/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

/*
 * vscand Daemon Program
 */

#include <stdio.h>
#include <sys/stat.h>
#include <sys/filio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/param.h>
#include <zone.h>
#include <tsol/label.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <wait.h>
#include <unistd.h>
#include <getopt.h>
#include <stdarg.h>
#include <libscf.h>
#include <signal.h>
#include <atomic.h>
#include <libintl.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <ctype.h>
#include <pthread.h>
#include <syslog.h>
#include <locale.h>
#include <pwd.h>
#include <grp.h>
#include <priv_utils.h>
#include <rctl.h>
#include "vs_incl.h"

#define VS_FILE_DESCRIPTORS     512

static int vscand_fg = 0; /* daemon by default */
static vs_daemon_state_t vscand_state = VS_STATE_INIT;
static volatile uint_t vscand_sigval = 0;
static volatile uint_t vscand_n_refresh = 0;
static int vscand_kdrv_fd = -1;
static pthread_mutex_t vscand_cfg_mutex = PTHREAD_MUTEX_INITIALIZER;
static pthread_cond_t vscand_cfg_cv;
static pthread_t vscand_cfg_tid = 0;

/* virus log path */
static char vscand_vlog[MAXPATHLEN];

/* user and group ids - default to 0 */
static uid_t root_uid = 0, daemon_uid = 0;
static gid_t sys_gid = 0;


/* local function prototypes */
static void vscand_sig_handler(int);
static int vscand_parse_args(int, char **);
static void vscand_get_uid_gid();
static int vscand_init_file(char *, uid_t, gid_t, mode_t);
static void vscand_usage(char *);
static int vscand_daemonize_init(void);
static void vscand_daemonize_fini(int, int);
static int vscand_init(void);
static void vscand_fini(void);
static int vscand_cfg_init(void);
static void vscand_cfg_fini(void);
static void *vscand_cfg_handler(void *);
static int vscand_configure(void);
static void vscand_dtrace_cfg(vs_props_all_t *);
static int vscand_kernel_bind(void);
static void vscand_kernel_unbind(void);
static int vscand_kernel_enable(int);
static void vscand_kernel_disable(void);
static int vscand_kernel_config(vs_config_t *);
static int vscand_kernel_max_req(uint32_t *);
static void vscand_error(const char *);
static int vscand_get_viruslog(void);
static int vscand_set_resource_limits(void);


/*
 * Enable libumem debugging by default on DEBUG builds.
 */
#ifdef DEBUG
const char *
_umem_debug_init(void)
{
        return ("default,verbose"); /* $UMEM_DEBUG setting */
}

const char *
_umem_logging_init(void)
{
        return ("fail,contents"); /* $UMEM_LOGGING setting */
}
#endif


/*
 * vscand_sig_handler
 */
static void
vscand_sig_handler(int sig)
{
        if (vscand_sigval == 0)
                (void) atomic_swap_uint(&vscand_sigval, sig);

        if (sig == SIGHUP)
                atomic_inc_uint(&vscand_n_refresh);
}


/*
 * main
 *
 * main must return SMF return code (see smf_method(7)) if vscand
 * is invoked directly by smf (see manifest: vscan.xml)
 * Exit codes: SMF_EXIT_ERR_CONFIG - error
 *             SMF_EXIT_ERR_FATAL - fatal error
 *             SMF_EXIT_OK - success
 */
int
main(int argc, char **argv)
{
        int err_stat = 0, pfd = -1;
        sigset_t set;
        struct sigaction act;
        int sigval;

        mode_t log_mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP;
        mode_t door_mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;

        (void) setlocale(LC_ALL, "");
        openlog("vscand", 0, LOG_DAEMON);

        /* check if running in global zone; other zones not supported */
        if (getzoneid() != GLOBAL_ZONEID) {
                vscand_error(gettext("non-global zone not supported"));
                exit(SMF_EXIT_ERR_FATAL);
        }

        /* check for a Trusted Solaris environment; not supported */
        if (is_system_labeled()) {
                vscand_error(gettext("Trusted Extensions not supported"));
                exit(SMF_EXIT_ERR_FATAL);
        }

        /* Parse arguments */
        if (vscand_parse_args(argc, argv) != 0)
                exit(SMF_EXIT_ERR_CONFIG);

        vscand_get_uid_gid();

        /*
         * Initializetion of virus log and statistic door file
         * MUST be done BEFORE vscand_daemonize_init resets uid/gid.
         * Only root can create the files in /var/log and /var/run.
         */
        if ((vscand_get_viruslog() != 0) ||
            (vscand_vlog[0] == '\0') ||
            (vscand_init_file(vscand_vlog, root_uid, sys_gid, log_mode) != 0)) {
                *vscand_vlog = 0;
        }

        (void) vscand_init_file(VS_STATS_DOOR_NAME,
            daemon_uid, sys_gid, door_mode);

        /*
         * Once we're done setting our global state up, set up signal handlers
         * for ensuring orderly termination on SIGTERM.
         */
        (void) sigfillset(&set);
        (void) sigdelset(&set, SIGABRT); /* always unblocked for ASSERT() */

        (void) sigfillset(&act.sa_mask);
        act.sa_handler = vscand_sig_handler;
        act.sa_flags = 0;

        (void) sigaction(SIGTERM, &act, NULL);
        (void) sigaction(SIGHUP, &act, NULL); /* Refresh config */
        (void) sigaction(SIGINT, &act, NULL);
        (void) sigaction(SIGPIPE, &act, NULL);
        (void) sigdelset(&set, SIGTERM);
        (void) sigdelset(&set, SIGHUP);
        (void) sigdelset(&set, SIGINT);
        (void) sigdelset(&set, SIGPIPE);

        if (vscand_fg) {
                (void) sigdelset(&set, SIGTSTP);
                (void) sigdelset(&set, SIGTTIN);
                (void) sigdelset(&set, SIGTTOU);

                if (vscand_init() != 0) {
                        vscand_error(gettext("failed to initialize service"));
                        exit(SMF_EXIT_ERR_CONFIG);
                }
        } else {
                /*
                 * "pfd" is a pipe descriptor -- any fatal errors
                 * during subsequent initialization of the child
                 * process should be written to this pipe and the
                 * parent will report this error as the exit status.
                 */
                pfd = vscand_daemonize_init();

                if (vscand_init() != 0) {
                        vscand_error(gettext("failed to initialize service"));
                        exit(SMF_EXIT_ERR_CONFIG);
                }

                vscand_daemonize_fini(pfd, err_stat);
        }

        vscand_state = VS_STATE_RUNNING;

        /* Wait here until shutdown */
        while (vscand_state == VS_STATE_RUNNING) {
                if (vscand_sigval == 0 && vscand_n_refresh == 0)
                        (void) sigsuspend(&set);

                sigval = atomic_swap_uint(&vscand_sigval, 0);

                switch (sigval) {
                case 0:
                case SIGPIPE:
                case SIGHUP:
                        break;
                default:
                        vscand_state = VS_STATE_SHUTDOWN;
                        break;
                }

                if (atomic_swap_uint(&vscand_n_refresh, 0) != 0)
                        (void) pthread_cond_signal(&vscand_cfg_cv);
        }

        vscand_fini();
        return (SMF_EXIT_OK);
}


/*
 * vscand_parse_args
 * Routine to parse the arguments to the daemon program
 * 'f' argument runs process in the foreground instead of as a daemon
 */
int
vscand_parse_args(int argc, char **argv)
{
        int     optchar;

        while ((optchar = getopt(argc, argv, "f?")) != EOF) {
                switch (optchar) {
                case 'f':
                        vscand_fg = 1;
                        break;
                default:
                        vscand_usage(argv[0]);
                        return (-1);
                }
        }
        return (0);
}


/*
 * vscand_usage
 */
static void
vscand_usage(char *progname)
{
        char buf[128];

        (void) snprintf(buf, sizeof (buf), "%s %s [-f]",
            gettext("Usage"), progname);
        vscand_error(buf);

        (void) snprintf(buf, sizeof (buf), "\t-f %s\n",
            gettext("run program in foreground"));
        vscand_error(buf);
}


/*
 * vscand_get_uid_gid
 *
 * failure to access a uid/gid results in the default (0) being used.
 */
static void
vscand_get_uid_gid()
{
        struct passwd *pwd;
        struct group *grp;

        if ((pwd = getpwnam("root")) != NULL)
                root_uid = pwd->pw_uid;

        if ((pwd = getpwnam("daemon")) != NULL)
                daemon_uid = pwd->pw_uid;

        if ((grp = getgrnam("sys")) != NULL)
                sys_gid = grp->gr_gid;
}


/*
 * vscand_daemonize_init
 *
 * This function will fork off a child process, from which
 * only the child will return.
 */
static int
vscand_daemonize_init(void)
{
        int status, pfds[2];
        sigset_t set, oset;
        pid_t pid;

        /*
         * Reset process owner/group to daemon/sys. Root ownership is only
         * required to initialize virus log file in /var/log
         */
        if (__init_daemon_priv(PU_RESETGROUPS | PU_LIMITPRIVS,
            daemon_uid, sys_gid,
            PRIV_PROC_AUDIT, PRIV_FILE_DAC_SEARCH, PRIV_FILE_DAC_READ,
            PRIV_FILE_FLAG_SET, NULL) != 0) {
                vscand_error(gettext("failed to initialize privileges"));
                _exit(SMF_EXIT_ERR_FATAL);
        }

        /*
         * Block all signals prior to the fork and leave them blocked in the
         * parent so we don't get in a situation where the parent gets SIGINT
         * and returns non-zero exit status and the child is actually running.
         * In the child, restore the signal mask once we've done our setsid().
         */
        (void) sigfillset(&set);
        (void) sigdelset(&set, SIGABRT);
        (void) sigprocmask(SIG_BLOCK, &set, &oset);

        if (pipe(pfds) == -1) {
                vscand_error(gettext("failed to create pipe for daemonize"));
                _exit(SMF_EXIT_ERR_FATAL);
        }

        if ((pid = fork()) == -1) {
                vscand_error(gettext("failed to fork for daemonize"));
                _exit(SMF_EXIT_ERR_FATAL);
        }

        /*
         * If we're the parent process, wait for either the child to send us
         * the appropriate exit status over the pipe or for the read to fail
         * (presumably with 0 for EOF if our child terminated abnormally).
         * If the read fails, exit with either the child's exit status if it
         * exited or with SMF_EXIT_ERR_FATAL if it died from a fatal signal.
         */
        if (pid != 0) {
                (void) close(pfds[1]);

                if (read(pfds[0], &status, sizeof (status)) == sizeof (status))
                        _exit(status);

                if (waitpid(pid, &status, 0) == pid && WIFEXITED(status))
                        _exit(WEXITSTATUS(status));

                vscand_error(gettext("failed to daemonize"));
                _exit(SMF_EXIT_ERR_FATAL);
        }


        (void) setsid();
        (void) sigprocmask(SIG_SETMASK, &oset, NULL);
        (void) chdir("/");
        (void) umask(022);
        (void) close(pfds[0]);

        return (pfds[1]);
}


/*
 * vscand_daemonize_fini
 * Now that we're running, if a pipe fd was specified, write an exit
 * status to it to indicate that our parent process can safely detach.
 */
static void
vscand_daemonize_fini(int fd, int err_status)
{
        if (fd >= 0)
                (void) write(fd, &err_status, sizeof (err_status));

        (void) close(fd);

        /* Restore standard file descriptors */
        if ((fd = open("/dev/null", O_RDWR)) >= 0) {
                (void) fcntl(fd, F_DUP2FD, STDIN_FILENO);
                (void) fcntl(fd, F_DUP2FD, STDOUT_FILENO);
                (void) fcntl(fd, F_DUP2FD, STDERR_FILENO);
                (void) close(fd);
        }

        /* clear basic privileges not required by vscand */
        __fini_daemon_priv(PRIV_PROC_FORK, PRIV_PROC_EXEC, PRIV_PROC_SESSION,
            PRIV_FILE_LINK_ANY, PRIV_PROC_INFO, (char *)NULL);
}


/*
 * vscand_init_file
 *
 * create specified file and set its uid, gid and mode
 */
static int
vscand_init_file(char *filepath, uid_t uid, gid_t gid, mode_t access_mode)
{
        int fd, rc = 0;
        struct stat stat_buf;
        char buf[MAXPATHLEN];

        if ((fd = open(filepath, O_RDONLY | O_CREAT, access_mode)) == -1) {
                rc = -1;
        } else {
                if (fstat(fd, &stat_buf) != 0) {
                        rc = -1;
                } else {
                        if ((stat_buf.st_mode & S_IAMB) != access_mode) {
                                if (fchmod(fd, access_mode) != 0)
                                        rc = -1;
                        }

                        if ((stat_buf.st_uid != uid) ||
                            (stat_buf.st_gid != gid)) {
                                if (fchown(fd, uid, gid) != 0)
                                        rc = -1;
                        }
                }

                (void) close(fd);
        }

        if (rc == -1) {
                (void) snprintf(buf, MAXPATHLEN, "%s %s",
                    gettext("Failed to initialize"), filepath);
                vscand_error(buf);
        }

        return (rc);
}


/*
 * vscand_init
 *
 * There are some requirements on the order in which the daemon
 * initialization functions are called.
 *
 * - vscand_kernel_bind - bind to kernel module
 * - vs_eng_init populates vs_icap data and thus vs_icap_init MUST be
 *   called before vs_eng_init
 * - vscand_configure - load the configuration
 * - vs_door_init - start vscan door server
 * - vscand_kernel_enable - enable scan requests from kernel
 */
static int
vscand_init(void)
{
        int door_fd = -1;
        uint32_t max_req;

        if (vscand_kernel_bind() < 0)
                return (-1);

        if (vscand_kernel_max_req(&max_req) == -1)
                return (-1);

        if (vs_svc_init(max_req) != 0)
                return (-1);

        if (vs_stats_init() != 0)
                vscand_error(
                    gettext("failed to initialize statistics interface"));

        vs_icap_init();
        vs_eng_init();

        /* initialize configuration and handler thread */
        if (vscand_cfg_init() != 0) {
                vscand_error(gettext("failed to initialize configuration"));
                vscand_fini();
                return (-1);
        }

        (void) vscand_set_resource_limits();

        if (((door_fd = vs_door_init()) < 0) ||
            (vscand_kernel_enable(door_fd) < 0)) {
                vscand_fini();
                return (-1);
        }

        return (0);
}


/*
 * vscand_fini
 *
 * vscand_kernel_disable - should be called first to ensure that no
 *      more scan requests are initiated from the kernel module
 * vs_svc_terminate - terminate requests and wait for thread completion
 * vs_xxx_fini - module cleanup routines
 * vscand_kernel_unbind - should be called last to tell the kernel module
 *      that vscand is shutdown.
 */
static void
vscand_fini(void)
{
        vscand_kernel_disable();

        /* terminate reconfiguration handler thread */
        vscand_cfg_fini();

        /* terminate requests and wait for completion */
        vs_svc_terminate();

        /* clean up */
        vs_svc_fini();
        vs_eng_fini();
        vs_icap_fini();
        vs_door_fini();
        vs_stats_fini();

        vscand_kernel_unbind();
}


/*
 * vscand_cfg_init
 *
 * initialize configuration and reconfiguration handler thread
 */
static int
vscand_cfg_init(void)
{
        int rc;

        (void) pthread_cond_init(&vscand_cfg_cv, NULL);

        (void) pthread_mutex_lock(&vscand_cfg_mutex);
        rc = vscand_configure();
        (void) pthread_mutex_unlock(&vscand_cfg_mutex);

        if (rc != 0)
                return (-1);

        if (pthread_create(&vscand_cfg_tid, NULL, vscand_cfg_handler, 0) != 0) {
                vscand_cfg_tid = 0;
                return (-1);
        }

        return (0);
}


/*
 * vscand_cfg_fini
 *
 * terminate reconfiguration handler thread
 */
static void
vscand_cfg_fini()
{
        if (vscand_cfg_tid != 0) {
                (void) pthread_cond_signal(&vscand_cfg_cv);
                (void) pthread_join(vscand_cfg_tid, NULL);
                vscand_cfg_tid = 0;
        }
        (void) pthread_cond_destroy(&vscand_cfg_cv);
}


/*
 * vscand_cfg_handler
 * wait for reconfiguration event and reload configuration
 * exit on VS_STATE_SHUTDOWN
 */
/*ARGSUSED*/
static void *
vscand_cfg_handler(void *arg)
{
        (void) pthread_mutex_lock(&vscand_cfg_mutex);

        while (pthread_cond_wait(&vscand_cfg_cv, &vscand_cfg_mutex) == 0) {
                if (vscand_state == VS_STATE_SHUTDOWN)
                        break;

                (void) vscand_configure();
        }

        (void) pthread_mutex_unlock(&vscand_cfg_mutex);

        return (NULL);
}


/*
 * vscand_configure
 */
static int
vscand_configure(void)
{
        uint32_t len;
        vs_config_t kconfig;
        vs_props_all_t config;

        (void) memset(&config, 0, sizeof (vs_props_all_t));
        if (vs_props_get_all(&config) != VS_ERR_NONE) {
                vscand_error(gettext("configuration data error"));
                return (-1);
        }

        (void) memset(&kconfig, 0, sizeof (vs_config_t));
        len = sizeof (kconfig.vsc_types);
        if (vs_parse_types(config.va_props.vp_types,
            kconfig.vsc_types, &len) != 0) {
                vscand_error(gettext("configuration data error - types"));
                return (-1);
        }
        kconfig.vsc_types_len = len;

        /* Convert the maxfsize string from the configuration into bytes */
        if (vs_strtonum(config.va_props.vp_maxsize,
            &kconfig.vsc_max_size) != 0) {
                vscand_error(gettext("configuration data error - max-size"));
                return (-1);
        }
        kconfig.vsc_allow = config.va_props.vp_maxsize_action ? 1LL : 0LL;

        /* Send configuration update to kernel */
        if (vscand_kernel_config(&kconfig) != 0) {
                return (-1);
        }

        /* dtrace the configuration data */
        vscand_dtrace_cfg(&config);

        /* propagate configuration changes */
        vs_eng_config(&config);
        vs_stats_config(&config);

        return (0);
}


/*
 * vscand_get_state
 */
vs_daemon_state_t
vscand_get_state(void)
{
        return (vscand_state);
}


/*
 * vscand_get_viruslog
 */
static int
vscand_get_viruslog()
{
        vs_props_t props;
        uint64_t propids;
        int rc;

        propids = VS_PROPID_VLOG;
        if ((rc = vs_props_get(&props, propids)) != VS_ERR_NONE) {
                vscand_error(vs_strerror(rc));
                return (-1);
        }

        (void) strlcpy(vscand_vlog, props.vp_vlog, sizeof (vscand_vlog));
        return (0);
}


/*
 * vscand_viruslog
 */
char *
vscand_viruslog(void)
{
        if (vscand_vlog[0] == '\0')
                return (NULL);

        return (vscand_vlog);
}


/*
 * vscand_kernel_bind
 */
static int
vscand_kernel_bind(void)
{
        char devname[MAXPATHLEN];
        int inst = 0;

        (void) snprintf(devname, MAXPATHLEN, "%s%d", VS_DRV_PATH, inst);

        if ((vscand_kdrv_fd = open(devname, O_RDONLY)) < 0) {
                vscand_error(gettext("failed to bind to kernel"));
                return (-1);
        }

        return (0);
}


/*
 * vscand_kernel_unbind
 */
static void
vscand_kernel_unbind(void)
{
        if (vscand_kdrv_fd >= 0)
                (void) close(vscand_kdrv_fd);
}


/*
 * vscand_kernel_enable
 */
static int
vscand_kernel_enable(int door_fd)
{
        if (ioctl(vscand_kdrv_fd, VS_IOCTL_ENABLE, door_fd) < 0) {
                vscand_error(gettext("failed to bind to kernel"));
                (void) close(vscand_kdrv_fd);
                vscand_kdrv_fd = -1;
                return (-1);
        }
        return (0);
}


/*
 * vscand_kernel_disable
 */
static void
vscand_kernel_disable()
{
        if (vscand_kdrv_fd >= 0)
                (void) ioctl(vscand_kdrv_fd, VS_IOCTL_DISABLE);
}


/*
 * vscand_kernel_config
 */
int
vscand_kernel_config(vs_config_t *conf)
{
        if ((vscand_kdrv_fd < 0) ||
            (ioctl(vscand_kdrv_fd, VS_IOCTL_CONFIG, conf) < 0)) {
                vscand_error(gettext("failed to send config to kernel"));
                return (-1);
        }

        return (0);
}


/*
 * vscand_kernel_result
 */
int
vscand_kernel_result(vs_scan_rsp_t *scan_rsp)
{
        if ((vscand_kdrv_fd < 0) ||
            (ioctl(vscand_kdrv_fd, VS_IOCTL_RESULT, scan_rsp) < 0)) {
                vscand_error(gettext("failed to send result to kernel"));
                return (-1);
        }

        return (0);
}


/*
 * vscand_kernel_max_req
 */
int
vscand_kernel_max_req(uint32_t *max_req)
{
        if ((vscand_kdrv_fd < 0) ||
            (ioctl(vscand_kdrv_fd, VS_IOCTL_MAX_REQ, max_req) < 0)) {
                vscand_error(gettext("failed to get config data from kernel"));
                return (-1);
        }

        return (0);
}


/*
 * vscand_set_resource_limits
 *
 * If the process's max file descriptor limit is less than
 * VS_FILE_DESCRIPTORS, increae it to VS_FILE_DESCRIPTORS.
 */
static int
vscand_set_resource_limits(void)
{
        int rc = -1;
        rctlblk_t *rblk;
        char *limit = "process.max-file-descriptor";

        rblk = (rctlblk_t *)malloc(rctlblk_size());

        if (rblk != NULL) {
                rc = getrctl(limit, NULL, rblk, 0);
                if ((rc == 0) &&
                    (rctlblk_get_value(rblk) < VS_FILE_DESCRIPTORS)) {
                        rctlblk_set_value(rblk, VS_FILE_DESCRIPTORS);
                        rc = setrctl(limit, NULL, rblk, 0);
                }
                (void) free(rblk);
        }

        return (rc);
}


/*
 * vscand_error
 */
static void
vscand_error(const char *errmsg)
{
        (void) fprintf(stderr, "vscand: %s", errmsg);
        syslog(LOG_ERR, "%s\n", errmsg);
}


/*
 * vscand_dtrace_cfg
 * vscand_dtrace_gen
 * vscand_dtrace_eng
 *
 * Support for dtracing vscand configuration when processing
 * a reconfiguration event (SIGHUP)
 */
/*ARGSUSED*/
static void
vscand_dtrace_eng(char *id, boolean_t enable, char *host, int port, int conn)
{
}
/*ARGSUSED*/
static void
vscand_dtrace_gen(char *size, boolean_t action, char *types, char *log)
{
}
static void
vscand_dtrace_cfg(vs_props_all_t *config)
{
        int i;

        vscand_dtrace_gen(config->va_props.vp_maxsize,
            config->va_props.vp_maxsize_action,
            config->va_props.vp_types,
            config->va_props.vp_vlog);

        for (i = 0; i < VS_SE_MAX; i++) {
                if (config->va_se[i].vep_engid[0] != 0)
                                vscand_dtrace_eng(config->va_se[i].vep_engid,
                                    config->va_se[i].vep_enable,
                                    config->va_se[i].vep_host,
                                    config->va_se[i].vep_port,
                                    config->va_se[i].vep_maxconn);
        }
}