diff --git a/.gitignore b/.gitignore index e2c301b..aaf7a48 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -SOURCES/virt-what-1.26.tar.gz +SOURCES/libguestfs.keyring +SOURCES/virt-what-1.27.tar.gz diff --git a/.virt-what.metadata b/.virt-what.metadata index 0c73b7c..7c11343 100644 --- a/.virt-what.metadata +++ b/.virt-what.metadata @@ -1 +1,2 @@ -d5a06a9c87956dd0ac719a30b6d00cfcda69a79c SOURCES/virt-what-1.26.tar.gz +1bbc40f501a7fef9eef2a39b701a71aee2fea7c4 SOURCES/libguestfs.keyring +9c405e24083821e8d9afe05f20717c66fd343949 SOURCES/virt-what-1.27.tar.gz diff --git a/SOURCES/0001-Fix-CVM-detection-on-Azure-with-TDX.patch b/SOURCES/0001-Fix-CVM-detection-on-Azure-with-TDX.patch deleted file mode 100644 index 8f81bbd..0000000 --- a/SOURCES/0001-Fix-CVM-detection-on-Azure-with-TDX.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 059cbff66740ef74cd663f88c5f96a80a8d6d6ea Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= -Date: Tue, 30 Jul 2024 10:46:46 +0100 -Subject: [PATCH] Fix CVM detection on Azure with TDX -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The current TDX support was tested on Azure, however, since that time -they now block the CPUID leaf we were using. Instead it is required to -issue the Azure specific CPUID calls as we were already doing for SNP. - -Signed-off-by: Daniel P. Berrangé ---- - virt-what-cvm.c | 14 +++++++++----- - virt-what-cvm.pod | 4 ++-- - 2 files changed, 11 insertions(+), 7 deletions(-) - -diff --git a/virt-what-cvm.c b/virt-what-cvm.c -index 52b3426bc..0daa6ac35 100644 ---- a/virt-what-cvm.c -+++ b/virt-what-cvm.c -@@ -92,6 +92,7 @@ static bool dodebug = false; - - #define CPUID_HYPERV_ISOLATION_TYPE_MASK 0xf - #define CPUID_HYPERV_ISOLATION_TYPE_SNP 2 -+#define CPUID_HYPERV_ISOLATION_TYPE_TDX 3 - - #if defined(__x86_64__) - -@@ -147,7 +148,7 @@ msr (off_t index) - } - - static bool --cpu_sig_amd_hyperv (void) -+cpu_sig_cvm_hyperv (uint32_t isoltype) - { - uint32_t eax, ebx, ecx, edx; - char sig[13]; -@@ -175,8 +176,7 @@ cpu_sig_amd_hyperv (void) - ebx = ecx = edx = 0; - cpuid(&eax, &ebx, &ecx, &edx); - -- if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) == -- CPUID_HYPERV_ISOLATION_TYPE_SNP) { -+ if ((ebx & CPUID_HYPERV_ISOLATION_TYPE_MASK) == isoltype) { - return true; - } - } -@@ -212,7 +212,7 @@ cpu_sig_amd (void) - if (!(eax & (1 << 1))) { - debug ("No sev in CPUID, try hyperv CPUID\n"); - -- if (cpu_sig_amd_hyperv ()) { -+ if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_SNP)) { - puts ("amd-sev-snp"); - puts ("hyperv-hcl"); - } else { -@@ -252,8 +252,12 @@ cpu_sig_intel (void) - memset (sig, 0, sizeof sig); - cpuid_leaf (CPUID_INTEL_TDX_ENUMERATION, sig, true); - -- if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0) -+ if (memcmp (sig, CPUID_SIG_INTEL_TDX, sizeof(sig)) == 0) { - puts ("intel-tdx"); -+ } else if (cpu_sig_cvm_hyperv (CPUID_HYPERV_ISOLATION_TYPE_TDX)) { -+ puts ("intel-tdx"); -+ puts ("hyperv-hcl"); -+ } - } - - static bool -diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod -index 0f9076569..70213abd7 100644 ---- a/virt-what-cvm.pod -+++ b/virt-what-cvm.pod -@@ -50,7 +50,7 @@ Status: tested on Fedora 38 QEMU+KVM SEV-SNP (devel snapshot) - - This is a confidential guest running with Intel TDX technology - --Status: tested on Microsoft Azure TDX CVM (preview) -+Status: tested on Microsoft Azure TDX CVM - - =item B - -@@ -58,7 +58,7 @@ This is a confidential guest running unenlightened under the - HyperV (Azure) HCL (Host Compatibility Layer). This will be - paired with B. - --Status: tested on Microsoft Azure SEV-SNP CVM -+Status: tested on Microsoft Azure SEV-SNP & TDX CVM - - =back - --- -2.43.0 - diff --git a/SOURCES/0002-Add-support-for-detecting-protected-virtualization-o.patch b/SOURCES/0002-Add-support-for-detecting-protected-virtualization-o.patch deleted file mode 100644 index c5efcfe..0000000 --- a/SOURCES/0002-Add-support-for-detecting-protected-virtualization-o.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 037689fbe95e403b050c1eb736ebc8fdc2e601a5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= -Date: Fri, 2 Aug 2024 16:07:46 +0100 -Subject: [PATCH] Add support for detecting protected virtualization on s390x -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Daniel P. Berrangé ---- - virt-what-cvm.c | 21 ++++++++++++++++++++- - virt-what-cvm.pod | 5 +++++ - 2 files changed, 25 insertions(+), 1 deletion(-) - -diff --git a/virt-what-cvm.c b/virt-what-cvm.c -index 0daa6ac35..320df478b 100644 ---- a/virt-what-cvm.c -+++ b/virt-what-cvm.c -@@ -295,7 +295,26 @@ cpu_sig (void) - cpu_sig_intel (); - } - --#else /* !x86_64 */ -+#elif defined(__s390x__) -+ -+#define SYSFS_PROT_VIRT "/sys/firmware/uv/prot_virt_guest" -+ -+static void -+cpu_sig (void) -+{ -+ int fd = open("/sys/firmware/uv/prot_virt_guest", O_RDONLY); -+ char c; -+ if (fd < 0) -+ return; -+ -+ if (read(fd, &c, 1) == 1 && c == '1') -+ puts("s390-protvirt"); -+ -+ close(fd); -+} -+ -+ -+#else /* ! x86_64 && ! s390x */ - - static void - cpu_sig (void) -diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod -index 70213abd7..00e21cb70 100644 ---- a/virt-what-cvm.pod -+++ b/virt-what-cvm.pod -@@ -60,6 +60,11 @@ paired with B. - - Status: tested on Microsoft Azure SEV-SNP & TDX CVM - -+=item B -+ -+This is a confidential guest running on s390x with the -+Protected Virtualization (Secure Execution) technology -+ - =back - - =head1 EXIT STATUS --- -2.43.0 - diff --git a/SOURCES/0003-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch b/SOURCES/0003-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch deleted file mode 100644 index 8d4d88b..0000000 --- a/SOURCES/0003-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 963676c4dd4c2a9c070b76da6f8835ceb131dbe0 Mon Sep 17 00:00:00 2001 -From: "Richard W.M. Jones" -Date: Tue, 13 Aug 2024 13:23:06 +0100 -Subject: [PATCH] virt-what-cvm.pod: Fix man page typo s390x-protvirt -> - s390-protvirt - -Reported-by: Yongkui Guo -Fixes: commit 037689fbe95e403b050c1eb736ebc8fdc2e601a5 ---- - virt-what-cvm.pod | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/virt-what-cvm.pod b/virt-what-cvm.pod -index 00e21cb70..a76717984 100644 ---- a/virt-what-cvm.pod -+++ b/virt-what-cvm.pod -@@ -60,7 +60,7 @@ paired with B. - - Status: tested on Microsoft Azure SEV-SNP & TDX CVM - --=item B -+=item B - - This is a confidential guest running on s390x with the - Protected Virtualization (Secure Execution) technology --- -2.43.0 - diff --git a/SOURCES/virt-what-1.27.tar.gz.sig b/SOURCES/virt-what-1.27.tar.gz.sig new file mode 100644 index 0000000..551bdfa --- /dev/null +++ b/SOURCES/virt-what-1.27.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmbS4bURHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKDwuw//aneF5kGO24fVlZ2r+gtoE/yKabzpv913 +Y5YNq1otagI/Na5nBiOiCqP9lg8XfW2mCGwYASFx9pQ5AXf9P9u6hf1qzI8ZkNSl +sHqNeQNLBSGySt5ODGYyyA6CWGqhyvNIGalmCqUrAkPoKKya2hJjA70b0F3fsuU1 +G6Hm3Huv9WcUWKnY+2tg3mUu0geWhH6ED6dWiqS1l22wCNG0AorXeBjYV9tFA5T7 +qzUwcif3AN2FP1LFiCOOEqorEgmRtiUUuPPtDXrZWR1csrN7Y/SeOHk4Ik5wHcZ8 +e2+rk6fxPgZp90J1jUw12DELlD9WwoYFRjsyfhgud8hp978CUHG7MZOnNkGCE+HE +jZQ0I5xQ9rRAiw/XpuJFR/E3NF4oZuslMyLYrTGZ5u/feW+EcnHNN8jsj/8LsgA0 +4KWjiNtO4Wy9Kov5hpNKlYwZZ84Pae3ffj0MtyQAsxXwlsBzHOf0AySX5FeY0Zeq +J0EhRyfHNLkeI5n5kIlp4/PcRTItwrUP+cUicTe+PDYYxJJuna5EEl4NmUjOE/76 +v1xE3IqURXoK+cuIm39iZQ1/PDpXIZ0/kcCScs4rwTH4avG/fiNuOVxNXd/vLWcC +tCfW7kXzesgKJfVUijQ6fUtKSC239pGyFKCV1OhpuXlchIm8/iCi/o+G2zcN8itE +XgItGGqncXI= +=dbrV +-----END PGP SIGNATURE----- diff --git a/SPECS/virt-what.spec b/SPECS/virt-what.spec index 0437e8c..8eae073 100644 --- a/SPECS/virt-what.spec +++ b/SPECS/virt-what.spec @@ -1,22 +1,18 @@ Name: virt-what -Version: 1.26 -Release: 3%{?dist} +Version: 1.27 +Release: 2%{?dist} Summary: Detect if we are running in a virtual machine License: GPL-2.0-or-later URL: http://people.redhat.com/~rjones/virt-what/ Source0: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz +Source1: http://people.redhat.com/~rjones/virt-what/files/%{name}-%{version}.tar.gz.sig -# Maintainer script which helps with handling patches. -Source1: copy-patches.sh - -# Patches are maintained in the following repository: -# http://git.annexia.org/?p=virt-what.git;a=shortlog;h=refs/heads/rhel-10.0 +# Keyring used to verify tarball signature. +Source2: libguestfs.keyring -# Patches. -Patch0001: 0001-Fix-CVM-detection-on-Azure-with-TDX.patch -Patch0002: 0002-Add-support-for-detecting-protected-virtualization-o.patch -Patch0003: 0003-virt-what-cvm.pod-Fix-man-page-typo-s390x-protvirt-s.patch +# Maintainer script which helps with handling patches. +Source3: copy-patches.sh BuildRequires: gcc BuildRequires: make @@ -24,6 +20,9 @@ BuildRequires: git BuildRequires: autoconf, automake, libtool BuildRequires: /usr/bin/pod2man +# Required to verify tarball signature. +BuildRequires: gnupg2 + # Required at build time in order to do 'make check' (for getopt). BuildRequires: util-linux @@ -91,6 +90,7 @@ Current types of virtualization detected: %prep +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %autosetup -S git # Always rebuild upstream autotools files. @@ -121,6 +121,14 @@ fi %changelog +* Tue Oct 29 2024 Troy Dawson - 1.27-2 +- Bump release for October 2024 mass rebuild: + Resolves: RHEL-64018 + +* Mon Sep 09 2024 Richard W.M. Jones - 1.27-1 +- Rebase to Fedora Rawhide + resolves: RHEL-56808 + * Tue Aug 13 2024 Richard W.M. Jones - 1.26-3 - Backport CVM fixes from upstream resolves: RHEL-54092