From: Daniel P. Berrangé <berrange@redhat.com>
Date: Fri, 2 Aug 2024 15:26:00 +0000 (+0100)
Subject: confidential-virt: split caching of CVM detection into separate method
X-Git-Tag: v257-rc1~767^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c4bd7adcc281af2a2dd40867f64f2ac54a43c7a;p=thirdparty%2Fsystemd.git

confidential-virt: split caching of CVM detection into separate method

We have different impls of detect_confidential_virtualization per
architecture. The detection is cached in the x86_64 impl, and as we
add support for more targets, we want to use caching for all. It thus
makes sense to split caching out into an architecture independent
method.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---

diff --git a/src/basic/confidential-virt.c b/src/basic/confidential-virt.c
index 8a88a3eb831..0e05ecffbf8 100644
--- a/src/basic/confidential-virt.c
+++ b/src/basic/confidential-virt.c
@@ -194,34 +194,37 @@ static bool detect_hypervisor(void) {
         return is_hv;
 }
 
-ConfidentialVirtualization detect_confidential_virtualization(void) {
-        static thread_local ConfidentialVirtualization cached_found = _CONFIDENTIAL_VIRTUALIZATION_INVALID;
+static ConfidentialVirtualization detect_confidential_virtualization_impl(void) {
         char sig[13] = {};
-        ConfidentialVirtualization cv = CONFIDENTIAL_VIRTUALIZATION_NONE;
-
-        if (cached_found >= 0)
-                return cached_found;
 
         /* Skip everything on bare metal */
         if (detect_hypervisor()) {
                 cpuid_leaf(0, sig, true);
 
                 if (memcmp(sig, CPUID_SIG_AMD, sizeof(sig)) == 0)
-                        cv = detect_sev();
+                        return detect_sev();
                 else if (memcmp(sig, CPUID_SIG_INTEL, sizeof(sig)) == 0)
-                        cv = detect_tdx();
+                        return detect_tdx();
         }
 
-        cached_found = cv;
-        return cv;
+        return CONFIDENTIAL_VIRTUALIZATION_NONE;
 }
 #else /* ! x86_64 */
-ConfidentialVirtualization detect_confidential_virtualization(void) {
+static ConfidentialVirtualization detect_confidential_virtualization_impl(void) {
         log_debug("No confidential virtualization detection on this architecture");
         return CONFIDENTIAL_VIRTUALIZATION_NONE;
 }
 #endif /* ! x86_64 */
 
+ConfidentialVirtualization detect_confidential_virtualization(void) {
+        static thread_local ConfidentialVirtualization cached_found = _CONFIDENTIAL_VIRTUALIZATION_INVALID;
+
+        if (cached_found == _CONFIDENTIAL_VIRTUALIZATION_INVALID)
+                cached_found = detect_confidential_virtualization_impl();
+
+        return cached_found;
+}
+
 static const char *const confidential_virtualization_table[_CONFIDENTIAL_VIRTUALIZATION_MAX] = {
         [CONFIDENTIAL_VIRTUALIZATION_NONE]    = "none",
         [CONFIDENTIAL_VIRTUALIZATION_SEV]     = "sev",