From fb71571d3a4efddeb44f02939304be9007301974 Mon Sep 17 00:00:00 2001
From: vlefebvre <valentin.lefebvre@suse.com>
Date: Tue, 8 Jul 2025 15:46:10 +0000
Subject: [PATCH] detect-virt: add bare-metal support for GCE

Google Compute Engine are not only virtual but can be also physical
machines. Therefore checking only the dmi is not enough to detect if it
is a virtual machine. Therefore systemd-detect-virt return "google"
instead of "none" in c3-highcpu-metal machine.
SMBIOS will not help us to make the difference as for EC2 machines.
However, GCE use KVM hypervisor for these VM, we can use this
information to detect virtualization. [0]

Issue and changes has been tested on SUSE SLE-15-SP7 images with
systemd-254 for both GCE, bare-metal and VM.

[0] -
https://cloud.google.com/blog/products/gcp/7-ways-we-harden-our-kvm-hypervisor-at-google-cloud-security-in-plaintext
---
 src/basic/virt.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/basic/virt.c b/src/basic/virt.c
index f11d5c235a..13917058d8 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -475,8 +475,7 @@ Virtualization detect_vm(void) {
                    VIRTUALIZATION_ORACLE,
                    VIRTUALIZATION_XEN,
                    VIRTUALIZATION_AMAZON,
-                   VIRTUALIZATION_PARALLELS,
-                   VIRTUALIZATION_GOOGLE)) {
+                   VIRTUALIZATION_PARALLELS)) {
                 v = dmi;
                 goto finish;
         }
@@ -515,6 +514,10 @@ Virtualization detect_vm(void) {
                 hyperv = true;
         else if (v == VIRTUALIZATION_VM_OTHER)
                 other = true;
+        else if (v == VIRTUALIZATION_KVM && dmi == VIRTUALIZATION_GOOGLE)
+                /* The DMI vendor tables in /sys/class/dmi/id don't help us distinguish between GCE
+                 * virtual machines and bare-metal instances, so we need to look at hypervisor. */
+                return VIRTUALIZATION_GOOGLE;
         else if (v != VIRTUALIZATION_NONE)
                 goto finish;
 
@@ -527,7 +530,9 @@ Virtualization detect_vm(void) {
                 return dmi;
         if (dmi == VIRTUALIZATION_VM_OTHER)
                 other = true;
-        else if (dmi != VIRTUALIZATION_NONE) {
+        else if (!IN_SET(dmi, VIRTUALIZATION_NONE, VIRTUALIZATION_GOOGLE)) {
+                /* At this point if GCE has been detected in dmi, do not report as a VM. It should
+                 * be a bare-metal machine */
                 v = dmi;
                 goto finish;
         }