update guide for writing extensions with considerations about porting programs from linux to windows

[dthaler]

Currently we reuse the same BPF_PROG_TYPE_XDP define, but the prototype for the hook is quite different.

We could: a) document the differences, so that anyone trying to write cross-platform code would need ifdefs or similar, or b) change the program type define to not claim to be XDP until the prototype matches, or c) align the prototype more closely with Linux (this would be my preference)

The problem often goes unnoticed until verification fails unexpectedly due to the xdp context having different offsets than linux and the program hard coding the xdp context structure it expects, which of course won't match what the windows hook currently has.

The windows ebpf_nethooks.h currently has:

typedef struct xdp_md
{
    void* data;         ///< Pointer to start of packet data.
    void* data_end;     ///< Pointer to end of packet data.
    uint64_t data_meta; ///< Packet metadata.

    /* size: 12, cachelines: 1, members: 3 */
    /* last cacheline: 12 bytes */
    unsigned int ingress_ifindex;

} xdp_md_t;

Note in particular that data and data_end are void*, so the offset of data_end would be 8 on a 64-bit machine, and the offset of data_meta would be 16.

On Linux, the offset of data_end is apparently 4 and the offset of data_meta is 16, (i.e., 32-bit fields), even on 64-bit machines.

[shankarseal]

Do you know why is this the case?

On Linux, the offset of data_end is apparently 4 and the offset of data_meta is 16, (i.e., 32-bit fields), even on 64-bit machines.

[dthaler]

Updating this to say this is tracking option a above (documentation). Suggestion is a markdown for porting programs from linux to windows.