net/bpfilter/bpfilter_kern.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
   3 #include <linux/init.h>
   4 #include <linux/module.h>
   5 #include <linux/umh.h>
   6 #include <linux/bpfilter.h>
   7 #include <linux/sched.h>
   8 #include <linux/sched/signal.h>
   9 #include <linux/fs.h>
  10 #include <linux/file.h>
  11 #include "msgfmt.h"
  12
  13 extern char bpfilter_umh_start;
  14 extern char bpfilter_umh_end;
  15
  16 static void shutdown_umh(void)
  17 {
  18         struct umd_info *info = &bpfilter_ops.info;
  19         struct pid *tgid = info->tgid;
  20
  21         if (tgid) {
  22                 kill_pid(tgid, SIGKILL, 1);
  23                 wait_event(tgid->wait_pidfd, thread_group_exited(tgid));
  24                 bpfilter_umh_cleanup(info);
  25         }
  26 }
  27
  28 static void __stop_umh(void)
  29 {
  30         if (IS_ENABLED(CONFIG_INET))
  31                 shutdown_umh();
  32 }
  33
  34 static int __bpfilter_process_sockopt(struct sock *sk, int optname,
  35                                       char __user *optval,
  36                                       unsigned int optlen, bool is_set)
  37 {
  38         struct mbox_request req;
  39         struct mbox_reply reply;
  40         loff_t pos;
  41         ssize_t n;
  42         int ret = -EFAULT;
  43
  44         req.is_set = is_set;
  45         req.pid = current->pid;
  46         req.cmd = optname;
  47         req.addr = (long __force __user)optval;
  48         req.len = optlen;
  49         if (!bpfilter_ops.info.tgid)
  50                 goto out;
  51         pos = 0;
  52         n = kernel_write(bpfilter_ops.info.pipe_to_umh, &req, sizeof(req),
  53                            &pos);
  54         if (n != sizeof(req)) {
  55                 pr_err("write fail %zd\n", n);
  56                 __stop_umh();
  57                 ret = -EFAULT;
  58                 goto out;
  59         }
  60         pos = 0;
  61         n = kernel_read(bpfilter_ops.info.pipe_from_umh, &reply, sizeof(reply),
  62                         &pos);
  63         if (n != sizeof(reply)) {
  64                 pr_err("read fail %zd\n", n);
  65                 __stop_umh();
  66                 ret = -EFAULT;
  67                 goto out;
  68         }
  69         ret = reply.status;
  70 out:
  71         return ret;
  72 }
  73
  74 static int start_umh(void)
  75 {
  76         int err;
  77
  78         /* fork usermode process */
  79         err = fork_usermode_driver(&bpfilter_ops.info);
  80         if (err)
  81                 return err;
  82         pr_info("Loaded bpfilter_umh pid %d\n", pid_nr(bpfilter_ops.info.tgid));
  83
  84         /* health check that usermode process started correctly */
  85         if (__bpfilter_process_sockopt(NULL, 0, NULL, 0, 0) != 0) {
  86                 shutdown_umh();
  87                 return -EFAULT;
  88         }
  89
  90         return 0;
  91 }
  92
  93 static int __init load_umh(void)
  94 {
  95         int err;
  96
  97         err = umd_load_blob(&bpfilter_ops.info,
  98                             &bpfilter_umh_start,
  99                             &bpfilter_umh_end - &bpfilter_umh_start);
 100         if (err)
 101                 return err;
 102
 103         mutex_lock(&bpfilter_ops.lock);
 104         err = start_umh();
 105         if (!err && IS_ENABLED(CONFIG_INET)) {
 106                 bpfilter_ops.sockopt = &__bpfilter_process_sockopt;
 107                 bpfilter_ops.start = &start_umh;
 108         }
 109         mutex_unlock(&bpfilter_ops.lock);
 110         if (err)
 111                 umd_unload_blob(&bpfilter_ops.info);
 112         return err;
 113 }
 114
 115 static void __exit fini_umh(void)
 116 {
 117         mutex_lock(&bpfilter_ops.lock);
 118         if (IS_ENABLED(CONFIG_INET)) {
 119                 shutdown_umh();
 120                 bpfilter_ops.start = NULL;
 121                 bpfilter_ops.sockopt = NULL;
 122         }
 123         mutex_unlock(&bpfilter_ops.lock);
 124
 125         umd_unload_blob(&bpfilter_ops.info);
 126 }
 127 module_init(load_umh);
 128 module_exit(fini_umh);
 129 MODULE_LICENSE("GPL");