1// SPDX-License-Identifier: GPL-2.0
2#include <linux/init.h>
3#include <linux/module.h>
4#include <linux/uaccess.h>
5#include <linux/bpfilter.h>
6#include <uapi/linux/bpf.h>
7#include <linux/wait.h>
8#include <linux/kmod.h>
9#include <linux/fs.h>
10#include <linux/file.h>
11
12struct bpfilter_umh_ops bpfilter_ops;
13EXPORT_SYMBOL_GPL(bpfilter_ops);
14
15static void bpfilter_umh_cleanup(struct umh_info *info)
16{
17 mutex_lock(&bpfilter_ops.lock);
18 bpfilter_ops.stop = true;
19 fput(info->pipe_to_umh);
20 fput(info->pipe_from_umh);
21 info->pid = 0;
22 mutex_unlock(&bpfilter_ops.lock);
23}
24
25static int bpfilter_mbox_request(struct sock *sk, int optname,
26 char __user *optval,
27 unsigned int optlen, bool is_set)
28{
29 int err;
30 mutex_lock(&bpfilter_ops.lock);
31 if (!bpfilter_ops.sockopt) {
32 mutex_unlock(&bpfilter_ops.lock);
33 err = request_module("bpfilter");
34 mutex_lock(&bpfilter_ops.lock);
35
36 if (err)
37 goto out;
38 if (!bpfilter_ops.sockopt) {
39 err = -ECHILD;
40 goto out;
41 }
42 }
43 if (bpfilter_ops.stop) {
44 err = bpfilter_ops.start();
45 if (err)
46 goto out;
47 }
48 err = bpfilter_ops.sockopt(sk, optname, optval, optlen, is_set);
49out:
50 mutex_unlock(&bpfilter_ops.lock);
51 return err;
52}
53
54int bpfilter_ip_set_sockopt(struct sock *sk, int optname, char __user *optval,
55 unsigned int optlen)
56{
57 return bpfilter_mbox_request(sk, optname, optval, optlen, true);
58}
59
60int bpfilter_ip_get_sockopt(struct sock *sk, int optname, char __user *optval,
61 int __user *optlen)
62{
63 int len;
64
65 if (get_user(len, optlen))
66 return -EFAULT;
67
68 return bpfilter_mbox_request(sk, optname, optval, len, false);
69}
70
71static int __init bpfilter_sockopt_init(void)
72{
73 mutex_init(&bpfilter_ops.lock);
74 bpfilter_ops.stop = true;
75 bpfilter_ops.info.cmdline = "bpfilter_umh";
76 bpfilter_ops.info.cleanup = &bpfilter_umh_cleanup;
77
78 return 0;
79}
80
81module_init(bpfilter_sockopt_init);
82