CVM Guest VSM: refactor the shared/encrypted bitmaps to be partition-wide #1370

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

sluck-msft wants to merge 3 commits into microsoft:main from sluck-msft:gvsm/partition-wide-visibility-tracking

Contributor

sluck-msft commented May 16, 2025

In preparation for VTL 1 memory support for CVMs, make the shared/encrypted bitmap tracking available on a partition-level, rather than in the GuestMemoryMapping (which ends up being per-VTL). Also includes some refactoring to isolate out the bitmap logic so that it can be reused for vtl protection bitmaps.

Tested: SNP +/- guest vsm boots

sluck-msft assigned jstarks and smalis-msft

sluck-msft requested a review from a team as a code owner

May 16, 2025 17:20

sluck-msft assigned chris-oo

smalis-msft reviewed

View reviewed changes

openhcl/underhill_mem/src/init.rs Outdated Show resolved Hide resolved

sluck-msft commented

View reviewed changes

openhcl/underhill_mem/src/mapping.rs Show resolved Hide resolved

sluck-msft added 2 commits

May 20, 2025 15:08


          refactor the shared/encrypted bitmaps to be partition-wide

a678d39


          feedback: attempt to have a single source of truth for partition-wide…

1ae1a22

… objects

sluck-msft force-pushed the gvsm/partition-wide-visibility-tracking branch from 7649ac4 to 1ae1a22 Compare

May 20, 2025 22:20

chris-oo reviewed

View reviewed changes

openhcl/underhill_mem/src/mapping.rs Outdated

+              }
+              impl<'a> GuestPartitionMemoryBuilder<'a> {
+                  /// valid_bitmap_state is valid when allocating a tracking bitmap is needed

Member

chris-oo May 23, 2025

nit: usually we markdown format variables, input parameters with . so it would look something like valid_bitmap_state`, since that renders nicer in rustdoc.

openhcl/underhill_mem/src/mapping.rs

+                      })
+                  }
+                  pub fn partition_valid_memory(&self) -> Option<Arc<GuestValidMemory>> {

Member

chris-oo May 23, 2025

missing doc comments on these two?

openhcl/underhill_mem/src/mapping.rs

+                  }
+                  pub fn update_valid(&self, range: MemoryRange, state: bool) {
+                      let _lock = self.valid_bitmap_lock.lock();

Member

chris-oo May 23, 2025

why is this lock here when we don't use it at all when checking validity? what's the point?

Member

chris-oo May 23, 2025

the bitmap is already being done with an atomic update with read_at/write_at - so why the lock? don't we already have issues around TOCTOU if one VP reads the bitmap before a update call on another VP completes?

Contributor Author

sluck-msft May 23, 2025 •

edited

Loading

This lock existed in GuestMemoryMapping already, so this change only moves it around. I think the lock helps guarantee consistency just around the entire update operation, but then John's RCU change should help with synchronizing those writes with reading the bitmaps.

openhcl/underhill_mem/src/mapping.rs

                   registrar: Option<MemoryRegistrar<MshvVtlWithPolicy>>,
               }
+              #[derive(Debug)]
+              struct GuestMemoryBitmap {

Member

chris-oo May 23, 2025

doc comments?


          feedback: doc comments

9dfd455

sluck-msft added the backport_2505 label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels