Revert "[host/{mem,func},guest/host_functions,common/peb] Removed HostFunctionDefinitions memory region"

This reverts commit 1d938f2.

Signed-off-by: danbugs <[email protected]>

Author: danbugs

src/hyperlight_common/src/mem.rs

@@ -48,4 +48,5 @@ pub struct HyperlightPEB {
     pub output_stack: GuestMemoryRegion,
     pub guest_heap: GuestMemoryRegion,
     pub guest_stack: GuestStack,
+    pub host_function_definitions: GuestMemoryRegion,
 }

src/hyperlight_guest/src/guest_handle/host_comm.rs

@@ -17,6 +17,7 @@ limitations under the License.
 use alloc::format;
 use alloc::string::ToString;
 use alloc::vec::Vec;
+use core::slice::from_raw_parts;
 
 use hyperlight_common::flatbuffer_wrappers::function_call::{FunctionCall, FunctionCallType};
 use hyperlight_common::flatbuffer_wrappers::function_types::{
@@ -25,6 +26,7 @@ use hyperlight_common::flatbuffer_wrappers::function_types::{
 use hyperlight_common::flatbuffer_wrappers::guest_error::{ErrorCode, GuestError};
 use hyperlight_common::flatbuffer_wrappers::guest_log_data::GuestLogData;
 use hyperlight_common::flatbuffer_wrappers::guest_log_level::LogLevel;
+use hyperlight_common::flatbuffer_wrappers::host_function_details::HostFunctionDetails;
 use hyperlight_common::outb::OutBAction;
 
 use super::handle::GuestHandle;
@@ -99,6 +101,21 @@ impl GuestHandle {
         self.get_host_return_value::<T>()
     }
 
+    pub fn get_host_function_details(&self) -> HostFunctionDetails {
+        let peb_ptr = self.peb().unwrap();
+        let host_function_details_buffer =
+            unsafe { (*peb_ptr).host_function_definitions.ptr as *const u8 };
+        let host_function_details_size =
+            unsafe { (*peb_ptr).host_function_definitions.size as usize };
+
+        let host_function_details_slice: &[u8] =
+            unsafe { from_raw_parts(host_function_details_buffer, host_function_details_size) };
+
+        host_function_details_slice
+            .try_into()
+            .expect("Failed to convert buffer to HostFunctionDetails")
+    }
+
     /// Write an error to the shared output data buffer.
     pub fn write_error(&self, error_code: ErrorCode, message: Option<&str>) {
         let guest_error: GuestError = GuestError::new(

src/hyperlight_guest/src/host_functions.rs

@@ -0,0 +1,112 @@
+/*
+Copyright 2024 The Hyperlight Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+use alloc::format;
+use alloc::string::ToString;
+use alloc::vec::Vec;
+use core::slice::from_raw_parts;
+
+use hyperlight_common::flatbuffer_wrappers::function_call::FunctionCall;
+use hyperlight_common::flatbuffer_wrappers::function_types::ParameterType;
+use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode;
+use hyperlight_common::flatbuffer_wrappers::host_function_details::HostFunctionDetails;
+
+use crate::error::{HyperlightGuestError, Result};
+use crate::P_PEB;
+
+pub(crate) fn validate_host_function_call(function_call: &FunctionCall) -> Result<()> {
+    // get host function details
+    let host_function_details = get_host_function_details();
+
+    // check if there are any host functions
+    if host_function_details.host_functions.is_none() {
+        return Err(HyperlightGuestError::new(
+            ErrorCode::GuestError,
+            "No host functions found".to_string(),
+        ));
+    }
+
+    // check if function w/ given name exists
+    let host_function = if let Some(host_function) =
+        host_function_details.find_by_function_name(&function_call.function_name)
+    {
+        host_function
+    } else {
+        return Err(HyperlightGuestError::new(
+            ErrorCode::GuestError,
+            format!(
+                "Host Function Not Found: {}",
+                function_call.function_name.clone()
+            ),
+        ));
+    };
+
+    let function_call_fparameters = if let Some(parameters) = function_call.parameters.clone() {
+        parameters
+    } else {
+        if host_function.parameter_types.is_some() {
+            return Err(HyperlightGuestError::new(
+                ErrorCode::GuestError,
+                format!(
+                    "Incorrect parameter count for function: {}",
+                    function_call.function_name.clone()
+                ),
+            ));
+        }
+
+        Vec::new() // if no parameters (and no mismatches), return empty vector
+    };
+
+    let function_call_parameter_types = function_call_fparameters
+        .iter()
+        .map(|p| p.into())
+        .collect::<Vec<ParameterType>>();
+
+    // Verify that the function call has the correct parameter types.
+    host_function
+        .verify_equal_parameter_types(&function_call_parameter_types)
+        .map_err(|_| {
+            HyperlightGuestError::new(
+                ErrorCode::GuestError,
+                format!(
+                    "Incorrect parameter type for function: {}",
+                    function_call.function_name.clone()
+                ),
+            )
+        })?;
+
+    Ok(())
+}
+
+pub fn get_host_function_details() -> HostFunctionDetails {
+    let peb_ptr = unsafe { P_PEB.unwrap() };
+
+    let host_function_details_buffer =
+        unsafe { (*peb_ptr).hostFunctionDefinitions.fbHostFunctionDetails } as *const u8;
+    let host_function_details_size =
+        unsafe { (*peb_ptr).hostFunctionDefinitions.fbHostFunctionDetailsSize };
+
+    let host_function_details_slice: &[u8] = unsafe {
+        from_raw_parts(
+            host_function_details_buffer,
+            host_function_details_size as usize,
+        )
+    };
+
+    host_function_details_slice
+        .try_into()
+        .expect("Failed to convert buffer to HostFunctionDetails")
+}

src/hyperlight_guest_bin/src/host_comm.rs

@@ -24,6 +24,7 @@ use hyperlight_common::flatbuffer_wrappers::function_types::{
     ParameterValue, ReturnType, ReturnValue,
 };
 use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode;
+use hyperlight_common::flatbuffer_wrappers::host_function_details::HostFunctionDetails;
 use hyperlight_common::flatbuffer_wrappers::util::get_flatbuffer_result;
 use hyperlight_guest::error::{HyperlightGuestError, Result};
 
@@ -58,6 +59,12 @@ pub fn get_host_return_value<T: TryFrom<ReturnValue>>() -> Result<T> {
     handle.get_host_return_value::<T>()
 }
 
+pub fn get_host_function_details() -> HostFunctionDetails {
+    let handle = unsafe { GUEST_HANDLE };
+
+    handle.get_host_function_details()
+}
+
 /// Print a message using the host's print function.
 ///
 /// This function requires memory to be setup to be used. In particular, the

src/hyperlight_host/src/func/host_functions.rs

@@ -20,8 +20,9 @@ use hyperlight_common::flatbuffer_wrappers::function_types::{ParameterValue, Ret
 
 use super::utils::for_each_tuple;
 use super::{ParameterTuple, ResultType, SupportedReturnType};
+use crate::sandbox::host_funcs::FunctionEntry;
 use crate::sandbox::{ExtraAllowedSyscall, UninitializedSandbox};
-use crate::{Result, log_then_return, new_error};
+use crate::{Result, new_error};
 
 /// A sandbox on which (primitive) host functions can be registered
 ///
@@ -52,7 +53,15 @@ impl Registerable for UninitializedSandbox {
             .host_funcs
             .try_lock()
             .map_err(|e| new_error!("Error locking at {}:{}: {}", file!(), line!(), e))?;
-        (*hfs).register_host_function(name.to_string(), hf.into().into())
+
+        let entry = FunctionEntry {
+            function: hf.into().into(),
+            extra_allowed_syscalls: None,
+            parameter_types: Args::TYPE,
+            return_type: Output::TYPE,
+        };
+
+        (*hfs).register_host_function(name.to_string(), entry, self.mgr.unwrap_mgr_mut())
     }
     #[cfg(all(feature = "seccomp", target_os = "linux"))]
     fn register_host_function_with_syscalls<Args: ParameterTuple, Output: SupportedReturnType>(
@@ -65,7 +74,15 @@ impl Registerable for UninitializedSandbox {
             .host_funcs
             .try_lock()
             .map_err(|e| new_error!("Error locking at {}:{}: {}", file!(), line!(), e))?;
-        (*hfs).register_host_function_with_syscalls(name.to_string(), hf.into().into(), eas)
+
+        let entry = FunctionEntry {
+            function: hf.into().into(),
+            extra_allowed_syscalls: Some(eas),
+            parameter_types: Args::TYPE,
+            return_type: Output::TYPE,
+        };
+
+        (*hfs).register_host_function(name.to_string(), entry, self.mgr.unwrap_mgr_mut())
     }
 }
 
@@ -182,31 +199,18 @@ pub(crate) fn register_host_function<Args: ParameterTuple, Output: SupportedRetu
 ) -> Result<()> {
     let func = func.into().into();
 
-    if let Some(_eas) = extra_allowed_syscalls {
-        if cfg!(all(feature = "seccomp", target_os = "linux")) {
-            // Register with extra allowed syscalls
-            #[cfg(all(feature = "seccomp", target_os = "linux"))]
-            {
-                sandbox
-                    .host_funcs
-                    .try_lock()
-                    .map_err(|e| new_error!("Error locking at {}:{}: {}", file!(), line!(), e))?
-                    .register_host_function_with_syscalls(name.to_string(), func, _eas)?;
-            }
-        } else {
-            // Log and return an error
-            log_then_return!(
-                "Extra allowed syscalls are only supported on Linux with seccomp enabled"
-            );
-        }
-    } else {
-        // Register without extra allowed syscalls
-        sandbox
-            .host_funcs
-            .try_lock()
-            .map_err(|e| new_error!("Error locking at {}:{}: {}", file!(), line!(), e))?
-            .register_host_function(name.to_string(), func)?;
-    }
+    let entry = FunctionEntry {
+        function: func,
+        extra_allowed_syscalls: extra_allowed_syscalls.clone(),
+        parameter_types: Args::TYPE,
+        return_type: Output::TYPE,
+    };
+
+    sandbox
+        .host_funcs
+        .try_lock()
+        .map_err(|e| new_error!("Error locking at {}:{}: {}", file!(), line!(), e))?
+        .register_host_function(name.to_string(), entry, sandbox.mgr.unwrap_mgr_mut())?;
 
     Ok(())
 }