add memory mapping support with kvm

jprendes · jprendes · commit 0994d3e2a30e · 2025-07-10T11:09:13.000+01:00
Signed-off-by: Jorge Prendes &lt;jorge.prendes@gmail.com&gt;
diff --git a/src/hyperlight_host/src/hypervisor/kvm.rs b/src/hyperlight_host/src/hypervisor/kvm.rs
@@ -284,7 +284,8 @@ mod debug {
 /// A Hypervisor driver for KVM on Linux
 pub(crate) struct KVMDriver {
     _kvm: Kvm,
-    _vm_fd: VmFd,
+    vm_fd: VmFd,
+    page_size: usize,
     vcpu_fd: VcpuFd,
     entrypoint: u64,
     orig_rsp: GuestPtr,
@@ -317,21 +318,8 @@ impl KVMDriver {
 
         let vm_fd = kvm.create_vm_with_type(0)?;
 
-        let perm_flags =
-            MemoryRegionFlags::READ | MemoryRegionFlags::WRITE | MemoryRegionFlags::EXECUTE;
-
         mem_regions.iter().enumerate().try_for_each(|(i, region)| {
-            let perm_flags = perm_flags.intersection(region.flags);
-            let kvm_region = kvm_userspace_memory_region {
-                slot: i as u32,
-                guest_phys_addr: region.guest_region.start as u64,
-                memory_size: (region.guest_region.end - region.guest_region.start) as u64,
-                userspace_addr: region.host_region.start as u64,
-                flags: match perm_flags {
-                    MemoryRegionFlags::READ => KVM_MEM_READONLY,
-                    _ => 0, // normal, RWX
-                },
-            };
+            let kvm_region = mem_region_to_kvm_region(region, i);
             unsafe { vm_fd.set_user_memory_region(kvm_region) }
         })?;
 
@@ -378,7 +366,8 @@ impl KVMDriver {
         #[allow(unused_mut)]
         let mut hv = Self {
             _kvm: kvm,
-            _vm_fd: vm_fd,
+            vm_fd,
+            page_size: 0,
             vcpu_fd,
             entrypoint,
             orig_rsp: rsp_gp,
@@ -463,6 +452,8 @@ impl Hypervisor for KVMDriver {
         max_guest_log_level: Option<LevelFilter>,
         #[cfg(gdb)] dbg_mem_access_fn: DbgMemAccessHandlerWrapper,
     ) -> Result<()> {
+        self.page_size = page_size as usize;
+
         let max_guest_log_level: u64 = match max_guest_log_level {
             Some(level) => level as u64,
             None => self.get_max_log_level().into(),
@@ -494,16 +485,39 @@ impl Hypervisor for KVMDriver {
     }
 
     #[instrument(err(Debug), skip_all, parent = Span::current(), level = "Trace")]
-    unsafe fn map_region(&mut self, _rgn: &MemoryRegion) -> Result<()> {
-        log_then_return!("Mapping host memory into the guest not yet supported on this platform");
+    unsafe fn map_region(&mut self, region: &MemoryRegion) -> Result<()> {
+        if [
+            region.guest_region.start,
+            region.guest_region.end,
+            region.host_region.start,
+            region.host_region.end,
+        ]
+        .iter()
+        .any(|x| x % self.page_size != 0)
+        {
+            log_then_return!(
+                "region is not page-aligned {:x}, {region:?}",
+                self.page_size
+            );
+        }
+
+        let slot = self.mem_regions.len();
+        let kvm_region = mem_region_to_kvm_region(region, slot);
+        unsafe { self.vm_fd.set_user_memory_region(kvm_region) }?;
+        self.mem_regions.push(region.to_owned());
+        Ok(())
     }
 
     #[instrument(err(Debug), skip_all, parent = Span::current(), level = "Trace")]
     unsafe fn unmap_regions(&mut self, n: u64) -> Result<()> {
-        if n > 0 {
-            log_then_return!(
-                "Mapping host memory into the guest not yet supported on this platform"
-            );
+        let n_keep = self.mem_regions.len() - n as usize;
+        for (k, region) in self.mem_regions.split_off(n_keep).iter().enumerate() {
+            let mut kvm_region = mem_region_to_kvm_region(region, n_keep + k);
+            // Setting memory_size to 0 unmaps the slot's region
+            // From https://docs.kernel.org/virt/kvm/api.html
+            // > Deleting a slot is done by passing zero for memory_size.
+            kvm_region.memory_size = 0;
+            unsafe { self.vm_fd.set_user_memory_region(kvm_region) }?;
         }
         Ok(())
     }
@@ -938,3 +952,21 @@ impl Drop for KVMDriver {
         self.interrupt_handle.dropped.store(true, Ordering::Relaxed);
     }
 }
+
+fn mem_region_to_kvm_region(region: &MemoryRegion, slot: usize) -> kvm_userspace_memory_region {
+    let perm_flags =
+        MemoryRegionFlags::READ | MemoryRegionFlags::WRITE | MemoryRegionFlags::EXECUTE;
+
+    let perm_flags = perm_flags.intersection(region.flags);
+
+    kvm_userspace_memory_region {
+        slot: slot as u32,
+        guest_phys_addr: region.guest_region.start as u64,
+        memory_size: (region.guest_region.end - region.guest_region.start) as u64,
+        userspace_addr: region.host_region.start as u64,
+        flags: match perm_flags {
+            MemoryRegionFlags::READ => KVM_MEM_READONLY,
+            _ => 0, // normal, RWX
+        },
+    }
+}
diff --git a/src/hyperlight_host/src/sandbox/initialized_multi_use.rs b/src/hyperlight_host/src/sandbox/initialized_multi_use.rs
@@ -402,6 +402,8 @@ mod tests {
     use hyperlight_testing::simple_guest_as_string;
 
     use crate::func::call_ctx::MultiUseGuestCallContext;
+    #[cfg(target_os = "linux")]
+    use crate::mem::memory_region::{MemoryRegion, MemoryRegionFlags, MemoryRegionType};
     use crate::sandbox::{Callable, SandboxConfiguration};
     use crate::sandbox_state::sandbox::{DevolvableSandbox, EvolvableSandbox};
     use crate::sandbox_state::transition::{MultiUseContextCallback, Noop};
@@ -693,4 +695,60 @@ mod tests {
             handle.join().unwrap();
         }
     }
+
+    #[cfg(target_os = "linux")]
+    #[test]
+    fn test_mmap() {
+        let mut sbox = UninitializedSandbox::new(
+            GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),
+            None,
+        )
+        .unwrap()
+        .evolve(Noop::default())
+        .unwrap();
+
+        let expected = b"hello world";
+        let data = page_aligned_buffer(expected);
+        let guest_base = 0x1_0000_0000; // Arbitrary guest base address
+
+        unsafe {
+            sbox.map_region(&region_for_buffer(&data, guest_base))
+                .unwrap();
+        }
+
+        let data: Vec<u8> = sbox
+            .call_guest_function_by_name(
+                "ReadMappedBuffer",
+                (guest_base as u64, expected.len() as u64),
+            )
+            .unwrap();
+
+        assert_eq!(data, expected);
+    }
+
+    #[cfg(target_os = "linux")]
+    fn page_aligned_buffer(src: &[u8]) -> Vec<u8> {
+        let page_size = page_size::get();
+        let len = src.len().div_ceil(page_size) * page_size;
+
+        let layout = std::alloc::Layout::from_size_align(len, page_size).unwrap();
+        let ptr = unsafe { std::alloc::alloc(layout) };
+
+        let mut vec = unsafe { std::vec::Vec::from_raw_parts(ptr, len, len) };
+        vec[0..src.len()].copy_from_slice(src);
+
+        vec
+    }
+
+    #[cfg(target_os = "linux")]
+    fn region_for_buffer(buff: &[u8], guest_base: usize) -> MemoryRegion {
+        let ptr = buff.as_ptr() as usize;
+        let len = buff.len();
+        MemoryRegion {
+            host_region: ptr..(ptr + len),
+            guest_region: guest_base..(guest_base + len),
+            flags: MemoryRegionFlags::READ,
+            region_type: MemoryRegionType::Heap,
+        }
+    }
 }
diff --git a/src/tests/rust_guests/simpleguest/src/main.rs b/src/tests/rust_guests/simpleguest/src/main.rs
@@ -775,6 +775,29 @@ fn read_from_user_memory(function_call: &FunctionCall) -> Result<Vec<u8>> {
     }
 }
 
+fn read_mapped_buffer(function_call: &FunctionCall) -> Result<Vec<u8>> {
+    if let (ParameterValue::ULong(base), ParameterValue::ULong(len)) = (
+        function_call.parameters.clone().unwrap()[0].clone(),
+        function_call.parameters.clone().unwrap()[1].clone(),
+    ) {
+        let base = base as usize as *const u8;
+        let len = len as usize;
+
+        unsafe {
+            hyperlight_guest_bin::paging::map_region(base as _, base as _, len as u64 + 4096)
+        };
+
+        let data = unsafe { core::slice::from_raw_parts(base, len) };
+
+        Ok(get_flatbuffer_result(data))
+    } else {
+        Err(HyperlightGuestError::new(
+            ErrorCode::GuestFunctionParameterTypeMismatch,
+            "Invalid parameters passed to read_mapped_buffer".to_string(),
+        ))
+    }
+}
+
 #[no_mangle]
 pub extern "C" fn hyperlight_main() {
     let read_from_user_memory_def = GuestFunctionDefinition::new(
@@ -786,6 +809,15 @@ pub extern "C" fn hyperlight_main() {
 
     register_function(read_from_user_memory_def);
 
+    let read_mapped_buffer_def = GuestFunctionDefinition::new(
+        "ReadMappedBuffer".to_string(),
+        Vec::from(&[ParameterType::ULong, ParameterType::ULong]),
+        ReturnType::VecBytes,
+        read_mapped_buffer as usize,
+    );
+
+    register_function(read_mapped_buffer_def);
+
     let set_static_def = GuestFunctionDefinition::new(
         "SetStatic".to_string(),
         Vec::new(),
