Support blocklist in vwifi

Enable ability to use blocklist to block packets from specified
interface.

Support blocklist in vwifi kernel module, used as interfaces pair such
as "owl2 blocks owl1", allow maximum blocklist size to be 1024 bytes
now and maintained as global content within struct owl_content.

Using userspace program to dynamically alter the blocklist maintaining
in vwifi kernel module.

Author: vax-r

blocklist_user.c

@@ -0,0 +1,78 @@
+#include <linux/netlink.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+#define MAX_PAYLOAD 1024
+#define LINE_LENGTH 20
+
+struct sockaddr_nl src_addr, dest_addr;
+struct nlmsghdr *nlh = NULL;
+struct iovec iov;
+int sock_fd;
+struct msghdr msg;
+
+int main()
+{
+    /* Read interface pair from blocklist.txt */
+    char *filename = "./scripts/blocklist.txt";
+    FILE *fp = fopen(filename, "r");
+    if (!fp) {
+        printf("Error: couldn't open file %s\n", filename);
+        exit(1);
+    }
+
+    char buffer[NLMSG_SPACE(MAX_PAYLOAD)];
+    char read_buf[LINE_LENGTH];
+    memset(buffer, '\0', sizeof(buffer));
+
+    while (fgets(read_buf, LINE_LENGTH, fp)) {
+        strcat(buffer, read_buf);
+    }
+    fclose(fp);
+
+    printf("%s", buffer);
+
+    sock_fd = socket(PF_NETLINK, SOCK_RAW, 31);
+    if (sock_fd < 0)
+        return -1;
+
+    memset(&src_addr, 0, sizeof(src_addr));
+    src_addr.nl_family = AF_NETLINK;
+    src_addr.nl_pid = getpid();
+
+    bind(sock_fd, (struct sockaddr *) &src_addr, sizeof(src_addr));
+
+    memset(&dest_addr, 0, sizeof(dest_addr));
+    dest_addr.nl_family = AF_NETLINK;
+    dest_addr.nl_pid = 0;
+    dest_addr.nl_groups = 0;
+
+    nlh = (struct nlmsghdr *) calloc(1, NLMSG_SPACE(MAX_PAYLOAD));
+    memset(nlh, 0, NLMSG_SPACE(MAX_PAYLOAD));
+    nlh->nlmsg_len = NLMSG_SPACE(MAX_PAYLOAD);
+    nlh->nlmsg_pid = getpid();
+    nlh->nlmsg_flags = 0;
+
+    strcpy(NLMSG_DATA(nlh), buffer);
+
+    iov.iov_base = (void *) nlh;
+    iov.iov_len = nlh->nlmsg_len;
+    msg.msg_name = (void *) &dest_addr;
+    msg.msg_namelen = sizeof(dest_addr);
+    msg.msg_iov = &iov;
+    msg.msg_iovlen = 1;
+
+    printf("Sedning message to kernel...\n");
+    sendmsg(sock_fd, &msg, 0);
+    printf("Waiting for message from kernel...\n");
+
+    recvmsg(sock_fd, &msg, 0);
+    printf("Received message payload: %s\n", NLMSG_DATA(nlh));
+
+    close(sock_fd);
+
+    return 0;
+}

scripts/blocklist.txt

@@ -0,0 +1,2 @@
+owl2 blocks owl1
+owl1 blocks owl2

vwifi.c

@@ -14,6 +14,9 @@
 #include <net/cfg80211.h>
 #include <uapi/linux/virtio_net.h>
 
+#include <linux/netlink.h>
+#include <net/sock.h>
+
 MODULE_LICENSE("Dual MIT/GPL");
 MODULE_AUTHOR("National Cheng Kung University, Taiwan");
 MODULE_DESCRIPTION("virtual cfg80211 driver");
@@ -60,6 +63,7 @@ struct owl_context {
     enum vwifi_state state;    /**< indicate the program state */
     struct list_head vif_list; /**< maintaining all interfaces */
     struct list_head ap_list;  /**< maintaining multiple AP */
+    char *blocklist;           /**< maintaining the blocklist */
 };
 
 /* SME stands for "station management entity" */
@@ -150,6 +154,83 @@ MODULE_PARM_DESC(station, "Number of virtual interfaces running in STA mode.");
 /* Global context */
 static struct owl_context *owl = NULL;
 
+/* Blocklist content */
+#define MAX_NETLINK_USER 31
+#define MAX_BLACKLIST_SIZE 1024
+
+struct sock *nl_sk = NULL;
+
+static int blocklist_check(char *dest, char *source)
+{
+    if (!owl->blocklist || !*(owl->blocklist))
+        return 0;
+
+    char *user_input =
+        kmalloc(sizeof(char) * (strlen(owl->blocklist) + 1), GFP_KERNEL);
+    strncpy(user_input, owl->blocklist, strlen(owl->blocklist));
+
+    char *token = strsep(&user_input, "\n");
+    while (token != NULL) {
+        char *blacklist_dest = strsep(&token, " ");
+        strsep(&token, " ");
+        char *blacklist_source = token;
+        if (strcmp(dest, blacklist_dest) == 0 &&
+            strcmp(source, blacklist_source) == 0) {
+            kfree(user_input);
+            return 1;
+        }
+        pr_info("owl: %s blocks packets from %s\n", blacklist_dest,
+                blacklist_source);
+        token = strsep(&user_input, "\n");
+    }
+    kfree(user_input);
+
+    return 0;
+}
+
+static void blocklist_load(char *blist)
+{
+    if (!owl->blocklist) {
+        pr_info("owl->blocklist have to be kmalloc first\n");
+        return;
+    }
+    memset(owl->blocklist, '\0', MAX_BLACKLIST_SIZE); /* clear the blocklist */
+    strncpy(owl->blocklist, blist, strlen(blist));
+}
+
+static void blocklist_nl_recv(struct sk_buff *skb)
+{
+    struct nlmsghdr *nlh; /* netlink message header */
+    int pid;
+    struct sk_buff *skb_out;
+    char *msg = "vwifi has received your blocklist";
+    int msg_size = strlen(msg);
+
+    nlh = (struct nlmsghdr *) skb->data;
+
+    blocklist_load((char *) nlmsg_data(nlh));
+
+    /* pid of sending process */
+    pid = nlh->nlmsg_pid;
+
+    skb_out = nlmsg_new(msg_size, 0);
+    if (!skb_out) {
+        pr_info("netlink: Failed to allocate new skb\n");
+        return;
+    }
+
+    nlh = nlmsg_put(skb_out, 0, 0, NLMSG_DONE, msg_size, 0);
+    NETLINK_CB(skb_out).dst_group = 0; /* unicast group */
+    strncpy(nlmsg_data(nlh), msg, msg_size);
+
+    if (nlmsg_unicast(nl_sk, skb_out, pid) < 0)
+        pr_info("netlink: Error while sending back to user\n");
+}
+
+struct netlink_kernel_cfg nl_config = {
+    .input = blocklist_nl_recv,
+};
+
 /**
  * enum virtio_vqs - queues for virtio frame transmission and receivement
  *
@@ -713,6 +794,13 @@ static netdev_tx_t owl_ndo_start_xmit(struct sk_buff *skb,
     }
     /* TX by interface of AP mode */
     else if (vif->wdev.iftype == NL80211_IFTYPE_AP) {
+        /* Find the source interface name */
+        char *source_name;
+        list_for_each_entry (dest_vif, &vif->bss_list, bss_list) {
+            if (ether_addr_equal(eth_hdr->h_source, dest_vif->ndev->dev_addr))
+                source_name = dest_vif->ndev->name;
+        }
+
         /* Check if the packet is broadcasting */
         if (is_broadcast_ether_addr(eth_hdr->h_dest)) {
             list_for_each_entry (dest_vif, &vif->bss_list, bss_list) {
@@ -722,6 +810,10 @@ static netdev_tx_t owl_ndo_start_xmit(struct sk_buff *skb,
                                      dest_vif->ndev->dev_addr))
                     continue;
 
+                /* Don't send packet from dest_vif's blocklist */
+                if (blocklist_check(dest_vif->ndev->name, source_name))
+                    continue;
+
                 if (__owl_ndo_start_xmit(vif, dest_vif, skb))
                     count++;
             }
@@ -731,7 +823,8 @@ static netdev_tx_t owl_ndo_start_xmit(struct sk_buff *skb,
             list_for_each_entry (dest_vif, &vif->bss_list, bss_list) {
                 if (ether_addr_equal(eth_hdr->h_dest,
                                      dest_vif->ndev->dev_addr)) {
-                    if (__owl_ndo_start_xmit(vif, dest_vif, skb))
+                    if (!blocklist_check(dest_vif->ndev->name, source_name) &&
+                        __owl_ndo_start_xmit(vif, dest_vif, skb))
                         count++;
                     break;
                 }
@@ -1782,6 +1875,7 @@ static void owl_free(void)
     list_for_each_entry_safe (vif, safe, &owl->vif_list, list)
         owl_delete_interface(vif);
 
+    kfree(owl->blocklist);
     kfree(owl);
 }
 
@@ -2832,6 +2926,7 @@ static int __init vwifi_init(void)
     mutex_init(&owl->lock);
     INIT_LIST_HEAD(&owl->vif_list);
     INIT_LIST_HEAD(&owl->ap_list);
+    owl->blocklist = kmalloc(sizeof(char) * MAX_BLACKLIST_SIZE, GFP_KERNEL);
 
     for (int i = 0; i < station; i++) {
         struct wiphy *wiphy = owcfg80211_add();
@@ -2841,6 +2936,12 @@ static int __init vwifi_init(void)
             goto interface_add;
     }
 
+    nl_sk = netlink_kernel_create(&init_net, MAX_NETLINK_USER, &nl_config);
+    if (!nl_sk) {
+        pr_info("Error creating netlink socket\n");
+        goto cfg80211_add;
+    }
+
     err = register_virtio_driver(&virtio_vwifi);
     if (err)
         goto err_register_virtio_driver;
@@ -2864,6 +2965,7 @@ static void __exit vwifi_exit(void)
 
     unregister_virtio_driver(&virtio_vwifi);
     owl_free();
+    netlink_kernel_release(nl_sk);
 }
 
 module_init(vwifi_init);