Skip to content

Commit

Permalink
Merge branch 'main' into origin/remove-extra-catch2
Browse files Browse the repository at this point in the history
  • Loading branch information
agarwalishita authored Oct 31, 2024
2 parents 9f297ef + e71e7f7 commit 18efeef
Show file tree
Hide file tree
Showing 181 changed files with 2,790 additions and 1,310 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/cicd-release-validation.yml
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ jobs:
uses: ./.github/workflows/reusable-test.yml
with:
pre_test: Invoke-WebRequest https://github.com/Alan-Jowett/bpf_conformance/releases/download/v0.0.6/bpf_conformance_runner.exe -OutFile bpf_conformance_runner.exe
test_command: .\bpf_conformance_runner.exe --test_file_directory %SOURCE_ROOT%\external\ebpf-verifier\external\bpf_conformance\tests --cpu_version v4 --exclude_regex local --plugin_path bpf2c_plugin.exe --debug true --plugin_options "--include %SOURCE_ROOT%\include"
test_command: .\bpf_conformance_runner.exe --test_file_directory %SOURCE_ROOT%\external\ebpf-verifier\external\bpf_conformance\tests --cpu_version v4 --plugin_path bpf2c_plugin.exe --debug true --plugin_options "--include %SOURCE_ROOT%\include"
name: bpf2c_conformance
build_artifact: Build-x64
environment: windows-2022
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/cicd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ jobs:
uses: ./.github/workflows/reusable-test.yml
with:
pre_test: Invoke-WebRequest https://github.com/Alan-Jowett/bpf_conformance/releases/download/v0.0.6/bpf_conformance_runner.exe -OutFile bpf_conformance_runner.exe
test_command: .\bpf_conformance_runner.exe --test_file_directory %SOURCE_ROOT%\external\ebpf-verifier\external\bpf_conformance\tests --cpu_version v4 --exclude_regex local --plugin_path bpf2c_plugin.exe --debug true --plugin_options "--include %SOURCE_ROOT%\include"
test_command: .\bpf_conformance_runner.exe --test_file_directory %SOURCE_ROOT%\external\ebpf-verifier\external\bpf_conformance\tests --cpu_version v4 --plugin_path bpf2c_plugin.exe --debug true --plugin_options "--include %SOURCE_ROOT%\include"
name: bpf2c_conformance
build_artifact: Build-x64
environment: windows-2022
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,6 @@ jobs:
egress-policy: audit

- name: 'Checkout Repository'
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: 'Dependency Review'
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
4 changes: 2 additions & 2 deletions .github/workflows/nuget_update.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,14 @@ jobs:
with:
egress-policy: audit

- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
# Only check out main repo, not submodules.
ref: ${{ github.event.workflow_run.head_branch }}


- name: Cache nuget packages
uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a
env:
cache-name: cache-nuget-modules
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ossar-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ jobs:
paths_ignore: '["**.md", "**/docs/**"]'

# Checking out the branch is needed to correctly log security alerts.
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
if: steps.skip_check.outputs.should_skip != 'true'
with:
# Only check out main repo, not submodules.
Expand Down Expand Up @@ -81,6 +81,6 @@ jobs:

- name: Upload results to Security tab
if: steps.skip_check.outputs.should_skip != 'true'
uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd
with:
sarif_file: ${{ steps.ossar.outputs.sarifFile }}
10 changes: 5 additions & 5 deletions .github/workflows/reusable-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ jobs:
powershell.exe "echo 'ASAN_WIN_CONTINUE_ON_INTERCEPTION_FAILURE=true' | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append"
powershell.exe "echo 'VCINSTALLDIR=%VCINSTALLDIR%' | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append"
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
if: steps.skip_check.outputs.should_skip != 'true'
with:
repository: ${{inputs.repository}}
Expand All @@ -135,7 +135,7 @@ jobs:
- name: Initialize CodeQL
if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true'
uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd
with:
languages: 'cpp'

Expand All @@ -154,7 +154,7 @@ jobs:

- name: Cache nuget packages
if: steps.skip_check.outputs.should_skip != 'true'
uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a
env:
cache-name: cache-nuget-modules
with:
Expand All @@ -164,7 +164,7 @@ jobs:
- name: Cache verifier project
# The hash is based on the HEAD of the ebpf-verifier submodule, the Directory.Build.props file, and the build variant.
if: steps.skip_check.outputs.should_skip != 'true'
uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a
env:
cache-name: cache-verifier-project
with:
Expand Down Expand Up @@ -294,4 +294,4 @@ jobs:

- name: Perform CodeQL Analysis
if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true'
uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd
8 changes: 4 additions & 4 deletions .github/workflows/reusable-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -100,15 +100,15 @@ jobs:
paths_ignore: '["**.md", "**/docs/**"]'

# Checking out the branch is needed to gather correct code coverage data.
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
# Only check out source code if code coverage is being gathered.
if: (inputs.code_coverage == true) && (steps.skip_check.outputs.should_skip != 'true')
with:
submodules: 'recursive'
ref: ${{ github.event.workflow_run.head_branch }}

# Perform shallow checkout for self-hosted runner.
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
if: (inputs.environment == 'ebpf_cicd_tests_ws2019' || inputs.environment == 'ebpf_cicd_tests_ws2022' || inputs.environment == 'ebpf_cicd_perf_ws2022') && (steps.skip_check.outputs.should_skip != 'true')
with:
ref: ${{ github.event.workflow_run.head_branch }}
Expand All @@ -123,7 +123,7 @@ jobs:
files: .github/workflows/reusable-test.yml

# Check out just this file if code hasn't been checked out yet.
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
if: (steps.check_reusable_test_locally.outputs.files_exists != 'true') && (steps.skip_check.outputs.should_skip != 'true')
with:
sparse-checkout: |
Expand All @@ -142,7 +142,7 @@ jobs:
# Add cache entry for any choco packages that are installed.
# The cache key is based on the hash of this file so if any choco packages are added or removed, the cache will be invalidated.
if: (inputs.gather_dumps == true) && (steps.skip_check.outputs.should_skip != 'true')
uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a
env:
cache-name: cache-choco-packages
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scorecards-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
- name: "Checkout code"
if: github.ref_name == 'main'
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false

Expand Down Expand Up @@ -76,6 +76,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
if: github.ref_name == 'main'
uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/update-docs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
run: |
sudo apt install doxygen
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683

- name: Clone docs
run: |
Expand Down
2 changes: 1 addition & 1 deletion .gitmodules
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[submodule "external/ebpf-verifier"]
path = external/ebpf-verifier
url = https://github.com/vbpf/ebpf-verifier.git
url = https://github.com/dthaler/ebpf-verifier.git
[submodule "external/ubpf"]
path = external/ubpf
url = https://github.com/iovisor/ubpf.git
Expand Down
126 changes: 126 additions & 0 deletions docs/BpfSyscallCompatibility.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
# `bpf()` syscall compatibility with Linux ABI

There is a desire to have first-class eBPF support for Windows for the Go ecosystem.
The Go community prefers for libraries that can be easily cross-compiled and distributed.
However, calling into libbpf via Go's foreign function interface (CGo) goes against this spirit, as it requires distributing C headers, a C toolchain, and other dependencies.

To address this, one of the most popular ways to interact with eBPF on Linux is through the [ebpf-go library], which intentionally avoids CGo.
Given these considerations, this proposal explores what is necessary to port the ebpf-go library to the eBPF for Windows runtime.
Such a port would provide a solution that aligns with Go's cross-platform philosophy while offering robust eBPF support for Windows.

## ebpf-go architecture

ebpf-go uses BTF from a Linux kernel image to generate syscall bindings.
This happens at development time, and the bindings are checked in.
These are used from the rest of the library to provide an "idiomatic" public API.

```mermaid
flowchart LR
public[public API] --> sys[syscall bindings]
sys --> bpf["syscall(SYS_BPF)"]
subgraph auto[auto-generated from BTF]
sys
end
```

The library follows the same ELF conventions as libbpf so you are able to load the same ELF files.
The API however is [completely distinct][architecture] and doesn't follow libbpf semantics.

## ebpf-go on Windows

The goal of porting ebpf-go is to end up with a library that facilitates porting programs written for Linux to Windows.
In the best case the public API stays the same regardless of operating system.

A natural point to start a port is to replace the auto-generated syscall bindings with a Windows-specific wrapper.
[An attempt][stable ioctl] was made to directly issue `DeviceIoControl` from ebpf-go.
This approach was discarded because the exact format of the request and response buffers is currently an implementation detail, which is a good thing considering that the current approach [has performance implications][ioctl allocs].
It also forces us to reimplement the scheme used to load signed native images, which might also still change.

Instead of replacing the auto-generated syscall bindings we can replace the `bpf()` syscall on Windows with an existing [wrapper][bpf wrapper].
This has a number of benefits:

- The necessary changes are much smaller since we don't need to write new code to generate bindings for Windows.
- We don't need to add a new stable API to the Windows runtime and instead can reuse the existing `bpf()` emulation.

For this to work we need the `bpf()` emulation to be binary compatible with the Linux syscall.
Otherwise the auto generated bindings in ebpf-go won't work, negating one of the key benefits of this approach.
This is problematic since so far eBPF for Windows has only targeted source-level compatibility, not binary compatibility.

### Differing `bpf_cmd_id` values

The values of `bpf_cmd_id` do not match Linux, which leads to ebpf-go performing the wrong syscalls.

### Differing field size

On Windows the length of an object's name is restricted to 64 characters, while Linux only allows 16.
Unfortunately this constant is used to size an array embedded in key structures like `bpf_map_info` and `bpf_prog_info`:

```C
struct bpf_map_info
{
// ...
char name[BPF_OBJ_NAME_LEN]; ///< Null-terminated map name.
// ...
```
The result is that fields after `name` have a different offset.
### Differing field order / presence
Sometimes the field order doesn't match. For example, `id` and `type` are swapped in `bpf_map_info`.
```C
struct bpf_map_info
{
// Cross-platform fields.
ebpf_id_t id; ///< Map ID.
ebpf_map_type_t type; ///< Type of map.
// ...
```

Some unsupported fields are missing completely:

```C
struct bpf_prog_info
{
ebpf_id_t id; ///< Program ID.
enum bpf_prog_type type; ///< Program type, if a cross-platform type.
// 8 missing fields
uint32_t nr_map_ids; ///< Number of maps associated with this program.
```
### Additional fields
Some structures contain Windows-specific fields:
```C
struct bpf_map_info
{
// Cross-platform fields.
ebpf_id_t id; ///< Map ID.
// ...
// Windows-specific fields.
ebpf_id_t inner_map_id; ///< ID of inner map template.
uint32_t pinned_path_count; ///< Number of pinned paths.
};
```

This is problematic because Linux exposes many more fields in `bpf_map_info`, aliasing with the Windows-specific fields.
Adding a new cross-platform field before the Windows-specific fields will break compatibility in several ways.

## Resolve ABI incompatibilities in the `bpf()` syscall emulation

Changing the problematic types globally is possible but undesirable, since it will cause problems for existing users of the C API.
Instead we will restrict the necessary changes to the `bpf()` syscall emulation.
A separate header will contain type definitions compatible with the Linux ABI.
The syscall emulation layer is then responsible for translating between the Linux
and native types.
This localises breakage to users of `bpf()` and allows the C API to evolve on its own.

[ebpf-go library]: https://ebpf-go.dev
[architecture]: https://ebpf-go.dev/contributing/architecture/
[stable ioctl]: https://github.com/microsoft/ebpf-for-windows/issues/3700
[ioctl allocs]: https://github.com/microsoft/ebpf-for-windows/issues/3726
[bpf wrapper]: https://github.com/microsoft/ebpf-for-windows/blob/main/libs/api/bpf_syscall.cpp
[api tests]: https://github.com/microsoft/ebpf-for-windows/issues/3729#issuecomment-2259330472
4 changes: 2 additions & 2 deletions docs/GettingStarted.md
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ Alternative install steps (for *basic* Visual Studio Community edition):
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
```

1. Run the following command to automatically setup the dev environment:
1. Run the following command to automatically set up the dev environment:

```ps
Invoke-WebRequest 'https://raw.githubusercontent.com/microsoft/ebpf-for-windows/main/scripts/Setup-DevEnv.ps1' -OutFile $env:TEMP\Setup-DeveEnv.ps1
Expand Down Expand Up @@ -596,4 +596,4 @@ development cycle. See the [Windows Hardware Developer documentation](https://l
Extensions that integrate with eBPF for Windows:
- XDP extension: [xdp-for-windows](https://github.com/microsoft/xdp-for-windows)
- ntosebpfext extension: [ntosebpfext](https://github.com/microsoft/ntosebpfext)
- Network event extension: [neteventebpfext](https://github.com/microsoft/ntosebpfext/blob/main/docs/neteventebpfext.md)
- Network event extension: [neteventebpfext](https://github.com/microsoft/ntosebpfext/blob/main/docs/neteventebpfext.md)
2 changes: 1 addition & 1 deletion docs/isa-support.rst
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ opcode src_reg offset imm description
0x7f any 0 0x00 dst >>= src Y Y Y rsh-reg
0x84 0x0 0 0x00 dst = (u32)-dst Y Y Y neg
0x85 0x0 0 any call helper function by static ID Y Y Y call_unwind_fail
0x85 0x1 0 any call PC += imm no no no call_local
0x85 0x1 0 any call PC += imm Y part Y call_local
0x85 0x2 0 any call helper function by BTF ID no no no ???
0x87 0x0 0 0x00 dst = -dst Y Y Y neg64
0x8d 0x0 0 0x00 call helper function by static ID in register Y Y no callx
Expand Down
6 changes: 3 additions & 3 deletions ebpfcore/usersim/EbpfCore_Usersim.vcxproj
Original file line number Diff line number Diff line change
Expand Up @@ -207,8 +207,8 @@
<FilesToPackage Include="$(TargetPath)" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\external\usersim\cxplat\src\cxplat_winkernel\cxplat_winkernel.vcxproj">
<Project>{1ebe3966-7dc4-49b4-b840-3d33d63415ec}</Project>
<ProjectReference Include="..\..\external\usersim\cxplat\src\cxplat_winuser\cxplat_winuser.vcxproj">
<Project>{f2ca70ab-af9a-47d1-9da9-94d5ab573ac2}</Project>
</ProjectReference>
<ProjectReference Include="..\..\external\usersim\src\usersim.vcxproj">
<Project>{030a7ac6-14dc-45cf-af34-891057ab1402}</Project>
Expand Down Expand Up @@ -236,4 +236,4 @@
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>
</Project>
7 changes: 6 additions & 1 deletion ebpfcore/usersim/EbpfCore_Usersim.vcxproj.filters
Original file line number Diff line number Diff line change
Expand Up @@ -35,4 +35,9 @@
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
</Project>
<ItemGroup>
<ResourceCompile Include="$(SolutionDir)resource\ebpf_resource.rc">
<Filter>Resource Files</Filter>
</ResourceCompile>
</ItemGroup>
</Project>
2 changes: 1 addition & 1 deletion external/ebpf-verifier
Submodule ebpf-verifier updated 57 files
+1 −1 .gitmodules
+79 −66 CMakeLists.txt
+1 −1 ebpf-samples
+1 −1 external/bpf_conformance
+1 −1 external/libbtf
+1 −1 external/radix_tree
+49 −46 src/asm_cfg.cpp
+9 −9 src/asm_files.cpp
+4 −3 src/asm_files.hpp
+62 −73 src/asm_marshal.cpp
+25 −50 src/asm_ostream.cpp
+29 −24 src/asm_ostream.hpp
+36 −88 src/asm_parse.cpp
+0 −2 src/asm_parse.hpp
+7 −22 src/asm_syntax.hpp
+101 −102 src/asm_unmarshal.cpp
+52 −54 src/assertions.cpp
+45 −44 src/crab/array_domain.cpp
+7 −9 src/crab/cfg.hpp
+10 −0 src/crab/dsl_syntax.hpp
+79 −326 src/crab/ebpf_domain.cpp
+2 −52 src/crab/ebpf_domain.hpp
+17 −17 src/crab/fwd_analyzer.cpp
+37 −26 src/crab/interval.hpp
+10 −8 src/crab/linear_constraint.hpp
+42 −49 src/crab/split_dbm.cpp
+2 −2 src/crab/thresholds.cpp
+1 −1 src/crab/thresholds.hpp
+376 −0 src/crab/type_domain.cpp
+79 −0 src/crab/type_domain.hpp
+70 −0 src/crab/type_encoding.hpp
+13 −27 src/crab/var_factory.cpp
+11 −31 src/crab/variable.hpp
+192 −44 src/crab/wto.cpp
+68 −206 src/crab/wto.hpp
+0 −81 src/crab/wto_cycle.hpp
+0 −43 src/crab/wto_nesting.hpp
+95 −178 src/crab_utils/graph_ops.hpp
+28 −40 src/crab_utils/heap.hpp
+9 −26 src/crab_utils/lazy_allocator.hpp
+9 −9 src/crab_utils/num_big.hpp
+13 −0 src/crab_utils/num_extended.hpp
+28 −29 src/crab_utils/num_safeint.hpp
+25 −0 src/crab_utils/num_safety.hpp
+2 −1 src/crab_utils/stats.cpp
+2 −2 src/crab_utils/stats.hpp
+9 −10 src/crab_verifier.cpp
+2 −2 src/crab_verifier.hpp
+8 −2 src/ebpf_vm_isa.hpp
+15 −16 src/ebpf_yaml.cpp
+2 −2 src/main/check.cpp
+2 −18 src/string_constraints.hpp
+53 −52 src/test/test_marshal.cpp
+3 −3 src/test/test_print.cpp
+42 −44 src/test/test_verify.cpp
+55 −0 test-data/calllocal.yaml
+1 −1 test-data/jump.yaml
2 changes: 1 addition & 1 deletion external/usersim
Loading

0 comments on commit 18efeef

Please sign in to comment.