using snapshots

Signed-off-by: Simon Davies <[email protected]>

Author: simongdavies

Cargo.lock

@@ -17,6 +17,8 @@ limitations under the License.
 pub const PAGE_SHIFT: u64 = 12;
 pub const PAGE_SIZE: u64 = 1 << 12;
 pub const PAGE_SIZE_USIZE: usize = 1 << 12;
+// The number of pages in 1 "block". A single u64 can be used as bitmap to keep track of all dirty pages in a block.
+pub const PAGES_IN_BLOCK: usize = 64;
 
 /// A memory region in the guest address space
 #[derive(Debug, Clone, Copy)]

src/hyperlight_common/src/mem.rs

@@ -45,6 +45,7 @@ anyhow = "1.0"
 metrics = "0.24.2"
 serde_json = "1.0"
 elfcore = "2.0"
+lockfree ="0.5"
 
 [target.'cfg(windows)'.dependencies]
 windows = { version = "0.61", features = [

src/hyperlight_host/Cargo.toml

@@ -76,6 +76,8 @@ use crate::sandbox::SandboxConfiguration;
 use crate::sandbox::uninitialized::SandboxRuntimeConfig;
 use crate::{Result, log_then_return, new_error};
 
+const CLEAR_DIRTY_BIT_FLAG: u8 = 0b100;
+
 #[cfg(gdb)]
 mod debug {
     use std::sync::{Arc, Mutex};
@@ -826,6 +828,24 @@ impl Hypervisor for HypervLinuxDriver {
         self.interrupt_handle.clone()
     }
 
+    fn get_and_clear_dirty_pages(&mut self) -> Result<Vec<u64>> {
+        let first_mshv_region: mshv_user_mem_region = self
+            .mem_regions
+            .first()
+            .ok_or(new_error!(
+                "tried to get dirty page bitmap of 0-sized region"
+            ))?
+            .to_owned()
+            .into();
+        let total_size = self.mem_regions.iter().map(|r| r.guest_region.len()).sum();
+        let res = self.vm_fd.get_dirty_log(
+            first_mshv_region.guest_pfn,
+            total_size,
+            CLEAR_DIRTY_BIT_FLAG.into(),
+        )?;
+        Ok(res)
+    }
+
     #[cfg(crashdump)]
     fn crashdump_context(&self) -> Result<Option<super::crashdump::CrashDumpContext>> {
         if self.rt_cfg.guest_core_dump {

src/hyperlight_host/src/hypervisor/hyperv_linux.rs

@@ -21,7 +21,10 @@ use std::sync::Arc;
 use std::sync::Mutex;
 use std::sync::atomic::{AtomicBool, AtomicU64, Ordering};
 
-use kvm_bindings::{KVM_MEM_READONLY, kvm_fpu, kvm_regs, kvm_userspace_memory_region};
+use hyperlight_common::mem::{PAGE_SIZE_USIZE, PAGES_IN_BLOCK};
+use kvm_bindings::{
+    KVM_MEM_LOG_DIRTY_PAGES, KVM_MEM_READONLY, kvm_fpu, kvm_regs, kvm_userspace_memory_region,
+};
 use kvm_ioctls::Cap::UserMemory;
 use kvm_ioctls::{Kvm, VcpuExit, VcpuFd, VmFd};
 use log::LevelFilter;
@@ -43,7 +46,8 @@ use super::{
 use super::{HyperlightExit, Hypervisor, InterruptHandle, LinuxInterruptHandle, VirtualCPU};
 #[cfg(gdb)]
 use crate::HyperlightError;
-use crate::mem::memory_region::{MemoryRegion, MemoryRegionFlags};
+use crate::mem::bitmap::{bit_index_iterator, new_page_bitmap};
+use crate::mem::memory_region::{MemoryRegion, MemoryRegionFlags, MemoryRegionType};
 use crate::mem::ptr::{GuestPtr, RawPtr};
 use crate::sandbox::SandboxConfiguration;
 #[cfg(crashdump)]
@@ -284,7 +288,7 @@ mod debug {
 /// A Hypervisor driver for KVM on Linux
 pub(crate) struct KVMDriver {
     _kvm: Kvm,
-    _vm_fd: VmFd,
+    vm_fd: VmFd,
     vcpu_fd: VcpuFd,
     entrypoint: u64,
     orig_rsp: GuestPtr,
@@ -329,7 +333,7 @@ impl KVMDriver {
                 userspace_addr: region.host_region.start as u64,
                 flags: match perm_flags {
                     MemoryRegionFlags::READ => KVM_MEM_READONLY,
-                    _ => 0, // normal, RWX
+                    _ => KVM_MEM_LOG_DIRTY_PAGES, // normal, RWX
                 },
             };
             unsafe { vm_fd.set_user_memory_region(kvm_region) }
@@ -378,7 +382,7 @@ impl KVMDriver {
         #[allow(unused_mut)]
         let mut hv = Self {
             _kvm: kvm,
-            _vm_fd: vm_fd,
+            vm_fd,
             vcpu_fd,
             entrypoint,
             orig_rsp: rsp_gp,
@@ -719,6 +723,45 @@ impl Hypervisor for KVMDriver {
         self.interrupt_handle.clone()
     }
 
+    fn get_and_clear_dirty_pages(&mut self) -> Result<Vec<u64>> {
+        let mut page_indices = vec![];
+        let mut current_page = 0;
+        // Iterate over all memory regions and get the dirty pages for each region ignoring guard pages which cannot be dirty
+        for (i, mem_region) in self.mem_regions.iter().enumerate() {
+            let num_pages = mem_region.guest_region.len() / PAGE_SIZE_USIZE;
+            let bitmap = match mem_region.flags {
+                MemoryRegionFlags::READ => {
+                    // read-only page. It can never be dirty so return zero dirty pages.
+                    new_page_bitmap(mem_region.guest_region.len(), false)?
+                }
+                _ => {
+                    if mem_region.region_type == MemoryRegionType::GuardPage {
+                        //  Trying to get dirty pages for a guard page region results in a VMMSysError(2)
+                        new_page_bitmap(mem_region.guest_region.len(), false)?
+                    } else {
+                        // Get the dirty bitmap for the memory region
+                        self.vm_fd
+                            .get_dirty_log(i as u32, mem_region.guest_region.len())?
+                    }
+                }
+            };
+            for page_idx in bit_index_iterator(&bitmap) {
+                page_indices.push(current_page + page_idx);
+            }
+            current_page += num_pages;
+        }
+
+        // covert vec of page indices to vec of blocks
+        let mut res = new_page_bitmap(current_page * PAGE_SIZE_USIZE, false)?;
+        for page_idx in page_indices {
+            let block_idx = page_idx / PAGES_IN_BLOCK;
+            let bit_idx = page_idx % PAGES_IN_BLOCK;
+            res[block_idx] |= 1 << bit_idx;
+        }
+
+        Ok(res)
+    }
+
     #[cfg(crashdump)]
     fn crashdump_context(&self) -> Result<Option<crashdump::CrashDumpContext>> {
         if self.rt_cfg.guest_core_dump {

src/hyperlight_host/src/hypervisor/kvm.rs

@@ -187,6 +187,11 @@ pub(crate) trait Hypervisor: Debug + Sync + Send {
         None
     }
 
+    /// Get dirty pages as a bitmap (Vec<u64>).
+    /// Each bit in a u64 represents a page.
+    /// This also clears the bitflags, marking the pages as non-dirty.
+    fn get_and_clear_dirty_pages(&mut self) -> Result<Vec<u64>>;
+
     /// Get InterruptHandle to underlying VM
     fn interrupt_handle(&self) -> Arc<dyn InterruptHandle>;
 
@@ -548,12 +553,14 @@ pub(crate) mod tests {
         let rt_cfg: SandboxRuntimeConfig = Default::default();
         let sandbox =
             UninitializedSandbox::new(GuestBinary::FilePath(filename.clone()), Some(config))?;
+        let tracker = sandbox.tracker;
         let (_hshm, mut gshm) = sandbox.mgr.build();
         let mut vm = set_up_hypervisor_partition(
             &mut gshm,
             &config,
             #[cfg(any(crashdump, gdb))]
             &rt_cfg,
+            tracker,
         )?;
         vm.initialise(
             RawPtr::from(0x230000),

src/hyperlight_host/src/hypervisor/mod.rs

@@ -0,0 +1,177 @@
+use std::cmp::Ordering;
+
+use hyperlight_common::mem::{PAGE_SIZE_USIZE, PAGES_IN_BLOCK};
+
+use crate::{Result, log_then_return};
+
+// Contains various helper functions for dealing with bitmaps.
+
+/// Returns a new bitmap of pages. If `init_dirty` is true, all pages are marked as dirty, otherwise all pages are clean.
+/// Will return an error if given size is 0.
+pub fn new_page_bitmap(size_in_bytes: usize, init_dirty: bool) -> Result<Vec<u64>> {
+    if size_in_bytes == 0 {
+        log_then_return!("Tried to create a bitmap with size 0.");
+    }
+    let num_pages = size_in_bytes.div_ceil(PAGE_SIZE_USIZE);
+    let num_blocks = num_pages.div_ceil(PAGES_IN_BLOCK);
+    match init_dirty {
+        false => Ok(vec![0; num_blocks]),
+        true => {
+            let mut bitmap = vec![!0u64; num_blocks]; // all pages are dirty
+            let num_unused_bits = num_blocks * PAGES_IN_BLOCK - num_pages;
+            // set the unused bits to 0, could cause problems otherwise
+            let last_block = bitmap.last_mut().unwrap(); // unwrap is safe since size_in_bytes>0
+            *last_block >>= num_unused_bits;
+            Ok(bitmap)
+        }
+    }
+}
+
+/// Returns the union (bitwise OR) of two bitmaps. The resulting bitmap will have the same length
+/// as the longer of the two input bitmaps.
+pub(crate) fn bitmap_union(bitmap: &[u64], other_bitmap: &[u64]) -> Vec<u64> {
+    let min_len = bitmap.len().min(other_bitmap.len());
+    let max_len = bitmap.len().max(other_bitmap.len());
+
+    let mut result = vec![0; max_len];
+
+    for i in 0..min_len {
+        result[i] = bitmap[i] | other_bitmap[i];
+    }
+
+    match bitmap.len().cmp(&other_bitmap.len()) {
+        Ordering::Greater => {
+            result[min_len..].copy_from_slice(&bitmap[min_len..]);
+        }
+        Ordering::Less => {
+            result[min_len..].copy_from_slice(&other_bitmap[min_len..]);
+        }
+        Ordering::Equal => {}
+    }
+
+    result
+}
+
+// Used as a helper struct to implement an iterator on.
+struct SetBitIndices<'a> {
+    bitmap: &'a [u64],
+    block_index: usize, // one block is 1 u64, which is 64 pages
+    current: u64,       // the current block we are iterating over, or 0 if first iteration
+}
+
+/// Iterates over the zero-based indices of the set bits in the given bitmap.
+pub(crate) fn bit_index_iterator(bitmap: &[u64]) -> impl Iterator<Item = usize> + '_ {
+    SetBitIndices {
+        bitmap,
+        block_index: 0,
+        current: 0,
+    }
+}
+
+impl Iterator for SetBitIndices<'_> {
+    type Item = usize;
+
+    fn next(&mut self) -> Option<Self::Item> {
+        while self.current == 0 {
+            // will always enter this on first iteration because current is initialized to 0
+            if self.block_index >= self.bitmap.len() {
+                // no more blocks to iterate over
+                return None;
+            }
+            self.current = self.bitmap[self.block_index];
+            self.block_index += 1;
+        }
+        let trailing_zeros = self.current.trailing_zeros();
+        self.current &= self.current - 1; // Clear the least significant set bit
+        Some((self.block_index - 1) * 64 + trailing_zeros as usize) // block_index guaranteed to be > 0 at this point
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use hyperlight_common::mem::PAGE_SIZE_USIZE;
+
+    use crate::Result;
+    use crate::mem::bitmap::{bit_index_iterator, bitmap_union, new_page_bitmap};
+
+    #[test]
+    fn new_page_bitmap_test() -> Result<()> {
+        let bitmap = new_page_bitmap(1, false)?;
+        assert_eq!(bitmap.len(), 1);
+        assert_eq!(bitmap[0], 0);
+
+        let bitmap = new_page_bitmap(1, true)?;
+        assert_eq!(bitmap.len(), 1);
+        assert_eq!(bitmap[0], 1);
+
+        let bitmap = new_page_bitmap(32 * PAGE_SIZE_USIZE, false)?;
+        assert_eq!(bitmap.len(), 1);
+        assert_eq!(bitmap[0], 0);
+
+        let bitmap = new_page_bitmap(32 * PAGE_SIZE_USIZE, true)?;
+        assert_eq!(bitmap.len(), 1);
+        assert_eq!(bitmap[0], 0x0000_0000_FFFF_FFFF);
+        Ok(())
+    }
+
+    #[test]
+    fn page_iterator() {
+        let data = vec![0b1000010100, 0b01, 0b100000000000000011];
+        let mut iter = bit_index_iterator(&data);
+        assert_eq!(iter.next(), Some(2));
+        assert_eq!(iter.next(), Some(4));
+        assert_eq!(iter.next(), Some(9));
+        assert_eq!(iter.next(), Some(64));
+        assert_eq!(iter.next(), Some(128));
+        assert_eq!(iter.next(), Some(129));
+        assert_eq!(iter.next(), Some(145));
+        assert_eq!(iter.next(), None);
+
+        let data_2 = vec![0, 0, 0];
+        let mut iter_2 = bit_index_iterator(&data_2);
+        assert_eq!(iter_2.next(), None);
+
+        let data_3 = vec![0, 0, 0b1, 1 << 63];
+        let mut iter_3 = bit_index_iterator(&data_3);
+        assert_eq!(iter_3.next(), Some(128));
+        assert_eq!(iter_3.next(), Some(255));
+        assert_eq!(iter_3.next(), None);
+
+        let data_4 = vec![];
+        let mut iter_4 = bit_index_iterator(&data_4);
+        assert_eq!(iter_4.next(), None);
+    }
+
+    #[test]
+    fn union() -> Result<()> {
+        let a = 0b1000010100;
+        let b = 0b01;
+        let c = 0b100000000000000011;
+        let d = 0b101010100000011000000011;
+        let e = 0b000000000000001000000000000000000000;
+        let f = 0b100000000000000001010000000001010100000000000;
+        let bitmap = vec![a, b, c];
+        let other_bitmap = vec![d, e, f];
+        let union = bitmap_union(&bitmap, &other_bitmap);
+        assert_eq!(union, vec![a | d, b | e, c | f]);
+
+        // different length
+        let union = bitmap_union(&[a], &[d, e, f]);
+        assert_eq!(union, vec![a | d, e, f]);
+
+        let union = bitmap_union(&[a, b, c], &[d]);
+        assert_eq!(union, vec![a | d, b, c]);
+
+        let union = bitmap_union(&[], &[d, e]);
+        assert_eq!(union, vec![d, e]);
+
+        let union = bitmap_union(&[a, b, c], &[]);
+        assert_eq!(union, vec![a, b, c]);
+
+        let union = bitmap_union(&[], &[]);
+        let empty: Vec<u64> = vec![];
+        assert_eq!(union, empty);
+
+        Ok(())
+    }
+}