Use earlier introduced infrastructure and handle setsockopt(2) calls.
Co-developed-by: Dmitrii Banshchikov me@ubique.spb.ru Signed-off-by: Dmitrii Banshchikov me@ubique.spb.ru Signed-off-by: Quentin Deslandes qde@naccy.de --- net/bpfilter/main.c | 132 ++++++++++++++++++++++++++++++-------------- 1 file changed, 90 insertions(+), 42 deletions(-)
diff --git a/net/bpfilter/main.c b/net/bpfilter/main.c index 291a92546246..c157277c48b5 100644 --- a/net/bpfilter/main.c +++ b/net/bpfilter/main.c @@ -1,64 +1,112 @@ // SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (c) 2021 Telegram FZ-LLC + * Copyright (c) 2022 Meta Platforms, Inc. and affiliates. + */ + #define _GNU_SOURCE -#include <sys/uio.h> + #include <errno.h> #include <stdio.h> -#include <sys/socket.h> -#include <fcntl.h> +#include <stdlib.h> +#include <sys/types.h> #include <unistd.h> -#include "../../include/uapi/linux/bpf.h" -#include <asm/unistd.h> + +#include "context.h" +#include "filter-table.h" +#include "logger.h" #include "msgfmt.h" +#include "sockopt.h"
-FILE *debug_f; +#define do_exact(fd, op, buffer, count) \ + ({ \ + typeof(count) __count = count; \ + size_t total = 0; \ + int r = 0; \ + \ + do { \ + const ssize_t part = op(fd, (buffer) + total, (__count) - total); \ + if (part > 0) { \ + total += part; \ + } else if (part == 0 && (__count) > 0) { \ + r = -EIO; \ + break; \ + } else if (part == -1) { \ + if (errno == EINTR) \ + continue; \ + r = -errno; \ + break; \ + } \ + } while (total < (__count)); \ + \ + r; \ + })
-static int handle_get_cmd(struct mbox_request *cmd) +static int read_exact(int fd, void *buffer, size_t count) { - switch (cmd->cmd) { - case 0: - return 0; - default: - break; - } - return -ENOPROTOOPT; + return do_exact(fd, read, buffer, count); +} + +static int write_exact(int fd, const void *buffer, size_t count) +{ + return do_exact(fd, write, buffer, count); }
-static int handle_set_cmd(struct mbox_request *cmd) +static int setup_context(struct context *ctx) { - return -ENOPROTOOPT; + int r; + + r = logger_init(); + if (r < 0) + return r; + + BFLOG_DBG("log file opened and ready to use"); + + r = create_filter_table(ctx); + if (r < 0) + BFLOG_ERR("failed to created filter table: %s", STRERR(r)); + + return r; }
-static void loop(void) +static void loop(struct context *ctx) { - while (1) { - struct mbox_request req; - struct mbox_reply reply; - int n; - - n = read(0, &req, sizeof(req)); - if (n != sizeof(req)) { - fprintf(debug_f, "invalid request %d\n", n); - return; - } - - reply.status = req.is_set ? - handle_set_cmd(&req) : - handle_get_cmd(&req); - - n = write(1, &reply, sizeof(reply)); - if (n != sizeof(reply)) { - fprintf(debug_f, "reply failed %d\n", n); - return; - } + struct mbox_request req; + struct mbox_reply reply; + int r; + + for (;;) { + r = read_exact(STDIN_FILENO, &req, sizeof(req)); + if (r) + BFLOG_EMERG("cannot read request: %s", STRERR(r)); + + reply.status = handle_sockopt_request(ctx, &req); + + r = write_exact(STDOUT_FILENO, &reply, sizeof(reply)); + if (r) + BFLOG_EMERG("cannot write reply: %s", STRERR(r)); } }
int main(void) { - debug_f = fopen("/dev/kmsg", "w"); - setvbuf(debug_f, 0, _IOLBF, 0); - fprintf(debug_f, "<5>Started bpfilter\n"); - loop(); - fclose(debug_f); + struct context ctx; + int r; + + r = create_context(&ctx); + if (r) + return r; + + r = setup_context(&ctx); + if (r) { + free_context(&ctx); + return r; + } + + loop(&ctx); + + // Disregard return value, the application is closed anyway. + (void)logger_clean(); + return 0; }