Skip to content

Commit f17d33d

Browse files
ludfjigludfjig
committed
TEMP COMMIT
Signed-off-by: Ludvig Liljenberg <[email protected]>
1 parent 5174202 commit f17d33d

File tree

5 files changed

+51
-26
lines changed

5 files changed

+51
-26
lines changed

.github/workflows/dep_rust.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -96,6 +96,19 @@ jobs:
9696
- name: Verify MSRV
9797
run: ./dev/verify-msrv.sh hyperlight-host hyperlight-guest hyperlight-guest-bin hyperlight-common
9898

99+
- name: check kvm
100+
run: ls -al /dev/kvm || true
101+
102+
- name: check groups
103+
run: groups || true
104+
105+
- name: increase ulimit
106+
run: |
107+
ulimit -n || true
108+
ulimit -Sn || true
109+
ulimit -Hn || true
110+
ulimit -n 65535 || true
111+
99112
- name: Run Rust tests
100113
env:
101114
CARGO_TERM_COLOR: always

Justfile

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -86,26 +86,26 @@ test target=default-target features="": (test-unit target features) (test-isolat
8686

8787
# runs unit tests
8888
test-unit target=default-target features="":
89-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} --lib
89+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} --lib -- --show-output --nocapture
9090

9191
# runs tests that requires being run separately, for example due to global state
9292
test-isolated target=default-target features="":
93-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::uninitialized::tests::test_trace_trace --exact --ignored
94-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::uninitialized::tests::test_log_trace --exact --ignored
95-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::initialized_multi_use::tests::create_1000_sandboxes --exact --ignored
96-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::outb::tests::test_log_outb_log --exact --ignored
97-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- mem::shared_mem::tests::test_drop --exact --ignored
98-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --test integration_test -- log_message --exact --ignored
93+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::uninitialized::tests::test_trace_trace --exact --ignored --show-output --nocapture
94+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::uninitialized::tests::test_log_trace --exact --ignored --show-output --nocapture
95+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::initialized_multi_use::tests::create_1000_sandboxes --exact --ignored --show-output --nocapture
96+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- sandbox::outb::tests::test_log_outb_log --exact --ignored --show-output --nocapture
97+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- mem::shared_mem::tests::test_drop --exact --ignored --show-output --nocapture
98+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --test integration_test -- log_message --exact --ignored --show-output --nocapture
9999
@# metrics tests
100-
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F function_call_metrics," + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- metrics::tests::test_metrics_are_emitted --exact
100+
cargo test {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F function_call_metrics," + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} -p hyperlight-host --lib -- metrics::tests::test_metrics_are_emitted --exact --show-output --nocapture
101101
# runs integration tests. Guest can either be "rust" or "c"
102102
test-integration guest target=default-target features="":
103103
@# run execute_on_heap test with feature "executable_heap" on and off
104-
{{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test --profile={{ if target == "debug" { "dev" } else { target } }} --test integration_test execute_on_heap {{ if features =="" {" --features executable_heap"} else {"--features executable_heap," + features} }} -- --ignored
105-
{{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test --profile={{ if target == "debug" { "dev" } else { target } }} --test integration_test execute_on_heap {{ if features =="" {""} else {"--features " + features} }} -- --ignored
104+
{{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test --profile={{ if target == "debug" { "dev" } else { target } }} --test integration_test execute_on_heap {{ if features =="" {" --features executable_heap"} else {"--features executable_heap," + features} }} -- --ignored --show-output --nocapture
105+
{{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test --profile={{ if target == "debug" { "dev" } else { target } }} --test integration_test execute_on_heap {{ if features =="" {""} else {"--features " + features} }} -- --ignored --show-output --nocapture
106106

107107
@# run the rest of the integration tests
108-
{{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test -p hyperlight-host {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} --test '*'
108+
{{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test -p hyperlight-host {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} --test '*' -- --show-output --nocapture
109109

110110
# runs seccomp tests
111111
test-seccomp target=default-target features="":

src/hyperlight_host/src/hypervisor/kvm.rs

Lines changed: 25 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@ use std::sync::Arc;
2020
#[cfg(gdb)]
2121
use std::sync::Mutex;
2222
use std::sync::atomic::{AtomicBool, AtomicU64, Ordering};
23+
use std::thread;
24+
use std::time::Duration;
2325

2426
use kvm_bindings::{KVM_MEM_READONLY, kvm_fpu, kvm_regs, kvm_userspace_memory_region};
2527
use kvm_ioctls::Cap::UserMemory;
@@ -48,23 +50,33 @@ use crate::{Result, log_then_return, new_error};
4850
/// Return `true` if the KVM API is available, version 12, and has UserMemory capability, or `false` otherwise
4951
#[instrument(skip_all, parent = Span::current(), level = "Trace")]
5052
pub(crate) fn is_hypervisor_present() -> bool {
51-
if let Ok(kvm) = Kvm::new() {
52-
let api_version = kvm.get_api_version();
53-
match api_version {
54-
version if version == 12 && kvm.check_extension(UserMemory) => true,
55-
12 => {
56-
log::info!("KVM does not have KVM_CAP_USER_MEMORY capability");
57-
false
53+
for _ in 0..10 {
54+
#[allow(clippy::unwrap_used)]
55+
let entries = std::fs::read_dir("/proc/self/fd").unwrap();
56+
println!("Current open file descriptors: {}", entries.count());
57+
match Kvm::new() {
58+
Ok(kvm) => {
59+
let api_version = kvm.get_api_version();
60+
match api_version {
61+
version if version == 12 && kvm.check_extension(UserMemory) => return true,
62+
12 => {
63+
println!("KVM does not have KVM_CAP_USER_MEMORY capability");
64+
log::info!("KVM does not have KVM_CAP_USER_MEMORY capability");
65+
}
66+
version => {
67+
println!("KVM GET_API_VERSION returned {}, expected 12", version);
68+
log::info!("KVM GET_API_VERSION returned {}, expected 12", version);
69+
}
70+
}
5871
}
59-
version => {
60-
log::info!("KVM GET_API_VERSION returned {}, expected 12", version);
61-
false
72+
Err(e) => {
73+
log::info!("KVM is not available on this system: {:?}", e);
74+
println!("KVM is not available on this system: {:?}", e);
6275
}
6376
}
64-
} else {
65-
log::info!("KVM is not available on this system");
66-
false
77+
thread::sleep(Duration::from_millis(100));
6778
}
79+
return false;
6880
}
6981

7082
#[cfg(gdb)]

src/hyperlight_host/src/sandbox/initialized_multi_use.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -509,7 +509,7 @@ mod tests {
509509

510510
if cfg!(feature = "seccomp") {
511511
// If seccomp is enabled, we expect the syscall to return EACCES, as setup by our seccomp filter
512-
assert_eq!(host_func_result, -libc::EACCES as i64);
512+
assert_eq!(host_func_result, -libc::ENOMEM as i64);
513513
} else {
514514
// If seccomp is not enabled, we expect the syscall to succeed
515515
assert!(host_func_result >= 0);

src/hyperlight_host/src/seccomp/guest.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -114,7 +114,7 @@ pub(crate) fn get_seccomp_filter_for_host_function_worker_thread(
114114
let errno_on_openat = SeccompFilter::new(
115115
[(libc::SYS_openat, vec![])].into_iter().collect(),
116116
SeccompAction::Allow,
117-
SeccompAction::Errno(libc::EACCES.try_into()?),
117+
SeccompAction::Errno(libc::ENOMEM.try_into()?),
118118
arch,
119119
)?
120120
.try_into()?;

0 commit comments

Comments
 (0)