
+ debug("No hyperv CPUID\n");
}
return;
}
@@ -483,9 +337,6 @@ main(int argc, char **argv)
}
}
- if (!dodebug)
- setenv("TSS2_LOG", "all+none", 1);
-
cpu_sig ();
exit(EXIT_SUCCESS);
--
2.43.0

View File

@ -1,53 +0,0 @@
From fc766c6db5305effdaaaa843d6a2c2b4623c8b99 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Thu, 29 Jun 2023 17:51:06 +0100
Subject: [PATCH] virt-what-cvm: rename 'azure-hcl' fact to 'hyperv-hcl'
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Azure is a cloud service that uses the HyperV platform, so we
should refer to the fact as 'hyperv-hcl', not 'azure-hcl'.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 94773022f76f994d7a9b37f59ba978bd28f30d1d)
---
virt-what-cvm.c | 2 +-
virt-what-cvm.pod | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 8b8a4df09..52b3426bc 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -214,7 +214,7 @@ cpu_sig_amd (void)
if (cpu_sig_amd_hyperv ()) {
puts ("amd-sev-snp");
- puts ("azure-hcl");
+ puts ("hyperv-hcl");
} else {
debug("No hyperv CPUID\n");
}
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 12cfc6a96..0f9076569 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -52,11 +52,11 @@ This is a confidential guest running with Intel TDX technology
Status: tested on Microsoft Azure TDX CVM (preview)
-=item B<azure-hcl>
+=item B<hyperv-hcl>
This is a confidential guest running unenlightened under the
-Azure HCL (Host Compatibility Layer). This will be paired with
-B<amd-sev-snp>.
+HyperV (Azure) HCL (Host Compatibility Layer). This will be
+paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP CVM
--
2.43.0

View File

@ -1,26 +0,0 @@
From c8daee800cbe22e622306f78a71188ec5639d4a1 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Fri, 26 Jul 2024 16:05:12 +0100
Subject: [PATCH] Add virt-what-cvm.pod to EXTRA_DIST
(Single hunk cherry pick from commit 6d1455766b)
---
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index b68540f39..ba5185741 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -19,7 +19,7 @@ AM_CPPFLAGS = -Wall
CLEANFILES = virt-what *~
-EXTRA_DIST = .gitignore virt-what.in virt-what.pod
+EXTRA_DIST = .gitignore virt-what.in virt-what.pod virt-what-cvm.pod
SUBDIRS = . tests
--
2.43.0

View File

@ -1,98 +0,0 @@
From 7b19a3a531fbabb5785dc7f78352d574f079212f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Tue, 30 Jul 2024 10:46:46 +0100
Subject: [PATCH] Fix CVM detection on Azure with TDX
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The current TDX support was tested on Azure, however, since that time
they now block the CPUID leaf we were using. Instead it is required to
issue the Azure specific CPUID calls as we were already doing for SNP.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 059cbff66740ef74cd663f88c5f96a80a8d6d6ea)
---
virt-what-cvm.c | 14 +++++++++-----
virt-what-cvm.pod | 4 ++--
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 52b3426bc..0daa6ac35 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -92,6 +92,7 @@ static bool dodebug = false;
#define CPUID_HYPERV_ISOLATION_TYPE_MASK 0xf
#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
+#define CPUID_HYPERV_ISOLATION_TYPE_TDX 3
#if defined(__x86_64__)
@@ -147,7 +148,7 @@ msr (off_t index)
}
static bool
-cpu_sig_amd_hyperv (void)
+cpu_sig_cvm_hyperv (uint32_t isoltype)
{
uint32_t eax, ebx, ecx, edx;
char sig[13];
@@ -175,8 +176,7 @@ cpu_sig_amd_hyperv (void)
ebx = ecx = edx = 0;
cpuid(&eax, &ebx, &ecx, &edx);
- if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) ==
- CPUID_HYPERV_ISOLATION_TYPE_SNP) {
+ if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) == isoltype) {
return true;
}
}
@@ -212,7 +212,7 @@ cpu_sig_amd (void)
if (!(eax & (1 << 1))) {
debug ("No sev in CPUID, try hyperv CPUID\n");
- if (cpu_sig_amd_hyperv ()) {
+ if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_SNP)) {
puts ("amd-sev-snp");
puts ("hyperv-hcl");
} else {
@@ -252,8 +252,12 @@ cpu_sig_intel (void)
memset (sig, 0, sizeof sig);
cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig, true);
- if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0)
+ if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0) {
puts ("intel-tdx");
+ } else if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_TDX)) {
+ puts ("intel-tdx");
+ puts ("hyperv-hcl");
+ }
}
static bool
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 0f9076569..70213abd7 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -50,7 +50,7 @@ Status: tested on Fedora 38 QEMU+KVM SEV-SNP (devel snapshot)
This is a confidential guest running with Intel TDX technology
-Status: tested on Microsoft Azure TDX CVM (preview)
+Status: tested on Microsoft Azure TDX CVM
=item B<hyperv-hcl>
@@ -58,7 +58,7 @@ This is a confidential guest running unenlightened under the
HyperV (Azure) HCL (Host Compatibility Layer). This will be
paired with B<amd-sev-snp>.
-Status: tested on Microsoft Azure SEV-SNP CVM
+Status: tested on Microsoft Azure SEV-SNP & TDX CVM
=back
--
2.43.0

View File

@ -1,66 +0,0 @@
From d1cedcffeeff58f33aa467d62c0347ce7073aa4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Fri, 2 Aug 2024 16:07:46 +0100
Subject: [PATCH] Add support for detecting protected virtualization on s390x
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 037689fbe95e403b050c1eb736ebc8fdc2e601a5)
---
virt-what-cvm.c | 21 ++++++++++++++++++++-
virt-what-cvm.pod | 5 +++++
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 0daa6ac35..320df478b 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -295,7 +295,26 @@ cpu_sig (void)
cpu_sig_intel ();
}
-#else /* !x86_64 */
+#elif defined(__s390x__)
+
+#define SYSFS_PROT_VIRT "/sys/firmware/uv/prot_virt_guest"
+
+static void
+cpu_sig (void)
+{
+ int fd = open("/sys/firmware/uv/prot_virt_guest", O_RDONLY);
+ char c;
+ if (fd < 0)
+ return;
+
+ if (read(fd, &c, 1) == 1 && c == '1')
+ puts("s390-protvirt");
+
+ close(fd);
+}
+
+
+#else /* ! x86_64 && ! s390x */
static void
cpu_sig (void)
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 70213abd7..00e21cb70 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -60,6 +60,11 @@ paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP & TDX CVM
+=item B<s390x-protvirt>
+
+This is a confidential guest running on s390x with the
+Protected Virtualization (Secure Execution) technology
+
=back
=head1 EXIT STATUS
--
2.43.0

View File

@ -1,29 +0,0 @@
From 69e5ae90a5a95b38d765e110acf76b3fe3c2665a Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 13 Aug 2024 13:23:06 +0100
Subject: [PATCH] virt-what-cvm.pod: Fix man page typo s390x-protvirt ->
s390-protvirt
Reported-by: Yongkui Guo
Fixes: commit 037689fbe95e403b050c1eb736ebc8fdc2e601a5
(cherry picked from commit 963676c4dd4c2a9c070b76da6f8835ceb131dbe0)
---
virt-what-cvm.pod | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 00e21cb70..a76717984 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -60,7 +60,7 @@ paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP & TDX CVM
-=item B<s390x-protvirt>
+=item B<s390-protvirt>
This is a confidential guest running on s390x with the
Protected Virtualization (Secure Execution) technology
--
2.43.0

View File

@ -8,7 +8,7 @@ set -e
# ./copy-patches.sh # ./copy-patches.sh
project=virt-what project=virt-what
rhel_version=9.5 rhel_version=9.6
# Check we're in the right directory. # Check we're in the right directory.
if [ ! -f $project.spec ]; then if [ ! -f $project.spec ]; then

View File

@ -1,7 +1,6 @@
--- !Policy --- !Policy
product_versions: product_versions:
- rhel-8 - rhel-*
- rhel-9
decision_context: osci_compose_gate decision_context: osci_compose_gate
rules: rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

BIN
libguestfs.keyring Normal file

Binary file not shown.

View File

@ -1,2 +1,2 @@
SHA512 (virt-what-1.25.tar.gz) = 0147b4b44ae0ee685977aa34dfa9bf30ae8e0eb31b7a6d5c0097d16f830fa6fb6afd7156964fc79f3fd5e82b2f68d921fd5306245cc63a2140f6dddc7fdd0e98 SHA512 (virt-what-1.27.tar.gz) = 8d10111e38a87504daccf36e9386863aa92308c96be65164412d92c56c12d42f38e6e251fabe7945ce74e1419fc82c0ac3cdbd0f25b19cd72feda2e199307d6f
SHA512 (virt-what-1.25.tar.gz.sig) = fee5eee4c9b888c6d89512b01cb3a482f8c788d4618c4b2c6e8e709e4d57aa76647463bb06912da2398fd1fd59cb28c38592b7a7de673f4aa27a77d1b2b969c3 SHA512 (virt-what-1.27.tar.gz.sig) = d3b189ba579388082f489219f1051841b888188f865d4718a49da0d85fde64c5d6ca5fa44dd33ef782f2d615444a6d942241a6de5722360f724344320acf1370

View File

@ -1,48 +1,31 @@
Name: virt-what Name: virt-what
Version: 1.25 Version: 1.27
Release: 10%{?dist} Release: 1%{?dist}
Summary: Detect if we are running in a virtual machine Summary: Detect if we are running in a virtual machine
License: GPLv2+ License: GPL-2.0-or-later
URL: http://people.redhat.com/~rjones/virt-what/ URL: http://people.redhat.com/~rjones/virt-what/
Source0: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz Source0: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz
Source1: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz.sig
# Keyring used to verify tarball signature.
Source2: libguestfs.keyring
# Maintainer script which helps with handling patches. # Maintainer script which helps with handling patches.
Source1: copy-patches.sh Source3: copy-patches.sh
# Patches are maintained in the following repository: # Patches are maintained in the following repository:
# http://git.annexia.org/?p=virt-what.git;a=shortlog;h=refs/heads/rhel-9.5 # http://git.annexia.org/?p=virt-what.git;a=shortlog;h=refs/heads/rhel-9.6
# Patches.
Patch0001: 0001-Rearrange-lxc-test-to-avoid-use-of-cat.patch
Patch0002: 0002-Move-docker-and-podman-tests-up-add-comments.patch
Patch0003: 0003-podman-Fix-location-of-test-file-proc-1-environ.patch
Patch0004: 0004-Detect-OCI-containers.patch
Patch0005: 0005-Add-support-for-Alibaba-cloud-on-aarch64.patch
Patch0006: 0006-nutanix-Don-t-match-Nutanix-based-baremetal-systems.patch
Patch0007: 0007-Add-support-for-CRI-O-containers.patch
Patch0008: 0008-Fix-support-for-Hyper-V-on-Arm.patch
Patch0009: 0009-Introduce-virt-what-cvm-program.patch
Patch0010: 0010-docs-Add-cross-reference-to-virt-what-cvm-1-to-virt-.patch
Patch0011: 0011-virt-what-cvm-check-if-hypervisor-bit-is-set.patch
Patch0012: 0012-virt-what-cvm-support-alternative-cpuid-leaf-orderin.patch
Patch0013: 0013-virt-what-cvm-probe-for-SNP-HCL-on-HyperV-Azure-via-.patch
Patch0014: 0014-virt-what-cvm-drop-TPM-logic-for-detecting-SNP-on-Hy.patch
Patch0015: 0015-virt-what-cvm-rename-azure-hcl-fact-to-hyperv-hcl.patch
Patch0016: 0016-Add-virt-what-cvm.pod-to-EXTRA_DIST.patch
Patch0017: 0017-Fix-CVM-detection-on-Azure-with-TDX.patch
Patch0018: 0018-Add-support-for-detecting-protected-virtualization-o.patch
Patch0019: 0019-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch
BuildRequires: gcc
BuildRequires: make BuildRequires: make
BuildRequires: git BuildRequires: git
BuildRequires: autoconf, automake, libtool BuildRequires: autoconf, automake, libtool
# This is provided by the build root, but we make it explicit
# anyway in case this was dropped from the build root in future.
BuildRequires: gcc
BuildRequires: /usr/bin/pod2man BuildRequires: /usr/bin/pod2man
# Required to verify tarball signature.
BuildRequires: gnupg2
# Required at build time in order to do 'make check' (for getopt). # Required at build time in order to do 'make check' (for getopt).
BuildRequires: util-linux BuildRequires: util-linux
@ -110,6 +93,7 @@ Current types of virtualization detected:
%prep %prep
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%autosetup -S git %autosetup -S git
# Always rebuild upstream autotools files. # Always rebuild upstream autotools files.
@ -140,6 +124,10 @@ fi
%changelog %changelog
* Mon Sep 02 2024 Richard W.M. Jones <rjones@redhat.com> - 1.27-1
- Rebase to Fedora Rawhide
resolves: RHEL-56807
* Tue Aug 13 2024 Richard W.M. Jones <rjones@redhat.com> - 1.25-10 * Tue Aug 13 2024 Richard W.M. Jones <rjones@redhat.com> - 1.25-10
- Implement virt-what-cvm for s390x - Implement virt-what-cvm for s390x
related: RHEL-50659 related: RHEL-50659