[*] bring back tests

- added convenience justfile rule to test like CI (w/ different feature combinations),
- removed executable_heap feature (heap is always executable now).
- fixed check_stack_guard functionality w/ stack cookie (currently broken in main).
- fixed logging to get proper output_data_region address (host vs. guest address space when
in process vs. in hypervisor).
- modified print_output to return the message length.

Signed-off-by: danbugs <[email protected]>

Author: danbugs

Justfile

@@ -62,6 +62,22 @@ clean-rust:
 
 # Note: most testing recipes take an optional "features" comma separated list argument. If provided, these will be passed to cargo as **THE ONLY FEATURES**, i.e. default features will be disabled.
 
+# run full CI test matrix
+test-like-ci config=default-target hypervisor="kvm":
+    @# with default features
+    just test {{config}} {{ if hypervisor == "mshv3" {"mshv3"} else {""} }}
+
+    @# with only one driver enabled + seccomp + inprocess
+    just test {{config}} inprocess,seccomp,{{ if hypervisor == "mshv" {"mshv2"} else if hypervisor == "mshv3" {"mshv3"} else {"kvm"} }}
+
+    @# make sure certain cargo features compile
+    cargo check -p hyperlight-host --features crashdump
+    cargo check -p hyperlight-host --features print_debug
+    cargo check -p hyperlight-host --features gdb
+
+    @# without any driver (should fail to compile)
+    just test-compilation-fail {{config}}
+
 # runs all tests
 test target=default-target features="": (test-unit target features) (test-isolated target features) (test-integration "rust" target features) (test-integration "c" target features) (test-seccomp target features)
 
@@ -83,11 +99,6 @@ test-isolated target=default-target features="":
 
 # runs integration tests. Guest can either be "rust" or "c"
 test-integration guest target=default-target features="":
-    @# run execute_on_heap test with feature "executable_heap" on and off
-    {{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test --profile={{ if target == "debug" { "dev" } else { target } }} --test integration_test execute_on_heap {{ if features =="" {" --features executable_heap"} else {"--features executable_heap," + features} }} -- --ignored
-    {{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test --profile={{ if target == "debug" { "dev" } else { target } }} --test integration_test execute_on_heap {{ if features =="" {""} else {"--features " + features} }} -- --ignored
-    
-    @# run the rest of the integration tests
     {{if os() == "windows" { "$env:" } else { "" } }}GUEST="{{guest}}"{{if os() == "windows" { ";" } else { "" } }} cargo test -p hyperlight-host {{ if features =="" {''} else if features=="no-default-features" {"--no-default-features" } else {"--no-default-features -F " + features } }} --profile={{ if target == "debug" { "dev" } else { target } }} --test '*'
 
 # runs seccomp tests

src/hyperlight_common/src/peb.rs

@@ -27,7 +27,9 @@ pub struct MemoryRegion {
 #[repr(C)]
 #[derive(Clone, Default)]
 pub struct HyperlightPEB {
+    /// The minimum stack address is the lowest address of the stack.
     pub min_stack_address: u64,
+
     // - Host configured fields
     /// Hyperlight supports two primary modes:
     /// 1. Hypervisor mode

src/hyperlight_guest/src/logging.rs

@@ -44,9 +44,8 @@ fn write_log_data(
         .try_into()
         .expect("Failed to convert GuestLogData to bytes");
 
-    let output_data_section: OutputDataSection = unsafe { (*PEB).clone() }
-        .get_output_data_guest_region()
-        .into();
+    let output_data_section: OutputDataSection =
+        unsafe { (*PEB).clone() }.get_output_data_region().into();
 
     output_data_section
         .push_shared_output_data(bytes)

src/hyperlight_guest_capi/src/dispatch.rs

@@ -7,10 +7,10 @@ use core::mem;
 use hyperlight_common::flatbuffer_wrappers::function_call::FunctionCall;
 use hyperlight_common::flatbuffer_wrappers::function_types::{ParameterType, ReturnType};
 use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode;
+use hyperlight_common::host_calling::call_host_function;
 use hyperlight_guest::error::{HyperlightGuestError, Result};
 use hyperlight_guest::guest_function_definition::GuestFunctionDefinition;
 use hyperlight_guest::guest_function_register::GuestFunctionRegister;
-use hyperlight_guest::host_function_call::call_host_function;
 
 use crate::types::{FfiFunctionCall, FfiVec};
 static mut REGISTERED_C_GUEST_FUNCTIONS: GuestFunctionRegister = GuestFunctionRegister::new();

src/hyperlight_guest_capi/src/flatbuffer.rs

@@ -2,7 +2,7 @@ use alloc::boxed::Box;
 use core::ffi::{c_char, CStr};
 
 use hyperlight_common::flatbuffer_wrappers::util::get_flatbuffer_result;
-use hyperlight_guest::host_function_call::get_host_return_value;
+use hyperlight_common::host_calling::get_host_return_value;
 
 use crate::types::FfiVec;
 

src/hyperlight_host/Cargo.toml

@@ -121,7 +121,6 @@ built = { version = "0.7.7", features = ["chrono", "git2"] }
 default = ["kvm", "mshv2", "seccomp"]
 seccomp = ["dep:seccompiler"]
 function_call_metrics = []
-executable_heap = []
 # This feature enables printing of debug information to stdout in debug builds
 print_debug = []
 crashdump = ["dep:tempfile"] # Dumps the VM state to a file on unexpected errors or crashes. The path of the file will be printed on stdout and logged. This feature can only be used in debug builds.

src/hyperlight_host/examples/chrome-tracing/main.rs

@@ -1,54 +1,55 @@
-/*
-Copyright 2024 The Hyperlight Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-use hyperlight_host::func::{ParameterValue, ReturnType, ReturnValue};
-use hyperlight_host::sandbox::uninitialized::UninitializedSandbox;
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
-use hyperlight_host::{GuestBinary, MultiUseSandbox, Result};
-use hyperlight_testing::simple_guest_as_string;
-use tracing_chrome::ChromeLayerBuilder;
-use tracing_subscriber::prelude::*;
-
-// This example can be run with `cargo run --package hyperlight_host --example chrome-tracing --release`
-fn main() -> Result<()> {
-    // set up tracer
-    let (chrome_layer, _guard) = ChromeLayerBuilder::new().build();
-    tracing_subscriber::registry().with(chrome_layer).init();
-
-    let simple_guest_path =
-        simple_guest_as_string().expect("Cannot find the guest binary at the expected location.");
-
-    // Create a new sandbox.
-    let usandbox =
-        UninitializedSandbox::new(GuestBinary::FilePath(simple_guest_path), None, None, None)?;
-
-    let mut sbox = usandbox
-        .evolve(Noop::<UninitializedSandbox, MultiUseSandbox>::default())
-        .unwrap();
-
-    // do the function call
-    let current_time = std::time::Instant::now();
-    let res = sbox.call_guest_function_by_name(
-        "Echo",
-        ReturnType::String,
-        Some(vec![ParameterValue::String("Hello, World!".to_string())]),
-    )?;
-    let elapsed = current_time.elapsed();
-    println!("Function call finished in {:?}.", elapsed);
-    assert!(matches!(res, ReturnValue::String(s) if s == "Hello, World!"));
+// TODO(danbugs:297): bring back
+// /*
+// Copyright 2024 The Hyperlight Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// */
+//
+// use hyperlight_host::func::{ParameterValue, ReturnType, ReturnValue};
+// use hyperlight_host::sandbox::uninitialized::UninitializedSandbox;
+// use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
+// use hyperlight_host::sandbox_state::transition::Noop;
+// use hyperlight_host::{GuestBinary, MultiUseSandbox, Result};
+// use hyperlight_testing::simple_guest_as_string;
+// use tracing_chrome::ChromeLayerBuilder;
+// use tracing_subscriber::prelude::*;
+//
+// // This example can be run with `cargo run --package hyperlight_host --example chrome-tracing --release`
+fn main() -> hyperlight_host::Result<()> {
+    //     // set up tracer
+    //     let (chrome_layer, _guard) = ChromeLayerBuilder::new().build();
+    //     tracing_subscriber::registry().with(chrome_layer).init();
+    //
+    //     let simple_guest_path =
+    //         simple_guest_as_string().expect("Cannot find the guest binary at the expected location.");
+    //
+    //     // Create a new sandbox.
+    //     let usandbox =
+    //         UninitializedSandbox::new(GuestBinary::FilePath(simple_guest_path), None, None, None)?;
+    //
+    //     let mut sbox = usandbox
+    //         .evolve(Noop::<UninitializedSandbox, MultiUseSandbox>::default())
+    //         .unwrap();
+    //
+    //     // do the function call
+    //     let current_time = std::time::Instant::now();
+    //     let res = sbox.call_guest_function_by_name(
+    //         "Echo",
+    //         ReturnType::String,
+    //         Some(vec![ParameterValue::String("Hello, World!".to_string())]),
+    //     )?;
+    //     let elapsed = current_time.elapsed();
+    //     println!("Function call finished in {:?}.", elapsed);
+    //     assert!(matches!(res, ReturnValue::String(s) if s == "Hello, World!"));
     Ok(())
 }

src/hyperlight_host/examples/func_ctx/main.rs

@@ -1,76 +1,77 @@
-/*
-Copyright 2024 The Hyperlight Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-use hyperlight_common::flatbuffer_wrappers::function_types::{ParameterValue, ReturnType};
-use hyperlight_host::func::call_ctx::MultiUseGuestCallContext;
-use hyperlight_host::sandbox::{MultiUseSandbox, UninitializedSandbox};
-use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
-use hyperlight_host::sandbox_state::transition::Noop;
-use hyperlight_host::{new_error, GuestBinary, Result};
-use hyperlight_testing::simple_guest_as_string;
-
+// TODO(danbugs:297): bring back
+// /*
+// Copyright 2024 The Hyperlight Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// */
+//
+// use hyperlight_common::flatbuffer_wrappers::function_types::{ParameterValue, ReturnType};
+// use hyperlight_host::func::call_ctx::MultiUseGuestCallContext;
+// use hyperlight_host::sandbox::{MultiUseSandbox, UninitializedSandbox};
+// use hyperlight_host::sandbox_state::sandbox::EvolvableSandbox;
+// use hyperlight_host::sandbox_state::transition::Noop;
+// use hyperlight_host::{new_error, GuestBinary, Result};
+// use hyperlight_testing::simple_guest_as_string;
+//
 fn main() {
-    // create a new `MultiUseSandbox` configured to run the `simpleguest.exe`
-    // test guest binary
-    let sbox1: MultiUseSandbox = {
-        let path = simple_guest_as_string().unwrap();
-        let u_sbox =
-            UninitializedSandbox::new(GuestBinary::FilePath(path), None, None, None).unwrap();
-        u_sbox.evolve(Noop::default())
-    }
-    .unwrap();
-
-    // create a new call context from the sandbox, then do some calls with it.
-    let ctx1 = sbox1.new_call_context();
-    let sbox2 = do_calls(ctx1).unwrap();
-    // create a new call context from the returned sandbox, then do some calls
-    // with that one
-    let ctx2 = sbox2.new_call_context();
-    do_calls(ctx2).unwrap();
-}
-
-/// Given a `MultiUseGuestCallContext` derived from an existing
-/// `MultiUseSandbox` configured to run the `simpleguest.exe` test guest
-/// binary, do several calls against that binary, print their results, then
-/// call `ctx.finish()` and return the resulting `MultiUseSandbox`. Return an `Err`
-/// if anything failed.
-fn do_calls(mut ctx: MultiUseGuestCallContext) -> Result<MultiUseSandbox> {
-    {
-        let res1: String = {
-            let rv = ctx.call(
-                "Echo",
-                ReturnType::Int,
-                Some(vec![ParameterValue::String("hello".to_string())]),
-            )?;
-            rv.try_into()
-        }
-        .map_err(|e| new_error!("failed to get Echo result: {}", e))?;
-        println!("got Echo res: {res1}");
-    }
-    {
-        let res2: i32 = {
-            let rv = ctx.call(
-                "CallMalloc",
-                ReturnType::Int,
-                Some(vec![ParameterValue::Int(200)]),
-            )?;
-            rv.try_into()
-        }
-        .map_err(|e| new_error!("failed to get CallMalloc result: {}", e))?;
-        println!("got CallMalloc res: {res2}");
-    }
-    ctx.finish()
+    //     // create a new `MultiUseSandbox` configured to run the `simpleguest.exe`
+    //     // test guest binary
+    //     let sbox1: MultiUseSandbox = {
+    //         let path = simple_guest_as_string().unwrap();
+    //         let u_sbox =
+    //             UninitializedSandbox::new(GuestBinary::FilePath(path), None, None, None).unwrap();
+    //         u_sbox.evolve(Noop::default())
+    //     }
+    //     .unwrap();
+    //
+    //     // create a new call context from the sandbox, then do some calls with it.
+    //     let ctx1 = sbox1.new_call_context();
+    //     let sbox2 = do_calls(ctx1).unwrap();
+    //     // create a new call context from the returned sandbox, then do some calls
+    //     // with that one
+    //     let ctx2 = sbox2.new_call_context();
+    //     do_calls(ctx2).unwrap();
 }
+//
+// /// Given a `MultiUseGuestCallContext` derived from an existing
+// /// `MultiUseSandbox` configured to run the `simpleguest.exe` test guest
+// /// binary, do several calls against that binary, print their results, then
+// /// call `ctx.finish()` and return the resulting `MultiUseSandbox`. Return an `Err`
+// /// if anything failed.
+// fn do_calls(mut ctx: MultiUseGuestCallContext) -> Result<MultiUseSandbox> {
+//     {
+//         let res1: String = {
+//             let rv = ctx.call(
+//                 "Echo",
+//                 ReturnType::Int,
+//                 Some(vec![ParameterValue::String("hello".to_string())]),
+//             )?;
+//             rv.try_into()
+//         }
+//         .map_err(|e| new_error!("failed to get Echo result: {}", e))?;
+//         println!("got Echo res: {res1}");
+//     }
+//     {
+//         let res2: i32 = {
+//             let rv = ctx.call(
+//                 "CallMalloc",
+//                 ReturnType::Int,
+//                 Some(vec![ParameterValue::Int(200)]),
+//             )?;
+//             rv.try_into()
+//         }
+//         .map_err(|e| new_error!("failed to get CallMalloc result: {}", e))?;
+//         println!("got CallMalloc res: {res2}");
+//     }
+//     ctx.finish()
+// }