1 /*-
2 * Copyright (c) 1982, 1986, 1989, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
4 *
5 * sendfile(2) and related extensions:
6 * Copyright (c) 1998, David Greenman. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 *
32 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94
33 */
34
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD: releng/9.2/sys/kern/uipc_syscalls.c 255456 2013-09-10 19:00:32Z gjb $");
37
38 #include "opt_capsicum.h"
39 #include "opt_inet.h"
40 #include "opt_inet6.h"
41 #include "opt_sctp.h"
42 #include "opt_compat.h"
43 #include "opt_ktrace.h"
44
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/capability.h>
48 #include <sys/kernel.h>
49 #include <sys/lock.h>
50 #include <sys/mutex.h>
51 #include <sys/sysproto.h>
52 #include <sys/malloc.h>
53 #include <sys/filedesc.h>
54 #include <sys/event.h>
55 #include <sys/proc.h>
56 #include <sys/fcntl.h>
57 #include <sys/file.h>
58 #include <sys/filio.h>
59 #include <sys/jail.h>
60 #include <sys/mount.h>
61 #include <sys/mbuf.h>
62 #include <sys/protosw.h>
63 #include <sys/sf_buf.h>
64 #include <sys/sysent.h>
65 #include <sys/socket.h>
66 #include <sys/socketvar.h>
67 #include <sys/signalvar.h>
68 #include <sys/syscallsubr.h>
69 #include <sys/sysctl.h>
70 #include <sys/uio.h>
71 #include <sys/vnode.h>
72 #ifdef KTRACE
73 #include <sys/ktrace.h>
74 #endif
75 #ifdef COMPAT_FREEBSD32
76 #include <compat/freebsd32/freebsd32_util.h>
77 #endif
78
79 #include <net/vnet.h>
80
81 #include <security/audit/audit.h>
82 #include <security/mac/mac_framework.h>
83
84 #include <vm/vm.h>
85 #include <vm/vm_param.h>
86 #include <vm/vm_object.h>
87 #include <vm/vm_page.h>
88 #include <vm/vm_pageout.h>
89 #include <vm/vm_kern.h>
90 #include <vm/vm_extern.h>
91
92 #if defined(INET) || defined(INET6)
93 #ifdef SCTP
94 #include <netinet/sctp.h>
95 #include <netinet/sctp_peeloff.h>
96 #endif /* SCTP */
97 #endif /* INET || INET6 */
98
99 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags);
100 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp);
101
102 static int accept1(struct thread *td, struct accept_args *uap, int compat);
103 static int do_sendfile(struct thread *td, struct sendfile_args *uap, int compat);
104 static int getsockname1(struct thread *td, struct getsockname_args *uap,
105 int compat);
106 static int getpeername1(struct thread *td, struct getpeername_args *uap,
107 int compat);
108
109 /*
110 * NSFBUFS-related variables and associated sysctls
111 */
112 int nsfbufs;
113 int nsfbufspeak;
114 int nsfbufsused;
115
116 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0,
117 "Maximum number of sendfile(2) sf_bufs available");
118 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0,
119 "Number of sendfile(2) sf_bufs at peak usage");
120 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0,
121 "Number of sendfile(2) sf_bufs in use");
122
123 /*
124 * Convert a user file descriptor to a kernel file entry and check that, if
125 * it is a capability, the right rights are present. A reference on the file
126 * entry is held upon returning.
127 */
128 static int
129 getsock_cap(struct filedesc *fdp, int fd, cap_rights_t rights,
130 struct file **fpp, u_int *fflagp)
131 {
132 struct file *fp;
133 #ifdef CAPABILITIES
134 struct file *fp_fromcap;
135 int error;
136 #endif
137
138 fp = NULL;
139 if ((fdp == NULL) || ((fp = fget_unlocked(fdp, fd)) == NULL))
140 return (EBADF);
141 #ifdef CAPABILITIES
142 /*
143 * If the file descriptor is for a capability, test rights and use
144 * the file descriptor referenced by the capability.
145 */
146 error = cap_funwrap(fp, rights, &fp_fromcap);
147 if (error) {
148 fdrop(fp, curthread);
149 return (error);
150 }
151 if (fp != fp_fromcap) {
152 fhold(fp_fromcap);
153 fdrop(fp, curthread);
154 fp = fp_fromcap;
155 }
156 #endif /* CAPABILITIES */
157 if (fp->f_type != DTYPE_SOCKET) {
158 fdrop(fp, curthread);
159 return (ENOTSOCK);
160 }
161 if (fflagp != NULL)
162 *fflagp = fp->f_flag;
163 *fpp = fp;
164 return (0);
165 }
166
167 /*
168 * System call interface to the socket abstraction.
169 */
170 #if defined(COMPAT_43)
171 #define COMPAT_OLDSOCK
172 #endif
173
174 int
175 sys_socket(td, uap)
176 struct thread *td;
177 struct socket_args /* {
178 int domain;
179 int type;
180 int protocol;
181 } */ *uap;
182 {
183 struct filedesc *fdp;
184 struct socket *so;
185 struct file *fp;
186 int fd, error;
187
188 AUDIT_ARG_SOCKET(uap->domain, uap->type, uap->protocol);
189 #ifdef MAC
190 error = mac_socket_check_create(td->td_ucred, uap->domain, uap->type,
191 uap->protocol);
192 if (error)
193 return (error);
194 #endif
195 fdp = td->td_proc->p_fd;
196 error = falloc(td, &fp, &fd, 0);
197 if (error)
198 return (error);
199 /* An extra reference on `fp' has been held for us by falloc(). */
200 error = socreate(uap->domain, &so, uap->type, uap->protocol,
201 td->td_ucred, td);
202 if (error) {
203 fdclose(fdp, fp, fd, td);
204 } else {
205 finit(fp, FREAD | FWRITE, DTYPE_SOCKET, so, &socketops);
206 td->td_retval[0] = fd;
207 }
208 fdrop(fp, td);
209 return (error);
210 }
211
212 /* ARGSUSED */
213 int
214 sys_bind(td, uap)
215 struct thread *td;
216 struct bind_args /* {
217 int s;
218 caddr_t name;
219 int namelen;
220 } */ *uap;
221 {
222 struct sockaddr *sa;
223 int error;
224
225 if ((error = getsockaddr(&sa, uap->name, uap->namelen)) != 0)
226 return (error);
227
228 error = kern_bind(td, uap->s, sa);
229 free(sa, M_SONAME);
230 return (error);
231 }
232
233 int
234 kern_bind(td, fd, sa)
235 struct thread *td;
236 int fd;
237 struct sockaddr *sa;
238 {
239 struct socket *so;
240 struct file *fp;
241 int error;
242
243 AUDIT_ARG_FD(fd);
244 error = getsock_cap(td->td_proc->p_fd, fd, CAP_BIND, &fp, NULL);
245 if (error)
246 return (error);
247 so = fp->f_data;
248 #ifdef KTRACE
249 if (KTRPOINT(td, KTR_STRUCT))
250 ktrsockaddr(sa);
251 #endif
252 #ifdef MAC
253 error = mac_socket_check_bind(td->td_ucred, so, sa);
254 if (error == 0)
255 #endif
256 error = sobind(so, sa, td);
257 fdrop(fp, td);
258 return (error);
259 }
260
261 /* ARGSUSED */
262 int
263 sys_listen(td, uap)
264 struct thread *td;
265 struct listen_args /* {
266 int s;
267 int backlog;
268 } */ *uap;
269 {
270 struct socket *so;
271 struct file *fp;
272 int error;
273
274 AUDIT_ARG_FD(uap->s);
275 error = getsock_cap(td->td_proc->p_fd, uap->s, CAP_LISTEN, &fp, NULL);
276 if (error == 0) {
277 so = fp->f_data;
278 #ifdef MAC
279 error = mac_socket_check_listen(td->td_ucred, so);
280 if (error == 0)
281 #endif
282 error = solisten(so, uap->backlog, td);
283 fdrop(fp, td);
284 }
285 return(error);
286 }
287
288 /*
289 * accept1()
290 */
291 static int
292 accept1(td, uap, compat)
293 struct thread *td;
294 struct accept_args /* {
295 int s;
296 struct sockaddr * __restrict name;
297 socklen_t * __restrict anamelen;
298 } */ *uap;
299 int compat;
300 {
301 struct sockaddr *name;
302 socklen_t namelen;
303 struct file *fp;
304 int error;
305
306 if (uap->name == NULL)
307 return (kern_accept(td, uap->s, NULL, NULL, NULL));
308
309 error = copyin(uap->anamelen, &namelen, sizeof (namelen));
310 if (error)
311 return (error);
312
313 error = kern_accept(td, uap->s, &name, &namelen, &fp);
314
315 /*
316 * return a namelen of zero for older code which might
317 * ignore the return value from accept.
318 */
319 if (error) {
320 (void) copyout(&namelen,
321 uap->anamelen, sizeof(*uap->anamelen));
322 return (error);
323 }
324
325 if (error == 0 && name != NULL) {
326 #ifdef COMPAT_OLDSOCK
327 if (compat)
328 ((struct osockaddr *)name)->sa_family =
329 name->sa_family;
330 #endif
331 error = copyout(name, uap->name, namelen);
332 }
333 if (error == 0)
334 error = copyout(&namelen, uap->anamelen,
335 sizeof(namelen));
336 if (error)
337 fdclose(td->td_proc->p_fd, fp, td->td_retval[0], td);
338 fdrop(fp, td);
339 free(name, M_SONAME);
340 return (error);
341 }
342
343 int
344 kern_accept(struct thread *td, int s, struct sockaddr **name,
345 socklen_t *namelen, struct file **fp)
346 {
347 struct filedesc *fdp;
348 struct file *headfp, *nfp = NULL;
349 struct sockaddr *sa = NULL;
350 int error;
351 struct socket *head, *so;
352 int fd;
353 u_int fflag;
354 pid_t pgid;
355 int tmp;
356
357 if (name) {
358 *name = NULL;
359 if (*namelen < 0)
360 return (EINVAL);
361 }
362
363 AUDIT_ARG_FD(s);
364 fdp = td->td_proc->p_fd;
365 error = getsock_cap(fdp, s, CAP_ACCEPT, &headfp, &fflag);
366 if (error)
367 return (error);
368 head = headfp->f_data;
369 if ((head->so_options & SO_ACCEPTCONN) == 0) {
370 error = EINVAL;
371 goto done;
372 }
373 #ifdef MAC
374 error = mac_socket_check_accept(td->td_ucred, head);
375 if (error != 0)
376 goto done;
377 #endif
378 error = falloc(td, &nfp, &fd, 0);
379 if (error)
380 goto done;
381 ACCEPT_LOCK();
382 if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) {
383 ACCEPT_UNLOCK();
384 error = EWOULDBLOCK;
385 goto noconnection;
386 }
387 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) {
388 if (head->so_rcv.sb_state & SBS_CANTRCVMORE) {
389 head->so_error = ECONNABORTED;
390 break;
391 }
392 error = msleep(&head->so_timeo, &accept_mtx, PSOCK | PCATCH,
393 "accept", 0);
394 if (error) {
395 ACCEPT_UNLOCK();
396 goto noconnection;
397 }
398 }
399 if (head->so_error) {
400 error = head->so_error;
401 head->so_error = 0;
402 ACCEPT_UNLOCK();
403 goto noconnection;
404 }
405 so = TAILQ_FIRST(&head->so_comp);
406 KASSERT(!(so->so_qstate & SQ_INCOMP), ("accept1: so SQ_INCOMP"));
407 KASSERT(so->so_qstate & SQ_COMP, ("accept1: so not SQ_COMP"));
408
409 /*
410 * Before changing the flags on the socket, we have to bump the
411 * reference count. Otherwise, if the protocol calls sofree(),
412 * the socket will be released due to a zero refcount.
413 */
414 SOCK_LOCK(so); /* soref() and so_state update */
415 soref(so); /* file descriptor reference */
416
417 TAILQ_REMOVE(&head->so_comp, so, so_list);
418 head->so_qlen--;
419 so->so_state |= (head->so_state & SS_NBIO);
420 so->so_qstate &= ~SQ_COMP;
421 so->so_head = NULL;
422
423 SOCK_UNLOCK(so);
424 ACCEPT_UNLOCK();
425
426 /* An extra reference on `nfp' has been held for us by falloc(). */
427 td->td_retval[0] = fd;
428
429 /* connection has been removed from the listen queue */
430 KNOTE_UNLOCKED(&head->so_rcv.sb_sel.si_note, 0);
431
432 pgid = fgetown(&head->so_sigio);
433 if (pgid != 0)
434 fsetown(pgid, &so->so_sigio);
435
436 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops);
437 /* Sync socket nonblocking/async state with file flags */
438 tmp = fflag & FNONBLOCK;
439 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td);
440 tmp = fflag & FASYNC;
441 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td);
442 sa = 0;
443 error = soaccept(so, &sa);
444 if (error) {
445 /*
446 * return a namelen of zero for older code which might
447 * ignore the return value from accept.
448 */
449 if (name)
450 *namelen = 0;
451 goto noconnection;
452 }
453 if (sa == NULL) {
454 if (name)
455 *namelen = 0;
456 goto done;
457 }
458 if (name) {
459 /* check sa_len before it is destroyed */
460 if (*namelen > sa->sa_len)
461 *namelen = sa->sa_len;
462 #ifdef KTRACE
463 if (KTRPOINT(td, KTR_STRUCT))
464 ktrsockaddr(sa);
465 #endif
466 *name = sa;
467 sa = NULL;
468 }
469 noconnection:
470 if (sa)
471 free(sa, M_SONAME);
472
473 /*
474 * close the new descriptor, assuming someone hasn't ripped it
475 * out from under us.
476 */
477 if (error)
478 fdclose(fdp, nfp, fd, td);
479
480 /*
481 * Release explicitly held references before returning. We return
482 * a reference on nfp to the caller on success if they request it.
483 */
484 done:
485 if (fp != NULL) {
486 if (error == 0) {
487 *fp = nfp;
488 nfp = NULL;
489 } else
490 *fp = NULL;
491 }
492 if (nfp != NULL)
493 fdrop(nfp, td);
494 fdrop(headfp, td);
495 return (error);
496 }
497
498 int
499 sys_accept(td, uap)
500 struct thread *td;
501 struct accept_args *uap;
502 {
503
504 return (accept1(td, uap, 0));
505 }
506
507 #ifdef COMPAT_OLDSOCK
508 int
509 oaccept(td, uap)
510 struct thread *td;
511 struct accept_args *uap;
512 {
513
514 return (accept1(td, uap, 1));
515 }
516 #endif /* COMPAT_OLDSOCK */
517
518 /* ARGSUSED */
519 int
520 sys_connect(td, uap)
521 struct thread *td;
522 struct connect_args /* {
523 int s;
524 caddr_t name;
525 int namelen;
526 } */ *uap;
527 {
528 struct sockaddr *sa;
529 int error;
530
531 error = getsockaddr(&sa, uap->name, uap->namelen);
532 if (error)
533 return (error);
534
535 error = kern_connect(td, uap->s, sa);
536 free(sa, M_SONAME);
537 return (error);
538 }
539
540
541 int
542 kern_connect(td, fd, sa)
543 struct thread *td;
544 int fd;
545 struct sockaddr *sa;
546 {
547 struct socket *so;
548 struct file *fp;
549 int error;
550 int interrupted = 0;
551
552 AUDIT_ARG_FD(fd);
553 error = getsock_cap(td->td_proc->p_fd, fd, CAP_CONNECT, &fp, NULL);
554 if (error)
555 return (error);
556 so = fp->f_data;
557 if (so->so_state & SS_ISCONNECTING) {
558 error = EALREADY;
559 goto done1;
560 }
561 #ifdef KTRACE
562 if (KTRPOINT(td, KTR_STRUCT))
563 ktrsockaddr(sa);
564 #endif
565 #ifdef MAC
566 error = mac_socket_check_connect(td->td_ucred, so, sa);
567 if (error)
568 goto bad;
569 #endif
570 error = soconnect(so, sa, td);
571 if (error)
572 goto bad;
573 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
574 error = EINPROGRESS;
575 goto done1;
576 }
577 SOCK_LOCK(so);
578 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
579 error = msleep(&so->so_timeo, SOCK_MTX(so), PSOCK | PCATCH,
580 "connec", 0);
581 if (error) {
582 if (error == EINTR || error == ERESTART)
583 interrupted = 1;
584 break;
585 }
586 }
587 if (error == 0) {
588 error = so->so_error;
589 so->so_error = 0;
590 }
591 SOCK_UNLOCK(so);
592 bad:
593 if (!interrupted)
594 so->so_state &= ~SS_ISCONNECTING;
595 if (error == ERESTART)
596 error = EINTR;
597 done1:
598 fdrop(fp, td);
599 return (error);
600 }
601
602 int
603 kern_socketpair(struct thread *td, int domain, int type, int protocol,
604 int *rsv)
605 {
606 struct filedesc *fdp = td->td_proc->p_fd;
607 struct file *fp1, *fp2;
608 struct socket *so1, *so2;
609 int fd, error;
610
611 AUDIT_ARG_SOCKET(domain, type, protocol);
612 #ifdef MAC
613 /* We might want to have a separate check for socket pairs. */
614 error = mac_socket_check_create(td->td_ucred, domain, type,
615 protocol);
616 if (error)
617 return (error);
618 #endif
619 error = socreate(domain, &so1, type, protocol, td->td_ucred, td);
620 if (error)
621 return (error);
622 error = socreate(domain, &so2, type, protocol, td->td_ucred, td);
623 if (error)
624 goto free1;
625 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */
626 error = falloc(td, &fp1, &fd, 0);
627 if (error)
628 goto free2;
629 rsv[0] = fd;
630 fp1->f_data = so1; /* so1 already has ref count */
631 error = falloc(td, &fp2, &fd, 0);
632 if (error)
633 goto free3;
634 fp2->f_data = so2; /* so2 already has ref count */
635 rsv[1] = fd;
636 error = soconnect2(so1, so2);
637 if (error)
638 goto free4;
639 if (type == SOCK_DGRAM) {
640 /*
641 * Datagram socket connection is asymmetric.
642 */
643 error = soconnect2(so2, so1);
644 if (error)
645 goto free4;
646 }
647 finit(fp1, FREAD | FWRITE, DTYPE_SOCKET, fp1->f_data, &socketops);
648 finit(fp2, FREAD | FWRITE, DTYPE_SOCKET, fp2->f_data, &socketops);
649 fdrop(fp1, td);
650 fdrop(fp2, td);
651 return (0);
652 free4:
653 fdclose(fdp, fp2, rsv[1], td);
654 fdrop(fp2, td);
655 free3:
656 fdclose(fdp, fp1, rsv[0], td);
657 fdrop(fp1, td);
658 free2:
659 if (so2 != NULL)
660 (void)soclose(so2);
661 free1:
662 if (so1 != NULL)
663 (void)soclose(so1);
664 return (error);
665 }
666
667 int
668 sys_socketpair(struct thread *td, struct socketpair_args *uap)
669 {
670 int error, sv[2];
671
672 error = kern_socketpair(td, uap->domain, uap->type,
673 uap->protocol, sv);
674 if (error)
675 return (error);
676 error = copyout(sv, uap->rsv, 2 * sizeof(int));
677 if (error) {
678 (void)kern_close(td, sv[0]);
679 (void)kern_close(td, sv[1]);
680 }
681 return (error);
682 }
683
684 static int
685 sendit(td, s, mp, flags)
686 struct thread *td;
687 int s;
688 struct msghdr *mp;
689 int flags;
690 {
691 struct mbuf *control;
692 struct sockaddr *to;
693 int error;
694
695 #ifdef CAPABILITY_MODE
696 if (IN_CAPABILITY_MODE(td) && (mp->msg_name != NULL))
697 return (ECAPMODE);
698 #endif
699
700 if (mp->msg_name != NULL) {
701 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen);
702 if (error) {
703 to = NULL;
704 goto bad;
705 }
706 mp->msg_name = to;
707 } else {
708 to = NULL;
709 }
710
711 if (mp->msg_control) {
712 if (mp->msg_controllen < sizeof(struct cmsghdr)
713 #ifdef COMPAT_OLDSOCK
714 && mp->msg_flags != MSG_COMPAT
715 #endif
716 ) {
717 error = EINVAL;
718 goto bad;
719 }
720 error = sockargs(&control, mp->msg_control,
721 mp->msg_controllen, MT_CONTROL);
722 if (error)
723 goto bad;
724 #ifdef COMPAT_OLDSOCK
725 if (mp->msg_flags == MSG_COMPAT) {
726 struct cmsghdr *cm;
727
728 M_PREPEND(control, sizeof(*cm), M_WAIT);
729 cm = mtod(control, struct cmsghdr *);
730 cm->cmsg_len = control->m_len;
731 cm->cmsg_level = SOL_SOCKET;
732 cm->cmsg_type = SCM_RIGHTS;
733 }
734 #endif
735 } else {
736 control = NULL;
737 }
738
739 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE);
740
741 bad:
742 if (to)
743 free(to, M_SONAME);
744 return (error);
745 }
746
747 int
748 kern_sendit(td, s, mp, flags, control, segflg)
749 struct thread *td;
750 int s;
751 struct msghdr *mp;
752 int flags;
753 struct mbuf *control;
754 enum uio_seg segflg;
755 {
756 struct file *fp;
757 struct uio auio;
758 struct iovec *iov;
759 struct socket *so;
760 int i, error;
761 ssize_t len;
762 cap_rights_t rights;
763 #ifdef KTRACE
764 struct uio *ktruio = NULL;
765 #endif
766
767 AUDIT_ARG_FD(s);
768 rights = CAP_WRITE;
769 if (mp->msg_name != NULL)
770 rights |= CAP_CONNECT;
771 error = getsock_cap(td->td_proc->p_fd, s, rights, &fp, NULL);
772 if (error)
773 return (error);
774 so = (struct socket *)fp->f_data;
775
776 #ifdef KTRACE
777 if (mp->msg_name != NULL && KTRPOINT(td, KTR_STRUCT))
778 ktrsockaddr(mp->msg_name);
779 #endif
780 #ifdef MAC
781 if (mp->msg_name != NULL) {
782 error = mac_socket_check_connect(td->td_ucred, so,
783 mp->msg_name);
784 if (error)
785 goto bad;
786 }
787 error = mac_socket_check_send(td->td_ucred, so);
788 if (error)
789 goto bad;
790 #endif
791
792 auio.uio_iov = mp->msg_iov;
793 auio.uio_iovcnt = mp->msg_iovlen;
794 auio.uio_segflg = segflg;
795 auio.uio_rw = UIO_WRITE;
796 auio.uio_td = td;
797 auio.uio_offset = 0; /* XXX */
798 auio.uio_resid = 0;
799 iov = mp->msg_iov;
800 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
801 if ((auio.uio_resid += iov->iov_len) < 0) {
802 error = EINVAL;
803 goto bad;
804 }
805 }
806 #ifdef KTRACE
807 if (KTRPOINT(td, KTR_GENIO))
808 ktruio = cloneuio(&auio);
809 #endif
810 len = auio.uio_resid;
811 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td);
812 if (error) {
813 if (auio.uio_resid != len && (error == ERESTART ||
814 error == EINTR || error == EWOULDBLOCK))
815 error = 0;
816 /* Generation of SIGPIPE can be controlled per socket */
817 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
818 !(flags & MSG_NOSIGNAL)) {
819 PROC_LOCK(td->td_proc);
820 tdsignal(td, SIGPIPE);
821 PROC_UNLOCK(td->td_proc);
822 }
823 }
824 if (error == 0)
825 td->td_retval[0] = len - auio.uio_resid;
826 #ifdef KTRACE
827 if (ktruio != NULL) {
828 ktruio->uio_resid = td->td_retval[0];
829 ktrgenio(s, UIO_WRITE, ktruio, error);
830 }
831 #endif
832 bad:
833 fdrop(fp, td);
834 return (error);
835 }
836
837 int
838 sys_sendto(td, uap)
839 struct thread *td;
840 struct sendto_args /* {
841 int s;
842 caddr_t buf;
843 size_t len;
844 int flags;
845 caddr_t to;
846 int tolen;
847 } */ *uap;
848 {
849 struct msghdr msg;
850 struct iovec aiov;
851 int error;
852
853 msg.msg_name = uap->to;
854 msg.msg_namelen = uap->tolen;
855 msg.msg_iov = &aiov;
856 msg.msg_iovlen = 1;
857 msg.msg_control = 0;
858 #ifdef COMPAT_OLDSOCK
859 msg.msg_flags = 0;
860 #endif
861 aiov.iov_base = uap->buf;
862 aiov.iov_len = uap->len;
863 error = sendit(td, uap->s, &msg, uap->flags);
864 return (error);
865 }
866
867 #ifdef COMPAT_OLDSOCK
868 int
869 osend(td, uap)
870 struct thread *td;
871 struct osend_args /* {
872 int s;
873 caddr_t buf;
874 int len;
875 int flags;
876 } */ *uap;
877 {
878 struct msghdr msg;
879 struct iovec aiov;
880 int error;
881
882 msg.msg_name = 0;
883 msg.msg_namelen = 0;
884 msg.msg_iov = &aiov;
885 msg.msg_iovlen = 1;
886 aiov.iov_base = uap->buf;
887 aiov.iov_len = uap->len;
888 msg.msg_control = 0;
889 msg.msg_flags = 0;
890 error = sendit(td, uap->s, &msg, uap->flags);
891 return (error);
892 }
893
894 int
895 osendmsg(td, uap)
896 struct thread *td;
897 struct osendmsg_args /* {
898 int s;
899 caddr_t msg;
900 int flags;
901 } */ *uap;
902 {
903 struct msghdr msg;
904 struct iovec *iov;
905 int error;
906
907 error = copyin(uap->msg, &msg, sizeof (struct omsghdr));
908 if (error)
909 return (error);
910 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
911 if (error)
912 return (error);
913 msg.msg_iov = iov;
914 msg.msg_flags = MSG_COMPAT;
915 error = sendit(td, uap->s, &msg, uap->flags);
916 free(iov, M_IOV);
917 return (error);
918 }
919 #endif
920
921 int
922 sys_sendmsg(td, uap)
923 struct thread *td;
924 struct sendmsg_args /* {
925 int s;
926 caddr_t msg;
927 int flags;
928 } */ *uap;
929 {
930 struct msghdr msg;
931 struct iovec *iov;
932 int error;
933
934 error = copyin(uap->msg, &msg, sizeof (msg));
935 if (error)
936 return (error);
937 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
938 if (error)
939 return (error);
940 msg.msg_iov = iov;
941 #ifdef COMPAT_OLDSOCK
942 msg.msg_flags = 0;
943 #endif
944 error = sendit(td, uap->s, &msg, uap->flags);
945 free(iov, M_IOV);
946 return (error);
947 }
948
949 int
950 kern_recvit(td, s, mp, fromseg, controlp)
951 struct thread *td;
952 int s;
953 struct msghdr *mp;
954 enum uio_seg fromseg;
955 struct mbuf **controlp;
956 {
957 struct uio auio;
958 struct iovec *iov;
959 int i;
960 ssize_t len;
961 int error;
962 struct mbuf *m, *control = 0;
963 caddr_t ctlbuf;
964 struct file *fp;
965 struct socket *so;
966 struct sockaddr *fromsa = 0;
967 #ifdef KTRACE
968 struct uio *ktruio = NULL;
969 #endif
970
971 if (controlp != NULL)
972 *controlp = NULL;
973
974 AUDIT_ARG_FD(s);
975 error = getsock_cap(td->td_proc->p_fd, s, CAP_READ, &fp, NULL);
976 if (error)
977 return (error);
978 so = fp->f_data;
979
980 #ifdef MAC
981 error = mac_socket_check_receive(td->td_ucred, so);
982 if (error) {
983 fdrop(fp, td);
984 return (error);
985 }
986 #endif
987
988 auio.uio_iov = mp->msg_iov;
989 auio.uio_iovcnt = mp->msg_iovlen;
990 auio.uio_segflg = UIO_USERSPACE;
991 auio.uio_rw = UIO_READ;
992 auio.uio_td = td;
993 auio.uio_offset = 0; /* XXX */
994 auio.uio_resid = 0;
995 iov = mp->msg_iov;
996 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
997 if ((auio.uio_resid += iov->iov_len) < 0) {
998 fdrop(fp, td);
999 return (EINVAL);
1000 }
1001 }
1002 #ifdef KTRACE
1003 if (KTRPOINT(td, KTR_GENIO))
1004 ktruio = cloneuio(&auio);
1005 #endif
1006 len = auio.uio_resid;
1007 error = soreceive(so, &fromsa, &auio, (struct mbuf **)0,
1008 (mp->msg_control || controlp) ? &control : (struct mbuf **)0,
1009 &mp->msg_flags);
1010 if (error) {
1011 if (auio.uio_resid != len && (error == ERESTART ||
1012 error == EINTR || error == EWOULDBLOCK))
1013 error = 0;
1014 }
1015 #ifdef KTRACE
1016 if (ktruio != NULL) {
1017 ktruio->uio_resid = len - auio.uio_resid;
1018 ktrgenio(s, UIO_READ, ktruio, error);
1019 }
1020 #endif
1021 if (error)
1022 goto out;
1023 td->td_retval[0] = len - auio.uio_resid;
1024 if (mp->msg_name) {
1025 len = mp->msg_namelen;
1026 if (len <= 0 || fromsa == 0)
1027 len = 0;
1028 else {
1029 /* save sa_len before it is destroyed by MSG_COMPAT */
1030 len = MIN(len, fromsa->sa_len);
1031 #ifdef COMPAT_OLDSOCK
1032 if (mp->msg_flags & MSG_COMPAT)
1033 ((struct osockaddr *)fromsa)->sa_family =
1034 fromsa->sa_family;
1035 #endif
1036 if (fromseg == UIO_USERSPACE) {
1037 error = copyout(fromsa, mp->msg_name,
1038 (unsigned)len);
1039 if (error)
1040 goto out;
1041 } else
1042 bcopy(fromsa, mp->msg_name, len);
1043 }
1044 mp->msg_namelen = len;
1045 }
1046 if (mp->msg_control && controlp == NULL) {
1047 #ifdef COMPAT_OLDSOCK
1048 /*
1049 * We assume that old recvmsg calls won't receive access
1050 * rights and other control info, esp. as control info
1051 * is always optional and those options didn't exist in 4.3.
1052 * If we receive rights, trim the cmsghdr; anything else
1053 * is tossed.
1054 */
1055 if (control && mp->msg_flags & MSG_COMPAT) {
1056 if (mtod(control, struct cmsghdr *)->cmsg_level !=
1057 SOL_SOCKET ||
1058 mtod(control, struct cmsghdr *)->cmsg_type !=
1059 SCM_RIGHTS) {
1060 mp->msg_controllen = 0;
1061 goto out;
1062 }
1063 control->m_len -= sizeof (struct cmsghdr);
1064 control->m_data += sizeof (struct cmsghdr);
1065 }
1066 #endif
1067 len = mp->msg_controllen;
1068 m = control;
1069 mp->msg_controllen = 0;
1070 ctlbuf = mp->msg_control;
1071
1072 while (m && len > 0) {
1073 unsigned int tocopy;
1074
1075 if (len >= m->m_len)
1076 tocopy = m->m_len;
1077 else {
1078 mp->msg_flags |= MSG_CTRUNC;
1079 tocopy = len;
1080 }
1081
1082 if ((error = copyout(mtod(m, caddr_t),
1083 ctlbuf, tocopy)) != 0)
1084 goto out;
1085
1086 ctlbuf += tocopy;
1087 len -= tocopy;
1088 m = m->m_next;
1089 }
1090 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control;
1091 }
1092 out:
1093 fdrop(fp, td);
1094 #ifdef KTRACE
1095 if (fromsa && KTRPOINT(td, KTR_STRUCT))
1096 ktrsockaddr(fromsa);
1097 #endif
1098 if (fromsa)
1099 free(fromsa, M_SONAME);
1100
1101 if (error == 0 && controlp != NULL)
1102 *controlp = control;
1103 else if (control)
1104 m_freem(control);
1105
1106 return (error);
1107 }
1108
1109 static int
1110 recvit(td, s, mp, namelenp)
1111 struct thread *td;
1112 int s;
1113 struct msghdr *mp;
1114 void *namelenp;
1115 {
1116 int error;
1117
1118 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL);
1119 if (error)
1120 return (error);
1121 if (namelenp) {
1122 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t));
1123 #ifdef COMPAT_OLDSOCK
1124 if (mp->msg_flags & MSG_COMPAT)
1125 error = 0; /* old recvfrom didn't check */
1126 #endif
1127 }
1128 return (error);
1129 }
1130
1131 int
1132 sys_recvfrom(td, uap)
1133 struct thread *td;
1134 struct recvfrom_args /* {
1135 int s;
1136 caddr_t buf;
1137 size_t len;
1138 int flags;
1139 struct sockaddr * __restrict from;
1140 socklen_t * __restrict fromlenaddr;
1141 } */ *uap;
1142 {
1143 struct msghdr msg;
1144 struct iovec aiov;
1145 int error;
1146
1147 if (uap->fromlenaddr) {
1148 error = copyin(uap->fromlenaddr,
1149 &msg.msg_namelen, sizeof (msg.msg_namelen));
1150 if (error)
1151 goto done2;
1152 } else {
1153 msg.msg_namelen = 0;
1154 }
1155 msg.msg_name = uap->from;
1156 msg.msg_iov = &aiov;
1157 msg.msg_iovlen = 1;
1158 aiov.iov_base = uap->buf;
1159 aiov.iov_len = uap->len;
1160 msg.msg_control = 0;
1161 msg.msg_flags = uap->flags;
1162 error = recvit(td, uap->s, &msg, uap->fromlenaddr);
1163 done2:
1164 return(error);
1165 }
1166
1167 #ifdef COMPAT_OLDSOCK
1168 int
1169 orecvfrom(td, uap)
1170 struct thread *td;
1171 struct recvfrom_args *uap;
1172 {
1173
1174 uap->flags |= MSG_COMPAT;
1175 return (sys_recvfrom(td, uap));
1176 }
1177 #endif
1178
1179 #ifdef COMPAT_OLDSOCK
1180 int
1181 orecv(td, uap)
1182 struct thread *td;
1183 struct orecv_args /* {
1184 int s;
1185 caddr_t buf;
1186 int len;
1187 int flags;
1188 } */ *uap;
1189 {
1190 struct msghdr msg;
1191 struct iovec aiov;
1192 int error;
1193
1194 msg.msg_name = 0;
1195 msg.msg_namelen = 0;
1196 msg.msg_iov = &aiov;
1197 msg.msg_iovlen = 1;
1198 aiov.iov_base = uap->buf;
1199 aiov.iov_len = uap->len;
1200 msg.msg_control = 0;
1201 msg.msg_flags = uap->flags;
1202 error = recvit(td, uap->s, &msg, NULL);
1203 return (error);
1204 }
1205
1206 /*
1207 * Old recvmsg. This code takes advantage of the fact that the old msghdr
1208 * overlays the new one, missing only the flags, and with the (old) access
1209 * rights where the control fields are now.
1210 */
1211 int
1212 orecvmsg(td, uap)
1213 struct thread *td;
1214 struct orecvmsg_args /* {
1215 int s;
1216 struct omsghdr *msg;
1217 int flags;
1218 } */ *uap;
1219 {
1220 struct msghdr msg;
1221 struct iovec *iov;
1222 int error;
1223
1224 error = copyin(uap->msg, &msg, sizeof (struct omsghdr));
1225 if (error)
1226 return (error);
1227 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1228 if (error)
1229 return (error);
1230 msg.msg_flags = uap->flags | MSG_COMPAT;
1231 msg.msg_iov = iov;
1232 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen);
1233 if (msg.msg_controllen && error == 0)
1234 error = copyout(&msg.msg_controllen,
1235 &uap->msg->msg_accrightslen, sizeof (int));
1236 free(iov, M_IOV);
1237 return (error);
1238 }
1239 #endif
1240
1241 int
1242 sys_recvmsg(td, uap)
1243 struct thread *td;
1244 struct recvmsg_args /* {
1245 int s;
1246 struct msghdr *msg;
1247 int flags;
1248 } */ *uap;
1249 {
1250 struct msghdr msg;
1251 struct iovec *uiov, *iov;
1252 int error;
1253
1254 error = copyin(uap->msg, &msg, sizeof (msg));
1255 if (error)
1256 return (error);
1257 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1258 if (error)
1259 return (error);
1260 msg.msg_flags = uap->flags;
1261 #ifdef COMPAT_OLDSOCK
1262 msg.msg_flags &= ~MSG_COMPAT;
1263 #endif
1264 uiov = msg.msg_iov;
1265 msg.msg_iov = iov;
1266 error = recvit(td, uap->s, &msg, NULL);
1267 if (error == 0) {
1268 msg.msg_iov = uiov;
1269 error = copyout(&msg, uap->msg, sizeof(msg));
1270 }
1271 free(iov, M_IOV);
1272 return (error);
1273 }
1274
1275 /* ARGSUSED */
1276 int
1277 sys_shutdown(td, uap)
1278 struct thread *td;
1279 struct shutdown_args /* {
1280 int s;
1281 int how;
1282 } */ *uap;
1283 {
1284 struct socket *so;
1285 struct file *fp;
1286 int error;
1287
1288 AUDIT_ARG_FD(uap->s);
1289 error = getsock_cap(td->td_proc->p_fd, uap->s, CAP_SHUTDOWN, &fp,
1290 NULL);
1291 if (error == 0) {
1292 so = fp->f_data;
1293 error = soshutdown(so, uap->how);
1294 fdrop(fp, td);
1295 }
1296 return (error);
1297 }
1298
1299 /* ARGSUSED */
1300 int
1301 sys_setsockopt(td, uap)
1302 struct thread *td;
1303 struct setsockopt_args /* {
1304 int s;
1305 int level;
1306 int name;
1307 caddr_t val;
1308 int valsize;
1309 } */ *uap;
1310 {
1311
1312 return (kern_setsockopt(td, uap->s, uap->level, uap->name,
1313 uap->val, UIO_USERSPACE, uap->valsize));
1314 }
1315
1316 int
1317 kern_setsockopt(td, s, level, name, val, valseg, valsize)
1318 struct thread *td;
1319 int s;
1320 int level;
1321 int name;
1322 void *val;
1323 enum uio_seg valseg;
1324 socklen_t valsize;
1325 {
1326 int error;
1327 struct socket *so;
1328 struct file *fp;
1329 struct sockopt sopt;
1330
1331 if (val == NULL && valsize != 0)
1332 return (EFAULT);
1333 if ((int)valsize < 0)
1334 return (EINVAL);
1335
1336 sopt.sopt_dir = SOPT_SET;
1337 sopt.sopt_level = level;
1338 sopt.sopt_name = name;
1339 sopt.sopt_val = val;
1340 sopt.sopt_valsize = valsize;
1341 switch (valseg) {
1342 case UIO_USERSPACE:
1343 sopt.sopt_td = td;
1344 break;
1345 case UIO_SYSSPACE:
1346 sopt.sopt_td = NULL;
1347 break;
1348 default:
1349 panic("kern_setsockopt called with bad valseg");
1350 }
1351
1352 AUDIT_ARG_FD(s);
1353 error = getsock_cap(td->td_proc->p_fd, s, CAP_SETSOCKOPT, &fp, NULL);
1354 if (error == 0) {
1355 so = fp->f_data;
1356 error = sosetopt(so, &sopt);
1357 fdrop(fp, td);
1358 }
1359 return(error);
1360 }
1361
1362 /* ARGSUSED */
1363 int
1364 sys_getsockopt(td, uap)
1365 struct thread *td;
1366 struct getsockopt_args /* {
1367 int s;
1368 int level;
1369 int name;
1370 void * __restrict val;
1371 socklen_t * __restrict avalsize;
1372 } */ *uap;
1373 {
1374 socklen_t valsize;
1375 int error;
1376
1377 if (uap->val) {
1378 error = copyin(uap->avalsize, &valsize, sizeof (valsize));
1379 if (error)
1380 return (error);
1381 }
1382
1383 error = kern_getsockopt(td, uap->s, uap->level, uap->name,
1384 uap->val, UIO_USERSPACE, &valsize);
1385
1386 if (error == 0)
1387 error = copyout(&valsize, uap->avalsize, sizeof (valsize));
1388 return (error);
1389 }
1390
1391 /*
1392 * Kernel version of getsockopt.
1393 * optval can be a userland or userspace. optlen is always a kernel pointer.
1394 */
1395 int
1396 kern_getsockopt(td, s, level, name, val, valseg, valsize)
1397 struct thread *td;
1398 int s;
1399 int level;
1400 int name;
1401 void *val;
1402 enum uio_seg valseg;
1403 socklen_t *valsize;
1404 {
1405 int error;
1406 struct socket *so;
1407 struct file *fp;
1408 struct sockopt sopt;
1409
1410 if (val == NULL)
1411 *valsize = 0;
1412 if ((int)*valsize < 0)
1413 return (EINVAL);
1414
1415 sopt.sopt_dir = SOPT_GET;
1416 sopt.sopt_level = level;
1417 sopt.sopt_name = name;
1418 sopt.sopt_val = val;
1419 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */
1420 switch (valseg) {
1421 case UIO_USERSPACE:
1422 sopt.sopt_td = td;
1423 break;
1424 case UIO_SYSSPACE:
1425 sopt.sopt_td = NULL;
1426 break;
1427 default:
1428 panic("kern_getsockopt called with bad valseg");
1429 }
1430
1431 AUDIT_ARG_FD(s);
1432 error = getsock_cap(td->td_proc->p_fd, s, CAP_GETSOCKOPT, &fp, NULL);
1433 if (error == 0) {
1434 so = fp->f_data;
1435 error = sogetopt(so, &sopt);
1436 *valsize = sopt.sopt_valsize;
1437 fdrop(fp, td);
1438 }
1439 return (error);
1440 }
1441
1442 /*
1443 * getsockname1() - Get socket name.
1444 */
1445 /* ARGSUSED */
1446 static int
1447 getsockname1(td, uap, compat)
1448 struct thread *td;
1449 struct getsockname_args /* {
1450 int fdes;
1451 struct sockaddr * __restrict asa;
1452 socklen_t * __restrict alen;
1453 } */ *uap;
1454 int compat;
1455 {
1456 struct sockaddr *sa;
1457 socklen_t len;
1458 int error;
1459
1460 error = copyin(uap->alen, &len, sizeof(len));
1461 if (error)
1462 return (error);
1463
1464 error = kern_getsockname(td, uap->fdes, &sa, &len);
1465 if (error)
1466 return (error);
1467
1468 if (len != 0) {
1469 #ifdef COMPAT_OLDSOCK
1470 if (compat)
1471 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1472 #endif
1473 error = copyout(sa, uap->asa, (u_int)len);
1474 }
1475 free(sa, M_SONAME);
1476 if (error == 0)
1477 error = copyout(&len, uap->alen, sizeof(len));
1478 return (error);
1479 }
1480
1481 int
1482 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa,
1483 socklen_t *alen)
1484 {
1485 struct socket *so;
1486 struct file *fp;
1487 socklen_t len;
1488 int error;
1489
1490 if (*alen < 0)
1491 return (EINVAL);
1492
1493 AUDIT_ARG_FD(fd);
1494 error = getsock_cap(td->td_proc->p_fd, fd, CAP_GETSOCKNAME, &fp, NULL);
1495 if (error)
1496 return (error);
1497 so = fp->f_data;
1498 *sa = NULL;
1499 CURVNET_SET(so->so_vnet);
1500 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, sa);
1501 CURVNET_RESTORE();
1502 if (error)
1503 goto bad;
1504 if (*sa == NULL)
1505 len = 0;
1506 else
1507 len = MIN(*alen, (*sa)->sa_len);
1508 *alen = len;
1509 #ifdef KTRACE
1510 if (KTRPOINT(td, KTR_STRUCT))
1511 ktrsockaddr(*sa);
1512 #endif
1513 bad:
1514 fdrop(fp, td);
1515 if (error && *sa) {
1516 free(*sa, M_SONAME);
1517 *sa = NULL;
1518 }
1519 return (error);
1520 }
1521
1522 int
1523 sys_getsockname(td, uap)
1524 struct thread *td;
1525 struct getsockname_args *uap;
1526 {
1527
1528 return (getsockname1(td, uap, 0));
1529 }
1530
1531 #ifdef COMPAT_OLDSOCK
1532 int
1533 ogetsockname(td, uap)
1534 struct thread *td;
1535 struct getsockname_args *uap;
1536 {
1537
1538 return (getsockname1(td, uap, 1));
1539 }
1540 #endif /* COMPAT_OLDSOCK */
1541
1542 /*
1543 * getpeername1() - Get name of peer for connected socket.
1544 */
1545 /* ARGSUSED */
1546 static int
1547 getpeername1(td, uap, compat)
1548 struct thread *td;
1549 struct getpeername_args /* {
1550 int fdes;
1551 struct sockaddr * __restrict asa;
1552 socklen_t * __restrict alen;
1553 } */ *uap;
1554 int compat;
1555 {
1556 struct sockaddr *sa;
1557 socklen_t len;
1558 int error;
1559
1560 error = copyin(uap->alen, &len, sizeof (len));
1561 if (error)
1562 return (error);
1563
1564 error = kern_getpeername(td, uap->fdes, &sa, &len);
1565 if (error)
1566 return (error);
1567
1568 if (len != 0) {
1569 #ifdef COMPAT_OLDSOCK
1570 if (compat)
1571 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1572 #endif
1573 error = copyout(sa, uap->asa, (u_int)len);
1574 }
1575 free(sa, M_SONAME);
1576 if (error == 0)
1577 error = copyout(&len, uap->alen, sizeof(len));
1578 return (error);
1579 }
1580
1581 int
1582 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa,
1583 socklen_t *alen)
1584 {
1585 struct socket *so;
1586 struct file *fp;
1587 socklen_t len;
1588 int error;
1589
1590 if (*alen < 0)
1591 return (EINVAL);
1592
1593 AUDIT_ARG_FD(fd);
1594 error = getsock_cap(td->td_proc->p_fd, fd, CAP_GETPEERNAME, &fp, NULL);
1595 if (error)
1596 return (error);
1597 so = fp->f_data;
1598 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) {
1599 error = ENOTCONN;
1600 goto done;
1601 }
1602 *sa = NULL;
1603 CURVNET_SET(so->so_vnet);
1604 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, sa);
1605 CURVNET_RESTORE();
1606 if (error)
1607 goto bad;
1608 if (*sa == NULL)
1609 len = 0;
1610 else
1611 len = MIN(*alen, (*sa)->sa_len);
1612 *alen = len;
1613 #ifdef KTRACE
1614 if (KTRPOINT(td, KTR_STRUCT))
1615 ktrsockaddr(*sa);
1616 #endif
1617 bad:
1618 if (error && *sa) {
1619 free(*sa, M_SONAME);
1620 *sa = NULL;
1621 }
1622 done:
1623 fdrop(fp, td);
1624 return (error);
1625 }
1626
1627 int
1628 sys_getpeername(td, uap)
1629 struct thread *td;
1630 struct getpeername_args *uap;
1631 {
1632
1633 return (getpeername1(td, uap, 0));
1634 }
1635
1636 #ifdef COMPAT_OLDSOCK
1637 int
1638 ogetpeername(td, uap)
1639 struct thread *td;
1640 struct ogetpeername_args *uap;
1641 {
1642
1643 /* XXX uap should have type `getpeername_args *' to begin with. */
1644 return (getpeername1(td, (struct getpeername_args *)uap, 1));
1645 }
1646 #endif /* COMPAT_OLDSOCK */
1647
1648 int
1649 sockargs(mp, buf, buflen, type)
1650 struct mbuf **mp;
1651 caddr_t buf;
1652 int buflen, type;
1653 {
1654 struct sockaddr *sa;
1655 struct mbuf *m;
1656 int error;
1657
1658 if ((u_int)buflen > MLEN) {
1659 #ifdef COMPAT_OLDSOCK
1660 if (type == MT_SONAME && (u_int)buflen <= 112)
1661 buflen = MLEN; /* unix domain compat. hack */
1662 else
1663 #endif
1664 if ((u_int)buflen > MCLBYTES)
1665 return (EINVAL);
1666 }
1667 m = m_get(M_WAIT, type);
1668 if ((u_int)buflen > MLEN)
1669 MCLGET(m, M_WAIT);
1670 m->m_len = buflen;
1671 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen);
1672 if (error)
1673 (void) m_free(m);
1674 else {
1675 *mp = m;
1676 if (type == MT_SONAME) {
1677 sa = mtod(m, struct sockaddr *);
1678
1679 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1680 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1681 sa->sa_family = sa->sa_len;
1682 #endif
1683 sa->sa_len = buflen;
1684 }
1685 }
1686 return (error);
1687 }
1688
1689 int
1690 getsockaddr(namp, uaddr, len)
1691 struct sockaddr **namp;
1692 caddr_t uaddr;
1693 size_t len;
1694 {
1695 struct sockaddr *sa;
1696 int error;
1697
1698 if (len > SOCK_MAXADDRLEN)
1699 return (ENAMETOOLONG);
1700 if (len < offsetof(struct sockaddr, sa_data[0]))
1701 return (EINVAL);
1702 sa = malloc(len, M_SONAME, M_WAITOK);
1703 error = copyin(uaddr, sa, len);
1704 if (error) {
1705 free(sa, M_SONAME);
1706 } else {
1707 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1708 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1709 sa->sa_family = sa->sa_len;
1710 #endif
1711 sa->sa_len = len;
1712 *namp = sa;
1713 }
1714 return (error);
1715 }
1716
1717 #include <sys/condvar.h>
1718
1719 struct sendfile_sync {
1720 struct mtx mtx;
1721 struct cv cv;
1722 unsigned count;
1723 };
1724
1725 /*
1726 * Detach mapped page and release resources back to the system.
1727 */
1728 void
1729 sf_buf_mext(void *addr, void *args)
1730 {
1731 vm_page_t m;
1732 struct sendfile_sync *sfs;
1733
1734 m = sf_buf_page(args);
1735 sf_buf_free(args);
1736 vm_page_lock(m);
1737 vm_page_unwire(m, 0);
1738 /*
1739 * Check for the object going away on us. This can
1740 * happen since we don't hold a reference to it.
1741 * If so, we're responsible for freeing the page.
1742 */
1743 if (m->wire_count == 0 && m->object == NULL)
1744 vm_page_free(m);
1745 vm_page_unlock(m);
1746 if (addr == NULL)
1747 return;
1748 sfs = addr;
1749 mtx_lock(&sfs->mtx);
1750 KASSERT(sfs->count> 0, ("Sendfile sync botchup count == 0"));
1751 if (--sfs->count == 0)
1752 cv_signal(&sfs->cv);
1753 mtx_unlock(&sfs->mtx);
1754 }
1755
1756 /*
1757 * sendfile(2)
1758 *
1759 * int sendfile(int fd, int s, off_t offset, size_t nbytes,
1760 * struct sf_hdtr *hdtr, off_t *sbytes, int flags)
1761 *
1762 * Send a file specified by 'fd' and starting at 'offset' to a socket
1763 * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes ==
1764 * 0. Optionally add a header and/or trailer to the socket output. If
1765 * specified, write the total number of bytes sent into *sbytes.
1766 */
1767 int
1768 sys_sendfile(struct thread *td, struct sendfile_args *uap)
1769 {
1770
1771 return (do_sendfile(td, uap, 0));
1772 }
1773
1774 static int
1775 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat)
1776 {
1777 struct sf_hdtr hdtr;
1778 struct uio *hdr_uio, *trl_uio;
1779 int error;
1780
1781 hdr_uio = trl_uio = NULL;
1782
1783 if (uap->hdtr != NULL) {
1784 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
1785 if (error)
1786 goto out;
1787 if (hdtr.headers != NULL) {
1788 error = copyinuio(hdtr.headers, hdtr.hdr_cnt, &hdr_uio);
1789 if (error)
1790 goto out;
1791 }
1792 if (hdtr.trailers != NULL) {
1793 error = copyinuio(hdtr.trailers, hdtr.trl_cnt, &trl_uio);
1794 if (error)
1795 goto out;
1796
1797 }
1798 }
1799
1800 error = kern_sendfile(td, uap, hdr_uio, trl_uio, compat);
1801 out:
1802 if (hdr_uio)
1803 free(hdr_uio, M_IOV);
1804 if (trl_uio)
1805 free(trl_uio, M_IOV);
1806 return (error);
1807 }
1808
1809 #ifdef COMPAT_FREEBSD4
1810 int
1811 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap)
1812 {
1813 struct sendfile_args args;
1814
1815 args.fd = uap->fd;
1816 args.s = uap->s;
1817 args.offset = uap->offset;
1818 args.nbytes = uap->nbytes;
1819 args.hdtr = uap->hdtr;
1820 args.sbytes = uap->sbytes;
1821 args.flags = uap->flags;
1822
1823 return (do_sendfile(td, &args, 1));
1824 }
1825 #endif /* COMPAT_FREEBSD4 */
1826
1827 int
1828 kern_sendfile(struct thread *td, struct sendfile_args *uap,
1829 struct uio *hdr_uio, struct uio *trl_uio, int compat)
1830 {
1831 struct file *sock_fp;
1832 struct vnode *vp;
1833 struct vm_object *obj = NULL;
1834 struct socket *so = NULL;
1835 struct mbuf *m = NULL;
1836 struct sf_buf *sf;
1837 struct vm_page *pg;
1838 struct vattr va;
1839 off_t off, xfsize, fsbytes = 0, sbytes = 0, rem = 0;
1840 int error, hdrlen = 0, mnw = 0;
1841 int vfslocked;
1842 int bsize;
1843 struct sendfile_sync *sfs = NULL;
1844
1845 /*
1846 * The file descriptor must be a regular file and have a
1847 * backing VM object.
1848 * File offset must be positive. If it goes beyond EOF
1849 * we send only the header/trailer and no payload data.
1850 */
1851 AUDIT_ARG_FD(uap->fd);
1852 if ((error = fgetvp_read(td, uap->fd, CAP_READ, &vp)) != 0)
1853 goto out;
1854 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
1855 vn_lock(vp, LK_SHARED | LK_RETRY);
1856 if (vp->v_type == VREG) {
1857 bsize = vp->v_mount->mnt_stat.f_iosize;
1858 if (uap->nbytes == 0) {
1859 error = VOP_GETATTR(vp, &va, td->td_ucred);
1860 if (error != 0) {
1861 VOP_UNLOCK(vp, 0);
1862 VFS_UNLOCK_GIANT(vfslocked);
1863 obj = NULL;
1864 goto out;
1865 }
1866 rem = va.va_size;
1867 } else
1868 rem = uap->nbytes;
1869 obj = vp->v_object;
1870 if (obj != NULL) {
1871 /*
1872 * Temporarily increase the backing VM
1873 * object's reference count so that a forced
1874 * reclamation of its vnode does not
1875 * immediately destroy it.
1876 */
1877 VM_OBJECT_LOCK(obj);
1878 if ((obj->flags & OBJ_DEAD) == 0) {
1879 vm_object_reference_locked(obj);
1880 VM_OBJECT_UNLOCK(obj);
1881 } else {
1882 VM_OBJECT_UNLOCK(obj);
1883 obj = NULL;
1884 }
1885 }
1886 } else
1887 bsize = 0; /* silence gcc */
1888 VOP_UNLOCK(vp, 0);
1889 VFS_UNLOCK_GIANT(vfslocked);
1890 if (obj == NULL) {
1891 error = EINVAL;
1892 goto out;
1893 }
1894 if (uap->offset < 0) {
1895 error = EINVAL;
1896 goto out;
1897 }
1898
1899 /*
1900 * The socket must be a stream socket and connected.
1901 * Remember if it a blocking or non-blocking socket.
1902 */
1903 if ((error = getsock_cap(td->td_proc->p_fd, uap->s, CAP_WRITE,
1904 &sock_fp, NULL)) != 0)
1905 goto out;
1906 so = sock_fp->f_data;
1907 if (so->so_type != SOCK_STREAM) {
1908 error = EINVAL;
1909 goto out;
1910 }
1911 if ((so->so_state & SS_ISCONNECTED) == 0) {
1912 error = ENOTCONN;
1913 goto out;
1914 }
1915 /*
1916 * Do not wait on memory allocations but return ENOMEM for
1917 * caller to retry later.
1918 * XXX: Experimental.
1919 */
1920 if (uap->flags & SF_MNOWAIT)
1921 mnw = 1;
1922
1923 if (uap->flags & SF_SYNC) {
1924 sfs = malloc(sizeof *sfs, M_TEMP, M_WAITOK | M_ZERO);
1925 mtx_init(&sfs->mtx, "sendfile", NULL, MTX_DEF);
1926 cv_init(&sfs->cv, "sendfile");
1927 }
1928
1929 #ifdef MAC
1930 error = mac_socket_check_send(td->td_ucred, so);
1931 if (error)
1932 goto out;
1933 #endif
1934
1935 /* If headers are specified copy them into mbufs. */
1936 if (hdr_uio != NULL) {
1937 hdr_uio->uio_td = td;
1938 hdr_uio->uio_rw = UIO_WRITE;
1939 if (hdr_uio->uio_resid > 0) {
1940 /*
1941 * In FBSD < 5.0 the nbytes to send also included
1942 * the header. If compat is specified subtract the
1943 * header size from nbytes.
1944 */
1945 if (compat) {
1946 if (uap->nbytes > hdr_uio->uio_resid)
1947 uap->nbytes -= hdr_uio->uio_resid;
1948 else
1949 uap->nbytes = 0;
1950 }
1951 m = m_uiotombuf(hdr_uio, (mnw ? M_NOWAIT : M_WAITOK),
1952 0, 0, 0);
1953 if (m == NULL) {
1954 error = mnw ? EAGAIN : ENOBUFS;
1955 goto out;
1956 }
1957 hdrlen = m_length(m, NULL);
1958 }
1959 }
1960
1961 /*
1962 * Protect against multiple writers to the socket.
1963 *
1964 * XXXRW: Historically this has assumed non-interruptibility, so now
1965 * we implement that, but possibly shouldn't.
1966 */
1967 (void)sblock(&so->so_snd, SBL_WAIT | SBL_NOINTR);
1968
1969 /*
1970 * Loop through the pages of the file, starting with the requested
1971 * offset. Get a file page (do I/O if necessary), map the file page
1972 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
1973 * it on the socket.
1974 * This is done in two loops. The inner loop turns as many pages
1975 * as it can, up to available socket buffer space, without blocking
1976 * into mbufs to have it bulk delivered into the socket send buffer.
1977 * The outer loop checks the state and available space of the socket
1978 * and takes care of the overall progress.
1979 */
1980 for (off = uap->offset; ; ) {
1981 struct mbuf *mtail;
1982 int loopbytes;
1983 int space;
1984 int done;
1985
1986 if ((uap->nbytes != 0 && uap->nbytes == fsbytes) ||
1987 (uap->nbytes == 0 && va.va_size == fsbytes))
1988 break;
1989
1990 mtail = NULL;
1991 loopbytes = 0;
1992 space = 0;
1993 done = 0;
1994
1995 /*
1996 * Check the socket state for ongoing connection,
1997 * no errors and space in socket buffer.
1998 * If space is low allow for the remainder of the
1999 * file to be processed if it fits the socket buffer.
2000 * Otherwise block in waiting for sufficient space
2001 * to proceed, or if the socket is nonblocking, return
2002 * to userland with EAGAIN while reporting how far
2003 * we've come.
2004 * We wait until the socket buffer has significant free
2005 * space to do bulk sends. This makes good use of file
2006 * system read ahead and allows packet segmentation
2007 * offloading hardware to take over lots of work. If
2008 * we were not careful here we would send off only one
2009 * sfbuf at a time.
2010 */
2011 SOCKBUF_LOCK(&so->so_snd);
2012 if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2)
2013 so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2;
2014 retry_space:
2015 if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
2016 error = EPIPE;
2017 SOCKBUF_UNLOCK(&so->so_snd);
2018 goto done;
2019 } else if (so->so_error) {
2020 error = so->so_error;
2021 so->so_error = 0;
2022 SOCKBUF_UNLOCK(&so->so_snd);
2023 goto done;
2024 }
2025 space = sbspace(&so->so_snd);
2026 if (space < rem &&
2027 (space <= 0 ||
2028 space < so->so_snd.sb_lowat)) {
2029 if (so->so_state & SS_NBIO) {
2030 SOCKBUF_UNLOCK(&so->so_snd);
2031 error = EAGAIN;
2032 goto done;
2033 }
2034 /*
2035 * sbwait drops the lock while sleeping.
2036 * When we loop back to retry_space the
2037 * state may have changed and we retest
2038 * for it.
2039 */
2040 error = sbwait(&so->so_snd);
2041 /*
2042 * An error from sbwait usually indicates that we've
2043 * been interrupted by a signal. If we've sent anything
2044 * then return bytes sent, otherwise return the error.
2045 */
2046 if (error) {
2047 SOCKBUF_UNLOCK(&so->so_snd);
2048 goto done;
2049 }
2050 goto retry_space;
2051 }
2052 SOCKBUF_UNLOCK(&so->so_snd);
2053
2054 /*
2055 * Reduce space in the socket buffer by the size of
2056 * the header mbuf chain.
2057 * hdrlen is set to 0 after the first loop.
2058 */
2059 space -= hdrlen;
2060
2061 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2062 error = vn_lock(vp, LK_SHARED);
2063 if (error != 0) {
2064 VFS_UNLOCK_GIANT(vfslocked);
2065 goto done;
2066 }
2067 error = VOP_GETATTR(vp, &va, td->td_ucred);
2068 if (error != 0 || off >= va.va_size) {
2069 VOP_UNLOCK(vp, 0);
2070 VFS_UNLOCK_GIANT(vfslocked);
2071 goto done;
2072 }
2073 VFS_UNLOCK_GIANT(vfslocked);
2074
2075 /*
2076 * Loop and construct maximum sized mbuf chain to be bulk
2077 * dumped into socket buffer.
2078 */
2079 while (space > loopbytes) {
2080 vm_pindex_t pindex;
2081 vm_offset_t pgoff;
2082 struct mbuf *m0;
2083
2084 /*
2085 * Calculate the amount to transfer.
2086 * Not to exceed a page, the EOF,
2087 * or the passed in nbytes.
2088 */
2089 pgoff = (vm_offset_t)(off & PAGE_MASK);
2090 rem = va.va_size - uap->offset;
2091 if (uap->nbytes != 0)
2092 rem = omin(rem, uap->nbytes);
2093 rem -= fsbytes + loopbytes;
2094 xfsize = omin(PAGE_SIZE - pgoff, rem);
2095 xfsize = omin(space - loopbytes, xfsize);
2096 if (xfsize <= 0) {
2097 done = 1; /* all data sent */
2098 break;
2099 }
2100
2101 /*
2102 * Attempt to look up the page. Allocate
2103 * if not found or wait and loop if busy.
2104 */
2105 pindex = OFF_TO_IDX(off);
2106 VM_OBJECT_LOCK(obj);
2107 pg = vm_page_grab(obj, pindex, VM_ALLOC_NOBUSY |
2108 VM_ALLOC_NORMAL | VM_ALLOC_WIRED | VM_ALLOC_RETRY);
2109
2110 /*
2111 * Check if page is valid for what we need,
2112 * otherwise initiate I/O.
2113 * If we already turned some pages into mbufs,
2114 * send them off before we come here again and
2115 * block.
2116 */
2117 if (pg->valid && vm_page_is_valid(pg, pgoff, xfsize))
2118 VM_OBJECT_UNLOCK(obj);
2119 else if (m != NULL)
2120 error = EAGAIN; /* send what we already got */
2121 else if (uap->flags & SF_NODISKIO)
2122 error = EBUSY;
2123 else {
2124 ssize_t resid;
2125
2126 VM_OBJECT_UNLOCK(obj);
2127
2128 /*
2129 * Get the page from backing store.
2130 * XXXMAC: Because we don't have fp->f_cred
2131 * here, we pass in NOCRED. This is probably
2132 * wrong, but is consistent with our original
2133 * implementation.
2134 */
2135 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2136 error = vn_rdwr(UIO_READ, vp, NULL, MAXBSIZE,
2137 trunc_page(off), UIO_NOCOPY, IO_NODELOCKED |
2138 IO_VMIO | ((MAXBSIZE / bsize) << IO_SEQSHIFT),
2139 td->td_ucred, NOCRED, &resid, td);
2140 VFS_UNLOCK_GIANT(vfslocked);
2141 if (error)
2142 VM_OBJECT_LOCK(obj);
2143 mbstat.sf_iocnt++;
2144 }
2145 if (error) {
2146 vm_page_lock(pg);
2147 vm_page_unwire(pg, 0);
2148 /*
2149 * See if anyone else might know about
2150 * this page. If not and it is not valid,
2151 * then free it.
2152 */
2153 if (pg->wire_count == 0 && pg->valid == 0 &&
2154 pg->busy == 0 && !(pg->oflags & VPO_BUSY))
2155 vm_page_free(pg);
2156 vm_page_unlock(pg);
2157 VM_OBJECT_UNLOCK(obj);
2158 if (error == EAGAIN)
2159 error = 0; /* not a real error */
2160 break;
2161 }
2162
2163 /*
2164 * Get a sendfile buf. When allocating the
2165 * first buffer for mbuf chain, we usually
2166 * wait as long as necessary, but this wait
2167 * can be interrupted. For consequent
2168 * buffers, do not sleep, since several
2169 * threads might exhaust the buffers and then
2170 * deadlock.
2171 */
2172 sf = sf_buf_alloc(pg, (mnw || m != NULL) ? SFB_NOWAIT :
2173 SFB_CATCH);
2174 if (sf == NULL) {
2175 mbstat.sf_allocfail++;
2176 vm_page_lock(pg);
2177 vm_page_unwire(pg, 0);
2178 KASSERT(pg->object != NULL,
2179 ("kern_sendfile: object disappeared"));
2180 vm_page_unlock(pg);
2181 if (m == NULL)
2182 error = (mnw ? EAGAIN : EINTR);
2183 break;
2184 }
2185
2186 /*
2187 * Get an mbuf and set it up as having
2188 * external storage.
2189 */
2190 m0 = m_get((mnw ? M_NOWAIT : M_WAITOK), MT_DATA);
2191 if (m0 == NULL) {
2192 error = (mnw ? EAGAIN : ENOBUFS);
2193 sf_buf_mext(NULL, sf);
2194 break;
2195 }
2196 MEXTADD(m0, sf_buf_kva(sf), PAGE_SIZE, sf_buf_mext,
2197 sfs, sf, M_RDONLY, EXT_SFBUF);
2198 m0->m_data = (char *)sf_buf_kva(sf) + pgoff;
2199 m0->m_len = xfsize;
2200
2201 /* Append to mbuf chain. */
2202 if (mtail != NULL)
2203 mtail->m_next = m0;
2204 else if (m != NULL)
2205 m_last(m)->m_next = m0;
2206 else
2207 m = m0;
2208 mtail = m0;
2209
2210 /* Keep track of bits processed. */
2211 loopbytes += xfsize;
2212 off += xfsize;
2213
2214 if (sfs != NULL) {
2215 mtx_lock(&sfs->mtx);
2216 sfs->count++;
2217 mtx_unlock(&sfs->mtx);
2218 }
2219 }
2220
2221 VOP_UNLOCK(vp, 0);
2222
2223 /* Add the buffer chain to the socket buffer. */
2224 if (m != NULL) {
2225 int mlen, err;
2226
2227 mlen = m_length(m, NULL);
2228 SOCKBUF_LOCK(&so->so_snd);
2229 if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
2230 error = EPIPE;
2231 SOCKBUF_UNLOCK(&so->so_snd);
2232 goto done;
2233 }
2234 SOCKBUF_UNLOCK(&so->so_snd);
2235 CURVNET_SET(so->so_vnet);
2236 /* Avoid error aliasing. */
2237 err = (*so->so_proto->pr_usrreqs->pru_send)
2238 (so, 0, m, NULL, NULL, td);
2239 CURVNET_RESTORE();
2240 if (err == 0) {
2241 /*
2242 * We need two counters to get the
2243 * file offset and nbytes to send
2244 * right:
2245 * - sbytes contains the total amount
2246 * of bytes sent, including headers.
2247 * - fsbytes contains the total amount
2248 * of bytes sent from the file.
2249 */
2250 sbytes += mlen;
2251 fsbytes += mlen;
2252 if (hdrlen) {
2253 fsbytes -= hdrlen;
2254 hdrlen = 0;
2255 }
2256 } else if (error == 0)
2257 error = err;
2258 m = NULL; /* pru_send always consumes */
2259 }
2260
2261 /* Quit outer loop on error or when we're done. */
2262 if (done)
2263 break;
2264 if (error)
2265 goto done;
2266 }
2267
2268 /*
2269 * Send trailers. Wimp out and use writev(2).
2270 */
2271 if (trl_uio != NULL) {
2272 sbunlock(&so->so_snd);
2273 error = kern_writev(td, uap->s, trl_uio);
2274 if (error == 0)
2275 sbytes += td->td_retval[0];
2276 goto out;
2277 }
2278
2279 done:
2280 sbunlock(&so->so_snd);
2281 out:
2282 /*
2283 * If there was no error we have to clear td->td_retval[0]
2284 * because it may have been set by writev.
2285 */
2286 if (error == 0) {
2287 td->td_retval[0] = 0;
2288 }
2289 if (uap->sbytes != NULL) {
2290 copyout(&sbytes, uap->sbytes, sizeof(off_t));
2291 }
2292 if (obj != NULL)
2293 vm_object_deallocate(obj);
2294 if (vp != NULL) {
2295 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2296 vrele(vp);
2297 VFS_UNLOCK_GIANT(vfslocked);
2298 }
2299 if (so)
2300 fdrop(sock_fp, td);
2301 if (m)
2302 m_freem(m);
2303
2304 if (sfs != NULL) {
2305 mtx_lock(&sfs->mtx);
2306 if (sfs->count != 0)
2307 cv_wait(&sfs->cv, &sfs->mtx);
2308 KASSERT(sfs->count == 0, ("sendfile sync still busy"));
2309 cv_destroy(&sfs->cv);
2310 mtx_destroy(&sfs->mtx);
2311 free(sfs, M_TEMP);
2312 }
2313
2314 if (error == ERESTART)
2315 error = EINTR;
2316
2317 return (error);
2318 }
2319
2320 /*
2321 * SCTP syscalls.
2322 * Functionality only compiled in if SCTP is defined in the kernel Makefile,
2323 * otherwise all return EOPNOTSUPP.
2324 * XXX: We should make this loadable one day.
2325 */
2326 int
2327 sys_sctp_peeloff(td, uap)
2328 struct thread *td;
2329 struct sctp_peeloff_args /* {
2330 int sd;
2331 caddr_t name;
2332 } */ *uap;
2333 {
2334 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2335 struct filedesc *fdp;
2336 struct file *nfp = NULL;
2337 int error;
2338 struct socket *head, *so;
2339 int fd;
2340 u_int fflag;
2341
2342 fdp = td->td_proc->p_fd;
2343 AUDIT_ARG_FD(uap->sd);
2344 error = fgetsock(td, uap->sd, CAP_PEELOFF, &head, &fflag);
2345 if (error)
2346 goto done2;
2347 if (head->so_proto->pr_protocol != IPPROTO_SCTP) {
2348 error = EOPNOTSUPP;
2349 goto done;
2350 }
2351 error = sctp_can_peel_off(head, (sctp_assoc_t)uap->name);
2352 if (error)
2353 goto done;
2354 /*
2355 * At this point we know we do have a assoc to pull
2356 * we proceed to get the fd setup. This may block
2357 * but that is ok.
2358 */
2359
2360 error = falloc(td, &nfp, &fd, 0);
2361 if (error)
2362 goto done;
2363 td->td_retval[0] = fd;
2364
2365 CURVNET_SET(head->so_vnet);
2366 so = sonewconn(head, SS_ISCONNECTED);
2367 if (so == NULL) {
2368 error = ENOMEM;
2369 goto noconnection;
2370 }
2371 /*
2372 * Before changing the flags on the socket, we have to bump the
2373 * reference count. Otherwise, if the protocol calls sofree(),
2374 * the socket will be released due to a zero refcount.
2375 */
2376 SOCK_LOCK(so);
2377 soref(so); /* file descriptor reference */
2378 SOCK_UNLOCK(so);
2379
2380 ACCEPT_LOCK();
2381
2382 TAILQ_REMOVE(&head->so_comp, so, so_list);
2383 head->so_qlen--;
2384 so->so_state |= (head->so_state & SS_NBIO);
2385 so->so_state &= ~SS_NOFDREF;
2386 so->so_qstate &= ~SQ_COMP;
2387 so->so_head = NULL;
2388 ACCEPT_UNLOCK();
2389 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops);
2390 error = sctp_do_peeloff(head, so, (sctp_assoc_t)uap->name);
2391 if (error)
2392 goto noconnection;
2393 if (head->so_sigio != NULL)
2394 fsetown(fgetown(&head->so_sigio), &so->so_sigio);
2395
2396 noconnection:
2397 /*
2398 * close the new descriptor, assuming someone hasn't ripped it
2399 * out from under us.
2400 */
2401 if (error)
2402 fdclose(fdp, nfp, fd, td);
2403
2404 /*
2405 * Release explicitly held references before returning.
2406 */
2407 CURVNET_RESTORE();
2408 done:
2409 if (nfp != NULL)
2410 fdrop(nfp, td);
2411 fputsock(head);
2412 done2:
2413 return (error);
2414 #else /* SCTP */
2415 return (EOPNOTSUPP);
2416 #endif /* SCTP */
2417 }
2418
2419 int
2420 sys_sctp_generic_sendmsg (td, uap)
2421 struct thread *td;
2422 struct sctp_generic_sendmsg_args /* {
2423 int sd,
2424 caddr_t msg,
2425 int mlen,
2426 caddr_t to,
2427 __socklen_t tolen,
2428 struct sctp_sndrcvinfo *sinfo,
2429 int flags
2430 } */ *uap;
2431 {
2432 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2433 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL;
2434 struct socket *so;
2435 struct file *fp = NULL;
2436 int error = 0, len;
2437 struct sockaddr *to = NULL;
2438 #ifdef KTRACE
2439 struct uio *ktruio = NULL;
2440 #endif
2441 struct uio auio;
2442 struct iovec iov[1];
2443 cap_rights_t rights;
2444
2445 if (uap->sinfo) {
2446 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo));
2447 if (error)
2448 return (error);
2449 u_sinfo = &sinfo;
2450 }
2451
2452 rights = CAP_WRITE;
2453 if (uap->tolen) {
2454 error = getsockaddr(&to, uap->to, uap->tolen);
2455 if (error) {
2456 to = NULL;
2457 goto sctp_bad2;
2458 }
2459 rights |= CAP_CONNECT;
2460 }
2461
2462 AUDIT_ARG_FD(uap->sd);
2463 error = getsock_cap(td->td_proc->p_fd, uap->sd, rights, &fp, NULL);
2464 if (error)
2465 goto sctp_bad;
2466 #ifdef KTRACE
2467 if (to && (KTRPOINT(td, KTR_STRUCT)))
2468 ktrsockaddr(to);
2469 #endif
2470
2471 iov[0].iov_base = uap->msg;
2472 iov[0].iov_len = uap->mlen;
2473
2474 so = (struct socket *)fp->f_data;
2475 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
2476 error = EOPNOTSUPP;
2477 goto sctp_bad;
2478 }
2479 #ifdef MAC
2480 error = mac_socket_check_send(td->td_ucred, so);
2481 if (error)
2482 goto sctp_bad;
2483 #endif /* MAC */
2484
2485 auio.uio_iov = iov;
2486 auio.uio_iovcnt = 1;
2487 auio.uio_segflg = UIO_USERSPACE;
2488 auio.uio_rw = UIO_WRITE;
2489 auio.uio_td = td;
2490 auio.uio_offset = 0; /* XXX */
2491 auio.uio_resid = 0;
2492 len = auio.uio_resid = uap->mlen;
2493 CURVNET_SET(so->so_vnet);
2494 error = sctp_lower_sosend(so, to, &auio,
2495 (struct mbuf *)NULL, (struct mbuf *)NULL,
2496 uap->flags, u_sinfo, td);
2497 CURVNET_RESTORE();
2498 if (error) {
2499 if (auio.uio_resid != len && (error == ERESTART ||
2500 error == EINTR || error == EWOULDBLOCK))
2501 error = 0;
2502 /* Generation of SIGPIPE can be controlled per socket. */
2503 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
2504 !(uap->flags & MSG_NOSIGNAL)) {
2505 PROC_LOCK(td->td_proc);
2506 tdsignal(td, SIGPIPE);
2507 PROC_UNLOCK(td->td_proc);
2508 }
2509 }
2510 if (error == 0)
2511 td->td_retval[0] = len - auio.uio_resid;
2512 #ifdef KTRACE
2513 if (ktruio != NULL) {
2514 ktruio->uio_resid = td->td_retval[0];
2515 ktrgenio(uap->sd, UIO_WRITE, ktruio, error);
2516 }
2517 #endif /* KTRACE */
2518 sctp_bad:
2519 if (fp)
2520 fdrop(fp, td);
2521 sctp_bad2:
2522 if (to)
2523 free(to, M_SONAME);
2524 return (error);
2525 #else /* SCTP */
2526 return (EOPNOTSUPP);
2527 #endif /* SCTP */
2528 }
2529
2530 int
2531 sys_sctp_generic_sendmsg_iov(td, uap)
2532 struct thread *td;
2533 struct sctp_generic_sendmsg_iov_args /* {
2534 int sd,
2535 struct iovec *iov,
2536 int iovlen,
2537 caddr_t to,
2538 __socklen_t tolen,
2539 struct sctp_sndrcvinfo *sinfo,
2540 int flags
2541 } */ *uap;
2542 {
2543 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2544 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL;
2545 struct socket *so;
2546 struct file *fp = NULL;
2547 int error=0, i;
2548 ssize_t len;
2549 struct sockaddr *to = NULL;
2550 #ifdef KTRACE
2551 struct uio *ktruio = NULL;
2552 #endif
2553 struct uio auio;
2554 struct iovec *iov, *tiov;
2555 cap_rights_t rights;
2556
2557 if (uap->sinfo) {
2558 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo));
2559 if (error)
2560 return (error);
2561 u_sinfo = &sinfo;
2562 }
2563 rights = CAP_WRITE;
2564 if (uap->tolen) {
2565 error = getsockaddr(&to, uap->to, uap->tolen);
2566 if (error) {
2567 to = NULL;
2568 goto sctp_bad2;
2569 }
2570 rights |= CAP_CONNECT;
2571 }
2572
2573 AUDIT_ARG_FD(uap->sd);
2574 error = getsock_cap(td->td_proc->p_fd, uap->sd, rights, &fp, NULL);
2575 if (error)
2576 goto sctp_bad1;
2577
2578 #ifdef COMPAT_FREEBSD32
2579 if (SV_CURPROC_FLAG(SV_ILP32))
2580 error = freebsd32_copyiniov((struct iovec32 *)uap->iov,
2581 uap->iovlen, &iov, EMSGSIZE);
2582 else
2583 #endif
2584 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE);
2585 if (error)
2586 goto sctp_bad1;
2587 #ifdef KTRACE
2588 if (to && (KTRPOINT(td, KTR_STRUCT)))
2589 ktrsockaddr(to);
2590 #endif
2591
2592 so = (struct socket *)fp->f_data;
2593 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
2594 error = EOPNOTSUPP;
2595 goto sctp_bad;
2596 }
2597 #ifdef MAC
2598 error = mac_socket_check_send(td->td_ucred, so);
2599 if (error)
2600 goto sctp_bad;
2601 #endif /* MAC */
2602
2603 auio.uio_iov = iov;
2604 auio.uio_iovcnt = uap->iovlen;
2605 auio.uio_segflg = UIO_USERSPACE;
2606 auio.uio_rw = UIO_WRITE;
2607 auio.uio_td = td;
2608 auio.uio_offset = 0; /* XXX */
2609 auio.uio_resid = 0;
2610 tiov = iov;
2611 for (i = 0; i <uap->iovlen; i++, tiov++) {
2612 if ((auio.uio_resid += tiov->iov_len) < 0) {
2613 error = EINVAL;
2614 goto sctp_bad;
2615 }
2616 }
2617 len = auio.uio_resid;
2618 CURVNET_SET(so->so_vnet);
2619 error = sctp_lower_sosend(so, to, &auio,
2620 (struct mbuf *)NULL, (struct mbuf *)NULL,
2621 uap->flags, u_sinfo, td);
2622 CURVNET_RESTORE();
2623 if (error) {
2624 if (auio.uio_resid != len && (error == ERESTART ||
2625 error == EINTR || error == EWOULDBLOCK))
2626 error = 0;
2627 /* Generation of SIGPIPE can be controlled per socket */
2628 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
2629 !(uap->flags & MSG_NOSIGNAL)) {
2630 PROC_LOCK(td->td_proc);
2631 tdsignal(td, SIGPIPE);
2632 PROC_UNLOCK(td->td_proc);
2633 }
2634 }
2635 if (error == 0)
2636 td->td_retval[0] = len - auio.uio_resid;
2637 #ifdef KTRACE
2638 if (ktruio != NULL) {
2639 ktruio->uio_resid = td->td_retval[0];
2640 ktrgenio(uap->sd, UIO_WRITE, ktruio, error);
2641 }
2642 #endif /* KTRACE */
2643 sctp_bad:
2644 free(iov, M_IOV);
2645 sctp_bad1:
2646 if (fp)
2647 fdrop(fp, td);
2648 sctp_bad2:
2649 if (to)
2650 free(to, M_SONAME);
2651 return (error);
2652 #else /* SCTP */
2653 return (EOPNOTSUPP);
2654 #endif /* SCTP */
2655 }
2656
2657 int
2658 sys_sctp_generic_recvmsg(td, uap)
2659 struct thread *td;
2660 struct sctp_generic_recvmsg_args /* {
2661 int sd,
2662 struct iovec *iov,
2663 int iovlen,
2664 struct sockaddr *from,
2665 __socklen_t *fromlenaddr,
2666 struct sctp_sndrcvinfo *sinfo,
2667 int *msg_flags
2668 } */ *uap;
2669 {
2670 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2671 uint8_t sockbufstore[256];
2672 struct uio auio;
2673 struct iovec *iov, *tiov;
2674 struct sctp_sndrcvinfo sinfo;
2675 struct socket *so;
2676 struct file *fp = NULL;
2677 struct sockaddr *fromsa;
2678 int fromlen;
2679 ssize_t len;
2680 int i, msg_flags;
2681 int error = 0;
2682 #ifdef KTRACE
2683 struct uio *ktruio = NULL;
2684 #endif
2685
2686 AUDIT_ARG_FD(uap->sd);
2687 error = getsock_cap(td->td_proc->p_fd, uap->sd, CAP_READ, &fp, NULL);
2688 if (error) {
2689 return (error);
2690 }
2691 #ifdef COMPAT_FREEBSD32
2692 if (SV_CURPROC_FLAG(SV_ILP32))
2693 error = freebsd32_copyiniov((struct iovec32 *)uap->iov,
2694 uap->iovlen, &iov, EMSGSIZE);
2695 else
2696 #endif
2697 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE);
2698 if (error)
2699 goto out1;
2700
2701 so = fp->f_data;
2702 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
2703 error = EOPNOTSUPP;
2704 goto out;
2705 }
2706 #ifdef MAC
2707 error = mac_socket_check_receive(td->td_ucred, so);
2708 if (error) {
2709 goto out;
2710 }
2711 #endif /* MAC */
2712
2713 if (uap->fromlenaddr) {
2714 error = copyin(uap->fromlenaddr,
2715 &fromlen, sizeof (fromlen));
2716 if (error) {
2717 goto out;
2718 }
2719 } else {
2720 fromlen = 0;
2721 }
2722 if (uap->msg_flags) {
2723 error = copyin(uap->msg_flags, &msg_flags, sizeof (int));
2724 if (error) {
2725 goto out;
2726 }
2727 } else {
2728 msg_flags = 0;
2729 }
2730 auio.uio_iov = iov;
2731 auio.uio_iovcnt = uap->iovlen;
2732 auio.uio_segflg = UIO_USERSPACE;
2733 auio.uio_rw = UIO_READ;
2734 auio.uio_td = td;
2735 auio.uio_offset = 0; /* XXX */
2736 auio.uio_resid = 0;
2737 tiov = iov;
2738 for (i = 0; i <uap->iovlen; i++, tiov++) {
2739 if ((auio.uio_resid += tiov->iov_len) < 0) {
2740 error = EINVAL;
2741 goto out;
2742 }
2743 }
2744 len = auio.uio_resid;
2745 fromsa = (struct sockaddr *)sockbufstore;
2746
2747 #ifdef KTRACE
2748 if (KTRPOINT(td, KTR_GENIO))
2749 ktruio = cloneuio(&auio);
2750 #endif /* KTRACE */
2751 memset(&sinfo, 0, sizeof(struct sctp_sndrcvinfo));
2752 CURVNET_SET(so->so_vnet);
2753 error = sctp_sorecvmsg(so, &auio, (struct mbuf **)NULL,
2754 fromsa, fromlen, &msg_flags,
2755 (struct sctp_sndrcvinfo *)&sinfo, 1);
2756 CURVNET_RESTORE();
2757 if (error) {
2758 if (auio.uio_resid != len && (error == ERESTART ||
2759 error == EINTR || error == EWOULDBLOCK))
2760 error = 0;
2761 } else {
2762 if (uap->sinfo)
2763 error = copyout(&sinfo, uap->sinfo, sizeof (sinfo));
2764 }
2765 #ifdef KTRACE
2766 if (ktruio != NULL) {
2767 ktruio->uio_resid = len - auio.uio_resid;
2768 ktrgenio(uap->sd, UIO_READ, ktruio, error);
2769 }
2770 #endif /* KTRACE */
2771 if (error)
2772 goto out;
2773 td->td_retval[0] = len - auio.uio_resid;
2774
2775 if (fromlen && uap->from) {
2776 len = fromlen;
2777 if (len <= 0 || fromsa == 0)
2778 len = 0;
2779 else {
2780 len = MIN(len, fromsa->sa_len);
2781 error = copyout(fromsa, uap->from, (size_t)len);
2782 if (error)
2783 goto out;
2784 }
2785 error = copyout(&len, uap->fromlenaddr, sizeof (socklen_t));
2786 if (error) {
2787 goto out;
2788 }
2789 }
2790 #ifdef KTRACE
2791 if (KTRPOINT(td, KTR_STRUCT))
2792 ktrsockaddr(fromsa);
2793 #endif
2794 if (uap->msg_flags) {
2795 error = copyout(&msg_flags, uap->msg_flags, sizeof (int));
2796 if (error) {
2797 goto out;
2798 }
2799 }
2800 out:
2801 free(iov, M_IOV);
2802 out1:
2803 if (fp)
2804 fdrop(fp, td);
2805
2806 return (error);
2807 #else /* SCTP */
2808 return (EOPNOTSUPP);
2809 #endif /* SCTP */
2810 }
Cache object: e0ebf852e70c16556b6ae3a32c79ea61
|