* Test Extension Part 2
* rename test extension to sample extension and update Getting-started doc.
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Add prog array map type and bpf_tail_call()
This also fixes a bug where bpf_object__find_program_by_name
could only find the first program because program->object
was always null.
Also fixes tests to correctly use a signed int for what hooks return,
instead of an unsigned int.
Not done in this PR, but will be in a separate PR:
* make tail call replace stack frame instead of simply calling into the callee
* limit number of tail calls to 32
* require the same program type for caller and callee
* test with load byte array instead of from a file
Addresses part of #344
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Address PR feedback
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Address PR feedback
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add missing file
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Disable warning due to C enum types used in C++
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* add UNLINK operation
* Some fixes:
1. Added attach_lock to synchronize multiple detach calls on same link object.
2. ebpf_extension_unload() should be called from ebpf_link_detach_program()
3. Changed return type of ebpf_program_get_properties to void.
* Update libs/execution_context/ebpf_program.c
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Libbpf API compatibility
Libbpf is incorporated as a submodule just for the header file.
As discussed in issue #84, we cannot currently use the implementation
since it is very Linux and GCC specific.
This PR also fixes a bug where the user-mode API was calling
CloseHandle directly instead of Platform::CloseHandle which is needed
to make tests work with the mock platform.
Addresses #84
Some code will be cleaner once issue #81 is done
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Previously some places had "info" and some had "information".
Both appear in dictionaries, so guidance to avoid abbreviations does not apply.
Fixes#314
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
This PR is the second of three steps towards fully addressing #259
The doxygen \ref annotation tells doxygen to make the following word
be linked to the appropriate location in the generated docs.
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Before this change, the API docs at
https://microsoft.github.io/ebpf-for-windows/ebpf__helpers_8h.html
just show the typedefs. This PR updates the documentation so that the
helpers are documented just like normal public APIs would be.
This is the first step towards addressing #259
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Make all enum values have a description in the generated API docs
* Also remove SAL annotation from the generated docs, since SAL
breaks doxygen type detection
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Switch from _Pre_maybenull_ to _In_opt_
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix C6011
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix C6011 in PreprocessCommand
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Remove duplicate types:
* ebpf_helper_return_type_t
* ebpf_helper_argument_type_t
* ebpf_context_descriptor_t
https://github.com/vbpf/ebpf-verifier/pull/238 already made the
necessary changes in the PREVAIL project, which got rid of the
issue with VOID and so the 'undef VOID' workarounds are removed
in the present PR.
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
* First pass of adding SAL annotations
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Finish annotating platform
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Cleanup annotation to get lock tracking work correctly
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback and fix static analysis issues
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix build break from merge
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Simplify names of some ebpf_result codes
* Remove _ERROR_ for consistency
* Combine EBPF_INVALID_HANDLE and EBPF_INVALID_OBJECT
* Rename EBPF_ERROR_NOT_FOUND to EBPF_KEY_NOT_FOUND for consistency with the associated description.
* Change code that returned EBPF_ERROR_NOT_FOUND for a case other than a
key, to use a different appropriate result, so the description stays correct.
Fixes#212
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
* Pinning a program requires a name to pin to
* The load program API doesn't correctly deal with an empty section name
(it does use the first section but then tells the execution context
that the section name is empty instead of the chosen one), so for now
require the section name in any "add program" command
* Allow netsh to hold references on multiple programs
* Fix handle leak in "show programs"
* Implement ability to pin a program, but unpinning requires
a way to look up what a program was pinned to, and no such
API exists currently.
* Implement filtering "show programs" output by filename and section
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
"git commit -am" only adds changes to existing files, not new files
and so was missing adding docs when new headers were added, resulting
in a failure.
Also some params were missing from doxygen which resulted in
a bunch of warnings.
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
The IDL was generating MIDL2279 because it used const on an [out] param,
which is warned against since RPC marshaling copies the result into new
memory. See https://marc.info/?l=ms-dcom&m=103440617317922 for some
discussion.
Other changes should hopefully be obvious.
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
* First draft of code to serialize EBPF program info
* Add code to encode program information from extension
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Add support for notifying on provider change
* Build trampoline functions for relocation of provider helper functions
Resolves: #135Resolves: #133
Signed-off-by: Alan Jowett <alanjo@microsoft.com>