Switch ebpf_program_type_descriptor_t::platform_specific_data to GUID (#171)

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2021-05-11 14:46:00 -06:00 · 2021-05-11 14:46:00 -06:00 · 1af5e65f65
--- a/include/ebpf_api.h
+++ b/include/ebpf_api.h
@ -4,6 +4,10 @@
 */

 #pragma once
+
+#include <stdbool.h>
+#include <stdint.h>
+
 #include "ebpf_windows.h"

 #ifdef __cplusplus
--- a/include/ebpf_program_types.h
+++ b/include/ebpf_program_types.h
@ -46,7 +46,7 @@ typedef struct _ebpf_program_type_descriptor
    MIDL([string])
    const char* name;
    ebpf_context_descriptor_t* context_descriptor;
-    uint64_t platform_specific_data;
+    GUID platform_specific_data;
    char is_privileged;
 } ebpf_program_type_descriptor_t;

--- a/libs/api/Verifier.cpp
+++ b/libs/api/Verifier.cpp
@ -8,6 +8,10 @@
 #include <sstream>
 #include <sys/stat.h>
 #include "ebpf_api.h"
+#include "ebpf_bind_program_data.h"
+#include "ebpf_platform.h"
+#include "ebpf_xdp_program_data.h"
+
 #pragma warning(push)
 #pragma warning(disable : 4100) // 'identifier' : unreferenced formal parameter
 #pragma warning(disable : 4244) // 'conversion' conversion from 'type1' to
@ -121,8 +125,8 @@ verify_byte_code(
    const char** error_message)
 {
    const ebpf_platform_t* platform = &g_ebpf_platform_windows;
-    std::vector<ebpf_inst> instructions{(ebpf_inst*)byte_code,
-                                        (ebpf_inst*)byte_code + byte_code_size / sizeof(ebpf_inst)};
+    std::vector<ebpf_inst> instructions{
+        (ebpf_inst*)byte_code, (ebpf_inst*)byte_code + byte_code_size / sizeof(ebpf_inst)};
    program_info info{platform};
    info.type = platform->get_program_type(section_name, path);

@ -169,11 +173,12 @@ ebpf_api_elf_enumerate_sections(
                }
            }

-            sequence.emplace_back(tlv_pack<tlv_sequence>({tlv_pack(raw_program.section.c_str()),
-                                                          tlv_pack(raw_program.info.type.platform_specific_data),
-                                                          tlv_pack(raw_program.info.map_descriptors.size()),
-                                                          tlv_pack(convert_ebpf_program_to_bytes(raw_program.prog)),
-                                                          tlv_pack(stats_sequence)}));
+            sequence.emplace_back(tlv_pack<tlv_sequence>(
+                {tlv_pack(raw_program.section.c_str()),
+                 tlv_pack(raw_program.info.type.platform_specific_data),
+                 tlv_pack(raw_program.info.map_descriptors.size()),
+                 tlv_pack(convert_ebpf_program_to_bytes(raw_program.prog)),
+                 tlv_pack(stats_sequence)}));
        }

        auto retval = tlv_pack(sequence);
@ -226,7 +231,32 @@ ebpf_api_elf_verify_section(
    const char* file, const char* section, bool verbose, const char** report, const char** error_message)
 {
    std::ostringstream error;
+
    std::ostringstream output;
+    ebpf_error_code_t result;
+    ebpf_program_information_t* program_information_xdp = NULL;
+    ebpf_program_information_t* program_information_bind = NULL;
+    ebpf_helper::ebpf_memory_ptr program_information_xdp_ptr;
+    ebpf_helper::ebpf_memory_ptr program_information_bind_ptr;
+
+    result = ebpf_program_information_decode(
+        &program_information_bind,
+        _ebpf_encoded_bind_program_information_data,
+        sizeof(_ebpf_encoded_bind_program_information_data));
+    if (result != ERROR_SUCCESS) {
+        return result;
+    }
+    program_information_bind_ptr.reset(program_information_bind);
+
+    result = ebpf_program_information_decode(
+        &program_information_xdp,
+        _ebpf_encoded_xdp_program_information_data,
+        sizeof(_ebpf_encoded_xdp_program_information_data));
+    if (result != ERROR_SUCCESS) {
+        return result;
+    }
+    program_information_xdp_ptr.reset(program_information_xdp);
+
    try {
        const ebpf_platform_t* platform = &g_ebpf_platform_windows;
        ebpf_verifier_options_t verifier_options = ebpf_verifier_default_options;
--- a/libs/api/api.vcxproj
+++ b/libs/api/api.vcxproj
@ -131,7 +131,7 @@
      <ConformanceMode>true</ConformanceMode>
      <PrecompiledHeader>NotUsing</PrecompiledHeader>
      <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
-      <AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(OutDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
      <LanguageStandard>stdcpplatest</LanguageStandard>
      <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
      <TreatWarningAsError>true</TreatWarningAsError>
@ -152,7 +152,7 @@
      <ConformanceMode>true</ConformanceMode>
      <PrecompiledHeader>NotUsing</PrecompiledHeader>
      <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
-      <AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(OutDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
      <LanguageStandard>stdcpplatest</LanguageStandard>
      <TreatWarningAsError>true</TreatWarningAsError>
    </ClCompile>
@ -181,6 +181,11 @@
    <ClInclude Include="Verifier.h" />
    <ClInclude Include="windows_platform.hpp" />
  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\..\tools\encode_program_information\encode_program_information.vcxproj">
+      <Project>{fa9bb88d-8259-40c1-9422-bdedf9e9ce68}</Project>
+    </ProjectReference>
+  </ItemGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
  <ImportGroup Label="ExtensionTargets">
    <Import Project="..\..\packages\boost.1.75.0.0\build\boost.targets" Condition="Exists('..\..\packages\boost.1.75.0.0\build\boost.targets')" />
--- a/libs/api/ebpf_api.cpp
+++ b/libs/api/ebpf_api.cpp
@ -399,6 +399,8 @@ ebpf_api_load_program(
    uint64_t log_function_address;
    ebpf_extension_data_t* program_information_data = NULL;
    ebpf_program_information_t* program_information = NULL;
+    ebpf_helper::ebpf_memory_ptr program_information_data_ptr;
+    ebpf_helper::ebpf_memory_ptr program_information_ptr;
    _unwind_helper unwind([&] {
        if (vm) {
            ubpf_destroy(vm);
@ -406,8 +408,6 @@ ebpf_api_load_program(
        for (auto& map : _map_file_descriptors) {
            ebpf_api_close_handle(reinterpret_cast<ebpf_handle_t>(map.handle));
        }
-        ebpf_free(program_information);
-        free(program_information_data);
    });

    uint32_t result;
@ -419,6 +419,8 @@ ebpf_api_load_program(
            return ERROR_INVALID_PARAMETER;
        }

+        // TODO: (issue #169): Should switch this to more idiomatic C++
+        // Note: This leaks the program handle on some errors.
        result = _create_program(program_type, file_name, section_name, &program_handle);
        if (result != ERROR_SUCCESS) {
            return result;
@ -428,8 +430,8 @@ ebpf_api_load_program(
        if (result != ERROR_SUCCESS) {
            return result;
        }
+        program_information_data_ptr.reset(program_information_data);

-        // TODO (issue #67): Pass the resulting program information to the verifier.
        result = ebpf_program_information_decode(
            &program_information,
            program_information_data->data,
@ -437,7 +439,9 @@ ebpf_api_load_program(
        if (result != ERROR_SUCCESS) {
            return result;
        }
+        program_information_ptr.reset(program_information);

+        // TODO (issue #67): Pass the resulting program information to the verifier.
        // Verify code.
        if (verify_byte_code(file_name, section_name, byte_code.data(), byte_code_size, error_message) != 0) {
            return ERROR_INVALID_PARAMETER;
--- a/libs/platform/ebpf_platform.h
+++ b/libs/platform/ebpf_platform.h
@ -623,3 +623,22 @@ extern "C"
 #ifdef __cplusplus
 }
 #endif
+
+#ifdef __cplusplus
+#include <memory>
+namespace ebpf_helper {
+
+struct _ebpf_free_functor
+{
+    void
+    operator()(void* memory)
+    {
+        ebpf_free(memory);
+    }
+};
+
+typedef std::unique_ptr<void, _ebpf_free_functor> ebpf_memory_ptr;
+
+} // namespace ebpf_helper
+
+#endif
--- a/libs/platform/ebpf_program_types.idl
+++ b/libs/platform/ebpf_program_types.idl
@ -3,6 +3,8 @@
 *  SPDX-License-Identifier: MIT
 */

+import "wtypes.idl";
+
 interface ebpf_program_types
 {
    typedef unsigned int uint32_t;
--- a/tests/end_to_end/helpers.h
+++ b/tests/end_to_end/helpers.h
@ -142,7 +142,7 @@ typedef class _program_information_provider
        };
        ebpf_context_descriptor_t context_descriptor{
            sizeof(bind_md_t), EBPF_OFFSET_OF(bind_md_t, app_id_start), EBPF_OFFSET_OF(bind_md_t, app_id_end), -1};
-        ebpf_program_type_descriptor_t program_type_descriptor{"bind", &context_descriptor};
+        ebpf_program_type_descriptor_t program_type_descriptor{"bind", &context_descriptor, EBPF_PROGRAM_TYPE_BIND};
        ebpf_program_information_t program_information{
            program_type_descriptor, _countof(helper_functions), helper_functions};
        uint8_t* buffer;
@ -180,7 +180,7 @@ typedef class _program_information_provider
            EBPF_OFFSET_OF(xdp_md_t, data),
            EBPF_OFFSET_OF(xdp_md_t, data_end),
            EBPF_OFFSET_OF(xdp_md_t, data_meta)};
-        ebpf_program_type_descriptor_t program_type_descriptor{"xdp", &context_descriptor};
+        ebpf_program_type_descriptor_t program_type_descriptor{"xdp", &context_descriptor, EBPF_PROGRAM_TYPE_XDP};
        ebpf_program_information_t program_information{
            program_type_descriptor, _countof(helper_functions), helper_functions};
        uint8_t* buffer;
--- a/tools/encode_program_information/encode_program_information.cpp
+++ b/tools/encode_program_information/encode_program_information.cpp
@ -2,6 +2,7 @@
 // SPDX-License-Identifier: MIT

 #include <stdio.h>
+#include "ebpf_api.h"
 #include "ebpf_nethooks.h"
 #include "ebpf_platform.h"
 #include "ebpf_program_types.h"
@ -39,7 +40,7 @@ _encode_bind()
    unsigned long buffer_size = 0;
    ebpf_context_descriptor_t bind_context_descriptor = {
        sizeof(bind_md_t), EBPF_OFFSET_OF(bind_md_t, app_id_start), EBPF_OFFSET_OF(bind_md_t, app_id_end), -1};
-    ebpf_program_type_descriptor_t bind_program_type = {"bind", &bind_context_descriptor};
+    ebpf_program_type_descriptor_t bind_program_type = {"bind", &bind_context_descriptor, EBPF_PROGRAM_TYPE_BIND};
    ebpf_program_information_t bind_program_information = {bind_program_type, 0, NULL};

    return_value = ebpf_program_information_encode(&bind_program_information, &buffer, &buffer_size);
@ -70,7 +71,7 @@ _encode_xdp()
        EBPF_OFFSET_OF(xdp_md_t, data),
        EBPF_OFFSET_OF(xdp_md_t, data_end),
        EBPF_OFFSET_OF(xdp_md_t, data_meta)};
-    ebpf_program_type_descriptor_t xdp_program_type = {"xdp", &xdp_context_descriptor};
+    ebpf_program_type_descriptor_t xdp_program_type = {"xdp", &xdp_context_descriptor, EBPF_PROGRAM_TYPE_XDP};
    ebpf_program_information_t xdp_program_information = {xdp_program_type, 0, NULL};

    return_value = ebpf_program_information_encode(&xdp_program_information, &buffer, &buffer_size);