Skip to content

Commit 1f5fa62

Browse files
kalyazinroypat
kalyazin
authored and
roypat
committed
test: enable secret freedom in uffd tests
This includes both functional and performance tests. Signed-off-by: Nikita Kalyazin <[email protected]>
1 parent c91476a commit 1f5fa62

File tree

2 files changed

+32
-7
lines changed

2 files changed

+32
-7
lines changed

tests/integration_tests/functional/test_uffd.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,12 +12,12 @@
1212

1313

1414
@pytest.fixture(scope="function", name="snapshot")
15-
def snapshot_fxt(microvm_factory, guest_kernel_linux_5_10, rootfs):
15+
def snapshot_fxt(microvm_factory, guest_kernel_linux_5_10, rootfs, secret_free):
1616
"""Create a snapshot of a microVM."""
1717

1818
basevm = microvm_factory.build(guest_kernel_linux_5_10, rootfs)
1919
basevm.spawn()
20-
basevm.basic_config(vcpu_count=2, mem_size_mib=256)
20+
basevm.basic_config(vcpu_count=2, mem_size_mib=256, secret_free=secret_free)
2121
basevm.add_net_iface()
2222

2323
# Add a memory balloon.

tests/integration_tests/performance/test_snapshot.py

Lines changed: 30 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ def id(self):
4646
"""Computes a unique id for this test instance"""
4747
return "all_dev" if self.all_devices else f"{self.vcpus}vcpu_{self.mem}mb"
4848

49-
def boot_vm(self, microvm_factory, guest_kernel, rootfs) -> Microvm:
49+
def boot_vm(self, microvm_factory, guest_kernel, rootfs, secret_free) -> Microvm:
5050
"""Creates the initial snapshot that will be loaded repeatedly to sample latencies"""
5151
vm = microvm_factory.build(
5252
guest_kernel,
@@ -60,6 +60,7 @@ def boot_vm(self, microvm_factory, guest_kernel, rootfs) -> Microvm:
6060
mem_size_mib=self.mem,
6161
rootfs_io_engine="Sync",
6262
huge_pages=self.huge_pages,
63+
secret_free=secret_free,
6364
)
6465

6566
for _ in range(self.nets):
@@ -98,7 +99,11 @@ def boot_vm(self, microvm_factory, guest_kernel, rootfs) -> Microvm:
9899
ids=lambda x: x.id,
99100
)
100101
def test_restore_latency(
101-
microvm_factory, rootfs, guest_kernel_linux_5_10, test_setup, metrics
102+
microvm_factory,
103+
rootfs,
104+
guest_kernel_linux_5_10,
105+
test_setup,
106+
metrics,
102107
):
103108
"""
104109
Restores snapshots with vcpu/memory configuration, roughly scaling according to mem = (vcpus - 1) * 2048MB,
@@ -116,7 +121,7 @@ def test_restore_latency(
116121
"huge pages with secret hiding kernels on ARM are currently failing"
117122
)
118123

119-
vm = test_setup.boot_vm(microvm_factory, guest_kernel_linux_5_10, rootfs)
124+
vm = test_setup.boot_vm(microvm_factory, guest_kernel_linux_5_10, rootfs, False)
120125

121126
metrics.set_dimensions(
122127
{
@@ -159,6 +164,7 @@ def test_post_restore_latency(
159164
metrics,
160165
uffd_handler,
161166
huge_pages,
167+
secret_free,
162168
):
163169
"""Collects latency metric of post-restore memory accesses done inside the guest"""
164170
if huge_pages != HugePagesConfig.NONE and uffd_handler is None:
@@ -173,8 +179,16 @@ def test_post_restore_latency(
173179
"huge pages with secret hiding kernels on ARM are currently failing"
174180
)
175181

182+
if secret_free and uffd_handler is None:
183+
pytest.skip("Restoring from a file is not compatible with Secret Freedom")
184+
185+
if secret_free and huge_pages != HugePagesConfig.NONE:
186+
pytest.skip("Huge pages are not supported with Secret Freedom yet")
187+
176188
test_setup = SnapshotRestoreTest(mem=1024, vcpus=2, huge_pages=huge_pages)
177-
vm = test_setup.boot_vm(microvm_factory, guest_kernel_linux_5_10, rootfs)
189+
vm = test_setup.boot_vm(
190+
microvm_factory, guest_kernel_linux_5_10, rootfs, secret_free
191+
)
178192

179193
metrics.set_dimensions(
180194
{
@@ -226,6 +240,7 @@ def test_population_latency(
226240
huge_pages,
227241
vcpus,
228242
mem,
243+
secret_free,
229244
):
230245
"""Collects population latency metrics (e.g. how long it takes UFFD handler to fault in all memory)"""
231246
if (
@@ -237,8 +252,13 @@ def test_population_latency(
237252
"huge pages with secret hiding kernels on ARM are currently failing"
238253
)
239254

255+
if secret_free and huge_pages != HugePagesConfig.NONE:
256+
pytest.skip("Huge pages are not supported with Secret Freedom yet")
257+
240258
test_setup = SnapshotRestoreTest(mem=mem, vcpus=vcpus, huge_pages=huge_pages)
241-
vm = test_setup.boot_vm(microvm_factory, guest_kernel_linux_5_10, rootfs)
259+
vm = test_setup.boot_vm(
260+
microvm_factory, guest_kernel_linux_5_10, rootfs, secret_free
261+
)
242262

243263
metrics.set_dimensions(
244264
{
@@ -287,15 +307,20 @@ def test_snapshot_create_latency(
287307
rootfs,
288308
metrics,
289309
snapshot_type,
310+
secret_free,
290311
):
291312
"""Measure the latency of creating a Full snapshot"""
292313

314+
if secret_free and snapshot_type == SnapshotType.DIFF:
315+
pytest.skip("secret freedom and diff snapshots are mutually exclusive")
316+
293317
vm = microvm_factory.build(guest_kernel_linux_5_10, rootfs, monitor_memory=False)
294318
vm.spawn()
295319
vm.basic_config(
296320
vcpu_count=2,
297321
mem_size_mib=512,
298322
track_dirty_pages=snapshot_type == SnapshotType.DIFF,
323+
secret_free=secret_free,
299324
)
300325
vm.start()
301326
vm.pin_threads(0)

0 commit comments

Comments
 (0)