]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/kern_control.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3789.1.32.tar.gz
[apple/xnu.git] / bsd / kern / kern_control.c
1 /*
2 * Copyright (c) 1999-2015 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /*
30 * Kernel Control domain - allows control connections to
31 * and to read/write data.
32 *
33 * Vincent Lubet, 040506
34 * Christophe Allie, 010928
35 * Justin C. Walker, 990319
36 */
37
38 #include <sys/types.h>
39 #include <sys/param.h>
40 #include <sys/systm.h>
41 #include <sys/syslog.h>
42 #include <sys/socket.h>
43 #include <sys/socketvar.h>
44 #include <sys/protosw.h>
45 #include <sys/domain.h>
46 #include <sys/malloc.h>
47 #include <sys/mbuf.h>
48 #include <sys/sys_domain.h>
49 #include <sys/kern_event.h>
50 #include <sys/kern_control.h>
51 #include <sys/kauth.h>
52 #include <sys/sysctl.h>
53 #include <sys/proc_info.h>
54 #include <net/if_var.h>
55
56 #include <mach/vm_types.h>
57
58 #include <kern/thread.h>
59
60 struct kctl {
61 TAILQ_ENTRY(kctl) next; /* controller chain */
62 kern_ctl_ref kctlref;
63
64 /* controller information provided when registering */
65 char name[MAX_KCTL_NAME]; /* unique identifier */
66 u_int32_t id;
67 u_int32_t reg_unit;
68
69 /* misc communication information */
70 u_int32_t flags; /* support flags */
71 u_int32_t recvbufsize; /* request more than the default buffer size */
72 u_int32_t sendbufsize; /* request more than the default buffer size */
73
74 /* Dispatch functions */
75 ctl_connect_func connect; /* Make contact */
76 ctl_disconnect_func disconnect; /* Break contact */
77 ctl_send_func send; /* Send data to nke */
78 ctl_send_list_func send_list; /* Send list of packets */
79 ctl_setopt_func setopt; /* set kctl configuration */
80 ctl_getopt_func getopt; /* get kctl configuration */
81 ctl_rcvd_func rcvd; /* Notify nke when client reads data */
82
83 TAILQ_HEAD(, ctl_cb) kcb_head;
84 u_int32_t lastunit;
85 };
86
87 struct ctl_cb {
88 TAILQ_ENTRY(ctl_cb) next; /* controller chain */
89 lck_mtx_t *mtx;
90 struct socket *so; /* controlling socket */
91 struct kctl *kctl; /* back pointer to controller */
92 void *userdata;
93 u_int32_t unit;
94 u_int32_t usecount;
95 };
96
97 #ifndef ROUNDUP64
98 #define ROUNDUP64(x) P2ROUNDUP((x), sizeof (u_int64_t))
99 #endif
100
101 #ifndef ADVANCE64
102 #define ADVANCE64(p, n) (void*)((char *)(p) + ROUNDUP64(n))
103 #endif
104
105 /*
106 * Definitions and vars for we support
107 */
108
109 #define CTL_SENDSIZE (2 * 1024) /* default buffer size */
110 #define CTL_RECVSIZE (8 * 1024) /* default buffer size */
111
112 /*
113 * Definitions and vars for we support
114 */
115
116 static u_int32_t ctl_maxunit = 65536;
117 static lck_grp_attr_t *ctl_lck_grp_attr = 0;
118 static lck_attr_t *ctl_lck_attr = 0;
119 static lck_grp_t *ctl_lck_grp = 0;
120 static lck_mtx_t *ctl_mtx;
121
122 /* all the controllers are chained */
123 TAILQ_HEAD(kctl_list, kctl) ctl_head;
124
125 static int ctl_attach(struct socket *, int, struct proc *);
126 static int ctl_detach(struct socket *);
127 static int ctl_sofreelastref(struct socket *so);
128 static int ctl_connect(struct socket *, struct sockaddr *, struct proc *);
129 static int ctl_disconnect(struct socket *);
130 static int ctl_ioctl(struct socket *so, u_long cmd, caddr_t data,
131 struct ifnet *ifp, struct proc *p);
132 static int ctl_send(struct socket *, int, struct mbuf *,
133 struct sockaddr *, struct mbuf *, struct proc *);
134 static int ctl_send_list(struct socket *, int, struct mbuf *,
135 struct sockaddr *, struct mbuf *, struct proc *);
136 static int ctl_ctloutput(struct socket *, struct sockopt *);
137 static int ctl_peeraddr(struct socket *so, struct sockaddr **nam);
138 static int ctl_usr_rcvd(struct socket *so, int flags);
139
140 static struct kctl *ctl_find_by_name(const char *);
141 static struct kctl *ctl_find_by_id_unit(u_int32_t id, u_int32_t unit);
142
143 static struct socket *kcb_find_socket(kern_ctl_ref kctlref, u_int32_t unit,
144 u_int32_t *);
145 static struct ctl_cb *kcb_find(struct kctl *, u_int32_t unit);
146 static void ctl_post_msg(u_int32_t event_code, u_int32_t id);
147
148 static int ctl_lock(struct socket *, int, void *);
149 static int ctl_unlock(struct socket *, int, void *);
150 static lck_mtx_t * ctl_getlock(struct socket *, int);
151
152 static struct pr_usrreqs ctl_usrreqs = {
153 .pru_attach = ctl_attach,
154 .pru_connect = ctl_connect,
155 .pru_control = ctl_ioctl,
156 .pru_detach = ctl_detach,
157 .pru_disconnect = ctl_disconnect,
158 .pru_peeraddr = ctl_peeraddr,
159 .pru_rcvd = ctl_usr_rcvd,
160 .pru_send = ctl_send,
161 .pru_send_list = ctl_send_list,
162 .pru_sosend = sosend,
163 .pru_sosend_list = sosend_list,
164 .pru_soreceive = soreceive,
165 .pru_soreceive_list = soreceive_list,
166 };
167
168 static struct protosw kctlsw[] = {
169 {
170 .pr_type = SOCK_DGRAM,
171 .pr_protocol = SYSPROTO_CONTROL,
172 .pr_flags = PR_ATOMIC|PR_CONNREQUIRED|PR_PCBLOCK|PR_WANTRCVD,
173 .pr_ctloutput = ctl_ctloutput,
174 .pr_usrreqs = &ctl_usrreqs,
175 .pr_lock = ctl_lock,
176 .pr_unlock = ctl_unlock,
177 .pr_getlock = ctl_getlock,
178 },
179 {
180 .pr_type = SOCK_STREAM,
181 .pr_protocol = SYSPROTO_CONTROL,
182 .pr_flags = PR_CONNREQUIRED|PR_PCBLOCK|PR_WANTRCVD,
183 .pr_ctloutput = ctl_ctloutput,
184 .pr_usrreqs = &ctl_usrreqs,
185 .pr_lock = ctl_lock,
186 .pr_unlock = ctl_unlock,
187 .pr_getlock = ctl_getlock,
188 }
189 };
190
191 __private_extern__ int kctl_reg_list SYSCTL_HANDLER_ARGS;
192 __private_extern__ int kctl_pcblist SYSCTL_HANDLER_ARGS;
193 __private_extern__ int kctl_getstat SYSCTL_HANDLER_ARGS;
194
195
196 SYSCTL_NODE(_net_systm, OID_AUTO, kctl,
197 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "Kernel control family");
198
199 struct kctlstat kctlstat;
200 SYSCTL_PROC(_net_systm_kctl, OID_AUTO, stats,
201 CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_LOCKED, 0, 0,
202 kctl_getstat, "S,kctlstat", "");
203
204 SYSCTL_PROC(_net_systm_kctl, OID_AUTO, reg_list,
205 CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_LOCKED, 0, 0,
206 kctl_reg_list, "S,xkctl_reg", "");
207
208 SYSCTL_PROC(_net_systm_kctl, OID_AUTO, pcblist,
209 CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_LOCKED, 0, 0,
210 kctl_pcblist, "S,xkctlpcb", "");
211
212 u_int32_t ctl_autorcvbuf_max = 256 * 1024;
213 SYSCTL_INT(_net_systm_kctl, OID_AUTO, autorcvbufmax,
214 CTLFLAG_RW | CTLFLAG_LOCKED, &ctl_autorcvbuf_max, 0, "");
215
216 u_int32_t ctl_autorcvbuf_high = 0;
217 SYSCTL_INT(_net_systm_kctl, OID_AUTO, autorcvbufhigh,
218 CTLFLAG_RD | CTLFLAG_LOCKED, &ctl_autorcvbuf_high, 0, "");
219
220 u_int32_t ctl_debug = 0;
221 SYSCTL_INT(_net_systm_kctl, OID_AUTO, debug,
222 CTLFLAG_RW | CTLFLAG_LOCKED, &ctl_debug, 0, "");
223
224 #define KCTL_TBL_INC 16
225
226 static uintptr_t kctl_tbl_size = 0;
227 static u_int32_t kctl_tbl_growing = 0;
228 static u_int32_t kctl_tbl_growing_waiting = 0;
229 static uintptr_t kctl_tbl_count = 0;
230 static struct kctl **kctl_table = NULL;
231 static uintptr_t kctl_ref_gencnt = 0;
232
233 static void kctl_tbl_grow(void);
234 static kern_ctl_ref kctl_make_ref(struct kctl *kctl);
235 static void kctl_delete_ref(kern_ctl_ref);
236 static struct kctl *kctl_from_ref(kern_ctl_ref);
237
238 /*
239 * Install the protosw's for the Kernel Control manager.
240 */
241 __private_extern__ void
242 kern_control_init(struct domain *dp)
243 {
244 struct protosw *pr;
245 int i;
246 int kctl_proto_count = (sizeof (kctlsw) / sizeof (struct protosw));
247
248 VERIFY(!(dp->dom_flags & DOM_INITIALIZED));
249 VERIFY(dp == systemdomain);
250
251 ctl_lck_grp_attr = lck_grp_attr_alloc_init();
252 if (ctl_lck_grp_attr == NULL) {
253 panic("%s: lck_grp_attr_alloc_init failed\n", __func__);
254 /* NOTREACHED */
255 }
256
257 ctl_lck_grp = lck_grp_alloc_init("Kernel Control Protocol",
258 ctl_lck_grp_attr);
259 if (ctl_lck_grp == NULL) {
260 panic("%s: lck_grp_alloc_init failed\n", __func__);
261 /* NOTREACHED */
262 }
263
264 ctl_lck_attr = lck_attr_alloc_init();
265 if (ctl_lck_attr == NULL) {
266 panic("%s: lck_attr_alloc_init failed\n", __func__);
267 /* NOTREACHED */
268 }
269
270 ctl_mtx = lck_mtx_alloc_init(ctl_lck_grp, ctl_lck_attr);
271 if (ctl_mtx == NULL) {
272 panic("%s: lck_mtx_alloc_init failed\n", __func__);
273 /* NOTREACHED */
274 }
275 TAILQ_INIT(&ctl_head);
276
277 for (i = 0, pr = &kctlsw[0]; i < kctl_proto_count; i++, pr++)
278 net_add_proto(pr, dp, 1);
279 }
280
281 static void
282 kcb_delete(struct ctl_cb *kcb)
283 {
284 if (kcb != 0) {
285 if (kcb->mtx != 0)
286 lck_mtx_free(kcb->mtx, ctl_lck_grp);
287 FREE(kcb, M_TEMP);
288 }
289 }
290
291 /*
292 * Kernel Controller user-request functions
293 * attach function must exist and succeed
294 * detach not necessary
295 * we need a pcb for the per socket mutex
296 */
297 static int
298 ctl_attach(struct socket *so, int proto, struct proc *p)
299 {
300 #pragma unused(proto, p)
301 int error = 0;
302 struct ctl_cb *kcb = 0;
303
304 MALLOC(kcb, struct ctl_cb *, sizeof(struct ctl_cb), M_TEMP, M_WAITOK);
305 if (kcb == NULL) {
306 error = ENOMEM;
307 goto quit;
308 }
309 bzero(kcb, sizeof(struct ctl_cb));
310
311 kcb->mtx = lck_mtx_alloc_init(ctl_lck_grp, ctl_lck_attr);
312 if (kcb->mtx == NULL) {
313 error = ENOMEM;
314 goto quit;
315 }
316 kcb->so = so;
317 so->so_pcb = (caddr_t)kcb;
318
319 quit:
320 if (error != 0) {
321 kcb_delete(kcb);
322 kcb = 0;
323 }
324 return (error);
325 }
326
327 static int
328 ctl_sofreelastref(struct socket *so)
329 {
330 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
331
332 so->so_pcb = 0;
333
334 if (kcb != 0) {
335 struct kctl *kctl;
336 if ((kctl = kcb->kctl) != 0) {
337 lck_mtx_lock(ctl_mtx);
338 TAILQ_REMOVE(&kctl->kcb_head, kcb, next);
339 kctlstat.kcs_pcbcount--;
340 kctlstat.kcs_gencnt++;
341 lck_mtx_unlock(ctl_mtx);
342 }
343 kcb_delete(kcb);
344 }
345 sofreelastref(so, 1);
346 return (0);
347 }
348
349 static int
350 ctl_detach(struct socket *so)
351 {
352 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
353
354 if (kcb == 0)
355 return (0);
356
357 soisdisconnected(so);
358 so->so_flags |= SOF_PCBCLEARING;
359 return (0);
360 }
361
362 static int
363 ctl_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
364 {
365 #pragma unused(p)
366 struct kctl *kctl;
367 int error = 0;
368 struct sockaddr_ctl sa;
369 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
370 struct ctl_cb *kcb_next = NULL;
371 u_quad_t sbmaxsize;
372 u_int32_t recvbufsize, sendbufsize;
373
374 if (kcb == 0)
375 panic("ctl_connect so_pcb null\n");
376
377 if (nam->sa_len != sizeof(struct sockaddr_ctl))
378 return (EINVAL);
379
380 bcopy(nam, &sa, sizeof(struct sockaddr_ctl));
381
382 lck_mtx_lock(ctl_mtx);
383 kctl = ctl_find_by_id_unit(sa.sc_id, sa.sc_unit);
384 if (kctl == NULL) {
385 lck_mtx_unlock(ctl_mtx);
386 return (ENOENT);
387 }
388
389 if (((kctl->flags & CTL_FLAG_REG_SOCK_STREAM) &&
390 (so->so_type != SOCK_STREAM)) ||
391 (!(kctl->flags & CTL_FLAG_REG_SOCK_STREAM) &&
392 (so->so_type != SOCK_DGRAM))) {
393 lck_mtx_unlock(ctl_mtx);
394 return (EPROTOTYPE);
395 }
396
397 if (kctl->flags & CTL_FLAG_PRIVILEGED) {
398 if (p == 0) {
399 lck_mtx_unlock(ctl_mtx);
400 return (EINVAL);
401 }
402 if (kauth_cred_issuser(kauth_cred_get()) == 0) {
403 lck_mtx_unlock(ctl_mtx);
404 return (EPERM);
405 }
406 }
407
408 if ((kctl->flags & CTL_FLAG_REG_ID_UNIT) || sa.sc_unit != 0) {
409 if (kcb_find(kctl, sa.sc_unit) != NULL) {
410 lck_mtx_unlock(ctl_mtx);
411 return (EBUSY);
412 }
413 } else {
414 /* Find an unused ID, assumes control IDs are in order */
415 u_int32_t unit = 1;
416
417 TAILQ_FOREACH(kcb_next, &kctl->kcb_head, next) {
418 if (kcb_next->unit > unit) {
419 /* Found a gap, lets fill it in */
420 break;
421 }
422 unit = kcb_next->unit + 1;
423 if (unit == ctl_maxunit)
424 break;
425 }
426
427 if (unit == ctl_maxunit) {
428 lck_mtx_unlock(ctl_mtx);
429 return (EBUSY);
430 }
431
432 sa.sc_unit = unit;
433 }
434
435 kcb->unit = sa.sc_unit;
436 kcb->kctl = kctl;
437 if (kcb_next != NULL) {
438 TAILQ_INSERT_BEFORE(kcb_next, kcb, next);
439 } else {
440 TAILQ_INSERT_TAIL(&kctl->kcb_head, kcb, next);
441 }
442 kctlstat.kcs_pcbcount++;
443 kctlstat.kcs_gencnt++;
444 kctlstat.kcs_connections++;
445 lck_mtx_unlock(ctl_mtx);
446
447 /*
448 * rdar://15526688: Limit the send and receive sizes to sb_max
449 * by using the same scaling as sbreserve()
450 */
451 sbmaxsize = (u_quad_t)sb_max * MCLBYTES / (MSIZE + MCLBYTES);
452
453 if (kctl->sendbufsize > sbmaxsize)
454 sendbufsize = sbmaxsize;
455 else
456 sendbufsize = kctl->sendbufsize;
457
458 if (kctl->recvbufsize > sbmaxsize)
459 recvbufsize = sbmaxsize;
460 else
461 recvbufsize = kctl->recvbufsize;
462
463 error = soreserve(so, sendbufsize, recvbufsize);
464 if (error) {
465 if (ctl_debug)
466 printf("%s - soreserve(%llx, %u, %u) error %d\n",
467 __func__, (uint64_t)VM_KERNEL_ADDRPERM(so),
468 sendbufsize, recvbufsize, error);
469 goto done;
470 }
471 soisconnecting(so);
472
473 socket_unlock(so, 0);
474 error = (*kctl->connect)(kctl->kctlref, &sa, &kcb->userdata);
475 socket_lock(so, 0);
476 if (error)
477 goto end;
478
479 soisconnected(so);
480
481 end:
482 if (error && kctl->disconnect) {
483 /*
484 * XXX Make sure we Don't check the return value
485 * of disconnect here.
486 * ipsec/utun_ctl_disconnect will return error when
487 * disconnect gets called after connect failure.
488 * However if we decide to check for disconnect return
489 * value here. Please make sure to revisit
490 * ipsec/utun_ctl_disconnect.
491 */
492 socket_unlock(so, 0);
493 (*kctl->disconnect)(kctl->kctlref, kcb->unit, kcb->userdata);
494 socket_lock(so, 0);
495 }
496 done:
497 if (error) {
498 soisdisconnected(so);
499 lck_mtx_lock(ctl_mtx);
500 kcb->kctl = 0;
501 kcb->unit = 0;
502 TAILQ_REMOVE(&kctl->kcb_head, kcb, next);
503 kctlstat.kcs_pcbcount--;
504 kctlstat.kcs_gencnt++;
505 kctlstat.kcs_conn_fail++;
506 lck_mtx_unlock(ctl_mtx);
507 }
508 return (error);
509 }
510
511 static int
512 ctl_disconnect(struct socket *so)
513 {
514 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
515
516 if ((kcb = (struct ctl_cb *)so->so_pcb)) {
517 struct kctl *kctl = kcb->kctl;
518
519 if (kctl && kctl->disconnect) {
520 socket_unlock(so, 0);
521 (*kctl->disconnect)(kctl->kctlref, kcb->unit,
522 kcb->userdata);
523 socket_lock(so, 0);
524 }
525
526 soisdisconnected(so);
527
528 socket_unlock(so, 0);
529 lck_mtx_lock(ctl_mtx);
530 kcb->kctl = 0;
531 kcb->unit = 0;
532 while (kcb->usecount != 0) {
533 msleep(&kcb->usecount, ctl_mtx, 0, "kcb->usecount", 0);
534 }
535 TAILQ_REMOVE(&kctl->kcb_head, kcb, next);
536 kctlstat.kcs_pcbcount--;
537 kctlstat.kcs_gencnt++;
538 lck_mtx_unlock(ctl_mtx);
539 socket_lock(so, 0);
540 }
541 return (0);
542 }
543
544 static int
545 ctl_peeraddr(struct socket *so, struct sockaddr **nam)
546 {
547 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
548 struct kctl *kctl;
549 struct sockaddr_ctl sc;
550
551 if (kcb == NULL) /* sanity check */
552 return (ENOTCONN);
553
554 if ((kctl = kcb->kctl) == NULL)
555 return (EINVAL);
556
557 bzero(&sc, sizeof(struct sockaddr_ctl));
558 sc.sc_len = sizeof(struct sockaddr_ctl);
559 sc.sc_family = AF_SYSTEM;
560 sc.ss_sysaddr = AF_SYS_CONTROL;
561 sc.sc_id = kctl->id;
562 sc.sc_unit = kcb->unit;
563
564 *nam = dup_sockaddr((struct sockaddr *)&sc, 1);
565
566 return (0);
567 }
568
569 static void
570 ctl_sbrcv_trim(struct socket *so)
571 {
572 struct sockbuf *sb = &so->so_rcv;
573
574 if (sb->sb_hiwat > sb->sb_idealsize) {
575 u_int32_t diff;
576 int32_t trim;
577
578 /*
579 * The difference between the ideal size and the
580 * current size is the upper bound of the trimage
581 */
582 diff = sb->sb_hiwat - sb->sb_idealsize;
583 /*
584 * We cannot trim below the outstanding data
585 */
586 trim = sb->sb_hiwat - sb->sb_cc;
587
588 trim = imin(trim, (int32_t)diff);
589
590 if (trim > 0) {
591 sbreserve(sb, (sb->sb_hiwat - trim));
592
593 if (ctl_debug)
594 printf("%s - shrunk to %d\n",
595 __func__, sb->sb_hiwat);
596 }
597 }
598 }
599
600 static int
601 ctl_usr_rcvd(struct socket *so, int flags)
602 {
603 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
604 struct kctl *kctl;
605
606 if ((kctl = kcb->kctl) == NULL) {
607 return (EINVAL);
608 }
609
610 if (kctl->rcvd) {
611 socket_unlock(so, 0);
612 (*kctl->rcvd)(kctl->kctlref, kcb->unit, kcb->userdata, flags);
613 socket_lock(so, 0);
614 }
615
616 ctl_sbrcv_trim(so);
617
618 return (0);
619 }
620
621 static int
622 ctl_send(struct socket *so, int flags, struct mbuf *m,
623 struct sockaddr *addr, struct mbuf *control,
624 struct proc *p)
625 {
626 #pragma unused(addr, p)
627 int error = 0;
628 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
629 struct kctl *kctl;
630
631 if (control)
632 m_freem(control);
633
634 if (kcb == NULL) /* sanity check */
635 error = ENOTCONN;
636
637 if (error == 0 && (kctl = kcb->kctl) == NULL)
638 error = EINVAL;
639
640 if (error == 0 && kctl->send) {
641 so_tc_update_stats(m, so, m_get_service_class(m));
642 socket_unlock(so, 0);
643 error = (*kctl->send)(kctl->kctlref, kcb->unit, kcb->userdata,
644 m, flags);
645 socket_lock(so, 0);
646 } else {
647 m_freem(m);
648 if (error == 0)
649 error = ENOTSUP;
650 }
651 if (error != 0)
652 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_send_fail);
653 return (error);
654 }
655
656 static int
657 ctl_send_list(struct socket *so, int flags, struct mbuf *m,
658 __unused struct sockaddr *addr, struct mbuf *control,
659 __unused struct proc *p)
660 {
661 int error = 0;
662 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
663 struct kctl *kctl;
664
665 if (control)
666 m_freem_list(control);
667
668 if (kcb == NULL) /* sanity check */
669 error = ENOTCONN;
670
671 if (error == 0 && (kctl = kcb->kctl) == NULL)
672 error = EINVAL;
673
674 if (error == 0 && kctl->send_list) {
675 struct mbuf *nxt;
676
677 for (nxt = m; nxt != NULL; nxt = nxt->m_nextpkt)
678 so_tc_update_stats(nxt, so, m_get_service_class(nxt));
679
680 socket_unlock(so, 0);
681 error = (*kctl->send_list)(kctl->kctlref, kcb->unit,
682 kcb->userdata, m, flags);
683 socket_lock(so, 0);
684 } else if (error == 0 && kctl->send) {
685 while (m != NULL && error == 0) {
686 struct mbuf *nextpkt = m->m_nextpkt;
687
688 m->m_nextpkt = NULL;
689 so_tc_update_stats(m, so, m_get_service_class(m));
690 socket_unlock(so, 0);
691 error = (*kctl->send)(kctl->kctlref, kcb->unit,
692 kcb->userdata, m, flags);
693 socket_lock(so, 0);
694 m = nextpkt;
695 }
696 if (m != NULL)
697 m_freem_list(m);
698 } else {
699 m_freem_list(m);
700 if (error == 0)
701 error = ENOTSUP;
702 }
703 if (error != 0)
704 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_send_list_fail);
705 return (error);
706 }
707
708 static errno_t
709 ctl_rcvbspace(struct socket *so, u_int32_t datasize,
710 u_int32_t kctlflags, u_int32_t flags)
711 {
712 struct sockbuf *sb = &so->so_rcv;
713 u_int32_t space = sbspace(sb);
714 errno_t error;
715
716 if ((kctlflags & CTL_FLAG_REG_CRIT) == 0) {
717 if ((u_int32_t) space >= datasize)
718 error = 0;
719 else
720 error = ENOBUFS;
721 } else if ((flags & CTL_DATA_CRIT) == 0) {
722 /*
723 * Reserve 25% for critical messages
724 */
725 if (space < (sb->sb_hiwat >> 2) ||
726 space < datasize)
727 error = ENOBUFS;
728 else
729 error = 0;
730 } else {
731 u_int32_t autorcvbuf_max;
732
733 /*
734 * Allow overcommit of 25%
735 */
736 autorcvbuf_max = min(sb->sb_idealsize + (sb->sb_idealsize >> 2),
737 ctl_autorcvbuf_max);
738
739 if ((u_int32_t) space >= datasize) {
740 error = 0;
741 } else if (tcp_cansbgrow(sb) &&
742 sb->sb_hiwat < autorcvbuf_max) {
743 /*
744 * Grow with a little bit of leeway
745 */
746 u_int32_t grow = datasize - space + MSIZE;
747
748 if (sbreserve(sb,
749 min((sb->sb_hiwat + grow), autorcvbuf_max)) == 1) {
750
751 if (sb->sb_hiwat > ctl_autorcvbuf_high)
752 ctl_autorcvbuf_high = sb->sb_hiwat;
753
754 /*
755 * A final check
756 */
757 if ((u_int32_t) sbspace(sb) >= datasize) {
758 error = 0;
759 } else {
760 error = ENOBUFS;
761 }
762
763 if (ctl_debug)
764 printf("%s - grown to %d error %d\n",
765 __func__, sb->sb_hiwat, error);
766 } else {
767 error = ENOBUFS;
768 }
769 } else {
770 error = ENOBUFS;
771 }
772 }
773 return (error);
774 }
775
776 errno_t
777 ctl_enqueuembuf(kern_ctl_ref kctlref, u_int32_t unit, struct mbuf *m,
778 u_int32_t flags)
779 {
780 struct socket *so;
781 errno_t error = 0;
782 int len = m->m_pkthdr.len;
783 u_int32_t kctlflags;
784
785 so = kcb_find_socket(kctlref, unit, &kctlflags);
786 if (so == NULL) {
787 return (EINVAL);
788 }
789
790 if (ctl_rcvbspace(so, len, kctlflags, flags) != 0) {
791 error = ENOBUFS;
792 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fullsock);
793 goto bye;
794 }
795 if ((flags & CTL_DATA_EOR))
796 m->m_flags |= M_EOR;
797
798 so_recv_data_stat(so, m, 0);
799 if (sbappend(&so->so_rcv, m) != 0) {
800 if ((flags & CTL_DATA_NOWAKEUP) == 0)
801 sorwakeup(so);
802 } else {
803 error = ENOBUFS;
804 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fullsock);
805 }
806 bye:
807 if (ctl_debug && error != 0 && (flags & CTL_DATA_CRIT))
808 printf("%s - crit data err %d len %d hiwat %d cc: %d\n",
809 __func__, error, len,
810 so->so_rcv.sb_hiwat, so->so_rcv.sb_cc);
811
812 socket_unlock(so, 1);
813 if (error != 0)
814 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fail);
815
816 return (error);
817 }
818
819 /*
820 * Compute space occupied by mbuf like sbappendrecord
821 */
822 static int
823 m_space(struct mbuf *m)
824 {
825 int space = 0;
826 struct mbuf *nxt;
827
828 for (nxt = m; nxt != NULL; nxt = nxt->m_next)
829 space += nxt->m_len;
830
831 return (space);
832 }
833
834 errno_t
835 ctl_enqueuembuf_list(void *kctlref, u_int32_t unit, struct mbuf *m_list,
836 u_int32_t flags, struct mbuf **m_remain)
837 {
838 struct socket *so = NULL;
839 errno_t error = 0;
840 struct mbuf *m, *nextpkt;
841 int needwakeup = 0;
842 int len;
843 u_int32_t kctlflags;
844
845 /*
846 * Need to point the beginning of the list in case of early exit
847 */
848 m = m_list;
849
850 /*
851 * kcb_find_socket takes the socket lock with a reference
852 */
853 so = kcb_find_socket(kctlref, unit, &kctlflags);
854 if (so == NULL) {
855 error = EINVAL;
856 goto done;
857 }
858
859 if (kctlflags & CTL_FLAG_REG_SOCK_STREAM) {
860 error = EOPNOTSUPP;
861 goto done;
862 }
863 if (flags & CTL_DATA_EOR) {
864 error = EINVAL;
865 goto done;
866 }
867
868 for (m = m_list; m != NULL; m = nextpkt) {
869 nextpkt = m->m_nextpkt;
870
871 if (m->m_pkthdr.len == 0 && ctl_debug)
872 printf("%s: %llx m_pkthdr.len is 0",
873 __func__, (uint64_t)VM_KERNEL_ADDRPERM(m));
874
875 /*
876 * The mbuf is either appended or freed by sbappendrecord()
877 * so it's not reliable from a data standpoint
878 */
879 len = m_space(m);
880 if (ctl_rcvbspace(so, len, kctlflags, flags) != 0) {
881 error = ENOBUFS;
882 OSIncrementAtomic64(
883 (SInt64 *)&kctlstat.kcs_enqueue_fullsock);
884 break;
885 } else {
886 /*
887 * Unlink from the list, m is on its own
888 */
889 m->m_nextpkt = NULL;
890 so_recv_data_stat(so, m, 0);
891 if (sbappendrecord(&so->so_rcv, m) != 0) {
892 needwakeup = 1;
893 } else {
894 /*
895 * We free or return the remaining
896 * mbufs in the list
897 */
898 m = nextpkt;
899 error = ENOBUFS;
900 OSIncrementAtomic64(
901 (SInt64 *)&kctlstat.kcs_enqueue_fullsock);
902 break;
903 }
904 }
905 }
906 if (needwakeup && (flags & CTL_DATA_NOWAKEUP) == 0)
907 sorwakeup(so);
908
909 done:
910 if (so != NULL) {
911 if (ctl_debug && error != 0 && (flags & CTL_DATA_CRIT))
912 printf("%s - crit data err %d len %d hiwat %d cc: %d\n",
913 __func__, error, len,
914 so->so_rcv.sb_hiwat, so->so_rcv.sb_cc);
915
916 socket_unlock(so, 1);
917 }
918 if (m_remain) {
919 *m_remain = m;
920
921 if (m != NULL && socket_debug && so != NULL &&
922 (so->so_options & SO_DEBUG)) {
923 struct mbuf *n;
924
925 printf("%s m_list %llx\n", __func__,
926 (uint64_t) VM_KERNEL_ADDRPERM(m_list));
927 for (n = m; n != NULL; n = n->m_nextpkt)
928 printf(" remain %llx m_next %llx\n",
929 (uint64_t) VM_KERNEL_ADDRPERM(n),
930 (uint64_t) VM_KERNEL_ADDRPERM(n->m_next));
931 }
932 } else {
933 if (m != NULL)
934 m_freem_list(m);
935 }
936 if (error != 0)
937 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fail);
938 return (error);
939 }
940
941 errno_t
942 ctl_enqueuedata(void *kctlref, u_int32_t unit, void *data, size_t len,
943 u_int32_t flags)
944 {
945 struct socket *so;
946 struct mbuf *m;
947 errno_t error = 0;
948 unsigned int num_needed;
949 struct mbuf *n;
950 size_t curlen = 0;
951 u_int32_t kctlflags;
952
953 so = kcb_find_socket(kctlref, unit, &kctlflags);
954 if (so == NULL) {
955 return (EINVAL);
956 }
957
958 if (ctl_rcvbspace(so, len, kctlflags, flags) != 0) {
959 error = ENOBUFS;
960 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fullsock);
961 goto bye;
962 }
963
964 num_needed = 1;
965 m = m_allocpacket_internal(&num_needed, len, NULL, M_NOWAIT, 1, 0);
966 if (m == NULL) {
967 kctlstat.kcs_enqdata_mb_alloc_fail++;
968 if (ctl_debug)
969 printf("%s: m_allocpacket_internal(%lu) failed\n",
970 __func__, len);
971 error = ENOMEM;
972 goto bye;
973 }
974
975 for (n = m; n != NULL; n = n->m_next) {
976 size_t mlen = mbuf_maxlen(n);
977
978 if (mlen + curlen > len)
979 mlen = len - curlen;
980 n->m_len = mlen;
981 bcopy((char *)data + curlen, n->m_data, mlen);
982 curlen += mlen;
983 }
984 mbuf_pkthdr_setlen(m, curlen);
985
986 if ((flags & CTL_DATA_EOR))
987 m->m_flags |= M_EOR;
988 so_recv_data_stat(so, m, 0);
989 if (sbappend(&so->so_rcv, m) != 0) {
990 if ((flags & CTL_DATA_NOWAKEUP) == 0)
991 sorwakeup(so);
992 } else {
993 kctlstat.kcs_enqdata_sbappend_fail++;
994 error = ENOBUFS;
995 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fullsock);
996 }
997
998 bye:
999 if (ctl_debug && error != 0 && (flags & CTL_DATA_CRIT))
1000 printf("%s - crit data err %d len %d hiwat %d cc: %d\n",
1001 __func__, error, (int)len,
1002 so->so_rcv.sb_hiwat, so->so_rcv.sb_cc);
1003
1004 socket_unlock(so, 1);
1005 if (error != 0)
1006 OSIncrementAtomic64((SInt64 *)&kctlstat.kcs_enqueue_fail);
1007 return (error);
1008 }
1009
1010 errno_t
1011 ctl_getenqueuepacketcount(kern_ctl_ref kctlref, u_int32_t unit, u_int32_t *pcnt)
1012 {
1013 struct socket *so;
1014 u_int32_t cnt;
1015 struct mbuf *m1;
1016
1017 if (pcnt == NULL)
1018 return (EINVAL);
1019
1020 so = kcb_find_socket(kctlref, unit, NULL);
1021 if (so == NULL) {
1022 return (EINVAL);
1023 }
1024
1025 cnt = 0;
1026 m1 = so->so_rcv.sb_mb;
1027 while (m1 != NULL) {
1028 if (m1->m_type == MT_DATA ||
1029 m1->m_type == MT_HEADER ||
1030 m1->m_type == MT_OOBDATA)
1031 cnt += 1;
1032 m1 = m1->m_nextpkt;
1033 }
1034 *pcnt = cnt;
1035
1036 socket_unlock(so, 1);
1037
1038 return (0);
1039 }
1040
1041 errno_t
1042 ctl_getenqueuespace(kern_ctl_ref kctlref, u_int32_t unit, size_t *space)
1043 {
1044 struct socket *so;
1045 long avail;
1046
1047 if (space == NULL)
1048 return (EINVAL);
1049
1050 so = kcb_find_socket(kctlref, unit, NULL);
1051 if (so == NULL) {
1052 return (EINVAL);
1053 }
1054
1055 avail = sbspace(&so->so_rcv);
1056 *space = (avail < 0) ? 0 : avail;
1057 socket_unlock(so, 1);
1058
1059 return (0);
1060 }
1061
1062 errno_t
1063 ctl_getenqueuereadable(kern_ctl_ref kctlref, u_int32_t unit,
1064 u_int32_t *difference)
1065 {
1066 struct socket *so;
1067
1068 if (difference == NULL)
1069 return (EINVAL);
1070
1071 so = kcb_find_socket(kctlref, unit, NULL);
1072 if (so == NULL) {
1073 return (EINVAL);
1074 }
1075
1076 if (so->so_rcv.sb_cc >= so->so_rcv.sb_lowat) {
1077 *difference = 0;
1078 } else {
1079 *difference = (so->so_rcv.sb_lowat - so->so_rcv.sb_cc);
1080 }
1081 socket_unlock(so, 1);
1082
1083 return (0);
1084 }
1085
1086 static int
1087 ctl_ctloutput(struct socket *so, struct sockopt *sopt)
1088 {
1089 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
1090 struct kctl *kctl;
1091 int error = 0;
1092 void *data;
1093 size_t len;
1094
1095 if (sopt->sopt_level != SYSPROTO_CONTROL) {
1096 return (EINVAL);
1097 }
1098
1099 if (kcb == NULL) /* sanity check */
1100 return (ENOTCONN);
1101
1102 if ((kctl = kcb->kctl) == NULL)
1103 return (EINVAL);
1104
1105 switch (sopt->sopt_dir) {
1106 case SOPT_SET:
1107 if (kctl->setopt == NULL)
1108 return (ENOTSUP);
1109 if (sopt->sopt_valsize == 0) {
1110 data = NULL;
1111 } else {
1112 MALLOC(data, void *, sopt->sopt_valsize, M_TEMP,
1113 M_WAITOK);
1114 if (data == NULL)
1115 return (ENOMEM);
1116 error = sooptcopyin(sopt, data,
1117 sopt->sopt_valsize, sopt->sopt_valsize);
1118 }
1119 if (error == 0) {
1120 socket_unlock(so, 0);
1121 error = (*kctl->setopt)(kctl->kctlref,
1122 kcb->unit, kcb->userdata, sopt->sopt_name,
1123 data, sopt->sopt_valsize);
1124 socket_lock(so, 0);
1125 }
1126 FREE(data, M_TEMP);
1127 break;
1128
1129 case SOPT_GET:
1130 if (kctl->getopt == NULL)
1131 return (ENOTSUP);
1132 data = NULL;
1133 if (sopt->sopt_valsize && sopt->sopt_val) {
1134 MALLOC(data, void *, sopt->sopt_valsize, M_TEMP,
1135 M_WAITOK);
1136 if (data == NULL)
1137 return (ENOMEM);
1138 /*
1139 * 4108337 - copy user data in case the
1140 * kernel control needs it
1141 */
1142 error = sooptcopyin(sopt, data,
1143 sopt->sopt_valsize, sopt->sopt_valsize);
1144 }
1145 len = sopt->sopt_valsize;
1146 socket_unlock(so, 0);
1147 error = (*kctl->getopt)(kctl->kctlref, kcb->unit,
1148 kcb->userdata, sopt->sopt_name,
1149 data, &len);
1150 if (data != NULL && len > sopt->sopt_valsize)
1151 panic_plain("ctl_ctloutput: ctl %s returned "
1152 "len (%lu) > sopt_valsize (%lu)\n",
1153 kcb->kctl->name, len,
1154 sopt->sopt_valsize);
1155 socket_lock(so, 0);
1156 if (error == 0) {
1157 if (data != NULL)
1158 error = sooptcopyout(sopt, data, len);
1159 else
1160 sopt->sopt_valsize = len;
1161 }
1162 if (data != NULL)
1163 FREE(data, M_TEMP);
1164 break;
1165 }
1166 return (error);
1167 }
1168
1169 static int
1170 ctl_ioctl(struct socket *so, u_long cmd, caddr_t data,
1171 struct ifnet *ifp, struct proc *p)
1172 {
1173 #pragma unused(so, ifp, p)
1174 int error = ENOTSUP;
1175
1176 switch (cmd) {
1177 /* get the number of controllers */
1178 case CTLIOCGCOUNT: {
1179 struct kctl *kctl;
1180 u_int32_t n = 0;
1181
1182 lck_mtx_lock(ctl_mtx);
1183 TAILQ_FOREACH(kctl, &ctl_head, next)
1184 n++;
1185 lck_mtx_unlock(ctl_mtx);
1186
1187 bcopy(&n, data, sizeof (n));
1188 error = 0;
1189 break;
1190 }
1191 case CTLIOCGINFO: {
1192 struct ctl_info ctl_info;
1193 struct kctl *kctl = 0;
1194 size_t name_len;
1195
1196 bcopy(data, &ctl_info, sizeof (ctl_info));
1197 name_len = strnlen(ctl_info.ctl_name, MAX_KCTL_NAME);
1198
1199 if (name_len == 0 || name_len + 1 > MAX_KCTL_NAME) {
1200 error = EINVAL;
1201 break;
1202 }
1203 lck_mtx_lock(ctl_mtx);
1204 kctl = ctl_find_by_name(ctl_info.ctl_name);
1205 lck_mtx_unlock(ctl_mtx);
1206 if (kctl == 0) {
1207 error = ENOENT;
1208 break;
1209 }
1210 ctl_info.ctl_id = kctl->id;
1211 bcopy(&ctl_info, data, sizeof (ctl_info));
1212 error = 0;
1213 break;
1214 }
1215
1216 /* add controls to get list of NKEs */
1217
1218 }
1219
1220 return (error);
1221 }
1222
1223 static void
1224 kctl_tbl_grow()
1225 {
1226 struct kctl **new_table;
1227 uintptr_t new_size;
1228
1229 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1230
1231 if (kctl_tbl_growing) {
1232 /* Another thread is allocating */
1233 kctl_tbl_growing_waiting++;
1234
1235 do {
1236 (void) msleep((caddr_t) &kctl_tbl_growing, ctl_mtx,
1237 PSOCK | PCATCH, "kctl_tbl_growing", 0);
1238 } while (kctl_tbl_growing);
1239 kctl_tbl_growing_waiting--;
1240 }
1241 /* Another thread grew the table */
1242 if (kctl_table != NULL && kctl_tbl_count < kctl_tbl_size)
1243 return;
1244
1245 /* Verify we have a sane size */
1246 if (kctl_tbl_size + KCTL_TBL_INC >= UINT16_MAX) {
1247 kctlstat.kcs_tbl_size_too_big++;
1248 if (ctl_debug)
1249 printf("%s kctl_tbl_size %lu too big\n",
1250 __func__, kctl_tbl_size);
1251 return;
1252 }
1253 kctl_tbl_growing = 1;
1254
1255 new_size = kctl_tbl_size + KCTL_TBL_INC;
1256
1257 lck_mtx_unlock(ctl_mtx);
1258 new_table = _MALLOC(sizeof(struct kctl *) * new_size,
1259 M_TEMP, M_WAIT | M_ZERO);
1260 lck_mtx_lock(ctl_mtx);
1261
1262 if (new_table != NULL) {
1263 if (kctl_table != NULL) {
1264 bcopy(kctl_table, new_table,
1265 kctl_tbl_size * sizeof(struct kctl *));
1266
1267 _FREE(kctl_table, M_TEMP);
1268 }
1269 kctl_table = new_table;
1270 kctl_tbl_size = new_size;
1271 }
1272
1273 kctl_tbl_growing = 0;
1274
1275 if (kctl_tbl_growing_waiting) {
1276 wakeup(&kctl_tbl_growing);
1277 }
1278 }
1279
1280 #define KCTLREF_INDEX_MASK 0x0000FFFF
1281 #define KCTLREF_GENCNT_MASK 0xFFFF0000
1282 #define KCTLREF_GENCNT_SHIFT 16
1283
1284 static kern_ctl_ref
1285 kctl_make_ref(struct kctl *kctl)
1286 {
1287 uintptr_t i;
1288
1289 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1290
1291 if (kctl_tbl_count >= kctl_tbl_size)
1292 kctl_tbl_grow();
1293
1294 kctl->kctlref = NULL;
1295 for (i = 0; i < kctl_tbl_size; i++) {
1296 if (kctl_table[i] == NULL) {
1297 uintptr_t ref;
1298
1299 /*
1300 * Reference is index plus one
1301 */
1302 kctl_ref_gencnt += 1;
1303
1304 /*
1305 * Add generation count as salt to reference to prevent
1306 * use after deregister
1307 */
1308 ref = ((kctl_ref_gencnt << KCTLREF_GENCNT_SHIFT) &
1309 KCTLREF_GENCNT_MASK) +
1310 ((i + 1) & KCTLREF_INDEX_MASK);
1311
1312 kctl->kctlref = (void *)(ref);
1313 kctl_table[i] = kctl;
1314 kctl_tbl_count++;
1315 break;
1316 }
1317 }
1318
1319 if (kctl->kctlref == NULL)
1320 panic("%s no space in table", __func__);
1321
1322 if (ctl_debug > 0)
1323 printf("%s %p for %p\n",
1324 __func__, kctl->kctlref, kctl);
1325
1326 return (kctl->kctlref);
1327 }
1328
1329 static void
1330 kctl_delete_ref(kern_ctl_ref kctlref)
1331 {
1332 /*
1333 * Reference is index plus one
1334 */
1335 uintptr_t i = (((uintptr_t)kctlref) & KCTLREF_INDEX_MASK) - 1;
1336
1337 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1338
1339 if (i < kctl_tbl_size) {
1340 struct kctl *kctl = kctl_table[i];
1341
1342 if (kctl->kctlref == kctlref) {
1343 kctl_table[i] = NULL;
1344 kctl_tbl_count--;
1345 } else {
1346 kctlstat.kcs_bad_kctlref++;
1347 }
1348 } else {
1349 kctlstat.kcs_bad_kctlref++;
1350 }
1351 }
1352
1353 static struct kctl *
1354 kctl_from_ref(kern_ctl_ref kctlref)
1355 {
1356 /*
1357 * Reference is index plus one
1358 */
1359 uintptr_t i = (((uintptr_t)kctlref) & KCTLREF_INDEX_MASK) - 1;
1360 struct kctl *kctl = NULL;
1361
1362 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1363
1364 if (i >= kctl_tbl_size) {
1365 kctlstat.kcs_bad_kctlref++;
1366 return (NULL);
1367 }
1368 kctl = kctl_table[i];
1369 if (kctl->kctlref != kctlref) {
1370 kctlstat.kcs_bad_kctlref++;
1371 return (NULL);
1372 }
1373 return (kctl);
1374 }
1375
1376 /*
1377 * Register/unregister a NKE
1378 */
1379 errno_t
1380 ctl_register(struct kern_ctl_reg *userkctl, kern_ctl_ref *kctlref)
1381 {
1382 struct kctl *kctl = NULL;
1383 struct kctl *kctl_next = NULL;
1384 u_int32_t id = 1;
1385 size_t name_len;
1386 int is_extended = 0;
1387
1388 if (userkctl == NULL) /* sanity check */
1389 return (EINVAL);
1390 if (userkctl->ctl_connect == NULL)
1391 return (EINVAL);
1392 name_len = strlen(userkctl->ctl_name);
1393 if (name_len == 0 || name_len + 1 > MAX_KCTL_NAME)
1394 return (EINVAL);
1395
1396 MALLOC(kctl, struct kctl *, sizeof(*kctl), M_TEMP, M_WAITOK);
1397 if (kctl == NULL)
1398 return (ENOMEM);
1399 bzero((char *)kctl, sizeof(*kctl));
1400
1401 lck_mtx_lock(ctl_mtx);
1402
1403 if (kctl_make_ref(kctl) == NULL) {
1404 lck_mtx_unlock(ctl_mtx);
1405 FREE(kctl, M_TEMP);
1406 return (ENOMEM);
1407 }
1408
1409 /*
1410 * Kernel Control IDs
1411 *
1412 * CTL_FLAG_REG_ID_UNIT indicates the control ID and unit number are
1413 * static. If they do not exist, add them to the list in order. If the
1414 * flag is not set, we must find a new unique value. We assume the
1415 * list is in order. We find the last item in the list and add one. If
1416 * this leads to wrapping the id around, we start at the front of the
1417 * list and look for a gap.
1418 */
1419
1420 if ((userkctl->ctl_flags & CTL_FLAG_REG_ID_UNIT) == 0) {
1421 /* Must dynamically assign an unused ID */
1422
1423 /* Verify the same name isn't already registered */
1424 if (ctl_find_by_name(userkctl->ctl_name) != NULL) {
1425 kctl_delete_ref(kctl->kctlref);
1426 lck_mtx_unlock(ctl_mtx);
1427 FREE(kctl, M_TEMP);
1428 return (EEXIST);
1429 }
1430
1431 /* Start with 1 in case the list is empty */
1432 id = 1;
1433 kctl_next = TAILQ_LAST(&ctl_head, kctl_list);
1434
1435 if (kctl_next != NULL) {
1436 /* List was not empty, add one to the last item */
1437 id = kctl_next->id + 1;
1438 kctl_next = NULL;
1439
1440 /*
1441 * If this wrapped the id number, start looking at
1442 * the front of the list for an unused id.
1443 */
1444 if (id == 0) {
1445 /* Find the next unused ID */
1446 id = 1;
1447
1448 TAILQ_FOREACH(kctl_next, &ctl_head, next) {
1449 if (kctl_next->id > id) {
1450 /* We found a gap */
1451 break;
1452 }
1453
1454 id = kctl_next->id + 1;
1455 }
1456 }
1457 }
1458
1459 userkctl->ctl_id = id;
1460 kctl->id = id;
1461 kctl->reg_unit = -1;
1462 } else {
1463 TAILQ_FOREACH(kctl_next, &ctl_head, next) {
1464 if (kctl_next->id > userkctl->ctl_id)
1465 break;
1466 }
1467
1468 if (ctl_find_by_id_unit(userkctl->ctl_id, userkctl->ctl_unit)) {
1469 kctl_delete_ref(kctl->kctlref);
1470 lck_mtx_unlock(ctl_mtx);
1471 FREE(kctl, M_TEMP);
1472 return (EEXIST);
1473 }
1474 kctl->id = userkctl->ctl_id;
1475 kctl->reg_unit = userkctl->ctl_unit;
1476 }
1477
1478 is_extended = (userkctl->ctl_flags & CTL_FLAG_REG_EXTENDED);
1479
1480 strlcpy(kctl->name, userkctl->ctl_name, MAX_KCTL_NAME);
1481 kctl->flags = userkctl->ctl_flags;
1482
1483 /*
1484 * Let the caller know the default send and receive sizes
1485 */
1486 if (userkctl->ctl_sendsize == 0) {
1487 kctl->sendbufsize = CTL_SENDSIZE;
1488 userkctl->ctl_sendsize = kctl->sendbufsize;
1489 } else {
1490 kctl->sendbufsize = userkctl->ctl_sendsize;
1491 }
1492 if (userkctl->ctl_recvsize == 0) {
1493 kctl->recvbufsize = CTL_RECVSIZE;
1494 userkctl->ctl_recvsize = kctl->recvbufsize;
1495 } else {
1496 kctl->recvbufsize = userkctl->ctl_recvsize;
1497 }
1498
1499 kctl->connect = userkctl->ctl_connect;
1500 kctl->disconnect = userkctl->ctl_disconnect;
1501 kctl->send = userkctl->ctl_send;
1502 kctl->setopt = userkctl->ctl_setopt;
1503 kctl->getopt = userkctl->ctl_getopt;
1504 if (is_extended) {
1505 kctl->rcvd = userkctl->ctl_rcvd;
1506 kctl->send_list = userkctl->ctl_send_list;
1507 }
1508
1509 TAILQ_INIT(&kctl->kcb_head);
1510
1511 if (kctl_next)
1512 TAILQ_INSERT_BEFORE(kctl_next, kctl, next);
1513 else
1514 TAILQ_INSERT_TAIL(&ctl_head, kctl, next);
1515
1516 kctlstat.kcs_reg_count++;
1517 kctlstat.kcs_gencnt++;
1518
1519 lck_mtx_unlock(ctl_mtx);
1520
1521 *kctlref = kctl->kctlref;
1522
1523 ctl_post_msg(KEV_CTL_REGISTERED, kctl->id);
1524 return (0);
1525 }
1526
1527 errno_t
1528 ctl_deregister(void *kctlref)
1529 {
1530 struct kctl *kctl;
1531
1532 lck_mtx_lock(ctl_mtx);
1533 if ((kctl = kctl_from_ref(kctlref)) == NULL) {
1534 kctlstat.kcs_bad_kctlref++;
1535 lck_mtx_unlock(ctl_mtx);
1536 if (ctl_debug != 0)
1537 printf("%s invalid kctlref %p\n",
1538 __func__, kctlref);
1539 return (EINVAL);
1540 }
1541
1542 if (!TAILQ_EMPTY(&kctl->kcb_head)) {
1543 lck_mtx_unlock(ctl_mtx);
1544 return (EBUSY);
1545 }
1546
1547 TAILQ_REMOVE(&ctl_head, kctl, next);
1548
1549 kctlstat.kcs_reg_count--;
1550 kctlstat.kcs_gencnt++;
1551
1552 kctl_delete_ref(kctl->kctlref);
1553 lck_mtx_unlock(ctl_mtx);
1554
1555 ctl_post_msg(KEV_CTL_DEREGISTERED, kctl->id);
1556 FREE(kctl, M_TEMP);
1557 return (0);
1558 }
1559
1560 /*
1561 * Must be called with global ctl_mtx lock taked
1562 */
1563 static struct kctl *
1564 ctl_find_by_name(const char *name)
1565 {
1566 struct kctl *kctl;
1567
1568 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1569
1570 TAILQ_FOREACH(kctl, &ctl_head, next)
1571 if (strncmp(kctl->name, name, sizeof(kctl->name)) == 0)
1572 return (kctl);
1573
1574 return (NULL);
1575 }
1576
1577 u_int32_t
1578 ctl_id_by_name(const char *name)
1579 {
1580 u_int32_t ctl_id = 0;
1581 struct kctl *kctl;
1582
1583 lck_mtx_lock(ctl_mtx);
1584 kctl = ctl_find_by_name(name);
1585 if (kctl)
1586 ctl_id = kctl->id;
1587 lck_mtx_unlock(ctl_mtx);
1588
1589 return (ctl_id);
1590 }
1591
1592 errno_t
1593 ctl_name_by_id(u_int32_t id, char *out_name, size_t maxsize)
1594 {
1595 int found = 0;
1596 struct kctl *kctl;
1597
1598 lck_mtx_lock(ctl_mtx);
1599 TAILQ_FOREACH(kctl, &ctl_head, next) {
1600 if (kctl->id == id)
1601 break;
1602 }
1603
1604 if (kctl) {
1605 if (maxsize > MAX_KCTL_NAME)
1606 maxsize = MAX_KCTL_NAME;
1607 strlcpy(out_name, kctl->name, maxsize);
1608 found = 1;
1609 }
1610 lck_mtx_unlock(ctl_mtx);
1611
1612 return (found ? 0 : ENOENT);
1613 }
1614
1615 /*
1616 * Must be called with global ctl_mtx lock taked
1617 *
1618 */
1619 static struct kctl *
1620 ctl_find_by_id_unit(u_int32_t id, u_int32_t unit)
1621 {
1622 struct kctl *kctl;
1623
1624 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1625
1626 TAILQ_FOREACH(kctl, &ctl_head, next) {
1627 if (kctl->id == id && (kctl->flags & CTL_FLAG_REG_ID_UNIT) == 0)
1628 return (kctl);
1629 else if (kctl->id == id && kctl->reg_unit == unit)
1630 return (kctl);
1631 }
1632 return (NULL);
1633 }
1634
1635 /*
1636 * Must be called with kernel controller lock taken
1637 */
1638 static struct ctl_cb *
1639 kcb_find(struct kctl *kctl, u_int32_t unit)
1640 {
1641 struct ctl_cb *kcb;
1642
1643 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_OWNED);
1644
1645 TAILQ_FOREACH(kcb, &kctl->kcb_head, next)
1646 if (kcb->unit == unit)
1647 return (kcb);
1648
1649 return (NULL);
1650 }
1651
1652 static struct socket *
1653 kcb_find_socket(kern_ctl_ref kctlref, u_int32_t unit, u_int32_t *kctlflags)
1654 {
1655 struct socket *so = NULL;
1656 struct ctl_cb *kcb;
1657 void *lr_saved;
1658 struct kctl *kctl;
1659 int i;
1660
1661 lr_saved = __builtin_return_address(0);
1662
1663 lck_mtx_lock(ctl_mtx);
1664 /*
1665 * First validate the kctlref
1666 */
1667 if ((kctl = kctl_from_ref(kctlref)) == NULL) {
1668 kctlstat.kcs_bad_kctlref++;
1669 lck_mtx_unlock(ctl_mtx);
1670 if (ctl_debug != 0)
1671 printf("%s invalid kctlref %p\n",
1672 __func__, kctlref);
1673 return (NULL);
1674 }
1675
1676 kcb = kcb_find(kctl, unit);
1677 if (kcb == NULL || kcb->kctl != kctl || (so = kcb->so) == NULL) {
1678 lck_mtx_unlock(ctl_mtx);
1679 return (NULL);
1680 }
1681 /*
1682 * This prevents the socket from being closed
1683 */
1684 kcb->usecount++;
1685 /*
1686 * Respect lock ordering: socket before ctl_mtx
1687 */
1688 lck_mtx_unlock(ctl_mtx);
1689
1690 socket_lock(so, 1);
1691 /*
1692 * The socket lock history is more useful if we store
1693 * the address of the caller.
1694 */
1695 i = (so->next_lock_lr + SO_LCKDBG_MAX - 1) % SO_LCKDBG_MAX;
1696 so->lock_lr[i] = lr_saved;
1697
1698 lck_mtx_lock(ctl_mtx);
1699
1700 if ((kctl = kctl_from_ref(kctlref)) == NULL || kcb->kctl == NULL) {
1701 lck_mtx_unlock(ctl_mtx);
1702 socket_unlock(so, 1);
1703 so = NULL;
1704 lck_mtx_lock(ctl_mtx);
1705 } else if (kctlflags != NULL) {
1706 *kctlflags = kctl->flags;
1707 }
1708
1709 kcb->usecount--;
1710 if (kcb->usecount == 0)
1711 wakeup((event_t)&kcb->usecount);
1712
1713 lck_mtx_unlock(ctl_mtx);
1714
1715 return (so);
1716 }
1717
1718 static void
1719 ctl_post_msg(u_int32_t event_code, u_int32_t id)
1720 {
1721 struct ctl_event_data ctl_ev_data;
1722 struct kev_msg ev_msg;
1723
1724 lck_mtx_assert(ctl_mtx, LCK_MTX_ASSERT_NOTOWNED);
1725
1726 bzero(&ev_msg, sizeof(struct kev_msg));
1727 ev_msg.vendor_code = KEV_VENDOR_APPLE;
1728
1729 ev_msg.kev_class = KEV_SYSTEM_CLASS;
1730 ev_msg.kev_subclass = KEV_CTL_SUBCLASS;
1731 ev_msg.event_code = event_code;
1732
1733 /* common nke subclass data */
1734 bzero(&ctl_ev_data, sizeof(ctl_ev_data));
1735 ctl_ev_data.ctl_id = id;
1736 ev_msg.dv[0].data_ptr = &ctl_ev_data;
1737 ev_msg.dv[0].data_length = sizeof(ctl_ev_data);
1738
1739 ev_msg.dv[1].data_length = 0;
1740
1741 kev_post_msg(&ev_msg);
1742 }
1743
1744 static int
1745 ctl_lock(struct socket *so, int refcount, void *lr)
1746 {
1747 void *lr_saved;
1748
1749 if (lr == NULL)
1750 lr_saved = __builtin_return_address(0);
1751 else
1752 lr_saved = lr;
1753
1754 if (so->so_pcb != NULL) {
1755 lck_mtx_lock(((struct ctl_cb *)so->so_pcb)->mtx);
1756 } else {
1757 panic("ctl_lock: so=%p NO PCB! lr=%p lrh= %s\n",
1758 so, lr_saved, solockhistory_nr(so));
1759 /* NOTREACHED */
1760 }
1761
1762 if (so->so_usecount < 0) {
1763 panic("ctl_lock: so=%p so_pcb=%p lr=%p ref=%x lrh= %s\n",
1764 so, so->so_pcb, lr_saved, so->so_usecount,
1765 solockhistory_nr(so));
1766 /* NOTREACHED */
1767 }
1768
1769 if (refcount)
1770 so->so_usecount++;
1771
1772 so->lock_lr[so->next_lock_lr] = lr_saved;
1773 so->next_lock_lr = (so->next_lock_lr+1) % SO_LCKDBG_MAX;
1774 return (0);
1775 }
1776
1777 static int
1778 ctl_unlock(struct socket *so, int refcount, void *lr)
1779 {
1780 void *lr_saved;
1781 lck_mtx_t *mutex_held;
1782
1783 if (lr == NULL)
1784 lr_saved = __builtin_return_address(0);
1785 else
1786 lr_saved = lr;
1787
1788 #if (MORE_KCTLLOCK_DEBUG && (DEVELOPMENT || DEBUG))
1789 printf("ctl_unlock: so=%llx sopcb=%x lock=%llx ref=%u lr=%llx\n",
1790 (uint64_t)VM_KERNEL_ADDRPERM(so),
1791 (uint64_t)VM_KERNEL_ADDRPERM(so->so_pcb,
1792 (uint64_t)VM_KERNEL_ADDRPERM(((struct ctl_cb *)so->so_pcb)->mtx),
1793 so->so_usecount, (uint64_t)VM_KERNEL_ADDRPERM(lr_saved));
1794 #endif /* (MORE_KCTLLOCK_DEBUG && (DEVELOPMENT || DEBUG)) */
1795 if (refcount)
1796 so->so_usecount--;
1797
1798 if (so->so_usecount < 0) {
1799 panic("ctl_unlock: so=%p usecount=%x lrh= %s\n",
1800 so, so->so_usecount, solockhistory_nr(so));
1801 /* NOTREACHED */
1802 }
1803 if (so->so_pcb == NULL) {
1804 panic("ctl_unlock: so=%p NO PCB usecount=%x lr=%p lrh= %s\n",
1805 so, so->so_usecount, (void *)lr_saved,
1806 solockhistory_nr(so));
1807 /* NOTREACHED */
1808 }
1809 mutex_held = ((struct ctl_cb *)so->so_pcb)->mtx;
1810
1811 lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
1812 so->unlock_lr[so->next_unlock_lr] = lr_saved;
1813 so->next_unlock_lr = (so->next_unlock_lr+1) % SO_LCKDBG_MAX;
1814 lck_mtx_unlock(mutex_held);
1815
1816 if (so->so_usecount == 0)
1817 ctl_sofreelastref(so);
1818
1819 return (0);
1820 }
1821
1822 static lck_mtx_t *
1823 ctl_getlock(struct socket *so, int locktype)
1824 {
1825 #pragma unused(locktype)
1826 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
1827
1828 if (so->so_pcb) {
1829 if (so->so_usecount < 0)
1830 panic("ctl_getlock: so=%p usecount=%x lrh= %s\n",
1831 so, so->so_usecount, solockhistory_nr(so));
1832 return (kcb->mtx);
1833 } else {
1834 panic("ctl_getlock: so=%p NULL NO so_pcb %s\n",
1835 so, solockhistory_nr(so));
1836 return (so->so_proto->pr_domain->dom_mtx);
1837 }
1838 }
1839
1840 __private_extern__ int
1841 kctl_reg_list SYSCTL_HANDLER_ARGS
1842 {
1843 #pragma unused(oidp, arg1, arg2)
1844 int error = 0;
1845 int n, i;
1846 struct xsystmgen xsg;
1847 void *buf = NULL;
1848 struct kctl *kctl;
1849 size_t item_size = ROUNDUP64(sizeof (struct xkctl_reg));
1850
1851 buf = _MALLOC(item_size, M_TEMP, M_WAITOK | M_ZERO);
1852 if (buf == NULL)
1853 return (ENOMEM);
1854
1855 lck_mtx_lock(ctl_mtx);
1856
1857 n = kctlstat.kcs_reg_count;
1858
1859 if (req->oldptr == USER_ADDR_NULL) {
1860 req->oldidx = (n + n/8) * sizeof(struct xkctl_reg);
1861 goto done;
1862 }
1863 if (req->newptr != USER_ADDR_NULL) {
1864 error = EPERM;
1865 goto done;
1866 }
1867 bzero(&xsg, sizeof (xsg));
1868 xsg.xg_len = sizeof (xsg);
1869 xsg.xg_count = n;
1870 xsg.xg_gen = kctlstat.kcs_gencnt;
1871 xsg.xg_sogen = so_gencnt;
1872 error = SYSCTL_OUT(req, &xsg, sizeof (xsg));
1873 if (error) {
1874 goto done;
1875 }
1876 /*
1877 * We are done if there is no pcb
1878 */
1879 if (n == 0) {
1880 goto done;
1881 }
1882
1883 i = 0;
1884 for (i = 0, kctl = TAILQ_FIRST(&ctl_head);
1885 i < n && kctl != NULL;
1886 i++, kctl = TAILQ_NEXT(kctl, next)) {
1887 struct xkctl_reg *xkr = (struct xkctl_reg *)buf;
1888 struct ctl_cb *kcb;
1889 u_int32_t pcbcount = 0;
1890
1891 TAILQ_FOREACH(kcb, &kctl->kcb_head, next)
1892 pcbcount++;
1893
1894 bzero(buf, item_size);
1895
1896 xkr->xkr_len = sizeof(struct xkctl_reg);
1897 xkr->xkr_kind = XSO_KCREG;
1898 xkr->xkr_id = kctl->id;
1899 xkr->xkr_reg_unit = kctl->reg_unit;
1900 xkr->xkr_flags = kctl->flags;
1901 xkr->xkr_kctlref = (uint64_t)(kctl->kctlref);
1902 xkr->xkr_recvbufsize = kctl->recvbufsize;
1903 xkr->xkr_sendbufsize = kctl->sendbufsize;
1904 xkr->xkr_lastunit = kctl->lastunit;
1905 xkr->xkr_pcbcount = pcbcount;
1906 xkr->xkr_connect = (uint64_t)VM_KERNEL_ADDRPERM(kctl->connect);
1907 xkr->xkr_disconnect =
1908 (uint64_t)VM_KERNEL_ADDRPERM(kctl->disconnect);
1909 xkr->xkr_send = (uint64_t)VM_KERNEL_ADDRPERM(kctl->send);
1910 xkr->xkr_send_list =
1911 (uint64_t)VM_KERNEL_ADDRPERM(kctl->send_list);
1912 xkr->xkr_setopt = (uint64_t)VM_KERNEL_ADDRPERM(kctl->setopt);
1913 xkr->xkr_getopt = (uint64_t)VM_KERNEL_ADDRPERM(kctl->getopt);
1914 xkr->xkr_rcvd = (uint64_t)VM_KERNEL_ADDRPERM(kctl->rcvd);
1915 strlcpy(xkr->xkr_name, kctl->name, sizeof(xkr->xkr_name));
1916
1917 error = SYSCTL_OUT(req, buf, item_size);
1918 }
1919
1920 if (error == 0) {
1921 /*
1922 * Give the user an updated idea of our state.
1923 * If the generation differs from what we told
1924 * her before, she knows that something happened
1925 * while we were processing this request, and it
1926 * might be necessary to retry.
1927 */
1928 bzero(&xsg, sizeof (xsg));
1929 xsg.xg_len = sizeof (xsg);
1930 xsg.xg_count = n;
1931 xsg.xg_gen = kctlstat.kcs_gencnt;
1932 xsg.xg_sogen = so_gencnt;
1933 error = SYSCTL_OUT(req, &xsg, sizeof (xsg));
1934 if (error) {
1935 goto done;
1936 }
1937 }
1938
1939 done:
1940 lck_mtx_unlock(ctl_mtx);
1941
1942 if (buf != NULL)
1943 FREE(buf, M_TEMP);
1944
1945 return (error);
1946 }
1947
1948 __private_extern__ int
1949 kctl_pcblist SYSCTL_HANDLER_ARGS
1950 {
1951 #pragma unused(oidp, arg1, arg2)
1952 int error = 0;
1953 int n, i;
1954 struct xsystmgen xsg;
1955 void *buf = NULL;
1956 struct kctl *kctl;
1957 size_t item_size = ROUNDUP64(sizeof (struct xkctlpcb)) +
1958 ROUNDUP64(sizeof (struct xsocket_n)) +
1959 2 * ROUNDUP64(sizeof (struct xsockbuf_n)) +
1960 ROUNDUP64(sizeof (struct xsockstat_n));
1961
1962 buf = _MALLOC(item_size, M_TEMP, M_WAITOK | M_ZERO);
1963 if (buf == NULL)
1964 return (ENOMEM);
1965
1966 lck_mtx_lock(ctl_mtx);
1967
1968 n = kctlstat.kcs_pcbcount;
1969
1970 if (req->oldptr == USER_ADDR_NULL) {
1971 req->oldidx = (n + n/8) * item_size;
1972 goto done;
1973 }
1974 if (req->newptr != USER_ADDR_NULL) {
1975 error = EPERM;
1976 goto done;
1977 }
1978 bzero(&xsg, sizeof (xsg));
1979 xsg.xg_len = sizeof (xsg);
1980 xsg.xg_count = n;
1981 xsg.xg_gen = kctlstat.kcs_gencnt;
1982 xsg.xg_sogen = so_gencnt;
1983 error = SYSCTL_OUT(req, &xsg, sizeof (xsg));
1984 if (error) {
1985 goto done;
1986 }
1987 /*
1988 * We are done if there is no pcb
1989 */
1990 if (n == 0) {
1991 goto done;
1992 }
1993
1994 i = 0;
1995 for (i = 0, kctl = TAILQ_FIRST(&ctl_head);
1996 i < n && kctl != NULL;
1997 kctl = TAILQ_NEXT(kctl, next)) {
1998 struct ctl_cb *kcb;
1999
2000 for (kcb = TAILQ_FIRST(&kctl->kcb_head);
2001 i < n && kcb != NULL;
2002 i++, kcb = TAILQ_NEXT(kcb, next)) {
2003 struct xkctlpcb *xk = (struct xkctlpcb *)buf;
2004 struct xsocket_n *xso = (struct xsocket_n *)
2005 ADVANCE64(xk, sizeof (*xk));
2006 struct xsockbuf_n *xsbrcv = (struct xsockbuf_n *)
2007 ADVANCE64(xso, sizeof (*xso));
2008 struct xsockbuf_n *xsbsnd = (struct xsockbuf_n *)
2009 ADVANCE64(xsbrcv, sizeof (*xsbrcv));
2010 struct xsockstat_n *xsostats = (struct xsockstat_n *)
2011 ADVANCE64(xsbsnd, sizeof (*xsbsnd));
2012
2013 bzero(buf, item_size);
2014
2015 xk->xkp_len = sizeof(struct xkctlpcb);
2016 xk->xkp_kind = XSO_KCB;
2017 xk->xkp_unit = kcb->unit;
2018 xk->xkp_kctpcb = (uint64_t)VM_KERNEL_ADDRPERM(kcb);
2019 xk->xkp_kctlref = (uint64_t)VM_KERNEL_ADDRPERM(kctl);
2020 xk->xkp_kctlid = kctl->id;
2021 strlcpy(xk->xkp_kctlname, kctl->name,
2022 sizeof(xk->xkp_kctlname));
2023
2024 sotoxsocket_n(kcb->so, xso);
2025 sbtoxsockbuf_n(kcb->so ?
2026 &kcb->so->so_rcv : NULL, xsbrcv);
2027 sbtoxsockbuf_n(kcb->so ?
2028 &kcb->so->so_snd : NULL, xsbsnd);
2029 sbtoxsockstat_n(kcb->so, xsostats);
2030
2031 error = SYSCTL_OUT(req, buf, item_size);
2032 }
2033 }
2034
2035 if (error == 0) {
2036 /*
2037 * Give the user an updated idea of our state.
2038 * If the generation differs from what we told
2039 * her before, she knows that something happened
2040 * while we were processing this request, and it
2041 * might be necessary to retry.
2042 */
2043 bzero(&xsg, sizeof (xsg));
2044 xsg.xg_len = sizeof (xsg);
2045 xsg.xg_count = n;
2046 xsg.xg_gen = kctlstat.kcs_gencnt;
2047 xsg.xg_sogen = so_gencnt;
2048 error = SYSCTL_OUT(req, &xsg, sizeof (xsg));
2049 if (error) {
2050 goto done;
2051 }
2052 }
2053
2054 done:
2055 lck_mtx_unlock(ctl_mtx);
2056
2057 return (error);
2058 }
2059
2060 int
2061 kctl_getstat SYSCTL_HANDLER_ARGS
2062 {
2063 #pragma unused(oidp, arg1, arg2)
2064 int error = 0;
2065
2066 lck_mtx_lock(ctl_mtx);
2067
2068 if (req->newptr != USER_ADDR_NULL) {
2069 error = EPERM;
2070 goto done;
2071 }
2072 if (req->oldptr == USER_ADDR_NULL) {
2073 req->oldidx = sizeof(struct kctlstat);
2074 goto done;
2075 }
2076
2077 error = SYSCTL_OUT(req, &kctlstat,
2078 MIN(sizeof(struct kctlstat), req->oldlen));
2079 done:
2080 lck_mtx_unlock(ctl_mtx);
2081 return (error);
2082 }
2083
2084 void
2085 kctl_fill_socketinfo(struct socket *so, struct socket_info *si)
2086 {
2087 struct ctl_cb *kcb = (struct ctl_cb *)so->so_pcb;
2088 struct kern_ctl_info *kcsi =
2089 &si->soi_proto.pri_kern_ctl;
2090 struct kctl *kctl = kcb->kctl;
2091
2092 si->soi_kind = SOCKINFO_KERN_CTL;
2093
2094 if (kctl == 0)
2095 return;
2096
2097 kcsi->kcsi_id = kctl->id;
2098 kcsi->kcsi_reg_unit = kctl->reg_unit;
2099 kcsi->kcsi_flags = kctl->flags;
2100 kcsi->kcsi_recvbufsize = kctl->recvbufsize;
2101 kcsi->kcsi_sendbufsize = kctl->sendbufsize;
2102 kcsi->kcsi_unit = kcb->unit;
2103 strlcpy(kcsi->kcsi_name, kctl->name, MAX_KCTL_NAME);
2104 }
mirror of XNU