[tbb-commits] [tor-browser-bundle/maint-5.0] Bug #16866: include kvm-ok and use it on Debian
gk at torproject.org
gk at torproject.org
Mon Aug 24 13:02:10 UTC 2015
commit ec4d734e654750492de727ee221bafa254754440
Author: Nicolas Vigier <boklm at torproject.org>
Date: Mon Aug 24 13:11:00 2015 +0200
Bug #16866: include kvm-ok and use it on Debian
---
gitian/check-prerequisites.sh | 10 +++-
tools/kvm-ok | 105 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 113 insertions(+), 2 deletions(-)
diff --git a/gitian/check-prerequisites.sh b/gitian/check-prerequisites.sh
index b36fca7..8518ffe 100755
--- a/gitian/check-prerequisites.sh
+++ b/gitian/check-prerequisites.sh
@@ -88,10 +88,16 @@ then
exit 1
fi
-kvm-ok > /dev/null
+if [ $DISTRO = "Debian" ];
+then
+ kvm_ok=../tools/kvm-ok
+else
+ kvm_ok=kvm-ok
+fi
+$kvm_ok > /dev/null
if [ $? -ne 0 -a "z$USE_LXC" != "z1" ];
then
- kvm-ok
+ $kvm_ok
echo
echo "Most likely, this means you will need to use LXC."
echo
diff --git a/tools/kvm-ok b/tools/kvm-ok
new file mode 100755
index 0000000..5040935
--- /dev/null
+++ b/tools/kvm-ok
@@ -0,0 +1,105 @@
+#!/bin/sh
+#
+# kvm-ok - check whether the CPU we're running on supports KVM acceleration
+# Copyright (C) 2008-2010 Canonical Ltd.
+#
+# Authors:
+# Dustin Kirkland <kirkland at canonical.com>
+# Kees Cook <kees.cook at canonical.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3,
+# as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+set -e
+
+assert_root() {
+ if [ "$(id -u)" != "0" ]; then
+ echo "INFO: For more detailed results, you should run this as root"
+ echo "HINT: sudo $0"
+ exit 1
+ fi
+}
+
+verdict() {
+ # Print verdict
+ if [ "$1" = "0" ]; then
+ echo "KVM acceleration can be used"
+ exit 0
+ else
+ echo "KVM acceleration can NOT be used"
+ exit 1
+ fi
+}
+
+# check cpu flags for capability
+virt=$(egrep -m1 -w '^flags[[:blank:]]*:' /proc/cpuinfo | egrep -wo '(vmx|svm)') || true
+[ "$virt" = "vmx" ] && brand="intel"
+[ "$virt" = "svm" ] && brand="amd"
+
+if [ -z "$virt" ]; then
+ echo "INFO: Your CPU does not support KVM extensions"
+ assert_root
+ verdict 1
+fi
+
+# Now, check that the device exists
+if [ -e /dev/kvm ]; then
+ echo "INFO: /dev/kvm exists"
+ verdict 0
+else
+ echo "INFO: /dev/kvm does not exist"
+ echo "HINT: sudo modprobe kvm_$brand"
+fi
+
+assert_root
+
+# Prepare MSR access
+msr="/dev/cpu/0/msr"
+if [ ! -r "$msr" ]; then
+ modprobe msr
+fi
+if [ ! -r "$msr" ]; then
+ echo "You must be root to run this check." >&2
+ exit 2
+fi
+
+echo "INFO: Your CPU supports KVM extensions"
+
+disabled=0
+# check brand-specific registers
+if [ "$virt" = "vmx" ]; then
+ BIT=$(rdmsr --bitfield 0:0 0x3a 2>/dev/null || true)
+ if [ "$BIT" = "1" ]; then
+ # and FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX clear (no tboot)
+ BIT=$(rdmsr --bitfield 2:2 0x3a 2>/dev/null || true)
+ if [ "$BIT" = "0" ]; then
+ disabled=1
+ fi
+ fi
+
+elif [ "$virt" = "svm" ]; then
+ BIT=$(rdmsr --bitfield 4:4 0xc0010114 2>/dev/null || true)
+ if [ "$BIT" = "1" ]; then
+ disabled=1
+ fi
+else
+ echo "FAIL: Unknown virtualization extension: $virt"
+ verdict 1
+fi
+
+if [ "$disabled" -eq 1 ]; then
+ echo "INFO: KVM ($virt) is disabled by your BIOS"
+ echo "HINT: Enter your BIOS setup and enable Virtualization Technology (VT),"
+ echo " and then hard poweroff/poweron your system"
+ verdict 1
+fi
+
+verdict 0
More information about the tbb-commits
mailing list