Insufficient xen virtual machine validation

Current piece of code related to "Xen" in landscape-client.

 22 if _is_vm_xen(root_path):
 23 return "xen"
 ....
 40 def _is_vm_xen(root_path):
 41 """Check if the host is virtualized with Xen."""
 42 xen_paths = [
 43 os.path.join(root_path, path)
 44 for path in ("proc/sys/xen", "proc/xen")]
 45
 46 if filter(os.path.exists, xen_paths):
 47 return True
 48
 49 # /sys/bus/xen exists on most machines, but only virtual machines have
 50 # devices
 51 sys_xen_path = os.path.join(root_path, "sys/bus/xen/devices")
 52 return os.path.isdir(sys_xen_path) and os.listdir(sys_xen_path)
 53
 54

Maybe a validation based on "dmidecode" output might be more accurate ?

$ dmidecode | grep -i domU
Product Name: HVM domU

There is also virt-what that already does that kind of validation.
Maybe that could be use as a reference.

# virt-what-1.13/virt-what.in
--
190 # Check for Xen.
191
192 if [ "$cpuid" = "XenVMMXenVMM" ]; then
193 echo xen; echo xen-hvm
194 skip_qemu_kvm=true
195 elif [ -f "${root}/proc/xen/capabilities" ]; then
196 echo xen
197 if grep -q "control_d" "${root}/proc/xen/capabilities"; then
198 echo xen-dom0
199 else
200 echo xen-domU
201 fi
202 skip_qemu_kvm=true
203 elif [ -f "${root}/sys/hypervisor/type" ] &&
204 grep -q "xen" "${root}/sys/hypervisor/type"; then
205 # Ordinary kernel with pv_ops. There does not seem to be
206 # enough information at present to tell whether this is dom0
207 # or domU. XXX
208 echo xen
209 elif [ "$arch" = "ia64" ]; then
210 if [ -d "${root}/sys/bus/xen" -a ! -d "${root}/sys/bus/xen-backend" ]; then
211 # PV-on-HVM drivers installed in a Xen guest.
212 echo xen
213 echo xen-hvm
214 else
215 # There is no virt leaf on IA64 HVM. This is a last-ditch
216 # attempt to detect something is virtualized by using a
217 # timing attack.
218 virt-what-ia64-xen-rdtsc-test > /dev/null 2>&1
219 case "$?" in
220 0) ;; # not virtual
221 1) # Could be some sort of virt, or could just be a bit slow.
222 echo virt
223 esac
224 fi
225 fi
--

Eric

The more I read about it, and the more I think the most efficient way to approach this would be to use the cpuid (CPU Identification) just like virt-what does.

The following are known ID strings from virtual machines:

"KVMKVMKVM" – KVM
"Microsoft Hv" – Microsoft Hyper-V or Windows Virtual PC
" lrpepyh vr" – Parallels (it possibly should be "prl hyperv ", but it is encoded as " lrpepyh vr")
"VMwareVMware" – VMware
"XenVMMXenVMM" – Xen HVM

# On Baremetal where the XEN guest reside #

$ virt-what
xen
xen-dom0

# On XEN guest #

$ virt-what
xen
xen-hvm

Landscape-team, do you think including virt-what as a package dependency during landscape-client installation and use virt-what for detection might be a viable solution ?

This also could be expanded to other virt types : kvm, xen, vmware, Hyper-V, et al.

Eric

@Eric, we can't depend landscape-client on virt-what since it's in universe.
I guess we can borrow logic from it.

This bug was fixed in the package landscape-client - 18.01-0ubuntu1

---------------
landscape-client (18.01-0ubuntu1) bionic; urgency=medium

  * New upstream release 18.01:
    - Ported to python3 (LP: #1577850)
    - move Replaces/Breaks landscape-client-ui rules to landscape-common
      (LP: #1560424)
    - Add a libpam-systemd Depends if built for xenial (LP: #1590838)
    - Some units not reporting swift usage (LP: #1588404)
    - Fix missing install directories for landscape-common and drop
      usr/share/landscape as its only used and created by landscape-client.
      (LP: #1680842)
    - Fix VM detection for Xen, by returning "xen" only for paravirtualized and
      HVM hosts, not for dom0. (LP: #1601818)
    - Add an indication of truncation to process output that has been truncated
      prior to delivery to the server. (LP: #1629000)
    - add /snap/bin to the PATH when executing scripts. (LP: #1635634)
    - Save the original sources.list file when a repository profile is
      associated with a computer and restore it when the profile is removed.
      (LP: #1607529)
    - Drop the legacy HAService plugin, which is no longer used.
    - Avoid double-decoding package descriptions in build_skeleton_apt, which
      causes an error with Xenial python-apt. (LP: #1655395)
    - Remove dead dbus code and textmessage (confirmed not supported in server
      for ~2 years). (LP: #1657372)
    - Move bzr-builddeb conf file from deprecated location to debian/
      (LP: #1658796)
    - Support for new server error message about there being too many pending
      computers already (LP: #1662530)
    - Add a timestamp to the package reporter result (LP: #1674252)
    - Check if ubuntu-release-upgrader is running before apt-update (LP: #1699179)
    - Implicitly trust file-local sources managed by landscape. On upgrades,
      add the trusted flag to the landscape file-local apt source file if it's
      not there. (LP: #1736576)
    - Use local system tools to change the user's password (LP: #1743558)
  * clean up packaging and getting in sync with the new landscape version:
    - d/rules: drop extra:suggests which is unused since 13.07.1-0ubuntu2
    - Remove antique postinst code. No supported landscape-client version
      installs cronjobs anymore (since a long time).
    - d/landscape-client.docs: the README file is now a markdown file, so
      install that instead.
    - d/landscape-common.postinst: no need to single out
      /var/lib/landscape/.gnupg when fixing ownerships, just do it over
      the entire parent directory.
    - guard user and group removal via an empty .cleanup.* file in post, so we
      only remove the user/group if we were the ones who created them at
      install time.
    - lintian: remove absolute path from update-motd calls in maintainer
      scripts
    - d/rules: drop special handling for dapper, hardy and lucid, which are no
      longer supported.
    - d/rules: make sure we have an "extra:Depends=" in substvars even if it's
      empty
    - d/rules: drop dh_pycentral handling, it's obsolete
  * Dropped (already included in this version):
    - d/p/set-vm-info-to-kvm-for-aws-C5-instances.patch:
  ...