From owner-freebsd-hackers@FreeBSD.ORG Tue Nov 15 20:18:51 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9A1DE106566B for ; Tue, 15 Nov 2011 20:18:51 +0000 (UTC) (envelope-from gelraen.ua@gmail.com) Received: from mail-fx0-f54.google.com (mail-fx0-f54.google.com [209.85.161.54]) by mx1.freebsd.org (Postfix) with ESMTP id 2A1008FC0C for ; Tue, 15 Nov 2011 20:18:50 +0000 (UTC) Received: by faar19 with SMTP id r19so1207885faa.13 for ; Tue, 15 Nov 2011 12:18:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:mime-version:content-type :content-transfer-encoding:message-id; bh=JOMAwzXOS7FnoIyfs8vy4Hv0J+cYesvHQbffm3pFP5E=; b=a57UFYsV1m8pAJwhJwwN5Sufox6YD/lNbhf+tfJAUfHFRD2lpazpyUEjF8lmr2uLiQ j7JYe7D3qgdp/IyObwkfmIdwYmHNgLTWhc5eXVSixfgGuEqDTk3mVoZUwGbfFrtkBTGu G0hIMr3WkfDGXRNFlWYAB2rADl6LYL26FX/9Q= Received: by 10.205.139.71 with SMTP id iv7mr20022210bkc.60.1321388330020; Tue, 15 Nov 2011 12:18:50 -0800 (PST) Received: from imax.localnet (76-55-133-95.pool.ukrtel.net. [95.133.55.76]) by mx.google.com with ESMTPS id i3sm18306066faf.0.2011.11.15.12.18.47 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 15 Nov 2011 12:18:48 -0800 (PST) From: Maxim Ignatenko To: freebsd-hackers@freebsd.org Date: Tue, 15 Nov 2011 22:18:40 +0200 User-Agent: KMail/1.13.7 (FreeBSD/8.2-STABLE; KDE/4.7.3; i386; ; ) MIME-Version: 1.0 Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <201111152218.41031.gelraen.ua@gmail.com> X-Mailman-Approved-At: Tue, 15 Nov 2011 21:03:34 +0000 Subject: Communication between kernel and userspace via local socket X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Nov 2011 20:18:51 -0000 frHi, I'm currently inventing the wheel^W^W^Wwriting a firewall from scratch and looking for most convenient way to establish communication between userspace processes and kernel part. Communication pattern best fits to listening PF_LOCAL socket opened from kernel and userspace processes connecting to it. Clients should be able to send requests and receive responses from kernel (to retrieve list of loaded modules, active ruleset, add or remove rules, ...) and vice versa: kernel should be able to send request to userspace process and receive response (I'm planning to add interactive features like in most firewalls for windows(r)). First part can be implemented via ioctl, but it should be called not only by processes with euid == 0, so supplied pointer to receive buffer cannot be trusted (is there any mechanism to check memory allocation?) and any unprivileged user can instruct kernel to write some trash at arbitrary address (for example, VM just rebooted ungracefully when I supplied (void*)123 as pointer to destination buffer). So, requirements is: 1) message exchange can initiated from userspace and from kernel 2) safe to communicate with unprivileged processes (not like in above case with ioctl) 3) kernel part should be able to determine process uid 4) messages size can be large (from 1KB to 10KB and more) Now I'm thinking about few variants: 1) emulation of local socket via character device. This way requires to manually handle per-process IO buffers, which almost certainly will have many bugs 2) opening local socket from kernel. This, as I think, require to spawn new process in kernel (but I don't know how to do this) to listen for incoming connections and messages 3) userspace mux/demux daemon (like devd): one and only one process opens character device and uses local socket to communicate with other processes. This requires to design 2 ABIs - kernel<->daemon and daemon<->client. 2nd variant looks most appropriate but know I don't know how to implement it. Can anyone point me to some documentation about spawning processes in kernel an working with sockets from kernelspace, or suggest better way of communication between processes and kernel?