Add support for detecting protected virtualization on s390x
authorDaniel P. Berrangé <berrange@redhat.com>
Fri, 2 Aug 2024 15:07:46 +0000 (16:07 +0100)
committerRichard W.M. Jones <rjones@redhat.com>
Mon, 5 Aug 2024 15:32:23 +0000 (16:32 +0100)
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 037689fbe95e403b050c1eb736ebc8fdc2e601a5)

virt-what-cvm.c
virt-what-cvm.pod

index 0daa6ac..320df47 100644 (file)
@@ -295,7 +295,26 @@ cpu_sig (void)
     cpu_sig_intel ();
 }
 
-#else /* !x86_64 */
+#elif defined(__s390x__)
+
+#define SYSFS_PROT_VIRT "/sys/firmware/uv/prot_virt_guest"
+
+static void
+cpu_sig (void)
+{
+  int fd = open("/sys/firmware/uv/prot_virt_guest", O_RDONLY);
+  char c;
+  if (fd < 0)
+    return;
+
+  if (read(fd, &c, 1) == 1 && c == '1')
+    puts("s390-protvirt");
+
+  close(fd);
+}
+
+
+#else /* ! x86_64 && ! s390x */
 
 static void
 cpu_sig (void)
index 70213ab..00e21cb 100644 (file)
@@ -60,6 +60,11 @@ paired with B<amd-sev-snp>.
 
 Status: tested on Microsoft Azure SEV-SNP & TDX CVM
 
+=item B<s390x-protvirt>
+
+This is a confidential guest running on s390x with the
+Protected Virtualization (Secure Execution) technology
+
 =back
 
 =head1 EXIT STATUS