microsoft
/
ebpf-for-windows
зеркало из https://github.com/microsoft/ebpf-for-windows.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
210 коммитов 34 Ветки 22 Теги 41 MiB
Граф коммитов

210 Коммитов

Автор SHA1 Сообщение Дата
theidexisted 2b2ea62dee
Minor fix, save a constructor (#165) 
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-12 04:54:00 -07:00
Alan Jowett 38dae7294d
Switch to using https://github.com/iovisor/ubpf as the upstream branch for ubpf (#178) 
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-11 20:48:32 -07:00
Alan Jowett 1aedf620fc
Modify EBPF_OPERATION_GET_PROGRAM_INFORMATION to accept ebpf_program_type_t (#175) 
Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-11 18:25:11 -07:00
Shankar Seal 445ba0faad
Update CONTRIBUTING.md (#176) 
fix link
 2021-05-11 17:51:22 -07:00
Alan Jowett 25f6253fb1
Eliminate need for _unwind_helper (#174) 
* Eliminate need for _unwind_helper

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Fix build break

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-11 17:16:30 -06:00
Dave Thaler be2c2c31f0
Added html documentation folder to .gitignore (#172) 
Step 1 of making doxygen generate html docs as part of issue #71

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-11 14:47:19 -07:00
Alan Jowett 1af5e65f65
Switch ebpf_program_type_descriptor_t::platform_specific_data to GUID (#171) 
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-11 14:46:00 -06:00
Alan Jowett bf6cb270ac
Update driver to return ebpf_program_data_t to verifier (#163) 
* Update driver to return ebpf_program_data_t to verifier

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Fix typo in comment

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-11 09:53:12 -07:00
Dave Thaler fba10c87b3
Update verifier to get latest disassembly format (#164) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-11 09:25:47 -07:00
smiley 5bcb662939
Update README.md (#168) 
Added missing close parenthesis.
 2021-05-11 08:59:53 -07:00
Quentin Monnet 728699217f
Fix link to "eBPF assembly with LLVM" post in tutorial (#167) 
The current link points to the binary for LLVM-7, instead of the blog
post mentioned. Let's fix the URL.
 2021-05-11 07:30:42 -07:00
Alan Jowett 962ef5e03d
Split tests (#158) 
* Create unit test for execution context
* Split out platform unit tests
* Call UT as part of CI/CD pipeline

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-10 15:14:49 -06:00
Dave Thaler a022da91cb
Fix README.md (#157) 
HVCI requires the guest OS to enforce it so doesn't apply to Linux

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-10 10:03:14 -07:00
Alan Jowett c47617951a
Split public and internal headers (#154) 
* Split public and internal headers

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-10 09:47:54 -06:00
saxena-anurag d724d3b079
Basic ebpfservice with RPC interface (#147) 
* fix service based on new directory path
* fix x64 release build break
* add copyright headers
* cr comments
* address review comments
* cr comments, fix formatting
* Update comment
* Update comment

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-10 07:27:37 -07:00
Alan Jowett d9c8dc45a1
First draft of code to serialize EBPF program info (#152) 
* First draft of code to serialize EBPF program info
* Add code to encode program information from extension

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-10 07:07:43 -07:00
Dave Thaler 7a34bb0c86
Make verifier and netsh use GUIDs instead of int program types (#150) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-08 10:45:50 -06:00
Alan Jowett e0dd3ce0e3
Set working directory so that end_to_end.exe finds the eBPF files (#149) 
* Set working director so that end_to_end.exe finds the eBPF files

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* PR feedback

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-07 17:24:36 -07:00
Dave Thaler 0f7a6b0c12
Update to latest verifier version (#148) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-07 17:02:54 -07:00
Alan Jowett 51b710b1f1
Simplify the bindmonitor.c eBPF program (#146) 
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-07 14:08:40 -06:00
Dave Thaler 7e36b792e2
More wording tweaks to README (#145) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-06 14:30:56 -07:00
Dave Thaler b2a41eae21
Put hook and helper APIs in common headers (#142) 
Fixes #138

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-06 13:47:09 -07:00
Dave Thaler 07d263844f
Wording updates to readme (#140) 
Based on feedback from others

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-06 11:51:06 -07:00
Alan Jowett 40d8633277
Add support for having provider helper function address change on reload of a provider (#135) 
* Add support for notifying on provider change
* Build trampoline functions for relocation of provider helper functions

Resolves: #135 
Resolves: #133 

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-05 18:24:09 -06:00
Dave Thaler 927b2081e3
Update directory structure (#134) 
Fixes #124

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-05 14:10:28 -06:00
Dave Thaler 90d0f6971f
Remove unused files (#130) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-05 10:11:34 -06:00
Dave Thaler 0459505439
Fix missing copyright/license info in several files (#129) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-05 08:53:36 -07:00
Dave Thaler 00bd6ef2da
Run a format-code pass on all files (#131) 
This PR is the result of running "./scripts/format-code.ps1"
There are no manual changes in this PR

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-05 08:39:38 -07:00
Alan Jowett a8045d4f3e
EbpfApi should first load the program, then create ebpf_program_t and then verify (#128) 
* EbpfApi should first load the program, then create ebpf_program_t and then finally verify

Resolves: #127

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* PR feedback

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Update src/ebpf/libs/execution_context/ebpf_program.c

Co-authored-by: Dave Thaler <dthaler@microsoft.com>

* Fix build break

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-05-04 17:58:49 -07:00
Dave Thaler 67e1e85633
Minor tweaks to diagram (#126) 
Straighten arrow
Make PPL service box wider

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-04 15:20:29 -07:00
Alan Jowett 932b16cff3
Split out NetEbpfExt from eBPF execution context (#123) 
Split EbpfCore.sys into EbpfCore.sys and NetEbpfExt.sys

Resolves: #122

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-04 15:31:12 -06:00
Alan Jowett 2b48815269
Add support for loading program provider information from kernel (#119) 
Add support for loading program provider information from kernel

Resolves: #118 

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-05-03 16:17:10 -06:00
Dave Thaler 5e685b9911
More improvements to README file (#120) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-05-03 12:28:30 -07:00
Alan Jowett 3e55125d7c
Verify handles are from correct driver (#117) 
Verify handles are from correct driver

Resolves: #116 

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-04-30 14:57:36 -06:00
Alan Jowett c2734bbeaf
Modify epbf_program_t to take a reference on the ebpf_map_t it uses. (#115) 
ebpf_program_t should take a reference on ebpf_map_t object that it uses.

Resolves: #112

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-04-30 14:14:25 -06:00
Alan Jowett 05eb2789f9
Separate object enumeration from handle code (#114) 
* Seperate object enumeration from handle code

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Fix typos

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* PR feedback

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Add rules about object lifetime

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-04-30 12:55:21 -07:00
Alan Jowett b138e2fb83
eBPF should use Windows Handles for eBPF objects (#110) 
* Pickup changes from upstream ubpf

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Add ebpf_handle_kernel.c to interface with Windows object manager to manage lifetimes.

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* PR feedback

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-30 11:49:23 -07:00
Alan Jowett 5be028810b
Fix pool corruption and memory leak (#109) 
Fix pool corruption and memory leak

Resolves: #107

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-04-29 18:17:02 -06:00
poornagmsft 71f86e72e2
fixing a minor typo (#108) 2021-04-29 15:22:29 -07:00
Alan Jowett eecf006201
Reduce churn in upstream ubpf repo (#104) 
* Reduce churn in upstream ubpf repo

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-29 09:43:28 -06:00
Dave Thaler 39c1819f18
Update verifier to include changes to check ctx mismatches (#106) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-04-28 17:49:18 -07:00
Alan Jowett 88cd4bf3cb
All internal code should be /w4 /wx clean (#103) 
All internal code should be /w4 /wx clean

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-28 15:51:58 -06:00
Alan Jowett a249f0f333
Switch demo to use ebpf_link APIs (#100) 
Switch demo to use ebpf_link APIs

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-27 21:39:20 -06:00
Dave Thaler e88aedf4dc
Fix nits in architecture diagram (#101) 
Fixes #99

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-04-27 18:56:50 -07:00
Alan Jowett 191920814c
Plumb API to call ebpf_hook API's from user mode (#98) 
Plumb API to call ebpf_hook API's from user mode

Resolves: #98 

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-27 16:21:21 -06:00
Alan Jowett 9d08b00aef
Rename ebpf_hook_instance_t to ebpf_link_t (#95) 
Resolves: #95 

Rename ebf_hook  to ebpf_link.

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-26 17:17:44 -06:00
Alan Jowett 0b0eaca37c
Implement eBPF extension and provider loading functionality (#90) 
* Add support for invoking NMR to register client and providers.
Load global helper functions as extensions.
Create user-mode mocks to test extension loading.

Resolves: #80

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2021-04-26 16:37:12 -06:00
Alan Jowett 68cc22c090
Cleanup obsolute build files (#93) 
Signed-off-by: Alan Jowett <alanjo@microsoft.com>

Co-authored-by: Dave Thaler <dthaler@microsoft.com>
 2021-04-26 12:44:37 -07:00
Dave Thaler db9dea71e1
Remove some header ordering dependencies (#92) 
Fixes #22

Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-04-26 12:16:20 -07:00
Dave Thaler 08c116b8d6
More cleanup (#91) 
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
 2021-04-26 11:43:13 -07:00