Build ebpfcore as a DLL for testing

[dthaler]

Description

• Update to latest usersim
• Fix bug in libbpf_link.cpp found by latest usersim, where ebpf_free() was being used to free memory allocated by strdup() rather than an ebpf allocator
• Fix memory leaks in libbpf_program.cpp where strdup() was used to allocate memory that was never freed
• Fix bugs in test_helper.cpp found by latest usersim, where ebpf_free() was being used to free memory allocated by new.
• Fixed bug found by latest usersim, where ebpf_program.c used ebpf_free() to free memory allocated by ubpf_user.c using calloc(). ubpf_kernel.c already redefined it to use ebpf_alloc but ubpf_user.c didn't match.
• Fix mismatched alloc/free in verifier_fuzzer found by usersim. The verifier_fuzzer called an API that allocated memory using ebpf_allocate() but verifier_fuzzer then called free()
• Build ebpfcore_usersim.dll using the same files as used for ebpfcore.sys.
• Add a test case that exercises the DriverEntry/DriverUnload code paths.

Testing

Tests will be expanded in the future once IOCTL support is added to usersim.

Documentation

No impact.

Installation

Installer files are updated in this PR.

[dthaler]

Blocked on iovisor/ubpf#335

[codecov]

Codecov Report

Merging #2744 (0b18e21) into main (000aed1) will decrease coverage by 1.21%.
The diff coverage is 82.35%.

@@            Coverage Diff             @@
##             main    #2744      +/-   ##
==========================================
- Coverage   87.23%   86.02%   -1.21%     
==========================================
  Files         129      137       +8     
  Lines       25314    25845     +531     
==========================================
+ Hits        22082    22234     +152     
- Misses       3232     3611     +379     

Files Changed	Coverage Δ
libs/platform/user/framework.h	100.00% <ø> (ø)
tests/end_to_end/end_to_end.cpp	97.90% <ø> (ø)
libs/api/libbpf_program.cpp	83.24% <66.66%> (-0.75%)	⬇️
libs/api/libbpf_link.cpp	94.44% <100.00%> (ø)
libs/platform/ebpf_platform.c	90.41% <100.00%> (-0.41%)	⬇️
tests/end_to_end/test_helper.cpp	87.00% <100.00%> (ø)
tests/unit/ebpfcore_test.cpp	100.00% <100.00%> (ø)

... and 15 files with indirect coverage changes

[saxena-anurag]

strdup() internally calls malloc(). Before the usersim changes, the user mode implementation of ebpf_free() called free(), which was correct, as it matched with the corresponding malloc() in strdup().

Now it looks like there is only one implementation of ebpf_free(), both for user mode and kernel mode, and it calls ExFreePool(). So, for user mode code also, we are invoking user sim implementation of ExFreePool(). So 2 levels of indirection.

Is this expected?

[dthaler]

Until #2677 is done, yes this is expected.

[saxena-anurag]

It looks like there are 2 versions of MIDL_user_allocate() currently in the repo. The client version is calling ebpf_allocate(), whereas the server version is calling malloc().

If we change the implementation of the server version to also call ebpf_allocate(), then do we still need this change?

[dthaler]

Done

[saxena-anurag]

unrelated to changes in this PR: we are allocating memory in failure path. Instead should we instead save the pin paths generated when pinning the programs, and use the same in the failure case?