1 /*- 2 * Copyright (c) 1982, 1986, 1989, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * sendfile(2) and related extensions: 6 * Copyright (c) 1998, David Greenman. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #include "opt_sctp.h" 39 #include "opt_compat.h" 40 #include "opt_ktrace.h" 41 #include "opt_mac.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/kernel.h> 46 #include <sys/lock.h> 47 #include <sys/mutex.h> 48 #include <sys/sysproto.h> 49 #include <sys/malloc.h> 50 #include <sys/filedesc.h> 51 #include <sys/event.h> 52 #include <sys/proc.h> 53 #include <sys/fcntl.h> 54 #include <sys/file.h> 55 #include <sys/filio.h> 56 #include <sys/mount.h> 57 #include <sys/mbuf.h> 58 #include <sys/protosw.h> 59 #include <sys/sf_buf.h> 60 #include <sys/socket.h> 61 #include <sys/socketvar.h> 62 #include <sys/signalvar.h> 63 #include <sys/syscallsubr.h> 64 #include <sys/sysctl.h> 65 #include <sys/uio.h> 66 #include <sys/vnode.h> 67 #ifdef KTRACE 68 #include <sys/ktrace.h> 69 #endif 70 71 #include <security/mac/mac_framework.h> 72 73 #include <vm/vm.h> 74 #include <vm/vm_object.h> 75 #include <vm/vm_page.h> 76 #include <vm/vm_pageout.h> 77 #include <vm/vm_kern.h> 78 #include <vm/vm_extern.h> 79 80 #ifdef SCTP 81 #include <netinet/sctp.h> 82 #include <netinet/sctp_peeloff.h> 83 #endif /* SCTP */ 84 85 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags); 86 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp); 87 88 static int accept1(struct thread *td, struct accept_args *uap, int compat); 89 static int do_sendfile(struct thread *td, struct sendfile_args *uap, int compat); 90 static int getsockname1(struct thread *td, struct getsockname_args *uap, 91 int compat); 92 static int getpeername1(struct thread *td, struct getpeername_args *uap, 93 int compat); 94 95 /* 96 * NSFBUFS-related variables and associated sysctls 97 */ 98 int nsfbufs; 99 int nsfbufspeak; 100 int nsfbufsused; 101 102 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, 103 "Maximum number of sendfile(2) sf_bufs available"); 104 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, 105 "Number of sendfile(2) sf_bufs at peak usage"); 106 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, 107 "Number of sendfile(2) sf_bufs in use"); 108 109 /* 110 * Convert a user file descriptor to a kernel file entry. A reference on the 111 * file entry is held upon returning. This is lighter weight than 112 * fgetsock(), which bumps the socket reference drops the file reference 113 * count instead, as this approach avoids several additional mutex operations 114 * associated with the additional reference count. If requested, return the 115 * open file flags. 116 */ 117 static int 118 getsock(struct filedesc *fdp, int fd, struct file **fpp, u_int *fflagp) 119 { 120 struct file *fp; 121 int error; 122 123 fp = NULL; 124 if (fdp == NULL) 125 error = EBADF; 126 else { 127 FILEDESC_SLOCK(fdp); 128 fp = fget_locked(fdp, fd); 129 if (fp == NULL) 130 error = EBADF; 131 else if (fp->f_type != DTYPE_SOCKET) { 132 fp = NULL; 133 error = ENOTSOCK; 134 } else { 135 fhold(fp); 136 if (fflagp != NULL) 137 *fflagp = fp->f_flag; 138 error = 0; 139 } 140 FILEDESC_SUNLOCK(fdp); 141 } 142 *fpp = fp; 143 return (error); 144 } 145 146 /* 147 * System call interface to the socket abstraction. 148 */ 149 #if defined(COMPAT_43) 150 #define COMPAT_OLDSOCK 151 #endif 152 153 int 154 socket(td, uap) 155 struct thread *td; 156 struct socket_args /* { 157 int domain; 158 int type; 159 int protocol; 160 } */ *uap; 161 { 162 struct filedesc *fdp; 163 struct socket *so; 164 struct file *fp; 165 int fd, error; 166 167 #ifdef MAC 168 error = mac_socket_check_create(td->td_ucred, uap->domain, uap->type, 169 uap->protocol); 170 if (error) 171 return (error); 172 #endif 173 fdp = td->td_proc->p_fd; 174 error = falloc(td, &fp, &fd); 175 if (error) 176 return (error); 177 /* An extra reference on `fp' has been held for us by falloc(). */ 178 error = socreate(uap->domain, &so, uap->type, uap->protocol, 179 td->td_ucred, td); 180 if (error) { 181 fdclose(fdp, fp, fd, td); 182 } else { 183 finit(fp, FREAD | FWRITE, DTYPE_SOCKET, so, &socketops); 184 td->td_retval[0] = fd; 185 } 186 fdrop(fp, td); 187 return (error); 188 } 189 190 /* ARGSUSED */ 191 int 192 bind(td, uap) 193 struct thread *td; 194 struct bind_args /* { 195 int s; 196 caddr_t name; 197 int namelen; 198 } */ *uap; 199 { 200 struct sockaddr *sa; 201 int error; 202 203 if ((error = getsockaddr(&sa, uap->name, uap->namelen)) != 0) 204 return (error); 205 206 error = kern_bind(td, uap->s, sa); 207 free(sa, M_SONAME); 208 return (error); 209 } 210 211 int 212 kern_bind(td, fd, sa) 213 struct thread *td; 214 int fd; 215 struct sockaddr *sa; 216 { 217 struct socket *so; 218 struct file *fp; 219 int error; 220 221 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 222 if (error) 223 return (error); 224 so = fp->f_data; 225 #ifdef MAC 226 SOCK_LOCK(so); 227 error = mac_socket_check_bind(td->td_ucred, so, sa); 228 SOCK_UNLOCK(so); 229 if (error) 230 goto done; 231 #endif 232 error = sobind(so, sa, td); 233 #ifdef MAC 234 done: 235 #endif 236 fdrop(fp, td); 237 return (error); 238 } 239 240 /* ARGSUSED */ 241 int 242 listen(td, uap) 243 struct thread *td; 244 struct listen_args /* { 245 int s; 246 int backlog; 247 } */ *uap; 248 { 249 struct socket *so; 250 struct file *fp; 251 int error; 252 253 error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL); 254 if (error == 0) { 255 so = fp->f_data; 256 #ifdef MAC 257 SOCK_LOCK(so); 258 error = mac_socket_check_listen(td->td_ucred, so); 259 SOCK_UNLOCK(so); 260 if (error) 261 goto done; 262 #endif 263 error = solisten(so, uap->backlog, td); 264 #ifdef MAC 265 done: 266 #endif 267 fdrop(fp, td); 268 } 269 return(error); 270 } 271 272 /* 273 * accept1() 274 */ 275 static int 276 accept1(td, uap, compat) 277 struct thread *td; 278 struct accept_args /* { 279 int s; 280 struct sockaddr * __restrict name; 281 socklen_t * __restrict anamelen; 282 } */ *uap; 283 int compat; 284 { 285 struct sockaddr *name; 286 socklen_t namelen; 287 struct file *fp; 288 int error; 289 290 if (uap->name == NULL) 291 return (kern_accept(td, uap->s, NULL, NULL, NULL)); 292 293 error = copyin(uap->anamelen, &namelen, sizeof (namelen)); 294 if (error) 295 return (error); 296 297 error = kern_accept(td, uap->s, &name, &namelen, &fp); 298 299 /* 300 * return a namelen of zero for older code which might 301 * ignore the return value from accept. 302 */ 303 if (error) { 304 (void) copyout(&namelen, 305 uap->anamelen, sizeof(*uap->anamelen)); 306 return (error); 307 } 308 309 if (error == 0 && name != NULL) { 310 #ifdef COMPAT_OLDSOCK 311 if (compat) 312 ((struct osockaddr *)name)->sa_family = 313 name->sa_family; 314 #endif 315 error = copyout(name, uap->name, namelen); 316 } 317 if (error == 0) 318 error = copyout(&namelen, uap->anamelen, 319 sizeof(namelen)); 320 if (error) 321 fdclose(td->td_proc->p_fd, fp, td->td_retval[0], td); 322 fdrop(fp, td); 323 free(name, M_SONAME); 324 return (error); 325 } 326 327 int 328 kern_accept(struct thread *td, int s, struct sockaddr **name, 329 socklen_t *namelen, struct file **fp) 330 { 331 struct filedesc *fdp; 332 struct file *headfp, *nfp = NULL; 333 struct sockaddr *sa = NULL; 334 int error; 335 struct socket *head, *so; 336 int fd; 337 u_int fflag; 338 pid_t pgid; 339 int tmp; 340 341 if (name) { 342 *name = NULL; 343 if (*namelen < 0) 344 return (EINVAL); 345 } 346 347 fdp = td->td_proc->p_fd; 348 error = getsock(fdp, s, &headfp, &fflag); 349 if (error) 350 return (error); 351 head = headfp->f_data; 352 if ((head->so_options & SO_ACCEPTCONN) == 0) { 353 error = EINVAL; 354 goto done; 355 } 356 #ifdef MAC 357 SOCK_LOCK(head); 358 error = mac_socket_check_accept(td->td_ucred, head); 359 SOCK_UNLOCK(head); 360 if (error != 0) 361 goto done; 362 #endif 363 error = falloc(td, &nfp, &fd); 364 if (error) 365 goto done; 366 ACCEPT_LOCK(); 367 if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) { 368 ACCEPT_UNLOCK(); 369 error = EWOULDBLOCK; 370 goto noconnection; 371 } 372 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) { 373 if (head->so_rcv.sb_state & SBS_CANTRCVMORE) { 374 head->so_error = ECONNABORTED; 375 break; 376 } 377 error = msleep(&head->so_timeo, &accept_mtx, PSOCK | PCATCH, 378 "accept", 0); 379 if (error) { 380 ACCEPT_UNLOCK(); 381 goto noconnection; 382 } 383 } 384 if (head->so_error) { 385 error = head->so_error; 386 head->so_error = 0; 387 ACCEPT_UNLOCK(); 388 goto noconnection; 389 } 390 so = TAILQ_FIRST(&head->so_comp); 391 KASSERT(!(so->so_qstate & SQ_INCOMP), ("accept1: so SQ_INCOMP")); 392 KASSERT(so->so_qstate & SQ_COMP, ("accept1: so not SQ_COMP")); 393 394 /* 395 * Before changing the flags on the socket, we have to bump the 396 * reference count. Otherwise, if the protocol calls sofree(), 397 * the socket will be released due to a zero refcount. 398 */ 399 SOCK_LOCK(so); /* soref() and so_state update */ 400 soref(so); /* file descriptor reference */ 401 402 TAILQ_REMOVE(&head->so_comp, so, so_list); 403 head->so_qlen--; 404 so->so_state |= (head->so_state & SS_NBIO); 405 so->so_qstate &= ~SQ_COMP; 406 so->so_head = NULL; 407 408 SOCK_UNLOCK(so); 409 ACCEPT_UNLOCK(); 410 411 /* An extra reference on `nfp' has been held for us by falloc(). */ 412 td->td_retval[0] = fd; 413 414 /* connection has been removed from the listen queue */ 415 KNOTE_UNLOCKED(&head->so_rcv.sb_sel.si_note, 0); 416 417 pgid = fgetown(&head->so_sigio); 418 if (pgid != 0) 419 fsetown(pgid, &so->so_sigio); 420 421 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops); 422 /* Sync socket nonblocking/async state with file flags */ 423 tmp = fflag & FNONBLOCK; 424 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td); 425 tmp = fflag & FASYNC; 426 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td); 427 sa = 0; 428 error = soaccept(so, &sa); 429 if (error) { 430 /* 431 * return a namelen of zero for older code which might 432 * ignore the return value from accept. 433 */ 434 if (name) 435 *namelen = 0; 436 goto noconnection; 437 } 438 if (sa == NULL) { 439 if (name) 440 *namelen = 0; 441 goto done; 442 } 443 if (name) { 444 /* check sa_len before it is destroyed */ 445 if (*namelen > sa->sa_len) 446 *namelen = sa->sa_len; 447 *name = sa; 448 sa = NULL; 449 } 450 noconnection: 451 if (sa) 452 FREE(sa, M_SONAME); 453 454 /* 455 * close the new descriptor, assuming someone hasn't ripped it 456 * out from under us. 457 */ 458 if (error) 459 fdclose(fdp, nfp, fd, td); 460 461 /* 462 * Release explicitly held references before returning. We return 463 * a reference on nfp to the caller on success if they request it. 464 */ 465 done: 466 if (fp != NULL) { 467 if (error == 0) { 468 *fp = nfp; 469 nfp = NULL; 470 } else 471 *fp = NULL; 472 } 473 if (nfp != NULL) 474 fdrop(nfp, td); 475 fdrop(headfp, td); 476 return (error); 477 } 478 479 int 480 accept(td, uap) 481 struct thread *td; 482 struct accept_args *uap; 483 { 484 485 return (accept1(td, uap, 0)); 486 } 487 488 #ifdef COMPAT_OLDSOCK 489 int 490 oaccept(td, uap) 491 struct thread *td; 492 struct accept_args *uap; 493 { 494 495 return (accept1(td, uap, 1)); 496 } 497 #endif /* COMPAT_OLDSOCK */ 498 499 /* ARGSUSED */ 500 int 501 connect(td, uap) 502 struct thread *td; 503 struct connect_args /* { 504 int s; 505 caddr_t name; 506 int namelen; 507 } */ *uap; 508 { 509 struct sockaddr *sa; 510 int error; 511 512 error = getsockaddr(&sa, uap->name, uap->namelen); 513 if (error) 514 return (error); 515 516 error = kern_connect(td, uap->s, sa); 517 free(sa, M_SONAME); 518 return (error); 519 } 520 521 522 int 523 kern_connect(td, fd, sa) 524 struct thread *td; 525 int fd; 526 struct sockaddr *sa; 527 { 528 struct socket *so; 529 struct file *fp; 530 int error; 531 int interrupted = 0; 532 533 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 534 if (error) 535 return (error); 536 so = fp->f_data; 537 if (so->so_state & SS_ISCONNECTING) { 538 error = EALREADY; 539 goto done1; 540 } 541 #ifdef MAC 542 SOCK_LOCK(so); 543 error = mac_socket_check_connect(td->td_ucred, so, sa); 544 SOCK_UNLOCK(so); 545 if (error) 546 goto bad; 547 #endif 548 error = soconnect(so, sa, td); 549 if (error) 550 goto bad; 551 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) { 552 error = EINPROGRESS; 553 goto done1; 554 } 555 SOCK_LOCK(so); 556 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) { 557 error = msleep(&so->so_timeo, SOCK_MTX(so), PSOCK | PCATCH, 558 "connec", 0); 559 if (error) { 560 if (error == EINTR || error == ERESTART) 561 interrupted = 1; 562 break; 563 } 564 } 565 if (error == 0) { 566 error = so->so_error; 567 so->so_error = 0; 568 } 569 SOCK_UNLOCK(so); 570 bad: 571 if (!interrupted) 572 so->so_state &= ~SS_ISCONNECTING; 573 if (error == ERESTART) 574 error = EINTR; 575 done1: 576 fdrop(fp, td); 577 return (error); 578 } 579 580 int 581 socketpair(td, uap) 582 struct thread *td; 583 struct socketpair_args /* { 584 int domain; 585 int type; 586 int protocol; 587 int *rsv; 588 } */ *uap; 589 { 590 struct filedesc *fdp = td->td_proc->p_fd; 591 struct file *fp1, *fp2; 592 struct socket *so1, *so2; 593 int fd, error, sv[2]; 594 595 #ifdef MAC 596 /* We might want to have a separate check for socket pairs. */ 597 error = mac_socket_check_create(td->td_ucred, uap->domain, uap->type, 598 uap->protocol); 599 if (error) 600 return (error); 601 #endif 602 603 error = socreate(uap->domain, &so1, uap->type, uap->protocol, 604 td->td_ucred, td); 605 if (error) 606 return (error); 607 error = socreate(uap->domain, &so2, uap->type, uap->protocol, 608 td->td_ucred, td); 609 if (error) 610 goto free1; 611 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ 612 error = falloc(td, &fp1, &fd); 613 if (error) 614 goto free2; 615 sv[0] = fd; 616 fp1->f_data = so1; /* so1 already has ref count */ 617 error = falloc(td, &fp2, &fd); 618 if (error) 619 goto free3; 620 fp2->f_data = so2; /* so2 already has ref count */ 621 sv[1] = fd; 622 error = soconnect2(so1, so2); 623 if (error) 624 goto free4; 625 if (uap->type == SOCK_DGRAM) { 626 /* 627 * Datagram socket connection is asymmetric. 628 */ 629 error = soconnect2(so2, so1); 630 if (error) 631 goto free4; 632 } 633 finit(fp1, FREAD | FWRITE, DTYPE_SOCKET, fp1->f_data, &socketops); 634 finit(fp2, FREAD | FWRITE, DTYPE_SOCKET, fp2->f_data, &socketops); 635 so1 = so2 = NULL; 636 error = copyout(sv, uap->rsv, 2 * sizeof (int)); 637 if (error) 638 goto free4; 639 fdrop(fp1, td); 640 fdrop(fp2, td); 641 return (0); 642 free4: 643 fdclose(fdp, fp2, sv[1], td); 644 fdrop(fp2, td); 645 free3: 646 fdclose(fdp, fp1, sv[0], td); 647 fdrop(fp1, td); 648 free2: 649 if (so2 != NULL) 650 (void)soclose(so2); 651 free1: 652 if (so1 != NULL) 653 (void)soclose(so1); 654 return (error); 655 } 656 657 static int 658 sendit(td, s, mp, flags) 659 struct thread *td; 660 int s; 661 struct msghdr *mp; 662 int flags; 663 { 664 struct mbuf *control; 665 struct sockaddr *to; 666 int error; 667 668 if (mp->msg_name != NULL) { 669 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); 670 if (error) { 671 to = NULL; 672 goto bad; 673 } 674 mp->msg_name = to; 675 } else { 676 to = NULL; 677 } 678 679 if (mp->msg_control) { 680 if (mp->msg_controllen < sizeof(struct cmsghdr) 681 #ifdef COMPAT_OLDSOCK 682 && mp->msg_flags != MSG_COMPAT 683 #endif 684 ) { 685 error = EINVAL; 686 goto bad; 687 } 688 error = sockargs(&control, mp->msg_control, 689 mp->msg_controllen, MT_CONTROL); 690 if (error) 691 goto bad; 692 #ifdef COMPAT_OLDSOCK 693 if (mp->msg_flags == MSG_COMPAT) { 694 struct cmsghdr *cm; 695 696 M_PREPEND(control, sizeof(*cm), M_TRYWAIT); 697 if (control == 0) { 698 error = ENOBUFS; 699 goto bad; 700 } else { 701 cm = mtod(control, struct cmsghdr *); 702 cm->cmsg_len = control->m_len; 703 cm->cmsg_level = SOL_SOCKET; 704 cm->cmsg_type = SCM_RIGHTS; 705 } 706 } 707 #endif 708 } else { 709 control = NULL; 710 } 711 712 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE); 713 714 bad: 715 if (to) 716 FREE(to, M_SONAME); 717 return (error); 718 } 719 720 int 721 kern_sendit(td, s, mp, flags, control, segflg) 722 struct thread *td; 723 int s; 724 struct msghdr *mp; 725 int flags; 726 struct mbuf *control; 727 enum uio_seg segflg; 728 { 729 struct file *fp; 730 struct uio auio; 731 struct iovec *iov; 732 struct socket *so; 733 int i; 734 int len, error; 735 #ifdef KTRACE 736 struct uio *ktruio = NULL; 737 #endif 738 739 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 740 if (error) 741 return (error); 742 so = (struct socket *)fp->f_data; 743 744 #ifdef MAC 745 SOCK_LOCK(so); 746 error = mac_socket_check_send(td->td_ucred, so); 747 SOCK_UNLOCK(so); 748 if (error) 749 goto bad; 750 #endif 751 752 auio.uio_iov = mp->msg_iov; 753 auio.uio_iovcnt = mp->msg_iovlen; 754 auio.uio_segflg = segflg; 755 auio.uio_rw = UIO_WRITE; 756 auio.uio_td = td; 757 auio.uio_offset = 0; /* XXX */ 758 auio.uio_resid = 0; 759 iov = mp->msg_iov; 760 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 761 if ((auio.uio_resid += iov->iov_len) < 0) { 762 error = EINVAL; 763 goto bad; 764 } 765 } 766 #ifdef KTRACE 767 if (KTRPOINT(td, KTR_GENIO)) 768 ktruio = cloneuio(&auio); 769 #endif 770 len = auio.uio_resid; 771 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td); 772 if (error) { 773 if (auio.uio_resid != len && (error == ERESTART || 774 error == EINTR || error == EWOULDBLOCK)) 775 error = 0; 776 /* Generation of SIGPIPE can be controlled per socket */ 777 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 778 !(flags & MSG_NOSIGNAL)) { 779 PROC_LOCK(td->td_proc); 780 psignal(td->td_proc, SIGPIPE); 781 PROC_UNLOCK(td->td_proc); 782 } 783 } 784 if (error == 0) 785 td->td_retval[0] = len - auio.uio_resid; 786 #ifdef KTRACE 787 if (ktruio != NULL) { 788 ktruio->uio_resid = td->td_retval[0]; 789 ktrgenio(s, UIO_WRITE, ktruio, error); 790 } 791 #endif 792 bad: 793 fdrop(fp, td); 794 return (error); 795 } 796 797 int 798 sendto(td, uap) 799 struct thread *td; 800 struct sendto_args /* { 801 int s; 802 caddr_t buf; 803 size_t len; 804 int flags; 805 caddr_t to; 806 int tolen; 807 } */ *uap; 808 { 809 struct msghdr msg; 810 struct iovec aiov; 811 int error; 812 813 msg.msg_name = uap->to; 814 msg.msg_namelen = uap->tolen; 815 msg.msg_iov = &aiov; 816 msg.msg_iovlen = 1; 817 msg.msg_control = 0; 818 #ifdef COMPAT_OLDSOCK 819 msg.msg_flags = 0; 820 #endif 821 aiov.iov_base = uap->buf; 822 aiov.iov_len = uap->len; 823 error = sendit(td, uap->s, &msg, uap->flags); 824 return (error); 825 } 826 827 #ifdef COMPAT_OLDSOCK 828 int 829 osend(td, uap) 830 struct thread *td; 831 struct osend_args /* { 832 int s; 833 caddr_t buf; 834 int len; 835 int flags; 836 } */ *uap; 837 { 838 struct msghdr msg; 839 struct iovec aiov; 840 int error; 841 842 msg.msg_name = 0; 843 msg.msg_namelen = 0; 844 msg.msg_iov = &aiov; 845 msg.msg_iovlen = 1; 846 aiov.iov_base = uap->buf; 847 aiov.iov_len = uap->len; 848 msg.msg_control = 0; 849 msg.msg_flags = 0; 850 error = sendit(td, uap->s, &msg, uap->flags); 851 return (error); 852 } 853 854 int 855 osendmsg(td, uap) 856 struct thread *td; 857 struct osendmsg_args /* { 858 int s; 859 caddr_t msg; 860 int flags; 861 } */ *uap; 862 { 863 struct msghdr msg; 864 struct iovec *iov; 865 int error; 866 867 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 868 if (error) 869 return (error); 870 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 871 if (error) 872 return (error); 873 msg.msg_iov = iov; 874 msg.msg_flags = MSG_COMPAT; 875 error = sendit(td, uap->s, &msg, uap->flags); 876 free(iov, M_IOV); 877 return (error); 878 } 879 #endif 880 881 int 882 sendmsg(td, uap) 883 struct thread *td; 884 struct sendmsg_args /* { 885 int s; 886 caddr_t msg; 887 int flags; 888 } */ *uap; 889 { 890 struct msghdr msg; 891 struct iovec *iov; 892 int error; 893 894 error = copyin(uap->msg, &msg, sizeof (msg)); 895 if (error) 896 return (error); 897 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 898 if (error) 899 return (error); 900 msg.msg_iov = iov; 901 #ifdef COMPAT_OLDSOCK 902 msg.msg_flags = 0; 903 #endif 904 error = sendit(td, uap->s, &msg, uap->flags); 905 free(iov, M_IOV); 906 return (error); 907 } 908 909 int 910 kern_recvit(td, s, mp, fromseg, controlp) 911 struct thread *td; 912 int s; 913 struct msghdr *mp; 914 enum uio_seg fromseg; 915 struct mbuf **controlp; 916 { 917 struct uio auio; 918 struct iovec *iov; 919 int i; 920 socklen_t len; 921 int error; 922 struct mbuf *m, *control = 0; 923 caddr_t ctlbuf; 924 struct file *fp; 925 struct socket *so; 926 struct sockaddr *fromsa = 0; 927 #ifdef KTRACE 928 struct uio *ktruio = NULL; 929 #endif 930 931 if(controlp != NULL) 932 *controlp = 0; 933 934 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 935 if (error) 936 return (error); 937 so = fp->f_data; 938 939 #ifdef MAC 940 SOCK_LOCK(so); 941 error = mac_socket_check_receive(td->td_ucred, so); 942 SOCK_UNLOCK(so); 943 if (error) { 944 fdrop(fp, td); 945 return (error); 946 } 947 #endif 948 949 auio.uio_iov = mp->msg_iov; 950 auio.uio_iovcnt = mp->msg_iovlen; 951 auio.uio_segflg = UIO_USERSPACE; 952 auio.uio_rw = UIO_READ; 953 auio.uio_td = td; 954 auio.uio_offset = 0; /* XXX */ 955 auio.uio_resid = 0; 956 iov = mp->msg_iov; 957 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 958 if ((auio.uio_resid += iov->iov_len) < 0) { 959 fdrop(fp, td); 960 return (EINVAL); 961 } 962 } 963 #ifdef KTRACE 964 if (KTRPOINT(td, KTR_GENIO)) 965 ktruio = cloneuio(&auio); 966 #endif 967 len = auio.uio_resid; 968 error = soreceive(so, &fromsa, &auio, (struct mbuf **)0, 969 (mp->msg_control || controlp) ? &control : (struct mbuf **)0, 970 &mp->msg_flags); 971 if (error) { 972 if (auio.uio_resid != (int)len && (error == ERESTART || 973 error == EINTR || error == EWOULDBLOCK)) 974 error = 0; 975 } 976 #ifdef KTRACE 977 if (ktruio != NULL) { 978 ktruio->uio_resid = (int)len - auio.uio_resid; 979 ktrgenio(s, UIO_READ, ktruio, error); 980 } 981 #endif 982 if (error) 983 goto out; 984 td->td_retval[0] = (int)len - auio.uio_resid; 985 if (mp->msg_name) { 986 len = mp->msg_namelen; 987 if (len <= 0 || fromsa == 0) 988 len = 0; 989 else { 990 /* save sa_len before it is destroyed by MSG_COMPAT */ 991 len = MIN(len, fromsa->sa_len); 992 #ifdef COMPAT_OLDSOCK 993 if (mp->msg_flags & MSG_COMPAT) 994 ((struct osockaddr *)fromsa)->sa_family = 995 fromsa->sa_family; 996 #endif 997 if (fromseg == UIO_USERSPACE) { 998 error = copyout(fromsa, mp->msg_name, 999 (unsigned)len); 1000 if (error) 1001 goto out; 1002 } else 1003 bcopy(fromsa, mp->msg_name, len); 1004 } 1005 mp->msg_namelen = len; 1006 } 1007 if (mp->msg_control && controlp == NULL) { 1008 #ifdef COMPAT_OLDSOCK 1009 /* 1010 * We assume that old recvmsg calls won't receive access 1011 * rights and other control info, esp. as control info 1012 * is always optional and those options didn't exist in 4.3. 1013 * If we receive rights, trim the cmsghdr; anything else 1014 * is tossed. 1015 */ 1016 if (control && mp->msg_flags & MSG_COMPAT) { 1017 if (mtod(control, struct cmsghdr *)->cmsg_level != 1018 SOL_SOCKET || 1019 mtod(control, struct cmsghdr *)->cmsg_type != 1020 SCM_RIGHTS) { 1021 mp->msg_controllen = 0; 1022 goto out; 1023 } 1024 control->m_len -= sizeof (struct cmsghdr); 1025 control->m_data += sizeof (struct cmsghdr); 1026 } 1027 #endif 1028 len = mp->msg_controllen; 1029 m = control; 1030 mp->msg_controllen = 0; 1031 ctlbuf = mp->msg_control; 1032 1033 while (m && len > 0) { 1034 unsigned int tocopy; 1035 1036 if (len >= m->m_len) 1037 tocopy = m->m_len; 1038 else { 1039 mp->msg_flags |= MSG_CTRUNC; 1040 tocopy = len; 1041 } 1042 1043 if ((error = copyout(mtod(m, caddr_t), 1044 ctlbuf, tocopy)) != 0) 1045 goto out; 1046 1047 ctlbuf += tocopy; 1048 len -= tocopy; 1049 m = m->m_next; 1050 } 1051 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control; 1052 } 1053 out: 1054 fdrop(fp, td); 1055 if (fromsa) 1056 FREE(fromsa, M_SONAME); 1057 1058 if (error == 0 && controlp != NULL) 1059 *controlp = control; 1060 else if (control) 1061 m_freem(control); 1062 1063 return (error); 1064 } 1065 1066 static int 1067 recvit(td, s, mp, namelenp) 1068 struct thread *td; 1069 int s; 1070 struct msghdr *mp; 1071 void *namelenp; 1072 { 1073 int error; 1074 1075 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL); 1076 if (error) 1077 return (error); 1078 if (namelenp) { 1079 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t)); 1080 #ifdef COMPAT_OLDSOCK 1081 if (mp->msg_flags & MSG_COMPAT) 1082 error = 0; /* old recvfrom didn't check */ 1083 #endif 1084 } 1085 return (error); 1086 } 1087 1088 int 1089 recvfrom(td, uap) 1090 struct thread *td; 1091 struct recvfrom_args /* { 1092 int s; 1093 caddr_t buf; 1094 size_t len; 1095 int flags; 1096 struct sockaddr * __restrict from; 1097 socklen_t * __restrict fromlenaddr; 1098 } */ *uap; 1099 { 1100 struct msghdr msg; 1101 struct iovec aiov; 1102 int error; 1103 1104 if (uap->fromlenaddr) { 1105 error = copyin(uap->fromlenaddr, 1106 &msg.msg_namelen, sizeof (msg.msg_namelen)); 1107 if (error) 1108 goto done2; 1109 } else { 1110 msg.msg_namelen = 0; 1111 } 1112 msg.msg_name = uap->from; 1113 msg.msg_iov = &aiov; 1114 msg.msg_iovlen = 1; 1115 aiov.iov_base = uap->buf; 1116 aiov.iov_len = uap->len; 1117 msg.msg_control = 0; 1118 msg.msg_flags = uap->flags; 1119 error = recvit(td, uap->s, &msg, uap->fromlenaddr); 1120 done2: 1121 return(error); 1122 } 1123 1124 #ifdef COMPAT_OLDSOCK 1125 int 1126 orecvfrom(td, uap) 1127 struct thread *td; 1128 struct recvfrom_args *uap; 1129 { 1130 1131 uap->flags |= MSG_COMPAT; 1132 return (recvfrom(td, uap)); 1133 } 1134 #endif 1135 1136 #ifdef COMPAT_OLDSOCK 1137 int 1138 orecv(td, uap) 1139 struct thread *td; 1140 struct orecv_args /* { 1141 int s; 1142 caddr_t buf; 1143 int len; 1144 int flags; 1145 } */ *uap; 1146 { 1147 struct msghdr msg; 1148 struct iovec aiov; 1149 int error; 1150 1151 msg.msg_name = 0; 1152 msg.msg_namelen = 0; 1153 msg.msg_iov = &aiov; 1154 msg.msg_iovlen = 1; 1155 aiov.iov_base = uap->buf; 1156 aiov.iov_len = uap->len; 1157 msg.msg_control = 0; 1158 msg.msg_flags = uap->flags; 1159 error = recvit(td, uap->s, &msg, NULL); 1160 return (error); 1161 } 1162 1163 /* 1164 * Old recvmsg. This code takes advantage of the fact that the old msghdr 1165 * overlays the new one, missing only the flags, and with the (old) access 1166 * rights where the control fields are now. 1167 */ 1168 int 1169 orecvmsg(td, uap) 1170 struct thread *td; 1171 struct orecvmsg_args /* { 1172 int s; 1173 struct omsghdr *msg; 1174 int flags; 1175 } */ *uap; 1176 { 1177 struct msghdr msg; 1178 struct iovec *iov; 1179 int error; 1180 1181 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 1182 if (error) 1183 return (error); 1184 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1185 if (error) 1186 return (error); 1187 msg.msg_flags = uap->flags | MSG_COMPAT; 1188 msg.msg_iov = iov; 1189 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen); 1190 if (msg.msg_controllen && error == 0) 1191 error = copyout(&msg.msg_controllen, 1192 &uap->msg->msg_accrightslen, sizeof (int)); 1193 free(iov, M_IOV); 1194 return (error); 1195 } 1196 #endif 1197 1198 int 1199 recvmsg(td, uap) 1200 struct thread *td; 1201 struct recvmsg_args /* { 1202 int s; 1203 struct msghdr *msg; 1204 int flags; 1205 } */ *uap; 1206 { 1207 struct msghdr msg; 1208 struct iovec *uiov, *iov; 1209 int error; 1210 1211 error = copyin(uap->msg, &msg, sizeof (msg)); 1212 if (error) 1213 return (error); 1214 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1215 if (error) 1216 return (error); 1217 msg.msg_flags = uap->flags; 1218 #ifdef COMPAT_OLDSOCK 1219 msg.msg_flags &= ~MSG_COMPAT; 1220 #endif 1221 uiov = msg.msg_iov; 1222 msg.msg_iov = iov; 1223 error = recvit(td, uap->s, &msg, NULL); 1224 if (error == 0) { 1225 msg.msg_iov = uiov; 1226 error = copyout(&msg, uap->msg, sizeof(msg)); 1227 } 1228 free(iov, M_IOV); 1229 return (error); 1230 } 1231 1232 /* ARGSUSED */ 1233 int 1234 shutdown(td, uap) 1235 struct thread *td; 1236 struct shutdown_args /* { 1237 int s; 1238 int how; 1239 } */ *uap; 1240 { 1241 struct socket *so; 1242 struct file *fp; 1243 int error; 1244 1245 error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL); 1246 if (error == 0) { 1247 so = fp->f_data; 1248 error = soshutdown(so, uap->how); 1249 fdrop(fp, td); 1250 } 1251 return (error); 1252 } 1253 1254 /* ARGSUSED */ 1255 int 1256 setsockopt(td, uap) 1257 struct thread *td; 1258 struct setsockopt_args /* { 1259 int s; 1260 int level; 1261 int name; 1262 caddr_t val; 1263 int valsize; 1264 } */ *uap; 1265 { 1266 1267 return (kern_setsockopt(td, uap->s, uap->level, uap->name, 1268 uap->val, UIO_USERSPACE, uap->valsize)); 1269 } 1270 1271 int 1272 kern_setsockopt(td, s, level, name, val, valseg, valsize) 1273 struct thread *td; 1274 int s; 1275 int level; 1276 int name; 1277 void *val; 1278 enum uio_seg valseg; 1279 socklen_t valsize; 1280 { 1281 int error; 1282 struct socket *so; 1283 struct file *fp; 1284 struct sockopt sopt; 1285 1286 if (val == NULL && valsize != 0) 1287 return (EFAULT); 1288 if ((int)valsize < 0) 1289 return (EINVAL); 1290 1291 sopt.sopt_dir = SOPT_SET; 1292 sopt.sopt_level = level; 1293 sopt.sopt_name = name; 1294 sopt.sopt_val = val; 1295 sopt.sopt_valsize = valsize; 1296 switch (valseg) { 1297 case UIO_USERSPACE: 1298 sopt.sopt_td = td; 1299 break; 1300 case UIO_SYSSPACE: 1301 sopt.sopt_td = NULL; 1302 break; 1303 default: 1304 panic("kern_setsockopt called with bad valseg"); 1305 } 1306 1307 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 1308 if (error == 0) { 1309 so = fp->f_data; 1310 error = sosetopt(so, &sopt); 1311 fdrop(fp, td); 1312 } 1313 return(error); 1314 } 1315 1316 /* ARGSUSED */ 1317 int 1318 getsockopt(td, uap) 1319 struct thread *td; 1320 struct getsockopt_args /* { 1321 int s; 1322 int level; 1323 int name; 1324 void * __restrict val; 1325 socklen_t * __restrict avalsize; 1326 } */ *uap; 1327 { 1328 socklen_t valsize; 1329 int error; 1330 1331 if (uap->val) { 1332 error = copyin(uap->avalsize, &valsize, sizeof (valsize)); 1333 if (error) 1334 return (error); 1335 } 1336 1337 error = kern_getsockopt(td, uap->s, uap->level, uap->name, 1338 uap->val, UIO_USERSPACE, &valsize); 1339 1340 if (error == 0) 1341 error = copyout(&valsize, uap->avalsize, sizeof (valsize)); 1342 return (error); 1343 } 1344 1345 /* 1346 * Kernel version of getsockopt. 1347 * optval can be a userland or userspace. optlen is always a kernel pointer. 1348 */ 1349 int 1350 kern_getsockopt(td, s, level, name, val, valseg, valsize) 1351 struct thread *td; 1352 int s; 1353 int level; 1354 int name; 1355 void *val; 1356 enum uio_seg valseg; 1357 socklen_t *valsize; 1358 { 1359 int error; 1360 struct socket *so; 1361 struct file *fp; 1362 struct sockopt sopt; 1363 1364 if (val == NULL) 1365 *valsize = 0; 1366 if ((int)*valsize < 0) 1367 return (EINVAL); 1368 1369 sopt.sopt_dir = SOPT_GET; 1370 sopt.sopt_level = level; 1371 sopt.sopt_name = name; 1372 sopt.sopt_val = val; 1373 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */ 1374 switch (valseg) { 1375 case UIO_USERSPACE: 1376 sopt.sopt_td = td; 1377 break; 1378 case UIO_SYSSPACE: 1379 sopt.sopt_td = NULL; 1380 break; 1381 default: 1382 panic("kern_getsockopt called with bad valseg"); 1383 } 1384 1385 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 1386 if (error == 0) { 1387 so = fp->f_data; 1388 error = sogetopt(so, &sopt); 1389 *valsize = sopt.sopt_valsize; 1390 fdrop(fp, td); 1391 } 1392 return (error); 1393 } 1394 1395 /* 1396 * getsockname1() - Get socket name. 1397 */ 1398 /* ARGSUSED */ 1399 static int 1400 getsockname1(td, uap, compat) 1401 struct thread *td; 1402 struct getsockname_args /* { 1403 int fdes; 1404 struct sockaddr * __restrict asa; 1405 socklen_t * __restrict alen; 1406 } */ *uap; 1407 int compat; 1408 { 1409 struct sockaddr *sa; 1410 socklen_t len; 1411 int error; 1412 1413 error = copyin(uap->alen, &len, sizeof(len)); 1414 if (error) 1415 return (error); 1416 1417 error = kern_getsockname(td, uap->fdes, &sa, &len); 1418 if (error) 1419 return (error); 1420 1421 if (len != 0) { 1422 #ifdef COMPAT_OLDSOCK 1423 if (compat) 1424 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1425 #endif 1426 error = copyout(sa, uap->asa, (u_int)len); 1427 } 1428 free(sa, M_SONAME); 1429 if (error == 0) 1430 error = copyout(&len, uap->alen, sizeof(len)); 1431 return (error); 1432 } 1433 1434 int 1435 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa, 1436 socklen_t *alen) 1437 { 1438 struct socket *so; 1439 struct file *fp; 1440 socklen_t len; 1441 int error; 1442 1443 if (*alen < 0) 1444 return (EINVAL); 1445 1446 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 1447 if (error) 1448 return (error); 1449 so = fp->f_data; 1450 *sa = NULL; 1451 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, sa); 1452 if (error) 1453 goto bad; 1454 if (*sa == NULL) 1455 len = 0; 1456 else 1457 len = MIN(*alen, (*sa)->sa_len); 1458 *alen = len; 1459 bad: 1460 fdrop(fp, td); 1461 if (error && *sa) { 1462 free(*sa, M_SONAME); 1463 *sa = NULL; 1464 } 1465 return (error); 1466 } 1467 1468 int 1469 getsockname(td, uap) 1470 struct thread *td; 1471 struct getsockname_args *uap; 1472 { 1473 1474 return (getsockname1(td, uap, 0)); 1475 } 1476 1477 #ifdef COMPAT_OLDSOCK 1478 int 1479 ogetsockname(td, uap) 1480 struct thread *td; 1481 struct getsockname_args *uap; 1482 { 1483 1484 return (getsockname1(td, uap, 1)); 1485 } 1486 #endif /* COMPAT_OLDSOCK */ 1487 1488 /* 1489 * getpeername1() - Get name of peer for connected socket. 1490 */ 1491 /* ARGSUSED */ 1492 static int 1493 getpeername1(td, uap, compat) 1494 struct thread *td; 1495 struct getpeername_args /* { 1496 int fdes; 1497 struct sockaddr * __restrict asa; 1498 socklen_t * __restrict alen; 1499 } */ *uap; 1500 int compat; 1501 { 1502 struct sockaddr *sa; 1503 socklen_t len; 1504 int error; 1505 1506 error = copyin(uap->alen, &len, sizeof (len)); 1507 if (error) 1508 return (error); 1509 1510 error = kern_getpeername(td, uap->fdes, &sa, &len); 1511 if (error) 1512 return (error); 1513 1514 if (len != 0) { 1515 #ifdef COMPAT_OLDSOCK 1516 if (compat) 1517 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1518 #endif 1519 error = copyout(sa, uap->asa, (u_int)len); 1520 } 1521 free(sa, M_SONAME); 1522 if (error == 0) 1523 error = copyout(&len, uap->alen, sizeof(len)); 1524 return (error); 1525 } 1526 1527 int 1528 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa, 1529 socklen_t *alen) 1530 { 1531 struct socket *so; 1532 struct file *fp; 1533 socklen_t len; 1534 int error; 1535 1536 if (*alen < 0) 1537 return (EINVAL); 1538 1539 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 1540 if (error) 1541 return (error); 1542 so = fp->f_data; 1543 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) { 1544 error = ENOTCONN; 1545 goto done; 1546 } 1547 *sa = NULL; 1548 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, sa); 1549 if (error) 1550 goto bad; 1551 if (*sa == NULL) 1552 len = 0; 1553 else 1554 len = MIN(*alen, (*sa)->sa_len); 1555 *alen = len; 1556 bad: 1557 if (error && *sa) { 1558 free(*sa, M_SONAME); 1559 *sa = NULL; 1560 } 1561 done: 1562 fdrop(fp, td); 1563 return (error); 1564 } 1565 1566 int 1567 getpeername(td, uap) 1568 struct thread *td; 1569 struct getpeername_args *uap; 1570 { 1571 1572 return (getpeername1(td, uap, 0)); 1573 } 1574 1575 #ifdef COMPAT_OLDSOCK 1576 int 1577 ogetpeername(td, uap) 1578 struct thread *td; 1579 struct ogetpeername_args *uap; 1580 { 1581 1582 /* XXX uap should have type `getpeername_args *' to begin with. */ 1583 return (getpeername1(td, (struct getpeername_args *)uap, 1)); 1584 } 1585 #endif /* COMPAT_OLDSOCK */ 1586 1587 int 1588 sockargs(mp, buf, buflen, type) 1589 struct mbuf **mp; 1590 caddr_t buf; 1591 int buflen, type; 1592 { 1593 struct sockaddr *sa; 1594 struct mbuf *m; 1595 int error; 1596 1597 if ((u_int)buflen > MLEN) { 1598 #ifdef COMPAT_OLDSOCK 1599 if (type == MT_SONAME && (u_int)buflen <= 112) 1600 buflen = MLEN; /* unix domain compat. hack */ 1601 else 1602 #endif 1603 if ((u_int)buflen > MCLBYTES) 1604 return (EINVAL); 1605 } 1606 m = m_get(M_TRYWAIT, type); 1607 if (m == NULL) 1608 return (ENOBUFS); 1609 if ((u_int)buflen > MLEN) { 1610 MCLGET(m, M_TRYWAIT); 1611 if ((m->m_flags & M_EXT) == 0) { 1612 m_free(m); 1613 return (ENOBUFS); 1614 } 1615 } 1616 m->m_len = buflen; 1617 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen); 1618 if (error) 1619 (void) m_free(m); 1620 else { 1621 *mp = m; 1622 if (type == MT_SONAME) { 1623 sa = mtod(m, struct sockaddr *); 1624 1625 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1626 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1627 sa->sa_family = sa->sa_len; 1628 #endif 1629 sa->sa_len = buflen; 1630 } 1631 } 1632 return (error); 1633 } 1634 1635 int 1636 getsockaddr(namp, uaddr, len) 1637 struct sockaddr **namp; 1638 caddr_t uaddr; 1639 size_t len; 1640 { 1641 struct sockaddr *sa; 1642 int error; 1643 1644 if (len > SOCK_MAXADDRLEN) 1645 return (ENAMETOOLONG); 1646 if (len < offsetof(struct sockaddr, sa_data[0])) 1647 return (EINVAL); 1648 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK); 1649 error = copyin(uaddr, sa, len); 1650 if (error) { 1651 FREE(sa, M_SONAME); 1652 } else { 1653 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1654 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1655 sa->sa_family = sa->sa_len; 1656 #endif 1657 sa->sa_len = len; 1658 *namp = sa; 1659 } 1660 return (error); 1661 } 1662 1663 #include <sys/condvar.h> 1664 1665 struct sendfile_sync { 1666 struct mtx mtx; 1667 struct cv cv; 1668 unsigned count; 1669 }; 1670 1671 /* 1672 * Detach mapped page and release resources back to the system. 1673 */ 1674 void 1675 sf_buf_mext(void *addr, void *args) 1676 { 1677 vm_page_t m; 1678 struct sendfile_sync *sfs; 1679 1680 m = sf_buf_page(args); 1681 sf_buf_free(args); 1682 vm_page_lock_queues(); 1683 vm_page_unwire(m, 0); 1684 /* 1685 * Check for the object going away on us. This can 1686 * happen since we don't hold a reference to it. 1687 * If so, we're responsible for freeing the page. 1688 */ 1689 if (m->wire_count == 0 && m->object == NULL) 1690 vm_page_free(m); 1691 vm_page_unlock_queues(); 1692 if (addr == NULL) 1693 return; 1694 sfs = addr; 1695 mtx_lock(&sfs->mtx); 1696 KASSERT(sfs->count> 0, ("Sendfile sync botchup count == 0")); 1697 if (--sfs->count == 0) 1698 cv_signal(&sfs->cv); 1699 mtx_unlock(&sfs->mtx); 1700 } 1701 1702 /* 1703 * sendfile(2) 1704 * 1705 * int sendfile(int fd, int s, off_t offset, size_t nbytes, 1706 * struct sf_hdtr *hdtr, off_t *sbytes, int flags) 1707 * 1708 * Send a file specified by 'fd' and starting at 'offset' to a socket 1709 * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes == 1710 * 0. Optionally add a header and/or trailer to the socket output. If 1711 * specified, write the total number of bytes sent into *sbytes. 1712 */ 1713 int 1714 sendfile(struct thread *td, struct sendfile_args *uap) 1715 { 1716 1717 return (do_sendfile(td, uap, 0)); 1718 } 1719 1720 static int 1721 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat) 1722 { 1723 struct sf_hdtr hdtr; 1724 struct uio *hdr_uio, *trl_uio; 1725 int error; 1726 1727 hdr_uio = trl_uio = NULL; 1728 1729 if (uap->hdtr != NULL) { 1730 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr)); 1731 if (error) 1732 goto out; 1733 if (hdtr.headers != NULL) { 1734 error = copyinuio(hdtr.headers, hdtr.hdr_cnt, &hdr_uio); 1735 if (error) 1736 goto out; 1737 } 1738 if (hdtr.trailers != NULL) { 1739 error = copyinuio(hdtr.trailers, hdtr.trl_cnt, &trl_uio); 1740 if (error) 1741 goto out; 1742 1743 } 1744 } 1745 1746 error = kern_sendfile(td, uap, hdr_uio, trl_uio, compat); 1747 out: 1748 if (hdr_uio) 1749 free(hdr_uio, M_IOV); 1750 if (trl_uio) 1751 free(trl_uio, M_IOV); 1752 return (error); 1753 } 1754 1755 #ifdef COMPAT_FREEBSD4 1756 int 1757 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap) 1758 { 1759 struct sendfile_args args; 1760 1761 args.fd = uap->fd; 1762 args.s = uap->s; 1763 args.offset = uap->offset; 1764 args.nbytes = uap->nbytes; 1765 args.hdtr = uap->hdtr; 1766 args.sbytes = uap->sbytes; 1767 args.flags = uap->flags; 1768 1769 return (do_sendfile(td, &args, 1)); 1770 } 1771 #endif /* COMPAT_FREEBSD4 */ 1772 1773 int 1774 kern_sendfile(struct thread *td, struct sendfile_args *uap, 1775 struct uio *hdr_uio, struct uio *trl_uio, int compat) 1776 { 1777 struct file *sock_fp; 1778 struct vnode *vp; 1779 struct vm_object *obj = NULL; 1780 struct socket *so = NULL; 1781 struct mbuf *m = NULL; 1782 struct sf_buf *sf; 1783 struct vm_page *pg; 1784 off_t off, xfsize, fsbytes = 0, sbytes = 0, rem = 0; 1785 int error, hdrlen = 0, mnw = 0; 1786 int vfslocked; 1787 struct sendfile_sync *sfs = NULL; 1788 1789 /* 1790 * The file descriptor must be a regular file and have a 1791 * backing VM object. 1792 * File offset must be positive. If it goes beyond EOF 1793 * we send only the header/trailer and no payload data. 1794 */ 1795 if ((error = fgetvp_read(td, uap->fd, &vp)) != 0) 1796 goto out; 1797 vfslocked = VFS_LOCK_GIANT(vp->v_mount); 1798 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 1799 if (vp->v_type == VREG) { 1800 obj = vp->v_object; 1801 if (obj != NULL) { 1802 /* 1803 * Temporarily increase the backing VM 1804 * object's reference count so that a forced 1805 * reclamation of its vnode does not 1806 * immediately destroy it. 1807 */ 1808 VM_OBJECT_LOCK(obj); 1809 if ((obj->flags & OBJ_DEAD) == 0) { 1810 vm_object_reference_locked(obj); 1811 VM_OBJECT_UNLOCK(obj); 1812 } else { 1813 VM_OBJECT_UNLOCK(obj); 1814 obj = NULL; 1815 } 1816 } 1817 } 1818 VOP_UNLOCK(vp, 0); 1819 VFS_UNLOCK_GIANT(vfslocked); 1820 if (obj == NULL) { 1821 error = EINVAL; 1822 goto out; 1823 } 1824 if (uap->offset < 0) { 1825 error = EINVAL; 1826 goto out; 1827 } 1828 1829 /* 1830 * The socket must be a stream socket and connected. 1831 * Remember if it a blocking or non-blocking socket. 1832 */ 1833 if ((error = getsock(td->td_proc->p_fd, uap->s, &sock_fp, 1834 NULL)) != 0) 1835 goto out; 1836 so = sock_fp->f_data; 1837 if (so->so_type != SOCK_STREAM) { 1838 error = EINVAL; 1839 goto out; 1840 } 1841 if ((so->so_state & SS_ISCONNECTED) == 0) { 1842 error = ENOTCONN; 1843 goto out; 1844 } 1845 /* 1846 * Do not wait on memory allocations but return ENOMEM for 1847 * caller to retry later. 1848 * XXX: Experimental. 1849 */ 1850 if (uap->flags & SF_MNOWAIT) 1851 mnw = 1; 1852 1853 if (uap->flags & SF_SYNC) { 1854 sfs = malloc(sizeof *sfs, M_TEMP, M_WAITOK); 1855 memset(sfs, 0, sizeof *sfs); 1856 mtx_init(&sfs->mtx, "sendfile", MTX_DEF, 0); 1857 cv_init(&sfs->cv, "sendfile"); 1858 } 1859 1860 #ifdef MAC 1861 SOCK_LOCK(so); 1862 error = mac_socket_check_send(td->td_ucred, so); 1863 SOCK_UNLOCK(so); 1864 if (error) 1865 goto out; 1866 #endif 1867 1868 /* If headers are specified copy them into mbufs. */ 1869 if (hdr_uio != NULL) { 1870 hdr_uio->uio_td = td; 1871 hdr_uio->uio_rw = UIO_WRITE; 1872 if (hdr_uio->uio_resid > 0) { 1873 /* 1874 * In FBSD < 5.0 the nbytes to send also included 1875 * the header. If compat is specified subtract the 1876 * header size from nbytes. 1877 */ 1878 if (compat) { 1879 if (uap->nbytes > hdr_uio->uio_resid) 1880 uap->nbytes -= hdr_uio->uio_resid; 1881 else 1882 uap->nbytes = 0; 1883 } 1884 m = m_uiotombuf(hdr_uio, (mnw ? M_NOWAIT : M_WAITOK), 1885 0, 0, 0); 1886 if (m == NULL) { 1887 error = mnw ? EAGAIN : ENOBUFS; 1888 goto out; 1889 } 1890 hdrlen = m_length(m, NULL); 1891 } 1892 } 1893 1894 /* 1895 * Protect against multiple writers to the socket. 1896 * 1897 * XXXRW: Historically this has assumed non-interruptibility, so now 1898 * we implement that, but possibly shouldn't. 1899 */ 1900 (void)sblock(&so->so_snd, SBL_WAIT | SBL_NOINTR); 1901 1902 /* 1903 * Loop through the pages of the file, starting with the requested 1904 * offset. Get a file page (do I/O if necessary), map the file page 1905 * into an sf_buf, attach an mbuf header to the sf_buf, and queue 1906 * it on the socket. 1907 * This is done in two loops. The inner loop turns as many pages 1908 * as it can, up to available socket buffer space, without blocking 1909 * into mbufs to have it bulk delivered into the socket send buffer. 1910 * The outer loop checks the state and available space of the socket 1911 * and takes care of the overall progress. 1912 */ 1913 for (off = uap->offset, rem = uap->nbytes; ; ) { 1914 int loopbytes = 0; 1915 int space = 0; 1916 int done = 0; 1917 1918 /* 1919 * Check the socket state for ongoing connection, 1920 * no errors and space in socket buffer. 1921 * If space is low allow for the remainder of the 1922 * file to be processed if it fits the socket buffer. 1923 * Otherwise block in waiting for sufficient space 1924 * to proceed, or if the socket is nonblocking, return 1925 * to userland with EAGAIN while reporting how far 1926 * we've come. 1927 * We wait until the socket buffer has significant free 1928 * space to do bulk sends. This makes good use of file 1929 * system read ahead and allows packet segmentation 1930 * offloading hardware to take over lots of work. If 1931 * we were not careful here we would send off only one 1932 * sfbuf at a time. 1933 */ 1934 SOCKBUF_LOCK(&so->so_snd); 1935 if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2) 1936 so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2; 1937 retry_space: 1938 if (so->so_snd.sb_state & SBS_CANTSENDMORE) { 1939 error = EPIPE; 1940 SOCKBUF_UNLOCK(&so->so_snd); 1941 goto done; 1942 } else if (so->so_error) { 1943 error = so->so_error; 1944 so->so_error = 0; 1945 SOCKBUF_UNLOCK(&so->so_snd); 1946 goto done; 1947 } 1948 space = sbspace(&so->so_snd); 1949 if (space < rem && 1950 (space <= 0 || 1951 space < so->so_snd.sb_lowat)) { 1952 if (so->so_state & SS_NBIO) { 1953 SOCKBUF_UNLOCK(&so->so_snd); 1954 error = EAGAIN; 1955 goto done; 1956 } 1957 /* 1958 * sbwait drops the lock while sleeping. 1959 * When we loop back to retry_space the 1960 * state may have changed and we retest 1961 * for it. 1962 */ 1963 error = sbwait(&so->so_snd); 1964 /* 1965 * An error from sbwait usually indicates that we've 1966 * been interrupted by a signal. If we've sent anything 1967 * then return bytes sent, otherwise return the error. 1968 */ 1969 if (error) { 1970 SOCKBUF_UNLOCK(&so->so_snd); 1971 goto done; 1972 } 1973 goto retry_space; 1974 } 1975 SOCKBUF_UNLOCK(&so->so_snd); 1976 1977 /* 1978 * Reduce space in the socket buffer by the size of 1979 * the header mbuf chain. 1980 * hdrlen is set to 0 after the first loop. 1981 */ 1982 space -= hdrlen; 1983 1984 /* 1985 * Loop and construct maximum sized mbuf chain to be bulk 1986 * dumped into socket buffer. 1987 */ 1988 while(space > loopbytes) { 1989 vm_pindex_t pindex; 1990 vm_offset_t pgoff; 1991 struct mbuf *m0; 1992 1993 VM_OBJECT_LOCK(obj); 1994 /* 1995 * Calculate the amount to transfer. 1996 * Not to exceed a page, the EOF, 1997 * or the passed in nbytes. 1998 */ 1999 pgoff = (vm_offset_t)(off & PAGE_MASK); 2000 xfsize = omin(PAGE_SIZE - pgoff, 2001 obj->un_pager.vnp.vnp_size - uap->offset - 2002 fsbytes - loopbytes); 2003 if (uap->nbytes) 2004 rem = (uap->nbytes - fsbytes - loopbytes); 2005 else 2006 rem = obj->un_pager.vnp.vnp_size - 2007 uap->offset - fsbytes - loopbytes; 2008 xfsize = omin(rem, xfsize); 2009 if (xfsize <= 0) { 2010 VM_OBJECT_UNLOCK(obj); 2011 done = 1; /* all data sent */ 2012 break; 2013 } 2014 /* 2015 * Don't overflow the send buffer. 2016 * Stop here and send out what we've 2017 * already got. 2018 */ 2019 if (space < loopbytes + xfsize) { 2020 VM_OBJECT_UNLOCK(obj); 2021 break; 2022 } 2023 2024 /* 2025 * Attempt to look up the page. Allocate 2026 * if not found or wait and loop if busy. 2027 */ 2028 pindex = OFF_TO_IDX(off); 2029 pg = vm_page_grab(obj, pindex, VM_ALLOC_NOBUSY | 2030 VM_ALLOC_NORMAL | VM_ALLOC_WIRED | VM_ALLOC_RETRY); 2031 2032 /* 2033 * Check if page is valid for what we need, 2034 * otherwise initiate I/O. 2035 * If we already turned some pages into mbufs, 2036 * send them off before we come here again and 2037 * block. 2038 */ 2039 if (pg->valid && vm_page_is_valid(pg, pgoff, xfsize)) 2040 VM_OBJECT_UNLOCK(obj); 2041 else if (m != NULL) 2042 error = EAGAIN; /* send what we already got */ 2043 else if (uap->flags & SF_NODISKIO) 2044 error = EBUSY; 2045 else { 2046 int bsize, resid; 2047 2048 /* 2049 * Ensure that our page is still around 2050 * when the I/O completes. 2051 */ 2052 vm_page_io_start(pg); 2053 VM_OBJECT_UNLOCK(obj); 2054 2055 /* 2056 * Get the page from backing store. 2057 */ 2058 bsize = vp->v_mount->mnt_stat.f_iosize; 2059 vfslocked = VFS_LOCK_GIANT(vp->v_mount); 2060 vn_lock(vp, LK_SHARED | LK_RETRY); 2061 2062 /* 2063 * XXXMAC: Because we don't have fp->f_cred 2064 * here, we pass in NOCRED. This is probably 2065 * wrong, but is consistent with our original 2066 * implementation. 2067 */ 2068 error = vn_rdwr(UIO_READ, vp, NULL, MAXBSIZE, 2069 trunc_page(off), UIO_NOCOPY, IO_NODELOCKED | 2070 IO_VMIO | ((MAXBSIZE / bsize) << IO_SEQSHIFT), 2071 td->td_ucred, NOCRED, &resid, td); 2072 VOP_UNLOCK(vp, 0); 2073 VFS_UNLOCK_GIANT(vfslocked); 2074 VM_OBJECT_LOCK(obj); 2075 vm_page_io_finish(pg); 2076 if (!error) 2077 VM_OBJECT_UNLOCK(obj); 2078 mbstat.sf_iocnt++; 2079 } 2080 if (error) { 2081 vm_page_lock_queues(); 2082 vm_page_unwire(pg, 0); 2083 /* 2084 * See if anyone else might know about 2085 * this page. If not and it is not valid, 2086 * then free it. 2087 */ 2088 if (pg->wire_count == 0 && pg->valid == 0 && 2089 pg->busy == 0 && !(pg->oflags & VPO_BUSY) && 2090 pg->hold_count == 0) { 2091 vm_page_free(pg); 2092 } 2093 vm_page_unlock_queues(); 2094 VM_OBJECT_UNLOCK(obj); 2095 if (error == EAGAIN) 2096 error = 0; /* not a real error */ 2097 break; 2098 } 2099 2100 /* 2101 * Get a sendfile buf. We usually wait as long 2102 * as necessary, but this wait can be interrupted. 2103 */ 2104 if ((sf = sf_buf_alloc(pg, 2105 (mnw ? SFB_NOWAIT : SFB_CATCH))) == NULL) { 2106 mbstat.sf_allocfail++; 2107 vm_page_lock_queues(); 2108 vm_page_unwire(pg, 0); 2109 /* 2110 * XXX: Not same check as above!? 2111 */ 2112 if (pg->wire_count == 0 && pg->object == NULL) 2113 vm_page_free(pg); 2114 vm_page_unlock_queues(); 2115 error = (mnw ? EAGAIN : EINTR); 2116 break; 2117 } 2118 2119 /* 2120 * Get an mbuf and set it up as having 2121 * external storage. 2122 */ 2123 m0 = m_get((mnw ? M_NOWAIT : M_WAITOK), MT_DATA); 2124 if (m0 == NULL) { 2125 error = (mnw ? EAGAIN : ENOBUFS); 2126 sf_buf_mext((void *)sf_buf_kva(sf), sf); 2127 break; 2128 } 2129 MEXTADD(m0, sf_buf_kva(sf), PAGE_SIZE, sf_buf_mext, 2130 sfs, sf, M_RDONLY, EXT_SFBUF); 2131 m0->m_data = (char *)sf_buf_kva(sf) + pgoff; 2132 m0->m_len = xfsize; 2133 2134 /* Append to mbuf chain. */ 2135 if (m != NULL) 2136 m_cat(m, m0); 2137 else 2138 m = m0; 2139 2140 /* Keep track of bits processed. */ 2141 loopbytes += xfsize; 2142 off += xfsize; 2143 2144 if (sfs != NULL) { 2145 mtx_lock(&sfs->mtx); 2146 sfs->count++; 2147 mtx_unlock(&sfs->mtx); 2148 } 2149 } 2150 2151 /* Add the buffer chain to the socket buffer. */ 2152 if (m != NULL) { 2153 int mlen, err; 2154 2155 mlen = m_length(m, NULL); 2156 SOCKBUF_LOCK(&so->so_snd); 2157 if (so->so_snd.sb_state & SBS_CANTSENDMORE) { 2158 error = EPIPE; 2159 SOCKBUF_UNLOCK(&so->so_snd); 2160 goto done; 2161 } 2162 SOCKBUF_UNLOCK(&so->so_snd); 2163 /* Avoid error aliasing. */ 2164 err = (*so->so_proto->pr_usrreqs->pru_send) 2165 (so, 0, m, NULL, NULL, td); 2166 if (err == 0) { 2167 /* 2168 * We need two counters to get the 2169 * file offset and nbytes to send 2170 * right: 2171 * - sbytes contains the total amount 2172 * of bytes sent, including headers. 2173 * - fsbytes contains the total amount 2174 * of bytes sent from the file. 2175 */ 2176 sbytes += mlen; 2177 fsbytes += mlen; 2178 if (hdrlen) { 2179 fsbytes -= hdrlen; 2180 hdrlen = 0; 2181 } 2182 } else if (error == 0) 2183 error = err; 2184 m = NULL; /* pru_send always consumes */ 2185 } 2186 2187 /* Quit outer loop on error or when we're done. */ 2188 if (error || done) 2189 goto done; 2190 } 2191 2192 /* 2193 * Send trailers. Wimp out and use writev(2). 2194 */ 2195 if (trl_uio != NULL) { 2196 error = kern_writev(td, uap->s, trl_uio); 2197 if (error) 2198 goto done; 2199 sbytes += td->td_retval[0]; 2200 } 2201 2202 done: 2203 sbunlock(&so->so_snd); 2204 out: 2205 /* 2206 * If there was no error we have to clear td->td_retval[0] 2207 * because it may have been set by writev. 2208 */ 2209 if (error == 0) { 2210 td->td_retval[0] = 0; 2211 } 2212 if (uap->sbytes != NULL) { 2213 copyout(&sbytes, uap->sbytes, sizeof(off_t)); 2214 } 2215 if (obj != NULL) 2216 vm_object_deallocate(obj); 2217 if (vp != NULL) { 2218 vfslocked = VFS_LOCK_GIANT(vp->v_mount); 2219 vrele(vp); 2220 VFS_UNLOCK_GIANT(vfslocked); 2221 } 2222 if (so) 2223 fdrop(sock_fp, td); 2224 if (m) 2225 m_freem(m); 2226 2227 if (sfs != NULL) { 2228 mtx_lock(&sfs->mtx); 2229 if (sfs->count != 0) 2230 cv_wait(&sfs->cv, &sfs->mtx); 2231 KASSERT(sfs->count == 0, ("sendfile sync still busy")); 2232 cv_destroy(&sfs->cv); 2233 mtx_destroy(&sfs->mtx); 2234 free(sfs, M_TEMP); 2235 } 2236 2237 if (error == ERESTART) 2238 error = EINTR; 2239 2240 return (error); 2241 } 2242 2243 /* 2244 * SCTP syscalls. 2245 * Functionality only compiled in if SCTP is defined in the kernel Makefile, 2246 * otherwise all return EOPNOTSUPP. 2247 * XXX: We should make this loadable one day. 2248 */ 2249 int 2250 sctp_peeloff(td, uap) 2251 struct thread *td; 2252 struct sctp_peeloff_args /* { 2253 int sd; 2254 caddr_t name; 2255 } */ *uap; 2256 { 2257 #ifdef SCTP 2258 struct filedesc *fdp; 2259 struct file *nfp = NULL; 2260 int error; 2261 struct socket *head, *so; 2262 int fd; 2263 u_int fflag; 2264 2265 fdp = td->td_proc->p_fd; 2266 error = fgetsock(td, uap->sd, &head, &fflag); 2267 if (error) 2268 goto done2; 2269 error = sctp_can_peel_off(head, (sctp_assoc_t)uap->name); 2270 if (error) 2271 goto done2; 2272 /* 2273 * At this point we know we do have a assoc to pull 2274 * we proceed to get the fd setup. This may block 2275 * but that is ok. 2276 */ 2277 2278 error = falloc(td, &nfp, &fd); 2279 if (error) 2280 goto done; 2281 td->td_retval[0] = fd; 2282 2283 so = sonewconn(head, SS_ISCONNECTED); 2284 if (so == NULL) 2285 goto noconnection; 2286 /* 2287 * Before changing the flags on the socket, we have to bump the 2288 * reference count. Otherwise, if the protocol calls sofree(), 2289 * the socket will be released due to a zero refcount. 2290 */ 2291 SOCK_LOCK(so); 2292 soref(so); /* file descriptor reference */ 2293 SOCK_UNLOCK(so); 2294 2295 ACCEPT_LOCK(); 2296 2297 TAILQ_REMOVE(&head->so_comp, so, so_list); 2298 head->so_qlen--; 2299 so->so_state |= (head->so_state & SS_NBIO); 2300 so->so_state &= ~SS_NOFDREF; 2301 so->so_qstate &= ~SQ_COMP; 2302 so->so_head = NULL; 2303 ACCEPT_UNLOCK(); 2304 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops); 2305 error = sctp_do_peeloff(head, so, (sctp_assoc_t)uap->name); 2306 if (error) 2307 goto noconnection; 2308 if (head->so_sigio != NULL) 2309 fsetown(fgetown(&head->so_sigio), &so->so_sigio); 2310 2311 noconnection: 2312 /* 2313 * close the new descriptor, assuming someone hasn't ripped it 2314 * out from under us. 2315 */ 2316 if (error) 2317 fdclose(fdp, nfp, fd, td); 2318 2319 /* 2320 * Release explicitly held references before returning. 2321 */ 2322 done: 2323 if (nfp != NULL) 2324 fdrop(nfp, td); 2325 fputsock(head); 2326 done2: 2327 return (error); 2328 #else /* SCTP */ 2329 return (EOPNOTSUPP); 2330 #endif /* SCTP */ 2331 } 2332 2333 int 2334 sctp_generic_sendmsg (td, uap) 2335 struct thread *td; 2336 struct sctp_generic_sendmsg_args /* { 2337 int sd, 2338 caddr_t msg, 2339 int mlen, 2340 caddr_t to, 2341 __socklen_t tolen, 2342 struct sctp_sndrcvinfo *sinfo, 2343 int flags 2344 } */ *uap; 2345 { 2346 #ifdef SCTP 2347 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL; 2348 struct socket *so; 2349 struct file *fp = NULL; 2350 int use_rcvinfo = 1; 2351 int error = 0, len; 2352 struct sockaddr *to = NULL; 2353 #ifdef KTRACE 2354 struct uio *ktruio = NULL; 2355 #endif 2356 struct uio auio; 2357 struct iovec iov[1]; 2358 2359 if (uap->sinfo) { 2360 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo)); 2361 if (error) 2362 return (error); 2363 u_sinfo = &sinfo; 2364 } 2365 if (uap->tolen) { 2366 error = getsockaddr(&to, uap->to, uap->tolen); 2367 if (error) { 2368 to = NULL; 2369 goto sctp_bad2; 2370 } 2371 } 2372 2373 error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL); 2374 if (error) 2375 goto sctp_bad; 2376 2377 iov[0].iov_base = uap->msg; 2378 iov[0].iov_len = uap->mlen; 2379 2380 so = (struct socket *)fp->f_data; 2381 #ifdef MAC 2382 SOCK_LOCK(so); 2383 error = mac_socket_check_send(td->td_ucred, so); 2384 SOCK_UNLOCK(so); 2385 if (error) 2386 goto sctp_bad; 2387 #endif /* MAC */ 2388 2389 auio.uio_iov = iov; 2390 auio.uio_iovcnt = 1; 2391 auio.uio_segflg = UIO_USERSPACE; 2392 auio.uio_rw = UIO_WRITE; 2393 auio.uio_td = td; 2394 auio.uio_offset = 0; /* XXX */ 2395 auio.uio_resid = 0; 2396 len = auio.uio_resid = uap->mlen; 2397 error = sctp_lower_sosend(so, to, &auio, 2398 (struct mbuf *)NULL, (struct mbuf *)NULL, 2399 uap->flags, use_rcvinfo, u_sinfo, td); 2400 if (error) { 2401 if (auio.uio_resid != len && (error == ERESTART || 2402 error == EINTR || error == EWOULDBLOCK)) 2403 error = 0; 2404 /* Generation of SIGPIPE can be controlled per socket. */ 2405 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 2406 !(uap->flags & MSG_NOSIGNAL)) { 2407 PROC_LOCK(td->td_proc); 2408 psignal(td->td_proc, SIGPIPE); 2409 PROC_UNLOCK(td->td_proc); 2410 } 2411 } 2412 if (error == 0) 2413 td->td_retval[0] = len - auio.uio_resid; 2414 #ifdef KTRACE 2415 if (ktruio != NULL) { 2416 ktruio->uio_resid = td->td_retval[0]; 2417 ktrgenio(uap->sd, UIO_WRITE, ktruio, error); 2418 } 2419 #endif /* KTRACE */ 2420 sctp_bad: 2421 if (fp) 2422 fdrop(fp, td); 2423 sctp_bad2: 2424 if (to) 2425 free(to, M_SONAME); 2426 return (error); 2427 #else /* SCTP */ 2428 return (EOPNOTSUPP); 2429 #endif /* SCTP */ 2430 } 2431 2432 int 2433 sctp_generic_sendmsg_iov(td, uap) 2434 struct thread *td; 2435 struct sctp_generic_sendmsg_iov_args /* { 2436 int sd, 2437 struct iovec *iov, 2438 int iovlen, 2439 caddr_t to, 2440 __socklen_t tolen, 2441 struct sctp_sndrcvinfo *sinfo, 2442 int flags 2443 } */ *uap; 2444 { 2445 #ifdef SCTP 2446 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL; 2447 struct socket *so; 2448 struct file *fp = NULL; 2449 int use_rcvinfo = 1; 2450 int error=0, len, i; 2451 struct sockaddr *to = NULL; 2452 #ifdef KTRACE 2453 struct uio *ktruio = NULL; 2454 #endif 2455 struct uio auio; 2456 struct iovec *iov, *tiov; 2457 2458 if (uap->sinfo) { 2459 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo)); 2460 if (error) 2461 return (error); 2462 u_sinfo = &sinfo; 2463 } 2464 if (uap->tolen) { 2465 error = getsockaddr(&to, uap->to, uap->tolen); 2466 if (error) { 2467 to = NULL; 2468 goto sctp_bad2; 2469 } 2470 } 2471 2472 error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL); 2473 if (error) 2474 goto sctp_bad1; 2475 2476 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE); 2477 if (error) 2478 goto sctp_bad1; 2479 2480 so = (struct socket *)fp->f_data; 2481 #ifdef MAC 2482 SOCK_LOCK(so); 2483 error = mac_socket_check_send(td->td_ucred, so); 2484 SOCK_UNLOCK(so); 2485 if (error) 2486 goto sctp_bad; 2487 #endif /* MAC */ 2488 2489 auio.uio_iov = iov; 2490 auio.uio_iovcnt = uap->iovlen; 2491 auio.uio_segflg = UIO_USERSPACE; 2492 auio.uio_rw = UIO_WRITE; 2493 auio.uio_td = td; 2494 auio.uio_offset = 0; /* XXX */ 2495 auio.uio_resid = 0; 2496 tiov = iov; 2497 for (i = 0; i <uap->iovlen; i++, tiov++) { 2498 if ((auio.uio_resid += tiov->iov_len) < 0) { 2499 error = EINVAL; 2500 goto sctp_bad; 2501 } 2502 } 2503 len = auio.uio_resid; 2504 error = sctp_lower_sosend(so, to, &auio, 2505 (struct mbuf *)NULL, (struct mbuf *)NULL, 2506 uap->flags, use_rcvinfo, u_sinfo, td); 2507 if (error) { 2508 if (auio.uio_resid != len && (error == ERESTART || 2509 error == EINTR || error == EWOULDBLOCK)) 2510 error = 0; 2511 /* Generation of SIGPIPE can be controlled per socket */ 2512 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 2513 !(uap->flags & MSG_NOSIGNAL)) { 2514 PROC_LOCK(td->td_proc); 2515 psignal(td->td_proc, SIGPIPE); 2516 PROC_UNLOCK(td->td_proc); 2517 } 2518 } 2519 if (error == 0) 2520 td->td_retval[0] = len - auio.uio_resid; 2521 #ifdef KTRACE 2522 if (ktruio != NULL) { 2523 ktruio->uio_resid = td->td_retval[0]; 2524 ktrgenio(uap->sd, UIO_WRITE, ktruio, error); 2525 } 2526 #endif /* KTRACE */ 2527 sctp_bad: 2528 free(iov, M_IOV); 2529 sctp_bad1: 2530 if (fp) 2531 fdrop(fp, td); 2532 sctp_bad2: 2533 if (to) 2534 free(to, M_SONAME); 2535 return (error); 2536 #else /* SCTP */ 2537 return (EOPNOTSUPP); 2538 #endif /* SCTP */ 2539 } 2540 2541 int 2542 sctp_generic_recvmsg(td, uap) 2543 struct thread *td; 2544 struct sctp_generic_recvmsg_args /* { 2545 int sd, 2546 struct iovec *iov, 2547 int iovlen, 2548 struct sockaddr *from, 2549 __socklen_t *fromlenaddr, 2550 struct sctp_sndrcvinfo *sinfo, 2551 int *msg_flags 2552 } */ *uap; 2553 { 2554 #ifdef SCTP 2555 u_int8_t sockbufstore[256]; 2556 struct uio auio; 2557 struct iovec *iov, *tiov; 2558 struct sctp_sndrcvinfo sinfo; 2559 struct socket *so; 2560 struct file *fp = NULL; 2561 struct sockaddr *fromsa; 2562 int fromlen; 2563 int len, i, msg_flags; 2564 int error = 0; 2565 #ifdef KTRACE 2566 struct uio *ktruio = NULL; 2567 #endif 2568 error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL); 2569 if (error) { 2570 return (error); 2571 } 2572 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE); 2573 if (error) { 2574 goto out1; 2575 } 2576 2577 so = fp->f_data; 2578 #ifdef MAC 2579 SOCK_LOCK(so); 2580 error = mac_socket_check_receive(td->td_ucred, so); 2581 SOCK_UNLOCK(so); 2582 if (error) { 2583 goto out; 2584 return (error); 2585 } 2586 #endif /* MAC */ 2587 2588 if (uap->fromlenaddr) { 2589 error = copyin(uap->fromlenaddr, 2590 &fromlen, sizeof (fromlen)); 2591 if (error) { 2592 goto out; 2593 } 2594 } else { 2595 fromlen = 0; 2596 } 2597 if(uap->msg_flags) { 2598 error = copyin(uap->msg_flags, &msg_flags, sizeof (int)); 2599 if (error) { 2600 goto out; 2601 } 2602 } else { 2603 msg_flags = 0; 2604 } 2605 auio.uio_iov = iov; 2606 auio.uio_iovcnt = uap->iovlen; 2607 auio.uio_segflg = UIO_USERSPACE; 2608 auio.uio_rw = UIO_READ; 2609 auio.uio_td = td; 2610 auio.uio_offset = 0; /* XXX */ 2611 auio.uio_resid = 0; 2612 tiov = iov; 2613 for (i = 0; i <uap->iovlen; i++, tiov++) { 2614 if ((auio.uio_resid += tiov->iov_len) < 0) { 2615 error = EINVAL; 2616 goto out; 2617 } 2618 } 2619 len = auio.uio_resid; 2620 fromsa = (struct sockaddr *)sockbufstore; 2621 2622 #ifdef KTRACE 2623 if (KTRPOINT(td, KTR_GENIO)) 2624 ktruio = cloneuio(&auio); 2625 #endif /* KTRACE */ 2626 error = sctp_sorecvmsg(so, &auio, (struct mbuf **)NULL, 2627 fromsa, fromlen, &msg_flags, 2628 (struct sctp_sndrcvinfo *)&sinfo, 1); 2629 if (error) { 2630 if (auio.uio_resid != (int)len && (error == ERESTART || 2631 error == EINTR || error == EWOULDBLOCK)) 2632 error = 0; 2633 } else { 2634 if (uap->sinfo) 2635 error = copyout(&sinfo, uap->sinfo, sizeof (sinfo)); 2636 } 2637 #ifdef KTRACE 2638 if (ktruio != NULL) { 2639 ktruio->uio_resid = (int)len - auio.uio_resid; 2640 ktrgenio(uap->sd, UIO_READ, ktruio, error); 2641 } 2642 #endif /* KTRACE */ 2643 if (error) 2644 goto out; 2645 td->td_retval[0] = (int)len - auio.uio_resid; 2646 2647 if (fromlen && uap->from) { 2648 len = fromlen; 2649 if (len <= 0 || fromsa == 0) 2650 len = 0; 2651 else { 2652 len = MIN(len, fromsa->sa_len); 2653 error = copyout(fromsa, uap->from, (unsigned)len); 2654 if (error) 2655 goto out; 2656 } 2657 error = copyout(&len, uap->fromlenaddr, sizeof (socklen_t)); 2658 if (error) { 2659 goto out; 2660 } 2661 } 2662 if (uap->msg_flags) { 2663 error = copyout(&msg_flags, uap->msg_flags, sizeof (int)); 2664 if (error) { 2665 goto out; 2666 } 2667 } 2668 out: 2669 free(iov, M_IOV); 2670 out1: 2671 if (fp) 2672 fdrop(fp, td); 2673 2674 return (error); 2675 #else /* SCTP */ 2676 return (EOPNOTSUPP); 2677 #endif /* SCTP */ 2678 } 2679