Reliable mechanism to test hardware virtualization

@brauner What privileges does container need for systemd-detect-virt --vm to reliably detect hardware virtualization?