microsoft
/
ebpf-for-windows
зеркало из https://github.com/microsoft/ebpf-for-windows.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merged PR 4081118: Add first draft of code invoke ioctl interface 

Add first draft of code invoke ioctl interface
This commit is contained in:
Alan Jowett 2021-02-06 19:39:57 +00:00 коммит произвёл Poorna Gaddehosur
Родитель c3dd0ae742
Коммит ec1eba0da5
16 изменённых файлов: 868 добавлений и 2 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
.gitmodules поставляемый
Просмотреть файл

@ -1,6 +1,7 @@
[submodule "external/ebpf-verifier"]
path = external/ebpf-verifier
url = https://github.com/vbpf/ebpf-verifier.git
url = https://github.com/dthaler/ebpf-verifier.git
branch = windows
[submodule "external/ubpf"]
path = external/ubpf

22
src/ebpf/api/UnwindHelper.h Normal file
Просмотреть файл

@ -0,0 +1,22 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
#pragma once
#include <functional>
class UnwindHelper
{
public:
UnwindHelper(std::function<void()> unwind) : unwind(unwind)
{
}
~UnwindHelper()
{
unwind();
}
private:
std::function<void()> unwind;
};

84
src/ebpf/api/Verifier.cpp Normal file
Просмотреть файл

@ -0,0 +1,84 @@
#include "ebpf_verifier.hpp"
#include "windows/windows_platform.hpp"
#include "Verifier.h"
#include <sstream>
#include <iostream>
#include <filesystem>
#include <sys/stat.h>
int get_file_size(char* filename, size_t* byte_code_size)
{
int result = 0;
*byte_code_size = NULL;
struct stat st = { 0 };
result = stat(filename, &st);
if (!result)
{
std::cout << "file size " << st.st_size << std::endl;
*byte_code_size = st.st_size;
}
return result;
}
static int analyze(raw_program& raw_prog, char ** error_message)
{
std::ostringstream oss;
const ebpf_platform_t* platform = &g_ebpf_platform_windows;
std::variant<InstructionSeq, std::string> prog_or_error = unmarshal(raw_prog, platform);
if (!std::holds_alternative<InstructionSeq>(prog_or_error)) {
return 1; // Error;
}
auto& prog = std::get<InstructionSeq>(prog_or_error);
cfg_t cfg = prepare_cfg(prog, raw_prog.info, true);
bool res = run_ebpf_analysis(oss, cfg, raw_prog.info, nullptr);
if (!res) {
size_t error_message_length = oss.str().size() + 1;
*error_message = (char*)malloc(error_message_length);
strcpy_s(*error_message, error_message_length, oss.str().c_str());
return 1; // Error;
}
return 0; // Success.
}
int verify(const char* filename, const char* sectionname, uint8_t* byte_code, size_t* byte_code_size, char** error_message)
{
const ebpf_platform_t* platform = &g_ebpf_platform_windows;
auto raw_progs = read_elf(filename, sectionname, create_map_crab, nullptr, platform);
if (raw_progs.size() != 1) {
return 1; // Error
}
raw_program raw_prog = raw_progs.back();
// copy out the bytecode for the jitter
if (byte_code) {
size_t ebpf_bytes = raw_prog.prog.size() * sizeof(ebpf_inst);
int i = 0;
for (ebpf_inst inst : raw_prog.prog) {
char* buf = (char*)&inst;
for (int j = 0; j < sizeof(ebpf_inst) && i < ebpf_bytes; i++, j++) {
byte_code[i] = buf[j];
}
}
*byte_code_size = ebpf_bytes;
}
return analyze(raw_prog, error_message);
}
int verify_byte_code(const char* path, const char* section_name, const uint8_t* byte_code, size_t byte_code_size, char** error_message)
{
const ebpf_platform_t* platform = &g_ebpf_platform_windows;
std::vector<ebpf_inst> instructions { (ebpf_inst*)byte_code, (ebpf_inst*)byte_code + byte_code_size / sizeof(ebpf_inst) };
program_info info{ platform };
info.type = platform->get_program_type(section_name, path);
raw_program raw_prog{ path, section_name, instructions, info };
return analyze(raw_prog, error_message);
}

11
src/ebpf/api/Verifier.h Normal file
Просмотреть файл

@ -0,0 +1,11 @@
#pragma once
#ifdef __cplusplus
extern "C" {
#endif
int get_file_size(char* filename, size_t* byte_code_size);
int verify(const char* filename, const char* sectionname, uint8_t* byte_code, size_t* byte_code_size, char** error_message);
int verify_byte_code(const char* path, const char* section_name, const uint8_t* byte_code, size_t byte_code_size, char** error_message);
#ifdef __cplusplus
}
#endif

269
src/ebpf/api/api.cpp Normal file
Просмотреть файл

@ -0,0 +1,269 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
#include "pch.h"
#define EBPF_API
extern "C"
{
#include "api.h"
#include "ubpf.h"
}
#include "protocol.h"
#include "UnwindHelper.h"
#include "Verifier.h"
#define MAX_CODE_SIZE (32 * 1024) // 32 KB
// Device type
#define EBPF_IOCTL_TYPE FILE_DEVICE_NETWORK
// Function codes from 0x800 to 0xFFF are for customer use.
#define IOCTL_EBPFCTL_METHOD_BUFFERED \
CTL_CODE( EBPF_IOCTL_TYPE, 0x900, METHOD_BUFFERED, FILE_ANY_ACCESS )
static HANDLE device_handle = INVALID_HANDLE_VALUE;
template <typename request_t, typename reply_t>
static DWORD invoke_ioctl(HANDLE handle, request_t request, reply_t reply)
{
DWORD actual_reply_size;
DWORD request_size;
void* request_ptr;
DWORD reply_size;
void* reply_ptr;
if constexpr (std::is_same<request_t, nullptr_t>::value) {
request_size = 0;
request_ptr = nullptr;
}
else if constexpr (std::is_same< request_t, std::vector<uint8_t>>::value)
{
request_size = static_cast<DWORD>(request.size());
request_ptr = request.data();
}
else
{
request_size = sizeof(*request);
request_ptr = request;
}
if constexpr (std::is_same<reply_t, nullptr_t>::value) {
reply_size = 0;
reply_ptr = nullptr;
}
else if constexpr (std::is_same< reply_t, std::vector<uint8_t>>::value)
{
reply_size = reply.size();
reply_ptr = reply.data();
}
else
{
reply_size = sizeof(*reply);
reply_ptr = reply;
}
auto result = DeviceIoControl(
handle,
(DWORD)IOCTL_EBPFCTL_METHOD_BUFFERED,
request_ptr,
request_size,
reply_ptr,
reply_size,
&actual_reply_size,
nullptr);
if (actual_reply_size != reply_size)
{
return ERROR_INVALID_PARAMETER;
}
return result;
}
DWORD EbpfApiInit()
{
LPCWSTR ebpfDeviceName = L"\\\\.\\EbpfIoDevice";
if (device_handle != INVALID_HANDLE_VALUE)
{
return ERROR_ALREADY_INITIALIZED;
}
device_handle = CreateFile(ebpfDeviceName,
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
NULL);
if (device_handle == INVALID_HANDLE_VALUE)
{
return GetLastError();
}
return 0;
}
void EbpfApiTerminate()
{
if (device_handle != INVALID_HANDLE_VALUE)
{
CloseHandle(device_handle);
device_handle = INVALID_HANDLE_VALUE;
}
}
uint64_t map_resolver(void* context, uint64_t fd)
{
EbpfOpResolveMapRequest request{
sizeof(request),
EbpfOperation::resolve_map,
fd };
EbpfOpResolveMapReply reply;
invoke_ioctl(context, &request, &reply);
if (reply.header.id != EbpfOperation::resolve_map)
{
return 0;
}
return reply.address[0];
}
uint64_t helper_resolver(void* context, uint32_t helper)
{
EbpfOpResolveHelperRequest request{
sizeof(request),
EbpfOperation::resolve_helper,
helper };
EbpfOpResolveMapReply reply;
invoke_ioctl(context, &request, &reply);
if (reply.header.id != EbpfOperation::resolve_helper)
{
return 0;
}
return reply.address[0];
}
DLL DWORD EbpfLoadProgram(const char* file_name, const char* section_name, HANDLE* handle, char** error_message)
{
std::vector<uint8_t> byte_code(MAX_CODE_SIZE);
size_t byte_code_size = byte_code.size();
std::vector<uint8_t> machine_code(MAX_CODE_SIZE);
size_t machine_code_size = machine_code.size();
std::vector<uint8_t> request_buffer;
EbpfOpLoadReply reply;
struct ubpf_vm* vm = nullptr;
UnwindHelper unwind([&]
{
if (vm)
{
ubpf_destroy(vm);
}
});
DWORD result;
// Verify code.
if (verify(file_name, section_name, byte_code.data(), &byte_code_size, error_message) != 0)
{
return ERROR_INVALID_PARAMETER;
}
// JIT code.
vm = ubpf_create();
if (vm == nullptr)
{
return ERROR_OUTOFMEMORY;
}
if (ubpf_load(vm, byte_code.data(), static_cast<uint32_t>(byte_code.size()), error_message) < 0)
{
return ERROR_INVALID_PARAMETER;
}
if (ubpf_register_map_resolver(vm, device_handle, map_resolver) < 0)
{
return ERROR_INVALID_PARAMETER;
}
if (ubpf_register_helper_resolver(vm, device_handle, helper_resolver) < 0)
{
return ERROR_INVALID_PARAMETER;
}
if (ubpf_translate(vm, machine_code.data(), &machine_code_size, error_message))
{
return ERROR_INVALID_PARAMETER;
}
machine_code.resize(machine_code_size);
request_buffer.resize(machine_code.size() + sizeof(EbpfOpHeader));
auto header = reinterpret_cast<EbpfOpHeader*>(request_buffer.data());
header->id = EbpfOperation::load_code;
header->length = static_cast<uint16_t>(request_buffer.size());
std::copy(machine_code.begin(), machine_code.end(), request_buffer.begin() + sizeof(EbpfOpHeader));
result = invoke_ioctl(device_handle, request_buffer, &reply);
if (result != ERROR_SUCCESS)
{
return result;
}
if (reply.header.id != EbpfOperation::load_code)
{
return ERROR_INVALID_PARAMETER;
}
*handle = reinterpret_cast<HANDLE>(reply.handle);
return result;
}
DLL void EbpfFreeErrorMessage(char* error_message)
{
return free(error_message);
}
DLL void EbpfUnloadProgram(HANDLE handle)
{
// TBD:
// CloseHandle(handle);
return;
}
DLL DWORD EbpfAttachProgram(HANDLE handle, DWORD hook_point)
{
EbpfOpAttachDetachRequest request{
sizeof(request),
EbpfOperation::attach,
reinterpret_cast<uint64_t>(handle),
hook_point };
return invoke_ioctl(device_handle, &request, nullptr);
}
DLL DWORD EbpfDetachProgram(HANDLE handle, DWORD hook_point)
{
EbpfOpAttachDetachRequest request{
sizeof(request),
EbpfOperation::detach,
reinterpret_cast<uint64_t>(handle),
hook_point };
return invoke_ioctl(device_handle, &request, nullptr);
}

25
src/ebpf/api/api.h Normal file
Просмотреть файл

@ -0,0 +1,25 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
#pragma once
#if defined(EBPF_API)
#define DLL __declspec(dllexport)
#else
#define DLL __declspec(dllimport)
#endif
#define EBPF_HOOK_POINT_XDP 1
DLL DWORD EbpfApiInit();
DLL void EbpfApiTerminate();
DLL DWORD EbpfLoadProgram(const char* file, const char* section_name, HANDLE* handle, char ** error_message);
DLL void EbpfFreeErrorMessage(char* error_message);
DLL void EbpfUnloadProgram(HANDLE handle);
DLL DWORD EbpfAttachProgram(HANDLE handle, DWORD hook_point);
DLL DWORD EbpfDetachProgram(HANDLE handle, DWORD hook_point);

24
src/ebpf/api/dllmain.cpp Normal file
Просмотреть файл

@ -0,0 +1,24 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
// dllmain.cpp : Defines the entry point for the DLL application.
#include "pch.h"
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}

75
src/ebpf/api/ebpfapi.sln Normal file
Просмотреть файл

@ -0,0 +1,75 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.30907.101
MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ebpfapi", "ebpfapi.vcxproj", "{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "EbpfJitterDemoLib", "..\libs\EbpfJitterDemoLib\EbpfJitterDemoLib.vcxproj", "{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ebpfverifier", "..\..\..\external\ebpf-verifier\build\ebpfverifier.vcxproj", "{939A079D-A1E8-35D9-950F-11B1894D342E}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|x64 = Debug|x64
Debug|x86 = Debug|x86
MinSizeRel|x64 = MinSizeRel|x64
MinSizeRel|x86 = MinSizeRel|x86
Release|x64 = Release|x64
Release|x86 = Release|x86
RelWithDebInfo|x64 = RelWithDebInfo|x64
RelWithDebInfo|x86 = RelWithDebInfo|x86
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Debug|x64.ActiveCfg = Debug|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Debug|x64.Build.0 = Debug|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Debug|x86.ActiveCfg = Debug|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Debug|x86.Build.0 = Debug|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.MinSizeRel|x64.ActiveCfg = Release|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.MinSizeRel|x64.Build.0 = Release|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.MinSizeRel|x86.ActiveCfg = Release|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.MinSizeRel|x86.Build.0 = Release|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Release|x64.ActiveCfg = Release|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Release|x64.Build.0 = Release|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Release|x86.ActiveCfg = Release|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.Release|x86.Build.0 = Release|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.RelWithDebInfo|x64.ActiveCfg = Release|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.RelWithDebInfo|x64.Build.0 = Release|x64
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.RelWithDebInfo|x86.ActiveCfg = Release|Win32
{C8BF60C3-40A9-43AD-891A-8AA34F1C3A68}.RelWithDebInfo|x86.Build.0 = Release|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Debug|x64.ActiveCfg = Debug|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Debug|x64.Build.0 = Debug|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Debug|x86.ActiveCfg = Debug|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Debug|x86.Build.0 = Debug|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.MinSizeRel|x64.ActiveCfg = Release|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.MinSizeRel|x64.Build.0 = Release|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.MinSizeRel|x86.ActiveCfg = Release|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.MinSizeRel|x86.Build.0 = Release|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Release|x64.ActiveCfg = Release|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Release|x64.Build.0 = Release|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Release|x86.ActiveCfg = Release|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.Release|x86.Build.0 = Release|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.RelWithDebInfo|x64.ActiveCfg = Release|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.RelWithDebInfo|x64.Build.0 = Release|x64
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.RelWithDebInfo|x86.ActiveCfg = Release|Win32
{245F0EC7-1EBC-4D68-8B1F-F758EA9196AE}.RelWithDebInfo|x86.Build.0 = Release|Win32
{939A079D-A1E8-35D9-950F-11B1894D342E}.Debug|x64.ActiveCfg = Debug|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.Debug|x64.Build.0 = Debug|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.Debug|x86.ActiveCfg = Debug|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.MinSizeRel|x64.ActiveCfg = MinSizeRel|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.MinSizeRel|x64.Build.0 = MinSizeRel|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.MinSizeRel|x86.ActiveCfg = MinSizeRel|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.Release|x64.ActiveCfg = Release|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.Release|x64.Build.0 = Release|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.Release|x86.ActiveCfg = Release|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.RelWithDebInfo|x64.ActiveCfg = RelWithDebInfo|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.RelWithDebInfo|x64.Build.0 = RelWithDebInfo|x64
{939A079D-A1E8-35D9-950F-11B1894D342E}.RelWithDebInfo|x86.ActiveCfg = RelWithDebInfo|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {9DEA0F2A-7674-46AA-9E15-BC880EF5895D}
EndGlobalSection
EndGlobal

199
src/ebpf/api/ebpfapi.vcxproj Normal file
Просмотреть файл

@ -0,0 +1,199 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<VCProjectVersion>16.0</VCProjectVersion>
<Keyword>Win32Proj</Keyword>
<ProjectGuid>{c8bf60c3-40a9-43ad-891a-8aa34f1c3a68}</ProjectGuid>
<RootNamespace>ebpfapi</RootNamespace>
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
<PrevailDir>$(ProjectDir)../../../external/ebpf-verifier/</PrevailDir>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>DynamicLibrary</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v142</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="Shared">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>false</LinkIncremental>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;_DEBUG;EBPFAPI_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<PrecompiledHeader>Use</PrecompiledHeader>
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableUAC>false</EnableUAC>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;NDEBUG;EBPFAPI_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<PrecompiledHeader>Use</PrecompiledHeader>
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableUAC>false</EnableUAC>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>_DEBUG;EBPFAPI_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<PrecompiledHeader>Use</PrecompiledHeader>
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
<AdditionalIncludeDirectories>$(PrevailDir)src;..\..\..\external\ubpf\vm\inc;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<LanguageStandard>stdcpp17</LanguageStandard>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableUAC>false</EnableUAC>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>NDEBUG;EBPFAPI_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<PrecompiledHeader>Use</PrecompiledHeader>
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
<AdditionalIncludeDirectories>$(PrevailDir)src;..\..\..\external\ubpf\vm\inc;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<LanguageStandard>stdcpp17</LanguageStandard>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableUAC>false</EnableUAC>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClInclude Include="api.h" />
<ClInclude Include="framework.h" />
<ClInclude Include="protocol.h" />
<ClInclude Include="pch.h" />
<ClInclude Include="UnwindHelper.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="api.cpp" />
<ClCompile Include="dllmain.cpp" />
<ClCompile Include="pch.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Create</PrecompiledHeader>
</ClCompile>
<ClCompile Include="Verifier.cpp">
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">NotUsing</PrecompiledHeader>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\..\external\ebpf-verifier\build\ebpfverifier.vcxproj">
<Project>{939a079d-a1e8-35d9-950f-11b1894d342e}</Project>
</ProjectReference>
<ProjectReference Include="..\libs\EbpfJitterDemoLib\EbpfJitterDemoLib.vcxproj">
<Project>{245f0ec7-1ebc-4d68-8b1f-f758ea9196ae}</Project>
</ProjectReference>
</ItemGroup>
<ItemGroup>
<None Include="packages.config" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
<Import Project="..\..\..\packages\boost.1.72.0.0\build\boost.targets" Condition="Exists('..\..\..\packages\boost.1.72.0.0\build\boost.targets')" />
</ImportGroup>
<Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
<PropertyGroup>
<ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
</PropertyGroup>
<Error Condition="!Exists('..\..\..\packages\boost.1.72.0.0\build\boost.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\..\..\packages\boost.1.72.0.0\build\boost.targets'))" />
</Target>
</Project>

51
src/ebpf/api/ebpfapi.vcxproj.filters Normal file
Просмотреть файл

@ -0,0 +1,51 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClInclude Include="framework.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="pch.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="protocol.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="UnwindHelper.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="api.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<ClCompile Include="dllmain.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="pch.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="api.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="Verifier.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<None Include="packages.config" />
</ItemGroup>
</Project>

18
src/ebpf/api/framework.h Normal file
Просмотреть файл

@ -0,0 +1,18 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
#pragma once
#include <cstdint>
#include <exception>
#include <vector>
#include <string>
#define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers
// Windows Header Files
#include <windows.h>
#include <winioctl.h>

4
src/ebpf/api/packages.config Normal file
Просмотреть файл

@ -0,0 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="boost" version="1.72.0.0" targetFramework="native" />
</packages>

5
src/ebpf/api/pch.cpp Normal file
Просмотреть файл

@ -0,0 +1,5 @@
// pch.cpp: source file corresponding to the pre-compiled header
#include "pch.h"
// When you are using pre-compiled headers, this source file is necessary for compilation to succeed.

12
src/ebpf/api/pch.h Normal file
Просмотреть файл

@ -0,0 +1,12 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
#ifndef PCH_H
#define PCH_H
// add headers that you want to pre-compile here
#include "framework.h"
#endif //PCH_H

65
src/ebpf/api/protocol.h Normal file
Просмотреть файл

@ -0,0 +1,65 @@
/*
* Copyright (C) 2020, Microsoft Corporation, All Rights Reserved
* SPDX-License-Identifier: MIT
*/
#pragma once
enum class EbpfOperation {
evidence,
resolve_helper,
resolve_map,
load_code,
attach,
detach,
};
struct EbpfOpHeader {
uint16_t length;
EbpfOperation id;
};
struct EbpfOpEvidenceRequest {
struct EbpfOpHeader header;
uint8_t evidence[1];
};
struct EbpfOpEvidenceReply {
struct EbpfOpHeader header;
uint32_t status;
};
struct EbpfOpResolveHelperRequest {
struct EbpfOpHeader header;
uint32_t helper_id[1];
};
struct EbpfOpResolveHelperReply {
struct EbpfOpHeader header;
uint64_t address[1];
};
struct EbpfOpResolveMapRequest {
struct EbpfOpHeader header;
uint64_t map_id[1];
};
struct EbpfOpResolveMapReply {
struct EbpfOpHeader header;
uint64_t address[1];
};
struct EbpfOpLoadRequest {
struct EbpfOpHeader header;
uint8_t machine_code[1];
};
struct EbpfOpLoadReply {
struct EbpfOpHeader header;
uint64_t handle;
};
struct EbpfOpAttachDetachRequest {
struct EbpfOpHeader header;
uint64_t handle;
uint32_t hook;
};

3
src/ebpf/libs/EbpfJitterDemoLib/EbpfJitterDemoLib.vcxproj
Просмотреть файл

@ -131,8 +131,9 @@
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
<PrecompiledHeader>Use</PrecompiledHeader>
<PrecompiledHeader>NotUsing</PrecompiledHeader>
<PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
<AdditionalIncludeDirectories>$(UbpfDir)/inc;$(UbpfDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<SubSystem>