1 /* $NetBSD: uipc_socket2.c,v 1.89 2008/02/07 12:14:43 ad Exp $ */ 2 3 /* 4 * Copyright (c) 1982, 1986, 1988, 1990, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)uipc_socket2.c 8.2 (Berkeley) 2/14/95 32 */ 33 34 #include <sys/cdefs.h> 35 __KERNEL_RCSID(0, "$NetBSD: uipc_socket2.c,v 1.89 2008/02/07 12:14:43 ad Exp $"); 36 37 #include "opt_mbuftrace.h" 38 #include "opt_sb_max.h" 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/proc.h> 43 #include <sys/file.h> 44 #include <sys/buf.h> 45 #include <sys/malloc.h> 46 #include <sys/mbuf.h> 47 #include <sys/protosw.h> 48 #include <sys/poll.h> 49 #include <sys/socket.h> 50 #include <sys/socketvar.h> 51 #include <sys/signalvar.h> 52 #include <sys/kauth.h> 53 54 /* 55 * Primitive routines for operating on sockets and socket buffers 56 */ 57 58 /* strings for sleep message: */ 59 const char netcon[] = "netcon"; 60 const char netcls[] = "netcls"; 61 const char netio[] = "netio"; 62 const char netlck[] = "netlck"; 63 64 u_long sb_max = SB_MAX; /* maximum socket buffer size */ 65 static u_long sb_max_adj; /* adjusted sb_max */ 66 67 /* 68 * Procedures to manipulate state flags of socket 69 * and do appropriate wakeups. Normal sequence from the 70 * active (originating) side is that soisconnecting() is 71 * called during processing of connect() call, 72 * resulting in an eventual call to soisconnected() if/when the 73 * connection is established. When the connection is torn down 74 * soisdisconnecting() is called during processing of disconnect() call, 75 * and soisdisconnected() is called when the connection to the peer 76 * is totally severed. The semantics of these routines are such that 77 * connectionless protocols can call soisconnected() and soisdisconnected() 78 * only, bypassing the in-progress calls when setting up a ``connection'' 79 * takes no time. 80 * 81 * From the passive side, a socket is created with 82 * two queues of sockets: so_q0 for connections in progress 83 * and so_q for connections already made and awaiting user acceptance. 84 * As a protocol is preparing incoming connections, it creates a socket 85 * structure queued on so_q0 by calling sonewconn(). When the connection 86 * is established, soisconnected() is called, and transfers the 87 * socket structure to so_q, making it available to accept(). 88 * 89 * If a socket is closed with sockets on either 90 * so_q0 or so_q, these sockets are dropped. 91 * 92 * If higher level protocols are implemented in 93 * the kernel, the wakeups done here will sometimes 94 * cause software-interrupt process scheduling. 95 */ 96 97 void 98 soisconnecting(struct socket *so) 99 { 100 101 so->so_state &= ~(SS_ISCONNECTED|SS_ISDISCONNECTING); 102 so->so_state |= SS_ISCONNECTING; 103 } 104 105 void 106 soisconnected(struct socket *so) 107 { 108 struct socket *head; 109 110 head = so->so_head; 111 so->so_state &= ~(SS_ISCONNECTING|SS_ISDISCONNECTING|SS_ISCONFIRMING); 112 so->so_state |= SS_ISCONNECTED; 113 if (head && soqremque(so, 0)) { 114 soqinsque(head, so, 1); 115 sorwakeup(head); 116 wakeup((void *)&head->so_timeo); 117 } else { 118 wakeup((void *)&so->so_timeo); 119 sorwakeup(so); 120 sowwakeup(so); 121 } 122 } 123 124 void 125 soisdisconnecting(struct socket *so) 126 { 127 128 so->so_state &= ~SS_ISCONNECTING; 129 so->so_state |= (SS_ISDISCONNECTING|SS_CANTRCVMORE|SS_CANTSENDMORE); 130 wakeup((void *)&so->so_timeo); 131 sowwakeup(so); 132 sorwakeup(so); 133 } 134 135 void 136 soisdisconnected(struct socket *so) 137 { 138 139 so->so_state &= ~(SS_ISCONNECTING|SS_ISCONNECTED|SS_ISDISCONNECTING); 140 so->so_state |= (SS_CANTRCVMORE|SS_CANTSENDMORE|SS_ISDISCONNECTED); 141 wakeup((void *)&so->so_timeo); 142 sowwakeup(so); 143 sorwakeup(so); 144 } 145 146 /* 147 * When an attempt at a new connection is noted on a socket 148 * which accepts connections, sonewconn is called. If the 149 * connection is possible (subject to space constraints, etc.) 150 * then we allocate a new structure, propoerly linked into the 151 * data structure of the original socket, and return this. 152 * Connstatus may be 0, SS_ISCONFIRMING, or SS_ISCONNECTED. 153 */ 154 struct socket * 155 sonewconn(struct socket *head, int connstatus) 156 { 157 struct socket *so; 158 int soqueue; 159 160 soqueue = connstatus ? 1 : 0; 161 if (head->so_qlen + head->so_q0len > 3 * head->so_qlimit / 2) 162 return ((struct socket *)0); 163 so = pool_get(&socket_pool, PR_NOWAIT); 164 if (so == NULL) 165 return (NULL); 166 memset((void *)so, 0, sizeof(*so)); 167 so->so_type = head->so_type; 168 so->so_options = head->so_options &~ SO_ACCEPTCONN; 169 so->so_linger = head->so_linger; 170 so->so_state = head->so_state | SS_NOFDREF; 171 so->so_nbio = head->so_nbio; 172 so->so_proto = head->so_proto; 173 so->so_timeo = head->so_timeo; 174 so->so_pgid = head->so_pgid; 175 so->so_send = head->so_send; 176 so->so_receive = head->so_receive; 177 so->so_uidinfo = head->so_uidinfo; 178 #ifdef MBUFTRACE 179 so->so_mowner = head->so_mowner; 180 so->so_rcv.sb_mowner = head->so_rcv.sb_mowner; 181 so->so_snd.sb_mowner = head->so_snd.sb_mowner; 182 #endif 183 selinit(&so->so_rcv.sb_sel); 184 selinit(&so->so_snd.sb_sel); 185 (void) soreserve(so, head->so_snd.sb_hiwat, head->so_rcv.sb_hiwat); 186 so->so_snd.sb_lowat = head->so_snd.sb_lowat; 187 so->so_rcv.sb_lowat = head->so_rcv.sb_lowat; 188 so->so_rcv.sb_timeo = head->so_rcv.sb_timeo; 189 so->so_snd.sb_timeo = head->so_snd.sb_timeo; 190 so->so_rcv.sb_flags |= head->so_rcv.sb_flags & SB_AUTOSIZE; 191 so->so_snd.sb_flags |= head->so_snd.sb_flags & SB_AUTOSIZE; 192 soqinsque(head, so, soqueue); 193 if ((*so->so_proto->pr_usrreq)(so, PRU_ATTACH, 194 (struct mbuf *)0, (struct mbuf *)0, (struct mbuf *)0, 195 (struct lwp *)0)) { 196 (void) soqremque(so, soqueue); 197 seldestroy(&so->so_rcv.sb_sel); 198 seldestroy(&so->so_snd.sb_sel); 199 pool_put(&socket_pool, so); 200 return (NULL); 201 } 202 if (connstatus) { 203 sorwakeup(head); 204 wakeup((void *)&head->so_timeo); 205 so->so_state |= connstatus; 206 } 207 return (so); 208 } 209 210 void 211 soqinsque(struct socket *head, struct socket *so, int q) 212 { 213 214 #ifdef DIAGNOSTIC 215 if (so->so_onq != NULL) 216 panic("soqinsque"); 217 #endif 218 219 so->so_head = head; 220 if (q == 0) { 221 head->so_q0len++; 222 so->so_onq = &head->so_q0; 223 } else { 224 head->so_qlen++; 225 so->so_onq = &head->so_q; 226 } 227 TAILQ_INSERT_TAIL(so->so_onq, so, so_qe); 228 } 229 230 int 231 soqremque(struct socket *so, int q) 232 { 233 struct socket *head; 234 235 head = so->so_head; 236 if (q == 0) { 237 if (so->so_onq != &head->so_q0) 238 return (0); 239 head->so_q0len--; 240 } else { 241 if (so->so_onq != &head->so_q) 242 return (0); 243 head->so_qlen--; 244 } 245 TAILQ_REMOVE(so->so_onq, so, so_qe); 246 so->so_onq = NULL; 247 so->so_head = NULL; 248 return (1); 249 } 250 251 /* 252 * Socantsendmore indicates that no more data will be sent on the 253 * socket; it would normally be applied to a socket when the user 254 * informs the system that no more data is to be sent, by the protocol 255 * code (in case PRU_SHUTDOWN). Socantrcvmore indicates that no more data 256 * will be received, and will normally be applied to the socket by a 257 * protocol when it detects that the peer will send no more data. 258 * Data queued for reading in the socket may yet be read. 259 */ 260 261 void 262 socantsendmore(struct socket *so) 263 { 264 265 so->so_state |= SS_CANTSENDMORE; 266 sowwakeup(so); 267 } 268 269 void 270 socantrcvmore(struct socket *so) 271 { 272 273 so->so_state |= SS_CANTRCVMORE; 274 sorwakeup(so); 275 } 276 277 /* 278 * Wait for data to arrive at/drain from a socket buffer. 279 */ 280 int 281 sbwait(struct sockbuf *sb) 282 { 283 284 sb->sb_flags |= SB_WAIT; 285 return (tsleep((void *)&sb->sb_cc, 286 (sb->sb_flags & SB_NOINTR) ? PSOCK : PSOCK | PCATCH, netio, 287 sb->sb_timeo)); 288 } 289 290 /* 291 * Lock a sockbuf already known to be locked; 292 * return any error returned from sleep (EINTR). 293 */ 294 int 295 sb_lock(struct sockbuf *sb) 296 { 297 int error; 298 299 while (sb->sb_flags & SB_LOCK) { 300 sb->sb_flags |= SB_WANT; 301 error = tsleep((void *)&sb->sb_flags, 302 (sb->sb_flags & SB_NOINTR) ? PSOCK : PSOCK|PCATCH, 303 netlck, 0); 304 if (error) 305 return (error); 306 } 307 sb->sb_flags |= SB_LOCK; 308 return (0); 309 } 310 311 /* 312 * Wakeup processes waiting on a socket buffer. 313 * Do asynchronous notification via SIGIO 314 * if the socket buffer has the SB_ASYNC flag set. 315 */ 316 void 317 sowakeup(struct socket *so, struct sockbuf *sb, int code) 318 { 319 selnotify(&sb->sb_sel, 0); 320 sb->sb_flags &= ~SB_SEL; 321 if (sb->sb_flags & SB_WAIT) { 322 sb->sb_flags &= ~SB_WAIT; 323 wakeup((void *)&sb->sb_cc); 324 } 325 if (sb->sb_flags & SB_ASYNC) { 326 int band; 327 if (code == POLL_IN) 328 band = POLLIN|POLLRDNORM; 329 else 330 band = POLLOUT|POLLWRNORM; 331 fownsignal(so->so_pgid, SIGIO, code, band, so); 332 } 333 if (sb->sb_flags & SB_UPCALL) 334 (*so->so_upcall)(so, so->so_upcallarg, M_DONTWAIT); 335 } 336 337 /* 338 * Socket buffer (struct sockbuf) utility routines. 339 * 340 * Each socket contains two socket buffers: one for sending data and 341 * one for receiving data. Each buffer contains a queue of mbufs, 342 * information about the number of mbufs and amount of data in the 343 * queue, and other fields allowing poll() statements and notification 344 * on data availability to be implemented. 345 * 346 * Data stored in a socket buffer is maintained as a list of records. 347 * Each record is a list of mbufs chained together with the m_next 348 * field. Records are chained together with the m_nextpkt field. The upper 349 * level routine soreceive() expects the following conventions to be 350 * observed when placing information in the receive buffer: 351 * 352 * 1. If the protocol requires each message be preceded by the sender's 353 * name, then a record containing that name must be present before 354 * any associated data (mbuf's must be of type MT_SONAME). 355 * 2. If the protocol supports the exchange of ``access rights'' (really 356 * just additional data associated with the message), and there are 357 * ``rights'' to be received, then a record containing this data 358 * should be present (mbuf's must be of type MT_CONTROL). 359 * 3. If a name or rights record exists, then it must be followed by 360 * a data record, perhaps of zero length. 361 * 362 * Before using a new socket structure it is first necessary to reserve 363 * buffer space to the socket, by calling sbreserve(). This should commit 364 * some of the available buffer space in the system buffer pool for the 365 * socket (currently, it does nothing but enforce limits). The space 366 * should be released by calling sbrelease() when the socket is destroyed. 367 */ 368 369 int 370 sb_max_set(u_long new_sbmax) 371 { 372 int s; 373 374 if (new_sbmax < (16 * 1024)) 375 return (EINVAL); 376 377 s = splsoftnet(); 378 sb_max = new_sbmax; 379 sb_max_adj = (u_quad_t)new_sbmax * MCLBYTES / (MSIZE + MCLBYTES); 380 splx(s); 381 382 return (0); 383 } 384 385 int 386 soreserve(struct socket *so, u_long sndcc, u_long rcvcc) 387 { 388 /* 389 * there's at least one application (a configure script of screen) 390 * which expects a fifo is writable even if it has "some" bytes 391 * in its buffer. 392 * so we want to make sure (hiwat - lowat) >= (some bytes). 393 * 394 * PIPE_BUF here is an arbitrary value chosen as (some bytes) above. 395 * we expect it's large enough for such applications. 396 */ 397 u_long lowat = MAX(sock_loan_thresh, MCLBYTES); 398 u_long hiwat = lowat + PIPE_BUF; 399 400 if (sndcc < hiwat) 401 sndcc = hiwat; 402 if (sbreserve(&so->so_snd, sndcc, so) == 0) 403 goto bad; 404 if (sbreserve(&so->so_rcv, rcvcc, so) == 0) 405 goto bad2; 406 if (so->so_rcv.sb_lowat == 0) 407 so->so_rcv.sb_lowat = 1; 408 if (so->so_snd.sb_lowat == 0) 409 so->so_snd.sb_lowat = lowat; 410 if (so->so_snd.sb_lowat > so->so_snd.sb_hiwat) 411 so->so_snd.sb_lowat = so->so_snd.sb_hiwat; 412 return (0); 413 bad2: 414 sbrelease(&so->so_snd, so); 415 bad: 416 return (ENOBUFS); 417 } 418 419 /* 420 * Allot mbufs to a sockbuf. 421 * Attempt to scale mbmax so that mbcnt doesn't become limiting 422 * if buffering efficiency is near the normal case. 423 */ 424 int 425 sbreserve(struct sockbuf *sb, u_long cc, struct socket *so) 426 { 427 struct lwp *l = curlwp; /* XXX */ 428 rlim_t maxcc; 429 struct uidinfo *uidinfo; 430 431 KDASSERT(sb_max_adj != 0); 432 if (cc == 0 || cc > sb_max_adj) 433 return (0); 434 if (so) { 435 if (kauth_cred_geteuid(l->l_cred) == so->so_uidinfo->ui_uid) 436 maxcc = l->l_proc->p_rlimit[RLIMIT_SBSIZE].rlim_cur; 437 else 438 maxcc = RLIM_INFINITY; 439 uidinfo = so->so_uidinfo; 440 } else { 441 uidinfo = uid_find(0); /* XXX: nothing better */ 442 maxcc = RLIM_INFINITY; 443 } 444 if (!chgsbsize(uidinfo, &sb->sb_hiwat, cc, maxcc)) 445 return 0; 446 sb->sb_mbmax = min(cc * 2, sb_max); 447 if (sb->sb_lowat > sb->sb_hiwat) 448 sb->sb_lowat = sb->sb_hiwat; 449 return (1); 450 } 451 452 /* 453 * Free mbufs held by a socket, and reserved mbuf space. 454 */ 455 void 456 sbrelease(struct sockbuf *sb, struct socket *so) 457 { 458 459 sbflush(sb); 460 (void)chgsbsize(so->so_uidinfo, &sb->sb_hiwat, 0, RLIM_INFINITY); 461 sb->sb_mbmax = 0; 462 } 463 464 /* 465 * Routines to add and remove 466 * data from an mbuf queue. 467 * 468 * The routines sbappend() or sbappendrecord() are normally called to 469 * append new mbufs to a socket buffer, after checking that adequate 470 * space is available, comparing the function sbspace() with the amount 471 * of data to be added. sbappendrecord() differs from sbappend() in 472 * that data supplied is treated as the beginning of a new record. 473 * To place a sender's address, optional access rights, and data in a 474 * socket receive buffer, sbappendaddr() should be used. To place 475 * access rights and data in a socket receive buffer, sbappendrights() 476 * should be used. In either case, the new data begins a new record. 477 * Note that unlike sbappend() and sbappendrecord(), these routines check 478 * for the caller that there will be enough space to store the data. 479 * Each fails if there is not enough space, or if it cannot find mbufs 480 * to store additional information in. 481 * 482 * Reliable protocols may use the socket send buffer to hold data 483 * awaiting acknowledgement. Data is normally copied from a socket 484 * send buffer in a protocol with m_copy for output to a peer, 485 * and then removing the data from the socket buffer with sbdrop() 486 * or sbdroprecord() when the data is acknowledged by the peer. 487 */ 488 489 #ifdef SOCKBUF_DEBUG 490 void 491 sblastrecordchk(struct sockbuf *sb, const char *where) 492 { 493 struct mbuf *m = sb->sb_mb; 494 495 while (m && m->m_nextpkt) 496 m = m->m_nextpkt; 497 498 if (m != sb->sb_lastrecord) { 499 printf("sblastrecordchk: sb_mb %p sb_lastrecord %p last %p\n", 500 sb->sb_mb, sb->sb_lastrecord, m); 501 printf("packet chain:\n"); 502 for (m = sb->sb_mb; m != NULL; m = m->m_nextpkt) 503 printf("\t%p\n", m); 504 panic("sblastrecordchk from %s", where); 505 } 506 } 507 508 void 509 sblastmbufchk(struct sockbuf *sb, const char *where) 510 { 511 struct mbuf *m = sb->sb_mb; 512 struct mbuf *n; 513 514 while (m && m->m_nextpkt) 515 m = m->m_nextpkt; 516 517 while (m && m->m_next) 518 m = m->m_next; 519 520 if (m != sb->sb_mbtail) { 521 printf("sblastmbufchk: sb_mb %p sb_mbtail %p last %p\n", 522 sb->sb_mb, sb->sb_mbtail, m); 523 printf("packet tree:\n"); 524 for (m = sb->sb_mb; m != NULL; m = m->m_nextpkt) { 525 printf("\t"); 526 for (n = m; n != NULL; n = n->m_next) 527 printf("%p ", n); 528 printf("\n"); 529 } 530 panic("sblastmbufchk from %s", where); 531 } 532 } 533 #endif /* SOCKBUF_DEBUG */ 534 535 /* 536 * Link a chain of records onto a socket buffer 537 */ 538 #define SBLINKRECORDCHAIN(sb, m0, mlast) \ 539 do { \ 540 if ((sb)->sb_lastrecord != NULL) \ 541 (sb)->sb_lastrecord->m_nextpkt = (m0); \ 542 else \ 543 (sb)->sb_mb = (m0); \ 544 (sb)->sb_lastrecord = (mlast); \ 545 } while (/*CONSTCOND*/0) 546 547 548 #define SBLINKRECORD(sb, m0) \ 549 SBLINKRECORDCHAIN(sb, m0, m0) 550 551 /* 552 * Append mbuf chain m to the last record in the 553 * socket buffer sb. The additional space associated 554 * the mbuf chain is recorded in sb. Empty mbufs are 555 * discarded and mbufs are compacted where possible. 556 */ 557 void 558 sbappend(struct sockbuf *sb, struct mbuf *m) 559 { 560 struct mbuf *n; 561 562 if (m == 0) 563 return; 564 565 #ifdef MBUFTRACE 566 m_claimm(m, sb->sb_mowner); 567 #endif 568 569 SBLASTRECORDCHK(sb, "sbappend 1"); 570 571 if ((n = sb->sb_lastrecord) != NULL) { 572 /* 573 * XXX Would like to simply use sb_mbtail here, but 574 * XXX I need to verify that I won't miss an EOR that 575 * XXX way. 576 */ 577 do { 578 if (n->m_flags & M_EOR) { 579 sbappendrecord(sb, m); /* XXXXXX!!!! */ 580 return; 581 } 582 } while (n->m_next && (n = n->m_next)); 583 } else { 584 /* 585 * If this is the first record in the socket buffer, it's 586 * also the last record. 587 */ 588 sb->sb_lastrecord = m; 589 } 590 sbcompress(sb, m, n); 591 SBLASTRECORDCHK(sb, "sbappend 2"); 592 } 593 594 /* 595 * This version of sbappend() should only be used when the caller 596 * absolutely knows that there will never be more than one record 597 * in the socket buffer, that is, a stream protocol (such as TCP). 598 */ 599 void 600 sbappendstream(struct sockbuf *sb, struct mbuf *m) 601 { 602 603 KDASSERT(m->m_nextpkt == NULL); 604 KASSERT(sb->sb_mb == sb->sb_lastrecord); 605 606 SBLASTMBUFCHK(sb, __func__); 607 608 #ifdef MBUFTRACE 609 m_claimm(m, sb->sb_mowner); 610 #endif 611 612 sbcompress(sb, m, sb->sb_mbtail); 613 614 sb->sb_lastrecord = sb->sb_mb; 615 SBLASTRECORDCHK(sb, __func__); 616 } 617 618 #ifdef SOCKBUF_DEBUG 619 void 620 sbcheck(struct sockbuf *sb) 621 { 622 struct mbuf *m; 623 u_long len, mbcnt; 624 625 len = 0; 626 mbcnt = 0; 627 for (m = sb->sb_mb; m; m = m->m_next) { 628 len += m->m_len; 629 mbcnt += MSIZE; 630 if (m->m_flags & M_EXT) 631 mbcnt += m->m_ext.ext_size; 632 if (m->m_nextpkt) 633 panic("sbcheck nextpkt"); 634 } 635 if (len != sb->sb_cc || mbcnt != sb->sb_mbcnt) { 636 printf("cc %lu != %lu || mbcnt %lu != %lu\n", len, sb->sb_cc, 637 mbcnt, sb->sb_mbcnt); 638 panic("sbcheck"); 639 } 640 } 641 #endif 642 643 /* 644 * As above, except the mbuf chain 645 * begins a new record. 646 */ 647 void 648 sbappendrecord(struct sockbuf *sb, struct mbuf *m0) 649 { 650 struct mbuf *m; 651 652 if (m0 == 0) 653 return; 654 655 #ifdef MBUFTRACE 656 m_claimm(m0, sb->sb_mowner); 657 #endif 658 /* 659 * Put the first mbuf on the queue. 660 * Note this permits zero length records. 661 */ 662 sballoc(sb, m0); 663 SBLASTRECORDCHK(sb, "sbappendrecord 1"); 664 SBLINKRECORD(sb, m0); 665 m = m0->m_next; 666 m0->m_next = 0; 667 if (m && (m0->m_flags & M_EOR)) { 668 m0->m_flags &= ~M_EOR; 669 m->m_flags |= M_EOR; 670 } 671 sbcompress(sb, m, m0); 672 SBLASTRECORDCHK(sb, "sbappendrecord 2"); 673 } 674 675 /* 676 * As above except that OOB data 677 * is inserted at the beginning of the sockbuf, 678 * but after any other OOB data. 679 */ 680 void 681 sbinsertoob(struct sockbuf *sb, struct mbuf *m0) 682 { 683 struct mbuf *m, **mp; 684 685 if (m0 == 0) 686 return; 687 688 SBLASTRECORDCHK(sb, "sbinsertoob 1"); 689 690 for (mp = &sb->sb_mb; (m = *mp) != NULL; mp = &((*mp)->m_nextpkt)) { 691 again: 692 switch (m->m_type) { 693 694 case MT_OOBDATA: 695 continue; /* WANT next train */ 696 697 case MT_CONTROL: 698 if ((m = m->m_next) != NULL) 699 goto again; /* inspect THIS train further */ 700 } 701 break; 702 } 703 /* 704 * Put the first mbuf on the queue. 705 * Note this permits zero length records. 706 */ 707 sballoc(sb, m0); 708 m0->m_nextpkt = *mp; 709 if (*mp == NULL) { 710 /* m0 is actually the new tail */ 711 sb->sb_lastrecord = m0; 712 } 713 *mp = m0; 714 m = m0->m_next; 715 m0->m_next = 0; 716 if (m && (m0->m_flags & M_EOR)) { 717 m0->m_flags &= ~M_EOR; 718 m->m_flags |= M_EOR; 719 } 720 sbcompress(sb, m, m0); 721 SBLASTRECORDCHK(sb, "sbinsertoob 2"); 722 } 723 724 /* 725 * Append address and data, and optionally, control (ancillary) data 726 * to the receive queue of a socket. If present, 727 * m0 must include a packet header with total length. 728 * Returns 0 if no space in sockbuf or insufficient mbufs. 729 */ 730 int 731 sbappendaddr(struct sockbuf *sb, const struct sockaddr *asa, struct mbuf *m0, 732 struct mbuf *control) 733 { 734 struct mbuf *m, *n, *nlast; 735 int space, len; 736 737 space = asa->sa_len; 738 739 if (m0 != NULL) { 740 if ((m0->m_flags & M_PKTHDR) == 0) 741 panic("sbappendaddr"); 742 space += m0->m_pkthdr.len; 743 #ifdef MBUFTRACE 744 m_claimm(m0, sb->sb_mowner); 745 #endif 746 } 747 for (n = control; n; n = n->m_next) { 748 space += n->m_len; 749 MCLAIM(n, sb->sb_mowner); 750 if (n->m_next == 0) /* keep pointer to last control buf */ 751 break; 752 } 753 if (space > sbspace(sb)) 754 return (0); 755 MGET(m, M_DONTWAIT, MT_SONAME); 756 if (m == 0) 757 return (0); 758 MCLAIM(m, sb->sb_mowner); 759 /* 760 * XXX avoid 'comparison always true' warning which isn't easily 761 * avoided. 762 */ 763 len = asa->sa_len; 764 if (len > MLEN) { 765 MEXTMALLOC(m, asa->sa_len, M_NOWAIT); 766 if ((m->m_flags & M_EXT) == 0) { 767 m_free(m); 768 return (0); 769 } 770 } 771 m->m_len = asa->sa_len; 772 memcpy(mtod(m, void *), asa, asa->sa_len); 773 if (n) 774 n->m_next = m0; /* concatenate data to control */ 775 else 776 control = m0; 777 m->m_next = control; 778 779 SBLASTRECORDCHK(sb, "sbappendaddr 1"); 780 781 for (n = m; n->m_next != NULL; n = n->m_next) 782 sballoc(sb, n); 783 sballoc(sb, n); 784 nlast = n; 785 SBLINKRECORD(sb, m); 786 787 sb->sb_mbtail = nlast; 788 SBLASTMBUFCHK(sb, "sbappendaddr"); 789 790 SBLASTRECORDCHK(sb, "sbappendaddr 2"); 791 792 return (1); 793 } 794 795 /* 796 * Helper for sbappendchainaddr: prepend a struct sockaddr* to 797 * an mbuf chain. 798 */ 799 static inline struct mbuf * 800 m_prepend_sockaddr(struct sockbuf *sb, struct mbuf *m0, 801 const struct sockaddr *asa) 802 { 803 struct mbuf *m; 804 const int salen = asa->sa_len; 805 806 /* only the first in each chain need be a pkthdr */ 807 MGETHDR(m, M_DONTWAIT, MT_SONAME); 808 if (m == 0) 809 return (0); 810 MCLAIM(m, sb->sb_mowner); 811 #ifdef notyet 812 if (salen > MHLEN) { 813 MEXTMALLOC(m, salen, M_NOWAIT); 814 if ((m->m_flags & M_EXT) == 0) { 815 m_free(m); 816 return (0); 817 } 818 } 819 #else 820 KASSERT(salen <= MHLEN); 821 #endif 822 m->m_len = salen; 823 memcpy(mtod(m, void *), asa, salen); 824 m->m_next = m0; 825 m->m_pkthdr.len = salen + m0->m_pkthdr.len; 826 827 return m; 828 } 829 830 int 831 sbappendaddrchain(struct sockbuf *sb, const struct sockaddr *asa, 832 struct mbuf *m0, int sbprio) 833 { 834 int space; 835 struct mbuf *m, *n, *n0, *nlast; 836 int error; 837 838 /* 839 * XXX sbprio reserved for encoding priority of this* request: 840 * SB_PRIO_NONE --> honour normal sb limits 841 * SB_PRIO_ONESHOT_OVERFLOW --> if socket has any space, 842 * take whole chain. Intended for large requests 843 * that should be delivered atomically (all, or none). 844 * SB_PRIO_OVERDRAFT -- allow a small (2*MLEN) overflow 845 * over normal socket limits, for messages indicating 846 * buffer overflow in earlier normal/lower-priority messages 847 * SB_PRIO_BESTEFFORT --> ignore limits entirely. 848 * Intended for kernel-generated messages only. 849 * Up to generator to avoid total mbuf resource exhaustion. 850 */ 851 (void)sbprio; 852 853 if (m0 && (m0->m_flags & M_PKTHDR) == 0) 854 panic("sbappendaddrchain"); 855 856 space = sbspace(sb); 857 858 #ifdef notyet 859 /* 860 * Enforce SB_PRIO_* limits as described above. 861 */ 862 #endif 863 864 n0 = NULL; 865 nlast = NULL; 866 for (m = m0; m; m = m->m_nextpkt) { 867 struct mbuf *np; 868 869 #ifdef MBUFTRACE 870 m_claimm(m, sb->sb_mowner); 871 #endif 872 873 /* Prepend sockaddr to this record (m) of input chain m0 */ 874 n = m_prepend_sockaddr(sb, m, asa); 875 if (n == NULL) { 876 error = ENOBUFS; 877 goto bad; 878 } 879 880 /* Append record (asa+m) to end of new chain n0 */ 881 if (n0 == NULL) { 882 n0 = n; 883 } else { 884 nlast->m_nextpkt = n; 885 } 886 /* Keep track of last record on new chain */ 887 nlast = n; 888 889 for (np = n; np; np = np->m_next) 890 sballoc(sb, np); 891 } 892 893 SBLASTRECORDCHK(sb, "sbappendaddrchain 1"); 894 895 /* Drop the entire chain of (asa+m) records onto the socket */ 896 SBLINKRECORDCHAIN(sb, n0, nlast); 897 898 SBLASTRECORDCHK(sb, "sbappendaddrchain 2"); 899 900 for (m = nlast; m->m_next; m = m->m_next) 901 ; 902 sb->sb_mbtail = m; 903 SBLASTMBUFCHK(sb, "sbappendaddrchain"); 904 905 return (1); 906 907 bad: 908 /* 909 * On error, free the prepended addreseses. For consistency 910 * with sbappendaddr(), leave it to our caller to free 911 * the input record chain passed to us as m0. 912 */ 913 while ((n = n0) != NULL) { 914 struct mbuf *np; 915 916 /* Undo the sballoc() of this record */ 917 for (np = n; np; np = np->m_next) 918 sbfree(sb, np); 919 920 n0 = n->m_nextpkt; /* iterate at next prepended address */ 921 MFREE(n, np); /* free prepended address (not data) */ 922 } 923 return 0; 924 } 925 926 927 int 928 sbappendcontrol(struct sockbuf *sb, struct mbuf *m0, struct mbuf *control) 929 { 930 struct mbuf *m, *mlast, *n; 931 int space; 932 933 space = 0; 934 if (control == 0) 935 panic("sbappendcontrol"); 936 for (m = control; ; m = m->m_next) { 937 space += m->m_len; 938 MCLAIM(m, sb->sb_mowner); 939 if (m->m_next == 0) 940 break; 941 } 942 n = m; /* save pointer to last control buffer */ 943 for (m = m0; m; m = m->m_next) { 944 MCLAIM(m, sb->sb_mowner); 945 space += m->m_len; 946 } 947 if (space > sbspace(sb)) 948 return (0); 949 n->m_next = m0; /* concatenate data to control */ 950 951 SBLASTRECORDCHK(sb, "sbappendcontrol 1"); 952 953 for (m = control; m->m_next != NULL; m = m->m_next) 954 sballoc(sb, m); 955 sballoc(sb, m); 956 mlast = m; 957 SBLINKRECORD(sb, control); 958 959 sb->sb_mbtail = mlast; 960 SBLASTMBUFCHK(sb, "sbappendcontrol"); 961 962 SBLASTRECORDCHK(sb, "sbappendcontrol 2"); 963 964 return (1); 965 } 966 967 /* 968 * Compress mbuf chain m into the socket 969 * buffer sb following mbuf n. If n 970 * is null, the buffer is presumed empty. 971 */ 972 void 973 sbcompress(struct sockbuf *sb, struct mbuf *m, struct mbuf *n) 974 { 975 int eor; 976 struct mbuf *o; 977 978 eor = 0; 979 while (m) { 980 eor |= m->m_flags & M_EOR; 981 if (m->m_len == 0 && 982 (eor == 0 || 983 (((o = m->m_next) || (o = n)) && 984 o->m_type == m->m_type))) { 985 if (sb->sb_lastrecord == m) 986 sb->sb_lastrecord = m->m_next; 987 m = m_free(m); 988 continue; 989 } 990 if (n && (n->m_flags & M_EOR) == 0 && 991 /* M_TRAILINGSPACE() checks buffer writeability */ 992 m->m_len <= MCLBYTES / 4 && /* XXX Don't copy too much */ 993 m->m_len <= M_TRAILINGSPACE(n) && 994 n->m_type == m->m_type) { 995 memcpy(mtod(n, char *) + n->m_len, mtod(m, void *), 996 (unsigned)m->m_len); 997 n->m_len += m->m_len; 998 sb->sb_cc += m->m_len; 999 m = m_free(m); 1000 continue; 1001 } 1002 if (n) 1003 n->m_next = m; 1004 else 1005 sb->sb_mb = m; 1006 sb->sb_mbtail = m; 1007 sballoc(sb, m); 1008 n = m; 1009 m->m_flags &= ~M_EOR; 1010 m = m->m_next; 1011 n->m_next = 0; 1012 } 1013 if (eor) { 1014 if (n) 1015 n->m_flags |= eor; 1016 else 1017 printf("semi-panic: sbcompress\n"); 1018 } 1019 SBLASTMBUFCHK(sb, __func__); 1020 } 1021 1022 /* 1023 * Free all mbufs in a sockbuf. 1024 * Check that all resources are reclaimed. 1025 */ 1026 void 1027 sbflush(struct sockbuf *sb) 1028 { 1029 1030 KASSERT((sb->sb_flags & SB_LOCK) == 0); 1031 1032 while (sb->sb_mbcnt) 1033 sbdrop(sb, (int)sb->sb_cc); 1034 1035 KASSERT(sb->sb_cc == 0); 1036 KASSERT(sb->sb_mb == NULL); 1037 KASSERT(sb->sb_mbtail == NULL); 1038 KASSERT(sb->sb_lastrecord == NULL); 1039 } 1040 1041 /* 1042 * Drop data from (the front of) a sockbuf. 1043 */ 1044 void 1045 sbdrop(struct sockbuf *sb, int len) 1046 { 1047 struct mbuf *m, *mn, *next; 1048 1049 next = (m = sb->sb_mb) ? m->m_nextpkt : 0; 1050 while (len > 0) { 1051 if (m == 0) { 1052 if (next == 0) 1053 panic("sbdrop"); 1054 m = next; 1055 next = m->m_nextpkt; 1056 continue; 1057 } 1058 if (m->m_len > len) { 1059 m->m_len -= len; 1060 m->m_data += len; 1061 sb->sb_cc -= len; 1062 break; 1063 } 1064 len -= m->m_len; 1065 sbfree(sb, m); 1066 MFREE(m, mn); 1067 m = mn; 1068 } 1069 while (m && m->m_len == 0) { 1070 sbfree(sb, m); 1071 MFREE(m, mn); 1072 m = mn; 1073 } 1074 if (m) { 1075 sb->sb_mb = m; 1076 m->m_nextpkt = next; 1077 } else 1078 sb->sb_mb = next; 1079 /* 1080 * First part is an inline SB_EMPTY_FIXUP(). Second part 1081 * makes sure sb_lastrecord is up-to-date if we dropped 1082 * part of the last record. 1083 */ 1084 m = sb->sb_mb; 1085 if (m == NULL) { 1086 sb->sb_mbtail = NULL; 1087 sb->sb_lastrecord = NULL; 1088 } else if (m->m_nextpkt == NULL) 1089 sb->sb_lastrecord = m; 1090 } 1091 1092 /* 1093 * Drop a record off the front of a sockbuf 1094 * and move the next record to the front. 1095 */ 1096 void 1097 sbdroprecord(struct sockbuf *sb) 1098 { 1099 struct mbuf *m, *mn; 1100 1101 m = sb->sb_mb; 1102 if (m) { 1103 sb->sb_mb = m->m_nextpkt; 1104 do { 1105 sbfree(sb, m); 1106 MFREE(m, mn); 1107 } while ((m = mn) != NULL); 1108 } 1109 SB_EMPTY_FIXUP(sb); 1110 } 1111 1112 /* 1113 * Create a "control" mbuf containing the specified data 1114 * with the specified type for presentation on a socket buffer. 1115 */ 1116 struct mbuf * 1117 sbcreatecontrol(void *p, int size, int type, int level) 1118 { 1119 struct cmsghdr *cp; 1120 struct mbuf *m; 1121 1122 if (CMSG_SPACE(size) > MCLBYTES) { 1123 printf("sbcreatecontrol: message too large %d\n", size); 1124 return NULL; 1125 } 1126 1127 if ((m = m_get(M_DONTWAIT, MT_CONTROL)) == NULL) 1128 return ((struct mbuf *) NULL); 1129 if (CMSG_SPACE(size) > MLEN) { 1130 MCLGET(m, M_DONTWAIT); 1131 if ((m->m_flags & M_EXT) == 0) { 1132 m_free(m); 1133 return NULL; 1134 } 1135 } 1136 cp = mtod(m, struct cmsghdr *); 1137 memcpy(CMSG_DATA(cp), p, size); 1138 m->m_len = CMSG_SPACE(size); 1139 cp->cmsg_len = CMSG_LEN(size); 1140 cp->cmsg_level = level; 1141 cp->cmsg_type = type; 1142 return (m); 1143 } 1144