ebpf-for-windows/libs/ebpfnetsh/elf.cpp

// Copyright (c) Microsoft Corporation
// SPDX-License-Identifier: MIT

#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <iomanip>
#include <locale>
#include <netsh.h>
#include "elf.h"
#include "tlv.h"
#include "tokens.h"
#include "utilities.h"

TOKEN_VALUE g_LevelEnum[2] = {
    {L"normal", VL_NORMAL},
    {L"verbose", VL_VERBOSE},
};

DWORD
handle_ebpf_show_disassembly(
    LPCWSTR machine, LPWSTR* argv, DWORD current_index, DWORD argc, DWORD flags, LPCVOID data, BOOL* done)
{
    UNREFERENCED_PARAMETER(machine);
    UNREFERENCED_PARAMETER(flags);
    UNREFERENCED_PARAMETER(data);
    UNREFERENCED_PARAMETER(done);

    TAG_TYPE tags[] = {
        {TOKEN_FILENAME, NS_REQ_PRESENT, FALSE},
        {TOKEN_SECTION, NS_REQ_ZERO, FALSE},
    };
    ULONG tag_type[_countof(tags)] = {0};

    ULONG status =
        PreprocessCommand(nullptr, argv, current_index, argc, tags, _countof(tags), 0, _countof(tags), tag_type);

    std::string filename;
    std::string section = ""; // Use the first code section by default.
    for (int i = 0; (status == NO_ERROR) && ((i + current_index) < argc); i++) {
        switch (tag_type[i]) {
        case 0: // FILENAME
        {
            filename = down_cast_from_wstring(std::wstring(argv[current_index + i]));
            break;
        }
        case 1: // SECTION
        {
            section = down_cast_from_wstring(std::wstring(argv[current_index + i]));
            break;
        }
        default:
            status = ERROR_INVALID_SYNTAX;
            break;
        }
    }
    if (status != NO_ERROR) {
        return status;
    }

    const char* disassembly = nullptr;
    const char* error_message = nullptr;
    if (ebpf_api_elf_disassemble_section(filename.c_str(), section.c_str(), &disassembly, &error_message) != 0) {
        std::cerr << error_message << std::endl;
        ebpf_free_string(error_message);
        return ERROR_SUPPRESS_OUTPUT;
    } else {
        std::cout << disassembly << std::endl;
        ebpf_free_string(disassembly);
        return NO_ERROR;
    }
}

DWORD
handle_ebpf_show_sections(
    LPCWSTR machine, LPWSTR* argv, DWORD current_index, DWORD argc, DWORD flags, LPCVOID data, BOOL* done)
{
    UNREFERENCED_PARAMETER(machine);
    UNREFERENCED_PARAMETER(flags);
    UNREFERENCED_PARAMETER(data);
    UNREFERENCED_PARAMETER(done);

    TAG_TYPE tags[] = {
        {TOKEN_FILENAME, NS_REQ_PRESENT, FALSE},
        {TOKEN_SECTION, NS_REQ_ZERO, FALSE},
        {TOKEN_LEVEL, NS_REQ_ZERO, FALSE},
    };
    ULONG tag_type[_countof(tags)] = {0};

    ULONG status =
        PreprocessCommand(nullptr, argv, current_index, argc, tags, _countof(tags), 0, _countof(tags), tag_type);

    VERBOSITY_LEVEL level = VL_NORMAL;
    std::string filename;
    std::string section;
    for (int i = 0; (status == NO_ERROR) && ((i + current_index) < argc); i++) {
        switch (tag_type[i]) {
        case 0: // FILENAME
        {
            filename = down_cast_from_wstring(std::wstring(argv[current_index + i]));
            break;
        }
        case 1: // SECTION
        {
            section = down_cast_from_wstring(std::wstring(argv[current_index + i]));
            break;
        }
        case 2: // LEVEL
            status = MatchEnumTag(NULL, argv[current_index + i], _countof(g_LevelEnum), g_LevelEnum, (PULONG)&level);
            if (status != NO_ERROR) {
                status = ERROR_INVALID_PARAMETER;
            }
            break;

        default:
            status = ERROR_INVALID_SYNTAX;
            break;
        }
    }

    if (status != NO_ERROR) {
        return status;
    }

    // If the user specified a section and no level, default to verbose.
    if (tags[1].bPresent && !tags[2].bPresent) {
        level = VL_VERBOSE;
    }

    const tlv_type_length_value_t* section_data = nullptr;

    const char* error_message = nullptr;
    if (ebpf_api_elf_enumerate_sections(
            filename.c_str(), section.c_str(), level == VL_VERBOSE, &section_data, &error_message) != 0) {
        std::cerr << error_message << std::endl;
        ebpf_free_string(error_message);
        ebpf_api_elf_free(section_data);
        return ERROR_SUPPRESS_OUTPUT;
    }

    if (level == VL_NORMAL) {
        std::cout << "\n";
        std::cout << "             Section       Type  # Maps    Size\n";
        std::cout << "====================  =========  ======  ======\n";
    }
    for (auto current_section = tlv_child(section_data); current_section != tlv_next(section_data);
         current_section = tlv_next(current_section)) {
        auto section_name = tlv_child(current_section);
        auto type = tlv_next(section_name);
        auto map_count = tlv_next(type);
        auto program_bytes = tlv_next(map_count);
        auto stats_section = tlv_next(program_bytes);
        if (level == VL_NORMAL) {
            std::cout << std::setw(20) << std::right << tlv_value<std::string>(section_name) << "  " << std::setw(9)
                      << tlv_value<std::string>(type) << "  " << std::setw(6) << tlv_value<size_t>(map_count) << "  "
                      << std::setw(6) << (program_bytes->length - offsetof(tlv_type_length_value_t, value)) / 8 << "\n";
        } else {
            std::cout << "\n";
            std::cout << "Section      : " << tlv_value<std::string>(section_name) << "\n";
            std::cout << "Program Type : " << tlv_value<std::string>(type) << "\n";
            std::cout << "# Maps       : " << tlv_value<size_t>(map_count) << "\n";
            std::cout << "Size         : " << (program_bytes->length - offsetof(tlv_type_length_value_t, value)) / 8
                      << " instructions\n";
            for (auto stat = tlv_child(stats_section); stat != tlv_next(current_section); stat = tlv_next(stat)) {
                auto key = tlv_child(stat);
                auto value = tlv_next(key);
                std::cout << std::setw(13) << std::left << tlv_value<std::string>(key) << ": " << tlv_value<int>(value)
                          << "\n";
            }
        }
    }

    ebpf_api_elf_free(section_data);
    return NO_ERROR;
}

DWORD
handle_ebpf_show_verification(
    LPCWSTR machine, LPWSTR* argv, DWORD current_index, DWORD argc, DWORD flags, LPCVOID data, BOOL* done)
{
    UNREFERENCED_PARAMETER(machine);
    UNREFERENCED_PARAMETER(flags);
    UNREFERENCED_PARAMETER(data);
    UNREFERENCED_PARAMETER(done);

    TAG_TYPE tags[] = {
        {TOKEN_FILENAME, NS_REQ_PRESENT, FALSE},
        {TOKEN_SECTION, NS_REQ_ZERO, FALSE},
        {TOKEN_LEVEL, NS_REQ_ZERO, FALSE},
    };
    ULONG tag_type[_countof(tags)] = {0};

    ULONG status =
        PreprocessCommand(nullptr, argv, current_index, argc, tags, _countof(tags), 0, _countof(tags), tag_type);

    VERBOSITY_LEVEL level = VL_NORMAL;
    std::string filename;
    std::string section = ""; // Use the first code section by default.
    for (int i = 0; (status == NO_ERROR) && ((i + current_index) < argc); i++) {
        switch (tag_type[i]) {
        case 0: // FILENAME
        {
            filename = down_cast_from_wstring(std::wstring(argv[current_index + i]));
            break;
        }
        case 1: // SECTION
        {
            section = down_cast_from_wstring(std::wstring(argv[current_index + i]));
            break;
        }
        case 2: // LEVEL
        {
            status = MatchEnumTag(NULL, argv[current_index + i], _countof(g_LevelEnum), g_LevelEnum, (PULONG)&level);
            if (status != NO_ERROR) {
                status = ERROR_INVALID_PARAMETER;
            }
            break;
        }
        default:
            status = ERROR_INVALID_SYNTAX;
            break;
        }
    }
    if (status != NO_ERROR) {
        return status;
    }

    const char* report;
    const char* error_message;
    ebpf_api_verifier_stats_t stats;

    status = ebpf_api_elf_verify_section(
        filename.c_str(), section.c_str(), level == VL_VERBOSE, &report, &error_message, &stats);
    if (status == ERROR_SUCCESS) {
        std::cout << report;
        std::cout << "\nProgram terminates within " << stats.max_instruction_count << " instructions\n";
        return NO_ERROR;
    } else {
        if (error_message) {
            std::cerr << error_message << std::endl;
        }
        if (report) {
            std::cerr << "\nVerification report:\n" << report;
            std::cerr << stats.total_warnings << " errors\n\n";
        }
        ebpf_free_string(error_message);
        ebpf_free_string(report);
        return ERROR_SUPPRESS_OUTPUT;
    }
}
Switch to approved license header format (#268) * Switch to approved license header format Signed-off-by: Alan Jowett <alanjo@microsoft.com> 2021-06-10 22:02:00 +03:00			`// Copyright (c) Microsoft Corporation`
			`// SPDX-License-Identifier: MIT`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`#define WIN32_LEAN_AND_MEAN`
Fix build by restoring header ordering dependencies and turning off sort Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-10 03:25:24 +03:00			`#include <windows.h>`
Automated code formatting pass All changes in this PR were automatically generated by a code formatting script that is in the master branch. The style is configurable so if there's something you don't like we can discuss, but today there is not a consistent style across the repo, and often not even consistent within a file. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-10 01:54:03 +03:00			`#include <iomanip>`
			`#include <locale>`
			`#include <netsh.h>`
Fix build by restoring header ordering dependencies and turning off sort Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-10 03:25:24 +03:00			`#include "elf.h"`
			`#include "tlv.h"`
			`#include "tokens.h"`
support interface parameter for loading XDP program in netsh ebpf con… (#790) * support interface parameter for loading XDP program in netsh ebpf context. * PR Feedback. * PR Feedback. 2022-03-10 03:15:58 +03:00			`#include "utilities.h"`
Use the Prevail master branch Moves Windows platform files into the internal repo. Also adds ebpf_windows.h file to centralize defines that were previously duplicated in at least three places. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-02 21:45:34 +03:00
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`TOKEN_VALUE g_LevelEnum[2] = {`
Automated code formatting pass All changes in this PR were automatically generated by a code formatting script that is in the master branch. The style is configurable so if there's something you don't like we can discuss, but today there is not a consistent style across the repo, and often not even consistent within a file. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-10 01:54:03 +03:00			`{L"normal", VL_NORMAL},`
			`{L"verbose", VL_VERBOSE},`
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`};`

Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`DWORD`
			`handle_ebpf_show_disassembly(`
			`LPCWSTR machine, LPWSTR* argv, DWORD current_index, DWORD argc, DWORD flags, LPCVOID data, BOOL* done)`
			`{`
			`UNREFERENCED_PARAMETER(machine);`
			`UNREFERENCED_PARAMETER(flags);`
			`UNREFERENCED_PARAMETER(data);`
			`UNREFERENCED_PARAMETER(done);`

			`TAG_TYPE tags[] = {`
			`{TOKEN_FILENAME, NS_REQ_PRESENT, FALSE},`
			`{TOKEN_SECTION, NS_REQ_ZERO, FALSE},`
			`};`
			`ULONG tag_type[_countof(tags)] = {0};`

			`ULONG status =`
			`PreprocessCommand(nullptr, argv, current_index, argc, tags, _countof(tags), 0, _countof(tags), tag_type);`

			`std::string filename;`
			`std::string section = ""; // Use the first code section by default.`
			`for (int i = 0; (status == NO_ERROR) && ((i + current_index) < argc); i++) {`
			`switch (tag_type[i]) {`
			`case 0: // FILENAME`
			`{`
			`filename = down_cast_from_wstring(std::wstring(argv[current_index + i]));`
			`break;`
			`}`
			`case 1: // SECTION`
			`{`
			`section = down_cast_from_wstring(std::wstring(argv[current_index + i]));`
			`break;`
			`}`
			`default:`
			`status = ERROR_INVALID_SYNTAX;`
			`break;`
			`}`
Update to use latest verifier fixes and error messages Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-02-27 02:36:50 +03:00			`}`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`if (status != NO_ERROR) {`
			`return status;`
Automated code formatting pass All changes in this PR were automatically generated by a code formatting script that is in the master branch. The style is configurable so if there's something you don't like we can discuss, but today there is not a consistent style across the repo, and often not even consistent within a file. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-10 01:54:03 +03:00			`}`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00
			`const char* disassembly = nullptr;`
			`const char* error_message = nullptr;`
			`if (ebpf_api_elf_disassemble_section(filename.c_str(), section.c_str(), &disassembly, &error_message) != 0) {`
			`std::cerr << error_message << std::endl;`
Add ebpf public APIs - #1 (#290) * add ebpf_program_load(), few other APIs 2021-06-23 06:42:18 +03:00			`ebpf_free_string(error_message);`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`return ERROR_SUPPRESS_OUTPUT;`
			`} else {`
			`std::cout << disassembly << std::endl;`
Add ebpf public APIs - #1 (#290) * add ebpf_program_load(), few other APIs 2021-06-23 06:42:18 +03:00			`ebpf_free_string(disassembly);`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`return NO_ERROR;`
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`}`
			`}`

Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`DWORD`
			`handle_ebpf_show_sections(`
			`LPCWSTR machine, LPWSTR* argv, DWORD current_index, DWORD argc, DWORD flags, LPCVOID data, BOOL* done)`
			`{`
			`UNREFERENCED_PARAMETER(machine);`
			`UNREFERENCED_PARAMETER(flags);`
			`UNREFERENCED_PARAMETER(data);`
			`UNREFERENCED_PARAMETER(done);`

			`TAG_TYPE tags[] = {`
			`{TOKEN_FILENAME, NS_REQ_PRESENT, FALSE},`
			`{TOKEN_SECTION, NS_REQ_ZERO, FALSE},`
			`{TOKEN_LEVEL, NS_REQ_ZERO, FALSE},`
			`};`
			`ULONG tag_type[_countof(tags)] = {0};`

			`ULONG status =`
			`PreprocessCommand(nullptr, argv, current_index, argc, tags, _countof(tags), 0, _countof(tags), tag_type);`

			`VERBOSITY_LEVEL level = VL_NORMAL;`
			`std::string filename;`
			`std::string section;`
			`for (int i = 0; (status == NO_ERROR) && ((i + current_index) < argc); i++) {`
			`switch (tag_type[i]) {`
			`case 0: // FILENAME`
			`{`
			`filename = down_cast_from_wstring(std::wstring(argv[current_index + i]));`
			`break;`
			`}`
			`case 1: // SECTION`
			`{`
			`section = down_cast_from_wstring(std::wstring(argv[current_index + i]));`
			`break;`
			`}`
			`case 2: // LEVEL`
			`status = MatchEnumTag(NULL, argv[current_index + i], _countof(g_LevelEnum), g_LevelEnum, (PULONG)&level);`
			`if (status != NO_ERROR) {`
			`status = ERROR_INVALID_PARAMETER;`
			`}`
			`break;`

			`default:`
			`status = ERROR_INVALID_SYNTAX;`
			`break;`
			`}`
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`}`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00
			`if (status != NO_ERROR) {`
			`return status;`
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`}`

Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`// If the user specified a section and no level, default to verbose.`
			`if (tags[1].bPresent && !tags[2].bPresent) {`
			`level = VL_VERBOSE;`
			`}`
Merged PR 4205230: Move all parsing and verification to ebpfapi from netsh helper Move all parsing and verification to ebpfapi from netsh helper 2021-03-05 21:49:25 +03:00
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`const tlv_type_length_value_t* section_data = nullptr;`
Automated code formatting pass All changes in this PR were automatically generated by a code formatting script that is in the master branch. The style is configurable so if there's something you don't like we can discuss, but today there is not a consistent style across the repo, and often not even consistent within a file. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-03-10 01:54:03 +03:00
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`const char* error_message = nullptr;`
			`if (ebpf_api_elf_enumerate_sections(`
			`filename.c_str(), section.c_str(), level == VL_VERBOSE, &section_data, &error_message) != 0) {`
			`std::cerr << error_message << std::endl;`
Add ebpf public APIs - #1 (#290) * add ebpf_program_load(), few other APIs 2021-06-23 06:42:18 +03:00			`ebpf_free_string(error_message);`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`ebpf_api_elf_free(section_data);`
			`return ERROR_SUPPRESS_OUTPUT;`
			`}`
Update to use latest verifier fixes and error messages Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-02-27 02:36:50 +03:00
Merged PR 4205675: Add option to execute eBPF program via JIT or interpreter Add option to execute eBPF program via JIT or interpreter 2021-03-06 01:47:18 +03:00			`if (level == VL_NORMAL) {`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`std::cout << "\n";`
Fix netsh display of program type (#226) Since the program type changed from int to GUID the display has been broken (it displays a useless pointer value). This fix makes it display the string name of the type. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-05-26 08:05:03 +03:00			`std::cout << " Section Type # Maps Size\n";`
			`std::cout << "==================== ========= ====== ======\n";`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`}`
			`for (auto current_section = tlv_child(section_data); current_section != tlv_next(section_data);`
			`current_section = tlv_next(current_section)) {`
			`auto section_name = tlv_child(current_section);`
			`auto type = tlv_next(section_name);`
			`auto map_count = tlv_next(type);`
			`auto program_bytes = tlv_next(map_count);`
Fix instruction count computation (#26) The instruction count is shown twice, with both numbers incorrect. This PR fixes the first one. The second one comes from the stats section which is off by one since it counts "entry:", which is also why the Prevail "check" tool skips printing it. I'm following up separately to see if that one can just be removed. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-16 18:58:37 +03:00			`auto stats_section = tlv_next(program_bytes);`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`if (level == VL_NORMAL) {`
Fix netsh display of program type (#226) Since the program type changed from int to GUID the display has been broken (it displays a useless pointer value). This fix makes it display the string name of the type. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-05-26 08:05:03 +03:00			`std::cout << std::setw(20) << std::right << tlv_value<std::string>(section_name) << " " << std::setw(9)`
			`<< tlv_value<std::string>(type) << " " << std::setw(6) << tlv_value<size_t>(map_count) << " "`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`<< std::setw(6) << (program_bytes->length - offsetof(tlv_type_length_value_t, value)) / 8 << "\n";`
			`} else {`
			`std::cout << "\n";`
			`std::cout << "Section : " << tlv_value<std::string>(section_name) << "\n";`
Fix netsh display of program type (#226) Since the program type changed from int to GUID the display has been broken (it displays a useless pointer value). This fix makes it display the string name of the type. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-05-26 08:05:03 +03:00			`std::cout << "Program Type : " << tlv_value<std::string>(type) << "\n";`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`std::cout << "# Maps : " << tlv_value<size_t>(map_count) << "\n";`
Fix instruction count computation (#26) The instruction count is shown twice, with both numbers incorrect. This PR fixes the first one. The second one comes from the stats section which is off by one since it counts "entry:", which is also why the Prevail "check" tool skips printing it. I'm following up separately to see if that one can just be removed. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-16 18:58:37 +03:00			`std::cout << "Size : " << (program_bytes->length - offsetof(tlv_type_length_value_t, value)) / 8`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`<< " instructions\n";`
Fix instruction count computation (#26) The instruction count is shown twice, with both numbers incorrect. This PR fixes the first one. The second one comes from the stats section which is off by one since it counts "entry:", which is also why the Prevail "check" tool skips printing it. I'm following up separately to see if that one can just be removed. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-16 18:58:37 +03:00			`for (auto stat = tlv_child(stats_section); stat != tlv_next(current_section); stat = tlv_next(stat)) {`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`auto key = tlv_child(stat);`
			`auto value = tlv_next(key);`
			`std::cout << std::setw(13) << std::left << tlv_value<std::string>(key) << ": " << tlv_value<int>(value)`
			`<< "\n";`
			`}`
			`}`
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`}`
Merged PR 4205675: Add option to execute eBPF program via JIT or interpreter Add option to execute eBPF program via JIT or interpreter 2021-03-06 01:47:18 +03:00
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`ebpf_api_elf_free(section_data);`
			`return NO_ERROR;`
Added "show sections" and "show disassembly" commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 05:39:40 +03:00			`}`

Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`DWORD`
			`handle_ebpf_show_verification(`
			`LPCWSTR machine, LPWSTR* argv, DWORD current_index, DWORD argc, DWORD flags, LPCVOID data, BOOL* done)`
			`{`
			`UNREFERENCED_PARAMETER(machine);`
			`UNREFERENCED_PARAMETER(flags);`
			`UNREFERENCED_PARAMETER(data);`
			`UNREFERENCED_PARAMETER(done);`

			`TAG_TYPE tags[] = {`
			`{TOKEN_FILENAME, NS_REQ_PRESENT, FALSE},`
			`{TOKEN_SECTION, NS_REQ_ZERO, FALSE},`
Add option to show verbose verifier output (#38) Fixes #20 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-17 23:09:43 +03:00			`{TOKEN_LEVEL, NS_REQ_ZERO, FALSE},`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`};`
			`ULONG tag_type[_countof(tags)] = {0};`

			`ULONG status =`
			`PreprocessCommand(nullptr, argv, current_index, argc, tags, _countof(tags), 0, _countof(tags), tag_type);`

Add option to show verbose verifier output (#38) Fixes #20 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-17 23:09:43 +03:00			`VERBOSITY_LEVEL level = VL_NORMAL;`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`std::string filename;`
			`std::string section = ""; // Use the first code section by default.`
			`for (int i = 0; (status == NO_ERROR) && ((i + current_index) < argc); i++) {`
			`switch (tag_type[i]) {`
			`case 0: // FILENAME`
			`{`
			`filename = down_cast_from_wstring(std::wstring(argv[current_index + i]));`
			`break;`
			`}`
			`case 1: // SECTION`
			`{`
			`section = down_cast_from_wstring(std::wstring(argv[current_index + i]));`
			`break;`
			`}`
Add option to show verbose verifier output (#38) Fixes #20 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-17 23:09:43 +03:00			`case 2: // LEVEL`
			`{`
			`status = MatchEnumTag(NULL, argv[current_index + i], _countof(g_LevelEnum), g_LevelEnum, (PULONG)&level);`
			`if (status != NO_ERROR) {`
			`status = ERROR_INVALID_PARAMETER;`
			`}`
			`break;`
			`}`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`default:`
			`status = ERROR_INVALID_SYNTAX;`
			`break;`
			`}`
Add "show verification" command Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 06:47:58 +03:00			`}`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`if (status != NO_ERROR) {`
			`return status;`
Add "show verification" command Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 06:47:58 +03:00			`}`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00
			`const char* report;`
			`const char* error_message;`
Make netsh "show verification" command display max instruction count (#242) Fixes #193 Signed-off-by: Dave Thaler <dthaler@microsoft.com> 2021-06-02 21:22:06 +03:00			`ebpf_api_verifier_stats_t stats;`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00
Make netsh "show verification" command display max instruction count (#242) Fixes #193 Signed-off-by: Dave Thaler <dthaler@microsoft.com> 2021-06-02 21:22:06 +03:00			`status = ebpf_api_elf_verify_section(`
			`filename.c_str(), section.c_str(), level == VL_VERBOSE, &report, &error_message, &stats);`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`if (status == ERROR_SUCCESS) {`
Add option to show verbose verifier output (#38) Fixes #20 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-04-17 23:09:43 +03:00			`std::cout << report;`
Make netsh "show verification" command display max instruction count (#242) Fixes #193 Signed-off-by: Dave Thaler <dthaler@microsoft.com> 2021-06-02 21:22:06 +03:00			`std::cout << "\nProgram terminates within " << stats.max_instruction_count << " instructions\n";`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`return NO_ERROR;`
			`} else {`
			`if (error_message) {`
Add additional netsh tests (#298) Fix a couple bugs that the tests uncovered Remove duplicate "error: error:" prefix in messages on verification Fixes #240 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com> 2021-06-24 04:12:20 +03:00			`std::cerr << error_message << std::endl;`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`}`
			`if (report) {`
Update to latest verifier code (#652) * Update to latest verifier code Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Add reference to yaml-cpp vcxproj file Signed-off-by: Dave Thaler <dthaler@microsoft.com> * Fix verifier tests Signed-off-by: Dave Thaler <dthaler@microsoft.com> 2021-11-07 21:47:47 +03:00			`std::cerr << "\nVerification report:\n" << report;`
			`std::cerr << stats.total_warnings << " errors\n\n";`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`}`
Add ebpf public APIs - #1 (#290) * add ebpf_program_load(), few other APIs 2021-06-23 06:42:18 +03:00			`ebpf_free_string(error_message);`
			`ebpf_free_string(report);`
Merged PR 4220809: First drop of port_quota demo First drop of port_quota demo 2021-03-10 05:38:31 +03:00			`return ERROR_SUPPRESS_OUTPUT;`
Add "show verification" command Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-16 06:47:58 +03:00			`}`
Add parser stubs for program commands Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> 2021-01-19 21:33:27 +03:00			`}`