* WIP: enumerate sections in native code
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Make bpf2c emit section names
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* More of PE section enumeration
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix program type and map count display for native programs
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Update cmake files
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Temporarily disable some compiler warnings for the pe-parse project
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Native programs have different sizes for skeleton in debug vs release
Also add text case for section is just ".text"
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Address PR feedback
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Force inlining utility functions inside ebpf programs
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Update expected output
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* More expected output changes
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix ebpfapi to allow a single section of name .text
To match libbpf behavior
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix test
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Resolve analysis warnings
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix analysis warnings
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Address PR comments from Anurag
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix test
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* fix crash.
* use NMR APIs.
* program info provider; bind program info
rename attach provider as hook provider
function renaming
* refactor hook providers.
* async client detach.
* cicd automation and documentation.
* PR Feedback.
* switch to server 2019.
Co-authored-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Fix netsh "show maps" output
* Display correct inner map ID
* Display Map ID
* Display count of # paths pinned
* Correct "set program" help text
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix rebase
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
* Add option to pin all programs added and show links and maps
* "add programs" now supports the equivalent of bpftool's "prog loadall"
in addition to just "prog load"
* add "show links" netsh command
* expose "show maps" netsh command. It was partially implemented but
never exposed before.
* remove ebpf_map_query_definition() and test as being redundant with
bpf_obj_get_info_by_fd() (and in the future, a strongly typed one that
is map specific but different from the query map definition prototype)
* Fix bug where getting the next ID failed to check for index beyond
array size. And add test cases for it.
* Fix bug in ebpf_state.c where after enough tests ran it would start
returning EBPF_NO_MEMORY because _ebpf_state_next_index was never
reset.
Addresses #549
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Add libpf's libbpf_prog_type_by_name() API
And add an ebpf_get_program_type_by_name() that returns the GUIDs
instead of ints.
This also removes the hard-coding of GUIDs or ints from the netsh
helper.
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Update netsh commands to use more standard libbpf apis
* Add support for libbpf bpf_obj_pin() API
* Add support for libbpf bpf_object__next() API
* Rename BPF_{PROG,ATTACH}_TYPE_UNKNOWN to ...UNSPEC for libbpf compat
* Remove now-unused handle APIs ebpf_api_load_program and
ebpf_api_pin_object, which is part of issue #383
* netsh set/delete program now uses the ID to identify the program,
like bpftool does, so that it can work even if the program wasn't
loaded from an ELF file
Fixes#191
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
* Fix non-determinism in build due to multiple projects generating header
* Only regenerate git_commit_id.h on change
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
* Create an install script rather than having to manually do lots
of steps
* Make Debug build use vcruntime as static libs to avoid adding
another prerequisite on a machine before installing eBPF. This
isn't required for Release builds as vcruntime release DLLs
are part of Windows, unlike vcruntime debug DLLs
Fixes#248
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
* Pinning a program requires a name to pin to
* The load program API doesn't correctly deal with an empty section name
(it does use the first section but then tells the execution context
that the section name is empty instead of the chosen one), so for now
require the section name in any "add program" command
* Allow netsh to hold references on multiple programs
* Fix handle leak in "show programs"
* Implement ability to pin a program, but unpinning requires
a way to look up what a program was pinned to, and no such
API exists currently.
* Implement filtering "show programs" output by filename and section
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
Co-authored-by: Alan Jowett <alanjo@microsoft.com>
Since the program type changed from int to GUID the display has been
broken (it displays a useless pointer value). This fix makes it display
the string name of the type.
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
The IDL was generating MIDL2279 because it used const on an [out] param,
which is warned against since RPC marshaling copies the result into new
memory. See https://marc.info/?l=ms-dcom&m=103440617317922 for some
discussion.
Other changes should hopefully be obvious.
Signed-off-by: Dave Thaler <dthaler@ntdev.microsoft.com>
Dave Thaler
Alessandro Gario
Alan Jowett
Shankar Seal
saxena-anurag