From 6383d04815d9563dc168ae363066a929dbe519cd Mon Sep 17 00:00:00 2001
From: Patrick Roy <roypat@amazon.co.uk>
Date: Wed, 7 May 2025 16:29:01 +0100
Subject: [PATCH] secret_freedom: Use fixed size bounce buffer for loading
 kernel

By using a MaybeBounce with N=0 we are allocating a bounce buffer that
matches exactly the number of bytes that need to be copied into guest
memory, e.g. the size of the kernel file. This is fairly expensive
performance wise, and the spike in memory usage from the firecracker
process is also unwanted. Thus, just use a 4096 byte fixed size buffer
through which we repeatedly read+memcpy.

Signed-off-by: Patrick Roy <roypat@amazon.co.uk>
---
 src/vmm/src/builder.rs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/vmm/src/builder.rs b/src/vmm/src/builder.rs
index 68d27086a22..fbeedefa348 100644
--- a/src/vmm/src/builder.rs
+++ b/src/vmm/src/builder.rs
@@ -267,7 +267,10 @@ pub fn build_microvm_for_boot(
     vmm.vm.set_memory_private().map_err(VmmError::Vm)?;
 
     let entry_point = load_kernel(
-        MaybeBounce::new(boot_config.kernel_file.try_clone().unwrap(), secret_free),
+        MaybeBounce::<_, 4096>::new_persistent(
+            boot_config.kernel_file.try_clone().unwrap(),
+            secret_free,
+        ),
         vmm.vm.guest_memory(),
     )?;
     let initrd = match &boot_config.initrd_file {
@@ -279,7 +282,7 @@ pub fn build_microvm_for_boot(
 
             Some(InitrdConfig::from_reader(
                 vmm.vm.guest_memory(),
-                MaybeBounce::new(initrd_file.as_fd(), secret_free),
+                MaybeBounce::<_, 4096>::new_persistent(initrd_file.as_fd(), secret_free),
                 u64_to_usize(size),
             )?)
         }