crashdump: add SandboxMetadata field that store relevant data about the sandbox

- only store the binary path for now

Signed-off-by: Doru Blânzeanu <[email protected]>

Author: dblnz

src/hyperlight_host/src/hypervisor/crashdump.rs

@@ -22,6 +22,8 @@ pub(crate) struct CrashDumpContext<'a> {
     regs: [u64; 27],
     xsave: Vec<u8>,
     entry: u64,
+    binary: Option<String>,
+    filename: Option<String>,
 }
 
 impl<'a> CrashDumpContext<'a> {
@@ -30,12 +32,16 @@ impl<'a> CrashDumpContext<'a> {
         regs: [u64; 27],
         xsave: Vec<u8>,
         entry: u64,
+        binary: Option<String>,
+        filename: Option<String>,
     ) -> Self {
         Self {
             regions,
             regs,
             xsave,
             entry,
+            binary,
+            filename,
         }
     }
 }
@@ -69,6 +75,17 @@ impl GuestView {
             })
             .collect();
 
+        // The filename and command line are set to null-terminated strings
+        let filename = ctx
+            .filename
+            .clone()
+            .map_or_else(|| "\0".to_string(), |s| format!("{}\0", s));
+
+        let cmd = ctx
+            .binary
+            .clone()
+            .map_or_else(|| "\0".to_string(), |s| format!("{}\0", s));
+
         // The xsave state is checked as it can be empty
         let mut components = vec![];
         if !ctx.xsave.is_empty() {
@@ -88,7 +105,7 @@ impl GuestView {
             tid: 1,
             uid: 0, // User ID
             gid: 0, // Group ID
-            comm: "\0".to_string(),
+            comm: filename,
             ppid: 0,    // Parent PID
             pgrp: 0,    // Process group ID
             nice: 0,    // Nice value
@@ -101,7 +118,7 @@ impl GuestView {
             session: 0, // Session ID of the process
             sighold: 0, // Blocked signal
             sigpend: 0, // Pending signal
-            cmd_line: "\0".to_string(),
+            cmd_line: cmd,
 
             arch_state: Box::new(ArchState {
                 gpr_state: ctx.regs.to_vec(),

src/hyperlight_host/src/hypervisor/hyperv_linux.rs

@@ -48,9 +48,9 @@ use mshv_bindings::{
 };
 use mshv_ioctls::{Mshv, VcpuFd, VmFd};
 use tracing::{instrument, Span};
-
 #[cfg(crashdump)]
-use super::crashdump;
+use {super::crashdump, crate::sandbox::uninitialized::SandboxMetadata, std::path::Path};
+
 use super::fpu::{FP_CONTROL_WORD_DEFAULT, FP_TAG_WORD_DEFAULT, MXCSR_DEFAULT};
 #[cfg(gdb)]
 use super::gdb::{DebugCommChannel, DebugMsg, DebugResponse, GuestDebug, MshvDebug};
@@ -296,6 +296,8 @@ pub(super) struct HypervLinuxDriver {
     debug: Option<MshvDebug>,
     #[cfg(gdb)]
     gdb_conn: Option<DebugCommChannel<DebugResponse, DebugMsg>>,
+    #[cfg(crashdump)]
+    metadata: SandboxMetadata,
 }
 
 impl HypervLinuxDriver {
@@ -314,6 +316,7 @@ impl HypervLinuxDriver {
         rsp_ptr: GuestPtr,
         pml4_ptr: GuestPtr,
         #[cfg(gdb)] gdb_conn: Option<DebugCommChannel<DebugResponse, DebugMsg>>,
+        #[cfg(crashdump)] metadata: SandboxMetadata,
     ) -> Result<Self> {
         let mshv = Mshv::new()?;
         let pr = Default::default();
@@ -393,6 +396,8 @@ impl HypervLinuxDriver {
             debug,
             #[cfg(gdb)]
             gdb_conn,
+            #[cfg(crashdump)]
+            metadata,
         })
     }
 
@@ -696,11 +701,20 @@ impl Hypervisor for HypervLinuxDriver {
         regs[25] = sregs.fs.selector as u64; // fs
         regs[26] = sregs.gs.selector as u64; // gs
 
+        // Get the filename from the binary path
+        let filename = self.metadata.binary_path.clone().and_then(|path| {
+            Path::new(&path)
+                .file_name()
+                .and_then(|name| name.to_os_string().into_string().ok())
+        });
+
         Ok(crashdump::CrashDumpContext::new(
             &self.mem_regions,
             regs,
             xsave.buffer.to_vec(),
             self.entrypoint,
+            self.metadata.binary_path.clone(),
+            filename,
         ))
     }
 
@@ -821,6 +835,8 @@ mod tests {
             pml4_ptr,
             #[cfg(gdb)]
             None,
+            #[cfg(crashdump)]
+            SandboxMetadata { binary_path: None },
         )
         .unwrap();
     }

src/hyperlight_host/src/hypervisor/hyperv_windows.rs

@@ -27,9 +27,9 @@ use windows::Win32::System::Hypervisor::{
     WHV_MEMORY_ACCESS_TYPE, WHV_PARTITION_HANDLE, WHV_REGISTER_VALUE, WHV_RUN_VP_EXIT_CONTEXT,
     WHV_RUN_VP_EXIT_REASON, WHV_X64_SEGMENT_REGISTER, WHV_X64_SEGMENT_REGISTER_0,
 };
-
 #[cfg(crashdump)]
-use super::crashdump;
+use {super::crashdump, crate::sandbox::uninitialized::SandboxMetadata, std::path::Path};
+
 use super::fpu::{FP_TAG_WORD_DEFAULT, MXCSR_DEFAULT};
 #[cfg(gdb)]
 use super::handlers::DbgMemAccessHandlerWrapper;
@@ -58,6 +58,8 @@ pub(crate) struct HypervWindowsDriver {
     entrypoint: u64,
     orig_rsp: GuestPtr,
     mem_regions: Vec<MemoryRegion>,
+    #[cfg(crashdump)]
+    metadata: SandboxMetadata,
 }
 /* This does not automatically impl Send/Sync because the host
  * address of the shared memory region is a raw pointer, which are
@@ -68,6 +70,7 @@ unsafe impl Send for HypervWindowsDriver {}
 unsafe impl Sync for HypervWindowsDriver {}
 
 impl HypervWindowsDriver {
+    #[allow(clippy::too_many_arguments)]
     #[instrument(err(Debug), skip_all, parent = Span::current(), level = "Trace")]
     pub(crate) fn new(
         mem_regions: Vec<MemoryRegion>,
@@ -77,6 +80,7 @@ impl HypervWindowsDriver {
         entrypoint: u64,
         rsp: u64,
         mmap_file_handle: HandleWrapper,
+        #[cfg(crashdump)] metadata: SandboxMetadata,
     ) -> Result<Self> {
         // create and setup hypervisor partition
         let mut partition = VMPartition::new(1)?;
@@ -104,6 +108,8 @@ impl HypervWindowsDriver {
             entrypoint,
             orig_rsp: GuestPtr::try_from(RawPtr::from(rsp))?,
             mem_regions,
+            #[cfg(crashdump)]
+            metadata,
         })
     }
 
@@ -525,11 +531,20 @@ impl Hypervisor for HypervWindowsDriver {
         regs[25] = unsafe { sregs.fs.Segment.Selector } as u64; // fs
         regs[26] = unsafe { sregs.gs.Segment.Selector } as u64; // gs
 
+        // Get the filename from the metadata
+        let filename = self.metadata.binary_path.clone().and_then(|path| {
+            Path::new(&path)
+                .file_name()
+                .and_then(|name| name.to_os_string().into_string().ok())
+        });
+
         Ok(crashdump::CrashDumpContext::new(
             &self.mem_regions,
             regs,
             xsave,
             self.entrypoint,
+            self.metadata.binary_path.clone(),
+            filename,
         ))
     }
 }

src/hyperlight_host/src/hypervisor/hypervisor_handler.rs

@@ -51,6 +51,8 @@ use crate::mem::shared_mem::{GuestSharedMemory, HostSharedMemory, SharedMemory};
 #[cfg(gdb)]
 use crate::sandbox::config::DebugInfo;
 use crate::sandbox::hypervisor::{get_available_hypervisor, HypervisorType};
+#[cfg(crashdump)]
+use crate::sandbox::uninitialized::SandboxMetadata;
 #[cfg(target_os = "linux")]
 use crate::signal_handlers::setup_signal_handlers;
 use crate::HyperlightError::{
@@ -238,6 +240,7 @@ impl HypervisorHandler {
         &mut self,
         sandbox_memory_manager: SandboxMemoryManager<GuestSharedMemory>,
         #[cfg(gdb)] debug_info: Option<DebugInfo>,
+        #[cfg(crashdump)] metadata: SandboxMetadata,
     ) -> Result<()> {
         let configuration = self.configuration.clone();
         #[cfg(target_os = "windows")]
@@ -304,6 +307,8 @@ impl HypervisorHandler {
                                         configuration.outb_handler.clone(),
                                         #[cfg(gdb)]
                                         &debug_info,
+                                        #[cfg(crashdump)]
+                                        &metadata,
                                     )?);
                                 }
                                 let hv = hv.as_mut().ok_or_else(|| new_error!("Hypervisor not set"))?;
@@ -835,6 +840,7 @@ fn set_up_hypervisor_partition(
     #[allow(unused_variables)] // parameter only used for in-process mode
     outb_handler: OutBHandlerWrapper,
     #[cfg(gdb)] debug_info: &Option<DebugInfo>,
+    #[cfg(crashdump)] metadata: &SandboxMetadata,
 ) -> Result<Box<dyn Hypervisor>> {
     let mem_size = u64::try_from(mgr.shared_mem.mem_size())?;
     let mut regions = mgr.layout.get_memory_regions(&mgr.shared_mem)?;
@@ -924,6 +930,8 @@ fn set_up_hypervisor_partition(
                     pml4_ptr,
                     #[cfg(gdb)]
                     gdb_conn,
+                    #[cfg(crashdump)]
+                    metadata.clone(),
                 )?;
                 Ok(Box::new(hv))
             }
@@ -937,6 +945,8 @@ fn set_up_hypervisor_partition(
                     rsp_ptr.absolute()?,
                     #[cfg(gdb)]
                     gdb_conn,
+                    #[cfg(crashdump)]
+                    metadata.clone(),
                 )?;
                 Ok(Box::new(hv))
             }
@@ -954,6 +964,8 @@ fn set_up_hypervisor_partition(
                     entrypoint_ptr.absolute()?,
                     rsp_ptr.absolute()?,
                     HandleWrapper::from(mmap_file_handle),
+                    #[cfg(crashdump)]
+                    metadata.clone(),
                 )?;
                 Ok(Box::new(hv))
             }

src/hyperlight_host/src/hypervisor/kvm.rs

@@ -24,9 +24,9 @@ use kvm_ioctls::Cap::UserMemory;
 use kvm_ioctls::{Kvm, VcpuExit, VcpuFd, VmFd};
 use log::LevelFilter;
 use tracing::{instrument, Span};
-
 #[cfg(crashdump)]
-use super::crashdump;
+use {super::crashdump, crate::sandbox::uninitialized::SandboxMetadata, std::path::Path};
+
 use super::fpu::{FP_CONTROL_WORD_DEFAULT, FP_TAG_WORD_DEFAULT, MXCSR_DEFAULT};
 #[cfg(gdb)]
 use super::gdb::{DebugCommChannel, DebugMsg, DebugResponse, GuestDebug, KvmDebug, VcpuStopReason};
@@ -288,6 +288,8 @@ pub(super) struct KVMDriver {
     debug: Option<KvmDebug>,
     #[cfg(gdb)]
     gdb_conn: Option<DebugCommChannel<DebugResponse, DebugMsg>>,
+    #[cfg(crashdump)]
+    metadata: SandboxMetadata,
 }
 
 impl KVMDriver {
@@ -301,6 +303,7 @@ impl KVMDriver {
         entrypoint: u64,
         rsp: u64,
         #[cfg(gdb)] gdb_conn: Option<DebugCommChannel<DebugResponse, DebugMsg>>,
+        #[cfg(crashdump)] metadata: SandboxMetadata,
     ) -> Result<Self> {
         let kvm = Kvm::new()?;
 
@@ -352,6 +355,8 @@ impl KVMDriver {
             debug,
             #[cfg(gdb)]
             gdb_conn,
+            #[cfg(crashdump)]
+            metadata,
         };
 
         Ok(ret)
@@ -620,6 +625,13 @@ impl Hypervisor for KVMDriver {
         regs[25] = sregs.fs.selector as u64; // fs
         regs[26] = sregs.gs.selector as u64; // gs
 
+        // Get the filename from the metadata
+        let filename = self.metadata.binary_path.clone().and_then(|path| {
+            Path::new(&path)
+                .file_name()
+                .and_then(|name| name.to_os_string().into_string().ok())
+        });
+
         // The [`CrashDumpContext`] accepts xsave as a vector of u8, so we need to convert the
         // xsave region to a vector of u8
         Ok(crashdump::CrashDumpContext::new(
@@ -632,6 +644,8 @@ impl Hypervisor for KVMDriver {
                 acc
             }),
             self.entrypoint,
+            self.metadata.binary_path.clone(),
+            filename,
         ))
     }
 

src/hyperlight_host/src/hypervisor/mod.rs

@@ -350,6 +350,8 @@ pub(crate) mod tests {
     };
     use crate::mem::ptr::RawPtr;
     use crate::sandbox::uninitialized::GuestBinary;
+    #[cfg(crashdump)]
+    use crate::sandbox::uninitialized::SandboxMetadata;
     use crate::sandbox::{SandboxConfiguration, UninitializedSandbox};
     use crate::{new_error, Result};
 
@@ -411,6 +413,8 @@ pub(crate) mod tests {
             gshm,
             #[cfg(gdb)]
             None,
+            #[cfg(crashdump)]
+            SandboxMetadata { binary_path: None },
         )?;
 
         hv_handler.execute_hypervisor_handler_action(HypervisorHandlerAction::Initialise)

src/hyperlight_host/src/sandbox/uninitialized.rs

@@ -39,6 +39,12 @@ use crate::sandbox_state::sandbox::EvolvableSandbox;
 use crate::sandbox_state::transition::Noop;
 use crate::{log_build_details, log_then_return, new_error, MultiUseSandbox, Result};
 
+#[cfg(crashdump)]
+#[derive(Clone, Debug, Default)]
+pub(crate) struct SandboxMetadata {
+    pub(crate) binary_path: Option<String>,
+}
+
 /// A preliminary `Sandbox`, not yet ready to execute guest code.
 ///
 /// Prior to initializing a full-fledged `Sandbox`, you must create one of
@@ -58,6 +64,8 @@ pub struct UninitializedSandbox {
     pub(crate) max_guest_log_level: Option<LevelFilter>,
     #[cfg(gdb)]
     pub(crate) debug_info: Option<DebugInfo>,
+    #[cfg(crashdump)]
+    pub(crate) metadata: SandboxMetadata,
 }
 
 impl crate::sandbox_state::sandbox::UninitializedSandbox for UninitializedSandbox {
@@ -142,15 +150,25 @@ impl UninitializedSandbox {
                 let path = Path::new(&binary_path)
                     .canonicalize()
                     .map_err(|e| new_error!("GuestBinary not found: '{}': {}", binary_path, e))?;
-                GuestBinary::FilePath(
-                    path.into_os_string()
-                        .into_string()
-                        .map_err(|e| new_error!("Error converting OsString to String: {:?}", e))?,
-                )
+                let path = path
+                    .into_os_string()
+                    .into_string()
+                    .map_err(|e| new_error!("Error converting OsString to String: {:?}", e))?;
+
+                GuestBinary::FilePath(path)
             }
             buffer @ GuestBinary::Buffer(_) => buffer,
         };
 
+        #[cfg(crashdump)]
+        let metadata = if let GuestBinary::FilePath(ref path) = guest_binary {
+            SandboxMetadata {
+                binary_path: Some(path.clone()),
+            }
+        } else {
+            SandboxMetadata::default()
+        };
+
         let run_opts = sandbox_run_options.unwrap_or_default();
 
         let run_inprocess = run_opts.in_process();
@@ -200,6 +218,8 @@ impl UninitializedSandbox {
             max_guest_log_level: None,
             #[cfg(gdb)]
             debug_info,
+            #[cfg(crashdump)]
+            metadata,
         };
 
         // TODO: These only here to accommodate some writer functions.