tmp (x2)

Signed-off-by: danbugs <[email protected]>

Author: danbugs

src/hyperlight_host/src/hypervisor/hyperv_linux.rs

@@ -26,12 +26,11 @@ extern crate mshv_ioctls3 as mshv_ioctls;
 
 use std::fmt::{Debug, Formatter};
 
-use log::error;
 #[cfg(mshv2)]
 use mshv_bindings::hv_message;
 use mshv_bindings::{
     hv_message_type, hv_message_type_HVMSG_GPA_INTERCEPT, hv_message_type_HVMSG_UNMAPPED_GPA,
-    hv_message_type_HVMSG_X64_HALT, hv_message_type_HVMSG_X64_IO_PORT_INTERCEPT, mshv_user_mem_region,
+    hv_message_type_HVMSG_X64_HALT, hv_message_type_HVMSG_X64_IO_PORT_INTERCEPT,
     SegmentRegister, SpecialRegisters, StandardRegisters,
 };
 #[cfg(mshv3)]
@@ -51,9 +50,9 @@ use super::{
 };
 use crate::hypervisor::hypervisor_handler::HypervisorHandler;
 use crate::hypervisor::HyperlightExit;
-use crate::mem::memory_region::{MemoryRegion, MemoryRegionFlags};
 use crate::mem::ptr::GuestPtr;
 use crate::{log_then_return, Result};
+use crate::sandbox::sandbox_builder::SandboxMemorySections;
 
 /// Determine whether the HyperV for Linux hypervisor API is present
 /// and functional.
@@ -77,10 +76,11 @@ pub(crate) fn is_hypervisor_present() -> bool {
 /// called the Microsoft Hypervisor (MSHV)
 pub(super) struct HypervLinuxDriver {
     _mshv: Mshv,
-    vm_fd: VmFd,
+    // TODO(danbugs:297): bring back
+    _vm_fd: VmFd,
     vcpu_fd: VcpuFd,
     entrypoint: u64,
-    mem_regions: Vec<MemoryRegion>,
+    mem_sections: SandboxMemorySections,
     orig_rsp: GuestPtr,
 }
 
@@ -95,17 +95,17 @@ impl HypervLinuxDriver {
     /// `initialise` to do it for you.
     #[instrument(skip_all, parent = Span::current(), level = "Trace")]
     pub(super) fn new(
-        mem_regions: Vec<MemoryRegion>,
+        mem_sections: SandboxMemorySections,
         entrypoint_ptr: GuestPtr,
         rsp_ptr: GuestPtr,
         pml4_ptr: GuestPtr,
     ) -> Result<Self> {
         let mshv = Mshv::new()?;
         let pr = Default::default();
         #[cfg(mshv2)]
-        let vm_fd = mshv.create_vm_with_config(&pr)?;
+        let _vm_fd = mshv.create_vm_with_config(&pr)?;
         #[cfg(mshv3)]
-        let vm_fd = {
+        let _vm_fd = {
             // It's important to avoid create_vm() and explicitly use
             // create_vm_with_args() with an empty arguments structure
             // here, because otherwise the partition is set up with a SynIC.
@@ -120,20 +120,21 @@ impl HypervLinuxDriver {
             vm_fd
         };
 
-        let mut vcpu_fd = vm_fd.create_vcpu(0)?;
+        let mut vcpu_fd = _vm_fd.create_vcpu(0)?;
 
-        mem_regions.iter().try_for_each(|region| {
-            let mshv_region = region.to_owned().into();
-            vm_fd.map_user_memory(mshv_region)
-        })?;
+        // TODO(danbugs:297): bring back
+        // mem_sections.iter().try_for_each(|region| {
+        //     let mshv_region = region.to_owned().into();
+        //     vm_fd.map_user_memory(mshv_region)
+        // })?;
 
         Self::setup_initial_sregs(&mut vcpu_fd, pml4_ptr.absolute()?)?;
 
         Ok(Self {
             _mshv: mshv,
-            vm_fd,
+            _vm_fd,
             vcpu_fd,
-            mem_regions,
+            mem_sections,
             entrypoint: entrypoint_ptr.absolute()?,
             orig_rsp: rsp_ptr,
         })
@@ -173,7 +174,7 @@ impl Debug for HypervLinuxDriver {
         f.field("Entrypoint", &self.entrypoint)
             .field("Original RSP", &self.orig_rsp);
 
-        for region in &self.mem_regions {
+        for region in self.mem_sections.iter() {
             f.field("Memory Region", &region);
         }
 
@@ -359,20 +360,24 @@ impl Hypervisor for HypervLinuxDriver {
                 INVALID_GPA_ACCESS_MESSAGE => {
                     let mimo_message = m.to_memory_info()?;
                     let gpa = mimo_message.guest_physical_address;
-                    let access_info = MemoryRegionFlags::try_from(mimo_message)?;
+                    // TODO(danbugs:297): bring back
+                    // let access_info = MemoryRegionFlags::try_from(mimo_message)?;
                     crate::debug!(
                         "mshv MMIO invalid GPA access -Details: Address: {} \n {:#?}",
                         gpa,
                         &self
                     );
-                    match self.get_memory_access_violation(
-                        gpa as usize,
-                        &self.mem_regions,
-                        access_info,
-                    ) {
-                        Some(access_info_violation) => access_info_violation,
-                        None => HyperlightExit::Mmio(gpa),
-                    }
+                    // TODO(danbugs:297): bring back
+                    // match self.get_memory_access_violation(
+                    //     gpa as usize,
+                    //     &self.mem_regions,
+                    //     access_info,
+                    // ) {
+                    //     Some(access_info_violation) => access_info_violation,
+                    //     None => HyperlightExit::Mmio(gpa),
+                    // }
+
+                    HyperlightExit::Mmio(gpa)
                 }
                 other => {
                     crate::debug!("mshv Other Exit: Exit: {:#?} \n {:#?}", other, &self);
@@ -399,22 +404,23 @@ impl Hypervisor for HypervLinuxDriver {
 
     #[cfg(crashdump)]
     fn get_memory_regions(&self) -> &[MemoryRegion] {
-        &self.mem_regions
+        &self.mem_sections
     }
 }
 
-impl Drop for HypervLinuxDriver {
-    #[instrument(skip_all, parent = Span::current(), level = "Trace")]
-    fn drop(&mut self) {
-        for region in &self.mem_regions {
-            let mshv_region: mshv_user_mem_region = region.to_owned().into();
-            match self.vm_fd.unmap_user_memory(mshv_region) {
-                Ok(_) => (),
-                Err(e) => error!("Failed to unmap user memory in HyperVOnLinux ({:?})", e),
-            }
-        }
-    }
-}
+// TODO(danbugs:297): bring back
+// impl Drop for HypervLinuxDriver {
+//     #[instrument(skip_all, parent = Span::current(), level = "Trace")]
+//     fn drop(&mut self) {
+//         for region in self.mem_sections.iter() {
+//             let mshv_region: mshv_user_mem_region = region.to_owned().into();
+//             match self.vm_fd.unmap_user_memory(mshv_region) {
+//                 Ok(_) => (),
+//                 Err(e) => error!("Failed to unmap user memory in HyperVOnLinux ({:?})", e),
+//             }
+//         }
+//     }
+// }
 
 // TODO(danbugs:297): bring back
 // #[cfg(test)]

src/hyperlight_host/src/hypervisor/hypervisor_handler.rs

@@ -47,7 +47,7 @@ use crate::hypervisor::wrappers::HandleWrapper;
 use crate::hypervisor::Hypervisor;
 use crate::mem::mgr::SandboxMemoryManager;
 use crate::mem::ptr::{GuestPtr, RawPtr};
-use crate::mem::shared_mem::{GuestSharedMemory, HostSharedMemory, SharedMemory};
+use crate::mem::shared_mem::{GuestSharedMemory, HostSharedMemory};
 #[cfg(gdb)]
 use crate::sandbox::config::DebugInfo;
 use crate::sandbox::hypervisor::{get_available_hypervisor, HypervisorType};
@@ -853,15 +853,13 @@ fn set_up_hypervisor_partition(
     mgr: &mut SandboxMemoryManager<GuestSharedMemory>,
     #[cfg(gdb)] debug_info: &Option<DebugInfo>,
 ) -> Result<Box<dyn Hypervisor>> {
-    let mem_size = u64::try_from(mgr.shared_mem.mem_size())?;
-    let mut regions = mgr.layout.get_memory_regions(&mgr.shared_mem)?;
-    mgr.set_up_shared_memory(mem_size, &mut regions)?;
+    mgr.set_up_shared_memory()?;
+    let memory_sections = mgr.memory_sections.clone();
 
-    // TODO(danbugs:297) rsp is set at the top of custom guest memory, we should potentially still
-    // set this up.
-    let rsp_ptr = GuestPtr::try_from(RawPtr::from((mgr.layout.custom_guest_memory_offset + mgr.layout.custom_guest_memory_size) as u64))?;
+    let rsp_ptr = GuestPtr::try_from(RawPtr::from(mgr.init_rsp))?;
 
-    let pml4_ptr = GuestPtr::try_from(Offset::from(mgr.layout.get_pml4_offset() as u64))?;
+    // TODO(danbugs:297): change unwrap to proper error handling informing paging isn't set up.
+    let pml4_ptr = GuestPtr::try_from(Offset::from(mgr.memory_sections.get_paging_structures_offset().unwrap() as u64))?;
     let entrypoint_ptr = {
         let entrypoint_total_offset = mgr.load_addr.clone() + mgr.entrypoint_exe_offset;
         GuestPtr::try_from(entrypoint_total_offset)
@@ -915,7 +913,7 @@ fn set_up_hypervisor_partition(
             #[cfg(mshv)]
             Some(HypervisorType::Mshv) => {
                 let hv = crate::hypervisor::hyperv_linux::HypervLinuxDriver::new(
-                    regions,
+                    memory_sections,
                     entrypoint_ptr,
                     rsp_ptr,
                     pml4_ptr,
@@ -926,7 +924,7 @@ fn set_up_hypervisor_partition(
             #[cfg(kvm)]
             Some(HypervisorType::Kvm) => {
                 let hv = crate::hypervisor::kvm::KVMDriver::new(
-                    regions,
+                    memory_sections,
                     pml4_ptr.absolute()?,
                     entrypoint_ptr.absolute()?,
                     rsp_ptr.absolute()?,
@@ -942,7 +940,7 @@ fn set_up_hypervisor_partition(
                     .shared_mem
                     .with_exclusivity(|e| e.get_mmap_file_handle())?;
                 let hv = crate::hypervisor::hyperv_windows::HypervWindowsDriver::new(
-                    regions,
+                    memory_sections,
                     mgr.shared_mem.raw_mem_size(), // we use raw_* here because windows driver requires 64K aligned addresses,
                     mgr.shared_mem.raw_ptr() as *mut c_void, // and instead convert it to base_addr where needed in the driver itself
                     pml4_ptr.absolute()?,

src/hyperlight_host/src/hypervisor/kvm.rs

@@ -33,11 +33,12 @@ use super::{
     CR4_OSFXSR, CR4_OSXMMEXCPT, CR4_PAE, EFER_LMA, EFER_LME, EFER_NX, EFER_SCE,
 };
 use crate::hypervisor::hypervisor_handler::HypervisorHandler;
-use crate::mem::memory_region::{MemoryRegion, MemoryRegionFlags};
+use crate::mem::memory_region::MemoryRegionFlags;
 use crate::mem::ptr::{GuestPtr, RawPtr};
 #[cfg(gdb)]
 use crate::HyperlightError;
 use crate::{log_then_return, Result};
+use crate::sandbox::sandbox_builder::SandboxMemorySections;
 
 /// Return `true` if the KVM API is available, version 12, and has UserMemory capability, or `false` otherwise
 #[instrument(skip_all, parent = Span::current(), level = "Trace")]
@@ -76,8 +77,8 @@ mod debug {
     use super::KVMDriver;
     use crate::hypervisor::gdb::{DebugMsg, DebugResponse, VcpuStopReason, X86_64Regs};
     use crate::hypervisor::handlers::DbgMemAccessHandlerCaller;
-    use crate::mem::layout::SandboxMemoryLayout;
     use crate::{new_error, HyperlightError, Result};
+    use crate::sandbox::sandbox_builder::BASE_ADDRESS;
 
     /// Software Breakpoint size in memory
     pub const SW_BP_SIZE: usize = 1;
@@ -244,7 +245,7 @@ mod debug {
                     data.len(),
                     (PAGE_SIZE - (gpa & (PAGE_SIZE - 1))).try_into().unwrap(),
                 );
-                let offset = gpa as usize - SandboxMemoryLayout::BASE_ADDRESS;
+                let offset = gpa as usize - BASE_ADDRESS;
 
                 dbg_mem_access_fn
                     .try_lock()
@@ -274,7 +275,7 @@ mod debug {
                     data.len(),
                     (PAGE_SIZE - (gpa & (PAGE_SIZE - 1))).try_into().unwrap(),
                 );
-                let offset = gpa as usize - SandboxMemoryLayout::BASE_ADDRESS;
+                let offset = gpa as usize - BASE_ADDRESS;
 
                 dbg_mem_access_fn
                     .try_lock()
@@ -576,7 +577,7 @@ pub(super) struct KVMDriver {
     vcpu_fd: VcpuFd,
     orig_rsp: GuestPtr,
     entrypoint_ptr: u64,
-    mem_regions: Vec<MemoryRegion>,
+    mem_sections: SandboxMemorySections,
 
     #[cfg(gdb)]
     debug: Option<debug::KvmDebug>,
@@ -590,7 +591,7 @@ impl KVMDriver {
     /// be called to do so.
     #[instrument(err(Debug), skip_all, parent = Span::current(), level = "Trace")]
     pub(super) fn new(
-        mem_regions: Vec<MemoryRegion>,
+        mem_sections: SandboxMemorySections,
         rsp_ptr: u64,
         pml4_addr: u64,
         entrypoint: u64,
@@ -603,13 +604,13 @@ impl KVMDriver {
         let perm_flags =
             MemoryRegionFlags::READ | MemoryRegionFlags::WRITE | MemoryRegionFlags::EXECUTE;
 
-        mem_regions.iter().enumerate().try_for_each(|(i, region)| {
-            let perm_flags = perm_flags.intersection(region.flags);
+        mem_sections.iter().enumerate().try_for_each(|(i, region)| {
+            let perm_flags = perm_flags.intersection(region.1.flags);
             let kvm_region = kvm_userspace_memory_region {
                 slot: i as u32,
-                guest_phys_addr: region.guest_region.start as u64,
-                memory_size: (region.guest_region.end - region.guest_region.start) as u64,
-                userspace_addr: region.host_region.start as u64,
+                guest_phys_addr: region.1.page_aligned_guest_offset as u64,
+                memory_size: region.1.page_aligned_size as u64,
+                userspace_addr: region.1.host_address.unwrap() as u64,
                 flags: match perm_flags {
                     MemoryRegionFlags::READ => KVM_MEM_READONLY,
                     _ => 0, // normal, RWX
@@ -636,7 +637,7 @@ impl KVMDriver {
             orig_rsp: rsp_gp,
             vcpu_fd,
             entrypoint_ptr: entrypoint,
-            mem_regions,
+            mem_sections: mem_sections,
 
             #[cfg(gdb)]
             debug,
@@ -669,7 +670,7 @@ impl Debug for KVMDriver {
         let mut f = f.debug_struct("KVM Driver");
         // Output each memory region
 
-        for region in &self.mem_regions {
+        for region in self.mem_sections.sections.iter() {
             f.field("Memory Region", &region);
         }
         let regs = self.vcpu_fd.get_regs();
@@ -822,26 +823,32 @@ impl Hypervisor for KVMDriver {
             Ok(VcpuExit::MmioRead(addr, _)) => {
                 crate::debug!("KVM MMIO Read -Details: Address: {} \n {:#?}", addr, &self);
 
-                match self.get_memory_access_violation(
-                    addr as usize,
-                    &self.mem_regions,
-                    MemoryRegionFlags::READ,
-                ) {
-                    Some(access_violation_exit) => access_violation_exit,
-                    None => HyperlightExit::Mmio(addr),
-                }
+                // TODO(danbugs:297): bring back
+                // match self.get_memory_access_violation(
+                //     addr as usize,
+                //     &self.mem_sections,
+                //     MemoryRegionFlags::READ,
+                // ) {
+                //     Some(access_violation_exit) => access_violation_exit,
+                //     None => HyperlightExit::Mmio(addr),
+                // }
+
+                HyperlightExit::Mmio(addr)
             }
             Ok(VcpuExit::MmioWrite(addr, _)) => {
                 crate::debug!("KVM MMIO Write -Details: Address: {} \n {:#?}", addr, &self);
 
-                match self.get_memory_access_violation(
-                    addr as usize,
-                    &self.mem_regions,
-                    MemoryRegionFlags::WRITE,
-                ) {
-                    Some(access_violation_exit) => access_violation_exit,
-                    None => HyperlightExit::Mmio(addr),
-                }
+                // TODO(danbugs:297): bring back
+                // match self.get_memory_access_violation(
+                //     addr as usize,
+                //     &self.mem_sections,
+                //     MemoryRegionFlags::WRITE,
+                // ) {
+                //     Some(access_violation_exit) => access_violation_exit,
+                //     None => HyperlightExit::Mmio(addr),
+                // }
+
+                HyperlightExit::Mmio(addr)
             }
             #[cfg(gdb)]
             Ok(VcpuExit::Debug(_)) => match self.get_stop_reason() {
@@ -880,7 +887,7 @@ impl Hypervisor for KVMDriver {
 
     #[cfg(crashdump)]
     fn get_memory_regions(&self) -> &[MemoryRegion] {
-        &self.mem_regions
+        &self.mem_sections
     }
 
     #[cfg(gdb)]