Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Guard Pages Mechanism #2377

Merged
merged 2 commits into from
Jan 7, 2021
Merged

Guard Pages Mechanism #2377

merged 2 commits into from
Jan 7, 2021

Conversation

berciuliviu
Copy link

@berciuliviu berciuliviu commented Dec 22, 2020
edited
Loading

Reason for This PR

This PR fixes the following issue.

Description of Changes

A guard page mechanism is implemented for guest memory creation and restore from Snapshot. Every memory region in the before mentioned cases will be surrounded by a left/right border, with the dimension of a system's PAGE_SIZE.
Rust unittests are also implemented.

  • This functionality can be added in rust-vmm.

License Acceptance

By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license.

PR Checklist

[Author TODO: Meet these criteria.]
[Reviewer TODO: Verify that these criteria are met. Request changes if not]

  • All commits in this PR are signed (git commit -s).
  • The reason for this PR is clearly provided (issue no. or explanation).
  • The description of changes is clear and encompassing.
  • Any required documentation changes (code and docs) are included in this PR.
  • Any newly added unsafe code is properly documented.
  • Any API changes are reflected in firecracker/swagger.yaml.
  • Any user-facing changes are mentioned in CHANGELOG.md.
  • All added/changed functionality is tested.

@berciuliviu berciuliviu self-assigned this Dec 22, 2020
@alindima alindima self-requested a review December 22, 2020 16:36
@acatangiu acatangiu added the Status: Awaiting review Indicates that a pull request is ready to be reviewed label Dec 24, 2020
@berciuliviu berciuliviu force-pushed the guard_pages_feature branch 2 times, most recently from 076b82d to 9d5c1ca Compare December 24, 2020 14:51
@raduiliescu
Copy link
Contributor

raduiliescu commented Jan 4, 2021
edited
Loading

Have you thought into adding an integration test for this? Would be nice to have a mechanism to verify how this protects against a malicious guest kernel driver.

@sandreim
Copy link
Contributor

sandreim commented Jan 5, 2021
edited
Loading

Have you thought into adding an integration test for this? Would be nice to have a mechanism to verify how this protects against a malicious guest kernel driver.

There are a couple of unit tests in this PR that simulate the effect of what a malicious guest kernel would do. @berciuliviu you can further improve them by also performing read/writes that start from a valid range and overlap the guard pages.

@berciuliviu
Copy link
Author

Have you thought into adding an integration test for this? Would be nice to have a mechanism to verify how this protects against a malicious guest kernel driver.

There are a couple of unit tests in this PR that simulate the effect of what a malicious guest kernel would do. @berciuliviu you can further improve them by also performing read/writes that start from a valid range and overlap the guard pages.

Understood. I will add such a test that will mimic the behaviour of test_create_guest_memory_guarded, but will instead do as you suggested, to perform operations until overlapping with the guard pages.

@berciuliviu berciuliviu changed the title [RFC] Guard Pages Mechanism Guard Pages Mechanism Jan 6, 2021
@berciuliviu berciuliviu force-pushed the guard_pages_feature branch 3 times, most recently from 7ba747c to 52eff68 Compare January 7, 2021 09:05
sandreim
sandreim reviewed Jan 7, 2021
View reviewed changes
src/vm-memory/src/mmap.rs Outdated Show resolved Hide resolved
src/vm-memory/src/mmap.rs Outdated Show resolved Hide resolved
berciuliviu added 2 commits January 7, 2021 17:15
Implement Guard Paging Mechanism
5a1a117 
This patch implements a page guarding mechanism.
It will be applied at guest memory creation step and
at snapshot memory restore.

Signed-off-by: berciuliviu <[email protected]>
Increase Pytest Coverage
17183bb 
Increase Pytest coverage for Page Guarding
Mechanism.

Signed-off-by: berciuliviu <[email protected]>
@berciuliviu
Copy link
Author

@sandreim PTAL!

georgepisaltu
georgepisaltu reviewed Jan 7, 2021
View reviewed changes
src/vm-memory/src/mmap.rs
@@ -41,6 +43,9 @@ pub use vm_memory_upstream::mmap::{check_file_offset, Error};
// The maximum number of bytes that can be read/written at a time.
static MAX_ACCESS_CHUNK: usize = 4096;

// The number of guard pages per region is a multiple of 2.
const GUARD_NUMBER: usize = 2;
Copy link
Contributor

@georgepisaltu georgepisaltu Jan 7, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I would name this to something like GUARD_PAGE_COUNT that is in line with what this constant does. GUARD_NUMBER may be misleading IMO.

@berciuliviu berciuliviu merged commit 364cf32 into firecracker-microvm:master Jan 7, 2021
@berciuliviu berciuliviu mentioned this pull request Jan 7, 2021
Closed
@alindima alindima mentioned this pull request Aug 11, 2021
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sandreim sandreim sandreim approved these changes

@georgepisaltu georgepisaltu georgepisaltu approved these changes

@alindima alindima Awaiting requested review from alindima

Assignees

@berciuliviu berciuliviu

Labels
Status: Awaiting review Indicates that a pull request is ready to be reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@berciuliviu @raduiliescu @sandreim @georgepisaltu @acatangiu