1 /* $NetBSD: uipc_socket.c,v 1.205 2011/07/02 17:53:50 bouyer Exp $ */ 2 3 /*- 4 * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jason R. Thorpe of Wasabi Systems, Inc, and by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 2004 The FreeBSD Foundation 34 * Copyright (c) 2004 Robert Watson 35 * Copyright (c) 1982, 1986, 1988, 1990, 1993 36 * The Regents of the University of California. All rights reserved. 37 * 38 * Redistribution and use in source and binary forms, with or without 39 * modification, are permitted provided that the following conditions 40 * are met: 41 * 1. Redistributions of source code must retain the above copyright 42 * notice, this list of conditions and the following disclaimer. 43 * 2. Redistributions in binary form must reproduce the above copyright 44 * notice, this list of conditions and the following disclaimer in the 45 * documentation and/or other materials provided with the distribution. 46 * 3. Neither the name of the University nor the names of its contributors 47 * may be used to endorse or promote products derived from this software 48 * without specific prior written permission. 49 * 50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 60 * SUCH DAMAGE. 61 * 62 * @(#)uipc_socket.c 8.6 (Berkeley) 5/2/95 63 */ 64 65 #include <sys/cdefs.h> 66 __KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.205 2011/07/02 17:53:50 bouyer Exp $"); 67 68 #include "opt_compat_netbsd.h" 69 #include "opt_sock_counters.h" 70 #include "opt_sosend_loan.h" 71 #include "opt_mbuftrace.h" 72 #include "opt_somaxkva.h" 73 #include "opt_multiprocessor.h" /* XXX */ 74 75 #include <sys/param.h> 76 #include <sys/systm.h> 77 #include <sys/proc.h> 78 #include <sys/file.h> 79 #include <sys/filedesc.h> 80 #include <sys/kmem.h> 81 #include <sys/mbuf.h> 82 #include <sys/domain.h> 83 #include <sys/kernel.h> 84 #include <sys/protosw.h> 85 #include <sys/socket.h> 86 #include <sys/socketvar.h> 87 #include <sys/signalvar.h> 88 #include <sys/resourcevar.h> 89 #include <sys/uidinfo.h> 90 #include <sys/event.h> 91 #include <sys/poll.h> 92 #include <sys/kauth.h> 93 #include <sys/mutex.h> 94 #include <sys/condvar.h> 95 #include <sys/kthread.h> 96 97 #ifdef COMPAT_50 98 #include <compat/sys/time.h> 99 #include <compat/sys/socket.h> 100 #endif 101 102 #include <uvm/uvm_extern.h> 103 #include <uvm/uvm_loan.h> 104 #include <uvm/uvm_page.h> 105 106 MALLOC_DEFINE(M_SOOPTS, "soopts", "socket options"); 107 MALLOC_DEFINE(M_SONAME, "soname", "socket name"); 108 109 extern const struct fileops socketops; 110 111 extern int somaxconn; /* patchable (XXX sysctl) */ 112 int somaxconn = SOMAXCONN; 113 kmutex_t *softnet_lock; 114 115 #ifdef SOSEND_COUNTERS 116 #include <sys/device.h> 117 118 static struct evcnt sosend_loan_big = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 119 NULL, "sosend", "loan big"); 120 static struct evcnt sosend_copy_big = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 121 NULL, "sosend", "copy big"); 122 static struct evcnt sosend_copy_small = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 123 NULL, "sosend", "copy small"); 124 static struct evcnt sosend_kvalimit = EVCNT_INITIALIZER(EVCNT_TYPE_MISC, 125 NULL, "sosend", "kva limit"); 126 127 #define SOSEND_COUNTER_INCR(ev) (ev)->ev_count++ 128 129 EVCNT_ATTACH_STATIC(sosend_loan_big); 130 EVCNT_ATTACH_STATIC(sosend_copy_big); 131 EVCNT_ATTACH_STATIC(sosend_copy_small); 132 EVCNT_ATTACH_STATIC(sosend_kvalimit); 133 #else 134 135 #define SOSEND_COUNTER_INCR(ev) /* nothing */ 136 137 #endif /* SOSEND_COUNTERS */ 138 139 static struct callback_entry sokva_reclaimerentry; 140 141 #if defined(SOSEND_NO_LOAN) || defined(MULTIPROCESSOR) 142 int sock_loan_thresh = -1; 143 #else 144 int sock_loan_thresh = 4096; 145 #endif 146 147 static kmutex_t so_pendfree_lock; 148 static struct mbuf *so_pendfree = NULL; 149 150 #ifndef SOMAXKVA 151 #define SOMAXKVA (16 * 1024 * 1024) 152 #endif 153 int somaxkva = SOMAXKVA; 154 static int socurkva; 155 static kcondvar_t socurkva_cv; 156 157 static kauth_listener_t socket_listener; 158 159 #define SOCK_LOAN_CHUNK 65536 160 161 static void sopendfree_thread(void *); 162 static kcondvar_t pendfree_thread_cv; 163 static lwp_t *sopendfree_lwp; 164 165 static void sysctl_kern_somaxkva_setup(void); 166 static struct sysctllog *socket_sysctllog; 167 168 static vsize_t 169 sokvareserve(struct socket *so, vsize_t len) 170 { 171 int error; 172 173 mutex_enter(&so_pendfree_lock); 174 while (socurkva + len > somaxkva) { 175 SOSEND_COUNTER_INCR(&sosend_kvalimit); 176 error = cv_wait_sig(&socurkva_cv, &so_pendfree_lock); 177 if (error) { 178 len = 0; 179 break; 180 } 181 } 182 socurkva += len; 183 mutex_exit(&so_pendfree_lock); 184 return len; 185 } 186 187 static void 188 sokvaunreserve(vsize_t len) 189 { 190 191 mutex_enter(&so_pendfree_lock); 192 socurkva -= len; 193 cv_broadcast(&socurkva_cv); 194 mutex_exit(&so_pendfree_lock); 195 } 196 197 /* 198 * sokvaalloc: allocate kva for loan. 199 */ 200 201 vaddr_t 202 sokvaalloc(vsize_t len, struct socket *so) 203 { 204 vaddr_t lva; 205 206 /* 207 * reserve kva. 208 */ 209 210 if (sokvareserve(so, len) == 0) 211 return 0; 212 213 /* 214 * allocate kva. 215 */ 216 217 lva = uvm_km_alloc(kernel_map, len, 0, UVM_KMF_VAONLY | UVM_KMF_WAITVA); 218 if (lva == 0) { 219 sokvaunreserve(len); 220 return (0); 221 } 222 223 return lva; 224 } 225 226 /* 227 * sokvafree: free kva for loan. 228 */ 229 230 void 231 sokvafree(vaddr_t sva, vsize_t len) 232 { 233 234 /* 235 * free kva. 236 */ 237 238 uvm_km_free(kernel_map, sva, len, UVM_KMF_VAONLY); 239 240 /* 241 * unreserve kva. 242 */ 243 244 sokvaunreserve(len); 245 } 246 247 static void 248 sodoloanfree(struct vm_page **pgs, void *buf, size_t size) 249 { 250 vaddr_t sva, eva; 251 vsize_t len; 252 int npgs; 253 254 KASSERT(pgs != NULL); 255 256 eva = round_page((vaddr_t) buf + size); 257 sva = trunc_page((vaddr_t) buf); 258 len = eva - sva; 259 npgs = len >> PAGE_SHIFT; 260 261 pmap_kremove(sva, len); 262 pmap_update(pmap_kernel()); 263 uvm_unloan(pgs, npgs, UVM_LOAN_TOPAGE); 264 sokvafree(sva, len); 265 } 266 267 /* 268 * sopendfree_thread: free mbufs on "pendfree" list. 269 * unlock and relock so_pendfree_lock when freeing mbufs. 270 */ 271 272 static void 273 sopendfree_thread(void *v) 274 { 275 struct mbuf *m, *next; 276 size_t rv; 277 278 mutex_enter(&so_pendfree_lock); 279 280 for (;;) { 281 rv = 0; 282 while (so_pendfree != NULL) { 283 m = so_pendfree; 284 so_pendfree = NULL; 285 mutex_exit(&so_pendfree_lock); 286 287 for (; m != NULL; m = next) { 288 next = m->m_next; 289 KASSERT((~m->m_flags & (M_EXT|M_EXT_PAGES)) == 0); 290 KASSERT(m->m_ext.ext_refcnt == 0); 291 292 rv += m->m_ext.ext_size; 293 sodoloanfree(m->m_ext.ext_pgs, m->m_ext.ext_buf, 294 m->m_ext.ext_size); 295 pool_cache_put(mb_cache, m); 296 } 297 298 mutex_enter(&so_pendfree_lock); 299 } 300 if (rv) 301 cv_broadcast(&socurkva_cv); 302 cv_wait(&pendfree_thread_cv, &so_pendfree_lock); 303 } 304 panic("sopendfree_thread"); 305 /* NOTREACHED */ 306 } 307 308 void 309 soloanfree(struct mbuf *m, void *buf, size_t size, void *arg) 310 { 311 312 KASSERT(m != NULL); 313 314 /* 315 * postpone freeing mbuf. 316 * 317 * we can't do it in interrupt context 318 * because we need to put kva back to kernel_map. 319 */ 320 321 mutex_enter(&so_pendfree_lock); 322 m->m_next = so_pendfree; 323 so_pendfree = m; 324 cv_signal(&pendfree_thread_cv); 325 mutex_exit(&so_pendfree_lock); 326 } 327 328 static long 329 sosend_loan(struct socket *so, struct uio *uio, struct mbuf *m, long space) 330 { 331 struct iovec *iov = uio->uio_iov; 332 vaddr_t sva, eva; 333 vsize_t len; 334 vaddr_t lva; 335 int npgs, error; 336 vaddr_t va; 337 int i; 338 339 if (VMSPACE_IS_KERNEL_P(uio->uio_vmspace)) 340 return (0); 341 342 if (iov->iov_len < (size_t) space) 343 space = iov->iov_len; 344 if (space > SOCK_LOAN_CHUNK) 345 space = SOCK_LOAN_CHUNK; 346 347 eva = round_page((vaddr_t) iov->iov_base + space); 348 sva = trunc_page((vaddr_t) iov->iov_base); 349 len = eva - sva; 350 npgs = len >> PAGE_SHIFT; 351 352 KASSERT(npgs <= M_EXT_MAXPAGES); 353 354 lva = sokvaalloc(len, so); 355 if (lva == 0) 356 return 0; 357 358 error = uvm_loan(&uio->uio_vmspace->vm_map, sva, len, 359 m->m_ext.ext_pgs, UVM_LOAN_TOPAGE); 360 if (error) { 361 sokvafree(lva, len); 362 return (0); 363 } 364 365 for (i = 0, va = lva; i < npgs; i++, va += PAGE_SIZE) 366 pmap_kenter_pa(va, VM_PAGE_TO_PHYS(m->m_ext.ext_pgs[i]), 367 VM_PROT_READ, 0); 368 pmap_update(pmap_kernel()); 369 370 lva += (vaddr_t) iov->iov_base & PAGE_MASK; 371 372 MEXTADD(m, (void *) lva, space, M_MBUF, soloanfree, so); 373 m->m_flags |= M_EXT_PAGES | M_EXT_ROMAP; 374 375 uio->uio_resid -= space; 376 /* uio_offset not updated, not set/used for write(2) */ 377 uio->uio_iov->iov_base = (char *)uio->uio_iov->iov_base + space; 378 uio->uio_iov->iov_len -= space; 379 if (uio->uio_iov->iov_len == 0) { 380 uio->uio_iov++; 381 uio->uio_iovcnt--; 382 } 383 384 return (space); 385 } 386 387 static int 388 sokva_reclaim_callback(struct callback_entry *ce, void *obj, void *arg) 389 { 390 391 KASSERT(ce == &sokva_reclaimerentry); 392 KASSERT(obj == NULL); 393 394 if (!vm_map_starved_p(kernel_map)) { 395 return CALLBACK_CHAIN_ABORT; 396 } 397 return CALLBACK_CHAIN_CONTINUE; 398 } 399 400 struct mbuf * 401 getsombuf(struct socket *so, int type) 402 { 403 struct mbuf *m; 404 405 m = m_get(M_WAIT, type); 406 MCLAIM(m, so->so_mowner); 407 return m; 408 } 409 410 static int 411 socket_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 412 void *arg0, void *arg1, void *arg2, void *arg3) 413 { 414 int result; 415 enum kauth_network_req req; 416 417 result = KAUTH_RESULT_DEFER; 418 req = (enum kauth_network_req)arg0; 419 420 if ((action != KAUTH_NETWORK_SOCKET) && 421 (action != KAUTH_NETWORK_BIND)) 422 return result; 423 424 switch (req) { 425 case KAUTH_REQ_NETWORK_BIND_PORT: 426 result = KAUTH_RESULT_ALLOW; 427 break; 428 429 case KAUTH_REQ_NETWORK_SOCKET_DROP: { 430 /* Normal users can only drop their own connections. */ 431 struct socket *so = (struct socket *)arg1; 432 433 if (proc_uidmatch(cred, so->so_cred)) 434 result = KAUTH_RESULT_ALLOW; 435 436 break; 437 } 438 439 case KAUTH_REQ_NETWORK_SOCKET_OPEN: 440 /* We allow "raw" routing/bluetooth sockets to anyone. */ 441 if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_OROUTE 442 || (u_long)arg1 == PF_BLUETOOTH) { 443 result = KAUTH_RESULT_ALLOW; 444 } else { 445 /* Privileged, let secmodel handle this. */ 446 if ((u_long)arg2 == SOCK_RAW) 447 break; 448 } 449 450 result = KAUTH_RESULT_ALLOW; 451 452 break; 453 454 case KAUTH_REQ_NETWORK_SOCKET_CANSEE: 455 result = KAUTH_RESULT_ALLOW; 456 457 break; 458 459 default: 460 break; 461 } 462 463 return result; 464 } 465 466 void 467 soinit(void) 468 { 469 470 sysctl_kern_somaxkva_setup(); 471 472 mutex_init(&so_pendfree_lock, MUTEX_DEFAULT, IPL_VM); 473 softnet_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_NONE); 474 cv_init(&socurkva_cv, "sokva"); 475 cv_init(&pendfree_thread_cv, "sopendfr"); 476 soinit2(); 477 478 /* Set the initial adjusted socket buffer size. */ 479 if (sb_max_set(sb_max)) 480 panic("bad initial sb_max value: %lu", sb_max); 481 482 callback_register(&vm_map_to_kernel(kernel_map)->vmk_reclaim_callback, 483 &sokva_reclaimerentry, NULL, sokva_reclaim_callback); 484 485 socket_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK, 486 socket_listener_cb, NULL); 487 } 488 489 void 490 soinit1(void) 491 { 492 int error = kthread_create(PRI_NONE, KTHREAD_MPSAFE, NULL, 493 sopendfree_thread, NULL, &sopendfree_lwp, "sopendfree"); 494 if (error) 495 panic("soinit1 %d", error); 496 } 497 498 /* 499 * Socket operation routines. 500 * These routines are called by the routines in 501 * sys_socket.c or from a system process, and 502 * implement the semantics of socket operations by 503 * switching out to the protocol specific routines. 504 */ 505 /*ARGSUSED*/ 506 int 507 socreate(int dom, struct socket **aso, int type, int proto, struct lwp *l, 508 struct socket *lockso) 509 { 510 const struct protosw *prp; 511 struct socket *so; 512 uid_t uid; 513 int error; 514 kmutex_t *lock; 515 516 error = kauth_authorize_network(l->l_cred, KAUTH_NETWORK_SOCKET, 517 KAUTH_REQ_NETWORK_SOCKET_OPEN, KAUTH_ARG(dom), KAUTH_ARG(type), 518 KAUTH_ARG(proto)); 519 if (error != 0) 520 return error; 521 522 if (proto) 523 prp = pffindproto(dom, proto, type); 524 else 525 prp = pffindtype(dom, type); 526 if (prp == NULL) { 527 /* no support for domain */ 528 if (pffinddomain(dom) == 0) 529 return EAFNOSUPPORT; 530 /* no support for socket type */ 531 if (proto == 0 && type != 0) 532 return EPROTOTYPE; 533 return EPROTONOSUPPORT; 534 } 535 if (prp->pr_usrreq == NULL) 536 return EPROTONOSUPPORT; 537 if (prp->pr_type != type) 538 return EPROTOTYPE; 539 540 so = soget(true); 541 so->so_type = type; 542 so->so_proto = prp; 543 so->so_send = sosend; 544 so->so_receive = soreceive; 545 #ifdef MBUFTRACE 546 so->so_rcv.sb_mowner = &prp->pr_domain->dom_mowner; 547 so->so_snd.sb_mowner = &prp->pr_domain->dom_mowner; 548 so->so_mowner = &prp->pr_domain->dom_mowner; 549 #endif 550 uid = kauth_cred_geteuid(l->l_cred); 551 so->so_uidinfo = uid_find(uid); 552 so->so_cpid = l->l_proc->p_pid; 553 if (lockso != NULL) { 554 /* Caller wants us to share a lock. */ 555 lock = lockso->so_lock; 556 so->so_lock = lock; 557 mutex_obj_hold(lock); 558 mutex_enter(lock); 559 } else { 560 /* Lock assigned and taken during PRU_ATTACH. */ 561 } 562 error = (*prp->pr_usrreq)(so, PRU_ATTACH, NULL, 563 (struct mbuf *)(long)proto, NULL, l); 564 KASSERT(solocked(so)); 565 if (error != 0) { 566 so->so_state |= SS_NOFDREF; 567 sofree(so); 568 return error; 569 } 570 so->so_cred = kauth_cred_dup(l->l_cred); 571 sounlock(so); 572 *aso = so; 573 return 0; 574 } 575 576 /* On success, write file descriptor to fdout and return zero. On 577 * failure, return non-zero; *fdout will be undefined. 578 */ 579 int 580 fsocreate(int domain, struct socket **sop, int type, int protocol, 581 struct lwp *l, int *fdout) 582 { 583 struct socket *so; 584 struct file *fp; 585 int fd, error; 586 int flags = type & SOCK_FLAGS_MASK; 587 588 type &= ~SOCK_FLAGS_MASK; 589 if ((error = fd_allocfile(&fp, &fd)) != 0) 590 return error; 591 fd_set_exclose(l, fd, (flags & SOCK_CLOEXEC) != 0); 592 fp->f_flag = FREAD|FWRITE|((flags & SOCK_NONBLOCK) ? FNONBLOCK : 0); 593 fp->f_type = DTYPE_SOCKET; 594 fp->f_ops = &socketops; 595 error = socreate(domain, &so, type, protocol, l, NULL); 596 if (error != 0) { 597 fd_abort(curproc, fp, fd); 598 } else { 599 if (sop != NULL) 600 *sop = so; 601 fp->f_data = so; 602 fd_affix(curproc, fp, fd); 603 *fdout = fd; 604 } 605 return error; 606 } 607 608 int 609 sofamily(const struct socket *so) 610 { 611 const struct protosw *pr; 612 const struct domain *dom; 613 614 if ((pr = so->so_proto) == NULL) 615 return AF_UNSPEC; 616 if ((dom = pr->pr_domain) == NULL) 617 return AF_UNSPEC; 618 return dom->dom_family; 619 } 620 621 int 622 sobind(struct socket *so, struct mbuf *nam, struct lwp *l) 623 { 624 int error; 625 626 solock(so); 627 error = (*so->so_proto->pr_usrreq)(so, PRU_BIND, NULL, nam, NULL, l); 628 sounlock(so); 629 return error; 630 } 631 632 int 633 solisten(struct socket *so, int backlog, struct lwp *l) 634 { 635 int error; 636 637 solock(so); 638 if ((so->so_state & (SS_ISCONNECTED | SS_ISCONNECTING | 639 SS_ISDISCONNECTING)) != 0) { 640 sounlock(so); 641 return (EOPNOTSUPP); 642 } 643 error = (*so->so_proto->pr_usrreq)(so, PRU_LISTEN, NULL, 644 NULL, NULL, l); 645 if (error != 0) { 646 sounlock(so); 647 return error; 648 } 649 if (TAILQ_EMPTY(&so->so_q)) 650 so->so_options |= SO_ACCEPTCONN; 651 if (backlog < 0) 652 backlog = 0; 653 so->so_qlimit = min(backlog, somaxconn); 654 sounlock(so); 655 return 0; 656 } 657 658 void 659 sofree(struct socket *so) 660 { 661 u_int refs; 662 663 KASSERT(solocked(so)); 664 665 if (so->so_pcb || (so->so_state & SS_NOFDREF) == 0) { 666 sounlock(so); 667 return; 668 } 669 if (so->so_head) { 670 /* 671 * We must not decommission a socket that's on the accept(2) 672 * queue. If we do, then accept(2) may hang after select(2) 673 * indicated that the listening socket was ready. 674 */ 675 if (!soqremque(so, 0)) { 676 sounlock(so); 677 return; 678 } 679 } 680 if (so->so_rcv.sb_hiwat) 681 (void)chgsbsize(so->so_uidinfo, &so->so_rcv.sb_hiwat, 0, 682 RLIM_INFINITY); 683 if (so->so_snd.sb_hiwat) 684 (void)chgsbsize(so->so_uidinfo, &so->so_snd.sb_hiwat, 0, 685 RLIM_INFINITY); 686 sbrelease(&so->so_snd, so); 687 KASSERT(!cv_has_waiters(&so->so_cv)); 688 KASSERT(!cv_has_waiters(&so->so_rcv.sb_cv)); 689 KASSERT(!cv_has_waiters(&so->so_snd.sb_cv)); 690 sorflush(so); 691 refs = so->so_aborting; /* XXX */ 692 /* Remove acccept filter if one is present. */ 693 if (so->so_accf != NULL) 694 (void)accept_filt_clear(so); 695 sounlock(so); 696 if (refs == 0) /* XXX */ 697 soput(so); 698 } 699 700 /* 701 * Close a socket on last file table reference removal. 702 * Initiate disconnect if connected. 703 * Free socket when disconnect complete. 704 */ 705 int 706 soclose(struct socket *so) 707 { 708 struct socket *so2; 709 int error; 710 int error2; 711 712 error = 0; 713 solock(so); 714 if (so->so_options & SO_ACCEPTCONN) { 715 for (;;) { 716 if ((so2 = TAILQ_FIRST(&so->so_q0)) != 0) { 717 KASSERT(solocked2(so, so2)); 718 (void) soqremque(so2, 0); 719 /* soabort drops the lock. */ 720 (void) soabort(so2); 721 solock(so); 722 continue; 723 } 724 if ((so2 = TAILQ_FIRST(&so->so_q)) != 0) { 725 KASSERT(solocked2(so, so2)); 726 (void) soqremque(so2, 1); 727 /* soabort drops the lock. */ 728 (void) soabort(so2); 729 solock(so); 730 continue; 731 } 732 break; 733 } 734 } 735 if (so->so_pcb == 0) 736 goto discard; 737 if (so->so_state & SS_ISCONNECTED) { 738 if ((so->so_state & SS_ISDISCONNECTING) == 0) { 739 error = sodisconnect(so); 740 if (error) 741 goto drop; 742 } 743 if (so->so_options & SO_LINGER) { 744 if ((so->so_state & SS_ISDISCONNECTING) && so->so_nbio) 745 goto drop; 746 while (so->so_state & SS_ISCONNECTED) { 747 error = sowait(so, true, so->so_linger * hz); 748 if (error) 749 break; 750 } 751 } 752 } 753 drop: 754 if (so->so_pcb) { 755 error2 = (*so->so_proto->pr_usrreq)(so, PRU_DETACH, 756 NULL, NULL, NULL, NULL); 757 if (error == 0) 758 error = error2; 759 } 760 discard: 761 if (so->so_state & SS_NOFDREF) 762 panic("soclose: NOFDREF"); 763 kauth_cred_free(so->so_cred); 764 so->so_state |= SS_NOFDREF; 765 sofree(so); 766 return (error); 767 } 768 769 /* 770 * Must be called with the socket locked.. Will return with it unlocked. 771 */ 772 int 773 soabort(struct socket *so) 774 { 775 u_int refs; 776 int error; 777 778 KASSERT(solocked(so)); 779 KASSERT(so->so_head == NULL); 780 781 so->so_aborting++; /* XXX */ 782 error = (*so->so_proto->pr_usrreq)(so, PRU_ABORT, NULL, 783 NULL, NULL, NULL); 784 refs = --so->so_aborting; /* XXX */ 785 if (error || (refs == 0)) { 786 sofree(so); 787 } else { 788 sounlock(so); 789 } 790 return error; 791 } 792 793 int 794 soaccept(struct socket *so, struct mbuf *nam) 795 { 796 int error; 797 798 KASSERT(solocked(so)); 799 800 error = 0; 801 if ((so->so_state & SS_NOFDREF) == 0) 802 panic("soaccept: !NOFDREF"); 803 so->so_state &= ~SS_NOFDREF; 804 if ((so->so_state & SS_ISDISCONNECTED) == 0 || 805 (so->so_proto->pr_flags & PR_ABRTACPTDIS) == 0) 806 error = (*so->so_proto->pr_usrreq)(so, PRU_ACCEPT, 807 NULL, nam, NULL, NULL); 808 else 809 error = ECONNABORTED; 810 811 return (error); 812 } 813 814 int 815 soconnect(struct socket *so, struct mbuf *nam, struct lwp *l) 816 { 817 int error; 818 819 KASSERT(solocked(so)); 820 821 if (so->so_options & SO_ACCEPTCONN) 822 return (EOPNOTSUPP); 823 /* 824 * If protocol is connection-based, can only connect once. 825 * Otherwise, if connected, try to disconnect first. 826 * This allows user to disconnect by connecting to, e.g., 827 * a null address. 828 */ 829 if (so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING) && 830 ((so->so_proto->pr_flags & PR_CONNREQUIRED) || 831 (error = sodisconnect(so)))) 832 error = EISCONN; 833 else 834 error = (*so->so_proto->pr_usrreq)(so, PRU_CONNECT, 835 NULL, nam, NULL, l); 836 return (error); 837 } 838 839 int 840 soconnect2(struct socket *so1, struct socket *so2) 841 { 842 int error; 843 844 KASSERT(solocked2(so1, so2)); 845 846 error = (*so1->so_proto->pr_usrreq)(so1, PRU_CONNECT2, 847 NULL, (struct mbuf *)so2, NULL, NULL); 848 return (error); 849 } 850 851 int 852 sodisconnect(struct socket *so) 853 { 854 int error; 855 856 KASSERT(solocked(so)); 857 858 if ((so->so_state & SS_ISCONNECTED) == 0) { 859 error = ENOTCONN; 860 } else if (so->so_state & SS_ISDISCONNECTING) { 861 error = EALREADY; 862 } else { 863 error = (*so->so_proto->pr_usrreq)(so, PRU_DISCONNECT, 864 NULL, NULL, NULL, NULL); 865 } 866 return (error); 867 } 868 869 #define SBLOCKWAIT(f) (((f) & MSG_DONTWAIT) ? M_NOWAIT : M_WAITOK) 870 /* 871 * Send on a socket. 872 * If send must go all at once and message is larger than 873 * send buffering, then hard error. 874 * Lock against other senders. 875 * If must go all at once and not enough room now, then 876 * inform user that this would block and do nothing. 877 * Otherwise, if nonblocking, send as much as possible. 878 * The data to be sent is described by "uio" if nonzero, 879 * otherwise by the mbuf chain "top" (which must be null 880 * if uio is not). Data provided in mbuf chain must be small 881 * enough to send all at once. 882 * 883 * Returns nonzero on error, timeout or signal; callers 884 * must check for short counts if EINTR/ERESTART are returned. 885 * Data and control buffers are freed on return. 886 */ 887 int 888 sosend(struct socket *so, struct mbuf *addr, struct uio *uio, struct mbuf *top, 889 struct mbuf *control, int flags, struct lwp *l) 890 { 891 struct mbuf **mp, *m; 892 struct proc *p; 893 long space, len, resid, clen, mlen; 894 int error, s, dontroute, atomic; 895 short wakeup_state = 0; 896 897 p = l->l_proc; 898 clen = 0; 899 900 /* 901 * solock() provides atomicity of access. splsoftnet() prevents 902 * protocol processing soft interrupts from interrupting us and 903 * blocking (expensive). 904 */ 905 s = splsoftnet(); 906 solock(so); 907 atomic = sosendallatonce(so) || top; 908 if (uio) 909 resid = uio->uio_resid; 910 else 911 resid = top->m_pkthdr.len; 912 /* 913 * In theory resid should be unsigned. 914 * However, space must be signed, as it might be less than 0 915 * if we over-committed, and we must use a signed comparison 916 * of space and resid. On the other hand, a negative resid 917 * causes us to loop sending 0-length segments to the protocol. 918 */ 919 if (resid < 0) { 920 error = EINVAL; 921 goto out; 922 } 923 dontroute = 924 (flags & MSG_DONTROUTE) && (so->so_options & SO_DONTROUTE) == 0 && 925 (so->so_proto->pr_flags & PR_ATOMIC); 926 l->l_ru.ru_msgsnd++; 927 if (control) 928 clen = control->m_len; 929 restart: 930 if ((error = sblock(&so->so_snd, SBLOCKWAIT(flags))) != 0) 931 goto out; 932 do { 933 if (so->so_state & SS_CANTSENDMORE) { 934 error = EPIPE; 935 goto release; 936 } 937 if (so->so_error) { 938 error = so->so_error; 939 so->so_error = 0; 940 goto release; 941 } 942 if ((so->so_state & SS_ISCONNECTED) == 0) { 943 if (so->so_proto->pr_flags & PR_CONNREQUIRED) { 944 if ((so->so_state & SS_ISCONFIRMING) == 0 && 945 !(resid == 0 && clen != 0)) { 946 error = ENOTCONN; 947 goto release; 948 } 949 } else if (addr == 0) { 950 error = EDESTADDRREQ; 951 goto release; 952 } 953 } 954 space = sbspace(&so->so_snd); 955 if (flags & MSG_OOB) 956 space += 1024; 957 if ((atomic && resid > so->so_snd.sb_hiwat) || 958 clen > so->so_snd.sb_hiwat) { 959 error = EMSGSIZE; 960 goto release; 961 } 962 if (space < resid + clen && 963 (atomic || space < so->so_snd.sb_lowat || space < clen)) { 964 if (so->so_nbio) { 965 error = EWOULDBLOCK; 966 goto release; 967 } 968 sbunlock(&so->so_snd); 969 if (wakeup_state & SS_RESTARTSYS) { 970 error = ERESTART; 971 goto out; 972 } 973 error = sbwait(&so->so_snd); 974 if (error) 975 goto out; 976 wakeup_state = so->so_state; 977 goto restart; 978 } 979 wakeup_state = 0; 980 mp = ⊤ 981 space -= clen; 982 do { 983 if (uio == NULL) { 984 /* 985 * Data is prepackaged in "top". 986 */ 987 resid = 0; 988 if (flags & MSG_EOR) 989 top->m_flags |= M_EOR; 990 } else do { 991 sounlock(so); 992 splx(s); 993 if (top == NULL) { 994 m = m_gethdr(M_WAIT, MT_DATA); 995 mlen = MHLEN; 996 m->m_pkthdr.len = 0; 997 m->m_pkthdr.rcvif = NULL; 998 } else { 999 m = m_get(M_WAIT, MT_DATA); 1000 mlen = MLEN; 1001 } 1002 MCLAIM(m, so->so_snd.sb_mowner); 1003 if (sock_loan_thresh >= 0 && 1004 uio->uio_iov->iov_len >= sock_loan_thresh && 1005 space >= sock_loan_thresh && 1006 (len = sosend_loan(so, uio, m, 1007 space)) != 0) { 1008 SOSEND_COUNTER_INCR(&sosend_loan_big); 1009 space -= len; 1010 goto have_data; 1011 } 1012 if (resid >= MINCLSIZE && space >= MCLBYTES) { 1013 SOSEND_COUNTER_INCR(&sosend_copy_big); 1014 m_clget(m, M_DONTWAIT); 1015 if ((m->m_flags & M_EXT) == 0) 1016 goto nopages; 1017 mlen = MCLBYTES; 1018 if (atomic && top == 0) { 1019 len = lmin(MCLBYTES - max_hdr, 1020 resid); 1021 m->m_data += max_hdr; 1022 } else 1023 len = lmin(MCLBYTES, resid); 1024 space -= len; 1025 } else { 1026 nopages: 1027 SOSEND_COUNTER_INCR(&sosend_copy_small); 1028 len = lmin(lmin(mlen, resid), space); 1029 space -= len; 1030 /* 1031 * For datagram protocols, leave room 1032 * for protocol headers in first mbuf. 1033 */ 1034 if (atomic && top == 0 && len < mlen) 1035 MH_ALIGN(m, len); 1036 } 1037 error = uiomove(mtod(m, void *), (int)len, uio); 1038 have_data: 1039 resid = uio->uio_resid; 1040 m->m_len = len; 1041 *mp = m; 1042 top->m_pkthdr.len += len; 1043 s = splsoftnet(); 1044 solock(so); 1045 if (error != 0) 1046 goto release; 1047 mp = &m->m_next; 1048 if (resid <= 0) { 1049 if (flags & MSG_EOR) 1050 top->m_flags |= M_EOR; 1051 break; 1052 } 1053 } while (space > 0 && atomic); 1054 1055 if (so->so_state & SS_CANTSENDMORE) { 1056 error = EPIPE; 1057 goto release; 1058 } 1059 if (dontroute) 1060 so->so_options |= SO_DONTROUTE; 1061 if (resid > 0) 1062 so->so_state |= SS_MORETOCOME; 1063 error = (*so->so_proto->pr_usrreq)(so, 1064 (flags & MSG_OOB) ? PRU_SENDOOB : PRU_SEND, 1065 top, addr, control, curlwp); 1066 if (dontroute) 1067 so->so_options &= ~SO_DONTROUTE; 1068 if (resid > 0) 1069 so->so_state &= ~SS_MORETOCOME; 1070 clen = 0; 1071 control = NULL; 1072 top = NULL; 1073 mp = ⊤ 1074 if (error != 0) 1075 goto release; 1076 } while (resid && space > 0); 1077 } while (resid); 1078 1079 release: 1080 sbunlock(&so->so_snd); 1081 out: 1082 sounlock(so); 1083 splx(s); 1084 if (top) 1085 m_freem(top); 1086 if (control) 1087 m_freem(control); 1088 return (error); 1089 } 1090 1091 /* 1092 * Following replacement or removal of the first mbuf on the first 1093 * mbuf chain of a socket buffer, push necessary state changes back 1094 * into the socket buffer so that other consumers see the values 1095 * consistently. 'nextrecord' is the callers locally stored value of 1096 * the original value of sb->sb_mb->m_nextpkt which must be restored 1097 * when the lead mbuf changes. NOTE: 'nextrecord' may be NULL. 1098 */ 1099 static void 1100 sbsync(struct sockbuf *sb, struct mbuf *nextrecord) 1101 { 1102 1103 KASSERT(solocked(sb->sb_so)); 1104 1105 /* 1106 * First, update for the new value of nextrecord. If necessary, 1107 * make it the first record. 1108 */ 1109 if (sb->sb_mb != NULL) 1110 sb->sb_mb->m_nextpkt = nextrecord; 1111 else 1112 sb->sb_mb = nextrecord; 1113 1114 /* 1115 * Now update any dependent socket buffer fields to reflect 1116 * the new state. This is an inline of SB_EMPTY_FIXUP, with 1117 * the addition of a second clause that takes care of the 1118 * case where sb_mb has been updated, but remains the last 1119 * record. 1120 */ 1121 if (sb->sb_mb == NULL) { 1122 sb->sb_mbtail = NULL; 1123 sb->sb_lastrecord = NULL; 1124 } else if (sb->sb_mb->m_nextpkt == NULL) 1125 sb->sb_lastrecord = sb->sb_mb; 1126 } 1127 1128 /* 1129 * Implement receive operations on a socket. 1130 * We depend on the way that records are added to the sockbuf 1131 * by sbappend*. In particular, each record (mbufs linked through m_next) 1132 * must begin with an address if the protocol so specifies, 1133 * followed by an optional mbuf or mbufs containing ancillary data, 1134 * and then zero or more mbufs of data. 1135 * In order to avoid blocking network interrupts for the entire time here, 1136 * we splx() while doing the actual copy to user space. 1137 * Although the sockbuf is locked, new data may still be appended, 1138 * and thus we must maintain consistency of the sockbuf during that time. 1139 * 1140 * The caller may receive the data as a single mbuf chain by supplying 1141 * an mbuf **mp0 for use in returning the chain. The uio is then used 1142 * only for the count in uio_resid. 1143 */ 1144 int 1145 soreceive(struct socket *so, struct mbuf **paddr, struct uio *uio, 1146 struct mbuf **mp0, struct mbuf **controlp, int *flagsp) 1147 { 1148 struct lwp *l = curlwp; 1149 struct mbuf *m, **mp, *mt; 1150 int atomic, flags, len, error, s, offset, moff, type, orig_resid; 1151 const struct protosw *pr; 1152 struct mbuf *nextrecord; 1153 int mbuf_removed = 0; 1154 const struct domain *dom; 1155 short wakeup_state = 0; 1156 1157 pr = so->so_proto; 1158 atomic = pr->pr_flags & PR_ATOMIC; 1159 dom = pr->pr_domain; 1160 mp = mp0; 1161 type = 0; 1162 orig_resid = uio->uio_resid; 1163 1164 if (paddr != NULL) 1165 *paddr = NULL; 1166 if (controlp != NULL) 1167 *controlp = NULL; 1168 if (flagsp != NULL) 1169 flags = *flagsp &~ MSG_EOR; 1170 else 1171 flags = 0; 1172 1173 if (flags & MSG_OOB) { 1174 m = m_get(M_WAIT, MT_DATA); 1175 solock(so); 1176 error = (*pr->pr_usrreq)(so, PRU_RCVOOB, m, 1177 (struct mbuf *)(long)(flags & MSG_PEEK), NULL, l); 1178 sounlock(so); 1179 if (error) 1180 goto bad; 1181 do { 1182 error = uiomove(mtod(m, void *), 1183 (int) min(uio->uio_resid, m->m_len), uio); 1184 m = m_free(m); 1185 } while (uio->uio_resid > 0 && error == 0 && m); 1186 bad: 1187 if (m != NULL) 1188 m_freem(m); 1189 return error; 1190 } 1191 if (mp != NULL) 1192 *mp = NULL; 1193 1194 /* 1195 * solock() provides atomicity of access. splsoftnet() prevents 1196 * protocol processing soft interrupts from interrupting us and 1197 * blocking (expensive). 1198 */ 1199 s = splsoftnet(); 1200 solock(so); 1201 if (so->so_state & SS_ISCONFIRMING && uio->uio_resid) 1202 (*pr->pr_usrreq)(so, PRU_RCVD, NULL, NULL, NULL, l); 1203 1204 restart: 1205 if ((error = sblock(&so->so_rcv, SBLOCKWAIT(flags))) != 0) { 1206 sounlock(so); 1207 splx(s); 1208 return error; 1209 } 1210 1211 m = so->so_rcv.sb_mb; 1212 /* 1213 * If we have less data than requested, block awaiting more 1214 * (subject to any timeout) if: 1215 * 1. the current count is less than the low water mark, 1216 * 2. MSG_WAITALL is set, and it is possible to do the entire 1217 * receive operation at once if we block (resid <= hiwat), or 1218 * 3. MSG_DONTWAIT is not set. 1219 * If MSG_WAITALL is set but resid is larger than the receive buffer, 1220 * we have to do the receive in sections, and thus risk returning 1221 * a short count if a timeout or signal occurs after we start. 1222 */ 1223 if (m == NULL || 1224 ((flags & MSG_DONTWAIT) == 0 && 1225 so->so_rcv.sb_cc < uio->uio_resid && 1226 (so->so_rcv.sb_cc < so->so_rcv.sb_lowat || 1227 ((flags & MSG_WAITALL) && 1228 uio->uio_resid <= so->so_rcv.sb_hiwat)) && 1229 m->m_nextpkt == NULL && !atomic)) { 1230 #ifdef DIAGNOSTIC 1231 if (m == NULL && so->so_rcv.sb_cc) 1232 panic("receive 1"); 1233 #endif 1234 if (so->so_error) { 1235 if (m != NULL) 1236 goto dontblock; 1237 error = so->so_error; 1238 if ((flags & MSG_PEEK) == 0) 1239 so->so_error = 0; 1240 goto release; 1241 } 1242 if (so->so_state & SS_CANTRCVMORE) { 1243 if (m != NULL) 1244 goto dontblock; 1245 else 1246 goto release; 1247 } 1248 for (; m != NULL; m = m->m_next) 1249 if (m->m_type == MT_OOBDATA || (m->m_flags & M_EOR)) { 1250 m = so->so_rcv.sb_mb; 1251 goto dontblock; 1252 } 1253 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING)) == 0 && 1254 (so->so_proto->pr_flags & PR_CONNREQUIRED)) { 1255 error = ENOTCONN; 1256 goto release; 1257 } 1258 if (uio->uio_resid == 0) 1259 goto release; 1260 if (so->so_nbio || (flags & MSG_DONTWAIT)) { 1261 error = EWOULDBLOCK; 1262 goto release; 1263 } 1264 SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 1"); 1265 SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 1"); 1266 sbunlock(&so->so_rcv); 1267 if (wakeup_state & SS_RESTARTSYS) 1268 error = ERESTART; 1269 else 1270 error = sbwait(&so->so_rcv); 1271 if (error != 0) { 1272 sounlock(so); 1273 splx(s); 1274 return error; 1275 } 1276 wakeup_state = so->so_state; 1277 goto restart; 1278 } 1279 dontblock: 1280 /* 1281 * On entry here, m points to the first record of the socket buffer. 1282 * From this point onward, we maintain 'nextrecord' as a cache of the 1283 * pointer to the next record in the socket buffer. We must keep the 1284 * various socket buffer pointers and local stack versions of the 1285 * pointers in sync, pushing out modifications before dropping the 1286 * socket lock, and re-reading them when picking it up. 1287 * 1288 * Otherwise, we will race with the network stack appending new data 1289 * or records onto the socket buffer by using inconsistent/stale 1290 * versions of the field, possibly resulting in socket buffer 1291 * corruption. 1292 * 1293 * By holding the high-level sblock(), we prevent simultaneous 1294 * readers from pulling off the front of the socket buffer. 1295 */ 1296 if (l != NULL) 1297 l->l_ru.ru_msgrcv++; 1298 KASSERT(m == so->so_rcv.sb_mb); 1299 SBLASTRECORDCHK(&so->so_rcv, "soreceive 1"); 1300 SBLASTMBUFCHK(&so->so_rcv, "soreceive 1"); 1301 nextrecord = m->m_nextpkt; 1302 if (pr->pr_flags & PR_ADDR) { 1303 #ifdef DIAGNOSTIC 1304 if (m->m_type != MT_SONAME) 1305 panic("receive 1a"); 1306 #endif 1307 orig_resid = 0; 1308 if (flags & MSG_PEEK) { 1309 if (paddr) 1310 *paddr = m_copy(m, 0, m->m_len); 1311 m = m->m_next; 1312 } else { 1313 sbfree(&so->so_rcv, m); 1314 mbuf_removed = 1; 1315 if (paddr != NULL) { 1316 *paddr = m; 1317 so->so_rcv.sb_mb = m->m_next; 1318 m->m_next = NULL; 1319 m = so->so_rcv.sb_mb; 1320 } else { 1321 MFREE(m, so->so_rcv.sb_mb); 1322 m = so->so_rcv.sb_mb; 1323 } 1324 sbsync(&so->so_rcv, nextrecord); 1325 } 1326 } 1327 1328 /* 1329 * Process one or more MT_CONTROL mbufs present before any data mbufs 1330 * in the first mbuf chain on the socket buffer. If MSG_PEEK, we 1331 * just copy the data; if !MSG_PEEK, we call into the protocol to 1332 * perform externalization (or freeing if controlp == NULL). 1333 */ 1334 if (__predict_false(m != NULL && m->m_type == MT_CONTROL)) { 1335 struct mbuf *cm = NULL, *cmn; 1336 struct mbuf **cme = &cm; 1337 1338 do { 1339 if (flags & MSG_PEEK) { 1340 if (controlp != NULL) { 1341 *controlp = m_copy(m, 0, m->m_len); 1342 controlp = &(*controlp)->m_next; 1343 } 1344 m = m->m_next; 1345 } else { 1346 sbfree(&so->so_rcv, m); 1347 so->so_rcv.sb_mb = m->m_next; 1348 m->m_next = NULL; 1349 *cme = m; 1350 cme = &(*cme)->m_next; 1351 m = so->so_rcv.sb_mb; 1352 } 1353 } while (m != NULL && m->m_type == MT_CONTROL); 1354 if ((flags & MSG_PEEK) == 0) 1355 sbsync(&so->so_rcv, nextrecord); 1356 for (; cm != NULL; cm = cmn) { 1357 cmn = cm->m_next; 1358 cm->m_next = NULL; 1359 type = mtod(cm, struct cmsghdr *)->cmsg_type; 1360 if (controlp != NULL) { 1361 if (dom->dom_externalize != NULL && 1362 type == SCM_RIGHTS) { 1363 sounlock(so); 1364 splx(s); 1365 error = (*dom->dom_externalize)(cm, l, 1366 (flags & MSG_CMSG_CLOEXEC) ? 1367 O_CLOEXEC : 0); 1368 s = splsoftnet(); 1369 solock(so); 1370 } 1371 *controlp = cm; 1372 while (*controlp != NULL) 1373 controlp = &(*controlp)->m_next; 1374 } else { 1375 /* 1376 * Dispose of any SCM_RIGHTS message that went 1377 * through the read path rather than recv. 1378 */ 1379 if (dom->dom_dispose != NULL && 1380 type == SCM_RIGHTS) { 1381 sounlock(so); 1382 (*dom->dom_dispose)(cm); 1383 solock(so); 1384 } 1385 m_freem(cm); 1386 } 1387 } 1388 if (m != NULL) 1389 nextrecord = so->so_rcv.sb_mb->m_nextpkt; 1390 else 1391 nextrecord = so->so_rcv.sb_mb; 1392 orig_resid = 0; 1393 } 1394 1395 /* If m is non-NULL, we have some data to read. */ 1396 if (__predict_true(m != NULL)) { 1397 type = m->m_type; 1398 if (type == MT_OOBDATA) 1399 flags |= MSG_OOB; 1400 } 1401 SBLASTRECORDCHK(&so->so_rcv, "soreceive 2"); 1402 SBLASTMBUFCHK(&so->so_rcv, "soreceive 2"); 1403 1404 moff = 0; 1405 offset = 0; 1406 while (m != NULL && uio->uio_resid > 0 && error == 0) { 1407 if (m->m_type == MT_OOBDATA) { 1408 if (type != MT_OOBDATA) 1409 break; 1410 } else if (type == MT_OOBDATA) 1411 break; 1412 #ifdef DIAGNOSTIC 1413 else if (m->m_type != MT_DATA && m->m_type != MT_HEADER) 1414 panic("receive 3"); 1415 #endif 1416 so->so_state &= ~SS_RCVATMARK; 1417 wakeup_state = 0; 1418 len = uio->uio_resid; 1419 if (so->so_oobmark && len > so->so_oobmark - offset) 1420 len = so->so_oobmark - offset; 1421 if (len > m->m_len - moff) 1422 len = m->m_len - moff; 1423 /* 1424 * If mp is set, just pass back the mbufs. 1425 * Otherwise copy them out via the uio, then free. 1426 * Sockbuf must be consistent here (points to current mbuf, 1427 * it points to next record) when we drop priority; 1428 * we must note any additions to the sockbuf when we 1429 * block interrupts again. 1430 */ 1431 if (mp == NULL) { 1432 SBLASTRECORDCHK(&so->so_rcv, "soreceive uiomove"); 1433 SBLASTMBUFCHK(&so->so_rcv, "soreceive uiomove"); 1434 sounlock(so); 1435 splx(s); 1436 error = uiomove(mtod(m, char *) + moff, (int)len, uio); 1437 s = splsoftnet(); 1438 solock(so); 1439 if (error != 0) { 1440 /* 1441 * If any part of the record has been removed 1442 * (such as the MT_SONAME mbuf, which will 1443 * happen when PR_ADDR, and thus also 1444 * PR_ATOMIC, is set), then drop the entire 1445 * record to maintain the atomicity of the 1446 * receive operation. 1447 * 1448 * This avoids a later panic("receive 1a") 1449 * when compiled with DIAGNOSTIC. 1450 */ 1451 if (m && mbuf_removed && atomic) 1452 (void) sbdroprecord(&so->so_rcv); 1453 1454 goto release; 1455 } 1456 } else 1457 uio->uio_resid -= len; 1458 if (len == m->m_len - moff) { 1459 if (m->m_flags & M_EOR) 1460 flags |= MSG_EOR; 1461 if (flags & MSG_PEEK) { 1462 m = m->m_next; 1463 moff = 0; 1464 } else { 1465 nextrecord = m->m_nextpkt; 1466 sbfree(&so->so_rcv, m); 1467 if (mp) { 1468 *mp = m; 1469 mp = &m->m_next; 1470 so->so_rcv.sb_mb = m = m->m_next; 1471 *mp = NULL; 1472 } else { 1473 MFREE(m, so->so_rcv.sb_mb); 1474 m = so->so_rcv.sb_mb; 1475 } 1476 /* 1477 * If m != NULL, we also know that 1478 * so->so_rcv.sb_mb != NULL. 1479 */ 1480 KASSERT(so->so_rcv.sb_mb == m); 1481 if (m) { 1482 m->m_nextpkt = nextrecord; 1483 if (nextrecord == NULL) 1484 so->so_rcv.sb_lastrecord = m; 1485 } else { 1486 so->so_rcv.sb_mb = nextrecord; 1487 SB_EMPTY_FIXUP(&so->so_rcv); 1488 } 1489 SBLASTRECORDCHK(&so->so_rcv, "soreceive 3"); 1490 SBLASTMBUFCHK(&so->so_rcv, "soreceive 3"); 1491 } 1492 } else if (flags & MSG_PEEK) 1493 moff += len; 1494 else { 1495 if (mp != NULL) { 1496 mt = m_copym(m, 0, len, M_NOWAIT); 1497 if (__predict_false(mt == NULL)) { 1498 sounlock(so); 1499 mt = m_copym(m, 0, len, M_WAIT); 1500 solock(so); 1501 } 1502 *mp = mt; 1503 } 1504 m->m_data += len; 1505 m->m_len -= len; 1506 so->so_rcv.sb_cc -= len; 1507 } 1508 if (so->so_oobmark) { 1509 if ((flags & MSG_PEEK) == 0) { 1510 so->so_oobmark -= len; 1511 if (so->so_oobmark == 0) { 1512 so->so_state |= SS_RCVATMARK; 1513 break; 1514 } 1515 } else { 1516 offset += len; 1517 if (offset == so->so_oobmark) 1518 break; 1519 } 1520 } 1521 if (flags & MSG_EOR) 1522 break; 1523 /* 1524 * If the MSG_WAITALL flag is set (for non-atomic socket), 1525 * we must not quit until "uio->uio_resid == 0" or an error 1526 * termination. If a signal/timeout occurs, return 1527 * with a short count but without error. 1528 * Keep sockbuf locked against other readers. 1529 */ 1530 while (flags & MSG_WAITALL && m == NULL && uio->uio_resid > 0 && 1531 !sosendallatonce(so) && !nextrecord) { 1532 if (so->so_error || so->so_state & SS_CANTRCVMORE) 1533 break; 1534 /* 1535 * If we are peeking and the socket receive buffer is 1536 * full, stop since we can't get more data to peek at. 1537 */ 1538 if ((flags & MSG_PEEK) && sbspace(&so->so_rcv) <= 0) 1539 break; 1540 /* 1541 * If we've drained the socket buffer, tell the 1542 * protocol in case it needs to do something to 1543 * get it filled again. 1544 */ 1545 if ((pr->pr_flags & PR_WANTRCVD) && so->so_pcb) 1546 (*pr->pr_usrreq)(so, PRU_RCVD, 1547 NULL, (struct mbuf *)(long)flags, NULL, l); 1548 SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 2"); 1549 SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 2"); 1550 if (wakeup_state & SS_RESTARTSYS) 1551 error = ERESTART; 1552 else 1553 error = sbwait(&so->so_rcv); 1554 if (error != 0) { 1555 sbunlock(&so->so_rcv); 1556 sounlock(so); 1557 splx(s); 1558 return 0; 1559 } 1560 if ((m = so->so_rcv.sb_mb) != NULL) 1561 nextrecord = m->m_nextpkt; 1562 wakeup_state = so->so_state; 1563 } 1564 } 1565 1566 if (m && atomic) { 1567 flags |= MSG_TRUNC; 1568 if ((flags & MSG_PEEK) == 0) 1569 (void) sbdroprecord(&so->so_rcv); 1570 } 1571 if ((flags & MSG_PEEK) == 0) { 1572 if (m == NULL) { 1573 /* 1574 * First part is an inline SB_EMPTY_FIXUP(). Second 1575 * part makes sure sb_lastrecord is up-to-date if 1576 * there is still data in the socket buffer. 1577 */ 1578 so->so_rcv.sb_mb = nextrecord; 1579 if (so->so_rcv.sb_mb == NULL) { 1580 so->so_rcv.sb_mbtail = NULL; 1581 so->so_rcv.sb_lastrecord = NULL; 1582 } else if (nextrecord->m_nextpkt == NULL) 1583 so->so_rcv.sb_lastrecord = nextrecord; 1584 } 1585 SBLASTRECORDCHK(&so->so_rcv, "soreceive 4"); 1586 SBLASTMBUFCHK(&so->so_rcv, "soreceive 4"); 1587 if (pr->pr_flags & PR_WANTRCVD && so->so_pcb) 1588 (*pr->pr_usrreq)(so, PRU_RCVD, NULL, 1589 (struct mbuf *)(long)flags, NULL, l); 1590 } 1591 if (orig_resid == uio->uio_resid && orig_resid && 1592 (flags & MSG_EOR) == 0 && (so->so_state & SS_CANTRCVMORE) == 0) { 1593 sbunlock(&so->so_rcv); 1594 goto restart; 1595 } 1596 1597 if (flagsp != NULL) 1598 *flagsp |= flags; 1599 release: 1600 sbunlock(&so->so_rcv); 1601 sounlock(so); 1602 splx(s); 1603 return error; 1604 } 1605 1606 int 1607 soshutdown(struct socket *so, int how) 1608 { 1609 const struct protosw *pr; 1610 int error; 1611 1612 KASSERT(solocked(so)); 1613 1614 pr = so->so_proto; 1615 if (!(how == SHUT_RD || how == SHUT_WR || how == SHUT_RDWR)) 1616 return (EINVAL); 1617 1618 if (how == SHUT_RD || how == SHUT_RDWR) { 1619 sorflush(so); 1620 error = 0; 1621 } 1622 if (how == SHUT_WR || how == SHUT_RDWR) 1623 error = (*pr->pr_usrreq)(so, PRU_SHUTDOWN, NULL, 1624 NULL, NULL, NULL); 1625 1626 return error; 1627 } 1628 1629 void 1630 sorestart(struct socket *so) 1631 { 1632 /* 1633 * An application has called close() on an fd on which another 1634 * of its threads has called a socket system call. 1635 * Mark this and wake everyone up, and code that would block again 1636 * instead returns ERESTART. 1637 * On system call re-entry the fd is validated and EBADF returned. 1638 * Any other fd will block again on the 2nd syscall. 1639 */ 1640 solock(so); 1641 so->so_state |= SS_RESTARTSYS; 1642 cv_broadcast(&so->so_cv); 1643 cv_broadcast(&so->so_snd.sb_cv); 1644 cv_broadcast(&so->so_rcv.sb_cv); 1645 sounlock(so); 1646 } 1647 1648 void 1649 sorflush(struct socket *so) 1650 { 1651 struct sockbuf *sb, asb; 1652 const struct protosw *pr; 1653 1654 KASSERT(solocked(so)); 1655 1656 sb = &so->so_rcv; 1657 pr = so->so_proto; 1658 socantrcvmore(so); 1659 sb->sb_flags |= SB_NOINTR; 1660 (void )sblock(sb, M_WAITOK); 1661 sbunlock(sb); 1662 asb = *sb; 1663 /* 1664 * Clear most of the sockbuf structure, but leave some of the 1665 * fields valid. 1666 */ 1667 memset(&sb->sb_startzero, 0, 1668 sizeof(*sb) - offsetof(struct sockbuf, sb_startzero)); 1669 if (pr->pr_flags & PR_RIGHTS && pr->pr_domain->dom_dispose) { 1670 sounlock(so); 1671 (*pr->pr_domain->dom_dispose)(asb.sb_mb); 1672 solock(so); 1673 } 1674 sbrelease(&asb, so); 1675 } 1676 1677 /* 1678 * internal set SOL_SOCKET options 1679 */ 1680 static int 1681 sosetopt1(struct socket *so, const struct sockopt *sopt) 1682 { 1683 int error = EINVAL, optval, opt; 1684 struct linger l; 1685 struct timeval tv; 1686 1687 switch ((opt = sopt->sopt_name)) { 1688 1689 case SO_ACCEPTFILTER: 1690 error = accept_filt_setopt(so, sopt); 1691 KASSERT(solocked(so)); 1692 break; 1693 1694 case SO_LINGER: 1695 error = sockopt_get(sopt, &l, sizeof(l)); 1696 solock(so); 1697 if (error) 1698 break; 1699 if (l.l_linger < 0 || l.l_linger > USHRT_MAX || 1700 l.l_linger > (INT_MAX / hz)) { 1701 error = EDOM; 1702 break; 1703 } 1704 so->so_linger = l.l_linger; 1705 if (l.l_onoff) 1706 so->so_options |= SO_LINGER; 1707 else 1708 so->so_options &= ~SO_LINGER; 1709 break; 1710 1711 case SO_DEBUG: 1712 case SO_KEEPALIVE: 1713 case SO_DONTROUTE: 1714 case SO_USELOOPBACK: 1715 case SO_BROADCAST: 1716 case SO_REUSEADDR: 1717 case SO_REUSEPORT: 1718 case SO_OOBINLINE: 1719 case SO_TIMESTAMP: 1720 #ifdef SO_OTIMESTAMP 1721 case SO_OTIMESTAMP: 1722 #endif 1723 error = sockopt_getint(sopt, &optval); 1724 solock(so); 1725 if (error) 1726 break; 1727 if (optval) 1728 so->so_options |= opt; 1729 else 1730 so->so_options &= ~opt; 1731 break; 1732 1733 case SO_SNDBUF: 1734 case SO_RCVBUF: 1735 case SO_SNDLOWAT: 1736 case SO_RCVLOWAT: 1737 error = sockopt_getint(sopt, &optval); 1738 solock(so); 1739 if (error) 1740 break; 1741 1742 /* 1743 * Values < 1 make no sense for any of these 1744 * options, so disallow them. 1745 */ 1746 if (optval < 1) { 1747 error = EINVAL; 1748 break; 1749 } 1750 1751 switch (opt) { 1752 case SO_SNDBUF: 1753 if (sbreserve(&so->so_snd, (u_long)optval, so) == 0) { 1754 error = ENOBUFS; 1755 break; 1756 } 1757 so->so_snd.sb_flags &= ~SB_AUTOSIZE; 1758 break; 1759 1760 case SO_RCVBUF: 1761 if (sbreserve(&so->so_rcv, (u_long)optval, so) == 0) { 1762 error = ENOBUFS; 1763 break; 1764 } 1765 so->so_rcv.sb_flags &= ~SB_AUTOSIZE; 1766 break; 1767 1768 /* 1769 * Make sure the low-water is never greater than 1770 * the high-water. 1771 */ 1772 case SO_SNDLOWAT: 1773 if (optval > so->so_snd.sb_hiwat) 1774 optval = so->so_snd.sb_hiwat; 1775 1776 so->so_snd.sb_lowat = optval; 1777 break; 1778 1779 case SO_RCVLOWAT: 1780 if (optval > so->so_rcv.sb_hiwat) 1781 optval = so->so_rcv.sb_hiwat; 1782 1783 so->so_rcv.sb_lowat = optval; 1784 break; 1785 } 1786 break; 1787 1788 #ifdef COMPAT_50 1789 case SO_OSNDTIMEO: 1790 case SO_ORCVTIMEO: { 1791 struct timeval50 otv; 1792 error = sockopt_get(sopt, &otv, sizeof(otv)); 1793 if (error) { 1794 solock(so); 1795 break; 1796 } 1797 timeval50_to_timeval(&otv, &tv); 1798 opt = opt == SO_OSNDTIMEO ? SO_SNDTIMEO : SO_RCVTIMEO; 1799 error = 0; 1800 /*FALLTHROUGH*/ 1801 } 1802 #endif /* COMPAT_50 */ 1803 1804 case SO_SNDTIMEO: 1805 case SO_RCVTIMEO: 1806 if (error) 1807 error = sockopt_get(sopt, &tv, sizeof(tv)); 1808 solock(so); 1809 if (error) 1810 break; 1811 1812 if (tv.tv_sec > (INT_MAX - tv.tv_usec / tick) / hz) { 1813 error = EDOM; 1814 break; 1815 } 1816 1817 optval = tv.tv_sec * hz + tv.tv_usec / tick; 1818 if (optval == 0 && tv.tv_usec != 0) 1819 optval = 1; 1820 1821 switch (opt) { 1822 case SO_SNDTIMEO: 1823 so->so_snd.sb_timeo = optval; 1824 break; 1825 case SO_RCVTIMEO: 1826 so->so_rcv.sb_timeo = optval; 1827 break; 1828 } 1829 break; 1830 1831 default: 1832 solock(so); 1833 error = ENOPROTOOPT; 1834 break; 1835 } 1836 KASSERT(solocked(so)); 1837 return error; 1838 } 1839 1840 int 1841 sosetopt(struct socket *so, struct sockopt *sopt) 1842 { 1843 int error, prerr; 1844 1845 if (sopt->sopt_level == SOL_SOCKET) { 1846 error = sosetopt1(so, sopt); 1847 KASSERT(solocked(so)); 1848 } else { 1849 error = ENOPROTOOPT; 1850 solock(so); 1851 } 1852 1853 if ((error == 0 || error == ENOPROTOOPT) && 1854 so->so_proto != NULL && so->so_proto->pr_ctloutput != NULL) { 1855 /* give the protocol stack a shot */ 1856 prerr = (*so->so_proto->pr_ctloutput)(PRCO_SETOPT, so, sopt); 1857 if (prerr == 0) 1858 error = 0; 1859 else if (prerr != ENOPROTOOPT) 1860 error = prerr; 1861 } 1862 sounlock(so); 1863 return error; 1864 } 1865 1866 /* 1867 * so_setsockopt() is a wrapper providing a sockopt structure for sosetopt() 1868 */ 1869 int 1870 so_setsockopt(struct lwp *l, struct socket *so, int level, int name, 1871 const void *val, size_t valsize) 1872 { 1873 struct sockopt sopt; 1874 int error; 1875 1876 KASSERT(valsize == 0 || val != NULL); 1877 1878 sockopt_init(&sopt, level, name, valsize); 1879 sockopt_set(&sopt, val, valsize); 1880 1881 error = sosetopt(so, &sopt); 1882 1883 sockopt_destroy(&sopt); 1884 1885 return error; 1886 } 1887 1888 /* 1889 * internal get SOL_SOCKET options 1890 */ 1891 static int 1892 sogetopt1(struct socket *so, struct sockopt *sopt) 1893 { 1894 int error, optval, opt; 1895 struct linger l; 1896 struct timeval tv; 1897 1898 switch ((opt = sopt->sopt_name)) { 1899 1900 case SO_ACCEPTFILTER: 1901 error = accept_filt_getopt(so, sopt); 1902 break; 1903 1904 case SO_LINGER: 1905 l.l_onoff = (so->so_options & SO_LINGER) ? 1 : 0; 1906 l.l_linger = so->so_linger; 1907 1908 error = sockopt_set(sopt, &l, sizeof(l)); 1909 break; 1910 1911 case SO_USELOOPBACK: 1912 case SO_DONTROUTE: 1913 case SO_DEBUG: 1914 case SO_KEEPALIVE: 1915 case SO_REUSEADDR: 1916 case SO_REUSEPORT: 1917 case SO_BROADCAST: 1918 case SO_OOBINLINE: 1919 case SO_TIMESTAMP: 1920 #ifdef SO_OTIMESTAMP 1921 case SO_OTIMESTAMP: 1922 #endif 1923 error = sockopt_setint(sopt, (so->so_options & opt) ? 1 : 0); 1924 break; 1925 1926 case SO_TYPE: 1927 error = sockopt_setint(sopt, so->so_type); 1928 break; 1929 1930 case SO_ERROR: 1931 error = sockopt_setint(sopt, so->so_error); 1932 so->so_error = 0; 1933 break; 1934 1935 case SO_SNDBUF: 1936 error = sockopt_setint(sopt, so->so_snd.sb_hiwat); 1937 break; 1938 1939 case SO_RCVBUF: 1940 error = sockopt_setint(sopt, so->so_rcv.sb_hiwat); 1941 break; 1942 1943 case SO_SNDLOWAT: 1944 error = sockopt_setint(sopt, so->so_snd.sb_lowat); 1945 break; 1946 1947 case SO_RCVLOWAT: 1948 error = sockopt_setint(sopt, so->so_rcv.sb_lowat); 1949 break; 1950 1951 #ifdef COMPAT_50 1952 case SO_OSNDTIMEO: 1953 case SO_ORCVTIMEO: { 1954 struct timeval50 otv; 1955 1956 optval = (opt == SO_OSNDTIMEO ? 1957 so->so_snd.sb_timeo : so->so_rcv.sb_timeo); 1958 1959 otv.tv_sec = optval / hz; 1960 otv.tv_usec = (optval % hz) * tick; 1961 1962 error = sockopt_set(sopt, &otv, sizeof(otv)); 1963 break; 1964 } 1965 #endif /* COMPAT_50 */ 1966 1967 case SO_SNDTIMEO: 1968 case SO_RCVTIMEO: 1969 optval = (opt == SO_SNDTIMEO ? 1970 so->so_snd.sb_timeo : so->so_rcv.sb_timeo); 1971 1972 tv.tv_sec = optval / hz; 1973 tv.tv_usec = (optval % hz) * tick; 1974 1975 error = sockopt_set(sopt, &tv, sizeof(tv)); 1976 break; 1977 1978 case SO_OVERFLOWED: 1979 error = sockopt_setint(sopt, so->so_rcv.sb_overflowed); 1980 break; 1981 1982 default: 1983 error = ENOPROTOOPT; 1984 break; 1985 } 1986 1987 return (error); 1988 } 1989 1990 int 1991 sogetopt(struct socket *so, struct sockopt *sopt) 1992 { 1993 int error; 1994 1995 solock(so); 1996 if (sopt->sopt_level != SOL_SOCKET) { 1997 if (so->so_proto && so->so_proto->pr_ctloutput) { 1998 error = ((*so->so_proto->pr_ctloutput) 1999 (PRCO_GETOPT, so, sopt)); 2000 } else 2001 error = (ENOPROTOOPT); 2002 } else { 2003 error = sogetopt1(so, sopt); 2004 } 2005 sounlock(so); 2006 return (error); 2007 } 2008 2009 /* 2010 * alloc sockopt data buffer buffer 2011 * - will be released at destroy 2012 */ 2013 static int 2014 sockopt_alloc(struct sockopt *sopt, size_t len, km_flag_t kmflag) 2015 { 2016 2017 KASSERT(sopt->sopt_size == 0); 2018 2019 if (len > sizeof(sopt->sopt_buf)) { 2020 sopt->sopt_data = kmem_zalloc(len, kmflag); 2021 if (sopt->sopt_data == NULL) 2022 return ENOMEM; 2023 } else 2024 sopt->sopt_data = sopt->sopt_buf; 2025 2026 sopt->sopt_size = len; 2027 return 0; 2028 } 2029 2030 /* 2031 * initialise sockopt storage 2032 * - MAY sleep during allocation 2033 */ 2034 void 2035 sockopt_init(struct sockopt *sopt, int level, int name, size_t size) 2036 { 2037 2038 memset(sopt, 0, sizeof(*sopt)); 2039 2040 sopt->sopt_level = level; 2041 sopt->sopt_name = name; 2042 (void)sockopt_alloc(sopt, size, KM_SLEEP); 2043 } 2044 2045 /* 2046 * destroy sockopt storage 2047 * - will release any held memory references 2048 */ 2049 void 2050 sockopt_destroy(struct sockopt *sopt) 2051 { 2052 2053 if (sopt->sopt_data != sopt->sopt_buf) 2054 kmem_free(sopt->sopt_data, sopt->sopt_size); 2055 2056 memset(sopt, 0, sizeof(*sopt)); 2057 } 2058 2059 /* 2060 * set sockopt value 2061 * - value is copied into sockopt 2062 * - memory is allocated when necessary, will not sleep 2063 */ 2064 int 2065 sockopt_set(struct sockopt *sopt, const void *buf, size_t len) 2066 { 2067 int error; 2068 2069 if (sopt->sopt_size == 0) { 2070 error = sockopt_alloc(sopt, len, KM_NOSLEEP); 2071 if (error) 2072 return error; 2073 } 2074 2075 KASSERT(sopt->sopt_size == len); 2076 memcpy(sopt->sopt_data, buf, len); 2077 return 0; 2078 } 2079 2080 /* 2081 * common case of set sockopt integer value 2082 */ 2083 int 2084 sockopt_setint(struct sockopt *sopt, int val) 2085 { 2086 2087 return sockopt_set(sopt, &val, sizeof(int)); 2088 } 2089 2090 /* 2091 * get sockopt value 2092 * - correct size must be given 2093 */ 2094 int 2095 sockopt_get(const struct sockopt *sopt, void *buf, size_t len) 2096 { 2097 2098 if (sopt->sopt_size != len) 2099 return EINVAL; 2100 2101 memcpy(buf, sopt->sopt_data, len); 2102 return 0; 2103 } 2104 2105 /* 2106 * common case of get sockopt integer value 2107 */ 2108 int 2109 sockopt_getint(const struct sockopt *sopt, int *valp) 2110 { 2111 2112 return sockopt_get(sopt, valp, sizeof(int)); 2113 } 2114 2115 /* 2116 * set sockopt value from mbuf 2117 * - ONLY for legacy code 2118 * - mbuf is released by sockopt 2119 * - will not sleep 2120 */ 2121 int 2122 sockopt_setmbuf(struct sockopt *sopt, struct mbuf *m) 2123 { 2124 size_t len; 2125 int error; 2126 2127 len = m_length(m); 2128 2129 if (sopt->sopt_size == 0) { 2130 error = sockopt_alloc(sopt, len, KM_NOSLEEP); 2131 if (error) 2132 return error; 2133 } 2134 2135 KASSERT(sopt->sopt_size == len); 2136 m_copydata(m, 0, len, sopt->sopt_data); 2137 m_freem(m); 2138 2139 return 0; 2140 } 2141 2142 /* 2143 * get sockopt value into mbuf 2144 * - ONLY for legacy code 2145 * - mbuf to be released by the caller 2146 * - will not sleep 2147 */ 2148 struct mbuf * 2149 sockopt_getmbuf(const struct sockopt *sopt) 2150 { 2151 struct mbuf *m; 2152 2153 if (sopt->sopt_size > MCLBYTES) 2154 return NULL; 2155 2156 m = m_get(M_DONTWAIT, MT_SOOPTS); 2157 if (m == NULL) 2158 return NULL; 2159 2160 if (sopt->sopt_size > MLEN) { 2161 MCLGET(m, M_DONTWAIT); 2162 if ((m->m_flags & M_EXT) == 0) { 2163 m_free(m); 2164 return NULL; 2165 } 2166 } 2167 2168 memcpy(mtod(m, void *), sopt->sopt_data, sopt->sopt_size); 2169 m->m_len = sopt->sopt_size; 2170 2171 return m; 2172 } 2173 2174 void 2175 sohasoutofband(struct socket *so) 2176 { 2177 2178 fownsignal(so->so_pgid, SIGURG, POLL_PRI, POLLPRI|POLLRDBAND, so); 2179 selnotify(&so->so_rcv.sb_sel, POLLPRI | POLLRDBAND, NOTE_SUBMIT); 2180 } 2181 2182 static void 2183 filt_sordetach(struct knote *kn) 2184 { 2185 struct socket *so; 2186 2187 so = ((file_t *)kn->kn_obj)->f_data; 2188 solock(so); 2189 SLIST_REMOVE(&so->so_rcv.sb_sel.sel_klist, kn, knote, kn_selnext); 2190 if (SLIST_EMPTY(&so->so_rcv.sb_sel.sel_klist)) 2191 so->so_rcv.sb_flags &= ~SB_KNOTE; 2192 sounlock(so); 2193 } 2194 2195 /*ARGSUSED*/ 2196 static int 2197 filt_soread(struct knote *kn, long hint) 2198 { 2199 struct socket *so; 2200 int rv; 2201 2202 so = ((file_t *)kn->kn_obj)->f_data; 2203 if (hint != NOTE_SUBMIT) 2204 solock(so); 2205 kn->kn_data = so->so_rcv.sb_cc; 2206 if (so->so_state & SS_CANTRCVMORE) { 2207 kn->kn_flags |= EV_EOF; 2208 kn->kn_fflags = so->so_error; 2209 rv = 1; 2210 } else if (so->so_error) /* temporary udp error */ 2211 rv = 1; 2212 else if (kn->kn_sfflags & NOTE_LOWAT) 2213 rv = (kn->kn_data >= kn->kn_sdata); 2214 else 2215 rv = (kn->kn_data >= so->so_rcv.sb_lowat); 2216 if (hint != NOTE_SUBMIT) 2217 sounlock(so); 2218 return rv; 2219 } 2220 2221 static void 2222 filt_sowdetach(struct knote *kn) 2223 { 2224 struct socket *so; 2225 2226 so = ((file_t *)kn->kn_obj)->f_data; 2227 solock(so); 2228 SLIST_REMOVE(&so->so_snd.sb_sel.sel_klist, kn, knote, kn_selnext); 2229 if (SLIST_EMPTY(&so->so_snd.sb_sel.sel_klist)) 2230 so->so_snd.sb_flags &= ~SB_KNOTE; 2231 sounlock(so); 2232 } 2233 2234 /*ARGSUSED*/ 2235 static int 2236 filt_sowrite(struct knote *kn, long hint) 2237 { 2238 struct socket *so; 2239 int rv; 2240 2241 so = ((file_t *)kn->kn_obj)->f_data; 2242 if (hint != NOTE_SUBMIT) 2243 solock(so); 2244 kn->kn_data = sbspace(&so->so_snd); 2245 if (so->so_state & SS_CANTSENDMORE) { 2246 kn->kn_flags |= EV_EOF; 2247 kn->kn_fflags = so->so_error; 2248 rv = 1; 2249 } else if (so->so_error) /* temporary udp error */ 2250 rv = 1; 2251 else if (((so->so_state & SS_ISCONNECTED) == 0) && 2252 (so->so_proto->pr_flags & PR_CONNREQUIRED)) 2253 rv = 0; 2254 else if (kn->kn_sfflags & NOTE_LOWAT) 2255 rv = (kn->kn_data >= kn->kn_sdata); 2256 else 2257 rv = (kn->kn_data >= so->so_snd.sb_lowat); 2258 if (hint != NOTE_SUBMIT) 2259 sounlock(so); 2260 return rv; 2261 } 2262 2263 /*ARGSUSED*/ 2264 static int 2265 filt_solisten(struct knote *kn, long hint) 2266 { 2267 struct socket *so; 2268 int rv; 2269 2270 so = ((file_t *)kn->kn_obj)->f_data; 2271 2272 /* 2273 * Set kn_data to number of incoming connections, not 2274 * counting partial (incomplete) connections. 2275 */ 2276 if (hint != NOTE_SUBMIT) 2277 solock(so); 2278 kn->kn_data = so->so_qlen; 2279 rv = (kn->kn_data > 0); 2280 if (hint != NOTE_SUBMIT) 2281 sounlock(so); 2282 return rv; 2283 } 2284 2285 static const struct filterops solisten_filtops = 2286 { 1, NULL, filt_sordetach, filt_solisten }; 2287 static const struct filterops soread_filtops = 2288 { 1, NULL, filt_sordetach, filt_soread }; 2289 static const struct filterops sowrite_filtops = 2290 { 1, NULL, filt_sowdetach, filt_sowrite }; 2291 2292 int 2293 soo_kqfilter(struct file *fp, struct knote *kn) 2294 { 2295 struct socket *so; 2296 struct sockbuf *sb; 2297 2298 so = ((file_t *)kn->kn_obj)->f_data; 2299 solock(so); 2300 switch (kn->kn_filter) { 2301 case EVFILT_READ: 2302 if (so->so_options & SO_ACCEPTCONN) 2303 kn->kn_fop = &solisten_filtops; 2304 else 2305 kn->kn_fop = &soread_filtops; 2306 sb = &so->so_rcv; 2307 break; 2308 case EVFILT_WRITE: 2309 kn->kn_fop = &sowrite_filtops; 2310 sb = &so->so_snd; 2311 break; 2312 default: 2313 sounlock(so); 2314 return (EINVAL); 2315 } 2316 SLIST_INSERT_HEAD(&sb->sb_sel.sel_klist, kn, kn_selnext); 2317 sb->sb_flags |= SB_KNOTE; 2318 sounlock(so); 2319 return (0); 2320 } 2321 2322 static int 2323 sodopoll(struct socket *so, int events) 2324 { 2325 int revents; 2326 2327 revents = 0; 2328 2329 if (events & (POLLIN | POLLRDNORM)) 2330 if (soreadable(so)) 2331 revents |= events & (POLLIN | POLLRDNORM); 2332 2333 if (events & (POLLOUT | POLLWRNORM)) 2334 if (sowritable(so)) 2335 revents |= events & (POLLOUT | POLLWRNORM); 2336 2337 if (events & (POLLPRI | POLLRDBAND)) 2338 if (so->so_oobmark || (so->so_state & SS_RCVATMARK)) 2339 revents |= events & (POLLPRI | POLLRDBAND); 2340 2341 return revents; 2342 } 2343 2344 int 2345 sopoll(struct socket *so, int events) 2346 { 2347 int revents = 0; 2348 2349 #ifndef DIAGNOSTIC 2350 /* 2351 * Do a quick, unlocked check in expectation that the socket 2352 * will be ready for I/O. Don't do this check if DIAGNOSTIC, 2353 * as the solocked() assertions will fail. 2354 */ 2355 if ((revents = sodopoll(so, events)) != 0) 2356 return revents; 2357 #endif 2358 2359 solock(so); 2360 if ((revents = sodopoll(so, events)) == 0) { 2361 if (events & (POLLIN | POLLPRI | POLLRDNORM | POLLRDBAND)) { 2362 selrecord(curlwp, &so->so_rcv.sb_sel); 2363 so->so_rcv.sb_flags |= SB_NOTIFY; 2364 } 2365 2366 if (events & (POLLOUT | POLLWRNORM)) { 2367 selrecord(curlwp, &so->so_snd.sb_sel); 2368 so->so_snd.sb_flags |= SB_NOTIFY; 2369 } 2370 } 2371 sounlock(so); 2372 2373 return revents; 2374 } 2375 2376 2377 #include <sys/sysctl.h> 2378 2379 static int sysctl_kern_somaxkva(SYSCTLFN_PROTO); 2380 2381 /* 2382 * sysctl helper routine for kern.somaxkva. ensures that the given 2383 * value is not too small. 2384 * (XXX should we maybe make sure it's not too large as well?) 2385 */ 2386 static int 2387 sysctl_kern_somaxkva(SYSCTLFN_ARGS) 2388 { 2389 int error, new_somaxkva; 2390 struct sysctlnode node; 2391 2392 new_somaxkva = somaxkva; 2393 node = *rnode; 2394 node.sysctl_data = &new_somaxkva; 2395 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 2396 if (error || newp == NULL) 2397 return (error); 2398 2399 if (new_somaxkva < (16 * 1024 * 1024)) /* sanity */ 2400 return (EINVAL); 2401 2402 mutex_enter(&so_pendfree_lock); 2403 somaxkva = new_somaxkva; 2404 cv_broadcast(&socurkva_cv); 2405 mutex_exit(&so_pendfree_lock); 2406 2407 return (error); 2408 } 2409 2410 static void 2411 sysctl_kern_somaxkva_setup(void) 2412 { 2413 2414 KASSERT(socket_sysctllog == NULL); 2415 sysctl_createv(&socket_sysctllog, 0, NULL, NULL, 2416 CTLFLAG_PERMANENT, 2417 CTLTYPE_NODE, "kern", NULL, 2418 NULL, 0, NULL, 0, 2419 CTL_KERN, CTL_EOL); 2420 2421 sysctl_createv(&socket_sysctllog, 0, NULL, NULL, 2422 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, 2423 CTLTYPE_INT, "somaxkva", 2424 SYSCTL_DESCR("Maximum amount of kernel memory to be " 2425 "used for socket buffers"), 2426 sysctl_kern_somaxkva, 0, NULL, 0, 2427 CTL_KERN, KERN_SOMAXKVA, CTL_EOL); 2428 } 2429