firecracker icon indicating copy to clipboard operation
firecracker copied to clipboard
verified publisher icon firecracker-microvm

[WIP][SH] add userfault support to UFFD handlers

Open kalyazin opened this issue 7 months ago • 1 comments

Changes

This implements the Secret Freedom userfault protocol in the example UFFD handlers.

Reason

This is needed to be able to restore snapshots where the VM was backed by guest_memfd.

License Acceptance

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check CONTRIBUTING.md.

PR Checklist

  • [x] I have read and understand CONTRIBUTING.md.
  • [x] I have run tools/devtool checkstyle to verify that the PR passes the automated style checks.
  • [x] I have described what is done in these changes, why they are needed, and how they are solving the problem in a clear and encompassing way.
  • ~~[ ] I have updated any relevant documentation (both in code and in the docs) in the PR.~~
  • ~~[ ] I have mentioned all user-facing changes in CHANGELOG.md.~~
  • ~~[ ] If a specific issue led to this PR, this PR closes the issue.~~
  • ~~[ ] When making API changes, I have followed the Runbook for Firecracker API changes.~~
  • ~~[ ] I have tested all new and changed functionalities in unit tests and/or integration tests.~~
  • ~~[ ] I have linked an issue to every new TODO.~~
  • [x] This functionality cannot be added in rust-vmm.

kalyazin avatar Jun 13 '25 16:06 kalyazin

Codecov Report

Attention: Patch coverage is 29.70297% with 284 lines in your changes missing coverage. Please review.

Project coverage is 81.83%. Comparing base (00ac2f3) to head (7622c4c). Report is 18 commits behind head on feature/secret-hiding.

Files with missing lines Patch % Lines
src/vmm/src/lib.rs 1.78% 110 Missing :warning:
src/vmm/src/builder.rs 34.90% 69 Missing :warning:
src/vmm/src/vstate/vcpu.rs 26.56% 47 Missing :warning:
src/vmm/src/persist.rs 37.77% 28 Missing :warning:
src/vmm/src/vstate/memory.rs 0.00% 19 Missing :warning:
src/vmm/src/vstate/vm.rs 81.03% 11 Missing :warning:
Additional details and impacted files 
@@                    Coverage Diff                    @@
##           feature/secret-hiding    #5261      +/-   ##
=========================================================
- Coverage                  82.52%   81.83%   -0.69%     
=========================================================
  Files                        250      250              
  Lines                      27386    27700     +314     
=========================================================
+ Hits                       22599    22668      +69     
- Misses                      4787     5032     +245
Flag Coverage Δ
5.10-c5n.metal 81.96% <23.76%> (-0.95%) :arrow_down:
5.10-m5n.metal 82.00% <23.76%> (-0.91%) :arrow_down:
5.10-m6a.metal 81.11% <23.76%> (-0.98%) :arrow_down:
5.10-m6g.metal 77.92% <23.19%> (-0.78%) :arrow_down:
5.10-m6i.metal 81.95% <23.76%> (-0.95%) :arrow_down:
5.10-m7a.metal-48xl 81.10% <23.76%> (-0.98%) :arrow_down:
5.10-m7g.metal 77.92% <23.19%> (-0.78%) :arrow_down:
5.10-m7i.metal-24xl 81.91% <23.76%> (-0.95%) :arrow_down:
5.10-m7i.metal-48xl 81.91% <23.76%> (-0.95%) :arrow_down:
5.10-m8g.metal-24xl 77.91% <23.19%> (-0.78%) :arrow_down:
5.10-m8g.metal-48xl 77.91% <23.19%> (-0.78%) :arrow_down:
6.1-c5n.metal 82.00% <23.76%> (-0.95%) :arrow_down:
6.1-m5n.metal 82.00% <23.76%> (-0.95%) :arrow_down:
6.1-m6a.metal 81.16% <23.76%> (-0.98%) :arrow_down:
6.1-m6g.metal 77.92% <23.19%> (-0.78%) :arrow_down:
6.1-m6i.metal 81.99% <23.76%> (-0.96%) :arrow_down:
6.1-m7a.metal-48xl 81.15% <23.76%> (-0.98%) :arrow_down:
6.1-m7g.metal 77.91% <23.19%> (-0.79%) :arrow_down:
6.1-m7i.metal-24xl 82.00% <23.76%> (-0.96%) :arrow_down:
6.1-m7i.metal-48xl 82.01% <23.76%> (-0.95%) :arrow_down:
6.1-m8g.metal-24xl 77.91% <23.19%> (-0.78%) :arrow_down:
6.1-m8g.metal-48xl 77.91% <23.19%> (-0.78%) :arrow_down:
6.14-c5n.metal 82.05% <29.20%> (-0.87%) :arrow_down:
6.14-m5n.metal 82.04% <29.20%> (-0.89%) :arrow_down:
6.14-m6a.metal 81.21% <29.20%> (-0.90%) :arrow_down:
6.14-m6g.metal 77.95% <28.67%> (-0.70%) :arrow_down:
6.14-m6i.metal 82.04% <29.20%> (-0.88%) :arrow_down:
6.14-m7a.metal-48xl 81.20% <29.20%> (-0.90%) :arrow_down:
6.14-m7g.metal 77.96% <28.67%> (-0.70%) :arrow_down:
6.14-m7i.metal-24xl 82.06% <29.20%> (-0.87%) :arrow_down:
6.14-m7i.metal-48xl 82.06% <29.20%> (-0.87%) :arrow_down:
6.14-m8g.metal-24xl 77.95% <28.67%> (-0.71%) :arrow_down:
6.14-m8g.metal-48xl 77.96% <28.67%> (-0.70%) :arrow_down:

Flags with carried forward coverage won't be shown. Click here to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

codecov[bot] avatar Jun 13 '25 16:06 codecov[bot]

That also doesn't need to be an event fd imo, I'm sure there's something in std::sync that we can use for it (std::sync::CondVar seems like the right fit at a glance)

Indeed, switched to CondVar.

kalyazin avatar Jun 25 '25 16:06 kalyazin