[thirdparty/systemd.git] / src / basic / virt.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2011 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include "alloc-util.h"
#include "dirent-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "macro.h"
#include "process-util.h"
#include "stat-util.h"
#include "string-table.h"
#include "string-util.h"
#include "virt.h"

static int detect_vm_cpuid(void) {

        /* CPUID is an x86 specific interface. */
#if defined(__i386__) || defined(__x86_64__)

        static const struct {
                const char *cpuid;
                int id;
        } cpuid_vendor_table[] = {
                { "XenVMMXenVMM", VIRTUALIZATION_XEN       },
                { "KVMKVMKVM",    VIRTUALIZATION_KVM       },
                /* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */
                { "VMwareVMware", VIRTUALIZATION_VMWARE    },
                /* http://msdn.microsoft.com/en-us/library/ff542428.aspx */
                { "Microsoft Hv", VIRTUALIZATION_MICROSOFT },
        };

        uint32_t eax, ecx;
        bool hypervisor;

        /* http://lwn.net/Articles/301888/ */

#if defined (__i386__)
#define REG_a "eax"
#define REG_b "ebx"
#elif defined (__amd64__)
#define REG_a "rax"
#define REG_b "rbx"
#endif

        /* First detect whether there is a hypervisor */
        eax = 1;
        __asm__ __volatile__ (
                /* ebx/rbx is being used for PIC! */
                "  push %%"REG_b"         \n\t"
                "  cpuid                  \n\t"
                "  pop %%"REG_b"          \n\t"

                : "=a" (eax), "=c" (ecx)
                : "0" (eax)
        );

        hypervisor = !!(ecx & 0x80000000U);

        if (hypervisor) {
                union {
                        uint32_t sig32[3];
                        char text[13];
                } sig = {};
                unsigned j;

                /* There is a hypervisor, see what it is */
                eax = 0x40000000U;
                __asm__ __volatile__ (
                        /* ebx/rbx is being used for PIC! */
                        "  push %%"REG_b"         \n\t"
                        "  cpuid                  \n\t"
                        "  mov %%ebx, %1          \n\t"
                        "  pop %%"REG_b"          \n\t"

                        : "=a" (eax), "=r" (sig.sig32[0]), "=c" (sig.sig32[1]), "=d" (sig.sig32[2])
                        : "0" (eax)
                );

                for (j = 0; j < ELEMENTSOF(cpuid_vendor_table); j ++)
                        if (streq(sig.text, cpuid_vendor_table[j].cpuid))
                                return cpuid_vendor_table[j].id;

                return VIRTUALIZATION_VM_OTHER;
        }
#endif

        return VIRTUALIZATION_NONE;
}

static int detect_vm_device_tree(void) {
#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__)
        _cleanup_free_ char *hvtype = NULL;
        int r;

        r = read_one_line_file("/proc/device-tree/hypervisor/compatible", &hvtype);
        if (r == -ENOENT) {
                _cleanup_closedir_ DIR *dir = NULL;
                struct dirent *dent;

                dir = opendir("/proc/device-tree");
                if (!dir) {
                        if (errno == ENOENT)
                                return VIRTUALIZATION_NONE;
                        return -errno;
                }

                FOREACH_DIRENT(dent, dir, return -errno)
                        if (strstr(dent->d_name, "fw-cfg"))
                                return VIRTUALIZATION_QEMU;

                return VIRTUALIZATION_NONE;
        } else if (r < 0)
                return r;

        if (streq(hvtype, "linux,kvm"))
                return VIRTUALIZATION_KVM;
        else if (strstr(hvtype, "xen"))
                return VIRTUALIZATION_XEN;
        else
                return VIRTUALIZATION_VM_OTHER;
#else
        return VIRTUALIZATION_NONE;
#endif
}

static int detect_vm_dmi(void) {
#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)

        static const char *const dmi_vendors[] = {
                "/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */
                "/sys/class/dmi/id/sys_vendor",
                "/sys/class/dmi/id/board_vendor",
                "/sys/class/dmi/id/bios_vendor"
        };

        static const struct {
                const char *vendor;
                int id;
        } dmi_vendor_table[] = {
                { "KVM",           VIRTUALIZATION_KVM       },
                { "QEMU",          VIRTUALIZATION_QEMU      },
                /* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */
                { "VMware",        VIRTUALIZATION_VMWARE    },
                { "VMW",           VIRTUALIZATION_VMWARE    },
                { "innotek GmbH",  VIRTUALIZATION_ORACLE    },
                { "Xen",           VIRTUALIZATION_XEN       },
                { "Bochs",         VIRTUALIZATION_BOCHS     },
                { "Parallels",     VIRTUALIZATION_PARALLELS },
        };
        unsigned i;
        int r;

        for (i = 0; i < ELEMENTSOF(dmi_vendors); i++) {
                _cleanup_free_ char *s = NULL;
                unsigned j;

                r = read_one_line_file(dmi_vendors[i], &s);
                if (r < 0) {
                        if (r == -ENOENT)
                                continue;

                        return r;
                }

                for (j = 0; j < ELEMENTSOF(dmi_vendor_table); j++)
                        if (startswith(s, dmi_vendor_table[j].vendor))
                                return dmi_vendor_table[j].id;
        }
#endif

        return VIRTUALIZATION_NONE;
}

static int detect_vm_xen(void) {
        _cleanup_free_ char *domcap = NULL;
        char *cap, *i;
        int r;

        r = read_one_line_file("/proc/xen/capabilities", &domcap);
        if (r == -ENOENT)
                return VIRTUALIZATION_NONE;

        i = domcap;
        while ((cap = strsep(&i, ",")))
                if (streq(cap, "control_d"))
                        break;

        return cap ? VIRTUALIZATION_NONE : VIRTUALIZATION_XEN;
}

static int detect_vm_hypervisor(void) {
        _cleanup_free_ char *hvtype = NULL;
        int r;

        r = read_one_line_file("/sys/hypervisor/type", &hvtype);
        if (r == -ENOENT)
                return VIRTUALIZATION_NONE;
        if (r < 0)
                return r;

        if (streq(hvtype, "xen"))
                return VIRTUALIZATION_XEN;
        else
                return VIRTUALIZATION_VM_OTHER;
}

static int detect_vm_uml(void) {
        _cleanup_free_ char *cpuinfo_contents = NULL;
        int r;

        /* Detect User-Mode Linux by reading /proc/cpuinfo */
        r = read_full_file("/proc/cpuinfo", &cpuinfo_contents, NULL);
        if (r < 0)
                return r;
        if (strstr(cpuinfo_contents, "\nvendor_id\t: User Mode Linux\n"))
                return VIRTUALIZATION_UML;

        return VIRTUALIZATION_NONE;
}

static int detect_vm_zvm(void) {

#if defined(__s390__)
        _cleanup_free_ char *t = NULL;
        int r;

        r = get_proc_field("/proc/sysinfo", "VM00 Control Program", WHITESPACE, &t);
        if (r == -ENOENT)
                return VIRTUALIZATION_NONE;
        if (r < 0)
                return r;

        if (streq(t, "z/VM"))
                return VIRTUALIZATION_ZVM;
        else
                return VIRTUALIZATION_KVM;
#else
        return VIRTUALIZATION_NONE;
#endif
}

/* Returns a short identifier for the various VM implementations */
int detect_vm(void) {
        static thread_local int cached_found = _VIRTUALIZATION_INVALID;
        int r;

        if (cached_found >= 0)
                return cached_found;

        /* We have to use the correct order here:
         * Some virtualization technologies do use KVM hypervisor but are
         * expected to be detected as something else. So detect DMI first.
         *
         * An example is Virtualbox since version 5.0, which uses KVM backend.
         * Detection via DMI works corretly, the CPU ID would find KVM
         * only. */
        r = detect_vm_dmi();
        if (r < 0)
                return r;
        if (r != VIRTUALIZATION_NONE)
                goto finish;

        r = detect_vm_cpuid();
        if (r < 0)
                return r;
        if (r != VIRTUALIZATION_NONE)
                goto finish;

        /* x86 xen will most likely be detected by cpuid. If not (most likely
         * because we're not an x86 guest), then we should try the xen capabilities
         * file next. If that's not found, then we check for the high-level
         * hypervisor sysfs file:
         *
         * https://bugs.freedesktop.org/show_bug.cgi?id=77271 */

        r = detect_vm_xen();
        if (r < 0)
                return r;
        if (r != VIRTUALIZATION_NONE)
                goto finish;

        r = detect_vm_hypervisor();
        if (r < 0)
                return r;
        if (r != VIRTUALIZATION_NONE)
                goto finish;

        r = detect_vm_device_tree();
        if (r < 0)
                return r;
        if (r != VIRTUALIZATION_NONE)
                goto finish;

        r = detect_vm_uml();
        if (r < 0)
                return r;
        if (r != VIRTUALIZATION_NONE)
                goto finish;

        r = detect_vm_zvm();
        if (r < 0)
                return r;

finish:
        cached_found = r;
        return r;
}

int detect_container(void) {

        static const struct {
                const char *value;
                int id;
        } value_table[] = {
                { "lxc",            VIRTUALIZATION_LXC            },
                { "lxc-libvirt",    VIRTUALIZATION_LXC_LIBVIRT    },
                { "systemd-nspawn", VIRTUALIZATION_SYSTEMD_NSPAWN },
                { "docker",         VIRTUALIZATION_DOCKER         },
                { "rkt",            VIRTUALIZATION_RKT            },
        };

        static thread_local int cached_found = _VIRTUALIZATION_INVALID;
        _cleanup_free_ char *m = NULL;
        const char *e = NULL;
        unsigned j;
        int r;

        if (cached_found >= 0)
                return cached_found;

        /* /proc/vz exists in container and outside of the container,
         * /proc/bc only outside of the container. */
        if (access("/proc/vz", F_OK) >= 0 &&
            access("/proc/bc", F_OK) < 0) {
                r = VIRTUALIZATION_OPENVZ;
                goto finish;
        }

        if (getpid() == 1) {
                /* If we are PID 1 we can just check our own
                 * environment variable */

                e = getenv("container");
                if (isempty(e)) {
                        r = VIRTUALIZATION_NONE;
                        goto finish;
                }
        } else {

                /* Otherwise, PID 1 dropped this information into a
                 * file in /run. This is better than accessing
                 * /proc/1/environ, since we don't need CAP_SYS_PTRACE
                 * for that. */

                r = read_one_line_file("/run/systemd/container", &m);
                if (r == -ENOENT) {

                        /* Fallback for cases where PID 1 was not
                         * systemd (for example, cases where
                         * init=/bin/sh is used. */

                        r = getenv_for_pid(1, "container", &m);
                        if (r <= 0) {

                                /* If that didn't work, give up,
                                 * assume no container manager.
                                 *
                                 * Note: This means we still cannot
                                 * detect containers if init=/bin/sh
                                 * is passed but privileges dropped,
                                 * as /proc/1/environ is only readable
                                 * with privileges. */

                                r = VIRTUALIZATION_NONE;
                                goto finish;
                        }
                }
                if (r < 0)
                        return r;

                e = m;
        }

        for (j = 0; j < ELEMENTSOF(value_table); j++)
                if (streq(e, value_table[j].value)) {
                        r = value_table[j].id;
                        goto finish;
                }

        r = VIRTUALIZATION_CONTAINER_OTHER;

finish:
        cached_found = r;
        return r;
}

int detect_virtualization(void) {
        int r;

        r = detect_container();
        if (r != 0)
                return r;

        return detect_vm();
}

int running_in_chroot(void) {
        int ret;

        ret = files_same("/proc/1/root", "/");
        if (ret < 0)
                return ret;

        return ret == 0;
}

static const char *const virtualization_table[_VIRTUALIZATION_MAX] = {
        [VIRTUALIZATION_NONE] = "none",
        [VIRTUALIZATION_KVM] = "kvm",
        [VIRTUALIZATION_QEMU] = "qemu",
        [VIRTUALIZATION_BOCHS] = "bochs",
        [VIRTUALIZATION_XEN] = "xen",
        [VIRTUALIZATION_UML] = "uml",
        [VIRTUALIZATION_VMWARE] = "vmware",
        [VIRTUALIZATION_ORACLE] = "oracle",
        [VIRTUALIZATION_MICROSOFT] = "microsoft",
        [VIRTUALIZATION_ZVM] = "zvm",
        [VIRTUALIZATION_PARALLELS] = "parallels",
        [VIRTUALIZATION_VM_OTHER] = "vm-other",

        [VIRTUALIZATION_SYSTEMD_NSPAWN] = "systemd-nspawn",
        [VIRTUALIZATION_LXC_LIBVIRT] = "lxc-libvirt",
        [VIRTUALIZATION_LXC] = "lxc",
        [VIRTUALIZATION_OPENVZ] = "openvz",
        [VIRTUALIZATION_DOCKER] = "docker",
        [VIRTUALIZATION_RKT] = "rkt",
        [VIRTUALIZATION_CONTAINER_OTHER] = "container-other",
};

DEFINE_STRING_TABLE_LOOKUP(virtualization, int);
Commit	Line	Data
b52aae1d LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2011 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
b52aae1d LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
b52aae1d	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
b52aae1d LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
b52aae1d	22	#include <errno.h>
11c3a366 TA	23	#include <stdint.h>
11c3a366 TA	24	#include <stdlib.h>
07630cea	25	#include <string.h>
b52aae1d LP	26	#include <unistd.h>
b52aae1d LP	27
b5efdb8a	28	#include "alloc-util.h"
ade61d3b ZJS	29	#include "dirent-util.h"
ade61d3b ZJS	30	#include "fd-util.h"
07630cea	31	#include "fileio.h"
11c3a366	32	#include "macro.h"
93cc7779	33	#include "process-util.h"
b5efdb8a	34	#include "stat-util.h"
8b43440b	35	#include "string-table.h"
07630cea	36	#include "string-util.h"
b52aae1d LP	37	#include "virt.h"
b52aae1d LP	38
75f86906	39	static int detect_vm_cpuid(void) {
b52aae1d	40
2ef8a4c4	41	/* CPUID is an x86 specific interface. */
bdb628ee	42	#if defined(__i386__) \|\| defined(__x86_64__)
b52aae1d	43
75f86906 LP	44	static const struct {
	45	const char *cpuid;
	46	int id;
	47	} cpuid_vendor_table[] = {
	48	{ "XenVMMXenVMM", VIRTUALIZATION_XEN },
	49	{ "KVMKVMKVM", VIRTUALIZATION_KVM },
b52aae1d	50	/* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */
75f86906	51	{ "VMwareVMware", VIRTUALIZATION_VMWARE },
b52aae1d	52	/* http://msdn.microsoft.com/en-us/library/ff542428.aspx */
75f86906 LP	53	{ "Microsoft Hv", VIRTUALIZATION_MICROSOFT },
75f86906 LP	54	};
b52aae1d LP	55
b52aae1d LP	56	uint32_t eax, ecx;
b52aae1d LP	57	bool hypervisor;
	58
	59	/* http://lwn.net/Articles/301888/ */
b52aae1d LP	60
	61	#if defined (__i386__)
	62	#define REG_a "eax"
	63	#define REG_b "ebx"
	64	#elif defined (__amd64__)
	65	#define REG_a "rax"
	66	#define REG_b "rbx"
	67	#endif
	68
	69	/* First detect whether there is a hypervisor */
	70	eax = 1;
	71	__asm__ __volatile__ (
	72	/* ebx/rbx is being used for PIC! */
	73	" push %%"REG_b" \n\t"
	74	" cpuid \n\t"
	75	" pop %%"REG_b" \n\t"
	76
	77	: "=a" (eax), "=c" (ecx)
	78	: "0" (eax)
	79	);
	80
	81	hypervisor = !!(ecx & 0x80000000U);
	82
	83	if (hypervisor) {
75f86906 LP	84	union {
	85	uint32_t sig32[3];
	86	char text[13];
	87	} sig = {};
	88	unsigned j;
b52aae1d LP	89
	90	/* There is a hypervisor, see what it is */
	91	eax = 0x40000000U;
	92	__asm__ __volatile__ (
	93	/* ebx/rbx is being used for PIC! */
	94	" push %%"REG_b" \n\t"
	95	" cpuid \n\t"
	96	" mov %%ebx, %1 \n\t"
	97	" pop %%"REG_b" \n\t"
	98
	99	: "=a" (eax), "=r" (sig.sig32[0]), "=c" (sig.sig32[1]), "=d" (sig.sig32[2])
	100	: "0" (eax)
	101	);
	102
75f86906 LP	103	for (j = 0; j < ELEMENTSOF(cpuid_vendor_table); j ++)
	104	if (streq(sig.text, cpuid_vendor_table[j].cpuid))
	105	return cpuid_vendor_table[j].id;
bdb628ee	106
75f86906	107	return VIRTUALIZATION_VM_OTHER;
b52aae1d	108	}
bdb628ee ZJS	109	#endif
bdb628ee ZJS	110
75f86906	111	return VIRTUALIZATION_NONE;
bdb628ee ZJS	112	}
bdb628ee ZJS	113
75f86906	114	static int detect_vm_device_tree(void) {
db6a8689	115	#if defined(__arm__) \|\| defined(__aarch64__) \|\| defined(__powerpc__) \|\| defined(__powerpc64__)
d831deb5 CA	116	_cleanup_free_ char *hvtype = NULL;
	117	int r;
	118
b8f1df82	119	r = read_one_line_file("/proc/device-tree/hypervisor/compatible", &hvtype);
75f86906	120	if (r == -ENOENT) {
ce09c71d AJ	121	_cleanup_closedir_ DIR *dir = NULL;
	122	struct dirent *dent;
	123
	124	dir = opendir("/proc/device-tree");
	125	if (!dir) {
	126	if (errno == ENOENT)
75f86906	127	return VIRTUALIZATION_NONE;
ce09c71d AJ	128	return -errno;
	129	}
	130
75f86906 LP	131	FOREACH_DIRENT(dent, dir, return -errno)
	132	if (strstr(dent->d_name, "fw-cfg"))
	133	return VIRTUALIZATION_QEMU;
	134
	135	return VIRTUALIZATION_NONE;
	136	} else if (r < 0)
	137	return r;
	138
	139	if (streq(hvtype, "linux,kvm"))
	140	return VIRTUALIZATION_KVM;
	141	else if (strstr(hvtype, "xen"))
	142	return VIRTUALIZATION_XEN;
	143	else
	144	return VIRTUALIZATION_VM_OTHER;
	145	#else
	146	return VIRTUALIZATION_NONE;
d831deb5	147	#endif
d831deb5 CA	148	}
d831deb5 CA	149
75f86906	150	static int detect_vm_dmi(void) {
2ef8a4c4	151	#if defined(__i386__) \|\| defined(__x86_64__) \|\| defined(__arm__) \|\| defined(__aarch64__)
bdb628ee ZJS	152
bdb628ee ZJS	153	static const char *const dmi_vendors[] = {
3728dcde	154	"/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */
bdb628ee ZJS	155	"/sys/class/dmi/id/sys_vendor",
	156	"/sys/class/dmi/id/board_vendor",
	157	"/sys/class/dmi/id/bios_vendor"
	158	};
	159
75f86906 LP	160	static const struct {
	161	const char *vendor;
	162	int id;
	163	} dmi_vendor_table[] = {
3728dcde	164	{ "KVM", VIRTUALIZATION_KVM },
75f86906	165	{ "QEMU", VIRTUALIZATION_QEMU },
bdb628ee	166	/* http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009458 */
75f86906 LP	167	{ "VMware", VIRTUALIZATION_VMWARE },
	168	{ "VMW", VIRTUALIZATION_VMWARE },
	169	{ "innotek GmbH", VIRTUALIZATION_ORACLE },
	170	{ "Xen", VIRTUALIZATION_XEN },
	171	{ "Bochs", VIRTUALIZATION_BOCHS },
	172	{ "Parallels", VIRTUALIZATION_PARALLELS },
	173	};
bdb628ee	174	unsigned i;
75f86906	175	int r;
b52aae1d LP	176
b52aae1d LP	177	for (i = 0; i < ELEMENTSOF(dmi_vendors); i++) {
b1b8e816	178	_cleanup_free_ char *s = NULL;
75f86906	179	unsigned j;
b52aae1d	180
b1b8e816 LP	181	r = read_one_line_file(dmi_vendors[i], &s);
b1b8e816 LP	182	if (r < 0) {
75f86906 LP	183	if (r == -ENOENT)
75f86906 LP	184	continue;
b52aae1d	185
75f86906	186	return r;
b52aae1d LP	187	}
b52aae1d LP	188
75f86906 LP	189	for (j = 0; j < ELEMENTSOF(dmi_vendor_table); j++)
	190	if (startswith(s, dmi_vendor_table[j].vendor))
	191	return dmi_vendor_table[j].id;
b52aae1d	192	}
bdb628ee ZJS	193	#endif
bdb628ee ZJS	194
75f86906	195	return VIRTUALIZATION_NONE;
bdb628ee ZJS	196	}
bdb628ee ZJS	197
75f86906 LP	198	static int detect_vm_xen(void) {
	199	_cleanup_free_ char *domcap = NULL;
	200	char cap, i;
bdb628ee	201	int r;
b52aae1d	202
75f86906 LP	203	r = read_one_line_file("/proc/xen/capabilities", &domcap);
	204	if (r == -ENOENT)
	205	return VIRTUALIZATION_NONE;
bdb628ee	206
75f86906 LP	207	i = domcap;
	208	while ((cap = strsep(&i, ",")))
	209	if (streq(cap, "control_d"))
	210	break;
bdb628ee	211
75f86906 LP	212	return cap ? VIRTUALIZATION_NONE : VIRTUALIZATION_XEN;
75f86906 LP	213	}
37287585	214
75f86906 LP	215	static int detect_vm_hypervisor(void) {
	216	_cleanup_free_ char *hvtype = NULL;
	217	int r;
37287585	218
75f86906 LP	219	r = read_one_line_file("/sys/hypervisor/type", &hvtype);
	220	if (r == -ENOENT)
	221	return VIRTUALIZATION_NONE;
	222	if (r < 0)
	223	return r;
37287585	224
75f86906 LP	225	if (streq(hvtype, "xen"))
	226	return VIRTUALIZATION_XEN;
	227	else
	228	return VIRTUALIZATION_VM_OTHER;
	229	}
37287585	230
75f86906 LP	231	static int detect_vm_uml(void) {
	232	_cleanup_free_ char *cpuinfo_contents = NULL;
	233	int r;
37287585	234
75f86906 LP	235	/* Detect User-Mode Linux by reading /proc/cpuinfo */
	236	r = read_full_file("/proc/cpuinfo", &cpuinfo_contents, NULL);
	237	if (r < 0)
bdb628ee	238	return r;
75f86906 LP	239	if (strstr(cpuinfo_contents, "\nvendor_id\t: User Mode Linux\n"))
75f86906 LP	240	return VIRTUALIZATION_UML;
bdb628ee	241
75f86906 LP	242	return VIRTUALIZATION_NONE;
75f86906 LP	243	}
e32886e0	244
75f86906	245	static int detect_vm_zvm(void) {
bdb628ee	246
75f86906 LP	247	#if defined(__s390__)
	248	_cleanup_free_ char *t = NULL;
	249	int r;
e32886e0	250
c4cd1d4d	251	r = get_proc_field("/proc/sysinfo", "VM00 Control Program", WHITESPACE, &t);
75f86906 LP	252	if (r == -ENOENT)
	253	return VIRTUALIZATION_NONE;
	254	if (r < 0)
	255	return r;
e32886e0	256
75f86906 LP	257	if (streq(t, "z/VM"))
	258	return VIRTUALIZATION_ZVM;
	259	else
	260	return VIRTUALIZATION_KVM;
	261	#else
	262	return VIRTUALIZATION_NONE;
	263	#endif
	264	}
e32886e0	265
75f86906 LP	266	/* Returns a short identifier for the various VM implementations */
	267	int detect_vm(void) {
	268	static thread_local int cached_found = _VIRTUALIZATION_INVALID;
	269	int r;
e32886e0	270
75f86906 LP	271	if (cached_found >= 0)
75f86906 LP	272	return cached_found;
bdb628ee	273
f6875b0a CH	274	/* We have to use the correct order here:
	275	* Some virtualization technologies do use KVM hypervisor but are
	276	* expected to be detected as something else. So detect DMI first.
	277	*
	278	* An example is Virtualbox since version 5.0, which uses KVM backend.
	279	* Detection via DMI works corretly, the CPU ID would find KVM
	280	* only. */
050e65ad	281	r = detect_vm_dmi();
75f86906 LP	282	if (r < 0)
	283	return r;
	284	if (r != VIRTUALIZATION_NONE)
d831deb5 CA	285	goto finish;
d831deb5 CA	286
050e65ad	287	r = detect_vm_cpuid();
75f86906 LP	288	if (r < 0)
	289	return r;
	290	if (r != VIRTUALIZATION_NONE)
0fb533a5	291	goto finish;
b52aae1d	292
42685451 AJ	293	/* x86 xen will most likely be detected by cpuid. If not (most likely
	294	* because we're not an x86 guest), then we should try the xen capabilities
	295	* file next. If that's not found, then we check for the high-level
	296	* hypervisor sysfs file:
	297	*
	298	* https://bugs.freedesktop.org/show_bug.cgi?id=77271 */
	299
	300	r = detect_vm_xen();
7080ea16 RR	301	if (r < 0)
7080ea16 RR	302	return r;
75f86906	303	if (r != VIRTUALIZATION_NONE)
0fb533a5	304	goto finish;
7080ea16	305
75f86906 LP	306	r = detect_vm_hypervisor();
	307	if (r < 0)
	308	return r;
	309	if (r != VIRTUALIZATION_NONE)
	310	goto finish;
f41925b4	311
75f86906 LP	312	r = detect_vm_device_tree();
	313	if (r < 0)
	314	return r;
	315	if (r != VIRTUALIZATION_NONE)
	316	goto finish;
f41925b4	317
75f86906 LP	318	r = detect_vm_uml();
	319	if (r < 0)
	320	return r;
	321	if (r != VIRTUALIZATION_NONE)
	322	goto finish;
f41925b4	323
75f86906 LP	324	r = detect_vm_zvm();
	325	if (r < 0)
	326	return r;
0fb533a5 LP	327
	328	finish:
	329	cached_found = r;
0fb533a5	330	return r;
b52aae1d LP	331	}
b52aae1d LP	332
75f86906	333	int detect_container(void) {
0fb533a5	334
75f86906 LP	335	static const struct {
	336	const char *value;
	337	int id;
	338	} value_table[] = {
	339	{ "lxc", VIRTUALIZATION_LXC },
	340	{ "lxc-libvirt", VIRTUALIZATION_LXC_LIBVIRT },
	341	{ "systemd-nspawn", VIRTUALIZATION_SYSTEMD_NSPAWN },
	342	{ "docker", VIRTUALIZATION_DOCKER },
9fb16425	343	{ "rkt", VIRTUALIZATION_RKT },
75f86906	344	};
0fb533a5	345
75f86906	346	static thread_local int cached_found = _VIRTUALIZATION_INVALID;
fdd25311	347	_cleanup_free_ char *m = NULL;
75f86906 LP	348	const char *e = NULL;
75f86906 LP	349	unsigned j;
ab94af92	350	int r;
b52aae1d	351
75f86906	352	if (cached_found >= 0)
0fb533a5	353	return cached_found;
0fb533a5	354
b52aae1d LP	355	/* /proc/vz exists in container and outside of the container,
	356	* /proc/bc only outside of the container. */
	357	if (access("/proc/vz", F_OK) >= 0 &&
	358	access("/proc/bc", F_OK) < 0) {
75f86906	359	r = VIRTUALIZATION_OPENVZ;
0fb533a5	360	goto finish;
b52aae1d LP	361	}
b52aae1d LP	362
fdd25311 LP	363	if (getpid() == 1) {
	364	/* If we are PID 1 we can just check our own
	365	* environment variable */
	366
	367	e = getenv("container");
	368	if (isempty(e)) {
75f86906	369	r = VIRTUALIZATION_NONE;
fdd25311 LP	370	goto finish;
	371	}
	372	} else {
	373
	374	/* Otherwise, PID 1 dropped this information into a
	375	* file in /run. This is better than accessing
	376	* /proc/1/environ, since we don't need CAP_SYS_PTRACE
	377	* for that. */
	378
	379	r = read_one_line_file("/run/systemd/container", &m);
	380	if (r == -ENOENT) {
536bfdab LP	381
	382	/* Fallback for cases where PID 1 was not
	383	* systemd (for example, cases where
	384	* init=/bin/sh is used. */
	385
	386	r = getenv_for_pid(1, "container", &m);
	387	if (r <= 0) {
	388
	389	/* If that didn't work, give up,
	390	* assume no container manager.
	391	*
	392	* Note: This means we still cannot
	393	* detect containers if init=/bin/sh
	394	* is passed but privileges dropped,
	395	* as /proc/1/environ is only readable
	396	* with privileges. */
	397
75f86906	398	r = VIRTUALIZATION_NONE;
536bfdab LP	399	goto finish;
536bfdab LP	400	}
fdd25311 LP	401	}
	402	if (r < 0)
	403	return r;
	404
	405	e = m;
	406	}
b52aae1d	407
75f86906 LP	408	for (j = 0; j < ELEMENTSOF(value_table); j++)
	409	if (streq(e, value_table[j].value)) {
	410	r = value_table[j].id;
	411	goto finish;
	412	}
0fb533a5	413
f499daf4	414	r = VIRTUALIZATION_CONTAINER_OTHER;
fdd25311	415
0fb533a5 LP	416	finish:
0fb533a5 LP	417	cached_found = r;
ab94af92	418	return r;
b52aae1d LP	419	}
b52aae1d LP	420
75f86906	421	int detect_virtualization(void) {
b52aae1d	422	int r;
b52aae1d	423
75f86906 LP	424	r = detect_container();
75f86906 LP	425	if (r != 0)
0fb533a5	426	return r;
b52aae1d	427
75f86906	428	return detect_vm();
b52aae1d	429	}
75f86906	430
7f4b3c5e LP	431	int running_in_chroot(void) {
	432	int ret;
	433
	434	ret = files_same("/proc/1/root", "/");
	435	if (ret < 0)
	436	return ret;
	437
	438	return ret == 0;
	439	}
	440
75f86906 LP	441	static const char *const virtualization_table[_VIRTUALIZATION_MAX] = {
	442	[VIRTUALIZATION_NONE] = "none",
	443	[VIRTUALIZATION_KVM] = "kvm",
	444	[VIRTUALIZATION_QEMU] = "qemu",
	445	[VIRTUALIZATION_BOCHS] = "bochs",
	446	[VIRTUALIZATION_XEN] = "xen",
	447	[VIRTUALIZATION_UML] = "uml",
	448	[VIRTUALIZATION_VMWARE] = "vmware",
	449	[VIRTUALIZATION_ORACLE] = "oracle",
	450	[VIRTUALIZATION_MICROSOFT] = "microsoft",
	451	[VIRTUALIZATION_ZVM] = "zvm",
	452	[VIRTUALIZATION_PARALLELS] = "parallels",
	453	[VIRTUALIZATION_VM_OTHER] = "vm-other",
	454
	455	[VIRTUALIZATION_SYSTEMD_NSPAWN] = "systemd-nspawn",
	456	[VIRTUALIZATION_LXC_LIBVIRT] = "lxc-libvirt",
	457	[VIRTUALIZATION_LXC] = "lxc",
	458	[VIRTUALIZATION_OPENVZ] = "openvz",
	459	[VIRTUALIZATION_DOCKER] = "docker",
9fb16425	460	[VIRTUALIZATION_RKT] = "rkt",
75f86906 LP	461	[VIRTUALIZATION_CONTAINER_OTHER] = "container-other",
	462	};
	463
	464	DEFINE_STRING_TABLE_LOOKUP(virtualization, int);