import virt-what-1.26-3.el10

c10-beta imports/c10-beta/virt-what-1.26-3.el10
MSVSphere Packaging Team 2 months ago
commit 5d21b96c4d
Signed by: sys_gitsync
GPG Key ID: B2B0B9F29E528FE8

1
.gitignore vendored

@ -0,0 +1 @@
SOURCES/virt-what-1.26.tar.gz

@ -0,0 +1 @@
d5a06a9c87956dd0ac719a30b6d00cfcda69a79c SOURCES/virt-what-1.26.tar.gz

@ -0,0 +1,97 @@
From 059cbff66740ef74cd663f88c5f96a80a8d6d6ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Tue, 30 Jul 2024 10:46:46 +0100
Subject: [PATCH] Fix CVM detection on Azure with TDX
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The current TDX support was tested on Azure, however, since that time
they now block the CPUID leaf we were using. Instead it is required to
issue the Azure specific CPUID calls as we were already doing for SNP.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
virt-what-cvm.c | 14 +++++++++-----
virt-what-cvm.pod | 4 ++--
2 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 52b3426bc..0daa6ac35 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -92,6 +92,7 @@ static bool dodebug = false;
#define CPUID_HYPERV_ISOLATION_TYPE_MASK 0xf
#define CPUID_HYPERV_ISOLATION_TYPE_SNP 2
+#define CPUID_HYPERV_ISOLATION_TYPE_TDX 3
#if defined(__x86_64__)
@@ -147,7 +148,7 @@ msr (off_t index)
}
static bool
-cpu_sig_amd_hyperv (void)
+cpu_sig_cvm_hyperv (uint32_t isoltype)
{
uint32_t eax, ebx, ecx, edx;
char sig[13];
@@ -175,8 +176,7 @@ cpu_sig_amd_hyperv (void)
ebx = ecx = edx = 0;
cpuid(&eax, &ebx, &ecx, &edx);
- if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) ==
- CPUID_HYPERV_ISOLATION_TYPE_SNP) {
+ if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) == isoltype) {
return true;
}
}
@@ -212,7 +212,7 @@ cpu_sig_amd (void)
if (!(eax & (1 << 1))) {
debug ("No sev in CPUID, try hyperv CPUID\n");
- if (cpu_sig_amd_hyperv ()) {
+ if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_SNP)) {
puts ("amd-sev-snp");
puts ("hyperv-hcl");
} else {
@@ -252,8 +252,12 @@ cpu_sig_intel (void)
memset (sig, 0, sizeof sig);
cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig, true);
- if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0)
+ if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0) {
puts ("intel-tdx");
+ } else if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_TDX)) {
+ puts ("intel-tdx");
+ puts ("hyperv-hcl");
+ }
}
static bool
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 0f9076569..70213abd7 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -50,7 +50,7 @@ Status: tested on Fedora 38 QEMU+KVM SEV-SNP (devel snapshot)
This is a confidential guest running with Intel TDX technology
-Status: tested on Microsoft Azure TDX CVM (preview)
+Status: tested on Microsoft Azure TDX CVM
=item B<hyperv-hcl>
@@ -58,7 +58,7 @@ This is a confidential guest running unenlightened under the
HyperV (Azure) HCL (Host Compatibility Layer). This will be
paired with B<amd-sev-snp>.
-Status: tested on Microsoft Azure SEV-SNP CVM
+Status: tested on Microsoft Azure SEV-SNP & TDX CVM
=back
--
2.43.0

@ -0,0 +1,65 @@
From 037689fbe95e403b050c1eb736ebc8fdc2e601a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Fri, 2 Aug 2024 16:07:46 +0100
Subject: [PATCH] Add support for detecting protected virtualization on s390x
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
virt-what-cvm.c | 21 ++++++++++++++++++++-
virt-what-cvm.pod | 5 +++++
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/virt-what-cvm.c b/virt-what-cvm.c
index 0daa6ac35..320df478b 100644
--- a/virt-what-cvm.c
+++ b/virt-what-cvm.c
@@ -295,7 +295,26 @@ cpu_sig (void)
cpu_sig_intel ();
}
-#else /* !x86_64 */
+#elif defined(__s390x__)
+
+#define SYSFS_PROT_VIRT "/sys/firmware/uv/prot_virt_guest"
+
+static void
+cpu_sig (void)
+{
+ int fd = open("/sys/firmware/uv/prot_virt_guest", O_RDONLY);
+ char c;
+ if (fd < 0)
+ return;
+
+ if (read(fd, &c, 1) == 1 && c == '1')
+ puts("s390-protvirt");
+
+ close(fd);
+}
+
+
+#else /* ! x86_64 && ! s390x */
static void
cpu_sig (void)
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 70213abd7..00e21cb70 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -60,6 +60,11 @@ paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP & TDX CVM
+=item B<s390x-protvirt>
+
+This is a confidential guest running on s390x with the
+Protected Virtualization (Secure Execution) technology
+
=back
=head1 EXIT STATUS
--
2.43.0

@ -0,0 +1,28 @@
From 963676c4dd4c2a9c070b76da6f8835ceb131dbe0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 13 Aug 2024 13:23:06 +0100
Subject: [PATCH] virt-what-cvm.pod: Fix man page typo s390x-protvirt ->
s390-protvirt
Reported-by: Yongkui Guo
Fixes: commit 037689fbe95e403b050c1eb736ebc8fdc2e601a5
---
virt-what-cvm.pod | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod
index 00e21cb70..a76717984 100644
--- a/virt-what-cvm.pod
+++ b/virt-what-cvm.pod
@@ -60,7 +60,7 @@ paired with B<amd-sev-snp>.
Status: tested on Microsoft Azure SEV-SNP & TDX CVM
-=item B<s390x-protvirt>
+=item B<s390-protvirt>
This is a confidential guest running on s390x with the
Protected Virtualization (Secure Execution) technology
--
2.43.0

@ -0,0 +1,61 @@
#!/bin/bash -
set -e
# Maintainer script to copy patches from the git repo to the current
# directory. It's normally only used downstream (ie. in RHEL). Use
# it like this:
# ./copy-patches.sh
project=virt-what
rhel_version=10.0
# Check we're in the right directory.
if [ ! -f $project.spec ]; then
echo "$0: run this from the directory containing '$project.spec'"
exit 1
fi
case `id -un` in
rjones) git_checkout=$HOME/d/$project-rhel-$rhel_version ;;
lacos) git_checkout=$HOME/src/v2v/$project ;;
*) git_checkout=$HOME/d/$project-rhel-$rhel_version ;;
esac
if [ ! -d $git_checkout ]; then
echo "$0: $git_checkout does not exist"
echo "This script is only for use by the maintainer when preparing a"
echo "$project release on RHEL."
exit 1
fi
# Get the base version of the project.
version=`grep '^Version:' $project.spec | awk '{print $2}'`
tag="v$version"
# Remove any existing patches.
git rm -f [0-9]*.patch ||:
rm -f [0-9]*.patch
# Get the patches.
(cd $git_checkout; rm -f [0-9]*.patch; git -c core.abbrev=9 format-patch -O/dev/null -N --submodule=diff $tag)
mv $git_checkout/[0-9]*.patch .
# Remove any not to be applied.
rm -f *NOT-FOR-RPM*.patch
# Add the patches.
git add [0-9]*.patch
# Print out the patch lines.
echo
echo "--- Copy the following text into $project.spec file"
echo
echo "# Patches."
for f in [0-9]*.patch; do
n=`echo $f | awk -F- '{print $1}'`
echo "Patch$n: $f"
done
echo
echo "--- End of text"

@ -0,0 +1,309 @@
Name: virt-what
Version: 1.26
Release: 3%{?dist}
Summary: Detect if we are running in a virtual machine
License: GPL-2.0-or-later
URL: http://people.redhat.com/~rjones/virt-what/
Source0: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz
# Maintainer script which helps with handling patches.
Source1: copy-patches.sh
# Patches are maintained in the following repository:
# http://git.annexia.org/?p=virt-what.git;a=shortlog;h=refs/heads/rhel-10.0
# Patches.
Patch0001: 0001-Fix-CVM-detection-on-Azure-with-TDX.patch
Patch0002: 0002-Add-support-for-detecting-protected-virtualization-o.patch
Patch0003: 0003-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch
BuildRequires: gcc
BuildRequires: make
BuildRequires: git
BuildRequires: autoconf, automake, libtool
BuildRequires: /usr/bin/pod2man
# Required at build time in order to do 'make check' (for getopt).
BuildRequires: util-linux
# virt-what script uses dmidecode and getopt (from util-linux).
# RPM cannot detect this so make the dependencies explicit here.
%ifarch aarch64 %{ix86} x86_64
Requires: dmidecode
%endif
Requires: util-linux
# Runs the 'which' program to find the helper.
Requires: which
%description
virt-what is a shell script which can be used to detect if the program
is running in a virtual machine.
The program prints out a list of "facts" about the virtual machine,
derived from heuristics. One fact is printed per line.
If nothing is printed and the script exits with code 0 (no error),
then it can mean either that the program is running on bare-metal or
the program is running inside a type of virtual machine which we don't
know about or can't detect.
Current types of virtualization detected:
- alibaba_cloud Alibaba cloud
- alibaba_cloud-ebm
- aws Amazon Web Services
- bhyve FreeBSD hypervisor
- docker Docker container
- google_cloud Google cloud
- hyperv Microsoft Hyper-V
- ibm_power-kvm IBM POWER KVM
- ibm_power-lpar_shared IBM POWER LPAR (hardware partition)
- ibm_power-lpar_dedicated
- ibm_systemz-* IBM SystemZ Direct / LPAR / z/VM / KVM
- illumos-lx Illumos with Linux syscall emulation
- ldoms Oracle VM Server for SPARC Logical Domains
- linux_vserver Linux VServer container
- lxc Linux LXC container
- kvm Linux Kernel Virtual Machine (KVM)
- lkvm LKVM / kvmtool
- nutanix_ahv Nutanix Acropolis Hypervisor (AHV)
- openvz OpenVZ or Virtuozzo
- ovirt oVirt node
- parallels Parallels Virtual Platform
- podman Podman container
- powervm_lx86 IBM PowerVM Lx86 Linux/x86 emulator
- qemu QEMU (unaccelerated)
- redhat Red Hat hypervisor
- rhev Red Hat Enterprise Virtualization
- uml User-Mode Linux (UML)
- virtage Hitachi Virtualization Manager (HVM) Virtage LPAR
- virtualbox VirtualBox
- virtualpc Microsoft VirtualPC
- vmm vmm OpenBSD hypervisor
- vmware VMware
- xen Xen
- xen-dom0 Xen dom0 (privileged domain)
- xen-domU Xen domU (paravirtualized guest domain)
- xen-hvm Xen guest fully virtualized (HVM)
%prep
%autosetup -S git
# Always rebuild upstream autotools files.
autoreconf -i
%build
%configure
make
%install
%make_install
%check
if ! make -k check ; then
find -name test-suite.log -exec cat {} \;
exit 1
fi
%files
%doc README COPYING
%{_sbindir}/virt-what
%{_sbindir}/virt-what-cvm
%{_libexecdir}/virt-what-cpuid-helper
%{_mandir}/man1/*.1*
%changelog
* Tue Aug 13 2024 Richard W.M. Jones <rjones@redhat.com> - 1.26-3
- Backport CVM fixes from upstream
resolves: RHEL-54092
* Tue Jul 02 2024 Richard W.M. Jones <rjones@redhat.com> - 1.26-1
- New upstream version 1.26
- Add new binary virt-what-cvm (for confidential VMs).
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.25-6
- Bump release for June 2024 mass rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.25-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.25-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Mon Jun 05 2023 Richard W.M. Jones <rjones@redhat.com> - 1.25-3
- Migrated to SPDX license
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Aug 17 2022 Richard W.M. Jones <rjones@redhat.com> - 1.25-1
- New upstream version 1.25
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.24-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jun 23 2022 Richard W.M. Jones <rjones@redhat.com> - 1.24-1
- New upstream version 1.24
- Update list of supported hypervisors
- Fix %%check for failures
* Thu Apr 14 2022 Richard W.M. Jones <rjones@redhat.com> - 1.22-2
- New upstream version 1.22.
- Fix Source0 line.
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.21-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.21-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Apr 19 2021 Richard W.M. Jones <rjones@redhat.com> - 1.21-1
- New upstream version 1.21.
* Tue Apr 13 2021 Richard W.M. Jones <rjones@redhat.com> - 1.21-0.1
- Add all patches since 1.20 in preparation for 1.21 release.
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.20-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.20-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1.20-3
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Oct 3 2019 Richard W.M. Jones <rjones@redhat.com> - 1.20-1
- New upstream version 1.20.
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 31 2018 Richard W.M. Jones <rjones@redhat.com> - 1.19-1
- New upstream version 1.19.
- Fixes support for AWS.
- Remove patches which are now upstream.
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.18-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.18-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Oct 17 2017 Richard W.M. Jones <rjones@redhat.com> - 1.18-4
- Include upstream patches since 1.18 was released.
- dmidecode is also available on aarch64.
* Mon Jul 31 2017 Richard W.M. Jones <rjones@redhat.com> - 1.18-1
- New upstream version 1.18.
- Update RPM description section with complete list of supported guests.
- If make check fails, dump test-suite.log.
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.15-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.15-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Jun 14 2016 Richard W.M. Jones <rjones@redhat.com> - 1.15-4
- Require 'which' program.
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.15-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.15-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Tue Apr 21 2015 Richard W.M. Jones <rjones@redhat.com> - 1.15-1
- New upstream version 1.15.
- Remove patches, now upstream.
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.13-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.13-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Oct 28 2013 Richard W.M. Jones <rjones@redhat.com> - 1.13-3
- Suppress warning message on Amazon EC2:
"grep: /proc/xen/capabilities: No such file or directory"
* Wed Sep 11 2013 Richard W.M. Jones <rjones@redhat.com> - 1.13-2
- Include two upstream patches for detecting Xen and Linux VServer better
(RHBZ#973663).
- Modernize the spec file.
* Mon Jul 29 2013 Richard W.M. Jones <rjones@redhat.com> - 1.13-1
- New upstream version 1.13.
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.12-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.12-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Sat Mar 17 2012 Richard W.M. Jones <rjones@redhat.com> - 1.12-1
- New upstream version 1.12.
* Wed Feb 29 2012 Richard W.M. Jones <rjones@redhat.com> - 1.11-3
- Remove ExclusiveArch, but don't require dmidecode except on
i?86 and x86-64 (RHBZ#791370).
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.11-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Fri May 27 2011 Richard W.M. Jones <rjones@redhat.com> - 1.11-1
- New upstream version 1.11.
* Wed May 25 2011 Richard W.M. Jones <rjones@redhat.com> - 1.10-1
- New upstream version 1.10.
* Tue Mar 8 2011 Richard W.M. Jones <rjones@redhat.com> - 1.9-1
- New upstream version 1.9.
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Jan 31 2011 Richard W.M. Jones <rjones@redhat.com> - 1.8-1
- New upstream version 1.8.
* Thu Jan 20 2011 Richard W.M. Jones <rjones@redhat.com> - 1.7-1
- New upstream version 1.7.
* Wed Jan 19 2011 Richard W.M. Jones <rjones@redhat.com> - 1.6-2
- New upstream version 1.6.
- BuildRequires 'getopt' from util-linux-ng.
* Tue Jan 18 2011 Richard W.M. Jones <rjones@redhat.com> - 1.5-1
- New upstream version 1.5.
- Add 'make check' section.
* Tue Jan 18 2011 Richard W.M. Jones <rjones@redhat.com> - 1.4-1
- New upstream version 1.4.
- More hypervisor types detected.
* Thu Oct 28 2010 Richard W.M. Jones <rjones@redhat.com> - 1.3-4
- Move configure into build (not prep).
* Thu Oct 28 2010 Richard W.M. Jones <rjones@redhat.com> - 1.3-3
- Initial import into Fedora.
* Tue Oct 19 2010 Richard W.M. Jones <rjones@redhat.com> - 1.3-2
- Make changes suggested by reviewer (RHBZ#644259).
* Tue Oct 19 2010 Richard W.M. Jones <rjones@redhat.com> - 1.3-1
- Initial release.
Loading…
Cancel
Save