Add support for old and new kext together

firewall/interception/interception_windows.go

@@ -5,12 +5,16 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/safing/portmaster/firewall/interception/windowskext2"
+	"github.com/safing/portbase/log"
+	kext1 "github.com/safing/portmaster/firewall/interception/windowskext"
+	kext2 "github.com/safing/portmaster/firewall/interception/windowskext2"
 	"github.com/safing/portmaster/network"
 	"github.com/safing/portmaster/network/packet"
 	"github.com/safing/portmaster/updates"
 )
 
+var useOldKext = false
+
 // start starts the interception.
 func startInterception(packets chan packet.Packet) error {
 	kextFile, err := updates.GetPlatformFile("kext/portmaster-kext.sys")
@@ -18,88 +22,131 @@ func startInterception(packets chan packet.Packet) error {
 		return fmt.Errorf("interception: could not get kext sys: %s", err)
 	}
 
-	err = windowskext.Init(kextFile.Path())
+	err = kext2.Init(kextFile.Path())
 	if err != nil {
 		return fmt.Errorf("interception: could not init windows kext: %s", err)
 	}
 
-	err = windowskext.Start()
+	err = kext2.Start()
 	if err != nil {
 		return fmt.Errorf("interception: could not start windows kext: %s", err)
 	}
 
-	// Start packet handler.
+	version, err := kext2.GetVersion()
-	module.StartServiceWorker("kext packet handler", 0, func(ctx context.Context) error {
+	if err != nil {
-		windowskext.Handler(ctx, packets, BandwidthUpdates)
+		return fmt.Errorf("interception: failed to read version: %s", err)
-		return nil
+	}
-	})
+	log.Debugf("Kext version: %s", version.String())
 
-	// Start bandwidth stats monitor.
+	if version.Minor < 2 {
-	module.StartServiceWorker("kext bandwidth request worker", 0, func(ctx context.Context) error {
+		useOldKext = true
-		timer := time.NewTicker(1 * time.Second)
+
-		for {
+		// Transfer ownership.
-			select {
+		kext1.SetKextHandler(kext2.GetKextHandle())
-			case <-timer.C:
+		kext1.SetKextService(kext2.GetKextServiceHandle(), kextFile.Path())
-				{
+
-					err := windowskext.SendBandwidthStatsRequest()
+		// Start packet handler.
-					if err != nil {
+		module.StartServiceWorker("kext packet handler", 0, func(ctx context.Context) error {
-						return err
+			kext1.Handler(ctx, packets)
+			return nil
+		})
+
+		// Start bandwidth stats monitor.
+		module.StartServiceWorker("kext bandwidth stats monitor", 0, func(ctx context.Context) error {
+			return kext1.BandwidthStatsWorker(ctx, 1*time.Second, BandwidthUpdates)
+		})
+	} else {
+
+		// Start packet handler.
+		module.StartServiceWorker("kext packet handler", 0, func(ctx context.Context) error {
+			kext2.Handler(ctx, packets, BandwidthUpdates)
+			return nil
+		})
+
+		// Start bandwidth stats monitor.
+		module.StartServiceWorker("kext bandwidth request worker", 0, func(ctx context.Context) error {
+			timer := time.NewTicker(1 * time.Second)
+			for {
+				select {
+				case <-timer.C:
+					{
+						err := kext2.SendBandwidthStatsRequest()
+						if err != nil {
+							return err
+						}
+					}
+				case <-ctx.Done():
+					{
+						return nil
 					}
 				}
-			case <-ctx.Done():
+
-				{
-					return nil
-				}
 			}
+		})
 
-		}
+		// Start kext logging. The worker will periodically send request to the kext to send logs.
-	})
+		module.StartServiceWorker("kext log request worker", 0, func(ctx context.Context) error {
-
+			timer := time.NewTicker(1 * time.Second)
-	// Start kext logging. The worker will periodically send request to the kext to send logs.
+			for {
-	module.StartServiceWorker("kext log request worker", 0, func(ctx context.Context) error {
+				select {
-		timer := time.NewTicker(1 * time.Second)
+				case <-timer.C:
-		for {
+					{
-			select {
+						err := kext2.SendLogRequest()
-			case <-timer.C:
+						if err != nil {
-				{
+							return err
-					err := windowskext.SendLogRequest()
+						}
-					if err != nil {
+					}
-						return err
+				case <-ctx.Done():
+					{
+						return nil
 					}
 				}
-			case <-ctx.Done():
-				{
-					return nil
-				}
-			}
 
-		}
+			}
-	})
+		})
+	}
 
 	return nil
 }
 
 // stop starts the interception.
 func stopInterception() error {
-	return windowskext.Stop()
+	if useOldKext {
+		return kext1.Stop()
+	}
+	return kext2.Stop()
 }
 
 // ResetVerdictOfAllConnections resets all connections so they are forced to go thought the firewall again.
 func ResetVerdictOfAllConnections() error {
-	return windowskext.ClearCache()
+	if useOldKext {
+		return kext1.ClearCache()
+	}
+	return kext2.ClearCache()
 }
 
 // UpdateVerdictOfConnection updates the verdict of the given connection in the kernel extension.
 func UpdateVerdictOfConnection(conn *network.Connection) error {
-	return windowskext.UpdateVerdict(conn)
+	if useOldKext {
+		return kext1.UpdateVerdict(conn)
+	}
+	return kext2.UpdateVerdict(conn)
 }
 
 // GetKextVersion returns the version of the kernel extension.
 func GetKextVersion() (string, error) {
-	version, err := windowskext.GetVersion()
+	if useOldKext {
-	if err != nil {
+		version, err := kext1.GetVersion()
-		return "", err
+		if err != nil {
+			return "", err
+		}
+		return version.String(), nil
+	} else {
+		version, err := kext2.GetVersion()
+		if err != nil {
+			return "", err
+		}
+		return version.String(), nil
 	}
 
-	return version.String(), nil
 }

firewall/interception/windowskext/kext.go

@@ -76,6 +76,15 @@ func Start() error {
 	return nil
 }
 
+func SetKextHandler(handle windows.Handle) {
+	kextHandle = handle
+}
+
+func SetKextService(handle windows.Handle, path string) {
+	service = &KextService{handle: handle}
+	driverPath = path
+}
+
 // Stop intercepting.
 func Stop() error {
 	// Prepare kernel for shutdown

firewall/interception/windowskext2/handler.go

@@ -18,14 +18,14 @@ import (
 )
 
 type VersionInfo struct {
-	major    uint8
+	Major    uint8
-	minor    uint8
+	Minor    uint8
-	revision uint8
+	Revision uint8
-	build    uint8
+	Build    uint8
 }
 
 func (v *VersionInfo) String() string {
-	return fmt.Sprintf("%d.%d.%d.%d", v.major, v.minor, v.revision, v.build)
+	return fmt.Sprintf("%d.%d.%d.%d", v.Major, v.Minor, v.Revision, v.Build)
 }
 
 // Handler transforms received packets to the Packet interface.

firewall/interception/windowskext2/kext.go

@@ -9,6 +9,7 @@ import (
 	"github.com/safing/portbase/log"
 	"github.com/safing/portmaster/network"
 	"github.com/vlabo/portmaster_windows_rust_kext/kext_interface"
+	"golang.org/x/sys/windows"
 )
 
 // Package errors
@@ -49,6 +50,14 @@ func Start() error {
 	return nil
 }
 
+func GetKextHandle() windows.Handle {
+	return kextFile.GetHandle()
+}
+
+func GetKextServiceHandle() windows.Handle {
+	return service.GetHandle()
+}
+
 // Stop intercepting.
 func Stop() error {
 	// Prepare kernel for shutdown
@@ -129,10 +138,10 @@ func GetVersion() (*VersionInfo, error) {
 	}
 
 	version := &VersionInfo{
-		major:    data[0],
+		Major:    data[0],
-		minor:    data[1],
+		Minor:    data[1],
-		revision: data[2],
+		Revision: data[2],
-		build:    data[3],
+		Build:    data[3],
 	}
 	return version, nil
 }