Remove in process mode from hyperlight-host (#490)

Signed-off-by: Simon Davies <simongdavies@users.noreply.github.com>

Author: simongdavies

.github/workflows/dep_rust.yml

@@ -102,8 +102,8 @@ jobs:
           # with default features
           just test ${{ matrix.config }} ${{ matrix.hypervisor == 'mshv3' && 'mshv3' || ''}}
 
-          # with only one driver enabled (driver mshv/kvm feature is ignored on windows) + seccomp + inprocess
-          just test ${{ matrix.config }} inprocess,seccomp,${{ matrix.hypervisor == 'mshv' && 'mshv2' || matrix.hypervisor == 'mshv3' && 'mshv3' || 'kvm' }} 
+          # with only one driver enabled (driver mshv/kvm feature is ignored on windows) + seccomp 
+          just test ${{ matrix.config }} seccomp,${{ matrix.hypervisor == 'mshv' && 'mshv2' || matrix.hypervisor == 'mshv3' && 'mshv3' || 'kvm' }} 
 
           # make sure certain cargo features compile
           cargo check -p hyperlight-host --features crashdump

Justfile

@@ -61,8 +61,8 @@ test-like-ci config=default-target hypervisor="kvm":
     @# with default features
     just test {{config}} {{ if hypervisor == "mshv3" {"mshv3"} else {""} }}
 
-    @# with only one driver enabled + seccomp + inprocess
-    just test {{config}} inprocess,seccomp,{{ if hypervisor == "mshv" {"mshv2"} else if hypervisor == "mshv3" {"mshv3"} else {"kvm"} }}
+    @# with only one driver enabled + seccomp
+    just test {{config}} seccomp,{{ if hypervisor == "mshv" {"mshv2"} else if hypervisor == "mshv3" {"mshv3"} else {"kvm"} }}
 
     @# make sure certain cargo features compile
     cargo check -p hyperlight-host --features crashdump

docs/debugging-hyperlight.md

@@ -126,7 +126,6 @@ crashdump = ["dep:tempfile"] # Dumps the VM state to a file on unexpected errors
 kvm = ["dep:kvm-bindings", "dep:kvm-ioctls"]
 mshv2 = ["dep:mshv-bindings2", "dep:mshv-ioctls2"]
 mshv3 = ["dep:mshv-bindings3", "dep:mshv-ioctls3"]
-inprocess = []
 # This enables easy debug in the guest
 gdb = ["dep:gdbstub", "dep:gdbstub_arch"]
 fuzzing = ["hyperlight-common/fuzzing"]

src/hyperlight_host/Cargo.toml

@@ -92,9 +92,6 @@ fn main() -> Result<()> {
         gdb: { all(feature = "gdb", debug_assertions, any(feature = "kvm", feature = "mshv2", feature = "mshv3"), target_os = "linux") },
         kvm: { all(feature = "kvm", target_os = "linux") },
         mshv: { all(any(feature = "mshv2", feature = "mshv3"), target_os = "linux") },
-        // inprocess feature is aliased with debug_assertions to make it only available in debug-builds.
-        // You should never use #[cfg(feature = "inprocess")] in the codebase. Use #[cfg(inprocess)] instead.
-        inprocess: { all(feature = "inprocess", debug_assertions) },
         // crashdump feature is aliased with debug_assertions to make it only available in debug-builds.
         crashdump: { all(feature = "crashdump", debug_assertions) },
         // print_debug feature is aliased with debug_assertions to make it only available in debug-builds.

src/hyperlight_host/build.rs

@@ -349,19 +349,6 @@ mod tests {
         call_guest_function_by_name_hv();
     }
 
-    #[test]
-    #[cfg(inprocess)]
-    fn test_call_guest_function_by_name_in_proc_manual() {
-        let u_sbox = UninitializedSandbox::new(
-            guest_bin(),
-            None,
-            Some(crate::SandboxRunOptions::RunInProcess(false)),
-            None,
-        )
-        .unwrap();
-        test_call_guest_function_by_name(u_sbox);
-    }
-
     fn terminate_vcpu_after_1000ms() -> Result<()> {
         // This test relies upon a Hypervisor being present so for now
         // we will skip it if there isn't one.
@@ -456,7 +443,6 @@ mod tests {
     }
 
     #[test]
-    #[cfg(not(inprocess))]
     fn test_trigger_exception_on_guest() {
         let usbox = UninitializedSandbox::new(
             GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),

src/hyperlight_host/src/func/guest_dispatch.rs

@@ -240,8 +240,6 @@ impl HypervisorHandler {
         #[cfg(gdb)] debug_info: Option<DebugInfo>,
     ) -> Result<()> {
         let configuration = self.configuration.clone();
-        #[cfg(target_os = "windows")]
-        let in_process = sandbox_memory_manager.is_in_process();
 
         *self
             .execution_variables
@@ -309,11 +307,7 @@ impl HypervisorHandler {
                                 let hv = hv.as_mut().ok_or_else(|| new_error!("Hypervisor not set"))?;
 
                                 #[cfg(target_os = "windows")]
-                                if !in_process {
-                                    execution_variables
-                                        .set_partition_handle(hv.get_partition_handle())?;
-                                }
-
+                                execution_variables.set_partition_handle(hv.get_partition_handle())?;
                                 #[cfg(target_os = "linux")]
                                 {
                                     // We cannot use the Killable trait, so we get the `pthread_t` via a libc
@@ -867,100 +861,73 @@ fn set_up_hypervisor_partition(
             pml4_ptr
         );
     }
-    if mgr.is_in_process() {
-        cfg_if::cfg_if! {
-            if #[cfg(inprocess)] {
-                // in-process feature + debug build
-                use super::inprocess::InprocessArgs;
-                use crate::sandbox::leaked_outb::LeakedOutBWrapper;
-                use super::inprocess::InprocessDriver;
-
-                let leaked_outb_wrapper = LeakedOutBWrapper::new(mgr, outb_handler)?;
-                let hv = InprocessDriver::new(InprocessArgs {
-                    entrypoint_raw: u64::from(mgr.load_addr.clone() + mgr.entrypoint_offset),
-                    peb_ptr_raw: mgr
-                        .get_in_process_peb_address(mgr.shared_mem.base_addr() as u64)?,
-                    leaked_outb_wrapper,
-                })?;
-                Ok(Box::new(hv))
-            } else if #[cfg(inprocess)]{
-                // in-process feature, but not debug build
-                log_then_return!("In-process mode is only available on debug-builds");
-            } else if #[cfg(debug_assertions)] {
-                // debug build without in-process feature
-                log_then_return!("In-process mode requires `inprocess` cargo feature");
-            } else {
-                log_then_return!("In-process mode requires `inprocess` cargo feature and is only available on debug-builds");
-            }
-        }
-    } else {
-        // Create gdb thread if gdb is enabled and the configuration is provided
-        // This is only done when the hypervisor is not in-process
-        #[cfg(gdb)]
-        let gdb_conn = if let Some(DebugInfo { port }) = debug_info {
-            let gdb_conn = create_gdb_thread(*port, unsafe { pthread_self() });
 
-            // in case the gdb thread creation fails, we still want to continue
-            // without gdb
-            match gdb_conn {
-                Ok(gdb_conn) => Some(gdb_conn),
-                Err(e) => {
-                    log::error!("Could not create gdb connection: {:#}", e);
+    // Create gdb thread if gdb is enabled and the configuration is provided
+    // This is only done when the hypervisor is not in-process
+    #[cfg(gdb)]
+    let gdb_conn = if let Some(DebugInfo { port }) = debug_info {
+        let gdb_conn = create_gdb_thread(*port, unsafe { pthread_self() });
 
-                    None
-                }
-            }
-        } else {
-            None
-        };
+        // in case the gdb thread creation fails, we still want to continue
+        // without gdb
+        match gdb_conn {
+            Ok(gdb_conn) => Some(gdb_conn),
+            Err(e) => {
+                log::error!("Could not create gdb connection: {:#}", e);
 
-        match *get_available_hypervisor() {
-            #[cfg(mshv)]
-            Some(HypervisorType::Mshv) => {
-                let hv = crate::hypervisor::hyperv_linux::HypervLinuxDriver::new(
-                    regions,
-                    entrypoint_ptr,
-                    rsp_ptr,
-                    pml4_ptr,
-                    #[cfg(gdb)]
-                    gdb_conn,
-                )?;
-                Ok(Box::new(hv))
+                None
             }
+        }
+    } else {
+        None
+    };
 
-            #[cfg(kvm)]
-            Some(HypervisorType::Kvm) => {
-                let hv = crate::hypervisor::kvm::KVMDriver::new(
-                    regions,
-                    pml4_ptr.absolute()?,
-                    entrypoint_ptr.absolute()?,
-                    rsp_ptr.absolute()?,
-                    #[cfg(gdb)]
-                    gdb_conn,
-                )?;
-                Ok(Box::new(hv))
-            }
+    match *get_available_hypervisor() {
+        #[cfg(mshv)]
+        Some(HypervisorType::Mshv) => {
+            let hv = crate::hypervisor::hyperv_linux::HypervLinuxDriver::new(
+                regions,
+                entrypoint_ptr,
+                rsp_ptr,
+                pml4_ptr,
+                #[cfg(gdb)]
+                gdb_conn,
+            )?;
+            Ok(Box::new(hv))
+        }
 
-            #[cfg(target_os = "windows")]
-            Some(HypervisorType::Whp) => {
-                let mmap_file_handle = mgr
-                    .shared_mem
-                    .with_exclusivity(|e| e.get_mmap_file_handle())?;
-                let hv = crate::hypervisor::hyperv_windows::HypervWindowsDriver::new(
-                    regions,
-                    mgr.shared_mem.raw_mem_size(), // we use raw_* here because windows driver requires 64K aligned addresses,
-                    mgr.shared_mem.raw_ptr() as *mut c_void, // and instead convert it to base_addr where needed in the driver itself
-                    pml4_ptr.absolute()?,
-                    entrypoint_ptr.absolute()?,
-                    rsp_ptr.absolute()?,
-                    HandleWrapper::from(mmap_file_handle),
-                )?;
-                Ok(Box::new(hv))
-            }
+        #[cfg(kvm)]
+        Some(HypervisorType::Kvm) => {
+            let hv = crate::hypervisor::kvm::KVMDriver::new(
+                regions,
+                pml4_ptr.absolute()?,
+                entrypoint_ptr.absolute()?,
+                rsp_ptr.absolute()?,
+                #[cfg(gdb)]
+                gdb_conn,
+            )?;
+            Ok(Box::new(hv))
+        }
 
-            _ => {
-                log_then_return!(NoHypervisorFound());
-            }
+        #[cfg(target_os = "windows")]
+        Some(HypervisorType::Whp) => {
+            let mmap_file_handle = mgr
+                .shared_mem
+                .with_exclusivity(|e| e.get_mmap_file_handle())?;
+            let hv = crate::hypervisor::hyperv_windows::HypervWindowsDriver::new(
+                regions,
+                mgr.shared_mem.raw_mem_size(), // we use raw_* here because windows driver requires 64K aligned addresses,
+                mgr.shared_mem.raw_ptr() as *mut c_void, // and instead convert it to base_addr where needed in the driver itself
+                pml4_ptr.absolute()?,
+                entrypoint_ptr.absolute()?,
+                rsp_ptr.absolute()?,
+                HandleWrapper::from(mmap_file_handle),
+            )?;
+            Ok(Box::new(hv))
+        }
+
+        _ => {
+            log_then_return!(NoHypervisorFound());
         }
     }
 }

src/hyperlight_host/src/hypervisor/hypervisor_handler.rs

@@ -39,9 +39,6 @@ pub(crate) mod hypervisor_handler;
 #[cfg(gdb)]
 mod gdb;
 
-/// Driver for running in process instead of using hypervisor
-#[cfg(inprocess)]
-pub mod inprocess;
 #[cfg(kvm)]
 /// Functionality to manipulate KVM-based virtual machines
 pub mod kvm;