Fix issues with using CreateMapViewOfFile with inprocess feature (#234)

simongdavies · web-flow · commit 98b1011b8a33 · 2025-02-05T14:37:49.000-08:00
Signed-off-by: Simon Davies &lt;simongdavies@users.noreply.github.com&gt;
diff --git a/src/hyperlight_host/src/hypervisor/hypervisor_handler.rs b/src/hyperlight_host/src/hypervisor/hypervisor_handler.rs
@@ -871,7 +871,7 @@ fn set_up_hypervisor_partition(
                     leaked_outb_wrapper,
                 })?;
                 Ok(Box::new(hv))
-            } else if #[cfg(feature = "inprocess")]{
+            } else if #[cfg(inprocess)]{
                 // in-process feature, but not debug build
                 log_then_return!("In-process mode is only available on debug-builds");
             } else if #[cfg(debug_assertions)] {
@@ -937,6 +937,8 @@ mod tests {
     use hyperlight_common::flatbuffer_wrappers::function_types::{ParameterValue, ReturnType};
     use hyperlight_testing::simple_guest_as_string;
 
+    #[cfg(target_os = "windows")]
+    use crate::sandbox::SandboxConfiguration;
     use crate::sandbox::WrapperGetter;
     use crate::sandbox_state::sandbox::EvolvableSandbox;
     use crate::sandbox_state::transition::Noop;
@@ -950,9 +952,26 @@ mod tests {
         if !is_hypervisor_present() {
             panic!("Panic on create_multi_use_sandbox because no hypervisor is present");
         }
+
+        // Tests that use this function seem to fail with timeouts sporadically on windows so timeouts are raised here
+
+        let cfg = {
+            #[cfg(target_os = "windows")]
+            {
+                let mut cfg = SandboxConfiguration::default();
+                cfg.set_max_initialization_time(std::time::Duration::from_secs(10));
+                cfg.set_max_execution_time(std::time::Duration::from_secs(3));
+                Some(cfg)
+            }
+            #[cfg(not(target_os = "windows"))]
+            {
+                None
+            }
+        };
+
         let usbox = UninitializedSandbox::new(
             GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),
-            None,
+            cfg,
             None,
             None,
         )
diff --git a/src/hyperlight_host/src/mem/shared_mem.rs b/src/hyperlight_host/src/mem/shared_mem.rs
@@ -27,12 +27,18 @@ use tracing::{instrument, Span};
 use windows::core::PCSTR;
 #[cfg(target_os = "windows")]
 use windows::Win32::Foundation::{CloseHandle, HANDLE, INVALID_HANDLE_VALUE};
+#[cfg(all(target_os = "windows", inprocess))]
+use windows::Win32::System::Memory::FILE_MAP_EXECUTE;
+#[cfg(all(target_os = "windows", not(inprocess)))]
+use windows::Win32::System::Memory::PAGE_READWRITE;
 #[cfg(target_os = "windows")]
 use windows::Win32::System::Memory::{
     CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, VirtualProtect, FILE_MAP_ALL_ACCESS,
-    MEMORY_MAPPED_VIEW_ADDRESS, PAGE_EXECUTE_READWRITE, PAGE_PROTECTION_FLAGS, PAGE_READWRITE,
+    MEMORY_MAPPED_VIEW_ADDRESS, PAGE_EXECUTE_READWRITE, PAGE_NOACCESS, PAGE_PROTECTION_FLAGS,
 };
 
+#[cfg(target_os = "windows")]
+use crate::HyperlightError::MemoryAllocationFailed;
 #[cfg(target_os = "windows")]
 use crate::HyperlightError::{MemoryRequestTooBig, WindowsAPIError};
 use crate::{log_then_return, new_error, Result};
@@ -388,12 +394,6 @@ impl ExclusiveSharedMemory {
     #[cfg(target_os = "windows")]
     #[instrument(skip_all, parent = Span::current(), level= "Trace")]
     pub fn new(min_size_bytes: usize) -> Result<Self> {
-        #[cfg(inprocess)]
-        use windows::Win32::System::Memory::FILE_MAP_EXECUTE;
-        use windows::Win32::System::Memory::{PAGE_NOACCESS, PAGE_PROTECTION_FLAGS};
-
-        use crate::HyperlightError::MemoryAllocationFailed;
-
         if min_size_bytes == 0 {
             return Err(new_error!("Cannot create shared memory with size 0"));
         }
@@ -425,22 +425,36 @@ impl ExclusiveSharedMemory {
 
         // Allocate the memory use CreateFileMapping instead of VirtualAlloc
         // This allows us to map the memory into the surrogate process using MapViewOfFile2
+
+        #[cfg(not(inprocess))]
+        let flags = PAGE_READWRITE;
+        #[cfg(inprocess)]
+        let flags = PAGE_EXECUTE_READWRITE;
+
         let handle = unsafe {
             CreateFileMappingA(
                 INVALID_HANDLE_VALUE,
                 None,
-                PAGE_READWRITE,
+                flags,
                 dwmaximumsizehigh,
                 dwmaximumsizelow,
                 PCSTR::null(),
             )?
         };
 
-        #[cfg(inprocess)]
-        let addr =
-            unsafe { MapViewOfFile(handle, FILE_MAP_ALL_ACCESS | FILE_MAP_EXECUTE, 0, 0, 0) };
+        if handle.is_invalid() {
+            log_then_return!(MemoryAllocationFailed(
+                Error::last_os_error().raw_os_error()
+            ));
+        }
+
         #[cfg(not(inprocess))]
-        let addr = unsafe { MapViewOfFile(handle, FILE_MAP_ALL_ACCESS, 0, 0, 0) };
+        let file_map = FILE_MAP_ALL_ACCESS;
+        #[cfg(inprocess)]
+        let file_map = FILE_MAP_ALL_ACCESS | FILE_MAP_EXECUTE;
+
+        let addr = unsafe { MapViewOfFile(handle, file_map, 0, 0, 0) };
+
         if addr.Value.is_null() {
             log_then_return!(MemoryAllocationFailed(
                 Error::last_os_error().raw_os_error()
