1 /* SPDX-License-Identifier: GPL-2.0+ */
2
3 #ifndef __HID_BPF_H
4 #define __HID_BPF_H
5
6 #include <linux/bpf.h>
7 #include <linux/mutex.h>
8 #include <linux/srcu.h>
9 #include <uapi/linux/hid.h>
10
11 struct hid_device;
12
13 /*
14 * The following is the user facing HID BPF API.
15 *
16 * Extra care should be taken when editing this part, as
17 * it might break existing out of the tree bpf programs.
18 */
19
20 /**
21 * struct hid_bpf_ctx - User accessible data for all HID programs
22 *
23 * ``data`` is not directly accessible from the context. We need to issue
24 * a call to hid_bpf_get_data() in order to get a pointer to that field.
25 *
26 * @hid: the &struct hid_device representing the device itself
27 * @allocated_size: Allocated size of data.
28 *
29 * This is how much memory is available and can be requested
30 * by the HID program.
31 * Note that for ``HID_BPF_RDESC_FIXUP``, that memory is set to
32 * ``4096`` (4 KB)
33 * @size: Valid data in the data field.
34 *
35 * Programs can get the available valid size in data by fetching this field.
36 * Programs can also change this value by returning a positive number in the
37 * program.
38 * To discard the event, return a negative error code.
39 *
40 * ``size`` must always be less or equal than ``allocated_size`` (it is enforced
41 * once all BPF programs have been run).
42 * @retval: Return value of the previous program.
43 *
44 * ``hid`` and ``allocated_size`` are read-only, ``size`` and ``retval`` are read-write.
45 */
46 struct hid_bpf_ctx {
47 struct hid_device *hid;
48 __u32 allocated_size;
49 union {
50 __s32 retval;
51 __s32 size;
52 };
53 };
54
55 /*
56 * Below is HID internal
57 */
58
59 #define HID_BPF_MAX_PROGS_PER_DEV 64
60 #define HID_BPF_FLAG_MASK (((HID_BPF_FLAG_MAX - 1) << 1) - 1)
61
62
63 struct hid_report_enum;
64
65 struct hid_ops {
66 struct hid_report *(*hid_get_report)(struct hid_report_enum *report_enum, const u8 *data);
67 int (*hid_hw_raw_request)(struct hid_device *hdev,
68 unsigned char reportnum, __u8 *buf,
69 size_t len, enum hid_report_type rtype,
70 enum hid_class_request reqtype,
71 u64 source, bool from_bpf);
72 int (*hid_hw_output_report)(struct hid_device *hdev, __u8 *buf, size_t len,
73 u64 source, bool from_bpf);
74 int (*hid_input_report)(struct hid_device *hid, enum hid_report_type type,
75 u8 *data, u32 size, int interrupt, u64 source, bool from_bpf,
76 bool lock_already_taken);
77 struct module *owner;
78 const struct bus_type *bus_type;
79 };
80
81 extern struct hid_ops *hid_ops;
82
83 /**
84 * struct hid_bpf_ops - A BPF struct_ops of callbacks allowing to attach HID-BPF
85 * programs to a HID device
86 * @hid_id: the HID uniq ID to attach to. This is writeable before ``load()``, and
87 * cannot be changed after
88 * @flags: flags used while attaching the struct_ops to the device. Currently only
89 * available value is %0 or ``BPF_F_BEFORE``.
90 * Writeable only before ``load()``
91 */
92 struct hid_bpf_ops {
93 /* hid_id needs to stay first so we can easily change it
94 * from userspace.
95 */
96 int hid_id;
97 u32 flags;
98
99 /* private: do not show up in the docs */
100 struct list_head list;
101
102 /* public: rest should show up in the docs */
103
104 /**
105 * @hid_device_event: called whenever an event is coming in from the device
106 *
107 * It has the following arguments:
108 *
109 * ``ctx``: The HID-BPF context as &struct hid_bpf_ctx
110 *
111 * Return: %0 on success and keep processing; a positive
112 * value to change the incoming size buffer; a negative
113 * error code to interrupt the processing of this event
114 *
115 * Context: Interrupt context.
116 */
117 int (*hid_device_event)(struct hid_bpf_ctx *ctx, enum hid_report_type report_type,
118 u64 source);
119
120 /**
121 * @hid_rdesc_fixup: called when the probe function parses the report descriptor
122 * of the HID device
123 *
124 * It has the following arguments:
125 *
126 * ``ctx``: The HID-BPF context as &struct hid_bpf_ctx
127 *
128 * Return: %0 on success and keep processing; a positive
129 * value to change the incoming size buffer; a negative
130 * error code to interrupt the processing of this device
131 */
132 int (*hid_rdesc_fixup)(struct hid_bpf_ctx *ctx);
133
134 /**
135 * @hid_hw_request: called whenever a hid_hw_raw_request() call is emitted
136 * on the HID device
137 *
138 * It has the following arguments:
139 *
140 * ``ctx``: The HID-BPF context as &struct hid_bpf_ctx
141 *
142 * ``reportnum``: the report number, as in hid_hw_raw_request()
143 *
144 * ``rtype``: the report type (``HID_INPUT_REPORT``, ``HID_FEATURE_REPORT``,
145 * ``HID_OUTPUT_REPORT``)
146 *
147 * ``reqtype``: the request
148 *
149 * ``source``: a u64 referring to a uniq but identifiable source. If %0, the
150 * kernel itself emitted that call. For hidraw, ``source`` is set
151 * to the associated ``struct file *``.
152 *
153 * Return: %0 to keep processing the request by hid-core; any other value
154 * stops hid-core from processing that event. A positive value should be
155 * returned with the number of bytes returned in the incoming buffer; a
156 * negative error code interrupts the processing of this call.
157 */
158 int (*hid_hw_request)(struct hid_bpf_ctx *ctx, unsigned char reportnum,
159 enum hid_report_type rtype, enum hid_class_request reqtype,
160 u64 source);
161
162 /**
163 * @hid_hw_output_report: called whenever a hid_hw_output_report() call is emitted
164 * on the HID device
165 *
166 * It has the following arguments:
167 *
168 * ``ctx``: The HID-BPF context as &struct hid_bpf_ctx
169 *
170 * ``source``: a u64 referring to a uniq but identifiable source. If %0, the
171 * kernel itself emitted that call. For hidraw, ``source`` is set
172 * to the associated ``struct file *``.
173 *
174 * Return: %0 to keep processing the request by hid-core; any other value
175 * stops hid-core from processing that event. A positive value should be
176 * returned with the number of bytes written to the device; a negative error
177 * code interrupts the processing of this call.
178 */
179 int (*hid_hw_output_report)(struct hid_bpf_ctx *ctx, u64 source);
180
181
182 /* private: do not show up in the docs */
183 struct hid_device *hdev;
184 };
185
186 /* stored in each device */
187 struct hid_bpf {
188 u8 *device_data; /* allocated when a bpf program of type
189 * SEC(f.../hid_bpf_device_event) has been attached
190 * to this HID device
191 */
192 u32 allocated_data;
193 bool destroyed; /* prevents the assignment of any progs */
194
195 struct hid_bpf_ops *rdesc_ops;
196 struct list_head prog_list;
197 struct mutex prog_list_lock; /* protects prog_list update */
198 struct srcu_struct srcu; /* protects prog_list read-only access */
199 };
200
201 #ifdef CONFIG_HID_BPF
202 u8 *dispatch_hid_bpf_device_event(struct hid_device *hid, enum hid_report_type type, u8 *data,
203 u32 *size, int interrupt, u64 source, bool from_bpf);
204 int dispatch_hid_bpf_raw_requests(struct hid_device *hdev,
205 unsigned char reportnum, __u8 *buf,
206 u32 size, enum hid_report_type rtype,
207 enum hid_class_request reqtype,
208 u64 source, bool from_bpf);
209 int dispatch_hid_bpf_output_report(struct hid_device *hdev, __u8 *buf, u32 size,
210 u64 source, bool from_bpf);
211 int hid_bpf_connect_device(struct hid_device *hdev);
212 void hid_bpf_disconnect_device(struct hid_device *hdev);
213 void hid_bpf_destroy_device(struct hid_device *hid);
214 int hid_bpf_device_init(struct hid_device *hid);
215 u8 *call_hid_bpf_rdesc_fixup(struct hid_device *hdev, const u8 *rdesc, unsigned int *size);
216 #else /* CONFIG_HID_BPF */
dispatch_hid_bpf_device_event(struct hid_device * hid,enum hid_report_type type,u8 * data,u32 * size,int interrupt,u64 source,bool from_bpf)217 static inline u8 *dispatch_hid_bpf_device_event(struct hid_device *hid, enum hid_report_type type,
218 u8 *data, u32 *size, int interrupt,
219 u64 source, bool from_bpf) { return data; }
dispatch_hid_bpf_raw_requests(struct hid_device * hdev,unsigned char reportnum,u8 * buf,u32 size,enum hid_report_type rtype,enum hid_class_request reqtype,u64 source,bool from_bpf)220 static inline int dispatch_hid_bpf_raw_requests(struct hid_device *hdev,
221 unsigned char reportnum, u8 *buf,
222 u32 size, enum hid_report_type rtype,
223 enum hid_class_request reqtype,
224 u64 source, bool from_bpf) { return 0; }
dispatch_hid_bpf_output_report(struct hid_device * hdev,__u8 * buf,u32 size,u64 source,bool from_bpf)225 static inline int dispatch_hid_bpf_output_report(struct hid_device *hdev, __u8 *buf, u32 size,
226 u64 source, bool from_bpf) { return 0; }
hid_bpf_connect_device(struct hid_device * hdev)227 static inline int hid_bpf_connect_device(struct hid_device *hdev) { return 0; }
hid_bpf_disconnect_device(struct hid_device * hdev)228 static inline void hid_bpf_disconnect_device(struct hid_device *hdev) {}
hid_bpf_destroy_device(struct hid_device * hid)229 static inline void hid_bpf_destroy_device(struct hid_device *hid) {}
hid_bpf_device_init(struct hid_device * hid)230 static inline int hid_bpf_device_init(struct hid_device *hid) { return 0; }
231 /*
232 * This specialized allocator has to be a macro for its allocations to be
233 * accounted separately (to have a separate alloc_tag). The typecast is
234 * intentional to enforce typesafety.
235 */
236 #define call_hid_bpf_rdesc_fixup(_hdev, _rdesc, _size) \
237 ((u8 *)kmemdup(_rdesc, *(_size), GFP_KERNEL))
238
239 #endif /* CONFIG_HID_BPF */
240
241 #endif /* __HID_BPF_H */
242