From a46b00c2e3829958b9f60e093d5703ea98342a05 Mon Sep 17 00:00:00 2001 From: Dave Thaler Date: Tue, 15 Jun 2021 08:44:43 -0700 Subject: [PATCH] Add VM setup scripts and docs (#281) * Create an install script rather than having to manually do lots of steps * Make Debug build use vcruntime as static libs to avoid adding another prerequisite on a machine before installing eBPF. This isn't required for Release builds as vcruntime release DLLs are part of Windows, unlike vcruntime debug DLLs Fixes #248 Signed-off-by: Dave Thaler --- docs/GettingStarted.md | 50 +++++---- docs/vm-setup.md | 42 ++++++++ ebpfapi/ebpfapi.vcxproj | 7 +- ebpfsvc/eBPFSvc.vcxproj | 3 +- external/ebpf-verifier | 2 +- libs/api/api.vcxproj | 3 +- libs/api_common/api_common.vcxproj | 3 +- .../kernel/execution_context_kernel.vcxproj | 7 +- .../unit/execution_context_unit_test.vcxproj | 2 + .../user/execution_context_user.vcxproj | 7 +- libs/platform/kernel/platform_kernel.vcxproj | 10 +- libs/platform/unit/platform_unit_test.vcxproj | 2 + libs/platform/user/platform_user.vcxproj | 2 + libs/service/service.vcxproj | 3 +- libs/ubpf/kernel/ubpf_kernel.vcxproj | 2 +- libs/ubpf/user/ubpf_user.vcxproj | 7 +- netebpfext/netebpfext.vcxproj | 4 +- scripts/deploy-ebpf.ps1 | 102 ++++++++++++++++++ scripts/install-ebpf.bat | 28 +++++ tests/api_test/api_test.vcxproj | 3 +- tests/client/ebpf_client.vcxproj | 3 +- tests/end_to_end/end_to_end.vcxproj | 2 +- tests/libs/common/common_tests.vcxproj | 3 +- tests/libs/util/test_util.vcxproj | 2 + tools/dnsflood/dnsflood.vcxproj | 3 +- .../encode_program_information.vcxproj | 2 + tools/netsh/ebpfnetsh.vcxproj | 2 +- tools/port_leak/port_leak.vcxproj | 2 + tools/port_quota/port_quota.vcxproj | 3 +- 29 files changed, 262 insertions(+), 49 deletions(-) create mode 100644 docs/vm-setup.md create mode 100644 scripts/deploy-ebpf.ps1 create mode 100644 scripts/install-ebpf.bat diff --git a/docs/GettingStarted.md b/docs/GettingStarted.md index e6c3ce9a4..9ed01eb9f 100644 --- a/docs/GettingStarted.md +++ b/docs/GettingStarted.md @@ -46,6 +46,21 @@ and a few binaries just used for demo'ing eBPF functionality, as in the demo wal * port_quota.exe: A sample utility to illustrate using eBPF to manage port quotas to defend against port_leak.exe and similar "buggy" apps. +## Installing eBPF for Windows + +Windows requires that one of the following criteria be met prior to loading a driver: +a. Driver is signed using a certificate that chains up to the Microsoft code signing root (aka a production signed driver). +b. The OS is booted with a kernel debugger attached. +c. The OS is running in [test-signing mode](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/the-testsigning-boot-configuration-option), the [driver is test signed](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/test-signing-a-driver-through-an-embedded-signature) and the [test certificate is installed](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/installing-test-certificates). + +Since the binaries built above are not signed by Microsoft, they will only work on a machine with +a kernel debugger (KD) attached and running, or test signing is enabled. (It is expected that official +releases of eBPF for Windows will eventually be production signed at some point in the future after +security hardening is completed.) + +For basic testing, the simplest way to install eBPF for Windows is into a Windows VM with test signing enabled. +Follow the [VM Installation Instructions](vm-setup.md) to do so. + ## Using eBPF for Windows If you're not already familiar with eBPF, or want a detailed walkthrough, see our [eBPF tutorial](tutorial.md). @@ -55,25 +70,16 @@ For API documentation, see https://microsoft.github.io/ebpf-for-windows/ This section shows how to use eBPF for Windows in a demo that defends against a 0-byte UDP attack on a DNS server. ### Prep -Set up 2 VMs, which we will refer to as the "attacker" machine and the "defender" machine +Set up 2 VMs, which we will refer to as the "attacker" machine and the "defender" machine. -On the defender machine, do the following: -1. Install and set up a DNS server -2. Make sure that either the kernel debugger (KD) is attached and running, or one of the [alternatives to running with kernel debugger attached](#alternatives-to-running-with-kernel-debugger-attached) is in place -3. Install Debug VS 2019 VC redist from TBD (or switch everything to Multi-threaded Debug (/MTd) and rebuild) -4. Copy ebpfcore.sys to %windir%\system32\drivers -5. Copy netebpfext.sys to %windir%\system32\drivers -6. Copy ebpfsvc.exe to %windir%\system32 -7. Copy ebpfapi.dll and ebpfnetsh.dll to %windir%\system32 -8. Do `sc create EbpfCore type=kernel start=boot binpath=%windir%\system32\drivers\ebpfcore.sys` -9. Do `sc start EbpfCore` -10. Do `sc create NetEbpfExt type=kernel start=boot binpath=%windir%\system32\drivers\netebpfext.sys` -11. Do `sc start NetEbpfExt` -12. Do `%windir%\system32\ebpfsvc.exe install` -13. Do `sc start ebpfsvc` -14. Do `netsh add helper %windir%\system32\ebpfnetsh.dll` -15. Install [clang](https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.0/LLVM-11.0.0-win64.exe) -16. Copy droppacket.c and ebpf.h to a folder (such as c:\test) +On a defender machine with [eBPF installed](#installing-ebpf-for-windows), do the following: + +1. Install and set up a DNS server. +2. Make sure that either test signing was enabled as discussed in + [Installing eBPF for Windows](#installing-ebpf-for-windows), or the kernel debugger (KD) is attached and running. +3. Install [clang](https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.0/LLVM-11.0.0-win64.exe) + if not already installed on the defender machine. +4. Copy droppacket.c and ebpf.h to a folder (such as c:\test). On the attacker machine, do the following: 1. Copy DnsFlood.exe to attacker machine @@ -100,14 +106,6 @@ On the attacker machine, do the following: 15. Show that the verifier rejects the code ```netsh ebpf show verification droppacket.o xdp``` 16. Show that loading the program fails ```netsh ebpf add program droppacket.o xdp``` -## Alternatives to running with kernel debugger attached -Windows requires that one of the following criteria be met prior to loading a driver: -1. Driver is signed using a certificate that chains up to the Microsoft code signing root (aka a production signed driver). -2. The OS is booted with a kernel debugger attached. -3. The OS is running in [test-signing mode](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/the-testsigning-boot-configuration-option), the [driver is test signed](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/test-signing-a-driver-through-an-embedded-signature) and the [test certificate is installed](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/installing-test-certificates). - -Official releases of eBPF for Windows will be production signed. - ## Tests in Ebpf-For-Windows The tests in Ebpf-For-Windows are written using the [Catch2](https://github.com/catchorg/Catch2) test framework. diff --git a/docs/vm-setup.md b/docs/vm-setup.md new file mode 100644 index 000000000..b7502a17a --- /dev/null +++ b/docs/vm-setup.md @@ -0,0 +1,42 @@ +# VM Installation Instructions + +## One-Time Setup + +1. Enable Hyper-V as follows: + 1. Type in Hyper-V in the search bar. + 2. If "Hyper-V Manager" does not show up under Apps: + * Click on "Turn Windows features on or off" + * Check the Hyper-V checkbox and click OK + * Reboot when prompted + +2. Install a Windows VM as follows: + 1. Run "Hyper-V Manager". + 2. Select the current machine in the left pane. + 3. Click the "Quick Create..." action in the rightmost pane. + 4. When the Create Virtual Machine dialog appears, select "Windows 10 dev environment". + 5. Click the "Create Virtual Machine" button. + 6. Once that is complete click the "Edit Settings" button. + 7. Select security, clear the "Enable Scure Boot" checkbox, and click OK. (This is a prerequisite for + enabling test signed binaries.) + 8. Click "Connect" and start the VM. + +3. From within the VM desktop, enable test signed binaries as follows: + (see [testsigning](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/the-testsigning-boot-configuration-option) for more discussion): + 1. Start an admin command shell (cmd.exe). + 2. Do `bcdedit.exe -set TESTSIGNING ON`. + 3. Restart the VM so that the change will be applied. + +## Installing eBPF into a VM + +Once the one-time setup has been completed, the following steps will +install or update the eBPF installation in the VM, from a machine that +has already built the binaries for x64/Debug. + +1. Deploy the binaries to `C:\Temp` in your VM, as follows: + a. If you built the binaries from inside the VM, then from your ebpf-for-windows directory in the VM, do `.\scripts\deploy-ebpf -l`. Otherwise, + b. If you built the binaries on the host machine, then from your ebpf-for-windows directory on the host machine, start an admin Powershell on the host machine and do `.\scripts\deploy-ebpf`. + +2. From within the VM, install the binaries as follows: + 1. Start an admin command shell (cmd.exe). + 2. Do 'cd C:\temp'. + 3. Do 'install-ebpf.bat'. diff --git a/ebpfapi/ebpfapi.vcxproj b/ebpfapi/ebpfapi.vcxproj index 923d0378d..79438df45 100644 --- a/ebpfapi/ebpfapi.vcxproj +++ b/ebpfapi/ebpfapi.vcxproj @@ -73,7 +73,7 @@ _DEBUG;EBPFAPI_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions) true pch.h - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)libs\api;$(SolutionDir)rpc_interface;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context true stdcpp17 @@ -111,6 +111,11 @@ $(OutDir) + + + MultiThreadedDebug + + true diff --git a/ebpfsvc/eBPFSvc.vcxproj b/ebpfsvc/eBPFSvc.vcxproj index aa91a769d..8dc0de713 100644 --- a/ebpfsvc/eBPFSvc.vcxproj +++ b/ebpfsvc/eBPFSvc.vcxproj @@ -98,6 +98,7 @@ true Use pch.h + MultiThreadedDebug Console @@ -133,7 +134,7 @@ true NotUsing pch.h - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)libs\api_common;$(SolutionDir)libs\execution_context;$(SolutionDir)libs\api;$(SolutionDir)libs\platform;$(SolutionDir)libs\service;$(SolutionDir)include;$(SolutionDir)rpc_interface;$(SolutionDir)libs\platform\user;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;%(AdditionalIncludeDirectories) stdcpplatest diff --git a/external/ebpf-verifier b/external/ebpf-verifier index 1f1c10424..ae4227126 160000 --- a/external/ebpf-verifier +++ b/external/ebpf-verifier @@ -1 +1 @@ -Subproject commit 1f1c10424c4ba66b0301d6970d4b9959bfe42eb4 +Subproject commit ae422712693600eb94d61e7d4b55a36daa0966d9 diff --git a/libs/api/api.vcxproj b/libs/api/api.vcxproj index a1d05895a..48b857686 100644 --- a/libs/api/api.vcxproj +++ b/libs/api/api.vcxproj @@ -96,6 +96,7 @@ Use pch.h stdcpplatest + MultiThreadedDebug Windows @@ -133,7 +134,7 @@ pch.h $(SolutionDir)libs\api;$(SolutionDir)rpc_interface;$(SolutionDir)libs\service;$(SolutionDir)libs\api_common;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(OutDir);%(AdditionalIncludeDirectories) stdcpplatest - MultiThreadedDebugDLL + MultiThreadedDebug true ProgramDatabase diff --git a/libs/api_common/api_common.vcxproj b/libs/api_common/api_common.vcxproj index d87bff14a..8129c7b75 100644 --- a/libs/api_common/api_common.vcxproj +++ b/libs/api_common/api_common.vcxproj @@ -97,6 +97,7 @@ Use pch.h stdcpplatest + MultiThreadedDebug Windows @@ -134,7 +135,7 @@ pch.h $(SolutionDir)libs\api;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(OutDir);%(AdditionalIncludeDirectories) stdcpplatest - MultiThreadedDebugDLL + MultiThreadedDebug true ProgramDatabase diff --git a/libs/execution_context/kernel/execution_context_kernel.vcxproj b/libs/execution_context/kernel/execution_context_kernel.vcxproj index 4a3d31d71..bea8d390a 100644 --- a/libs/execution_context/kernel/execution_context_kernel.vcxproj +++ b/libs/execution_context/kernel/execution_context_kernel.vcxproj @@ -90,7 +90,7 @@ _DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions);_NO_CRT_STDIO_INLINE=1 - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\kernel;$(SolutionDir)\external\ubpf\vm\inc;$(SolutionDir)\external\ubpf\vm;%(AdditionalIncludeDirectories) 4201;4100;%(DisableSpecificWarnings) @@ -102,6 +102,11 @@ 4201;4100;%(DisableSpecificWarnings) + + + MultiThreadedDebug + + diff --git a/libs/execution_context/unit/execution_context_unit_test.vcxproj b/libs/execution_context/unit/execution_context_unit_test.vcxproj index 669565496..0eee348be 100644 --- a/libs/execution_context/unit/execution_context_unit_test.vcxproj +++ b/libs/execution_context/unit/execution_context_unit_test.vcxproj @@ -93,6 +93,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -122,6 +123,7 @@ _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)tests\end_to_end;%(AdditionalIncludeDirectories) + MultiThreadedDebug Console diff --git a/libs/execution_context/user/execution_context_user.vcxproj b/libs/execution_context/user/execution_context_user.vcxproj index 4242c95ac..87357b7fb 100644 --- a/libs/execution_context/user/execution_context_user.vcxproj +++ b/libs/execution_context/user/execution_context_user.vcxproj @@ -98,7 +98,7 @@ $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)\external\ubpf\vm\inc;$(SolutionDir)\external\ubpf\vm;%(AdditionalIncludeDirectories) true ProgramDatabase - MultiThreadedDebugDLL + MultiThreadedDebug @@ -127,6 +127,11 @@ true + + + MultiThreadedDebug + + diff --git a/libs/platform/kernel/platform_kernel.vcxproj b/libs/platform/kernel/platform_kernel.vcxproj index 3ec428a21..0a723d6d5 100644 --- a/libs/platform/kernel/platform_kernel.vcxproj +++ b/libs/platform/kernel/platform_kernel.vcxproj @@ -123,6 +123,7 @@ StaticLibrary Universal Unicode + Spectre Windows10 @@ -139,6 +140,7 @@ StaticLibrary Universal Unicode + Spectre Windows10 @@ -189,7 +191,7 @@ _DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions) - MultiThreadedDebugDLL + MultiThreadedDebug @@ -200,7 +202,7 @@ _DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions);_KRPCENV_;_NO_CRT_STDIO_INLINE=1 - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)libs\execution_context;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\kernel;$(SolutionDir)libs\epoch;%(AdditionalIncludeDirectories) @@ -219,7 +221,7 @@ _DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions) - MultiThreadedDebugDLL + MultiThreadedDebug @@ -230,7 +232,7 @@ _DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions) - MultiThreadedDebugDLL + MultiThreadedDebug diff --git a/libs/platform/unit/platform_unit_test.vcxproj b/libs/platform/unit/platform_unit_test.vcxproj index 42a148d20..2decdd511 100644 --- a/libs/platform/unit/platform_unit_test.vcxproj +++ b/libs/platform/unit/platform_unit_test.vcxproj @@ -93,6 +93,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -122,6 +123,7 @@ _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\api;$(OutDir);%(AdditionalIncludeDirectories) + MultiThreadedDebug Console diff --git a/libs/platform/user/platform_user.vcxproj b/libs/platform/user/platform_user.vcxproj index 99be11038..caeaf12a4 100644 --- a/libs/platform/user/platform_user.vcxproj +++ b/libs/platform/user/platform_user.vcxproj @@ -133,6 +133,7 @@ true Use pch.h + MultiThreadedDebug @@ -170,6 +171,7 @@ $(SolutionDir)libs\execution_context;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user true ProgramDatabase + MultiThreadedDebug diff --git a/libs/service/service.vcxproj b/libs/service/service.vcxproj index f0773e68f..e597f5916 100644 --- a/libs/service/service.vcxproj +++ b/libs/service/service.vcxproj @@ -96,6 +96,7 @@ Use pch.h stdcpplatest + MultiThreadedDebug Windows @@ -133,7 +134,7 @@ pch.h $(SolutionDir)rpc_interface;$(SolutionDir)libs\api_common;$(SolutionDir)libs\api;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)external\ubpf\vm;$(SolutionDir)external\ubpf\vm\inc;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)external\ebpf-verifier\external;$(OutDir);%(AdditionalIncludeDirectories) stdcpplatest - MultiThreadedDebugDLL + MultiThreadedDebug true ProgramDatabase diff --git a/libs/ubpf/kernel/ubpf_kernel.vcxproj b/libs/ubpf/kernel/ubpf_kernel.vcxproj index 0d7228395..d17027ba4 100644 --- a/libs/ubpf/kernel/ubpf_kernel.vcxproj +++ b/libs/ubpf/kernel/ubpf_kernel.vcxproj @@ -63,7 +63,7 @@ _DEBUG;WINAPI_FAMILY=WINAPI_FAMILY_DESKTOP_APP;WINAPI_PARTITION_DESKTOP=1;WINAPI_PARTITION_SYSTEM=1;WINAPI_PARTITION_APP=1;WINAPI_PARTITION_PC_APP=1;%(PreprocessorDefinitions);_NO_CRT_STDIO_INLINE=1 - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\kernel;$(SolutionDir)libs\ubpf;$(SolutionDir)libs\ubpf\kernel;$(SolutionDir)\external\ubpf\vm;$(SolutionDir)\external\ubpf\vm\inc;%(AdditionalIncludeDirectories) %(DisableSpecificWarnings) false diff --git a/libs/ubpf/user/ubpf_user.vcxproj b/libs/ubpf/user/ubpf_user.vcxproj index 7cbf206bd..590549271 100644 --- a/libs/ubpf/user/ubpf_user.vcxproj +++ b/libs/ubpf/user/ubpf_user.vcxproj @@ -86,7 +86,7 @@ NotUsing pch.h $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\ubpf;$(SolutionDir)\external\ubpf\vm;$(SolutionDir)\external\ubpf\vm\inc;%(AdditionalIncludeDirectories) - MultiThreadedDebugDLL + MultiThreadedDebug ProgramDatabase @@ -115,6 +115,11 @@ true + + + MultiThreadedDebug + + diff --git a/netebpfext/netebpfext.vcxproj b/netebpfext/netebpfext.vcxproj index 16e56e132..d79997a6b 100644 --- a/netebpfext/netebpfext.vcxproj +++ b/netebpfext/netebpfext.vcxproj @@ -110,7 +110,7 @@ %(PreprocessorDefinitions);BINARY_COMPATIBLE=0;NT;UNICODE;_UNICODE;NDIS60;POOL_NX_OPTIN_AUTO - MultiThreadedDebugDLL + MultiThreadedDebug %(AdditionalIncludeDirectories);$(DDK_INC_PATH) @@ -144,4 +144,4 @@ - \ No newline at end of file + diff --git a/scripts/deploy-ebpf.ps1 b/scripts/deploy-ebpf.ps1 new file mode 100644 index 000000000..69ae0b9ad --- /dev/null +++ b/scripts/deploy-ebpf.ps1 @@ -0,0 +1,102 @@ +# Copyright (c) Microsoft Corporation +# SPDX-License-Identifier: MIT + +## +## Initialize parameters +## +$build_directory=".\x64\Debug" +[System.Collections.ArrayList]$built_files=@( "EbpfCore.sys", "EbpfApi.dll", "ebpfnetsh.dll", "ebpfsvc.exe", "NetEbpfExt.sys" ) +$destination_directory="C:\Temp" +$error.clear() +$vm="Windows 10 dev environment" + +## +## Process command-line options +## +foreach ($arg in $args) { + switch -regex ($arg) { + { @("-h", "--help") -contains $_ } + { + Write-Host @' + +OVERVIEW: + +Copies eBPF framework files into a temp directory on the local machine or into a VM + + $ deploy-ebpf [-h] [-l] [--vm="..."] + +OPTIONS: + -h, --help Print this help message. + -l, --local Copies files to the local temp directory instead of into a VM + --vm Specifies the VM name, which defaults to "Windows 10 dev environment" + +'@ + exit 0 + } + "--vm=*" + { + $vm=($arg -split "=")[1]; + break + } + { @("-l", "--local") -contains $_ } + { + Clear-Variable -name vm + break + } + default + { + Write-Error "unknown option: $arg" + exit 1 + } + } +} + +if ($vm -eq $null) { + Write-Host "Copying files from `"$build_directory`" to `"$destination_directory`"" + + foreach ( $file in $built_files ) { + $source_path = "$build_directory\$file" + $destination_path = "$destination_directory\$file" + Write-Host " $file" + Copy-Item "$source_path" -Destination "$destination_path" + if (! $?) { + exit 1 + } + } + Write-Host " install-ebpf.bat" + Copy-Item ".\scripts\install-ebpf.bat" -Destination "$destination_directory\install-ebpf.bat" + if (! $?) { + exit 1 + } + exit 0 +} + +$identity = [Security.Principal.WindowsIdentity]::GetCurrent() +$principal = New-Object Security.Principal.WindowsPrincipal $identity +if (! $principal.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { + Write-Host "This command must be run as Administrator to deploy files into a VM" + exit 1 +} + +Enable-VMIntegrationService -VMName "Windows 10 dev environment" -Name "Guest Service Interface" +if (! $?) { + exit 1 +} + +Write-Host "Copying files from `"$build_directory`" to `"$destination_directory`" in VM `"$vm`"..." + +foreach ( $file in $built_files ) { + $source_path = "$build_directory\$file" + $destination_path = "$destination_directory\$file" + Write-Host " $file" + Copy-VMFile "$vm" -SourcePath "$source_path" -DestinationPath "$destination_path" -CreateFullPath -FileSource Host -Force + if (! $?) { + exit 1 + } +} + +Write-Host " install-ebpf.bat" +Copy-VMFile "$vm" -SourcePath ".\scripts\install-ebpf.bat" -DestinationPath "$destination_directory\install-ebpf.bat" -CreateFullPath -FileSource Host -Force +if (! $?) { + exit 1 +} diff --git a/scripts/install-ebpf.bat b/scripts/install-ebpf.bat new file mode 100644 index 000000000..879370c17 --- /dev/null +++ b/scripts/install-ebpf.bat @@ -0,0 +1,28 @@ +rem Copyright (c) Microsoft Corporation +rem SPDX-License-Identifier: MIT + +rem Stop any eBPF binaries already loaded +sc stop ebpfsvc +sc stop NetEbpfExt +sc stop EbpfCore + +rem Deregister the old binaries +sc delete ebpfsvc +sc delete NetEbpfExt +sc delete EbpfCore + +rem Copy the new binaries to the appropriate system location +copy *.sys %windir%\system32\drivers +copy *.exe %windir%\system32 +copy *.dll %windir%\system32 + +rem Register the binaries +sc create EbpfCore type=kernel start=boot binpath=%windir%\system32\drivers\ebpfcore.sys +sc create NetEbpfExt type=kernel start=boot binpath=%windir%\system32\drivers\netebpfext.sys +%windir%\system32\ebpfsvc.exe install +netsh add helper %windir%\system32\ebpfnetsh.dll + +rem Start the binaries +sc start EbpfCore +sc start NetEbpfExt +sc start ebpfsvc diff --git a/tests/api_test/api_test.vcxproj b/tests/api_test/api_test.vcxproj index 794d3f8ca..0076f4bc0 100644 --- a/tests/api_test/api_test.vcxproj +++ b/tests/api_test/api_test.vcxproj @@ -94,6 +94,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -122,7 +123,7 @@ true _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)tests\libs\util;$(SolutionDir)tests\libs\common;$(OutDir);%(AdditionalIncludeDirectories) stdcpplatest true diff --git a/tests/client/ebpf_client.vcxproj b/tests/client/ebpf_client.vcxproj index 3f8aad6b0..9b67d5019 100644 --- a/tests/client/ebpf_client.vcxproj +++ b/tests/client/ebpf_client.vcxproj @@ -95,6 +95,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -123,7 +124,7 @@ true _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true - MultiThreadedDebugDLL + MultiThreadedDebug $(SolutionDir)tests\libs\util;$(SolutionDir)libs\api;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)rpc_interface;$(SolutionDir)external\ebpf-verifier\external;$(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)\ebpfsvc;%(AdditionalIncludeDirectories) stdcpplatest true diff --git a/tests/end_to_end/end_to_end.vcxproj b/tests/end_to_end/end_to_end.vcxproj index 9297217f2..0bbe8b1b7 100644 --- a/tests/end_to_end/end_to_end.vcxproj +++ b/tests/end_to_end/end_to_end.vcxproj @@ -83,7 +83,7 @@ $(SolutionDir)external\ebpf-verifier\src;$(SolutionDir)libs\service;$(SolutionDir)rpc_interface;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\execution_context;$(SolutionDir)libs\api;$(SolutionDir)tests\libs\common;$(OutDir);%(AdditionalIncludeDirectories) stdcpp17 true - MultiThreadedDebugDLL + MultiThreadedDebug ProgramDatabase diff --git a/tests/libs/common/common_tests.vcxproj b/tests/libs/common/common_tests.vcxproj index 62601dde9..d2e0f5395 100644 --- a/tests/libs/common/common_tests.vcxproj +++ b/tests/libs/common/common_tests.vcxproj @@ -94,6 +94,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -125,7 +126,7 @@ $(SolutionDir)include;$(SolutionDir)libs\api;$(SolutionDir)tests\util;$(OutDir);%(AdditionalIncludeDirectories) stdcpplatest true - MultiThreadedDebugDLL + MultiThreadedDebug ProgramDatabase diff --git a/tests/libs/util/test_util.vcxproj b/tests/libs/util/test_util.vcxproj index e32174e07..875a4d956 100644 --- a/tests/libs/util/test_util.vcxproj +++ b/tests/libs/util/test_util.vcxproj @@ -96,6 +96,7 @@ true WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions) true + MultiThreadedDebug @@ -129,6 +130,7 @@ $(SolutionDir)libs\execution_context;$(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user true ProgramDatabase + MultiThreadedDebug diff --git a/tools/dnsflood/dnsflood.vcxproj b/tools/dnsflood/dnsflood.vcxproj index 335e49b05..0982c312d 100644 --- a/tools/dnsflood/dnsflood.vcxproj +++ b/tools/dnsflood/dnsflood.vcxproj @@ -92,6 +92,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -121,7 +122,7 @@ true _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true - MultiThreadedDebugDLL + MultiThreadedDebug Guard ProgramDatabase true diff --git a/tools/encode_program_information/encode_program_information.vcxproj b/tools/encode_program_information/encode_program_information.vcxproj index e72ec2f4b..a5bc40ac8 100644 --- a/tools/encode_program_information/encode_program_information.vcxproj +++ b/tools/encode_program_information/encode_program_information.vcxproj @@ -94,6 +94,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -123,6 +124,7 @@ _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true $(SolutionDir)include;$(SolutionDir)libs\platform;$(SolutionDir)libs\platform\user;$(SolutionDir)libs\api + MultiThreadedDebug Console diff --git a/tools/netsh/ebpfnetsh.vcxproj b/tools/netsh/ebpfnetsh.vcxproj index e2b1b70d1..77ce5feee 100644 --- a/tools/netsh/ebpfnetsh.vcxproj +++ b/tools/netsh/ebpfnetsh.vcxproj @@ -61,7 +61,7 @@ true $(SolutionDir)include;$(SolutionDir)external\ebpf-verifier\src;%(AdditionalIncludeDirectories) stdcpplatest - MultiThreadedDebugDLL + MultiThreadedDebug true diff --git a/tools/port_leak/port_leak.vcxproj b/tools/port_leak/port_leak.vcxproj index 80ce3e002..72e481496 100644 --- a/tools/port_leak/port_leak.vcxproj +++ b/tools/port_leak/port_leak.vcxproj @@ -92,6 +92,7 @@ true WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true + MultiThreadedDebug Console @@ -121,6 +122,7 @@ _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true true + MultiThreadedDebug Console diff --git a/tools/port_quota/port_quota.vcxproj b/tools/port_quota/port_quota.vcxproj index a1a0a7dd1..c2dbb7340 100644 --- a/tools/port_quota/port_quota.vcxproj +++ b/tools/port_quota/port_quota.vcxproj @@ -93,6 +93,7 @@ WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions) true $(SolutionDir)include;$(SolutionDir)include\user + MultiThreadedDebug Console @@ -123,7 +124,7 @@ _DEBUG;_CONSOLE;%(PreprocessorDefinitions) true $(SolutionDir)include - MultiThreadedDebugDLL + MultiThreadedDebug true