1 /*- 2 * Copyright (c) 1982, 1986, 1989, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * sendfile(2) and related extensions: 6 * Copyright (c) 1998, David Greenman. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 4. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 * 32 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #include "opt_sctp.h" 39 #include "opt_compat.h" 40 #include "opt_ktrace.h" 41 #include "opt_mac.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/kernel.h> 46 #include <sys/lock.h> 47 #include <sys/mutex.h> 48 #include <sys/sysproto.h> 49 #include <sys/malloc.h> 50 #include <sys/filedesc.h> 51 #include <sys/event.h> 52 #include <sys/proc.h> 53 #include <sys/fcntl.h> 54 #include <sys/file.h> 55 #include <sys/filio.h> 56 #include <sys/mount.h> 57 #include <sys/mbuf.h> 58 #include <sys/protosw.h> 59 #include <sys/sf_buf.h> 60 #include <sys/socket.h> 61 #include <sys/socketvar.h> 62 #include <sys/signalvar.h> 63 #include <sys/syscallsubr.h> 64 #include <sys/sysctl.h> 65 #include <sys/uio.h> 66 #include <sys/vnode.h> 67 #ifdef KTRACE 68 #include <sys/ktrace.h> 69 #endif 70 71 #include <security/mac/mac_framework.h> 72 73 #include <vm/vm.h> 74 #include <vm/vm_object.h> 75 #include <vm/vm_page.h> 76 #include <vm/vm_pageout.h> 77 #include <vm/vm_kern.h> 78 #include <vm/vm_extern.h> 79 80 #ifdef SCTP 81 #include <netinet/sctp.h> 82 #include <netinet/sctp_peeloff.h> 83 #endif /* SCTP */ 84 85 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags); 86 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp); 87 88 static int accept1(struct thread *td, struct accept_args *uap, int compat); 89 static int do_sendfile(struct thread *td, struct sendfile_args *uap, int compat); 90 static int getsockname1(struct thread *td, struct getsockname_args *uap, 91 int compat); 92 static int getpeername1(struct thread *td, struct getpeername_args *uap, 93 int compat); 94 95 /* 96 * NSFBUFS-related variables and associated sysctls 97 */ 98 int nsfbufs; 99 int nsfbufspeak; 100 int nsfbufsused; 101 102 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, 103 "Maximum number of sendfile(2) sf_bufs available"); 104 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0, 105 "Number of sendfile(2) sf_bufs at peak usage"); 106 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0, 107 "Number of sendfile(2) sf_bufs in use"); 108 109 /* 110 * Convert a user file descriptor to a kernel file entry. A reference on the 111 * file entry is held upon returning. This is lighter weight than 112 * fgetsock(), which bumps the socket reference drops the file reference 113 * count instead, as this approach avoids several additional mutex operations 114 * associated with the additional reference count. If requested, return the 115 * open file flags. 116 */ 117 static int 118 getsock(struct filedesc *fdp, int fd, struct file **fpp, u_int *fflagp) 119 { 120 struct file *fp; 121 int error; 122 123 fp = NULL; 124 if (fdp == NULL) 125 error = EBADF; 126 else { 127 FILEDESC_LOCK_FAST(fdp); 128 fp = fget_locked(fdp, fd); 129 if (fp == NULL) 130 error = EBADF; 131 else if (fp->f_type != DTYPE_SOCKET) { 132 fp = NULL; 133 error = ENOTSOCK; 134 } else { 135 fhold(fp); 136 if (fflagp != NULL) 137 *fflagp = fp->f_flag; 138 error = 0; 139 } 140 FILEDESC_UNLOCK_FAST(fdp); 141 } 142 *fpp = fp; 143 return (error); 144 } 145 146 /* 147 * System call interface to the socket abstraction. 148 */ 149 #if defined(COMPAT_43) 150 #define COMPAT_OLDSOCK 151 #endif 152 153 int 154 socket(td, uap) 155 struct thread *td; 156 register struct socket_args /* { 157 int domain; 158 int type; 159 int protocol; 160 } */ *uap; 161 { 162 struct filedesc *fdp; 163 struct socket *so; 164 struct file *fp; 165 int fd, error; 166 167 #ifdef MAC 168 error = mac_check_socket_create(td->td_ucred, uap->domain, uap->type, 169 uap->protocol); 170 if (error) 171 return (error); 172 #endif 173 fdp = td->td_proc->p_fd; 174 error = falloc(td, &fp, &fd); 175 if (error) 176 return (error); 177 /* An extra reference on `fp' has been held for us by falloc(). */ 178 NET_LOCK_GIANT(); 179 error = socreate(uap->domain, &so, uap->type, uap->protocol, 180 td->td_ucred, td); 181 NET_UNLOCK_GIANT(); 182 if (error) { 183 fdclose(fdp, fp, fd, td); 184 } else { 185 FILEDESC_LOCK_FAST(fdp); 186 fp->f_data = so; /* already has ref count */ 187 fp->f_flag = FREAD|FWRITE; 188 fp->f_ops = &socketops; 189 fp->f_type = DTYPE_SOCKET; 190 FILEDESC_UNLOCK_FAST(fdp); 191 td->td_retval[0] = fd; 192 } 193 fdrop(fp, td); 194 return (error); 195 } 196 197 /* ARGSUSED */ 198 int 199 bind(td, uap) 200 struct thread *td; 201 register struct bind_args /* { 202 int s; 203 caddr_t name; 204 int namelen; 205 } */ *uap; 206 { 207 struct sockaddr *sa; 208 int error; 209 210 if ((error = getsockaddr(&sa, uap->name, uap->namelen)) != 0) 211 return (error); 212 213 error = kern_bind(td, uap->s, sa); 214 free(sa, M_SONAME); 215 return (error); 216 } 217 218 int 219 kern_bind(td, fd, sa) 220 struct thread *td; 221 int fd; 222 struct sockaddr *sa; 223 { 224 struct socket *so; 225 struct file *fp; 226 int error; 227 228 NET_LOCK_GIANT(); 229 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 230 if (error) 231 goto done2; 232 so = fp->f_data; 233 #ifdef MAC 234 SOCK_LOCK(so); 235 error = mac_check_socket_bind(td->td_ucred, so, sa); 236 SOCK_UNLOCK(so); 237 if (error) 238 goto done1; 239 #endif 240 error = sobind(so, sa, td); 241 #ifdef MAC 242 done1: 243 #endif 244 fdrop(fp, td); 245 done2: 246 NET_UNLOCK_GIANT(); 247 return (error); 248 } 249 250 /* ARGSUSED */ 251 int 252 listen(td, uap) 253 struct thread *td; 254 register struct listen_args /* { 255 int s; 256 int backlog; 257 } */ *uap; 258 { 259 struct socket *so; 260 struct file *fp; 261 int error; 262 263 NET_LOCK_GIANT(); 264 error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL); 265 if (error == 0) { 266 so = fp->f_data; 267 #ifdef MAC 268 SOCK_LOCK(so); 269 error = mac_check_socket_listen(td->td_ucred, so); 270 SOCK_UNLOCK(so); 271 if (error) 272 goto done; 273 #endif 274 error = solisten(so, uap->backlog, td); 275 #ifdef MAC 276 done: 277 #endif 278 fdrop(fp, td); 279 } 280 NET_UNLOCK_GIANT(); 281 return(error); 282 } 283 284 /* 285 * accept1() 286 */ 287 static int 288 accept1(td, uap, compat) 289 struct thread *td; 290 register struct accept_args /* { 291 int s; 292 struct sockaddr * __restrict name; 293 socklen_t * __restrict anamelen; 294 } */ *uap; 295 int compat; 296 { 297 struct sockaddr *name; 298 socklen_t namelen; 299 struct file *fp; 300 int error; 301 302 if (uap->name == NULL) 303 return (kern_accept(td, uap->s, NULL, NULL, NULL)); 304 305 error = copyin(uap->anamelen, &namelen, sizeof (namelen)); 306 if (error) 307 return (error); 308 309 error = kern_accept(td, uap->s, &name, &namelen, &fp); 310 311 /* 312 * return a namelen of zero for older code which might 313 * ignore the return value from accept. 314 */ 315 if (error) { 316 (void) copyout(&namelen, 317 uap->anamelen, sizeof(*uap->anamelen)); 318 return (error); 319 } 320 321 if (error == 0 && name != NULL) { 322 #ifdef COMPAT_OLDSOCK 323 if (compat) 324 ((struct osockaddr *)name)->sa_family = 325 name->sa_family; 326 #endif 327 error = copyout(name, uap->name, namelen); 328 } 329 if (error == 0) 330 error = copyout(&namelen, uap->anamelen, 331 sizeof(namelen)); 332 if (error) 333 fdclose(td->td_proc->p_fd, fp, td->td_retval[0], td); 334 fdrop(fp, td); 335 free(name, M_SONAME); 336 return (error); 337 } 338 339 int 340 kern_accept(struct thread *td, int s, struct sockaddr **name, 341 socklen_t *namelen, struct file **fp) 342 { 343 struct filedesc *fdp; 344 struct file *headfp, *nfp = NULL; 345 struct sockaddr *sa = NULL; 346 int error; 347 struct socket *head, *so; 348 int fd; 349 u_int fflag; 350 pid_t pgid; 351 int tmp; 352 353 if (name) { 354 *name = NULL; 355 if (*namelen < 0) 356 return (EINVAL); 357 } 358 359 fdp = td->td_proc->p_fd; 360 NET_LOCK_GIANT(); 361 error = getsock(fdp, s, &headfp, &fflag); 362 if (error) 363 goto done2; 364 head = headfp->f_data; 365 if ((head->so_options & SO_ACCEPTCONN) == 0) { 366 error = EINVAL; 367 goto done; 368 } 369 #ifdef MAC 370 SOCK_LOCK(head); 371 error = mac_check_socket_accept(td->td_ucred, head); 372 SOCK_UNLOCK(head); 373 if (error != 0) 374 goto done; 375 #endif 376 error = falloc(td, &nfp, &fd); 377 if (error) 378 goto done; 379 ACCEPT_LOCK(); 380 if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) { 381 ACCEPT_UNLOCK(); 382 error = EWOULDBLOCK; 383 goto noconnection; 384 } 385 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) { 386 if (head->so_rcv.sb_state & SBS_CANTRCVMORE) { 387 head->so_error = ECONNABORTED; 388 break; 389 } 390 error = msleep(&head->so_timeo, &accept_mtx, PSOCK | PCATCH, 391 "accept", 0); 392 if (error) { 393 ACCEPT_UNLOCK(); 394 goto noconnection; 395 } 396 } 397 if (head->so_error) { 398 error = head->so_error; 399 head->so_error = 0; 400 ACCEPT_UNLOCK(); 401 goto noconnection; 402 } 403 so = TAILQ_FIRST(&head->so_comp); 404 KASSERT(!(so->so_qstate & SQ_INCOMP), ("accept1: so SQ_INCOMP")); 405 KASSERT(so->so_qstate & SQ_COMP, ("accept1: so not SQ_COMP")); 406 407 /* 408 * Before changing the flags on the socket, we have to bump the 409 * reference count. Otherwise, if the protocol calls sofree(), 410 * the socket will be released due to a zero refcount. 411 */ 412 SOCK_LOCK(so); /* soref() and so_state update */ 413 soref(so); /* file descriptor reference */ 414 415 TAILQ_REMOVE(&head->so_comp, so, so_list); 416 head->so_qlen--; 417 so->so_state |= (head->so_state & SS_NBIO); 418 so->so_qstate &= ~SQ_COMP; 419 so->so_head = NULL; 420 421 SOCK_UNLOCK(so); 422 ACCEPT_UNLOCK(); 423 424 /* An extra reference on `nfp' has been held for us by falloc(). */ 425 td->td_retval[0] = fd; 426 427 /* connection has been removed from the listen queue */ 428 KNOTE_UNLOCKED(&head->so_rcv.sb_sel.si_note, 0); 429 430 pgid = fgetown(&head->so_sigio); 431 if (pgid != 0) 432 fsetown(pgid, &so->so_sigio); 433 434 FILE_LOCK(nfp); 435 nfp->f_data = so; /* nfp has ref count from falloc */ 436 nfp->f_flag = fflag; 437 nfp->f_ops = &socketops; 438 nfp->f_type = DTYPE_SOCKET; 439 FILE_UNLOCK(nfp); 440 /* Sync socket nonblocking/async state with file flags */ 441 tmp = fflag & FNONBLOCK; 442 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td); 443 tmp = fflag & FASYNC; 444 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td); 445 sa = 0; 446 error = soaccept(so, &sa); 447 if (error) { 448 /* 449 * return a namelen of zero for older code which might 450 * ignore the return value from accept. 451 */ 452 if (name) 453 *namelen = 0; 454 goto noconnection; 455 } 456 if (sa == NULL) { 457 if (name) 458 *namelen = 0; 459 goto done; 460 } 461 if (name) { 462 /* check sa_len before it is destroyed */ 463 if (*namelen > sa->sa_len) 464 *namelen = sa->sa_len; 465 *name = sa; 466 sa = NULL; 467 } 468 noconnection: 469 if (sa) 470 FREE(sa, M_SONAME); 471 472 /* 473 * close the new descriptor, assuming someone hasn't ripped it 474 * out from under us. 475 */ 476 if (error) 477 fdclose(fdp, nfp, fd, td); 478 479 /* 480 * Release explicitly held references before returning. We return 481 * a reference on nfp to the caller on success if they request it. 482 */ 483 done: 484 if (fp != NULL) { 485 if (error == 0) { 486 *fp = nfp; 487 nfp = NULL; 488 } else 489 *fp = NULL; 490 } 491 if (nfp != NULL) 492 fdrop(nfp, td); 493 fdrop(headfp, td); 494 done2: 495 NET_UNLOCK_GIANT(); 496 return (error); 497 } 498 499 int 500 accept(td, uap) 501 struct thread *td; 502 struct accept_args *uap; 503 { 504 505 return (accept1(td, uap, 0)); 506 } 507 508 #ifdef COMPAT_OLDSOCK 509 int 510 oaccept(td, uap) 511 struct thread *td; 512 struct accept_args *uap; 513 { 514 515 return (accept1(td, uap, 1)); 516 } 517 #endif /* COMPAT_OLDSOCK */ 518 519 /* ARGSUSED */ 520 int 521 connect(td, uap) 522 struct thread *td; 523 register struct connect_args /* { 524 int s; 525 caddr_t name; 526 int namelen; 527 } */ *uap; 528 { 529 struct sockaddr *sa; 530 int error; 531 532 error = getsockaddr(&sa, uap->name, uap->namelen); 533 if (error) 534 return (error); 535 536 error = kern_connect(td, uap->s, sa); 537 free(sa, M_SONAME); 538 return (error); 539 } 540 541 542 int 543 kern_connect(td, fd, sa) 544 struct thread *td; 545 int fd; 546 struct sockaddr *sa; 547 { 548 struct socket *so; 549 struct file *fp; 550 int error; 551 int interrupted = 0; 552 553 NET_LOCK_GIANT(); 554 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 555 if (error) 556 goto done2; 557 so = fp->f_data; 558 if (so->so_state & SS_ISCONNECTING) { 559 error = EALREADY; 560 goto done1; 561 } 562 #ifdef MAC 563 SOCK_LOCK(so); 564 error = mac_check_socket_connect(td->td_ucred, so, sa); 565 SOCK_UNLOCK(so); 566 if (error) 567 goto bad; 568 #endif 569 error = soconnect(so, sa, td); 570 if (error) 571 goto bad; 572 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) { 573 error = EINPROGRESS; 574 goto done1; 575 } 576 SOCK_LOCK(so); 577 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) { 578 error = msleep(&so->so_timeo, SOCK_MTX(so), PSOCK | PCATCH, 579 "connec", 0); 580 if (error) { 581 if (error == EINTR || error == ERESTART) 582 interrupted = 1; 583 break; 584 } 585 } 586 if (error == 0) { 587 error = so->so_error; 588 so->so_error = 0; 589 } 590 SOCK_UNLOCK(so); 591 bad: 592 if (!interrupted) 593 so->so_state &= ~SS_ISCONNECTING; 594 if (error == ERESTART) 595 error = EINTR; 596 done1: 597 fdrop(fp, td); 598 done2: 599 NET_UNLOCK_GIANT(); 600 return (error); 601 } 602 603 int 604 socketpair(td, uap) 605 struct thread *td; 606 register struct socketpair_args /* { 607 int domain; 608 int type; 609 int protocol; 610 int *rsv; 611 } */ *uap; 612 { 613 register struct filedesc *fdp = td->td_proc->p_fd; 614 struct file *fp1, *fp2; 615 struct socket *so1, *so2; 616 int fd, error, sv[2]; 617 618 #ifdef MAC 619 /* We might want to have a separate check for socket pairs. */ 620 error = mac_check_socket_create(td->td_ucred, uap->domain, uap->type, 621 uap->protocol); 622 if (error) 623 return (error); 624 #endif 625 626 NET_LOCK_GIANT(); 627 error = socreate(uap->domain, &so1, uap->type, uap->protocol, 628 td->td_ucred, td); 629 if (error) 630 goto done2; 631 error = socreate(uap->domain, &so2, uap->type, uap->protocol, 632 td->td_ucred, td); 633 if (error) 634 goto free1; 635 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ 636 error = falloc(td, &fp1, &fd); 637 if (error) 638 goto free2; 639 sv[0] = fd; 640 fp1->f_data = so1; /* so1 already has ref count */ 641 error = falloc(td, &fp2, &fd); 642 if (error) 643 goto free3; 644 fp2->f_data = so2; /* so2 already has ref count */ 645 sv[1] = fd; 646 error = soconnect2(so1, so2); 647 if (error) 648 goto free4; 649 if (uap->type == SOCK_DGRAM) { 650 /* 651 * Datagram socket connection is asymmetric. 652 */ 653 error = soconnect2(so2, so1); 654 if (error) 655 goto free4; 656 } 657 FILE_LOCK(fp1); 658 fp1->f_flag = FREAD|FWRITE; 659 fp1->f_ops = &socketops; 660 fp1->f_type = DTYPE_SOCKET; 661 FILE_UNLOCK(fp1); 662 FILE_LOCK(fp2); 663 fp2->f_flag = FREAD|FWRITE; 664 fp2->f_ops = &socketops; 665 fp2->f_type = DTYPE_SOCKET; 666 FILE_UNLOCK(fp2); 667 error = copyout(sv, uap->rsv, 2 * sizeof (int)); 668 fdrop(fp1, td); 669 fdrop(fp2, td); 670 goto done2; 671 free4: 672 fdclose(fdp, fp2, sv[1], td); 673 fdrop(fp2, td); 674 free3: 675 fdclose(fdp, fp1, sv[0], td); 676 fdrop(fp1, td); 677 free2: 678 (void)soclose(so2); 679 free1: 680 (void)soclose(so1); 681 done2: 682 NET_UNLOCK_GIANT(); 683 return (error); 684 } 685 686 static int 687 sendit(td, s, mp, flags) 688 register struct thread *td; 689 int s; 690 register struct msghdr *mp; 691 int flags; 692 { 693 struct mbuf *control; 694 struct sockaddr *to; 695 int error; 696 697 if (mp->msg_name != NULL) { 698 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); 699 if (error) { 700 to = NULL; 701 goto bad; 702 } 703 mp->msg_name = to; 704 } else { 705 to = NULL; 706 } 707 708 if (mp->msg_control) { 709 if (mp->msg_controllen < sizeof(struct cmsghdr) 710 #ifdef COMPAT_OLDSOCK 711 && mp->msg_flags != MSG_COMPAT 712 #endif 713 ) { 714 error = EINVAL; 715 goto bad; 716 } 717 error = sockargs(&control, mp->msg_control, 718 mp->msg_controllen, MT_CONTROL); 719 if (error) 720 goto bad; 721 #ifdef COMPAT_OLDSOCK 722 if (mp->msg_flags == MSG_COMPAT) { 723 register struct cmsghdr *cm; 724 725 M_PREPEND(control, sizeof(*cm), M_TRYWAIT); 726 if (control == 0) { 727 error = ENOBUFS; 728 goto bad; 729 } else { 730 cm = mtod(control, struct cmsghdr *); 731 cm->cmsg_len = control->m_len; 732 cm->cmsg_level = SOL_SOCKET; 733 cm->cmsg_type = SCM_RIGHTS; 734 } 735 } 736 #endif 737 } else { 738 control = NULL; 739 } 740 741 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE); 742 743 bad: 744 if (to) 745 FREE(to, M_SONAME); 746 return (error); 747 } 748 749 int 750 kern_sendit(td, s, mp, flags, control, segflg) 751 struct thread *td; 752 int s; 753 struct msghdr *mp; 754 int flags; 755 struct mbuf *control; 756 enum uio_seg segflg; 757 { 758 struct file *fp; 759 struct uio auio; 760 struct iovec *iov; 761 struct socket *so; 762 int i; 763 int len, error; 764 #ifdef KTRACE 765 struct uio *ktruio = NULL; 766 #endif 767 768 NET_LOCK_GIANT(); 769 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 770 if (error) 771 goto bad2; 772 so = (struct socket *)fp->f_data; 773 774 #ifdef MAC 775 SOCK_LOCK(so); 776 error = mac_check_socket_send(td->td_ucred, so); 777 SOCK_UNLOCK(so); 778 if (error) 779 goto bad; 780 #endif 781 782 auio.uio_iov = mp->msg_iov; 783 auio.uio_iovcnt = mp->msg_iovlen; 784 auio.uio_segflg = segflg; 785 auio.uio_rw = UIO_WRITE; 786 auio.uio_td = td; 787 auio.uio_offset = 0; /* XXX */ 788 auio.uio_resid = 0; 789 iov = mp->msg_iov; 790 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 791 if ((auio.uio_resid += iov->iov_len) < 0) { 792 error = EINVAL; 793 goto bad; 794 } 795 } 796 #ifdef KTRACE 797 if (KTRPOINT(td, KTR_GENIO)) 798 ktruio = cloneuio(&auio); 799 #endif 800 len = auio.uio_resid; 801 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td); 802 if (error) { 803 if (auio.uio_resid != len && (error == ERESTART || 804 error == EINTR || error == EWOULDBLOCK)) 805 error = 0; 806 /* Generation of SIGPIPE can be controlled per socket */ 807 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 808 !(flags & MSG_NOSIGNAL)) { 809 PROC_LOCK(td->td_proc); 810 psignal(td->td_proc, SIGPIPE); 811 PROC_UNLOCK(td->td_proc); 812 } 813 } 814 if (error == 0) 815 td->td_retval[0] = len - auio.uio_resid; 816 #ifdef KTRACE 817 if (ktruio != NULL) { 818 ktruio->uio_resid = td->td_retval[0]; 819 ktrgenio(s, UIO_WRITE, ktruio, error); 820 } 821 #endif 822 bad: 823 fdrop(fp, td); 824 bad2: 825 NET_UNLOCK_GIANT(); 826 return (error); 827 } 828 829 int 830 sendto(td, uap) 831 struct thread *td; 832 register struct sendto_args /* { 833 int s; 834 caddr_t buf; 835 size_t len; 836 int flags; 837 caddr_t to; 838 int tolen; 839 } */ *uap; 840 { 841 struct msghdr msg; 842 struct iovec aiov; 843 int error; 844 845 msg.msg_name = uap->to; 846 msg.msg_namelen = uap->tolen; 847 msg.msg_iov = &aiov; 848 msg.msg_iovlen = 1; 849 msg.msg_control = 0; 850 #ifdef COMPAT_OLDSOCK 851 msg.msg_flags = 0; 852 #endif 853 aiov.iov_base = uap->buf; 854 aiov.iov_len = uap->len; 855 error = sendit(td, uap->s, &msg, uap->flags); 856 return (error); 857 } 858 859 #ifdef COMPAT_OLDSOCK 860 int 861 osend(td, uap) 862 struct thread *td; 863 register struct osend_args /* { 864 int s; 865 caddr_t buf; 866 int len; 867 int flags; 868 } */ *uap; 869 { 870 struct msghdr msg; 871 struct iovec aiov; 872 int error; 873 874 msg.msg_name = 0; 875 msg.msg_namelen = 0; 876 msg.msg_iov = &aiov; 877 msg.msg_iovlen = 1; 878 aiov.iov_base = uap->buf; 879 aiov.iov_len = uap->len; 880 msg.msg_control = 0; 881 msg.msg_flags = 0; 882 error = sendit(td, uap->s, &msg, uap->flags); 883 return (error); 884 } 885 886 int 887 osendmsg(td, uap) 888 struct thread *td; 889 struct osendmsg_args /* { 890 int s; 891 caddr_t msg; 892 int flags; 893 } */ *uap; 894 { 895 struct msghdr msg; 896 struct iovec *iov; 897 int error; 898 899 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 900 if (error) 901 return (error); 902 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 903 if (error) 904 return (error); 905 msg.msg_iov = iov; 906 msg.msg_flags = MSG_COMPAT; 907 error = sendit(td, uap->s, &msg, uap->flags); 908 free(iov, M_IOV); 909 return (error); 910 } 911 #endif 912 913 int 914 sendmsg(td, uap) 915 struct thread *td; 916 struct sendmsg_args /* { 917 int s; 918 caddr_t msg; 919 int flags; 920 } */ *uap; 921 { 922 struct msghdr msg; 923 struct iovec *iov; 924 int error; 925 926 error = copyin(uap->msg, &msg, sizeof (msg)); 927 if (error) 928 return (error); 929 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 930 if (error) 931 return (error); 932 msg.msg_iov = iov; 933 #ifdef COMPAT_OLDSOCK 934 msg.msg_flags = 0; 935 #endif 936 error = sendit(td, uap->s, &msg, uap->flags); 937 free(iov, M_IOV); 938 return (error); 939 } 940 941 int 942 kern_recvit(td, s, mp, fromseg, controlp) 943 struct thread *td; 944 int s; 945 struct msghdr *mp; 946 enum uio_seg fromseg; 947 struct mbuf **controlp; 948 { 949 struct uio auio; 950 struct iovec *iov; 951 int i; 952 socklen_t len; 953 int error; 954 struct mbuf *m, *control = 0; 955 caddr_t ctlbuf; 956 struct file *fp; 957 struct socket *so; 958 struct sockaddr *fromsa = 0; 959 #ifdef KTRACE 960 struct uio *ktruio = NULL; 961 #endif 962 963 if(controlp != NULL) 964 *controlp = 0; 965 966 NET_LOCK_GIANT(); 967 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 968 if (error) { 969 NET_UNLOCK_GIANT(); 970 return (error); 971 } 972 so = fp->f_data; 973 974 #ifdef MAC 975 SOCK_LOCK(so); 976 error = mac_check_socket_receive(td->td_ucred, so); 977 SOCK_UNLOCK(so); 978 if (error) { 979 fdrop(fp, td); 980 NET_UNLOCK_GIANT(); 981 return (error); 982 } 983 #endif 984 985 auio.uio_iov = mp->msg_iov; 986 auio.uio_iovcnt = mp->msg_iovlen; 987 auio.uio_segflg = UIO_USERSPACE; 988 auio.uio_rw = UIO_READ; 989 auio.uio_td = td; 990 auio.uio_offset = 0; /* XXX */ 991 auio.uio_resid = 0; 992 iov = mp->msg_iov; 993 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 994 if ((auio.uio_resid += iov->iov_len) < 0) { 995 fdrop(fp, td); 996 NET_UNLOCK_GIANT(); 997 return (EINVAL); 998 } 999 } 1000 #ifdef KTRACE 1001 if (KTRPOINT(td, KTR_GENIO)) 1002 ktruio = cloneuio(&auio); 1003 #endif 1004 len = auio.uio_resid; 1005 error = soreceive(so, &fromsa, &auio, (struct mbuf **)0, 1006 (mp->msg_control || controlp) ? &control : (struct mbuf **)0, 1007 &mp->msg_flags); 1008 if (error) { 1009 if (auio.uio_resid != (int)len && (error == ERESTART || 1010 error == EINTR || error == EWOULDBLOCK)) 1011 error = 0; 1012 } 1013 #ifdef KTRACE 1014 if (ktruio != NULL) { 1015 ktruio->uio_resid = (int)len - auio.uio_resid; 1016 ktrgenio(s, UIO_READ, ktruio, error); 1017 } 1018 #endif 1019 if (error) 1020 goto out; 1021 td->td_retval[0] = (int)len - auio.uio_resid; 1022 if (mp->msg_name) { 1023 len = mp->msg_namelen; 1024 if (len <= 0 || fromsa == 0) 1025 len = 0; 1026 else { 1027 /* save sa_len before it is destroyed by MSG_COMPAT */ 1028 len = MIN(len, fromsa->sa_len); 1029 #ifdef COMPAT_OLDSOCK 1030 if (mp->msg_flags & MSG_COMPAT) 1031 ((struct osockaddr *)fromsa)->sa_family = 1032 fromsa->sa_family; 1033 #endif 1034 if (fromseg == UIO_USERSPACE) { 1035 error = copyout(fromsa, mp->msg_name, 1036 (unsigned)len); 1037 if (error) 1038 goto out; 1039 } else 1040 bcopy(fromsa, mp->msg_name, len); 1041 } 1042 mp->msg_namelen = len; 1043 } 1044 if (mp->msg_control && controlp == NULL) { 1045 #ifdef COMPAT_OLDSOCK 1046 /* 1047 * We assume that old recvmsg calls won't receive access 1048 * rights and other control info, esp. as control info 1049 * is always optional and those options didn't exist in 4.3. 1050 * If we receive rights, trim the cmsghdr; anything else 1051 * is tossed. 1052 */ 1053 if (control && mp->msg_flags & MSG_COMPAT) { 1054 if (mtod(control, struct cmsghdr *)->cmsg_level != 1055 SOL_SOCKET || 1056 mtod(control, struct cmsghdr *)->cmsg_type != 1057 SCM_RIGHTS) { 1058 mp->msg_controllen = 0; 1059 goto out; 1060 } 1061 control->m_len -= sizeof (struct cmsghdr); 1062 control->m_data += sizeof (struct cmsghdr); 1063 } 1064 #endif 1065 len = mp->msg_controllen; 1066 m = control; 1067 mp->msg_controllen = 0; 1068 ctlbuf = mp->msg_control; 1069 1070 while (m && len > 0) { 1071 unsigned int tocopy; 1072 1073 if (len >= m->m_len) 1074 tocopy = m->m_len; 1075 else { 1076 mp->msg_flags |= MSG_CTRUNC; 1077 tocopy = len; 1078 } 1079 1080 if ((error = copyout(mtod(m, caddr_t), 1081 ctlbuf, tocopy)) != 0) 1082 goto out; 1083 1084 ctlbuf += tocopy; 1085 len -= tocopy; 1086 m = m->m_next; 1087 } 1088 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control; 1089 } 1090 out: 1091 fdrop(fp, td); 1092 NET_UNLOCK_GIANT(); 1093 if (fromsa) 1094 FREE(fromsa, M_SONAME); 1095 1096 if (error == 0 && controlp != NULL) 1097 *controlp = control; 1098 else if (control) 1099 m_freem(control); 1100 1101 return (error); 1102 } 1103 1104 static int 1105 recvit(td, s, mp, namelenp) 1106 struct thread *td; 1107 int s; 1108 struct msghdr *mp; 1109 void *namelenp; 1110 { 1111 int error; 1112 1113 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL); 1114 if (error) 1115 return (error); 1116 if (namelenp) { 1117 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t)); 1118 #ifdef COMPAT_OLDSOCK 1119 if (mp->msg_flags & MSG_COMPAT) 1120 error = 0; /* old recvfrom didn't check */ 1121 #endif 1122 } 1123 return (error); 1124 } 1125 1126 int 1127 recvfrom(td, uap) 1128 struct thread *td; 1129 register struct recvfrom_args /* { 1130 int s; 1131 caddr_t buf; 1132 size_t len; 1133 int flags; 1134 struct sockaddr * __restrict from; 1135 socklen_t * __restrict fromlenaddr; 1136 } */ *uap; 1137 { 1138 struct msghdr msg; 1139 struct iovec aiov; 1140 int error; 1141 1142 if (uap->fromlenaddr) { 1143 error = copyin(uap->fromlenaddr, 1144 &msg.msg_namelen, sizeof (msg.msg_namelen)); 1145 if (error) 1146 goto done2; 1147 } else { 1148 msg.msg_namelen = 0; 1149 } 1150 msg.msg_name = uap->from; 1151 msg.msg_iov = &aiov; 1152 msg.msg_iovlen = 1; 1153 aiov.iov_base = uap->buf; 1154 aiov.iov_len = uap->len; 1155 msg.msg_control = 0; 1156 msg.msg_flags = uap->flags; 1157 error = recvit(td, uap->s, &msg, uap->fromlenaddr); 1158 done2: 1159 return(error); 1160 } 1161 1162 #ifdef COMPAT_OLDSOCK 1163 int 1164 orecvfrom(td, uap) 1165 struct thread *td; 1166 struct recvfrom_args *uap; 1167 { 1168 1169 uap->flags |= MSG_COMPAT; 1170 return (recvfrom(td, uap)); 1171 } 1172 #endif 1173 1174 #ifdef COMPAT_OLDSOCK 1175 int 1176 orecv(td, uap) 1177 struct thread *td; 1178 register struct orecv_args /* { 1179 int s; 1180 caddr_t buf; 1181 int len; 1182 int flags; 1183 } */ *uap; 1184 { 1185 struct msghdr msg; 1186 struct iovec aiov; 1187 int error; 1188 1189 msg.msg_name = 0; 1190 msg.msg_namelen = 0; 1191 msg.msg_iov = &aiov; 1192 msg.msg_iovlen = 1; 1193 aiov.iov_base = uap->buf; 1194 aiov.iov_len = uap->len; 1195 msg.msg_control = 0; 1196 msg.msg_flags = uap->flags; 1197 error = recvit(td, uap->s, &msg, NULL); 1198 return (error); 1199 } 1200 1201 /* 1202 * Old recvmsg. This code takes advantage of the fact that the old msghdr 1203 * overlays the new one, missing only the flags, and with the (old) access 1204 * rights where the control fields are now. 1205 */ 1206 int 1207 orecvmsg(td, uap) 1208 struct thread *td; 1209 struct orecvmsg_args /* { 1210 int s; 1211 struct omsghdr *msg; 1212 int flags; 1213 } */ *uap; 1214 { 1215 struct msghdr msg; 1216 struct iovec *iov; 1217 int error; 1218 1219 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 1220 if (error) 1221 return (error); 1222 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1223 if (error) 1224 return (error); 1225 msg.msg_flags = uap->flags | MSG_COMPAT; 1226 msg.msg_iov = iov; 1227 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen); 1228 if (msg.msg_controllen && error == 0) 1229 error = copyout(&msg.msg_controllen, 1230 &uap->msg->msg_accrightslen, sizeof (int)); 1231 free(iov, M_IOV); 1232 return (error); 1233 } 1234 #endif 1235 1236 int 1237 recvmsg(td, uap) 1238 struct thread *td; 1239 struct recvmsg_args /* { 1240 int s; 1241 struct msghdr *msg; 1242 int flags; 1243 } */ *uap; 1244 { 1245 struct msghdr msg; 1246 struct iovec *uiov, *iov; 1247 int error; 1248 1249 error = copyin(uap->msg, &msg, sizeof (msg)); 1250 if (error) 1251 return (error); 1252 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1253 if (error) 1254 return (error); 1255 msg.msg_flags = uap->flags; 1256 #ifdef COMPAT_OLDSOCK 1257 msg.msg_flags &= ~MSG_COMPAT; 1258 #endif 1259 uiov = msg.msg_iov; 1260 msg.msg_iov = iov; 1261 error = recvit(td, uap->s, &msg, NULL); 1262 if (error == 0) { 1263 msg.msg_iov = uiov; 1264 error = copyout(&msg, uap->msg, sizeof(msg)); 1265 } 1266 free(iov, M_IOV); 1267 return (error); 1268 } 1269 1270 /* ARGSUSED */ 1271 int 1272 shutdown(td, uap) 1273 struct thread *td; 1274 register struct shutdown_args /* { 1275 int s; 1276 int how; 1277 } */ *uap; 1278 { 1279 struct socket *so; 1280 struct file *fp; 1281 int error; 1282 1283 NET_LOCK_GIANT(); 1284 error = getsock(td->td_proc->p_fd, uap->s, &fp, NULL); 1285 if (error == 0) { 1286 so = fp->f_data; 1287 error = soshutdown(so, uap->how); 1288 fdrop(fp, td); 1289 } 1290 NET_UNLOCK_GIANT(); 1291 return (error); 1292 } 1293 1294 /* ARGSUSED */ 1295 int 1296 setsockopt(td, uap) 1297 struct thread *td; 1298 register struct setsockopt_args /* { 1299 int s; 1300 int level; 1301 int name; 1302 caddr_t val; 1303 int valsize; 1304 } */ *uap; 1305 { 1306 1307 return (kern_setsockopt(td, uap->s, uap->level, uap->name, 1308 uap->val, UIO_USERSPACE, uap->valsize)); 1309 } 1310 1311 int 1312 kern_setsockopt(td, s, level, name, val, valseg, valsize) 1313 struct thread *td; 1314 int s; 1315 int level; 1316 int name; 1317 void *val; 1318 enum uio_seg valseg; 1319 socklen_t valsize; 1320 { 1321 int error; 1322 struct socket *so; 1323 struct file *fp; 1324 struct sockopt sopt; 1325 1326 if (val == NULL && valsize != 0) 1327 return (EFAULT); 1328 if ((int)valsize < 0) 1329 return (EINVAL); 1330 1331 sopt.sopt_dir = SOPT_SET; 1332 sopt.sopt_level = level; 1333 sopt.sopt_name = name; 1334 sopt.sopt_val = val; 1335 sopt.sopt_valsize = valsize; 1336 switch (valseg) { 1337 case UIO_USERSPACE: 1338 sopt.sopt_td = td; 1339 break; 1340 case UIO_SYSSPACE: 1341 sopt.sopt_td = NULL; 1342 break; 1343 default: 1344 panic("kern_setsockopt called with bad valseg"); 1345 } 1346 1347 NET_LOCK_GIANT(); 1348 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 1349 if (error == 0) { 1350 so = fp->f_data; 1351 error = sosetopt(so, &sopt); 1352 fdrop(fp, td); 1353 } 1354 NET_UNLOCK_GIANT(); 1355 return(error); 1356 } 1357 1358 /* ARGSUSED */ 1359 int 1360 getsockopt(td, uap) 1361 struct thread *td; 1362 register struct getsockopt_args /* { 1363 int s; 1364 int level; 1365 int name; 1366 void * __restrict val; 1367 socklen_t * __restrict avalsize; 1368 } */ *uap; 1369 { 1370 socklen_t valsize; 1371 int error; 1372 1373 if (uap->val) { 1374 error = copyin(uap->avalsize, &valsize, sizeof (valsize)); 1375 if (error) 1376 return (error); 1377 } 1378 1379 error = kern_getsockopt(td, uap->s, uap->level, uap->name, 1380 uap->val, UIO_USERSPACE, &valsize); 1381 1382 if (error == 0) 1383 error = copyout(&valsize, uap->avalsize, sizeof (valsize)); 1384 return (error); 1385 } 1386 1387 /* 1388 * Kernel version of getsockopt. 1389 * optval can be a userland or userspace. optlen is always a kernel pointer. 1390 */ 1391 int 1392 kern_getsockopt(td, s, level, name, val, valseg, valsize) 1393 struct thread *td; 1394 int s; 1395 int level; 1396 int name; 1397 void *val; 1398 enum uio_seg valseg; 1399 socklen_t *valsize; 1400 { 1401 int error; 1402 struct socket *so; 1403 struct file *fp; 1404 struct sockopt sopt; 1405 1406 if (val == NULL) 1407 *valsize = 0; 1408 if ((int)*valsize < 0) 1409 return (EINVAL); 1410 1411 sopt.sopt_dir = SOPT_GET; 1412 sopt.sopt_level = level; 1413 sopt.sopt_name = name; 1414 sopt.sopt_val = val; 1415 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */ 1416 switch (valseg) { 1417 case UIO_USERSPACE: 1418 sopt.sopt_td = td; 1419 break; 1420 case UIO_SYSSPACE: 1421 sopt.sopt_td = NULL; 1422 break; 1423 default: 1424 panic("kern_getsockopt called with bad valseg"); 1425 } 1426 1427 NET_LOCK_GIANT(); 1428 error = getsock(td->td_proc->p_fd, s, &fp, NULL); 1429 if (error == 0) { 1430 so = fp->f_data; 1431 error = sogetopt(so, &sopt); 1432 *valsize = sopt.sopt_valsize; 1433 fdrop(fp, td); 1434 } 1435 NET_UNLOCK_GIANT(); 1436 return (error); 1437 } 1438 1439 /* 1440 * getsockname1() - Get socket name. 1441 */ 1442 /* ARGSUSED */ 1443 static int 1444 getsockname1(td, uap, compat) 1445 struct thread *td; 1446 register struct getsockname_args /* { 1447 int fdes; 1448 struct sockaddr * __restrict asa; 1449 socklen_t * __restrict alen; 1450 } */ *uap; 1451 int compat; 1452 { 1453 struct sockaddr *sa; 1454 socklen_t len; 1455 int error; 1456 1457 error = copyin(uap->alen, &len, sizeof(len)); 1458 if (error) 1459 return (error); 1460 1461 error = kern_getsockname(td, uap->fdes, &sa, &len); 1462 if (error) 1463 return (error); 1464 1465 if (len != 0) { 1466 #ifdef COMPAT_OLDSOCK 1467 if (compat) 1468 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1469 #endif 1470 error = copyout(sa, uap->asa, (u_int)len); 1471 } 1472 free(sa, M_SONAME); 1473 if (error == 0) 1474 error = copyout(&len, uap->alen, sizeof(len)); 1475 return (error); 1476 } 1477 1478 int 1479 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa, 1480 socklen_t *alen) 1481 { 1482 struct socket *so; 1483 struct file *fp; 1484 socklen_t len; 1485 int error; 1486 1487 if (*alen < 0) 1488 return (EINVAL); 1489 1490 NET_LOCK_GIANT(); 1491 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 1492 if (error) 1493 goto done; 1494 so = fp->f_data; 1495 *sa = NULL; 1496 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, sa); 1497 if (error) 1498 goto bad; 1499 if (*sa == NULL) 1500 len = 0; 1501 else 1502 len = MIN(*alen, (*sa)->sa_len); 1503 *alen = len; 1504 bad: 1505 fdrop(fp, td); 1506 if (error && *sa) { 1507 free(*sa, M_SONAME); 1508 *sa = NULL; 1509 } 1510 done: 1511 NET_UNLOCK_GIANT(); 1512 return (error); 1513 } 1514 1515 int 1516 getsockname(td, uap) 1517 struct thread *td; 1518 struct getsockname_args *uap; 1519 { 1520 1521 return (getsockname1(td, uap, 0)); 1522 } 1523 1524 #ifdef COMPAT_OLDSOCK 1525 int 1526 ogetsockname(td, uap) 1527 struct thread *td; 1528 struct getsockname_args *uap; 1529 { 1530 1531 return (getsockname1(td, uap, 1)); 1532 } 1533 #endif /* COMPAT_OLDSOCK */ 1534 1535 /* 1536 * getpeername1() - Get name of peer for connected socket. 1537 */ 1538 /* ARGSUSED */ 1539 static int 1540 getpeername1(td, uap, compat) 1541 struct thread *td; 1542 register struct getpeername_args /* { 1543 int fdes; 1544 struct sockaddr * __restrict asa; 1545 socklen_t * __restrict alen; 1546 } */ *uap; 1547 int compat; 1548 { 1549 struct sockaddr *sa; 1550 socklen_t len; 1551 int error; 1552 1553 error = copyin(uap->alen, &len, sizeof (len)); 1554 if (error) 1555 return (error); 1556 1557 error = kern_getpeername(td, uap->fdes, &sa, &len); 1558 if (error) 1559 return (error); 1560 1561 if (len != 0) { 1562 #ifdef COMPAT_OLDSOCK 1563 if (compat) 1564 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1565 #endif 1566 error = copyout(sa, uap->asa, (u_int)len); 1567 } 1568 free(sa, M_SONAME); 1569 if (error == 0) 1570 error = copyout(&len, uap->alen, sizeof(len)); 1571 return (error); 1572 } 1573 1574 int 1575 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa, 1576 socklen_t *alen) 1577 { 1578 struct socket *so; 1579 struct file *fp; 1580 socklen_t len; 1581 int error; 1582 1583 if (*alen < 0) 1584 return (EINVAL); 1585 1586 NET_LOCK_GIANT(); 1587 error = getsock(td->td_proc->p_fd, fd, &fp, NULL); 1588 if (error) 1589 goto done2; 1590 so = fp->f_data; 1591 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) { 1592 error = ENOTCONN; 1593 goto done1; 1594 } 1595 *sa = NULL; 1596 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, sa); 1597 if (error) 1598 goto bad; 1599 if (*sa == NULL) 1600 len = 0; 1601 else 1602 len = MIN(*alen, (*sa)->sa_len); 1603 *alen = len; 1604 bad: 1605 if (error && *sa) { 1606 free(*sa, M_SONAME); 1607 *sa = NULL; 1608 } 1609 done1: 1610 fdrop(fp, td); 1611 done2: 1612 NET_UNLOCK_GIANT(); 1613 return (error); 1614 } 1615 1616 int 1617 getpeername(td, uap) 1618 struct thread *td; 1619 struct getpeername_args *uap; 1620 { 1621 1622 return (getpeername1(td, uap, 0)); 1623 } 1624 1625 #ifdef COMPAT_OLDSOCK 1626 int 1627 ogetpeername(td, uap) 1628 struct thread *td; 1629 struct ogetpeername_args *uap; 1630 { 1631 1632 /* XXX uap should have type `getpeername_args *' to begin with. */ 1633 return (getpeername1(td, (struct getpeername_args *)uap, 1)); 1634 } 1635 #endif /* COMPAT_OLDSOCK */ 1636 1637 int 1638 sockargs(mp, buf, buflen, type) 1639 struct mbuf **mp; 1640 caddr_t buf; 1641 int buflen, type; 1642 { 1643 register struct sockaddr *sa; 1644 register struct mbuf *m; 1645 int error; 1646 1647 if ((u_int)buflen > MLEN) { 1648 #ifdef COMPAT_OLDSOCK 1649 if (type == MT_SONAME && (u_int)buflen <= 112) 1650 buflen = MLEN; /* unix domain compat. hack */ 1651 else 1652 #endif 1653 if ((u_int)buflen > MCLBYTES) 1654 return (EINVAL); 1655 } 1656 m = m_get(M_TRYWAIT, type); 1657 if (m == NULL) 1658 return (ENOBUFS); 1659 if ((u_int)buflen > MLEN) { 1660 MCLGET(m, M_TRYWAIT); 1661 if ((m->m_flags & M_EXT) == 0) { 1662 m_free(m); 1663 return (ENOBUFS); 1664 } 1665 } 1666 m->m_len = buflen; 1667 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen); 1668 if (error) 1669 (void) m_free(m); 1670 else { 1671 *mp = m; 1672 if (type == MT_SONAME) { 1673 sa = mtod(m, struct sockaddr *); 1674 1675 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1676 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1677 sa->sa_family = sa->sa_len; 1678 #endif 1679 sa->sa_len = buflen; 1680 } 1681 } 1682 return (error); 1683 } 1684 1685 int 1686 getsockaddr(namp, uaddr, len) 1687 struct sockaddr **namp; 1688 caddr_t uaddr; 1689 size_t len; 1690 { 1691 struct sockaddr *sa; 1692 int error; 1693 1694 if (len > SOCK_MAXADDRLEN) 1695 return (ENAMETOOLONG); 1696 if (len < offsetof(struct sockaddr, sa_data[0])) 1697 return (EINVAL); 1698 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK); 1699 error = copyin(uaddr, sa, len); 1700 if (error) { 1701 FREE(sa, M_SONAME); 1702 } else { 1703 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1704 if (sa->sa_family == 0 && sa->sa_len < AF_MAX) 1705 sa->sa_family = sa->sa_len; 1706 #endif 1707 sa->sa_len = len; 1708 *namp = sa; 1709 } 1710 return (error); 1711 } 1712 1713 /* 1714 * Detach mapped page and release resources back to the system. 1715 */ 1716 void 1717 sf_buf_mext(void *addr, void *args) 1718 { 1719 vm_page_t m; 1720 1721 m = sf_buf_page(args); 1722 sf_buf_free(args); 1723 vm_page_lock_queues(); 1724 vm_page_unwire(m, 0); 1725 /* 1726 * Check for the object going away on us. This can 1727 * happen since we don't hold a reference to it. 1728 * If so, we're responsible for freeing the page. 1729 */ 1730 if (m->wire_count == 0 && m->object == NULL) 1731 vm_page_free(m); 1732 vm_page_unlock_queues(); 1733 } 1734 1735 /* 1736 * sendfile(2) 1737 * 1738 * int sendfile(int fd, int s, off_t offset, size_t nbytes, 1739 * struct sf_hdtr *hdtr, off_t *sbytes, int flags) 1740 * 1741 * Send a file specified by 'fd' and starting at 'offset' to a socket 1742 * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes == 1743 * 0. Optionally add a header and/or trailer to the socket output. If 1744 * specified, write the total number of bytes sent into *sbytes. 1745 */ 1746 int 1747 sendfile(struct thread *td, struct sendfile_args *uap) 1748 { 1749 1750 return (do_sendfile(td, uap, 0)); 1751 } 1752 1753 static int 1754 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat) 1755 { 1756 struct sf_hdtr hdtr; 1757 struct uio *hdr_uio, *trl_uio; 1758 int error; 1759 1760 hdr_uio = trl_uio = NULL; 1761 1762 if (uap->hdtr != NULL) { 1763 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr)); 1764 if (error) 1765 goto out; 1766 if (hdtr.headers != NULL) { 1767 error = copyinuio(hdtr.headers, hdtr.hdr_cnt, &hdr_uio); 1768 if (error) 1769 goto out; 1770 } 1771 if (hdtr.trailers != NULL) { 1772 error = copyinuio(hdtr.trailers, hdtr.trl_cnt, &trl_uio); 1773 if (error) 1774 goto out; 1775 1776 } 1777 } 1778 1779 error = kern_sendfile(td, uap, hdr_uio, trl_uio, compat); 1780 out: 1781 if (hdr_uio) 1782 free(hdr_uio, M_IOV); 1783 if (trl_uio) 1784 free(trl_uio, M_IOV); 1785 return (error); 1786 } 1787 1788 #ifdef COMPAT_FREEBSD4 1789 int 1790 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap) 1791 { 1792 struct sendfile_args args; 1793 1794 args.fd = uap->fd; 1795 args.s = uap->s; 1796 args.offset = uap->offset; 1797 args.nbytes = uap->nbytes; 1798 args.hdtr = uap->hdtr; 1799 args.sbytes = uap->sbytes; 1800 args.flags = uap->flags; 1801 1802 return (do_sendfile(td, &args, 1)); 1803 } 1804 #endif /* COMPAT_FREEBSD4 */ 1805 1806 int 1807 kern_sendfile(struct thread *td, struct sendfile_args *uap, 1808 struct uio *hdr_uio, struct uio *trl_uio, int compat) 1809 { 1810 struct file *sock_fp; 1811 struct vnode *vp; 1812 struct vm_object *obj = NULL; 1813 struct socket *so = NULL; 1814 struct mbuf *m = NULL; 1815 struct sf_buf *sf; 1816 struct vm_page *pg; 1817 off_t off, xfsize, sbytes = 0, rem = 0; 1818 int error, mnw = 0; 1819 int vfslocked; 1820 1821 NET_LOCK_GIANT(); 1822 1823 /* 1824 * The file descriptor must be a regular file and have a 1825 * backing VM object. 1826 * File offset must be positive. If it goes beyond EOF 1827 * we send only the header/trailer and no payload data. 1828 */ 1829 if ((error = fgetvp_read(td, uap->fd, &vp)) != 0) 1830 goto out; 1831 vfslocked = VFS_LOCK_GIANT(vp->v_mount); 1832 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td); 1833 obj = vp->v_object; 1834 if (obj != NULL) { 1835 /* 1836 * Temporarily increase the backing VM object's reference 1837 * count so that a forced reclamation of its vnode does not 1838 * immediately destroy it. 1839 */ 1840 VM_OBJECT_LOCK(obj); 1841 if ((obj->flags & OBJ_DEAD) == 0) { 1842 vm_object_reference_locked(obj); 1843 VM_OBJECT_UNLOCK(obj); 1844 } else { 1845 VM_OBJECT_UNLOCK(obj); 1846 obj = NULL; 1847 } 1848 } 1849 VOP_UNLOCK(vp, 0, td); 1850 VFS_UNLOCK_GIANT(vfslocked); 1851 if (obj == NULL) { 1852 error = EINVAL; 1853 goto out; 1854 } 1855 if (uap->offset < 0) { 1856 error = EINVAL; 1857 goto out; 1858 } 1859 1860 /* 1861 * The socket must be a stream socket and connected. 1862 * Remember if it a blocking or non-blocking socket. 1863 */ 1864 if ((error = getsock(td->td_proc->p_fd, uap->s, &sock_fp, 1865 NULL)) != 0) 1866 goto out; 1867 so = sock_fp->f_data; 1868 if (so->so_type != SOCK_STREAM) { 1869 error = EINVAL; 1870 goto out; 1871 } 1872 if ((so->so_state & SS_ISCONNECTED) == 0) { 1873 error = ENOTCONN; 1874 goto out; 1875 } 1876 /* 1877 * Do not wait on memory allocations but return ENOMEM for 1878 * caller to retry later. 1879 * XXX: Experimental. 1880 */ 1881 if (uap->flags & SF_MNOWAIT) 1882 mnw = 1; 1883 1884 #ifdef MAC 1885 SOCK_LOCK(so); 1886 error = mac_check_socket_send(td->td_ucred, so); 1887 SOCK_UNLOCK(so); 1888 if (error) 1889 goto out; 1890 #endif 1891 1892 /* If headers are specified copy them into mbufs. */ 1893 if (hdr_uio != NULL) { 1894 hdr_uio->uio_td = td; 1895 hdr_uio->uio_rw = UIO_WRITE; 1896 if (hdr_uio->uio_resid > 0) { 1897 /* 1898 * In FBSD < 5.0 the nbytes to send also included 1899 * the header. If compat is specified subtract the 1900 * header size from nbytes. 1901 */ 1902 if (compat) { 1903 if (uap->nbytes > hdr_uio->uio_resid) 1904 uap->nbytes -= hdr_uio->uio_resid; 1905 else 1906 uap->nbytes = 0; 1907 } 1908 m = m_uiotombuf(hdr_uio, (mnw ? M_NOWAIT : M_WAITOK), 1909 0, 0, 0); 1910 if (m == NULL) { 1911 error = mnw ? EAGAIN : ENOBUFS; 1912 goto out; 1913 } 1914 } 1915 } 1916 1917 /* Protect against multiple writers to the socket. */ 1918 SOCKBUF_LOCK(&so->so_snd); 1919 (void) sblock(&so->so_snd, M_WAITOK); 1920 SOCKBUF_UNLOCK(&so->so_snd); 1921 1922 /* 1923 * Loop through the pages of the file, starting with the requested 1924 * offset. Get a file page (do I/O if necessary), map the file page 1925 * into an sf_buf, attach an mbuf header to the sf_buf, and queue 1926 * it on the socket. 1927 * This is done in two loops. The inner loop turns as many pages 1928 * as it can, up to available socket buffer space, without blocking 1929 * into mbufs to have it bulk delivered into the socket send buffer. 1930 * The outer loop checks the state and available space of the socket 1931 * and takes care of the overall progress. 1932 */ 1933 for (off = uap->offset; ; ) { 1934 int loopbytes = 0; 1935 int space = 0; 1936 int done = 0; 1937 1938 /* 1939 * Check the socket state for ongoing connection, 1940 * no errors and space in socket buffer. 1941 * If space is low allow for the remainder of the 1942 * file to be processed if it fits the socket buffer. 1943 * Otherwise block in waiting for sufficient space 1944 * to proceed, or if the socket is nonblocking, return 1945 * to userland with EAGAIN while reporting how far 1946 * we've come. 1947 * We wait until the socket buffer has significant free 1948 * space to do bulk sends. This makes good use of file 1949 * system read ahead and allows packet segmentation 1950 * offloading hardware to take over lots of work. If 1951 * we were not careful here we would send off only one 1952 * sfbuf at a time. 1953 */ 1954 SOCKBUF_LOCK(&so->so_snd); 1955 if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2) 1956 so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2; 1957 retry_space: 1958 if (so->so_snd.sb_state & SBS_CANTSENDMORE) { 1959 error = EPIPE; 1960 SOCKBUF_UNLOCK(&so->so_snd); 1961 goto done; 1962 } else if (so->so_error) { 1963 error = so->so_error; 1964 so->so_error = 0; 1965 SOCKBUF_UNLOCK(&so->so_snd); 1966 goto done; 1967 } 1968 space = sbspace(&so->so_snd); 1969 if (space < rem && 1970 (space <= 0 || 1971 space < so->so_snd.sb_lowat)) { 1972 if (so->so_state & SS_NBIO) { 1973 SOCKBUF_UNLOCK(&so->so_snd); 1974 error = EAGAIN; 1975 goto done; 1976 } 1977 /* 1978 * sbwait drops the lock while sleeping. 1979 * When we loop back to retry_space the 1980 * state may have changed and we retest 1981 * for it. 1982 */ 1983 error = sbwait(&so->so_snd); 1984 /* 1985 * An error from sbwait usually indicates that we've 1986 * been interrupted by a signal. If we've sent anything 1987 * then return bytes sent, otherwise return the error. 1988 */ 1989 if (error) { 1990 SOCKBUF_UNLOCK(&so->so_snd); 1991 goto done; 1992 } 1993 goto retry_space; 1994 } 1995 SOCKBUF_UNLOCK(&so->so_snd); 1996 1997 /* 1998 * Loop and construct maximum sized mbuf chain to be bulk 1999 * dumped into socket buffer. 2000 */ 2001 while(space > loopbytes) { 2002 vm_pindex_t pindex; 2003 vm_offset_t pgoff; 2004 struct mbuf *m0; 2005 2006 VM_OBJECT_LOCK(obj); 2007 /* 2008 * Calculate the amount to transfer. 2009 * Not to exceed a page, the EOF, 2010 * or the passed in nbytes. 2011 */ 2012 pgoff = (vm_offset_t)(off & PAGE_MASK); 2013 xfsize = omin(PAGE_SIZE - pgoff, 2014 obj->un_pager.vnp.vnp_size - off - 2015 sbytes - loopbytes); 2016 if (uap->nbytes) 2017 rem = (uap->nbytes - sbytes - loopbytes); 2018 else 2019 rem = obj->un_pager.vnp.vnp_size - off - 2020 sbytes - loopbytes; 2021 xfsize = omin(rem, xfsize); 2022 if (xfsize <= 0) { 2023 VM_OBJECT_UNLOCK(obj); 2024 done = 1; /* all data sent */ 2025 break; 2026 } 2027 /* 2028 * Don't overflow the send buffer. 2029 * Stop here and send out what we've 2030 * already got. 2031 */ 2032 if (space < loopbytes + xfsize) { 2033 VM_OBJECT_UNLOCK(obj); 2034 break; 2035 } 2036 retry_lookup: 2037 /* 2038 * Attempt to look up the page. 2039 * Allocate if not found or 2040 * wait and loop if busy. 2041 */ 2042 pindex = OFF_TO_IDX(off); 2043 pg = vm_page_lookup(obj, pindex); 2044 if (pg == NULL) { 2045 pg = vm_page_alloc(obj, pindex, 2046 VM_ALLOC_NOBUSY | VM_ALLOC_NORMAL | 2047 VM_ALLOC_WIRED); 2048 if (pg == NULL) { 2049 VM_OBJECT_UNLOCK(obj); 2050 VM_WAIT; 2051 VM_OBJECT_LOCK(obj); 2052 goto retry_lookup; 2053 } 2054 } else if (vm_page_sleep_if_busy(pg, TRUE, "sfpbsy")) 2055 goto retry_lookup; 2056 else { 2057 /* 2058 * Wire the page so it does not get 2059 * ripped out from under us. 2060 */ 2061 vm_page_lock_queues(); 2062 vm_page_wire(pg); 2063 vm_page_unlock_queues(); 2064 } 2065 2066 /* 2067 * Check if page is valid for what we need, 2068 * otherwise initiate I/O. 2069 * If we already turned some pages into mbufs, 2070 * send them off before we come here again and 2071 * block. 2072 */ 2073 if (pg->valid && vm_page_is_valid(pg, pgoff, xfsize)) 2074 VM_OBJECT_UNLOCK(obj); 2075 else if (m != NULL) 2076 error = EAGAIN; /* send what we already got */ 2077 else if (uap->flags & SF_NODISKIO) 2078 error = EBUSY; 2079 else { 2080 int bsize, resid; 2081 2082 /* 2083 * Ensure that our page is still around 2084 * when the I/O completes. 2085 */ 2086 vm_page_io_start(pg); 2087 VM_OBJECT_UNLOCK(obj); 2088 2089 /* 2090 * Get the page from backing store. 2091 */ 2092 bsize = vp->v_mount->mnt_stat.f_iosize; 2093 vfslocked = VFS_LOCK_GIANT(vp->v_mount); 2094 vn_lock(vp, LK_SHARED | LK_RETRY, td); 2095 2096 /* 2097 * XXXMAC: Because we don't have fp->f_cred 2098 * here, we pass in NOCRED. This is probably 2099 * wrong, but is consistent with our original 2100 * implementation. 2101 */ 2102 error = vn_rdwr(UIO_READ, vp, NULL, MAXBSIZE, 2103 trunc_page(off), UIO_NOCOPY, IO_NODELOCKED | 2104 IO_VMIO | ((MAXBSIZE / bsize) << IO_SEQSHIFT), 2105 td->td_ucred, NOCRED, &resid, td); 2106 VOP_UNLOCK(vp, 0, td); 2107 VFS_UNLOCK_GIANT(vfslocked); 2108 VM_OBJECT_LOCK(obj); 2109 vm_page_io_finish(pg); 2110 if (!error) 2111 VM_OBJECT_UNLOCK(obj); 2112 mbstat.sf_iocnt++; 2113 } 2114 if (error) { 2115 vm_page_lock_queues(); 2116 vm_page_unwire(pg, 0); 2117 /* 2118 * See if anyone else might know about 2119 * this page. If not and it is not valid, 2120 * then free it. 2121 */ 2122 if (pg->wire_count == 0 && pg->valid == 0 && 2123 pg->busy == 0 && !(pg->oflags & VPO_BUSY) && 2124 pg->hold_count == 0) { 2125 vm_page_free(pg); 2126 } 2127 vm_page_unlock_queues(); 2128 VM_OBJECT_UNLOCK(obj); 2129 if (error == EAGAIN) 2130 error = 0; /* not a real error */ 2131 break; 2132 } 2133 2134 /* 2135 * Get a sendfile buf. We usually wait as long 2136 * as necessary, but this wait can be interrupted. 2137 */ 2138 if ((sf = sf_buf_alloc(pg, 2139 (mnw ? SFB_NOWAIT : SFB_CATCH))) == NULL) { 2140 mbstat.sf_allocfail++; 2141 vm_page_lock_queues(); 2142 vm_page_unwire(pg, 0); 2143 /* 2144 * XXX: Not same check as above!? 2145 */ 2146 if (pg->wire_count == 0 && pg->object == NULL) 2147 vm_page_free(pg); 2148 vm_page_unlock_queues(); 2149 error = (mnw ? EAGAIN : EINTR); 2150 break; 2151 } 2152 2153 /* 2154 * Get an mbuf and set it up as having 2155 * external storage. 2156 */ 2157 m0 = m_get((mnw ? M_NOWAIT : M_WAITOK), MT_DATA); 2158 if (m0 == NULL) { 2159 error = (mnw ? EAGAIN : ENOBUFS); 2160 sf_buf_mext((void *)sf_buf_kva(sf), sf); 2161 break; 2162 } 2163 MEXTADD(m0, sf_buf_kva(sf), PAGE_SIZE, sf_buf_mext, 2164 sf, M_RDONLY, EXT_SFBUF); 2165 m0->m_data = (char *)sf_buf_kva(sf) + pgoff; 2166 m0->m_len = xfsize; 2167 2168 /* Append to mbuf chain. */ 2169 if (m != NULL) 2170 m_cat(m, m0); 2171 else 2172 m = m0; 2173 2174 /* Keep track of bits processed. */ 2175 loopbytes += xfsize; 2176 off += xfsize; 2177 } 2178 2179 /* Add the buffer chain to the socket buffer. */ 2180 if (m != NULL) { 2181 int mlen; 2182 2183 mlen = m_length(m, NULL); 2184 SOCKBUF_LOCK(&so->so_snd); 2185 if (so->so_snd.sb_state & SBS_CANTSENDMORE) { 2186 error = EPIPE; 2187 SOCKBUF_UNLOCK(&so->so_snd); 2188 goto done; 2189 } 2190 SOCKBUF_UNLOCK(&so->so_snd); 2191 error = (*so->so_proto->pr_usrreqs->pru_send) 2192 (so, 0, m, NULL, NULL, td); 2193 if (!error) 2194 sbytes += mlen; 2195 m = NULL; /* pru_send always consumes */ 2196 } 2197 2198 /* Quit outer loop on error or when we're done. */ 2199 if (error || done) 2200 goto done; 2201 } 2202 2203 /* 2204 * Send trailers. Wimp out and use writev(2). 2205 */ 2206 if (trl_uio != NULL) { 2207 error = kern_writev(td, uap->s, trl_uio); 2208 if (error) 2209 goto done; 2210 sbytes += td->td_retval[0]; 2211 } 2212 2213 done: 2214 SOCKBUF_LOCK(&so->so_snd); 2215 sbunlock(&so->so_snd); 2216 SOCKBUF_UNLOCK(&so->so_snd); 2217 out: 2218 /* 2219 * If there was no error we have to clear td->td_retval[0] 2220 * because it may have been set by writev. 2221 */ 2222 if (error == 0) { 2223 td->td_retval[0] = 0; 2224 } 2225 if (uap->sbytes != NULL) { 2226 copyout(&sbytes, uap->sbytes, sizeof(off_t)); 2227 } 2228 if (obj != NULL) 2229 vm_object_deallocate(obj); 2230 if (vp != NULL) { 2231 vfslocked = VFS_LOCK_GIANT(vp->v_mount); 2232 vrele(vp); 2233 VFS_UNLOCK_GIANT(vfslocked); 2234 } 2235 if (so) 2236 fdrop(sock_fp, td); 2237 if (m) 2238 m_freem(m); 2239 2240 NET_UNLOCK_GIANT(); 2241 2242 if (error == ERESTART) 2243 error = EINTR; 2244 2245 return (error); 2246 } 2247 2248 /* 2249 * SCTP syscalls. 2250 * Functionality only compiled in if SCTP is defined in the kernel Makefile, 2251 * otherwise all return EOPNOTSUPP. 2252 * XXX: We should make this loadable one day. 2253 */ 2254 int 2255 sctp_peeloff(td, uap) 2256 struct thread *td; 2257 struct sctp_peeloff_args /* { 2258 int sd; 2259 caddr_t name; 2260 } */ *uap; 2261 { 2262 #ifdef SCTP 2263 struct filedesc *fdp; 2264 struct file *nfp = NULL; 2265 int error; 2266 struct socket *head, *so; 2267 int fd; 2268 u_int fflag; 2269 2270 fdp = td->td_proc->p_fd; 2271 error = fgetsock(td, uap->sd, &head, &fflag); 2272 if (error) 2273 goto done2; 2274 error = sctp_can_peel_off(head, (sctp_assoc_t)uap->name); 2275 if (error) 2276 goto done2; 2277 /* 2278 * At this point we know we do have a assoc to pull 2279 * we proceed to get the fd setup. This may block 2280 * but that is ok. 2281 */ 2282 2283 error = falloc(td, &nfp, &fd); 2284 if (error) 2285 goto done; 2286 td->td_retval[0] = fd; 2287 2288 so = sonewconn(head, SS_ISCONNECTED); 2289 if (so == NULL) 2290 goto noconnection; 2291 /* 2292 * Before changing the flags on the socket, we have to bump the 2293 * reference count. Otherwise, if the protocol calls sofree(), 2294 * the socket will be released due to a zero refcount. 2295 */ 2296 SOCK_LOCK(so); 2297 soref(so); /* file descriptor reference */ 2298 SOCK_UNLOCK(so); 2299 2300 ACCEPT_LOCK(); 2301 2302 TAILQ_REMOVE(&head->so_comp, so, so_list); 2303 head->so_qlen--; 2304 so->so_state |= (head->so_state & SS_NBIO); 2305 so->so_state &= ~SS_NOFDREF; 2306 so->so_qstate &= ~SQ_COMP; 2307 so->so_head = NULL; 2308 2309 ACCEPT_UNLOCK(); 2310 2311 error = sctp_do_peeloff(head, so, (sctp_assoc_t)uap->name); 2312 if (error) 2313 goto noconnection; 2314 if (head->so_sigio != NULL) 2315 fsetown(fgetown(&head->so_sigio), &so->so_sigio); 2316 2317 FILE_LOCK(nfp); 2318 nfp->f_data = so; 2319 nfp->f_flag = fflag; 2320 nfp->f_ops = &socketops; 2321 nfp->f_type = DTYPE_SOCKET; 2322 FILE_UNLOCK(nfp); 2323 2324 noconnection: 2325 /* 2326 * close the new descriptor, assuming someone hasn't ripped it 2327 * out from under us. 2328 */ 2329 if (error) 2330 fdclose(fdp, nfp, fd, td); 2331 2332 /* 2333 * Release explicitly held references before returning. 2334 */ 2335 done: 2336 if (nfp != NULL) 2337 fdrop(nfp, td); 2338 fputsock(head); 2339 done2: 2340 return (error); 2341 #else /* SCTP */ 2342 return (EOPNOTSUPP); 2343 #endif /* SCTP */ 2344 } 2345 2346 int 2347 sctp_generic_sendmsg (td, uap) 2348 struct thread *td; 2349 struct sctp_generic_sendmsg_args /* { 2350 int sd, 2351 caddr_t msg, 2352 int mlen, 2353 caddr_t to, 2354 __socklen_t tolen, 2355 struct sctp_sndrcvinfo *sinfo, 2356 int flags 2357 } */ *uap; 2358 { 2359 #ifdef SCTP 2360 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL; 2361 struct socket *so; 2362 struct file *fp; 2363 int use_rcvinfo = 1; 2364 int error = 0, len; 2365 struct sockaddr *to = NULL; 2366 #ifdef KTRACE 2367 struct uio *ktruio = NULL; 2368 #endif 2369 struct uio auio; 2370 struct iovec iov[1]; 2371 2372 if (uap->sinfo) { 2373 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo)); 2374 if (error) 2375 return (error); 2376 u_sinfo = &sinfo; 2377 } 2378 if (uap->tolen) { 2379 error = getsockaddr(&to, uap->to, uap->tolen); 2380 if (error) { 2381 to = NULL; 2382 goto sctp_bad2; 2383 } 2384 } 2385 2386 error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL); 2387 if (error) 2388 goto sctp_bad; 2389 2390 iov[0].iov_base = uap->msg; 2391 iov[0].iov_len = uap->mlen; 2392 2393 so = (struct socket *)fp->f_data; 2394 #ifdef MAC 2395 SOCK_LOCK(so); 2396 error = mac_check_socket_send(td->td_ucred, so); 2397 SOCK_UNLOCK(so); 2398 if (error) 2399 goto sctp_bad; 2400 #endif /* MAC */ 2401 2402 auio.uio_iov = iov; 2403 auio.uio_iovcnt = 1; 2404 auio.uio_segflg = UIO_USERSPACE; 2405 auio.uio_rw = UIO_WRITE; 2406 auio.uio_td = td; 2407 auio.uio_offset = 0; /* XXX */ 2408 auio.uio_resid = 0; 2409 len = auio.uio_resid = uap->mlen; 2410 error = sctp_lower_sosend(so, to, &auio, 2411 (struct mbuf *)NULL, (struct mbuf *)NULL, 2412 uap->flags, use_rcvinfo, u_sinfo, td); 2413 if (error) { 2414 if (auio.uio_resid != len && (error == ERESTART || 2415 error == EINTR || error == EWOULDBLOCK)) 2416 error = 0; 2417 /* Generation of SIGPIPE can be controlled per socket. */ 2418 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 2419 !(uap->flags & MSG_NOSIGNAL)) { 2420 PROC_LOCK(td->td_proc); 2421 psignal(td->td_proc, SIGPIPE); 2422 PROC_UNLOCK(td->td_proc); 2423 } 2424 } 2425 if (error == 0) 2426 td->td_retval[0] = len - auio.uio_resid; 2427 #ifdef KTRACE 2428 if (ktruio != NULL) { 2429 ktruio->uio_resid = td->td_retval[0]; 2430 ktrgenio(uap->sd, UIO_WRITE, ktruio, error); 2431 } 2432 #endif /* KTRACE */ 2433 sctp_bad: 2434 fdrop(fp, td); 2435 sctp_bad2: 2436 if (to) 2437 free(to, M_SONAME); 2438 return (error); 2439 #else /* SCTP */ 2440 return (EOPNOTSUPP); 2441 #endif /* SCTP */ 2442 } 2443 2444 int 2445 sctp_generic_sendmsg_iov(td, uap) 2446 struct thread *td; 2447 struct sctp_generic_sendmsg_iov_args /* { 2448 int sd, 2449 struct iovec *iov, 2450 int iovlen, 2451 caddr_t to, 2452 __socklen_t tolen, 2453 struct sctp_sndrcvinfo *sinfo, 2454 int flags 2455 } */ *uap; 2456 { 2457 #ifdef SCTP 2458 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL; 2459 struct socket *so; 2460 struct file *fp; 2461 int use_rcvinfo = 1; 2462 int error=0, len, i; 2463 struct sockaddr *to = NULL; 2464 #ifdef KTRACE 2465 struct uio *ktruio = NULL; 2466 #endif 2467 struct uio auio; 2468 struct iovec *iov, *tiov; 2469 2470 if (uap->sinfo) { 2471 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo)); 2472 if (error) 2473 return (error); 2474 u_sinfo = &sinfo; 2475 } 2476 if (uap->tolen) { 2477 error = getsockaddr(&to, uap->to, uap->tolen); 2478 if (error) { 2479 to = NULL; 2480 goto sctp_bad2; 2481 } 2482 } 2483 2484 error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL); 2485 if (error) 2486 goto sctp_bad1; 2487 2488 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE); 2489 if (error) 2490 goto sctp_bad1; 2491 2492 so = (struct socket *)fp->f_data; 2493 #ifdef MAC 2494 SOCK_LOCK(so); 2495 error = mac_check_socket_send(td->td_ucred, so); 2496 SOCK_UNLOCK(so); 2497 if (error) 2498 goto sctp_bad; 2499 #endif /* MAC */ 2500 2501 auio.uio_iov = iov; 2502 auio.uio_iovcnt = uap->iovlen; 2503 auio.uio_segflg = UIO_USERSPACE; 2504 auio.uio_rw = UIO_WRITE; 2505 auio.uio_td = td; 2506 auio.uio_offset = 0; /* XXX */ 2507 auio.uio_resid = 0; 2508 tiov = iov; 2509 for (i = 0; i <uap->iovlen; i++, tiov++) { 2510 if ((auio.uio_resid += tiov->iov_len) < 0) { 2511 error = EINVAL; 2512 goto sctp_bad; 2513 } 2514 } 2515 len = auio.uio_resid; 2516 error = sctp_lower_sosend(so, to, &auio, 2517 (struct mbuf *)NULL, (struct mbuf *)NULL, 2518 uap->flags, use_rcvinfo, u_sinfo, td); 2519 if (error) { 2520 if (auio.uio_resid != len && (error == ERESTART || 2521 error == EINTR || error == EWOULDBLOCK)) 2522 error = 0; 2523 /* Generation of SIGPIPE can be controlled per socket */ 2524 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 2525 !(uap->flags & MSG_NOSIGNAL)) { 2526 PROC_LOCK(td->td_proc); 2527 psignal(td->td_proc, SIGPIPE); 2528 PROC_UNLOCK(td->td_proc); 2529 } 2530 } 2531 if (error == 0) 2532 td->td_retval[0] = len - auio.uio_resid; 2533 #ifdef KTRACE 2534 if (ktruio != NULL) { 2535 ktruio->uio_resid = td->td_retval[0]; 2536 ktrgenio(uap->sd, UIO_WRITE, ktruio, error); 2537 } 2538 #endif /* KTRACE */ 2539 sctp_bad: 2540 free(iov, M_IOV); 2541 sctp_bad1: 2542 fdrop(fp, td); 2543 sctp_bad2: 2544 if (to) 2545 free(to, M_SONAME); 2546 return (error); 2547 #else /* SCTP */ 2548 return (EOPNOTSUPP); 2549 #endif /* SCTP */ 2550 } 2551 2552 int 2553 sctp_generic_recvmsg(td, uap) 2554 struct thread *td; 2555 struct sctp_generic_recvmsg_args /* { 2556 int sd, 2557 struct iovec *iov, 2558 int iovlen, 2559 struct sockaddr *from, 2560 __socklen_t *fromlenaddr, 2561 struct sctp_sndrcvinfo *sinfo, 2562 int *msg_flags 2563 } */ *uap; 2564 { 2565 #ifdef SCTP 2566 u_int8_t sockbufstore[256]; 2567 struct uio auio; 2568 struct iovec *iov, *tiov; 2569 struct sctp_sndrcvinfo sinfo; 2570 struct socket *so; 2571 struct file *fp; 2572 struct sockaddr *fromsa; 2573 int fromlen; 2574 int len, i, msg_flags; 2575 int error = 0; 2576 #ifdef KTRACE 2577 struct uio *ktruio = NULL; 2578 #endif 2579 error = getsock(td->td_proc->p_fd, uap->sd, &fp, NULL); 2580 if (error) { 2581 return (error); 2582 } 2583 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE); 2584 if (error) { 2585 goto out1; 2586 } 2587 2588 so = fp->f_data; 2589 #ifdef MAC 2590 SOCK_LOCK(so); 2591 error = mac_check_socket_receive(td->td_ucred, so); 2592 SOCK_UNLOCK(so); 2593 if (error) { 2594 goto out; 2595 return (error); 2596 } 2597 #endif /* MAC */ 2598 2599 if (uap->fromlenaddr) { 2600 error = copyin(uap->fromlenaddr, 2601 &fromlen, sizeof (fromlen)); 2602 if (error) { 2603 goto out; 2604 } 2605 } else { 2606 fromlen = 0; 2607 } 2608 if(uap->msg_flags) { 2609 error = copyin(uap->msg_flags, &msg_flags, sizeof (int)); 2610 if (error) { 2611 goto out; 2612 } 2613 } else { 2614 msg_flags = 0; 2615 } 2616 auio.uio_iov = iov; 2617 auio.uio_iovcnt = uap->iovlen; 2618 auio.uio_segflg = UIO_USERSPACE; 2619 auio.uio_rw = UIO_READ; 2620 auio.uio_td = td; 2621 auio.uio_offset = 0; /* XXX */ 2622 auio.uio_resid = 0; 2623 tiov = iov; 2624 for (i = 0; i <uap->iovlen; i++, tiov++) { 2625 if ((auio.uio_resid += tiov->iov_len) < 0) { 2626 error = EINVAL; 2627 goto out; 2628 } 2629 } 2630 len = auio.uio_resid; 2631 fromsa = (struct sockaddr *)sockbufstore; 2632 2633 #ifdef KTRACE 2634 if (KTRPOINT(td, KTR_GENIO)) 2635 ktruio = cloneuio(&auio); 2636 #endif /* KTRACE */ 2637 error = sctp_sorecvmsg(so, &auio, (struct mbuf **)NULL, 2638 fromsa, fromlen, &msg_flags, 2639 (struct sctp_sndrcvinfo *)&sinfo, 1); 2640 if (error) { 2641 if (auio.uio_resid != (int)len && (error == ERESTART || 2642 error == EINTR || error == EWOULDBLOCK)) 2643 error = 0; 2644 } else { 2645 if (uap->sinfo) 2646 error = copyout(&sinfo, uap->sinfo, sizeof (sinfo)); 2647 } 2648 #ifdef KTRACE 2649 if (ktruio != NULL) { 2650 ktruio->uio_resid = (int)len - auio.uio_resid; 2651 ktrgenio(uap->sd, UIO_READ, ktruio, error); 2652 } 2653 #endif /* KTRACE */ 2654 if (error) 2655 goto out; 2656 td->td_retval[0] = (int)len - auio.uio_resid; 2657 2658 if (fromlen && uap->from) { 2659 len = fromlen; 2660 if (len <= 0 || fromsa == 0) 2661 len = 0; 2662 else { 2663 len = MIN(len, fromsa->sa_len); 2664 error = copyout(fromsa, uap->from, (unsigned)len); 2665 if (error) 2666 goto out; 2667 } 2668 error = copyout(&len, uap->fromlenaddr, sizeof (socklen_t)); 2669 if (error) { 2670 goto out; 2671 } 2672 } 2673 if (uap->msg_flags) { 2674 error = copyout(&msg_flags, uap->msg_flags, sizeof (int)); 2675 if (error) { 2676 goto out; 2677 } 2678 } 2679 out: 2680 free(iov, M_IOV); 2681 out1: 2682 fdrop(fp, td); 2683 return (error); 2684 #else /* SCTP */ 2685 return (EOPNOTSUPP); 2686 #endif /* SCTP */ 2687 } 2688