Merge pull request #20 from safing/feature/clear-cache

Clear cache function
safing · Sep 20, 2022 · dc3d916 · dc3d916
2 parents b261d6a + fb0f73f
commit dc3d916
Show file tree

Hide file tree

Showing 12 changed files with 125 additions and 64 deletions.
diff --git a/deploy.bat b/deploy.bat
@@ -1,13 +1,13 @@
-echo Compile, Sign and Copy the Kernel Driver with the dll
-set WDDK_SOURCE=install\WDDK\x64\Debug\pm_kernel64.sys
-del WDDK_SOURCE
-
-set DLL_SOURCE=install\DLL\x64\pm_kernel_glue.dll
-del DLL_SOURCE
-
-msbuild /t:Build /p:Configuration=Debug /p:Platform=x64
-SignTool sign /v /s TestCertStoreName /n TestCertName /fd SHA256 %WDDK_SOURCE%
-
-echo Copy the Kernel Driver to Portmaster updates dir as dev version
-copy %WDDK_SOURCE% C:\ProgramData\Safing\Portmaster\updates\windows_amd64\kext\portmaster-kext_v0-0-0.sys
+echo Compile, Sign and Copy the Kernel Driver with the dll
+set WDDK_SOURCE=install\WDDK\x64\Debug\pm_kernel64.sys
+del WDDK_SOURCE
+
+set DLL_SOURCE=install\DLL\x64\Debug\pm_kernel_glue.dll
+del DLL_SOURCE
+
+msbuild /t:Build /p:Configuration=Debug /p:Platform=x64
+SignTool sign /v /s TestCertStoreName /n TestCertName /fd SHA256 %WDDK_SOURCE%
+
+echo Copy the Kernel Driver to Portmaster updates dir as dev version
+copy %WDDK_SOURCE% C:\ProgramData\Safing\Portmaster\updates\windows_amd64\kext\portmaster-kext_v0-0-0.sys
 copy %DLL_SOURCE% C:\ProgramData\Safing\Portmaster\updates\windows_amd64\kext\portmaster-kext_v0-0-0.dll
diff --git a/include/pm_common.h b/include/pm_common.h
@@ -203,14 +203,16 @@ typedef struct {
     CTL_CODE(SIOCTL_TYPE, 0x801, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
 
 #define IOCTL_RECV_VERDICT_REQ \
-   CTL_CODE(SIOCTL_TYPE, 0x802, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
+    CTL_CODE(SIOCTL_TYPE, 0x802, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
 
 #define IOCTL_SET_VERDICT \
     CTL_CODE(SIOCTL_TYPE, 0x803, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
 
 #define IOCTL_GET_PAYLOAD \
-CTL_CODE(SIOCTL_TYPE, 0x804, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
+    CTL_CODE(SIOCTL_TYPE, 0x804, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
 
+#define IOCTL_CLEAR_CACHE \
+    CTL_CODE(SIOCTL_TYPE, 0x805, METHOD_BUFFERED, FILE_READ_DATA|FILE_WRITE_DATA)
 
 /****************************************************************************/
 /* MISC                                                       */

diff --git a/include/pm_debug.h b/include/pm_debug.h
@@ -44,12 +44,12 @@ extern int logLevel;  //must be defined in dll and kernel object
  All we can do is write to a dedicated debug channel and adjust the loglevel at runtime.
 */
 #ifdef DEBUG_ON
-    #define DEBUG(...)  _DEBUG(0, ##__VA_ARGS__)
-    #define INFO(...)   _DEBUG(1, ##__VA_ARGS__)
-    #define WARN(...)   _DEBUG(2, ##__VA_ARGS__)
-    #define ERR(...)  _DEBUG(3, ##__VA_ARGS__)        //ERROR is already defined in wingdi.h
+    #define DEBUG(...)  DEBUG_LOG(0, ##__VA_ARGS__)
+    #define INFO(...)   DEBUG_LOG(1, ##__VA_ARGS__)
+    #define WARN(...)   DEBUG_LOG(2, ##__VA_ARGS__)
+    #define ERR(...)    DEBUG_LOG(3, ##__VA_ARGS__)        //ERROR is already defined in wingdi.h
 
-    #define _DEBUG(level, format, ...) __DEBUG(LOGGER_NAME, level, __LINE__, format, ##__VA_ARGS__)
+    #define DEBUG_LOG(level, format, ...) __DEBUG(LOGGER_NAME, level, __LINE__, format, ##__VA_ARGS__)
     void __DEBUG(char *name, int level, int line, char *format, ...);
     void printIpHeader(char *buf, unsigned long buf_len, char *data, unsigned long dataLength);
     char* printIpv4Packet(void *packet);

diff --git a/pm_kext/col/verdict_cache.c b/pm_kext/col/verdict_cache.c
@@ -74,8 +74,9 @@ int cleanVerdictCache(VerdictCache *verdictCache, PortmasterPacketInfo **packetI
             // delete next of new last item
             lastItem->prev->next = NULL;
         } else {
-            // reset tail (list is empty!)
+            // list is empty! reset it
             verdictCache->tail = NULL;
+            verdictCache->head = NULL;
         }
 
         // set return value
@@ -91,6 +92,24 @@ int cleanVerdictCache(VerdictCache *verdictCache, PortmasterPacketInfo **packetI
     return 1;
 }
 
+/**
+ * @brief Remove all items from verdict cache
+ *
+ * @par    verdictCache = verdict_cache to use
+ *
+ */
+void clearAllEntriesFromVerdictCache(VerdictCache *verdictCache) {
+    VerdictCacheItem *item = verdictCache->head;
+    while(item != NULL) {
+        VerdictCacheItem *next = item->next;
+        _FREE(item);
+        item = next;
+    }
+    verdictCache->size = 0;
+    verdictCache->head = NULL;
+    verdictCache->tail = NULL;
+}
+
 
 /**
  * @brief Tears down the verdict cache
@@ -130,14 +149,14 @@ int addVerdict(VerdictCache *verdictCache, PortmasterPacketInfo *packetInfo, ver
     newItem->verdict = verdict;
 
     // insert as first item
-    if (verdictCache->head) {
+    if (verdictCache->head != NULL) {
         newItem->next = verdictCache->head;
         verdictCache->head->prev = newItem;
     }
     verdictCache->head = newItem;
 
     // set tail if only item
-    if (!verdictCache->tail) {
+    if (verdictCache->tail == NULL) {
         verdictCache->tail = newItem;
     }
 

diff --git a/pm_kext/include/pm_callouts.h b/pm_kext/include/pm_callouts.h
@@ -64,4 +64,7 @@ NTSTATUS genericFlowDelete(UINT16 layerId, UINT32 calloutId, UINT64 flowContext)
 
 void respondWithVerdict(UINT32 id, verdict_t verdict);
 
+
+void clearCache();
+
 #endif // PM_CALLOUTS_H
diff --git a/pm_kext/include/verdict_cache.h b/pm_kext/include/verdict_cache.h
@@ -53,6 +53,14 @@ int createVerdictCache(UINT32 maxSize, VerdictCache **verdict_cache);
  */
 int cleanVerdictCache(VerdictCache *verdictCache, PortmasterPacketInfo **packetInfo);
 
+/**
+ * @brief Remove all items from verdict cache
+ *
+ * @par    verdict_cache = verdict_cache to use
+ *
+ */
+void clearAllEntriesFromVerdictCache(VerdictCache *verdictCache);
+
 /**
  * @brief Tears down the verdict cache
  *

diff --git a/pm_kext/src/pm_callouts.c b/pm_kext/src/pm_callouts.c
@@ -959,3 +959,18 @@ void classifyOutboundIPv6(
     }
     classifyMultiple(&outboundV6PacketInfo, verdictCacheV6, &verdictCacheV6Lock, inMetaValues, layerData, classifyOut);
 }
+
+void clearCache() {
+    INFO("Cleaning all verdict cache");
+    KLOCK_QUEUE_HANDLE lockHandle = {0};
+
+    // Clear IPv4 verdict cache
+    KeAcquireInStackQueuedSpinLock(&verdictCacheV4Lock, &lockHandle);
+    clearAllEntriesFromVerdictCache(verdictCacheV4);
+    KeReleaseInStackQueuedSpinLock(&lockHandle);
+
+    // Clear IPv6 verdict cache
+    KeAcquireInStackQueuedSpinLock(&verdictCacheV6Lock, &lockHandle);
+    clearAllEntriesFromVerdictCache(verdictCacheV6);
+    KeReleaseInStackQueuedSpinLock(&lockHandle);
+}
diff --git a/pm_kext/src/pm_kernel.c b/pm_kext/src/pm_kernel.c
@@ -451,7 +451,12 @@ NTSTATUS driverDeviceControl(__in PDEVICE_OBJECT pDeviceObject, __inout PIRP Irp
             IoCompleteRequest(Irp, IO_NO_INCREMENT);
             return rc;
         }
-
+        case IOCTL_CLEAR_CACHE: {
+            clearCache();
+            Irp->IoStatus.Status = STATUS_SUCCESS;
+            IoCompleteRequest(Irp,IO_NO_INCREMENT);
+            return STATUS_SUCCESS;
+        }
         default: {
             ERR("Don't know how to deal with IoControlCode 0x%x", IoControlCode);
             Irp->IoStatus.Status = STATUS_NOT_IMPLEMENTED;

diff --git a/pm_kext_glue_dll/include/pm_api.h b/pm_kext_glue_dll/include/pm_api.h
@@ -35,7 +35,7 @@ extern "C" {
 /*
  * Internal initialization for the kernel extension.
  */
-extern _EXPORT int PortmasterInit();
+extern _EXPORT UINT32 PortmasterInit();
 
 /*
  * Start intercepting packets.  This is called once when Portmaster starts
@@ -47,15 +47,15 @@ extern _EXPORT int PortmasterInit();
  *          ERROR_FILE_NOT_FOUND:      path is invalid
  *          Windows System Error Code: according to https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes
  */
-extern _EXPORT int PortmasterStart(__in const char *portmasterKextPath);
+extern _EXPORT UINT32 PortmasterStart(__in const char *portmasterKextPath);
 
 /*
  * Stops the driver and unloads the kernel driver, which runs as a service
  *
  * returns: ERROR_SUCCESS:   SUCCESS
  *          windows System Error Code: according to https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes
  */
-extern _EXPORT int PortmasterStop();
+extern _EXPORT UINT32 PortmasterStop();
 
 /*
  * "Blocks" the application till unknown packet is received.
@@ -68,7 +68,7 @@ extern _EXPORT int PortmasterStop();
  *          ERROR_INVALID_DATA:     No Data received (e.g. Timeout)
  *          windows System Error Code: according to https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes
  */
-extern _EXPORT int PortmasterRecvVerdictRequest(__out PortmasterPacketInfo *packetInfo);
+extern _EXPORT UINT32 PortmasterRecvVerdictRequest(__out PortmasterPacketInfo *packetInfo);
 
 
 /*
@@ -84,7 +84,7 @@ extern _EXPORT int PortmasterRecvVerdictRequest(__out PortmasterPacketInfo *pack
  * returns: ERROR_SUCCESS:   SUCCESS
  *          windows System Error Code: according to https://docs.microsoft.com/en-us/windows/desktop/Debug/system-error-codes
  */
-extern _EXPORT int PortmasterSetVerdict(__in UINT32 packetID, __in verdict_t verdict);
+extern _EXPORT UINT32 PortmasterSetVerdict(__in UINT32 packetID, __in verdict_t verdict);
 
 /*
  * Get Payload of packetID
@@ -101,6 +101,14 @@ extern _EXPORT int PortmasterSetVerdict(__in UINT32 packetID, __in verdict_t ver
  */
 extern _EXPORT UINT32 PortmasterGetPayload(__in UINT32 packetID, __out UINT8* buf, __inout UINT32* len);
 
+/*
+ * Get Reset connection cache
+ *
+ * returns: ERROR_SUCCESS:             on success
+            any GetLastError():        in case of unsuccessful communication with kernel (DeviceIoControl)
+ */
+extern _EXPORT UINT32 PortmasterClearCache();
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/pm_kext_glue_dll/pm_kext_glue_dll.vcxproj b/pm_kext_glue_dll/pm_kext_glue_dll.vcxproj
@@ -141,7 +141,7 @@
     <ClCompile>
       <WarningLevel>Level3</WarningLevel>
       <SDLCheck>true</SDLCheck>
-      <PreprocessorDefinitions>GLUEDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS;PM_VERSION_MAJOR=$(PM_VERSION_MAJOR);PM_VERSION_MINOR=$(PM_VERSION_MINOR);PM_VERSION_REVISION=$(PM_VERSION_REVISION);PM_VERSION_BUILD=$(PM_VERSION_BUILD)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>GLUEDLL_EXPORTS;_WINDOWS;_USRDLL;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS;PM_VERSION_MAJOR=$(PM_VERSION_MAJOR);PM_VERSION_MINOR=$(PM_VERSION_MINOR);PM_VERSION_REVISION=$(PM_VERSION_REVISION);PM_VERSION_BUILD=$(PM_VERSION_BUILD);DEBUG_ON</PreprocessorDefinitions>
       <ConformanceMode>true</ConformanceMode>
       <PrecompiledHeader>NotUsing</PrecompiledHeader>
       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>