remove --no-verify option from bpf2c and tests using it (#3673)
* remove --no-verify option from bpf2c and tests using it Closes #3571 * remove builds for unsafe programs in sample.vcxproj * remove unsafe test cases from netsh_test.cpp * remove new noverify references * Revert deletion of netsh tests. * Add back compilation of unsafe programs (but not bpf2c call) * remove invalid program tests which used noverify * remove end_to_end tests using noverify --------- Co-authored-by: Michael Agun <danielagun@microsoft.com>
This commit is contained in:
D. Michael Agun
GitHub
Родитель
0396def741
Коммит
a41953dc62
|
|
@ -63,11 +63,9 @@ function Update-ExpectedOutput
|
|||
## Get all files in the sample path
|
||||
$SampleFiles = Get-ChildItem -Path $SamplePath | Where-Object {$_.PSIsContainer -eq $false} | Select-Object -Property Name
|
||||
$CustomSampleFiles = Get-ChildItem -Path $SamplePath\custom_program_type | Where-Object {$_.PSIsContainer -eq $false} | Select-Object -Property Name
|
||||
$UnsafeSampleFiles = Get-ChildItem -Path $SamplePath\unsafe | Where-Object {$_.PSIsContainer -eq $false} | Select-Object -Property Name
|
||||
$UndockedSampleFiles = Get-ChildItem -Path $SamplePath\undocked | Where-Object {$_.PSIsContainer -eq $false} | Select-Object -Property Name
|
||||
|
||||
$SampleFiles += $CustomSampleFiles
|
||||
$SampleFiles += $UnsafeSampleFiles
|
||||
$SampleFiles += $UndockedSampleFiles
|
||||
|
||||
Set-Location $BuildPath
|
||||
|
|
@ -80,12 +78,6 @@ function Update-ExpectedOutput
|
|||
$additional_options = "--type bind"
|
||||
}
|
||||
|
||||
# If file is in the set $UnsafeSampleFiles, then add the --no-verify option.
|
||||
if ($UnsafeSampleFiles -contains $file)
|
||||
{
|
||||
$additional_options = "--no-verify"
|
||||
}
|
||||
|
||||
$ext = [System.IO.Path]::GetExtension($file.Name)
|
||||
if (($ext -ne ".c") -and ($ext -ne ".C") -and ($ext -ne ".o") -and ($ext -ne ".O"))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1082,68 +1082,6 @@ test_sock_addr_native_program_load_attach(const char* file_name)
|
|||
|
||||
DECLARE_REGRESSION_TEST_CASE("0.11.0")
|
||||
|
||||
// The below tests try to load native drivers for invalid programs (that will fail verification).
|
||||
// Since verification can be skipped in bpf2c for only Debug builds, these tests are applicable
|
||||
// only for Debug build.
|
||||
#ifdef _DEBUG
|
||||
|
||||
// Load a native module that has 0 programs.
|
||||
// TODO(#3597): The empty file should pass bpf2c so should be enabled for Release as well.
|
||||
TEST_CASE("load_native_program_empty", "[native_tests]")
|
||||
{
|
||||
bpf_object* object = bpf_object__open("empty.sys");
|
||||
REQUIRE(object != nullptr);
|
||||
|
||||
REQUIRE(bpf_object__load(object) == 0);
|
||||
|
||||
// Verify that no programs exist but at least one map exists.
|
||||
uint32_t next_id;
|
||||
REQUIRE(bpf_prog_get_next_id(0, &next_id) == -ENOENT);
|
||||
REQUIRE(bpf_map_get_next_id(0, &next_id) == 0);
|
||||
|
||||
bpf_object__close(object);
|
||||
|
||||
// Verify no maps exist.
|
||||
REQUIRE(bpf_map_get_next_id(0, &next_id) == -ENOENT);
|
||||
}
|
||||
|
||||
static void
|
||||
_load_invalid_program(_In_z_ const char* file_name, ebpf_execution_type_t execution_type, int expected_result)
|
||||
{
|
||||
int result;
|
||||
bpf_object* object = nullptr;
|
||||
fd_t program_fd;
|
||||
uint32_t next_id;
|
||||
|
||||
result = _program_load_helper(file_name, BPF_PROG_TYPE_UNSPEC, execution_type, &object, &program_fd);
|
||||
REQUIRE(result == expected_result);
|
||||
REQUIRE(program_fd == ebpf_fd_invalid);
|
||||
|
||||
if (result != 0) {
|
||||
// If load failed, no programs or maps should be loaded.
|
||||
REQUIRE(bpf_map_get_next_id(0, &next_id) == -ENOENT);
|
||||
REQUIRE(bpf_prog_get_next_id(0, &next_id) == -ENOENT);
|
||||
}
|
||||
}
|
||||
|
||||
TEST_CASE("load_native_program_invalid1", "[native][negative]")
|
||||
{
|
||||
_load_invalid_program("invalid_maps1.sys", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
TEST_CASE("load_native_program_invalid2", "[native][negative]")
|
||||
{
|
||||
_load_invalid_program("invalid_maps2.sys", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
TEST_CASE("load_native_program_invalid3", "[native][negative]")
|
||||
{
|
||||
_load_invalid_program("invalid_helpers.sys", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
TEST_CASE("load_native_program_invalid5", "[native][negative]")
|
||||
{
|
||||
_load_invalid_program("invalid_maps3.sys", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
#endif // _DEBUG
|
||||
|
||||
TEST_CASE("ioctl_stress", "[stress]")
|
||||
{
|
||||
// Load bindmonitor_ringbuf.sys
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@
|
|||
#include <vector>
|
||||
|
||||
#define main test_main
|
||||
#define ENABLE_SKIP_VERIFY
|
||||
#include "bpf2c.cpp"
|
||||
#undef main
|
||||
|
||||
|
|
@ -86,7 +85,6 @@ run_test_main(std::vector<const char*> argv)
|
|||
enum class _test_mode
|
||||
{
|
||||
Verify,
|
||||
NoVerify,
|
||||
VerifyFail,
|
||||
UseHash,
|
||||
UseHashSHA512,
|
||||
|
|
@ -101,9 +99,6 @@ run_test_elf(const std::string& elf_file, _test_mode test_mode, const std::optio
|
|||
std::vector<const char*> argv;
|
||||
auto name = elf_file.substr(0, elf_file.find('.'));
|
||||
argv.push_back("bpf2c.exe");
|
||||
if (test_mode == _test_mode::NoVerify) {
|
||||
argv.push_back("--no-verify");
|
||||
}
|
||||
argv.push_back("--bpf");
|
||||
argv.push_back(elf_file.c_str());
|
||||
if (test_mode == _test_mode::UseHash) {
|
||||
|
|
@ -137,8 +132,7 @@ run_test_elf(const std::string& elf_file, _test_mode test_mode, const std::optio
|
|||
auto [out, err, result_value] = run_test_main(argv);
|
||||
switch (test_mode) {
|
||||
case _test_mode::FileOutput:
|
||||
case _test_mode::Verify:
|
||||
case _test_mode::NoVerify: {
|
||||
case _test_mode::Verify: {
|
||||
std::vector<std::string> expected_output = read_contents<std::ifstream>(
|
||||
std::string("expected\\") + name + suffix,
|
||||
{transform_line_directives<'\\'>, transform_line_directives<'/'>, transform_fix_opcode_comment});
|
||||
|
|
@ -202,7 +196,6 @@ run_test_elf(const std::string& elf_file, _test_mode test_mode, const std::optio
|
|||
TEST_CASE(FILE "-custom-" #MODE, "[elf_bpf_code_gen]") { run_test_elf(FILE ".o", MODE, TYPE); }
|
||||
|
||||
DECLARE_TEST("atomic_instruction_fetch_add", _test_mode::Verify)
|
||||
DECLARE_TEST("atomic_instruction_others", _test_mode::NoVerify)
|
||||
DECLARE_TEST("bad_map_name", _test_mode::Verify)
|
||||
DECLARE_TEST("bindmonitor", _test_mode::Verify)
|
||||
DECLARE_TEST("bindmonitor_ringbuf", _test_mode::Verify)
|
||||
|
|
@ -216,16 +209,9 @@ DECLARE_TEST("cgroup_sock_addr2", _test_mode::Verify)
|
|||
DECLARE_TEST("decap_permit_packet", _test_mode::Verify)
|
||||
DECLARE_TEST("divide_by_zero", _test_mode::Verify)
|
||||
DECLARE_TEST("droppacket", _test_mode::Verify)
|
||||
DECLARE_TEST("droppacket_unsafe", _test_mode::NoVerify)
|
||||
DECLARE_TEST("empty", _test_mode::NoVerify)
|
||||
DECLARE_TEST("encap_reflect_packet", _test_mode::Verify)
|
||||
DECLARE_TEST("hash_of_map", _test_mode::Verify)
|
||||
DECLARE_TEST("inner_map", _test_mode::Verify)
|
||||
DECLARE_TEST("invalid_helpers", _test_mode::NoVerify);
|
||||
DECLARE_TEST("invalid_maps1", _test_mode::NoVerify);
|
||||
DECLARE_TEST("invalid_maps2", _test_mode::NoVerify);
|
||||
DECLARE_TEST("invalid_maps3", _test_mode::NoVerify);
|
||||
DECLARE_TEST("map", _test_mode::NoVerify)
|
||||
DECLARE_TEST("map_in_map_btf", _test_mode::Verify)
|
||||
DECLARE_TEST("map_in_map_legacy_id", _test_mode::Verify)
|
||||
DECLARE_TEST("map_in_map_legacy_idx", _test_mode::Verify)
|
||||
|
|
@ -234,7 +220,6 @@ DECLARE_TEST("map_reuse_2", _test_mode::Verify)
|
|||
DECLARE_TEST("pidtgid", _test_mode::Verify)
|
||||
DECLARE_TEST("printk", _test_mode::Verify)
|
||||
DECLARE_TEST("printk_legacy", _test_mode::Verify)
|
||||
DECLARE_TEST("printk_unsafe", _test_mode::NoVerify)
|
||||
DECLARE_TEST("reflect_packet", _test_mode::Verify)
|
||||
DECLARE_TEST("sockops", _test_mode::Verify)
|
||||
DECLARE_TEST("tail_call", _test_mode::Verify)
|
||||
|
|
@ -248,8 +233,6 @@ DECLARE_TEST("test_sample_ebpf", _test_mode::Verify)
|
|||
DECLARE_TEST("test_utility_helpers", _test_mode::Verify)
|
||||
DECLARE_TEST("cgroup_sock_addr", _test_mode::UseHashSHA512)
|
||||
DECLARE_TEST("cgroup_sock_addr2", _test_mode::UseHashX)
|
||||
DECLARE_TEST("xdp_adjust_head_unsafe", _test_mode::NoVerify)
|
||||
DECLARE_TEST("xdp_datasize_unsafe", _test_mode::NoVerify)
|
||||
|
||||
DECLARE_TEST("no_such_file", _test_mode::FileNotFound)
|
||||
DECLARE_TEST_CUSTOM_PROGRAM_TYPE("bpf", _test_mode::UseHash, std::string("bind"))
|
||||
|
|
@ -265,7 +248,7 @@ TEST_CASE("help", "[bpf2c_cli]")
|
|||
|
||||
auto [out, err, result_value] = run_test_main(argv);
|
||||
REQUIRE(result_value != 0);
|
||||
std::vector<std::string> options = {"--sys", "--dll", "--no-verify", "--bpf", "--hash", "--help"};
|
||||
std::vector<std::string> options = {"--sys", "--dll", "--bpf", "--hash", "--help"};
|
||||
for (const auto& option : options) {
|
||||
REQUIRE(err.find(option) != std::string::npos);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2787,130 +2787,6 @@ TEST_CASE("load_native_program_negative6", "[end-to-end]")
|
|||
&count_of_programs) == ERROR_OBJECT_ALREADY_EXISTS);
|
||||
}
|
||||
|
||||
// The below tests try to load native drivers for invalid programs (that will fail verification).
|
||||
// Since verification can be skipped in bpf2c for only Debug builds, these tests are applicable
|
||||
// only for Debug build.
|
||||
#ifdef _DEBUG
|
||||
|
||||
// Load a native module that has 0 programs.
|
||||
// TODO(#3597): The empty file should pass bpf2c so should be enabled for Release as well.
|
||||
TEST_CASE("load_native_program_empty", "[end-to-end]")
|
||||
{
|
||||
_test_helper_end_to_end test_helper;
|
||||
test_helper.initialize();
|
||||
|
||||
GUID provider_module_id = GUID_NULL;
|
||||
SC_HANDLE service_handle = nullptr;
|
||||
std::wstring service_path(SERVICE_PATH_PREFIX);
|
||||
size_t count_of_maps = 0;
|
||||
size_t count_of_programs = 0;
|
||||
ebpf_handle_t map_handles = ebpf_handle_invalid;
|
||||
ebpf_handle_t program_handles = ebpf_handle_invalid;
|
||||
_test_handle_helper module_handle;
|
||||
|
||||
REQUIRE(UuidCreate(&provider_module_id) == RPC_S_OK);
|
||||
|
||||
// Creating valid service with valid driver.
|
||||
_create_service_helper(L"empty_um.dll", NATIVE_DRIVER_SERVICE_NAME, &provider_module_id, &service_handle);
|
||||
|
||||
// Load native module. It should succeed.
|
||||
service_path = service_path + NATIVE_DRIVER_SERVICE_NAME;
|
||||
REQUIRE(
|
||||
test_ioctl_load_native_module(
|
||||
service_path,
|
||||
&provider_module_id,
|
||||
module_handle.get_handle_pointer(),
|
||||
&count_of_maps,
|
||||
&count_of_programs) == ERROR_SUCCESS);
|
||||
|
||||
// Try to load the programs from the module with 0 programs.
|
||||
REQUIRE(
|
||||
test_ioctl_load_native_programs(&provider_module_id, 1, &map_handles, 0, &program_handles) == ERROR_SUCCESS);
|
||||
REQUIRE(map_handles != ebpf_handle_invalid);
|
||||
|
||||
// Delete the created service.
|
||||
Platform::_delete_service(service_handle);
|
||||
}
|
||||
|
||||
static void
|
||||
_load_invalid_program(_In_z_ const char* file_name, ebpf_execution_type_t execution_type, int expected_result)
|
||||
{
|
||||
// _test_helper_end_to_end must be done by the caller.
|
||||
|
||||
int result;
|
||||
bpf_object_ptr unique_object;
|
||||
fd_t program_fd;
|
||||
uint32_t next_id;
|
||||
|
||||
program_info_provider_t bind_program_info;
|
||||
REQUIRE(bind_program_info.initialize(EBPF_PROGRAM_TYPE_BIND) == EBPF_SUCCESS);
|
||||
|
||||
result = ebpf_program_load(file_name, BPF_PROG_TYPE_UNSPEC, execution_type, &unique_object, &program_fd, nullptr);
|
||||
REQUIRE(result == expected_result);
|
||||
REQUIRE(program_fd == ebpf_fd_invalid);
|
||||
|
||||
if (result != 0) {
|
||||
// If load failed, no programs or maps should be loaded.
|
||||
REQUIRE(bpf_map_get_next_id(0, &next_id) == -ENOENT);
|
||||
REQUIRE(bpf_prog_get_next_id(0, &next_id) == -ENOENT);
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
_test_load_invalid_program(_In_z_ const char* file_name, ebpf_execution_type_t execution_type, int expected_result)
|
||||
{
|
||||
_test_helper_end_to_end test_helper;
|
||||
test_helper.initialize();
|
||||
_load_invalid_program(file_name, execution_type, expected_result);
|
||||
}
|
||||
|
||||
TEST_CASE("load_native_program_invalid1", "[end-to-end]")
|
||||
{
|
||||
_test_load_invalid_program("invalid_maps1_um.dll", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
TEST_CASE("load_native_program_invalid2", "[end-to-end]")
|
||||
{
|
||||
_test_load_invalid_program("invalid_maps2_um.dll", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
TEST_CASE("load_native_program_invalid3", "[end-to-end]")
|
||||
{
|
||||
_test_load_invalid_program("invalid_helpers_um.dll", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
TEST_CASE("load_native_program_invalid5", "[end-to-end]")
|
||||
{
|
||||
_test_load_invalid_program("invalid_maps3_um.dll", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
|
||||
typedef struct _ebpf_scoped_non_preemptible
|
||||
{
|
||||
_ebpf_scoped_non_preemptible()
|
||||
{
|
||||
ebpf_assert_success(
|
||||
ebpf_set_current_thread_affinity((uintptr_t)1 << ebpf_get_current_cpu(), &old_thread_affinity));
|
||||
KeRaiseIrql(DISPATCH_LEVEL, &old_irql);
|
||||
}
|
||||
~_ebpf_scoped_non_preemptible()
|
||||
{
|
||||
KeLowerIrql(old_irql);
|
||||
ebpf_restore_current_thread_affinity(old_thread_affinity);
|
||||
}
|
||||
uintptr_t old_thread_affinity = 0;
|
||||
KIRQL old_irql = PASSIVE_LEVEL;
|
||||
} ebpf_scoped_non_preemptible_t;
|
||||
|
||||
TEST_CASE("load_native_program_invalid5-non-preemptible", "[end-to-end]")
|
||||
{
|
||||
_test_helper_end_to_end test_helper;
|
||||
test_helper.initialize();
|
||||
|
||||
// Raising virtual IRQL to dispatch will ensure ebpf_native_load queues
|
||||
// a workitem and that code path is executed. This must be done after
|
||||
// invoking test_helper, which initializes the platform.
|
||||
ebpf_scoped_non_preemptible_t non_preemptible;
|
||||
_load_invalid_program("invalid_maps3_um.dll", EBPF_EXECUTION_NATIVE, -EINVAL);
|
||||
}
|
||||
#endif
|
||||
|
||||
// Load native module and then use module handle for a different purpose.
|
||||
TEST_CASE("native_module_handle_test_negative", "[end-to-end]")
|
||||
{
|
||||
|
|
|
|||
|
|
@ -221,14 +221,8 @@
|
|||
<Command>clang $(ClangFlags) -c %(Filename).c -o $(OutputPath)%(Filename).o</Command>
|
||||
<Command>
|
||||
clang $(ClangFlags) -I../xdp -I../socket -I./ext/inc -I../../netebpfext -c unsafe\%(Filename).c -o $(OutputPath)%(Filename).o
|
||||
pushd $(OutDir)
|
||||
powershell -NonInteractive -ExecutionPolicy Unrestricted .\Convert-BpfToNative.ps1 -FileName %(Filename) -IncludeDir $(SolutionDir)\include -Platform $(Platform) -Configuration $(KernelConfiguration) -KernelMode $true -SkipVerification $true
|
||||
powershell -NonInteractive -ExecutionPolicy Unrestricted .\Convert-BpfToNative.ps1 -FileName %(Filename) -IncludeDir $(SolutionDir)\include -Platform $(Platform) -Configuration $(Configuration) -KernelMode $false -SkipVerification $true
|
||||
popd
|
||||
</Command>
|
||||
<Outputs>$(OutputPath)%(Filename).o</Outputs>
|
||||
<!-- Don't run bpf2c in parallel when built with fuzzing flags as this triggers failures. -->
|
||||
<BuildInParallel Condition="'$(Fuzzer)'!='True' And '$(AddressSanitizer)'!='True'">true</BuildInParallel>
|
||||
</CustomBuild>
|
||||
</ItemGroup>
|
||||
<ItemGroup Condition="'$(Configuration)'=='NativeOnlyDebug'">
|
||||
|
|
@ -237,14 +231,8 @@
|
|||
<Command>clang $(ClangFlags) -c %(Filename).c -o $(OutputPath)%(Filename).o</Command>
|
||||
<Command>
|
||||
clang $(ClangFlags) -I../xdp -I../socket -I./ext/inc -I../../netebpfext -c unsafe\%(Filename).c -o $(OutputPath)%(Filename).o
|
||||
pushd $(OutDir)
|
||||
powershell -NonInteractive -ExecutionPolicy Unrestricted .\Convert-BpfToNative.ps1 -FileName %(Filename) -IncludeDir $(SolutionDir)\include -Platform $(Platform) -Configuration $(KernelConfiguration) -KernelMode $true -SkipVerification $true
|
||||
powershell -NonInteractive -ExecutionPolicy Unrestricted .\Convert-BpfToNative.ps1 -FileName %(Filename) -IncludeDir $(SolutionDir)\include -Platform $(Platform) -Configuration $(Configuration) -KernelMode $false -SkipVerification $true
|
||||
popd
|
||||
</Command>
|
||||
<Outputs>$(OutputPath)%(Filename).o</Outputs>
|
||||
<!-- Don't run bpf2c in parallel when built with fuzzing flags as this triggers failures. -->
|
||||
<BuildInParallel Condition="'$(Fuzzer)'!='True' And '$(AddressSanitizer)'!='True'">true</BuildInParallel>
|
||||
</CustomBuild>
|
||||
</ItemGroup>
|
||||
<ItemGroup Condition="'$(Configuration)'=='FuzzerDebug'">
|
||||
|
|
@ -253,14 +241,8 @@
|
|||
<Command>clang $(ClangFlags) -c %(Filename).c -o $(OutputPath)%(Filename).o</Command>
|
||||
<Command>
|
||||
clang $(ClangFlags) -I../xdp -I../socket -I./ext/inc -I../../netebpfext -c unsafe\%(Filename).c -o $(OutputPath)%(Filename).o
|
||||
pushd $(OutDir)
|
||||
powershell -NonInteractive -ExecutionPolicy Unrestricted .\Convert-BpfToNative.ps1 -FileName %(Filename) -IncludeDir $(SolutionDir)\include -Platform $(Platform) -Configuration $(KernelConfiguration) -KernelMode $true -SkipVerification $true
|
||||
powershell -NonInteractive -ExecutionPolicy Unrestricted .\Convert-BpfToNative.ps1 -FileName %(Filename) -IncludeDir $(SolutionDir)\include -Platform $(Platform) -Configuration $(Configuration) -KernelMode $false -SkipVerification $true
|
||||
popd
|
||||
</Command>
|
||||
<Outputs>$(OutputPath)%(Filename).o</Outputs>
|
||||
<!-- Don't run bpf2c in parallel when built with fuzzing flags as this triggers failures. -->
|
||||
<BuildInParallel Condition="'$(Fuzzer)'!='True' And '$(AddressSanitizer)'!='True'">true</BuildInParallel>
|
||||
</CustomBuild>
|
||||
</ItemGroup>
|
||||
<ItemGroup Condition="'$(Configuration)'=='Release'">
|
||||
|
|
|
|||
|
|
@ -30,9 +30,6 @@
|
|||
.PARAMETER Configuration
|
||||
Specifies the build configuration. Valid values include "Release", "FuzzerDebug", and "Debug".
|
||||
|
||||
.PARAMETER SkipVerification
|
||||
Specifies whether to skip verification of the generated driver. This parameter is only supported for Debug builds.
|
||||
|
||||
.PARAMETER KernelMode
|
||||
Specifies whether to generate a kernel-mode driver. If this parameter is false, a user DLL will be generated.
|
||||
|
||||
|
|
@ -75,7 +72,6 @@ param([parameter(Mandatory = $true)] [string] $FileName,
|
|||
[parameter(Mandatory = $false)] [string] $OutDir = "$PWD",
|
||||
[parameter(Mandatory = $false)] [string] $Platform = "x64",
|
||||
[ValidateSet("Release", "NativeOnlyRelease", "FuzzerDebug", "Debug", "NativeOnlyDebug")][parameter(Mandatory = $false)] [string] $Configuration = "Release",
|
||||
[parameter(Mandatory = $false)] [bool] $SkipVerification = $false,
|
||||
[parameter(Mandatory = $false)] [bool] $KernelMode = $true,
|
||||
[parameter(Mandatory = $false)] [string] $ResourceFile = "")
|
||||
|
||||
|
|
@ -89,11 +85,6 @@ if ($FileName.EndsWith(".o")) {
|
|||
$FileName = $FileName.Substring(0, $FileName.Length - 2)
|
||||
}
|
||||
|
||||
# SkipVerification is only supported for Debug builds.
|
||||
if ($Configuration -eq "Release" -and $SkipVerification) {
|
||||
throw "Invalid parameter. SkipVerification is only supported for Debug builds"
|
||||
}
|
||||
|
||||
if ((Get-Command 'msbuild.exe' -ErrorAction SilentlyContinue) -eq $null) {
|
||||
throw "Unable to locate msbuild.exe. This command needs to run within a 'Developer Command Prompt'"
|
||||
}
|
||||
|
|
@ -126,8 +117,6 @@ else {
|
|||
Set-Content -Path $ProjectFile -Value $UserModeProject
|
||||
}
|
||||
|
||||
$AdditionalOptions = If ($SkipVerification) {"--no-verify"} Else {""}
|
||||
|
||||
if ($PSBoundParameters.ContainsKey("Type")) {
|
||||
$AdditionalOptions += " --type $Type"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -143,7 +143,6 @@ main(int argc, char** argv)
|
|||
std::string output_file_name;
|
||||
std::string type_string = "";
|
||||
std::string hash_algorithm = EBPF_HASH_ALGORITHM;
|
||||
bool verify_programs = true;
|
||||
std::vector<std::string> parameters(argv + 1, argv + argc);
|
||||
auto iter = parameters.begin();
|
||||
auto iter_end = parameters.end();
|
||||
|
|
@ -178,14 +177,6 @@ main(int argc, char** argv)
|
|||
}
|
||||
return true;
|
||||
}}},
|
||||
#if defined(ENABLE_SKIP_VERIFY)
|
||||
{"--no-verify",
|
||||
{"Skip validating code using verifier",
|
||||
[&]() {
|
||||
verify_programs = false;
|
||||
return true;
|
||||
}}},
|
||||
#endif
|
||||
{"--bpf",
|
||||
{"Input ELF file containing BPF byte code",
|
||||
[&]() {
|
||||
|
|
@ -273,7 +264,7 @@ main(int argc, char** argv)
|
|||
ebpf_api_program_info_t* infos = nullptr;
|
||||
const char* error_message = nullptr;
|
||||
ebpf_result_t result = ebpf_enumerate_programs(file.c_str(), false, &infos, &error_message);
|
||||
if ((result != EBPF_SUCCESS) && verify_programs) {
|
||||
if (result != EBPF_SUCCESS) {
|
||||
std::cerr << error_message << std::endl;
|
||||
ebpf_free_string(error_message);
|
||||
return 1;
|
||||
|
|
@ -303,16 +294,16 @@ main(int argc, char** argv)
|
|||
const char* report = nullptr;
|
||||
ebpf_api_verifier_stats_t stats;
|
||||
std::optional<std::vector<uint8_t>> program_info_hash;
|
||||
if (verify_programs && ebpf_api_elf_verify_program_from_memory(
|
||||
data.c_str(),
|
||||
data.size(),
|
||||
program->section_name,
|
||||
program->program_name,
|
||||
(global_program_type_set) ? &program_type : &program->program_type,
|
||||
EBPF_VERIFICATION_VERBOSITY_NORMAL,
|
||||
&report,
|
||||
&error_message,
|
||||
&stats) != 0) {
|
||||
if (ebpf_api_elf_verify_program_from_memory(
|
||||
data.c_str(),
|
||||
data.size(),
|
||||
program->section_name,
|
||||
program->program_name,
|
||||
(global_program_type_set) ? &program_type : &program->program_type,
|
||||
EBPF_VERIFICATION_VERBOSITY_NORMAL,
|
||||
&report,
|
||||
&error_message,
|
||||
&stats) != 0) {
|
||||
report = ((report == nullptr) ? "" : report);
|
||||
throw std::runtime_error(
|
||||
std::string("Verification failed for ") + std::string(program->program_name) +
|
||||
|
|
@ -324,11 +315,9 @@ main(int argc, char** argv)
|
|||
error_message = nullptr;
|
||||
|
||||
const ebpf_program_info_t* program_info = nullptr;
|
||||
if (verify_programs) {
|
||||
result = ebpf_get_program_info_from_verifier(&program_info);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
throw std::runtime_error(std::string("Failed to get program information"));
|
||||
}
|
||||
result = ebpf_get_program_info_from_verifier(&program_info);
|
||||
if (result != EBPF_SUCCESS) {
|
||||
throw std::runtime_error(std::string("Failed to get program information"));
|
||||
}
|
||||
generator.parse(
|
||||
program,
|
||||
|
|
@ -338,7 +327,7 @@ main(int argc, char** argv)
|
|||
hash_algorithm);
|
||||
generator.generate(program->section_name, program->program_name);
|
||||
|
||||
if (verify_programs && (hash_algorithm != "none")) {
|
||||
if (hash_algorithm != "none") {
|
||||
std::vector<int32_t> helper_ids = generator.get_helper_ids();
|
||||
program_info_hash = get_program_info_type_hash(helper_ids, hash_algorithm);
|
||||
generator.set_program_hash_info(program_info_hash);
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@
|
|||
</PropertyGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;ENABLE_SKIP_VERIFY;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)external\ebpf-verifier\external\bpf_conformance\external\elfio;$(SolutionDir)external\ebpf-verifier\external\libbtf;$(SolutionDir)external\ubpf\vm;$(SolutionDir)libs\shared;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)resource;$(SolutionDir)tests\libs\util;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
|
@ -120,7 +120,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;ENABLE_SKIP_VERIFY;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)external\ebpf-verifier\external\bpf_conformance\external\elfio;$(SolutionDir)external\ebpf-verifier\external\libbtf;$(SolutionDir)external\ubpf\vm;$(SolutionDir)libs\shared;$(OutDir);$(OutDir)..\Debug;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)resource;$(SolutionDir)tests\libs\util;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
|
@ -135,7 +135,7 @@
|
|||
</ItemDefinitionGroup>
|
||||
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
|
||||
<ClCompile>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;ENABLE_SKIP_VERIFY;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
|
||||
<ConformanceMode>true</ConformanceMode>
|
||||
<AdditionalIncludeDirectories>$(SolutionDir)include;$(SolutionDir)external\ebpf-verifier\external\bpf_conformance\external\elfio;$(SolutionDir)external\ebpf-verifier\external\libbtf;$(SolutionDir)external\ubpf\vm;$(SolutionDir)libs\shared;$(OutDir);$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)resource;$(SolutionDir)tests\libs\util;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
|
||||
</ClCompile>
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче