tests: Add new hypervisor helper script

Add a pure shell script which the CI and integration tests can use to check for different categories of runtime Assisted-by: IBM Bob Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2026-04-26 18:43:06 +00:00 · 2026-04-10 14:23:40 +01:00
parent c546b3c585
commit 2f3fec9727
1 changed files with 97 additions and 0 deletions
--- a/tests/hypervisor_helpers.sh
+++ b/tests/hypervisor_helpers.sh
@@ -0,0 +1,97 @@
+#!/usr/bin/env bash
+# Copyright 2026 IBM Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+SNP_HYPERVISORS=("qemu-snp" "qemu-snp-runtime-rs")
+TDX_HYPERVISORS=("qemu-tdx" "qemu-tdx-runtime-rs")
+SE_HYPERVISORS=("qemu-se" "qemu-se-runtime-rs")
+CCA_HYPERVISORS=("qemu-cca")
+GPU_TEE_HYPERVISORS=("qemu-nvidia-gpu-snp" "qemu-nvidia-gpu-tdx")
+TEE_HYPERVISORS=("${SNP_HYPERVISORS[@]}" "${TDX_HYPERVISORS[@]}" "${SE_HYPERVISORS[@]}" "${CCA_HYPERVISORS[@]}" "${GPU_TEE_HYPERVISORS[@]}")
+NON_TEE_HYPERVISORS=("qemu-coco-dev" "qemu-coco-dev-runtime-rs")
+FIRECRACKER_HYPERVISORS=("firecracker" "fc")
+
+function is_snp_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${SNP_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+function is_tdx_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${TDX_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+function is_se_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${SE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+function is_cca_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${CCA_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+function is_non_tee_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${NON_TEE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+function is_confidential_gpu_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${GPU_TEE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+function is_firecracker_hypervisor() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	[[ " ${FIRECRACKER_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
+	return 1
+}
+
+# Common check for confidential hardware (TEE) runtime class.
+function is_confidential_hardware() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	# This check must be done with "<SPACE>${KATA_HYPERVISOR}<SPACE>" to avoid
+	# having substrings, like qemu, being matched with qemu-$something.
+	# shellcheck disable=SC2076 # intentionally use literal string matching
+	if [[ " ${TEE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]]; then
+		return 0
+	fi
+	return 1
+}
+
+# Common check for confidential runtime class.
+function is_confidential_runtime_class() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	if is_confidential_hardware "${hypervisor}" || is_non_tee_hypervisor "${hypervisor}"; then
+		return 0
+	else
+		return 1
+	fi
+}
+
+is_hotplug_supported() {
+	local hypervisor="${1:-${KATA_HYPERVISOR}}"
+	if is_confidential_runtime_class "${hypervisor}"; then
+		echo "Confidential computing hypervisors don't support hotplug" >&2
+		return 1
+	elif is_firecracker_hypervisor "${hypervisor}"; then
+		echo "FC doesn't support hotplug" >&2
+		return 1
+	fi
+	return 0
+}