ebpf-for-windows

Граф коммитов

Автор	SHA1	Сообщение	Дата
Alan Jowett	e8f91a5ffd	Add configuration option to run code analysis (#301 ) * Add configuration option to run code analysis Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add analysis to build matrix Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Fix typo Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Enable code analysis on all builds Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add default ruleset Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Enable all passing rules Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Update Analyze.default.ruleset Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update Analyze.default.ruleset Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Switch rules from prevail to warning Signed-off-by: Alan Jowett <alanjo@microsoft.com> Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-06-24 12:53:51 -06:00
Dave Thaler	5a5dbc63a7	Add additional netsh tests (#298 ) Fix a couple bugs that the tests uncovered Remove duplicate "error: error:" prefix in messages on verification Fixes #240 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-06-23 19:12:20 -06:00
saxena-anurag	b0bb08907b	add execution type to ebpf_program_load() (#297 ) * add execution type to ebpf_program_load() * cr comments	2021-06-23 18:54:03 -06:00
Dave Thaler	360aa224ea	Add some netsh tests (#295 ) Adds tests for "show sections" and "show disassembly" Addresses part of issue #240 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-23 09:54:36 -07:00
saxena-anurag	c31547cff5	Add ebpf public APIs - #1 (#290 ) * add ebpf_program_load(), few other APIs	2021-06-22 20:42:18 -07:00
Alan Jowett	3027b82df0	Unify unit tests (#294 ) * Unify unit tests Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-22 12:22:50 -06:00
Alan Jowett	562f5eda7a	end_to_end test should have a JIT version of bindmonitor.o (#243 ) * Add test that JITs the bindmonitor.o eBPF program and runs it Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Refactor tests to allow common code between JIT and interpret Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Fix test bug Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Fix rebase issue Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-22 09:51:14 -06:00
Dave Thaler	5510fd0571	Remove mention of PPL since there may be better candidates (#286 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-21 13:14:49 -07:00
poornagmsft	f6120b0c03	Update README.md (#285 ) * Update README.md Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-06-17 12:02:23 -07:00
Dave Thaler	25ba8c3306	Update uBPF to latest (#284 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-16 14:17:31 -07:00
Dave Thaler	dc157726da	Add some more SAL annotations and clean up some code analysis warnings (#277 ) * Make a couple of `_In_` arguments be const * Add `_opt_` to a number of arguments that can be NULL * Add SAL annotation to a few more APIs that were missing it * Remove annotations like `_Pre_readable_byte_size_(hash_table->key_size)` since they just give code analysis warnings such as: ``` c:\git\dthaler\ebpf-for-windows\libs\platform\ebpf_platform.h(445): warning C28230: The type of '_Param_(1)' has no member 'key_size'. c:\git\dthaler\ebpf-for-windows\libs\platform\ebpf_platform.h(445): warning C28285: For function 'ebpf_hash_table_delete' '_Param_(2)' syntax error in 'SAL_readableTo(byteCount(__formal(0,hash_table)->key_size))' near 'key_size))'. ``` Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-16 13:27:22 -07:00
Dave Thaler	2200ab915f	Merge eBPF types with the types in ebpf-verifier (#282 ) Remove duplicate types: * ebpf_helper_return_type_t * ebpf_helper_argument_type_t * ebpf_context_descriptor_t https://github.com/vbpf/ebpf-verifier/pull/238 already made the necessary changes in the PREVAIL project, which got rid of the issue with VOID and so the 'undef VOID' workarounds are removed in the present PR. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-16 11:53:21 -07:00
Dave Thaler	6ad00a1449	Annotate IDL GUID so clang-format will not interfere (#280 ) Without the annotation, clang-format would convert `uuid(6bef171d-7205-4b63-a1e5-d00f01e6a0c1)` to `uuid(6bef171d - 7205 - 4b63 - a1e5 - d00f01e6a0c1)` which would be invalid. Fixes #269 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-15 11:24:58 -07:00
Dave Thaler	a46b00c2e3	Add VM setup scripts and docs (#281 ) * Create an install script rather than having to manually do lots of steps * Make Debug build use vcruntime as static libs to avoid adding another prerequisite on a machine before installing eBPF. This isn't required for Release builds as vcruntime release DLLs are part of Windows, unlike vcruntime debug DLLs Fixes #248 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-15 08:44:43 -07:00
saxena-anurag	6fde4777e5	Change ebpfsvc to LocalService (#272 ) * ebpfsvc should be localservice * cr comments, change sidtype to restricted * pr comments	2021-06-14 15:38:42 -07:00
Alan Jowett	3a73482d66	Abstract hook registration and handle passive and dispatch (#265 ) * Abstract hook registration and handle passive and dispatch Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Switch to new license header format Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Clarify memory barrier Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add SAL annotation Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Switch to approved license header format (#268) * Switch to approved license header format Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add comments to clarify how the code works Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-06-10 15:18:29 -06:00
Alan Jowett	9e8b88a41a	Switch to approved license header format (#268 ) * Switch to approved license header format Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-10 12:02:00 -07:00
Alan Jowett	f779bea333	Switch to SynchronizationEvent (#264 ) Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-10 11:15:47 -06:00
Alan Jowett	877cb22ec0	First pass of adding SAL annotations (#253 ) * First pass of adding SAL annotations Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Finish annotating platform Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Cleanup annotation to get lock tracking work correctly Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback and fix static analysis issues Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Fix build break from merge Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-10 10:45:23 -06:00
Shankar Seal	613ee57092	Core review comments from PR 246 (#261 ) Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-06-09 20:28:23 -07:00
Dave Thaler	6be20d7aad	Simplify names of some ebpf_result codes (#256 ) * Simplify names of some ebpf_result codes * Remove _ERROR_ for consistency * Combine EBPF_INVALID_HANDLE and EBPF_INVALID_OBJECT * Rename EBPF_ERROR_NOT_FOUND to EBPF_KEY_NOT_FOUND for consistency with the associated description. * Change code that returned EBPF_ERROR_NOT_FOUND for a case other than a key, to use a different appropriate result, so the description stays correct. Fixes #212 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-09 19:32:57 -07:00
Shankar Seal	27f8d49888	API to create map and enumerate all pinned maps. (#246 ) * API to create map and enumerate all pinned maps. * Apply suggestions from code review Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Address code review comments * Address code review comments #2 * Address code review comments #3 Co-authored-by: Dave Thaler <dthaler@microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-06-09 09:44:24 -06:00
Alan Jowett	a69d6f55ad	Synchronize client detach and hook invocation (#255 ) * Synchonize client detach and hook invocation Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Check for detached program before invoking Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-09 09:17:50 -06:00
Alan Jowett	4e4c19314f	Remap helper_ids to range [0,63] (#252 ) * Remap helper_ids to range [0,63] Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-08 15:33:00 -06:00
saxena-anurag	50aac54be4	update doc for ebpf_client.exe (#250 ) Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-06-07 16:26:44 -06:00
saxena-anurag	cf2ef87325	Move program load to ebpfsvc (#245 ) * remove duplicate windows_helpers.cpp, refactor * remove commented code * move program load to service * cleanup commented code * remove commented code * cr comments * make device handle init optional * cr comments * change return type of some functions * fix * cr comments * cr comments, cover more error conditions in windows_error_to_ebpf_result * cr comments Co-authored-by: Dave Thaler <dthaler@microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-06-07 15:22:04 -06:00
Alan Jowett	7e033f0200	Remove allocations from executable memory pool (#251 ) * Remove allocations from executable memory pool Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add direction to doxygen Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Clarify use of 4096 as page size Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-06-07 14:07:24 -06:00
Dave Thaler	c059112b78	Add advice to DevelopmentGuide about not using magic numbers (#244 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-06-02 13:50:20 -07:00
Dave Thaler	bf7eef76c5	Make netsh "show verification" command display max instruction count (#242 ) Fixes #193 Signed-off-by: Dave Thaler <dthaler@microsoft.com>	2021-06-02 12:22:06 -06:00
Dave Thaler	50a773d8dc	Fix bugs in netsh helper (#238 ) * Pinning a program requires a name to pin to * The load program API doesn't correctly deal with an empty section name (it does use the first section but then tells the execution context that the section name is empty instead of the chosen one), so for now require the section name in any "add program" command * Allow netsh to hold references on multiple programs * Fix handle leak in "show programs" * Implement ability to pin a program, but unpinning requires a way to look up what a program was pinned to, and no such API exists currently. * Implement filtering "show programs" output by filename and section Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-06-01 09:47:26 -06:00
Alan Jowett	b5ee7c7259	Make JIT code pages read-only (#233 ) * Add LLVM for code generation proposal Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Revert "Add LLVM for code generation proposal" This reverts commit `cd896afd94`. * Free program object on epoch end Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Fix log function Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Workaround for VS2019 update 16.10.0 Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Use correct API to map pages to system va Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback & verifier bug fixes Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-05-28 16:59:08 -06:00
saxena-anurag	3a8e5dd7cd	remove duplicate windows_helpers.cpp, refactor (#236 ) * remove duplicate windows_helpers.cpp, refactor * remove commented code Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-05-28 15:29:41 -07:00
Alan Jowett	466e925e91	Add support for running work-item on epoch end (#231 ) * Add LLVM for code generation proposal Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Revert "Add LLVM for code generation proposal" This reverts commit `cd896afd94`. * Add support for running work-item on epoch end Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-05-27 15:41:26 -06:00
Dave Thaler	f79e91422e	Fix doxygen error when there are no changes to commit (#232 ) Previously the script worked when there were changes and generates an error when there's actually nothing to do because "git commit" returns exit code 1 when there's nothing to do. This updates the github workflow to only commit when there's something to commit. For more discussion see https://stackoverflow.com/questions/5139290/how-to-check-if-theres-nothing-to-be-committed-in-the-current-branch Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-27 14:28:28 -07:00
Alan Jowett	4c64214af7	Change resolve_maps_in_byte_code to send handles for resolution only when needed. (#230 ) * Add LLVM for code generation proposal * Revert "Add LLVM for code generation proposal" This reverts commit `cd896afd94`. * Eliminate duplicate map resolutions Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-05-27 13:56:06 -07:00
Alan Jowett	4b53d101aa	Add support for allocating pages for code that can be marked read/execute (#228 ) * Add LLVM for code generation proposal Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Revert "Add LLVM for code generation proposal" This reverts commit `cd896afd94`. * Work in progress Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Add doxygen Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com> * PR feedback Signed-off-by: Alan Jowett <alanjo@microsoft.com>	2021-05-26 14:37:04 -06:00
Dave Thaler	2bd9033b95	Fix doxygen errors (#229 ) "git commit -am" only adds changes to existing files, not new files and so was missing adding docs when new headers were added, resulting in a failure. Also some params were missing from doxygen which resulted in a bunch of warnings. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-26 12:01:58 -07:00
Dave Thaler	d37e65801a	Fix netsh display of program type (#226 ) Since the program type changed from int to GUID the display has been broken (it displays a useless pointer value). This fix makes it display the string name of the type. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-25 22:05:03 -07:00
Dave Thaler	e9e7133deb	Remove duplicate copy of helper prototypes from verifier (#220 ) Fixes #67 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-25 16:22:29 -07:00
Dave Thaler	faebbdd32a	Clean up compiler warnings (#225 ) The IDL was generating MIDL2279 because it used const on an [out] param, which is warned against since RPC marshaling copies the result into new memory. See https://marc.info/?l=ms-dcom&m=103440617317922 for some discussion. Other changes should hopefully be obvious. Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-25 15:36:19 -07:00
saxena-anurag	4b2384479d	refactor api.lib to api.lib, common.lib, service.lib (#219 ) * refactor api.lib to api.lib, common.lib, service.lib Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-05-25 14:11:13 -07:00
Dave Thaler	85277df9d6	Add guidance to make sure all code is actually built (#221 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-25 11:29:24 -06:00
Alan Jowett	2a928a6c71	Document testing in Ebpf-For-Windows (#216 ) * Add LLVM for code generation proposal Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Revert "Add LLVM for code generation proposal" This reverts commit `cd896afd94`. * Add description of tests in Ebpf-For-Windows Signed-off-by: Alan Jowett <alanjo@microsoft.com> * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <dthaler@microsoft.com> * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <dthaler@microsoft.com> Co-authored-by: Dave Thaler <dthaler@microsoft.com>	2021-05-21 13:55:48 -06:00
Dave Thaler	d9ee25f035	Add info on slack channel and zoom meeting (#209 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-05-21 11:32:50 -07:00
Dave Thaler	a3f5150f91	Update CODEOWNERS list (#213 ) So pull request notifications go to more people Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com> Co-authored-by: Alan Jowett <alanjo@microsoft.com>	2021-05-21 10:16:59 -07:00
saxena-anurag	2518e84e84	Integrate verifier with ebpfsvc (#198 ) * call verifier from svc * ebpfsvc verification support, rpc client * change rpc api to take const char*, review comments	2021-05-20 18:04:36 -07:00
Dave Thaler	773b27d2c0	Merge error codes from ebpf_windows.h into ebpf_result_t (#210 ) Fixes #151 Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-20 12:38:58 -07:00
Dave Thaler	34de16f43b	Add guidance about order of header includes (#207 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-19 14:52:38 -06:00
Dave Thaler	a33045073c	Improve clarify of eBPF extensions doc (#199 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-18 12:53:56 -07:00
Dave Thaler	1e8ed8af2c	Improve clarity of filesystem proposal doc (#200 ) Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>	2021-05-18 12:37:16 -07:00

1 2 3 4 5 ...

266 Коммитов Все ветки Поиск

266 Коммитов

Все ветки