Consume ebpf-extension-common

[LakshK98]

Description

ebpf-extensions-common now provides shared extension code for rundown protection and tracelogging. This PR adds it as a submodule and removes the corresponding local implementations.

The changes are functionally equivalent to the existing code, with one exception: ntosebpfext.sys and neteventebpfext.sys previously shared the same ETW trace provider (name and GUID). Since these are separate driver binaries, this PR gives each its own provider to avoid ambiguous traces.

Closes #335

Testing

CI/CD

Documentation

NA

Installation

NA

[Copilot]

Pull request overview

This PR introduces the ebpf-extension-common submodule and wires it into the solution/projects to consume shared user-mode and kernel-mode components (notably the shared rundown API).

Changes:

• Add external/ebpf-extension-common as a git submodule and include its UM/KM projects in the solution.
• Link extension projects (and unit tests) against ebpf_extension_common_um/lib and ebpf_extension_common_km.lib, and add the shared include path.
• Replace local rundown implementation in ebpf_ext_hook_provider.c with shared rundown APIs.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
tests/ntosebpfext/ntosebpfext_unit/ntosebpfext_unit.vcxproj	Adds project reference to the shared UM common library for unit tests.
tests/neteventebpfext/neteventebpfext_unit/neteventebpfext_unit.vcxproj	Adds project reference to the shared UM common library for unit tests.
ntosebpfext.sln	Adds KM/UM common projects and configuration mappings into the solution.
libs/ebpf_ext/ebpf_ext_hook_provider.c	Switches from a local rundown struct/functions to shared rundown APIs.
external/ebpf-extension-common	Adds the submodule commit pointer for the new dependency.
ebpf_extensions/ntosebpfext/user/ntosebpfext_user.vcxproj	Adds include path, links UM common lib, and adds project reference.
ebpf_extensions/ntosebpfext/sys/ntosebpfext.vcxproj	Adds include path, links KM common lib, and adds project reference.
ebpf_extensions/neteventebpfext/user/neteventebpfext_user.vcxproj	Adds include path and project reference to UM common.
ebpf_extensions/neteventebpfext/sys/neteventebpfext.vcxproj	Adds include path, links KM common lib, and adds project reference.
.gitmodules	Registers the new ebpf-extension-common submodule and its remote URL.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The submodule URL points to a personal fork (LakshK98). For supply-chain/security and long-term reliability, it’s better to depend on the canonical upstream (or an organization-owned mirror) rather than an individual fork. Update the submodule URL to the official/maintained repository location intended for production use.

Suggested change

	url = https://github.com/LakshK98/ebpf-extension-common.git
	url = https://github.com/microsoft/ebpf-extension-common.git

[Copilot]

Pull request overview

Copilot reviewed 20 out of 20 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 20 out of 20 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.