1 /* 2 * Copyright (c) 1982, 1986, 1989, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * sendfile(2) and related extensions: 6 * Copyright (c) 1998, David Greenman. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #include "opt_compat.h" 39 #include "opt_ktrace.h" 40 #include "opt_mac.h" 41 42 #include <sys/param.h> 43 #include <sys/systm.h> 44 #include <sys/kernel.h> 45 #include <sys/lock.h> 46 #include <sys/mac.h> 47 #include <sys/mutex.h> 48 #include <sys/sysproto.h> 49 #include <sys/malloc.h> 50 #include <sys/filedesc.h> 51 #include <sys/event.h> 52 #include <sys/proc.h> 53 #include <sys/fcntl.h> 54 #include <sys/file.h> 55 #include <sys/filio.h> 56 #include <sys/mount.h> 57 #include <sys/mbuf.h> 58 #include <sys/protosw.h> 59 #include <sys/sf_buf.h> 60 #include <sys/socket.h> 61 #include <sys/socketvar.h> 62 #include <sys/signalvar.h> 63 #include <sys/syscallsubr.h> 64 #include <sys/sysctl.h> 65 #include <sys/uio.h> 66 #include <sys/vnode.h> 67 #ifdef KTRACE 68 #include <sys/ktrace.h> 69 #endif 70 71 #include <vm/vm.h> 72 #include <vm/vm_object.h> 73 #include <vm/vm_page.h> 74 #include <vm/vm_pageout.h> 75 #include <vm/vm_kern.h> 76 #include <vm/vm_extern.h> 77 78 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags); 79 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp); 80 81 static int accept1(struct thread *td, struct accept_args *uap, int compat); 82 static int do_sendfile(struct thread *td, struct sendfile_args *uap, int compat); 83 static int getsockname1(struct thread *td, struct getsockname_args *uap, 84 int compat); 85 static int getpeername1(struct thread *td, struct getpeername_args *uap, 86 int compat); 87 88 /* 89 * NSFBUFS-related variables and associated sysctls 90 */ 91 int nsfbufs; 92 int nsfbufspeak; 93 int nsfbufsused; 94 95 SYSCTL_DECL(_kern_ipc); 96 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, 97 "Maximum number of sendfile(2) sf_bufs available"); 98 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, 99 "Number of sendfile(2) sf_bufs at peak usage"); 100 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, 101 "Number of sendfile(2) sf_bufs in use"); 102 103 /* 104 * System call interface to the socket abstraction. 105 */ 106 #if defined(COMPAT_43) 107 #define COMPAT_OLDSOCK 108 #endif 109 110 /* 111 * MPSAFE 112 */ 113 int 114 socket(td, uap) 115 struct thread *td; 116 register struct socket_args /* { 117 int domain; 118 int type; 119 int protocol; 120 } */ *uap; 121 { 122 struct filedesc *fdp; 123 struct socket *so; 124 struct file *fp; 125 int fd, error; 126 127 fdp = td->td_proc->p_fd; 128 error = falloc(td, &fp, &fd); 129 if (error) 130 return (error); 131 /* An extra reference on `fp' has been held for us by falloc(). */ 132 NET_LOCK_GIANT(); 133 error = socreate(uap->domain, &so, uap->type, uap->protocol, 134 td->td_ucred, td); 135 NET_UNLOCK_GIANT(); 136 FILEDESC_LOCK(fdp); 137 if (error) { 138 if (fdp->fd_ofiles[fd] == fp) { 139 fdp->fd_ofiles[fd] = NULL; 140 fdunused(fdp, fd); 141 FILEDESC_UNLOCK(fdp); 142 fdrop(fp, td); 143 } else { 144 FILEDESC_UNLOCK(fdp); 145 } 146 } else { 147 fp->f_data = so; /* already has ref count */ 148 fp->f_flag = FREAD|FWRITE; 149 fp->f_ops = &socketops; 150 fp->f_type = DTYPE_SOCKET; 151 FILEDESC_UNLOCK(fdp); 152 td->td_retval[0] = fd; 153 } 154 fdrop(fp, td); 155 return (error); 156 } 157 158 /* 159 * MPSAFE 160 */ 161 /* ARGSUSED */ 162 int 163 bind(td, uap) 164 struct thread *td; 165 register struct bind_args /* { 166 int s; 167 caddr_t name; 168 int namelen; 169 } */ *uap; 170 { 171 struct sockaddr *sa; 172 int error; 173 174 if ((error = getsockaddr(&sa, uap->name, uap->namelen)) != 0) 175 return (error); 176 177 return (kern_bind(td, uap->s, sa)); 178 } 179 180 int 181 kern_bind(td, fd, sa) 182 struct thread *td; 183 int fd; 184 struct sockaddr *sa; 185 { 186 struct socket *so; 187 int error; 188 189 NET_LOCK_GIANT(); 190 if ((error = fgetsock(td, fd, &so, NULL)) != 0) 191 goto done2; 192 #ifdef MAC 193 SOCK_LOCK(so); 194 error = mac_check_socket_bind(td->td_ucred, so, sa); 195 SOCK_UNLOCK(so); 196 if (error) 197 goto done1; 198 #endif 199 error = sobind(so, sa, td); 200 #ifdef MAC 201 done1: 202 #endif 203 fputsock(so); 204 done2: 205 NET_UNLOCK_GIANT(); 206 FREE(sa, M_SONAME); 207 return (error); 208 } 209 210 /* 211 * MPSAFE 212 */ 213 /* ARGSUSED */ 214 int 215 listen(td, uap) 216 struct thread *td; 217 register struct listen_args /* { 218 int s; 219 int backlog; 220 } */ *uap; 221 { 222 struct socket *so; 223 int error; 224 225 NET_LOCK_GIANT(); 226 if ((error = fgetsock(td, uap->s, &so, NULL)) == 0) { 227 #ifdef MAC 228 SOCK_LOCK(so); 229 error = mac_check_socket_listen(td->td_ucred, so); 230 SOCK_UNLOCK(so); 231 if (error) 232 goto done; 233 #endif 234 error = solisten(so, uap->backlog, td); 235 #ifdef MAC 236 done: 237 #endif 238 fputsock(so); 239 } 240 NET_UNLOCK_GIANT(); 241 return(error); 242 } 243 244 /* 245 * accept1() 246 * MPSAFE 247 */ 248 static int 249 accept1(td, uap, compat) 250 struct thread *td; 251 register struct accept_args /* { 252 int s; 253 struct sockaddr * __restrict name; 254 socklen_t * __restrict anamelen; 255 } */ *uap; 256 int compat; 257 { 258 struct filedesc *fdp; 259 struct file *nfp = NULL; 260 struct sockaddr *sa = NULL; 261 socklen_t namelen; 262 int error; 263 struct socket *head, *so; 264 int fd; 265 u_int fflag; 266 pid_t pgid; 267 int tmp; 268 269 fdp = td->td_proc->p_fd; 270 if (uap->name) { 271 error = copyin(uap->anamelen, &namelen, sizeof (namelen)); 272 if(error) 273 return (error); 274 if (namelen < 0) 275 return (EINVAL); 276 } 277 NET_LOCK_GIANT(); 278 error = fgetsock(td, uap->s, &head, &fflag); 279 if (error) 280 goto done2; 281 if ((head->so_options & SO_ACCEPTCONN) == 0) { 282 error = EINVAL; 283 goto done; 284 } 285 error = falloc(td, &nfp, &fd); 286 if (error) 287 goto done; 288 ACCEPT_LOCK(); 289 if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) { 290 ACCEPT_UNLOCK(); 291 error = EWOULDBLOCK; 292 goto noconnection; 293 } 294 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) { 295 if (head->so_rcv.sb_state & SBS_CANTRCVMORE) { 296 head->so_error = ECONNABORTED; 297 break; 298 } 299 error = msleep(&head->so_timeo, &accept_mtx, PSOCK | PCATCH, 300 "accept", 0); 301 if (error) { 302 ACCEPT_UNLOCK(); 303 goto noconnection; 304 } 305 } 306 if (head->so_error) { 307 error = head->so_error; 308 head->so_error = 0; 309 ACCEPT_UNLOCK(); 310 goto noconnection; 311 } 312 so = TAILQ_FIRST(&head->so_comp); 313 KASSERT(!(so->so_qstate & SQ_INCOMP), ("accept1: so SQ_INCOMP")); 314 KASSERT(so->so_qstate & SQ_COMP, ("accept1: so not SQ_COMP")); 315 316 /* 317 * Before changing the flags on the socket, we have to bump the 318 * reference count. Otherwise, if the protocol calls sofree(), 319 * the socket will be released due to a zero refcount. 320 */ 321 SOCK_LOCK(so); 322 soref(so); /* file descriptor reference */ 323 SOCK_UNLOCK(so); 324 325 TAILQ_REMOVE(&head->so_comp, so, so_list); 326 head->so_qlen--; 327 so->so_state |= (head->so_state & SS_NBIO); 328 so->so_qstate &= ~SQ_COMP; 329 so->so_head = NULL; 330 331 ACCEPT_UNLOCK(); 332 333 /* An extra reference on `nfp' has been held for us by falloc(). */ 334 td->td_retval[0] = fd; 335 336 /* connection has been removed from the listen queue */ 337 KNOTE(&head->so_rcv.sb_sel.si_note, 0); 338 339 pgid = fgetown(&head->so_sigio); 340 if (pgid != 0) 341 fsetown(pgid, &so->so_sigio); 342 343 FILE_LOCK(nfp); 344 nfp->f_data = so; /* nfp has ref count from falloc */ 345 nfp->f_flag = fflag; 346 nfp->f_ops = &socketops; 347 nfp->f_type = DTYPE_SOCKET; 348 FILE_UNLOCK(nfp); 349 /* Sync socket nonblocking/async state with file flags */ 350 tmp = fflag & FNONBLOCK; 351 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td); 352 tmp = fflag & FASYNC; 353 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td); 354 sa = 0; 355 error = soaccept(so, &sa); 356 if (error) { 357 /* 358 * return a namelen of zero for older code which might 359 * ignore the return value from accept. 360 */ 361 if (uap->name != NULL) { 362 namelen = 0; 363 (void) copyout(&namelen, 364 uap->anamelen, sizeof(*uap->anamelen)); 365 } 366 goto noconnection; 367 } 368 if (sa == NULL) { 369 namelen = 0; 370 if (uap->name) 371 goto gotnoname; 372 error = 0; 373 goto done; 374 } 375 if (uap->name) { 376 /* check sa_len before it is destroyed */ 377 if (namelen > sa->sa_len) 378 namelen = sa->sa_len; 379 #ifdef COMPAT_OLDSOCK 380 if (compat) 381 ((struct osockaddr *)sa)->sa_family = 382 sa->sa_family; 383 #endif 384 error = copyout(sa, uap->name, (u_int)namelen); 385 if (!error) 386 gotnoname: 387 error = copyout(&namelen, 388 uap->anamelen, sizeof (*uap->anamelen)); 389 } 390 noconnection: 391 if (sa) 392 FREE(sa, M_SONAME); 393 394 /* 395 * close the new descriptor, assuming someone hasn't ripped it 396 * out from under us. 397 */ 398 if (error) { 399 FILEDESC_LOCK(fdp); 400 if (fdp->fd_ofiles[fd] == nfp) { 401 fdp->fd_ofiles[fd] = NULL; 402 fdunused(fdp, fd); 403 FILEDESC_UNLOCK(fdp); 404 fdrop(nfp, td); 405 } else { 406 FILEDESC_UNLOCK(fdp); 407 } 408 } 409 410 /* 411 * Release explicitly held references before returning. 412 */ 413 done: 414 if (nfp != NULL) 415 fdrop(nfp, td); 416 fputsock(head); 417 done2: 418 NET_UNLOCK_GIANT(); 419 return (error); 420 } 421 422 /* 423 * MPSAFE (accept1() is MPSAFE) 424 */ 425 int 426 accept(td, uap) 427 struct thread *td; 428 struct accept_args *uap; 429 { 430 431 return (accept1(td, uap, 0)); 432 } 433 434 #ifdef COMPAT_OLDSOCK 435 /* 436 * MPSAFE (accept1() is MPSAFE) 437 */ 438 int 439 oaccept(td, uap) 440 struct thread *td; 441 struct accept_args *uap; 442 { 443 444 return (accept1(td, uap, 1)); 445 } 446 #endif /* COMPAT_OLDSOCK */ 447 448 /* 449 * MPSAFE 450 */ 451 /* ARGSUSED */ 452 int 453 connect(td, uap) 454 struct thread *td; 455 register struct connect_args /* { 456 int s; 457 caddr_t name; 458 int namelen; 459 } */ *uap; 460 { 461 struct sockaddr *sa; 462 int error; 463 464 error = getsockaddr(&sa, uap->name, uap->namelen); 465 if (error) 466 return (error); 467 468 return (kern_connect(td, uap->s, sa)); 469 } 470 471 472 int 473 kern_connect(td, fd, sa) 474 struct thread *td; 475 int fd; 476 struct sockaddr *sa; 477 { 478 struct socket *so; 479 int error, s; 480 int interrupted = 0; 481 482 NET_LOCK_GIANT(); 483 if ((error = fgetsock(td, fd, &so, NULL)) != 0) 484 goto done2; 485 if (so->so_state & SS_ISCONNECTING) { 486 error = EALREADY; 487 goto done1; 488 } 489 #ifdef MAC 490 SOCK_LOCK(so); 491 error = mac_check_socket_connect(td->td_ucred, so, sa); 492 SOCK_UNLOCK(so); 493 if (error) 494 goto bad; 495 #endif 496 error = soconnect(so, sa, td); 497 if (error) 498 goto bad; 499 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) { 500 error = EINPROGRESS; 501 goto done1; 502 } 503 s = splnet(); 504 SOCK_LOCK(so); 505 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) { 506 error = msleep(&so->so_timeo, SOCK_MTX(so), PSOCK | PCATCH, 507 "connec", 0); 508 if (error) { 509 if (error == EINTR || error == ERESTART) 510 interrupted = 1; 511 break; 512 } 513 } 514 if (error == 0) { 515 error = so->so_error; 516 so->so_error = 0; 517 } 518 SOCK_UNLOCK(so); 519 splx(s); 520 bad: 521 if (!interrupted) 522 so->so_state &= ~SS_ISCONNECTING; 523 if (error == ERESTART) 524 error = EINTR; 525 done1: 526 fputsock(so); 527 done2: 528 NET_UNLOCK_GIANT(); 529 FREE(sa, M_SONAME); 530 return (error); 531 } 532 533 /* 534 * MPSAFE 535 */ 536 int 537 socketpair(td, uap) 538 struct thread *td; 539 register struct socketpair_args /* { 540 int domain; 541 int type; 542 int protocol; 543 int *rsv; 544 } */ *uap; 545 { 546 register struct filedesc *fdp = td->td_proc->p_fd; 547 struct file *fp1, *fp2; 548 struct socket *so1, *so2; 549 int fd, error, sv[2]; 550 551 NET_LOCK_GIANT(); 552 error = socreate(uap->domain, &so1, uap->type, uap->protocol, 553 td->td_ucred, td); 554 if (error) 555 goto done2; 556 error = socreate(uap->domain, &so2, uap->type, uap->protocol, 557 td->td_ucred, td); 558 if (error) 559 goto free1; 560 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ 561 error = falloc(td, &fp1, &fd); 562 if (error) 563 goto free2; 564 sv[0] = fd; 565 fp1->f_data = so1; /* so1 already has ref count */ 566 error = falloc(td, &fp2, &fd); 567 if (error) 568 goto free3; 569 fp2->f_data = so2; /* so2 already has ref count */ 570 sv[1] = fd; 571 error = soconnect2(so1, so2); 572 if (error) 573 goto free4; 574 if (uap->type == SOCK_DGRAM) { 575 /* 576 * Datagram socket connection is asymmetric. 577 */ 578 error = soconnect2(so2, so1); 579 if (error) 580 goto free4; 581 } 582 FILE_LOCK(fp1); 583 fp1->f_flag = FREAD|FWRITE; 584 fp1->f_ops = &socketops; 585 fp1->f_type = DTYPE_SOCKET; 586 FILE_UNLOCK(fp1); 587 FILE_LOCK(fp2); 588 fp2->f_flag = FREAD|FWRITE; 589 fp2->f_ops = &socketops; 590 fp2->f_type = DTYPE_SOCKET; 591 FILE_UNLOCK(fp2); 592 error = copyout(sv, uap->rsv, 2 * sizeof (int)); 593 fdrop(fp1, td); 594 fdrop(fp2, td); 595 goto done2; 596 free4: 597 FILEDESC_LOCK(fdp); 598 if (fdp->fd_ofiles[sv[1]] == fp2) { 599 fdp->fd_ofiles[sv[1]] = NULL; 600 fdunused(fdp, sv[1]); 601 FILEDESC_UNLOCK(fdp); 602 fdrop(fp2, td); 603 } else { 604 FILEDESC_UNLOCK(fdp); 605 } 606 fdrop(fp2, td); 607 free3: 608 FILEDESC_LOCK(fdp); 609 if (fdp->fd_ofiles[sv[0]] == fp1) { 610 fdp->fd_ofiles[sv[0]] = NULL; 611 fdunused(fdp, sv[0]); 612 FILEDESC_UNLOCK(fdp); 613 fdrop(fp1, td); 614 } else { 615 FILEDESC_UNLOCK(fdp); 616 } 617 fdrop(fp1, td); 618 free2: 619 (void)soclose(so2); 620 free1: 621 (void)soclose(so1); 622 done2: 623 NET_UNLOCK_GIANT(); 624 return (error); 625 } 626 627 static int 628 sendit(td, s, mp, flags) 629 register struct thread *td; 630 int s; 631 register struct msghdr *mp; 632 int flags; 633 { 634 struct mbuf *control; 635 struct sockaddr *to; 636 int error; 637 638 if (mp->msg_name != NULL) { 639 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); 640 if (error) { 641 to = NULL; 642 goto bad; 643 } 644 mp->msg_name = to; 645 } else { 646 to = NULL; 647 } 648 649 if (mp->msg_control) { 650 if (mp->msg_controllen < sizeof(struct cmsghdr) 651 #ifdef COMPAT_OLDSOCK 652 && mp->msg_flags != MSG_COMPAT 653 #endif 654 ) { 655 error = EINVAL; 656 goto bad; 657 } 658 error = sockargs(&control, mp->msg_control, 659 mp->msg_controllen, MT_CONTROL); 660 if (error) 661 goto bad; 662 #ifdef COMPAT_OLDSOCK 663 if (mp->msg_flags == MSG_COMPAT) { 664 register struct cmsghdr *cm; 665 666 M_PREPEND(control, sizeof(*cm), M_TRYWAIT); 667 if (control == 0) { 668 error = ENOBUFS; 669 goto bad; 670 } else { 671 cm = mtod(control, struct cmsghdr *); 672 cm->cmsg_len = control->m_len; 673 cm->cmsg_level = SOL_SOCKET; 674 cm->cmsg_type = SCM_RIGHTS; 675 } 676 } 677 #endif 678 } else { 679 control = NULL; 680 } 681 682 error = kern_sendit(td, s, mp, flags, control); 683 684 bad: 685 if (to) 686 FREE(to, M_SONAME); 687 return (error); 688 } 689 690 int 691 kern_sendit(td, s, mp, flags, control) 692 struct thread *td; 693 int s; 694 struct msghdr *mp; 695 int flags; 696 struct mbuf *control; 697 { 698 struct uio auio; 699 struct iovec *iov; 700 struct socket *so; 701 int i; 702 int len, error; 703 #ifdef KTRACE 704 struct iovec *ktriov = NULL; 705 struct uio ktruio; 706 int iovlen; 707 #endif 708 709 NET_LOCK_GIANT(); 710 if ((error = fgetsock(td, s, &so, NULL)) != 0) 711 goto bad2; 712 713 #ifdef MAC 714 SOCK_LOCK(so); 715 error = mac_check_socket_send(td->td_ucred, so); 716 SOCK_UNLOCK(so); 717 if (error) 718 goto bad; 719 #endif 720 721 auio.uio_iov = mp->msg_iov; 722 auio.uio_iovcnt = mp->msg_iovlen; 723 auio.uio_segflg = UIO_USERSPACE; 724 auio.uio_rw = UIO_WRITE; 725 auio.uio_td = td; 726 auio.uio_offset = 0; /* XXX */ 727 auio.uio_resid = 0; 728 iov = mp->msg_iov; 729 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 730 if ((auio.uio_resid += iov->iov_len) < 0) { 731 error = EINVAL; 732 goto bad; 733 } 734 } 735 #ifdef KTRACE 736 if (KTRPOINT(td, KTR_GENIO)) { 737 iovlen = auio.uio_iovcnt * sizeof (struct iovec); 738 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK); 739 bcopy(auio.uio_iov, ktriov, iovlen); 740 ktruio = auio; 741 } 742 #endif 743 len = auio.uio_resid; 744 error = so->so_proto->pr_usrreqs->pru_sosend(so, mp->msg_name, &auio, 745 0, control, flags, td); 746 if (error) { 747 if (auio.uio_resid != len && (error == ERESTART || 748 error == EINTR || error == EWOULDBLOCK)) 749 error = 0; 750 /* Generation of SIGPIPE can be controlled per socket */ 751 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE)) { 752 PROC_LOCK(td->td_proc); 753 psignal(td->td_proc, SIGPIPE); 754 PROC_UNLOCK(td->td_proc); 755 } 756 } 757 if (error == 0) 758 td->td_retval[0] = len - auio.uio_resid; 759 #ifdef KTRACE 760 if (ktriov != NULL) { 761 if (error == 0) { 762 ktruio.uio_iov = ktriov; 763 ktruio.uio_resid = td->td_retval[0]; 764 ktrgenio(s, UIO_WRITE, &ktruio, error); 765 } 766 FREE(ktriov, M_TEMP); 767 } 768 #endif 769 bad: 770 fputsock(so); 771 bad2: 772 NET_UNLOCK_GIANT(); 773 return (error); 774 } 775 776 /* 777 * MPSAFE 778 */ 779 int 780 sendto(td, uap) 781 struct thread *td; 782 register struct sendto_args /* { 783 int s; 784 caddr_t buf; 785 size_t len; 786 int flags; 787 caddr_t to; 788 int tolen; 789 } */ *uap; 790 { 791 struct msghdr msg; 792 struct iovec aiov; 793 int error; 794 795 msg.msg_name = uap->to; 796 msg.msg_namelen = uap->tolen; 797 msg.msg_iov = &aiov; 798 msg.msg_iovlen = 1; 799 msg.msg_control = 0; 800 #ifdef COMPAT_OLDSOCK 801 msg.msg_flags = 0; 802 #endif 803 aiov.iov_base = uap->buf; 804 aiov.iov_len = uap->len; 805 error = sendit(td, uap->s, &msg, uap->flags); 806 return (error); 807 } 808 809 #ifdef COMPAT_OLDSOCK 810 /* 811 * MPSAFE 812 */ 813 int 814 osend(td, uap) 815 struct thread *td; 816 register struct osend_args /* { 817 int s; 818 caddr_t buf; 819 int len; 820 int flags; 821 } */ *uap; 822 { 823 struct msghdr msg; 824 struct iovec aiov; 825 int error; 826 827 msg.msg_name = 0; 828 msg.msg_namelen = 0; 829 msg.msg_iov = &aiov; 830 msg.msg_iovlen = 1; 831 aiov.iov_base = uap->buf; 832 aiov.iov_len = uap->len; 833 msg.msg_control = 0; 834 msg.msg_flags = 0; 835 error = sendit(td, uap->s, &msg, uap->flags); 836 return (error); 837 } 838 839 /* 840 * MPSAFE 841 */ 842 int 843 osendmsg(td, uap) 844 struct thread *td; 845 register struct osendmsg_args /* { 846 int s; 847 caddr_t msg; 848 int flags; 849 } */ *uap; 850 { 851 struct msghdr msg; 852 struct iovec aiov[UIO_SMALLIOV], *iov; 853 int error; 854 855 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 856 if (error) 857 goto done2; 858 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 859 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 860 error = EMSGSIZE; 861 goto done2; 862 } 863 MALLOC(iov, struct iovec *, 864 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 865 M_WAITOK); 866 } else { 867 iov = aiov; 868 } 869 error = copyin(msg.msg_iov, iov, 870 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))); 871 if (error) 872 goto done; 873 msg.msg_flags = MSG_COMPAT; 874 msg.msg_iov = iov; 875 error = sendit(td, uap->s, &msg, uap->flags); 876 done: 877 if (iov != aiov) 878 FREE(iov, M_IOV); 879 done2: 880 return (error); 881 } 882 #endif 883 884 /* 885 * MPSAFE 886 */ 887 int 888 sendmsg(td, uap) 889 struct thread *td; 890 register struct sendmsg_args /* { 891 int s; 892 caddr_t msg; 893 int flags; 894 } */ *uap; 895 { 896 struct msghdr msg; 897 struct iovec aiov[UIO_SMALLIOV], *iov; 898 int error; 899 900 error = copyin(uap->msg, &msg, sizeof (msg)); 901 if (error) 902 goto done2; 903 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 904 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 905 error = EMSGSIZE; 906 goto done2; 907 } 908 MALLOC(iov, struct iovec *, 909 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 910 M_WAITOK); 911 } else { 912 iov = aiov; 913 } 914 if (msg.msg_iovlen && 915 (error = copyin(msg.msg_iov, iov, 916 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))))) 917 goto done; 918 msg.msg_iov = iov; 919 #ifdef COMPAT_OLDSOCK 920 msg.msg_flags = 0; 921 #endif 922 error = sendit(td, uap->s, &msg, uap->flags); 923 done: 924 if (iov != aiov) 925 FREE(iov, M_IOV); 926 done2: 927 return (error); 928 } 929 930 static int 931 recvit(td, s, mp, namelenp) 932 register struct thread *td; 933 int s; 934 register struct msghdr *mp; 935 void *namelenp; 936 { 937 struct uio auio; 938 register struct iovec *iov; 939 register int i; 940 socklen_t len; 941 int error; 942 struct mbuf *m, *control = 0; 943 caddr_t ctlbuf; 944 struct socket *so; 945 struct sockaddr *fromsa = 0; 946 #ifdef KTRACE 947 struct iovec *ktriov = NULL; 948 struct uio ktruio; 949 int iovlen; 950 #endif 951 952 NET_LOCK_GIANT(); 953 if ((error = fgetsock(td, s, &so, NULL)) != 0) { 954 NET_UNLOCK_GIANT(); 955 return (error); 956 } 957 958 #ifdef MAC 959 SOCK_LOCK(so); 960 error = mac_check_socket_receive(td->td_ucred, so); 961 SOCK_UNLOCK(so); 962 if (error) { 963 fputsock(so); 964 NET_UNLOCK_GIANT(); 965 return (error); 966 } 967 #endif 968 969 auio.uio_iov = mp->msg_iov; 970 auio.uio_iovcnt = mp->msg_iovlen; 971 auio.uio_segflg = UIO_USERSPACE; 972 auio.uio_rw = UIO_READ; 973 auio.uio_td = td; 974 auio.uio_offset = 0; /* XXX */ 975 auio.uio_resid = 0; 976 iov = mp->msg_iov; 977 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 978 if ((auio.uio_resid += iov->iov_len) < 0) { 979 fputsock(so); 980 NET_UNLOCK_GIANT(); 981 return (EINVAL); 982 } 983 } 984 #ifdef KTRACE 985 if (KTRPOINT(td, KTR_GENIO)) { 986 iovlen = auio.uio_iovcnt * sizeof (struct iovec); 987 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK); 988 bcopy(auio.uio_iov, ktriov, iovlen); 989 ktruio = auio; 990 } 991 #endif 992 len = auio.uio_resid; 993 error = so->so_proto->pr_usrreqs->pru_soreceive(so, &fromsa, &auio, 994 (struct mbuf **)0, mp->msg_control ? &control : (struct mbuf **)0, 995 &mp->msg_flags); 996 if (error) { 997 if (auio.uio_resid != (int)len && (error == ERESTART || 998 error == EINTR || error == EWOULDBLOCK)) 999 error = 0; 1000 } 1001 #ifdef KTRACE 1002 if (ktriov != NULL) { 1003 if (error == 0) { 1004 ktruio.uio_iov = ktriov; 1005 ktruio.uio_resid = (int)len - auio.uio_resid; 1006 ktrgenio(s, UIO_READ, &ktruio, error); 1007 } 1008 FREE(ktriov, M_TEMP); 1009 } 1010 #endif 1011 if (error) 1012 goto out; 1013 td->td_retval[0] = (int)len - auio.uio_resid; 1014 if (mp->msg_name) { 1015 len = mp->msg_namelen; 1016 if (len <= 0 || fromsa == 0) 1017 len = 0; 1018 else { 1019 /* save sa_len before it is destroyed by MSG_COMPAT */ 1020 len = MIN(len, fromsa->sa_len); 1021 #ifdef COMPAT_OLDSOCK 1022 if (mp->msg_flags & MSG_COMPAT) 1023 ((struct osockaddr *)fromsa)->sa_family = 1024 fromsa->sa_family; 1025 #endif 1026 error = copyout(fromsa, mp->msg_name, (unsigned)len); 1027 if (error) 1028 goto out; 1029 } 1030 mp->msg_namelen = len; 1031 if (namelenp && 1032 (error = copyout(&len, namelenp, sizeof (socklen_t)))) { 1033 #ifdef COMPAT_OLDSOCK 1034 if (mp->msg_flags & MSG_COMPAT) 1035 error = 0; /* old recvfrom didn't check */ 1036 else 1037 #endif 1038 goto out; 1039 } 1040 } 1041 if (mp->msg_control) { 1042 #ifdef COMPAT_OLDSOCK 1043 /* 1044 * We assume that old recvmsg calls won't receive access 1045 * rights and other control info, esp. as control info 1046 * is always optional and those options didn't exist in 4.3. 1047 * If we receive rights, trim the cmsghdr; anything else 1048 * is tossed. 1049 */ 1050 if (control && mp->msg_flags & MSG_COMPAT) { 1051 if (mtod(control, struct cmsghdr *)->cmsg_level != 1052 SOL_SOCKET || 1053 mtod(control, struct cmsghdr *)->cmsg_type != 1054 SCM_RIGHTS) { 1055 mp->msg_controllen = 0; 1056 goto out; 1057 } 1058 control->m_len -= sizeof (struct cmsghdr); 1059 control->m_data += sizeof (struct cmsghdr); 1060 } 1061 #endif 1062 len = mp->msg_controllen; 1063 m = control; 1064 mp->msg_controllen = 0; 1065 ctlbuf = mp->msg_control; 1066 1067 while (m && len > 0) { 1068 unsigned int tocopy; 1069 1070 if (len >= m->m_len) 1071 tocopy = m->m_len; 1072 else { 1073 mp->msg_flags |= MSG_CTRUNC; 1074 tocopy = len; 1075 } 1076 1077 if ((error = copyout(mtod(m, caddr_t), 1078 ctlbuf, tocopy)) != 0) 1079 goto out; 1080 1081 ctlbuf += tocopy; 1082 len -= tocopy; 1083 m = m->m_next; 1084 } 1085 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control; 1086 } 1087 out: 1088 fputsock(so); 1089 NET_UNLOCK_GIANT(); 1090 if (fromsa) 1091 FREE(fromsa, M_SONAME); 1092 if (control) 1093 m_freem(control); 1094 return (error); 1095 } 1096 1097 /* 1098 * MPSAFE 1099 */ 1100 int 1101 recvfrom(td, uap) 1102 struct thread *td; 1103 register struct recvfrom_args /* { 1104 int s; 1105 caddr_t buf; 1106 size_t len; 1107 int flags; 1108 struct sockaddr * __restrict from; 1109 socklen_t * __restrict fromlenaddr; 1110 } */ *uap; 1111 { 1112 struct msghdr msg; 1113 struct iovec aiov; 1114 int error; 1115 1116 if (uap->fromlenaddr) { 1117 error = copyin(uap->fromlenaddr, 1118 &msg.msg_namelen, sizeof (msg.msg_namelen)); 1119 if (error) 1120 goto done2; 1121 } else { 1122 msg.msg_namelen = 0; 1123 } 1124 msg.msg_name = uap->from; 1125 msg.msg_iov = &aiov; 1126 msg.msg_iovlen = 1; 1127 aiov.iov_base = uap->buf; 1128 aiov.iov_len = uap->len; 1129 msg.msg_control = 0; 1130 msg.msg_flags = uap->flags; 1131 error = recvit(td, uap->s, &msg, uap->fromlenaddr); 1132 done2: 1133 return(error); 1134 } 1135 1136 #ifdef COMPAT_OLDSOCK 1137 /* 1138 * MPSAFE 1139 */ 1140 int 1141 orecvfrom(td, uap) 1142 struct thread *td; 1143 struct recvfrom_args *uap; 1144 { 1145 1146 uap->flags |= MSG_COMPAT; 1147 return (recvfrom(td, uap)); 1148 } 1149 #endif 1150 1151 1152 #ifdef COMPAT_OLDSOCK 1153 /* 1154 * MPSAFE 1155 */ 1156 int 1157 orecv(td, uap) 1158 struct thread *td; 1159 register struct orecv_args /* { 1160 int s; 1161 caddr_t buf; 1162 int len; 1163 int flags; 1164 } */ *uap; 1165 { 1166 struct msghdr msg; 1167 struct iovec aiov; 1168 int error; 1169 1170 msg.msg_name = 0; 1171 msg.msg_namelen = 0; 1172 msg.msg_iov = &aiov; 1173 msg.msg_iovlen = 1; 1174 aiov.iov_base = uap->buf; 1175 aiov.iov_len = uap->len; 1176 msg.msg_control = 0; 1177 msg.msg_flags = uap->flags; 1178 error = recvit(td, uap->s, &msg, NULL); 1179 return (error); 1180 } 1181 1182 /* 1183 * Old recvmsg. This code takes advantage of the fact that the old msghdr 1184 * overlays the new one, missing only the flags, and with the (old) access 1185 * rights where the control fields are now. 1186 * 1187 * MPSAFE 1188 */ 1189 int 1190 orecvmsg(td, uap) 1191 struct thread *td; 1192 register struct orecvmsg_args /* { 1193 int s; 1194 struct omsghdr *msg; 1195 int flags; 1196 } */ *uap; 1197 { 1198 struct msghdr msg; 1199 struct iovec aiov[UIO_SMALLIOV], *iov; 1200 int error; 1201 1202 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 1203 if (error) 1204 return (error); 1205 1206 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 1207 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 1208 error = EMSGSIZE; 1209 goto done2; 1210 } 1211 MALLOC(iov, struct iovec *, 1212 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 1213 M_WAITOK); 1214 } else { 1215 iov = aiov; 1216 } 1217 msg.msg_flags = uap->flags | MSG_COMPAT; 1218 error = copyin(msg.msg_iov, iov, 1219 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))); 1220 if (error) 1221 goto done; 1222 msg.msg_iov = iov; 1223 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen); 1224 1225 if (msg.msg_controllen && error == 0) 1226 error = copyout(&msg.msg_controllen, 1227 &uap->msg->msg_accrightslen, sizeof (int)); 1228 done: 1229 if (iov != aiov) 1230 FREE(iov, M_IOV); 1231 done2: 1232 return (error); 1233 } 1234 #endif 1235 1236 /* 1237 * MPSAFE 1238 */ 1239 int 1240 recvmsg(td, uap) 1241 struct thread *td; 1242 register struct recvmsg_args /* { 1243 int s; 1244 struct msghdr *msg; 1245 int flags; 1246 } */ *uap; 1247 { 1248 struct msghdr msg; 1249 struct iovec aiov[UIO_SMALLIOV], *uiov, *iov; 1250 register int error; 1251 1252 error = copyin(uap->msg, &msg, sizeof (msg)); 1253 if (error) 1254 goto done2; 1255 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 1256 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 1257 error = EMSGSIZE; 1258 goto done2; 1259 } 1260 MALLOC(iov, struct iovec *, 1261 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 1262 M_WAITOK); 1263 } else { 1264 iov = aiov; 1265 } 1266 #ifdef COMPAT_OLDSOCK 1267 msg.msg_flags = uap->flags &~ MSG_COMPAT; 1268 #else 1269 msg.msg_flags = uap->flags; 1270 #endif 1271 uiov = msg.msg_iov; 1272 msg.msg_iov = iov; 1273 error = copyin(uiov, iov, 1274 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))); 1275 if (error) 1276 goto done; 1277 error = recvit(td, uap->s, &msg, NULL); 1278 if (!error) { 1279 msg.msg_iov = uiov; 1280 error = copyout(&msg, uap->msg, sizeof(msg)); 1281 } 1282 done: 1283 if (iov != aiov) 1284 FREE(iov, M_IOV); 1285 done2: 1286 return (error); 1287 } 1288 1289 /* 1290 * MPSAFE 1291 */ 1292 /* ARGSUSED */ 1293 int 1294 shutdown(td, uap) 1295 struct thread *td; 1296 register struct shutdown_args /* { 1297 int s; 1298 int how; 1299 } */ *uap; 1300 { 1301 struct socket *so; 1302 int error; 1303 1304 NET_LOCK_GIANT(); 1305 if ((error = fgetsock(td, uap->s, &so, NULL)) == 0) { 1306 error = soshutdown(so, uap->how); 1307 fputsock(so); 1308 } 1309 NET_UNLOCK_GIANT(); 1310 return(error); 1311 } 1312 1313 /* 1314 * MPSAFE 1315 */ 1316 /* ARGSUSED */ 1317 int 1318 setsockopt(td, uap) 1319 struct thread *td; 1320 register struct setsockopt_args /* { 1321 int s; 1322 int level; 1323 int name; 1324 caddr_t val; 1325 int valsize; 1326 } */ *uap; 1327 { 1328 struct socket *so; 1329 struct sockopt sopt; 1330 int error; 1331 1332 if (uap->val == 0 && uap->valsize != 0) 1333 return (EFAULT); 1334 if (uap->valsize < 0) 1335 return (EINVAL); 1336 1337 NET_LOCK_GIANT(); 1338 if ((error = fgetsock(td, uap->s, &so, NULL)) == 0) { 1339 sopt.sopt_dir = SOPT_SET; 1340 sopt.sopt_level = uap->level; 1341 sopt.sopt_name = uap->name; 1342 sopt.sopt_val = uap->val; 1343 sopt.sopt_valsize = uap->valsize; 1344 sopt.sopt_td = td; 1345 error = sosetopt(so, &sopt); 1346 fputsock(so); 1347 } 1348 NET_UNLOCK_GIANT(); 1349 return(error); 1350 } 1351 1352 /* 1353 * MPSAFE 1354 */ 1355 /* ARGSUSED */ 1356 int 1357 getsockopt(td, uap) 1358 struct thread *td; 1359 register struct getsockopt_args /* { 1360 int s; 1361 int level; 1362 int name; 1363 void * __restrict val; 1364 socklen_t * __restrict avalsize; 1365 } */ *uap; 1366 { 1367 socklen_t valsize; 1368 int error; 1369 struct socket *so; 1370 struct sockopt sopt; 1371 1372 NET_LOCK_GIANT(); 1373 if ((error = fgetsock(td, uap->s, &so, NULL)) != 0) 1374 goto done2; 1375 if (uap->val) { 1376 error = copyin(uap->avalsize, &valsize, sizeof (valsize)); 1377 if (error) 1378 goto done1; 1379 if (valsize < 0) { 1380 error = EINVAL; 1381 goto done1; 1382 } 1383 } else { 1384 valsize = 0; 1385 } 1386 1387 sopt.sopt_dir = SOPT_GET; 1388 sopt.sopt_level = uap->level; 1389 sopt.sopt_name = uap->name; 1390 sopt.sopt_val = uap->val; 1391 sopt.sopt_valsize = (size_t)valsize; /* checked non-negative above */ 1392 sopt.sopt_td = td; 1393 1394 error = sogetopt(so, &sopt); 1395 if (error == 0) { 1396 valsize = sopt.sopt_valsize; 1397 error = copyout(&valsize, uap->avalsize, sizeof (valsize)); 1398 } 1399 done1: 1400 fputsock(so); 1401 done2: 1402 NET_UNLOCK_GIANT(); 1403 return (error); 1404 } 1405 1406 /* 1407 * getsockname1() - Get socket name. 1408 * 1409 * MPSAFE 1410 */ 1411 /* ARGSUSED */ 1412 static int 1413 getsockname1(td, uap, compat) 1414 struct thread *td; 1415 register struct getsockname_args /* { 1416 int fdes; 1417 struct sockaddr * __restrict asa; 1418 socklen_t * __restrict alen; 1419 } */ *uap; 1420 int compat; 1421 { 1422 struct socket *so; 1423 struct sockaddr *sa; 1424 socklen_t len; 1425 int error; 1426 1427 NET_LOCK_GIANT(); 1428 if ((error = fgetsock(td, uap->fdes, &so, NULL)) != 0) 1429 goto done2; 1430 error = copyin(uap->alen, &len, sizeof (len)); 1431 if (error) 1432 goto done1; 1433 if (len < 0) { 1434 error = EINVAL; 1435 goto done1; 1436 } 1437 sa = 0; 1438 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, &sa); 1439 if (error) 1440 goto bad; 1441 if (sa == 0) { 1442 len = 0; 1443 goto gotnothing; 1444 } 1445 1446 len = MIN(len, sa->sa_len); 1447 #ifdef COMPAT_OLDSOCK 1448 if (compat) 1449 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1450 #endif 1451 error = copyout(sa, uap->asa, (u_int)len); 1452 if (error == 0) 1453 gotnothing: 1454 error = copyout(&len, uap->alen, sizeof (len)); 1455 bad: 1456 if (sa) 1457 FREE(sa, M_SONAME); 1458 done1: 1459 fputsock(so); 1460 done2: 1461 NET_UNLOCK_GIANT(); 1462 return (error); 1463 } 1464 1465 /* 1466 * MPSAFE 1467 */ 1468 int 1469 getsockname(td, uap) 1470 struct thread *td; 1471 struct getsockname_args *uap; 1472 { 1473 1474 return (getsockname1(td, uap, 0)); 1475 } 1476 1477 #ifdef COMPAT_OLDSOCK 1478 /* 1479 * MPSAFE 1480 */ 1481 int 1482 ogetsockname(td, uap) 1483 struct thread *td; 1484 struct getsockname_args *uap; 1485 { 1486 1487 return (getsockname1(td, uap, 1)); 1488 } 1489 #endif /* COMPAT_OLDSOCK */ 1490 1491 /* 1492 * getpeername1() - Get name of peer for connected socket. 1493 * 1494 * MPSAFE 1495 */ 1496 /* ARGSUSED */ 1497 static int 1498 getpeername1(td, uap, compat) 1499 struct thread *td; 1500 register struct getpeername_args /* { 1501 int fdes; 1502 struct sockaddr * __restrict asa; 1503 socklen_t * __restrict alen; 1504 } */ *uap; 1505 int compat; 1506 { 1507 struct socket *so; 1508 struct sockaddr *sa; 1509 socklen_t len; 1510 int error; 1511 1512 NET_LOCK_GIANT(); 1513 if ((error = fgetsock(td, uap->fdes, &so, NULL)) != 0) 1514 goto done2; 1515 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) { 1516 error = ENOTCONN; 1517 goto done1; 1518 } 1519 error = copyin(uap->alen, &len, sizeof (len)); 1520 if (error) 1521 goto done1; 1522 if (len < 0) { 1523 error = EINVAL; 1524 goto done1; 1525 } 1526 sa = 0; 1527 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, &sa); 1528 if (error) 1529 goto bad; 1530 if (sa == 0) { 1531 len = 0; 1532 goto gotnothing; 1533 } 1534 len = MIN(len, sa->sa_len); 1535 #ifdef COMPAT_OLDSOCK 1536 if (compat) 1537 ((struct osockaddr *)sa)->sa_family = 1538 sa->sa_family; 1539 #endif 1540 error = copyout(sa, uap->asa, (u_int)len); 1541 if (error) 1542 goto bad; 1543 gotnothing: 1544 error = copyout(&len, uap->alen, sizeof (len)); 1545 bad: 1546 if (sa) 1547 FREE(sa, M_SONAME); 1548 done1: 1549 fputsock(so); 1550 done2: 1551 NET_UNLOCK_GIANT(); 1552 return (error); 1553 } 1554 1555 /* 1556 * MPSAFE 1557 */ 1558 int 1559 getpeername(td, uap) 1560 struct thread *td; 1561 struct getpeername_args *uap; 1562 { 1563 1564 return (getpeername1(td, uap, 0)); 1565 } 1566 1567 #ifdef COMPAT_OLDSOCK 1568 /* 1569 * MPSAFE 1570 */ 1571 int 1572 ogetpeername(td, uap) 1573 struct thread *td; 1574 struct ogetpeername_args *uap; 1575 { 1576 1577 /* XXX uap should have type `getpeername_args *' to begin with. */ 1578 return (getpeername1(td, (struct getpeername_args *)uap, 1)); 1579 } 1580 #endif /* COMPAT_OLDSOCK */ 1581 1582 int 1583 sockargs(mp, buf, buflen, type) 1584 struct mbuf **mp; 1585 caddr_t buf; 1586 int buflen, type; 1587 { 1588 register struct sockaddr *sa; 1589 register struct mbuf *m; 1590 int error; 1591 1592 if ((u_int)buflen > MLEN) { 1593 #ifdef COMPAT_OLDSOCK 1594 if (type == MT_SONAME && (u_int)buflen <= 112) 1595 buflen = MLEN; /* unix domain compat. hack */ 1596 else 1597 #endif 1598 if ((u_int)buflen > MCLBYTES) 1599 return (EINVAL); 1600 } 1601 m = m_get(M_TRYWAIT, type); 1602 if (m == NULL) 1603 return (ENOBUFS); 1604 if ((u_int)buflen > MLEN) { 1605 MCLGET(m, M_TRYWAIT); 1606 if ((m->m_flags & M_EXT) == 0) { 1607 m_free(m); 1608 return (ENOBUFS); 1609 } 1610 } 1611 m->m_len = buflen; 1612 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen); 1613 if (error) 1614 (void) m_free(m); 1615 else { 1616 *mp = m; 1617 if (type == MT_SONAME) { 1618 sa = mtod(m, struct sockaddr *); 1619 1620 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1621 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1622 sa->sa_family = sa->sa_len; 1623 #endif 1624 sa->sa_len = buflen; 1625 } 1626 } 1627 return (error); 1628 } 1629 1630 int 1631 getsockaddr(namp, uaddr, len) 1632 struct sockaddr **namp; 1633 caddr_t uaddr; 1634 size_t len; 1635 { 1636 struct sockaddr *sa; 1637 int error; 1638 1639 if (len > SOCK_MAXADDRLEN) 1640 return (ENAMETOOLONG); 1641 if (len < offsetof(struct sockaddr, sa_data[0])) 1642 return (EINVAL); 1643 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK); 1644 error = copyin(uaddr, sa, len); 1645 if (error) { 1646 FREE(sa, M_SONAME); 1647 } else { 1648 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1649 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1650 sa->sa_family = sa->sa_len; 1651 #endif 1652 sa->sa_len = len; 1653 *namp = sa; 1654 } 1655 return (error); 1656 } 1657 1658 /* 1659 * Detach mapped page and release resources back to the system. 1660 */ 1661 void 1662 sf_buf_mext(void *addr, void *args) 1663 { 1664 vm_page_t m; 1665 1666 m = sf_buf_page(args); 1667 sf_buf_free(args); 1668 vm_page_lock_queues(); 1669 vm_page_unwire(m, 0); 1670 /* 1671 * Check for the object going away on us. This can 1672 * happen since we don't hold a reference to it. 1673 * If so, we're responsible for freeing the page. 1674 */ 1675 if (m->wire_count == 0 && m->object == NULL) 1676 vm_page_free(m); 1677 vm_page_unlock_queues(); 1678 } 1679 1680 /* 1681 * sendfile(2) 1682 * 1683 * MPSAFE 1684 * 1685 * int sendfile(int fd, int s, off_t offset, size_t nbytes, 1686 * struct sf_hdtr *hdtr, off_t *sbytes, int flags) 1687 * 1688 * Send a file specified by 'fd' and starting at 'offset' to a socket 1689 * specified by 's'. Send only 'nbytes' of the file or until EOF if 1690 * nbytes == 0. Optionally add a header and/or trailer to the socket 1691 * output. If specified, write the total number of bytes sent into *sbytes. 1692 * 1693 */ 1694 int 1695 sendfile(struct thread *td, struct sendfile_args *uap) 1696 { 1697 1698 return (do_sendfile(td, uap, 0)); 1699 } 1700 1701 #ifdef COMPAT_FREEBSD4 1702 int 1703 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap) 1704 { 1705 struct sendfile_args args; 1706 1707 args.fd = uap->fd; 1708 args.s = uap->s; 1709 args.offset = uap->offset; 1710 args.nbytes = uap->nbytes; 1711 args.hdtr = uap->hdtr; 1712 args.sbytes = uap->sbytes; 1713 args.flags = uap->flags; 1714 1715 return (do_sendfile(td, &args, 1)); 1716 } 1717 #endif /* COMPAT_FREEBSD4 */ 1718 1719 static int 1720 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat) 1721 { 1722 struct vnode *vp; 1723 struct vm_object *obj; 1724 struct socket *so = NULL; 1725 struct mbuf *m, *m_header = NULL; 1726 struct sf_buf *sf; 1727 struct vm_page *pg; 1728 struct writev_args nuap; 1729 struct sf_hdtr hdtr; 1730 struct uio hdr_uio; 1731 off_t off, xfsize, hdtr_size, sbytes = 0; 1732 int error, s, headersize = 0, headersent = 0; 1733 struct iovec *hdr_iov = NULL; 1734 1735 mtx_lock(&Giant); 1736 1737 hdtr_size = 0; 1738 1739 /* 1740 * The descriptor must be a regular file and have a backing VM object. 1741 */ 1742 if ((error = fgetvp_read(td, uap->fd, &vp)) != 0) 1743 goto done; 1744 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1745 if (vp->v_type != VREG || VOP_GETVOBJECT(vp, &obj) != 0) { 1746 error = EINVAL; 1747 VOP_UNLOCK(vp, 0, td); 1748 goto done; 1749 } 1750 VOP_UNLOCK(vp, 0, td); 1751 if ((error = fgetsock(td, uap->s, &so, NULL)) != 0) 1752 goto done; 1753 if (so->so_type != SOCK_STREAM) { 1754 error = EINVAL; 1755 goto done; 1756 } 1757 if ((so->so_state & SS_ISCONNECTED) == 0) { 1758 error = ENOTCONN; 1759 goto done; 1760 } 1761 if (uap->offset < 0) { 1762 error = EINVAL; 1763 goto done; 1764 } 1765 1766 #ifdef MAC 1767 SOCK_LOCK(so); 1768 error = mac_check_socket_send(td->td_ucred, so); 1769 SOCK_UNLOCK(so); 1770 if (error) 1771 goto done; 1772 #endif 1773 1774 /* 1775 * If specified, get the pointer to the sf_hdtr struct for 1776 * any headers/trailers. 1777 */ 1778 if (uap->hdtr != NULL) { 1779 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr)); 1780 if (error) 1781 goto done; 1782 /* 1783 * Send any headers. 1784 */ 1785 if (hdtr.headers != NULL) { 1786 hdr_uio.uio_td = td; 1787 hdr_uio.uio_rw = UIO_WRITE; 1788 error = uiofromiov(hdtr.headers, hdtr.hdr_cnt, 1789 &hdr_uio); 1790 if (error) 1791 goto done; 1792 /* Cache hdr_iov, m_uiotombuf may change it. */ 1793 hdr_iov = hdr_uio.uio_iov; 1794 if (hdr_uio.uio_resid > 0) { 1795 m_header = m_uiotombuf(&hdr_uio, M_DONTWAIT, 0); 1796 if (m_header == NULL) 1797 goto done; 1798 headersize = m_header->m_pkthdr.len; 1799 if (compat) 1800 sbytes += headersize; 1801 } 1802 } 1803 } 1804 1805 /* 1806 * Protect against multiple writers to the socket. 1807 */ 1808 SOCKBUF_LOCK(&so->so_snd); 1809 (void) sblock(&so->so_snd, M_WAITOK); 1810 SOCKBUF_UNLOCK(&so->so_snd); 1811 1812 /* 1813 * Loop through the pages in the file, starting with the requested 1814 * offset. Get a file page (do I/O if necessary), map the file page 1815 * into an sf_buf, attach an mbuf header to the sf_buf, and queue 1816 * it on the socket. 1817 */ 1818 for (off = uap->offset; ; off += xfsize, sbytes += xfsize) { 1819 vm_pindex_t pindex; 1820 vm_offset_t pgoff; 1821 1822 pindex = OFF_TO_IDX(off); 1823 VM_OBJECT_LOCK(obj); 1824 retry_lookup: 1825 /* 1826 * Calculate the amount to transfer. Not to exceed a page, 1827 * the EOF, or the passed in nbytes. 1828 */ 1829 xfsize = obj->un_pager.vnp.vnp_size - off; 1830 VM_OBJECT_UNLOCK(obj); 1831 if (xfsize > PAGE_SIZE) 1832 xfsize = PAGE_SIZE; 1833 pgoff = (vm_offset_t)(off & PAGE_MASK); 1834 if (PAGE_SIZE - pgoff < xfsize) 1835 xfsize = PAGE_SIZE - pgoff; 1836 if (uap->nbytes && xfsize > (uap->nbytes - sbytes)) 1837 xfsize = uap->nbytes - sbytes; 1838 if (xfsize <= 0) { 1839 if (m_header != NULL) { 1840 m = m_header; 1841 m_header = NULL; 1842 goto retry_space; 1843 } else 1844 break; 1845 } 1846 /* 1847 * Optimize the non-blocking case by looking at the socket space 1848 * before going to the extra work of constituting the sf_buf. 1849 */ 1850 SOCKBUF_LOCK(&so->so_snd); 1851 if ((so->so_state & SS_NBIO) && sbspace(&so->so_snd) <= 0) { 1852 if (so->so_snd.sb_state & SBS_CANTSENDMORE) 1853 error = EPIPE; 1854 else 1855 error = EAGAIN; 1856 sbunlock(&so->so_snd); 1857 SOCKBUF_UNLOCK(&so->so_snd); 1858 goto done; 1859 } 1860 SOCKBUF_UNLOCK(&so->so_snd); 1861 VM_OBJECT_LOCK(obj); 1862 /* 1863 * Attempt to look up the page. 1864 * 1865 * Allocate if not found 1866 * 1867 * Wait and loop if busy. 1868 */ 1869 pg = vm_page_lookup(obj, pindex); 1870 1871 if (pg == NULL) { 1872 pg = vm_page_alloc(obj, pindex, 1873 VM_ALLOC_NORMAL | VM_ALLOC_WIRED); 1874 if (pg == NULL) { 1875 VM_OBJECT_UNLOCK(obj); 1876 VM_WAIT; 1877 VM_OBJECT_LOCK(obj); 1878 goto retry_lookup; 1879 } 1880 vm_page_lock_queues(); 1881 vm_page_wakeup(pg); 1882 } else { 1883 vm_page_lock_queues(); 1884 if (vm_page_sleep_if_busy(pg, TRUE, "sfpbsy")) 1885 goto retry_lookup; 1886 /* 1887 * Wire the page so it does not get ripped out from 1888 * under us. 1889 */ 1890 vm_page_wire(pg); 1891 } 1892 1893 /* 1894 * If page is not valid for what we need, initiate I/O 1895 */ 1896 1897 if (pg->valid && vm_page_is_valid(pg, pgoff, xfsize)) { 1898 VM_OBJECT_UNLOCK(obj); 1899 } else if (uap->flags & SF_NODISKIO) { 1900 error = EBUSY; 1901 } else { 1902 int bsize, resid; 1903 1904 /* 1905 * Ensure that our page is still around when the I/O 1906 * completes. 1907 */ 1908 vm_page_io_start(pg); 1909 vm_page_unlock_queues(); 1910 VM_OBJECT_UNLOCK(obj); 1911 1912 /* 1913 * Get the page from backing store. 1914 */ 1915 bsize = vp->v_mount->mnt_stat.f_iosize; 1916 vn_lock(vp, LK_SHARED | LK_NOPAUSE | LK_RETRY, td); 1917 /* 1918 * XXXMAC: Because we don't have fp->f_cred here, 1919 * we pass in NOCRED. This is probably wrong, but 1920 * is consistent with our original implementation. 1921 */ 1922 error = vn_rdwr(UIO_READ, vp, NULL, MAXBSIZE, 1923 trunc_page(off), UIO_NOCOPY, IO_NODELOCKED | 1924 IO_VMIO | ((MAXBSIZE / bsize) << IO_SEQSHIFT), 1925 td->td_ucred, NOCRED, &resid, td); 1926 VOP_UNLOCK(vp, 0, td); 1927 if (error) 1928 VM_OBJECT_LOCK(obj); 1929 vm_page_lock_queues(); 1930 vm_page_io_finish(pg); 1931 mbstat.sf_iocnt++; 1932 } 1933 1934 if (error) { 1935 vm_page_unwire(pg, 0); 1936 /* 1937 * See if anyone else might know about this page. 1938 * If not and it is not valid, then free it. 1939 */ 1940 if (pg->wire_count == 0 && pg->valid == 0 && 1941 pg->busy == 0 && !(pg->flags & PG_BUSY) && 1942 pg->hold_count == 0) { 1943 vm_page_busy(pg); 1944 vm_page_free(pg); 1945 } 1946 vm_page_unlock_queues(); 1947 VM_OBJECT_UNLOCK(obj); 1948 SOCKBUF_LOCK(&so->so_snd); 1949 sbunlock(&so->so_snd); 1950 SOCKBUF_UNLOCK(&so->so_snd); 1951 goto done; 1952 } 1953 vm_page_unlock_queues(); 1954 1955 /* 1956 * Get a sendfile buf. We usually wait as long as necessary, 1957 * but this wait can be interrupted. 1958 */ 1959 if ((sf = sf_buf_alloc(pg, PCATCH)) == NULL) { 1960 mbstat.sf_allocfail++; 1961 vm_page_lock_queues(); 1962 vm_page_unwire(pg, 0); 1963 if (pg->wire_count == 0 && pg->object == NULL) 1964 vm_page_free(pg); 1965 vm_page_unlock_queues(); 1966 SOCKBUF_LOCK(&so->so_snd); 1967 sbunlock(&so->so_snd); 1968 SOCKBUF_UNLOCK(&so->so_snd); 1969 error = EINTR; 1970 goto done; 1971 } 1972 1973 /* 1974 * Get an mbuf header and set it up as having external storage. 1975 */ 1976 if (m_header) 1977 MGET(m, M_TRYWAIT, MT_DATA); 1978 else 1979 MGETHDR(m, M_TRYWAIT, MT_DATA); 1980 if (m == NULL) { 1981 error = ENOBUFS; 1982 sf_buf_mext((void *)sf_buf_kva(sf), sf); 1983 SOCKBUF_LOCK(&so->so_snd); 1984 sbunlock(&so->so_snd); 1985 SOCKBUF_UNLOCK(&so->so_snd); 1986 goto done; 1987 } 1988 /* 1989 * Setup external storage for mbuf. 1990 */ 1991 MEXTADD(m, sf_buf_kva(sf), PAGE_SIZE, sf_buf_mext, sf, M_RDONLY, 1992 EXT_SFBUF); 1993 m->m_data = (char *)sf_buf_kva(sf) + pgoff; 1994 m->m_pkthdr.len = m->m_len = xfsize; 1995 1996 if (m_header) { 1997 m_cat(m_header, m); 1998 m = m_header; 1999 m_header = NULL; 2000 m_fixhdr(m); 2001 } 2002 2003 /* 2004 * Add the buffer to the socket buffer chain. 2005 */ 2006 s = splnet(); 2007 SOCKBUF_LOCK(&so->so_snd); 2008 retry_space: 2009 /* 2010 * Make sure that the socket is still able to take more data. 2011 * CANTSENDMORE being true usually means that the connection 2012 * was closed. so_error is true when an error was sensed after 2013 * a previous send. 2014 * The state is checked after the page mapping and buffer 2015 * allocation above since those operations may block and make 2016 * any socket checks stale. From this point forward, nothing 2017 * blocks before the pru_send (or more accurately, any blocking 2018 * results in a loop back to here to re-check). 2019 */ 2020 SOCKBUF_LOCK_ASSERT(&so->so_snd); 2021 if ((so->so_snd.sb_state & SBS_CANTSENDMORE) || so->so_error) { 2022 if (so->so_snd.sb_state & SBS_CANTSENDMORE) { 2023 error = EPIPE; 2024 } else { 2025 error = so->so_error; 2026 so->so_error = 0; 2027 } 2028 m_freem(m); 2029 sbunlock(&so->so_snd); 2030 SOCKBUF_UNLOCK(&so->so_snd); 2031 splx(s); 2032 goto done; 2033 } 2034 /* 2035 * Wait for socket space to become available. We do this just 2036 * after checking the connection state above in order to avoid 2037 * a race condition with sbwait(). 2038 */ 2039 if (sbspace(&so->so_snd) < so->so_snd.sb_lowat) { 2040 if (so->so_state & SS_NBIO) { 2041 m_freem(m); 2042 sbunlock(&so->so_snd); 2043 SOCKBUF_UNLOCK(&so->so_snd); 2044 splx(s); 2045 error = EAGAIN; 2046 goto done; 2047 } 2048 error = sbwait(&so->so_snd); 2049 /* 2050 * An error from sbwait usually indicates that we've 2051 * been interrupted by a signal. If we've sent anything 2052 * then return bytes sent, otherwise return the error. 2053 */ 2054 if (error) { 2055 m_freem(m); 2056 sbunlock(&so->so_snd); 2057 SOCKBUF_UNLOCK(&so->so_snd); 2058 splx(s); 2059 goto done; 2060 } 2061 goto retry_space; 2062 } 2063 SOCKBUF_UNLOCK(&so->so_snd); 2064 error = (*so->so_proto->pr_usrreqs->pru_send)(so, 0, m, 0, 0, td); 2065 splx(s); 2066 if (error) { 2067 SOCKBUF_LOCK(&so->so_snd); 2068 sbunlock(&so->so_snd); 2069 SOCKBUF_UNLOCK(&so->so_snd); 2070 goto done; 2071 } 2072 headersent = 1; 2073 } 2074 SOCKBUF_LOCK(&so->so_snd); 2075 sbunlock(&so->so_snd); 2076 SOCKBUF_UNLOCK(&so->so_snd); 2077 2078 /* 2079 * Send trailers. Wimp out and use writev(2). 2080 */ 2081 if (uap->hdtr != NULL && hdtr.trailers != NULL) { 2082 nuap.fd = uap->s; 2083 nuap.iovp = hdtr.trailers; 2084 nuap.iovcnt = hdtr.trl_cnt; 2085 error = writev(td, &nuap); 2086 if (error) 2087 goto done; 2088 if (compat) 2089 sbytes += td->td_retval[0]; 2090 else 2091 hdtr_size += td->td_retval[0]; 2092 } 2093 2094 done: 2095 if (headersent) { 2096 if (!compat) 2097 hdtr_size += headersize; 2098 } else { 2099 if (compat) 2100 sbytes -= headersize; 2101 } 2102 /* 2103 * If there was no error we have to clear td->td_retval[0] 2104 * because it may have been set by writev. 2105 */ 2106 if (error == 0) { 2107 td->td_retval[0] = 0; 2108 } 2109 if (uap->sbytes != NULL) { 2110 if (!compat) 2111 sbytes += hdtr_size; 2112 copyout(&sbytes, uap->sbytes, sizeof(off_t)); 2113 } 2114 if (vp) 2115 vrele(vp); 2116 if (so) 2117 fputsock(so); 2118 if (hdr_iov) 2119 FREE(hdr_iov, M_IOV); 2120 if (m_header) 2121 m_freem(m_header); 2122 2123 mtx_unlock(&Giant); 2124 2125 if (error == ERESTART) 2126 error = EINTR; 2127 2128 return (error); 2129 } 2130