1 /*- 2 * Copyright (c) 1982, 1986, 1988, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)uipc_socket2.c 8.1 (Berkeley) 6/10/93 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include "opt_param.h" 36 37 #include <sys/param.h> 38 #include <sys/aio.h> /* for aio_swake proto */ 39 #include <sys/kernel.h> 40 #include <sys/lock.h> 41 #include <sys/mbuf.h> 42 #include <sys/mutex.h> 43 #include <sys/proc.h> 44 #include <sys/protosw.h> 45 #include <sys/resourcevar.h> 46 #include <sys/signalvar.h> 47 #include <sys/socket.h> 48 #include <sys/socketvar.h> 49 #include <sys/sx.h> 50 #include <sys/sysctl.h> 51 52 /* 53 * Function pointer set by the AIO routines so that the socket buffer code 54 * can call back into the AIO module if it is loaded. 55 */ 56 void (*aio_swake)(struct socket *, struct sockbuf *); 57 58 /* 59 * Primitive routines for operating on socket buffers 60 */ 61 62 u_long sb_max = SB_MAX; 63 u_long sb_max_adj = 64 (quad_t)SB_MAX * MCLBYTES / (MSIZE + MCLBYTES); /* adjusted sb_max */ 65 66 static u_long sb_efficiency = 8; /* parameter for sbreserve() */ 67 68 static struct mbuf *sbcut_internal(struct sockbuf *sb, int len); 69 static void sbflush_internal(struct sockbuf *sb); 70 71 /* 72 * Mark ready "count" mbufs starting with "m". 73 */ 74 int 75 sbready(struct sockbuf *sb, struct mbuf *m, int count) 76 { 77 u_int blocker; 78 79 SOCKBUF_LOCK_ASSERT(sb); 80 KASSERT(sb->sb_fnrdy != NULL, ("%s: sb %p NULL fnrdy", __func__, sb)); 81 82 blocker = (sb->sb_fnrdy == m) ? M_BLOCKED : 0; 83 84 for (int i = 0; i < count; i++, m = m->m_next) { 85 KASSERT(m->m_flags & M_NOTREADY, 86 ("%s: m %p !M_NOTREADY", __func__, m)); 87 m->m_flags &= ~(M_NOTREADY | blocker); 88 if (blocker) 89 sb->sb_acc += m->m_len; 90 } 91 92 if (!blocker) 93 return (EINPROGRESS); 94 95 /* This one was blocking all the queue. */ 96 for (; m && (m->m_flags & M_NOTREADY) == 0; m = m->m_next) { 97 KASSERT(m->m_flags & M_BLOCKED, 98 ("%s: m %p !M_BLOCKED", __func__, m)); 99 m->m_flags &= ~M_BLOCKED; 100 sb->sb_acc += m->m_len; 101 } 102 103 sb->sb_fnrdy = m; 104 105 return (0); 106 } 107 108 /* 109 * Adjust sockbuf state reflecting allocation of m. 110 */ 111 void 112 sballoc(struct sockbuf *sb, struct mbuf *m) 113 { 114 115 SOCKBUF_LOCK_ASSERT(sb); 116 117 sb->sb_ccc += m->m_len; 118 119 if (sb->sb_fnrdy == NULL) { 120 if (m->m_flags & M_NOTREADY) 121 sb->sb_fnrdy = m; 122 else 123 sb->sb_acc += m->m_len; 124 } else 125 m->m_flags |= M_BLOCKED; 126 127 if (m->m_type != MT_DATA && m->m_type != MT_OOBDATA) 128 sb->sb_ctl += m->m_len; 129 130 sb->sb_mbcnt += MSIZE; 131 sb->sb_mcnt += 1; 132 133 if (m->m_flags & M_EXT) { 134 sb->sb_mbcnt += m->m_ext.ext_size; 135 sb->sb_ccnt += 1; 136 } 137 } 138 139 /* 140 * Adjust sockbuf state reflecting freeing of m. 141 */ 142 void 143 sbfree(struct sockbuf *sb, struct mbuf *m) 144 { 145 146 #if 0 /* XXX: not yet: soclose() call path comes here w/o lock. */ 147 SOCKBUF_LOCK_ASSERT(sb); 148 #endif 149 150 sb->sb_ccc -= m->m_len; 151 152 if (!(m->m_flags & M_NOTAVAIL)) 153 sb->sb_acc -= m->m_len; 154 155 if (m == sb->sb_fnrdy) { 156 struct mbuf *n; 157 158 KASSERT(m->m_flags & M_NOTREADY, 159 ("%s: m %p !M_NOTREADY", __func__, m)); 160 161 n = m->m_next; 162 while (n != NULL && !(n->m_flags & M_NOTREADY)) { 163 n->m_flags &= ~M_BLOCKED; 164 sb->sb_acc += n->m_len; 165 n = n->m_next; 166 } 167 sb->sb_fnrdy = n; 168 } 169 170 if (m->m_type != MT_DATA && m->m_type != MT_OOBDATA) 171 sb->sb_ctl -= m->m_len; 172 173 sb->sb_mbcnt -= MSIZE; 174 sb->sb_mcnt -= 1; 175 if (m->m_flags & M_EXT) { 176 sb->sb_mbcnt -= m->m_ext.ext_size; 177 sb->sb_ccnt -= 1; 178 } 179 180 if (sb->sb_sndptr == m) { 181 sb->sb_sndptr = NULL; 182 sb->sb_sndptroff = 0; 183 } 184 if (sb->sb_sndptroff != 0) 185 sb->sb_sndptroff -= m->m_len; 186 } 187 188 /* 189 * Socantsendmore indicates that no more data will be sent on the socket; it 190 * would normally be applied to a socket when the user informs the system 191 * that no more data is to be sent, by the protocol code (in case 192 * PRU_SHUTDOWN). Socantrcvmore indicates that no more data will be 193 * received, and will normally be applied to the socket by a protocol when it 194 * detects that the peer will send no more data. Data queued for reading in 195 * the socket may yet be read. 196 */ 197 void 198 socantsendmore_locked(struct socket *so) 199 { 200 201 SOCKBUF_LOCK_ASSERT(&so->so_snd); 202 203 so->so_snd.sb_state |= SBS_CANTSENDMORE; 204 sowwakeup_locked(so); 205 mtx_assert(SOCKBUF_MTX(&so->so_snd), MA_NOTOWNED); 206 } 207 208 void 209 socantsendmore(struct socket *so) 210 { 211 212 SOCKBUF_LOCK(&so->so_snd); 213 socantsendmore_locked(so); 214 mtx_assert(SOCKBUF_MTX(&so->so_snd), MA_NOTOWNED); 215 } 216 217 void 218 socantrcvmore_locked(struct socket *so) 219 { 220 221 SOCKBUF_LOCK_ASSERT(&so->so_rcv); 222 223 so->so_rcv.sb_state |= SBS_CANTRCVMORE; 224 sorwakeup_locked(so); 225 mtx_assert(SOCKBUF_MTX(&so->so_rcv), MA_NOTOWNED); 226 } 227 228 void 229 socantrcvmore(struct socket *so) 230 { 231 232 SOCKBUF_LOCK(&so->so_rcv); 233 socantrcvmore_locked(so); 234 mtx_assert(SOCKBUF_MTX(&so->so_rcv), MA_NOTOWNED); 235 } 236 237 /* 238 * Wait for data to arrive at/drain from a socket buffer. 239 */ 240 int 241 sbwait(struct sockbuf *sb) 242 { 243 244 SOCKBUF_LOCK_ASSERT(sb); 245 246 sb->sb_flags |= SB_WAIT; 247 return (msleep_sbt(&sb->sb_acc, &sb->sb_mtx, 248 (sb->sb_flags & SB_NOINTR) ? PSOCK : PSOCK | PCATCH, "sbwait", 249 sb->sb_timeo, 0, 0)); 250 } 251 252 int 253 sblock(struct sockbuf *sb, int flags) 254 { 255 256 KASSERT((flags & SBL_VALID) == flags, 257 ("sblock: flags invalid (0x%x)", flags)); 258 259 if (flags & SBL_WAIT) { 260 if ((sb->sb_flags & SB_NOINTR) || 261 (flags & SBL_NOINTR)) { 262 sx_xlock(&sb->sb_sx); 263 return (0); 264 } 265 return (sx_xlock_sig(&sb->sb_sx)); 266 } else { 267 if (sx_try_xlock(&sb->sb_sx) == 0) 268 return (EWOULDBLOCK); 269 return (0); 270 } 271 } 272 273 void 274 sbunlock(struct sockbuf *sb) 275 { 276 277 sx_xunlock(&sb->sb_sx); 278 } 279 280 /* 281 * Wakeup processes waiting on a socket buffer. Do asynchronous notification 282 * via SIGIO if the socket has the SS_ASYNC flag set. 283 * 284 * Called with the socket buffer lock held; will release the lock by the end 285 * of the function. This allows the caller to acquire the socket buffer lock 286 * while testing for the need for various sorts of wakeup and hold it through 287 * to the point where it's no longer required. We currently hold the lock 288 * through calls out to other subsystems (with the exception of kqueue), and 289 * then release it to avoid lock order issues. It's not clear that's 290 * correct. 291 */ 292 void 293 sowakeup(struct socket *so, struct sockbuf *sb) 294 { 295 int ret; 296 297 SOCKBUF_LOCK_ASSERT(sb); 298 299 selwakeuppri(&sb->sb_sel, PSOCK); 300 if (!SEL_WAITING(&sb->sb_sel)) 301 sb->sb_flags &= ~SB_SEL; 302 if (sb->sb_flags & SB_WAIT) { 303 sb->sb_flags &= ~SB_WAIT; 304 wakeup(&sb->sb_acc); 305 } 306 KNOTE_LOCKED(&sb->sb_sel.si_note, 0); 307 if (sb->sb_upcall != NULL) { 308 ret = sb->sb_upcall(so, sb->sb_upcallarg, M_NOWAIT); 309 if (ret == SU_ISCONNECTED) { 310 KASSERT(sb == &so->so_rcv, 311 ("SO_SND upcall returned SU_ISCONNECTED")); 312 soupcall_clear(so, SO_RCV); 313 } 314 } else 315 ret = SU_OK; 316 if (sb->sb_flags & SB_AIO) 317 aio_swake(so, sb); 318 SOCKBUF_UNLOCK(sb); 319 if (ret == SU_ISCONNECTED) 320 soisconnected(so); 321 if ((so->so_state & SS_ASYNC) && so->so_sigio != NULL) 322 pgsigio(&so->so_sigio, SIGIO, 0); 323 mtx_assert(SOCKBUF_MTX(sb), MA_NOTOWNED); 324 } 325 326 /* 327 * Socket buffer (struct sockbuf) utility routines. 328 * 329 * Each socket contains two socket buffers: one for sending data and one for 330 * receiving data. Each buffer contains a queue of mbufs, information about 331 * the number of mbufs and amount of data in the queue, and other fields 332 * allowing select() statements and notification on data availability to be 333 * implemented. 334 * 335 * Data stored in a socket buffer is maintained as a list of records. Each 336 * record is a list of mbufs chained together with the m_next field. Records 337 * are chained together with the m_nextpkt field. The upper level routine 338 * soreceive() expects the following conventions to be observed when placing 339 * information in the receive buffer: 340 * 341 * 1. If the protocol requires each message be preceded by the sender's name, 342 * then a record containing that name must be present before any 343 * associated data (mbuf's must be of type MT_SONAME). 344 * 2. If the protocol supports the exchange of ``access rights'' (really just 345 * additional data associated with the message), and there are ``rights'' 346 * to be received, then a record containing this data should be present 347 * (mbuf's must be of type MT_RIGHTS). 348 * 3. If a name or rights record exists, then it must be followed by a data 349 * record, perhaps of zero length. 350 * 351 * Before using a new socket structure it is first necessary to reserve 352 * buffer space to the socket, by calling sbreserve(). This should commit 353 * some of the available buffer space in the system buffer pool for the 354 * socket (currently, it does nothing but enforce limits). The space should 355 * be released by calling sbrelease() when the socket is destroyed. 356 */ 357 int 358 soreserve(struct socket *so, u_long sndcc, u_long rcvcc) 359 { 360 struct thread *td = curthread; 361 362 SOCKBUF_LOCK(&so->so_snd); 363 SOCKBUF_LOCK(&so->so_rcv); 364 if (sbreserve_locked(&so->so_snd, sndcc, so, td) == 0) 365 goto bad; 366 if (sbreserve_locked(&so->so_rcv, rcvcc, so, td) == 0) 367 goto bad2; 368 if (so->so_rcv.sb_lowat == 0) 369 so->so_rcv.sb_lowat = 1; 370 if (so->so_snd.sb_lowat == 0) 371 so->so_snd.sb_lowat = MCLBYTES; 372 if (so->so_snd.sb_lowat > so->so_snd.sb_hiwat) 373 so->so_snd.sb_lowat = so->so_snd.sb_hiwat; 374 SOCKBUF_UNLOCK(&so->so_rcv); 375 SOCKBUF_UNLOCK(&so->so_snd); 376 return (0); 377 bad2: 378 sbrelease_locked(&so->so_snd, so); 379 bad: 380 SOCKBUF_UNLOCK(&so->so_rcv); 381 SOCKBUF_UNLOCK(&so->so_snd); 382 return (ENOBUFS); 383 } 384 385 static int 386 sysctl_handle_sb_max(SYSCTL_HANDLER_ARGS) 387 { 388 int error = 0; 389 u_long tmp_sb_max = sb_max; 390 391 error = sysctl_handle_long(oidp, &tmp_sb_max, arg2, req); 392 if (error || !req->newptr) 393 return (error); 394 if (tmp_sb_max < MSIZE + MCLBYTES) 395 return (EINVAL); 396 sb_max = tmp_sb_max; 397 sb_max_adj = (u_quad_t)sb_max * MCLBYTES / (MSIZE + MCLBYTES); 398 return (0); 399 } 400 401 /* 402 * Allot mbufs to a sockbuf. Attempt to scale mbmax so that mbcnt doesn't 403 * become limiting if buffering efficiency is near the normal case. 404 */ 405 int 406 sbreserve_locked(struct sockbuf *sb, u_long cc, struct socket *so, 407 struct thread *td) 408 { 409 rlim_t sbsize_limit; 410 411 SOCKBUF_LOCK_ASSERT(sb); 412 413 /* 414 * When a thread is passed, we take into account the thread's socket 415 * buffer size limit. The caller will generally pass curthread, but 416 * in the TCP input path, NULL will be passed to indicate that no 417 * appropriate thread resource limits are available. In that case, 418 * we don't apply a process limit. 419 */ 420 if (cc > sb_max_adj) 421 return (0); 422 if (td != NULL) { 423 sbsize_limit = lim_cur(td, RLIMIT_SBSIZE); 424 } else 425 sbsize_limit = RLIM_INFINITY; 426 if (!chgsbsize(so->so_cred->cr_uidinfo, &sb->sb_hiwat, cc, 427 sbsize_limit)) 428 return (0); 429 sb->sb_mbmax = min(cc * sb_efficiency, sb_max); 430 if (sb->sb_lowat > sb->sb_hiwat) 431 sb->sb_lowat = sb->sb_hiwat; 432 return (1); 433 } 434 435 int 436 sbreserve(struct sockbuf *sb, u_long cc, struct socket *so, 437 struct thread *td) 438 { 439 int error; 440 441 SOCKBUF_LOCK(sb); 442 error = sbreserve_locked(sb, cc, so, td); 443 SOCKBUF_UNLOCK(sb); 444 return (error); 445 } 446 447 /* 448 * Free mbufs held by a socket, and reserved mbuf space. 449 */ 450 void 451 sbrelease_internal(struct sockbuf *sb, struct socket *so) 452 { 453 454 sbflush_internal(sb); 455 (void)chgsbsize(so->so_cred->cr_uidinfo, &sb->sb_hiwat, 0, 456 RLIM_INFINITY); 457 sb->sb_mbmax = 0; 458 } 459 460 void 461 sbrelease_locked(struct sockbuf *sb, struct socket *so) 462 { 463 464 SOCKBUF_LOCK_ASSERT(sb); 465 466 sbrelease_internal(sb, so); 467 } 468 469 void 470 sbrelease(struct sockbuf *sb, struct socket *so) 471 { 472 473 SOCKBUF_LOCK(sb); 474 sbrelease_locked(sb, so); 475 SOCKBUF_UNLOCK(sb); 476 } 477 478 void 479 sbdestroy(struct sockbuf *sb, struct socket *so) 480 { 481 482 sbrelease_internal(sb, so); 483 } 484 485 /* 486 * Routines to add and remove data from an mbuf queue. 487 * 488 * The routines sbappend() or sbappendrecord() are normally called to append 489 * new mbufs to a socket buffer, after checking that adequate space is 490 * available, comparing the function sbspace() with the amount of data to be 491 * added. sbappendrecord() differs from sbappend() in that data supplied is 492 * treated as the beginning of a new record. To place a sender's address, 493 * optional access rights, and data in a socket receive buffer, 494 * sbappendaddr() should be used. To place access rights and data in a 495 * socket receive buffer, sbappendrights() should be used. In either case, 496 * the new data begins a new record. Note that unlike sbappend() and 497 * sbappendrecord(), these routines check for the caller that there will be 498 * enough space to store the data. Each fails if there is not enough space, 499 * or if it cannot find mbufs to store additional information in. 500 * 501 * Reliable protocols may use the socket send buffer to hold data awaiting 502 * acknowledgement. Data is normally copied from a socket send buffer in a 503 * protocol with m_copy for output to a peer, and then removing the data from 504 * the socket buffer with sbdrop() or sbdroprecord() when the data is 505 * acknowledged by the peer. 506 */ 507 #ifdef SOCKBUF_DEBUG 508 void 509 sblastrecordchk(struct sockbuf *sb, const char *file, int line) 510 { 511 struct mbuf *m = sb->sb_mb; 512 513 SOCKBUF_LOCK_ASSERT(sb); 514 515 while (m && m->m_nextpkt) 516 m = m->m_nextpkt; 517 518 if (m != sb->sb_lastrecord) { 519 printf("%s: sb_mb %p sb_lastrecord %p last %p\n", 520 __func__, sb->sb_mb, sb->sb_lastrecord, m); 521 printf("packet chain:\n"); 522 for (m = sb->sb_mb; m != NULL; m = m->m_nextpkt) 523 printf("\t%p\n", m); 524 panic("%s from %s:%u", __func__, file, line); 525 } 526 } 527 528 void 529 sblastmbufchk(struct sockbuf *sb, const char *file, int line) 530 { 531 struct mbuf *m = sb->sb_mb; 532 struct mbuf *n; 533 534 SOCKBUF_LOCK_ASSERT(sb); 535 536 while (m && m->m_nextpkt) 537 m = m->m_nextpkt; 538 539 while (m && m->m_next) 540 m = m->m_next; 541 542 if (m != sb->sb_mbtail) { 543 printf("%s: sb_mb %p sb_mbtail %p last %p\n", 544 __func__, sb->sb_mb, sb->sb_mbtail, m); 545 printf("packet tree:\n"); 546 for (m = sb->sb_mb; m != NULL; m = m->m_nextpkt) { 547 printf("\t"); 548 for (n = m; n != NULL; n = n->m_next) 549 printf("%p ", n); 550 printf("\n"); 551 } 552 panic("%s from %s:%u", __func__, file, line); 553 } 554 } 555 #endif /* SOCKBUF_DEBUG */ 556 557 #define SBLINKRECORD(sb, m0) do { \ 558 SOCKBUF_LOCK_ASSERT(sb); \ 559 if ((sb)->sb_lastrecord != NULL) \ 560 (sb)->sb_lastrecord->m_nextpkt = (m0); \ 561 else \ 562 (sb)->sb_mb = (m0); \ 563 (sb)->sb_lastrecord = (m0); \ 564 } while (/*CONSTCOND*/0) 565 566 /* 567 * Append mbuf chain m to the last record in the socket buffer sb. The 568 * additional space associated the mbuf chain is recorded in sb. Empty mbufs 569 * are discarded and mbufs are compacted where possible. 570 */ 571 void 572 sbappend_locked(struct sockbuf *sb, struct mbuf *m) 573 { 574 struct mbuf *n; 575 576 SOCKBUF_LOCK_ASSERT(sb); 577 578 if (m == 0) 579 return; 580 m_clrprotoflags(m); 581 SBLASTRECORDCHK(sb); 582 n = sb->sb_mb; 583 if (n) { 584 while (n->m_nextpkt) 585 n = n->m_nextpkt; 586 do { 587 if (n->m_flags & M_EOR) { 588 sbappendrecord_locked(sb, m); /* XXXXXX!!!! */ 589 return; 590 } 591 } while (n->m_next && (n = n->m_next)); 592 } else { 593 /* 594 * XXX Would like to simply use sb_mbtail here, but 595 * XXX I need to verify that I won't miss an EOR that 596 * XXX way. 597 */ 598 if ((n = sb->sb_lastrecord) != NULL) { 599 do { 600 if (n->m_flags & M_EOR) { 601 sbappendrecord_locked(sb, m); /* XXXXXX!!!! */ 602 return; 603 } 604 } while (n->m_next && (n = n->m_next)); 605 } else { 606 /* 607 * If this is the first record in the socket buffer, 608 * it's also the last record. 609 */ 610 sb->sb_lastrecord = m; 611 } 612 } 613 sbcompress(sb, m, n); 614 SBLASTRECORDCHK(sb); 615 } 616 617 /* 618 * Append mbuf chain m to the last record in the socket buffer sb. The 619 * additional space associated the mbuf chain is recorded in sb. Empty mbufs 620 * are discarded and mbufs are compacted where possible. 621 */ 622 void 623 sbappend(struct sockbuf *sb, struct mbuf *m) 624 { 625 626 SOCKBUF_LOCK(sb); 627 sbappend_locked(sb, m); 628 SOCKBUF_UNLOCK(sb); 629 } 630 631 /* 632 * This version of sbappend() should only be used when the caller absolutely 633 * knows that there will never be more than one record in the socket buffer, 634 * that is, a stream protocol (such as TCP). 635 */ 636 void 637 sbappendstream_locked(struct sockbuf *sb, struct mbuf *m, int flags) 638 { 639 SOCKBUF_LOCK_ASSERT(sb); 640 641 KASSERT(m->m_nextpkt == NULL,("sbappendstream 0")); 642 KASSERT(sb->sb_mb == sb->sb_lastrecord,("sbappendstream 1")); 643 644 SBLASTMBUFCHK(sb); 645 646 /* Remove all packet headers and mbuf tags to get a pure data chain. */ 647 m_demote(m, 1, flags & PRUS_NOTREADY ? M_NOTREADY : 0); 648 649 sbcompress(sb, m, sb->sb_mbtail); 650 651 sb->sb_lastrecord = sb->sb_mb; 652 SBLASTRECORDCHK(sb); 653 } 654 655 /* 656 * This version of sbappend() should only be used when the caller absolutely 657 * knows that there will never be more than one record in the socket buffer, 658 * that is, a stream protocol (such as TCP). 659 */ 660 void 661 sbappendstream(struct sockbuf *sb, struct mbuf *m, int flags) 662 { 663 664 SOCKBUF_LOCK(sb); 665 sbappendstream_locked(sb, m, flags); 666 SOCKBUF_UNLOCK(sb); 667 } 668 669 #ifdef SOCKBUF_DEBUG 670 void 671 sbcheck(struct sockbuf *sb, const char *file, int line) 672 { 673 struct mbuf *m, *n, *fnrdy; 674 u_long acc, ccc, mbcnt; 675 676 SOCKBUF_LOCK_ASSERT(sb); 677 678 acc = ccc = mbcnt = 0; 679 fnrdy = NULL; 680 681 for (m = sb->sb_mb; m; m = n) { 682 n = m->m_nextpkt; 683 for (; m; m = m->m_next) { 684 if (m->m_len == 0) { 685 printf("sb %p empty mbuf %p\n", sb, m); 686 goto fail; 687 } 688 if ((m->m_flags & M_NOTREADY) && fnrdy == NULL) { 689 if (m != sb->sb_fnrdy) { 690 printf("sb %p: fnrdy %p != m %p\n", 691 sb, sb->sb_fnrdy, m); 692 goto fail; 693 } 694 fnrdy = m; 695 } 696 if (fnrdy) { 697 if (!(m->m_flags & M_NOTAVAIL)) { 698 printf("sb %p: fnrdy %p, m %p is avail\n", 699 sb, sb->sb_fnrdy, m); 700 goto fail; 701 } 702 } else 703 acc += m->m_len; 704 ccc += m->m_len; 705 mbcnt += MSIZE; 706 if (m->m_flags & M_EXT) /*XXX*/ /* pretty sure this is bogus */ 707 mbcnt += m->m_ext.ext_size; 708 } 709 } 710 if (acc != sb->sb_acc || ccc != sb->sb_ccc || mbcnt != sb->sb_mbcnt) { 711 printf("acc %ld/%u ccc %ld/%u mbcnt %ld/%u\n", 712 acc, sb->sb_acc, ccc, sb->sb_ccc, mbcnt, sb->sb_mbcnt); 713 goto fail; 714 } 715 return; 716 fail: 717 panic("%s from %s:%u", __func__, file, line); 718 } 719 #endif 720 721 /* 722 * As above, except the mbuf chain begins a new record. 723 */ 724 void 725 sbappendrecord_locked(struct sockbuf *sb, struct mbuf *m0) 726 { 727 struct mbuf *m; 728 729 SOCKBUF_LOCK_ASSERT(sb); 730 731 if (m0 == 0) 732 return; 733 m_clrprotoflags(m0); 734 /* 735 * Put the first mbuf on the queue. Note this permits zero length 736 * records. 737 */ 738 sballoc(sb, m0); 739 SBLASTRECORDCHK(sb); 740 SBLINKRECORD(sb, m0); 741 sb->sb_mbtail = m0; 742 m = m0->m_next; 743 m0->m_next = 0; 744 if (m && (m0->m_flags & M_EOR)) { 745 m0->m_flags &= ~M_EOR; 746 m->m_flags |= M_EOR; 747 } 748 /* always call sbcompress() so it can do SBLASTMBUFCHK() */ 749 sbcompress(sb, m, m0); 750 } 751 752 /* 753 * As above, except the mbuf chain begins a new record. 754 */ 755 void 756 sbappendrecord(struct sockbuf *sb, struct mbuf *m0) 757 { 758 759 SOCKBUF_LOCK(sb); 760 sbappendrecord_locked(sb, m0); 761 SOCKBUF_UNLOCK(sb); 762 } 763 764 /* Helper routine that appends data, control, and address to a sockbuf. */ 765 static int 766 sbappendaddr_locked_internal(struct sockbuf *sb, const struct sockaddr *asa, 767 struct mbuf *m0, struct mbuf *control, struct mbuf *ctrl_last) 768 { 769 struct mbuf *m, *n, *nlast; 770 #if MSIZE <= 256 771 if (asa->sa_len > MLEN) 772 return (0); 773 #endif 774 m = m_get(M_NOWAIT, MT_SONAME); 775 if (m == NULL) 776 return (0); 777 m->m_len = asa->sa_len; 778 bcopy(asa, mtod(m, caddr_t), asa->sa_len); 779 if (m0) 780 m_clrprotoflags(m0); 781 if (ctrl_last) 782 ctrl_last->m_next = m0; /* concatenate data to control */ 783 else 784 control = m0; 785 m->m_next = control; 786 for (n = m; n->m_next != NULL; n = n->m_next) 787 sballoc(sb, n); 788 sballoc(sb, n); 789 nlast = n; 790 SBLINKRECORD(sb, m); 791 792 sb->sb_mbtail = nlast; 793 SBLASTMBUFCHK(sb); 794 795 SBLASTRECORDCHK(sb); 796 return (1); 797 } 798 799 /* 800 * Append address and data, and optionally, control (ancillary) data to the 801 * receive queue of a socket. If present, m0 must include a packet header 802 * with total length. Returns 0 if no space in sockbuf or insufficient 803 * mbufs. 804 */ 805 int 806 sbappendaddr_locked(struct sockbuf *sb, const struct sockaddr *asa, 807 struct mbuf *m0, struct mbuf *control) 808 { 809 struct mbuf *ctrl_last; 810 int space = asa->sa_len; 811 812 SOCKBUF_LOCK_ASSERT(sb); 813 814 if (m0 && (m0->m_flags & M_PKTHDR) == 0) 815 panic("sbappendaddr_locked"); 816 if (m0) 817 space += m0->m_pkthdr.len; 818 space += m_length(control, &ctrl_last); 819 820 if (space > sbspace(sb)) 821 return (0); 822 return (sbappendaddr_locked_internal(sb, asa, m0, control, ctrl_last)); 823 } 824 825 /* 826 * Append address and data, and optionally, control (ancillary) data to the 827 * receive queue of a socket. If present, m0 must include a packet header 828 * with total length. Returns 0 if insufficient mbufs. Does not validate space 829 * on the receiving sockbuf. 830 */ 831 int 832 sbappendaddr_nospacecheck_locked(struct sockbuf *sb, const struct sockaddr *asa, 833 struct mbuf *m0, struct mbuf *control) 834 { 835 struct mbuf *ctrl_last; 836 837 SOCKBUF_LOCK_ASSERT(sb); 838 839 ctrl_last = (control == NULL) ? NULL : m_last(control); 840 return (sbappendaddr_locked_internal(sb, asa, m0, control, ctrl_last)); 841 } 842 843 /* 844 * Append address and data, and optionally, control (ancillary) data to the 845 * receive queue of a socket. If present, m0 must include a packet header 846 * with total length. Returns 0 if no space in sockbuf or insufficient 847 * mbufs. 848 */ 849 int 850 sbappendaddr(struct sockbuf *sb, const struct sockaddr *asa, 851 struct mbuf *m0, struct mbuf *control) 852 { 853 int retval; 854 855 SOCKBUF_LOCK(sb); 856 retval = sbappendaddr_locked(sb, asa, m0, control); 857 SOCKBUF_UNLOCK(sb); 858 return (retval); 859 } 860 861 int 862 sbappendcontrol_locked(struct sockbuf *sb, struct mbuf *m0, 863 struct mbuf *control) 864 { 865 struct mbuf *m, *n, *mlast; 866 int space; 867 868 SOCKBUF_LOCK_ASSERT(sb); 869 870 if (control == 0) 871 panic("sbappendcontrol_locked"); 872 space = m_length(control, &n) + m_length(m0, NULL); 873 874 if (space > sbspace(sb)) 875 return (0); 876 m_clrprotoflags(m0); 877 n->m_next = m0; /* concatenate data to control */ 878 879 SBLASTRECORDCHK(sb); 880 881 for (m = control; m->m_next; m = m->m_next) 882 sballoc(sb, m); 883 sballoc(sb, m); 884 mlast = m; 885 SBLINKRECORD(sb, control); 886 887 sb->sb_mbtail = mlast; 888 SBLASTMBUFCHK(sb); 889 890 SBLASTRECORDCHK(sb); 891 return (1); 892 } 893 894 int 895 sbappendcontrol(struct sockbuf *sb, struct mbuf *m0, struct mbuf *control) 896 { 897 int retval; 898 899 SOCKBUF_LOCK(sb); 900 retval = sbappendcontrol_locked(sb, m0, control); 901 SOCKBUF_UNLOCK(sb); 902 return (retval); 903 } 904 905 /* 906 * Append the data in mbuf chain (m) into the socket buffer sb following mbuf 907 * (n). If (n) is NULL, the buffer is presumed empty. 908 * 909 * When the data is compressed, mbufs in the chain may be handled in one of 910 * three ways: 911 * 912 * (1) The mbuf may simply be dropped, if it contributes nothing (no data, no 913 * record boundary, and no change in data type). 914 * 915 * (2) The mbuf may be coalesced -- i.e., data in the mbuf may be copied into 916 * an mbuf already in the socket buffer. This can occur if an 917 * appropriate mbuf exists, there is room, both mbufs are not marked as 918 * not ready, and no merging of data types will occur. 919 * 920 * (3) The mbuf may be appended to the end of the existing mbuf chain. 921 * 922 * If any of the new mbufs is marked as M_EOR, mark the last mbuf appended as 923 * end-of-record. 924 */ 925 void 926 sbcompress(struct sockbuf *sb, struct mbuf *m, struct mbuf *n) 927 { 928 int eor = 0; 929 struct mbuf *o; 930 931 SOCKBUF_LOCK_ASSERT(sb); 932 933 while (m) { 934 eor |= m->m_flags & M_EOR; 935 if (m->m_len == 0 && 936 (eor == 0 || 937 (((o = m->m_next) || (o = n)) && 938 o->m_type == m->m_type))) { 939 if (sb->sb_lastrecord == m) 940 sb->sb_lastrecord = m->m_next; 941 m = m_free(m); 942 continue; 943 } 944 if (n && (n->m_flags & M_EOR) == 0 && 945 M_WRITABLE(n) && 946 ((sb->sb_flags & SB_NOCOALESCE) == 0) && 947 !(m->m_flags & M_NOTREADY) && 948 !(n->m_flags & M_NOTREADY) && 949 m->m_len <= MCLBYTES / 4 && /* XXX: Don't copy too much */ 950 m->m_len <= M_TRAILINGSPACE(n) && 951 n->m_type == m->m_type) { 952 bcopy(mtod(m, caddr_t), mtod(n, caddr_t) + n->m_len, 953 (unsigned)m->m_len); 954 n->m_len += m->m_len; 955 sb->sb_ccc += m->m_len; 956 if (sb->sb_fnrdy == NULL) 957 sb->sb_acc += m->m_len; 958 if (m->m_type != MT_DATA && m->m_type != MT_OOBDATA) 959 /* XXX: Probably don't need.*/ 960 sb->sb_ctl += m->m_len; 961 m = m_free(m); 962 continue; 963 } 964 if (n) 965 n->m_next = m; 966 else 967 sb->sb_mb = m; 968 sb->sb_mbtail = m; 969 sballoc(sb, m); 970 n = m; 971 m->m_flags &= ~M_EOR; 972 m = m->m_next; 973 n->m_next = 0; 974 } 975 if (eor) { 976 KASSERT(n != NULL, ("sbcompress: eor && n == NULL")); 977 n->m_flags |= eor; 978 } 979 SBLASTMBUFCHK(sb); 980 } 981 982 /* 983 * Free all mbufs in a sockbuf. Check that all resources are reclaimed. 984 */ 985 static void 986 sbflush_internal(struct sockbuf *sb) 987 { 988 989 while (sb->sb_mbcnt) { 990 /* 991 * Don't call sbcut(sb, 0) if the leading mbuf is non-empty: 992 * we would loop forever. Panic instead. 993 */ 994 if (sb->sb_ccc == 0 && (sb->sb_mb == NULL || sb->sb_mb->m_len)) 995 break; 996 m_freem(sbcut_internal(sb, (int)sb->sb_ccc)); 997 } 998 KASSERT(sb->sb_ccc == 0 && sb->sb_mb == 0 && sb->sb_mbcnt == 0, 999 ("%s: ccc %u mb %p mbcnt %u", __func__, 1000 sb->sb_ccc, (void *)sb->sb_mb, sb->sb_mbcnt)); 1001 } 1002 1003 void 1004 sbflush_locked(struct sockbuf *sb) 1005 { 1006 1007 SOCKBUF_LOCK_ASSERT(sb); 1008 sbflush_internal(sb); 1009 } 1010 1011 void 1012 sbflush(struct sockbuf *sb) 1013 { 1014 1015 SOCKBUF_LOCK(sb); 1016 sbflush_locked(sb); 1017 SOCKBUF_UNLOCK(sb); 1018 } 1019 1020 /* 1021 * Cut data from (the front of) a sockbuf. 1022 */ 1023 static struct mbuf * 1024 sbcut_internal(struct sockbuf *sb, int len) 1025 { 1026 struct mbuf *m, *next, *mfree; 1027 1028 next = (m = sb->sb_mb) ? m->m_nextpkt : 0; 1029 mfree = NULL; 1030 1031 while (len > 0) { 1032 if (m == NULL) { 1033 KASSERT(next, ("%s: no next, len %d", __func__, len)); 1034 m = next; 1035 next = m->m_nextpkt; 1036 } 1037 if (m->m_len > len) { 1038 KASSERT(!(m->m_flags & M_NOTAVAIL), 1039 ("%s: m %p M_NOTAVAIL", __func__, m)); 1040 m->m_len -= len; 1041 m->m_data += len; 1042 sb->sb_ccc -= len; 1043 sb->sb_acc -= len; 1044 if (sb->sb_sndptroff != 0) 1045 sb->sb_sndptroff -= len; 1046 if (m->m_type != MT_DATA && m->m_type != MT_OOBDATA) 1047 sb->sb_ctl -= len; 1048 break; 1049 } 1050 len -= m->m_len; 1051 sbfree(sb, m); 1052 /* 1053 * Do not put M_NOTREADY buffers to the free list, they 1054 * are referenced from outside. 1055 */ 1056 if (m->m_flags & M_NOTREADY) 1057 m = m->m_next; 1058 else { 1059 struct mbuf *n; 1060 1061 n = m->m_next; 1062 m->m_next = mfree; 1063 mfree = m; 1064 m = n; 1065 } 1066 } 1067 /* 1068 * Free any zero-length mbufs from the buffer. 1069 * For SOCK_DGRAM sockets such mbufs represent empty records. 1070 * XXX: For SOCK_STREAM sockets such mbufs can appear in the buffer, 1071 * when sosend_generic() needs to send only control data. 1072 */ 1073 while (m && m->m_len == 0) { 1074 struct mbuf *n; 1075 1076 sbfree(sb, m); 1077 n = m->m_next; 1078 m->m_next = mfree; 1079 mfree = m; 1080 m = n; 1081 } 1082 if (m) { 1083 sb->sb_mb = m; 1084 m->m_nextpkt = next; 1085 } else 1086 sb->sb_mb = next; 1087 /* 1088 * First part is an inline SB_EMPTY_FIXUP(). Second part makes sure 1089 * sb_lastrecord is up-to-date if we dropped part of the last record. 1090 */ 1091 m = sb->sb_mb; 1092 if (m == NULL) { 1093 sb->sb_mbtail = NULL; 1094 sb->sb_lastrecord = NULL; 1095 } else if (m->m_nextpkt == NULL) { 1096 sb->sb_lastrecord = m; 1097 } 1098 1099 return (mfree); 1100 } 1101 1102 /* 1103 * Drop data from (the front of) a sockbuf. 1104 */ 1105 void 1106 sbdrop_locked(struct sockbuf *sb, int len) 1107 { 1108 1109 SOCKBUF_LOCK_ASSERT(sb); 1110 m_freem(sbcut_internal(sb, len)); 1111 } 1112 1113 /* 1114 * Drop data from (the front of) a sockbuf, 1115 * and return it to caller. 1116 */ 1117 struct mbuf * 1118 sbcut_locked(struct sockbuf *sb, int len) 1119 { 1120 1121 SOCKBUF_LOCK_ASSERT(sb); 1122 return (sbcut_internal(sb, len)); 1123 } 1124 1125 void 1126 sbdrop(struct sockbuf *sb, int len) 1127 { 1128 struct mbuf *mfree; 1129 1130 SOCKBUF_LOCK(sb); 1131 mfree = sbcut_internal(sb, len); 1132 SOCKBUF_UNLOCK(sb); 1133 1134 m_freem(mfree); 1135 } 1136 1137 /* 1138 * Maintain a pointer and offset pair into the socket buffer mbuf chain to 1139 * avoid traversal of the entire socket buffer for larger offsets. 1140 */ 1141 struct mbuf * 1142 sbsndptr(struct sockbuf *sb, u_int off, u_int len, u_int *moff) 1143 { 1144 struct mbuf *m, *ret; 1145 1146 KASSERT(sb->sb_mb != NULL, ("%s: sb_mb is NULL", __func__)); 1147 KASSERT(off + len <= sb->sb_acc, ("%s: beyond sb", __func__)); 1148 KASSERT(sb->sb_sndptroff <= sb->sb_acc, ("%s: sndptroff broken", __func__)); 1149 1150 /* 1151 * Is off below stored offset? Happens on retransmits. 1152 * Just return, we can't help here. 1153 */ 1154 if (sb->sb_sndptroff > off) { 1155 *moff = off; 1156 return (sb->sb_mb); 1157 } 1158 1159 /* Return closest mbuf in chain for current offset. */ 1160 *moff = off - sb->sb_sndptroff; 1161 m = ret = sb->sb_sndptr ? sb->sb_sndptr : sb->sb_mb; 1162 if (*moff == m->m_len) { 1163 *moff = 0; 1164 sb->sb_sndptroff += m->m_len; 1165 m = ret = m->m_next; 1166 KASSERT(ret->m_len > 0, 1167 ("mbuf %p in sockbuf %p chain has no valid data", ret, sb)); 1168 } 1169 1170 /* Advance by len to be as close as possible for the next transmit. */ 1171 for (off = off - sb->sb_sndptroff + len - 1; 1172 off > 0 && m != NULL && off >= m->m_len; 1173 m = m->m_next) { 1174 sb->sb_sndptroff += m->m_len; 1175 off -= m->m_len; 1176 } 1177 if (off > 0 && m == NULL) 1178 panic("%s: sockbuf %p and mbuf %p clashing", __func__, sb, ret); 1179 sb->sb_sndptr = m; 1180 1181 return (ret); 1182 } 1183 1184 /* 1185 * Return the first mbuf and the mbuf data offset for the provided 1186 * send offset without changing the "sb_sndptroff" field. 1187 */ 1188 struct mbuf * 1189 sbsndmbuf(struct sockbuf *sb, u_int off, u_int *moff) 1190 { 1191 struct mbuf *m; 1192 1193 KASSERT(sb->sb_mb != NULL, ("%s: sb_mb is NULL", __func__)); 1194 1195 /* 1196 * If the "off" is below the stored offset, which happens on 1197 * retransmits, just use "sb_mb": 1198 */ 1199 if (sb->sb_sndptr == NULL || sb->sb_sndptroff > off) { 1200 m = sb->sb_mb; 1201 } else { 1202 m = sb->sb_sndptr; 1203 off -= sb->sb_sndptroff; 1204 } 1205 while (off > 0 && m != NULL) { 1206 if (off < m->m_len) 1207 break; 1208 off -= m->m_len; 1209 m = m->m_next; 1210 } 1211 *moff = off; 1212 return (m); 1213 } 1214 1215 /* 1216 * Drop a record off the front of a sockbuf and move the next record to the 1217 * front. 1218 */ 1219 void 1220 sbdroprecord_locked(struct sockbuf *sb) 1221 { 1222 struct mbuf *m; 1223 1224 SOCKBUF_LOCK_ASSERT(sb); 1225 1226 m = sb->sb_mb; 1227 if (m) { 1228 sb->sb_mb = m->m_nextpkt; 1229 do { 1230 sbfree(sb, m); 1231 m = m_free(m); 1232 } while (m); 1233 } 1234 SB_EMPTY_FIXUP(sb); 1235 } 1236 1237 /* 1238 * Drop a record off the front of a sockbuf and move the next record to the 1239 * front. 1240 */ 1241 void 1242 sbdroprecord(struct sockbuf *sb) 1243 { 1244 1245 SOCKBUF_LOCK(sb); 1246 sbdroprecord_locked(sb); 1247 SOCKBUF_UNLOCK(sb); 1248 } 1249 1250 /* 1251 * Create a "control" mbuf containing the specified data with the specified 1252 * type for presentation on a socket buffer. 1253 */ 1254 struct mbuf * 1255 sbcreatecontrol(caddr_t p, int size, int type, int level) 1256 { 1257 struct cmsghdr *cp; 1258 struct mbuf *m; 1259 1260 if (CMSG_SPACE((u_int)size) > MCLBYTES) 1261 return ((struct mbuf *) NULL); 1262 if (CMSG_SPACE((u_int)size) > MLEN) 1263 m = m_getcl(M_NOWAIT, MT_CONTROL, 0); 1264 else 1265 m = m_get(M_NOWAIT, MT_CONTROL); 1266 if (m == NULL) 1267 return ((struct mbuf *) NULL); 1268 cp = mtod(m, struct cmsghdr *); 1269 m->m_len = 0; 1270 KASSERT(CMSG_SPACE((u_int)size) <= M_TRAILINGSPACE(m), 1271 ("sbcreatecontrol: short mbuf")); 1272 /* 1273 * Don't leave the padding between the msg header and the 1274 * cmsg data and the padding after the cmsg data un-initialized. 1275 */ 1276 bzero(cp, CMSG_SPACE((u_int)size)); 1277 if (p != NULL) 1278 (void)memcpy(CMSG_DATA(cp), p, size); 1279 m->m_len = CMSG_SPACE(size); 1280 cp->cmsg_len = CMSG_LEN(size); 1281 cp->cmsg_level = level; 1282 cp->cmsg_type = type; 1283 return (m); 1284 } 1285 1286 /* 1287 * This does the same for socket buffers that sotoxsocket does for sockets: 1288 * generate an user-format data structure describing the socket buffer. Note 1289 * that the xsockbuf structure, since it is always embedded in a socket, does 1290 * not include a self pointer nor a length. We make this entry point public 1291 * in case some other mechanism needs it. 1292 */ 1293 void 1294 sbtoxsockbuf(struct sockbuf *sb, struct xsockbuf *xsb) 1295 { 1296 1297 xsb->sb_cc = sb->sb_ccc; 1298 xsb->sb_hiwat = sb->sb_hiwat; 1299 xsb->sb_mbcnt = sb->sb_mbcnt; 1300 xsb->sb_mcnt = sb->sb_mcnt; 1301 xsb->sb_ccnt = sb->sb_ccnt; 1302 xsb->sb_mbmax = sb->sb_mbmax; 1303 xsb->sb_lowat = sb->sb_lowat; 1304 xsb->sb_flags = sb->sb_flags; 1305 xsb->sb_timeo = sb->sb_timeo; 1306 } 1307 1308 /* This takes the place of kern.maxsockbuf, which moved to kern.ipc. */ 1309 static int dummy; 1310 SYSCTL_INT(_kern, KERN_DUMMY, dummy, CTLFLAG_RW, &dummy, 0, ""); 1311 SYSCTL_OID(_kern_ipc, KIPC_MAXSOCKBUF, maxsockbuf, CTLTYPE_ULONG|CTLFLAG_RW, 1312 &sb_max, 0, sysctl_handle_sb_max, "LU", "Maximum socket buffer size"); 1313 SYSCTL_ULONG(_kern_ipc, KIPC_SOCKBUF_WASTE, sockbuf_waste_factor, CTLFLAG_RW, 1314 &sb_efficiency, 0, "Socket buffer size waste factor"); 1315