Skip to content

don't let scratch region overlap with kvm apic page#1393

Merged
ludfjig merged 1 commit intohyperlight-dev:mainfrom
ludfjig:fix_overlap_nanvix
Apr 21, 2026
Merged

don't let scratch region overlap with kvm apic page#1393
ludfjig merged 1 commit intohyperlight-dev:mainfrom
ludfjig:fix_overlap_nanvix

Conversation

@ludfjig
Copy link
Copy Markdown
Contributor

@ludfjig ludfjig commented Apr 21, 2026

fixes #1389

@danbugs danbugs added the kind/enhancement For PRs adding features, improving functionality, docs, tests, etc. label Apr 21, 2026
@syntactically
Copy link
Copy Markdown
Member

syntactically commented Apr 21, 2026
edited
Loading

If it looks like there is space to move the whole region, is unconditionally moving it on i686 a simpler change? That would literally just be bumping one constant in hyperlight-common/src/arch/i686/layout.rs down below the APIC page I think.

@ludfjig
Fix scratch overlapping apic on i686
4e7d3b2 
Signed-off-by: Ludvig Liljenberg <4257730+ludfjig@users.noreply.github.com>
@ludfjig ludfjig force-pushed the fix_overlap_nanvix branch from 0bb7ce7 to 4e7d3b2 Compare April 21, 2026 15:52
@ludfjig
Copy link
Copy Markdown
Contributor Author

ludfjig commented Apr 21, 2026

If it looks like there is space to move the whole region, is unconditionally moving it on i686 a simpler change? That would literally just be bumping one constant in hyperlight-common/src/arch/i686/layout.rs down below the APIC page I think.

Changed to this instead

@ludfjig ludfjig marked this pull request as ready for review April 21, 2026 16:00
syntactically
syntactically approved these changes Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@syntactically syntactically left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ludfjig ludfjig merged commit 3fd3b7f into hyperlight-dev:main Apr 21, 2026
40 checks passed
@ppenna ppenna mentioned this pull request Apr 21, 2026
Open
ppenna added a commit to nanvix/nanvix that referenced this pull request Apr 21, 2026
@ppenna
[kernel] B: Adapt to Hyperlight MAX_GPA change
01b762b 
Bump hyperlight-common, hyperlight-host, and hyperlight-guest to rev
3fd3b7f64dcdd66d8a759cf22bd0a4633bfaf61d, which lowers i686 MAX_GPA from
0xFFFF_FFFF to 0xFEDF_FFFF to avoid EEXIST when the scratch KVM memory
slot overlaps the APIC access page at 0xFEE00000 (hyperlight-dev/hyperlight#1393).

Because the Nanvix kernel runs with identity mapping (GVA == GPA) and no
page tables translate scratch addresses, all scratch-region calculations
must use MAX_GPA rather than MAX_GVA:

- kernel/hyperlight/mod.rs: derive scratch_base_address and
  scratch_bitmap_end from MAX_GPA instead of MAX_GVA.
- kernel/hyperlight/mod.rs: patch PEB input_stack.ptr and
  output_stack.ptr at boot by subtracting the GVA-GPA delta, since the
  host writes these pointers using scratch_base_gva() (MAX_GVA) but the
  guest needs GPA-based addresses.  Filed as a follow-up upstream fix in
  hyperlight-dev/hyperlight#1403.
- kernel/hyperlight/peb.rs: read guest credits counter from MAX_GPA
  offset instead of MAX_GVA.
- uservm/hyperlight/mod.rs: remove stale hardcoded 0xFFFFF000 reference
  in scratch comment.

Update Cargo.lock accordingly.
ppenna added a commit to nanvix/nanvix that referenced this pull request Apr 21, 2026
@ppenna
[kernel] B: Adapt to Hyperlight MAX_GPA change
68757b4 
Bump hyperlight-common, hyperlight-host, and hyperlight-guest to rev
3fd3b7f64dcdd66d8a759cf22bd0a4633bfaf61d, which lowers i686 MAX_GPA from
0xFFFF_FFFF to 0xFEDF_FFFF to avoid EEXIST when the scratch KVM memory
slot overlaps the APIC access page at 0xFEE00000 (hyperlight-dev/hyperlight#1393).

Because the Nanvix kernel runs with identity mapping (GVA == GPA) and no
page tables translate scratch addresses, all scratch-region calculations
must use MAX_GPA rather than MAX_GVA:

- kernel/hyperlight/mod.rs: derive scratch_base_address and
  scratch_bitmap_end from MAX_GPA instead of MAX_GVA.
- kernel/hyperlight/mod.rs: patch PEB input_stack.ptr and
  output_stack.ptr at boot by subtracting the GVA-GPA delta, since the
  host writes these pointers using scratch_base_gva() (MAX_GVA) but the
  guest needs GPA-based addresses.  Filed as a follow-up upstream fix in
  hyperlight-dev/hyperlight#1403.
- kernel/hyperlight/peb.rs: read guest credits counter from MAX_GPA
  offset instead of MAX_GVA.
- uservm/hyperlight/mod.rs: remove stale hardcoded 0xFFFFF000 reference
  in scratch comment.

Update Cargo.lock accordingly.
ppenna added a commit to nanvix/nanvix that referenced this pull request Apr 21, 2026
@ppenna
[kernel] B: Adapt to Hyperlight MAX_GPA change
6f5d7dd 
Bump hyperlight-common, hyperlight-host, and hyperlight-guest to rev
3fd3b7f64dcdd66d8a759cf22bd0a4633bfaf61d, which lowers i686 MAX_GPA from
0xFFFF_FFFF to 0xFEDF_FFFF to avoid EEXIST when the scratch KVM memory
slot overlaps the APIC access page at 0xFEE00000 (hyperlight-dev/hyperlight#1393).

Because the Nanvix kernel runs with identity mapping (GVA == GPA) and no
page tables translate scratch addresses, all scratch-region calculations
must use MAX_GPA rather than MAX_GVA:

- kernel/hyperlight/mod.rs: derive scratch_base_address and
  scratch_bitmap_end from MAX_GPA instead of MAX_GVA.
- kernel/hyperlight/mod.rs: patch PEB input_stack.ptr and
  output_stack.ptr at boot by subtracting the GVA-GPA delta, since the
  host writes these pointers using scratch_base_gva() (MAX_GVA) but the
  guest needs GPA-based addresses.  Filed as a follow-up upstream fix in
  hyperlight-dev/hyperlight#1403.
- kernel/hyperlight/peb.rs: read guest credits counter from MAX_GPA
  offset instead of MAX_GVA.
- uservm/hyperlight/mod.rs: remove stale hardcoded 0xFFFFF000 reference
  in scratch comment.

Update Cargo.lock accordingly.
ppenna added a commit to nanvix/nanvix that referenced this pull request Apr 21, 2026
@ppenna
[kernel] B: Adapt to Hyperlight MAX_GPA change
0c32908 
Bump hyperlight-common, hyperlight-host, and hyperlight-guest to rev
3fd3b7f64dcdd66d8a759cf22bd0a4633bfaf61d, which lowers i686 MAX_GPA from
0xFFFF_FFFF to 0xFEDF_FFFF to avoid EEXIST when the scratch KVM memory
slot overlaps the APIC access page at 0xFEE00000 (hyperlight-dev/hyperlight#1393).

Because the Nanvix kernel runs with identity mapping (GVA == GPA) and no
page tables translate scratch addresses, all scratch-region calculations
must use MAX_GPA rather than MAX_GVA:

- kernel/hyperlight/mod.rs: derive scratch_base_address and
  scratch_bitmap_end from MAX_GPA instead of MAX_GVA.
- kernel/hyperlight/mod.rs: patch PEB input_stack.ptr and
  output_stack.ptr at boot by subtracting the GVA-GPA delta, since the
  host writes these pointers using scratch_base_gva() (MAX_GVA) but the
  guest needs GPA-based addresses.  Filed as a follow-up upstream fix in
  hyperlight-dev/hyperlight#1403.
- kernel/hyperlight/peb.rs: read guest credits counter from MAX_GPA
  offset instead of MAX_GVA.
- uservm/hyperlight/mod.rs: remove stale hardcoded 0xFFFFF000 reference
  in scratch comment.

Update Cargo.lock accordingly.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@syntactically syntactically syntactically approved these changes

@danbugs danbugs Awaiting requested review from danbugs danbugs is a code owner

@dblnz dblnz Awaiting requested review from dblnz dblnz is a code owner

@devigned devigned Awaiting requested review from devigned devigned is a code owner

@marosset marosset Awaiting requested review from marosset marosset is a code owner

@jprendes jprendes Awaiting requested review from jprendes jprendes is a code owner

@simongdavies simongdavies Awaiting requested review from simongdavies simongdavies is a code owner

Assignees

No one assigned

Labels

kind/enhancement For PRs adding features, improving functionality, docs, tests, etc.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Large scratch regions on KVM with hw-interrupts fail with EEXIST due to APIC access page overlap

3 participants

@ludfjig @syntactically @danbugs