04c1aef91a
Replace _strdup with instrumented ebpf_duplicate_string and fix bugs uncovered ( #1717 )
...
* Replace _strdup with ebpf_duplicate_string
* Fix crashes under low memory conditions
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-08 10:45:20 -08:00
8edff23f55
Update ebpf-verifier to latest ( #1712 )
...
* Update ebpf-verifier to latest
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Update expected output
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code analysis warning
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-08 00:05:08 +00:00
c927be1a4d
fix fuzzer issues ( #1719 )
2022-12-06 17:03:33 -08:00
a747d84d8b
Update documentation to exclude PE parse from anti-virus scanning ( #1702 )
...
* enable app verifier for cicd build
* exclude pe-parse from windows security
* add details of pe images
* add details of pe images
* details for other antiviruses
* add details
* highlight the keywords
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-12-06 12:51:05 -07:00
6f9d9b29f2
Fix vector addressing issue. Minor optimizations. ( #1714 )
2022-12-05 17:01:45 -08:00
bc1d699823
Check null return ( #1711 )
2022-12-05 15:32:18 -07:00
1fd8d621a7
Bump github/codeql-action from 2.1.31 to 2.1.35 ( #1705 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.31 to 2.1.35.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c3b6fce4ee...b2a92eb56d
2022-12-04 17:08:10 +00:00
fa75e3c6c0
Bump external/bpf_conformance from `b886cd8` to `a017962` ( #1704 )
...
Bumps [external/bpf_conformance](https://github.com/Alan-Jowett/bpf_conformance ) from `b886cd8` to `a017962`.
- [Release notes](https://github.com/Alan-Jowett/bpf_conformance/releases )
- [Commits](b886cd8aa7...a0179625c9
2022-12-04 09:33:16 -07:00
76619c1eff
fix ( #1698 )
2022-12-03 12:33:13 -07:00
9ba6bdb67e
Mark pe_context as failed on low-memory failure ( #1700 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-02 15:23:34 -08:00
c98e5e9f91
Re-enable low memory test ( #1627 )
...
* Re-enable low memory test
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-02 10:07:49 -07:00
d891e8d4a7
Switch to storing native module handle via fd ( #1695 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-02 01:40:56 +00:00
600c8cd9ba
Reduce noise from OpenCppCoverage during CI/CD testing ( #1697 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-02 00:33:37 +00:00
151a51a5db
enable loading of native programs with no maps ( #1687 )
2022-12-01 15:55:00 -07:00
fb9d87c057
Switch to release of bpf_conformance ( #1692 )
...
* Pickup v0.0.3 of bpf_conformance_runner
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-01 18:47:19 +00:00
3457afdd91
Fix failure to decrement count on low memory ( #1690 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-12-01 10:09:27 -08:00
ed291b80c9
Return module handle on native module load ( #1547 )
...
* kernel and platform changes
* fix
* user mode changes, other fixes
* fix test failure
* change function name
* add tests
* fix failing test
* cr comments
* CR comments
* fix cmake build
* fix
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* fix assert
* cr comments
* fix analysis failure
* fix test to avoid double close of fd
* test case fixes
* test fix
* fix unit test, analysis failure
* fix tests
* fix memory leak, possible race condition
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
2022-11-29 23:36:58 +00:00
6936d09784
fix ( #1676 )
2022-11-29 21:44:02 +00:00
8fd3acf528
Connect redirect implementation ( #1651 )
...
* draft fix
* fix
* demo
* fix initial ref counts
* fix
* cleanup
* backup
* checkpoint
* backup
* tests working
* fix analyze errors
* fix netebpfext build / bad merge
* sln file update
* v6 tests
* fix netebpfext user build
* refactor connect_redirect tests
* netebpfext changes
* fix tests
* fix netebpfext user tests
* fix sal
* add sublayer, remove filter_instance
* fix
* fix
* driver_tests
* fix bad merge
* fix scripts
* fix driver tests script
* driver tests script
* script fix
* add trace to debug failure
* fix driver test script
* create context only on allow, and create 2 contexts
* fix script
* netsh fix
* fix scripts
* add tests for pure v4 and v6 sockets
* fix test
* v6 test vm addresses
* remove commented code
* code cleanup
* cleanup
* remove bad_map_name files
* cleanup
* fix tests print statements
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* CR comments, fixes
* update connection context key, address CR comments
* fix build break, cr comments
* cr comments
* cr comments
* rename
* fix test script
* CR comments
* cleanup
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* fix
* cr comments
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-29 20:49:42 +00:00
4a055129e1
Try autoupdate as a dry run ( #1674 )
...
* Try autoupdate as a dry run
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Harden workflow
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Remove dry run
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
2022-11-29 19:10:42 +00:00
a5e564f06d
Clean up leaked BPF objects when running low-memory tests ( #1685 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-11-29 18:17:31 +00:00
4544ccdf89
Bump external/Catch2 from `65cc7fd` to `2d7be1f` ( #1680 )
...
Bumps [external/Catch2](https://github.com/catchorg/Catch2 ) from `65cc7fd` to `2d7be1f`.
- [Release notes](https://github.com/catchorg/Catch2/releases )
- [Commits](65cc7fd2ae...2d7be1f7de
2022-11-27 20:48:50 -08:00
0c1909483c
Fixed CMakeLists.txt with hardcoded WDK version ( #1678 )
...
* fixed cmakelists.txt
* submodule update
* wip
* sync submodules
* revert
2022-11-27 19:14:35 -08:00
aa414c3e53
Add table of supported eBPF instructions ( #1665 )
...
* Add table of supported eBPF instructions
The question marks are still to be filled in
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add links
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
2022-11-22 05:02:17 +00:00
fe41565b22
Bump windows/nanoserver in /images ( #1672 )
...
Bumps windows/nanoserver from 10.0.20348.1129 to 10.0.20348.1249.
---
updated-dependencies:
- dependency-name: windows/nanoserver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
2022-11-21 10:02:47 -08:00
81829df111
Bump external/pe-parse from `29220c9` to `ae6e2d9` ( #1668 )
...
Bumps [external/pe-parse](https://github.com/trailofbits/pe-parse ) from `29220c9` to `ae6e2d9`.
- [Release notes](https://github.com/trailofbits/pe-parse/releases )
- [Commits](29220c9435...ae6e2d9503
2022-11-21 08:55:56 +00:00
cd7293904f
Bump external/ubpf from `57c842f` to `9976d6a` ( #1670 )
...
Bumps [external/ubpf](https://github.com/iovisor/ubpf ) from `57c842f` to `9976d6a`.
- [Release notes](https://github.com/iovisor/ubpf/releases )
- [Commits](57c842f312...9976d6ab23
2022-11-20 15:03:18 -08:00
236907817b
Bump external/Catch2 from `fdea5a5` to `65cc7fd` ( #1671 )
...
Bumps [external/Catch2](https://github.com/catchorg/Catch2 ) from `fdea5a5` to `65cc7fd`.
- [Release notes](https://github.com/catchorg/Catch2/releases )
- [Commits](fdea5a52c2...65cc7fd2ae
2022-11-20 10:31:47 -08:00
0e3f2a5157
Instrument all allocation paths ( #1620 )
...
* Instrument all allocation paths
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix test failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Remove global new/delete until issue can be resolved
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code analysis warning
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Revert ubpf update
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Code analysis failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code-analysis warning
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code-analysis warning
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix codeanalysis failures
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-19 16:33:27 +00:00
0a9be2779e
Annotate remaining code with _Must_inspect_result_ ( #1570 )
...
* Annotate remaining code with _Must_inspect_result_
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
* Fix build
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix merge failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Alan Jowett <alan.jowett@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-11-18 13:36:24 -08:00
2a73f8cd54
Expression short circuiting causes skipping of ebpf_api_close_handle ( #1663 )
...
* Expression short circuiting causes skipping of ebpf_api_close_handle
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code analysis failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-18 12:15:39 -07:00
21afc10c0f
Fix code scanning alert - Comparison of narrow type with wide type in… ( #1594 )
...
* Fix code scanning alert - Comparison of narrow type with wide type in loop condition ,index variable type is modified
* index variable is casted into the type int32_t
* Create codeql.yml
* codeql.yml file is removed sir
* typecast i to uint16_t in GetMaximumProcessorCount(i);
* changed type of helper
_id to uint32_t
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-18 09:11:30 -08:00
6a9a394247
Implement native module states ( #1646 )
...
* Implemented module state w/enum
* Final implementation
* Partial states to enum
* sync ubpf commit
* refactored error checking
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-18 06:07:37 -08:00
145933af13
Store last failed allocation stack ( #1645 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-11-17 09:22:15 -07:00
83dc3d936c
Assert on deadlock in shutting down ( #1643 )
...
* Assert on deadlock in shutting down
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix build break
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-11-16 21:14:45 -08:00
58cdfdcf8a
Spelling ( #1601 )
...
* Fix spelling in docs
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix spelling in ebpfsvc
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix include
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix libs part 1
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix libs part 2
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix tests
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix tools
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix build
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix generated files
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-11-16 14:06:14 -07:00
69574e086c
Switch to std::unique_lock to prevent deadlocks ( #1658 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-11-16 12:27:24 -07:00
f718581501
Resolve duplicate definition of _ebpf_objects ( #1659 )
...
Clear the _ebpf_netsh_objects at the start of the test and verify objects are removed.
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
2022-11-16 10:41:39 -07:00
157abd2af6
Fix maximum entry tracking for hash map type maps. ( #1592 )
...
* Part 1 of fix for LRU hash map
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-15 22:16:21 -08:00
a7753cb15d
Set thread affinity instead of process affinity ( #1653 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-15 16:36:26 -07:00
ed7ae83e72
Check for allocate_string failure ( #1639 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-15 15:54:10 -07:00
4d9084017c
Annotate EBPF API's with _Must_inspect_result_ ( #1569 )
...
* Annotate EBPF API's with _Must_inspect_result_
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
* Fix build break
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
* Fix test failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Handles may be closed by fuzzing
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code-analysis failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Alan Jowett <alan.jowett@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-15 10:31:40 -08:00
9ff77bad78
Always check return from bpf_object__open ( #1631 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-11-15 09:10:04 -07:00
e3400d82e0
Resolve conflict when updating ubpf ( #1609 )
...
* Resolve conflict when updating ubpf
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix code analysis warning
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Pickup fixed ubpf
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-14 22:49:57 -08:00
850f6d27f6
Annotate execution context API's with _Must_inspect_result_ ( #1568 )
...
* Annotate execution context API's with _Must_inspect_result_
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix rebase
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Code analysis failure
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Alan Jowett <alan.jowett@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-14 09:40:21 -08:00
8f4180dc87
Bump dawidd6/action-download-artifact from 2.24.0 to 2.24.2 ( #1625 )
...
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact ) from 2.24.0 to 2.24.2.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases )
- [Commits](https://github.com/dawidd6/action-download-artifact/compare/v2.24.0...e6e25ac3a2b93187502a8be1ef9e9603afc34925 )
---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
2022-11-13 13:06:06 -07:00
e407cd852c
Bump step-security/harden-runner from 1.5.0 to 2.0.0 ( #1626 )
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 1.5.0 to 2.0.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](2e205a28d0...ebacdc22ef
2022-11-13 10:56:29 -07:00
6ef0ecc6ac
Fail load of native image if allocation fails ( #1616 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Anurag Saxena <43585259+saxena-anurag@users.noreply.github.com>
2022-11-12 05:48:52 -08:00
5bd6f83bb0
Close handle via fd to prevent orphaned fd ( #1623 )
...
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
2022-11-11 18:23:01 -08:00
9dec755e7b
netsh fix ( #1619 )
2022-11-11 16:58:55 -08:00
Alan Jowett
Gianni Trevisiol
Delaram Amiri
dependabot[bot]
Anurag Saxena
Dhiren Vispute
Dave Thaler
Keerthi Vardhan