1 // SPDX-License-Identifier: GPL-2.0
2 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
3 #include <linux/init.h>
4 #include <linux/module.h>
5 #include <linux/umh.h>
6 #include <linux/bpfilter.h>
7 #include <linux/sched.h>
8 #include <linux/sched/signal.h>
9 #include <linux/fs.h>
10 #include <linux/file.h>
11 #include "msgfmt.h"
12
13 extern char bpfilter_umh_start;
14 extern char bpfilter_umh_end;
15
shutdown_umh(void)16 static void shutdown_umh(void)
17 {
18 struct task_struct *tsk;
19
20 if (bpfilter_ops.stop)
21 return;
22
23 tsk = get_pid_task(find_vpid(bpfilter_ops.info.pid), PIDTYPE_PID);
24 if (tsk) {
25 send_sig(SIGKILL, tsk, 1);
26 put_task_struct(tsk);
27 }
28 }
29
__stop_umh(void)30 static void __stop_umh(void)
31 {
32 if (IS_ENABLED(CONFIG_INET))
33 shutdown_umh();
34 }
35
__bpfilter_process_sockopt(struct sock * sk,int optname,char __user * optval,unsigned int optlen,bool is_set)36 static int __bpfilter_process_sockopt(struct sock *sk, int optname,
37 char __user *optval,
38 unsigned int optlen, bool is_set)
39 {
40 struct mbox_request req;
41 struct mbox_reply reply;
42 loff_t pos;
43 ssize_t n;
44 int ret = -EFAULT;
45
46 req.is_set = is_set;
47 req.pid = current->pid;
48 req.cmd = optname;
49 req.addr = (long __force __user)optval;
50 req.len = optlen;
51 if (!bpfilter_ops.info.pid)
52 goto out;
53 n = __kernel_write(bpfilter_ops.info.pipe_to_umh, &req, sizeof(req),
54 &pos);
55 if (n != sizeof(req)) {
56 pr_err("write fail %zd\n", n);
57 __stop_umh();
58 ret = -EFAULT;
59 goto out;
60 }
61 pos = 0;
62 n = kernel_read(bpfilter_ops.info.pipe_from_umh, &reply, sizeof(reply),
63 &pos);
64 if (n != sizeof(reply)) {
65 pr_err("read fail %zd\n", n);
66 __stop_umh();
67 ret = -EFAULT;
68 goto out;
69 }
70 ret = reply.status;
71 out:
72 return ret;
73 }
74
start_umh(void)75 static int start_umh(void)
76 {
77 int err;
78
79 /* fork usermode process */
80 err = fork_usermode_blob(&bpfilter_umh_start,
81 &bpfilter_umh_end - &bpfilter_umh_start,
82 &bpfilter_ops.info);
83 if (err)
84 return err;
85 bpfilter_ops.stop = false;
86 pr_info("Loaded bpfilter_umh pid %d\n", bpfilter_ops.info.pid);
87
88 /* health check that usermode process started correctly */
89 if (__bpfilter_process_sockopt(NULL, 0, NULL, 0, 0) != 0) {
90 shutdown_umh();
91 return -EFAULT;
92 }
93
94 return 0;
95 }
96
load_umh(void)97 static int __init load_umh(void)
98 {
99 int err;
100
101 mutex_lock(&bpfilter_ops.lock);
102 if (!bpfilter_ops.stop) {
103 err = -EFAULT;
104 goto out;
105 }
106 err = start_umh();
107 if (!err && IS_ENABLED(CONFIG_INET)) {
108 bpfilter_ops.sockopt = &__bpfilter_process_sockopt;
109 bpfilter_ops.start = &start_umh;
110 }
111 out:
112 mutex_unlock(&bpfilter_ops.lock);
113 return err;
114 }
115
fini_umh(void)116 static void __exit fini_umh(void)
117 {
118 mutex_lock(&bpfilter_ops.lock);
119 if (IS_ENABLED(CONFIG_INET)) {
120 shutdown_umh();
121 bpfilter_ops.start = NULL;
122 bpfilter_ops.sockopt = NULL;
123 }
124 mutex_unlock(&bpfilter_ops.lock);
125 }
126 module_init(load_umh);
127 module_exit(fini_umh);
128 MODULE_LICENSE("GPL");
129