From: Bertrand Jacquin <bertrand@jacquin.bzh>
Date: Sun, 11 Oct 2020 20:25:00 +0000 (+0100)
Subject: virt: detect Amazon EC2 Nitro instance
X-Git-Tag: v249-rc1~309^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b6eca3731dd92b009b182f188936e1c2544574da;p=thirdparty%2Fsystemd.git

virt: detect Amazon EC2 Nitro instance

Amazon EC2 Nitro hypervisor is technically based on KVM[1], which
systemd-detect-virt identify propely from CPUID. However the lack of
CPUID on aarch64 (A1, T4 instance type) prevents a correct
identification, impacting hostnamectl and systemd-random-seed. Instead
it's possible to identify virtualization from DMI vendor ID.

Prior to this commit:
  # hostnamectl
     Static hostname: n/a
  Transient hostname: ip-10-97-8-12
           Icon name: computer
          Machine ID: 8e3772fbcfa3dd6f330a12ff5df5a63b
             Boot ID: b7b7e2fe0079448db664839df59f9817
    Operating System: Gentoo/Linux
              Kernel: Linux 5.4.69-longterm
        Architecture: arm64

After this commit:
  # hostnamectl
     Static hostname: n/a
  Transient hostname: ip-10-97-8-12
           Icon name: computer-vm
             Chassis: vm
          Machine ID: 8e3772fbcfa3dd6f330a12ff5df5a63b
             Boot ID: bd04da57084e41078f20541101867113
      Virtualization: amazon
    Operating System: Gentoo/Linux
              Kernel: Linux 5.4.69-longterm
        Architecture: arm64

[1] https://aws.amazon.com/ec2/faqs/
---

diff --git a/man/systemd-detect-virt.xml b/man/systemd-detect-virt.xml
index 654cf9b84c4..14bfd19b622 100644
--- a/man/systemd-detect-virt.xml
+++ b/man/systemd-detect-virt.xml
@@ -69,7 +69,12 @@
 
           <row>
             <entry><varname>kvm</varname></entry>
-            <entry>Linux KVM kernel virtual machine, with whatever software, except Oracle Virtualbox</entry>
+            <entry>Linux KVM kernel virtual machine, in combination with QEMU. Not used for other virtualizers using the KVM interfaces, such as Oracle VirtualBox or Amazon EC2 Nitro, see below.</entry>
+          </row>
+
+          <row>
+            <entry><varname>amazon</varname></entry>
+            <entry>Amazon EC2 Nitro using Linux KVM</entry>
           </row>
 
           <row>
diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
index 7f37f01ef98..b7a5ec0362e 100644
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@@ -1192,6 +1192,7 @@
           <literal>container</literal> to test against a generic type of virtualization solution, or one of
           <literal>qemu</literal>,
           <literal>kvm</literal>,
+          <literal>amazon</literal>,
           <literal>zvm</literal>,
           <literal>vmware</literal>,
           <literal>microsoft</literal>,
diff --git a/src/basic/virt.c b/src/basic/virt.c
index 335f59d6fc6..03c0e431ad4 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -149,6 +149,7 @@ static int detect_vm_dmi(void) {
                 int id;
         } dmi_vendor_table[] = {
                 { "KVM",                 VIRTUALIZATION_KVM       },
+                { "Amazon EC2",          VIRTUALIZATION_AMAZON    },
                 { "QEMU",                VIRTUALIZATION_QEMU      },
                 { "VMware",              VIRTUALIZATION_VMWARE    }, /* https://kb.vmware.com/s/article/1009458 */
                 { "VMW",                 VIRTUALIZATION_VMWARE    },
@@ -344,8 +345,9 @@ int detect_vm(void) {
 
         /* We have to use the correct order here:
          *
-         * → First, try to detect Oracle Virtualbox, even if it uses KVM, as well as Xen even if it cloaks as Microsoft
-         *   Hyper-V. Attempt to detect uml at this stage also since it runs as a user-process nested inside other VMs.
+         * → First, try to detect Oracle Virtualbox and Amazon EC2 Nitro, even if they use KVM, as well as Xen even if
+         *   it cloaks as Microsoft Hyper-V. Attempt to detect uml at this stage also since it runs as a user-process
+         *   nested inside other VMs.
          *
          * → Second, try to detect from CPUID, this will report KVM for whatever software is used even if info in DMI is
          *   overwritten.
@@ -353,7 +355,7 @@ int detect_vm(void) {
          * → Third, try to detect from DMI. */
 
         dmi = detect_vm_dmi();
-        if (IN_SET(dmi, VIRTUALIZATION_ORACLE, VIRTUALIZATION_XEN)) {
+        if (IN_SET(dmi, VIRTUALIZATION_ORACLE, VIRTUALIZATION_XEN, VIRTUALIZATION_AMAZON)) {
                 r = dmi;
                 goto finish;
         }
@@ -914,6 +916,7 @@ bool has_cpu_with_flag(const char *flag) {
 static const char *const virtualization_table[_VIRTUALIZATION_MAX] = {
         [VIRTUALIZATION_NONE] = "none",
         [VIRTUALIZATION_KVM] = "kvm",
+        [VIRTUALIZATION_AMAZON] = "amazon",
         [VIRTUALIZATION_QEMU] = "qemu",
         [VIRTUALIZATION_BOCHS] = "bochs",
         [VIRTUALIZATION_XEN] = "xen",
diff --git a/src/basic/virt.h b/src/basic/virt.h
index 378c7c4d232..1eafbe2cbec 100644
--- a/src/basic/virt.h
+++ b/src/basic/virt.h
@@ -10,6 +10,7 @@ enum {
 
         VIRTUALIZATION_VM_FIRST,
         VIRTUALIZATION_KVM = VIRTUALIZATION_VM_FIRST,
+        VIRTUALIZATION_AMAZON,
         VIRTUALIZATION_QEMU,
         VIRTUALIZATION_BOCHS,
         VIRTUALIZATION_XEN,
diff --git a/src/test/test-condition.c b/src/test/test-condition.c
index db15fe3136c..adba383fddb 100644
--- a/src/test/test-condition.c
+++ b/src/test/test-condition.c
@@ -575,6 +575,7 @@ static void test_condition_test_virtualization(void) {
 
         NULSTR_FOREACH(virt,
                        "kvm\0"
+                       "amazon\0"
                        "qemu\0"
                        "bochs\0"
                        "xen\0"