Added ntosext extensions in the GettingStarted.md document. #3785
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
shpalani
requested review from
dthaler,
poornagmsft,
Alan-Jowett,
saxena-anurag,
shankarseal,
dv-msft,
gtrevi,
matthewige,
mtfriesen and
rectified95
as code owners
dthaler
reviewed
Aug 23, 2024
dthaler
reviewed
Aug 28, 2024
Co-authored-by: Dave Thaler <[email protected]>
matthewige
reviewed
Aug 28, 2024
matthewige
approved these changes
Aug 28, 2024
dthaler
approved these changes
Aug 29, 2024
shankarseal
pushed a commit
that referenced
this pull request
Nov 1, 2024
* Added ntosext extension in the doc * Addressed PR comment * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <[email protected]> --------- Co-authored-by: Dave Thaler <[email protected]>
github-merge-queue bot
pushed a commit
that referenced
this pull request
Nov 19, 2024
* wip * Merged PR 28837: Fix CICD Fix CICD build failures. * wip * wip * Revert "wip" This reverts commit e7311fe. * sync * sync * sync * feedback * draft * sync * sync * draft * wip * nit * wip * wip * wip * wip * wip * wip * nit * add AKS evn detection, add TBD check eBPF usage on uninstall * wip * Merged PR 30605: Bump bpf_conformance to 0.6.0 to unblock conformance testing Bump bpf_conformance to 0.6.0 to unblock conformance testing Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30598: Add new onefuzz task to perform continual fuzzing of eBPF for Windows Add new onefuzz task to perform continual fuzzing of eBPF for Windows * Merged PR 30633: Add missing bug filing info for netebpfext Add missing bug filing info for netebpfext Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30634: Add codecoverage for fuzzing pipeline Add codecoverage for fuzzing pipeline Signed-off-by: Alan Jowett <[email protected]> * wip * Merged PR 30808: Apply correct fuzzer settings Apply correct fuzzer settings Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30804: Fix division by zero in batch delete. Fix division by zero in batch delete: `input_count = key_length / map_definition->key_size;` Related work items: #159139 * Merged PR 30814: Fix OneFuzzConfig.json to fuzz feature/security_fix and correctly assign bugs Fix OneFuzzConfig.json to fuzz feature/security_fix and correctly assign bugs Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30825: Reformat IOCTL fuzzing seed to include reply length Reformat IOCTL fuzzing seed to include reply length and regenerate corpus. Issue: The fuzzer was always setting an invalid reply length, even for "good" cases. This results in many paths being blocked because reply length != expected reply length in ebpf_core_invoke_protocol_handler. By including the correct reply length in the seed, we permit the fuzzer to explore more code spaces. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30880: Add ASAN_OPTIONS=allocator_may_return_null=1 Add ASAN_OPTIONS=allocator_may_return_null=1 Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30890: Run all libfuzzers in OneFuzz on the feature/security_fix branch Run all libfuzzers in OneFuzz on the feature/security_fix branch Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30897: _ebpf_program_load_byte_code should reject zero length eBPF programs _ebpf_program_load_byte_code should reject zero length eBPF programs Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30922: Improve verifier coverage by permitting more program types to run. Improve verifier coverage by permitting more program types to run. Due to context create for sample program type, all calls to prog run for a sample program fail with minimal coverage. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30905: Prevent fuzzer from triggering long running bpf_prog_test_run The execution_context_fuzzer can get hung on executing a BPF program if it fuzzes the iteration count to a huge value, resulting in the test timing out after several minutes. This slows the rate of useful fuzzing. Signed-off-by: Alan Jowett <[email protected]> * Fix buffer overflow in ebpf_program_get_info Signed-off-by: Alan Jowett <[email protected]> * Workaround for verifier bug Signed-off-by: Alan Jowett <[email protected]> * Fix division by zero in _ebpf_core_protocol_map_update_element_batch Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30956: Improve code coverage of execution context fuzzer During creation of the various map types, creation of several map types was failing, preventing fuzzing of those maps. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30819: Check LPM key length Check LPM key length Signed-off-by: Alan Jowett <[email protected]> Related work items: #159141 * Merged PR 30971: Remove PATs from onefuzz task. As per guidance from the OneFuzz team, a PAT is no longer required, so switch to the new option. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30991: Prevent ebpf_program_t from switching between JIT and interpreter Prevent ebpf_program_t from switching between JIT and interpreter. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30992: Improve execution context fuzzer - add link object and speed up fuzzing Improve execution context fuzzer - add link object and speed up fuzzing Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30993: Make helper fuzzer more generic 1. Remove dependency on ebpf_program_t. 2. Bind directly to program info provider. 3. Move ebpf_core_initiate/terminate to global. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 31238: Fix assigned to in .onefuzz\OneFuzzConfig.json Fix assigned to in .onefuzz\OneFuzzConfig.json Signed-off-by: Alan Jowett <[email protected]> * Merged PR 31250: Merge main into feature/security_fix * Merged PR 31358: Add HLK playlist link to the HLK documentation. Add playlist link, whitespace optimizations. * Merged PR 31516: Disable onefuzz on main Disable onefuzz on main Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30823: Quick-guide: how to debug an eBPF program This is a quick guide on how to use WinDbg to debug kernel code on a target machine. * add checks for code_type * Merged PR 31674: Update netebpfext bind context app_id truncation logic for safety _net_ebpf_ext_resource_truncate_appid made some assumptions about the input data it received. In theory, improper data could be passed into ebpf, which could potentially cause a buffer overrun/crash. Additional checks were added to ensure safety of the truncation logic, even if improper input was passed. Additional test cases were added to ensure the truncation logic was safe and validating improper input. Related work items: #159406 * Merged PR 30986: Add LPM map unit tests, fix lookup and input checking bugs ## Description This improves and adds ebpf map unit testing and fixes some bugs. Changes: - `_create_lpm_map`: fixes length calculation for key size bitmap - `max_prefix` should be the passed value, bitmap size gets `+1` to account for max length keys - `_find_lpm_map_entry`: initialize search from search key bit length instead of maximum stored key length - reduces number of hashes to try during lookup (for short keys) and fixes bug of looking for map key longer than passed search key - adds `ebpf_bitmap_start_reverse_search_at` to initialize set bit search to a specific bit index - `_create_array_map_with_map_struct_size`: argument check for value size/capacity combination that allocates >128GB - `_next_lpm_map_key_and_value`/`_next_hash_map_key_and_value` - fix SAL annotation for `next_key` (should be `_Inout_`) - Refactor lpm key handling to use new `ebpf_core_lpm_key_t` struct instead of pointer to prefix length - Add, fix, and extend LPM map unit tests ## Testing Extends the `map_crud_operations_lpm_trie_32` test case and adds a second `[negative]` tagged version which tests operations that shouldn't work (including some edge cases that were previously missed). `map_create_invalid` test case added to try creating various maps with invalid parameters. Extends and refactors `map_crud_operations_lpm_trie_128` ## Documentation Comments in new unit testing functions, and more documentation added in LPM and bitmap code. ## Installation N/A Related work items: #159137, #159144, #159270, #159273 * Merged PR 31697: Add map type validation in debug mode This PR adds map type validation in debug mode. The map type was already checked on creation and is never user-writeable, so these checks are just against code bugs or outside code modifying the type field. In ebpf_maps.c lookup into `ebpf_map_metadata_tables` is now factored out into calls to `ebpf_map_get_table()`, which validates the map type with a debug assert. Related work items: #159405 * Merged PR 31809: Update VM extension script to invoke `export_program_info` This PR contains changes to the VM extension scripts to invoke `export_program_info.exe`. The invocation is kept optional based on whether the file is present or not. This is for 2 reasons: 1. ebpf v0.11 released earlier to IMDS does not contain this exe. So in case of cleanup or rollback, it is possible that the exe is not available. 2. We should ideally change the store implementation to move from registry to file based. Keeping the new code optional allows to change store implementation without requiring the script to mandatorily updated at the same time. * Merged PR 32086: Update ADO pipeline This PR updates the clang version to be used in ADO pipeline. Since the clang version has been updated in GitHub, and correspnding tests have also been updated, CICD is now failing in ADO since then. #### PR Summary This pull request updates the ADO pipeline to use Visual Studio LLVM tools instead of installing LLVM via Chocolatey. - `.pipelines/reusable-build.yml`: Replaced Chocolatey installation of LLVM with Visual Studio LLVM tools installation using PowerShell tasks. - `.pipelines/reusable-build.yml`: Added MSVC LLVM Clang to PATH and logged the CLANG version. - `.pipelines/reusable-build.yml`: Set `VSINSTALLDIR` environment variable. * Merged PR 32085: VM extension script fixes This PR contains 2 changes: 1. Fix the source path for upgrade flow. The script was incorrectly using a hardcoded path. 2. Suppress error messages from `Get-ItemProperty` when querying for registry path. This change is only cosmetic and has no functional impact. ---- #### AI description (iteration 1) #### PR Classification Bug fix for VM extension scripts. #### PR Summary This pull request addresses several issues in the VM extension scripts, primarily focusing on error handling and parameter corrections. - `/.internal/vm-extension/src/scripts/common.ps1`: Added `-ErrorAction SilentlyContinue` to `Get-ItemProperty` to handle missing registry keys gracefully. - Corrected parameter usage in `Update-eBPF` and `InstallOrUpdate-eBPF` functions to ensure the correct source path is used during installation. - Removed trailing whitespace in multiple functions for code cleanliness. * Merged PR 30804: Fix division by zero in batch delete. Fix division by zero in batch delete: `input_count = key_length / map_definition->key_size;` Related work items: #159139 * Merged PR 30814: Fix OneFuzzConfig.json to fuzz feature/security_fix and correctly assign bugs Fix OneFuzzConfig.json to fuzz feature/security_fix and correctly assign bugs Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30825: Reformat IOCTL fuzzing seed to include reply length Reformat IOCTL fuzzing seed to include reply length and regenerate corpus. Issue: The fuzzer was always setting an invalid reply length, even for "good" cases. This results in many paths being blocked because reply length != expected reply length in ebpf_core_invoke_protocol_handler. By including the correct reply length in the seed, we permit the fuzzer to explore more code spaces. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30890: Run all libfuzzers in OneFuzz on the feature/security_fix branch Run all libfuzzers in OneFuzz on the feature/security_fix branch Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30897: _ebpf_program_load_byte_code should reject zero length eBPF programs _ebpf_program_load_byte_code should reject zero length eBPF programs Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30922: Improve verifier coverage by permitting more program types to run. Improve verifier coverage by permitting more program types to run. Due to context create for sample program type, all calls to prog run for a sample program fail with minimal coverage. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30905: Prevent fuzzer from triggering long running bpf_prog_test_run The execution_context_fuzzer can get hung on executing a BPF program if it fuzzes the iteration count to a huge value, resulting in the test timing out after several minutes. This slows the rate of useful fuzzing. Signed-off-by: Alan Jowett <[email protected]> * Fix division by zero in _ebpf_core_protocol_map_update_element_batch Signed-off-by: Alan Jowett <[email protected]> * Fix buffer overflow in ebpf_program_get_info Signed-off-by: Alan Jowett <[email protected]> * Workaround for verifier bug Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30956: Improve code coverage of execution context fuzzer During creation of the various map types, creation of several map types was failing, preventing fuzzing of those maps. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30819: Check LPM key length Check LPM key length Signed-off-by: Alan Jowett <[email protected]> Related work items: #159141 * Merged PR 30991: Prevent ebpf_program_t from switching between JIT and interpreter Prevent ebpf_program_t from switching between JIT and interpreter. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30992: Improve execution context fuzzer - add link object and speed up fuzzing Improve execution context fuzzer - add link object and speed up fuzzing Signed-off-by: Alan Jowett <[email protected]> * Merged PR 30993: Make helper fuzzer more generic 1. Remove dependency on ebpf_program_t. 2. Bind directly to program info provider. 3. Move ebpf_core_initiate/terminate to global. Signed-off-by: Alan Jowett <[email protected]> * Merged PR 31250: Merge main into feature/security_fix * Merged PR 31674: Update netebpfext bind context app_id truncation logic for safety _net_ebpf_ext_resource_truncate_appid made some assumptions about the input data it received. In theory, improper data could be passed into ebpf, which could potentially cause a buffer overrun/crash. Additional checks were added to ensure safety of the truncation logic, even if improper input was passed. Additional test cases were added to ensure the truncation logic was safe and validating improper input. Related work items: #159406 * Merged PR 30986: Add LPM map unit tests, fix lookup and input checking bugs ## Description This improves and adds ebpf map unit testing and fixes some bugs. Changes: - `_create_lpm_map`: fixes length calculation for key size bitmap - `max_prefix` should be the passed value, bitmap size gets `+1` to account for max length keys - `_find_lpm_map_entry`: initialize search from search key bit length instead of maximum stored key length - reduces number of hashes to try during lookup (for short keys) and fixes bug of looking for map key longer than passed search key - adds `ebpf_bitmap_start_reverse_search_at` to initialize set bit search to a specific bit index - `_create_array_map_with_map_struct_size`: argument check for value size/capacity combination that allocates >128GB - `_next_lpm_map_key_and_value`/`_next_hash_map_key_and_value` - fix SAL annotation for `next_key` (should be `_Inout_`) - Refactor lpm key handling to use new `ebpf_core_lpm_key_t` struct instead of pointer to prefix length - Add, fix, and extend LPM map unit tests ## Testing Extends the `map_crud_operations_lpm_trie_32` test case and adds a second `[negative]` tagged version which tests operations that shouldn't work (including some edge cases that were previously missed). `map_create_invalid` test case added to try creating various maps with invalid parameters. Extends and refactors `map_crud_operations_lpm_trie_128` ## Documentation Comments in new unit testing functions, and more documentation added in LPM and bitmap code. ## Installation N/A Related work items: #159137, #159144, #159270, #159273 * Merged PR 31697: Add map type validation in debug mode This PR adds map type validation in debug mode. The map type was already checked on creation and is never user-writeable, so these checks are just against code bugs or outside code modifying the type field. In ebpf_maps.c lookup into `ebpf_map_metadata_tables` is now factored out into calls to `ebpf_map_get_table()`, which validates the map type with a debug assert. Related work items: #159405 * add checks for code_type * fix bad merge * Override `bpf_get_current_pid_tgid` for sock_ops hook. (#3765) * initial changes. * sock_addr. * fixes. * Update include/ebpf_nethooks.h Co-authored-by: Dave Thaler <[email protected]> --------- Co-authored-by: Dave Thaler <[email protected]> * Add ADO pipelines (#3741) Signed-off-by: Alan Jowett <[email protected]> Co-authored-by: Alan Jowett <[email protected]> * Bump external/ubpf from `19cd22c` to `762a98d` (#3783) Bumps [external/ubpf](https://github.com/iovisor/ubpf) from `19cd22c` to `762a98d`. - [Commits](iovisor/ubpf@19cd22c...762a98d) --- updated-dependencies: - dependency-name: external/ubpf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump external/usersim from `46c6b4a` to `ca8f2de` (#3782) Bumps [external/usersim](https://github.com/microsoft/usersim) from `46c6b4a` to `ca8f2de`. - [Commits](microsoft/usersim@46c6b4a...ca8f2de) --- updated-dependencies: - dependency-name: external/usersim dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump external/ebpf-verifier from `dc2d6ea` to `cd9344b` (#3784) Bumps [external/ebpf-verifier](https://github.com/vbpf/ebpf-verifier) from `dc2d6ea` to `cd9344b`. - [Release notes](https://github.com/vbpf/ebpf-verifier/releases) - [Commits](vbpf/ebpf-verifier@dc2d6ea...cd9344b) --- updated-dependencies: - dependency-name: external/ebpf-verifier dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github/codeql-action from 3.26.2 to 3.26.5 in the actions group (#3790) Bumps the actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.26.2 to 3.26.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@429e197...2c779ab) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Stamp all tools with version information. (#3792) * Stamp all tools with version information. Signed-off-by: Alan Jowett <[email protected]> * Add commit id to nuget package Signed-off-by: Alan Jowett <[email protected]> * Move versioning to Directory.Build.props Signed-off-by: Alan Jowett <[email protected]> * Set correct project type in sample.vcxproj Signed-off-by: Alan Jowett <[email protected]> * Add version info to fuzz tests Signed-off-by: Alan Jowett <[email protected]> * PR feedback Signed-off-by: Alan Jowett <[email protected]> * Update tests/socket/resource.h Co-authored-by: Dave Thaler <[email protected]> * Revert editor change Signed-off-by: Alan Jowett <[email protected]> --------- Signed-off-by: Alan Jowett <[email protected]> Co-authored-by: Alan Jowett <[email protected]> Co-authored-by: Dave Thaler <[email protected]> * First string functions for ebpf general helpers. (#3780) * Initial progress on function implementations. * Moved code. * Updated kernel project. * Working on parallel user and kernel mode versions. * Work in Progress. * Added tests, added a lot. * Cleaned up test code some, still doesn't build. * Re-enabled some tests. * Got a working set of tests, now to figure out what to do with this in the interim. * Removing as-yet-unimplemented functions for now. * Fixed a name. * Doxygen fixes. Also removed a function header that'll be needed another time. * Got down to one source file, got a build working in user mode. * Renamed string_opts to ebpf_strings * Corrected build issues, removed other extraneous comments. * Fixed the test selection name, and suppressed an analysis error in a Windows header. --------- Co-authored-by: Ben Lewis (REDMOND) <[email protected]> * Bump external/ubpf from `762a98d` to `f1ecb7a` (#3797) Bumps [external/ubpf](https://github.com/iovisor/ubpf) from `762a98d` to `f1ecb7a`. - [Commits](iovisor/ubpf@762a98d...f1ecb7a) --- updated-dependencies: - dependency-name: external/ubpf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump external/usersim from `ca8f2de` to `bded12c` (#3796) Bumps [external/usersim](https://github.com/microsoft/usersim) from `ca8f2de` to `bded12c`. - [Commits](microsoft/usersim@ca8f2de...bded12c) --- updated-dependencies: - dependency-name: external/usersim dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Added ntosext extensions in the GettingStarted.md document. (#3785) * Added ntosext extension in the doc * Addressed PR comment * Update docs/GettingStarted.md Co-authored-by: Dave Thaler <[email protected]> --------- Co-authored-by: Dave Thaler <[email protected]> * relocate installer license to avoid "multiple licenses" text on GitHub (#3802) * Inline _ebpf_adjust_value_pointer to reduce cost of ebpf_map_find_entry (#3804) Signed-off-by: Alan Jowett <[email protected]> Co-authored-by: Alan Jowett <[email protected]> * Bump external/ebpf-verifier from `cd9344b` to `559482c` (#3807) Bumps [external/ebpf-verifier](https://github.com/vbpf/ebpf-verifier) from `cd9344b` to `559482c`. - [Release notes](https://github.com/vbpf/ebpf-verifier/releases) - [Commits](vbpf/ebpf-verifier@cd9344b...559482c) --- updated-dependencies: - dependency-name: external/ebpf-verifier dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump the actions group with 2 updates (#3806) Bumps the actions group with 2 updates: [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/upload-artifact` from 4.3.6 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...5076954) Updates `github/codeql-action` from 3.26.5 to 3.26.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@2c779ab...4dd1613) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Switch to crc32 if available for hashing function (#3803) * Switch to crc32 if available for hashing function Signed-off-by: Alan Jowett <[email protected]> * Only do crc32 when keys are directly accessible Signed-off-by: Alan Jowett <[email protected]> * Minimize branches and extra ALU ops Signed-off-by: Alan Jowett <[email protected]> --------- Signed-off-by: Alan Jowett <[email protected]> Co-authored-by: Alan Jowett <[email protected]> * Multi-attach support for SOCK_ADDR programs (#3751) * initial commit * second commit * third commit * update lock logic * fix analysis errors * backup * Add tests * fix * fix * fix * code refactor * update test * Revert "update test" This reverts commit 6770269. * Revert "code refactor" This reverts commit fae36a7. * Revert "Revert "code refactor"" This reverts commit 3b8e762. * Revert "Revert "update test"" This reverts commit 11610f0. * fix capability in xdp * add tests, remove filter weight * invoke wildcard programs, update tests * fix wildcard invocation logic * fix wildcard invocation logic, remove sleep from concurrency tests * move invocation out of the lock, fix tests * code cleanup, update test * code cleanup * remove trace * cleanup * update wildcard invocation logic * code cleanup * code cleanup * code cleanup, CR comments * cr comments, code cleanup * Update netebpfext/net_ebpf_ext_hook_provider.h Co-authored-by: Dave Thaler <[email protected]> * cr comments * add tests * cr comments * code cleanup * tracing changes * fix sal * code cleanup * code cleanup * Update netebpfext/net_ebpf_ext.h Co-authored-by: Dave Thaler <[email protected]> --------- Co-authored-by: Dave Thaler <[email protected]> fix. * Updated onebranch.vcxproj * Updated post-build.ps1 * Stack expansion in netebpfext (#3817) * expand stack * update usersim submodule * fix analysis build * cr comments * fix analysis failure * cr comments * Update netebpfext/net_ebpf_ext_hook_provider.h Co-authored-by: Dave Thaler <[email protected]> --------- Co-authored-by: Dave Thaler <[email protected]> * Bump external/usersim from `bded12c` to `a1ba035` (#3818) Bumps [external/usersim](https://github.com/microsoft/usersim) from `bded12c` to `a1ba035`. - [Commits](microsoft/usersim@bded12c...a1ba035) --- updated-dependencies: - dependency-name: external/usersim dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * change expanded stack size to 16KB. * Merged PR 11480212: Update store APIs to also update HKLM (#3660) (#3853) Update store APIs to also update HKLM (#3660) (#3853) Cherry-picked from commit `462b8e3c`. ---- #### AI description (iteration 1) #### PR Classification API change to update store APIs to also update HKLM. #### PR Summary This pull request updates the store APIs to handle both HKCU and HKLM registry keys, ensuring that operations are attempted on both keys and errors are suppressed if access to HKLM is denied. - `ebpf_store_helper.c`: Added functions to update and delete program and section information for both HKCU and HKLM. - `store_helper_internal.cpp`: Modified functions to handle both HKCU and HKLM registry keys. - `Product.wxs`: Updated installer scripts to clear and set up eBPF store for both HKCU and HKLM. - `ebpf_store_helper.h` and `ebpf_registry_helper.cpp`: Introduced separate variables for HKCU and HKLM root keys. * Merged PR 11486801: Update version to 0.19.1 update version to 0.19.1 * remove .internal * Miscellaneous fixes. * PR Feedback. --------- Signed-off-by: Alan Jowett <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Gianni Trevisiol <[email protected]> Co-authored-by: Anurag Saxena <[email protected]> Co-authored-by: Microsoft.VisualStudio.Services.TFS <[email protected]> Co-authored-by: Gianni Trevisiol <[email protected]> Co-authored-by: Alan Jowett <[email protected]> Co-authored-by: Alan Jowett <Alan [email protected]> Co-authored-by: Igor Klemenski <[email protected]> Co-authored-by: Shankar Seal <Shankar [email protected]> Co-authored-by: Alan Jowett <[email protected]> Co-authored-by: Matt Ige <[email protected]> Co-authored-by: Michael Agun <[email protected]> Co-authored-by: Dave Thaler <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ben Lewis <[email protected]> Co-authored-by: Ben Lewis (REDMOND) <[email protected]> Co-authored-by: Sharmi <[email protected]> Co-authored-by: Michael Friesen <[email protected]> Co-authored-by: Anurag Saxena <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Testing
_Do any existing tests cover this change? Are new tests needed? N/A
Documentation
_Is there any documentation impact for this change? Yes
Installation
_Is there any installer impact for this change? N/A