export reallocate_packet flag.

include/ebpf_program_types.h

@@ -29,6 +29,8 @@ typedef struct _ebpf_program_type_descriptor
     char is_privileged;
 } ebpf_program_type_descriptor_t;
 
+#define HELPER_FUNCTION_REALLOCATE_PACKET 0x1
+
 typedef struct _ebpf_helper_function_prototype
 {
     uint32_t helper_id;

libs/api_common/store_helper_internal.cpp

@@ -50,8 +50,9 @@ _load_helper_prototype(
 
         // Read serialized helper prototype information.
         char serialized_data[sizeof(ebpf_helper_function_prototype_t)] = {0};
+        bool reallocate_packet = false;
         size_t expected_size = sizeof(helper_prototype->helper_id) + sizeof(helper_prototype->return_type) +
-                               sizeof(helper_prototype->arguments);
+                               sizeof(helper_prototype->arguments) + sizeof(reallocate_packet);
 
         status = ebpf_read_registry_value_binary(
             helper_info_key, EBPF_HELPER_DATA_PROTOTYPE, (uint8_t*)serialized_data, expected_size);
@@ -71,6 +72,10 @@ _load_helper_prototype(
         memcpy(&helper_prototype->arguments, serialized_data + offset, sizeof(helper_prototype->arguments));
         offset += sizeof(helper_prototype->arguments);
 
+        memcpy(&reallocate_packet, serialized_data + offset, sizeof(reallocate_packet));
+        helper_prototype->reallocate_packet = reallocate_packet ? HELPER_FUNCTION_REALLOCATE_PACKET : 0;
+        offset += sizeof(reallocate_packet);
+
         helper_prototype->name =
             cxplat_duplicate_string(ebpf_down_cast_from_wstring(std::wstring(helper_name)).c_str());
         if (helper_prototype->name == nullptr) {

libs/shared/ebpf_serialize.c

@@ -29,6 +29,7 @@ typedef struct _ebpf_serialized_helper_function_prototype
     uint32_t helper_id;
     ebpf_return_type_t return_type;
     ebpf_argument_type_t arguments[5];
+    uint8_t reallocate_packet;
     size_t name_length;
     uint8_t name[1];
 } ebpf_serialized_helper_function_prototype_t;
@@ -462,6 +463,8 @@ ebpf_serialize_program_info(
             for (uint16_t index = 0; index < EBPF_COUNT_OF(helper_prototype->arguments); index++) {
                 serialized_helper_prototype->arguments[index] = helper_prototype->arguments[index];
             }
+            serialized_helper_prototype->reallocate_packet =
+                helper_prototype->reallocate_packet ? HELPER_FUNCTION_REALLOCATE_PACKET : 0;
             serialized_helper_prototype->name_length = helper_function_name_length;
             // Copy the program type descriptor name buffer.
             memcpy(serialized_helper_prototype->name, helper_prototype->name, helper_function_name_length);
@@ -627,12 +630,14 @@ ebpf_deserialize_program_info(
             goto Exit;
         }
 
-        // Serialize helper prototype.
+        // Deserialize helper prototype.
         helper_prototype->helper_id = serialized_helper_prototype->helper_id;
         helper_prototype->return_type = serialized_helper_prototype->return_type;
         for (int i = 0; i < EBPF_COUNT_OF(helper_prototype->arguments); i++) {
             helper_prototype->arguments[i] = serialized_helper_prototype->arguments[i];
         }
+        helper_prototype->reallocate_packet =
+            serialized_helper_prototype->reallocate_packet == HELPER_FUNCTION_REALLOCATE_PACKET;
 
         // Adjust remaining buffer length.
         result = ebpf_safe_size_t_subtract(

libs/store_helper/ebpf_store_helper.c

@@ -40,6 +40,7 @@ _ebpf_store_update_helper_prototype(
     uint32_t offset;
     ebpf_store_key_t helper_function_key = NULL;
     char serialized_data[sizeof(ebpf_helper_function_prototype_t)] = {0};
+    const bool reallocate_packet = helper_info->reallocate_packet;
 
     wchar_t* wide_helper_name = ebpf_get_wstring_from_string(helper_info->name);
     if (wide_helper_name == NULL) {
@@ -62,6 +63,9 @@ _ebpf_store_update_helper_prototype(
     memcpy(serialized_data + offset, helper_info->arguments, sizeof(helper_info->arguments));
     offset += sizeof(helper_info->arguments);
 
+    memcpy(serialized_data + offset, &reallocate_packet, sizeof(reallocate_packet));
+    offset += sizeof(reallocate_packet);
+
     // Save the helper prototype data.
     result = ebpf_write_registry_value_binary(
         helper_function_key, EBPF_HELPER_DATA_PROTOTYPE, (uint8_t*)&serialized_data[0], offset);

netebpfext/net_ebpf_ext_program_info.h

@@ -9,8 +9,6 @@
 
 #define XDP_EXT_HELPER_FUNCTION_START EBPF_MAX_GENERAL_HELPER_FUNCTION
 
-#define HELPER_FUNCTION_REALLOCATE_PACKET 1
-
 // XDP_TEST helper function prototype descriptors.
 static const ebpf_helper_function_prototype_t _xdp_test_ebpf_extension_helper_function_prototype[] = {
     {XDP_EXT_HELPER_FUNCTION_START + 1,

tests/end_to_end/netsh_test.cpp

@@ -371,9 +371,9 @@ TEST_CASE("show verification xdp_adjust_head_unsafe.o", "[netsh][verification]")
                   "\n"
                   "Verification report:\n"
                   "\n"
-                  "; ./tests/sample/unsafe/xdp_adjust_head_unsafe.c:38\n"
+                  "; ./tests/sample/unsafe/xdp_adjust_head_unsafe.c:42\n"
                   ";     ethernet_header->Type = 0x0800;\n"
-                  "16: Upper bound must be at most packet_size (valid_access(r1.offset+26, width=2) for write)\n"
+                  "17: Upper bound must be at most packet_size (valid_access(r1.offset+12, width=2) for write)\n"
                   "\n"
                   "1 errors\n"
                   "\n");

tests/sample/unsafe/xdp_adjust_head_unsafe.c

@@ -20,22 +20,27 @@ xdp_adjust_head_unsafe(xdp_md_t* ctx)
 
     ETHERNET_HEADER* ethernet_header = NULL;
     char* next_header = (char*)ctx->data;
+
+    // Access the Ethernet header fields after checking for safety.
+    // This will pass verifier test.
     if (next_header + sizeof(ETHERNET_HEADER) > (char*)ctx->data_end) {
+        rc = XDP_DROP;
         goto Done;
     }
+    ethernet_header = (ETHERNET_HEADER*)next_header;
+    ethernet_header->Type = 0x0800;
 
-    // Adjust the head of the packet
-    if (bpf_xdp_adjust_head(ctx, sizeof(ETHERNET_HEADER) < 0)) {
+    // Adjust the head of the packet by removing the Ethernet header.
+    if (bpf_xdp_adjust_head(ctx, sizeof(ETHERNET_HEADER)) < 0) {
         rc = XDP_DROP;
         goto Done;
     }
 
     // Access the packet without checking for safety.
-    next_header = (char*)ctx->data + sizeof(ETHERNET_HEADER);
-    ethernet_header = (ETHERNET_HEADER*)next_header;
-
-    // Access the Ethernet header fields.
+    // This will fail verifier test.
+    ethernet_header = (ETHERNET_HEADER*)ctx->data;
     ethernet_header->Type = 0x0800;
+
 Done:
     return rc;
 }

tools/bpf2c/bpf2c.cpp

@@ -117,7 +117,7 @@ get_program_info_type_hash(const std::vector<int32_t>& actual_helper_ids, const
                     byte_range, program_info->program_type_specific_helper_prototype[index].arguments[argument]);
             }
             if (program_info->program_type_specific_helper_prototype[index].reallocate_packet) {
-                hash_t::append_byte_range(byte_range, "reallocate_packet");
+                hash_t::append_byte_range(byte_range, reinterpret_cast<const char*>("reallocate_packet"));
             }
         }
     }

tools/bpf2c/bpf2c.vcxproj

@@ -86,13 +86,13 @@
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
-    <LinkIncremental>true</LinkIncremental>
+    <LinkIncremental>false</LinkIncremental>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='NativeOnlyDebug|x64'">
-    <LinkIncremental>true</LinkIncremental>
+    <LinkIncremental>false</LinkIncremental>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='FuzzerDebug|x64'">
-    <LinkIncremental>true</LinkIncremental>
+    <LinkIncremental>false</LinkIncremental>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
     <LinkIncremental>false</LinkIncremental>
@@ -108,7 +108,7 @@
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
       <AdditionalDependencies>$(FuzzerLibs);%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <PreBuildEvent>
@@ -126,7 +126,7 @@
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
       <AdditionalDependencies>$(FuzzerLibs);%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <PreBuildEvent>
@@ -141,7 +141,7 @@
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
       <AdditionalDependencies>$(FuzzerLibs);%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <PreBuildEvent>
@@ -159,7 +159,7 @@
       <SubSystem>Console</SubSystem>
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
       <OptimizeReferences>true</OptimizeReferences>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
       <AdditionalDependencies>$(FuzzerLibs);%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <PreBuildEvent>
@@ -177,7 +177,7 @@
       <SubSystem>Console</SubSystem>
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
       <OptimizeReferences>true</OptimizeReferences>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <GenerateDebugInformation>DebugFull</GenerateDebugInformation>
       <AdditionalDependencies>$(FuzzerLibs);%(AdditionalDependencies)</AdditionalDependencies>
     </Link>
     <PreBuildEvent>