github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-14 06:06:12 +00:00
Code Issues Projects Releases Wiki Activity

runtime: implement CPUFlags function

Browse Source 
`CPUFlags` returns a map with all the CPU flags, these CPU flags
may help us to identiry whether a system support confidential computing
or not.

Signed-off-by: Julio Montes <julio.montes@intel.com>
This commit is contained in:
Julio Montes 2021-03-22 09:27:05 -06:00
parent d0eda5ecfd
commit 88cf3db601
1 changed files with 21 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/runtime/virtcontainers/hypervisor.go
View File

@ -717,21 +717,16 @@ func getHostMemorySizeKb(memInfoPath string) (uint64, error) {
return 0, fmt.Errorf("unable get MemTotal from %s", memInfoPath) return 0, fmt.Errorf("unable get MemTotal from %s", memInfoPath)
} }
// RunningOnVMM checks if the system is running inside a VM. func CPUFlags(cpuInfoPath string) (map[string]bool, error) {
func RunningOnVMM(cpuInfoPath string) (bool, error) {
if runtime.GOARCH == "arm64" || runtime.GOARCH == "ppc64le" || runtime.GOARCH == "s390x" {
virtLog.Info("Unable to know if the system is running inside a VM")
return false, nil
}
flagsField := "flags" flagsField := "flags"
f, err := os.Open(cpuInfoPath) f, err := os.Open(cpuInfoPath)
if err != nil { if err != nil {
return false, err return map[string]bool{}, err
} }
defer f.Close() defer f.Close()
flags := make(map[string]bool)
scanner := bufio.NewScanner(f) scanner := bufio.NewScanner(f)
for scanner.Scan() { for scanner.Scan() {
// Expected format: ["flags", ":", ...] or ["flags:", ...] // Expected format: ["flags", ":", ...] or ["flags:", ...]
@ -745,23 +740,31 @@ func RunningOnVMM(cpuInfoPath string) (bool, error) {
} }
for _, field := range fields[1:] { for _, field := range fields[1:] {
if field == "hypervisor" { flags[field] = true
return true, nil
}
} }
// As long as we have been able to analyze the fields from return flags, nil
// "flags", there is no reason to check what comes next from
// /proc/cpuinfo, because we already know we are not running
// on a VMM.
return false, nil
} }
if err := scanner.Err(); err != nil { if err := scanner.Err(); err != nil {
return false, err return map[string]bool{}, err
} }
return false, fmt.Errorf("Couldn't find %q from %q output", flagsField, cpuInfoPath) return map[string]bool{}, fmt.Errorf("Couldn't find %q from %q output", flagsField, cpuInfoPath)
}
// RunningOnVMM checks if the system is running inside a VM.
func RunningOnVMM(cpuInfoPath string) (bool, error) {
if runtime.GOARCH == "amd64" {
flags, err := CPUFlags(cpuInfoPath)
if err != nil {
return false, err
}
return flags["hypervisor"], nil
}
virtLog.WithField("arch", runtime.GOARCH).Info("Unable to know if the system is running inside a VM")
return false, nil
} }
func getHypervisorPid(h hypervisor) int { func getHypervisorPid(h hypervisor) int {