1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 1995 Søren Schmidt
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include "opt_inet6.h"
30
31 #include <sys/param.h>
32 #include <sys/capsicum.h>
33 #include <sys/domain.h>
34 #include <sys/filedesc.h>
35 #include <sys/limits.h>
36 #include <sys/malloc.h>
37 #include <sys/mbuf.h>
38 #include <sys/proc.h>
39 #include <sys/protosw.h>
40 #include <sys/socket.h>
41 #include <sys/socketvar.h>
42 #include <sys/syscallsubr.h>
43 #include <sys/sysproto.h>
44 #include <sys/vnode.h>
45 #include <sys/un.h>
46 #include <sys/unistd.h>
47
48 #include <security/audit/audit.h>
49
50 #include <net/if.h>
51 #include <net/vnet.h>
52 #include <netinet/in.h>
53 #include <netinet/ip.h>
54 #include <netinet/tcp.h>
55 #ifdef INET6
56 #include <netinet/icmp6.h>
57 #include <netinet/ip6.h>
58 #include <netinet6/ip6_var.h>
59 #endif
60
61 #ifdef COMPAT_LINUX32
62 #include <compat/freebsd32/freebsd32_util.h>
63 #include <machine/../linux32/linux.h>
64 #include <machine/../linux32/linux32_proto.h>
65 #else
66 #include <machine/../linux/linux.h>
67 #include <machine/../linux/linux_proto.h>
68 #endif
69 #include <compat/linux/linux_common.h>
70 #include <compat/linux/linux_emul.h>
71 #include <compat/linux/linux_file.h>
72 #include <compat/linux/linux_mib.h>
73 #include <compat/linux/linux_socket.h>
74 #include <compat/linux/linux_time.h>
75 #include <compat/linux/linux_util.h>
76
77 _Static_assert(offsetof(struct l_ifreq, ifr_ifru) ==
78 offsetof(struct ifreq, ifr_ifru),
79 "Linux ifreq members names should be equal to FreeeBSD");
80 _Static_assert(offsetof(struct l_ifreq, ifr_index) ==
81 offsetof(struct ifreq, ifr_index),
82 "Linux ifreq members names should be equal to FreeeBSD");
83 _Static_assert(offsetof(struct l_ifreq, ifr_name) ==
84 offsetof(struct ifreq, ifr_name),
85 "Linux ifreq members names should be equal to FreeeBSD");
86
87 #define SECURITY_CONTEXT_STRING "unconfined"
88
89 static int linux_sendmsg_common(struct thread *, l_int, struct l_msghdr *,
90 l_uint);
91 static int linux_recvmsg_common(struct thread *, l_int, struct l_msghdr *,
92 l_uint, struct msghdr *);
93 static int linux_set_socket_flags(int, int *);
94
95 #define SOL_NETLINK 270
96
97 static int
linux_to_bsd_sockopt_level(int level)98 linux_to_bsd_sockopt_level(int level)
99 {
100
101 if (level == LINUX_SOL_SOCKET)
102 return (SOL_SOCKET);
103 /* Remaining values are RFC-defined protocol numbers. */
104 return (level);
105 }
106
107 static int
bsd_to_linux_sockopt_level(int level)108 bsd_to_linux_sockopt_level(int level)
109 {
110
111 if (level == SOL_SOCKET)
112 return (LINUX_SOL_SOCKET);
113 return (level);
114 }
115
116 static int
linux_to_bsd_ip_sockopt(int opt)117 linux_to_bsd_ip_sockopt(int opt)
118 {
119
120 switch (opt) {
121 /* known and translated sockopts */
122 case LINUX_IP_TOS:
123 return (IP_TOS);
124 case LINUX_IP_TTL:
125 return (IP_TTL);
126 case LINUX_IP_HDRINCL:
127 return (IP_HDRINCL);
128 case LINUX_IP_OPTIONS:
129 return (IP_OPTIONS);
130 case LINUX_IP_RECVOPTS:
131 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_RECVOPTS");
132 return (IP_RECVOPTS);
133 case LINUX_IP_RETOPTS:
134 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_REETOPTS");
135 return (IP_RETOPTS);
136 case LINUX_IP_RECVTTL:
137 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_RECVTTL");
138 return (IP_RECVTTL);
139 case LINUX_IP_RECVTOS:
140 return (IP_RECVTOS);
141 case LINUX_IP_FREEBIND:
142 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_FREEBIND");
143 return (IP_BINDANY);
144 case LINUX_IP_IPSEC_POLICY:
145 /* we have this option, but not documented in ip(4) manpage */
146 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_IPSEC_POLICY");
147 return (IP_IPSEC_POLICY);
148 case LINUX_IP_MINTTL:
149 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_MINTTL");
150 return (IP_MINTTL);
151 case LINUX_IP_MULTICAST_IF:
152 return (IP_MULTICAST_IF);
153 case LINUX_IP_MULTICAST_TTL:
154 return (IP_MULTICAST_TTL);
155 case LINUX_IP_MULTICAST_LOOP:
156 return (IP_MULTICAST_LOOP);
157 case LINUX_IP_ADD_MEMBERSHIP:
158 return (IP_ADD_MEMBERSHIP);
159 case LINUX_IP_DROP_MEMBERSHIP:
160 return (IP_DROP_MEMBERSHIP);
161 case LINUX_IP_UNBLOCK_SOURCE:
162 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_UNBLOCK_SOURCE");
163 return (IP_UNBLOCK_SOURCE);
164 case LINUX_IP_BLOCK_SOURCE:
165 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_BLOCK_SOURCE");
166 return (IP_BLOCK_SOURCE);
167 case LINUX_IP_ADD_SOURCE_MEMBERSHIP:
168 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_ADD_SOURCE_MEMBERSHIP");
169 return (IP_ADD_SOURCE_MEMBERSHIP);
170 case LINUX_IP_DROP_SOURCE_MEMBERSHIP:
171 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_DROP_SOURCE_MEMBERSHIP");
172 return (IP_DROP_SOURCE_MEMBERSHIP);
173 case LINUX_MCAST_JOIN_GROUP:
174 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_MCAST_JOIN_GROUP");
175 return (MCAST_JOIN_GROUP);
176 case LINUX_MCAST_LEAVE_GROUP:
177 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_MCAST_LEAVE_GROUP");
178 return (MCAST_LEAVE_GROUP);
179 case LINUX_MCAST_JOIN_SOURCE_GROUP:
180 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_MCAST_JOIN_SOURCE_GROUP");
181 return (MCAST_JOIN_SOURCE_GROUP);
182 case LINUX_MCAST_LEAVE_SOURCE_GROUP:
183 LINUX_RATELIMIT_MSG_NOTTESTED("IPv4 socket option IP_MCAST_LEAVE_SOURCE_GROUP");
184 return (MCAST_LEAVE_SOURCE_GROUP);
185 case LINUX_IP_RECVORIGDSTADDR:
186 return (IP_RECVORIGDSTADDR);
187
188 /* known but not implemented sockopts */
189 case LINUX_IP_ROUTER_ALERT:
190 LINUX_RATELIMIT_MSG_OPT1(
191 "unsupported IPv4 socket option IP_ROUTER_ALERT (%d), you can not do user-space routing from linux programs",
192 opt);
193 return (-2);
194 case LINUX_IP_PKTINFO:
195 LINUX_RATELIMIT_MSG_OPT1(
196 "unsupported IPv4 socket option IP_PKTINFO (%d), you can not get extended packet info for datagram sockets in linux programs",
197 opt);
198 return (-2);
199 case LINUX_IP_PKTOPTIONS:
200 LINUX_RATELIMIT_MSG_OPT1(
201 "unsupported IPv4 socket option IP_PKTOPTIONS (%d)",
202 opt);
203 return (-2);
204 case LINUX_IP_MTU_DISCOVER:
205 LINUX_RATELIMIT_MSG_OPT1(
206 "unsupported IPv4 socket option IP_MTU_DISCOVER (%d), your linux program can not control path-MTU discovery",
207 opt);
208 return (-2);
209 case LINUX_IP_RECVERR:
210 /* needed by steam */
211 LINUX_RATELIMIT_MSG_OPT1(
212 "unsupported IPv4 socket option IP_RECVERR (%d), you can not get extended reliability info in linux programs",
213 opt);
214 return (-2);
215 case LINUX_IP_MTU:
216 LINUX_RATELIMIT_MSG_OPT1(
217 "unsupported IPv4 socket option IP_MTU (%d), your linux program can not control the MTU on this socket",
218 opt);
219 return (-2);
220 case LINUX_IP_XFRM_POLICY:
221 LINUX_RATELIMIT_MSG_OPT1(
222 "unsupported IPv4 socket option IP_XFRM_POLICY (%d)",
223 opt);
224 return (-2);
225 case LINUX_IP_PASSSEC:
226 /* needed by steam */
227 LINUX_RATELIMIT_MSG_OPT1(
228 "unsupported IPv4 socket option IP_PASSSEC (%d), you can not get IPSEC related credential information associated with this socket in linux programs -- if you do not use IPSEC, you can ignore this",
229 opt);
230 return (-2);
231 case LINUX_IP_TRANSPARENT:
232 /* IP_BINDANY or more? */
233 LINUX_RATELIMIT_MSG_OPT1(
234 "unsupported IPv4 socket option IP_TRANSPARENT (%d), you can not enable transparent proxying in linux programs -- note, IP_FREEBIND is supported, no idea if the FreeBSD IP_BINDANY is equivalent to the Linux IP_TRANSPARENT or not, any info is welcome",
235 opt);
236 return (-2);
237 case LINUX_IP_NODEFRAG:
238 LINUX_RATELIMIT_MSG_OPT1(
239 "unsupported IPv4 socket option IP_NODEFRAG (%d)",
240 opt);
241 return (-2);
242 case LINUX_IP_CHECKSUM:
243 LINUX_RATELIMIT_MSG_OPT1(
244 "unsupported IPv4 socket option IP_CHECKSUM (%d)",
245 opt);
246 return (-2);
247 case LINUX_IP_BIND_ADDRESS_NO_PORT:
248 LINUX_RATELIMIT_MSG_OPT1(
249 "unsupported IPv4 socket option IP_BIND_ADDRESS_NO_PORT (%d)",
250 opt);
251 return (-2);
252 case LINUX_IP_RECVFRAGSIZE:
253 LINUX_RATELIMIT_MSG_OPT1(
254 "unsupported IPv4 socket option IP_RECVFRAGSIZE (%d)",
255 opt);
256 return (-2);
257 case LINUX_MCAST_MSFILTER:
258 LINUX_RATELIMIT_MSG_OPT1(
259 "unsupported IPv4 socket option IP_MCAST_MSFILTER (%d)",
260 opt);
261 return (-2);
262 case LINUX_IP_MULTICAST_ALL:
263 LINUX_RATELIMIT_MSG_OPT1(
264 "unsupported IPv4 socket option IP_MULTICAST_ALL (%d), your linux program will not see all multicast groups joined by the entire system, only those the program joined itself on this socket",
265 opt);
266 return (-2);
267 case LINUX_IP_UNICAST_IF:
268 LINUX_RATELIMIT_MSG_OPT1(
269 "unsupported IPv4 socket option IP_UNICAST_IF (%d)",
270 opt);
271 return (-2);
272
273 /* unknown sockopts */
274 default:
275 return (-1);
276 }
277 }
278
279 static int
linux_to_bsd_ip6_sockopt(int opt)280 linux_to_bsd_ip6_sockopt(int opt)
281 {
282
283 switch (opt) {
284 /* known and translated sockopts */
285 case LINUX_IPV6_2292PKTINFO:
286 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_2292PKTINFO");
287 return (IPV6_2292PKTINFO);
288 case LINUX_IPV6_2292HOPOPTS:
289 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_2292HOPOPTS");
290 return (IPV6_2292HOPOPTS);
291 case LINUX_IPV6_2292DSTOPTS:
292 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_2292DSTOPTS");
293 return (IPV6_2292DSTOPTS);
294 case LINUX_IPV6_2292RTHDR:
295 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_2292RTHDR");
296 return (IPV6_2292RTHDR);
297 case LINUX_IPV6_2292PKTOPTIONS:
298 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_2292PKTOPTIONS");
299 return (IPV6_2292PKTOPTIONS);
300 case LINUX_IPV6_CHECKSUM:
301 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_CHECKSUM");
302 return (IPV6_CHECKSUM);
303 case LINUX_IPV6_2292HOPLIMIT:
304 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_2292HOPLIMIT");
305 return (IPV6_2292HOPLIMIT);
306 case LINUX_IPV6_NEXTHOP:
307 return (IPV6_NEXTHOP);
308 case LINUX_IPV6_UNICAST_HOPS:
309 return (IPV6_UNICAST_HOPS);
310 case LINUX_IPV6_MULTICAST_IF:
311 return (IPV6_MULTICAST_IF);
312 case LINUX_IPV6_MULTICAST_HOPS:
313 return (IPV6_MULTICAST_HOPS);
314 case LINUX_IPV6_MULTICAST_LOOP:
315 return (IPV6_MULTICAST_LOOP);
316 case LINUX_IPV6_ADD_MEMBERSHIP:
317 return (IPV6_JOIN_GROUP);
318 case LINUX_IPV6_DROP_MEMBERSHIP:
319 return (IPV6_LEAVE_GROUP);
320 case LINUX_IPV6_V6ONLY:
321 return (IPV6_V6ONLY);
322 case LINUX_IPV6_IPSEC_POLICY:
323 /* we have this option, but not documented in ip6(4) manpage */
324 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_IPSEC_POLICY");
325 return (IPV6_IPSEC_POLICY);
326 case LINUX_MCAST_JOIN_GROUP:
327 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_JOIN_GROUP");
328 return (IPV6_JOIN_GROUP);
329 case LINUX_MCAST_LEAVE_GROUP:
330 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_LEAVE_GROUP");
331 return (IPV6_LEAVE_GROUP);
332 case LINUX_IPV6_RECVPKTINFO:
333 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RECVPKTINFO");
334 return (IPV6_RECVPKTINFO);
335 case LINUX_IPV6_PKTINFO:
336 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_PKTINFO");
337 return (IPV6_PKTINFO);
338 case LINUX_IPV6_RECVHOPLIMIT:
339 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RECVHOPLIMIT");
340 return (IPV6_RECVHOPLIMIT);
341 case LINUX_IPV6_HOPLIMIT:
342 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_HOPLIMIT");
343 return (IPV6_HOPLIMIT);
344 case LINUX_IPV6_RECVHOPOPTS:
345 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RECVHOPOPTS");
346 return (IPV6_RECVHOPOPTS);
347 case LINUX_IPV6_HOPOPTS:
348 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_HOPOPTS");
349 return (IPV6_HOPOPTS);
350 case LINUX_IPV6_RTHDRDSTOPTS:
351 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RTHDRDSTOPTS");
352 return (IPV6_RTHDRDSTOPTS);
353 case LINUX_IPV6_RECVRTHDR:
354 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RECVRTHDR");
355 return (IPV6_RECVRTHDR);
356 case LINUX_IPV6_RTHDR:
357 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RTHDR");
358 return (IPV6_RTHDR);
359 case LINUX_IPV6_RECVDSTOPTS:
360 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RECVDSTOPTS");
361 return (IPV6_RECVDSTOPTS);
362 case LINUX_IPV6_DSTOPTS:
363 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_DSTOPTS");
364 return (IPV6_DSTOPTS);
365 case LINUX_IPV6_RECVPATHMTU:
366 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_RECVPATHMTU");
367 return (IPV6_RECVPATHMTU);
368 case LINUX_IPV6_PATHMTU:
369 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_PATHMTU");
370 return (IPV6_PATHMTU);
371 case LINUX_IPV6_DONTFRAG:
372 return (IPV6_DONTFRAG);
373 case LINUX_IPV6_AUTOFLOWLABEL:
374 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_AUTOFLOWLABEL");
375 return (IPV6_AUTOFLOWLABEL);
376 case LINUX_IPV6_ORIGDSTADDR:
377 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_ORIGDSTADDR");
378 return (IPV6_ORIGDSTADDR);
379 case LINUX_IPV6_FREEBIND:
380 LINUX_RATELIMIT_MSG_NOTTESTED("IPv6 socket option IPV6_FREEBIND");
381 return (IPV6_BINDANY);
382
383 /* known but not implemented sockopts */
384 case LINUX_IPV6_ADDRFORM:
385 LINUX_RATELIMIT_MSG_OPT1(
386 "unsupported IPv6 socket option IPV6_ADDRFORM (%d), you linux program can not convert the socket to IPv4",
387 opt);
388 return (-2);
389 case LINUX_IPV6_AUTHHDR:
390 LINUX_RATELIMIT_MSG_OPT1(
391 "unsupported IPv6 socket option IPV6_AUTHHDR (%d), your linux program can not get the authentication header info of IPv6 packets",
392 opt);
393 return (-2);
394 case LINUX_IPV6_FLOWINFO:
395 LINUX_RATELIMIT_MSG_OPT1(
396 "unsupported IPv6 socket option IPV6_FLOWINFO (%d), your linux program can not get the flowid of IPv6 packets",
397 opt);
398 return (-2);
399 case LINUX_IPV6_ROUTER_ALERT:
400 LINUX_RATELIMIT_MSG_OPT1(
401 "unsupported IPv6 socket option IPV6_ROUTER_ALERT (%d), you can not do user-space routing from linux programs",
402 opt);
403 return (-2);
404 case LINUX_IPV6_MTU_DISCOVER:
405 LINUX_RATELIMIT_MSG_OPT1(
406 "unsupported IPv6 socket option IPV6_MTU_DISCOVER (%d), your linux program can not control path-MTU discovery",
407 opt);
408 return (-2);
409 case LINUX_IPV6_MTU:
410 LINUX_RATELIMIT_MSG_OPT1(
411 "unsupported IPv6 socket option IPV6_MTU (%d), your linux program can not control the MTU on this socket",
412 opt);
413 return (-2);
414 case LINUX_IPV6_JOIN_ANYCAST:
415 LINUX_RATELIMIT_MSG_OPT1(
416 "unsupported IPv6 socket option IPV6_JOIN_ANYCAST (%d)",
417 opt);
418 return (-2);
419 case LINUX_IPV6_LEAVE_ANYCAST:
420 LINUX_RATELIMIT_MSG_OPT1(
421 "unsupported IPv6 socket option IPV6_LEAVE_ANYCAST (%d)",
422 opt);
423 return (-2);
424 case LINUX_IPV6_MULTICAST_ALL:
425 LINUX_RATELIMIT_MSG_OPT1(
426 "unsupported IPv6 socket option IPV6_MULTICAST_ALL (%d)",
427 opt);
428 return (-2);
429 case LINUX_IPV6_ROUTER_ALERT_ISOLATE:
430 LINUX_RATELIMIT_MSG_OPT1(
431 "unsupported IPv6 socket option IPV6_ROUTER_ALERT_ISOLATE (%d)",
432 opt);
433 return (-2);
434 case LINUX_IPV6_FLOWLABEL_MGR:
435 LINUX_RATELIMIT_MSG_OPT1(
436 "unsupported IPv6 socket option IPV6_FLOWLABEL_MGR (%d)",
437 opt);
438 return (-2);
439 case LINUX_IPV6_FLOWINFO_SEND:
440 LINUX_RATELIMIT_MSG_OPT1(
441 "unsupported IPv6 socket option IPV6_FLOWINFO_SEND (%d)",
442 opt);
443 return (-2);
444 case LINUX_IPV6_XFRM_POLICY:
445 LINUX_RATELIMIT_MSG_OPT1(
446 "unsupported IPv6 socket option IPV6_XFRM_POLICY (%d)",
447 opt);
448 return (-2);
449 case LINUX_IPV6_HDRINCL:
450 LINUX_RATELIMIT_MSG_OPT1(
451 "unsupported IPv6 socket option IPV6_HDRINCL (%d)",
452 opt);
453 return (-2);
454 case LINUX_MCAST_BLOCK_SOURCE:
455 LINUX_RATELIMIT_MSG_OPT1(
456 "unsupported IPv6 socket option MCAST_BLOCK_SOURCE (%d), your linux program may see more multicast stuff than it wants",
457 opt);
458 return (-2);
459 case LINUX_MCAST_UNBLOCK_SOURCE:
460 LINUX_RATELIMIT_MSG_OPT1(
461 "unsupported IPv6 socket option MCAST_UNBLOCK_SOURCE (%d), your linux program may not see all the multicast stuff it wants",
462 opt);
463 return (-2);
464 case LINUX_MCAST_JOIN_SOURCE_GROUP:
465 LINUX_RATELIMIT_MSG_OPT1(
466 "unsupported IPv6 socket option MCAST_JOIN_SOURCE_GROUP (%d), your linux program is not able to join a multicast source group",
467 opt);
468 return (-2);
469 case LINUX_MCAST_LEAVE_SOURCE_GROUP:
470 LINUX_RATELIMIT_MSG_OPT1(
471 "unsupported IPv6 socket option MCAST_LEAVE_SOURCE_GROUP (%d), your linux program is not able to leave a multicast source group -- but it was also not able to join one, so no issue",
472 opt);
473 return (-2);
474 case LINUX_MCAST_MSFILTER:
475 LINUX_RATELIMIT_MSG_OPT1(
476 "unsupported IPv6 socket option MCAST_MSFILTER (%d), your linux program can not manipulate the multicast filter, it may see more multicast data than it wants to see",
477 opt);
478 return (-2);
479 case LINUX_IPV6_ADDR_PREFERENCES:
480 LINUX_RATELIMIT_MSG_OPT1(
481 "unsupported IPv6 socket option IPV6_ADDR_PREFERENCES (%d)",
482 opt);
483 return (-2);
484 case LINUX_IPV6_MINHOPCOUNT:
485 LINUX_RATELIMIT_MSG_OPT1(
486 "unsupported IPv6 socket option IPV6_MINHOPCOUNT (%d)",
487 opt);
488 return (-2);
489 case LINUX_IPV6_TRANSPARENT:
490 /* IP_BINDANY or more? */
491 LINUX_RATELIMIT_MSG_OPT1(
492 "unsupported IPv6 socket option IPV6_TRANSPARENT (%d), you can not enable transparent proxying in linux programs -- note, IP_FREEBIND is supported, no idea if the FreeBSD IP_BINDANY is equivalent to the Linux IP_TRANSPARENT or not, any info is welcome",
493 opt);
494 return (-2);
495 case LINUX_IPV6_UNICAST_IF:
496 LINUX_RATELIMIT_MSG_OPT1(
497 "unsupported IPv6 socket option IPV6_UNICAST_IF (%d)",
498 opt);
499 return (-2);
500 case LINUX_IPV6_RECVFRAGSIZE:
501 LINUX_RATELIMIT_MSG_OPT1(
502 "unsupported IPv6 socket option IPV6_RECVFRAGSIZE (%d)",
503 opt);
504 return (-2);
505 case LINUX_IPV6_RECVERR:
506 LINUX_RATELIMIT_MSG_OPT1(
507 "unsupported IPv6 socket option IPV6_RECVERR (%d), you can not get extended reliability info in linux programs",
508 opt);
509 return (-2);
510
511 /* unknown sockopts */
512 default:
513 return (-1);
514 }
515 }
516
517 static int
linux_to_bsd_so_sockopt(int opt)518 linux_to_bsd_so_sockopt(int opt)
519 {
520
521 switch (opt) {
522 case LINUX_SO_DEBUG:
523 return (SO_DEBUG);
524 case LINUX_SO_REUSEADDR:
525 return (SO_REUSEADDR);
526 case LINUX_SO_TYPE:
527 return (SO_TYPE);
528 case LINUX_SO_ERROR:
529 return (SO_ERROR);
530 case LINUX_SO_DONTROUTE:
531 return (SO_DONTROUTE);
532 case LINUX_SO_BROADCAST:
533 return (SO_BROADCAST);
534 case LINUX_SO_SNDBUF:
535 case LINUX_SO_SNDBUFFORCE:
536 return (SO_SNDBUF);
537 case LINUX_SO_RCVBUF:
538 case LINUX_SO_RCVBUFFORCE:
539 return (SO_RCVBUF);
540 case LINUX_SO_KEEPALIVE:
541 return (SO_KEEPALIVE);
542 case LINUX_SO_OOBINLINE:
543 return (SO_OOBINLINE);
544 case LINUX_SO_LINGER:
545 return (SO_LINGER);
546 case LINUX_SO_REUSEPORT:
547 return (SO_REUSEPORT_LB);
548 case LINUX_SO_PASSCRED:
549 return (LOCAL_CREDS_PERSISTENT);
550 case LINUX_SO_PEERCRED:
551 return (LOCAL_PEERCRED);
552 case LINUX_SO_RCVLOWAT:
553 return (SO_RCVLOWAT);
554 case LINUX_SO_SNDLOWAT:
555 return (SO_SNDLOWAT);
556 case LINUX_SO_RCVTIMEO:
557 return (SO_RCVTIMEO);
558 case LINUX_SO_SNDTIMEO:
559 return (SO_SNDTIMEO);
560 case LINUX_SO_TIMESTAMPO:
561 case LINUX_SO_TIMESTAMPN:
562 return (SO_TIMESTAMP);
563 case LINUX_SO_TIMESTAMPNSO:
564 case LINUX_SO_TIMESTAMPNSN:
565 return (SO_BINTIME);
566 case LINUX_SO_ACCEPTCONN:
567 return (SO_ACCEPTCONN);
568 case LINUX_SO_PROTOCOL:
569 return (SO_PROTOCOL);
570 case LINUX_SO_DOMAIN:
571 return (SO_DOMAIN);
572 }
573 return (-1);
574 }
575
576 static int
linux_to_bsd_tcp_sockopt(int opt)577 linux_to_bsd_tcp_sockopt(int opt)
578 {
579
580 switch (opt) {
581 case LINUX_TCP_NODELAY:
582 return (TCP_NODELAY);
583 case LINUX_TCP_MAXSEG:
584 return (TCP_MAXSEG);
585 case LINUX_TCP_CORK:
586 return (TCP_NOPUSH);
587 case LINUX_TCP_KEEPIDLE:
588 return (TCP_KEEPIDLE);
589 case LINUX_TCP_KEEPINTVL:
590 return (TCP_KEEPINTVL);
591 case LINUX_TCP_KEEPCNT:
592 return (TCP_KEEPCNT);
593 case LINUX_TCP_INFO:
594 LINUX_RATELIMIT_MSG_OPT1(
595 "unsupported TCP socket option TCP_INFO (%d)", opt);
596 return (-2);
597 case LINUX_TCP_MD5SIG:
598 return (TCP_MD5SIG);
599 case LINUX_TCP_USER_TIMEOUT:
600 return (TCP_MAXUNACKTIME);
601 }
602 return (-1);
603 }
604
605 static u_int
linux_to_bsd_tcp_user_timeout(l_uint linux_timeout)606 linux_to_bsd_tcp_user_timeout(l_uint linux_timeout)
607 {
608
609 /*
610 * Linux exposes TCP_USER_TIMEOUT in milliseconds while
611 * TCP_MAXUNACKTIME uses whole seconds. Round up partial
612 * seconds so a non-zero Linux timeout never becomes zero.
613 */
614 return (howmany(linux_timeout, 1000U));
615 }
616
617 static l_uint
bsd_to_linux_tcp_user_timeout(u_int bsd_timeout)618 bsd_to_linux_tcp_user_timeout(u_int bsd_timeout)
619 {
620
621 if (bsd_timeout > UINT_MAX / 1000U)
622 return (UINT_MAX);
623
624 return (bsd_timeout * 1000U);
625 }
626
627 #ifdef INET6
628 static int
linux_to_bsd_icmp6_sockopt(int opt)629 linux_to_bsd_icmp6_sockopt(int opt)
630 {
631
632 switch (opt) {
633 case LINUX_ICMP6_FILTER:
634 return (ICMP6_FILTER);
635 }
636 return (-1);
637 }
638 #endif
639
640 static int
linux_to_bsd_msg_flags(int flags)641 linux_to_bsd_msg_flags(int flags)
642 {
643 int ret_flags = 0;
644
645 if (flags & LINUX_MSG_OOB)
646 ret_flags |= MSG_OOB;
647 if (flags & LINUX_MSG_PEEK)
648 ret_flags |= MSG_PEEK;
649 if (flags & LINUX_MSG_DONTROUTE)
650 ret_flags |= MSG_DONTROUTE;
651 if (flags & LINUX_MSG_CTRUNC)
652 ret_flags |= MSG_CTRUNC;
653 if (flags & LINUX_MSG_TRUNC)
654 ret_flags |= MSG_TRUNC;
655 if (flags & LINUX_MSG_DONTWAIT)
656 ret_flags |= MSG_DONTWAIT;
657 if (flags & LINUX_MSG_EOR)
658 ret_flags |= MSG_EOR;
659 if (flags & LINUX_MSG_WAITALL)
660 ret_flags |= MSG_WAITALL;
661 if (flags & LINUX_MSG_NOSIGNAL)
662 ret_flags |= MSG_NOSIGNAL;
663 if (flags & LINUX_MSG_PROXY)
664 LINUX_RATELIMIT_MSG_OPT1("socket message flag MSG_PROXY (%d) not handled",
665 LINUX_MSG_PROXY);
666 if (flags & LINUX_MSG_FIN)
667 LINUX_RATELIMIT_MSG_OPT1("socket message flag MSG_FIN (%d) not handled",
668 LINUX_MSG_FIN);
669 if (flags & LINUX_MSG_SYN)
670 LINUX_RATELIMIT_MSG_OPT1("socket message flag MSG_SYN (%d) not handled",
671 LINUX_MSG_SYN);
672 if (flags & LINUX_MSG_CONFIRM)
673 LINUX_RATELIMIT_MSG_OPT1("socket message flag MSG_CONFIRM (%d) not handled",
674 LINUX_MSG_CONFIRM);
675 if (flags & LINUX_MSG_RST)
676 LINUX_RATELIMIT_MSG_OPT1("socket message flag MSG_RST (%d) not handled",
677 LINUX_MSG_RST);
678 if (flags & LINUX_MSG_ERRQUEUE)
679 LINUX_RATELIMIT_MSG_OPT1("socket message flag MSG_ERRQUEUE (%d) not handled",
680 LINUX_MSG_ERRQUEUE);
681 return (ret_flags);
682 }
683
684 static int
linux_to_bsd_cmsg_type(int cmsg_type)685 linux_to_bsd_cmsg_type(int cmsg_type)
686 {
687
688 switch (cmsg_type) {
689 case LINUX_SCM_RIGHTS:
690 return (SCM_RIGHTS);
691 case LINUX_SCM_CREDENTIALS:
692 return (SCM_CREDS);
693 }
694 return (-1);
695 }
696
697 static int
bsd_to_linux_ip_cmsg_type(int cmsg_type)698 bsd_to_linux_ip_cmsg_type(int cmsg_type)
699 {
700
701 switch (cmsg_type) {
702 case IP_RECVORIGDSTADDR:
703 return (LINUX_IP_RECVORIGDSTADDR);
704 case IP_RECVTOS:
705 return (LINUX_IP_TOS);
706 }
707 return (-1);
708 }
709
710 #ifdef INET6
711 static int
bsd_to_linux_ip6_cmsg_type(int cmsg_type)712 bsd_to_linux_ip6_cmsg_type(int cmsg_type)
713 {
714 switch (cmsg_type) {
715 case IPV6_2292HOPLIMIT:
716 return (LINUX_IPV6_2292HOPLIMIT);
717 case IPV6_HOPLIMIT:
718 return (LINUX_IPV6_HOPLIMIT);
719 }
720 return (-1);
721 }
722 #endif
723
724 static int
bsd_to_linux_cmsg_type(struct proc * p,int cmsg_type,int cmsg_level)725 bsd_to_linux_cmsg_type(struct proc *p, int cmsg_type, int cmsg_level)
726 {
727 struct linux_pemuldata *pem;
728
729 if (cmsg_level == IPPROTO_IP)
730 return (bsd_to_linux_ip_cmsg_type(cmsg_type));
731 #ifdef INET6
732 if (cmsg_level == IPPROTO_IPV6)
733 return (bsd_to_linux_ip6_cmsg_type(cmsg_type));
734 #endif
735 if (cmsg_level != SOL_SOCKET)
736 return (-1);
737
738 pem = pem_find(p);
739
740 switch (cmsg_type) {
741 case SCM_RIGHTS:
742 return (LINUX_SCM_RIGHTS);
743 case SCM_CREDS:
744 return (LINUX_SCM_CREDENTIALS);
745 case SCM_CREDS2:
746 return (LINUX_SCM_CREDENTIALS);
747 case SCM_TIMESTAMP:
748 return (pem->so_timestamp);
749 case SCM_BINTIME:
750 return (pem->so_timestampns);
751 }
752 return (-1);
753 }
754
755 static int
linux_to_bsd_msghdr(struct msghdr * bhdr,const struct l_msghdr * lhdr)756 linux_to_bsd_msghdr(struct msghdr *bhdr, const struct l_msghdr *lhdr)
757 {
758 if (lhdr->msg_controllen > INT_MAX)
759 return (ENOBUFS);
760
761 bhdr->msg_name = PTRIN(lhdr->msg_name);
762 bhdr->msg_namelen = lhdr->msg_namelen;
763 bhdr->msg_iov = PTRIN(lhdr->msg_iov);
764 bhdr->msg_iovlen = lhdr->msg_iovlen;
765 bhdr->msg_control = PTRIN(lhdr->msg_control);
766
767 /*
768 * msg_controllen is skipped since BSD and LINUX control messages
769 * are potentially different sizes (e.g. the cred structure used
770 * by SCM_CREDS is different between the two operating system).
771 *
772 * The caller can set it (if necessary) after converting all the
773 * control messages.
774 */
775
776 bhdr->msg_flags = linux_to_bsd_msg_flags(lhdr->msg_flags);
777 return (0);
778 }
779
780 static int
bsd_to_linux_msghdr(const struct msghdr * bhdr,struct l_msghdr * lhdr)781 bsd_to_linux_msghdr(const struct msghdr *bhdr, struct l_msghdr *lhdr)
782 {
783 lhdr->msg_name = PTROUT(bhdr->msg_name);
784 lhdr->msg_namelen = bhdr->msg_namelen;
785 lhdr->msg_iov = PTROUT(bhdr->msg_iov);
786 lhdr->msg_iovlen = bhdr->msg_iovlen;
787 lhdr->msg_control = PTROUT(bhdr->msg_control);
788
789 /*
790 * msg_controllen is skipped since BSD and LINUX control messages
791 * are potentially different sizes (e.g. the cred structure used
792 * by SCM_CREDS is different between the two operating system).
793 *
794 * The caller can set it (if necessary) after converting all the
795 * control messages.
796 */
797
798 /* msg_flags skipped */
799 return (0);
800 }
801
802 static int
linux_set_socket_flags(int lflags,int * flags)803 linux_set_socket_flags(int lflags, int *flags)
804 {
805
806 if (lflags & ~(LINUX_SOCK_CLOEXEC | LINUX_SOCK_NONBLOCK))
807 return (EINVAL);
808 if (lflags & LINUX_SOCK_NONBLOCK)
809 *flags |= SOCK_NONBLOCK;
810 if (lflags & LINUX_SOCK_CLOEXEC)
811 *flags |= SOCK_CLOEXEC;
812 return (0);
813 }
814
815 static int
linux_copyout_sockaddr(const struct sockaddr * sa,void * uaddr,size_t len)816 linux_copyout_sockaddr(const struct sockaddr *sa, void *uaddr, size_t len)
817 {
818 struct l_sockaddr *lsa;
819 int error;
820
821 error = bsd_to_linux_sockaddr(sa, &lsa, len);
822 if (error != 0)
823 return (error);
824
825 error = copyout(lsa, uaddr, len);
826 free(lsa, M_LINUX);
827
828 return (error);
829 }
830
831 static int
linux_sendit(struct thread * td,int s,struct msghdr * mp,int flags,struct mbuf * control,enum uio_seg segflg)832 linux_sendit(struct thread *td, int s, struct msghdr *mp, int flags,
833 struct mbuf *control, enum uio_seg segflg)
834 {
835 struct sockaddr *to;
836 int error, len;
837
838 if (mp->msg_name != NULL) {
839 len = mp->msg_namelen;
840 error = linux_to_bsd_sockaddr(mp->msg_name, &to, &len);
841 if (error != 0)
842 return (error);
843 mp->msg_name = to;
844 } else
845 to = NULL;
846
847 error = kern_sendit(td, s, mp, linux_to_bsd_msg_flags(flags), control,
848 segflg);
849
850 if (to)
851 free(to, M_SONAME);
852 return (error);
853 }
854
855 /* Return 0 if IP_HDRINCL is set for the given socket. */
856 static int
linux_check_hdrincl(struct thread * td,int s)857 linux_check_hdrincl(struct thread *td, int s)
858 {
859 int error, optval;
860 socklen_t size_val;
861
862 size_val = sizeof(optval);
863 error = kern_getsockopt(td, s, IPPROTO_IP, IP_HDRINCL,
864 &optval, UIO_SYSSPACE, &size_val);
865 if (error != 0)
866 return (error);
867
868 return (optval == 0);
869 }
870
871 /*
872 * Updated sendto() when IP_HDRINCL is set:
873 * tweak endian-dependent fields in the IP packet.
874 */
875 static int
linux_sendto_hdrincl(struct thread * td,struct linux_sendto_args * linux_args)876 linux_sendto_hdrincl(struct thread *td, struct linux_sendto_args *linux_args)
877 {
878 /*
879 * linux_ip_copysize defines how many bytes we should copy
880 * from the beginning of the IP packet before we customize it for BSD.
881 * It should include all the fields we modify (ip_len and ip_off).
882 */
883 #define linux_ip_copysize 8
884
885 struct ip *packet;
886 struct msghdr msg;
887 struct iovec aiov[1];
888 int error;
889
890 /* Check that the packet isn't too big or too small. */
891 if (linux_args->len < linux_ip_copysize ||
892 linux_args->len > IP_MAXPACKET)
893 return (EINVAL);
894
895 packet = (struct ip *)malloc(linux_args->len, M_LINUX, M_WAITOK);
896
897 /* Make kernel copy of the packet to be sent */
898 if ((error = copyin(PTRIN(linux_args->msg), packet,
899 linux_args->len)))
900 goto goout;
901
902 /* Convert fields from Linux to BSD raw IP socket format */
903 packet->ip_len = linux_args->len;
904 packet->ip_off = ntohs(packet->ip_off);
905
906 /* Prepare the msghdr and iovec structures describing the new packet */
907 msg.msg_name = PTRIN(linux_args->to);
908 msg.msg_namelen = linux_args->tolen;
909 msg.msg_iov = aiov;
910 msg.msg_iovlen = 1;
911 msg.msg_control = NULL;
912 msg.msg_flags = 0;
913 aiov[0].iov_base = (char *)packet;
914 aiov[0].iov_len = linux_args->len;
915 error = linux_sendit(td, linux_args->s, &msg, linux_args->flags,
916 NULL, UIO_SYSSPACE);
917 goout:
918 free(packet, M_LINUX);
919 return (error);
920 }
921
922 static const char *linux_netlink_names[] = {
923 [LINUX_NETLINK_ROUTE] = "ROUTE",
924 [LINUX_NETLINK_SOCK_DIAG] = "SOCK_DIAG",
925 [LINUX_NETLINK_NFLOG] = "NFLOG",
926 [LINUX_NETLINK_SELINUX] = "SELINUX",
927 [LINUX_NETLINK_AUDIT] = "AUDIT",
928 [LINUX_NETLINK_FIB_LOOKUP] = "FIB_LOOKUP",
929 [LINUX_NETLINK_NETFILTER] = "NETFILTER",
930 [LINUX_NETLINK_KOBJECT_UEVENT] = "KOBJECT_UEVENT",
931 };
932
933 int
linux_socket(struct thread * td,struct linux_socket_args * args)934 linux_socket(struct thread *td, struct linux_socket_args *args)
935 {
936 int retval_socket, type;
937 sa_family_t domain;
938
939 type = args->type & LINUX_SOCK_TYPE_MASK;
940 if (type < 0 || type > LINUX_SOCK_MAX)
941 return (EINVAL);
942 retval_socket = linux_set_socket_flags(args->type & ~LINUX_SOCK_TYPE_MASK,
943 &type);
944 if (retval_socket != 0)
945 return (retval_socket);
946 domain = linux_to_bsd_domain(args->domain);
947 if (domain == AF_UNKNOWN) {
948 /* Mask off SOCK_NONBLOCK / CLOEXEC for error messages. */
949 type = args->type & LINUX_SOCK_TYPE_MASK;
950 if (args->domain == LINUX_AF_NETLINK &&
951 args->protocol == LINUX_NETLINK_AUDIT) {
952 ; /* Do nothing, quietly. */
953 } else if (args->domain == LINUX_AF_NETLINK) {
954 const char *nl_name;
955
956 if (args->protocol >= 0 &&
957 args->protocol < nitems(linux_netlink_names))
958 nl_name = linux_netlink_names[args->protocol];
959 else
960 nl_name = NULL;
961 if (nl_name != NULL)
962 linux_msg(curthread,
963 "unsupported socket(AF_NETLINK, %d, "
964 "NETLINK_%s)", type, nl_name);
965 else
966 linux_msg(curthread,
967 "unsupported socket(AF_NETLINK, %d, %d)",
968 type, args->protocol);
969 } else {
970 linux_msg(curthread, "unsupported socket domain %d, "
971 "type %d, protocol %d", args->domain, type,
972 args->protocol);
973 }
974 return (EAFNOSUPPORT);
975 }
976
977 retval_socket = kern_socket(td, domain, type, args->protocol);
978 if (retval_socket)
979 return (retval_socket);
980
981 if (type == SOCK_RAW
982 && (args->protocol == IPPROTO_RAW || args->protocol == 0)
983 && domain == PF_INET) {
984 /* It's a raw IP socket: set the IP_HDRINCL option. */
985 int hdrincl;
986
987 hdrincl = 1;
988 /* We ignore any error returned by kern_setsockopt() */
989 kern_setsockopt(td, td->td_retval[0], IPPROTO_IP, IP_HDRINCL,
990 &hdrincl, UIO_SYSSPACE, sizeof(hdrincl));
991 }
992 #ifdef INET6
993 /*
994 * Linux AF_INET6 socket has IPV6_V6ONLY setsockopt set to 0 by default
995 * and some apps depend on this. So, set V6ONLY to 0 for Linux apps.
996 * For simplicity we do this unconditionally of the net.inet6.ip6.v6only
997 * sysctl value.
998 */
999 if (domain == PF_INET6) {
1000 int v6only;
1001
1002 v6only = 0;
1003 /* We ignore any error returned by setsockopt() */
1004 kern_setsockopt(td, td->td_retval[0], IPPROTO_IPV6, IPV6_V6ONLY,
1005 &v6only, UIO_SYSSPACE, sizeof(v6only));
1006 }
1007 #endif
1008
1009 return (retval_socket);
1010 }
1011
1012 int
linux_bind(struct thread * td,struct linux_bind_args * args)1013 linux_bind(struct thread *td, struct linux_bind_args *args)
1014 {
1015 struct sockaddr *sa;
1016 int error;
1017
1018 error = linux_to_bsd_sockaddr(PTRIN(args->name), &sa,
1019 &args->namelen);
1020 if (error != 0)
1021 return (error);
1022
1023 error = kern_bindat(td, AT_FDCWD, args->s, sa);
1024 free(sa, M_SONAME);
1025
1026 /* XXX */
1027 if (error == EADDRNOTAVAIL && args->namelen != sizeof(struct sockaddr_in))
1028 return (EINVAL);
1029 return (error);
1030 }
1031
1032 int
linux_connect(struct thread * td,struct linux_connect_args * args)1033 linux_connect(struct thread *td, struct linux_connect_args *args)
1034 {
1035 struct socket *so;
1036 struct sockaddr *sa;
1037 struct file *fp;
1038 int error;
1039
1040 error = linux_to_bsd_sockaddr(PTRIN(args->name), &sa,
1041 &args->namelen);
1042 if (error != 0)
1043 return (error);
1044
1045 error = kern_connectat(td, AT_FDCWD, args->s, sa);
1046 free(sa, M_SONAME);
1047 if (error != EISCONN)
1048 return (error);
1049
1050 /*
1051 * Linux doesn't return EISCONN the first time it occurs,
1052 * when on a non-blocking socket. Instead it returns the
1053 * error getsockopt(SOL_SOCKET, SO_ERROR) would return on BSD.
1054 */
1055 error = getsock(td, args->s, &cap_connect_rights, &fp);
1056 if (error != 0)
1057 return (error);
1058
1059 error = EISCONN;
1060 so = fp->f_data;
1061 if (atomic_load_int(&fp->f_flag) & FNONBLOCK) {
1062 SOCK_LOCK(so);
1063 if (so->so_emuldata == 0)
1064 error = so->so_error;
1065 so->so_emuldata = (void *)1;
1066 SOCK_UNLOCK(so);
1067 }
1068 fdrop(fp, td);
1069
1070 return (error);
1071 }
1072
1073 int
linux_listen(struct thread * td,struct linux_listen_args * args)1074 linux_listen(struct thread *td, struct linux_listen_args *args)
1075 {
1076
1077 return (kern_listen(td, args->s, args->backlog));
1078 }
1079
1080 static int
linux_accept_common(struct thread * td,int s,l_uintptr_t addr,l_uintptr_t namelen,int flags)1081 linux_accept_common(struct thread *td, int s, l_uintptr_t addr,
1082 l_uintptr_t namelen, int flags)
1083 {
1084 struct sockaddr_storage ss = { .ss_len = sizeof(ss) };
1085 struct file *fp, *fp1;
1086 struct socket *so;
1087 socklen_t len;
1088 int bflags, error, error1;
1089
1090 bflags = 0;
1091 fp = NULL;
1092
1093 error = linux_set_socket_flags(flags, &bflags);
1094 if (error != 0)
1095 return (error);
1096
1097 if (PTRIN(addr) != NULL) {
1098 error = copyin(PTRIN(namelen), &len, sizeof(len));
1099 if (error != 0)
1100 return (error);
1101 if (len < 0)
1102 return (EINVAL);
1103 } else
1104 len = 0;
1105
1106 error = kern_accept4(td, s, (struct sockaddr *)&ss, bflags, &fp);
1107
1108 /*
1109 * Translate errno values into ones used by Linux.
1110 */
1111 if (error != 0) {
1112 /*
1113 * XXX. This is wrong, different sockaddr structures
1114 * have different sizes.
1115 */
1116 switch (error) {
1117 case EFAULT:
1118 if (namelen != sizeof(struct sockaddr_in))
1119 error = EINVAL;
1120 break;
1121 case EINVAL:
1122 error1 = getsock(td, s, &cap_accept_rights, &fp1);
1123 if (error1 != 0) {
1124 error = error1;
1125 break;
1126 }
1127 so = fp1->f_data;
1128 if (so->so_type == SOCK_DGRAM)
1129 error = EOPNOTSUPP;
1130 fdrop(fp1, td);
1131 break;
1132 }
1133 return (error);
1134 }
1135
1136 if (PTRIN(addr) != NULL) {
1137 len = min(ss.ss_len, len);
1138 error = linux_copyout_sockaddr((struct sockaddr *)&ss,
1139 PTRIN(addr), len);
1140 if (error == 0) {
1141 len = ss.ss_len;
1142 error = copyout(&len, PTRIN(namelen), sizeof(len));
1143 }
1144 if (error != 0) {
1145 fdclose(td, fp, td->td_retval[0]);
1146 td->td_retval[0] = 0;
1147 }
1148 }
1149 if (fp != NULL)
1150 fdrop(fp, td);
1151 return (error);
1152 }
1153
1154 int
linux_accept(struct thread * td,struct linux_accept_args * args)1155 linux_accept(struct thread *td, struct linux_accept_args *args)
1156 {
1157
1158 return (linux_accept_common(td, args->s, args->addr,
1159 args->namelen, 0));
1160 }
1161
1162 int
linux_accept4(struct thread * td,struct linux_accept4_args * args)1163 linux_accept4(struct thread *td, struct linux_accept4_args *args)
1164 {
1165
1166 return (linux_accept_common(td, args->s, args->addr,
1167 args->namelen, args->flags));
1168 }
1169
1170 int
linux_getsockname(struct thread * td,struct linux_getsockname_args * args)1171 linux_getsockname(struct thread *td, struct linux_getsockname_args *args)
1172 {
1173 struct sockaddr_storage ss = { .ss_len = sizeof(ss) };
1174 socklen_t len;
1175 int error;
1176
1177 error = copyin(PTRIN(args->namelen), &len, sizeof(len));
1178 if (error != 0)
1179 return (error);
1180
1181 error = kern_getsockname(td, args->s, (struct sockaddr *)&ss);
1182 if (error != 0)
1183 return (error);
1184
1185 len = min(ss.ss_len, len);
1186 error = linux_copyout_sockaddr((struct sockaddr *)&ss,
1187 PTRIN(args->addr), len);
1188 if (error == 0) {
1189 len = ss.ss_len;
1190 error = copyout(&len, PTRIN(args->namelen), sizeof(len));
1191 }
1192 return (error);
1193 }
1194
1195 int
linux_getpeername(struct thread * td,struct linux_getpeername_args * args)1196 linux_getpeername(struct thread *td, struct linux_getpeername_args *args)
1197 {
1198 struct sockaddr_storage ss = { .ss_len = sizeof(ss) };
1199 socklen_t len;
1200 int error;
1201
1202 error = copyin(PTRIN(args->namelen), &len, sizeof(len));
1203 if (error != 0)
1204 return (error);
1205
1206 error = kern_getpeername(td, args->s, (struct sockaddr *)&ss);
1207 if (error != 0)
1208 return (error);
1209
1210 len = min(ss.ss_len, len);
1211 error = linux_copyout_sockaddr((struct sockaddr *)&ss,
1212 PTRIN(args->addr), len);
1213 if (error == 0) {
1214 len = ss.ss_len;
1215 error = copyout(&len, PTRIN(args->namelen), sizeof(len));
1216 }
1217 return (error);
1218 }
1219
1220 int
linux_socketpair(struct thread * td,struct linux_socketpair_args * args)1221 linux_socketpair(struct thread *td, struct linux_socketpair_args *args)
1222 {
1223 int domain, error, sv[2], type;
1224
1225 domain = linux_to_bsd_domain(args->domain);
1226 if (domain != PF_LOCAL)
1227 return (EAFNOSUPPORT);
1228 type = args->type & LINUX_SOCK_TYPE_MASK;
1229 if (type < 0 || type > LINUX_SOCK_MAX)
1230 return (EINVAL);
1231 error = linux_set_socket_flags(args->type & ~LINUX_SOCK_TYPE_MASK,
1232 &type);
1233 if (error != 0)
1234 return (error);
1235 if (args->protocol != 0 && args->protocol != PF_UNIX) {
1236 /*
1237 * Use of PF_UNIX as protocol argument is not right,
1238 * but Linux does it.
1239 * Do not map PF_UNIX as its Linux value is identical
1240 * to FreeBSD one.
1241 */
1242 return (EPROTONOSUPPORT);
1243 }
1244 error = kern_socketpair(td, domain, type, 0, sv);
1245 if (error != 0)
1246 return (error);
1247 error = copyout(sv, PTRIN(args->rsv), 2 * sizeof(int));
1248 if (error != 0) {
1249 (void)kern_close(td, sv[0]);
1250 (void)kern_close(td, sv[1]);
1251 }
1252 return (error);
1253 }
1254
1255 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
1256 struct linux_send_args {
1257 register_t s;
1258 register_t msg;
1259 register_t len;
1260 register_t flags;
1261 };
1262
1263 static int
linux_send(struct thread * td,struct linux_send_args * args)1264 linux_send(struct thread *td, struct linux_send_args *args)
1265 {
1266 struct sendto_args /* {
1267 int s;
1268 caddr_t buf;
1269 int len;
1270 int flags;
1271 caddr_t to;
1272 int tolen;
1273 } */ bsd_args;
1274 struct file *fp;
1275 int error;
1276
1277 bsd_args.s = args->s;
1278 bsd_args.buf = (caddr_t)PTRIN(args->msg);
1279 bsd_args.len = args->len;
1280 bsd_args.flags = linux_to_bsd_msg_flags(args->flags);
1281 bsd_args.to = NULL;
1282 bsd_args.tolen = 0;
1283 error = sys_sendto(td, &bsd_args);
1284 if (error == ENOTCONN) {
1285 /*
1286 * Linux doesn't return ENOTCONN for non-blocking sockets.
1287 * Instead it returns the EAGAIN.
1288 */
1289 error = getsock(td, args->s, &cap_send_rights, &fp);
1290 if (error == 0) {
1291 if (atomic_load_int(&fp->f_flag) & FNONBLOCK)
1292 error = EAGAIN;
1293 fdrop(fp, td);
1294 }
1295 }
1296 return (error);
1297 }
1298
1299 struct linux_recv_args {
1300 register_t s;
1301 register_t msg;
1302 register_t len;
1303 register_t flags;
1304 };
1305
1306 static int
linux_recv(struct thread * td,struct linux_recv_args * args)1307 linux_recv(struct thread *td, struct linux_recv_args *args)
1308 {
1309 struct recvfrom_args /* {
1310 int s;
1311 caddr_t buf;
1312 int len;
1313 int flags;
1314 struct sockaddr *from;
1315 socklen_t fromlenaddr;
1316 } */ bsd_args;
1317
1318 bsd_args.s = args->s;
1319 bsd_args.buf = (caddr_t)PTRIN(args->msg);
1320 bsd_args.len = args->len;
1321 bsd_args.flags = linux_to_bsd_msg_flags(args->flags);
1322 bsd_args.from = NULL;
1323 bsd_args.fromlenaddr = 0;
1324 return (sys_recvfrom(td, &bsd_args));
1325 }
1326 #endif /* __i386__ || (__amd64__ && COMPAT_LINUX32) */
1327
1328 int
linux_sendto(struct thread * td,struct linux_sendto_args * args)1329 linux_sendto(struct thread *td, struct linux_sendto_args *args)
1330 {
1331 struct msghdr msg;
1332 struct iovec aiov;
1333 struct socket *so;
1334 struct file *fp;
1335 int error;
1336
1337 if (linux_check_hdrincl(td, args->s) == 0)
1338 /* IP_HDRINCL set, tweak the packet before sending */
1339 return (linux_sendto_hdrincl(td, args));
1340
1341 bzero(&msg, sizeof(msg));
1342 error = getsock(td, args->s, &cap_send_connect_rights, &fp);
1343 if (error != 0)
1344 return (error);
1345 so = fp->f_data;
1346 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING)) == 0) {
1347 msg.msg_name = PTRIN(args->to);
1348 msg.msg_namelen = args->tolen;
1349 }
1350 msg.msg_iov = &aiov;
1351 msg.msg_iovlen = 1;
1352 aiov.iov_base = PTRIN(args->msg);
1353 aiov.iov_len = args->len;
1354 fdrop(fp, td);
1355 return (linux_sendit(td, args->s, &msg, args->flags, NULL,
1356 UIO_USERSPACE));
1357 }
1358
1359 int
linux_recvfrom(struct thread * td,struct linux_recvfrom_args * args)1360 linux_recvfrom(struct thread *td, struct linux_recvfrom_args *args)
1361 {
1362 struct sockaddr *sa;
1363 struct msghdr msg;
1364 struct iovec aiov;
1365 int error, fromlen;
1366
1367 if (PTRIN(args->fromlen) != NULL) {
1368 error = copyin(PTRIN(args->fromlen), &fromlen,
1369 sizeof(fromlen));
1370 if (error != 0)
1371 return (error);
1372 if (fromlen < 0)
1373 return (EINVAL);
1374 fromlen = min(fromlen, SOCK_MAXADDRLEN);
1375 sa = malloc(fromlen, M_SONAME, M_WAITOK);
1376 } else {
1377 fromlen = 0;
1378 sa = NULL;
1379 }
1380
1381 msg.msg_name = sa;
1382 msg.msg_namelen = fromlen;
1383 msg.msg_iov = &aiov;
1384 msg.msg_iovlen = 1;
1385 aiov.iov_base = PTRIN(args->buf);
1386 aiov.iov_len = args->len;
1387 msg.msg_control = 0;
1388 msg.msg_flags = linux_to_bsd_msg_flags(args->flags);
1389
1390 error = kern_recvit(td, args->s, &msg, UIO_SYSSPACE, NULL);
1391 if (error != 0)
1392 goto out;
1393
1394 /*
1395 * XXX. Seems that FreeBSD is different from Linux here. Linux
1396 * fill source address if underlying protocol provides it, while
1397 * FreeBSD fill it if underlying protocol is not connection-oriented.
1398 * So, kern_recvit() set msg.msg_namelen to 0 if protocol pr_flags
1399 * does not contains PR_ADDR flag.
1400 */
1401 if (PTRIN(args->from) != NULL && msg.msg_namelen != 0)
1402 error = linux_copyout_sockaddr(sa, PTRIN(args->from),
1403 msg.msg_namelen);
1404
1405 if (error == 0 && PTRIN(args->fromlen) != NULL)
1406 error = copyout(&msg.msg_namelen, PTRIN(args->fromlen),
1407 sizeof(msg.msg_namelen));
1408 out:
1409 free(sa, M_SONAME);
1410 return (error);
1411 }
1412
1413 static int
linux_sendmsg_common(struct thread * td,l_int s,struct l_msghdr * msghdr,l_uint flags)1414 linux_sendmsg_common(struct thread *td, l_int s, struct l_msghdr *msghdr,
1415 l_uint flags)
1416 {
1417 struct sockaddr_storage ss = { .ss_len = sizeof(ss) };
1418 struct cmsghdr *cmsg;
1419 struct mbuf *control;
1420 struct msghdr msg;
1421 struct l_cmsghdr linux_cmsg;
1422 struct l_cmsghdr *ptr_cmsg;
1423 struct l_msghdr linux_msghdr;
1424 struct iovec *iov;
1425 socklen_t datalen;
1426 struct socket *so;
1427 sa_family_t sa_family;
1428 struct file *fp;
1429 void *data;
1430 l_size_t len;
1431 l_size_t clen;
1432 int error;
1433
1434 error = copyin(msghdr, &linux_msghdr, sizeof(linux_msghdr));
1435 if (error != 0)
1436 return (error);
1437
1438 /*
1439 * Some Linux applications (ping) define a non-NULL control data
1440 * pointer, but a msg_controllen of 0, which is not allowed in the
1441 * FreeBSD system call interface. NULL the msg_control pointer in
1442 * order to handle this case. This should be checked, but allows the
1443 * Linux ping to work.
1444 */
1445 if (PTRIN(linux_msghdr.msg_control) != NULL &&
1446 linux_msghdr.msg_controllen == 0)
1447 linux_msghdr.msg_control = PTROUT(NULL);
1448
1449 error = linux_to_bsd_msghdr(&msg, &linux_msghdr);
1450 if (error != 0)
1451 return (error);
1452
1453 #ifdef COMPAT_LINUX32
1454 error = freebsd32_copyiniov(PTRIN(msg.msg_iov), msg.msg_iovlen,
1455 &iov, EMSGSIZE);
1456 #else
1457 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1458 #endif
1459 if (error != 0)
1460 return (error);
1461
1462 control = NULL;
1463
1464 error = kern_getsockname(td, s, (struct sockaddr *)&ss);
1465 if (error != 0)
1466 goto bad;
1467 sa_family = ss.ss_family;
1468
1469 if (flags & LINUX_MSG_OOB) {
1470 error = EOPNOTSUPP;
1471 if (sa_family == AF_UNIX)
1472 goto bad;
1473
1474 error = getsock(td, s, &cap_send_rights, &fp);
1475 if (error != 0)
1476 goto bad;
1477 so = fp->f_data;
1478 if (so->so_type != SOCK_STREAM)
1479 error = EOPNOTSUPP;
1480 fdrop(fp, td);
1481 if (error != 0)
1482 goto bad;
1483 }
1484
1485 if (linux_msghdr.msg_controllen >= sizeof(struct l_cmsghdr)) {
1486 error = ENOBUFS;
1487 control = m_get(M_WAITOK, MT_CONTROL);
1488 MCLGET(control, M_WAITOK);
1489 data = mtod(control, void *);
1490 datalen = 0;
1491
1492 ptr_cmsg = PTRIN(linux_msghdr.msg_control);
1493 clen = linux_msghdr.msg_controllen;
1494 do {
1495 error = copyin(ptr_cmsg, &linux_cmsg,
1496 sizeof(struct l_cmsghdr));
1497 if (error != 0)
1498 goto bad;
1499
1500 error = EINVAL;
1501 if (linux_cmsg.cmsg_len < sizeof(struct l_cmsghdr) ||
1502 linux_cmsg.cmsg_len > clen)
1503 goto bad;
1504
1505 if (datalen + CMSG_HDRSZ > MCLBYTES)
1506 goto bad;
1507
1508 /*
1509 * Now we support only SCM_RIGHTS and SCM_CRED,
1510 * so return EINVAL in any other cmsg_type
1511 */
1512 cmsg = data;
1513 cmsg->cmsg_type =
1514 linux_to_bsd_cmsg_type(linux_cmsg.cmsg_type);
1515 cmsg->cmsg_level =
1516 linux_to_bsd_sockopt_level(linux_cmsg.cmsg_level);
1517 if (cmsg->cmsg_type == -1
1518 || cmsg->cmsg_level != SOL_SOCKET) {
1519 linux_msg(curthread,
1520 "unsupported sendmsg cmsg level %d type %d",
1521 linux_cmsg.cmsg_level, linux_cmsg.cmsg_type);
1522 goto bad;
1523 }
1524
1525 /*
1526 * Some applications (e.g. pulseaudio) attempt to
1527 * send ancillary data even if the underlying protocol
1528 * doesn't support it which is not allowed in the
1529 * FreeBSD system call interface.
1530 */
1531 if (sa_family != AF_UNIX)
1532 goto next;
1533
1534 if (cmsg->cmsg_type == SCM_CREDS) {
1535 len = sizeof(struct cmsgcred);
1536 if (datalen + CMSG_SPACE(len) > MCLBYTES)
1537 goto bad;
1538
1539 /*
1540 * The lower levels will fill in the structure
1541 */
1542 memset(CMSG_DATA(data), 0, len);
1543 } else {
1544 len = linux_cmsg.cmsg_len - L_CMSG_HDRSZ;
1545 if (datalen + CMSG_SPACE(len) < datalen ||
1546 datalen + CMSG_SPACE(len) > MCLBYTES)
1547 goto bad;
1548
1549 error = copyin(LINUX_CMSG_DATA(ptr_cmsg),
1550 CMSG_DATA(data), len);
1551 if (error != 0)
1552 goto bad;
1553 }
1554
1555 cmsg->cmsg_len = CMSG_LEN(len);
1556 data = (char *)data + CMSG_SPACE(len);
1557 datalen += CMSG_SPACE(len);
1558
1559 next:
1560 if (clen <= LINUX_CMSG_ALIGN(linux_cmsg.cmsg_len))
1561 break;
1562
1563 clen -= LINUX_CMSG_ALIGN(linux_cmsg.cmsg_len);
1564 ptr_cmsg = (struct l_cmsghdr *)((char *)ptr_cmsg +
1565 LINUX_CMSG_ALIGN(linux_cmsg.cmsg_len));
1566 } while(clen >= sizeof(struct l_cmsghdr));
1567
1568 control->m_len = datalen;
1569 if (datalen == 0) {
1570 m_freem(control);
1571 control = NULL;
1572 }
1573 }
1574
1575 msg.msg_iov = iov;
1576 msg.msg_flags = 0;
1577 error = linux_sendit(td, s, &msg, flags, control, UIO_USERSPACE);
1578 control = NULL;
1579
1580 bad:
1581 m_freem(control);
1582 free(iov, M_IOV);
1583 return (error);
1584 }
1585
1586 int
linux_sendmsg(struct thread * td,struct linux_sendmsg_args * args)1587 linux_sendmsg(struct thread *td, struct linux_sendmsg_args *args)
1588 {
1589
1590 return (linux_sendmsg_common(td, args->s, PTRIN(args->msg),
1591 args->flags));
1592 }
1593
1594 int
linux_sendmmsg(struct thread * td,struct linux_sendmmsg_args * args)1595 linux_sendmmsg(struct thread *td, struct linux_sendmmsg_args *args)
1596 {
1597 struct l_mmsghdr *msg;
1598 l_uint retval;
1599 int error, datagrams;
1600
1601 if (args->vlen > UIO_MAXIOV)
1602 args->vlen = UIO_MAXIOV;
1603
1604 msg = PTRIN(args->msg);
1605 datagrams = 0;
1606 while (datagrams < args->vlen) {
1607 error = linux_sendmsg_common(td, args->s, &msg->msg_hdr,
1608 args->flags);
1609 if (error != 0)
1610 break;
1611
1612 retval = td->td_retval[0];
1613 error = copyout(&retval, &msg->msg_len, sizeof(msg->msg_len));
1614 if (error != 0)
1615 break;
1616 ++msg;
1617 ++datagrams;
1618 }
1619 if (error == 0)
1620 td->td_retval[0] = datagrams;
1621 return (error);
1622 }
1623
1624 static int
recvmsg_scm_rights(struct thread * td,l_uint flags,socklen_t * datalen,void ** data,void ** udata)1625 recvmsg_scm_rights(struct thread *td, l_uint flags, socklen_t *datalen,
1626 void **data, void **udata)
1627 {
1628 int i, fd, fds, *fdp;
1629
1630 if (flags & LINUX_MSG_CMSG_CLOEXEC) {
1631 fds = *datalen / sizeof(int);
1632 fdp = *data;
1633 for (i = 0; i < fds; i++) {
1634 fd = *fdp++;
1635 (void)kern_fcntl(td, fd, F_SETFD, FD_CLOEXEC);
1636 }
1637 }
1638 return (0);
1639 }
1640
1641
1642 static int
recvmsg_scm_creds(socklen_t * datalen,void ** data,void ** udata)1643 recvmsg_scm_creds(socklen_t *datalen, void **data, void **udata)
1644 {
1645 struct cmsgcred *cmcred;
1646 struct l_ucred lu;
1647
1648 cmcred = *data;
1649 lu.pid = cmcred->cmcred_pid;
1650 lu.uid = cmcred->cmcred_uid;
1651 lu.gid = cmcred->cmcred_gid;
1652 memmove(*data, &lu, sizeof(lu));
1653 *datalen = sizeof(lu);
1654 return (0);
1655 }
1656 _Static_assert(sizeof(struct cmsgcred) >= sizeof(struct l_ucred),
1657 "scm_creds sizeof l_ucred");
1658
1659 static int
recvmsg_scm_creds2(socklen_t * datalen,void ** data,void ** udata)1660 recvmsg_scm_creds2(socklen_t *datalen, void **data, void **udata)
1661 {
1662 struct sockcred2 *scred;
1663 struct l_ucred lu;
1664
1665 scred = *data;
1666 lu.pid = scred->sc_pid;
1667 lu.uid = scred->sc_uid;
1668 lu.gid = scred->sc_gid;
1669 memmove(*data, &lu, sizeof(lu));
1670 *datalen = sizeof(lu);
1671 return (0);
1672 }
1673 _Static_assert(sizeof(struct sockcred2) >= sizeof(struct l_ucred),
1674 "scm_creds2 sizeof l_ucred");
1675
1676 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
1677 static int
recvmsg_scm_timestamp(l_int msg_type,socklen_t * datalen,void ** data,void ** udata)1678 recvmsg_scm_timestamp(l_int msg_type, socklen_t *datalen, void **data,
1679 void **udata)
1680 {
1681 l_sock_timeval ltv64;
1682 l_timeval ltv;
1683 struct timeval *tv;
1684 socklen_t len;
1685 void *buf;
1686
1687 if (*datalen != sizeof(struct timeval))
1688 return (EMSGSIZE);
1689
1690 tv = *data;
1691 #if defined(COMPAT_LINUX32)
1692 if (msg_type == LINUX_SCM_TIMESTAMPO &&
1693 (tv->tv_sec > INT_MAX || tv->tv_sec < INT_MIN))
1694 return (EOVERFLOW);
1695 #endif
1696 if (msg_type == LINUX_SCM_TIMESTAMPN)
1697 len = sizeof(ltv64);
1698 else
1699 len = sizeof(ltv);
1700
1701 buf = malloc(len, M_LINUX, M_WAITOK);
1702 if (msg_type == LINUX_SCM_TIMESTAMPN) {
1703 ltv64.tv_sec = tv->tv_sec;
1704 ltv64.tv_usec = tv->tv_usec;
1705 memmove(buf, <v64, len);
1706 } else {
1707 ltv.tv_sec = tv->tv_sec;
1708 ltv.tv_usec = tv->tv_usec;
1709 memmove(buf, <v, len);
1710 }
1711 *data = *udata = buf;
1712 *datalen = len;
1713 return (0);
1714 }
1715 #else
1716 _Static_assert(sizeof(struct timeval) == sizeof(l_timeval),
1717 "scm_timestamp sizeof l_timeval");
1718 #endif /* __i386__ || (__amd64__ && COMPAT_LINUX32) */
1719
1720 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
1721 static int
recvmsg_scm_timestampns(l_int msg_type,socklen_t * datalen,void ** data,void ** udata)1722 recvmsg_scm_timestampns(l_int msg_type, socklen_t *datalen, void **data,
1723 void **udata)
1724 {
1725 struct l_timespec64 ts64;
1726 struct l_timespec ts32;
1727 struct timespec ts;
1728 socklen_t len;
1729 void *buf;
1730
1731 if (msg_type == LINUX_SCM_TIMESTAMPNSO)
1732 len = sizeof(ts32);
1733 else
1734 len = sizeof(ts64);
1735
1736 buf = malloc(len, M_LINUX, M_WAITOK);
1737 bintime2timespec(*data, &ts);
1738 if (msg_type == LINUX_SCM_TIMESTAMPNSO) {
1739 ts32.tv_sec = ts.tv_sec;
1740 ts32.tv_nsec = ts.tv_nsec;
1741 memmove(buf, &ts32, len);
1742 } else {
1743 ts64.tv_sec = ts.tv_sec;
1744 ts64.tv_nsec = ts.tv_nsec;
1745 memmove(buf, &ts64, len);
1746 }
1747 *data = *udata = buf;
1748 *datalen = len;
1749 return (0);
1750 }
1751 #else
1752 static int
recvmsg_scm_timestampns(l_int msg_type,socklen_t * datalen,void ** data,void ** udata)1753 recvmsg_scm_timestampns(l_int msg_type, socklen_t *datalen, void **data,
1754 void **udata)
1755 {
1756 struct timespec ts;
1757
1758 bintime2timespec(*data, &ts);
1759 memmove(*data, &ts, sizeof(struct timespec));
1760 *datalen = sizeof(struct timespec);
1761 return (0);
1762 }
1763 _Static_assert(sizeof(struct bintime) >= sizeof(struct timespec),
1764 "scm_timestampns sizeof timespec");
1765 #endif /* __i386__ || (__amd64__ && COMPAT_LINUX32) */
1766
1767 static int
recvmsg_scm_sol_socket(struct thread * td,l_int msg_type,l_int lmsg_type,l_uint flags,socklen_t * datalen,void ** data,void ** udata)1768 recvmsg_scm_sol_socket(struct thread *td, l_int msg_type, l_int lmsg_type,
1769 l_uint flags, socklen_t *datalen, void **data, void **udata)
1770 {
1771 int error;
1772
1773 error = 0;
1774 switch (msg_type) {
1775 case SCM_RIGHTS:
1776 error = recvmsg_scm_rights(td, flags, datalen,
1777 data, udata);
1778 break;
1779 case SCM_CREDS:
1780 error = recvmsg_scm_creds(datalen, data, udata);
1781 break;
1782 case SCM_CREDS2:
1783 error = recvmsg_scm_creds2(datalen, data, udata);
1784 break;
1785 case SCM_TIMESTAMP:
1786 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
1787 error = recvmsg_scm_timestamp(lmsg_type, datalen,
1788 data, udata);
1789 #endif
1790 break;
1791 case SCM_BINTIME:
1792 error = recvmsg_scm_timestampns(lmsg_type, datalen,
1793 data, udata);
1794 break;
1795 }
1796
1797 return (error);
1798 }
1799
1800 static int
recvmsg_scm_ip_origdstaddr(socklen_t * datalen,void ** data,void ** udata)1801 recvmsg_scm_ip_origdstaddr(socklen_t *datalen, void **data, void **udata)
1802 {
1803 struct l_sockaddr *lsa;
1804 int error;
1805
1806 error = bsd_to_linux_sockaddr(*data, &lsa, *datalen);
1807 if (error == 0) {
1808 *data = *udata = lsa;
1809 *datalen = sizeof(*lsa);
1810 }
1811 return (error);
1812 }
1813
1814 static int
recvmsg_scm_ipproto_ip(l_int msg_type,l_int lmsg_type,socklen_t * datalen,void ** data,void ** udata)1815 recvmsg_scm_ipproto_ip(l_int msg_type, l_int lmsg_type, socklen_t *datalen,
1816 void **data, void **udata)
1817 {
1818 int error;
1819
1820 error = 0;
1821 switch (msg_type) {
1822 case IP_ORIGDSTADDR:
1823 error = recvmsg_scm_ip_origdstaddr(datalen, data,
1824 udata);
1825 break;
1826 }
1827
1828 return (error);
1829 }
1830
1831 static int
linux_recvmsg_common(struct thread * td,l_int s,struct l_msghdr * msghdr,l_uint flags,struct msghdr * msg)1832 linux_recvmsg_common(struct thread *td, l_int s, struct l_msghdr *msghdr,
1833 l_uint flags, struct msghdr *msg)
1834 {
1835 struct proc *p = td->td_proc;
1836 struct cmsghdr *cm;
1837 struct l_cmsghdr *lcm = NULL;
1838 socklen_t datalen, maxlen, outlen;
1839 struct l_msghdr l_msghdr;
1840 struct iovec *iov, *uiov;
1841 struct mbuf *m, *control = NULL;
1842 struct mbuf **controlp;
1843 struct sockaddr *sa;
1844 caddr_t outbuf;
1845 void *data, *udata;
1846 int error, skiped;
1847
1848 error = copyin(msghdr, &l_msghdr, sizeof(l_msghdr));
1849 if (error != 0)
1850 return (error);
1851
1852 /*
1853 * Pass user-supplied recvmsg() flags in msg_flags field,
1854 * following sys_recvmsg() convention.
1855 */
1856 l_msghdr.msg_flags = flags;
1857
1858 error = linux_to_bsd_msghdr(msg, &l_msghdr);
1859 if (error != 0)
1860 return (error);
1861
1862 #ifdef COMPAT_LINUX32
1863 error = freebsd32_copyiniov(PTRIN(msg->msg_iov), msg->msg_iovlen,
1864 &iov, EMSGSIZE);
1865 #else
1866 error = copyiniov(msg->msg_iov, msg->msg_iovlen, &iov, EMSGSIZE);
1867 #endif
1868 if (error != 0)
1869 return (error);
1870
1871 if (msg->msg_name != NULL && msg->msg_namelen > 0) {
1872 msg->msg_namelen = min(msg->msg_namelen, SOCK_MAXADDRLEN);
1873 sa = malloc(msg->msg_namelen, M_SONAME, M_WAITOK);
1874 msg->msg_name = sa;
1875 } else {
1876 sa = NULL;
1877 msg->msg_name = NULL;
1878 }
1879
1880 uiov = msg->msg_iov;
1881 msg->msg_iov = iov;
1882 controlp = (msg->msg_control != NULL) ? &control : NULL;
1883 error = kern_recvit(td, s, msg, UIO_SYSSPACE, controlp);
1884 msg->msg_iov = uiov;
1885 if (error != 0)
1886 goto bad;
1887
1888 /*
1889 * Note that kern_recvit() updates msg->msg_namelen.
1890 */
1891 if (msg->msg_name != NULL && msg->msg_namelen > 0) {
1892 msg->msg_name = PTRIN(l_msghdr.msg_name);
1893 error = linux_copyout_sockaddr(sa, msg->msg_name,
1894 msg->msg_namelen);
1895 if (error != 0)
1896 goto bad;
1897 }
1898
1899 error = bsd_to_linux_msghdr(msg, &l_msghdr);
1900 if (error != 0)
1901 goto bad;
1902
1903 skiped = outlen = 0;
1904 maxlen = l_msghdr.msg_controllen;
1905 if (control == NULL)
1906 goto out;
1907
1908 lcm = malloc(L_CMSG_HDRSZ, M_LINUX, M_WAITOK | M_ZERO);
1909 msg->msg_control = mtod(control, struct cmsghdr *);
1910 msg->msg_controllen = control->m_len;
1911 outbuf = PTRIN(l_msghdr.msg_control);
1912 for (m = control; m != NULL; m = m->m_next) {
1913 cm = mtod(m, struct cmsghdr *);
1914 lcm->cmsg_type = bsd_to_linux_cmsg_type(p, cm->cmsg_type,
1915 cm->cmsg_level);
1916 lcm->cmsg_level = bsd_to_linux_sockopt_level(cm->cmsg_level);
1917
1918 if (lcm->cmsg_type == -1 ||
1919 lcm->cmsg_level == -1) {
1920 LINUX_RATELIMIT_MSG_OPT2(
1921 "unsupported recvmsg cmsg level %d type %d",
1922 cm->cmsg_level, cm->cmsg_type);
1923 /* Skip unsupported messages */
1924 skiped++;
1925 continue;
1926 }
1927 data = CMSG_DATA(cm);
1928 datalen = (caddr_t)cm + cm->cmsg_len - (caddr_t)data;
1929 udata = NULL;
1930 error = 0;
1931
1932 switch (cm->cmsg_level) {
1933 case IPPROTO_IP:
1934 error = recvmsg_scm_ipproto_ip(cm->cmsg_type,
1935 lcm->cmsg_type, &datalen, &data, &udata);
1936 break;
1937 case SOL_SOCKET:
1938 error = recvmsg_scm_sol_socket(td, cm->cmsg_type,
1939 lcm->cmsg_type, flags, &datalen, &data, &udata);
1940 break;
1941 }
1942
1943 /* The recvmsg_scm_ is responsible to free udata on error. */
1944 if (error != 0)
1945 goto bad;
1946
1947 if (outlen + LINUX_CMSG_LEN(datalen) > maxlen) {
1948 if (outlen == 0) {
1949 error = EMSGSIZE;
1950 goto err;
1951 } else {
1952 l_msghdr.msg_flags |= LINUX_MSG_CTRUNC;
1953 m_dispose_extcontrolm(control);
1954 free(udata, M_LINUX);
1955 goto out;
1956 }
1957 }
1958
1959 lcm->cmsg_len = LINUX_CMSG_LEN(datalen);
1960 error = copyout(lcm, outbuf, L_CMSG_HDRSZ);
1961 if (error == 0) {
1962 error = copyout(data, LINUX_CMSG_DATA(outbuf), datalen);
1963 if (error == 0) {
1964 outbuf += LINUX_CMSG_SPACE(datalen);
1965 outlen += LINUX_CMSG_SPACE(datalen);
1966 }
1967 }
1968 err:
1969 free(udata, M_LINUX);
1970 if (error != 0)
1971 goto bad;
1972 }
1973 if (outlen == 0 && skiped > 0) {
1974 error = EINVAL;
1975 goto bad;
1976 }
1977
1978 out:
1979 l_msghdr.msg_controllen = outlen;
1980 error = copyout(&l_msghdr, msghdr, sizeof(l_msghdr));
1981
1982 bad:
1983 if (control != NULL) {
1984 if (error != 0)
1985 m_dispose_extcontrolm(control);
1986 m_freem(control);
1987 }
1988 free(iov, M_IOV);
1989 free(lcm, M_LINUX);
1990 free(sa, M_SONAME);
1991
1992 return (error);
1993 }
1994
1995 int
linux_recvmsg(struct thread * td,struct linux_recvmsg_args * args)1996 linux_recvmsg(struct thread *td, struct linux_recvmsg_args *args)
1997 {
1998 struct msghdr bsd_msg;
1999 struct file *fp;
2000 int error;
2001
2002 error = getsock(td, args->s, &cap_recv_rights, &fp);
2003 if (error != 0)
2004 return (error);
2005 fdrop(fp, td);
2006 return (linux_recvmsg_common(td, args->s, PTRIN(args->msg),
2007 args->flags, &bsd_msg));
2008 }
2009
2010 static int
linux_recvmmsg_common(struct thread * td,l_int s,struct l_mmsghdr * msg,l_uint vlen,l_uint flags,struct timespec * tts)2011 linux_recvmmsg_common(struct thread *td, l_int s, struct l_mmsghdr *msg,
2012 l_uint vlen, l_uint flags, struct timespec *tts)
2013 {
2014 struct msghdr bsd_msg;
2015 struct timespec ts;
2016 struct file *fp;
2017 l_uint retval;
2018 int error, datagrams;
2019
2020 error = getsock(td, s, &cap_recv_rights, &fp);
2021 if (error != 0)
2022 return (error);
2023 datagrams = 0;
2024 while (datagrams < vlen) {
2025 error = linux_recvmsg_common(td, s, &msg->msg_hdr,
2026 flags & ~LINUX_MSG_WAITFORONE, &bsd_msg);
2027 if (error != 0)
2028 break;
2029
2030 retval = td->td_retval[0];
2031 error = copyout(&retval, &msg->msg_len, sizeof(msg->msg_len));
2032 if (error != 0)
2033 break;
2034 ++msg;
2035 ++datagrams;
2036
2037 /*
2038 * MSG_WAITFORONE turns on MSG_DONTWAIT after one packet.
2039 */
2040 if (flags & LINUX_MSG_WAITFORONE)
2041 flags |= LINUX_MSG_DONTWAIT;
2042
2043 /*
2044 * See BUGS section of recvmmsg(2).
2045 */
2046 if (tts) {
2047 getnanotime(&ts);
2048 timespecsub(&ts, tts, &ts);
2049 if (!timespecisset(&ts) || ts.tv_sec > 0)
2050 break;
2051 }
2052 /* Out of band data, return right away. */
2053 if (bsd_msg.msg_flags & MSG_OOB)
2054 break;
2055 }
2056 if (error == 0)
2057 td->td_retval[0] = datagrams;
2058 fdrop(fp, td);
2059 return (error);
2060 }
2061
2062 int
linux_recvmmsg(struct thread * td,struct linux_recvmmsg_args * args)2063 linux_recvmmsg(struct thread *td, struct linux_recvmmsg_args *args)
2064 {
2065 struct timespec ts, tts, *ptts;
2066 int error;
2067
2068 if (args->timeout) {
2069 error = linux_get_timespec(&ts, args->timeout);
2070 if (error != 0)
2071 return (error);
2072 getnanotime(&tts);
2073 timespecadd(&tts, &ts, &tts);
2074 ptts = &tts;
2075 }
2076 else ptts = NULL;
2077
2078 return (linux_recvmmsg_common(td, args->s, PTRIN(args->msg),
2079 args->vlen, args->flags, ptts));
2080 }
2081
2082 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
2083 int
linux_recvmmsg_time64(struct thread * td,struct linux_recvmmsg_time64_args * args)2084 linux_recvmmsg_time64(struct thread *td, struct linux_recvmmsg_time64_args *args)
2085 {
2086 struct timespec ts, tts, *ptts;
2087 int error;
2088
2089 if (args->timeout) {
2090 error = linux_get_timespec64(&ts, args->timeout);
2091 if (error != 0)
2092 return (error);
2093 getnanotime(&tts);
2094 timespecadd(&tts, &ts, &tts);
2095 ptts = &tts;
2096 }
2097 else ptts = NULL;
2098
2099 return (linux_recvmmsg_common(td, args->s, PTRIN(args->msg),
2100 args->vlen, args->flags, ptts));
2101 }
2102 #endif
2103
2104 int
linux_shutdown(struct thread * td,struct linux_shutdown_args * args)2105 linux_shutdown(struct thread *td, struct linux_shutdown_args *args)
2106 {
2107
2108 return (kern_shutdown(td, args->s, args->how));
2109 }
2110
2111 int
linux_setsockopt(struct thread * td,struct linux_setsockopt_args * args)2112 linux_setsockopt(struct thread *td, struct linux_setsockopt_args *args)
2113 {
2114 struct proc *p = td->td_proc;
2115 struct linux_pemuldata *pem;
2116 l_timeval linux_tv;
2117 l_uint linux_timeout;
2118 struct sockaddr *sa;
2119 struct timeval tv;
2120 u_int bsd_timeout;
2121 socklen_t len;
2122 int error, level, name, val;
2123
2124 level = linux_to_bsd_sockopt_level(args->level);
2125 switch (level) {
2126 case SOL_SOCKET:
2127 name = linux_to_bsd_so_sockopt(args->optname);
2128 switch (name) {
2129 case LOCAL_CREDS_PERSISTENT:
2130 level = SOL_LOCAL;
2131 break;
2132 case SO_RCVTIMEO:
2133 /* FALLTHROUGH */
2134 case SO_SNDTIMEO:
2135 error = copyin(PTRIN(args->optval), &linux_tv,
2136 sizeof(linux_tv));
2137 if (error != 0)
2138 return (error);
2139 tv.tv_sec = linux_tv.tv_sec;
2140 tv.tv_usec = linux_tv.tv_usec;
2141 return (kern_setsockopt(td, args->s, level,
2142 name, &tv, UIO_SYSSPACE, sizeof(tv)));
2143 /* NOTREACHED */
2144 case SO_TIMESTAMP:
2145 /* overwrite SO_BINTIME */
2146 val = 0;
2147 error = kern_setsockopt(td, args->s, level,
2148 SO_BINTIME, &val, UIO_SYSSPACE, sizeof(val));
2149 if (error != 0)
2150 return (error);
2151 pem = pem_find(p);
2152 pem->so_timestamp = args->optname;
2153 break;
2154 case SO_BINTIME:
2155 /* overwrite SO_TIMESTAMP */
2156 val = 0;
2157 error = kern_setsockopt(td, args->s, level,
2158 SO_TIMESTAMP, &val, UIO_SYSSPACE, sizeof(val));
2159 if (error != 0)
2160 return (error);
2161 pem = pem_find(p);
2162 pem->so_timestampns = args->optname;
2163 break;
2164 default:
2165 break;
2166 }
2167 break;
2168 case IPPROTO_IP:
2169 if (args->optname == LINUX_IP_RECVERR &&
2170 linux_ignore_ip_recverr) {
2171 /*
2172 * XXX: This is a hack to unbreak DNS resolution
2173 * with glibc 2.30 and above.
2174 */
2175 return (0);
2176 }
2177 name = linux_to_bsd_ip_sockopt(args->optname);
2178 break;
2179 case IPPROTO_IPV6:
2180 if (args->optname == LINUX_IPV6_RECVERR &&
2181 linux_ignore_ip_recverr) {
2182 /*
2183 * XXX: This is a hack to unbreak DNS resolution
2184 * with glibc 2.30 and above.
2185 */
2186 return (0);
2187 }
2188 name = linux_to_bsd_ip6_sockopt(args->optname);
2189 break;
2190 case IPPROTO_TCP:
2191 name = linux_to_bsd_tcp_sockopt(args->optname);
2192 switch (name) {
2193 case TCP_MAXUNACKTIME:
2194 if (args->optlen < sizeof(linux_timeout))
2195 return (EINVAL);
2196
2197 error = copyin(PTRIN(args->optval), &linux_timeout,
2198 sizeof(linux_timeout));
2199 if (error != 0)
2200 return (error);
2201
2202 bsd_timeout = linux_to_bsd_tcp_user_timeout(
2203 linux_timeout);
2204 return (kern_setsockopt(td, args->s, level, name,
2205 &bsd_timeout, UIO_SYSSPACE,
2206 sizeof(bsd_timeout)));
2207 default:
2208 break;
2209 }
2210 break;
2211 #ifdef INET6
2212 case IPPROTO_RAW: {
2213 struct file *fp;
2214 struct socket *so;
2215 int family;
2216
2217 error = getsock(td, args->s, &cap_setsockopt_rights, &fp);
2218 if (error != 0)
2219 return (error);
2220 so = fp->f_data;
2221 family = so->so_proto->pr_domain->dom_family;
2222 fdrop(fp, td);
2223
2224 name = -1;
2225 if (family == AF_INET6) {
2226 name = linux_to_bsd_ip6_sockopt(args->optname);
2227 if (name >= 0)
2228 level = IPPROTO_IPV6;
2229 }
2230 break;
2231 }
2232 case IPPROTO_ICMPV6: {
2233 struct icmp6_filter f;
2234 int i;
2235
2236 name = linux_to_bsd_icmp6_sockopt(args->optname);
2237 if (name != ICMP6_FILTER)
2238 break;
2239
2240 if (args->optlen != sizeof(f))
2241 return (EINVAL);
2242
2243 error = copyin(PTRIN(args->optval), &f, sizeof(f));
2244 if (error)
2245 return (error);
2246
2247 /* Linux uses opposite values for pass/block in ICMPv6 */
2248 for (i = 0; i < nitems(f.icmp6_filt); i++)
2249 f.icmp6_filt[i] = ~f.icmp6_filt[i];
2250 return (kern_setsockopt(td, args->s, IPPROTO_ICMPV6,
2251 ICMP6_FILTER, &f, UIO_SYSSPACE, sizeof(f)));
2252 }
2253 #endif
2254 case SOL_NETLINK:
2255 name = args->optname;
2256 break;
2257 default:
2258 name = -1;
2259 break;
2260 }
2261 if (name < 0) {
2262 if (name == -1)
2263 linux_msg(curthread,
2264 "unsupported setsockopt level %d optname %d",
2265 args->level, args->optname);
2266 return (ENOPROTOOPT);
2267 }
2268
2269 switch (name) {
2270 case IPV6_NEXTHOP: {
2271 len = args->optlen;
2272 error = linux_to_bsd_sockaddr(PTRIN(args->optval), &sa, &len);
2273 if (error != 0)
2274 return (error);
2275
2276 error = kern_setsockopt(td, args->s, level,
2277 name, sa, UIO_SYSSPACE, len);
2278 free(sa, M_SONAME);
2279 break;
2280 }
2281 case MCAST_JOIN_GROUP:
2282 case MCAST_LEAVE_GROUP:
2283 case MCAST_JOIN_SOURCE_GROUP:
2284 case MCAST_LEAVE_SOURCE_GROUP: {
2285 struct group_source_req req;
2286 size_t size;
2287
2288 size = (name == MCAST_JOIN_SOURCE_GROUP ||
2289 name == MCAST_LEAVE_SOURCE_GROUP) ?
2290 sizeof(struct group_source_req) : sizeof(struct group_req);
2291
2292 if ((error = copyin(PTRIN(args->optval), &req, size)))
2293 return (error);
2294 len = sizeof(struct sockaddr_storage);
2295 if ((error = linux_to_bsd_sockaddr(
2296 (struct l_sockaddr *)&req.gsr_group, NULL, &len)))
2297 return (error);
2298 if (size == sizeof(struct group_source_req) &&
2299 (error = linux_to_bsd_sockaddr(
2300 (struct l_sockaddr *)&req.gsr_source, NULL, &len)))
2301 return (error);
2302 error = kern_setsockopt(td, args->s, level, name, &req,
2303 UIO_SYSSPACE, size);
2304 break;
2305 }
2306 default:
2307 error = kern_setsockopt(td, args->s, level,
2308 name, PTRIN(args->optval), UIO_USERSPACE, args->optlen);
2309 }
2310
2311 return (error);
2312 }
2313
2314 static int
linux_sockopt_copyout(struct thread * td,void * val,socklen_t len,struct linux_getsockopt_args * args)2315 linux_sockopt_copyout(struct thread *td, void *val, socklen_t len,
2316 struct linux_getsockopt_args *args)
2317 {
2318 int error;
2319
2320 error = copyout(val, PTRIN(args->optval), len);
2321 if (error == 0)
2322 error = copyout(&len, PTRIN(args->optlen), sizeof(len));
2323 return (error);
2324 }
2325
2326 static int
linux_getsockopt_so_peergroups(struct thread * td,struct linux_getsockopt_args * args)2327 linux_getsockopt_so_peergroups(struct thread *td,
2328 struct linux_getsockopt_args *args)
2329 {
2330 l_gid_t *out = PTRIN(args->optval);
2331 struct xucred xu;
2332 socklen_t xulen, len;
2333 int error, i;
2334
2335 xulen = sizeof(xu);
2336 error = kern_getsockopt(td, args->s, 0,
2337 LOCAL_PEERCRED, &xu, UIO_SYSSPACE, &xulen);
2338 if (error != 0)
2339 return (error);
2340
2341 len = xu.cr_ngroups * sizeof(l_gid_t);
2342 if (args->optlen < len) {
2343 error = copyout(&len, PTRIN(args->optlen), sizeof(len));
2344 if (error == 0)
2345 error = ERANGE;
2346 return (error);
2347 }
2348
2349 /* "- 1" to skip the primary group. */
2350 for (i = 0; i < xu.cr_ngroups - 1; i++) {
2351 /* Copy to cope with a possible type discrepancy. */
2352 const l_gid_t g = xu.cr_groups[i + 1];
2353
2354 error = copyout(&g, out + i, sizeof(l_gid_t));
2355 if (error != 0)
2356 return (error);
2357 }
2358
2359 error = copyout(&len, PTRIN(args->optlen), sizeof(len));
2360 return (error);
2361 }
2362
2363 static int
linux_getsockopt_so_peersec(struct thread * td,struct linux_getsockopt_args * args)2364 linux_getsockopt_so_peersec(struct thread *td,
2365 struct linux_getsockopt_args *args)
2366 {
2367 socklen_t len;
2368 int error;
2369
2370 len = sizeof(SECURITY_CONTEXT_STRING);
2371 if (args->optlen < len) {
2372 error = copyout(&len, PTRIN(args->optlen), sizeof(len));
2373 if (error == 0)
2374 error = ERANGE;
2375 return (error);
2376 }
2377
2378 return (linux_sockopt_copyout(td, SECURITY_CONTEXT_STRING,
2379 len, args));
2380 }
2381
2382 static int
linux_getsockopt_so_linger(struct thread * td,struct linux_getsockopt_args * args)2383 linux_getsockopt_so_linger(struct thread *td,
2384 struct linux_getsockopt_args *args)
2385 {
2386 struct linger ling;
2387 socklen_t len;
2388 int error;
2389
2390 len = sizeof(ling);
2391 error = kern_getsockopt(td, args->s, SOL_SOCKET,
2392 SO_LINGER, &ling, UIO_SYSSPACE, &len);
2393 if (error != 0)
2394 return (error);
2395 ling.l_onoff = ((ling.l_onoff & SO_LINGER) != 0);
2396 return (linux_sockopt_copyout(td, &ling, len, args));
2397 }
2398
2399 int
linux_getsockopt(struct thread * td,struct linux_getsockopt_args * args)2400 linux_getsockopt(struct thread *td, struct linux_getsockopt_args *args)
2401 {
2402 l_uint linux_timeout;
2403 l_timeval linux_tv;
2404 struct timeval tv;
2405 socklen_t tv_len, xulen, len;
2406 struct sockaddr *sa;
2407 u_int bsd_timeout;
2408 struct xucred xu;
2409 struct l_ucred lxu;
2410 int error, level, name, newval;
2411
2412 level = linux_to_bsd_sockopt_level(args->level);
2413 switch (level) {
2414 case SOL_SOCKET:
2415 switch (args->optname) {
2416 case LINUX_SO_PEERGROUPS:
2417 return (linux_getsockopt_so_peergroups(td, args));
2418 case LINUX_SO_PEERSEC:
2419 return (linux_getsockopt_so_peersec(td, args));
2420 default:
2421 break;
2422 }
2423
2424 name = linux_to_bsd_so_sockopt(args->optname);
2425 switch (name) {
2426 case LOCAL_CREDS_PERSISTENT:
2427 level = SOL_LOCAL;
2428 break;
2429 case SO_RCVTIMEO:
2430 /* FALLTHROUGH */
2431 case SO_SNDTIMEO:
2432 tv_len = sizeof(tv);
2433 error = kern_getsockopt(td, args->s, level,
2434 name, &tv, UIO_SYSSPACE, &tv_len);
2435 if (error != 0)
2436 return (error);
2437 linux_tv.tv_sec = tv.tv_sec;
2438 linux_tv.tv_usec = tv.tv_usec;
2439 return (linux_sockopt_copyout(td, &linux_tv,
2440 sizeof(linux_tv), args));
2441 /* NOTREACHED */
2442 case LOCAL_PEERCRED:
2443 if (args->optlen < sizeof(lxu))
2444 return (EINVAL);
2445 /*
2446 * LOCAL_PEERCRED is not served at the SOL_SOCKET level,
2447 * but by the Unix socket's level 0.
2448 */
2449 level = 0;
2450 xulen = sizeof(xu);
2451 error = kern_getsockopt(td, args->s, level,
2452 name, &xu, UIO_SYSSPACE, &xulen);
2453 if (error != 0)
2454 return (error);
2455 lxu.pid = xu.cr_pid;
2456 lxu.uid = xu.cr_uid;
2457 lxu.gid = xu.cr_gid;
2458 return (linux_sockopt_copyout(td, &lxu,
2459 sizeof(lxu), args));
2460 /* NOTREACHED */
2461 case SO_ERROR:
2462 len = sizeof(newval);
2463 error = kern_getsockopt(td, args->s, level,
2464 name, &newval, UIO_SYSSPACE, &len);
2465 if (error != 0)
2466 return (error);
2467 newval = -bsd_to_linux_errno(newval);
2468 return (linux_sockopt_copyout(td, &newval,
2469 len, args));
2470 /* NOTREACHED */
2471 case SO_DOMAIN:
2472 len = sizeof(newval);
2473 error = kern_getsockopt(td, args->s, level,
2474 name, &newval, UIO_SYSSPACE, &len);
2475 if (error != 0)
2476 return (error);
2477 newval = bsd_to_linux_domain((sa_family_t)newval);
2478 if (newval == AF_UNKNOWN)
2479 return (ENOPROTOOPT);
2480 return (linux_sockopt_copyout(td, &newval,
2481 len, args));
2482 /* NOTREACHED */
2483 case SO_LINGER:
2484 return (linux_getsockopt_so_linger(td, args));
2485 /* NOTREACHED */
2486 default:
2487 break;
2488 }
2489 break;
2490 case IPPROTO_IP:
2491 name = linux_to_bsd_ip_sockopt(args->optname);
2492 break;
2493 case IPPROTO_IPV6:
2494 name = linux_to_bsd_ip6_sockopt(args->optname);
2495 break;
2496 case IPPROTO_TCP:
2497 name = linux_to_bsd_tcp_sockopt(args->optname);
2498 switch (name) {
2499 case TCP_MAXUNACKTIME:
2500 len = sizeof(bsd_timeout);
2501 error = kern_getsockopt(td, args->s, level, name,
2502 &bsd_timeout, UIO_SYSSPACE, &len);
2503 if (error != 0)
2504 return (error);
2505
2506 linux_timeout = bsd_to_linux_tcp_user_timeout(
2507 bsd_timeout);
2508 return (linux_sockopt_copyout(td, &linux_timeout,
2509 sizeof(linux_timeout), args));
2510 default:
2511 break;
2512 }
2513 break;
2514 #ifdef INET6
2515 case IPPROTO_RAW: {
2516 struct file *fp;
2517 struct socket *so;
2518 int family;
2519
2520 error = getsock(td, args->s, &cap_getsockopt_rights, &fp);
2521 if (error != 0)
2522 return (error);
2523 so = fp->f_data;
2524 family = so->so_proto->pr_domain->dom_family;
2525 fdrop(fp, td);
2526
2527 name = -1;
2528 if (family == AF_INET6) {
2529 name = linux_to_bsd_ip6_sockopt(args->optname);
2530 if (name >= 0)
2531 level = IPPROTO_IPV6;
2532 }
2533 break;
2534 }
2535 case IPPROTO_ICMPV6: {
2536 struct icmp6_filter f;
2537 int i;
2538
2539 name = linux_to_bsd_icmp6_sockopt(args->optname);
2540 if (name != ICMP6_FILTER)
2541 break;
2542
2543 error = copyin(PTRIN(args->optlen), &len, sizeof(len));
2544 if (error)
2545 return (error);
2546 if (len != sizeof(f))
2547 return (EINVAL);
2548
2549 error = kern_getsockopt(td, args->s, IPPROTO_ICMPV6,
2550 ICMP6_FILTER, &f, UIO_SYSSPACE, &len);
2551 if (error)
2552 return (error);
2553
2554 /* Linux uses opposite values for pass/block in ICMPv6 */
2555 for (i = 0; i < nitems(f.icmp6_filt); i++)
2556 f.icmp6_filt[i] = ~f.icmp6_filt[i];
2557 error = copyout(&f, PTRIN(args->optval), len);
2558 if (error)
2559 return (error);
2560
2561 return (copyout(&len, PTRIN(args->optlen), sizeof(socklen_t)));
2562 }
2563 #endif
2564 default:
2565 name = -1;
2566 break;
2567 }
2568 if (name < 0) {
2569 if (name == -1)
2570 linux_msg(curthread,
2571 "unsupported getsockopt level %d optname %d",
2572 args->level, args->optname);
2573 return (EINVAL);
2574 }
2575
2576 if (name == IPV6_NEXTHOP) {
2577 error = copyin(PTRIN(args->optlen), &len, sizeof(len));
2578 if (error != 0)
2579 return (error);
2580 sa = malloc(len, M_SONAME, M_WAITOK);
2581
2582 error = kern_getsockopt(td, args->s, level,
2583 name, sa, UIO_SYSSPACE, &len);
2584 if (error != 0)
2585 goto out;
2586
2587 error = linux_copyout_sockaddr(sa, PTRIN(args->optval), len);
2588 if (error == 0)
2589 error = copyout(&len, PTRIN(args->optlen),
2590 sizeof(len));
2591 out:
2592 free(sa, M_SONAME);
2593 } else {
2594 if (args->optval) {
2595 error = copyin(PTRIN(args->optlen), &len, sizeof(len));
2596 if (error != 0)
2597 return (error);
2598 }
2599 error = kern_getsockopt(td, args->s, level,
2600 name, PTRIN(args->optval), UIO_USERSPACE, &len);
2601 if (error == 0)
2602 error = copyout(&len, PTRIN(args->optlen),
2603 sizeof(len));
2604 }
2605
2606 return (error);
2607 }
2608
2609 /*
2610 * Based on sendfile_getsock from kern_sendfile.c
2611 * Determines whether an fd is a stream socket that can be used
2612 * with FreeBSD sendfile.
2613 */
2614 static bool
is_sendfile(struct file * fp,struct file * ofp)2615 is_sendfile(struct file *fp, struct file *ofp)
2616 {
2617 struct socket *so;
2618
2619 /*
2620 * FreeBSD sendfile() system call sends a regular file or
2621 * shared memory object out a stream socket.
2622 */
2623 if ((fp->f_type != DTYPE_SHM && fp->f_type != DTYPE_VNODE) ||
2624 (fp->f_type == DTYPE_VNODE &&
2625 (fp->f_vnode == NULL || fp->f_vnode->v_type != VREG)))
2626 return (false);
2627 /*
2628 * The socket must be a stream socket and connected.
2629 */
2630 if (ofp->f_type != DTYPE_SOCKET)
2631 return (false);
2632 so = ofp->f_data;
2633 if (so->so_type != SOCK_STREAM)
2634 return (false);
2635 /*
2636 * SCTP one-to-one style sockets currently don't work with
2637 * sendfile().
2638 */
2639 if (so->so_proto->pr_protocol == IPPROTO_SCTP)
2640 return (false);
2641 return (!SOLISTENING(so));
2642 }
2643
2644 static bool
is_regular_file(struct file * fp)2645 is_regular_file(struct file *fp)
2646 {
2647
2648 return (fp->f_type == DTYPE_VNODE && fp->f_vnode != NULL &&
2649 fp->f_vnode->v_type == VREG);
2650 }
2651
2652 static int
sendfile_fallback(struct thread * td,struct file * fp,l_int out,off_t * offset,l_size_t count,off_t * sbytes)2653 sendfile_fallback(struct thread *td, struct file *fp, l_int out,
2654 off_t *offset, l_size_t count, off_t *sbytes)
2655 {
2656 off_t current_offset, out_offset, to_send;
2657 l_size_t bytes_sent, n_read;
2658 struct file *ofp;
2659 struct iovec aiov;
2660 struct uio auio;
2661 bool seekable;
2662 size_t bufsz;
2663 void *buf;
2664 int flags, error;
2665
2666 if (offset == NULL) {
2667 if ((error = fo_seek(fp, 0, SEEK_CUR, td)) != 0)
2668 return (error);
2669 current_offset = td->td_uretoff.tdu_off;
2670 } else {
2671 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0)
2672 return (ESPIPE);
2673 current_offset = *offset;
2674 }
2675 error = fget_write(td, out, &cap_pwrite_rights, &ofp);
2676 if (error != 0)
2677 return (error);
2678 seekable = (ofp->f_ops->fo_flags & DFLAG_SEEKABLE) != 0;
2679 if (seekable) {
2680 if ((error = fo_seek(ofp, 0, SEEK_CUR, td)) != 0)
2681 goto drop;
2682 out_offset = td->td_uretoff.tdu_off;
2683 } else
2684 out_offset = 0;
2685
2686 flags = FOF_OFFSET | FOF_NOUPDATE;
2687 bufsz = min(count, maxphys);
2688 buf = malloc(bufsz, M_LINUX, M_WAITOK);
2689 bytes_sent = 0;
2690 while (bytes_sent < count) {
2691 to_send = min(count - bytes_sent, bufsz);
2692 aiov.iov_base = buf;
2693 aiov.iov_len = bufsz;
2694 auio.uio_iov = &aiov;
2695 auio.uio_iovcnt = 1;
2696 auio.uio_segflg = UIO_SYSSPACE;
2697 auio.uio_td = td;
2698 auio.uio_rw = UIO_READ;
2699 auio.uio_offset = current_offset;
2700 auio.uio_resid = to_send;
2701 error = fo_read(fp, &auio, fp->f_cred, flags, td);
2702 if (error != 0)
2703 break;
2704 n_read = to_send - auio.uio_resid;
2705 if (n_read == 0)
2706 break;
2707 aiov.iov_base = buf;
2708 aiov.iov_len = bufsz;
2709 auio.uio_iov = &aiov;
2710 auio.uio_iovcnt = 1;
2711 auio.uio_segflg = UIO_SYSSPACE;
2712 auio.uio_td = td;
2713 auio.uio_rw = UIO_WRITE;
2714 auio.uio_offset = (seekable) ? out_offset : 0;
2715 auio.uio_resid = n_read;
2716 error = fo_write(ofp, &auio, ofp->f_cred, flags, td);
2717 if (error != 0)
2718 break;
2719 bytes_sent += n_read;
2720 current_offset += n_read;
2721 out_offset += n_read;
2722 }
2723 free(buf, M_LINUX);
2724
2725 if (error == 0) {
2726 *sbytes = bytes_sent;
2727 if (offset != NULL)
2728 *offset = current_offset;
2729 else
2730 error = fo_seek(fp, current_offset, SEEK_SET, td);
2731 }
2732 if (error == 0 && seekable)
2733 error = fo_seek(ofp, out_offset, SEEK_SET, td);
2734
2735 drop:
2736 fdrop(ofp, td);
2737 return (error);
2738 }
2739
2740 static int
sendfile_sendfile(struct thread * td,struct file * fp,l_int out,off_t * offset,l_size_t count,off_t * sbytes)2741 sendfile_sendfile(struct thread *td, struct file *fp, l_int out,
2742 off_t *offset, l_size_t count, off_t *sbytes)
2743 {
2744 off_t current_offset;
2745 int error;
2746
2747 if (offset == NULL) {
2748 if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0)
2749 return (ESPIPE);
2750 if ((error = fo_seek(fp, 0, SEEK_CUR, td)) != 0)
2751 return (error);
2752 current_offset = td->td_uretoff.tdu_off;
2753 } else
2754 current_offset = *offset;
2755 error = fo_sendfile(fp, out, NULL, NULL, current_offset, count,
2756 sbytes, 0, td);
2757 if (error == EAGAIN && *sbytes > 0) {
2758 /*
2759 * The socket is non-blocking and we didn't finish sending.
2760 * Squash the error, since that's what Linux does.
2761 */
2762 error = 0;
2763 }
2764 if (error == 0) {
2765 current_offset += *sbytes;
2766 if (offset != NULL)
2767 *offset = current_offset;
2768 else
2769 error = fo_seek(fp, current_offset, SEEK_SET, td);
2770 }
2771 return (error);
2772 }
2773
2774 static int
linux_sendfile_common(struct thread * td,l_int out,l_int in,off_t * offset,l_size_t count)2775 linux_sendfile_common(struct thread *td, l_int out, l_int in,
2776 off_t *offset, l_size_t count)
2777 {
2778 struct file *fp, *ofp;
2779 off_t sbytes;
2780 int error;
2781
2782 /* Linux cannot have 0 count. */
2783 if (count <= 0 || (offset != NULL && *offset < 0))
2784 return (EINVAL);
2785
2786 AUDIT_ARG_FD(in);
2787 error = fget_read(td, in, &cap_pread_rights, &fp);
2788 if (error != 0)
2789 return (error);
2790 if ((fp->f_type != DTYPE_SHM && fp->f_type != DTYPE_VNODE) ||
2791 (fp->f_type == DTYPE_VNODE &&
2792 (fp->f_vnode == NULL || fp->f_vnode->v_type != VREG))) {
2793 error = EINVAL;
2794 goto drop;
2795 }
2796 error = fget_unlocked(td, out, &cap_no_rights, &ofp);
2797 if (error != 0)
2798 goto drop;
2799
2800 if (is_regular_file(fp) && is_regular_file(ofp)) {
2801 error = kern_copy_file_range(td, in, offset, out, NULL, count,
2802 0);
2803 } else {
2804 sbytes = 0;
2805 if (is_sendfile(fp, ofp))
2806 error = sendfile_sendfile(td, fp, out, offset, count,
2807 &sbytes);
2808 else
2809 error = sendfile_fallback(td, fp, out, offset, count,
2810 &sbytes);
2811 if (error == ENOBUFS && (ofp->f_flag & FNONBLOCK) != 0)
2812 error = EAGAIN;
2813 if (error == 0)
2814 td->td_retval[0] = sbytes;
2815 }
2816 fdrop(ofp, td);
2817
2818 drop:
2819 fdrop(fp, td);
2820 return (error);
2821 }
2822
2823 int
linux_sendfile(struct thread * td,struct linux_sendfile_args * arg)2824 linux_sendfile(struct thread *td, struct linux_sendfile_args *arg)
2825 {
2826 /*
2827 * Differences between FreeBSD and Linux sendfile:
2828 * - Linux doesn't send anything when count is 0 (FreeBSD uses 0 to
2829 * mean send the whole file).
2830 * - Linux can send to any fd whereas FreeBSD only supports sockets.
2831 * We therefore use FreeBSD sendfile where possible for performance,
2832 * but fall back on a manual copy (sendfile_fallback).
2833 * - Linux doesn't have an equivalent for FreeBSD's flags and sf_hdtr.
2834 * - Linux takes an offset pointer and updates it to the read location.
2835 * FreeBSD takes in an offset and a 'bytes read' parameter which is
2836 * only filled if it isn't NULL. We use this parameter to update the
2837 * offset pointer if it exists.
2838 * - Linux sendfile returns bytes read on success while FreeBSD
2839 * returns 0. We use the 'bytes read' parameter to get this value.
2840 */
2841
2842 off_t offset64;
2843 l_off_t offset;
2844 int error;
2845
2846 if (arg->offset != NULL) {
2847 error = copyin(arg->offset, &offset, sizeof(offset));
2848 if (error != 0)
2849 return (error);
2850 offset64 = offset;
2851 }
2852
2853 error = linux_sendfile_common(td, arg->out, arg->in,
2854 arg->offset != NULL ? &offset64 : NULL, arg->count);
2855
2856 if (error == 0 && arg->offset != NULL) {
2857 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
2858 if (offset64 > INT32_MAX)
2859 return (EOVERFLOW);
2860 #endif
2861 offset = (l_off_t)offset64;
2862 error = copyout(&offset, arg->offset, sizeof(offset));
2863 }
2864
2865 return (error);
2866 }
2867
2868 #if defined(__i386__) || (defined(__amd64__) && defined(COMPAT_LINUX32))
2869 int
linux_sendfile64(struct thread * td,struct linux_sendfile64_args * arg)2870 linux_sendfile64(struct thread *td, struct linux_sendfile64_args *arg)
2871 {
2872 off_t offset;
2873 int error;
2874
2875 if (arg->offset != NULL) {
2876 error = copyin(arg->offset, &offset, sizeof(offset));
2877 if (error != 0)
2878 return (error);
2879 }
2880
2881 error = linux_sendfile_common(td, arg->out, arg->in,
2882 arg->offset != NULL ? &offset : NULL, arg->count);
2883
2884 if (error == 0 && arg->offset != NULL)
2885 error = copyout(&offset, arg->offset, sizeof(offset));
2886
2887 return (error);
2888 }
2889
2890 /* Argument list sizes for linux_socketcall */
2891 static const unsigned char lxs_args_cnt[] = {
2892 0 /* unused*/, 3 /* socket */,
2893 3 /* bind */, 3 /* connect */,
2894 2 /* listen */, 3 /* accept */,
2895 3 /* getsockname */, 3 /* getpeername */,
2896 4 /* socketpair */, 4 /* send */,
2897 4 /* recv */, 6 /* sendto */,
2898 6 /* recvfrom */, 2 /* shutdown */,
2899 5 /* setsockopt */, 5 /* getsockopt */,
2900 3 /* sendmsg */, 3 /* recvmsg */,
2901 4 /* accept4 */, 5 /* recvmmsg */,
2902 4 /* sendmmsg */, 4 /* sendfile */
2903 };
2904 #define LINUX_ARGS_CNT (nitems(lxs_args_cnt) - 1)
2905 #define LINUX_ARG_SIZE(x) (lxs_args_cnt[x] * sizeof(l_ulong))
2906
2907 int
linux_socketcall(struct thread * td,struct linux_socketcall_args * args)2908 linux_socketcall(struct thread *td, struct linux_socketcall_args *args)
2909 {
2910 l_ulong a[6];
2911 #if defined(__amd64__) && defined(COMPAT_LINUX32)
2912 register_t l_args[6];
2913 #endif
2914 void *arg;
2915 int error;
2916
2917 if (args->what < LINUX_SOCKET || args->what > LINUX_ARGS_CNT)
2918 return (EINVAL);
2919 error = copyin(PTRIN(args->args), a, LINUX_ARG_SIZE(args->what));
2920 if (error != 0)
2921 return (error);
2922
2923 #if defined(__amd64__) && defined(COMPAT_LINUX32)
2924 for (int i = 0; i < lxs_args_cnt[args->what]; ++i)
2925 l_args[i] = a[i];
2926 arg = l_args;
2927 #else
2928 arg = a;
2929 #endif
2930 switch (args->what) {
2931 case LINUX_SOCKET:
2932 return (linux_socket(td, arg));
2933 case LINUX_BIND:
2934 return (linux_bind(td, arg));
2935 case LINUX_CONNECT:
2936 return (linux_connect(td, arg));
2937 case LINUX_LISTEN:
2938 return (linux_listen(td, arg));
2939 case LINUX_ACCEPT:
2940 return (linux_accept(td, arg));
2941 case LINUX_GETSOCKNAME:
2942 return (linux_getsockname(td, arg));
2943 case LINUX_GETPEERNAME:
2944 return (linux_getpeername(td, arg));
2945 case LINUX_SOCKETPAIR:
2946 return (linux_socketpair(td, arg));
2947 case LINUX_SEND:
2948 return (linux_send(td, arg));
2949 case LINUX_RECV:
2950 return (linux_recv(td, arg));
2951 case LINUX_SENDTO:
2952 return (linux_sendto(td, arg));
2953 case LINUX_RECVFROM:
2954 return (linux_recvfrom(td, arg));
2955 case LINUX_SHUTDOWN:
2956 return (linux_shutdown(td, arg));
2957 case LINUX_SETSOCKOPT:
2958 return (linux_setsockopt(td, arg));
2959 case LINUX_GETSOCKOPT:
2960 return (linux_getsockopt(td, arg));
2961 case LINUX_SENDMSG:
2962 return (linux_sendmsg(td, arg));
2963 case LINUX_RECVMSG:
2964 return (linux_recvmsg(td, arg));
2965 case LINUX_ACCEPT4:
2966 return (linux_accept4(td, arg));
2967 case LINUX_RECVMMSG:
2968 return (linux_recvmmsg(td, arg));
2969 case LINUX_SENDMMSG:
2970 return (linux_sendmmsg(td, arg));
2971 case LINUX_SENDFILE:
2972 return (linux_sendfile(td, arg));
2973 }
2974
2975 linux_msg(td, "socket type %d not implemented", args->what);
2976 return (ENOSYS);
2977 }
2978 #endif /* __i386__ || (__amd64__ && COMPAT_LINUX32) */
2979