1139804Simp/*- 265534Salfred * Copyright (c) 2000 Paycounter, Inc. 3143427Srwatson * Copyright (c) 2005 Robert N. M. Watson 465534Salfred * Author: Alfred Perlstein <alfred@paycounter.com>, <alfred@FreeBSD.org> 561837Salfred * All rights reserved. 661837Salfred * 761837Salfred * Redistribution and use in source and binary forms, with or without 861837Salfred * modification, are permitted provided that the following conditions 961837Salfred * are met: 1061837Salfred * 1. Redistributions of source code must retain the above copyright 1161837Salfred * notice, this list of conditions and the following disclaimer. 1261837Salfred * 2. Redistributions in binary form must reproduce the above copyright 1361837Salfred * notice, this list of conditions and the following disclaimer in the 1461837Salfred * documentation and/or other materials provided with the distribution. 1561837Salfred * 1661837Salfred * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1761837Salfred * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1861837Salfred * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1961837Salfred * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2061837Salfred * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2161837Salfred * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2261837Salfred * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2361837Salfred * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2461837Salfred * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2561837Salfred * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2661837Salfred * SUCH DAMAGE. 2761837Salfred */ 2861837Salfred 29116182Sobrien#include <sys/cdefs.h> 30116182Sobrien__FBSDID("$FreeBSD$"); 31116182Sobrien 3261837Salfred#define ACCEPT_FILTER_MOD 3361837Salfred 3477598Sjesper#include "opt_param.h" 3561837Salfred#include <sys/param.h> 3661837Salfred#include <sys/systm.h> 3761837Salfred#include <sys/domain.h> 3861837Salfred#include <sys/kernel.h> 39129920Srwatson#include <sys/lock.h> 4061837Salfred#include <sys/malloc.h> 4161837Salfred#include <sys/mbuf.h> 42129876Sphk#include <sys/module.h> 43129920Srwatson#include <sys/mutex.h> 4461837Salfred#include <sys/protosw.h> 4565534Salfred#include <sys/sysctl.h> 4661837Salfred#include <sys/socket.h> 4761837Salfred#include <sys/socketvar.h> 4861837Salfred#include <sys/queue.h> 4961837Salfred 50129920Srwatsonstatic struct mtx accept_filter_mtx; 51129920SrwatsonMTX_SYSINIT(accept_filter, &accept_filter_mtx, "accept_filter_mtx", 52129920Srwatson MTX_DEF); 53129920Srwatson#define ACCEPT_FILTER_LOCK() mtx_lock(&accept_filter_mtx) 54129920Srwatson#define ACCEPT_FILTER_UNLOCK() mtx_unlock(&accept_filter_mtx) 55129920Srwatson 5661837Salfredstatic SLIST_HEAD(, accept_filter) accept_filtlsthd = 57201145Santoine SLIST_HEAD_INITIALIZER(accept_filtlsthd); 5861837Salfred 5961837SalfredMALLOC_DEFINE(M_ACCF, "accf", "accept filter data"); 6061837Salfred 6165534Salfredstatic int unloadable = 0; 6265534Salfred 63269142SmarcelSYSCTL_NODE(_net, OID_AUTO, accf, CTLFLAG_RW, 0, "Accept filters"); 64269142SmarcelSYSCTL_INT(_net_accf, OID_AUTO, unloadable, CTLFLAG_RW, &unloadable, 0, 6565534Salfred "Allow unload of accept filters (not recommended)"); 6665534Salfred 6761837Salfred/* 68142056Srwatson * Must be passed a malloc'd structure so we don't explode if the kld is 69142056Srwatson * unloaded, we leak the struct on deallocation to deal with this, but if a 70142056Srwatson * filter is loaded with the same name as a leaked one we re-use the entry. 7161837Salfred */ 7261837Salfredint 7361837Salfredaccept_filt_add(struct accept_filter *filt) 7461837Salfred{ 7561837Salfred struct accept_filter *p; 7661837Salfred 77129920Srwatson ACCEPT_FILTER_LOCK(); 7861837Salfred SLIST_FOREACH(p, &accept_filtlsthd, accf_next) 7961837Salfred if (strcmp(p->accf_name, filt->accf_name) == 0) { 8061837Salfred if (p->accf_callback != NULL) { 81129920Srwatson ACCEPT_FILTER_UNLOCK(); 8261837Salfred return (EEXIST); 8361837Salfred } else { 8461837Salfred p->accf_callback = filt->accf_callback; 85129920Srwatson ACCEPT_FILTER_UNLOCK(); 86184205Sdes free(filt, M_ACCF); 8761837Salfred return (0); 8861837Salfred } 8961837Salfred } 9061837Salfred 9161837Salfred if (p == NULL) 9261837Salfred SLIST_INSERT_HEAD(&accept_filtlsthd, filt, accf_next); 93129920Srwatson ACCEPT_FILTER_UNLOCK(); 9461837Salfred return (0); 9561837Salfred} 9661837Salfred 9761837Salfredint 9861837Salfredaccept_filt_del(char *name) 9961837Salfred{ 10061837Salfred struct accept_filter *p; 10161837Salfred 10261837Salfred p = accept_filt_get(name); 10361837Salfred if (p == NULL) 10461837Salfred return (ENOENT); 10561837Salfred 10661837Salfred p->accf_callback = NULL; 10761837Salfred return (0); 10861837Salfred} 10961837Salfred 11061837Salfredstruct accept_filter * 11161837Salfredaccept_filt_get(char *name) 11261837Salfred{ 11361837Salfred struct accept_filter *p; 11461837Salfred 115129920Srwatson ACCEPT_FILTER_LOCK(); 11661837Salfred SLIST_FOREACH(p, &accept_filtlsthd, accf_next) 11761837Salfred if (strcmp(p->accf_name, name) == 0) 118129920Srwatson break; 119129920Srwatson ACCEPT_FILTER_UNLOCK(); 12061837Salfred 121129920Srwatson return (p); 12261837Salfred} 12361837Salfred 12461837Salfredint 12561837Salfredaccept_filt_generic_mod_event(module_t mod, int event, void *data) 12661837Salfred{ 12761837Salfred struct accept_filter *p; 12861837Salfred struct accept_filter *accfp = (struct accept_filter *) data; 129142060Srwatson int error; 13061837Salfred 13161837Salfred switch (event) { 13261837Salfred case MOD_LOAD: 133184205Sdes p = malloc(sizeof(*p), M_ACCF, 134142056Srwatson M_WAITOK); 13561837Salfred bcopy(accfp, p, sizeof(*p)); 13661837Salfred error = accept_filt_add(p); 13761837Salfred break; 13861837Salfred 13961837Salfred case MOD_UNLOAD: 14063645Salfred /* 141142056Srwatson * Do not support unloading yet. we don't keep track of 142142056Srwatson * refcounts and unloading an accept filter callback and then 143142056Srwatson * having it called is a bad thing. A simple fix would be to 144142056Srwatson * track the refcount in the struct accept_filter. 14563645Salfred */ 14665534Salfred if (unloadable != 0) { 14765534Salfred error = accept_filt_del(accfp->accf_name); 14865534Salfred } else 14965534Salfred error = EOPNOTSUPP; 15061837Salfred break; 15161837Salfred 15261837Salfred case MOD_SHUTDOWN: 15361837Salfred error = 0; 15461837Salfred break; 15561837Salfred 15661837Salfred default: 15761837Salfred error = EOPNOTSUPP; 15861837Salfred break; 15961837Salfred } 16061837Salfred 16161837Salfred return (error); 16261837Salfred} 163142058Srwatson 164142058Srwatsonint 165143463Srwatsondo_getopt_accept_filter(struct socket *so, struct sockopt *sopt) 166143463Srwatson{ 167143463Srwatson struct accept_filter_arg *afap; 168143463Srwatson int error; 169143463Srwatson 170143463Srwatson error = 0; 171184205Sdes afap = malloc(sizeof(*afap), M_TEMP, 172143463Srwatson M_WAITOK | M_ZERO); 173143463Srwatson SOCK_LOCK(so); 174143463Srwatson if ((so->so_options & SO_ACCEPTCONN) == 0) { 175143463Srwatson error = EINVAL; 176143463Srwatson goto out; 177143463Srwatson } 178147300Smaxim if ((so->so_options & SO_ACCEPTFILTER) == 0) { 179147300Smaxim error = EINVAL; 180143463Srwatson goto out; 181147300Smaxim } 182143463Srwatson strcpy(afap->af_name, so->so_accf->so_accept_filter->accf_name); 183143463Srwatson if (so->so_accf->so_accept_filter_str != NULL) 184143463Srwatson strcpy(afap->af_arg, so->so_accf->so_accept_filter_str); 185143463Srwatsonout: 186143463Srwatson SOCK_UNLOCK(so); 187143463Srwatson if (error == 0) 188143463Srwatson error = sooptcopyout(sopt, afap, sizeof(*afap)); 189184205Sdes free(afap, M_TEMP); 190143463Srwatson return (error); 191143463Srwatson} 192143463Srwatson 193143463Srwatsonint 194142060Srwatsondo_setopt_accept_filter(struct socket *so, struct sockopt *sopt) 195142058Srwatson{ 196142060Srwatson struct accept_filter_arg *afap; 197142060Srwatson struct accept_filter *afp; 198142060Srwatson struct so_accf *newaf; 199142060Srwatson int error = 0; 200142058Srwatson 201142058Srwatson /* 202143427Srwatson * Handle the simple delete case first. 203142058Srwatson */ 204147300Smaxim if (sopt == NULL || sopt->sopt_val == NULL) { 205143427Srwatson SOCK_LOCK(so); 206143427Srwatson if ((so->so_options & SO_ACCEPTCONN) == 0) { 207143427Srwatson SOCK_UNLOCK(so); 208143427Srwatson return (EINVAL); 209143427Srwatson } 210142058Srwatson if (so->so_accf != NULL) { 211142058Srwatson struct so_accf *af = so->so_accf; 212142058Srwatson if (af->so_accept_filter != NULL && 213142058Srwatson af->so_accept_filter->accf_destroy != NULL) { 214142058Srwatson af->so_accept_filter->accf_destroy(so); 215142058Srwatson } 216143427Srwatson if (af->so_accept_filter_str != NULL) 217184205Sdes free(af->so_accept_filter_str, M_ACCF); 218184205Sdes free(af, M_ACCF); 219142058Srwatson so->so_accf = NULL; 220142058Srwatson } 221142058Srwatson so->so_options &= ~SO_ACCEPTFILTER; 222142058Srwatson SOCK_UNLOCK(so); 223142058Srwatson return (0); 224142058Srwatson } 225143427Srwatson 226143427Srwatson /* 227143461Srwatson * Pre-allocate any memory we may need later to avoid blocking at 228143461Srwatson * untimely moments. This does not optimize for invalid arguments. 229143427Srwatson */ 230184205Sdes afap = malloc(sizeof(*afap), M_TEMP, 231142058Srwatson M_WAITOK); 232142058Srwatson error = sooptcopyin(sopt, afap, sizeof *afap, sizeof *afap); 233142058Srwatson afap->af_name[sizeof(afap->af_name)-1] = '\0'; 234142058Srwatson afap->af_arg[sizeof(afap->af_arg)-1] = '\0'; 235142058Srwatson if (error) { 236184205Sdes free(afap, M_TEMP); 237142058Srwatson return (error); 238142058Srwatson } 239142058Srwatson afp = accept_filt_get(afap->af_name); 240142058Srwatson if (afp == NULL) { 241184205Sdes free(afap, M_TEMP); 242142058Srwatson return (ENOENT); 243142058Srwatson } 244142058Srwatson /* 245143461Srwatson * Allocate the new accept filter instance storage. We may 246143461Srwatson * have to free it again later if we fail to attach it. If 247143461Srwatson * attached properly, 'newaf' is NULLed to avoid a free() 248143461Srwatson * while in use. 249142058Srwatson */ 250184205Sdes newaf = malloc(sizeof(*newaf), M_ACCF, M_WAITOK | 251142058Srwatson M_ZERO); 252142058Srwatson if (afp->accf_create != NULL && afap->af_name[0] != '\0') { 253142058Srwatson int len = strlen(afap->af_name) + 1; 254184205Sdes newaf->so_accept_filter_str = malloc(len, M_ACCF, 255142058Srwatson M_WAITOK); 256142058Srwatson strcpy(newaf->so_accept_filter_str, afap->af_name); 257142058Srwatson } 258142058Srwatson 259143461Srwatson /* 260143461Srwatson * Require a listen socket; don't try to replace an existing filter 261143461Srwatson * without first removing it. 262143461Srwatson */ 263142058Srwatson SOCK_LOCK(so); 264143461Srwatson if (((so->so_options & SO_ACCEPTCONN) == 0) || 265143461Srwatson (so->so_accf != NULL)) { 266142058Srwatson error = EINVAL; 267142058Srwatson goto out; 268142058Srwatson } 269143461Srwatson 270142058Srwatson /* 271143461Srwatson * Invoke the accf_create() method of the filter if required. The 272143461Srwatson * socket mutex is held over this call, so create methods for filters 273143461Srwatson * can't block. 274142058Srwatson */ 275142058Srwatson if (afp->accf_create != NULL) { 276142058Srwatson newaf->so_accept_filter_arg = 277142058Srwatson afp->accf_create(so, afap->af_arg); 278142058Srwatson if (newaf->so_accept_filter_arg == NULL) { 279142058Srwatson error = EINVAL; 280142058Srwatson goto out; 281142058Srwatson } 282142058Srwatson } 283142058Srwatson newaf->so_accept_filter = afp; 284142058Srwatson so->so_accf = newaf; 285142058Srwatson so->so_options |= SO_ACCEPTFILTER; 286142058Srwatson newaf = NULL; 287142058Srwatsonout: 288142058Srwatson SOCK_UNLOCK(so); 289142058Srwatson if (newaf != NULL) { 290142058Srwatson if (newaf->so_accept_filter_str != NULL) 291184205Sdes free(newaf->so_accept_filter_str, M_ACCF); 292184205Sdes free(newaf, M_ACCF); 293142058Srwatson } 294142058Srwatson if (afap != NULL) 295184205Sdes free(afap, M_TEMP); 296142058Srwatson return (error); 297142058Srwatson} 298