import virt-what-1.27-2.el10

i10cs changed/i10cs/virt-what-1.27-2.el10
MSVSphere Packaging Team 2 months ago
parent 396de4eb9d
commit 45cdc9a524
Signed by: sys_gitsync
GPG Key ID: B2B0B9F29E528FE8

3
.gitignore vendored

@ -1 +1,2 @@
SOURCES/virt-what-1.26.tar.gz
SOURCES/libguestfs.keyring
SOURCES/virt-what-1.27.tar.gz

@ -1 +1,2 @@
d5a06a9c87956dd0ac719a30b6d00cfcda69a79c SOURCES/virt-what-1.26.tar.gz
1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring
9c405e24083821e8d9afe05f20717c66fd343949 SOURCES/virt-what-1.27.tar.gz

@ -1,97 +0,0 @@
From 059cbff66740ef74cd663f88c5f96a80a8d6d6ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Tue, 30 Jul 2024 10:46:46 +0100
Subject: [PATCH] Fix CVM detection on Azure with TDX
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The current TDX support was tested on Azure, however, since that time
they now block the CPUID leaf we were using. Instead it is required to
issue the Azure specific CPUID calls as we were already doing for SNP.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
virt-what-cvm.c | 14 +++++++++-----
virt-what-cvm.pod | 4 ++--
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 52b3426bc..0daa6ac35 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -92,6 +92,7 @@ static bool dodebug = false;
#define CPUID_HYPERV_ISOLATION_TYPE_MASK 0xf
#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
+#define CPUID_HYPERV_ISOLATION_TYPE_TDX 3
#if defined(__x86_64__)
@@ -147,7 +148,7 @@ msr (off_t index)
}
static bool
-cpu_sig_amd_hyperv (void)
+cpu_sig_cvm_hyperv (uint32_t isoltype)
{
uint32_t eax, ebx, ecx, edx;
char sig[13];
@@ -175,8 +176,7 @@ cpu_sig_amd_hyperv (void)
ebx = ecx = edx = 0;
cpuid(&eax, &ebx, &ecx, &edx);
- if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) ==
- CPUID_HYPERV_ISOLATION_TYPE_SNP) {
+ if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) == isoltype) {
return true;
}
}
@@ -212,7 +212,7 @@ cpu_sig_amd (void)
if (!(eax & (1 << 1))) {
debug ("No sev in CPUID, try hyperv CPUID\n");
- if (cpu_sig_amd_hyperv ()) {
+ if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_SNP)) {
puts ("amd-sev-snp");
puts ("hyperv-hcl");
} else {
@@ -252,8 +252,12 @@ cpu_sig_intel (void)
memset (sig, 0, sizeof sig);
cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig, true);
- if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0)
+ if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0) {
puts ("intel-tdx");
+ } else if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_TDX)) {
+ puts ("intel-tdx");
+ puts ("hyperv-hcl");
+ }
}
static bool
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 0f9076569..70213abd7 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -50,7 +50,7 @@ Status: tested on Fedora 38 QEMU+KVM SEV-SNP (devel snapshot)
This is a confidential guest running with Intel TDX technology
-Status: tested on Microsoft Azure TDX CVM (preview)
+Status: tested on Microsoft Azure TDX CVM
=item B<hyperv-hcl>
@@ -58,7 +58,7 @@ This is a confidential guest running unenlightened under the
HyperV (Azure) HCL (Host Compatibility Layer). This will be
paired with B<amd-sev-snp>.
-Status: tested on Microsoft Azure SEV-SNP CVM
+Status: tested on Microsoft Azure SEV-SNP & TDX CVM
=back
--
2.43.0

@ -1,65 +0,0 @@
From 037689fbe95e403b050c1eb736ebc8fdc2e601a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Fri, 2 Aug 2024 16:07:46 +0100
Subject: [PATCH] Add support for detecting protected virtualization on s390x
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
virt-what-cvm.c | 21 ++++++++++++++++++++-
virt-what-cvm.pod | 5 +++++
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 0daa6ac35..320df478b 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -295,7 +295,26 @@ cpu_sig (void)
cpu_sig_intel ();
}
-#else /* !x86_64 */
+#elif defined(__s390x__)
+
+#define SYSFS_PROT_VIRT "/sys/firmware/uv/prot_virt_guest"
+
+static void
+cpu_sig (void)
+{
+ int fd = open("/sys/firmware/uv/prot_virt_guest", O_RDONLY);
+ char c;
+ if (fd < 0)
+ return;
+
+ if (read(fd, &c, 1) == 1 && c == '1')
+ puts("s390-protvirt");
+
+ close(fd);
+}
+
+
+#else /* ! x86_64 && ! s390x */
static void
cpu_sig (void)
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 70213abd7..00e21cb70 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -60,6 +60,11 @@ paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP & TDX CVM
+=item B<s390x-protvirt>
+
+This is a confidential guest running on s390x with the
+Protected Virtualization (Secure Execution) technology
+
=back
=head1 EXIT STATUS
--
2.43.0

@ -1,28 +0,0 @@
From 963676c4dd4c2a9c070b76da6f8835ceb131dbe0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 13 Aug 2024 13:23:06 +0100
Subject: [PATCH] virt-what-cvm.pod: Fix man page typo s390x-protvirt ->
s390-protvirt
Reported-by: Yongkui Guo
Fixes: commit 037689fbe95e403b050c1eb736ebc8fdc2e601a5
---
virt-what-cvm.pod | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 00e21cb70..a76717984 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -60,7 +60,7 @@ paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP & TDX CVM
-=item B<s390x-protvirt>
+=item B<s390-protvirt>
This is a confidential guest running on s390x with the
Protected Virtualization (Secure Execution) technology
--
2.43.0

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmbS4bURHHJpY2hAYW5u
ZXhpYS5vcmcACgkQkXOPc+G3aKDwuw//aneF5kGO24fVlZ2r+gtoE/yKabzpv913
Y5YNq1otagI/Na5nBiOiCqP9lg8XfW2mCGwYASFx9pQ5AXf9P9u6hf1qzI8ZkNSl
sHqNeQNLBSGySt5ODGYyyA6CWGqhyvNIGalmCqUrAkPoKKya2hJjA70b0F3fsuU1
G6Hm3Huv9WcUWKnY+2tg3mUu0geWhH6ED6dWiqS1l22wCNG0AorXeBjYV9tFA5T7
qzUwcif3AN2FP1LFiCOOEqorEgmRtiUUuPPtDXrZWR1csrN7Y/SeOHk4Ik5wHcZ8
e2+rk6fxPgZp90J1jUw12DELlD9WwoYFRjsyfhgud8hp978CUHG7MZOnNkGCE+HE
jZQ0I5xQ9rRAiw/XpuJFR/E3NF4oZuslMyLYrTGZ5u/feW+EcnHNN8jsj/8LsgA0
4KWjiNtO4Wy9Kov5hpNKlYwZZ84Pae3ffj0MtyQAsxXwlsBzHOf0AySX5FeY0Zeq
J0EhRyfHNLkeI5n5kIlp4/PcRTItwrUP+cUicTe+PDYYxJJuna5EEl4NmUjOE/76
v1xE3IqURXoK+cuIm39iZQ1/PDpXIZ0/kcCScs4rwTH4avG/fiNuOVxNXd/vLWcC
tCfW7kXzesgKJfVUijQ6fUtKSC239pGyFKCV1OhpuXlchIm8/iCi/o+G2zcN8itE
XgItGGqncXI=
=dbrV
-----END PGP SIGNATURE-----

@ -1,22 +1,18 @@
Name: virt-what
Version: 1.26
Release: 3%{?dist}
Version: 1.27
Release: 2%{?dist}
Summary: Detect if we are running in a virtual machine
License: GPL-2.0-or-later
URL: http://people.redhat.com/~rjones/virt-what/
Source0: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz
Source1: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz.sig
# Maintainer script which helps with handling patches.
Source1: copy-patches.sh
# Patches are maintained in the following repository:
# http://git.annexia.org/?p=virt-what.git;a=shortlog;h=refs/heads/rhel-10.0
# Keyring used to verify tarball signature.
Source2: libguestfs.keyring
# Patches.
Patch0001: 0001-Fix-CVM-detection-on-Azure-with-TDX.patch
Patch0002: 0002-Add-support-for-detecting-protected-virtualization-o.patch
Patch0003: 0003-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch
# Maintainer script which helps with handling patches.
Source3: copy-patches.sh
BuildRequires: gcc
BuildRequires: make
@ -24,6 +20,9 @@ BuildRequires: git
BuildRequires: autoconf, automake, libtool
BuildRequires: /usr/bin/pod2man
# Required to verify tarball signature.
BuildRequires: gnupg2
# Required at build time in order to do 'make check' (for getopt).
BuildRequires: util-linux
@ -91,6 +90,7 @@ Current types of virtualization detected:
%prep
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%autosetup -S git
# Always rebuild upstream autotools files.
@ -121,9 +121,17 @@ fi
%changelog
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.26-3
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.27-2
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.27-1
- Rebuilt for MSVSphere 10
* Mon Sep 09 2024 Richard W.M. Jones <rjones@redhat.com> - 1.27-1
- Rebase to Fedora Rawhide
resolves: RHEL-56808
* Tue Aug 13 2024 Richard W.M. Jones <rjones@redhat.com> - 1.26-3
- Backport CVM fixes from upstream
resolves: RHEL-54092

Loading…
Cancel
Save