Added selective environment passing for VM

Author: jounathaen

src/bin/uhyve.rs

@@ -9,7 +9,7 @@ use env_logger::Builder;
 use log::LevelFilter;
 use thiserror::Error;
 use uhyvelib::{
-	params::{CpuCount, GuestMemorySize, Output, Params},
+	params::{CpuCount, EnvVars, GuestMemorySize, Output, Params},
 	vm::UhyveVm,
 };
 
@@ -75,6 +75,14 @@ struct Args {
 	#[cfg(target_os = "linux")]
 	gdb_port: Option<u16>,
 
+	/// Environment variables of the guest as env=value paths
+	///
+	/// `-e host` passes all variables of the parent process to the kernel (discarding any other passed environment variables).
+	///
+	/// Example: --env_vars ASDF=jlk -e TERM=uhyveterm2000
+	#[clap(short, long)]
+	env_vars: Vec<String>,
+
 	#[clap(flatten, next_help_heading = "Memory OPTIONS")]
 	memory_args: MemoryArgs,
 
@@ -274,6 +282,7 @@ impl From<Args> for Params {
 			kernel_args,
 			output,
 			stats,
+			env_vars,
 		} = args;
 		Self {
 			memory_size,
@@ -298,6 +307,7 @@ impl From<Args> for Params {
 				Output::StdIo
 			},
 			stats,
+			env: EnvVars::try_from(env_vars.as_slice()).unwrap(),
 		}
 	}
 }

src/hypercall.rs

@@ -10,6 +10,7 @@ use crate::{
 	consts::BOOT_PML4,
 	isolation::filemap::UhyveFileMap,
 	mem::{MemoryError, MmapMemory},
+	params::EnvVars,
 	virt_to_phys,
 	vm::VmPeripherals,
 };
@@ -259,25 +260,34 @@ pub fn copy_argv(path: &OsStr, argv: &[String], syscmdval: &CmdvalParams, mem: &
 }
 
 /// Copies the environment variables into the VM's memory to the destinations specified in `syscmdval`.
-pub fn copy_env(syscmdval: &CmdvalParams, mem: &MmapMemory) {
-	let env_len = std::env::vars_os().count();
+pub fn copy_env(env: &EnvVars, syscmdval: &CmdvalParams, mem: &MmapMemory) {
 	let envp = mem
 		.host_address(syscmdval.envp)
 		.expect("Systemcall parameters for Cmdval are invalid") as *const GuestPhysAddr;
-	let env_addrs = unsafe { std::slice::from_raw_parts(envp, env_len) };
 
-	// Copy the environment variables into the vm memory
-	for (counter, (key, value)) in std::env::vars_os().enumerate() {
-		if counter >= MAX_ARGC_ENVC.try_into().unwrap() {
-			warn!("Environment is larger than the maximum that can be copied to the VM. Remaining environment is ignored");
-			break;
-		}
+	let env: Vec<(String, String)> = match env {
+		EnvVars::Host => std::env::vars_os()
+			.map(|(a, b)| (a.into_string().unwrap(), b.into_string().unwrap()))
+			.collect(),
+		EnvVars::Set(map) => map
+			.iter()
+			.map(|(a, b)| (a.to_owned(), b.to_owned()))
+			.collect(),
+	};
+	if env.len() >= MAX_ARGC_ENVC.try_into().unwrap() {
+		warn!("Environment is larger than the maximum that can be copied to the VM. Remaining environment is ignored");
+	}
+	let env_addrs = unsafe { std::slice::from_raw_parts(envp, env.len()) };
 
+	// Copy the environment variables into the vm memory
+	for (counter, (key, value)) in env.iter().enumerate().take(MAX_ARGC_ENVC) {
 		let len = key.len() + value.len() + 1;
 		let env_dest = unsafe {
 			mem.slice_at_mut(env_addrs[counter], len + 1)
 				.expect("Systemcall parameters for Cmdval are invalid")
 		};
+		//write_env_into_mem(env_dest, key.as_bytes(), value.as_bytes());
+		let len = key.len() + value.len() + 1;
 		env_dest[0..key.len()].copy_from_slice(key.as_bytes());
 		env_dest[key.len()] = b'=';
 		env_dest[key.len() + 1..len].copy_from_slice(value.as_bytes());

src/linux/x86_64/kvm_cpu.rs

@@ -452,7 +452,11 @@ impl VirtualCPU for KvmCpu {
 										syscmdval,
 										&self.peripherals.mem,
 									);
-									hypercall::copy_env(syscmdval, &self.peripherals.mem);
+									hypercall::copy_env(
+										&self.kernel_info.params.env,
+										syscmdval,
+										&self.peripherals.mem,
+									);
 								}
 								Hypercall::Exit(sysexit) => {
 									return Ok(VcpuStopReason::Exit(sysexit.arg));

src/macos/aarch64/vcpu.rs

@@ -256,7 +256,11 @@ impl VirtualCPU for XhyveCpu {
 										syscmdval,
 										&self.peripherals.mem,
 									);
-									copy_env(syscmdval, &self.peripherals.mem);
+									copy_env(
+										&self.kernel_info.params.env,
+										syscmdval,
+										&self.peripherals.mem,
+									);
 								}
 								Hypercall::FileClose(sysclose) => hypercall::close(sysclose),
 								Hypercall::FileLseek(syslseek) => hypercall::lseek(syslseek),

src/params.rs

@@ -1,4 +1,5 @@
 use std::{
+	collections::HashMap,
 	convert::Infallible,
 	fmt,
 	num::{NonZeroU32, ParseIntError, TryFromIntError},
@@ -46,6 +47,9 @@ pub struct Params {
 
 	/// Collect run statistics
 	pub stats: bool,
+
+	/// Environment variables of the kernel
+	pub env: EnvVars,
 }
 
 #[allow(clippy::derivable_impls)]
@@ -66,6 +70,7 @@ impl Default for Params {
 			kernel_args: Default::default(),
 			output: Default::default(),
 			stats: false,
+			env: EnvVars::default(),
 		}
 	}
 }
@@ -207,3 +212,65 @@ impl FromStr for GuestMemorySize {
 		Ok(memory_size)
 	}
 }
+
+/// Configure the kernels environment variables.
+#[derive(Debug, Clone, PartialEq)]
+pub enum EnvVars {
+	/// Pass all env vars of the host to the kernel.
+	Host,
+	/// Pass a certain set of env vars to the kernel.
+	Set(HashMap<String, String>),
+}
+impl Default for EnvVars {
+	fn default() -> Self {
+		Self::Set(HashMap::new())
+	}
+}
+impl<S: AsRef<str> + std::fmt::Debug + PartialEq<S> + From<&'static str>> TryFrom<&[S]>
+	for EnvVars
+{
+	type Error = &'static str;
+
+	fn try_from(v: &[S]) -> Result<Self, Self::Error> {
+		if v.contains(&S::from("host")) {
+			if v.len() != 1 {
+				warn!(
+					"Specifying -e host discards all other explicitly specified environment vars"
+				);
+			}
+			return Ok(Self::Host);
+		}
+
+		Ok(Self::Set(v.iter().try_fold(
+			HashMap::new(),
+			|mut acc, s| {
+				if let Some(split) = s.as_ref().split_once("=") {
+					acc.insert(split.0.to_owned(), split.1.to_owned());
+					Ok(acc)
+				} else {
+					Err("Invalid environment variables parameter format: Must be -e var=value")
+				}
+			},
+		)?))
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::*;
+
+	#[test]
+	fn test_env_vars() {
+		let strings = [String::from("ASDF=asdf"), String::from("EMOJI=🤷")];
+
+		let env_vars = EnvVars::try_from(strings.as_slice()).unwrap();
+		let EnvVars::Set(map) = env_vars else {
+			panic!();
+		};
+		assert_eq!(map.get("ASDF").unwrap(), "asdf");
+		assert_eq!(map.get("EMOJI").unwrap(), "🤷");
+
+		let env_vars = EnvVars::try_from(&["host", "OTHER=asdf"] as &[&str]).unwrap();
+		assert_eq!(env_vars, EnvVars::Host);
+	}
+}

src/vm.rs

@@ -26,7 +26,7 @@ use crate::{
 	isolation::filemap::UhyveFileMap,
 	mem::MmapMemory,
 	os::KickSignal,
-	params::Params,
+	params::{EnvVars, Params},
 	serial::{Destination, UhyveSerial},
 	stats::{CpuStats, VmStats},
 	vcpu::VirtualCPU,
@@ -348,8 +348,13 @@ fn write_fdt_into_mem(mem: &MmapMemory, params: &Params, cpu_freq: Option<NonZer
 		.memory(mem.guest_address..mem.guest_address + mem.memory_size as u64)
 		.unwrap()
 		.kernel_args(&params.kernel_args[..sep])
-		.app_args(params.kernel_args.get(sep + 1..).unwrap_or_default())
-		.envs(env::vars());
+		.app_args(params.kernel_args.get(sep + 1..).unwrap_or_default());
+
+	fdt = match &params.env {
+		EnvVars::Host => fdt.envs(env::vars()),
+		EnvVars::Set(map) => fdt.envs(map.iter().map(|(a, b)| (a.as_str(), b.as_str()))),
+	};
+
 	if let Some(tsc_khz) = cpu_freq {
 		fdt = fdt.tsc_khz(tsc_khz.into()).unwrap();
 	}

tests/env.rs

@@ -0,0 +1,76 @@
+mod common;
+
+use std::collections::HashMap;
+
+use byte_unit::{Byte, Unit};
+use common::{build_hermit_bin, check_result};
+use uhyvelib::{
+	params::{EnvVars, Output, Params},
+	vm::UhyveVm,
+};
+
+#[test]
+fn selective_env_test() {
+	env_logger::try_init().ok();
+	let bin_path = build_hermit_bin("env");
+
+	let env_vars = [
+		("ASDF".to_string(), "ASDF".to_string()),
+		("a0978gbsdf".to_string(), ";3254jgnsadfg".to_string()),
+		("EMOJI".to_string(), "🙂".to_string()),
+	];
+
+	println!("Launching kernel {}", bin_path.display());
+	let params = Params {
+		cpu_count: 2.try_into().unwrap(),
+		memory_size: Byte::from_u64_with_unit(64, Unit::MiB)
+			.unwrap()
+			.try_into()
+			.unwrap(),
+		output: Output::Buffer,
+		env: EnvVars::Set(HashMap::from(env_vars.clone())),
+		..Default::default()
+	};
+	let vm = UhyveVm::new(bin_path, params).unwrap();
+	let res = vm.run(None);
+	check_result(&res);
+	println!("{:?}", res.output.as_ref().unwrap());
+	for (key, value) in env_vars.iter() {
+		assert!(res
+			.output
+			.as_ref()
+			.unwrap()
+			.contains(&format!("ENVIRONMENT: {key}: {value}")));
+	}
+}
+
+#[test]
+fn host_env_test() {
+	env_logger::try_init().ok();
+	let bin_path = build_hermit_bin("env");
+
+	println!("Launching kernel {}", bin_path.display());
+	let params = Params {
+		cpu_count: 2.try_into().unwrap(),
+		memory_size: Byte::from_u64_with_unit(64, Unit::MiB)
+			.unwrap()
+			.try_into()
+			.unwrap(),
+		output: Output::Buffer,
+		env: EnvVars::Host,
+		..Default::default()
+	};
+	let vm = UhyveVm::new(bin_path, params).unwrap();
+	let res = vm.run(None);
+	check_result(&res);
+	println!("{:?}", res.output.as_ref().unwrap());
+
+	let common_env_vars = ["PWD", "CARGO_MANIFEST_DIR"];
+	for env in common_env_vars.iter() {
+		assert!(res
+			.output
+			.as_ref()
+			.unwrap()
+			.contains(&format!("ENVIRONMENT: {env}:")));
+	}
+}

tests/test-kernels/src/bin/env.rs

@@ -0,0 +1,11 @@
+use std::env;
+
+#[cfg(target_os = "hermit")]
+use hermit as _;
+
+fn main() {
+	println!("Environment Test");
+	for (key, value) in env::vars() {
+		println!("ENVIRONMENT: {key}: {value}");
+	}
+}