search

microsoft / ebpf-for-windows

eBPF implementation that runs on top of Windows
MIT License
2.87k stars 224 forks source link

Add support for program loading flags #3657

Closed Alan-Jowett closed 1 month ago

Alan-Jowett commented 3 months ago

Resolves: #3576

Description

This pull request primarily focuses on enhancing the eBPF extension data structures and related functionalities. The changes include the introduction of new fields, versioning of extension data structures, and modifications to improve the handling of program flags.

Key changes:

  1. Changes to eBPF extension data structures:

    • docs/eBpfExtensions.md: Added capabilities field to the struct used for specifying the attach type supported by the extension. Also, introduced versioning for the extension data structure and recommended support for version 1 as version 0 will be deprecated eventually. [1] [2] [3]
    • include/ebpf_extension.h: Introduced ebpf_extension_data_v0_t and ebpf_extension_data_v1_t to represent version 0 and version 1 of the extension data structure respectively. The version 1 structure includes additional fields for capabilities, data size, and program attach flags. [1] [2]
    • include/ebpf_windows.h: Added macros for version 1 of the eBPF extension data structures and warned about the deprecation of version 1 in a future release.

  2. Changes related to program flags:

    • include/bpf/libbpf.h, libs/api/api_internal.h, libs/api/ebpf_api.cpp, libs/api/libbpf_program.cpp, libs/execution_context/ebpf_core.c, libs/execution_context/ebpf_link.c: Added methods to query and set BPF program flags. Also, modified the ebpf_program_t struct to include a flags field. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15]

  3. Changes in the ebpfapi/Source.def file:

    • Added bpf_program__flags and bpf_program__set_flags to the list of exports. [1] [2]

Testing

CI/CD

Documentation

Document new EBPF_ATTACH_CLIENT_DATA_VERSION_V1 structure.

Installation

No.

Alan-Jowett commented 3 months ago

Marking as draft until failure is root caused.

Alan-Jowett commented 3 months ago

Converting to draft until I figure out why it started failing.

Alan-Jowett commented 3 months ago

@dthaler Would you mind taking another look at this? There were some fairly significant changes required to make this work with older extensions (XDP and some internal ones) that weren't correctly checking the version fields.

The updated model requires the attach provider to declare that they support the new version of the data structures to prevent breaking older versions that didn't.

dthaler commented 2 months ago

Tentatively approving though I have two outstanding questions that might warrant changes

Alan-Jowett commented 1 month ago

Closing in favor of #3763