Skip to content
Permalink
Browse files

kata-check: optionally require kvm-intel unrestricted_guest

We have optionally handled it in kernel parameter in
genericArchKernelParamHandler but kata-check still forcely require it to
be present. Let's only require it when running on baremetal.

Signed-off-by: Peng Tao <bergwolf@gmail.com>
  • Loading branch information...
bergwolf committed Oct 16, 2018
1 parent acbcde3 commit 8cfb06f1a92893348bba730059e436439f1f28f4
Showing with 34 additions and 19 deletions.
  1. +4 −1 cli/kata-check.go
  2. +20 −11 cli/kata-check_amd64.go
  3. +2 −4 cli/kata-check_amd64_test.go
  4. +2 −1 cli/kata-check_arm64.go
  5. +2 −1 cli/kata-check_ppc64le.go
  6. +4 −1 cli/kata-env.go
@@ -291,7 +291,10 @@ var kataCheckCLICommand = cli.Command{
span, _ := trace(ctx, "kata-check")
defer span.Finish()

setCPUtype()
err = setCPUtype()
if err != nil {
return err
}

details := vmContainerCapableDetails{
cpuInfoFile: procCPUInfo,
@@ -6,9 +6,12 @@
package main

import (
"fmt"
"github.com/sirupsen/logrus"
"io/ioutil"
"strings"

vc "github.com/kata-containers/runtime/virtcontainers"
)

const (
@@ -45,13 +48,23 @@ var archRequiredCPUAttribs map[string]string
// required module parameters.
var archRequiredKernelModules map[string]kernelModule

func setCPUtype() {
func setCPUtype() error {
cpuType = getCPUtype()

if cpuType == cpuTypeUnknown {
kataLog.Fatal("Unknown CPU Type")
exit(1)
return fmt.Errorf("Unknow CPU Type")
} else if cpuType == cpuTypeIntel {
var kvmIntelParams map[string]string
onVMM, err := vc.RunningOnVMM(procCPUInfo)
if err != nil && !onVMM {
kvmIntelParams = map[string]string{
// "VMX Unrestricted mode support". This is used
// as a heuristic to determine if the system is
// "new enough" to run a Kata Container
// (atleast a Westmere).
"unrestricted_guest": "Y",
}
}
archRequiredCPUFlags = map[string]string{
"vmx": "Virtualization support",
"lm": "64Bit CPU",
@@ -65,14 +78,8 @@ func setCPUtype() {
desc: msgKernelVM,
},
"kvm_intel": {
desc: "Intel KVM",
parameters: map[string]string{
// "VMX Unrestricted mode support". This is used
// as a heuristic to determine if the system is
// "new enough" to run a Kata Container
// (atleast a Westmere).
"unrestricted_guest": "Y",
},
desc: "Intel KVM",
parameters: kvmIntelParams,
},
"vhost": {
desc: msgKernelVirtio,
@@ -105,6 +112,8 @@ func setCPUtype() {
},
}
}

return nil
}

func getCPUtype() int {
@@ -81,9 +81,7 @@ func TestCCCheckCLIFunction(t *testing.T) {
{archGenuineIntel, "lm vmx sse4_1", false},
}

moduleData = []testModuleData{
{filepath.Join(sysModuleDir, "kvm_intel/parameters/unrestricted_guest"), false, "Y"},
}
moduleData = []testModuleData{}
} else if cpuType == cpuTypeAMD {
cpuData = []testCPUData{
{archAuthenticAMD, "lm svm sse4_1", false},
@@ -393,7 +391,7 @@ func TestCheckHostIsVMContainerCapable(t *testing.T) {
}

err = hostIsVMContainerCapable(details)
assert.Error(err)
assert.Nil(err)
}

func TestArchKernelParamHandler(t *testing.T) {
@@ -40,7 +40,8 @@ var archRequiredKernelModules = map[string]kernelModule{
},
}

func setCPUtype() {
func setCPUtype() error {
return nil
}

// kvmIsUsable determines if it will be possible to create a full virtual machine
@@ -44,7 +44,8 @@ var archRequiredKernelModules = map[string]kernelModule{
},
}

func setCPUtype() {
func setCPUtype() error {
return nil
}

func archHostCanCreateVMContainer() error {
@@ -325,7 +325,10 @@ func getHypervisorInfo(config oci.RuntimeConfig) HypervisorInfo {
}

func getEnvInfo(configFile string, config oci.RuntimeConfig) (env EnvInfo, err error) {
setCPUtype()
err = setCPUtype()
if err != nil {
return EnvInfo{}, err
}

meta := getMetaInfo()

0 comments on commit 8cfb06f

Please sign in to comment.
You can’t perform that action at this time.