1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1982, 1986, 1989, 1990, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94 32 */ 33 34 #include <sys/cdefs.h> 35 __FBSDID("$FreeBSD$"); 36 37 #include "opt_capsicum.h" 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 #include "opt_ktrace.h" 41 42 #include <sys/param.h> 43 #include <sys/systm.h> 44 #include <sys/capsicum.h> 45 #include <sys/kernel.h> 46 #include <sys/lock.h> 47 #include <sys/mutex.h> 48 #include <sys/sysproto.h> 49 #include <sys/malloc.h> 50 #include <sys/filedesc.h> 51 #include <sys/proc.h> 52 #include <sys/filio.h> 53 #include <sys/jail.h> 54 #include <sys/mbuf.h> 55 #include <sys/protosw.h> 56 #include <sys/rwlock.h> 57 #include <sys/socket.h> 58 #include <sys/socketvar.h> 59 #include <sys/syscallsubr.h> 60 #include <sys/sysent.h> 61 #include <sys/uio.h> 62 #include <sys/un.h> 63 #include <sys/unpcb.h> 64 #ifdef KTRACE 65 #include <sys/ktrace.h> 66 #endif 67 #ifdef COMPAT_FREEBSD32 68 #include <compat/freebsd32/freebsd32_util.h> 69 #endif 70 71 #include <net/vnet.h> 72 73 #include <security/audit/audit.h> 74 #include <security/mac/mac_framework.h> 75 76 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags); 77 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp); 78 79 static int accept1(struct thread *td, int s, struct sockaddr *uname, 80 socklen_t *anamelen, int flags); 81 static int sockargs(struct mbuf **, char *, socklen_t, int); 82 83 /* 84 * Convert a user file descriptor to a kernel file entry and check if required 85 * capability rights are present. 86 * If required copy of current set of capability rights is returned. 87 * A reference on the file entry is held upon returning. 88 */ 89 int 90 getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, 91 struct file **fpp, u_int *fflagp, struct filecaps *havecapsp) 92 { 93 struct file *fp; 94 int error; 95 96 error = fget_cap(td, fd, rightsp, &fp, havecapsp); 97 if (error != 0) 98 return (error); 99 if (fp->f_type != DTYPE_SOCKET) { 100 fdrop(fp, td); 101 if (havecapsp != NULL) 102 filecaps_free(havecapsp); 103 return (ENOTSOCK); 104 } 105 if (fflagp != NULL) 106 *fflagp = fp->f_flag; 107 *fpp = fp; 108 return (0); 109 } 110 111 /* 112 * System call interface to the socket abstraction. 113 */ 114 #if defined(COMPAT_43) 115 #define COMPAT_OLDSOCK 116 #endif 117 118 int 119 sys_socket(struct thread *td, struct socket_args *uap) 120 { 121 122 return (kern_socket(td, uap->domain, uap->type, uap->protocol)); 123 } 124 125 int 126 kern_socket(struct thread *td, int domain, int type, int protocol) 127 { 128 struct socket *so; 129 struct file *fp; 130 int fd, error, oflag, fflag; 131 132 AUDIT_ARG_SOCKET(domain, type, protocol); 133 134 oflag = 0; 135 fflag = 0; 136 if ((type & SOCK_CLOEXEC) != 0) { 137 type &= ~SOCK_CLOEXEC; 138 oflag |= O_CLOEXEC; 139 } 140 if ((type & SOCK_NONBLOCK) != 0) { 141 type &= ~SOCK_NONBLOCK; 142 fflag |= FNONBLOCK; 143 } 144 145 #ifdef MAC 146 error = mac_socket_check_create(td->td_ucred, domain, type, protocol); 147 if (error != 0) 148 return (error); 149 #endif 150 error = falloc(td, &fp, &fd, oflag); 151 if (error != 0) 152 return (error); 153 /* An extra reference on `fp' has been held for us by falloc(). */ 154 error = socreate(domain, &so, type, protocol, td->td_ucred, td); 155 if (error != 0) { 156 fdclose(td, fp, fd); 157 } else { 158 finit(fp, FREAD | FWRITE | fflag, DTYPE_SOCKET, so, &socketops); 159 if ((fflag & FNONBLOCK) != 0) 160 (void) fo_ioctl(fp, FIONBIO, &fflag, td->td_ucred, td); 161 td->td_retval[0] = fd; 162 } 163 fdrop(fp, td); 164 return (error); 165 } 166 167 int 168 sys_bind(struct thread *td, struct bind_args *uap) 169 { 170 struct sockaddr *sa; 171 int error; 172 173 error = getsockaddr(&sa, uap->name, uap->namelen); 174 if (error == 0) { 175 error = kern_bindat(td, AT_FDCWD, uap->s, sa); 176 free(sa, M_SONAME); 177 } 178 return (error); 179 } 180 181 int 182 kern_bindat(struct thread *td, int dirfd, int fd, struct sockaddr *sa) 183 { 184 struct socket *so; 185 struct file *fp; 186 int error; 187 188 #ifdef CAPABILITY_MODE 189 if (IN_CAPABILITY_MODE(td) && (dirfd == AT_FDCWD)) 190 return (ECAPMODE); 191 #endif 192 193 AUDIT_ARG_FD(fd); 194 AUDIT_ARG_SOCKADDR(td, dirfd, sa); 195 error = getsock_cap(td, fd, &cap_bind_rights, 196 &fp, NULL, NULL); 197 if (error != 0) 198 return (error); 199 so = fp->f_data; 200 #ifdef KTRACE 201 if (KTRPOINT(td, KTR_STRUCT)) 202 ktrsockaddr(sa); 203 #endif 204 #ifdef MAC 205 error = mac_socket_check_bind(td->td_ucred, so, sa); 206 if (error == 0) { 207 #endif 208 if (dirfd == AT_FDCWD) 209 error = sobind(so, sa, td); 210 else 211 error = sobindat(dirfd, so, sa, td); 212 #ifdef MAC 213 } 214 #endif 215 fdrop(fp, td); 216 return (error); 217 } 218 219 int 220 sys_bindat(struct thread *td, struct bindat_args *uap) 221 { 222 struct sockaddr *sa; 223 int error; 224 225 error = getsockaddr(&sa, uap->name, uap->namelen); 226 if (error == 0) { 227 error = kern_bindat(td, uap->fd, uap->s, sa); 228 free(sa, M_SONAME); 229 } 230 return (error); 231 } 232 233 int 234 sys_listen(struct thread *td, struct listen_args *uap) 235 { 236 237 return (kern_listen(td, uap->s, uap->backlog)); 238 } 239 240 int 241 kern_listen(struct thread *td, int s, int backlog) 242 { 243 struct socket *so; 244 struct file *fp; 245 int error; 246 247 AUDIT_ARG_FD(s); 248 error = getsock_cap(td, s, &cap_listen_rights, 249 &fp, NULL, NULL); 250 if (error == 0) { 251 so = fp->f_data; 252 #ifdef MAC 253 error = mac_socket_check_listen(td->td_ucred, so); 254 if (error == 0) 255 #endif 256 error = solisten(so, backlog, td); 257 fdrop(fp, td); 258 } 259 return (error); 260 } 261 262 /* 263 * accept1() 264 */ 265 static int 266 accept1(td, s, uname, anamelen, flags) 267 struct thread *td; 268 int s; 269 struct sockaddr *uname; 270 socklen_t *anamelen; 271 int flags; 272 { 273 struct sockaddr *name; 274 socklen_t namelen; 275 struct file *fp; 276 int error; 277 278 if (uname == NULL) 279 return (kern_accept4(td, s, NULL, NULL, flags, NULL)); 280 281 error = copyin(anamelen, &namelen, sizeof (namelen)); 282 if (error != 0) 283 return (error); 284 285 error = kern_accept4(td, s, &name, &namelen, flags, &fp); 286 287 if (error != 0) 288 return (error); 289 290 if (error == 0 && uname != NULL) { 291 #ifdef COMPAT_OLDSOCK 292 if (SV_PROC_FLAG(td->td_proc, SV_AOUT) && 293 (flags & ACCEPT4_COMPAT) != 0) 294 ((struct osockaddr *)name)->sa_family = 295 name->sa_family; 296 #endif 297 error = copyout(name, uname, namelen); 298 } 299 if (error == 0) 300 error = copyout(&namelen, anamelen, 301 sizeof(namelen)); 302 if (error != 0) 303 fdclose(td, fp, td->td_retval[0]); 304 fdrop(fp, td); 305 free(name, M_SONAME); 306 return (error); 307 } 308 309 int 310 kern_accept(struct thread *td, int s, struct sockaddr **name, 311 socklen_t *namelen, struct file **fp) 312 { 313 return (kern_accept4(td, s, name, namelen, ACCEPT4_INHERIT, fp)); 314 } 315 316 int 317 kern_accept4(struct thread *td, int s, struct sockaddr **name, 318 socklen_t *namelen, int flags, struct file **fp) 319 { 320 struct file *headfp, *nfp = NULL; 321 struct sockaddr *sa = NULL; 322 struct socket *head, *so; 323 struct filecaps fcaps; 324 u_int fflag; 325 pid_t pgid; 326 int error, fd, tmp; 327 328 if (name != NULL) 329 *name = NULL; 330 331 AUDIT_ARG_FD(s); 332 error = getsock_cap(td, s, &cap_accept_rights, 333 &headfp, &fflag, &fcaps); 334 if (error != 0) 335 return (error); 336 head = headfp->f_data; 337 if (!SOLISTENING(head)) { 338 error = EINVAL; 339 goto done; 340 } 341 #ifdef MAC 342 error = mac_socket_check_accept(td->td_ucred, head); 343 if (error != 0) 344 goto done; 345 #endif 346 error = falloc_caps(td, &nfp, &fd, 347 (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0, &fcaps); 348 if (error != 0) 349 goto done; 350 SOCK_LOCK(head); 351 if (!SOLISTENING(head)) { 352 SOCK_UNLOCK(head); 353 error = EINVAL; 354 goto noconnection; 355 } 356 357 error = solisten_dequeue(head, &so, flags); 358 if (error != 0) 359 goto noconnection; 360 361 /* An extra reference on `nfp' has been held for us by falloc(). */ 362 td->td_retval[0] = fd; 363 364 /* Connection has been removed from the listen queue. */ 365 KNOTE_UNLOCKED(&head->so_rdsel.si_note, 0); 366 367 if (flags & ACCEPT4_INHERIT) { 368 pgid = fgetown(&head->so_sigio); 369 if (pgid != 0) 370 fsetown(pgid, &so->so_sigio); 371 } else { 372 fflag &= ~(FNONBLOCK | FASYNC); 373 if (flags & SOCK_NONBLOCK) 374 fflag |= FNONBLOCK; 375 } 376 377 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops); 378 /* Sync socket nonblocking/async state with file flags */ 379 tmp = fflag & FNONBLOCK; 380 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td); 381 tmp = fflag & FASYNC; 382 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td); 383 error = soaccept(so, &sa); 384 if (error != 0) 385 goto noconnection; 386 if (sa == NULL) { 387 if (name) 388 *namelen = 0; 389 goto done; 390 } 391 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, sa); 392 if (name) { 393 /* check sa_len before it is destroyed */ 394 if (*namelen > sa->sa_len) 395 *namelen = sa->sa_len; 396 #ifdef KTRACE 397 if (KTRPOINT(td, KTR_STRUCT)) 398 ktrsockaddr(sa); 399 #endif 400 *name = sa; 401 sa = NULL; 402 } 403 noconnection: 404 free(sa, M_SONAME); 405 406 /* 407 * close the new descriptor, assuming someone hasn't ripped it 408 * out from under us. 409 */ 410 if (error != 0) 411 fdclose(td, nfp, fd); 412 413 /* 414 * Release explicitly held references before returning. We return 415 * a reference on nfp to the caller on success if they request it. 416 */ 417 done: 418 if (nfp == NULL) 419 filecaps_free(&fcaps); 420 if (fp != NULL) { 421 if (error == 0) { 422 *fp = nfp; 423 nfp = NULL; 424 } else 425 *fp = NULL; 426 } 427 if (nfp != NULL) 428 fdrop(nfp, td); 429 fdrop(headfp, td); 430 return (error); 431 } 432 433 int 434 sys_accept(td, uap) 435 struct thread *td; 436 struct accept_args *uap; 437 { 438 439 return (accept1(td, uap->s, uap->name, uap->anamelen, ACCEPT4_INHERIT)); 440 } 441 442 int 443 sys_accept4(td, uap) 444 struct thread *td; 445 struct accept4_args *uap; 446 { 447 448 if (uap->flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK)) 449 return (EINVAL); 450 451 return (accept1(td, uap->s, uap->name, uap->anamelen, uap->flags)); 452 } 453 454 #ifdef COMPAT_OLDSOCK 455 int 456 oaccept(struct thread *td, struct oaccept_args *uap) 457 { 458 459 return (accept1(td, uap->s, uap->name, uap->anamelen, 460 ACCEPT4_INHERIT | ACCEPT4_COMPAT)); 461 } 462 #endif /* COMPAT_OLDSOCK */ 463 464 int 465 sys_connect(struct thread *td, struct connect_args *uap) 466 { 467 struct sockaddr *sa; 468 int error; 469 470 error = getsockaddr(&sa, uap->name, uap->namelen); 471 if (error == 0) { 472 error = kern_connectat(td, AT_FDCWD, uap->s, sa); 473 free(sa, M_SONAME); 474 } 475 return (error); 476 } 477 478 int 479 kern_connectat(struct thread *td, int dirfd, int fd, struct sockaddr *sa) 480 { 481 struct socket *so; 482 struct file *fp; 483 int error; 484 485 #ifdef CAPABILITY_MODE 486 if (IN_CAPABILITY_MODE(td) && (dirfd == AT_FDCWD)) 487 return (ECAPMODE); 488 #endif 489 490 AUDIT_ARG_FD(fd); 491 AUDIT_ARG_SOCKADDR(td, dirfd, sa); 492 error = getsock_cap(td, fd, &cap_connect_rights, 493 &fp, NULL, NULL); 494 if (error != 0) 495 return (error); 496 so = fp->f_data; 497 if (so->so_state & SS_ISCONNECTING) { 498 error = EALREADY; 499 goto done1; 500 } 501 #ifdef KTRACE 502 if (KTRPOINT(td, KTR_STRUCT)) 503 ktrsockaddr(sa); 504 #endif 505 #ifdef MAC 506 error = mac_socket_check_connect(td->td_ucred, so, sa); 507 if (error != 0) 508 goto bad; 509 #endif 510 error = soconnectat(dirfd, so, sa, td); 511 if (error != 0) 512 goto bad; 513 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) { 514 error = EINPROGRESS; 515 goto done1; 516 } 517 SOCK_LOCK(so); 518 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) { 519 error = msleep(&so->so_timeo, &so->so_lock, PSOCK | PCATCH, 520 "connec", 0); 521 if (error != 0) 522 break; 523 } 524 if (error == 0) { 525 error = so->so_error; 526 so->so_error = 0; 527 } 528 SOCK_UNLOCK(so); 529 bad: 530 if (error == ERESTART) 531 error = EINTR; 532 done1: 533 fdrop(fp, td); 534 return (error); 535 } 536 537 int 538 sys_connectat(struct thread *td, struct connectat_args *uap) 539 { 540 struct sockaddr *sa; 541 int error; 542 543 error = getsockaddr(&sa, uap->name, uap->namelen); 544 if (error == 0) { 545 error = kern_connectat(td, uap->fd, uap->s, sa); 546 free(sa, M_SONAME); 547 } 548 return (error); 549 } 550 551 int 552 kern_socketpair(struct thread *td, int domain, int type, int protocol, 553 int *rsv) 554 { 555 struct file *fp1, *fp2; 556 struct socket *so1, *so2; 557 int fd, error, oflag, fflag; 558 559 AUDIT_ARG_SOCKET(domain, type, protocol); 560 561 oflag = 0; 562 fflag = 0; 563 if ((type & SOCK_CLOEXEC) != 0) { 564 type &= ~SOCK_CLOEXEC; 565 oflag |= O_CLOEXEC; 566 } 567 if ((type & SOCK_NONBLOCK) != 0) { 568 type &= ~SOCK_NONBLOCK; 569 fflag |= FNONBLOCK; 570 } 571 #ifdef MAC 572 /* We might want to have a separate check for socket pairs. */ 573 error = mac_socket_check_create(td->td_ucred, domain, type, 574 protocol); 575 if (error != 0) 576 return (error); 577 #endif 578 error = socreate(domain, &so1, type, protocol, td->td_ucred, td); 579 if (error != 0) 580 return (error); 581 error = socreate(domain, &so2, type, protocol, td->td_ucred, td); 582 if (error != 0) 583 goto free1; 584 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ 585 error = falloc(td, &fp1, &fd, oflag); 586 if (error != 0) 587 goto free2; 588 rsv[0] = fd; 589 fp1->f_data = so1; /* so1 already has ref count */ 590 error = falloc(td, &fp2, &fd, oflag); 591 if (error != 0) 592 goto free3; 593 fp2->f_data = so2; /* so2 already has ref count */ 594 rsv[1] = fd; 595 error = soconnect2(so1, so2); 596 if (error != 0) 597 goto free4; 598 if (type == SOCK_DGRAM) { 599 /* 600 * Datagram socket connection is asymmetric. 601 */ 602 error = soconnect2(so2, so1); 603 if (error != 0) 604 goto free4; 605 } else if (so1->so_proto->pr_flags & PR_CONNREQUIRED) { 606 struct unpcb *unp, *unp2; 607 unp = sotounpcb(so1); 608 unp2 = sotounpcb(so2); 609 /* 610 * No need to lock the unps, because the sockets are brand-new. 611 * No other threads can be using them yet 612 */ 613 unp_copy_peercred(td, unp, unp2, unp); 614 } 615 finit(fp1, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp1->f_data, 616 &socketops); 617 finit(fp2, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp2->f_data, 618 &socketops); 619 if ((fflag & FNONBLOCK) != 0) { 620 (void) fo_ioctl(fp1, FIONBIO, &fflag, td->td_ucred, td); 621 (void) fo_ioctl(fp2, FIONBIO, &fflag, td->td_ucred, td); 622 } 623 fdrop(fp1, td); 624 fdrop(fp2, td); 625 return (0); 626 free4: 627 fdclose(td, fp2, rsv[1]); 628 fdrop(fp2, td); 629 free3: 630 fdclose(td, fp1, rsv[0]); 631 fdrop(fp1, td); 632 free2: 633 if (so2 != NULL) 634 (void)soclose(so2); 635 free1: 636 if (so1 != NULL) 637 (void)soclose(so1); 638 return (error); 639 } 640 641 int 642 sys_socketpair(struct thread *td, struct socketpair_args *uap) 643 { 644 int error, sv[2]; 645 646 error = kern_socketpair(td, uap->domain, uap->type, 647 uap->protocol, sv); 648 if (error != 0) 649 return (error); 650 error = copyout(sv, uap->rsv, 2 * sizeof(int)); 651 if (error != 0) { 652 (void)kern_close(td, sv[0]); 653 (void)kern_close(td, sv[1]); 654 } 655 return (error); 656 } 657 658 static int 659 sendit(struct thread *td, int s, struct msghdr *mp, int flags) 660 { 661 struct mbuf *control; 662 struct sockaddr *to; 663 int error; 664 665 #ifdef CAPABILITY_MODE 666 if (IN_CAPABILITY_MODE(td) && (mp->msg_name != NULL)) 667 return (ECAPMODE); 668 #endif 669 670 if (mp->msg_name != NULL) { 671 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); 672 if (error != 0) { 673 to = NULL; 674 goto bad; 675 } 676 mp->msg_name = to; 677 } else { 678 to = NULL; 679 } 680 681 if (mp->msg_control) { 682 if (mp->msg_controllen < sizeof(struct cmsghdr) 683 #ifdef COMPAT_OLDSOCK 684 && (mp->msg_flags != MSG_COMPAT || 685 !SV_PROC_FLAG(td->td_proc, SV_AOUT)) 686 #endif 687 ) { 688 error = EINVAL; 689 goto bad; 690 } 691 error = sockargs(&control, mp->msg_control, 692 mp->msg_controllen, MT_CONTROL); 693 if (error != 0) 694 goto bad; 695 #ifdef COMPAT_OLDSOCK 696 if (mp->msg_flags == MSG_COMPAT && 697 SV_PROC_FLAG(td->td_proc, SV_AOUT)) { 698 struct cmsghdr *cm; 699 700 M_PREPEND(control, sizeof(*cm), M_WAITOK); 701 cm = mtod(control, struct cmsghdr *); 702 cm->cmsg_len = control->m_len; 703 cm->cmsg_level = SOL_SOCKET; 704 cm->cmsg_type = SCM_RIGHTS; 705 } 706 #endif 707 } else { 708 control = NULL; 709 } 710 711 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE); 712 713 bad: 714 free(to, M_SONAME); 715 return (error); 716 } 717 718 int 719 kern_sendit(struct thread *td, int s, struct msghdr *mp, int flags, 720 struct mbuf *control, enum uio_seg segflg) 721 { 722 struct file *fp; 723 struct uio auio; 724 struct iovec *iov; 725 struct socket *so; 726 cap_rights_t *rights; 727 #ifdef KTRACE 728 struct uio *ktruio = NULL; 729 #endif 730 ssize_t len; 731 int i, error; 732 733 AUDIT_ARG_FD(s); 734 rights = &cap_send_rights; 735 if (mp->msg_name != NULL) { 736 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, mp->msg_name); 737 rights = &cap_send_connect_rights; 738 } 739 error = getsock_cap(td, s, rights, &fp, NULL, NULL); 740 if (error != 0) { 741 m_freem(control); 742 return (error); 743 } 744 so = (struct socket *)fp->f_data; 745 746 #ifdef KTRACE 747 if (mp->msg_name != NULL && KTRPOINT(td, KTR_STRUCT)) 748 ktrsockaddr(mp->msg_name); 749 #endif 750 #ifdef MAC 751 if (mp->msg_name != NULL) { 752 error = mac_socket_check_connect(td->td_ucred, so, 753 mp->msg_name); 754 if (error != 0) { 755 m_freem(control); 756 goto bad; 757 } 758 } 759 error = mac_socket_check_send(td->td_ucred, so); 760 if (error != 0) { 761 m_freem(control); 762 goto bad; 763 } 764 #endif 765 766 auio.uio_iov = mp->msg_iov; 767 auio.uio_iovcnt = mp->msg_iovlen; 768 auio.uio_segflg = segflg; 769 auio.uio_rw = UIO_WRITE; 770 auio.uio_td = td; 771 auio.uio_offset = 0; /* XXX */ 772 auio.uio_resid = 0; 773 iov = mp->msg_iov; 774 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 775 if ((auio.uio_resid += iov->iov_len) < 0) { 776 error = EINVAL; 777 m_freem(control); 778 goto bad; 779 } 780 } 781 #ifdef KTRACE 782 if (KTRPOINT(td, KTR_GENIO)) 783 ktruio = cloneuio(&auio); 784 #endif 785 len = auio.uio_resid; 786 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td); 787 if (error != 0) { 788 if (auio.uio_resid != len && (error == ERESTART || 789 error == EINTR || error == EWOULDBLOCK)) 790 error = 0; 791 /* Generation of SIGPIPE can be controlled per socket */ 792 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 793 !(flags & MSG_NOSIGNAL)) { 794 PROC_LOCK(td->td_proc); 795 tdsignal(td, SIGPIPE); 796 PROC_UNLOCK(td->td_proc); 797 } 798 } 799 if (error == 0) 800 td->td_retval[0] = len - auio.uio_resid; 801 #ifdef KTRACE 802 if (ktruio != NULL) { 803 ktruio->uio_resid = td->td_retval[0]; 804 ktrgenio(s, UIO_WRITE, ktruio, error); 805 } 806 #endif 807 bad: 808 fdrop(fp, td); 809 return (error); 810 } 811 812 int 813 sys_sendto(struct thread *td, struct sendto_args *uap) 814 { 815 struct msghdr msg; 816 struct iovec aiov; 817 818 msg.msg_name = __DECONST(void *, uap->to); 819 msg.msg_namelen = uap->tolen; 820 msg.msg_iov = &aiov; 821 msg.msg_iovlen = 1; 822 msg.msg_control = 0; 823 #ifdef COMPAT_OLDSOCK 824 if (SV_PROC_FLAG(td->td_proc, SV_AOUT)) 825 msg.msg_flags = 0; 826 #endif 827 aiov.iov_base = __DECONST(void *, uap->buf); 828 aiov.iov_len = uap->len; 829 return (sendit(td, uap->s, &msg, uap->flags)); 830 } 831 832 #ifdef COMPAT_OLDSOCK 833 int 834 osend(struct thread *td, struct osend_args *uap) 835 { 836 struct msghdr msg; 837 struct iovec aiov; 838 839 msg.msg_name = 0; 840 msg.msg_namelen = 0; 841 msg.msg_iov = &aiov; 842 msg.msg_iovlen = 1; 843 aiov.iov_base = __DECONST(void *, uap->buf); 844 aiov.iov_len = uap->len; 845 msg.msg_control = 0; 846 msg.msg_flags = 0; 847 return (sendit(td, uap->s, &msg, uap->flags)); 848 } 849 850 int 851 osendmsg(struct thread *td, struct osendmsg_args *uap) 852 { 853 struct msghdr msg; 854 struct iovec *iov; 855 int error; 856 857 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 858 if (error != 0) 859 return (error); 860 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 861 if (error != 0) 862 return (error); 863 msg.msg_iov = iov; 864 msg.msg_flags = MSG_COMPAT; 865 error = sendit(td, uap->s, &msg, uap->flags); 866 free(iov, M_IOV); 867 return (error); 868 } 869 #endif 870 871 int 872 sys_sendmsg(struct thread *td, struct sendmsg_args *uap) 873 { 874 struct msghdr msg; 875 struct iovec *iov; 876 int error; 877 878 error = copyin(uap->msg, &msg, sizeof (msg)); 879 if (error != 0) 880 return (error); 881 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 882 if (error != 0) 883 return (error); 884 msg.msg_iov = iov; 885 #ifdef COMPAT_OLDSOCK 886 if (SV_PROC_FLAG(td->td_proc, SV_AOUT)) 887 msg.msg_flags = 0; 888 #endif 889 error = sendit(td, uap->s, &msg, uap->flags); 890 free(iov, M_IOV); 891 return (error); 892 } 893 894 int 895 kern_recvit(struct thread *td, int s, struct msghdr *mp, enum uio_seg fromseg, 896 struct mbuf **controlp) 897 { 898 struct uio auio; 899 struct iovec *iov; 900 struct mbuf *control, *m; 901 caddr_t ctlbuf; 902 struct file *fp; 903 struct socket *so; 904 struct sockaddr *fromsa = NULL; 905 #ifdef KTRACE 906 struct uio *ktruio = NULL; 907 #endif 908 ssize_t len; 909 int error, i; 910 911 if (controlp != NULL) 912 *controlp = NULL; 913 914 AUDIT_ARG_FD(s); 915 error = getsock_cap(td, s, &cap_recv_rights, 916 &fp, NULL, NULL); 917 if (error != 0) 918 return (error); 919 so = fp->f_data; 920 921 #ifdef MAC 922 error = mac_socket_check_receive(td->td_ucred, so); 923 if (error != 0) { 924 fdrop(fp, td); 925 return (error); 926 } 927 #endif 928 929 auio.uio_iov = mp->msg_iov; 930 auio.uio_iovcnt = mp->msg_iovlen; 931 auio.uio_segflg = UIO_USERSPACE; 932 auio.uio_rw = UIO_READ; 933 auio.uio_td = td; 934 auio.uio_offset = 0; /* XXX */ 935 auio.uio_resid = 0; 936 iov = mp->msg_iov; 937 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 938 if ((auio.uio_resid += iov->iov_len) < 0) { 939 fdrop(fp, td); 940 return (EINVAL); 941 } 942 } 943 #ifdef KTRACE 944 if (KTRPOINT(td, KTR_GENIO)) 945 ktruio = cloneuio(&auio); 946 #endif 947 control = NULL; 948 len = auio.uio_resid; 949 error = soreceive(so, &fromsa, &auio, NULL, 950 (mp->msg_control || controlp) ? &control : NULL, 951 &mp->msg_flags); 952 if (error != 0) { 953 if (auio.uio_resid != len && (error == ERESTART || 954 error == EINTR || error == EWOULDBLOCK)) 955 error = 0; 956 } 957 if (fromsa != NULL) 958 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, fromsa); 959 #ifdef KTRACE 960 if (ktruio != NULL) { 961 ktruio->uio_resid = len - auio.uio_resid; 962 ktrgenio(s, UIO_READ, ktruio, error); 963 } 964 #endif 965 if (error != 0) 966 goto out; 967 td->td_retval[0] = len - auio.uio_resid; 968 if (mp->msg_name) { 969 len = mp->msg_namelen; 970 if (len <= 0 || fromsa == NULL) 971 len = 0; 972 else { 973 /* save sa_len before it is destroyed by MSG_COMPAT */ 974 len = MIN(len, fromsa->sa_len); 975 #ifdef COMPAT_OLDSOCK 976 if ((mp->msg_flags & MSG_COMPAT) != 0 && 977 SV_PROC_FLAG(td->td_proc, SV_AOUT)) 978 ((struct osockaddr *)fromsa)->sa_family = 979 fromsa->sa_family; 980 #endif 981 if (fromseg == UIO_USERSPACE) { 982 error = copyout(fromsa, mp->msg_name, 983 (unsigned)len); 984 if (error != 0) 985 goto out; 986 } else 987 bcopy(fromsa, mp->msg_name, len); 988 } 989 mp->msg_namelen = len; 990 } 991 if (mp->msg_control && controlp == NULL) { 992 #ifdef COMPAT_OLDSOCK 993 /* 994 * We assume that old recvmsg calls won't receive access 995 * rights and other control info, esp. as control info 996 * is always optional and those options didn't exist in 4.3. 997 * If we receive rights, trim the cmsghdr; anything else 998 * is tossed. 999 */ 1000 if (control && (mp->msg_flags & MSG_COMPAT) != 0 && 1001 SV_PROC_FLAG(td->td_proc, SV_AOUT)) { 1002 if (mtod(control, struct cmsghdr *)->cmsg_level != 1003 SOL_SOCKET || 1004 mtod(control, struct cmsghdr *)->cmsg_type != 1005 SCM_RIGHTS) { 1006 mp->msg_controllen = 0; 1007 goto out; 1008 } 1009 control->m_len -= sizeof (struct cmsghdr); 1010 control->m_data += sizeof (struct cmsghdr); 1011 } 1012 #endif 1013 ctlbuf = mp->msg_control; 1014 len = mp->msg_controllen; 1015 mp->msg_controllen = 0; 1016 for (m = control; m != NULL && len >= m->m_len; m = m->m_next) { 1017 if ((error = copyout(mtod(m, caddr_t), ctlbuf, 1018 m->m_len)) != 0) 1019 goto out; 1020 1021 ctlbuf += m->m_len; 1022 len -= m->m_len; 1023 mp->msg_controllen += m->m_len; 1024 } 1025 if (m != NULL) { 1026 mp->msg_flags |= MSG_CTRUNC; 1027 m_dispose_extcontrolm(m); 1028 } 1029 } 1030 out: 1031 fdrop(fp, td); 1032 #ifdef KTRACE 1033 if (fromsa && KTRPOINT(td, KTR_STRUCT)) 1034 ktrsockaddr(fromsa); 1035 #endif 1036 free(fromsa, M_SONAME); 1037 1038 if (error == 0 && controlp != NULL) 1039 *controlp = control; 1040 else if (control != NULL) { 1041 if (error != 0) 1042 m_dispose_extcontrolm(control); 1043 m_freem(control); 1044 } 1045 1046 return (error); 1047 } 1048 1049 static int 1050 recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp) 1051 { 1052 int error; 1053 1054 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL); 1055 if (error != 0) 1056 return (error); 1057 if (namelenp != NULL) { 1058 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t)); 1059 #ifdef COMPAT_OLDSOCK 1060 if ((mp->msg_flags & MSG_COMPAT) != 0 && 1061 SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1062 error = 0; /* old recvfrom didn't check */ 1063 #endif 1064 } 1065 return (error); 1066 } 1067 1068 static int 1069 kern_recvfrom(struct thread *td, int s, void *buf, size_t len, int flags, 1070 struct sockaddr *from, socklen_t *fromlenaddr) 1071 { 1072 struct msghdr msg; 1073 struct iovec aiov; 1074 int error; 1075 1076 if (fromlenaddr != NULL) { 1077 error = copyin(fromlenaddr, &msg.msg_namelen, 1078 sizeof (msg.msg_namelen)); 1079 if (error != 0) 1080 goto done2; 1081 } else { 1082 msg.msg_namelen = 0; 1083 } 1084 msg.msg_name = from; 1085 msg.msg_iov = &aiov; 1086 msg.msg_iovlen = 1; 1087 aiov.iov_base = buf; 1088 aiov.iov_len = len; 1089 msg.msg_control = 0; 1090 msg.msg_flags = flags; 1091 error = recvit(td, s, &msg, fromlenaddr); 1092 done2: 1093 return (error); 1094 } 1095 1096 int 1097 sys_recvfrom(struct thread *td, struct recvfrom_args *uap) 1098 { 1099 return (kern_recvfrom(td, uap->s, uap->buf, uap->len, 1100 uap->flags, uap->from, uap->fromlenaddr)); 1101 } 1102 1103 1104 #ifdef COMPAT_OLDSOCK 1105 int 1106 orecvfrom(struct thread *td, struct orecvfrom_args *uap) 1107 { 1108 return (kern_recvfrom(td, uap->s, uap->buf, uap->len, 1109 uap->flags | MSG_COMPAT, uap->from, uap->fromlenaddr)); 1110 } 1111 #endif 1112 1113 #ifdef COMPAT_OLDSOCK 1114 int 1115 orecv(struct thread *td, struct orecv_args *uap) 1116 { 1117 struct msghdr msg; 1118 struct iovec aiov; 1119 1120 msg.msg_name = 0; 1121 msg.msg_namelen = 0; 1122 msg.msg_iov = &aiov; 1123 msg.msg_iovlen = 1; 1124 aiov.iov_base = uap->buf; 1125 aiov.iov_len = uap->len; 1126 msg.msg_control = 0; 1127 msg.msg_flags = uap->flags; 1128 return (recvit(td, uap->s, &msg, NULL)); 1129 } 1130 1131 /* 1132 * Old recvmsg. This code takes advantage of the fact that the old msghdr 1133 * overlays the new one, missing only the flags, and with the (old) access 1134 * rights where the control fields are now. 1135 */ 1136 int 1137 orecvmsg(struct thread *td, struct orecvmsg_args *uap) 1138 { 1139 struct msghdr msg; 1140 struct iovec *iov; 1141 int error; 1142 1143 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 1144 if (error != 0) 1145 return (error); 1146 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1147 if (error != 0) 1148 return (error); 1149 msg.msg_flags = uap->flags | MSG_COMPAT; 1150 msg.msg_iov = iov; 1151 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen); 1152 if (msg.msg_controllen && error == 0) 1153 error = copyout(&msg.msg_controllen, 1154 &uap->msg->msg_accrightslen, sizeof (int)); 1155 free(iov, M_IOV); 1156 return (error); 1157 } 1158 #endif 1159 1160 int 1161 sys_recvmsg(struct thread *td, struct recvmsg_args *uap) 1162 { 1163 struct msghdr msg; 1164 struct iovec *uiov, *iov; 1165 int error; 1166 1167 error = copyin(uap->msg, &msg, sizeof (msg)); 1168 if (error != 0) 1169 return (error); 1170 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1171 if (error != 0) 1172 return (error); 1173 msg.msg_flags = uap->flags; 1174 #ifdef COMPAT_OLDSOCK 1175 if (SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1176 msg.msg_flags &= ~MSG_COMPAT; 1177 #endif 1178 uiov = msg.msg_iov; 1179 msg.msg_iov = iov; 1180 error = recvit(td, uap->s, &msg, NULL); 1181 if (error == 0) { 1182 msg.msg_iov = uiov; 1183 error = copyout(&msg, uap->msg, sizeof(msg)); 1184 } 1185 free(iov, M_IOV); 1186 return (error); 1187 } 1188 1189 int 1190 sys_shutdown(struct thread *td, struct shutdown_args *uap) 1191 { 1192 1193 return (kern_shutdown(td, uap->s, uap->how)); 1194 } 1195 1196 int 1197 kern_shutdown(struct thread *td, int s, int how) 1198 { 1199 struct socket *so; 1200 struct file *fp; 1201 int error; 1202 1203 AUDIT_ARG_FD(s); 1204 error = getsock_cap(td, s, &cap_shutdown_rights, 1205 &fp, NULL, NULL); 1206 if (error == 0) { 1207 so = fp->f_data; 1208 error = soshutdown(so, how); 1209 /* 1210 * Previous versions did not return ENOTCONN, but 0 in 1211 * case the socket was not connected. Some important 1212 * programs like syslogd up to r279016, 2015-02-19, 1213 * still depend on this behavior. 1214 */ 1215 if (error == ENOTCONN && 1216 td->td_proc->p_osrel < P_OSREL_SHUTDOWN_ENOTCONN) 1217 error = 0; 1218 fdrop(fp, td); 1219 } 1220 return (error); 1221 } 1222 1223 int 1224 sys_setsockopt(struct thread *td, struct setsockopt_args *uap) 1225 { 1226 1227 return (kern_setsockopt(td, uap->s, uap->level, uap->name, 1228 uap->val, UIO_USERSPACE, uap->valsize)); 1229 } 1230 1231 int 1232 kern_setsockopt(struct thread *td, int s, int level, int name, const void *val, 1233 enum uio_seg valseg, socklen_t valsize) 1234 { 1235 struct socket *so; 1236 struct file *fp; 1237 struct sockopt sopt; 1238 int error; 1239 1240 if (val == NULL && valsize != 0) 1241 return (EFAULT); 1242 if ((int)valsize < 0) 1243 return (EINVAL); 1244 1245 sopt.sopt_dir = SOPT_SET; 1246 sopt.sopt_level = level; 1247 sopt.sopt_name = name; 1248 sopt.sopt_val = __DECONST(void *, val); 1249 sopt.sopt_valsize = valsize; 1250 switch (valseg) { 1251 case UIO_USERSPACE: 1252 sopt.sopt_td = td; 1253 break; 1254 case UIO_SYSSPACE: 1255 sopt.sopt_td = NULL; 1256 break; 1257 default: 1258 panic("kern_setsockopt called with bad valseg"); 1259 } 1260 1261 AUDIT_ARG_FD(s); 1262 error = getsock_cap(td, s, &cap_setsockopt_rights, 1263 &fp, NULL, NULL); 1264 if (error == 0) { 1265 so = fp->f_data; 1266 error = sosetopt(so, &sopt); 1267 fdrop(fp, td); 1268 } 1269 return(error); 1270 } 1271 1272 int 1273 sys_getsockopt(struct thread *td, struct getsockopt_args *uap) 1274 { 1275 socklen_t valsize; 1276 int error; 1277 1278 if (uap->val) { 1279 error = copyin(uap->avalsize, &valsize, sizeof (valsize)); 1280 if (error != 0) 1281 return (error); 1282 } 1283 1284 error = kern_getsockopt(td, uap->s, uap->level, uap->name, 1285 uap->val, UIO_USERSPACE, &valsize); 1286 1287 if (error == 0) 1288 error = copyout(&valsize, uap->avalsize, sizeof (valsize)); 1289 return (error); 1290 } 1291 1292 /* 1293 * Kernel version of getsockopt. 1294 * optval can be a userland or userspace. optlen is always a kernel pointer. 1295 */ 1296 int 1297 kern_getsockopt(struct thread *td, int s, int level, int name, void *val, 1298 enum uio_seg valseg, socklen_t *valsize) 1299 { 1300 struct socket *so; 1301 struct file *fp; 1302 struct sockopt sopt; 1303 int error; 1304 1305 if (val == NULL) 1306 *valsize = 0; 1307 if ((int)*valsize < 0) 1308 return (EINVAL); 1309 1310 sopt.sopt_dir = SOPT_GET; 1311 sopt.sopt_level = level; 1312 sopt.sopt_name = name; 1313 sopt.sopt_val = val; 1314 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */ 1315 switch (valseg) { 1316 case UIO_USERSPACE: 1317 sopt.sopt_td = td; 1318 break; 1319 case UIO_SYSSPACE: 1320 sopt.sopt_td = NULL; 1321 break; 1322 default: 1323 panic("kern_getsockopt called with bad valseg"); 1324 } 1325 1326 AUDIT_ARG_FD(s); 1327 error = getsock_cap(td, s, &cap_getsockopt_rights, 1328 &fp, NULL, NULL); 1329 if (error == 0) { 1330 so = fp->f_data; 1331 error = sogetopt(so, &sopt); 1332 *valsize = sopt.sopt_valsize; 1333 fdrop(fp, td); 1334 } 1335 return (error); 1336 } 1337 1338 static int 1339 user_getsockname(struct thread *td, int fdes, struct sockaddr *asa, 1340 socklen_t *alen, bool compat) 1341 { 1342 struct sockaddr *sa; 1343 socklen_t len; 1344 int error; 1345 1346 error = copyin(alen, &len, sizeof(len)); 1347 if (error != 0) 1348 return (error); 1349 1350 error = kern_getsockname(td, fdes, &sa, &len); 1351 if (error != 0) 1352 return (error); 1353 1354 if (len != 0) { 1355 #ifdef COMPAT_OLDSOCK 1356 if (compat && SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1357 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1358 #endif 1359 error = copyout(sa, asa, len); 1360 } 1361 free(sa, M_SONAME); 1362 if (error == 0) 1363 error = copyout(&len, alen, sizeof(len)); 1364 return (error); 1365 } 1366 1367 int 1368 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa, 1369 socklen_t *alen) 1370 { 1371 struct socket *so; 1372 struct file *fp; 1373 socklen_t len; 1374 int error; 1375 1376 AUDIT_ARG_FD(fd); 1377 error = getsock_cap(td, fd, &cap_getsockname_rights, 1378 &fp, NULL, NULL); 1379 if (error != 0) 1380 return (error); 1381 so = fp->f_data; 1382 *sa = NULL; 1383 CURVNET_SET(so->so_vnet); 1384 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, sa); 1385 CURVNET_RESTORE(); 1386 if (error != 0) 1387 goto bad; 1388 if (*sa == NULL) 1389 len = 0; 1390 else 1391 len = MIN(*alen, (*sa)->sa_len); 1392 *alen = len; 1393 #ifdef KTRACE 1394 if (KTRPOINT(td, KTR_STRUCT)) 1395 ktrsockaddr(*sa); 1396 #endif 1397 bad: 1398 fdrop(fp, td); 1399 if (error != 0 && *sa != NULL) { 1400 free(*sa, M_SONAME); 1401 *sa = NULL; 1402 } 1403 return (error); 1404 } 1405 1406 int 1407 sys_getsockname(struct thread *td, struct getsockname_args *uap) 1408 { 1409 return (user_getsockname(td, uap->fdes, uap->asa, uap->alen, false)); 1410 } 1411 1412 #ifdef COMPAT_OLDSOCK 1413 int 1414 ogetsockname(struct thread *td, struct ogetsockname_args *uap) 1415 { 1416 return (user_getsockname(td, uap->fdes, uap->asa, uap->alen, true)); 1417 } 1418 #endif /* COMPAT_OLDSOCK */ 1419 1420 static int 1421 user_getpeername(struct thread *td, int fdes, struct sockaddr *asa, 1422 socklen_t *alen, bool compat) 1423 { 1424 struct sockaddr *sa; 1425 socklen_t len; 1426 int error; 1427 1428 error = copyin(alen, &len, sizeof (len)); 1429 if (error != 0) 1430 return (error); 1431 1432 error = kern_getpeername(td, fdes, &sa, &len); 1433 if (error != 0) 1434 return (error); 1435 1436 if (len != 0) { 1437 #ifdef COMPAT_OLDSOCK 1438 if (compat && SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1439 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1440 #endif 1441 error = copyout(sa, asa, len); 1442 } 1443 free(sa, M_SONAME); 1444 if (error == 0) 1445 error = copyout(&len, alen, sizeof(len)); 1446 return (error); 1447 } 1448 1449 int 1450 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa, 1451 socklen_t *alen) 1452 { 1453 struct socket *so; 1454 struct file *fp; 1455 socklen_t len; 1456 int error; 1457 1458 AUDIT_ARG_FD(fd); 1459 error = getsock_cap(td, fd, &cap_getpeername_rights, 1460 &fp, NULL, NULL); 1461 if (error != 0) 1462 return (error); 1463 so = fp->f_data; 1464 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) { 1465 error = ENOTCONN; 1466 goto done; 1467 } 1468 *sa = NULL; 1469 CURVNET_SET(so->so_vnet); 1470 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, sa); 1471 CURVNET_RESTORE(); 1472 if (error != 0) 1473 goto bad; 1474 if (*sa == NULL) 1475 len = 0; 1476 else 1477 len = MIN(*alen, (*sa)->sa_len); 1478 *alen = len; 1479 #ifdef KTRACE 1480 if (KTRPOINT(td, KTR_STRUCT)) 1481 ktrsockaddr(*sa); 1482 #endif 1483 bad: 1484 if (error != 0 && *sa != NULL) { 1485 free(*sa, M_SONAME); 1486 *sa = NULL; 1487 } 1488 done: 1489 fdrop(fp, td); 1490 return (error); 1491 } 1492 1493 int 1494 sys_getpeername(struct thread *td, struct getpeername_args *uap) 1495 { 1496 return (user_getpeername(td, uap->fdes, uap->asa, uap->alen, false)); 1497 } 1498 1499 #ifdef COMPAT_OLDSOCK 1500 int 1501 ogetpeername(struct thread *td, struct ogetpeername_args *uap) 1502 { 1503 return (user_getpeername(td, uap->fdes, uap->asa, uap->alen, true)); 1504 } 1505 #endif /* COMPAT_OLDSOCK */ 1506 1507 static int 1508 sockargs(struct mbuf **mp, char *buf, socklen_t buflen, int type) 1509 { 1510 struct sockaddr *sa; 1511 struct mbuf *m; 1512 int error; 1513 1514 if (buflen > MLEN) { 1515 #ifdef COMPAT_OLDSOCK 1516 if (type == MT_SONAME && buflen <= 112 && 1517 SV_CURPROC_FLAG(SV_AOUT)) 1518 buflen = MLEN; /* unix domain compat. hack */ 1519 else 1520 #endif 1521 if (buflen > MCLBYTES) 1522 return (EINVAL); 1523 } 1524 m = m_get2(buflen, M_WAITOK, type, 0); 1525 m->m_len = buflen; 1526 error = copyin(buf, mtod(m, void *), buflen); 1527 if (error != 0) 1528 (void) m_free(m); 1529 else { 1530 *mp = m; 1531 if (type == MT_SONAME) { 1532 sa = mtod(m, struct sockaddr *); 1533 1534 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1535 if (sa->sa_family == 0 && sa->sa_len < AF_MAX && 1536 SV_CURPROC_FLAG(SV_AOUT)) 1537 sa->sa_family = sa->sa_len; 1538 #endif 1539 sa->sa_len = buflen; 1540 } 1541 } 1542 return (error); 1543 } 1544 1545 int 1546 getsockaddr(struct sockaddr **namp, const struct sockaddr *uaddr, size_t len) 1547 { 1548 struct sockaddr *sa; 1549 int error; 1550 1551 if (len > SOCK_MAXADDRLEN) 1552 return (ENAMETOOLONG); 1553 if (len < offsetof(struct sockaddr, sa_data[0])) 1554 return (EINVAL); 1555 sa = malloc(len, M_SONAME, M_WAITOK); 1556 error = copyin(uaddr, sa, len); 1557 if (error != 0) { 1558 free(sa, M_SONAME); 1559 } else { 1560 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1561 if (sa->sa_family == 0 && sa->sa_len < AF_MAX && 1562 SV_CURPROC_FLAG(SV_AOUT)) 1563 sa->sa_family = sa->sa_len; 1564 #endif 1565 sa->sa_len = len; 1566 *namp = sa; 1567 } 1568 return (error); 1569 } 1570 1571 /* 1572 * Dispose of externalized rights from an SCM_RIGHTS message. This function 1573 * should be used in error or truncation cases to avoid leaking file descriptors 1574 * into the recipient's (the current thread's) table. 1575 */ 1576 void 1577 m_dispose_extcontrolm(struct mbuf *m) 1578 { 1579 struct cmsghdr *cm; 1580 struct file *fp; 1581 struct thread *td; 1582 socklen_t clen, datalen; 1583 int error, fd, *fds, nfd; 1584 1585 td = curthread; 1586 for (; m != NULL; m = m->m_next) { 1587 if (m->m_type != MT_EXTCONTROL) 1588 continue; 1589 cm = mtod(m, struct cmsghdr *); 1590 clen = m->m_len; 1591 while (clen > 0) { 1592 if (clen < sizeof(*cm)) 1593 panic("%s: truncated mbuf %p", __func__, m); 1594 datalen = CMSG_SPACE(cm->cmsg_len - CMSG_SPACE(0)); 1595 if (clen < datalen) 1596 panic("%s: truncated mbuf %p", __func__, m); 1597 1598 if (cm->cmsg_level == SOL_SOCKET && 1599 cm->cmsg_type == SCM_RIGHTS) { 1600 fds = (int *)CMSG_DATA(cm); 1601 nfd = (cm->cmsg_len - CMSG_SPACE(0)) / 1602 sizeof(int); 1603 1604 while (nfd-- > 0) { 1605 fd = *fds++; 1606 error = fget(td, fd, &cap_no_rights, 1607 &fp); 1608 if (error == 0) { 1609 fdclose(td, fp, fd); 1610 fdrop(fp, td); 1611 } 1612 } 1613 } 1614 clen -= datalen; 1615 cm = (struct cmsghdr *)((uint8_t *)cm + datalen); 1616 } 1617 m_chtype(m, MT_CONTROL); 1618 } 1619 } 1620