1 /* 2 * Copyright (c) 1982, 1986, 1989, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * sendfile(2) and related extensions: 6 * Copyright (c) 1998, David Greenman. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by the University of 19 * California, Berkeley and its contributors. 20 * 4. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94 37 */ 38 39 #include <sys/cdefs.h> 40 __FBSDID("$FreeBSD$"); 41 42 #include "opt_compat.h" 43 #include "opt_ktrace.h" 44 #include "opt_mac.h" 45 46 #include <sys/param.h> 47 #include <sys/systm.h> 48 #include <sys/kernel.h> 49 #include <sys/lock.h> 50 #include <sys/mac.h> 51 #include <sys/mutex.h> 52 #include <sys/sysproto.h> 53 #include <sys/malloc.h> 54 #include <sys/filedesc.h> 55 #include <sys/event.h> 56 #include <sys/proc.h> 57 #include <sys/fcntl.h> 58 #include <sys/file.h> 59 #include <sys/filio.h> 60 #include <sys/mount.h> 61 #include <sys/mbuf.h> 62 #include <sys/protosw.h> 63 #include <sys/socket.h> 64 #include <sys/socketvar.h> 65 #include <sys/signalvar.h> 66 #include <sys/syscallsubr.h> 67 #include <sys/uio.h> 68 #include <sys/vnode.h> 69 #ifdef KTRACE 70 #include <sys/ktrace.h> 71 #endif 72 73 #include <vm/vm.h> 74 #include <vm/vm_object.h> 75 #include <vm/vm_page.h> 76 #include <vm/vm_pageout.h> 77 #include <vm/vm_kern.h> 78 #include <vm/vm_extern.h> 79 80 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags); 81 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp); 82 83 static int accept1(struct thread *td, struct accept_args *uap, int compat); 84 static int do_sendfile(struct thread *td, struct sendfile_args *uap, int compat); 85 static int getsockname1(struct thread *td, struct getsockname_args *uap, 86 int compat); 87 static int getpeername1(struct thread *td, struct getpeername_args *uap, 88 int compat); 89 90 /* 91 * System call interface to the socket abstraction. 92 */ 93 #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 94 #define COMPAT_OLDSOCK 95 #endif 96 97 /* 98 * MPSAFE 99 */ 100 int 101 socket(td, uap) 102 struct thread *td; 103 register struct socket_args /* { 104 int domain; 105 int type; 106 int protocol; 107 } */ *uap; 108 { 109 struct filedesc *fdp; 110 struct socket *so; 111 struct file *fp; 112 int fd, error; 113 114 mtx_lock(&Giant); 115 fdp = td->td_proc->p_fd; 116 error = falloc(td, &fp, &fd); 117 if (error) 118 goto done2; 119 /* An extra reference on `fp' has been held for us by falloc(). */ 120 error = socreate(uap->domain, &so, uap->type, uap->protocol, 121 td->td_ucred, td); 122 FILEDESC_LOCK(fdp); 123 if (error) { 124 if (fdp->fd_ofiles[fd] == fp) { 125 fdp->fd_ofiles[fd] = NULL; 126 FILEDESC_UNLOCK(fdp); 127 fdrop(fp, td); 128 } else 129 FILEDESC_UNLOCK(fdp); 130 } else { 131 fp->f_data = so; /* already has ref count */ 132 fp->f_flag = FREAD|FWRITE; 133 fp->f_ops = &socketops; 134 fp->f_type = DTYPE_SOCKET; 135 FILEDESC_UNLOCK(fdp); 136 td->td_retval[0] = fd; 137 } 138 fdrop(fp, td); 139 done2: 140 mtx_unlock(&Giant); 141 return (error); 142 } 143 144 /* 145 * MPSAFE 146 */ 147 /* ARGSUSED */ 148 int 149 bind(td, uap) 150 struct thread *td; 151 register struct bind_args /* { 152 int s; 153 caddr_t name; 154 int namelen; 155 } */ *uap; 156 { 157 struct sockaddr *sa; 158 int error; 159 160 if ((error = getsockaddr(&sa, uap->name, uap->namelen)) != 0) 161 return (error); 162 163 return (kern_bind(td, uap->s, sa)); 164 } 165 166 int 167 kern_bind(td, fd, sa) 168 struct thread *td; 169 int fd; 170 struct sockaddr *sa; 171 { 172 struct socket *so; 173 int error; 174 175 mtx_lock(&Giant); 176 if ((error = fgetsock(td, fd, &so, NULL)) != 0) 177 goto done2; 178 #ifdef MAC 179 error = mac_check_socket_bind(td->td_ucred, so, sa); 180 if (error) 181 goto done1; 182 #endif 183 error = sobind(so, sa, td); 184 #ifdef MAC 185 done1: 186 #endif 187 fputsock(so); 188 done2: 189 mtx_unlock(&Giant); 190 FREE(sa, M_SONAME); 191 return (error); 192 } 193 194 /* 195 * MPSAFE 196 */ 197 /* ARGSUSED */ 198 int 199 listen(td, uap) 200 struct thread *td; 201 register struct listen_args /* { 202 int s; 203 int backlog; 204 } */ *uap; 205 { 206 struct socket *so; 207 int error; 208 209 mtx_lock(&Giant); 210 if ((error = fgetsock(td, uap->s, &so, NULL)) == 0) { 211 #ifdef MAC 212 error = mac_check_socket_listen(td->td_ucred, so); 213 if (error) 214 goto done; 215 #endif 216 error = solisten(so, uap->backlog, td); 217 #ifdef MAC 218 done: 219 #endif 220 fputsock(so); 221 } 222 mtx_unlock(&Giant); 223 return(error); 224 } 225 226 /* 227 * accept1() 228 * MPSAFE 229 */ 230 static int 231 accept1(td, uap, compat) 232 struct thread *td; 233 register struct accept_args /* { 234 int s; 235 caddr_t name; 236 int *anamelen; 237 } */ *uap; 238 int compat; 239 { 240 struct filedesc *fdp; 241 struct file *nfp = NULL; 242 struct sockaddr *sa; 243 int namelen, error, s; 244 struct socket *head, *so; 245 int fd; 246 u_int fflag; 247 pid_t pgid; 248 int tmp; 249 250 fdp = td->td_proc->p_fd; 251 if (uap->name) { 252 error = copyin(uap->anamelen, &namelen, sizeof (namelen)); 253 if(error) 254 goto done3; 255 if (namelen < 0) { 256 error = EINVAL; 257 goto done3; 258 } 259 } 260 mtx_lock(&Giant); 261 error = fgetsock(td, uap->s, &head, &fflag); 262 if (error) 263 goto done2; 264 s = splnet(); 265 if ((head->so_options & SO_ACCEPTCONN) == 0) { 266 splx(s); 267 error = EINVAL; 268 goto done; 269 } 270 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) { 271 if (head->so_state & SS_CANTRCVMORE) { 272 head->so_error = ECONNABORTED; 273 break; 274 } 275 if ((head->so_state & SS_NBIO) != 0) { 276 head->so_error = EWOULDBLOCK; 277 break; 278 } 279 error = tsleep(&head->so_timeo, PSOCK | PCATCH, 280 "accept", 0); 281 if (error) { 282 splx(s); 283 goto done; 284 } 285 } 286 if (head->so_error) { 287 error = head->so_error; 288 head->so_error = 0; 289 splx(s); 290 goto done; 291 } 292 293 /* 294 * At this point we know that there is at least one connection 295 * ready to be accepted. Remove it from the queue prior to 296 * allocating the file descriptor for it since falloc() may 297 * block allowing another process to accept the connection 298 * instead. 299 */ 300 so = TAILQ_FIRST(&head->so_comp); 301 TAILQ_REMOVE(&head->so_comp, so, so_list); 302 head->so_qlen--; 303 304 error = falloc(td, &nfp, &fd); 305 if (error) { 306 /* 307 * Probably ran out of file descriptors. Put the 308 * unaccepted connection back onto the queue and 309 * do another wakeup so some other process might 310 * have a chance at it. 311 */ 312 TAILQ_INSERT_HEAD(&head->so_comp, so, so_list); 313 head->so_qlen++; 314 wakeup_one(&head->so_timeo); 315 splx(s); 316 goto done; 317 } 318 /* An extra reference on `nfp' has been held for us by falloc(). */ 319 td->td_retval[0] = fd; 320 321 /* connection has been removed from the listen queue */ 322 KNOTE(&head->so_rcv.sb_sel.si_note, 0); 323 324 so->so_state &= ~SS_COMP; 325 so->so_head = NULL; 326 pgid = fgetown(&head->so_sigio); 327 if (pgid != 0) 328 fsetown(pgid, &so->so_sigio); 329 330 FILE_LOCK(nfp); 331 soref(so); /* file descriptor reference */ 332 nfp->f_data = so; /* nfp has ref count from falloc */ 333 nfp->f_flag = fflag; 334 nfp->f_ops = &socketops; 335 nfp->f_type = DTYPE_SOCKET; 336 FILE_UNLOCK(nfp); 337 /* Sync socket nonblocking/async state with file flags */ 338 tmp = fflag & FNONBLOCK; 339 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td); 340 tmp = fflag & FASYNC; 341 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td); 342 sa = 0; 343 error = soaccept(so, &sa); 344 if (error) { 345 /* 346 * return a namelen of zero for older code which might 347 * ignore the return value from accept. 348 */ 349 if (uap->name != NULL) { 350 namelen = 0; 351 (void) copyout(&namelen, 352 uap->anamelen, sizeof(*uap->anamelen)); 353 } 354 goto noconnection; 355 } 356 if (sa == NULL) { 357 namelen = 0; 358 if (uap->name) 359 goto gotnoname; 360 splx(s); 361 error = 0; 362 goto done; 363 } 364 if (uap->name) { 365 /* check sa_len before it is destroyed */ 366 if (namelen > sa->sa_len) 367 namelen = sa->sa_len; 368 #ifdef COMPAT_OLDSOCK 369 if (compat) 370 ((struct osockaddr *)sa)->sa_family = 371 sa->sa_family; 372 #endif 373 error = copyout(sa, uap->name, (u_int)namelen); 374 if (!error) 375 gotnoname: 376 error = copyout(&namelen, 377 uap->anamelen, sizeof (*uap->anamelen)); 378 } 379 noconnection: 380 if (sa) 381 FREE(sa, M_SONAME); 382 383 /* 384 * close the new descriptor, assuming someone hasn't ripped it 385 * out from under us. 386 */ 387 if (error) { 388 FILEDESC_LOCK(fdp); 389 if (fdp->fd_ofiles[fd] == nfp) { 390 fdp->fd_ofiles[fd] = NULL; 391 FILEDESC_UNLOCK(fdp); 392 fdrop(nfp, td); 393 } else { 394 FILEDESC_UNLOCK(fdp); 395 } 396 } 397 splx(s); 398 399 /* 400 * Release explicitly held references before returning. 401 */ 402 done: 403 if (nfp != NULL) 404 fdrop(nfp, td); 405 fputsock(head); 406 done2: 407 mtx_unlock(&Giant); 408 done3: 409 return (error); 410 } 411 412 /* 413 * MPSAFE (accept1() is MPSAFE) 414 */ 415 int 416 accept(td, uap) 417 struct thread *td; 418 struct accept_args *uap; 419 { 420 421 return (accept1(td, uap, 0)); 422 } 423 424 #ifdef COMPAT_OLDSOCK 425 /* 426 * MPSAFE (accept1() is MPSAFE) 427 */ 428 int 429 oaccept(td, uap) 430 struct thread *td; 431 struct accept_args *uap; 432 { 433 434 return (accept1(td, uap, 1)); 435 } 436 #endif /* COMPAT_OLDSOCK */ 437 438 /* 439 * MPSAFE 440 */ 441 /* ARGSUSED */ 442 int 443 connect(td, uap) 444 struct thread *td; 445 register struct connect_args /* { 446 int s; 447 caddr_t name; 448 int namelen; 449 } */ *uap; 450 { 451 struct sockaddr *sa; 452 int error; 453 454 error = getsockaddr(&sa, uap->name, uap->namelen); 455 if (error) 456 return error; 457 458 return (kern_connect(td, uap->s, sa)); 459 } 460 461 462 int 463 kern_connect(td, fd, sa) 464 struct thread *td; 465 int fd; 466 struct sockaddr *sa; 467 { 468 struct socket *so; 469 int error, s; 470 int interrupted = 0; 471 472 mtx_lock(&Giant); 473 if ((error = fgetsock(td, fd, &so, NULL)) != 0) 474 goto done2; 475 if (so->so_state & SS_ISCONNECTING) { 476 error = EALREADY; 477 goto done1; 478 } 479 #ifdef MAC 480 error = mac_check_socket_connect(td->td_ucred, so, sa); 481 if (error) 482 goto bad; 483 #endif 484 error = soconnect(so, sa, td); 485 if (error) 486 goto bad; 487 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) { 488 error = EINPROGRESS; 489 goto done1; 490 } 491 s = splnet(); 492 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) { 493 error = tsleep(&so->so_timeo, PSOCK | PCATCH, "connec", 0); 494 if (error) { 495 if (error == EINTR || error == ERESTART) 496 interrupted = 1; 497 break; 498 } 499 } 500 if (error == 0) { 501 error = so->so_error; 502 so->so_error = 0; 503 } 504 splx(s); 505 bad: 506 if (!interrupted) 507 so->so_state &= ~SS_ISCONNECTING; 508 if (error == ERESTART) 509 error = EINTR; 510 done1: 511 fputsock(so); 512 done2: 513 mtx_unlock(&Giant); 514 FREE(sa, M_SONAME); 515 return (error); 516 } 517 518 /* 519 * MPSAFE 520 */ 521 int 522 socketpair(td, uap) 523 struct thread *td; 524 register struct socketpair_args /* { 525 int domain; 526 int type; 527 int protocol; 528 int *rsv; 529 } */ *uap; 530 { 531 register struct filedesc *fdp = td->td_proc->p_fd; 532 struct file *fp1, *fp2; 533 struct socket *so1, *so2; 534 int fd, error, sv[2]; 535 536 mtx_lock(&Giant); 537 error = socreate(uap->domain, &so1, uap->type, uap->protocol, 538 td->td_ucred, td); 539 if (error) 540 goto done2; 541 error = socreate(uap->domain, &so2, uap->type, uap->protocol, 542 td->td_ucred, td); 543 if (error) 544 goto free1; 545 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ 546 error = falloc(td, &fp1, &fd); 547 if (error) 548 goto free2; 549 sv[0] = fd; 550 fp1->f_data = so1; /* so1 already has ref count */ 551 error = falloc(td, &fp2, &fd); 552 if (error) 553 goto free3; 554 fp2->f_data = so2; /* so2 already has ref count */ 555 sv[1] = fd; 556 error = soconnect2(so1, so2); 557 if (error) 558 goto free4; 559 if (uap->type == SOCK_DGRAM) { 560 /* 561 * Datagram socket connection is asymmetric. 562 */ 563 error = soconnect2(so2, so1); 564 if (error) 565 goto free4; 566 } 567 FILE_LOCK(fp1); 568 fp1->f_flag = FREAD|FWRITE; 569 fp1->f_ops = &socketops; 570 fp1->f_type = DTYPE_SOCKET; 571 FILE_UNLOCK(fp1); 572 FILE_LOCK(fp2); 573 fp2->f_flag = FREAD|FWRITE; 574 fp2->f_ops = &socketops; 575 fp2->f_type = DTYPE_SOCKET; 576 FILE_UNLOCK(fp2); 577 error = copyout(sv, uap->rsv, 2 * sizeof (int)); 578 fdrop(fp1, td); 579 fdrop(fp2, td); 580 goto done2; 581 free4: 582 FILEDESC_LOCK(fdp); 583 if (fdp->fd_ofiles[sv[1]] == fp2) { 584 fdp->fd_ofiles[sv[1]] = NULL; 585 FILEDESC_UNLOCK(fdp); 586 fdrop(fp2, td); 587 } else 588 FILEDESC_UNLOCK(fdp); 589 fdrop(fp2, td); 590 free3: 591 FILEDESC_LOCK(fdp); 592 if (fdp->fd_ofiles[sv[0]] == fp1) { 593 fdp->fd_ofiles[sv[0]] = NULL; 594 FILEDESC_UNLOCK(fdp); 595 fdrop(fp1, td); 596 } else 597 FILEDESC_UNLOCK(fdp); 598 fdrop(fp1, td); 599 free2: 600 (void)soclose(so2); 601 free1: 602 (void)soclose(so1); 603 done2: 604 mtx_unlock(&Giant); 605 return (error); 606 } 607 608 static int 609 sendit(td, s, mp, flags) 610 register struct thread *td; 611 int s; 612 register struct msghdr *mp; 613 int flags; 614 { 615 struct mbuf *control; 616 struct sockaddr *to; 617 int error; 618 619 if (mp->msg_name != NULL) { 620 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); 621 if (error) { 622 to = NULL; 623 goto bad; 624 } 625 mp->msg_name = to; 626 } else 627 to = NULL; 628 629 if (mp->msg_control) { 630 if (mp->msg_controllen < sizeof(struct cmsghdr) 631 #ifdef COMPAT_OLDSOCK 632 && mp->msg_flags != MSG_COMPAT 633 #endif 634 ) { 635 error = EINVAL; 636 goto bad; 637 } 638 error = sockargs(&control, mp->msg_control, 639 mp->msg_controllen, MT_CONTROL); 640 if (error) 641 goto bad; 642 #ifdef COMPAT_OLDSOCK 643 if (mp->msg_flags == MSG_COMPAT) { 644 register struct cmsghdr *cm; 645 646 M_PREPEND(control, sizeof(*cm), M_TRYWAIT); 647 if (control == 0) { 648 error = ENOBUFS; 649 goto bad; 650 } else { 651 cm = mtod(control, struct cmsghdr *); 652 cm->cmsg_len = control->m_len; 653 cm->cmsg_level = SOL_SOCKET; 654 cm->cmsg_type = SCM_RIGHTS; 655 } 656 } 657 #endif 658 } else { 659 control = NULL; 660 } 661 662 error = kern_sendit(td, s, mp, flags, control); 663 664 bad: 665 if (to) 666 FREE(to, M_SONAME); 667 return (error); 668 } 669 670 int 671 kern_sendit(td, s, mp, flags, control) 672 struct thread *td; 673 int s; 674 struct msghdr *mp; 675 int flags; 676 struct mbuf *control; 677 { 678 struct uio auio; 679 struct iovec *iov; 680 struct socket *so; 681 int i; 682 int len, error; 683 #ifdef KTRACE 684 struct iovec *ktriov = NULL; 685 struct uio ktruio; 686 int iovlen; 687 #endif 688 689 mtx_lock(&Giant); 690 if ((error = fgetsock(td, s, &so, NULL)) != 0) 691 goto bad2; 692 693 #ifdef MAC 694 error = mac_check_socket_send(td->td_ucred, so); 695 if (error) 696 goto bad; 697 #endif 698 699 auio.uio_iov = mp->msg_iov; 700 auio.uio_iovcnt = mp->msg_iovlen; 701 auio.uio_segflg = UIO_USERSPACE; 702 auio.uio_rw = UIO_WRITE; 703 auio.uio_td = td; 704 auio.uio_offset = 0; /* XXX */ 705 auio.uio_resid = 0; 706 iov = mp->msg_iov; 707 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 708 if ((auio.uio_resid += iov->iov_len) < 0) { 709 error = EINVAL; 710 goto bad; 711 } 712 } 713 #ifdef KTRACE 714 if (KTRPOINT(td, KTR_GENIO)) { 715 iovlen = auio.uio_iovcnt * sizeof (struct iovec); 716 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK); 717 bcopy(auio.uio_iov, ktriov, iovlen); 718 ktruio = auio; 719 } 720 #endif 721 len = auio.uio_resid; 722 error = so->so_proto->pr_usrreqs->pru_sosend(so, mp->msg_name, &auio, 723 0, control, flags, td); 724 if (error) { 725 if (auio.uio_resid != len && (error == ERESTART || 726 error == EINTR || error == EWOULDBLOCK)) 727 error = 0; 728 /* Generation of SIGPIPE can be controlled per socket */ 729 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE)) { 730 PROC_LOCK(td->td_proc); 731 psignal(td->td_proc, SIGPIPE); 732 PROC_UNLOCK(td->td_proc); 733 } 734 } 735 if (error == 0) 736 td->td_retval[0] = len - auio.uio_resid; 737 #ifdef KTRACE 738 if (ktriov != NULL) { 739 if (error == 0) { 740 ktruio.uio_iov = ktriov; 741 ktruio.uio_resid = td->td_retval[0]; 742 ktrgenio(s, UIO_WRITE, &ktruio, error); 743 } 744 FREE(ktriov, M_TEMP); 745 } 746 #endif 747 bad: 748 fputsock(so); 749 bad2: 750 mtx_unlock(&Giant); 751 return (error); 752 } 753 754 /* 755 * MPSAFE 756 */ 757 int 758 sendto(td, uap) 759 struct thread *td; 760 register struct sendto_args /* { 761 int s; 762 caddr_t buf; 763 size_t len; 764 int flags; 765 caddr_t to; 766 int tolen; 767 } */ *uap; 768 { 769 struct msghdr msg; 770 struct iovec aiov; 771 int error; 772 773 msg.msg_name = uap->to; 774 msg.msg_namelen = uap->tolen; 775 msg.msg_iov = &aiov; 776 msg.msg_iovlen = 1; 777 msg.msg_control = 0; 778 #ifdef COMPAT_OLDSOCK 779 msg.msg_flags = 0; 780 #endif 781 aiov.iov_base = uap->buf; 782 aiov.iov_len = uap->len; 783 error = sendit(td, uap->s, &msg, uap->flags); 784 return (error); 785 } 786 787 #ifdef COMPAT_OLDSOCK 788 /* 789 * MPSAFE 790 */ 791 int 792 osend(td, uap) 793 struct thread *td; 794 register struct osend_args /* { 795 int s; 796 caddr_t buf; 797 int len; 798 int flags; 799 } */ *uap; 800 { 801 struct msghdr msg; 802 struct iovec aiov; 803 int error; 804 805 msg.msg_name = 0; 806 msg.msg_namelen = 0; 807 msg.msg_iov = &aiov; 808 msg.msg_iovlen = 1; 809 aiov.iov_base = uap->buf; 810 aiov.iov_len = uap->len; 811 msg.msg_control = 0; 812 msg.msg_flags = 0; 813 error = sendit(td, uap->s, &msg, uap->flags); 814 return (error); 815 } 816 817 /* 818 * MPSAFE 819 */ 820 int 821 osendmsg(td, uap) 822 struct thread *td; 823 register struct osendmsg_args /* { 824 int s; 825 caddr_t msg; 826 int flags; 827 } */ *uap; 828 { 829 struct msghdr msg; 830 struct iovec aiov[UIO_SMALLIOV], *iov; 831 int error; 832 833 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 834 if (error) 835 goto done2; 836 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 837 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 838 error = EMSGSIZE; 839 goto done2; 840 } 841 MALLOC(iov, struct iovec *, 842 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 843 M_WAITOK); 844 } else { 845 iov = aiov; 846 } 847 error = copyin(msg.msg_iov, iov, 848 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))); 849 if (error) 850 goto done; 851 msg.msg_flags = MSG_COMPAT; 852 msg.msg_iov = iov; 853 error = sendit(td, uap->s, &msg, uap->flags); 854 done: 855 if (iov != aiov) 856 FREE(iov, M_IOV); 857 done2: 858 return (error); 859 } 860 #endif 861 862 /* 863 * MPSAFE 864 */ 865 int 866 sendmsg(td, uap) 867 struct thread *td; 868 register struct sendmsg_args /* { 869 int s; 870 caddr_t msg; 871 int flags; 872 } */ *uap; 873 { 874 struct msghdr msg; 875 struct iovec aiov[UIO_SMALLIOV], *iov; 876 int error; 877 878 error = copyin(uap->msg, &msg, sizeof (msg)); 879 if (error) 880 goto done2; 881 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 882 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 883 error = EMSGSIZE; 884 goto done2; 885 } 886 MALLOC(iov, struct iovec *, 887 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 888 M_WAITOK); 889 } else { 890 iov = aiov; 891 } 892 if (msg.msg_iovlen && 893 (error = copyin(msg.msg_iov, iov, 894 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))))) 895 goto done; 896 msg.msg_iov = iov; 897 #ifdef COMPAT_OLDSOCK 898 msg.msg_flags = 0; 899 #endif 900 error = sendit(td, uap->s, &msg, uap->flags); 901 done: 902 if (iov != aiov) 903 FREE(iov, M_IOV); 904 done2: 905 return (error); 906 } 907 908 static int 909 recvit(td, s, mp, namelenp) 910 register struct thread *td; 911 int s; 912 register struct msghdr *mp; 913 void *namelenp; 914 { 915 struct uio auio; 916 register struct iovec *iov; 917 register int i; 918 int len, error; 919 struct mbuf *m, *control = 0; 920 caddr_t ctlbuf; 921 struct socket *so; 922 struct sockaddr *fromsa = 0; 923 #ifdef KTRACE 924 struct iovec *ktriov = NULL; 925 struct uio ktruio; 926 int iovlen; 927 #endif 928 929 mtx_lock(&Giant); 930 if ((error = fgetsock(td, s, &so, NULL)) != 0) { 931 mtx_unlock(&Giant); 932 return (error); 933 } 934 935 #ifdef MAC 936 error = mac_check_socket_receive(td->td_ucred, so); 937 if (error) { 938 fputsock(so); 939 mtx_unlock(&Giant); 940 return (error); 941 } 942 #endif 943 944 auio.uio_iov = mp->msg_iov; 945 auio.uio_iovcnt = mp->msg_iovlen; 946 auio.uio_segflg = UIO_USERSPACE; 947 auio.uio_rw = UIO_READ; 948 auio.uio_td = td; 949 auio.uio_offset = 0; /* XXX */ 950 auio.uio_resid = 0; 951 iov = mp->msg_iov; 952 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 953 if ((auio.uio_resid += iov->iov_len) < 0) { 954 fputsock(so); 955 return (EINVAL); 956 } 957 } 958 #ifdef KTRACE 959 if (KTRPOINT(td, KTR_GENIO)) { 960 iovlen = auio.uio_iovcnt * sizeof (struct iovec); 961 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK); 962 bcopy(auio.uio_iov, ktriov, iovlen); 963 ktruio = auio; 964 } 965 #endif 966 len = auio.uio_resid; 967 error = so->so_proto->pr_usrreqs->pru_soreceive(so, &fromsa, &auio, 968 (struct mbuf **)0, mp->msg_control ? &control : (struct mbuf **)0, 969 &mp->msg_flags); 970 if (error) { 971 if (auio.uio_resid != len && (error == ERESTART || 972 error == EINTR || error == EWOULDBLOCK)) 973 error = 0; 974 } 975 #ifdef KTRACE 976 if (ktriov != NULL) { 977 if (error == 0) { 978 ktruio.uio_iov = ktriov; 979 ktruio.uio_resid = len - auio.uio_resid; 980 ktrgenio(s, UIO_READ, &ktruio, error); 981 } 982 FREE(ktriov, M_TEMP); 983 } 984 #endif 985 if (error) 986 goto out; 987 td->td_retval[0] = len - auio.uio_resid; 988 if (mp->msg_name) { 989 len = mp->msg_namelen; 990 if (len <= 0 || fromsa == 0) 991 len = 0; 992 else { 993 /* save sa_len before it is destroyed by MSG_COMPAT */ 994 len = MIN(len, fromsa->sa_len); 995 #ifdef COMPAT_OLDSOCK 996 if (mp->msg_flags & MSG_COMPAT) 997 ((struct osockaddr *)fromsa)->sa_family = 998 fromsa->sa_family; 999 #endif 1000 error = copyout(fromsa, mp->msg_name, (unsigned)len); 1001 if (error) 1002 goto out; 1003 } 1004 mp->msg_namelen = len; 1005 if (namelenp && 1006 (error = copyout(&len, namelenp, sizeof (int)))) { 1007 #ifdef COMPAT_OLDSOCK 1008 if (mp->msg_flags & MSG_COMPAT) 1009 error = 0; /* old recvfrom didn't check */ 1010 else 1011 #endif 1012 goto out; 1013 } 1014 } 1015 if (mp->msg_control) { 1016 #ifdef COMPAT_OLDSOCK 1017 /* 1018 * We assume that old recvmsg calls won't receive access 1019 * rights and other control info, esp. as control info 1020 * is always optional and those options didn't exist in 4.3. 1021 * If we receive rights, trim the cmsghdr; anything else 1022 * is tossed. 1023 */ 1024 if (control && mp->msg_flags & MSG_COMPAT) { 1025 if (mtod(control, struct cmsghdr *)->cmsg_level != 1026 SOL_SOCKET || 1027 mtod(control, struct cmsghdr *)->cmsg_type != 1028 SCM_RIGHTS) { 1029 mp->msg_controllen = 0; 1030 goto out; 1031 } 1032 control->m_len -= sizeof (struct cmsghdr); 1033 control->m_data += sizeof (struct cmsghdr); 1034 } 1035 #endif 1036 len = mp->msg_controllen; 1037 m = control; 1038 mp->msg_controllen = 0; 1039 ctlbuf = mp->msg_control; 1040 1041 while (m && len > 0) { 1042 unsigned int tocopy; 1043 1044 if (len >= m->m_len) 1045 tocopy = m->m_len; 1046 else { 1047 mp->msg_flags |= MSG_CTRUNC; 1048 tocopy = len; 1049 } 1050 1051 if ((error = copyout(mtod(m, caddr_t), 1052 ctlbuf, tocopy)) != 0) 1053 goto out; 1054 1055 ctlbuf += tocopy; 1056 len -= tocopy; 1057 m = m->m_next; 1058 } 1059 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control; 1060 } 1061 out: 1062 fputsock(so); 1063 mtx_unlock(&Giant); 1064 if (fromsa) 1065 FREE(fromsa, M_SONAME); 1066 if (control) 1067 m_freem(control); 1068 return (error); 1069 } 1070 1071 /* 1072 * MPSAFE 1073 */ 1074 int 1075 recvfrom(td, uap) 1076 struct thread *td; 1077 register struct recvfrom_args /* { 1078 int s; 1079 caddr_t buf; 1080 size_t len; 1081 int flags; 1082 caddr_t from; 1083 int *fromlenaddr; 1084 } */ *uap; 1085 { 1086 struct msghdr msg; 1087 struct iovec aiov; 1088 int error; 1089 1090 if (uap->fromlenaddr) { 1091 error = copyin(uap->fromlenaddr, 1092 &msg.msg_namelen, sizeof (msg.msg_namelen)); 1093 if (error) 1094 goto done2; 1095 } else { 1096 msg.msg_namelen = 0; 1097 } 1098 msg.msg_name = uap->from; 1099 msg.msg_iov = &aiov; 1100 msg.msg_iovlen = 1; 1101 aiov.iov_base = uap->buf; 1102 aiov.iov_len = uap->len; 1103 msg.msg_control = 0; 1104 msg.msg_flags = uap->flags; 1105 error = recvit(td, uap->s, &msg, uap->fromlenaddr); 1106 done2: 1107 return(error); 1108 } 1109 1110 #ifdef COMPAT_OLDSOCK 1111 /* 1112 * MPSAFE 1113 */ 1114 int 1115 orecvfrom(td, uap) 1116 struct thread *td; 1117 struct recvfrom_args *uap; 1118 { 1119 1120 uap->flags |= MSG_COMPAT; 1121 return (recvfrom(td, uap)); 1122 } 1123 #endif 1124 1125 1126 #ifdef COMPAT_OLDSOCK 1127 /* 1128 * MPSAFE 1129 */ 1130 int 1131 orecv(td, uap) 1132 struct thread *td; 1133 register struct orecv_args /* { 1134 int s; 1135 caddr_t buf; 1136 int len; 1137 int flags; 1138 } */ *uap; 1139 { 1140 struct msghdr msg; 1141 struct iovec aiov; 1142 int error; 1143 1144 msg.msg_name = 0; 1145 msg.msg_namelen = 0; 1146 msg.msg_iov = &aiov; 1147 msg.msg_iovlen = 1; 1148 aiov.iov_base = uap->buf; 1149 aiov.iov_len = uap->len; 1150 msg.msg_control = 0; 1151 msg.msg_flags = uap->flags; 1152 error = recvit(td, uap->s, &msg, NULL); 1153 return (error); 1154 } 1155 1156 /* 1157 * Old recvmsg. This code takes advantage of the fact that the old msghdr 1158 * overlays the new one, missing only the flags, and with the (old) access 1159 * rights where the control fields are now. 1160 * 1161 * MPSAFE 1162 */ 1163 int 1164 orecvmsg(td, uap) 1165 struct thread *td; 1166 register struct orecvmsg_args /* { 1167 int s; 1168 struct omsghdr *msg; 1169 int flags; 1170 } */ *uap; 1171 { 1172 struct msghdr msg; 1173 struct iovec aiov[UIO_SMALLIOV], *iov; 1174 int error; 1175 1176 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 1177 if (error) 1178 return (error); 1179 1180 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 1181 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 1182 error = EMSGSIZE; 1183 goto done2; 1184 } 1185 MALLOC(iov, struct iovec *, 1186 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 1187 M_WAITOK); 1188 } else { 1189 iov = aiov; 1190 } 1191 msg.msg_flags = uap->flags | MSG_COMPAT; 1192 error = copyin(msg.msg_iov, iov, 1193 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))); 1194 if (error) 1195 goto done; 1196 msg.msg_iov = iov; 1197 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen); 1198 1199 if (msg.msg_controllen && error == 0) 1200 error = copyout(&msg.msg_controllen, 1201 &uap->msg->msg_accrightslen, sizeof (int)); 1202 done: 1203 if (iov != aiov) 1204 FREE(iov, M_IOV); 1205 done2: 1206 return (error); 1207 } 1208 #endif 1209 1210 /* 1211 * MPSAFE 1212 */ 1213 int 1214 recvmsg(td, uap) 1215 struct thread *td; 1216 register struct recvmsg_args /* { 1217 int s; 1218 struct msghdr *msg; 1219 int flags; 1220 } */ *uap; 1221 { 1222 struct msghdr msg; 1223 struct iovec aiov[UIO_SMALLIOV], *uiov, *iov; 1224 register int error; 1225 1226 error = copyin(uap->msg, &msg, sizeof (msg)); 1227 if (error) 1228 goto done2; 1229 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) { 1230 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV) { 1231 error = EMSGSIZE; 1232 goto done2; 1233 } 1234 MALLOC(iov, struct iovec *, 1235 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV, 1236 M_WAITOK); 1237 } else { 1238 iov = aiov; 1239 } 1240 #ifdef COMPAT_OLDSOCK 1241 msg.msg_flags = uap->flags &~ MSG_COMPAT; 1242 #else 1243 msg.msg_flags = uap->flags; 1244 #endif 1245 uiov = msg.msg_iov; 1246 msg.msg_iov = iov; 1247 error = copyin(uiov, iov, 1248 (unsigned)(msg.msg_iovlen * sizeof (struct iovec))); 1249 if (error) 1250 goto done; 1251 error = recvit(td, uap->s, &msg, NULL); 1252 if (!error) { 1253 msg.msg_iov = uiov; 1254 error = copyout(&msg, uap->msg, sizeof(msg)); 1255 } 1256 done: 1257 if (iov != aiov) 1258 FREE(iov, M_IOV); 1259 done2: 1260 return (error); 1261 } 1262 1263 /* 1264 * MPSAFE 1265 */ 1266 /* ARGSUSED */ 1267 int 1268 shutdown(td, uap) 1269 struct thread *td; 1270 register struct shutdown_args /* { 1271 int s; 1272 int how; 1273 } */ *uap; 1274 { 1275 struct socket *so; 1276 int error; 1277 1278 mtx_lock(&Giant); 1279 if ((error = fgetsock(td, uap->s, &so, NULL)) == 0) { 1280 error = soshutdown(so, uap->how); 1281 fputsock(so); 1282 } 1283 mtx_unlock(&Giant); 1284 return(error); 1285 } 1286 1287 /* 1288 * MPSAFE 1289 */ 1290 /* ARGSUSED */ 1291 int 1292 setsockopt(td, uap) 1293 struct thread *td; 1294 register struct setsockopt_args /* { 1295 int s; 1296 int level; 1297 int name; 1298 caddr_t val; 1299 int valsize; 1300 } */ *uap; 1301 { 1302 struct socket *so; 1303 struct sockopt sopt; 1304 int error; 1305 1306 if (uap->val == 0 && uap->valsize != 0) 1307 return (EFAULT); 1308 if (uap->valsize < 0) 1309 return (EINVAL); 1310 1311 mtx_lock(&Giant); 1312 if ((error = fgetsock(td, uap->s, &so, NULL)) == 0) { 1313 sopt.sopt_dir = SOPT_SET; 1314 sopt.sopt_level = uap->level; 1315 sopt.sopt_name = uap->name; 1316 sopt.sopt_val = uap->val; 1317 sopt.sopt_valsize = uap->valsize; 1318 sopt.sopt_td = td; 1319 error = sosetopt(so, &sopt); 1320 fputsock(so); 1321 } 1322 mtx_unlock(&Giant); 1323 return(error); 1324 } 1325 1326 /* 1327 * MPSAFE 1328 */ 1329 /* ARGSUSED */ 1330 int 1331 getsockopt(td, uap) 1332 struct thread *td; 1333 register struct getsockopt_args /* { 1334 int s; 1335 int level; 1336 int name; 1337 caddr_t val; 1338 int *avalsize; 1339 } */ *uap; 1340 { 1341 int valsize, error; 1342 struct socket *so; 1343 struct sockopt sopt; 1344 1345 mtx_lock(&Giant); 1346 if ((error = fgetsock(td, uap->s, &so, NULL)) != 0) 1347 goto done2; 1348 if (uap->val) { 1349 error = copyin(uap->avalsize, &valsize, sizeof (valsize)); 1350 if (error) 1351 goto done1; 1352 if (valsize < 0) { 1353 error = EINVAL; 1354 goto done1; 1355 } 1356 } else { 1357 valsize = 0; 1358 } 1359 1360 sopt.sopt_dir = SOPT_GET; 1361 sopt.sopt_level = uap->level; 1362 sopt.sopt_name = uap->name; 1363 sopt.sopt_val = uap->val; 1364 sopt.sopt_valsize = (size_t)valsize; /* checked non-negative above */ 1365 sopt.sopt_td = td; 1366 1367 error = sogetopt(so, &sopt); 1368 if (error == 0) { 1369 valsize = sopt.sopt_valsize; 1370 error = copyout(&valsize, uap->avalsize, sizeof (valsize)); 1371 } 1372 done1: 1373 fputsock(so); 1374 done2: 1375 mtx_unlock(&Giant); 1376 return (error); 1377 } 1378 1379 /* 1380 * getsockname1() - Get socket name. 1381 * 1382 * MPSAFE 1383 */ 1384 /* ARGSUSED */ 1385 static int 1386 getsockname1(td, uap, compat) 1387 struct thread *td; 1388 register struct getsockname_args /* { 1389 int fdes; 1390 caddr_t asa; 1391 int *alen; 1392 } */ *uap; 1393 int compat; 1394 { 1395 struct socket *so; 1396 struct sockaddr *sa; 1397 int len, error; 1398 1399 mtx_lock(&Giant); 1400 if ((error = fgetsock(td, uap->fdes, &so, NULL)) != 0) 1401 goto done2; 1402 error = copyin(uap->alen, &len, sizeof (len)); 1403 if (error) 1404 goto done1; 1405 if (len < 0) { 1406 error = EINVAL; 1407 goto done1; 1408 } 1409 sa = 0; 1410 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, &sa); 1411 if (error) 1412 goto bad; 1413 if (sa == 0) { 1414 len = 0; 1415 goto gotnothing; 1416 } 1417 1418 len = MIN(len, sa->sa_len); 1419 #ifdef COMPAT_OLDSOCK 1420 if (compat) 1421 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1422 #endif 1423 error = copyout(sa, uap->asa, (u_int)len); 1424 if (error == 0) 1425 gotnothing: 1426 error = copyout(&len, uap->alen, sizeof (len)); 1427 bad: 1428 if (sa) 1429 FREE(sa, M_SONAME); 1430 done1: 1431 fputsock(so); 1432 done2: 1433 mtx_unlock(&Giant); 1434 return (error); 1435 } 1436 1437 /* 1438 * MPSAFE 1439 */ 1440 int 1441 getsockname(td, uap) 1442 struct thread *td; 1443 struct getsockname_args *uap; 1444 { 1445 1446 return (getsockname1(td, uap, 0)); 1447 } 1448 1449 #ifdef COMPAT_OLDSOCK 1450 /* 1451 * MPSAFE 1452 */ 1453 int 1454 ogetsockname(td, uap) 1455 struct thread *td; 1456 struct getsockname_args *uap; 1457 { 1458 1459 return (getsockname1(td, uap, 1)); 1460 } 1461 #endif /* COMPAT_OLDSOCK */ 1462 1463 /* 1464 * getpeername1() - Get name of peer for connected socket. 1465 * 1466 * MPSAFE 1467 */ 1468 /* ARGSUSED */ 1469 static int 1470 getpeername1(td, uap, compat) 1471 struct thread *td; 1472 register struct getpeername_args /* { 1473 int fdes; 1474 caddr_t asa; 1475 int *alen; 1476 } */ *uap; 1477 int compat; 1478 { 1479 struct socket *so; 1480 struct sockaddr *sa; 1481 int len, error; 1482 1483 mtx_lock(&Giant); 1484 if ((error = fgetsock(td, uap->fdes, &so, NULL)) != 0) 1485 goto done2; 1486 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) { 1487 error = ENOTCONN; 1488 goto done1; 1489 } 1490 error = copyin(uap->alen, &len, sizeof (len)); 1491 if (error) 1492 goto done1; 1493 if (len < 0) { 1494 error = EINVAL; 1495 goto done1; 1496 } 1497 sa = 0; 1498 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, &sa); 1499 if (error) 1500 goto bad; 1501 if (sa == 0) { 1502 len = 0; 1503 goto gotnothing; 1504 } 1505 len = MIN(len, sa->sa_len); 1506 #ifdef COMPAT_OLDSOCK 1507 if (compat) 1508 ((struct osockaddr *)sa)->sa_family = 1509 sa->sa_family; 1510 #endif 1511 error = copyout(sa, uap->asa, (u_int)len); 1512 if (error) 1513 goto bad; 1514 gotnothing: 1515 error = copyout(&len, uap->alen, sizeof (len)); 1516 bad: 1517 if (sa) 1518 FREE(sa, M_SONAME); 1519 done1: 1520 fputsock(so); 1521 done2: 1522 mtx_unlock(&Giant); 1523 return (error); 1524 } 1525 1526 /* 1527 * MPSAFE 1528 */ 1529 int 1530 getpeername(td, uap) 1531 struct thread *td; 1532 struct getpeername_args *uap; 1533 { 1534 1535 return (getpeername1(td, uap, 0)); 1536 } 1537 1538 #ifdef COMPAT_OLDSOCK 1539 /* 1540 * MPSAFE 1541 */ 1542 int 1543 ogetpeername(td, uap) 1544 struct thread *td; 1545 struct ogetpeername_args *uap; 1546 { 1547 1548 /* XXX uap should have type `getpeername_args *' to begin with. */ 1549 return (getpeername1(td, (struct getpeername_args *)uap, 1)); 1550 } 1551 #endif /* COMPAT_OLDSOCK */ 1552 1553 int 1554 sockargs(mp, buf, buflen, type) 1555 struct mbuf **mp; 1556 caddr_t buf; 1557 int buflen, type; 1558 { 1559 register struct sockaddr *sa; 1560 register struct mbuf *m; 1561 int error; 1562 1563 if ((u_int)buflen > MLEN) { 1564 #ifdef COMPAT_OLDSOCK 1565 if (type == MT_SONAME && (u_int)buflen <= 112) 1566 buflen = MLEN; /* unix domain compat. hack */ 1567 else 1568 #endif 1569 return (EINVAL); 1570 } 1571 m = m_get(M_TRYWAIT, type); 1572 if (m == NULL) 1573 return (ENOBUFS); 1574 m->m_len = buflen; 1575 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen); 1576 if (error) 1577 (void) m_free(m); 1578 else { 1579 *mp = m; 1580 if (type == MT_SONAME) { 1581 sa = mtod(m, struct sockaddr *); 1582 1583 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1584 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1585 sa->sa_family = sa->sa_len; 1586 #endif 1587 sa->sa_len = buflen; 1588 } 1589 } 1590 return (error); 1591 } 1592 1593 int 1594 getsockaddr(namp, uaddr, len) 1595 struct sockaddr **namp; 1596 caddr_t uaddr; 1597 size_t len; 1598 { 1599 struct sockaddr *sa; 1600 int error; 1601 1602 if (len > SOCK_MAXADDRLEN) 1603 return ENAMETOOLONG; 1604 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK); 1605 error = copyin(uaddr, sa, len); 1606 if (error) { 1607 FREE(sa, M_SONAME); 1608 } else { 1609 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1610 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1611 sa->sa_family = sa->sa_len; 1612 #endif 1613 sa->sa_len = len; 1614 *namp = sa; 1615 } 1616 return error; 1617 } 1618 1619 /* 1620 * sendfile(2) 1621 * 1622 * MPSAFE 1623 * 1624 * int sendfile(int fd, int s, off_t offset, size_t nbytes, 1625 * struct sf_hdtr *hdtr, off_t *sbytes, int flags) 1626 * 1627 * Send a file specified by 'fd' and starting at 'offset' to a socket 1628 * specified by 's'. Send only 'nbytes' of the file or until EOF if 1629 * nbytes == 0. Optionally add a header and/or trailer to the socket 1630 * output. If specified, write the total number of bytes sent into *sbytes. 1631 * 1632 */ 1633 int 1634 sendfile(struct thread *td, struct sendfile_args *uap) 1635 { 1636 1637 return (do_sendfile(td, uap, 0)); 1638 } 1639 1640 #ifdef COMPAT_FREEBSD4 1641 int 1642 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap) 1643 { 1644 struct sendfile_args args; 1645 1646 args.fd = uap->fd; 1647 args.s = uap->s; 1648 args.offset = uap->offset; 1649 args.nbytes = uap->nbytes; 1650 args.hdtr = uap->hdtr; 1651 args.sbytes = uap->sbytes; 1652 args.flags = uap->flags; 1653 1654 return (do_sendfile(td, &args, 1)); 1655 } 1656 #endif /* COMPAT_FREEBSD4 */ 1657 1658 static int 1659 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat) 1660 { 1661 struct vnode *vp; 1662 struct vm_object *obj; 1663 struct socket *so = NULL; 1664 struct mbuf *m; 1665 struct sf_buf *sf; 1666 struct vm_page *pg; 1667 struct writev_args nuap; 1668 struct sf_hdtr hdtr; 1669 off_t off, xfsize, hdtr_size, sbytes = 0; 1670 int error, s; 1671 1672 mtx_lock(&Giant); 1673 1674 hdtr_size = 0; 1675 1676 /* 1677 * The descriptor must be a regular file and have a backing VM object. 1678 */ 1679 if ((error = fgetvp_read(td, uap->fd, &vp)) != 0) 1680 goto done; 1681 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1682 if (vp->v_type != VREG || VOP_GETVOBJECT(vp, &obj) != 0) { 1683 error = EINVAL; 1684 VOP_UNLOCK(vp, 0, td); 1685 goto done; 1686 } 1687 VOP_UNLOCK(vp, 0, td); 1688 if ((error = fgetsock(td, uap->s, &so, NULL)) != 0) 1689 goto done; 1690 if (so->so_type != SOCK_STREAM) { 1691 error = EINVAL; 1692 goto done; 1693 } 1694 if ((so->so_state & SS_ISCONNECTED) == 0) { 1695 error = ENOTCONN; 1696 goto done; 1697 } 1698 if (uap->offset < 0) { 1699 error = EINVAL; 1700 goto done; 1701 } 1702 1703 #ifdef MAC 1704 error = mac_check_socket_send(td->td_ucred, so); 1705 if (error) 1706 goto done; 1707 #endif 1708 1709 /* 1710 * If specified, get the pointer to the sf_hdtr struct for 1711 * any headers/trailers. 1712 */ 1713 if (uap->hdtr != NULL) { 1714 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr)); 1715 if (error) 1716 goto done; 1717 /* 1718 * Send any headers. Wimp out and use writev(2). 1719 */ 1720 if (hdtr.headers != NULL) { 1721 nuap.fd = uap->s; 1722 nuap.iovp = hdtr.headers; 1723 nuap.iovcnt = hdtr.hdr_cnt; 1724 error = writev(td, &nuap); 1725 if (error) 1726 goto done; 1727 if (compat) 1728 sbytes += td->td_retval[0]; 1729 else 1730 hdtr_size += td->td_retval[0]; 1731 } 1732 } 1733 1734 /* 1735 * Protect against multiple writers to the socket. 1736 */ 1737 (void) sblock(&so->so_snd, M_WAITOK); 1738 1739 /* 1740 * Loop through the pages in the file, starting with the requested 1741 * offset. Get a file page (do I/O if necessary), map the file page 1742 * into an sf_buf, attach an mbuf header to the sf_buf, and queue 1743 * it on the socket. 1744 */ 1745 for (off = uap->offset; ; off += xfsize, sbytes += xfsize) { 1746 vm_pindex_t pindex; 1747 vm_offset_t pgoff; 1748 1749 pindex = OFF_TO_IDX(off); 1750 VM_OBJECT_LOCK(obj); 1751 retry_lookup: 1752 /* 1753 * Calculate the amount to transfer. Not to exceed a page, 1754 * the EOF, or the passed in nbytes. 1755 */ 1756 xfsize = obj->un_pager.vnp.vnp_size - off; 1757 VM_OBJECT_UNLOCK(obj); 1758 if (xfsize > PAGE_SIZE) 1759 xfsize = PAGE_SIZE; 1760 pgoff = (vm_offset_t)(off & PAGE_MASK); 1761 if (PAGE_SIZE - pgoff < xfsize) 1762 xfsize = PAGE_SIZE - pgoff; 1763 if (uap->nbytes && xfsize > (uap->nbytes - sbytes)) 1764 xfsize = uap->nbytes - sbytes; 1765 if (xfsize <= 0) 1766 break; 1767 /* 1768 * Optimize the non-blocking case by looking at the socket space 1769 * before going to the extra work of constituting the sf_buf. 1770 */ 1771 if ((so->so_state & SS_NBIO) && sbspace(&so->so_snd) <= 0) { 1772 if (so->so_state & SS_CANTSENDMORE) 1773 error = EPIPE; 1774 else 1775 error = EAGAIN; 1776 sbunlock(&so->so_snd); 1777 goto done; 1778 } 1779 VM_OBJECT_LOCK(obj); 1780 /* 1781 * Attempt to look up the page. 1782 * 1783 * Allocate if not found 1784 * 1785 * Wait and loop if busy. 1786 */ 1787 pg = vm_page_lookup(obj, pindex); 1788 1789 if (pg == NULL) { 1790 pg = vm_page_alloc(obj, pindex, 1791 VM_ALLOC_NORMAL | VM_ALLOC_WIRED); 1792 if (pg == NULL) { 1793 VM_OBJECT_UNLOCK(obj); 1794 VM_WAIT; 1795 VM_OBJECT_LOCK(obj); 1796 goto retry_lookup; 1797 } 1798 vm_page_lock_queues(); 1799 vm_page_wakeup(pg); 1800 } else { 1801 vm_page_lock_queues(); 1802 if (vm_page_sleep_if_busy(pg, TRUE, "sfpbsy")) 1803 goto retry_lookup; 1804 /* 1805 * Wire the page so it does not get ripped out from 1806 * under us. 1807 */ 1808 vm_page_wire(pg); 1809 } 1810 1811 /* 1812 * If page is not valid for what we need, initiate I/O 1813 */ 1814 1815 if (!pg->valid || !vm_page_is_valid(pg, pgoff, xfsize)) { 1816 int bsize, resid; 1817 1818 /* 1819 * Ensure that our page is still around when the I/O 1820 * completes. 1821 */ 1822 vm_page_io_start(pg); 1823 vm_page_unlock_queues(); 1824 VM_OBJECT_UNLOCK(obj); 1825 1826 /* 1827 * Get the page from backing store. 1828 */ 1829 bsize = vp->v_mount->mnt_stat.f_iosize; 1830 vn_lock(vp, LK_SHARED | LK_NOPAUSE | LK_RETRY, td); 1831 /* 1832 * XXXMAC: Because we don't have fp->f_cred here, 1833 * we pass in NOCRED. This is probably wrong, but 1834 * is consistent with our original implementation. 1835 */ 1836 error = vn_rdwr(UIO_READ, vp, NULL, MAXBSIZE, 1837 trunc_page(off), UIO_NOCOPY, IO_NODELOCKED | 1838 IO_VMIO | ((MAXBSIZE / bsize) << 16), 1839 td->td_ucred, NOCRED, &resid, td); 1840 VOP_UNLOCK(vp, 0, td); 1841 if (error) 1842 VM_OBJECT_LOCK(obj); 1843 vm_page_lock_queues(); 1844 vm_page_flag_clear(pg, PG_ZERO); 1845 vm_page_io_finish(pg); 1846 if (error) { 1847 vm_page_unwire(pg, 0); 1848 /* 1849 * See if anyone else might know about this page. 1850 * If not and it is not valid, then free it. 1851 */ 1852 if (pg->wire_count == 0 && pg->valid == 0 && 1853 pg->busy == 0 && !(pg->flags & PG_BUSY) && 1854 pg->hold_count == 0) { 1855 vm_page_busy(pg); 1856 vm_page_free(pg); 1857 } 1858 vm_page_unlock_queues(); 1859 VM_OBJECT_UNLOCK(obj); 1860 sbunlock(&so->so_snd); 1861 goto done; 1862 } 1863 } else 1864 VM_OBJECT_UNLOCK(obj); 1865 vm_page_unlock_queues(); 1866 1867 /* 1868 * Get a sendfile buf. We usually wait as long as necessary, 1869 * but this wait can be interrupted. 1870 */ 1871 if ((sf = sf_buf_alloc(pg)) == NULL) { 1872 vm_page_lock_queues(); 1873 vm_page_unwire(pg, 0); 1874 if (pg->wire_count == 0 && pg->object == NULL) 1875 vm_page_free(pg); 1876 vm_page_unlock_queues(); 1877 sbunlock(&so->so_snd); 1878 error = EINTR; 1879 goto done; 1880 } 1881 1882 /* 1883 * Get an mbuf header and set it up as having external storage. 1884 */ 1885 MGETHDR(m, M_TRYWAIT, MT_DATA); 1886 if (m == NULL) { 1887 error = ENOBUFS; 1888 sf_buf_free((void *)sf->kva, sf); 1889 sbunlock(&so->so_snd); 1890 goto done; 1891 } 1892 /* 1893 * Setup external storage for mbuf. 1894 */ 1895 MEXTADD(m, sf->kva, PAGE_SIZE, sf_buf_free, sf, M_RDONLY, 1896 EXT_SFBUF); 1897 m->m_data = (char *) sf->kva + pgoff; 1898 m->m_pkthdr.len = m->m_len = xfsize; 1899 /* 1900 * Add the buffer to the socket buffer chain. 1901 */ 1902 s = splnet(); 1903 retry_space: 1904 /* 1905 * Make sure that the socket is still able to take more data. 1906 * CANTSENDMORE being true usually means that the connection 1907 * was closed. so_error is true when an error was sensed after 1908 * a previous send. 1909 * The state is checked after the page mapping and buffer 1910 * allocation above since those operations may block and make 1911 * any socket checks stale. From this point forward, nothing 1912 * blocks before the pru_send (or more accurately, any blocking 1913 * results in a loop back to here to re-check). 1914 */ 1915 if ((so->so_state & SS_CANTSENDMORE) || so->so_error) { 1916 if (so->so_state & SS_CANTSENDMORE) { 1917 error = EPIPE; 1918 } else { 1919 error = so->so_error; 1920 so->so_error = 0; 1921 } 1922 m_freem(m); 1923 sbunlock(&so->so_snd); 1924 splx(s); 1925 goto done; 1926 } 1927 /* 1928 * Wait for socket space to become available. We do this just 1929 * after checking the connection state above in order to avoid 1930 * a race condition with sbwait(). 1931 */ 1932 if (sbspace(&so->so_snd) < so->so_snd.sb_lowat) { 1933 if (so->so_state & SS_NBIO) { 1934 m_freem(m); 1935 sbunlock(&so->so_snd); 1936 splx(s); 1937 error = EAGAIN; 1938 goto done; 1939 } 1940 error = sbwait(&so->so_snd); 1941 /* 1942 * An error from sbwait usually indicates that we've 1943 * been interrupted by a signal. If we've sent anything 1944 * then return bytes sent, otherwise return the error. 1945 */ 1946 if (error) { 1947 m_freem(m); 1948 sbunlock(&so->so_snd); 1949 splx(s); 1950 goto done; 1951 } 1952 goto retry_space; 1953 } 1954 error = (*so->so_proto->pr_usrreqs->pru_send)(so, 0, m, 0, 0, td); 1955 splx(s); 1956 if (error) { 1957 sbunlock(&so->so_snd); 1958 goto done; 1959 } 1960 } 1961 sbunlock(&so->so_snd); 1962 1963 /* 1964 * Send trailers. Wimp out and use writev(2). 1965 */ 1966 if (uap->hdtr != NULL && hdtr.trailers != NULL) { 1967 nuap.fd = uap->s; 1968 nuap.iovp = hdtr.trailers; 1969 nuap.iovcnt = hdtr.trl_cnt; 1970 error = writev(td, &nuap); 1971 if (error) 1972 goto done; 1973 if (compat) 1974 sbytes += td->td_retval[0]; 1975 else 1976 hdtr_size += td->td_retval[0]; 1977 } 1978 1979 done: 1980 /* 1981 * If there was no error we have to clear td->td_retval[0] 1982 * because it may have been set by writev. 1983 */ 1984 if (error == 0) { 1985 td->td_retval[0] = 0; 1986 } 1987 if (uap->sbytes != NULL) { 1988 if (!compat) 1989 sbytes += hdtr_size; 1990 copyout(&sbytes, uap->sbytes, sizeof(off_t)); 1991 } 1992 if (vp) 1993 vrele(vp); 1994 if (so) 1995 fputsock(so); 1996 mtx_unlock(&Giant); 1997 return (error); 1998 } 1999