Conversation
LakshK98
requested review from
matthewige,
mikeagun,
mtfriesen,
poornagmsft,
saxena-anurag and
shankarseal
as code owners
There was a problem hiding this comment.
Pull request overview
This PR adds bpf_prog_test_run test coverage for the ntosebpfext extension, specifically testing the process monitor functionality via bpf_prog_test_run_opts. The implementation includes significant changes to the _ebpf_process_context_create and _ebpf_process_context_destroy functions to support deep copying of UNICODE_STRING buffers.
Changes:
- Added comprehensive test case for process context creation/deletion via bpf_prog_test_run_opts with validation of ring buffer events and map storage
- Modified context_create/destroy functions to perform deep copies of command_line and image_file_name buffers
- Added project dependencies and include paths for utils library
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| tests/ntosebpfext/ntosebpfext_unit/ntosebpfext_unit.vcxproj | Added include paths and project reference for utils library to support the new test |
| tests/ntosebpfext/ntosebpfext_unit/ntos_ebpfext_unit.cpp | Added comprehensive test case with ring buffer callback, positive and negative test scenarios |
| ebpf_extensions/ntosebpfext/ntos_ebpf_ext_process.c | Implemented deep copying of UNICODE_STRING buffers in context_create and updated context_destroy to handle full notify context |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
LakshK98
force-pushed
the
ctx_create_test
branch
from
7766568 to
1bc45fc
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 7 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
LakshK98
force-pushed
the
ctx_create_test
branch
from
6e1b9f5 to
b83ee3e
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
LakshK98
force-pushed
the
ctx_create_test
branch
from
c94fdd1 to
4f7cd75
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
3 participants
Description
Added bpf_prog_test_run test for ntos.
Fixes #142
Testing
CI/CD
Documentation
NA
Installation
NA