[thirdparty/systemd.git] / src / detect-virt / detect-virt.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <getopt.h>

#include "alloc-util.h"
#include "build.h"
#include "confidential-virt.h"
#include "log.h"
#include "main-func.h"
#include "pretty-print.h"
#include "string-table.h"
#include "virt.h"

static bool arg_quiet = false;
static enum {
        ANY_VIRTUALIZATION,
        ONLY_VM,
        ONLY_CONTAINER,
        ONLY_CHROOT,
        ONLY_PRIVATE_USERS,
        ONLY_CVM,
} arg_mode = ANY_VIRTUALIZATION;

static int help(void) {
        _cleanup_free_ char *link = NULL;
        int r;

        r = terminal_urlify_man("systemd-detect-virt", "1", &link);
        if (r < 0)
                return log_oom();

        printf("%s [OPTIONS...]\n\n"
               "Detect execution in a virtualized environment.\n\n"
               "  -h --help             Show this help\n"
               "     --version          Show package version\n"
               "  -c --container        Only detect whether we are run in a container\n"
               "  -v --vm               Only detect whether we are run in a VM\n"
               "  -r --chroot           Detect whether we are run in a chroot() environment\n"
               "     --private-users    Only detect whether we are running in a user namespace\n"
               "     --cvm              Only detect whether we are run in a confidential VM\n"
               "  -q --quiet            Don't output anything, just set return value\n"
               "     --list             List all known and detectable types of virtualization\n"
               "     --list-cvm         List all known and detectable types of confidential \n"
               "                        virtualization\n"
               "\nSee the %s for details.\n",
               program_invocation_short_name,
               link);

        return 0;
}

static int parse_argv(int argc, char *argv[]) {

        enum {
                ARG_VERSION = 0x100,
                ARG_PRIVATE_USERS,
                ARG_LIST,
                ARG_CVM,
                ARG_LIST_CVM,
        };

        static const struct option options[] = {
                { "help",          no_argument, NULL, 'h'               },
                { "version",       no_argument, NULL, ARG_VERSION       },
                { "container",     no_argument, NULL, 'c'               },
                { "vm",            no_argument, NULL, 'v'               },
                { "chroot",        no_argument, NULL, 'r'               },
                { "private-users", no_argument, NULL, ARG_PRIVATE_USERS },
                { "quiet",         no_argument, NULL, 'q'               },
                { "cvm",           no_argument, NULL, ARG_CVM           },
                { "list",          no_argument, NULL, ARG_LIST          },
                { "list-cvm",      no_argument, NULL, ARG_LIST_CVM      },
                {}
        };

        int c;

        assert(argc >= 0);
        assert(argv);

        while ((c = getopt_long(argc, argv, "hqcvr", options, NULL)) >= 0)

                switch (c) {

                case 'h':
                        return help();

                case ARG_VERSION:
                        return version();

                case 'q':
                        arg_quiet = true;
                        break;

                case 'c':
                        arg_mode = ONLY_CONTAINER;
                        break;

                case ARG_PRIVATE_USERS:
                        arg_mode = ONLY_PRIVATE_USERS;
                        break;

                case 'v':
                        arg_mode = ONLY_VM;
                        break;

                case 'r':
                        arg_mode = ONLY_CHROOT;
                        break;

                case ARG_LIST:
                        DUMP_STRING_TABLE(virtualization, Virtualization, _VIRTUALIZATION_MAX);
                        return 0;

                case ARG_CVM:
                        arg_mode = ONLY_CVM;
                        return 1;

                case ARG_LIST_CVM:
                        DUMP_STRING_TABLE(confidential_virtualization, ConfidentialVirtualization, _CONFIDENTIAL_VIRTUALIZATION_MAX);
                        return 0;

                case '?':
                        return -EINVAL;

                default:
                        assert_not_reached();
                }

        if (optind < argc)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
                                       "%s takes no arguments.",
                                       program_invocation_short_name);

        return 1;
}

static int run(int argc, char *argv[]) {
        Virtualization v;
        ConfidentialVirtualization c;
        int r;

        /* This is mostly intended to be used for scripts which want
         * to detect whether we are being run in a virtualized
         * environment or not */

        log_setup();

        r = parse_argv(argc, argv);
        if (r <= 0)
                return r;

        switch (arg_mode) {
        case ONLY_VM:
                v = detect_vm();
                if (v < 0)
                        return log_error_errno(v, "Failed to check for VM: %m");
                break;

        case ONLY_CONTAINER:
                v = detect_container();
                if (v < 0)
                        return log_error_errno(v, "Failed to check for container: %m");
                break;

        case ONLY_CHROOT:
                r = running_in_chroot();
                if (r < 0)
                        return log_error_errno(r, "Failed to check for chroot() environment: %m");
                return !r;

        case ONLY_PRIVATE_USERS:
                r = running_in_userns();
                if (r < 0)
                        return log_error_errno(r, "Failed to check for user namespace: %m");
                return !r;

        case ONLY_CVM:
                c = detect_confidential_virtualization();
                if (c < 0)
                        return log_error_errno(c, "Failed to check for confidential virtualization: %m");
                if (!arg_quiet)
                        puts(confidential_virtualization_to_string(c));
                return c == CONFIDENTIAL_VIRTUALIZATION_NONE;

        case ANY_VIRTUALIZATION:
        default:
                v = detect_virtualization();
                if (v < 0)
                        return log_error_errno(v, "Failed to check for virtualization: %m");
        }

        if (!arg_quiet)
                puts(virtualization_to_string(v));

        return v == VIRTUALIZATION_NONE;
}

DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run);
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
07faed4f	2
cac72f7a	3	#include <getopt.h>
07faed4f	4
37ec0fdd	5	#include "alloc-util.h"
d6b4d1c7	6	#include "build.h"
5e0c61f6	7	#include "confidential-virt.h"
93a1f792	8	#include "log.h"
5e332028	9	#include "main-func.h"
294bf0c3	10	#include "pretty-print.h"
39824629	11	#include "string-table.h"
b52aae1d	12	#include "virt.h"
cac72f7a LP	13
	14	static bool arg_quiet = false;
	15	static enum {
	16	ANY_VIRTUALIZATION,
	17	ONLY_VM,
d21be5ff LP	18	ONLY_CONTAINER,
d21be5ff LP	19	ONLY_CHROOT,
299a34c1	20	ONLY_PRIVATE_USERS,
5e0c61f6	21	ONLY_CVM,
cac72f7a LP	22	} arg_mode = ANY_VIRTUALIZATION;
cac72f7a LP	23
37ec0fdd LP	24	static int help(void) {
	25	_cleanup_free_ char *link = NULL;
	26	int r;
	27
	28	r = terminal_urlify_man("systemd-detect-virt", "1", &link);
	29	if (r < 0)
	30	return log_oom();
	31
cac72f7a LP	32	printf("%s [OPTIONS...]\n\n"
	33	"Detect execution in a virtualized environment.\n\n"
	34	" -h --help Show this help\n"
	35	" --version Show package version\n"
	36	" -c --container Only detect whether we are run in a container\n"
	37	" -v --vm Only detect whether we are run in a VM\n"
d21be5ff	38	" -r --chroot Detect whether we are run in a chroot() environment\n"
299a34c1	39	" --private-users Only detect whether we are running in a user namespace\n"
5e0c61f6	40	" --cvm Only detect whether we are run in a confidential VM\n"
601185b4	41	" -q --quiet Don't output anything, just set return value\n"
39824629	42	" --list List all known and detectable types of virtualization\n"
f460fec9 DB	43	" --list-cvm List all known and detectable types of confidential \n"
f460fec9 DB	44	" virtualization\n"
bc556335 DDM	45	"\nSee the %s for details.\n",
	46	program_invocation_short_name,
	47	link);
37ec0fdd LP	48
37ec0fdd LP	49	return 0;
cac72f7a LP	50	}
	51
	52	static int parse_argv(int argc, char *argv[]) {
	53
	54	enum {
299a34c1 ZJS	55	ARG_VERSION = 0x100,
299a34c1 ZJS	56	ARG_PRIVATE_USERS,
39824629	57	ARG_LIST,
5e0c61f6	58	ARG_CVM,
f460fec9	59	ARG_LIST_CVM,
cac72f7a LP	60	};
	61
	62	static const struct option options[] = {
299a34c1 ZJS	63	{ "help", no_argument, NULL, 'h' },
	64	{ "version", no_argument, NULL, ARG_VERSION },
	65	{ "container", no_argument, NULL, 'c' },
	66	{ "vm", no_argument, NULL, 'v' },
	67	{ "chroot", no_argument, NULL, 'r' },
	68	{ "private-users", no_argument, NULL, ARG_PRIVATE_USERS },
	69	{ "quiet", no_argument, NULL, 'q' },
5e0c61f6	70	{ "cvm", no_argument, NULL, ARG_CVM },
39824629	71	{ "list", no_argument, NULL, ARG_LIST },
f460fec9	72	{ "list-cvm", no_argument, NULL, ARG_LIST_CVM },
eb9da376	73	{}
cac72f7a LP	74	};
	75
	76	int c;
	77
	78	assert(argc >= 0);
	79	assert(argv);
	80
d21be5ff	81	while ((c = getopt_long(argc, argv, "hqcvr", options, NULL)) >= 0)
cac72f7a LP	82
	83	switch (c) {
	84
	85	case 'h':
37ec0fdd	86	return help();
cac72f7a LP	87
cac72f7a LP	88	case ARG_VERSION:
3f6fd1ba	89	return version();
cac72f7a LP	90
	91	case 'q':
	92	arg_quiet = true;
	93	break;
	94
	95	case 'c':
	96	arg_mode = ONLY_CONTAINER;
	97	break;
	98
299a34c1 ZJS	99	case ARG_PRIVATE_USERS:
	100	arg_mode = ONLY_PRIVATE_USERS;
	101	break;
	102
cac72f7a LP	103	case 'v':
	104	arg_mode = ONLY_VM;
	105	break;
	106
d21be5ff LP	107	case 'r':
	108	arg_mode = ONLY_CHROOT;
	109	break;
	110
39824629	111	case ARG_LIST:
1b86c7c5	112	DUMP_STRING_TABLE(virtualization, Virtualization, _VIRTUALIZATION_MAX);
39824629 LP	113	return 0;
39824629 LP	114
5e0c61f6 DB	115	case ARG_CVM:
	116	arg_mode = ONLY_CVM;
	117	return 1;
	118
f460fec9 DB	119	case ARG_LIST_CVM:
	120	DUMP_STRING_TABLE(confidential_virtualization, ConfidentialVirtualization, _CONFIDENTIAL_VIRTUALIZATION_MAX);
	121	return 0;
	122
cac72f7a LP	123	case '?':
	124	return -EINVAL;
	125
	126	default:
04499a70	127	assert_not_reached();
cac72f7a	128	}
cac72f7a	129
baaa35ad ZJS	130	if (optind < argc)
	131	return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
	132	"%s takes no arguments.",
	133	program_invocation_short_name);
cac72f7a LP	134
	135	return 1;
	136	}
07faed4f	137
bdab0984	138	static int run(int argc, char *argv[]) {
1b86c7c5	139	Virtualization v;
5e0c61f6	140	ConfidentialVirtualization c;
9e6a555a	141	int r;
07faed4f LP	142
	143	/* This is mostly intended to be used for scripts which want
	144	* to detect whether we are being run in a virtualized
	145	* environment or not */
	146
d2acb93d	147	log_setup();
cac72f7a LP	148
	149	r = parse_argv(argc, argv);
	150	if (r <= 0)
bdab0984	151	return r;
cac72f7a LP	152
cac72f7a LP	153	switch (arg_mode) {
75f86906	154	case ONLY_VM:
1b86c7c5 LP	155	v = detect_vm();
	156	if (v < 0)
	157	return log_error_errno(v, "Failed to check for VM: %m");
cac72f7a	158	break;
cac72f7a LP	159
cac72f7a LP	160	case ONLY_CONTAINER:
1b86c7c5 LP	161	v = detect_container();
	162	if (v < 0)
	163	return log_error_errno(v, "Failed to check for container: %m");
cac72f7a LP	164	break;
cac72f7a LP	165
d21be5ff LP	166	case ONLY_CHROOT:
d21be5ff LP	167	r = running_in_chroot();
bdab0984 ZJS	168	if (r < 0)
	169	return log_error_errno(r, "Failed to check for chroot() environment: %m");
	170	return !r;
d21be5ff	171
299a34c1 ZJS	172	case ONLY_PRIVATE_USERS:
299a34c1 ZJS	173	r = running_in_userns();
bdab0984 ZJS	174	if (r < 0)
	175	return log_error_errno(r, "Failed to check for user namespace: %m");
	176	return !r;
299a34c1	177
5e0c61f6 DB	178	case ONLY_CVM:
	179	c = detect_confidential_virtualization();
	180	if (c < 0)
	181	return log_error_errno(c, "Failed to check for confidential virtualization: %m");
	182	if (!arg_quiet)
	183	puts(confidential_virtualization_to_string(c));
	184	return c == CONFIDENTIAL_VIRTUALIZATION_NONE;
	185
75f86906 LP	186	case ANY_VIRTUALIZATION:
75f86906 LP	187	default:
1b86c7c5 LP	188	v = detect_virtualization();
	189	if (v < 0)
	190	return log_error_errno(v, "Failed to check for virtualization: %m");
07faed4f LP	191	}
07faed4f LP	192
ac0d6edf	193	if (!arg_quiet)
1b86c7c5	194	puts(virtualization_to_string(v));
75f86906	195
1b86c7c5	196	return v == VIRTUALIZATION_NONE;
07faed4f	197	}
bdab0984 ZJS	198
bdab0984 ZJS	199	DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run);