Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move filter delete auditing to delete notify callback #3372

Merged
merged 1 commit into from
Mar 22, 2024
Merged

Move filter delete auditing to delete notify callback #3372

merged 1 commit into from
Mar 22, 2024

Conversation

dv-msft
Copy link
Collaborator

@dv-msft dv-msft commented Mar 20, 2024
edited
Loading

Description

This PR moves the audit tracking of filter delete operations to the 'filter-update' notification callback. This call back is the final indicator of a filter being actually deleted by WFP.

Testing

Local testing.

Documentation

No documentation changes required.

Installation

No installer impac.

Fixes #3370

@dv-msft dv-msft changed the title (DARFT PR - NOT FOR REVIEW) - Move filter delete auditing to delete notify callback (DRAFT PR - NOT FOR REVIEW) - Move filter delete auditing to delete notify callback Mar 20, 2024
@dv-msft dv-msft force-pushed the 3370-filter-delete-audit-fix branch from 3f9fdfa to 6081704 Compare March 21, 2024 22:03
@dv-msft dv-msft changed the title (DRAFT PR - NOT FOR REVIEW) - Move filter delete auditing to delete notify callback Move filter delete auditing to delete notify callback Mar 21, 2024
@dv-msft dv-msft marked this pull request as ready for review March 21, 2024 22:10
@dv-msft dv-msft force-pushed the 3370-filter-delete-audit-fix branch from 6d7ed4a to d48e436 Compare March 21, 2024 22:14
@dv-msft dv-msft added this pull request to the merge queue Mar 22, 2024
Merged via the queue into microsoft:main with commit d0b5c62 Mar 22, 2024
80 checks passed
@dv-msft dv-msft deleted the 3370-filter-delete-audit-fix branch March 22, 2024 08:08
shankarseal added a commit to shankarseal/ebpf-for-windows that referenced this pull request Mar 30, 2024
@shankarseal
fix break due to bad merge with PR microsoft#3372
ccfd414
github-merge-queue bot pushed a commit that referenced this pull request Mar 30, 2024
@shankarseal
extension_header (#3326)
fc97354 
* extension_header

* fix logic error.

* Re-purposing the size field to act as the "minor version". Additional validation checks are added.

* PR Feedback.

* fix break due to bad merge with PR #3372
shankarseal added a commit to shankarseal/ebpf-for-windows that referenced this pull request Apr 1, 2024
@shankarseal
extension_header (microsoft#3326)
14c2978 
* extension_header

* fix logic error.

* Re-purposing the size field to act as the "minor version". Additional validation checks are added.

* PR Feedback.

* fix break due to bad merge with PR microsoft#3372
matthewige pushed a commit that referenced this pull request Apr 1, 2024
@shankarseal
extension_header (#3326) (#3414)
74c233a 
* extension_header

* fix logic error.

* Re-purposing the size field to act as the "minor version". Additional validation checks are added.

* PR Feedback.

* fix break due to bad merge with PR #3372
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gtrevi gtrevi gtrevi approved these changes

@shankarseal shankarseal shankarseal approved these changes

@dthaler dthaler Awaiting requested review from dthaler dthaler is a code owner

@poornagmsft poornagmsft Awaiting requested review from poornagmsft poornagmsft is a code owner

@Alan-Jowett Alan-Jowett Awaiting requested review from Alan-Jowett Alan-Jowett is a code owner

@saxena-anurag saxena-anurag Awaiting requested review from saxena-anurag saxena-anurag is a code owner

@shpalani shpalani Awaiting requested review from shpalani shpalani is a code owner

@matthewige matthewige Awaiting requested review from matthewige matthewige is a code owner

@mtfriesen mtfriesen Awaiting requested review from mtfriesen mtfriesen is a code owner

@rectified95 rectified95 Awaiting requested review from rectified95 rectified95 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move 'filter deleted' book-keeping audit trail in netebpfext to the 'notify' callback function
3 participants
@dv-msft @gtrevi @shankarseal