* Harden GitHub actions workflows
The diffs in this PR were generates as follows:
* Go to https://app.stepsecurity.io/
* Paste the current content of a yml file into the space provided
* Click "Secure workflow"
* Click Copy
* Replace the local contents of the yml file with the copied contents
The stepsecurity link above is what the OSSF scorescard security alerts
(like [this one](https://github.com/microsoft/ebpf-for-windows/security/code-scanning/11))
point to as recommended.
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Remove duplicate permissions
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Address feedback
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Test of setting up requirements for bpf2c_tests
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Attempt to pin
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix parcon dependency
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Add parcon as submodule
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix parcon
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Enable building with Address Sanitizer
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Grab clang binaries
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix read overrun in map_crud_operations_lpm_trie_32
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix potential read of uninitialized memory
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Really fix read overrun
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix second overrun
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Remove RPC client test for now
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Apply suggestions from code review
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Initial OSSF Scorecard Support
* Default some permissions to read
* Try to default read-all instead
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
* Bump external/bpftool from `3aea563` to `a7f0e7f`
Bumps [external/bpftool](https://github.com/dthaler/bpftool-1) from `3aea563` to `a7f0e7f`.
- [Release notes](https://github.com/dthaler/bpftool-1/releases)
- [Commits](3aea5630b1...a7f0e7f057)
---
updated-dependencies:
- dependency-name: external/bpftool
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix gitmodules to point to windows branch
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
Add an additional flag per CPU EBPF_EPOCH_PER_CPU_STALE.
This flag is accessed by ebpf_epoch_exit and by the flush timer.
This flag is set to on by the flush timer if the free_list is not empty.
This flag is set to off by ebpf_epoch_exit (if set).
If the flush timer sees this flag on and the free_list is not empty, then it will schedule an _ebpf_epoch_stale_worker DPC on the CPU (this DPC calls ebpf_epoch_enter/ebpf_epoch_exit).
Resolves: #813
Signed-off-by: Alan Jowett alanjo@microsoft.com
* Add mutual auth for RPC client / server.
RPC client and server should authenticate each other, to ensure:
Only admin client makes a call to ebpfsvc.
Client is talking only to ebpfsvc.
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Initial printk numeric args support
Also add a verification failure test case if trying to print a pointer
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add varargs support to printk
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Validate printk format specifiers
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Verify that printk specifier count and arg count match
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Update doxygen docs
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: saxena-anurag <43585259+saxena-anurag@users.noreply.github.com>
Currently doxygen and codeql are broken because they only run on the
master branch, but it was renamed to main
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Initial version of bpf_printk support
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Convert printk.c sample to use bind hook instead of xdp hook
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add wprp file to deployment script
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Unify UM and KM platforms as much as possible for printk support
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix annotation
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Work around compiler warning
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix comment
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix keyword
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix test when -s is used
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add test to trigger division by zero handler
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Fix bugcheck in interpreter on division by zero
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* fix crash.
* use NMR APIs.
* program info provider; bind program info
rename attach provider as hook provider
function renaming
* refactor hook providers.
* async client detach.
* cicd automation and documentation.
* PR Feedback.
* switch to server 2019.
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Pickup latest ebpf-verifier to resolve this issue
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Strip paths from netsh output
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Pickup latest ebpf-verifier changes
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Switch to run CI/CD on Server 2019 + VS2019
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Pickup fix for https://github.com/vbpf/ebpf-verifier/issues/306
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Pickup fix for https://github.com/vbpf/ebpf-verifier/issues/306
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* PR feedback
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
Co-authored-by: Dave Thaler <dthaler@microsoft.com>