|
| 1 | +# Global Helper Functions from External Drivers |
| 2 | + |
| 3 | +## Overview |
| 4 | + |
| 5 | +This document outlines the requirements for enabling drivers outside of `ebpfcore.sys` to expose global helper functions to eBPF programs without requiring centralized management of helper function IDs. |
| 6 | + |
| 7 | +## Problem Statement |
| 8 | + |
| 9 | +The current eBPF for Windows global helper function system requires: |
| 10 | +- **Global helpers hosted only in `ebpfcore.sys`** limiting extensibility by third-party drivers |
| 11 | +- **Pre-assigned numeric IDs** for all helper functions |
| 12 | +- **Centralized coordination** of helper ID assignments to prevent conflicts |
| 13 | +- **Static ID management** making it difficult for external drivers to expose custom global helper functions |
| 14 | + |
| 15 | +This creates barriers for independent driver development and limits the extensibility of the eBPF ecosystem by preventing external drivers from contributing global helper functions. |
| 16 | + |
| 17 | +## Requirements |
| 18 | + |
| 19 | +### R1: External Driver Global Helper Registration |
| 20 | +- Drivers outside of `ebpfcore.sys` **MUST** be able to register global helper functions as general program information providers |
| 21 | +- The system **MUST** support global helper function registration using descriptive names instead of pre-assigned numeric IDs |
| 22 | +- Registration **MUST** use existing NMR (Network Module Registrar) interfaces without modification |
| 23 | +- External drivers **MUST** be able to register global helpers with `helper_id = -1` to indicate name-based registration |
| 24 | + |
| 25 | +### R2: Elimination of Central ID Coordination |
| 26 | +- Driver developers **MUST NOT** be required to coordinate helper function ID assignments with other drivers |
| 27 | +- The system **MUST** reject registration attempts when multiple drivers try to register helper functions with the same name |
| 28 | +- Helper function names **MUST** be globally unique across all registered providers |
| 29 | +- Helper function ID assignment **MUST** be managed automatically by the runtime |
| 30 | + |
| 31 | +### R3: Per-Program Global Helper Resolution |
| 32 | +- Each eBPF program **MUST** maintain its own stable mapping of global helper function names to IDs |
| 33 | +- Global helper function IDs **MUST** remain consistent for the lifetime of each program |
| 34 | +- The system **MUST** resolve global helper function names to program-specific IDs during program loading |
| 35 | +- Programs **MUST** be able to access global helpers from both `ebpfcore.sys` and external drivers |
| 36 | + |
| 37 | +### R4: Backward Compatibility |
| 38 | +- Existing global helper functions using numeric IDs **MUST** continue to work unchanged |
| 39 | +- Existing driver code **MUST NOT** require modification to continue functioning |
| 40 | +- The bpf2c contract **MUST** remain compatible with existing compiled programs |
| 41 | +- Mixed usage of named and numeric global helper functions **MUST** be supported within the same program |
| 42 | + |
| 43 | +### R5: External Function Call Support |
| 44 | +- eBPF programs compiled from C **MUST** be able to use external function calls that resolve to global helper functions by name |
| 45 | +- The bpf2c compiler **MUST** detect external function calls and mark them for name-based resolution |
| 46 | +- Generated native code **MUST** support both traditional helper IDs and name-based resolution for global helpers |
| 47 | + |
| 48 | +### R6: Multiple General Program Information Provider Support |
| 49 | +- eBPF programs **MUST** be able to utilize global helper functions from multiple general program information providers simultaneously |
| 50 | +- The system **MUST** search across all registered providers (including external drivers) when resolving global helper function names |
| 51 | +- Provider lifecycle events (attach/detach) **MUST** be handled independently for each provider |
| 52 | +- Global helper function name conflicts between providers **MUST** be detected and rejected during registration |
| 53 | + |
| 54 | +### R7: Metadata Integrity |
| 55 | +- Program metadata hashing **MUST** remain consistent between compile-time and runtime for name-based global helpers |
| 56 | +- Hash computation **MUST** exclude helper IDs for name-based global helpers while including all other prototype information |
| 57 | +- Verification **MUST** ensure programs execute with the same global helper function information used during compilation |
| 58 | + |
| 59 | +## Success Criteria |
| 60 | + |
| 61 | +### SC1: Driver Independence |
| 62 | +- Third-party drivers can register custom global helper functions without coordination with Microsoft or other driver developers |
| 63 | +- Global helper function name conflicts are detected and rejected at registration time with clear error messages |
| 64 | + |
| 65 | +### SC2: Developer Experience |
| 66 | +- eBPF program developers can use descriptive global helper function names in their C code |
| 67 | +- Compilation and loading processes handle name resolution transparently |
| 68 | +- Error messages provide clear diagnostics for unresolvable global helper function names |
| 69 | + |
| 70 | +### SC3: System Stability |
| 71 | +- Global helper function ID assignments remain stable throughout each program's lifetime |
| 72 | +- Provider lifecycle events do not disrupt running programs |
| 73 | +- System performance is not significantly impacted by name resolution overhead |
| 74 | + |
| 75 | +### SC4: Ecosystem Growth |
| 76 | +- Independent software vendors can develop eBPF extensions with custom global helper functions without platform dependencies |
| 77 | +- Global helper function libraries can be developed and distributed independently by external drivers |
| 78 | +- Future extensibility is enabled for advanced scenarios (versioning, namespacing, etc.) |
| 79 | + |
| 80 | +## Non-Requirements |
| 81 | + |
| 82 | +- **Dynamic helper function loading** after program compilation is not required |
| 83 | +- **Global helper function versioning** is not required in the initial implementation |
| 84 | +- **Namespace management** for global helper function names is not required |
| 85 | +- **Runtime global helper function replacement** is not required |
| 86 | + |
| 87 | +## Implementation Constraints |
| 88 | + |
| 89 | +- **Zero breaking changes** to existing APIs or driver interfaces |
| 90 | +- **Minimal code modifications** to core eBPF subsystems |
| 91 | +- **Preserve existing performance** characteristics for traditional numeric global helpers |
| 92 | +- **Maintain security model** for global helper function access and verification |
| 93 | + |
| 94 | +## Conclusion |
| 95 | + |
| 96 | +This requirements document establishes the foundation for enabling external drivers to expose global helper functions to eBPF programs, creating a more flexible and developer-friendly eBPF helper function ecosystem while maintaining complete backward compatibility and system integrity. The solution must eliminate coordination barriers for independent driver development while preserving the reliability and security of the existing eBPF platform. |
0 commit comments