[Pkg-libvirt-commits] [Git][libvirt-team/virt-what][debian/sid] 24 commits: Rearrange lxc test to avoid use of cat

[Jeremy Bícha (@jbicha)]

Jeremy Bícha pushed to branch debian/sid at Libvirt Packaging Team / virt-what


Commits:
a29d4a56 by Richard W.M. Jones at 2022-12-22T10:31:47+00:00
Rearrange lxc test to avoid use of cat

Thanks: Elias Probst <e.probst at ssc-services.de>

- - - - -
57966df6 by Richard W.M. Jones at 2022-12-22T10:34:03+00:00
Move docker and podman tests up, add comments

Refactor to bring related tests closer together and make the comments
more uniform.

- - - - -
1cbcbb80 by Richard W.M. Jones at 2023-01-05T12:49:55+00:00
podman: Fix location of test file /proc/1/environ

Since it was at the wrong location, the file was not even used by the
test.

Fixes: commit 1df728aa4b ("Add podman support")

- - - - -
54c2ad4a by Richard W.M. Jones at 2023-01-05T12:49:55+00:00
Detect OCI containers

Podman using OCI containers sets container=oci in PID 1's environment.
Detect that and print "oci" fact.

This patch was originally contributed by Alessandro Valentini.  I
modified it and added tests and documentation.

Reported-by: Alessandro Valentini
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2155233

- - - - -
a4508bda by Ville Skyttä at 2023-01-09T12:08:50+00:00
Grammar fixes

- - - - -
1b5cbb7a by Ville Skyttä at 2023-01-12T16:29:18+00:00
Add support for UpCloud

- - - - -
80560476 by Yongkui Guo at 2023-01-30T18:30:51+08:00
Add support for Alibaba cloud on aarch64

This assumes you are running RHEL or another tenant which supports
ACPI.  It probably won't work for guests using device tree.

Also we assume that the hypervisor is KVM.  Since the hypervisor
indicates that it is RHEL 7, this is very likely to be true, but hard
to prove since there is no CPUID on Arm.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2165285

- - - - -
22e33361 by Daniel P. Berrangé at 2023-05-30T08:41:47+01:00
Introduce 'virt-what-cvm' program

The 'virt-what' program prints facts that reflect the hypervisor that
the guest is running under.

The new complementary 'virt-what-cvm' program prints facts that reflect
the confidential virtualization technology the guest is running under,
if any.

It is kept as a separate tool, rather than incorporating the facts into
'virt-what' output because it is considering a different aspect of the
virtualization. Furthermore there are specific security concerns around
the usage of facts reported by 'virt-what-cvm'.

The tool has been tested in a number of environments

 * Azure confidential guest with AMD SEV-SNP (GA)
 * Azure confidential guest with Intel TDX (technology preview)
 * Fedora 37 QEMU/KVM guest with AMD SEV (GA)
 * Fedora 37 QEMU/KVM guest with AMD SEV-ES (GA)
 * Fedora 38 QEMU/KVM guest with AMD SEV-SNP + SVSM (devel snapshot)

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>

- - - - -
52c833c7 by Richard W.M. Jones at 2023-05-30T08:46:06+01:00
docs: Add cross reference to virt-what-cvm(1) to virt-what(1)

- - - - -
eeb7d8a1 by Richard W.M. Jones at 2023-06-07T10:13:09+01:00
nutanix: Don't match Nutanix-based baremetal systems

Nutanix ship baremetal systems which have modified firmware that
reports similar to:

  Manufacturer: Nutanix
  Product Name: NX-T00-4NL3-G5

This is not a virtual machine, but was recognised as such.  Make sure
we match on 'Product Name: AHV' to identify only virtual machines.

Thanks: Scott Yeager, Shaoyu Shang
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2211980

- - - - -
95d18c02 by Richard W.M. Jones at 2023-06-28T13:24:58+01:00
Add support for CRI-O containers

Reported-by: Alessandro Taufer
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2217407
Thanks: Xiaodai Wang

- - - - -
64718d09 by Daniel P. Berrangé at 2023-06-29T18:17:19+01:00
virt-what-cvm: check if hypervisor bit is set

Before doing any probes for a confidential VM, check that the
tool is running under a hypervisor, rather than bare metal

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>

- - - - -
15d3e4a9 by Daniel P. Berrangé at 2023-06-29T18:17:19+01:00
virt-what-cvm: support alternative cpuid leaf ordering

The HyperV CPUID leaf for reporting the vendor string has an
alternative ordering of ecx/edx.

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>

- - - - -
bb0055b4 by Daniel P. Berrangé at 2023-06-29T18:17:19+01:00
virt-what-cvm: probe for SNP/HCL on HyperV/Azure via CPUID

When running a confidential VM on Azure (HyperV) we can probe
CPUID leaf 0x40000003 to detect if VM isolation is present,
and 0x4000000c to detect what kind of isolation is used.

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>

- - - - -
82c0e9c4 by Daniel P. Berrangé at 2023-06-29T18:17:19+01:00
virt-what-cvm: drop TPM logic for detecting SNP on HyperV/Azure

Now we have proper CPUID detection, we no longer need the TPM
hacks.

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>

- - - - -
94773022 by Daniel P. Berrangé at 2023-06-29T18:17:19+01:00
virt-what-cvm: rename 'azure-hcl' fact to 'hyperv-hcl'

Azure is a cloud service that uses the HyperV platform, so we
should refer to the fact as 'hyperv-hcl', not 'azure-hcl'.

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>

- - - - -
1f0682ca by Weisson at 2024-06-24T18:01:34+01:00
Set timeout threshold for alibaba ecs identification to avoid hanging.

On Alibaba ECS/EBM, virt-what used to run this tricky shell command:
```
( { echo -e "GET /latest/meta-datainstance/instance-type HTTP/1.0\r\nHost: 100.100.100.200\r\n\r" >&3; grep -sq 'ebm' <&3 ; } 3<> /dev/tcp/100.100.100.200/80 ) 2>/dev/null
```
which means the host fetches metadata and identifies its flavor.

However, the remote server '100.100.100.200' is accessible only within
Alibaba Cloud network, which keeps those hosts, not in that condition
mentioned above, hanging until syscall 'connect' timeout and get interrupted
by kernel, or even worse, hanging forever.

This commit set 1 second timeout at most for meta-data fetching process
to avoid that kind of hanging.

Signed-off-by: Weisson <hanxiaobupt at bupt.cn>

- - - - -
49a17ec8 by Richard W.M. Jones at 2024-07-02T08:45:10+00:00
Fix support for Hyper-V on Arm

This architecture lacks CPUID so we must fall back to looking
at DMI data instead.

Reported-by: Yuxin Sun
Thanks: Dan Berrange
Fixes: https://issues.redhat.com/browse/RHEL-45834

- - - - -
6d145576 by Richard W.M. Jones at 2024-07-02T11:03:57+01:00
Version 1.26

Also updated a few copyright dates to 2024.

And fixed some missing EXTRA_DIST entries, found by
'make dist && make maintainer-check-extra-dist':

  Checking for differences between EXTRA_DIST and git ...
  tests/alibaba-cloud-arm/sbin/timeout
  tests/alibaba-cloud-x86/sbin/timeout
  virt-what-cvm.pod

- - - - -
1f5f6327 by Jeremy Bícha at 2024-07-05T07:46:49-04:00
Update changelog

- - - - -
a63b1567 by Jeremy Bícha at 2024-07-05T07:47:09-04:00
New upstream version 1.26
- - - - -
25e87837 by Jeremy Bícha at 2024-07-05T07:47:15-04:00
Update upstream source from tag 'upstream/1.26'

Update to upstream version '1.26'
with Debian dir 11837262f8dc2487f03c852c5b7df770e5ab149f
- - - - -
3e28e97e by Jeremy Bícha at 2024-07-05T07:48:06-04:00
New upstream release

- - - - -
f842105d by Jeremy Bícha at 2024-07-05T07:51:14-04:00
releasing package virt-what version 1.26-1

- - - - -


5 changed files:

- .gitignore
- Makefile.am
- Makefile.in
- README
- aclocal.m4


The diff was not included because it is too large.


View it on GitLab: https://salsa.debian.org/libvirt-team/virt-what/-/compare/f29a5e9d032c1d899498e89bf28c2213076b818b...f842105dd4ee1e2b9f45c72443f46c41890a32da

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/libvirt-team/virt-what/-/compare/f29a5e9d032c1d899498e89bf28c2213076b818b...f842105dd4ee1e2b9f45c72443f46c41890a32da
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-libvirt-commits/attachments/20240705/fda47b47/attachment-0001.htm>