* Put back permission security-events: write to permit codeql to run
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* CodeQL build takes > 30 minutes
Fixes#860
This PR will conflict with PR #891 which should be merged before this
one and conflicts resolved.
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Cancel workflows if PR is updated with a new commit
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix typos
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Add some header file names included by typical eBPF programs
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* PR feedback
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix test
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Remove unneeded include
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add _MSC_VER checks around pragma warnings in ebpf program headers
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Use full path to avoid requiring an include path
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Only run code coverage related tests on each push
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Update cicd.yml
Co-authored-by: saxena-anurag <43585259+saxena-anurag@users.noreply.github.com>
ebpf_get_next_map was obsoleted by standard libbpf apis
(specifically bpf_map_get_next_id and bpf_map_get_fd_by_id)
and isn't called by anything including test code.
This increases our code coverage percentage.
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Make bpf_printk more cross-platform friendly
* Add printk_legacy.c with the define that many eBPF programs
seem to hard code.
* Updated bpf_helper_defs.h to include that exact define so
a duplicate define will not cause an error, but programs
that don't define bpf_printk can use it as they do now.
Fixes#903
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add doxygen docs for bpf_trace_printk
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* remove dependabot from the fork.
* Revert "remove dependabot from the fork."
This reverts commit c542c6cd44.
* Program info and hook NPI providers for sock_addr.
* Program info and hook NPI providers for sock_addr.
* PR Feedback.
* PR Feedback 2.
* wfp callout for sock_addr hook.
* PR Feedback.
* fix build break.
* Remove Linux + parcon dependency
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Remove Linux + parcon dependency
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Set path to compiler
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix the build
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix build
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedbac
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* add mock layer to test native module load
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* make unit_test dependent on dll projects
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Only set codecoverage status after both bpf2c and build complete
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Only set codecoverage status after both bpf2c and build complete
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* remove dependabot from the fork.
* Revert "remove dependabot from the fork."
This reverts commit c542c6cd44.
* Program info and hook NPI providers for sock_addr.
* fix analysis break.
* PR Feedback.
* PR Feedback 2.
* initial_commit
* fix build
* fix build
* fix build break due to merge
* debug build
* api changes, other changes
* bpf2c change to enmit program type, other fixes
* hydrate UM ebpf_object, other fixes
* remove logic to disable programs
* fixes
* fix sal
* build break
* build break
* fix sal errors
* fixes
* fix bpf2c_tests failure
* unload driver when program ref count becomes 0, other minor fixes
* fixes
* tail_call fixes, add test cases, other fixes
* build break
* build break
* code cleanup
* fix bad merge
* code cleanup
* code cleanup
* cleanup
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* cr comments
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* cr comments
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* cr comments
* cr comments
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* address cr comments
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* add tracing in ebpfcore, other fixes
* tracing
* add section for each map in sample
* do not delete the native service
* fix bad merge
* remove code to delete service, other fixes
* cr comments
* bpf2c should read and populate all the maps in ELF file
* add test case for creating map-in-map from native driver
* Apply suggestions from code review
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* cr comments
* add tracing for api code changes
* rename epbf_native_t to ebpf_native_module_t
* fix bad merge
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Add BPF_PROG_TYPE_CGROUP_SOCK_ADDR program type and CGROUP_INET4/6_CONNECT/RECV_ACCEPT attach types.
* PR Feedback #1.
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Harden GitHub actions workflows
The diffs in this PR were generates as follows:
* Go to https://app.stepsecurity.io/
* Paste the current content of a yml file into the space provided
* Click "Secure workflow"
* Click Copy
* Replace the local contents of the yml file with the copied contents
The stepsecurity link above is what the OSSF scorescard security alerts
(like [this one](https://github.com/microsoft/ebpf-for-windows/security/code-scanning/11))
point to as recommended.
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Remove duplicate permissions
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Address feedback
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Test of setting up requirements for bpf2c_tests
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Attempt to pin
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix parcon dependency
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Add parcon as submodule
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix parcon
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Enable building with Address Sanitizer
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Grab clang binaries
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix read overrun in map_crud_operations_lpm_trie_32
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix potential read of uninitialized memory
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Really fix read overrun
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix second overrun
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Remove RPC client test for now
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Apply suggestions from code review
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Alan Jowett
Shankar Seal
Dave Thaler
dependabot[bot]
Daniel M. Havey
saxena-anurag