Skip to content

Commit

Permalink
fix logic error.
Browse files Browse the repository at this point in the history
  • Loading branch information
shankarseal committed Mar 10, 2024
1 parent b576b57 commit c7fa9a7
Show file tree
Hide file tree
Showing 6 changed files with 38 additions and 22 deletions.
9 changes: 6 additions & 3 deletions docs/eBpfExtensions.md
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ This is a mandatory header that is common to all data structures needed by eBPF

#### `ebpf_program_data_t` Struct
The various fields of this structure should be set as follows:
* `header`: Version () and size.
* `header`: Version and size.
* `program_info`: Pointer to `ebpf_program_info_t`.
* `program_type_specific_helper_function_addresses`: Pointer to `ebpf_helper_function_addresses_t`. This structure
provides the helper functions that are exclusive to this program type.
Expand Down Expand Up @@ -202,8 +202,11 @@ resources allocated in the `ebpf_program_context_create_t` call.
### 2.2 Backward compatibility of the Extension data structures
All the extension data structures are versioned. New fields can be added to the end of a data structure to maintain backward compatibility
with the existing extensions. In such cases, the size field of the header will be updated but the version of the structure *will not change*.
If the change in data structure is such that it is no longer backward compatible (such as change field type or position),
then the version number will be updated. All previous versions of extension structure will continue to be supported.
Existing eBPF extensions will continue to work without requiring recompilation.

If the change in data structure is such that it is no longer backward compatible (such as changing field type or position),
then the version number will be updated. Existing eBPF extensions would need to be updated to use the new types.

The set of supported version numbers for the various extension structures are listed in `ebpf_windows.h`.

### 2.3 Program Information NPI Client Attach and Detach Callbacks
Expand Down
14 changes: 12 additions & 2 deletions include/ebpf_program_types.h
Original file line number Diff line number Diff line change
Expand Up @@ -9,27 +9,31 @@
#define EBPF_MAX_PROGRAM_DESCRIPTOR_NAME_LENGTH 256
#define EBPF_MAX_HELPER_FUNCTION_NAME_LENGTH 256

// This is the type definition for the eBPF program type descriptor
// when version is EBPF_PROGRAM_TYPE_DESCRIPTOR_VERSION_0.
typedef struct _ebpf_program_type_descriptor
{
ebpf_extension_header_t header;
// The following fields are available in version EBPF_PROGRAM_TYPE_DESCRIPTOR_VERSION_0 and later.
const char* name;
const ebpf_context_descriptor_t* context_descriptor;
GUID program_type;
uint32_t bpf_prog_type;
char is_privileged;
} ebpf_program_type_descriptor_t;

// This is the type definition for the eBPF helper function prototype
// when version is EBPF_HELPER_FUNCTION_PROTOTYPE_VERSION_0.
typedef struct _ebpf_helper_function_prototype
{
ebpf_extension_header_t header;
// The following fields are available in version EBPF_HELPER_FUNCTION_PROTOTYPE_VERSION_0 and later.
uint32_t helper_id;
const char* name;
ebpf_return_type_t return_type;
ebpf_argument_type_t arguments[5];
} ebpf_helper_function_prototype_t;

// This is the type definition for the eBPF program information
// when version is EBPF_PROGRAM_INFO_VERSION_0.
typedef struct _ebpf_program_info
{
ebpf_extension_header_t header;
Expand All @@ -40,6 +44,8 @@ typedef struct _ebpf_program_info
const ebpf_helper_function_prototype_t* global_helper_prototype;
} ebpf_program_info_t;

// This is the type definition for the eBPF helper function addresses
// when version is EBPF_HELPER_FUNCTION_ADDRESSES_VERSION_0.
typedef struct _ebpf_helper_function_addresses
{
ebpf_extension_header_t header;
Expand All @@ -61,6 +67,8 @@ typedef void (*ebpf_program_context_destroy_t)(
_Out_writes_bytes_to_opt_(*context_size_out, *context_size_out) uint8_t* context_out,
_Inout_ size_t* context_size_out);

// This is the type definition for the eBPF program data
// when version is EBPF_PROGRAM_DATA_VERSION_0.
typedef struct _ebpf_program_data
{
ebpf_extension_header_t header;
Expand All @@ -75,6 +83,8 @@ typedef struct _ebpf_program_data
uint8_t required_irql; ///< IRQL at which the program is invoked.
} ebpf_program_data_t;

// This is the type definition for the eBPF program section information
// when version is EBPF_PROGRAM_SECTION_INFORMATION_VERSION_0.
typedef struct _ebpf_program_section_info
{
ebpf_extension_header_t header;
Expand Down
2 changes: 1 addition & 1 deletion include/ebpf_windows.h
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ typedef enum _ebpf_helper_function
/**
* @brief Header of an eBPF extension data structure.
* Every eBPF extension data structure must start with this header.
* New fields can be added to the end eBPF extension data structure
* New fields can be added to the end of an eBPF extension data structure
* without breaking backward compatibility. The version field must be
* updated only if the new data structure is not backward compatible.
*/
Expand Down
8 changes: 4 additions & 4 deletions libs/execution_context/ebpf_program.c
Original file line number Diff line number Diff line change
Expand Up @@ -237,16 +237,16 @@ _ebpf_program_verify_provider_program_data(
}

// Verify that that the program information version is supported.
if (program_data->header.version > EBPF_PROGRAM_DATA_VERSION_LATEST ||
program_data->header.size < sizeof(ebpf_program_data_t)) {
if (!(program_data->header.version == EBPF_PROGRAM_DATA_VERSION_LATEST) &&
(program_data->header.size >= EBPF_PROGRAM_DATA_VERSION_0_MINIMUM_SIZE)) {
EBPF_LOG_MESSAGE(
EBPF_TRACELOG_LEVEL_ERROR,
EBPF_TRACELOG_KEYWORD_PROGRAM,
"Program information provider version not supported.");
"Program information provider version not supported or size incorrect.");
goto Done;
}

if (program_data->header.size < EBPF_PROGRAM_DATA_MINIMUM_SIZE) {
if (program_data->header.size < EBPF_PROGRAM_DATA_VERSION_0_MINIMUM_SIZE) {
EBPF_LOG_MESSAGE_GUID(
EBPF_TRACELOG_LEVEL_ERROR,
EBPF_TRACELOG_KEYWORD_PROGRAM,
Expand Down
12 changes: 7 additions & 5 deletions libs/shared/ebpf_shared_framework.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,15 +34,17 @@ CXPLAT_EXTERN_C_BEGIN
#define EBPF_PROGRAM_SECTION_VERSION_LATEST EBPF_PROGRAM_SECTION_VERSION_0

// Minumum length of the eBPF extension program information data structures.
#define EBPF_PROGRAM_DATA_MINIMUM_SIZE (EBPF_OFFSET_OF(ebpf_program_data_t, required_irql) + sizeof(uint8_t))
#define EBPF_PROGRAM_INFO_MINIMUM_SIZE \
#define EBPF_PROGRAM_DATA_VERSION_0_MINIMUM_SIZE (EBPF_OFFSET_OF(ebpf_program_data_t, required_irql) + sizeof(uint8_t))
#define EBPF_PROGRAM_INFO_VERSION_0_MINIMUM_SIZE \
(EBPF_OFFSET_OF(ebpf_program_info_t, global_helper_prototype) + sizeof(ebpf_helper_function_prototype_t*))
#define EBPF_PROGRAM_TYPE_DESCRIPTOR_MINIMUM_SIZE \
#define EBPF_PROGRAM_TYPE_DESCRIPTOR_VERSION_0_MINIMUM_SIZE \
(EBPF_OFFSET_OF(ebpf_program_type_descriptor_t, is_privileged) + sizeof(char))
#define EBPF_CONTEXT_DESCRIPTOR_MINIMUM_SIZE \
#define EBPF_CONTEXT_DESCRIPTOR_VERSION_0_MINIMUM_SIZE \
(EBPF_OFFSET_OF(ebpf_context_descriptor_t, context_destroy) + sizeof(ebpf_program_context_destroy_t))
#define EBPF_HELPER_FUNCTION_PROTOTYPE_MINIMUM_SIZE \
#define EBPF_HELPER_FUNCTION_PROTOTYPE_VERSION_0_MINIMUM_SIZE \
(EBPF_OFFSET_OF(ebpf_helper_function_prototype_t, arguments) + 5 * sizeof(ebpf_argument_type_t))
#define EBPF_PROGRAM_SECTION_VERSION_0_MINIMUM_SIZE \
(EBPF_OFFSET_OF(ebpf_program_section_info_t, bpf_attach_type) + sizeof(uint32_t))

// Macro locally suppresses "Unreferenced variable" warning, which in 'Release' builds is treated as an error.
#define ebpf_assert_success(x) \
Expand Down
15 changes: 8 additions & 7 deletions libs/shared/shared_common.c
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,9 @@ static bool
_ebpf_validate_helper_function_prototype(const ebpf_helper_function_prototype_t* helper_prototype)
{
return (
(helper_prototype != NULL) && (helper_prototype->header.size >= EBPF_HELPER_FUNCTION_PROTOTYPE_MINIMUM_SIZE) &&
(helper_prototype->header.version <= EBPF_HELPER_FUNCTION_PROTOTYPE_VERSION_LATEST) &&
(helper_prototype != NULL) &&
(helper_prototype->header.version == EBPF_HELPER_FUNCTION_PROTOTYPE_VERSION_LATEST) &&
(helper_prototype->header.size >= EBPF_HELPER_FUNCTION_PROTOTYPE_VERSION_0_MINIMUM_SIZE) &&
(helper_prototype->name != NULL));
}

Expand Down Expand Up @@ -38,8 +39,8 @@ _ebpf_validate_program_type_descriptor(_In_ const ebpf_program_type_descriptor_t
{
return (
(program_type_descriptor != NULL) &&
(program_type_descriptor->header.size >= EBPF_PROGRAM_TYPE_DESCRIPTOR_MINIMUM_SIZE) &&
(program_type_descriptor->header.version <= EBPF_PROGRAM_TYPE_DESCRIPTOR_VERSION_LATEST) &&
(program_type_descriptor->header.version == EBPF_PROGRAM_TYPE_DESCRIPTOR_VERSION_LATEST) &&
(program_type_descriptor->header.size >= EBPF_PROGRAM_TYPE_DESCRIPTOR_VERSION_0_MINIMUM_SIZE) &&
(program_type_descriptor->name != NULL) &&
_ebpf_validate_context_descriptor(program_type_descriptor->context_descriptor));
}
Expand All @@ -48,8 +49,8 @@ bool
ebpf_validate_program_info(_In_ const ebpf_program_info_t* program_info)
{
return (
(program_info != NULL) && (program_info->header.size >= EBPF_PROGRAM_INFO_MINIMUM_SIZE) &&
(program_info->header.version <= EBPF_PROGRAM_INFORMATION_VERSION_LATEST) &&
(program_info != NULL) && (program_info->header.version == EBPF_PROGRAM_INFORMATION_VERSION_LATEST) &&
(program_info->header.size >= EBPF_PROGRAM_INFO_VERSION_0_MINIMUM_SIZE) &&
_ebpf_validate_program_type_descriptor(program_info->program_type_descriptor) &&
ebpf_validate_helper_function_prototype_array(
program_info->program_type_specific_helper_prototype,
Expand All @@ -63,7 +64,7 @@ ebpf_validate_program_section_info(_In_ const ebpf_program_section_info_t* secti
{
return (
(section_info != NULL) && (section_info->header.size >= sizeof(ebpf_program_section_info_t)) &&
(section_info->header.version <= EBPF_PROGRAM_SECTION_VERSION_LATEST) && (section_info->section_name != NULL) &&
(section_info->header.version == EBPF_PROGRAM_SECTION_VERSION_LATEST) && (section_info->section_name != NULL) &&
(section_info->program_type != NULL) && (section_info->attach_type != NULL));
}

Expand Down

0 comments on commit c7fa9a7

Please sign in to comment.