Isolate eBPF store APIs into atomic km & um libraries. (#2690)
* draft * wip * wip * wip * wip * wip - km & um compile * fix * fix include order * wip * wip * wip * wip - api_common * wip - updated projects * wip * wip * fix merge issues * wip * fix C28196/C6387 * wip * wip * fix SAL * cleanup * fix SAL bugs * wip - cmake * add cmake files * wip * wip * update msi artifacts * wip * cleanup * collapse null-checks * clean-up headers * refactor return types to ebpf_result_t * replace ebpf_registry_result_t with ebpf_result_t * update header * remove cpp wrapper, misc cleanup. * rename um/km registry helpers * cleanup * cleanup * update * nit * fix * Added KERNEL_MODE var, so to default to USER_MODE. * fix cmake * align result var names with ebpf_result_t * pr feedback * add project refs * Add NativeOnly* cfgs to ebpf_store_helper_km * Update docs, API reordering in source. * pr feedback * Rename types to abstract use of registry * Normalize all registry API names. * rename * merge sln * fix var typo * refactor store root keys * feedback * doc/comments * remove KERNEL_MODE * Force ignore format on all preprocessor code paths.
This commit is contained in:
Родитель
ced7990d27
Коммит
4cb79e547d
|
@ -296,14 +296,48 @@ The helper function ID for a general helper function must be in the range 0 - 65
|
|||
The parameter and return types for these helper functions must adhere to the `ebpf_argument_type_t` and
|
||||
`ebpf_return_type_t` enums.
|
||||
|
||||
### 2.7 Registering Program Types and Attach Types
|
||||
### 2.7 Registering Program Types and Attach Types - eBPF Store
|
||||
The eBPF Execution Context loads an eBPF program from an ELF file that has program section(s) with section names. The
|
||||
prefix to these names determines the program type. For example, the section name `"xdp"` implies that the corresponding
|
||||
program type is `EBPF_PROGRAM_TYPE_XDP`. The Execution Context discovers the program type associated with a section
|
||||
prefix by reading the data from Windows registry. When an eBPF extension is installed, it must update the registry with
|
||||
the program types it implements along with the associated section prefixes.
|
||||
program type is `EBPF_PROGRAM_TYPE_XDP`.
|
||||
|
||||
_Note: The registry location and data format are TBD. This is currently tracked by issue #223._
|
||||
The *Execution Context* discovers the program type associated with a section prefix by reading the data from the ***"eBPF store"***, which is currently kept in the Windows registry.
|
||||
When an eBPF extension is installed, it must update the eBPF store with the program types it implements along with the associated section prefixes.
|
||||
|
||||
To operate on the eBPF store, the extension must link the `\lib\ebpf_store_helper_km.lib` kernel-mode library and include the related `\include\ebpf_store_helper.h` header file, both distributed within the [eBPF for Windows NuGet package](https://www.nuget.org/packages/eBPF-for-Windows/). With these, the extension can use the following APIs to register program types, attach types and helper functions:
|
||||
|
||||
- `ebpf_store_update_helper_prototype`: updates the program type specific helper information in the eBPF store, given a pointer to the store key to be initialized and a pointer to the helper function prototype (i.e., `_ebpf_helper_function_prototype`):
|
||||
|
||||
```c
|
||||
ebpf_result_t
|
||||
ebpf_store_update_helper_prototype(
|
||||
ebpf_store_key_t helper_info_key, _In_ const ebpf_helper_function_prototype_t* helper_info);
|
||||
```c
|
||||
```
|
||||
|
||||
- `ebpf_store_update_global_helper_information`: updates the global helper information in the eBPF store, given a pointer to an array of helper function prototypes:
|
||||
|
||||
```c
|
||||
ebpf_result_t
|
||||
ebpf_store_update_global_helper_information(
|
||||
_In_reads_(helper_info_count) ebpf_helper_function_prototype_t* helper_info, uint32_t helper_info_count);
|
||||
```
|
||||
|
||||
- `ebpf_store_update_section_information`: updates the section information in the eBPF store, given a pointer to an array of section information (i.e., `_ebpf_program_section_info`):
|
||||
|
||||
```c
|
||||
ebpf_result_t
|
||||
ebpf_store_update_section_information(
|
||||
_In_reads_(section_info_count) const ebpf_program_section_info_t* section_info, uint32_t section_info_count);
|
||||
```
|
||||
|
||||
- `ebpf_store_update_program_information`: updates program information in the eBPF store, given a pointer to an array of program information (i.e., `_ebpf_program_info`):
|
||||
|
||||
```c
|
||||
ebpf_result_t
|
||||
ebpf_store_update_program_information(
|
||||
_In_reads_(program_info_count) const ebpf_program_info_t* program_info, uint32_t program_info_count);
|
||||
```
|
||||
|
||||
### 2.8 eBPF Sample Driver
|
||||
The eBPF for Windows project provides a
|
||||
|
|
|
@ -215,6 +215,10 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "redist-package", "tools\red
|
|||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ebpf_stress_tests_km", "tests\stress\km\ebpf_stress_tests_km.vcxproj", "{4F082524-9496-44FA-8CBA-4BC0BDC62568}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ebpf_store_helper_km", "libs\store_helper\kernel\ebpf_store_helper_km.vcxproj", "{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ebpf_store_helper_um", "libs\store_helper\user\ebpf_store_helper_um.vcxproj", "{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "usersim", "external\usersim\src\usersim.vcxproj", "{030A7AC6-14DC-45CF-AF34-891057AB1402}"
|
||||
EndProject
|
||||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libbtf", "external\ebpf-verifier\build\external\libbtf\libbtf\libbtf.vcxproj", "{249E3FBC-0098-3E3E-80AE-C8F8EF6AB0E5}"
|
||||
|
@ -2624,6 +2628,132 @@ Global
|
|||
{4F082524-9496-44FA-8CBA-4BC0BDC62568}.RelWithDebInfo|x64.Build.0 = Release|x64
|
||||
{4F082524-9496-44FA-8CBA-4BC0BDC62568}.RelWithDebInfo|x86.ActiveCfg = Release|x64
|
||||
{4F082524-9496-44FA-8CBA-4BC0BDC62568}.RelWithDebInfo|x86.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|ARM64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|ARM64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|ARM64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|x64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|x64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|x86.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|x86.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Debug|x86.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|ARM64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|ARM64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|ARM64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|x64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|x64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|x64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|x86.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|x86.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.FuzzerDebug|x86.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|ARM64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|ARM64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|ARM64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|x64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|x64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|x64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|x86.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|x86.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.MinSizeRel|x86.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|ARM64.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|ARM64.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|ARM64.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|x64.ActiveCfg = NativeOnlyDebug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|x64.Build.0 = NativeOnlyDebug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|x64.Deploy.0 = NativeOnlyDebug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|x86.ActiveCfg = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|x86.Build.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyDebug|x86.Deploy.0 = Debug|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|ARM64.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|ARM64.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|ARM64.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|x64.ActiveCfg = NativeOnlyRelease|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|x64.Build.0 = NativeOnlyRelease|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|x64.Deploy.0 = NativeOnlyRelease|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|x86.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|x86.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.NativeOnlyRelease|x86.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|ARM64.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|ARM64.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|ARM64.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|x64.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|x64.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|x64.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|x86.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|x86.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.Release|x86.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|ARM64.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|ARM64.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|ARM64.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|x64.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|x64.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|x64.Deploy.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|x86.ActiveCfg = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|x86.Build.0 = Release|x64
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E}.RelWithDebInfo|x86.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|ARM64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|ARM64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|ARM64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|x64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|x64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|x86.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|x86.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Debug|x86.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|ARM64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|ARM64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|ARM64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|x64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|x64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|x64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|x86.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|x86.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.FuzzerDebug|x86.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|ARM64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|ARM64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|ARM64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|x64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|x64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|x64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|x86.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|x86.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.MinSizeRel|x86.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|ARM64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|ARM64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|ARM64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|x64.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|x64.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|x64.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|x86.ActiveCfg = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|x86.Build.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyDebug|x86.Deploy.0 = Debug|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|ARM64.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|ARM64.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|ARM64.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|x64.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|x64.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|x64.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|x86.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|x86.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.NativeOnlyRelease|x86.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|ARM64.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|ARM64.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|ARM64.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|x64.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|x64.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|x64.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|x86.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|x86.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.Release|x86.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|ARM64.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|ARM64.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|ARM64.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|x64.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|x64.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|x64.Deploy.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|x86.ActiveCfg = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|x86.Build.0 = Release|x64
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}.RelWithDebInfo|x86.Deploy.0 = Release|x64
|
||||
{030A7AC6-14DC-45CF-AF34-891057AB1402}.Debug|ARM64.ActiveCfg = Debug|x64
|
||||
{030A7AC6-14DC-45CF-AF34-891057AB1402}.Debug|ARM64.Build.0 = Debug|x64
|
||||
{030A7AC6-14DC-45CF-AF34-891057AB1402}.Debug|x64.ActiveCfg = Debug|x64
|
||||
|
@ -2666,6 +2796,48 @@ Global
|
|||
{030A7AC6-14DC-45CF-AF34-891057AB1402}.RelWithDebInfo|x64.Build.0 = Release|x64
|
||||
{030A7AC6-14DC-45CF-AF34-891057AB1402}.RelWithDebInfo|x86.ActiveCfg = Release|Win32
|
||||
{030A7AC6-14DC-45CF-AF34-891057AB1402}.RelWithDebInfo|x86.Build.0 = Release|Win32
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Debug|ARM64.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Debug|ARM64.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Debug|x64.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Debug|x64.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Debug|x86.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Debug|x86.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.FuzzerDebug|ARM64.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.FuzzerDebug|ARM64.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.FuzzerDebug|x64.ActiveCfg = FuzzerDebug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.FuzzerDebug|x64.Build.0 = FuzzerDebug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.FuzzerDebug|x86.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.FuzzerDebug|x86.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.MinSizeRel|ARM64.ActiveCfg = MinSizeRel|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.MinSizeRel|ARM64.Build.0 = MinSizeRel|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.MinSizeRel|x64.ActiveCfg = MinSizeRel|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.MinSizeRel|x64.Build.0 = MinSizeRel|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.MinSizeRel|x86.ActiveCfg = MinSizeRel|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.MinSizeRel|x86.Build.0 = MinSizeRel|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyDebug|ARM64.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyDebug|ARM64.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyDebug|x64.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyDebug|x64.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyDebug|x86.ActiveCfg = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyDebug|x86.Build.0 = Debug|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyRelease|ARM64.ActiveCfg = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyRelease|ARM64.Build.0 = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyRelease|x64.ActiveCfg = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyRelease|x64.Build.0 = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyRelease|x86.ActiveCfg = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.NativeOnlyRelease|x86.Build.0 = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Release|ARM64.ActiveCfg = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Release|ARM64.Build.0 = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Release|x64.ActiveCfg = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Release|x64.Build.0 = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Release|x86.ActiveCfg = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.Release|x86.Build.0 = Release|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.RelWithDebInfo|ARM64.ActiveCfg = RelWithDebInfo|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.RelWithDebInfo|ARM64.Build.0 = RelWithDebInfo|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.RelWithDebInfo|x64.ActiveCfg = RelWithDebInfo|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.RelWithDebInfo|x64.Build.0 = RelWithDebInfo|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.RelWithDebInfo|x86.ActiveCfg = RelWithDebInfo|x64
|
||||
{BC45D39C-F956-3951-BD46-44EAE20EC7C9}.RelWithDebInfo|x86.Build.0 = RelWithDebInfo|x64
|
||||
{249E3FBC-0098-3E3E-80AE-C8F8EF6AB0E5}.Debug|ARM64.ActiveCfg = Debug|x64
|
||||
{249E3FBC-0098-3E3E-80AE-C8F8EF6AB0E5}.Debug|ARM64.Build.0 = Debug|x64
|
||||
{249E3FBC-0098-3E3E-80AE-C8F8EF6AB0E5}.Debug|x64.ActiveCfg = Debug|x64
|
||||
|
@ -2815,6 +2987,8 @@ Global
|
|||
{E51A27F5-A1D5-40DA-A09B-850203D6B13D} = {492C9B22-9237-4996-9E33-CA14D3533616}
|
||||
{A08B9A8B-FCD0-4E93-8811-D60EED639BE0} = {B09749EC-3D14-414B-BA9B-CD20E218DC84}
|
||||
{4F082524-9496-44FA-8CBA-4BC0BDC62568} = {492C9B22-9237-4996-9E33-CA14D3533616}
|
||||
{3569E946-C8B4-49EE-A89D-EDD09DC9F36E} = {7C2E30D9-E07F-4913-BD8A-345B38F18A81}
|
||||
{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A} = {69CDB6A1-434D-4BC9-9BFF-D12DF7EDBB6B}
|
||||
{030A7AC6-14DC-45CF-AF34-891057AB1402} = {69CDB6A1-434D-4BC9-9BFF-D12DF7EDBB6B}
|
||||
{249E3FBC-0098-3E3E-80AE-C8F8EF6AB0E5} = {69CDB6A1-434D-4BC9-9BFF-D12DF7EDBB6B}
|
||||
{1937DB41-F3EB-4955-A636-6386DCB394F6} = {69CDB6A1-434D-4BC9-9BFF-D12DF7EDBB6B}
|
||||
|
|
|
@ -239,12 +239,12 @@
|
|||
<ProjectReference Include="..\external\ebpf-verifier\build\ebpfverifier.vcxproj">
|
||||
<Project>{7d5b4e68-c0fa-3f86-9405-f6400219b440}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\external\ebpf-verifier\build\external\libbtf\libbtf\libbtf.vcxproj">
|
||||
<Project>{bc45d39c-f956-3951-bd46-44eae20ec7c9}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\external\usersim\src\usersim.vcxproj">
|
||||
<Project>{030a7ac6-14dc-45cf-af34-891057ab1402}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\external\ebpf-verifier\external\libbtf\build\libbtf\libbtf.vcxproj">
|
||||
<Project>{c034859f-e0d6-3ae6-b4fe-71b012fdc618}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\libs\api\api.vcxproj">
|
||||
<Project>{c8bf60c3-40a9-43ad-891a-8aa34f1c3a68}</Project>
|
||||
</ProjectReference>
|
||||
|
@ -276,4 +276,4 @@
|
|||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
||||
</Project>
|
|
@ -15,9 +15,10 @@ wdk_add_driver("EbpfCore" WINVER "${EBPFFORWINDOWS_WDK_WINVER}" KMDF "${EBPFFORW
|
|||
|
||||
target_include_directories("EbpfCore" PRIVATE
|
||||
"${CMAKE_SOURCE_DIR}/include"
|
||||
"${CMAKE_SOURCE_DIR}/libs/execution_context"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/libs/execution_context"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/resource"
|
||||
"${CMAKE_CURRENT_SOURCE_DIR}"
|
||||
)
|
||||
|
@ -28,6 +29,7 @@ target_link_directories("EbpfCore" PRIVATE
|
|||
|
||||
target_link_libraries("EbpfCore"
|
||||
"ebpf_for_windows_common_settings"
|
||||
"ebpf_store_helper_km"
|
||||
"execution_context_kernel"
|
||||
"platform_kernel"
|
||||
"external::ebpfverifier_headers"
|
||||
|
|
|
@ -3,350 +3,79 @@
|
|||
|
||||
#pragma once
|
||||
|
||||
#ifndef USER_MODE
|
||||
#include "framework.h"
|
||||
#else
|
||||
#include "ebpf_utilities.h"
|
||||
#endif
|
||||
|
||||
#include "ebpf_program_types.h"
|
||||
#include "ebpf_registry_helper.h"
|
||||
#include "ebpf_windows.h"
|
||||
|
||||
#ifdef USER_MODE
|
||||
extern ebpf_registry_key_t ebpf_root_registry_key;
|
||||
#define GUID_STRING_LENGTH 38 // not including the null terminator.
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
static uint32_t
|
||||
_ebpf_store_open_or_create_provider_registry_key(_Out_ ebpf_registry_key_t* provider_key)
|
||||
{
|
||||
__return_type status = _SUCCESS;
|
||||
ebpf_registry_key_t root_key = NULL;
|
||||
*provider_key = NULL;
|
||||
|
||||
// Open (or create) root eBPF registry path.
|
||||
#ifndef USER_MODE
|
||||
status = create_registry_key(NULL, EBPF_ROOT_REGISTRY_PATH, REG_CREATE_FLAGS, &root_key);
|
||||
typedef HANDLE ebpf_store_key_t;
|
||||
#else
|
||||
status = create_registry_key(ebpf_root_registry_key, EBPF_ROOT_RELATIVE_PATH, REG_CREATE_FLAGS, &root_key);
|
||||
typedef HKEY ebpf_store_key_t;
|
||||
#endif
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) program data registry path.
|
||||
status = create_registry_key(root_key, EBPF_PROVIDERS_REGISTRY_PATH, REG_CREATE_FLAGS, provider_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
extern ebpf_store_key_t ebpf_store_root_key;
|
||||
extern const wchar_t* ebpf_store_root_sub_key;
|
||||
|
||||
Exit:
|
||||
if (root_key) {
|
||||
close_registry_key(root_key);
|
||||
}
|
||||
return status;
|
||||
/**
|
||||
* @brief Update the provider prototype information in the eBPF store.
|
||||
*
|
||||
* @param[in] helper_info_key Pointer to the store key to be initialized.
|
||||
* @param[in] helper_info Pointer to the helper function prototype.
|
||||
*
|
||||
* @return Status of the operation.
|
||||
*/
|
||||
ebpf_result_t
|
||||
ebpf_store_update_helper_prototype(
|
||||
ebpf_store_key_t helper_info_key, _In_ const ebpf_helper_function_prototype_t* helper_info);
|
||||
|
||||
/**
|
||||
* @brief Update global helper information in the eBPF store.
|
||||
*
|
||||
* @param[in] helper_info Pointer to an array of helper function prototypes.
|
||||
* @param[in] helper_info_count Count of helper function prototypes.
|
||||
*
|
||||
* @returns Status of the operation.
|
||||
*/
|
||||
ebpf_result_t
|
||||
ebpf_store_update_global_helper_information(
|
||||
_In_reads_(helper_info_count) ebpf_helper_function_prototype_t* helper_info, uint32_t helper_info_count);
|
||||
|
||||
/**
|
||||
* @brief Update section information in the eBPF store.
|
||||
*
|
||||
* @param[in] section_info Pointer to an array of section information.
|
||||
* @param[in] section_info_count Count of section information entries.
|
||||
*
|
||||
* @returns Status of the operation.
|
||||
*/
|
||||
ebpf_result_t
|
||||
ebpf_store_update_section_information(
|
||||
_In_reads_(section_info_count) const ebpf_program_section_info_t* section_info, uint32_t section_info_count);
|
||||
|
||||
/**
|
||||
* @brief Update program information in the eBPF store.
|
||||
*
|
||||
* @param[in] program_info Pointer to an array of program information.
|
||||
* @param[in] program_info_count Count of program information entries.
|
||||
*
|
||||
* @returns Status of the operation.
|
||||
*/
|
||||
ebpf_result_t
|
||||
ebpf_store_update_program_information(
|
||||
_In_reads_(program_info_count) const ebpf_program_info_t* program_info, uint32_t program_info_count);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
||||
static __return_type
|
||||
_ebpf_store_update_helper_prototype(
|
||||
ebpf_registry_key_t helper_info_key, _In_ const ebpf_helper_function_prototype_t* helper_info)
|
||||
{
|
||||
__return_type status = _SUCCESS;
|
||||
uint32_t offset;
|
||||
ebpf_registry_key_t helper_function_key = NULL;
|
||||
char serialized_data[sizeof(ebpf_helper_function_prototype_t)] = {0};
|
||||
|
||||
status = create_registry_key_ansi(helper_info_key, helper_info->name, REG_CREATE_FLAGS, &helper_function_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Serialize the helper prototype.
|
||||
offset = 0;
|
||||
memcpy(serialized_data, &helper_info->helper_id, sizeof(helper_info->helper_id));
|
||||
offset += sizeof(helper_info->helper_id);
|
||||
|
||||
memcpy(serialized_data + offset, &helper_info->return_type, sizeof(helper_info->return_type));
|
||||
offset += sizeof(helper_info->return_type);
|
||||
|
||||
memcpy(serialized_data + offset, helper_info->arguments, sizeof(helper_info->arguments));
|
||||
offset += sizeof(helper_info->arguments);
|
||||
|
||||
// Save the helper prototype data.
|
||||
status = write_registry_value_binary(
|
||||
helper_function_key, EBPF_HELPER_DATA_PROTOTYPE, (uint8_t*)&serialized_data[0], offset);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
Exit:
|
||||
if (helper_function_key) {
|
||||
close_registry_key(helper_function_key);
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Update section information in eBPF store.
|
||||
*
|
||||
* @param[in] section_info Pointer to an array of section information.
|
||||
* @param[in] section_info_count Count of section information entries.
|
||||
*
|
||||
* @returns Status of the operation.
|
||||
*/
|
||||
static __return_type
|
||||
_ebpf_store_update_section_information(
|
||||
_In_reads_(section_info_count) const ebpf_program_section_info_t* section_info, uint32_t section_info_count)
|
||||
{
|
||||
__return_type status = _SUCCESS;
|
||||
ebpf_registry_key_t provider_key = NULL;
|
||||
ebpf_registry_key_t section_info_key = NULL;
|
||||
|
||||
if (section_info_count == 0) {
|
||||
return status;
|
||||
}
|
||||
|
||||
// Open (or create) provider registry path.
|
||||
status = _ebpf_store_open_or_create_provider_registry_key(&provider_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) section data key.
|
||||
status = create_registry_key(provider_key, EBPF_SECTIONS_REGISTRY_PATH, REG_CREATE_FLAGS, §ion_info_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < section_info_count; i++) {
|
||||
ebpf_registry_key_t section_key = NULL;
|
||||
|
||||
// Open or create the registry path.
|
||||
status = create_registry_key(section_info_key, section_info[i].section_name, REG_CREATE_FLAGS, §ion_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save program type.
|
||||
status = write_registry_value_binary(
|
||||
section_key,
|
||||
EBPF_SECTION_DATA_PROGRAM_TYPE,
|
||||
(uint8_t*)section_info[i].program_type,
|
||||
sizeof(ebpf_program_type_t));
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save attach type.
|
||||
status = write_registry_value_binary(
|
||||
section_key,
|
||||
EBPF_SECTION_DATA_ATTACH_TYPE,
|
||||
(uint8_t*)section_info[i].attach_type,
|
||||
sizeof(ebpf_attach_type_t));
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save bpf_prog_type.
|
||||
status = write_registry_value_dword(section_key, EBPF_DATA_BPF_PROG_TYPE, section_info[i].bpf_program_type);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save bpf_attach_type.
|
||||
status = write_registry_value_dword(section_key, EBPF_DATA_BPF_ATTACH_TYPE, section_info[i].bpf_attach_type);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
close_registry_key(section_key);
|
||||
}
|
||||
|
||||
Exit:
|
||||
if (section_info_key) {
|
||||
close_registry_key(section_info_key);
|
||||
}
|
||||
if (provider_key) {
|
||||
close_registry_key(provider_key);
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Update program information in eBPF store.
|
||||
*
|
||||
* @param[in] program_info Pointer to an array of program information.
|
||||
* @param[in] program_info_count Count of program information entries.
|
||||
*
|
||||
* @returns Status of the operation.
|
||||
*/
|
||||
static __return_type
|
||||
_ebpf_store_update_program_information(
|
||||
_In_reads_(program_info_count) const ebpf_program_info_t* program_info, uint32_t program_info_count)
|
||||
{
|
||||
__return_type status = _SUCCESS;
|
||||
ebpf_registry_key_t provider_key = NULL;
|
||||
ebpf_registry_key_t program_info_key = NULL;
|
||||
|
||||
if (program_info_count == 0) {
|
||||
return status;
|
||||
}
|
||||
|
||||
// Open (or create) provider registry path.
|
||||
status = _ebpf_store_open_or_create_provider_registry_key(&provider_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) program data registry path.
|
||||
status = create_registry_key(provider_key, EBPF_PROGRAM_DATA_REGISTRY_PATH, REG_CREATE_FLAGS, &program_info_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < program_info_count; i++) {
|
||||
ebpf_registry_key_t program_key = {0};
|
||||
ebpf_registry_key_t helper_info_key = {0};
|
||||
|
||||
// Convert program type GUID to string.
|
||||
wchar_t guid_string[GUID_STRING_LENGTH + 1];
|
||||
status = convert_guid_to_string(
|
||||
&program_info[i].program_type_descriptor.program_type, guid_string, GUID_STRING_LENGTH + 1);
|
||||
if (status != _SUCCESS) {
|
||||
return status;
|
||||
}
|
||||
|
||||
status = create_registry_key(program_info_key, guid_string, REG_CREATE_FLAGS, &program_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save the friendly program type name.
|
||||
status = write_registry_value_ansi_string(
|
||||
program_key, EBPF_PROGRAM_DATA_NAME, program_info[i].program_type_descriptor.name);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save context descriptor.
|
||||
status = write_registry_value_binary(
|
||||
program_key,
|
||||
EBPF_PROGRAM_DATA_CONTEXT_DESCRIPTOR,
|
||||
(uint8_t*)program_info[i].program_type_descriptor.context_descriptor,
|
||||
sizeof(ebpf_context_descriptor_t));
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save bpf_prog_type.
|
||||
status = write_registry_value_dword(
|
||||
program_key, EBPF_DATA_BPF_PROG_TYPE, program_info[i].program_type_descriptor.bpf_prog_type);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save "is_privileged".
|
||||
status = write_registry_value_dword(
|
||||
program_key, EBPF_PROGRAM_DATA_PRIVILEGED, program_info[i].program_type_descriptor.is_privileged);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save helper count.
|
||||
status = write_registry_value_dword(
|
||||
program_key, EBPF_PROGRAM_DATA_HELPER_COUNT, program_info[i].count_of_program_type_specific_helpers);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
if (program_info[i].count_of_program_type_specific_helpers != 0) {
|
||||
// Create (or open) helper registry path.
|
||||
status = create_registry_key(
|
||||
program_key, EBPF_PROGRAM_DATA_HELPERS_REGISTRY_PATH, REG_CREATE_FLAGS, &helper_info_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Iterate over all the helper prototypes and save in registry.
|
||||
for (uint32_t count = 0; count < program_info[i].count_of_program_type_specific_helpers; count++) {
|
||||
status = _ebpf_store_update_helper_prototype(
|
||||
helper_info_key, &(program_info[i].program_type_specific_helper_prototype[count]));
|
||||
if (!IS_SUCCESS(status)) {
|
||||
close_registry_key(program_key);
|
||||
close_registry_key(helper_info_key);
|
||||
goto Exit;
|
||||
}
|
||||
}
|
||||
|
||||
close_registry_key(helper_info_key);
|
||||
}
|
||||
close_registry_key(program_key);
|
||||
}
|
||||
|
||||
Exit:
|
||||
if (program_info_key) {
|
||||
close_registry_key(program_info_key);
|
||||
}
|
||||
if (provider_key) {
|
||||
close_registry_key(provider_key);
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Update global helper information in eBPF store.
|
||||
*
|
||||
* @param[in] helper_info Pointer to an array of helper function prototypes.
|
||||
* @param[in] helper_info_count Count of helper function prototypes.
|
||||
*
|
||||
* @returns Status of the operation.
|
||||
*/
|
||||
static __return_type
|
||||
_ebpf_store_update_global_helper_information(
|
||||
_In_reads_(helper_info_count) ebpf_helper_function_prototype_t* helper_info, uint32_t helper_info_count)
|
||||
{
|
||||
__return_type status = _SUCCESS;
|
||||
ebpf_registry_key_t provider_key = NULL;
|
||||
ebpf_registry_key_t helper_info_key = NULL;
|
||||
|
||||
if (helper_info_count == 0) {
|
||||
return status;
|
||||
}
|
||||
|
||||
// Open (or create) provider registry path.
|
||||
status = _ebpf_store_open_or_create_provider_registry_key(&provider_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) global helpers registry path.
|
||||
status = create_registry_key(provider_key, EBPF_GLOBAL_HELPERS_REGISTRY_PATH, REG_CREATE_FLAGS, &helper_info_key);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < helper_info_count; i++) {
|
||||
|
||||
status = _ebpf_store_update_helper_prototype(helper_info_key, &helper_info[i]);
|
||||
if (!IS_SUCCESS(status)) {
|
||||
goto Exit;
|
||||
}
|
||||
}
|
||||
|
||||
Exit:
|
||||
if (helper_info_key) {
|
||||
close_registry_key(helper_info_key);
|
||||
}
|
||||
if (provider_key) {
|
||||
close_registry_key(provider_key);
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
#endif
|
|
@ -1,76 +0,0 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#pragma once
|
||||
|
||||
#include "ebpf_api.h"
|
||||
#include "ebpf_platform.h"
|
||||
#include "platform.h"
|
||||
|
||||
#define __return_type uint32_t
|
||||
#define IS_SUCCESS(x) (x == ERROR_SUCCESS)
|
||||
#define _SUCCESS NO_ERROR
|
||||
|
||||
#define GUID_STRING_LENGTH 38 // not including the null terminator.
|
||||
|
||||
#define REG_CREATE_FLAGS (KEY_WRITE | DELETE | KEY_READ)
|
||||
#define REG_OPEN_FLAGS (DELETE | KEY_READ)
|
||||
|
||||
typedef _Return_type_success_(return == 0) uint32_t ebpf_registry_result_t;
|
||||
|
||||
typedef HKEY ebpf_registry_key_t;
|
||||
|
||||
// Issue: #1542 - All API's should be annotated with _Must_inspect_result_
|
||||
|
||||
void
|
||||
close_registry_key(ebpf_registry_key_t key);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_binary(
|
||||
ebpf_registry_key_t key,
|
||||
_In_z_ const wchar_t* value_name,
|
||||
_In_reads_(value_size) uint8_t* value,
|
||||
size_t value_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_ansi_string(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_dword(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, uint32_t value);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
create_registry_key(
|
||||
ebpf_registry_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key);
|
||||
|
||||
_Success_(return == ERROR_SUCCESS) uint32_t open_registry_key(
|
||||
ebpf_registry_key_t root_key, _In_opt_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
delete_registry_key(ebpf_registry_key_t root_key, _In_z_ const wchar_t* sub_key);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
delete_registry_tree(ebpf_registry_key_t root_key, _In_opt_z_ const wchar_t* sub_key);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
read_registry_value_dword(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _Out_ uint32_t* value);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
read_registry_value_binary(
|
||||
ebpf_registry_key_t key,
|
||||
_In_z_ const wchar_t* value_name,
|
||||
_Out_writes_(value_size) uint8_t* value,
|
||||
size_t value_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
convert_guid_to_string(_In_ const GUID* guid, _Out_writes_all_(string_size) wchar_t* string, size_t string_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
convert_string_to_guid(_In_z_ const wchar_t* string, _Out_ GUID* guid);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
create_registry_key_ansi(
|
||||
ebpf_registry_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key);
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
read_registry_value_string(
|
||||
ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _Outptr_result_z_ wchar_t** value);
|
|
@ -427,11 +427,7 @@ SPDX-License-Identifier: MIT
|
|||
<File Id="LIBBPF_LEGACY.H" Name="libbpf_legacy.h" Source="$(var.SolutionDir)include\bpf\libbpf_legacy.h" />
|
||||
</Component>
|
||||
</ComponentGroup>
|
||||
<ComponentGroup Id="eBPF_Development_include_kernel" Directory="dir_include_kernel">
|
||||
<Component Id="EBPF_REGISTRY_HELPER.H" DiskId="1" Guid="{26717067-176B-4B94-8716-57A675E5F918}">
|
||||
<File Id="EBPF_REGISTRY_HELPER.H" Name="ebpf_registry_helper.h" Source="$(var.SolutionDir)include\kernel\ebpf_registry_helper.h" />
|
||||
</Component>
|
||||
</ComponentGroup>
|
||||
<ComponentGroup Id="eBPF_Development_include_kernel" Directory="dir_include_kernel"/>
|
||||
<ComponentGroup Id="eBPF_Development_include_linux" Directory="dir_include_linux">
|
||||
<Component Id="BPF.H_2" DiskId="1" Guid="{ED4F7D03-0334-4FB3-A3AC-1DAD36FF1228}">
|
||||
<File Id="BPF.H_2" Name="bpf.h" Source="$(var.SolutionDir)include\linux\bpf.h" />
|
||||
|
@ -597,15 +593,14 @@ SPDX-License-Identifier: MIT
|
|||
<File Id="TCP.H" Name="tcp.h" Source="$(var.SolutionDir)include\uapi\linux\tcp.h" />
|
||||
</Component>
|
||||
</ComponentGroup>
|
||||
<ComponentGroup Id="eBPF_Development_include_user" Directory="dir_include_user">
|
||||
<Component Id="EBPF_REGISTRY_HELPER.H_1" DiskId="1" Guid="{D1BF1F4F-BD3D-484E-89D9-77A94522FC97}">
|
||||
<File Id="EBPF_REGISTRY_HELPER.H_1" Name="ebpf_registry_helper.h" Source="$(var.SolutionDir)include\user\ebpf_registry_helper.h" />
|
||||
</Component>
|
||||
</ComponentGroup>
|
||||
<ComponentGroup Id="eBPF_Development_include_user" Directory="dir_include_user"/>
|
||||
<ComponentGroup Id="eBPF_Development_libs" Directory="dir_lib">
|
||||
<Component Id="eBPFApi_lib" Guid="{A164197B-3C57-4ECA-B138-CBF558DA4401}">
|
||||
<File Id="EbpfApi.lib" Name="EbpfApi.lib" DiskId="1" Source="$(var.api.TargetDir)EbpfApi.lib" />
|
||||
</Component>
|
||||
<Component Id="EBPF_STORE_HELPER_KM_lib" Guid="{F8A8A1D9-3F61-4F30-B75B-E51B63D6DB40}">
|
||||
<File Id="EBPF_STORE_HELPER_KM.LIB" Name="ebpf_store_helper_km.lib" Source="$(var.ebpf_store_helper_km.TargetDir)ebpf_store_helper_km.lib" />
|
||||
</Component>
|
||||
</ComponentGroup>
|
||||
</Fragment>
|
||||
|
||||
|
|
|
@ -94,6 +94,14 @@ SPDX-License-Identifier: MIT
|
|||
<RefProjectOutputGroups>Binaries;Content;Satellites</RefProjectOutputGroups>
|
||||
<RefTargetDir>INSTALLFOLDER</RefTargetDir>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\libs\store_helper\kernel\ebpf_store_helper_km.vcxproj">
|
||||
<Name>ebpf_store_helper_km</Name>
|
||||
<Project>{3569e946-c8b4-49ee-a89d-edd09dc9f36e}</Project>
|
||||
<Private>True</Private>
|
||||
<DoNotHarvest>True</DoNotHarvest>
|
||||
<RefProjectOutputGroups>Binaries;Content;Satellites</RefProjectOutputGroups>
|
||||
<RefTargetDir>INSTALLFOLDER</RefTargetDir>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\netebpfext\sys\netebpfext.vcxproj">
|
||||
<Name>netebpfext</Name>
|
||||
<Project>{55499e36-37d4-4f86-b694-9f2990315758}</Project>
|
||||
|
@ -244,4 +252,4 @@ SPDX-License-Identifier: MIT
|
|||
<Target Name="AfterBuild">
|
||||
</Target>
|
||||
-->
|
||||
</Project>
|
||||
</Project>
|
|
@ -9,4 +9,5 @@ add_subdirectory("pe-parse")
|
|||
add_subdirectory("platform")
|
||||
add_subdirectory("ebpfnetsh")
|
||||
add_subdirectory("service")
|
||||
add_subdirectory("store_helper")
|
||||
add_subdirectory("ubpf")
|
||||
|
|
|
@ -17,8 +17,6 @@ add_library("api_common" STATIC
|
|||
device_helper.hpp
|
||||
device_helper.cpp
|
||||
|
||||
registry_helper.cpp
|
||||
|
||||
store_helper_internal.h
|
||||
store_helper_internal.cpp
|
||||
|
||||
|
@ -30,9 +28,11 @@ target_include_directories("api_common" PRIVATE
|
|||
"${CMAKE_SOURCE_DIR}/libs/api"
|
||||
"${CMAKE_SOURCE_DIR}/include"
|
||||
"${CMAKE_SOURCE_DIR}/include/user"
|
||||
"${CMAKE_SOURCE_DIR}/libs/execution_context"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/user"
|
||||
"${CMAKE_SOURCE_DIR}/libs/execution_context"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper/user"
|
||||
"${CMAKE_SOURCE_DIR}/external/ubpf/vm"
|
||||
"${CMAKE_SOURCE_DIR}/external/ubpf/vm/inc"
|
||||
"${CMAKE_BINARY_DIR}/external/ubpf/vm"
|
||||
|
@ -43,6 +43,7 @@ target_include_directories("api_common" PRIVATE
|
|||
|
||||
target_link_libraries("api_common" PRIVATE
|
||||
"ebpf_for_windows_cpp_settings"
|
||||
"ebpf_store_helper_um"
|
||||
"NetEbpfExt_headers"
|
||||
"external::boost"
|
||||
"external::ebpfverifier"
|
||||
|
@ -51,6 +52,7 @@ target_link_libraries("api_common" PRIVATE
|
|||
target_compile_definitions("api_common" PRIVATE
|
||||
_WINDOWS
|
||||
_USRDLL
|
||||
USER_MODE
|
||||
)
|
||||
|
||||
# In order to get around cyclic dependency issues, create an interface
|
||||
|
|
|
@ -104,7 +104,7 @@
|
|||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
|
@ -115,10 +115,11 @@
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
<Lib />
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
|
@ -129,10 +130,11 @@
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
<Lib />
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
|
@ -149,7 +151,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
|
@ -162,10 +164,11 @@
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
<Lib />
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
|
||||
|
@ -178,6 +181,7 @@
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<EnableUAC>false</EnableUAC>
|
||||
</Link>
|
||||
<Lib />
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="device_helper.cpp" />
|
||||
|
@ -185,7 +189,6 @@
|
|||
<ClCompile Include="api_common.cpp" />
|
||||
<ClCompile Include="store_helper_internal.cpp" />
|
||||
<ClCompile Include="utilities.cpp" />
|
||||
<ClCompile Include="registry_helper.cpp" />
|
||||
<ClCompile Include="windows_helpers.cpp" />
|
||||
<ClCompile Include="windows_platform_common.cpp" />
|
||||
</ItemGroup>
|
||||
|
@ -199,5 +202,10 @@
|
|||
<ClInclude Include="windows_platform_common.hpp" />
|
||||
<ClInclude Include="windows_program_type.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\store_helper\user\ebpf_store_helper_um.vcxproj">
|
||||
<Project>{aa933b9f-b5d8-4aa8-ac18-98fe1a161e8a}</Project>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
</Project>
|
|
@ -31,9 +31,6 @@
|
|||
<ClCompile Include="utilities.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="registry_helper.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="store_helper_internal.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
|
|
|
@ -1,238 +0,0 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Contains user mode registry related helper APIs.
|
||||
*/
|
||||
|
||||
#define _SILENCE_CXX17_CODECVT_HEADER_DEPRECATION_WARNING
|
||||
#include "api_common.hpp"
|
||||
#include "ebpf_registry_helper.h"
|
||||
|
||||
#include <codecvt>
|
||||
|
||||
#define GUID_STRING_LENGTH 38 // not including the null terminator.
|
||||
|
||||
static std::wstring
|
||||
_get_wstring_from_string(std::string text)
|
||||
{
|
||||
std::wstring_convert<std::codecvt_utf8_utf16<wchar_t>> converter;
|
||||
std::wstring wide = converter.from_bytes(text);
|
||||
|
||||
return wide;
|
||||
}
|
||||
|
||||
void
|
||||
close_registry_key(ebpf_registry_key_t key)
|
||||
{
|
||||
ebpf_assert(key);
|
||||
RegCloseKey(key);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_binary(
|
||||
ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _In_reads_(value_size) uint8_t* value, size_t value_size)
|
||||
{
|
||||
ebpf_assert(value_name);
|
||||
ebpf_assert(value);
|
||||
|
||||
return RegSetValueEx(key, value_name, 0, REG_BINARY, value, (unsigned long)value_size);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_wide_string(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const wchar_t* value)
|
||||
{
|
||||
ebpf_assert(value_name);
|
||||
ebpf_assert(value);
|
||||
|
||||
auto length = (wcslen(value) + 1) * sizeof(wchar_t);
|
||||
return RegSetValueEx(key, value_name, 0, REG_SZ, (uint8_t*)value, (unsigned long)length);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_ansi_string(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value)
|
||||
{
|
||||
uint32_t result;
|
||||
try {
|
||||
auto wide_string = _get_wstring_from_string(value);
|
||||
result = write_registry_value_wide_string(key, value_name, wide_string.c_str());
|
||||
} catch (...) {
|
||||
result = ERROR_NOT_ENOUGH_MEMORY;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_dword(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, uint32_t value)
|
||||
{
|
||||
ebpf_assert(key);
|
||||
return RegSetValueEx(key, value_name, 0, REG_DWORD, (PBYTE)&value, sizeof(value));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
create_registry_key(
|
||||
ebpf_registry_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key)
|
||||
{
|
||||
*key = nullptr;
|
||||
if (root_key == nullptr) {
|
||||
return ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
return RegCreateKeyEx(root_key, sub_key, 0, nullptr, 0, flags, nullptr, key, nullptr);
|
||||
}
|
||||
|
||||
_Success_(return == ERROR_SUCCESS) uint32_t open_registry_key(
|
||||
ebpf_registry_key_t root_key, _In_opt_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key)
|
||||
{
|
||||
ebpf_assert(root_key != nullptr);
|
||||
_Analysis_assume_(root_key != nullptr);
|
||||
|
||||
return RegOpenKeyEx(root_key, sub_key, 0, flags, key);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
delete_registry_key(ebpf_registry_key_t root_key, _In_z_ const wchar_t* sub_key)
|
||||
{
|
||||
return RegDeleteKeyEx(root_key, sub_key, 0, 0);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
delete_registry_tree(ebpf_registry_key_t root_key, _In_opt_z_ const wchar_t* sub_key)
|
||||
{
|
||||
return RegDeleteTree(root_key, sub_key);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
create_registry_key_ansi(
|
||||
ebpf_registry_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key)
|
||||
{
|
||||
uint32_t result;
|
||||
try {
|
||||
auto wide_string = _get_wstring_from_string(sub_key);
|
||||
result = create_registry_key(root_key, wide_string.c_str(), flags, key);
|
||||
} catch (...) {
|
||||
result = ERROR_NOT_ENOUGH_MEMORY;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
read_registry_value_string(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _Outptr_result_z_ wchar_t** value)
|
||||
{
|
||||
uint32_t status = ERROR_SUCCESS;
|
||||
unsigned long type = REG_SZ;
|
||||
unsigned long value_size = 0;
|
||||
wchar_t* string_value = nullptr;
|
||||
|
||||
*value = nullptr;
|
||||
status = RegQueryValueEx(key, value_name, 0, &type, nullptr, &value_size);
|
||||
if (status != ERROR_SUCCESS || type != REG_SZ) {
|
||||
if (type != REG_SZ) {
|
||||
status = ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
string_value = (wchar_t*)ebpf_allocate((value_size + sizeof(wchar_t)));
|
||||
if (string_value == nullptr) {
|
||||
return ERROR_NOT_ENOUGH_MEMORY;
|
||||
}
|
||||
|
||||
memset(string_value, 0, value_size + sizeof(wchar_t));
|
||||
status = RegQueryValueEx(key, value_name, 0, &type, (PBYTE)string_value, &value_size);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
*value = string_value;
|
||||
string_value = nullptr;
|
||||
|
||||
Exit:
|
||||
if (string_value) {
|
||||
ebpf_free(string_value);
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
read_registry_value_dword(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _Out_ uint32_t* value)
|
||||
{
|
||||
unsigned long type = REG_QWORD;
|
||||
unsigned long value_size = sizeof(uint32_t);
|
||||
return RegQueryValueEx(key, value_name, 0, &type, (PBYTE)value, &value_size);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
read_registry_value_binary(
|
||||
ebpf_registry_key_t key,
|
||||
_In_z_ const wchar_t* value_name,
|
||||
_Out_writes_(value_size) uint8_t* value,
|
||||
size_t value_size)
|
||||
{
|
||||
uint32_t status = NO_ERROR;
|
||||
unsigned long type = REG_BINARY;
|
||||
unsigned long local_value_size = (unsigned long)value_size;
|
||||
|
||||
status = RegQueryValueEx(key, value_name, 0, &type, value, &local_value_size);
|
||||
if (status != ERROR_SUCCESS || type != REG_BINARY || local_value_size != value_size) {
|
||||
if (status != ERROR_SUCCESS) {
|
||||
status = ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
Exit:
|
||||
return status;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
convert_guid_to_string(_In_ const GUID* guid, _Out_writes_all_(string_size) wchar_t* string, size_t string_size)
|
||||
{
|
||||
uint32_t status = ERROR_SUCCESS;
|
||||
wchar_t* value_name = nullptr;
|
||||
|
||||
try {
|
||||
if (string_size < GUID_STRING_LENGTH + 1) {
|
||||
return ERROR_INSUFFICIENT_BUFFER;
|
||||
}
|
||||
|
||||
// Convert program type GUID to string.
|
||||
RPC_STATUS rpc_status = UuidToString(guid, (RPC_WSTR*)&value_name);
|
||||
if (rpc_status != RPC_S_OK) {
|
||||
return ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
std::wstring value_name_string(value_name);
|
||||
|
||||
// UuidToString returns string without braces. Add braces to the resulting string.
|
||||
value_name_string = L"{" + value_name_string + L"}";
|
||||
|
||||
// Copy the buffer to the output string.
|
||||
memcpy(string, value_name_string.c_str(), GUID_STRING_LENGTH * 2);
|
||||
string[GUID_STRING_LENGTH] = L'\0';
|
||||
} catch (...) {
|
||||
status = ERROR_NOT_ENOUGH_MEMORY;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_registry_result_t
|
||||
convert_string_to_guid(_In_z_ const wchar_t* string, _Out_ GUID* guid)
|
||||
{
|
||||
uint32_t status = ERROR_SUCCESS;
|
||||
|
||||
// The UUID string read from registry also contains the opening and closing braces.
|
||||
// Remove those before converting to UUID.
|
||||
wchar_t truncated_string[GUID_STRING_LENGTH + 1] = {0};
|
||||
memcpy(truncated_string, string + 1, (wcslen(string) - 2) * sizeof(wchar_t));
|
||||
// Convert program type string to GUID
|
||||
auto rpc_status = UuidFromString((RPC_WSTR)truncated_string, guid);
|
||||
if (rpc_status != RPC_S_OK) {
|
||||
status = ERROR_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
|
@ -1,28 +1,29 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "ebpf_registry_helper.h"
|
||||
#include "..\libs\store_helper\user\ebpf_registry_helper.h"
|
||||
#include "ebpf_program_attach_type_guids.h"
|
||||
#include "ebpf_serialize.h"
|
||||
#include "ebpf_store_helper.h"
|
||||
#include "ebpf_utilities.h"
|
||||
#include "store_helper_internal.h"
|
||||
#include "utilities.hpp"
|
||||
|
||||
ebpf_registry_key_t root_registry_key_current_user = HKEY_CURRENT_USER;
|
||||
ebpf_registry_key_t root_registry_key_local_machine = HKEY_LOCAL_MACHINE;
|
||||
// TODO: Issue #1231 Change to using HKEY_LOCAL_MACHINE
|
||||
ebpf_registry_key_t ebpf_root_registry_key = HKEY_CURRENT_USER;
|
||||
ebpf_store_key_t root_registry_key_current_user = HKEY_CURRENT_USER;
|
||||
ebpf_store_key_t root_registry_key_local_machine = HKEY_LOCAL_MACHINE;
|
||||
|
||||
static uint32_t
|
||||
_open_ebpf_store_key(_Out_ ebpf_registry_key_t* store_key)
|
||||
static ebpf_result_t
|
||||
_open_ebpf_store_key(_Out_ ebpf_store_key_t* store_key)
|
||||
{
|
||||
// Open root registry path.
|
||||
*store_key = nullptr;
|
||||
|
||||
// First try to open the HKCU registry key.
|
||||
uint32_t result = open_registry_key(root_registry_key_current_user, EBPF_STORE_REGISTRY_PATH, KEY_READ, store_key);
|
||||
ebpf_result_t result =
|
||||
ebpf_open_registry_key(root_registry_key_current_user, EBPF_STORE_REGISTRY_PATH, KEY_READ, store_key);
|
||||
if (result != ERROR_SUCCESS) {
|
||||
// Failed to open ebpf store path in HKCU. Fall back to HKLM.
|
||||
result = open_registry_key(root_registry_key_local_machine, EBPF_STORE_REGISTRY_PATH, KEY_READ, store_key);
|
||||
result = ebpf_open_registry_key(root_registry_key_local_machine, EBPF_STORE_REGISTRY_PATH, KEY_READ, store_key);
|
||||
}
|
||||
|
||||
return result;
|
||||
|
@ -51,7 +52,7 @@ _load_helper_prototype(
|
|||
size_t expected_size = sizeof(helper_prototype->helper_id) + sizeof(helper_prototype->return_type) +
|
||||
sizeof(helper_prototype->arguments);
|
||||
|
||||
status = read_registry_value_binary(
|
||||
status = ebpf_read_registry_value_binary(
|
||||
helper_info_key, EBPF_HELPER_DATA_PROTOTYPE, (uint8_t*)serialized_data, expected_size);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
|
@ -81,7 +82,7 @@ _load_helper_prototype(
|
|||
|
||||
Exit:
|
||||
if (helper_info_key) {
|
||||
close_registry_key(helper_info_key);
|
||||
ebpf_close_registry_key(static_cast<ebpf_store_key_t>(helper_info_key));
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
@ -108,8 +109,9 @@ _load_program_data_information(
|
|||
*program_info = nullptr;
|
||||
|
||||
try {
|
||||
status = open_registry_key(program_data_key, program_type_string, KEY_READ, &program_info_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = ebpf_open_registry_key(
|
||||
program_data_key, program_type_string, KEY_READ, (ebpf_store_key_t*)&program_info_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
// Registry path is not present.
|
||||
result = EBPF_FILE_NOT_FOUND;
|
||||
goto Exit;
|
||||
|
@ -121,16 +123,14 @@ _load_program_data_information(
|
|||
goto Exit;
|
||||
}
|
||||
|
||||
status = convert_string_to_guid(program_type_string, program_type);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_convert_string_to_guid(program_type_string, program_type);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Read the friendly program type name.
|
||||
status = read_registry_value_string(program_info_key, EBPF_PROGRAM_DATA_NAME, &program_type_name);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_read_registry_value_string(program_info_key, EBPF_PROGRAM_DATA_NAME, &program_type_name);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
|
@ -140,38 +140,36 @@ _load_program_data_information(
|
|||
result = EBPF_NO_MEMORY;
|
||||
goto Exit;
|
||||
}
|
||||
status = read_registry_value_binary(
|
||||
result = ebpf_read_registry_value_binary(
|
||||
program_info_key,
|
||||
EBPF_PROGRAM_DATA_CONTEXT_DESCRIPTOR,
|
||||
(uint8_t*)descriptor,
|
||||
sizeof(ebpf_context_descriptor_t));
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Read "is_privileged".
|
||||
status = read_registry_value_dword(program_info_key, EBPF_PROGRAM_DATA_PRIVILEGED, &is_privileged);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_read_registry_value_dword(program_info_key, EBPF_PROGRAM_DATA_PRIVILEGED, &is_privileged);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Read bpf program type.
|
||||
status = read_registry_value_dword(program_info_key, EBPF_DATA_BPF_PROG_TYPE, &bpf_program_type);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_read_registry_value_dword(program_info_key, EBPF_DATA_BPF_PROG_TYPE, &bpf_program_type);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Read helper count.
|
||||
status = read_registry_value_dword(program_info_key, EBPF_PROGRAM_DATA_HELPER_COUNT, &helper_count);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_read_registry_value_dword(program_info_key, EBPF_PROGRAM_DATA_HELPER_COUNT, &helper_count);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
auto program_type_name_string = ebpf_down_cast_from_wstring(std::wstring(program_type_name));
|
||||
auto program_type_name_string = (program_type_name != nullptr)
|
||||
? ebpf_down_cast_from_wstring(std::wstring(program_type_name))
|
||||
: ebpf_down_cast_from_wstring(std::wstring(L""));
|
||||
|
||||
program_information = (ebpf_program_info_t*)ebpf_allocate(sizeof(ebpf_program_info_t));
|
||||
if (program_information == nullptr) {
|
||||
|
@ -279,13 +277,13 @@ Exit:
|
|||
ebpf_program_info_free(program_information);
|
||||
}
|
||||
if (program_info_key) {
|
||||
close_registry_key(program_info_key);
|
||||
ebpf_close_registry_key(program_info_key);
|
||||
}
|
||||
ebpf_free(program_type_name);
|
||||
ebpf_free(program_type);
|
||||
|
||||
if (helper_key) {
|
||||
close_registry_key(helper_key);
|
||||
ebpf_close_registry_key(helper_key);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
@ -301,27 +299,26 @@ ebpf_store_load_program_information(
|
|||
wchar_t program_type_key[GUID_STRING_LENGTH + 1];
|
||||
unsigned long key_size = 0;
|
||||
uint32_t index = 0;
|
||||
ebpf_registry_key_t store_key = nullptr;
|
||||
ebpf_store_key_t store_key = nullptr;
|
||||
std::vector<ebpf_program_info_t*> program_info_array;
|
||||
|
||||
*program_info = nullptr;
|
||||
*program_info_count = 0;
|
||||
|
||||
status = _open_ebpf_store_key(&store_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status != ERROR_FILE_NOT_FOUND) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
result = _open_ebpf_store_key(&store_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open program data registry path.
|
||||
status = open_registry_key(store_key, EBPF_PROGRAM_DATA_REGISTRY_PATH, KEY_READ, &program_data_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status != ERROR_FILE_NOT_FOUND) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
result = ebpf_open_registry_key(
|
||||
store_key, EBPF_PROGRAM_DATA_REGISTRY_PATH, KEY_READ, (ebpf_store_key_t*)&program_data_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
@ -383,7 +380,7 @@ Exit:
|
|||
}
|
||||
|
||||
if (program_data_key) {
|
||||
close_registry_key(program_data_key);
|
||||
ebpf_close_registry_key(program_data_key);
|
||||
}
|
||||
|
||||
return result;
|
||||
|
@ -395,7 +392,6 @@ _load_section_data_information(
|
|||
_In_z_ const wchar_t* section_name,
|
||||
_Outptr_ ebpf_section_definition_t** section_info) noexcept
|
||||
{
|
||||
int32_t status;
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
HKEY section_info_key = nullptr;
|
||||
ebpf_program_type_t* program_type = nullptr;
|
||||
|
@ -406,8 +402,8 @@ _load_section_data_information(
|
|||
ebpf_section_definition_t* section_information = nullptr;
|
||||
|
||||
try {
|
||||
status = open_registry_key(section_data_key, section_name, KEY_READ, §ion_info_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = ebpf_open_registry_key(section_data_key, section_name, KEY_READ, (ebpf_store_key_t*)§ion_info_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
// Registry path is not present.
|
||||
result = EBPF_FILE_NOT_FOUND;
|
||||
goto Exit;
|
||||
|
@ -426,33 +422,33 @@ _load_section_data_information(
|
|||
}
|
||||
|
||||
// Read program type.
|
||||
status = read_registry_value_binary(
|
||||
result = ebpf_read_registry_value_binary(
|
||||
section_info_key, EBPF_SECTION_DATA_PROGRAM_TYPE, (uint8_t*)program_type, sizeof(ebpf_program_type_t));
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Read attach type.
|
||||
status = read_registry_value_binary(
|
||||
result = ebpf_read_registry_value_binary(
|
||||
section_info_key, EBPF_SECTION_DATA_ATTACH_TYPE, (uint8_t*)attach_type, sizeof(ebpf_attach_type_t));
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Read bpf program type.
|
||||
status = read_registry_value_dword(section_info_key, EBPF_DATA_BPF_PROG_TYPE, (uint32_t*)&bpf_program_type);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result =
|
||||
ebpf_read_registry_value_dword(section_info_key, EBPF_DATA_BPF_PROG_TYPE, (uint32_t*)&bpf_program_type);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
bpf_program_type = BPF_PROG_TYPE_UNSPEC;
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
|
||||
// Read bpf attach type.
|
||||
status = read_registry_value_dword(section_info_key, EBPF_DATA_BPF_ATTACH_TYPE, (uint32_t*)&bpf_attach_type);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result =
|
||||
ebpf_read_registry_value_dword(section_info_key, EBPF_DATA_BPF_ATTACH_TYPE, (uint32_t*)&bpf_attach_type);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
bpf_attach_type = BPF_ATTACH_TYPE_UNSPEC;
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
|
@ -490,7 +486,7 @@ Exit:
|
|||
ebpf_free(section_information);
|
||||
}
|
||||
if (section_info_key) {
|
||||
close_registry_key(section_info_key);
|
||||
ebpf_close_registry_key(section_info_key);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
@ -506,22 +502,21 @@ ebpf_store_load_section_information(
|
|||
wchar_t section_name_key[MAX_PATH];
|
||||
unsigned long key_size = 0;
|
||||
uint32_t index = 0;
|
||||
ebpf_registry_key_t store_key = nullptr;
|
||||
ebpf_store_key_t store_key = nullptr;
|
||||
std::vector<ebpf_section_definition_t*> section_info_array;
|
||||
|
||||
*section_info = nullptr;
|
||||
*section_info_count = 0;
|
||||
|
||||
status = _open_ebpf_store_key(&store_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status != ERROR_FILE_NOT_FOUND) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
result = _open_ebpf_store_key(&store_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
status = RegOpenKeyEx(store_key, EBPF_SECTIONS_REGISTRY_PATH, 0, KEY_READ, §ion_data_key);
|
||||
status = RegOpenKeyEx(static_cast<HKEY>(store_key), EBPF_SECTIONS_REGISTRY_PATH, 0, KEY_READ, §ion_data_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status != ERROR_FILE_NOT_FOUND) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
|
@ -587,7 +582,7 @@ Exit:
|
|||
}
|
||||
}
|
||||
if (section_data_key) {
|
||||
close_registry_key(section_data_key);
|
||||
ebpf_close_registry_key(section_data_key);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
@ -606,26 +601,25 @@ ebpf_store_load_global_helper_information(
|
|||
uint32_t max_helpers_count = 0;
|
||||
ebpf_helper_function_prototype_t* helper_prototype = nullptr;
|
||||
uint32_t index = 0;
|
||||
ebpf_registry_key_t store_key = nullptr;
|
||||
ebpf_store_key_t store_key = nullptr;
|
||||
|
||||
*global_helper_info = nullptr;
|
||||
*global_helper_info_count = 0;
|
||||
|
||||
status = _open_ebpf_store_key(&store_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status != ERROR_FILE_NOT_FOUND) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
result = _open_ebpf_store_key(&store_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open program data registry path.
|
||||
status = open_registry_key(store_key, EBPF_GLOBAL_HELPERS_REGISTRY_PATH, KEY_READ, &global_helpers_key);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status != ERROR_FILE_NOT_FOUND) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
__analysis_assume(result != EBPF_SUCCESS);
|
||||
result = ebpf_open_registry_key(
|
||||
store_key, EBPF_GLOBAL_HELPERS_REGISTRY_PATH, KEY_READ, (ebpf_store_key_t*)&global_helpers_key);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
@ -696,7 +690,7 @@ ebpf_store_load_global_helper_information(
|
|||
|
||||
Exit:
|
||||
if (global_helpers_key) {
|
||||
close_registry_key(global_helpers_key);
|
||||
ebpf_close_registry_key(global_helpers_key);
|
||||
}
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (helper_prototype) {
|
||||
|
@ -711,47 +705,40 @@ Exit:
|
|||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_store_clear(_In_ const ebpf_registry_key_t root_key_path)
|
||||
ebpf_store_clear(_In_ const ebpf_store_key_t root_key_path)
|
||||
{
|
||||
ebpf_registry_key_t root_handle = {0};
|
||||
ebpf_registry_key_t provider_handle = {0};
|
||||
uint32_t status;
|
||||
ebpf_store_key_t root_handle = {0};
|
||||
ebpf_store_key_t provider_handle = {0};
|
||||
ebpf_result_t result = EBPF_FAILED;
|
||||
|
||||
// Open root registry key.
|
||||
status = open_registry_key(root_key_path, EBPF_ROOT_RELATIVE_PATH, REG_CREATE_FLAGS, &root_handle);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status == ERROR_FILE_NOT_FOUND) {
|
||||
result = ebpf_open_registry_key(root_key_path, EBPF_ROOT_RELATIVE_PATH, REG_CREATE_FLAGS, &root_handle);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
} else {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open "providers" registry key.
|
||||
status = open_registry_key(root_handle, EBPF_PROVIDERS_REGISTRY_PATH, REG_CREATE_FLAGS, &provider_handle);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
if (status == ERROR_FILE_NOT_FOUND) {
|
||||
result = ebpf_open_registry_key(root_handle, EBPF_PROVIDERS_REGISTRY_PATH, REG_CREATE_FLAGS, &provider_handle);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
if (result == EBPF_FILE_NOT_FOUND) {
|
||||
result = EBPF_SUCCESS;
|
||||
} else {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Delete subtree of provider reg key.
|
||||
status = delete_registry_tree(provider_handle, NULL);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_delete_registry_tree(provider_handle, NULL);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
close_registry_key(provider_handle);
|
||||
ebpf_close_registry_key(provider_handle);
|
||||
provider_handle = nullptr;
|
||||
|
||||
status = delete_registry_key(root_handle, EBPF_PROVIDERS_REGISTRY_PATH);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
result = win32_error_code_to_ebpf_result(status);
|
||||
result = ebpf_delete_registry_key(root_handle, EBPF_PROVIDERS_REGISTRY_PATH);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
|
@ -759,10 +746,10 @@ ebpf_store_clear(_In_ const ebpf_registry_key_t root_key_path)
|
|||
|
||||
Exit:
|
||||
if (provider_handle) {
|
||||
close_registry_key(provider_handle);
|
||||
ebpf_close_registry_key(provider_handle);
|
||||
}
|
||||
if (root_handle) {
|
||||
close_registry_key(root_handle);
|
||||
ebpf_close_registry_key(root_handle);
|
||||
}
|
||||
|
||||
return result;
|
||||
|
|
|
@ -21,4 +21,4 @@ ebpf_store_load_global_helper_information(
|
|||
_Out_ uint32_t* global_helper_info_count);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_store_clear(_In_ const ebpf_registry_key_t root_key_path);
|
||||
ebpf_store_clear(_In_ const ebpf_store_key_t root_key_path);
|
|
@ -8,8 +8,8 @@
|
|||
#include "ebpf_api.h"
|
||||
#include "ebpf_nethooks.h"
|
||||
#include "ebpf_protocol.h"
|
||||
#include "ebpf_registry_helper.h"
|
||||
#include "ebpf_serialize.h"
|
||||
#include "ebpf_store_helper.h"
|
||||
#include "ebpf_tracelog.h"
|
||||
#include "helpers.hpp"
|
||||
#include "map_descriptors.hpp"
|
||||
|
|
|
@ -332,7 +332,7 @@ _Must_inspect_result_ ebpf_result_t
|
|||
ebpf_update_global_helpers(
|
||||
_In_reads_(helper_info_count) ebpf_helper_function_prototype_t* helper_info, uint32_t helper_info_count)
|
||||
{
|
||||
NTSTATUS status = _ebpf_store_update_global_helper_information(helper_info, helper_info_count);
|
||||
NTSTATUS status = ebpf_store_update_global_helper_information(helper_info, helper_info_count);
|
||||
ebpf_result_t result = NT_SUCCESS(status) ? EBPF_SUCCESS : EBPF_FAILED;
|
||||
|
||||
return result;
|
||||
|
|
|
@ -64,6 +64,11 @@
|
|||
<ClInclude Include="stdbool.h" />
|
||||
<ClInclude Include="stdint.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\..\store_helper\kernel\ebpf_store_helper_km.vcxproj">
|
||||
<Project>{3569e946-c8b4-49ee-a89d-edd09dc9f36e}</Project>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<ProjectGuid>{FC3F9998-4085-4767-8386-5453F07C3AAD}</ProjectGuid>
|
||||
<TemplateGuid>{0a049372-4c4d-4ea0-a64e-dc6ad88ceca1}</TemplateGuid>
|
||||
|
@ -119,23 +124,35 @@
|
|||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions);_KRPCENV_;_NO_CRT_STDIO_INLINE=1</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;_KRPCENV_;_NO_CRT_STDIO_INLINE=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\execution_context;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\kernel;$(SolutionDir)libs\epoch;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)include\kernel;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
<Midl>
|
||||
<PreprocessorDefinitions>_KRPCENV_;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
</Midl>
|
||||
<Lib>
|
||||
<AdditionalLibraryDirectories>$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Lib>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;_KRPCENV_;%(PreprocessorDefinitions);_NO_CRT_STDIO_INLINE=1</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;_KRPCENV_;_NO_CRT_STDIO_INLINE=1;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\execution_context;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\kernel;$(SolutionDir)libs\epoch;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)include\kernel;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
<Midl>
|
||||
<PreprocessorDefinitions>_KRPCENV_;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
</Midl>
|
||||
<Lib>
|
||||
<AdditionalLibraryDirectories>$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Lib>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">
|
||||
<ClCompile>
|
||||
|
|
|
@ -4,11 +4,11 @@
|
|||
#pragma once
|
||||
|
||||
#include "..\..\..\external\usersim\src\framework.h"
|
||||
#include "usersim/ex.h"
|
||||
#include "usersim/ke.h"
|
||||
#include "usersim/ps.h"
|
||||
#include "usersim/rtl.h"
|
||||
#include "usersim/se.h"
|
||||
#include "usersim\ex.h"
|
||||
#include "usersim\ke.h"
|
||||
#include "usersim\ps.h"
|
||||
#include "usersim\rtl.h"
|
||||
#include "usersim\se.h"
|
||||
|
||||
#ifdef _DEBUG
|
||||
#define ebpf_assert(x) assert(x)
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
# Copyright (c) Microsoft Corporation
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
add_subdirectory("kernel")
|
||||
add_subdirectory("user")
|
|
@ -0,0 +1,311 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "ebpf_program_types.h"
|
||||
#include "ebpf_registry_helper.h"
|
||||
#include "ebpf_store_helper.h"
|
||||
#include "ebpf_windows.h"
|
||||
|
||||
#define IS_SUCCESS(x) (x == EBPF_SUCCESS)
|
||||
|
||||
static ebpf_result_t
|
||||
_ebpf_store_open_or_create_provider_registry_key(_Out_ ebpf_store_key_t* provider_key)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
ebpf_store_key_t root_key = NULL;
|
||||
*provider_key = NULL;
|
||||
|
||||
// Open (or create) root eBPF registry path.
|
||||
result = ebpf_create_registry_key(ebpf_store_root_key, ebpf_store_root_sub_key, REG_CREATE_FLAGS, &root_key);
|
||||
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) program data registry path.
|
||||
result = ebpf_create_registry_key(root_key, EBPF_PROVIDERS_REGISTRY_PATH, REG_CREATE_FLAGS, provider_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
Exit:
|
||||
ebpf_close_registry_key(root_key);
|
||||
return result;
|
||||
}
|
||||
|
||||
ebpf_result_t
|
||||
ebpf_store_update_helper_prototype(
|
||||
ebpf_store_key_t helper_info_key, _In_ const ebpf_helper_function_prototype_t* helper_info)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
uint32_t offset;
|
||||
ebpf_store_key_t helper_function_key = NULL;
|
||||
char serialized_data[sizeof(ebpf_helper_function_prototype_t)] = {0};
|
||||
|
||||
result = ebpf_create_registry_key_ansi(helper_info_key, helper_info->name, REG_CREATE_FLAGS, &helper_function_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Serialize the helper prototype.
|
||||
offset = 0;
|
||||
memcpy(serialized_data, &helper_info->helper_id, sizeof(helper_info->helper_id));
|
||||
offset += sizeof(helper_info->helper_id);
|
||||
|
||||
memcpy(serialized_data + offset, &helper_info->return_type, sizeof(helper_info->return_type));
|
||||
offset += sizeof(helper_info->return_type);
|
||||
|
||||
memcpy(serialized_data + offset, helper_info->arguments, sizeof(helper_info->arguments));
|
||||
offset += sizeof(helper_info->arguments);
|
||||
|
||||
// Save the helper prototype data.
|
||||
result = ebpf_write_registry_value_binary(
|
||||
helper_function_key, EBPF_HELPER_DATA_PROTOTYPE, (uint8_t*)&serialized_data[0], offset);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
Exit:
|
||||
ebpf_close_registry_key(helper_function_key);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
ebpf_result_t
|
||||
ebpf_store_update_global_helper_information(
|
||||
_In_reads_(helper_info_count) ebpf_helper_function_prototype_t* helper_info, uint32_t helper_info_count)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
ebpf_store_key_t provider_key = NULL;
|
||||
ebpf_store_key_t helper_info_key = NULL;
|
||||
|
||||
if (helper_info_count == 0) {
|
||||
return result;
|
||||
}
|
||||
|
||||
// Open (or create) provider registry path.
|
||||
result = _ebpf_store_open_or_create_provider_registry_key(&provider_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) global helpers registry path.
|
||||
result =
|
||||
ebpf_create_registry_key(provider_key, EBPF_GLOBAL_HELPERS_REGISTRY_PATH, REG_CREATE_FLAGS, &helper_info_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < helper_info_count; i++) {
|
||||
|
||||
result = ebpf_store_update_helper_prototype(helper_info_key, &helper_info[i]);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
}
|
||||
|
||||
Exit:
|
||||
ebpf_close_registry_key(helper_info_key);
|
||||
ebpf_close_registry_key(provider_key);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
ebpf_result_t
|
||||
ebpf_store_update_section_information(
|
||||
_In_reads_(section_info_count) const ebpf_program_section_info_t* section_info, uint32_t section_info_count)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
ebpf_store_key_t provider_key = NULL;
|
||||
ebpf_store_key_t section_info_key = NULL;
|
||||
|
||||
if (section_info_count == 0) {
|
||||
return result;
|
||||
}
|
||||
|
||||
// Open (or create) provider registry path.
|
||||
result = _ebpf_store_open_or_create_provider_registry_key(&provider_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) section data key.
|
||||
result = ebpf_create_registry_key(provider_key, EBPF_SECTIONS_REGISTRY_PATH, REG_CREATE_FLAGS, §ion_info_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < section_info_count; i++) {
|
||||
ebpf_store_key_t section_key = NULL;
|
||||
|
||||
// Open or create the registry path.
|
||||
result =
|
||||
ebpf_create_registry_key(section_info_key, section_info[i].section_name, REG_CREATE_FLAGS, §ion_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save program type.
|
||||
result = ebpf_write_registry_value_binary(
|
||||
section_key,
|
||||
EBPF_SECTION_DATA_PROGRAM_TYPE,
|
||||
(uint8_t*)section_info[i].program_type,
|
||||
sizeof(ebpf_program_type_t));
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save attach type.
|
||||
result = ebpf_write_registry_value_binary(
|
||||
section_key,
|
||||
EBPF_SECTION_DATA_ATTACH_TYPE,
|
||||
(uint8_t*)section_info[i].attach_type,
|
||||
sizeof(ebpf_attach_type_t));
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save bpf_prog_type.
|
||||
result =
|
||||
ebpf_write_registry_value_dword(section_key, EBPF_DATA_BPF_PROG_TYPE, section_info[i].bpf_program_type);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save bpf_attach_type.
|
||||
result =
|
||||
ebpf_write_registry_value_dword(section_key, EBPF_DATA_BPF_ATTACH_TYPE, section_info[i].bpf_attach_type);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(section_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
ebpf_close_registry_key(section_key);
|
||||
}
|
||||
|
||||
Exit:
|
||||
ebpf_close_registry_key(section_info_key);
|
||||
ebpf_close_registry_key(provider_key);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
ebpf_result_t
|
||||
ebpf_store_update_program_information(
|
||||
_In_reads_(program_info_count) const ebpf_program_info_t* program_info, uint32_t program_info_count)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
ebpf_store_key_t provider_key = NULL;
|
||||
ebpf_store_key_t program_info_key = NULL;
|
||||
|
||||
if (program_info_count == 0) {
|
||||
return result;
|
||||
}
|
||||
|
||||
// Open (or create) provider registry path.
|
||||
result = _ebpf_store_open_or_create_provider_registry_key(&provider_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Open (or create) program data registry path.
|
||||
result =
|
||||
ebpf_create_registry_key(provider_key, EBPF_PROGRAM_DATA_REGISTRY_PATH, REG_CREATE_FLAGS, &program_info_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
for (uint32_t i = 0; i < program_info_count; i++) {
|
||||
ebpf_store_key_t program_key = {0};
|
||||
ebpf_store_key_t helper_info_key = {0};
|
||||
|
||||
// Convert program type GUID to string.
|
||||
wchar_t guid_string[GUID_STRING_LENGTH + 1];
|
||||
result = ebpf_convert_guid_to_string(
|
||||
&program_info[i].program_type_descriptor.program_type, guid_string, GUID_STRING_LENGTH + 1);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
return result;
|
||||
}
|
||||
|
||||
result = ebpf_create_registry_key(program_info_key, guid_string, REG_CREATE_FLAGS, &program_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save the friendly program type name.
|
||||
result = ebpf_write_registry_value_ansi_string(
|
||||
program_key, EBPF_PROGRAM_DATA_NAME, program_info[i].program_type_descriptor.name);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save context descriptor.
|
||||
result = ebpf_write_registry_value_binary(
|
||||
program_key,
|
||||
EBPF_PROGRAM_DATA_CONTEXT_DESCRIPTOR,
|
||||
(uint8_t*)program_info[i].program_type_descriptor.context_descriptor,
|
||||
sizeof(ebpf_context_descriptor_t));
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save bpf_prog_type.
|
||||
result = ebpf_write_registry_value_dword(
|
||||
program_key, EBPF_DATA_BPF_PROG_TYPE, program_info[i].program_type_descriptor.bpf_prog_type);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save "is_privileged".
|
||||
result = ebpf_write_registry_value_dword(
|
||||
program_key, EBPF_PROGRAM_DATA_PRIVILEGED, program_info[i].program_type_descriptor.is_privileged);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Save helper count.
|
||||
result = ebpf_write_registry_value_dword(
|
||||
program_key, EBPF_PROGRAM_DATA_HELPER_COUNT, program_info[i].count_of_program_type_specific_helpers);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
if (program_info[i].count_of_program_type_specific_helpers != 0) {
|
||||
// Create (or open) helper registry path.
|
||||
result = ebpf_create_registry_key(
|
||||
program_key, EBPF_PROGRAM_DATA_HELPERS_REGISTRY_PATH, REG_CREATE_FLAGS, &helper_info_key);
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
// Iterate over all the helper prototypes and save in registry.
|
||||
for (uint32_t count = 0; count < program_info[i].count_of_program_type_specific_helpers; count++) {
|
||||
result = ebpf_store_update_helper_prototype(
|
||||
helper_info_key, &(program_info[i].program_type_specific_helper_prototype[count]));
|
||||
if (!IS_SUCCESS(result)) {
|
||||
ebpf_close_registry_key(program_key);
|
||||
ebpf_close_registry_key(helper_info_key);
|
||||
goto Exit;
|
||||
}
|
||||
}
|
||||
|
||||
ebpf_close_registry_key(helper_info_key);
|
||||
}
|
||||
ebpf_close_registry_key(program_key);
|
||||
}
|
||||
|
||||
Exit:
|
||||
ebpf_close_registry_key(program_info_key);
|
||||
ebpf_close_registry_key(provider_key);
|
||||
|
||||
return result;
|
||||
}
|
|
@ -0,0 +1,35 @@
|
|||
# Copyright (c) Microsoft Corporation
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
list(APPEND CMAKE_MODULE_PATH
|
||||
"${CMAKE_SOURCE_DIR}/external/usersim/external/FindWDK/cmake"
|
||||
)
|
||||
find_package(WDK REQUIRED)
|
||||
|
||||
wdk_add_library("ebpf_store_helper_km" STATIC WINVER "${EBPFFORWINDOWS_WDK_WINVER}"
|
||||
ebpf_registry_helper.c
|
||||
../ebpf_store_helper.c
|
||||
)
|
||||
|
||||
target_link_directories("ebpf_store_helper_km" PRIVATE
|
||||
"${WDK_ROOT}/Lib/${WDK_VERSION}/km/x64"
|
||||
)
|
||||
|
||||
target_include_directories("ebpf_store_helper_km" PRIVATE
|
||||
"${CMAKE_SOURCE_DIR}/include"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/external/ebpf-verifier/src"
|
||||
)
|
||||
|
||||
target_compile_definitions("ebpf_store_helper_km" PRIVATE
|
||||
WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP
|
||||
WINAPI_PARTITION_DESKTOP=1
|
||||
WINAPI_PARTITION_SYSTEM=1
|
||||
WINAPI_PARTITION_APP=1
|
||||
WINAPI_PARTITION_PC_APP=1
|
||||
_KRPCENV_
|
||||
_NO_CRT_STDIO_INLINE=1
|
||||
)
|
|
@ -1,39 +1,31 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#pragma once
|
||||
/**
|
||||
* @file
|
||||
* @brief Contains kernel mode registry related helper APIs.
|
||||
*/
|
||||
|
||||
#include "framework.h"
|
||||
#include "ebpf_registry_helper.h"
|
||||
|
||||
#define __return_type NTSTATUS
|
||||
#define _SUCCESS STATUS_SUCCESS
|
||||
#define IS_SUCCESS(x) (NT_SUCCESS(x))
|
||||
#define _EBPF_RESULT(x) (NT_SUCCESS(x) ? EBPF_SUCCESS : EBPF_FAILED)
|
||||
|
||||
#define REG_CREATE_FLAGS 0
|
||||
#define GUID_STRING_LENGTH 38 // not including the null terminator.
|
||||
ebpf_store_key_t ebpf_store_root_key = NULL;
|
||||
const wchar_t* ebpf_store_root_sub_key = EBPF_ROOT_REGISTRY_PATH;
|
||||
|
||||
typedef _Return_type_success_(NT_SUCCESS(return )) uint32_t ebpf_registry_result_t;
|
||||
|
||||
typedef HANDLE ebpf_registry_key_t;
|
||||
|
||||
static void
|
||||
close_registry_key(ebpf_registry_key_t key)
|
||||
{
|
||||
ZwClose(key);
|
||||
}
|
||||
|
||||
static NTSTATUS
|
||||
convert_guid_to_string(_In_ const GUID* guid, _Out_writes_all_(string_length) wchar_t* string, size_t string_length)
|
||||
ebpf_result_t
|
||||
ebpf_convert_guid_to_string(
|
||||
_In_ const GUID* guid, _Out_writes_all_(string_length) wchar_t* string, size_t string_length)
|
||||
{
|
||||
UNICODE_STRING unicode_string = {0};
|
||||
|
||||
NTSTATUS status = RtlStringFromGUID(guid, &unicode_string);
|
||||
if (status != STATUS_SUCCESS) {
|
||||
ebpf_result_t result = _EBPF_RESULT(RtlStringFromGUID(guid, &unicode_string));
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
if (string_length < GUID_STRING_LENGTH + 1) {
|
||||
status = STATUS_BUFFER_TOO_SMALL;
|
||||
result = EBPF_INSUFFICIENT_BUFFER;
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
|
@ -48,21 +40,29 @@ Exit:
|
|||
if (unicode_string.Buffer != NULL) {
|
||||
RtlFreeUnicodeString(&unicode_string);
|
||||
}
|
||||
return status;
|
||||
return result;
|
||||
}
|
||||
|
||||
static _Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_binary(
|
||||
ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _In_reads_(value_size) uint8_t* value, size_t value_size)
|
||||
void
|
||||
ebpf_close_registry_key(ebpf_store_key_t key)
|
||||
{
|
||||
if (key) {
|
||||
ZwClose(key);
|
||||
}
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_binary(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_reads_(value_size) uint8_t* value, size_t value_size)
|
||||
{
|
||||
UNICODE_STRING unicode_value_name;
|
||||
|
||||
RtlInitUnicodeString(&unicode_value_name, value_name);
|
||||
return ZwSetValueKey(key, &unicode_value_name, 0, REG_BINARY, value, (ULONG)value_size);
|
||||
return _EBPF_RESULT(ZwSetValueKey(key, &unicode_value_name, 0, REG_BINARY, value, (ULONG)value_size));
|
||||
}
|
||||
|
||||
static _Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_ansi_string(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value)
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_ansi_string(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value)
|
||||
{
|
||||
NTSTATUS status;
|
||||
UNICODE_STRING unicode_value;
|
||||
|
@ -81,22 +81,21 @@ write_registry_value_ansi_string(ebpf_registry_key_t key, _In_z_ const wchar_t*
|
|||
RtlFreeUnicodeString(&unicode_value);
|
||||
|
||||
Exit:
|
||||
return status;
|
||||
return _EBPF_RESULT(status);
|
||||
}
|
||||
|
||||
static _Must_inspect_result_ ebpf_registry_result_t
|
||||
write_registry_value_dword(ebpf_registry_key_t key, _In_z_ const wchar_t* value_name, uint32_t value)
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_dword(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, uint32_t value)
|
||||
{
|
||||
UNICODE_STRING unicode_name;
|
||||
RtlInitUnicodeString(&unicode_name, value_name);
|
||||
return ZwSetValueKey(key, &unicode_name, 0, REG_DWORD, &value, sizeof(uint32_t));
|
||||
return _EBPF_RESULT(ZwSetValueKey(key, &unicode_name, 0, REG_DWORD, &value, sizeof(uint32_t)));
|
||||
}
|
||||
|
||||
static _Must_inspect_result_ ebpf_registry_result_t
|
||||
create_registry_key(
|
||||
ebpf_registry_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key)
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key(
|
||||
ebpf_store_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key)
|
||||
{
|
||||
NTSTATUS status = STATUS_SUCCESS;
|
||||
UNICODE_STRING registry_path;
|
||||
OBJECT_ATTRIBUTES object_attributes = {0};
|
||||
|
||||
|
@ -106,14 +105,12 @@ create_registry_key(
|
|||
InitializeObjectAttributes(
|
||||
&object_attributes, ®istry_path, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE, root_key, NULL);
|
||||
|
||||
status = ZwCreateKey(key, KEY_WRITE, &object_attributes, 0, NULL, REG_OPTION_NON_VOLATILE, NULL);
|
||||
|
||||
return status;
|
||||
return _EBPF_RESULT(ZwCreateKey(key, KEY_WRITE, &object_attributes, 0, NULL, REG_OPTION_NON_VOLATILE, NULL));
|
||||
}
|
||||
|
||||
static _Must_inspect_result_ ebpf_registry_result_t
|
||||
create_registry_key_ansi(
|
||||
ebpf_registry_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_registry_key_t* key)
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key_ansi(
|
||||
ebpf_store_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key)
|
||||
{
|
||||
NTSTATUS status = STATUS_SUCCESS;
|
||||
UNICODE_STRING registry_path;
|
||||
|
@ -136,5 +133,5 @@ create_registry_key_ansi(
|
|||
RtlFreeUnicodeString(®istry_path);
|
||||
|
||||
Exit:
|
||||
return status;
|
||||
return _EBPF_RESULT(status);
|
||||
}
|
|
@ -0,0 +1,33 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#pragma once
|
||||
|
||||
#include "ebpf_store_helper.h"
|
||||
|
||||
#define REG_CREATE_FLAGS 0
|
||||
|
||||
ebpf_result_t
|
||||
ebpf_convert_guid_to_string(
|
||||
_In_ const GUID* guid, _Out_writes_all_(string_length) wchar_t* string, size_t string_length);
|
||||
|
||||
void
|
||||
ebpf_close_registry_key(ebpf_store_key_t key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_binary(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_reads_(value_size) uint8_t* value, size_t value_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_ansi_string(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_dword(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, uint32_t value);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key(
|
||||
ebpf_store_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key_ansi(
|
||||
ebpf_store_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key);
|
|
@ -0,0 +1,168 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
Copyright (c) Microsoft Corporation
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup Label="ProjectConfigurations">
|
||||
<ProjectConfiguration Include="Debug|x64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="NativeOnlyDebug|x64">
|
||||
<Configuration>NativeOnlyDebug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="NativeOnlyRelease|x64">
|
||||
<Configuration>NativeOnlyRelease</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|x64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<ProjectGuid>{3569e946-c8b4-49ee-a89d-edd09dc9f36e}</ProjectGuid>
|
||||
<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform Condition="'$(Platform)' == ''">Win32</Platform>
|
||||
<DriverType>KMDF</DriverType>
|
||||
<RootNamespace>store_helper_km</RootNamespace>
|
||||
<ProjectName>ebpf_store_helper_km</ProjectName>
|
||||
<WindowsTargetPlatformVersion>$(LatestTargetPlatformVersion)</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<ConfigurationType>StaticLibrary</ConfigurationType>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
<EnableASAN>false</EnableASAN>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<ConfigurationType>StaticLibrary</ConfigurationType>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
<EnableASAN>false</EnableASAN>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<ConfigurationType>StaticLibrary</ConfigurationType>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
<EnableASAN>false</EnableASAN>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
|
||||
<DriverTargetPlatform>Universal</DriverTargetPlatform>
|
||||
<ConfigurationType>StaticLibrary</ConfigurationType>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
<EnableASAN>false</EnableASAN>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\include;$(SolutionDir)\libs\store_helper\kernel;$(SolutionDir)\libs\platform\kernel;$(SolutionDir)\external\ebpf-verifier\src</IncludePath>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\include;$(SolutionDir)\libs\store_helper\kernel;$(SolutionDir)\libs\platform\kernel;$(SolutionDir)\external\ebpf-verifier\src</IncludePath>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\include;$(SolutionDir)\libs\store_helper\kernel;$(SolutionDir)\libs\platform\kernel;$(SolutionDir)\external\ebpf-verifier\src</IncludePath>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\include;$(SolutionDir)\libs\store_helper\kernel;$(SolutionDir)\libs\platform\kernel;$(SolutionDir)\external\ebpf-verifier\src</IncludePath>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem />
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>
|
||||
</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem />
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem>
|
||||
</SubSystem>
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="..\..\..\include\ebpf_store_helper.h" />
|
||||
<ClInclude Include="ebpf_registry_helper.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\ebpf_store_helper.c" />
|
||||
<ClCompile Include="ebpf_registry_helper.c" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
|
@ -0,0 +1,31 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
Copyright (c) Microsoft Corporation
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Filter Include="Header Files">
|
||||
<UniqueIdentifier>{f18f64a4-4935-458c-b74d-6e4b7b62cf98}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Source Files">
|
||||
<UniqueIdentifier>{96641f48-dc1b-4f88-bf4e-bc8f00152973}</UniqueIdentifier>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="..\..\..\include\ebpf_store_helper.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="ebpf_registry_helper.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="ebpf_registry_helper.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\ebpf_store_helper.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -0,0 +1,25 @@
|
|||
# Copyright (c) Microsoft Corporation
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
add_library("ebpf_store_helper_um" STATIC
|
||||
ebpf_registry_helper.cpp
|
||||
../ebpf_store_helper.c
|
||||
)
|
||||
|
||||
target_include_directories("ebpf_store_helper_um" PRIVATE
|
||||
"${CMAKE_SOURCE_DIR}/include"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/user"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper/user"
|
||||
"${CMAKE_SOURCE_DIR}/external/usersim/inc"
|
||||
"${CMAKE_SOURCE_DIR}/external/ebpf-verifier/src"
|
||||
)
|
||||
|
||||
target_compile_definitions("ebpf_store_helper_um" PRIVATE
|
||||
_WINDOWS
|
||||
_LIB
|
||||
UNICODE
|
||||
_UNICODE
|
||||
USER_MODE
|
||||
)
|
|
@ -0,0 +1,249 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
/**
|
||||
* @file
|
||||
* @brief Contains user mode registry related helper APIs.
|
||||
*/
|
||||
|
||||
#include "ebpf_platform.h"
|
||||
#include "ebpf_registry_helper.h"
|
||||
|
||||
#include <string>
|
||||
|
||||
#define GUID_STRING_LENGTH 38 // not including the null terminator.
|
||||
#define _EBPF_RESULT(x) win32_error_code_to_ebpf_result(x)
|
||||
|
||||
ebpf_store_key_t ebpf_store_root_key = HKEY_CURRENT_USER; // TODO: Issue #1231 Change to using HKEY_LOCAL_MACHINE
|
||||
const wchar_t* ebpf_store_root_sub_key = EBPF_ROOT_RELATIVE_PATH;
|
||||
|
||||
static std::wstring
|
||||
_get_wstring_from_string(std::string text)
|
||||
{
|
||||
int length = MultiByteToWideChar(CP_UTF8, 0, text.c_str(), -1, nullptr, 0);
|
||||
std::wstring wide(length, 0);
|
||||
MultiByteToWideChar(CP_UTF8, 0, text.c_str(), -1, &wide[0], length);
|
||||
|
||||
return wide;
|
||||
}
|
||||
|
||||
void
|
||||
ebpf_close_registry_key(ebpf_store_key_t key)
|
||||
{
|
||||
ebpf_assert(key);
|
||||
RegCloseKey(key);
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_binary(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_reads_(value_size) uint8_t* value, size_t value_size)
|
||||
{
|
||||
ebpf_assert(value_name);
|
||||
ebpf_assert(value);
|
||||
|
||||
return _EBPF_RESULT(RegSetValueEx(key, value_name, 0, REG_BINARY, value, (unsigned long)value_size));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
write_registry_value_wide_string(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const wchar_t* value)
|
||||
{
|
||||
ebpf_assert(value_name);
|
||||
ebpf_assert(value);
|
||||
|
||||
auto length = (wcslen(value) + 1) * sizeof(wchar_t);
|
||||
return _EBPF_RESULT(RegSetValueEx(key, value_name, 0, REG_SZ, (uint8_t*)value, (unsigned long)length));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_ansi_string(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value)
|
||||
{
|
||||
ebpf_result_t result;
|
||||
try {
|
||||
auto wide_string = _get_wstring_from_string(value);
|
||||
result = _EBPF_RESULT(write_registry_value_wide_string(key, value_name, wide_string.c_str()));
|
||||
} catch (...) {
|
||||
result = EBPF_NO_MEMORY;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_dword(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, uint32_t value)
|
||||
{
|
||||
ebpf_assert(key);
|
||||
return _EBPF_RESULT(RegSetValueEx(key, value_name, 0, REG_DWORD, (PBYTE)&value, sizeof(value)));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key(
|
||||
ebpf_store_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key)
|
||||
{
|
||||
*key = nullptr;
|
||||
if (root_key == nullptr) {
|
||||
return EBPF_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
return _EBPF_RESULT(RegCreateKeyEx(root_key, sub_key, 0, nullptr, 0, flags, nullptr, key, nullptr));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_open_registry_key(
|
||||
ebpf_store_key_t root_key, _In_opt_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key)
|
||||
{
|
||||
ebpf_assert(root_key != nullptr);
|
||||
_Analysis_assume_(root_key != nullptr);
|
||||
|
||||
return _EBPF_RESULT(RegOpenKeyEx(root_key, sub_key, 0, flags, key));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_delete_registry_key(ebpf_store_key_t root_key, _In_z_ const wchar_t* sub_key)
|
||||
{
|
||||
return _EBPF_RESULT(RegDeleteKeyEx(root_key, sub_key, 0, 0));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_delete_registry_tree(ebpf_store_key_t root_key, _In_opt_z_ const wchar_t* sub_key)
|
||||
{
|
||||
return _EBPF_RESULT(RegDeleteTree(root_key, sub_key));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key_ansi(
|
||||
ebpf_store_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key)
|
||||
{
|
||||
ebpf_result_t result;
|
||||
try {
|
||||
auto wide_string = _get_wstring_from_string(sub_key);
|
||||
result = ebpf_create_registry_key(root_key, wide_string.c_str(), flags, key);
|
||||
} catch (...) {
|
||||
result = EBPF_NO_MEMORY;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_read_registry_value_string(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _Outptr_result_maybenull_ wchar_t** value)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
unsigned long type = REG_SZ;
|
||||
unsigned long value_size = 0;
|
||||
wchar_t* string_value = nullptr;
|
||||
|
||||
if (value == nullptr) {
|
||||
return EBPF_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
*value = nullptr;
|
||||
result = _EBPF_RESULT(RegQueryValueEx(key, value_name, 0, &type, nullptr, &value_size));
|
||||
if (result != EBPF_SUCCESS || type != REG_SZ) {
|
||||
if (type != REG_SZ) {
|
||||
result = EBPF_INVALID_ARGUMENT;
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
string_value = (wchar_t*)ebpf_allocate((value_size + sizeof(wchar_t)));
|
||||
if (string_value == nullptr) {
|
||||
return EBPF_NO_MEMORY;
|
||||
}
|
||||
|
||||
memset(string_value, 0, value_size + sizeof(wchar_t));
|
||||
result = _EBPF_RESULT(RegQueryValueEx(key, value_name, 0, &type, (PBYTE)string_value, &value_size));
|
||||
if (result != EBPF_SUCCESS) {
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
*value = string_value;
|
||||
string_value = nullptr;
|
||||
|
||||
Exit:
|
||||
if (string_value) {
|
||||
ebpf_free(string_value);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_read_registry_value_dword(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _Out_ uint32_t* value)
|
||||
{
|
||||
unsigned long type = REG_QWORD;
|
||||
unsigned long value_size = sizeof(uint32_t);
|
||||
return _EBPF_RESULT(RegQueryValueEx(key, value_name, 0, &type, (PBYTE)value, &value_size));
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_read_registry_value_binary(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _Out_writes_(value_size) uint8_t* value, size_t value_size)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
unsigned long type = REG_BINARY;
|
||||
unsigned long local_value_size = (unsigned long)value_size;
|
||||
|
||||
result = _EBPF_RESULT(RegQueryValueEx(key, value_name, 0, &type, value, &local_value_size));
|
||||
if (result != EBPF_SUCCESS || type != REG_BINARY || local_value_size != value_size) {
|
||||
if (result != EBPF_SUCCESS) {
|
||||
result = EBPF_INVALID_ARGUMENT;
|
||||
}
|
||||
goto Exit;
|
||||
}
|
||||
|
||||
Exit:
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_convert_guid_to_string(_In_ const GUID* guid, _Out_writes_all_(string_size) wchar_t* string, size_t string_size)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
wchar_t* value_name = nullptr;
|
||||
|
||||
try {
|
||||
*string = 0;
|
||||
|
||||
if (string_size < GUID_STRING_LENGTH + 1) {
|
||||
return EBPF_INSUFFICIENT_BUFFER;
|
||||
}
|
||||
|
||||
// Convert program type GUID to string.
|
||||
RPC_STATUS rpc_status = UuidToString(guid, (RPC_WSTR*)&value_name);
|
||||
if (rpc_status != RPC_S_OK) {
|
||||
return EBPF_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
std::wstring value_name_string(value_name);
|
||||
|
||||
// UuidToString returns string without braces. Add braces to the resulting string.
|
||||
value_name_string = L"{" + value_name_string + L"}";
|
||||
|
||||
// Copy the buffer to the output string.
|
||||
memcpy(string, value_name_string.c_str(), GUID_STRING_LENGTH * 2);
|
||||
string[GUID_STRING_LENGTH] = L'\0';
|
||||
} catch (...) {
|
||||
result = EBPF_NO_MEMORY;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_convert_string_to_guid(_In_z_ const wchar_t* string, _Out_ GUID* guid)
|
||||
{
|
||||
ebpf_result_t result = EBPF_SUCCESS;
|
||||
|
||||
// The UUID string read from registry also contains the opening and closing braces.
|
||||
// Remove those before converting to UUID.
|
||||
wchar_t truncated_string[GUID_STRING_LENGTH + 1] = {0};
|
||||
memcpy(truncated_string, string + 1, (wcslen(string) - 2) * sizeof(wchar_t));
|
||||
|
||||
// Convert program type string to GUID
|
||||
auto rpc_status = UuidFromString((RPC_WSTR)truncated_string, guid);
|
||||
if (rpc_status != RPC_S_OK) {
|
||||
result = EBPF_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
|
@ -0,0 +1,74 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#pragma once
|
||||
|
||||
#include "ebpf_store_helper.h"
|
||||
|
||||
#define REG_CREATE_FLAGS (KEY_WRITE | DELETE | KEY_READ)
|
||||
#define REG_OPEN_FLAGS (DELETE | KEY_READ)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
void
|
||||
ebpf_close_registry_key(ebpf_store_key_t key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_binary(
|
||||
ebpf_store_key_t key,
|
||||
_In_z_ const wchar_t* value_name,
|
||||
_In_reads_(value_size) uint8_t* value,
|
||||
size_t value_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_ansi_string(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _In_z_ const char* value);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_write_registry_value_dword(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, uint32_t value);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key(
|
||||
ebpf_store_key_t root_key, _In_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_open_registry_key(
|
||||
ebpf_store_key_t root_key, _In_opt_z_ const wchar_t* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_delete_registry_key(ebpf_store_key_t root_key, _In_z_ const wchar_t* sub_key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_delete_registry_tree(ebpf_store_key_t root_key, _In_opt_z_ const wchar_t* sub_key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_read_registry_value_dword(ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _Out_ uint32_t* value);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_read_registry_value_binary(
|
||||
ebpf_store_key_t key,
|
||||
_In_z_ const wchar_t* value_name,
|
||||
_Out_writes_(value_size) uint8_t* value,
|
||||
size_t value_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_convert_guid_to_string(
|
||||
_In_ const GUID* guid, _Out_writes_all_(string_size) wchar_t* string, size_t string_size);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_convert_string_to_guid(_In_z_ const wchar_t* string, _Out_ GUID* guid);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_create_registry_key_ansi(
|
||||
ebpf_store_key_t root_key, _In_z_ const char* sub_key, uint32_t flags, _Out_ ebpf_store_key_t* key);
|
||||
|
||||
_Must_inspect_result_ ebpf_result_t
|
||||
ebpf_read_registry_value_string(
|
||||
ebpf_store_key_t key, _In_z_ const wchar_t* value_name, _Outptr_result_maybenull_ wchar_t** value);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
|
@ -0,0 +1,100 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
Copyright (c) Microsoft Corporation
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup Label="ProjectConfigurations">
|
||||
<ProjectConfiguration Include="Debug|x64">
|
||||
<Configuration>Debug</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
<ProjectConfiguration Include="Release|x64">
|
||||
<Configuration>Release</Configuration>
|
||||
<Platform>x64</Platform>
|
||||
</ProjectConfiguration>
|
||||
</ItemGroup>
|
||||
<PropertyGroup Label="Globals">
|
||||
<ProjectGuid>{AA933B9F-B5D8-4AA8-AC18-98FE1A161E8A}</ProjectGuid>
|
||||
<MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
|
||||
<Configuration>Debug</Configuration>
|
||||
<RootNamespace>store_helper_um</RootNamespace>
|
||||
<ProjectName>ebpf_store_helper_um</ProjectName>
|
||||
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>true</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<ConfigurationType>StaticLibrary</ConfigurationType>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
<EnableASAN>false</EnableASAN>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
|
||||
<TargetVersion>Windows10</TargetVersion>
|
||||
<UseDebugLibraries>false</UseDebugLibraries>
|
||||
<PlatformToolset>v143</PlatformToolset>
|
||||
<ConfigurationType>StaticLibrary</ConfigurationType>
|
||||
<CharacterSet>Unicode</CharacterSet>
|
||||
<EnableASAN>false</EnableASAN>
|
||||
</PropertyGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
|
||||
<ImportGroup Label="ExtensionSettings">
|
||||
</ImportGroup>
|
||||
<ImportGroup Label="PropertySheets">
|
||||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
|
||||
</ImportGroup>
|
||||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\include;$(SolutionDir)\libs\store_helper\user;$(SolutionDir)\libs\platform;$(SolutionDir)\libs\platform\user;$(SolutionDir)\external\ebpf-verifier\src;$(SolutionDir)external\usersim\inc</IncludePath>
|
||||
<LibraryPath>$(VC_LibraryPath_x64);$(WindowsSDK_LibraryPath_x64)</LibraryPath>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\include;$(SolutionDir)\libs\store_helper\user;$(SolutionDir)\libs\platform;$(SolutionDir)\libs\platform\user;$(SolutionDir)\external\ebpf-verifier\src;$(SolutionDir)external\usersim\inc</IncludePath>
|
||||
<LibraryPath>$(VC_LibraryPath_x64);$(WindowsSDK_LibraryPath_x64)</LibraryPath>
|
||||
<OutDir>$(SolutionDir)$(Platform)\$(Configuration)\</OutDir>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>_DEBUG;_LIB;USER_MODE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem />
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<WarningLevel>Level3</WarningLevel>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<IntrinsicFunctions>true</IntrinsicFunctions>
|
||||
<SDLCheck>true</SDLCheck>
|
||||
<PreprocessorDefinitions>NDEBUG;_LIB;USER_MODE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<PrecompiledHeader>NotUsing</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
<Link>
|
||||
<SubSystem />
|
||||
<EnableCOMDATFolding>true</EnableCOMDATFolding>
|
||||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="..\..\..\include\ebpf_store_helper.h" />
|
||||
<ClInclude Include="ebpf_registry_helper.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\ebpf_store_helper.c" />
|
||||
<ClCompile Include="ebpf_registry_helper.cpp" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
</Project>
|
|
@ -0,0 +1,31 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!--
|
||||
Copyright (c) Microsoft Corporation
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Filter Include="Source Files">
|
||||
<UniqueIdentifier>{fc986e3b-0dc2-4bd3-9087-b44ce64ca07c}</UniqueIdentifier>
|
||||
</Filter>
|
||||
<Filter Include="Header Files">
|
||||
<UniqueIdentifier>{589ce50f-4aa5-42c3-9b32-d8f3f8a1eeec}</UniqueIdentifier>
|
||||
</Filter>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="ebpf_registry_helper.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\ebpf_store_helper.c">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClInclude Include="..\..\..\include\ebpf_store_helper.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
<ClInclude Include="ebpf_registry_helper.h">
|
||||
<Filter>Header Files</Filter>
|
||||
</ClInclude>
|
||||
</ItemGroup>
|
||||
</Project>
|
|
@ -158,13 +158,13 @@ _net_ebpf_bind_update_store_entries()
|
|||
|
||||
// Update section information.
|
||||
uint32_t section_info_count = sizeof(_ebpf_bind_section_info) / sizeof(ebpf_program_section_info_t);
|
||||
status = _ebpf_store_update_section_information(&_ebpf_bind_section_info[0], section_info_count);
|
||||
status = ebpf_store_update_section_information(&_ebpf_bind_section_info[0], section_info_count);
|
||||
if (!NT_SUCCESS(status)) {
|
||||
return status;
|
||||
}
|
||||
|
||||
// Update program information.
|
||||
status = _ebpf_store_update_program_information(&_ebpf_bind_program_info, 1);
|
||||
status = ebpf_store_update_program_information(&_ebpf_bind_program_info, 1);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
|
|
@ -585,13 +585,13 @@ _net_ebpf_sock_addr_update_store_entries()
|
|||
|
||||
// Update section information.
|
||||
uint32_t section_info_count = sizeof(_ebpf_sock_addr_section_info) / sizeof(ebpf_program_section_info_t);
|
||||
status = _ebpf_store_update_section_information(&_ebpf_sock_addr_section_info[0], section_info_count);
|
||||
status = ebpf_store_update_section_information(&_ebpf_sock_addr_section_info[0], section_info_count);
|
||||
if (!NT_SUCCESS(status)) {
|
||||
NET_EBPF_EXT_RETURN_NTSTATUS(status);
|
||||
}
|
||||
|
||||
// Update program information.
|
||||
status = _ebpf_store_update_program_information(&_ebpf_sock_addr_program_info, 1);
|
||||
status = ebpf_store_update_program_information(&_ebpf_sock_addr_program_info, 1);
|
||||
|
||||
NET_EBPF_EXT_RETURN_NTSTATUS(status);
|
||||
}
|
||||
|
|
|
@ -259,13 +259,13 @@ _net_ebpf_sock_ops_update_store_entries()
|
|||
|
||||
// Update section information.
|
||||
uint32_t section_info_count = sizeof(_ebpf_sock_ops_section_info) / sizeof(ebpf_program_section_info_t);
|
||||
status = _ebpf_store_update_section_information(&_ebpf_sock_ops_section_info[0], section_info_count);
|
||||
status = ebpf_store_update_section_information(&_ebpf_sock_ops_section_info[0], section_info_count);
|
||||
if (!NT_SUCCESS(status)) {
|
||||
return status;
|
||||
}
|
||||
|
||||
// Update program information.
|
||||
status = _ebpf_store_update_program_information(&_ebpf_sock_ops_program_info, 1);
|
||||
status = ebpf_store_update_program_information(&_ebpf_sock_ops_program_info, 1);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
|
|
@ -230,13 +230,13 @@ _net_ebpf_xdp_update_store_entries()
|
|||
|
||||
// Update section information.
|
||||
uint32_t section_info_count = sizeof(_ebpf_xdp_section_info) / sizeof(ebpf_program_section_info_t);
|
||||
status = _ebpf_store_update_section_information(&_ebpf_xdp_section_info[0], section_info_count);
|
||||
status = ebpf_store_update_section_information(&_ebpf_xdp_section_info[0], section_info_count);
|
||||
if (!NT_SUCCESS(status)) {
|
||||
return status;
|
||||
}
|
||||
|
||||
// Update program information.
|
||||
status = _ebpf_store_update_program_information(&_ebpf_xdp_program_info, 1);
|
||||
status = ebpf_store_update_program_information(&_ebpf_xdp_program_info, 1);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
|
|
@ -44,6 +44,8 @@ target_include_directories("NetEbpfExt" PRIVATE
|
|||
"${CMAKE_SOURCE_DIR}/include/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper"
|
||||
"${CMAKE_SOURCE_DIR}/libs/store_helper/kernel"
|
||||
"${CMAKE_SOURCE_DIR}/netebpfext/sys"
|
||||
"${CMAKE_SOURCE_DIR}/netebpfext"
|
||||
"${CMAKE_SOURCE_DIR}/resource"
|
||||
|
@ -55,6 +57,7 @@ target_link_directories("NetEbpfExt" PRIVATE
|
|||
|
||||
target_link_libraries("NetEbpfExt"
|
||||
"ebpf_for_windows_common_settings"
|
||||
"ebpf_store_helper_km"
|
||||
"external::ebpfverifier_headers"
|
||||
"Ndis.lib"
|
||||
"Netio.lib"
|
||||
|
|
|
@ -100,15 +100,19 @@
|
|||
<PropertyGroup />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ResourceCompile>
|
||||
|
@ -127,7 +131,7 @@
|
|||
</Midl>
|
||||
<Link>
|
||||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>SHA256</FileDigestAlgorithm>
|
||||
|
@ -149,7 +153,7 @@
|
|||
</Midl>
|
||||
<Link>
|
||||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>SHA256</FileDigestAlgorithm>
|
||||
|
@ -170,7 +174,7 @@
|
|||
</Midl>
|
||||
<Link>
|
||||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>SHA256</FileDigestAlgorithm>
|
||||
|
@ -191,7 +195,7 @@
|
|||
</Midl>
|
||||
<Link>
|
||||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>SHA256</FileDigestAlgorithm>
|
||||
|
@ -231,6 +235,11 @@
|
|||
<ClInclude Include="netebpfext_platform.h" />
|
||||
<ClInclude Include="resource.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\..\libs\store_helper\kernel\ebpf_store_helper_km.vcxproj">
|
||||
<Project>{3569e946-c8b4-49ee-a89d-edd09dc9f36e}</Project>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
|
|
|
@ -62,12 +62,15 @@
|
|||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<LinkIncremental>true</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<LinkIncremental>true</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
|
@ -83,6 +86,9 @@
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
</Link>
|
||||
<Lib>
|
||||
<AdditionalLibraryDirectories>$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Lib>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<ClCompile>
|
||||
|
@ -100,12 +106,13 @@
|
|||
</Link>
|
||||
<Lib>
|
||||
<LinkTimeCodeGeneration>false</LinkTimeCodeGeneration>
|
||||
<AdditionalLibraryDirectories>$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Lib>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<FunctionLevelLinking>true</FunctionLevelLinking>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;USER_MODE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)external\usersim\src;$(OutputPath);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)include\user;$(SolutionDir)netebpfext;$(SolutionDir)netebpfext\user;$(SolutionDir)libs\thunk;$(SolutionDir)tests\libs\util;$(SolutionDir)external\catch2\src;$(SolutionDir)external\catch2\build\generated-includes;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
<CompileAs>CompileAsCpp</CompileAs>
|
||||
<AdditionalOptions>/Zc:strictStrings- %(AdditionalOptions)</AdditionalOptions>
|
||||
|
@ -117,6 +124,9 @@
|
|||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
</Link>
|
||||
<Lib>
|
||||
<AdditionalLibraryDirectories>$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Lib>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\guid.c">
|
||||
|
@ -145,6 +155,11 @@
|
|||
<ClInclude Include="..\net_ebpf_ext_xdp.h" />
|
||||
<ClInclude Include="netebpfext_platform.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\..\libs\store_helper\user\ebpf_store_helper_um.vcxproj">
|
||||
<Project>{aa933b9f-b5d8-4aa8-ac18-98fe1a161e8a}</Project>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
|
|
|
@ -71,7 +71,7 @@
|
|||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<AdditionalDependencies>$(FuzzerLibs);mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\$(Platform)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\$(Platform);$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
|
@ -82,7 +82,7 @@
|
|||
<Link>
|
||||
<SubSystem>Console</SubSystem>
|
||||
<AdditionalDependencies>$(FuzzerLibs);mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\$(Platform)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\$(Platform);$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
|
@ -94,7 +94,7 @@
|
|||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>$(FuzzerLibs);mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\$(Platform)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(VCToolsInstallDir)lib\$(Platform);$(SolutionDir)$(Platform)\$(ConfigurationName)\</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#include "ebpf_store_helper.h"
|
||||
#include "net_ebpf_ext_sock_addr.h"
|
||||
#include "netebpf_ext_helper.h"
|
||||
|
||||
// TODO: Issue #1231 Change to using HKEY_LOCAL_MACHINE
|
||||
ebpf_registry_key_t ebpf_root_registry_key = HKEY_CURRENT_USER;
|
||||
DEVICE_OBJECT* _net_ebpf_ext_driver_device_object;
|
||||
|
||||
constexpr uint32_t _test_destination_ipv4_address = 0x01020304;
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
#endif
|
||||
|
||||
#include "ebpf_extension_uuids.h"
|
||||
#include "ebpf_registry_helper.h"
|
||||
#include "ebpf_store_helper.h"
|
||||
#include "net_ebpf_ext.h"
|
||||
#include "net_ebpf_ext_tracelog.h"
|
||||
#include "usersim\fwp_test.h"
|
||||
|
|
|
@ -80,6 +80,7 @@
|
|||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(VC_LibraryPath_VC_x64_Desktop);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(Link.AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
|
@ -94,6 +95,7 @@
|
|||
<SubSystem>Console</SubSystem>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(VC_LibraryPath_VC_x64_Desktop);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(Link.AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
|
@ -112,6 +114,7 @@
|
|||
<OptimizeReferences>true</OptimizeReferences>
|
||||
<GenerateDebugInformation>true</GenerateDebugInformation>
|
||||
<AdditionalDependencies>mincore.lib;%(AdditionalDependencies)</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(VC_LibraryPath_VC_x64_Desktop);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(Link.AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
|
|
|
@ -28,6 +28,7 @@ target_link_directories("sample_ebpf_ext" PRIVATE
|
|||
|
||||
target_link_libraries("sample_ebpf_ext"
|
||||
"ebpf_for_windows_common_settings"
|
||||
"ebpf_store_helper_km"
|
||||
"external::ebpfverifier_headers"
|
||||
"platform_kernel"
|
||||
"netio.lib"
|
||||
|
|
|
@ -319,7 +319,7 @@ _sample_ebpf_extension_update_store_entries()
|
|||
(GUID*)&EBPF_ATTACH_TYPE_SAMPLE,
|
||||
BPF_PROG_TYPE_SAMPLE,
|
||||
BPF_ATTACH_TYPE_SAMPLE};
|
||||
status = _ebpf_store_update_section_information(§ion_info, 1);
|
||||
status = ebpf_store_update_section_information(§ion_info, 1);
|
||||
if (!NT_SUCCESS(status)) {
|
||||
return status;
|
||||
}
|
||||
|
@ -331,7 +331,7 @@ _sample_ebpf_extension_update_store_entries()
|
|||
.ProviderRegistrationInstance.NpiSpecificCharacteristics;
|
||||
program_data = (ebpf_program_data_t*)extension_data->data;
|
||||
|
||||
status = _ebpf_store_update_program_information(program_data->program_info, 1);
|
||||
status = ebpf_store_update_program_information(program_data->program_info, 1);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
|
|
@ -98,15 +98,19 @@
|
|||
<PropertyGroup />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
|
||||
<IncludePath>$(IncludePath);$(KMDF_INC_PATH)$(KMDF_VER_PATH);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ResourceCompile>
|
||||
|
@ -123,7 +127,7 @@
|
|||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalOptions>
|
||||
</AdditionalOptions>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>SHA256</FileDigestAlgorithm>
|
||||
|
@ -144,7 +148,7 @@
|
|||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalOptions>
|
||||
</AdditionalOptions>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
</Link>
|
||||
<DriverSign>
|
||||
<FileDigestAlgorithm>SHA256</FileDigestAlgorithm>
|
||||
|
@ -163,7 +167,7 @@
|
|||
</ClCompile>
|
||||
<Link>
|
||||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalOptions>
|
||||
</AdditionalOptions>
|
||||
</Link>
|
||||
|
@ -184,7 +188,7 @@
|
|||
</ClCompile>
|
||||
<Link>
|
||||
<AdditionalDependencies>%(AdditionalDependencies);$(DDK_LIB_PATH)\ntoskrnl.lib;$(DDK_LIB_PATH)\ndis.lib;$(DDK_LIB_PATH)\wdmsec.lib;$(DDK_LIB_PATH)\fwpkclnt.lib;$(SDK_LIB_PATH)\uuid.lib;$(DDK_LIB_PATH)\netio.lib</AdditionalDependencies>
|
||||
<AdditionalLibraryDirectories>$(OutDir);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalLibraryDirectories>$(OutDir);$(SolutionDir)$(Platform)\$(ConfigurationName)\;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
|
||||
<AdditionalOptions>
|
||||
</AdditionalOptions>
|
||||
</Link>
|
||||
|
@ -210,6 +214,9 @@
|
|||
<ProjectReference Include="$(SolutionDir)libs\platform\kernel\platform_kernel.vcxproj">
|
||||
<Project>{fc3f9998-4085-4767-8386-5453f07c3aad}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\..\..\libs\store_helper\kernel\ebpf_store_helper_km.vcxproj">
|
||||
<Project>{3569e946-c8b4-49ee-a89d-edd09dc9f36e}</Project>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
|
|
|
@ -88,22 +88,27 @@
|
|||
<PropertyGroup Label="UserMacros" />
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\api_common;$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\ebpfnetsh;$(SolutionDir)tests\libs\util;$(SolutionDir)tests\libs\common;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)libs\service;$(SolutionDir)rpc_interface;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)tests\end_to_end;$(SolutionDir)tests\sample;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)\tests\xdp;$(SolutionDir)tools\export_program_info;$(SolutionDir)libs\thunk;$(SolutionDir)libs\thunk\mock;$(SolutionDir)\netebpfext;$(SolutionDir)external\catch2\src;$(SolutionDir)external\catch2\build\generated-includes;$(SolutionDir)external\bpftool;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -116,7 +121,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\api_common;$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\ebpfnetsh;$(SolutionDir)tests\libs\util;$(SolutionDir)tests\libs\common;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)libs\service;$(SolutionDir)rpc_interface;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)tests\end_to_end;$(SolutionDir)tests\sample;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)\tests\xdp;$(SolutionDir)tools\export_program_info;$(SolutionDir)libs\thunk;$(SolutionDir)libs\thunk\mock;$(SolutionDir)\netebpfext;$(SolutionDir)external\catch2\src;$(SolutionDir)external\catch2\build\generated-includes;$(SolutionDir)external\bpftool;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -129,7 +134,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\api_common;$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\ebpfnetsh;$(SolutionDir)tests\libs\util;$(SolutionDir)tests\libs\common;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)libs\service;$(SolutionDir)rpc_interface;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)tests\end_to_end;$(SolutionDir)tests\sample;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)\tests\xdp;$(SolutionDir)tools\export_program_info;$(SolutionDir)libs\thunk;$(SolutionDir)libs\thunk\mock;$(SolutionDir)\netebpfext;$(SolutionDir)external\catch2\src;$(SolutionDir)external\catch2\build\generated-includes;$(SolutionDir)external\bpftool;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -142,7 +147,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\api_common;$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\ebpfnetsh;$(SolutionDir)tests\libs\util;$(SolutionDir)tests\libs\common;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)libs\service;$(SolutionDir)rpc_interface;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)tests\end_to_end;$(SolutionDir)tests\sample;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)\tests\xdp;$(SolutionDir)tools\export_program_info;$(SolutionDir)libs\thunk;$(SolutionDir)libs\thunk\mock;$(SolutionDir)\netebpfext;$(SolutionDir)external\catch2\src;$(SolutionDir)external\catch2\build\generated-includes;$(SolutionDir)external\bpftool;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -157,7 +162,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)libs\api_common;$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\ebpfnetsh;$(SolutionDir)tests\libs\util;$(SolutionDir)tests\libs\common;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)libs\service;$(SolutionDir)rpc_interface;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)tests\end_to_end;$(SolutionDir)tests\sample;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)\tests\xdp;$(SolutionDir)tools\export_program_info;$(SolutionDir)libs\thunk;$(SolutionDir)libs\thunk\mock;$(SolutionDir)\netebpfext;$(SolutionDir)external\catch2\src;$(SolutionDir)external\catch2\build\generated-includes;$(SolutionDir)external\bpftool;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
|
|
@ -4,26 +4,26 @@
|
|||
add_executable("export_program_info"
|
||||
export_program_info.cpp
|
||||
main.cpp
|
||||
${CMAKE_SOURCE_DIR}/libs/api_common/registry_helper.cpp
|
||||
${CMAKE_SOURCE_DIR}/libs/api_common/store_helper_internal.cpp
|
||||
${CMAKE_SOURCE_DIR}/libs/api_common/utilities.cpp
|
||||
)
|
||||
|
||||
target_include_directories("export_program_info" PRIVATE
|
||||
"${CMAKE_SOURCE_DIR}/external/usersim/inc"
|
||||
"${CMAKE_SOURCE_DIR}/include"
|
||||
"${CMAKE_SOURCE_DIR}/include/user"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/user"
|
||||
"${CMAKE_SOURCE_DIR}/libs/api"
|
||||
"${CMAKE_SOURCE_DIR}/libs/execution_context"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform"
|
||||
"${CMAKE_SOURCE_DIR}/libs/platform/user"
|
||||
"${CMAKE_SOURCE_DIR}/libs/thunk"
|
||||
"${CMAKE_SOURCE_DIR}/netebpfext"
|
||||
"${CMAKE_SOURCE_DIR}/tests/sample/ext/inc"
|
||||
"${CMAKE_SOURCE_DIR}/libs/thunk"
|
||||
"${CMAKE_SOURCE_DIR}/external/usersim/inc"
|
||||
)
|
||||
|
||||
target_link_libraries("export_program_info" PRIVATE
|
||||
"ebpf_for_windows_cpp_settings"
|
||||
"ebpf_store_helper_um"
|
||||
"execution_context_user"
|
||||
"platform_user"
|
||||
"api_common_headers"
|
||||
|
@ -36,6 +36,7 @@ target_link_libraries("export_program_info" PRIVATE
|
|||
|
||||
target_compile_definitions("export_program_info" PRIVATE
|
||||
_CONSOLE
|
||||
USER_MODE
|
||||
)
|
||||
|
||||
# Use export_program_info to populate the ebpf store.
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
// Copyright (c) Microsoft Corporation
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
#define USER_MODE
|
||||
#define _SILENCE_CXX17_CODECVT_HEADER_DEPRECATION_WARNING
|
||||
|
||||
#include "ebpf_api.h"
|
||||
|
@ -18,8 +17,6 @@
|
|||
#define REG_CREATE_FLAGS (KEY_WRITE | DELETE | KEY_READ)
|
||||
#define REG_OPEN_FLAGS (DELETE | KEY_READ)
|
||||
|
||||
extern ebpf_registry_key_t ebpf_root_registry_key;
|
||||
|
||||
typedef struct _ebpf_program_section_info_with_count
|
||||
{
|
||||
_Field_size_(section_info_count) const ebpf_program_section_info_t* section_info;
|
||||
|
@ -50,7 +47,7 @@ export_all_program_information()
|
|||
uint32_t status = ERROR_SUCCESS;
|
||||
size_t array_size = _countof(program_information_array);
|
||||
for (uint32_t i = 0; i < array_size; i++) {
|
||||
status = _ebpf_store_update_program_information(program_information_array[i], 1);
|
||||
status = ebpf_store_update_program_information(program_information_array[i], 1);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
break;
|
||||
}
|
||||
|
@ -64,7 +61,7 @@ export_all_section_information()
|
|||
{
|
||||
uint32_t status = ERROR_SUCCESS;
|
||||
for (const auto& section : _section_information) {
|
||||
status = _ebpf_store_update_section_information(section.section_info, (uint32_t)section.section_info_count);
|
||||
status = ebpf_store_update_section_information(section.section_info, (uint32_t)section.section_info_count);
|
||||
if (status != ERROR_SUCCESS) {
|
||||
break;
|
||||
}
|
||||
|
@ -76,16 +73,15 @@ export_all_section_information()
|
|||
int
|
||||
export_global_helper_information()
|
||||
{
|
||||
return _ebpf_store_update_global_helper_information(
|
||||
return ebpf_store_update_global_helper_information(
|
||||
ebpf_core_helper_function_prototype, ebpf_core_helper_functions_count);
|
||||
}
|
||||
|
||||
uint32_t
|
||||
clear_all_ebpf_stores()
|
||||
{
|
||||
// TODO: Issue #1231 Change to using HKEY_LOCAL_MACHINE
|
||||
std::cout << "Clearing eBPF store HKEY_CURRENT_USER" << std::endl;
|
||||
return ebpf_store_clear(ebpf_root_registry_key);
|
||||
std::cout << "Clearing eBPF store" << std::endl;
|
||||
return ebpf_store_clear(ebpf_store_root_key);
|
||||
}
|
||||
|
||||
void
|
||||
|
|
|
@ -89,26 +89,31 @@
|
|||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<CustomBuildAfterTargets>Link</CustomBuildAfterTargets>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<CustomBuildAfterTargets>Link</CustomBuildAfterTargets>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<CustomBuildAfterTargets>Link</CustomBuildAfterTargets>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<CustomBuildAfterTargets>Link</CustomBuildAfterTargets>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<LinkIncremental>false</LinkIncremental>
|
||||
<CustomBuildAfterTargets>Link</CustomBuildAfterTargets>
|
||||
<IncludePath>$(VC_IncludePath);$(WindowsSDK_IncludePath);$(SolutionDir)\libs\store_helper</IncludePath>
|
||||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)tests\sample\ext\drv;$(OutDir);$(SolutionDir)libs\thunk;$(SolutionDir)\netebpfext;$(SolutionDir)\libs\api_common;$(SolutionDir)include\user;$(SolutionDir)external\ebpf-verifier\build\packages\boost\lib\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -131,7 +136,7 @@ $(OutputPath)export_program_info.exe</Command>
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)tests\sample\ext\drv;$(OutDir);$(SolutionDir)libs\thunk;$(SolutionDir)\netebpfext;$(SolutionDir)\libs\api_common;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -156,7 +161,7 @@ $(OutputPath)export_program_info.exe</Command>
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)tests\sample\ext\drv;$(OutDir);$(SolutionDir)libs\thunk;$(SolutionDir)\netebpfext;$(SolutionDir)\libs\api_common;$(SolutionDir)include\user;$(SolutionDir)external\ebpf-verifier\build\packages\boost\lib\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -181,7 +186,7 @@ $(OutputPath)export_program_info.exe</Command>
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)tests\sample\ext\drv;$(OutDir);$(SolutionDir)libs\thunk;$(SolutionDir)\netebpfext;$(SolutionDir)\libs\api_common;$(SolutionDir)include\user;$(SolutionDir)external\ebpf-verifier\build\packages\boost\lib\native\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -206,7 +211,7 @@ $(OutputPath)export_program_info.exe</Command>
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyRelease|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions);USER_MODE</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)external\usersim\inc;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(SolutionDir)tests\sample\ext\inc;$(SolutionDir)tests\sample\ext\drv;$(OutDir);$(SolutionDir)libs\thunk;$(SolutionDir)\netebpfext;$(SolutionDir)\libs\api_common;$(SolutionDir)include\user;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
@ -232,7 +237,6 @@ $(OutputPath)export_program_info.exe</Command>
|
|||
</CustomBuildStep>
|
||||
</ItemDefinitionGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="..\..\libs\api_common\registry_helper.cpp" />
|
||||
<ClCompile Include="..\..\libs\api_common\store_helper_internal.cpp" />
|
||||
<ClCompile Include="..\..\libs\api_common\utilities.cpp" />
|
||||
<ClCompile Include="..\..\libs\platform\ebpf_tracelog.c" />
|
||||
|
@ -249,6 +253,9 @@ $(OutputPath)export_program_info.exe</Command>
|
|||
<ProjectReference Include="..\..\libs\platform\user\platform_user.vcxproj">
|
||||
<Project>{c26cb6a9-158c-4a9e-a243-755ddd98e5fe}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\libs\store_helper\user\ebpf_store_helper_um.vcxproj">
|
||||
<Project>{aa933b9f-b5d8-4aa8-ac18-98fe1a161e8a}</Project>
|
||||
</ProjectReference>
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
</Project>
|
|
@ -28,9 +28,6 @@
|
|||
<ClCompile Include="..\..\libs\api_common\store_helper_internal.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\..\libs\api_common\registry_helper.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="..\..\libs\api_common\utilities.cpp">
|
||||
<Filter>Source Files</Filter>
|
||||
</ClCompile>
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
<file src="ebpfapi.dll" target="build\native\bin"/>
|
||||
<file src="ebpfapi.pdb" target="build\native\bin"/>
|
||||
<file src="ebpfapi.lib" target="build\native\lib"/>
|
||||
<file src="ebpf_store_helper_km.lib" target="build\native\lib"/>
|
||||
<!-- TODO(#2677): export_program_info.exe temporarily requires usersim.dll. -->
|
||||
<file src="usersim.dll" target="build\native\bin"/>
|
||||
<file src="usersim.pdb" target="build\native\bin"/>
|
||||
|
|
|
@ -160,6 +160,12 @@ NuGet.exe pack $(OutDir)ebpf-for-windows.nuspec -OutputDirectory $(OutDir)</Comm
|
|||
<ProjectReference Include="..\..\ebpfapi\ebpfapi.vcxproj">
|
||||
<Project>{75fe223a-3e45-4b0e-a2e8-04285e52e440}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\external\usersim\src\usersim.vcxproj">
|
||||
<Project>{030a7ac6-14dc-45cf-af34-891057ab1402}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\..\libs\store_helper\kernel\ebpf_store_helper_km.vcxproj">
|
||||
<Project>{3569e946-c8b4-49ee-a89d-edd09dc9f36e}</Project>
|
||||
</ProjectReference>
|
||||
<ProjectReference Include="..\bpf2c\bpf2c.vcxproj">
|
||||
<Project>{69b97e52-18dc-434e-a6e4-4c0f3e88c44a}</Project>
|
||||
</ProjectReference>
|
||||
|
|
Загрузка…
Ссылка в новой задаче