xref: /titanic_44/usr/src/uts/common/fs/sockfs/sockcommon.c (revision c623edd31cf7c582de6a3f26cc42c651d6002f73)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #include <sys/types.h>
28 #include <sys/param.h>
29 #include <sys/systm.h>
30 #include <sys/sysmacros.h>
31 #include <sys/debug.h>
32 #include <sys/cmn_err.h>
33 #include <sys/vfs.h>
34 #include <sys/policy.h>
35 #include <sys/modctl.h>
36 
37 #include <sys/sunddi.h>
38 
39 #include <sys/strsun.h>
40 #include <sys/stropts.h>
41 #include <sys/strsubr.h>
42 #include <sys/socket.h>
43 #include <sys/socketvar.h>
44 #include <sys/sodirect.h>
45 #include <sys/uio.h>
46 
47 #include <inet/ipclassifier.h>
48 #include <fs/sockfs/sockcommon.h>
49 #include <fs/sockfs/nl7c.h>
50 #include <fs/sockfs/socktpi.h>
51 #include <inet/ip.h>
52 
53 extern int xnet_skip_checks, xnet_check_print, xnet_truncate_print;
54 
55 static struct kmem_cache *sock_sod_cache;
56 
57 /*
58  * Common socket access functions.
59  *
60  * Instead of accessing the sonode switch directly (i.e., SOP_xxx()),
61  * the socket_xxx() function should be used.
62  */
63 
64 /*
65  * Try to create a new sonode of the requested <family, type, protocol>.
66  */
67 /* ARGSUSED */
68 struct sonode *
69 socket_create(int family, int type, int protocol, char *devpath, char *mod,
70     int flags, int version, struct cred *cr, int *errorp)
71 {
72 	struct sonode *so;
73 	struct sockparams *sp = NULL;
74 
75 	/*
76 	 * Look for a sockparams entry that match the given criteria.
77 	 * solookup() returns with the entry held.
78 	 */
79 	*errorp = solookup(family, type, protocol, &sp);
80 	if (sp == NULL) {
81 		int kmflags = (flags == SOCKET_SLEEP) ? KM_SLEEP : KM_NOSLEEP;
82 		/*
83 		 * There is no matching sockparams entry. An ephemeral entry is
84 		 * created if the caller specifies a device or a socket module.
85 		 */
86 		if (devpath != NULL) {
87 			sp = sockparams_hold_ephemeral_bydev(family, type,
88 			    protocol, devpath, kmflags, errorp);
89 		} else if (mod != NULL) {
90 			sp = sockparams_hold_ephemeral_bymod(family, type,
91 			    protocol, mod, kmflags, errorp);
92 		} else {
93 			return (NULL);
94 		}
95 
96 		if (sp == NULL)
97 			return (NULL);
98 	}
99 
100 	ASSERT(sp->sp_smod_info != NULL);
101 	ASSERT(flags == SOCKET_SLEEP || flags == SOCKET_NOSLEEP);
102 	so = sp->sp_smod_info->smod_sock_create_func(sp, family, type,
103 	    protocol, version, flags, errorp, cr);
104 	if (so == NULL) {
105 		SOCKPARAMS_DEC_REF(sp);
106 	} else {
107 		if ((*errorp = SOP_INIT(so, NULL, cr, flags)) == 0) {
108 			/* Cannot fail, only bumps so_count */
109 			(void) VOP_OPEN(&SOTOV(so), FREAD|FWRITE, cr, NULL);
110 		} else {
111 			socket_destroy(so);
112 			so = NULL;
113 		}
114 	}
115 	return (so);
116 }
117 
118 struct sonode *
119 socket_newconn(struct sonode *parent, sock_lower_handle_t lh,
120     sock_downcalls_t *dc, int flags, int *errorp)
121 {
122 	struct sonode *so;
123 	struct sockparams *sp;
124 	struct cred *cr;
125 
126 	if ((cr = CRED()) == NULL)
127 		cr = kcred;
128 
129 	sp = parent->so_sockparams;
130 	ASSERT(sp != NULL);
131 
132 	so = sp->sp_smod_info->smod_sock_create_func(sp, parent->so_family,
133 	    parent->so_type, parent->so_protocol, parent->so_version, flags,
134 	    errorp, cr);
135 	if (so != NULL) {
136 		SOCKPARAMS_INC_REF(sp);
137 
138 		so->so_proto_handle = lh;
139 		so->so_downcalls = dc;
140 		/*
141 		 * This function may be called in interrupt context, and CRED()
142 		 * will be NULL. In this case, pass in kcred.
143 		 */
144 		if ((*errorp = SOP_INIT(so, parent, cr, flags)) == 0) {
145 			/* Cannot fail, only bumps so_count */
146 			(void) VOP_OPEN(&SOTOV(so), FREAD|FWRITE, cr, NULL);
147 		} else  {
148 			socket_destroy(so);
149 			so = NULL;
150 		}
151 	}
152 
153 	return (so);
154 }
155 
156 /*
157  * Bind local endpoint.
158  */
159 int
160 socket_bind(struct sonode *so, struct sockaddr *name, socklen_t namelen,
161     int flags, cred_t *cr)
162 {
163 	return (SOP_BIND(so, name, namelen, flags, cr));
164 }
165 
166 /*
167  * Turn socket into a listen socket.
168  */
169 int
170 socket_listen(struct sonode *so, int backlog, cred_t *cr)
171 {
172 	if (backlog < 0) {
173 		backlog = 0;
174 	}
175 
176 	/*
177 	 * Use the same qlimit as in BSD. BSD checks the qlimit
178 	 * before queuing the next connection implying that a
179 	 * listen(sock, 0) allows one connection to be queued.
180 	 * BSD also uses 1.5 times the requested backlog.
181 	 *
182 	 * XNS Issue 4 required a strict interpretation of the backlog.
183 	 * This has been waived subsequently for Issue 4 and the change
184 	 * incorporated in XNS Issue 5. So we aren't required to do
185 	 * anything special for XPG apps.
186 	 */
187 	if (backlog >= (INT_MAX - 1) / 3)
188 		backlog = INT_MAX;
189 	else
190 		backlog = backlog * 3 / 2 + 1;
191 
192 	return (SOP_LISTEN(so, backlog, cr));
193 }
194 
195 /*
196  * Accept incoming connection.
197  */
198 int
199 socket_accept(struct sonode *lso, int fflag, cred_t *cr, struct sonode **nsop)
200 {
201 	return (SOP_ACCEPT(lso, fflag, cr, nsop));
202 }
203 
204 /*
205  * Active open.
206  */
207 int
208 socket_connect(struct sonode *so, const struct sockaddr *name,
209     socklen_t namelen, int fflag, int flags, cred_t *cr)
210 {
211 	int error;
212 
213 	/*
214 	 * Handle a connect to a name parameter of type AF_UNSPEC like a
215 	 * connect to a null address. This is the portable method to
216 	 * unconnect a socket.
217 	 */
218 	if ((namelen >= sizeof (sa_family_t)) &&
219 	    (name->sa_family == AF_UNSPEC)) {
220 		name = NULL;
221 		namelen = 0;
222 	}
223 
224 	error = SOP_CONNECT(so, name, namelen, fflag, flags, cr);
225 
226 	if (error == EHOSTUNREACH && flags & _SOCONNECT_XPG4_2) {
227 		/*
228 		 * X/Open specification contains a requirement that
229 		 * ENETUNREACH be returned but does not require
230 		 * EHOSTUNREACH. In order to keep the test suite
231 		 * happy we mess with the errno here.
232 		 */
233 		error = ENETUNREACH;
234 	}
235 
236 	return (error);
237 }
238 
239 /*
240  * Get address of remote node.
241  */
242 int
243 socket_getpeername(struct sonode *so, struct sockaddr *addr,
244     socklen_t *addrlen, boolean_t accept, cred_t *cr)
245 {
246 	ASSERT(*addrlen > 0);
247 	return (SOP_GETPEERNAME(so, addr, addrlen, accept, cr));
248 
249 }
250 
251 /*
252  * Get local address.
253  */
254 int
255 socket_getsockname(struct sonode *so, struct sockaddr *addr,
256     socklen_t *addrlen, cred_t *cr)
257 {
258 	return (SOP_GETSOCKNAME(so, addr, addrlen, cr));
259 
260 }
261 
262 /*
263  * Called from shutdown().
264  */
265 int
266 socket_shutdown(struct sonode *so, int how, cred_t *cr)
267 {
268 	return (SOP_SHUTDOWN(so, how, cr));
269 }
270 
271 /*
272  * Get socket options.
273  */
274 /*ARGSUSED*/
275 int
276 socket_getsockopt(struct sonode *so, int level, int option_name,
277     void *optval, socklen_t *optlenp, int flags, cred_t *cr)
278 {
279 	return (SOP_GETSOCKOPT(so, level, option_name, optval,
280 	    optlenp, flags, cr));
281 }
282 
283 /*
284  * Set socket options
285  */
286 int
287 socket_setsockopt(struct sonode *so, int level, int option_name,
288     const void *optval, t_uscalar_t optlen, cred_t *cr)
289 {
290 	/* Caller allocates aligned optval, or passes null */
291 	ASSERT(((uintptr_t)optval & (sizeof (t_scalar_t) - 1)) == 0);
292 	/* If optval is null optlen is 0, and vice-versa */
293 	ASSERT(optval != NULL || optlen == 0);
294 	ASSERT(optlen != 0 || optval == NULL);
295 
296 	/* No options should be zero-length */
297 	if (optlen == 0)
298 		return (EINVAL);
299 
300 	return (SOP_SETSOCKOPT(so, level, option_name, optval, optlen, cr));
301 }
302 
303 int
304 socket_sendmsg(struct sonode *so, struct nmsghdr *msg, struct uio *uiop,
305     cred_t *cr)
306 {
307 	int error = 0;
308 	ssize_t orig_resid = uiop->uio_resid;
309 
310 	/*
311 	 * Do not bypass the cache if we are doing a local (AF_UNIX) write.
312 	 */
313 	if (so->so_family == AF_UNIX)
314 		uiop->uio_extflg |= UIO_COPY_CACHED;
315 	else
316 		uiop->uio_extflg &= ~UIO_COPY_CACHED;
317 
318 	error = SOP_SENDMSG(so, msg, uiop, cr);
319 	switch (error) {
320 	default:
321 		break;
322 	case EINTR:
323 	case ETIME:
324 	case EWOULDBLOCK:
325 		/* We did a partial send */
326 		if (uiop->uio_resid != orig_resid)
327 			error = 0;
328 		break;
329 	case EPIPE:
330 		if ((so->so_mode & SM_KERNEL) == 0)
331 			tsignal(curthread, SIGPIPE);
332 		break;
333 	}
334 
335 	return (error);
336 }
337 
338 int
339 socket_sendmblk(struct sonode *so, struct nmsghdr *msg, int fflag,
340     struct cred *cr, mblk_t **mpp)
341 {
342 	int error = 0;
343 
344 	error = SOP_SENDMBLK(so, msg, fflag, cr, mpp);
345 	if (error == EPIPE) {
346 		tsignal(curthread, SIGPIPE);
347 	}
348 	return (error);
349 }
350 
351 int
352 socket_recvmsg(struct sonode *so, struct nmsghdr *msg, struct uio *uiop,
353     cred_t *cr)
354 {
355 	int error;
356 	ssize_t orig_resid = uiop->uio_resid;
357 
358 	/*
359 	 * Do not bypass the cache when reading data, as the application
360 	 * is likely to access the data shortly.
361 	 */
362 	uiop->uio_extflg |= UIO_COPY_CACHED;
363 
364 	error = SOP_RECVMSG(so, msg, uiop, cr);
365 
366 	switch (error) {
367 	case EINTR:
368 	case ETIME:
369 	case EWOULDBLOCK:
370 		/* We did a partial read */
371 		if (uiop->uio_resid != orig_resid)
372 			error = 0;
373 		break;
374 	default:
375 		break;
376 	}
377 	return (error);
378 }
379 
380 int
381 socket_ioctl(struct sonode *so, int cmd, intptr_t arg, int mode,
382     struct cred *cr, int32_t *rvalp)
383 {
384 	return (SOP_IOCTL(so, cmd, arg, mode, cr, rvalp));
385 }
386 
387 int
388 socket_poll(struct sonode *so, short events, int anyyet, short *reventsp,
389     struct pollhead **phpp)
390 {
391 	return (SOP_POLL(so, events, anyyet, reventsp, phpp));
392 }
393 
394 int
395 socket_close(struct sonode *so, int flag, struct cred *cr)
396 {
397 	return (VOP_CLOSE(SOTOV(so), flag, 1, 0, cr, NULL));
398 }
399 
400 int
401 socket_close_internal(struct sonode *so, int flag, cred_t *cr)
402 {
403 	ASSERT(so->so_count == 0);
404 
405 	return (SOP_CLOSE(so, flag, cr));
406 }
407 
408 void
409 socket_destroy(struct sonode *so)
410 {
411 	vn_invalid(SOTOV(so));
412 	VN_RELE(SOTOV(so));
413 }
414 
415 /* ARGSUSED */
416 void
417 socket_destroy_internal(struct sonode *so, cred_t *cr)
418 {
419 	struct sockparams *sp = so->so_sockparams;
420 	ASSERT(so->so_count == 0 && sp != NULL);
421 
422 	sp->sp_smod_info->smod_sock_destroy_func(so);
423 
424 	SOCKPARAMS_DEC_REF(sp);
425 }
426 
427 /*
428  * TODO Once the common vnode ops is available, then the vnops argument
429  * should be removed.
430  */
431 /*ARGSUSED*/
432 int
433 sonode_constructor(void *buf, void *cdrarg, int kmflags)
434 {
435 	struct sonode *so = buf;
436 	struct vnode *vp;
437 
438 	vp = so->so_vnode = vn_alloc(kmflags);
439 	if (vp == NULL) {
440 		return (-1);
441 	}
442 	vp->v_data = so;
443 	vn_setops(vp, socket_vnodeops);
444 
445 	so->so_priv 		= NULL;
446 	so->so_oobmsg		= NULL;
447 
448 	so->so_proto_handle	= NULL;
449 
450 	so->so_peercred 	= NULL;
451 
452 	so->so_rcv_queued	= 0;
453 	so->so_rcv_q_head 	= NULL;
454 	so->so_rcv_q_last_head 	= NULL;
455 	so->so_rcv_head		= NULL;
456 	so->so_rcv_last_head	= NULL;
457 	so->so_rcv_wanted	= 0;
458 	so->so_rcv_timer_interval = SOCKET_NO_RCVTIMER;
459 	so->so_rcv_timer_tid	= 0;
460 	so->so_rcv_thresh	= 0;
461 
462 	so->so_acceptq_head	= NULL;
463 	so->so_acceptq_tail	= &so->so_acceptq_head;
464 	so->so_acceptq_next	= NULL;
465 	so->so_acceptq_len	= 0;
466 	so->so_backlog		= 0;
467 
468 	so->so_snd_qfull	= B_FALSE;
469 
470 	mutex_init(&so->so_lock, NULL, MUTEX_DEFAULT, NULL);
471 	mutex_init(&so->so_acceptq_lock, NULL, MUTEX_DEFAULT, NULL);
472 	rw_init(&so->so_fallback_rwlock, NULL, RW_DEFAULT, NULL);
473 	cv_init(&so->so_state_cv, NULL, CV_DEFAULT, NULL);
474 	cv_init(&so->so_want_cv, NULL, CV_DEFAULT, NULL);
475 
476 	cv_init(&so->so_acceptq_cv, NULL, CV_DEFAULT, NULL);
477 	cv_init(&so->so_snd_cv, NULL, CV_DEFAULT, NULL);
478 	cv_init(&so->so_rcv_cv, NULL, CV_DEFAULT, NULL);
479 	cv_init(&so->so_copy_cv, NULL, CV_DEFAULT, NULL);
480 	cv_init(&so->so_closing_cv, NULL, CV_DEFAULT, NULL);
481 
482 	return (0);
483 }
484 
485 /*ARGSUSED*/
486 void
487 sonode_destructor(void *buf, void *cdrarg)
488 {
489 	struct sonode *so = buf;
490 	struct vnode *vp = SOTOV(so);
491 
492 	ASSERT(so->so_priv == NULL);
493 	ASSERT(so->so_peercred == NULL);
494 
495 	ASSERT(so->so_oobmsg == NULL);
496 
497 	ASSERT(so->so_rcv_q_head == NULL);
498 
499 	ASSERT(so->so_acceptq_head == NULL);
500 	ASSERT(so->so_acceptq_tail == &so->so_acceptq_head);
501 	ASSERT(so->so_acceptq_next == NULL);
502 
503 	ASSERT(vp->v_data == so);
504 	ASSERT(vn_matchops(vp, socket_vnodeops));
505 
506 	vn_free(vp);
507 
508 	mutex_destroy(&so->so_lock);
509 	mutex_destroy(&so->so_acceptq_lock);
510 	rw_destroy(&so->so_fallback_rwlock);
511 
512 	cv_destroy(&so->so_state_cv);
513 	cv_destroy(&so->so_want_cv);
514 	cv_destroy(&so->so_acceptq_cv);
515 	cv_destroy(&so->so_snd_cv);
516 	cv_destroy(&so->so_rcv_cv);
517 	cv_destroy(&so->so_closing_cv);
518 }
519 
520 void
521 sonode_init(struct sonode *so, struct sockparams *sp, int family,
522     int type, int protocol, sonodeops_t *sops)
523 {
524 	vnode_t *vp;
525 
526 	vp = SOTOV(so);
527 
528 	so->so_flag	= 0;
529 
530 	so->so_state	= 0;
531 	so->so_mode	= 0;
532 
533 	so->so_count	= 0;
534 
535 	so->so_family	= family;
536 	so->so_type	= type;
537 	so->so_protocol	= protocol;
538 
539 	SOCK_CONNID_INIT(so->so_proto_connid);
540 
541 	so->so_options	= 0;
542 	so->so_linger.l_onoff   = 0;
543 	so->so_linger.l_linger = 0;
544 	so->so_sndbuf	= 0;
545 	so->so_error	= 0;
546 	so->so_rcvtimeo	= 0;
547 	so->so_sndtimeo = 0;
548 
549 	ASSERT(so->so_oobmsg == NULL);
550 	so->so_oobmark	= 0;
551 	so->so_pgrp	= 0;
552 
553 	ASSERT(so->so_peercred == NULL);
554 
555 	so->so_zoneid = getzoneid();
556 
557 	so->so_sockparams = sp;
558 
559 	so->so_ops = sops;
560 
561 	so->so_not_str = (sops != &sotpi_sonodeops);
562 
563 	so->so_proto_handle = NULL;
564 
565 	so->so_downcalls = NULL;
566 
567 	so->so_copyflag = 0;
568 
569 	ASSERT(so->so_acceptq_head == NULL);
570 	ASSERT(so->so_acceptq_tail == &so->so_acceptq_head);
571 	ASSERT(so->so_acceptq_next == NULL);
572 
573 	vn_reinit(vp);
574 	vp->v_vfsp	= rootvfs;
575 	vp->v_type	= VSOCK;
576 	vp->v_rdev	= sockdev;
577 
578 	so->so_rcv_queued = 0;
579 	so->so_rcv_q_head = NULL;
580 	so->so_rcv_q_last_head = NULL;
581 	so->so_rcv_head	= NULL;
582 	so->so_rcv_last_head = NULL;
583 
584 	so->so_snd_qfull = B_FALSE;
585 	so->so_minpsz = 0;
586 
587 	so->so_rcv_wakeup = B_FALSE;
588 	so->so_snd_wakeup = B_FALSE;
589 	so->so_flowctrld = B_FALSE;
590 
591 	so->so_pollev = 0;
592 	bzero(&so->so_poll_list, sizeof (so->so_poll_list));
593 	bzero(&so->so_proto_props, sizeof (struct sock_proto_props));
594 
595 	bzero(&(so->so_ksock_callbacks), sizeof (ksocket_callbacks_t));
596 	so->so_ksock_cb_arg = NULL;
597 
598 	so->so_max_addr_len = sizeof (struct sockaddr_storage);
599 
600 	so->so_direct = NULL;
601 
602 	vn_exists(vp);
603 }
604 
605 void
606 sonode_fini(struct sonode *so)
607 {
608 	mblk_t *mp;
609 	vnode_t *vp;
610 
611 	ASSERT(so->so_count == 0);
612 
613 	if (so->so_rcv_timer_tid) {
614 		ASSERT(MUTEX_NOT_HELD(&so->so_lock));
615 		(void) untimeout(so->so_rcv_timer_tid);
616 		so->so_rcv_timer_tid = 0;
617 	}
618 
619 	so_acceptq_flush(so);
620 
621 	if ((mp = so->so_oobmsg) != NULL) {
622 		freemsg(mp);
623 		so->so_oobmsg = NULL;
624 		so->so_state &= ~(SS_OOBPEND|SS_HAVEOOBDATA|SS_HADOOBDATA|
625 		    SS_RCVATMARK);
626 	}
627 
628 	if (so->so_poll_list.ph_list != NULL) {
629 		pollwakeup(&so->so_poll_list, POLLERR);
630 		pollhead_clean(&so->so_poll_list);
631 	}
632 
633 	if (so->so_direct != NULL) {
634 		sodirect_t *sodp = so->so_direct;
635 
636 		ASSERT(sodp->sod_uioafh == NULL);
637 
638 		so->so_direct = NULL;
639 		kmem_cache_free(sock_sod_cache, sodp);
640 	}
641 
642 	vp = SOTOV(so);
643 	vn_invalid(vp);
644 
645 	if (so->so_peercred != NULL) {
646 		crfree(so->so_peercred);
647 		so->so_peercred = NULL;
648 	}
649 }
650 
651 /*
652  * This function is called at the beginning of recvmsg().
653  *
654  * If I/OAT is enabled on this sonode, initialize the uioa state machine
655  * with state UIOA_ALLOC.
656  */
657 uio_t *
658 sod_rcv_init(struct sonode *so, int flags, struct uio **uiopp)
659 {
660 	struct uio *suiop;
661 	struct uio *uiop;
662 	sodirect_t *sodp = so->so_direct;
663 
664 	if (sodp == NULL)
665 		return (NULL);
666 
667 	suiop = NULL;
668 	uiop = *uiopp;
669 
670 	mutex_enter(sodp->sod_lockp);
671 	if (uiop->uio_resid >= uioasync.mincnt &&
672 	    sodp != NULL && (sodp->sod_state & SOD_ENABLED) &&
673 	    uioasync.enabled && !(flags & MSG_PEEK) &&
674 	    !(so->so_state & SS_CANTRCVMORE)) {
675 		/*
676 		 * Big enough I/O for uioa min setup and an sodirect socket
677 		 * and sodirect enabled and uioa enabled and I/O will be done
678 		 * and not EOF so initialize the sodirect_t uioa_t with "uiop".
679 		 */
680 		if (!uioainit(uiop, &sodp->sod_uioa)) {
681 			/*
682 			 * Successful uioainit() so the uio_t part of the
683 			 * uioa_t will be used for all uio_t work to follow,
684 			 * we return the original "uiop" in "suiop".
685 			 */
686 			suiop = uiop;
687 			*uiopp = (uio_t *)&sodp->sod_uioa;
688 			/*
689 			 * Before returning to the caller the passed in uio_t
690 			 * "uiop" will be updated via a call to uioafini()
691 			 * below.
692 			 *
693 			 * Note, the uioa.uioa_state isn't set to UIOA_ENABLED
694 			 * here as first we have to uioamove() any currently
695 			 * queued M_DATA mblk_t(s) so it will be done later.
696 			 */
697 		}
698 		/*
699 		 * In either uioainit() success or not case note the number
700 		 * of uio bytes the caller wants for sod framework and/or
701 		 * transport (e.g. TCP) strategy.
702 		 */
703 		sodp->sod_want = uiop->uio_resid;
704 	} else if (sodp != NULL && (sodp->sod_state & SOD_ENABLED)) {
705 		/*
706 		 * No uioa but still using sodirect so note the number of
707 		 * uio bytes the caller wants for sodirect framework and/or
708 		 * transport (e.g. TCP) strategy.
709 		 */
710 		sodp->sod_want = uiop->uio_resid;
711 	}
712 	mutex_exit(sodp->sod_lockp);
713 
714 	return (suiop);
715 }
716 
717 /*
718  * This function is called at the end of recvmsg(), it finializes all the I/OAT
719  * operations, and reset the uioa state to UIOA_ALLOC.
720  */
721 int
722 sod_rcv_done(struct sonode *so, struct uio *suiop, struct uio *uiop)
723 {
724 	int error = 0;
725 	sodirect_t *sodp = so->so_direct;
726 	mblk_t *mp;
727 
728 	if (sodp == NULL) {
729 		return (0);
730 	}
731 
732 	ASSERT(MUTEX_HELD(sodp->sod_lockp));
733 	/* Finish any sodirect and uioa processing */
734 	if (suiop != NULL) {
735 		/* Finish any uioa_t processing */
736 
737 		ASSERT(uiop == (uio_t *)&sodp->sod_uioa);
738 		error = uioafini(suiop, (uioa_t *)uiop);
739 		if ((mp = sodp->sod_uioafh) != NULL) {
740 			sodp->sod_uioafh = NULL;
741 			sodp->sod_uioaft = NULL;
742 			freemsg(mp);
743 		}
744 	}
745 	ASSERT(sodp->sod_uioafh == NULL);
746 	if (!(sodp->sod_state & SOD_WAKE_NOT)) {
747 		/* Awoke */
748 		sodp->sod_state &= SOD_WAKE_CLR;
749 		sodp->sod_state |= SOD_WAKE_NOT;
750 	}
751 	/* Last, clear sod_want value */
752 	sodp->sod_want = 0;
753 
754 	return (error);
755 }
756 
757 /*
758  * Schedule a uioamove() on a mblk. This is ususally called from
759  * protocols (e.g. TCP) on a I/OAT enabled sonode.
760  */
761 mblk_t *
762 sod_uioa_mblk_init(struct sodirect_s *sodp, mblk_t *mp, size_t msg_size)
763 {
764 	uioa_t *uioap = &sodp->sod_uioa;
765 	mblk_t *mp1 = mp;
766 	mblk_t *lmp = NULL;
767 
768 	ASSERT(DB_TYPE(mp) == M_DATA);
769 	ASSERT(msg_size == msgdsize(mp));
770 
771 	/* Caller must have lock held */
772 	ASSERT(MUTEX_HELD(sodp->sod_lockp));
773 
774 	if (uioap->uioa_state & UIOA_ENABLED) {
775 		/* Uioa is enabled */
776 
777 		if (msg_size > uioap->uio_resid) {
778 			/*
779 			 * There isn't enough uio space for the mblk_t chain
780 			 * so disable uioa such that this and any additional
781 			 * mblk_t data is handled by the socket and schedule
782 			 * the socket for wakeup to finish this uioa.
783 			 */
784 			uioap->uioa_state &= UIOA_CLR;
785 			uioap->uioa_state |= UIOA_FINI;
786 			if (sodp->sod_state & SOD_WAKE_NOT) {
787 				sodp->sod_state &= SOD_WAKE_CLR;
788 				sodp->sod_state |= SOD_WAKE_NEED;
789 			}
790 			return (mp);
791 		}
792 		do {
793 			uint32_t	len = MBLKL(mp1);
794 
795 			if (!uioamove(mp1->b_rptr, len, UIO_READ, uioap)) {
796 				/* Scheduled, mark dblk_t as such */
797 				DB_FLAGS(mp1) |= DBLK_UIOA;
798 			} else {
799 				/* Error, turn off async processing */
800 				uioap->uioa_state &= UIOA_CLR;
801 				uioap->uioa_state |= UIOA_FINI;
802 				break;
803 			}
804 			lmp = mp1;
805 		} while ((mp1 = mp1->b_cont) != NULL);
806 
807 		if (mp1 != NULL || uioap->uio_resid == 0) {
808 			/*
809 			 * Not all mblk_t(s) uioamoved (error) or all uio
810 			 * space has been consumed so schedule the socket
811 			 * for wakeup to finish this uio.
812 			 */
813 			sodp->sod_state &= SOD_WAKE_CLR;
814 			sodp->sod_state |= SOD_WAKE_NEED;
815 
816 			/* Break the mblk chain if neccessary. */
817 			if (mp1 != NULL && lmp != NULL) {
818 				mp->b_next = mp1;
819 				lmp->b_cont = NULL;
820 			}
821 		}
822 	}
823 	return (mp1);
824 }
825 
826 /*
827  * This function is called on a mblk that thas been successfully uioamoved().
828  */
829 void
830 sod_uioa_mblk_done(sodirect_t *sodp, mblk_t *bp)
831 {
832 	if (bp != NULL && (bp->b_datap->db_flags & DBLK_UIOA)) {
833 		/*
834 		 * A uioa flaged mblk_t chain, already uio processed,
835 		 * add it to the sodirect uioa pending free list.
836 		 *
837 		 * Note, a b_cont chain headed by a DBLK_UIOA enable
838 		 * mblk_t must have all mblk_t(s) DBLK_UIOA enabled.
839 		 */
840 		mblk_t	*bpt = sodp->sod_uioaft;
841 
842 		ASSERT(sodp != NULL);
843 
844 		/*
845 		 * Add first mblk_t of "bp" chain to current sodirect uioa
846 		 * free list tail mblk_t, if any, else empty list so new head.
847 		 */
848 		if (bpt == NULL)
849 			sodp->sod_uioafh = bp;
850 		else
851 			bpt->b_cont = bp;
852 
853 		/*
854 		 * Walk mblk_t "bp" chain to find tail and adjust rptr of
855 		 * each to reflect that uioamove() has consumed all data.
856 		 */
857 		bpt = bp;
858 		for (;;) {
859 			ASSERT(bpt->b_datap->db_flags & DBLK_UIOA);
860 
861 			bpt->b_rptr = bpt->b_wptr;
862 			if (bpt->b_cont == NULL)
863 				break;
864 			bpt = bpt->b_cont;
865 		}
866 		/* New sodirect uioa free list tail */
867 		sodp->sod_uioaft = bpt;
868 
869 		/* Only dequeue once with data returned per uioa_t */
870 		if (sodp->sod_uioa.uioa_state & UIOA_ENABLED) {
871 			sodp->sod_uioa.uioa_state &= UIOA_CLR;
872 			sodp->sod_uioa.uioa_state |= UIOA_FINI;
873 		}
874 	}
875 }
876 
877 /*
878  * When transit from UIOA_INIT state to UIOA_ENABLE state in recvmsg(), call
879  * this function on a non-STREAMS socket to schedule uioamove() on the data
880  * that has already queued in this socket.
881  */
882 void
883 sod_uioa_so_init(struct sonode *so, struct sodirect_s *sodp, struct uio *uiop)
884 {
885 	uioa_t	*uioap = (uioa_t *)uiop;
886 	mblk_t	*lbp;
887 	mblk_t	*wbp;
888 	mblk_t	*bp;
889 	int	len;
890 	int	error;
891 	boolean_t in_rcv_q = B_TRUE;
892 
893 	ASSERT(MUTEX_HELD(sodp->sod_lockp));
894 	ASSERT(&sodp->sod_uioa == uioap);
895 
896 	/*
897 	 * Walk first b_cont chain in sod_q
898 	 * and schedule any M_DATA mblk_t's for uio asynchronous move.
899 	 */
900 	bp = so->so_rcv_q_head;
901 
902 again:
903 	/* Walk the chain */
904 	lbp = NULL;
905 	wbp = bp;
906 
907 	do {
908 		if (bp == NULL)
909 			break;
910 
911 		if (wbp->b_datap->db_type != M_DATA) {
912 			/* Not M_DATA, no more uioa */
913 			goto nouioa;
914 		}
915 		if ((len = wbp->b_wptr - wbp->b_rptr) > 0) {
916 			/* Have a M_DATA mblk_t with data */
917 			if (len > uioap->uio_resid || (so->so_oobmark > 0 &&
918 			    len + uioap->uioa_mbytes >= so->so_oobmark)) {
919 				/* Not enough uio sapce, or beyond oobmark */
920 				goto nouioa;
921 			}
922 			ASSERT(!(wbp->b_datap->db_flags & DBLK_UIOA));
923 			error = uioamove(wbp->b_rptr, len,
924 			    UIO_READ, uioap);
925 			if (!error) {
926 				/* Scheduled, mark dblk_t as such */
927 				wbp->b_datap->db_flags |= DBLK_UIOA;
928 			} else {
929 				/* Break the mblk chain */
930 				goto nouioa;
931 			}
932 		}
933 		/* Save last wbp processed */
934 		lbp = wbp;
935 	} while ((wbp = wbp->b_cont) != NULL);
936 
937 	if (in_rcv_q && (bp == NULL || bp->b_next == NULL)) {
938 		/*
939 		 * We get here only once to process the sonode dump area
940 		 * if so_rcv_q_head is NULL or all the mblks have been
941 		 * successfully uioamoved()ed.
942 		 */
943 		in_rcv_q = B_FALSE;
944 
945 		/* move to dump area */
946 		bp = so->so_rcv_head;
947 		goto again;
948 	}
949 
950 	return;
951 
952 nouioa:
953 	/* No more uioa */
954 	uioap->uioa_state &= UIOA_CLR;
955 	uioap->uioa_state |= UIOA_FINI;
956 
957 	/*
958 	 * If we processed 1 or more mblk_t(s) then we need to split the
959 	 * current mblk_t chain in 2 so that all the uioamove()ed mblk_t(s)
960 	 * are in the current chain and the rest are in the following new
961 	 * chain.
962 	 */
963 	if (lbp != NULL) {
964 		/* New end of current chain */
965 		lbp->b_cont = NULL;
966 
967 		/* Insert new chain wbp after bp */
968 		if ((wbp->b_next = bp->b_next) == NULL) {
969 			/*
970 			 * No need to grab so_lock, since sod_lockp
971 			 * points to so_lock.
972 			 */
973 			if (in_rcv_q)
974 				so->so_rcv_q_last_head = wbp;
975 			else
976 				so->so_rcv_last_head = wbp;
977 		}
978 		bp->b_next = wbp;
979 		bp->b_next->b_prev = bp->b_prev;
980 		bp->b_prev = lbp;
981 	}
982 }
983 
984 /*
985  * Initialize sodirect data structures on a socket.
986  */
987 void
988 sod_sock_init(struct sonode *so, struct stdata *stp, sod_enq_func enq_func,
989     sod_wakeup_func wake_func, kmutex_t *lockp)
990 {
991 	sodirect_t	*sodp;
992 
993 	ASSERT(so->so_direct == NULL);
994 
995 	so->so_state |= SS_SODIRECT;
996 
997 	sodp = kmem_cache_alloc(sock_sod_cache, KM_SLEEP);
998 	sodp->sod_state = SOD_ENABLED | SOD_WAKE_NOT;
999 	sodp->sod_want = 0;
1000 	sodp->sod_q = (stp != NULL) ? RD(stp->sd_wrq) : NULL;
1001 	sodp->sod_enqueue = enq_func;
1002 	sodp->sod_wakeup = wake_func;
1003 	sodp->sod_uioafh = NULL;
1004 	sodp->sod_uioaft = NULL;
1005 	sodp->sod_lockp = lockp;
1006 	/*
1007 	 * Remainder of the sod_uioa members are left uninitialized
1008 	 * but will be initialized later by uioainit() before uioa
1009 	 * is enabled.
1010 	 */
1011 	sodp->sod_uioa.uioa_state = UIOA_ALLOC;
1012 	so->so_direct = sodp;
1013 	if (stp != NULL)
1014 		stp->sd_sodirect = sodp;
1015 }
1016 
1017 /*
1018  * Init the sodirect kmem cache while sockfs is loading.
1019  */
1020 void
1021 sod_init()
1022 {
1023 	/* Allocate sodirect_t kmem_cache */
1024 	sock_sod_cache = kmem_cache_create("sock_sod_cache",
1025 	    sizeof (sodirect_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
1026 }
1027 
1028 ssize_t
1029 sod_uioa_mblk(struct sonode *so, mblk_t *mp)
1030 {
1031 	sodirect_t *sodp = so->so_direct;
1032 
1033 	ASSERT(sodp != NULL);
1034 	ASSERT(MUTEX_HELD(sodp->sod_lockp));
1035 
1036 	ASSERT(sodp->sod_state & SOD_ENABLED);
1037 	ASSERT(sodp->sod_uioa.uioa_state != (UIOA_ALLOC|UIOA_INIT));
1038 
1039 	ASSERT(sodp->sod_uioa.uioa_state & (UIOA_ENABLED|UIOA_FINI));
1040 
1041 	if (mp == NULL && so->so_rcv_q_head != NULL) {
1042 		mp = so->so_rcv_q_head;
1043 		ASSERT(mp->b_prev != NULL);
1044 		mp->b_prev = NULL;
1045 		so->so_rcv_q_head = mp->b_next;
1046 		if (so->so_rcv_q_head == NULL) {
1047 			so->so_rcv_q_last_head = NULL;
1048 		}
1049 		mp->b_next = NULL;
1050 	}
1051 
1052 	sod_uioa_mblk_done(sodp, mp);
1053 
1054 	if (so->so_rcv_q_head == NULL && so->so_rcv_head != NULL &&
1055 	    DB_TYPE(so->so_rcv_head) == M_DATA &&
1056 	    (DB_FLAGS(so->so_rcv_head) & DBLK_UIOA)) {
1057 		/* more arrived */
1058 		ASSERT(so->so_rcv_q_head == NULL);
1059 		mp = so->so_rcv_head;
1060 		so->so_rcv_head = mp->b_next;
1061 		if (so->so_rcv_head == NULL)
1062 			so->so_rcv_last_head = NULL;
1063 		mp->b_prev = mp->b_next = NULL;
1064 		sod_uioa_mblk_done(sodp, mp);
1065 	}
1066 
1067 #ifdef DEBUG
1068 	if (so->so_rcv_q_head != NULL) {
1069 		mblk_t *m = so->so_rcv_q_head;
1070 		while (m != NULL) {
1071 			if (DB_FLAGS(m) & DBLK_UIOA) {
1072 				cmn_err(CE_PANIC, "Unexpected I/OAT mblk %p"
1073 				    " in so_rcv_q_head.\n", (void *)m);
1074 			}
1075 			m = m->b_next;
1076 		}
1077 	}
1078 	if (so->so_rcv_head != NULL) {
1079 		mblk_t *m = so->so_rcv_head;
1080 		while (m != NULL) {
1081 			if (DB_FLAGS(m) & DBLK_UIOA) {
1082 				cmn_err(CE_PANIC, "Unexpected I/OAT mblk %p"
1083 				    " in so_rcv_head.\n", (void *)m);
1084 			}
1085 			m = m->b_next;
1086 		}
1087 	}
1088 #endif
1089 	return (sodp->sod_uioa.uioa_mbytes);
1090 }
1091