]> git.saurik.com Git - apple/xnu.git/blob - bsd/kern/uipc_syscalls.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3247.1.106.tar.gz
[apple/xnu.git] / bsd / kern / uipc_syscalls.c
1 /*
2 * Copyright (c) 2000-2015 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1989, 1990, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * sendfile(2) and related extensions:
33 * Copyright (c) 1998, David Greenman. All rights reserved.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 * 1. Redistributions of source code must retain the above copyright
39 * notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 * notice, this list of conditions and the following disclaimer in the
42 * documentation and/or other materials provided with the distribution.
43 * 3. All advertising materials mentioning features or use of this software
44 * must display the following acknowledgement:
45 * This product includes software developed by the University of
46 * California, Berkeley and its contributors.
47 * 4. Neither the name of the University nor the names of its contributors
48 * may be used to endorse or promote products derived from this software
49 * without specific prior written permission.
50 *
51 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 * SUCH DAMAGE.
62 *
63 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94
64 */
65 /*
66 * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
67 * support for mandatory and extensible security protections. This notice
68 * is included in support of clause 2.2 (b) of the Apple Public License,
69 * Version 2.0.
70 */
71
72 #include <sys/param.h>
73 #include <sys/systm.h>
74 #include <sys/filedesc.h>
75 #include <sys/proc_internal.h>
76 #include <sys/file_internal.h>
77 #include <sys/vnode_internal.h>
78 #include <sys/malloc.h>
79 #include <sys/mcache.h>
80 #include <sys/mbuf.h>
81 #include <kern/locks.h>
82 #include <sys/domain.h>
83 #include <sys/protosw.h>
84 #include <sys/signalvar.h>
85 #include <sys/socket.h>
86 #include <sys/socketvar.h>
87 #include <sys/kernel.h>
88 #include <sys/uio_internal.h>
89 #include <sys/kauth.h>
90 #include <kern/task.h>
91 #include <sys/priv.h>
92 #include <sys/sysctl.h>
93
94 #include <security/audit/audit.h>
95
96 #include <sys/kdebug.h>
97 #include <sys/sysproto.h>
98 #include <netinet/in.h>
99 #include <net/route.h>
100 #include <netinet/in_pcb.h>
101
102 #if CONFIG_MACF_SOCKET_SUBSET
103 #include <security/mac_framework.h>
104 #endif /* MAC_SOCKET_SUBSET */
105
106 #define f_flag f_fglob->fg_flag
107 #define f_type f_fglob->fg_ops->fo_type
108 #define f_msgcount f_fglob->fg_msgcount
109 #define f_cred f_fglob->fg_cred
110 #define f_ops f_fglob->fg_ops
111 #define f_offset f_fglob->fg_offset
112 #define f_data f_fglob->fg_data
113
114 #define DBG_LAYER_IN_BEG NETDBG_CODE(DBG_NETSOCK, 0)
115 #define DBG_LAYER_IN_END NETDBG_CODE(DBG_NETSOCK, 2)
116 #define DBG_LAYER_OUT_BEG NETDBG_CODE(DBG_NETSOCK, 1)
117 #define DBG_LAYER_OUT_END NETDBG_CODE(DBG_NETSOCK, 3)
118 #define DBG_FNC_SENDMSG NETDBG_CODE(DBG_NETSOCK, (1 << 8) | 1)
119 #define DBG_FNC_SENDTO NETDBG_CODE(DBG_NETSOCK, (2 << 8) | 1)
120 #define DBG_FNC_SENDIT NETDBG_CODE(DBG_NETSOCK, (3 << 8) | 1)
121 #define DBG_FNC_RECVFROM NETDBG_CODE(DBG_NETSOCK, (5 << 8))
122 #define DBG_FNC_RECVMSG NETDBG_CODE(DBG_NETSOCK, (6 << 8))
123 #define DBG_FNC_RECVIT NETDBG_CODE(DBG_NETSOCK, (7 << 8))
124 #define DBG_FNC_SENDFILE NETDBG_CODE(DBG_NETSOCK, (10 << 8))
125 #define DBG_FNC_SENDFILE_WAIT NETDBG_CODE(DBG_NETSOCK, ((10 << 8) | 1))
126 #define DBG_FNC_SENDFILE_READ NETDBG_CODE(DBG_NETSOCK, ((10 << 8) | 2))
127 #define DBG_FNC_SENDFILE_SEND NETDBG_CODE(DBG_NETSOCK, ((10 << 8) | 3))
128 #define DBG_FNC_SENDMSG_X NETDBG_CODE(DBG_NETSOCK, (11 << 8))
129 #define DBG_FNC_RECVMSG_X NETDBG_CODE(DBG_NETSOCK, (12 << 8))
130
131 #if DEBUG || DEVELOPMENT
132 #define DEBUG_KERNEL_ADDRPERM(_v) (_v)
133 #define DBG_PRINTF(...) printf(__VA_ARGS__)
134 #else
135 #define DEBUG_KERNEL_ADDRPERM(_v) VM_KERNEL_ADDRPERM(_v)
136 #define DBG_PRINTF(...) do { } while (0)
137 #endif
138
139 /* TODO: should be in header file */
140 int falloc_locked(proc_t, struct fileproc **, int *, vfs_context_t, int);
141
142 static int sendit(struct proc *, struct socket *, struct user_msghdr *, uio_t,
143 int, int32_t *);
144 static int recvit(struct proc *, int, struct user_msghdr *, uio_t, user_addr_t,
145 int32_t *);
146 static int connectit(struct socket *, struct sockaddr *);
147 static int getsockaddr(struct socket *, struct sockaddr **, user_addr_t,
148 size_t, boolean_t);
149 static int getsockaddr_s(struct socket *, struct sockaddr_storage *,
150 user_addr_t, size_t, boolean_t);
151 static int getsockaddrlist(struct socket *, struct sockaddr_list **,
152 user_addr_t, socklen_t, boolean_t);
153 #if SENDFILE
154 static void alloc_sendpkt(int, size_t, unsigned int *, struct mbuf **,
155 boolean_t);
156 #endif /* SENDFILE */
157 static int connectx_nocancel(struct proc *, struct connectx_args *, int *);
158 static int connectitx(struct socket *, struct sockaddr_list **,
159 struct sockaddr_list **, struct proc *, uint32_t, sae_associd_t,
160 sae_connid_t *, uio_t, unsigned int, user_ssize_t *);
161 static int peeloff_nocancel(struct proc *, struct peeloff_args *, int *);
162 static int disconnectx_nocancel(struct proc *, struct disconnectx_args *,
163 int *);
164 static int socket_common(struct proc *, int, int, int, pid_t, int32_t *, int);
165
166 static int internalize_user_msghdr_array(const void *, int, int, u_int,
167 struct user_msghdr_x *, struct uio **);
168 static u_int externalize_user_msghdr_array(void *, int, int, u_int,
169 const struct user_msghdr_x *, struct uio **);
170
171 static void free_uio_array(struct uio **, u_int);
172 static int uio_array_is_valid(struct uio **, u_int);
173 static int recv_msg_array_is_valid(struct recv_msg_elem *, u_int);
174 static int internalize_recv_msghdr_array(const void *, int, int,
175 u_int, struct user_msghdr_x *, struct recv_msg_elem *);
176 static u_int externalize_recv_msghdr_array(void *, int, int, u_int,
177 const struct user_msghdr_x *, struct recv_msg_elem *);
178 static struct recv_msg_elem *alloc_recv_msg_array(u_int count);
179 static void free_recv_msg_array(struct recv_msg_elem *, u_int);
180
181 SYSCTL_DECL(_kern_ipc);
182
183 static u_int somaxsendmsgx = 100;
184 SYSCTL_UINT(_kern_ipc, OID_AUTO, maxsendmsgx,
185 CTLFLAG_RW | CTLFLAG_LOCKED, &somaxsendmsgx, 0, "");
186 static u_int somaxrecvmsgx = 100;
187 SYSCTL_UINT(_kern_ipc, OID_AUTO, maxrecvmsgx,
188 CTLFLAG_RW | CTLFLAG_LOCKED, &somaxrecvmsgx, 0, "");
189
190 /*
191 * System call interface to the socket abstraction.
192 */
193
194 extern const struct fileops socketops;
195
196 /*
197 * Returns: 0 Success
198 * EACCES Mandatory Access Control failure
199 * falloc:ENFILE
200 * falloc:EMFILE
201 * falloc:ENOMEM
202 * socreate:EAFNOSUPPORT
203 * socreate:EPROTOTYPE
204 * socreate:EPROTONOSUPPORT
205 * socreate:ENOBUFS
206 * socreate:ENOMEM
207 * socreate:??? [other protocol families, IPSEC]
208 */
209 int
210 socket(struct proc *p,
211 struct socket_args *uap,
212 int32_t *retval)
213 {
214 return (socket_common(p, uap->domain, uap->type, uap->protocol,
215 proc_selfpid(), retval, 0));
216 }
217
218 int
219 socket_delegate(struct proc *p,
220 struct socket_delegate_args *uap,
221 int32_t *retval)
222 {
223 return socket_common(p, uap->domain, uap->type, uap->protocol,
224 uap->epid, retval, 1);
225 }
226
227 static int
228 socket_common(struct proc *p,
229 int domain,
230 int type,
231 int protocol,
232 pid_t epid,
233 int32_t *retval,
234 int delegate)
235 {
236 struct socket *so;
237 struct fileproc *fp;
238 int fd, error;
239
240 AUDIT_ARG(socket, domain, type, protocol);
241 #if CONFIG_MACF_SOCKET_SUBSET
242 if ((error = mac_socket_check_create(kauth_cred_get(), domain,
243 type, protocol)) != 0)
244 return (error);
245 #endif /* MAC_SOCKET_SUBSET */
246
247 if (delegate) {
248 error = priv_check_cred(kauth_cred_get(),
249 PRIV_NET_PRIVILEGED_SOCKET_DELEGATE, 0);
250 if (error)
251 return (EACCES);
252 }
253
254 error = falloc(p, &fp, &fd, vfs_context_current());
255 if (error) {
256 return (error);
257 }
258 fp->f_flag = FREAD|FWRITE;
259 fp->f_ops = &socketops;
260
261 if (delegate)
262 error = socreate_delegate(domain, &so, type, protocol, epid);
263 else
264 error = socreate(domain, &so, type, protocol);
265
266 if (error) {
267 fp_free(p, fd, fp);
268 } else {
269 fp->f_data = (caddr_t)so;
270
271 proc_fdlock(p);
272 procfdtbl_releasefd(p, fd, NULL);
273
274 fp_drop(p, fd, fp, 1);
275 proc_fdunlock(p);
276
277 *retval = fd;
278 if (ENTR_SHOULDTRACE) {
279 KERNEL_ENERGYTRACE(kEnTrActKernSocket, DBG_FUNC_START,
280 fd, 0, (int64_t)VM_KERNEL_ADDRPERM(so));
281 }
282 }
283 return (error);
284 }
285
286 /*
287 * Returns: 0 Success
288 * EDESTADDRREQ Destination address required
289 * EBADF Bad file descriptor
290 * EACCES Mandatory Access Control failure
291 * file_socket:ENOTSOCK
292 * file_socket:EBADF
293 * getsockaddr:ENAMETOOLONG Filename too long
294 * getsockaddr:EINVAL Invalid argument
295 * getsockaddr:ENOMEM Not enough space
296 * getsockaddr:EFAULT Bad address
297 * sobindlock:???
298 */
299 /* ARGSUSED */
300 int
301 bind(__unused proc_t p, struct bind_args *uap, __unused int32_t *retval)
302 {
303 struct sockaddr_storage ss;
304 struct sockaddr *sa = NULL;
305 struct socket *so;
306 boolean_t want_free = TRUE;
307 int error;
308
309 AUDIT_ARG(fd, uap->s);
310 error = file_socket(uap->s, &so);
311 if (error != 0)
312 return (error);
313 if (so == NULL) {
314 error = EBADF;
315 goto out;
316 }
317 if (uap->name == USER_ADDR_NULL) {
318 error = EDESTADDRREQ;
319 goto out;
320 }
321 if (uap->namelen > sizeof (ss)) {
322 error = getsockaddr(so, &sa, uap->name, uap->namelen, TRUE);
323 } else {
324 error = getsockaddr_s(so, &ss, uap->name, uap->namelen, TRUE);
325 if (error == 0) {
326 sa = (struct sockaddr *)&ss;
327 want_free = FALSE;
328 }
329 }
330 if (error != 0)
331 goto out;
332 AUDIT_ARG(sockaddr, vfs_context_cwd(vfs_context_current()), sa);
333 #if CONFIG_MACF_SOCKET_SUBSET
334 if ((error = mac_socket_check_bind(kauth_cred_get(), so, sa)) == 0)
335 error = sobindlock(so, sa, 1); /* will lock socket */
336 #else
337 error = sobindlock(so, sa, 1); /* will lock socket */
338 #endif /* MAC_SOCKET_SUBSET */
339 if (want_free)
340 FREE(sa, M_SONAME);
341 out:
342 file_drop(uap->s);
343 return (error);
344 }
345
346 /*
347 * Returns: 0 Success
348 * EBADF
349 * EACCES Mandatory Access Control failure
350 * file_socket:ENOTSOCK
351 * file_socket:EBADF
352 * solisten:EINVAL
353 * solisten:EOPNOTSUPP
354 * solisten:???
355 */
356 int
357 listen(__unused struct proc *p, struct listen_args *uap,
358 __unused int32_t *retval)
359 {
360 int error;
361 struct socket *so;
362
363 AUDIT_ARG(fd, uap->s);
364 error = file_socket(uap->s, &so);
365 if (error)
366 return (error);
367 if (so != NULL)
368 #if CONFIG_MACF_SOCKET_SUBSET
369 {
370 error = mac_socket_check_listen(kauth_cred_get(), so);
371 if (error == 0)
372 error = solisten(so, uap->backlog);
373 }
374 #else
375 error = solisten(so, uap->backlog);
376 #endif /* MAC_SOCKET_SUBSET */
377 else
378 error = EBADF;
379
380 file_drop(uap->s);
381 return (error);
382 }
383
384 /*
385 * Returns: fp_getfsock:EBADF Bad file descriptor
386 * fp_getfsock:EOPNOTSUPP ...
387 * xlate => :ENOTSOCK Socket operation on non-socket
388 * :EFAULT Bad address on copyin/copyout
389 * :EBADF Bad file descriptor
390 * :EOPNOTSUPP Operation not supported on socket
391 * :EINVAL Invalid argument
392 * :EWOULDBLOCK Operation would block
393 * :ECONNABORTED Connection aborted
394 * :EINTR Interrupted function
395 * :EACCES Mandatory Access Control failure
396 * falloc_locked:ENFILE Too many files open in system
397 * falloc_locked::EMFILE Too many open files
398 * falloc_locked::ENOMEM Not enough space
399 * 0 Success
400 */
401 int
402 accept_nocancel(struct proc *p, struct accept_nocancel_args *uap,
403 int32_t *retval)
404 {
405 struct fileproc *fp;
406 struct sockaddr *sa = NULL;
407 socklen_t namelen;
408 int error;
409 struct socket *head, *so = NULL;
410 lck_mtx_t *mutex_held;
411 int fd = uap->s;
412 int newfd;
413 short fflag; /* type must match fp->f_flag */
414 int dosocklock = 0;
415
416 *retval = -1;
417
418 AUDIT_ARG(fd, uap->s);
419
420 if (uap->name) {
421 error = copyin(uap->anamelen, (caddr_t)&namelen,
422 sizeof (socklen_t));
423 if (error)
424 return (error);
425 }
426 error = fp_getfsock(p, fd, &fp, &head);
427 if (error) {
428 if (error == EOPNOTSUPP)
429 error = ENOTSOCK;
430 return (error);
431 }
432 if (head == NULL) {
433 error = EBADF;
434 goto out;
435 }
436 #if CONFIG_MACF_SOCKET_SUBSET
437 if ((error = mac_socket_check_accept(kauth_cred_get(), head)) != 0)
438 goto out;
439 #endif /* MAC_SOCKET_SUBSET */
440
441 socket_lock(head, 1);
442
443 if (head->so_proto->pr_getlock != NULL) {
444 mutex_held = (*head->so_proto->pr_getlock)(head, 0);
445 dosocklock = 1;
446 } else {
447 mutex_held = head->so_proto->pr_domain->dom_mtx;
448 dosocklock = 0;
449 }
450
451 if ((head->so_options & SO_ACCEPTCONN) == 0) {
452 if ((head->so_proto->pr_flags & PR_CONNREQUIRED) == 0) {
453 error = EOPNOTSUPP;
454 } else {
455 /* POSIX: The socket is not accepting connections */
456 error = EINVAL;
457 }
458 socket_unlock(head, 1);
459 goto out;
460 }
461 if ((head->so_state & SS_NBIO) && head->so_comp.tqh_first == NULL) {
462 socket_unlock(head, 1);
463 error = EWOULDBLOCK;
464 goto out;
465 }
466 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) {
467 if (head->so_state & SS_CANTRCVMORE) {
468 head->so_error = ECONNABORTED;
469 break;
470 }
471 if (head->so_usecount < 1)
472 panic("accept: head=%p refcount=%d\n", head,
473 head->so_usecount);
474 error = msleep((caddr_t)&head->so_timeo, mutex_held,
475 PSOCK | PCATCH, "accept", 0);
476 if (head->so_usecount < 1)
477 panic("accept: 2 head=%p refcount=%d\n", head,
478 head->so_usecount);
479 if ((head->so_state & SS_DRAINING)) {
480 error = ECONNABORTED;
481 }
482 if (error) {
483 socket_unlock(head, 1);
484 goto out;
485 }
486 }
487 if (head->so_error) {
488 error = head->so_error;
489 head->so_error = 0;
490 socket_unlock(head, 1);
491 goto out;
492 }
493
494
495 /*
496 * At this point we know that there is at least one connection
497 * ready to be accepted. Remove it from the queue prior to
498 * allocating the file descriptor for it since falloc() may
499 * block allowing another process to accept the connection
500 * instead.
501 */
502 lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
503 so = TAILQ_FIRST(&head->so_comp);
504 TAILQ_REMOVE(&head->so_comp, so, so_list);
505 head->so_qlen--;
506 /* unlock head to avoid deadlock with select, keep a ref on head */
507 socket_unlock(head, 0);
508
509 #if CONFIG_MACF_SOCKET_SUBSET
510 /*
511 * Pass the pre-accepted socket to the MAC framework. This is
512 * cheaper than allocating a file descriptor for the socket,
513 * calling the protocol accept callback, and possibly freeing
514 * the file descriptor should the MAC check fails.
515 */
516 if ((error = mac_socket_check_accepted(kauth_cred_get(), so)) != 0) {
517 socket_lock(so, 1);
518 so->so_state &= ~(SS_NOFDREF | SS_COMP);
519 so->so_head = NULL;
520 socket_unlock(so, 1);
521 soclose(so);
522 /* Drop reference on listening socket */
523 sodereference(head);
524 goto out;
525 }
526 #endif /* MAC_SOCKET_SUBSET */
527
528 /*
529 * Pass the pre-accepted socket to any interested socket filter(s).
530 * Upon failure, the socket would have been closed by the callee.
531 */
532 if (so->so_filt != NULL && (error = soacceptfilter(so)) != 0) {
533 /* Drop reference on listening socket */
534 sodereference(head);
535 /* Propagate socket filter's error code to the caller */
536 goto out;
537 }
538
539 fflag = fp->f_flag;
540 error = falloc(p, &fp, &newfd, vfs_context_current());
541 if (error) {
542 /*
543 * Probably ran out of file descriptors.
544 *
545 * <rdar://problem/8554930>
546 * Don't put this back on the socket like we used to, that
547 * just causes the client to spin. Drop the socket.
548 */
549 socket_lock(so, 1);
550 so->so_state &= ~(SS_NOFDREF | SS_COMP);
551 so->so_head = NULL;
552 socket_unlock(so, 1);
553 soclose(so);
554 sodereference(head);
555 goto out;
556 }
557 *retval = newfd;
558 fp->f_flag = fflag;
559 fp->f_ops = &socketops;
560 fp->f_data = (caddr_t)so;
561
562 socket_lock(head, 0);
563 if (dosocklock)
564 socket_lock(so, 1);
565
566 so->so_state &= ~SS_COMP;
567 so->so_head = NULL;
568
569 /* Sync socket non-blocking/async state with file flags */
570 if (fp->f_flag & FNONBLOCK) {
571 so->so_state |= SS_NBIO;
572 } else {
573 so->so_state &= ~SS_NBIO;
574 }
575
576 if (fp->f_flag & FASYNC) {
577 so->so_state |= SS_ASYNC;
578 so->so_rcv.sb_flags |= SB_ASYNC;
579 so->so_snd.sb_flags |= SB_ASYNC;
580 } else {
581 so->so_state &= ~SS_ASYNC;
582 so->so_rcv.sb_flags &= ~SB_ASYNC;
583 so->so_snd.sb_flags &= ~SB_ASYNC;
584 }
585
586 (void) soacceptlock(so, &sa, 0);
587 socket_unlock(head, 1);
588 if (sa == NULL) {
589 namelen = 0;
590 if (uap->name)
591 goto gotnoname;
592 error = 0;
593 goto releasefd;
594 }
595 AUDIT_ARG(sockaddr, vfs_context_cwd(vfs_context_current()), sa);
596
597 if (uap->name) {
598 socklen_t sa_len;
599
600 /* save sa_len before it is destroyed */
601 sa_len = sa->sa_len;
602 namelen = MIN(namelen, sa_len);
603 error = copyout(sa, uap->name, namelen);
604 if (!error)
605 /* return the actual, untruncated address length */
606 namelen = sa_len;
607 gotnoname:
608 error = copyout((caddr_t)&namelen, uap->anamelen,
609 sizeof (socklen_t));
610 }
611 FREE(sa, M_SONAME);
612
613 releasefd:
614 /*
615 * If the socket has been marked as inactive by sosetdefunct(),
616 * disallow further operations on it.
617 */
618 if (so->so_flags & SOF_DEFUNCT) {
619 sodefunct(current_proc(), so,
620 SHUTDOWN_SOCKET_LEVEL_DISCONNECT_INTERNAL);
621 }
622
623 if (dosocklock)
624 socket_unlock(so, 1);
625
626 proc_fdlock(p);
627 procfdtbl_releasefd(p, newfd, NULL);
628 fp_drop(p, newfd, fp, 1);
629 proc_fdunlock(p);
630
631 out:
632 file_drop(fd);
633
634 if (error == 0 && ENTR_SHOULDTRACE) {
635 KERNEL_ENERGYTRACE(kEnTrActKernSocket, DBG_FUNC_START,
636 newfd, 0, (int64_t)VM_KERNEL_ADDRPERM(so));
637 }
638 return (error);
639 }
640
641 int
642 accept(struct proc *p, struct accept_args *uap, int32_t *retval)
643 {
644 __pthread_testcancel(1);
645 return (accept_nocancel(p, (struct accept_nocancel_args *)uap,
646 retval));
647 }
648
649 /*
650 * Returns: 0 Success
651 * EBADF Bad file descriptor
652 * EALREADY Connection already in progress
653 * EINPROGRESS Operation in progress
654 * ECONNABORTED Connection aborted
655 * EINTR Interrupted function
656 * EACCES Mandatory Access Control failure
657 * file_socket:ENOTSOCK
658 * file_socket:EBADF
659 * getsockaddr:ENAMETOOLONG Filename too long
660 * getsockaddr:EINVAL Invalid argument
661 * getsockaddr:ENOMEM Not enough space
662 * getsockaddr:EFAULT Bad address
663 * soconnectlock:EOPNOTSUPP
664 * soconnectlock:EISCONN
665 * soconnectlock:??? [depends on protocol, filters]
666 * msleep:EINTR
667 *
668 * Imputed: so_error error may be set from so_error, which
669 * may have been set by soconnectlock.
670 */
671 /* ARGSUSED */
672 int
673 connect(struct proc *p, struct connect_args *uap, int32_t *retval)
674 {
675 __pthread_testcancel(1);
676 return (connect_nocancel(p, (struct connect_nocancel_args *)uap,
677 retval));
678 }
679
680 int
681 connect_nocancel(proc_t p, struct connect_nocancel_args *uap, int32_t *retval)
682 {
683 #pragma unused(p, retval)
684 struct socket *so;
685 struct sockaddr_storage ss;
686 struct sockaddr *sa = NULL;
687 int error;
688 int fd = uap->s;
689 boolean_t dgram;
690
691 AUDIT_ARG(fd, uap->s);
692 error = file_socket(fd, &so);
693 if (error != 0)
694 return (error);
695 if (so == NULL) {
696 error = EBADF;
697 goto out;
698 }
699
700 /*
701 * Ask getsockaddr{_s} to not translate AF_UNSPEC to AF_INET
702 * if this is a datagram socket; translate for other types.
703 */
704 dgram = (so->so_type == SOCK_DGRAM);
705
706 /* Get socket address now before we obtain socket lock */
707 if (uap->namelen > sizeof (ss)) {
708 error = getsockaddr(so, &sa, uap->name, uap->namelen, !dgram);
709 } else {
710 error = getsockaddr_s(so, &ss, uap->name, uap->namelen, !dgram);
711 if (error == 0)
712 sa = (struct sockaddr *)&ss;
713 }
714 if (error != 0)
715 goto out;
716
717 error = connectit(so, sa);
718
719 if (sa != NULL && sa != SA(&ss))
720 FREE(sa, M_SONAME);
721 if (error == ERESTART)
722 error = EINTR;
723 out:
724 file_drop(fd);
725 return (error);
726 }
727
728 static int
729 connectx_nocancel(struct proc *p, struct connectx_args *uap, int *retval)
730 {
731 #pragma unused(p, retval)
732 struct sockaddr_list *src_sl = NULL, *dst_sl = NULL;
733 struct socket *so;
734 int error, error1, fd = uap->socket;
735 boolean_t dgram;
736 sae_connid_t cid = SAE_CONNID_ANY;
737 struct user32_sa_endpoints ep32;
738 struct user64_sa_endpoints ep64;
739 struct user_sa_endpoints ep;
740 user_ssize_t bytes_written = 0;
741 struct user_iovec *iovp;
742 uio_t auio = NULL;
743
744 AUDIT_ARG(fd, uap->socket);
745 error = file_socket(fd, &so);
746 if (error != 0)
747 return (error);
748 if (so == NULL) {
749 error = EBADF;
750 goto out;
751 }
752
753 if (uap->endpoints == USER_ADDR_NULL) {
754 error = EINVAL;
755 goto out;
756 }
757
758 if (IS_64BIT_PROCESS(p)) {
759 error = copyin(uap->endpoints, (caddr_t)&ep64, sizeof(ep64));
760 if (error != 0)
761 goto out;
762
763 ep.sae_srcif = ep64.sae_srcif;
764 ep.sae_srcaddr = ep64.sae_srcaddr;
765 ep.sae_srcaddrlen = ep64.sae_srcaddrlen;
766 ep.sae_dstaddr = ep64.sae_dstaddr;
767 ep.sae_dstaddrlen = ep64.sae_dstaddrlen;
768 } else {
769 error = copyin(uap->endpoints, (caddr_t)&ep32, sizeof(ep32));
770 if (error != 0)
771 goto out;
772
773 ep.sae_srcif = ep32.sae_srcif;
774 ep.sae_srcaddr = ep32.sae_srcaddr;
775 ep.sae_srcaddrlen = ep32.sae_srcaddrlen;
776 ep.sae_dstaddr = ep32.sae_dstaddr;
777 ep.sae_dstaddrlen = ep32.sae_dstaddrlen;
778 }
779
780 /*
781 * Ask getsockaddr{_s} to not translate AF_UNSPEC to AF_INET
782 * if this is a datagram socket; translate for other types.
783 */
784 dgram = (so->so_type == SOCK_DGRAM);
785
786 /*
787 * Get socket address(es) now before we obtain socket lock; use
788 * sockaddr_list for src address for convenience, if present,
789 * even though it won't hold more than one.
790 */
791 if (ep.sae_srcaddr != USER_ADDR_NULL && (error = getsockaddrlist(so,
792 &src_sl, (user_addr_t)(caddr_t)ep.sae_srcaddr, ep.sae_srcaddrlen,
793 dgram)) != 0)
794 goto out;
795
796 if (ep.sae_dstaddr == USER_ADDR_NULL) {
797 error = EINVAL;
798 goto out;
799 }
800
801 error = getsockaddrlist(so, &dst_sl, (user_addr_t)(caddr_t)ep.sae_dstaddr,
802 ep.sae_dstaddrlen, dgram);
803 if (error != 0)
804 goto out;
805
806 VERIFY(dst_sl != NULL &&
807 !TAILQ_EMPTY(&dst_sl->sl_head) && dst_sl->sl_cnt > 0);
808
809 if (uap->iov != USER_ADDR_NULL) {
810 /* Verify range before calling uio_create() */
811 if (uap->iovcnt <= 0 || uap->iovcnt > UIO_MAXIOV)
812 return (EINVAL);
813
814 if (uap->len == USER_ADDR_NULL)
815 return (EINVAL);
816
817 /* allocate a uio to hold the number of iovecs passed */
818 auio = uio_create(uap->iovcnt, 0,
819 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
820 UIO_WRITE);
821
822 if (auio == NULL) {
823 error = ENOMEM;
824 goto out;
825 }
826
827 /*
828 * get location of iovecs within the uio.
829 * then copyin the iovecs from user space.
830 */
831 iovp = uio_iovsaddr(auio);
832 if (iovp == NULL) {
833 error = ENOMEM;
834 goto out;
835 }
836 error = copyin_user_iovec_array(uap->iov,
837 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
838 uap->iovcnt, iovp);
839 if (error != 0)
840 goto out;
841
842 /* finish setup of uio_t */
843 error = uio_calculateresid(auio);
844 if (error != 0) {
845 goto out;
846 }
847 }
848
849 error = connectitx(so, &src_sl, &dst_sl, p, ep.sae_srcif, uap->associd,
850 &cid, auio, uap->flags, &bytes_written);
851 if (error == ERESTART)
852 error = EINTR;
853
854 if (uap->len != USER_ADDR_NULL) {
855 error1 = copyout(&bytes_written, uap->len, sizeof (uap->len));
856 /* give precedence to connectitx errors */
857 if ((error1 != 0) && (error == 0))
858 error = error1;
859 }
860
861 if (uap->connid != USER_ADDR_NULL) {
862 error1 = copyout(&cid, uap->connid, sizeof (cid));
863 /* give precedence to connectitx errors */
864 if ((error1 != 0) && (error == 0))
865 error = error1;
866 }
867 out:
868 file_drop(fd);
869 if (auio != NULL) {
870 uio_free(auio);
871 }
872 if (src_sl != NULL)
873 sockaddrlist_free(src_sl);
874 if (dst_sl != NULL)
875 sockaddrlist_free(dst_sl);
876 return (error);
877 }
878
879 int
880 connectx(struct proc *p, struct connectx_args *uap, int *retval)
881 {
882 /*
883 * Due to similiarity with a POSIX interface, define as
884 * an unofficial cancellation point.
885 */
886 __pthread_testcancel(1);
887 return (connectx_nocancel(p, uap, retval));
888 }
889
890 static int
891 connectit(struct socket *so, struct sockaddr *sa)
892 {
893 int error;
894
895 AUDIT_ARG(sockaddr, vfs_context_cwd(vfs_context_current()), sa);
896 #if CONFIG_MACF_SOCKET_SUBSET
897 if ((error = mac_socket_check_connect(kauth_cred_get(), so, sa)) != 0)
898 return (error);
899 #endif /* MAC_SOCKET_SUBSET */
900
901 socket_lock(so, 1);
902 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
903 error = EALREADY;
904 goto out;
905 }
906 error = soconnectlock(so, sa, 0);
907 if (error != 0) {
908 so->so_state &= ~SS_ISCONNECTING;
909 goto out;
910 }
911 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
912 error = EINPROGRESS;
913 goto out;
914 }
915 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
916 lck_mtx_t *mutex_held;
917
918 if (so->so_proto->pr_getlock != NULL)
919 mutex_held = (*so->so_proto->pr_getlock)(so, 0);
920 else
921 mutex_held = so->so_proto->pr_domain->dom_mtx;
922 error = msleep((caddr_t)&so->so_timeo, mutex_held,
923 PSOCK | PCATCH, __func__, 0);
924 if (so->so_state & SS_DRAINING) {
925 error = ECONNABORTED;
926 }
927 if (error != 0)
928 break;
929 }
930 if (error == 0) {
931 error = so->so_error;
932 so->so_error = 0;
933 }
934 out:
935 socket_unlock(so, 1);
936 return (error);
937 }
938
939 static int
940 connectitx(struct socket *so, struct sockaddr_list **src_sl,
941 struct sockaddr_list **dst_sl, struct proc *p, uint32_t ifscope,
942 sae_associd_t aid, sae_connid_t *pcid, uio_t auio, unsigned int flags,
943 user_ssize_t *bytes_written)
944 {
945 struct sockaddr_entry *se;
946 int error;
947 #pragma unused (flags)
948
949 VERIFY(dst_sl != NULL && *dst_sl != NULL);
950
951 TAILQ_FOREACH(se, &(*dst_sl)->sl_head, se_link) {
952 VERIFY(se->se_addr != NULL);
953 AUDIT_ARG(sockaddr, vfs_context_cwd(vfs_context_current()),
954 se->se_addr);
955 #if CONFIG_MACF_SOCKET_SUBSET
956 if ((error = mac_socket_check_connect(kauth_cred_get(),
957 so, se->se_addr)) != 0)
958 return (error);
959 #endif /* MAC_SOCKET_SUBSET */
960 }
961
962 socket_lock(so, 1);
963 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
964 error = EALREADY;
965 goto out;
966 }
967
968 if ((so->so_proto->pr_flags & PR_DATA_IDEMPOTENT) &&
969 (flags & CONNECT_DATA_IDEMPOTENT))
970 so->so_flags1 |= SOF1_DATA_IDEMPOTENT;
971
972 /*
973 * Case 1: CONNECT_RESUME_ON_READ_WRITE set, no data.
974 * Case 2: CONNECT_RESUME_ON_READ_WRITE set, with data (user error)
975 * Case 3: CONNECT_RESUME_ON_READ_WRITE not set, with data
976 * Case 3 allows user to combine write with connect even if they have
977 * no use for TFO (such as regular TCP, and UDP).
978 * Case 4: CONNECT_RESUME_ON_READ_WRITE not set, no data (regular case)
979 */
980 if ((so->so_proto->pr_flags & PR_PRECONN_WRITE) &&
981 ((flags & CONNECT_RESUME_ON_READ_WRITE) || auio))
982 so->so_flags1 |= SOF1_PRECONNECT_DATA;
983
984 /*
985 * If a user sets data idempotent and does not pass an uio, or
986 * sets CONNECT_RESUME_ON_READ_WRITE, this is an error, reset
987 * SOF1_DATA_IDEMPOTENT.
988 */
989 if (!(so->so_flags1 & SOF1_PRECONNECT_DATA) &&
990 (so->so_flags1 & SOF1_DATA_IDEMPOTENT)) {
991 /* We should return EINVAL instead perhaps. */
992 so->so_flags1 &= ~SOF1_DATA_IDEMPOTENT;
993 }
994
995 error = soconnectxlocked(so, src_sl, dst_sl, p, ifscope,
996 aid, pcid, 0, NULL, 0, auio, bytes_written);
997 if (error != 0) {
998 so->so_state &= ~SS_ISCONNECTING;
999 goto out;
1000 }
1001 /*
1002 * If, after the call to soconnectxlocked the flag is still set (in case
1003 * data has been queued and the connect() has actually been triggered,
1004 * it will have been unset by the transport), we exit immediately. There
1005 * is no reason to wait on any event.
1006 */
1007 if (so->so_flags1 & SOF1_PRECONNECT_DATA) {
1008 error = 0;
1009 goto out;
1010 }
1011 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
1012 error = EINPROGRESS;
1013 goto out;
1014 }
1015 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
1016 lck_mtx_t *mutex_held;
1017
1018 if (so->so_proto->pr_getlock != NULL)
1019 mutex_held = (*so->so_proto->pr_getlock)(so, 0);
1020 else
1021 mutex_held = so->so_proto->pr_domain->dom_mtx;
1022 error = msleep((caddr_t)&so->so_timeo, mutex_held,
1023 PSOCK | PCATCH, __func__, 0);
1024 if (so->so_state & SS_DRAINING) {
1025 error = ECONNABORTED;
1026 }
1027 if (error != 0)
1028 break;
1029 }
1030 if (error == 0) {
1031 error = so->so_error;
1032 so->so_error = 0;
1033 }
1034 out:
1035 socket_unlock(so, 1);
1036 return (error);
1037 }
1038
1039 int
1040 peeloff(struct proc *p, struct peeloff_args *uap, int *retval)
1041 {
1042 /*
1043 * Due to similiarity with a POSIX interface, define as
1044 * an unofficial cancellation point.
1045 */
1046 __pthread_testcancel(1);
1047 return (peeloff_nocancel(p, uap, retval));
1048 }
1049
1050 static int
1051 peeloff_nocancel(struct proc *p, struct peeloff_args *uap, int *retval)
1052 {
1053 struct fileproc *fp;
1054 struct socket *mp_so, *so = NULL;
1055 int newfd, fd = uap->s;
1056 short fflag; /* type must match fp->f_flag */
1057 int error;
1058
1059 *retval = -1;
1060
1061 error = fp_getfsock(p, fd, &fp, &mp_so);
1062 if (error != 0) {
1063 if (error == EOPNOTSUPP)
1064 error = ENOTSOCK;
1065 goto out_nofile;
1066 }
1067 if (mp_so == NULL) {
1068 error = EBADF;
1069 goto out;
1070 }
1071
1072 socket_lock(mp_so, 1);
1073 error = sopeelofflocked(mp_so, uap->aid, &so);
1074 if (error != 0) {
1075 socket_unlock(mp_so, 1);
1076 goto out;
1077 }
1078 VERIFY(so != NULL);
1079 socket_unlock(mp_so, 0); /* keep ref on mp_so for us */
1080
1081 fflag = fp->f_flag;
1082 error = falloc(p, &fp, &newfd, vfs_context_current());
1083 if (error != 0) {
1084 /* drop this socket (probably ran out of file descriptors) */
1085 soclose(so);
1086 sodereference(mp_so); /* our mp_so ref */
1087 goto out;
1088 }
1089
1090 fp->f_flag = fflag;
1091 fp->f_ops = &socketops;
1092 fp->f_data = (caddr_t)so;
1093
1094 /*
1095 * If the socket has been marked as inactive by sosetdefunct(),
1096 * disallow further operations on it.
1097 */
1098 if (so->so_flags & SOF_DEFUNCT) {
1099 sodefunct(current_proc(), so,
1100 SHUTDOWN_SOCKET_LEVEL_DISCONNECT_INTERNAL);
1101 }
1102
1103 proc_fdlock(p);
1104 procfdtbl_releasefd(p, newfd, NULL);
1105 fp_drop(p, newfd, fp, 1);
1106 proc_fdunlock(p);
1107
1108 sodereference(mp_so); /* our mp_so ref */
1109 *retval = newfd;
1110
1111 out:
1112 file_drop(fd);
1113
1114 out_nofile:
1115 return (error);
1116 }
1117
1118 int
1119 disconnectx(struct proc *p, struct disconnectx_args *uap, int *retval)
1120 {
1121 /*
1122 * Due to similiarity with a POSIX interface, define as
1123 * an unofficial cancellation point.
1124 */
1125 __pthread_testcancel(1);
1126 return (disconnectx_nocancel(p, uap, retval));
1127 }
1128
1129 static int
1130 disconnectx_nocancel(struct proc *p, struct disconnectx_args *uap, int *retval)
1131 {
1132 #pragma unused(p, retval)
1133 struct socket *so;
1134 int fd = uap->s;
1135 int error;
1136
1137 error = file_socket(fd, &so);
1138 if (error != 0)
1139 return (error);
1140 if (so == NULL) {
1141 error = EBADF;
1142 goto out;
1143 }
1144
1145 error = sodisconnectx(so, uap->aid, uap->cid);
1146 out:
1147 file_drop(fd);
1148 return (error);
1149 }
1150
1151 /*
1152 * Returns: 0 Success
1153 * socreate:EAFNOSUPPORT
1154 * socreate:EPROTOTYPE
1155 * socreate:EPROTONOSUPPORT
1156 * socreate:ENOBUFS
1157 * socreate:ENOMEM
1158 * socreate:EISCONN
1159 * socreate:??? [other protocol families, IPSEC]
1160 * falloc:ENFILE
1161 * falloc:EMFILE
1162 * falloc:ENOMEM
1163 * copyout:EFAULT
1164 * soconnect2:EINVAL
1165 * soconnect2:EPROTOTYPE
1166 * soconnect2:??? [other protocol families[
1167 */
1168 int
1169 socketpair(struct proc *p, struct socketpair_args *uap,
1170 __unused int32_t *retval)
1171 {
1172 struct fileproc *fp1, *fp2;
1173 struct socket *so1, *so2;
1174 int fd, error, sv[2];
1175
1176 AUDIT_ARG(socket, uap->domain, uap->type, uap->protocol);
1177 error = socreate(uap->domain, &so1, uap->type, uap->protocol);
1178 if (error)
1179 return (error);
1180 error = socreate(uap->domain, &so2, uap->type, uap->protocol);
1181 if (error)
1182 goto free1;
1183
1184 error = falloc(p, &fp1, &fd, vfs_context_current());
1185 if (error) {
1186 goto free2;
1187 }
1188 fp1->f_flag = FREAD|FWRITE;
1189 fp1->f_ops = &socketops;
1190 fp1->f_data = (caddr_t)so1;
1191 sv[0] = fd;
1192
1193 error = falloc(p, &fp2, &fd, vfs_context_current());
1194 if (error) {
1195 goto free3;
1196 }
1197 fp2->f_flag = FREAD|FWRITE;
1198 fp2->f_ops = &socketops;
1199 fp2->f_data = (caddr_t)so2;
1200 sv[1] = fd;
1201
1202 error = soconnect2(so1, so2);
1203 if (error) {
1204 goto free4;
1205 }
1206 if (uap->type == SOCK_DGRAM) {
1207 /*
1208 * Datagram socket connection is asymmetric.
1209 */
1210 error = soconnect2(so2, so1);
1211 if (error) {
1212 goto free4;
1213 }
1214 }
1215
1216 if ((error = copyout(sv, uap->rsv, 2 * sizeof (int))) != 0)
1217 goto free4;
1218
1219 proc_fdlock(p);
1220 procfdtbl_releasefd(p, sv[0], NULL);
1221 procfdtbl_releasefd(p, sv[1], NULL);
1222 fp_drop(p, sv[0], fp1, 1);
1223 fp_drop(p, sv[1], fp2, 1);
1224 proc_fdunlock(p);
1225
1226 return (0);
1227 free4:
1228 fp_free(p, sv[1], fp2);
1229 free3:
1230 fp_free(p, sv[0], fp1);
1231 free2:
1232 (void) soclose(so2);
1233 free1:
1234 (void) soclose(so1);
1235 return (error);
1236 }
1237
1238 /*
1239 * Returns: 0 Success
1240 * EINVAL
1241 * ENOBUFS
1242 * EBADF
1243 * EPIPE
1244 * EACCES Mandatory Access Control failure
1245 * file_socket:ENOTSOCK
1246 * file_socket:EBADF
1247 * getsockaddr:ENAMETOOLONG Filename too long
1248 * getsockaddr:EINVAL Invalid argument
1249 * getsockaddr:ENOMEM Not enough space
1250 * getsockaddr:EFAULT Bad address
1251 * <pru_sosend>:EACCES[TCP]
1252 * <pru_sosend>:EADDRINUSE[TCP]
1253 * <pru_sosend>:EADDRNOTAVAIL[TCP]
1254 * <pru_sosend>:EAFNOSUPPORT[TCP]
1255 * <pru_sosend>:EAGAIN[TCP]
1256 * <pru_sosend>:EBADF
1257 * <pru_sosend>:ECONNRESET[TCP]
1258 * <pru_sosend>:EFAULT
1259 * <pru_sosend>:EHOSTUNREACH[TCP]
1260 * <pru_sosend>:EINTR
1261 * <pru_sosend>:EINVAL
1262 * <pru_sosend>:EISCONN[AF_INET]
1263 * <pru_sosend>:EMSGSIZE[TCP]
1264 * <pru_sosend>:ENETDOWN[TCP]
1265 * <pru_sosend>:ENETUNREACH[TCP]
1266 * <pru_sosend>:ENOBUFS
1267 * <pru_sosend>:ENOMEM[TCP]
1268 * <pru_sosend>:ENOTCONN[AF_INET]
1269 * <pru_sosend>:EOPNOTSUPP
1270 * <pru_sosend>:EPERM[TCP]
1271 * <pru_sosend>:EPIPE
1272 * <pru_sosend>:EWOULDBLOCK
1273 * <pru_sosend>:???[TCP] [ignorable: mostly IPSEC/firewall/DLIL]
1274 * <pru_sosend>:???[AF_INET] [whatever a filter author chooses]
1275 * <pru_sosend>:??? [value from so_error]
1276 * sockargs:???
1277 */
1278 static int
1279 sendit(struct proc *p, struct socket *so, struct user_msghdr *mp, uio_t uiop,
1280 int flags, int32_t *retval)
1281 {
1282 struct mbuf *control = NULL;
1283 struct sockaddr_storage ss;
1284 struct sockaddr *to = NULL;
1285 boolean_t want_free = TRUE;
1286 int error;
1287 user_ssize_t len;
1288
1289 KERNEL_DEBUG(DBG_FNC_SENDIT | DBG_FUNC_START, 0, 0, 0, 0, 0);
1290
1291 if (mp->msg_name != USER_ADDR_NULL) {
1292 if (mp->msg_namelen > sizeof (ss)) {
1293 error = getsockaddr(so, &to, mp->msg_name,
1294 mp->msg_namelen, TRUE);
1295 } else {
1296 error = getsockaddr_s(so, &ss, mp->msg_name,
1297 mp->msg_namelen, TRUE);
1298 if (error == 0) {
1299 to = (struct sockaddr *)&ss;
1300 want_free = FALSE;
1301 }
1302 }
1303 if (error != 0)
1304 goto out;
1305 AUDIT_ARG(sockaddr, vfs_context_cwd(vfs_context_current()), to);
1306 }
1307 if (mp->msg_control != USER_ADDR_NULL) {
1308 if (mp->msg_controllen < sizeof (struct cmsghdr)) {
1309 error = EINVAL;
1310 goto bad;
1311 }
1312 error = sockargs(&control, mp->msg_control,
1313 mp->msg_controllen, MT_CONTROL);
1314 if (error != 0)
1315 goto bad;
1316 }
1317
1318 #if CONFIG_MACF_SOCKET_SUBSET
1319 /*
1320 * We check the state without holding the socket lock;
1321 * if a race condition occurs, it would simply result
1322 * in an extra call to the MAC check function.
1323 */
1324 if (to != NULL &&
1325 !(so->so_state & SS_DEFUNCT) &&
1326 (error = mac_socket_check_send(kauth_cred_get(), so, to)) != 0)
1327 goto bad;
1328 #endif /* MAC_SOCKET_SUBSET */
1329
1330 len = uio_resid(uiop);
1331 error = so->so_proto->pr_usrreqs->pru_sosend(so, to, uiop, 0,
1332 control, flags);
1333 if (error != 0) {
1334 if (uio_resid(uiop) != len && (error == ERESTART ||
1335 error == EINTR || error == EWOULDBLOCK))
1336 error = 0;
1337 /* Generation of SIGPIPE can be controlled per socket */
1338 if (error == EPIPE && !(so->so_flags & SOF_NOSIGPIPE))
1339 psignal(p, SIGPIPE);
1340 }
1341 if (error == 0)
1342 *retval = (int)(len - uio_resid(uiop));
1343 bad:
1344 if (to != NULL && want_free)
1345 FREE(to, M_SONAME);
1346 out:
1347 KERNEL_DEBUG(DBG_FNC_SENDIT | DBG_FUNC_END, error, 0, 0, 0, 0);
1348
1349 return (error);
1350 }
1351
1352 /*
1353 * Returns: 0 Success
1354 * ENOMEM
1355 * sendit:??? [see sendit definition in this file]
1356 * write:??? [4056224: applicable for pipes]
1357 */
1358 int
1359 sendto(struct proc *p, struct sendto_args *uap, int32_t *retval)
1360 {
1361 __pthread_testcancel(1);
1362 return (sendto_nocancel(p, (struct sendto_nocancel_args *)uap, retval));
1363 }
1364
1365 int
1366 sendto_nocancel(struct proc *p,
1367 struct sendto_nocancel_args *uap,
1368 int32_t *retval)
1369 {
1370 struct user_msghdr msg;
1371 int error;
1372 uio_t auio = NULL;
1373 struct socket *so;
1374
1375 KERNEL_DEBUG(DBG_FNC_SENDTO | DBG_FUNC_START, 0, 0, 0, 0, 0);
1376 AUDIT_ARG(fd, uap->s);
1377
1378 auio = uio_create(1, 0,
1379 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
1380 UIO_WRITE);
1381 if (auio == NULL) {
1382 error = ENOMEM;
1383 goto done;
1384 }
1385 uio_addiov(auio, uap->buf, uap->len);
1386
1387 msg.msg_name = uap->to;
1388 msg.msg_namelen = uap->tolen;
1389 /* no need to set up msg_iov. sendit uses uio_t we send it */
1390 msg.msg_iov = 0;
1391 msg.msg_iovlen = 0;
1392 msg.msg_control = 0;
1393 msg.msg_flags = 0;
1394
1395 error = file_socket(uap->s, &so);
1396 if (error)
1397 goto done;
1398
1399 if (so == NULL) {
1400 error = EBADF;
1401 } else {
1402 error = sendit(p, so, &msg, auio, uap->flags, retval);
1403 }
1404
1405 file_drop(uap->s);
1406 done:
1407 if (auio != NULL)
1408 uio_free(auio);
1409
1410 KERNEL_DEBUG(DBG_FNC_SENDTO | DBG_FUNC_END, error, *retval, 0, 0, 0);
1411
1412 return (error);
1413 }
1414
1415 /*
1416 * Returns: 0 Success
1417 * ENOBUFS
1418 * copyin:EFAULT
1419 * sendit:??? [see sendit definition in this file]
1420 */
1421 int
1422 sendmsg(struct proc *p, struct sendmsg_args *uap, int32_t *retval)
1423 {
1424 __pthread_testcancel(1);
1425 return (sendmsg_nocancel(p, (struct sendmsg_nocancel_args *)uap,
1426 retval));
1427 }
1428
1429 int
1430 sendmsg_nocancel(struct proc *p, struct sendmsg_nocancel_args *uap,
1431 int32_t *retval)
1432 {
1433 struct user32_msghdr msg32;
1434 struct user64_msghdr msg64;
1435 struct user_msghdr user_msg;
1436 caddr_t msghdrp;
1437 int size_of_msghdr;
1438 int error;
1439 uio_t auio = NULL;
1440 struct user_iovec *iovp;
1441 struct socket *so;
1442
1443 KERNEL_DEBUG(DBG_FNC_SENDMSG | DBG_FUNC_START, 0, 0, 0, 0, 0);
1444 AUDIT_ARG(fd, uap->s);
1445 if (IS_64BIT_PROCESS(p)) {
1446 msghdrp = (caddr_t)&msg64;
1447 size_of_msghdr = sizeof (msg64);
1448 } else {
1449 msghdrp = (caddr_t)&msg32;
1450 size_of_msghdr = sizeof (msg32);
1451 }
1452 error = copyin(uap->msg, msghdrp, size_of_msghdr);
1453 if (error) {
1454 KERNEL_DEBUG(DBG_FNC_SENDMSG | DBG_FUNC_END, error, 0, 0, 0, 0);
1455 return (error);
1456 }
1457
1458 if (IS_64BIT_PROCESS(p)) {
1459 user_msg.msg_flags = msg64.msg_flags;
1460 user_msg.msg_controllen = msg64.msg_controllen;
1461 user_msg.msg_control = msg64.msg_control;
1462 user_msg.msg_iovlen = msg64.msg_iovlen;
1463 user_msg.msg_iov = msg64.msg_iov;
1464 user_msg.msg_namelen = msg64.msg_namelen;
1465 user_msg.msg_name = msg64.msg_name;
1466 } else {
1467 user_msg.msg_flags = msg32.msg_flags;
1468 user_msg.msg_controllen = msg32.msg_controllen;
1469 user_msg.msg_control = msg32.msg_control;
1470 user_msg.msg_iovlen = msg32.msg_iovlen;
1471 user_msg.msg_iov = msg32.msg_iov;
1472 user_msg.msg_namelen = msg32.msg_namelen;
1473 user_msg.msg_name = msg32.msg_name;
1474 }
1475
1476 if (user_msg.msg_iovlen <= 0 || user_msg.msg_iovlen > UIO_MAXIOV) {
1477 KERNEL_DEBUG(DBG_FNC_SENDMSG | DBG_FUNC_END, EMSGSIZE,
1478 0, 0, 0, 0);
1479 return (EMSGSIZE);
1480 }
1481
1482 /* allocate a uio large enough to hold the number of iovecs passed */
1483 auio = uio_create(user_msg.msg_iovlen, 0,
1484 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
1485 UIO_WRITE);
1486 if (auio == NULL) {
1487 error = ENOBUFS;
1488 goto done;
1489 }
1490
1491 if (user_msg.msg_iovlen) {
1492 /*
1493 * get location of iovecs within the uio.
1494 * then copyin the iovecs from user space.
1495 */
1496 iovp = uio_iovsaddr(auio);
1497 if (iovp == NULL) {
1498 error = ENOBUFS;
1499 goto done;
1500 }
1501 error = copyin_user_iovec_array(user_msg.msg_iov,
1502 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
1503 user_msg.msg_iovlen, iovp);
1504 if (error)
1505 goto done;
1506 user_msg.msg_iov = CAST_USER_ADDR_T(iovp);
1507
1508 /* finish setup of uio_t */
1509 error = uio_calculateresid(auio);
1510 if (error) {
1511 goto done;
1512 }
1513 } else {
1514 user_msg.msg_iov = 0;
1515 }
1516
1517 /* msg_flags is ignored for send */
1518 user_msg.msg_flags = 0;
1519
1520 error = file_socket(uap->s, &so);
1521 if (error) {
1522 goto done;
1523 }
1524 if (so == NULL) {
1525 error = EBADF;
1526 } else {
1527 error = sendit(p, so, &user_msg, auio, uap->flags, retval);
1528 }
1529 file_drop(uap->s);
1530 done:
1531 if (auio != NULL) {
1532 uio_free(auio);
1533 }
1534 KERNEL_DEBUG(DBG_FNC_SENDMSG | DBG_FUNC_END, error, 0, 0, 0, 0);
1535
1536 return (error);
1537 }
1538
1539 int
1540 sendmsg_x(struct proc *p, struct sendmsg_x_args *uap, user_ssize_t *retval)
1541 {
1542 int error = 0;
1543 struct user_msghdr_x *user_msg_x = NULL;
1544 struct uio **uiop = NULL;
1545 struct socket *so;
1546 u_int i;
1547 struct sockaddr *to = NULL;
1548 user_ssize_t len_before = 0, len_after;
1549 int need_drop = 0;
1550 size_t size_of_msghdr;
1551 void *umsgp = NULL;
1552 u_int uiocnt;
1553 int has_addr_or_ctl = 0;
1554
1555 KERNEL_DEBUG(DBG_FNC_SENDMSG_X | DBG_FUNC_START, 0, 0, 0, 0, 0);
1556
1557 error = file_socket(uap->s, &so);
1558 if (error) {
1559 goto out;
1560 }
1561 need_drop = 1;
1562 if (so == NULL) {
1563 error = EBADF;
1564 goto out;
1565 }
1566
1567 /*
1568 * Input parameter range check
1569 */
1570 if (uap->cnt == 0 || uap->cnt > UIO_MAXIOV) {
1571 error = EINVAL;
1572 goto out;
1573 }
1574 /*
1575 * Clip to max currently allowed
1576 */
1577 if (uap->cnt > somaxsendmsgx)
1578 uap->cnt = somaxsendmsgx;
1579
1580 user_msg_x = _MALLOC(uap->cnt * sizeof(struct user_msghdr_x),
1581 M_TEMP, M_WAITOK | M_ZERO);
1582 if (user_msg_x == NULL) {
1583 DBG_PRINTF("%s _MALLOC() user_msg_x failed\n", __func__);
1584 error = ENOMEM;
1585 goto out;
1586 }
1587 uiop = _MALLOC(uap->cnt * sizeof(struct uio *),
1588 M_TEMP, M_WAITOK | M_ZERO);
1589 if (uiop == NULL) {
1590 DBG_PRINTF("%s _MALLOC() uiop failed\n", __func__);
1591 error = ENOMEM;
1592 goto out;
1593 }
1594
1595 size_of_msghdr = IS_64BIT_PROCESS(p) ?
1596 sizeof(struct user64_msghdr_x) : sizeof(struct user32_msghdr_x);
1597
1598 umsgp = _MALLOC(uap->cnt * size_of_msghdr,
1599 M_TEMP, M_WAITOK | M_ZERO);
1600 if (umsgp == NULL) {
1601 printf("%s _MALLOC() user_msg_x failed\n", __func__);
1602 error = ENOMEM;
1603 goto out;
1604 }
1605 error = copyin(uap->msgp, umsgp, uap->cnt * size_of_msghdr);
1606 if (error) {
1607 DBG_PRINTF("%s copyin() failed\n", __func__);
1608 goto out;
1609 }
1610 error = internalize_user_msghdr_array(umsgp,
1611 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
1612 UIO_WRITE, uap->cnt, user_msg_x, uiop);
1613 if (error) {
1614 DBG_PRINTF("%s copyin_user_msghdr_array() failed\n", __func__);
1615 goto out;
1616 }
1617 /*
1618 * Make sure the size of each message iovec and
1619 * the aggregate size of all the iovec is valid
1620 */
1621 if (uio_array_is_valid(uiop, uap->cnt) == 0) {
1622 error = EINVAL;
1623 goto out;
1624 }
1625
1626 /*
1627 * Sanity check on passed arguments
1628 */
1629 for (i = 0; i < uap->cnt; i++) {
1630 struct user_msghdr_x *mp = user_msg_x + i;
1631
1632 /*
1633 * No flags on send message
1634 */
1635 if (mp->msg_flags != 0) {
1636 error = EINVAL;
1637 goto out;
1638 }
1639 /*
1640 * No support for address or ancillary data (yet)
1641 */
1642 if (mp->msg_name != USER_ADDR_NULL || mp->msg_namelen != 0)
1643 has_addr_or_ctl = 1;
1644
1645 if (mp->msg_control != USER_ADDR_NULL ||
1646 mp->msg_controllen != 0)
1647 has_addr_or_ctl = 1;
1648
1649 #if CONFIG_MACF_SOCKET_SUBSET
1650 /*
1651 * We check the state without holding the socket lock;
1652 * if a race condition occurs, it would simply result
1653 * in an extra call to the MAC check function.
1654 *
1655 * Note: The following check is never true taken with the
1656 * current limitation that we do not accept to pass an address,
1657 * this is effectively placeholder code. If we add support for
1658 * addresses, we will have to check every address.
1659 */
1660 if (to != NULL &&
1661 !(so->so_state & SS_DEFUNCT) &&
1662 (error = mac_socket_check_send(kauth_cred_get(), so, to))
1663 != 0)
1664 goto out;
1665 #endif /* MAC_SOCKET_SUBSET */
1666 }
1667
1668 len_before = uio_array_resid(uiop, uap->cnt);
1669
1670 /*
1671 * Feed list of packets at once only for connected socket without
1672 * control message
1673 */
1674 if (so->so_proto->pr_usrreqs->pru_sosend_list !=
1675 pru_sosend_list_notsupp &&
1676 has_addr_or_ctl == 0 && somaxsendmsgx == 0) {
1677 error = so->so_proto->pr_usrreqs->pru_sosend_list(so, uiop,
1678 uap->cnt, uap->flags);
1679 } else {
1680 for (i = 0; i < uap->cnt; i++) {
1681 struct user_msghdr_x *mp = user_msg_x + i;
1682 struct user_msghdr user_msg;
1683 uio_t auio = uiop[i];
1684 int32_t tmpval;
1685
1686 user_msg.msg_flags = mp->msg_flags;
1687 user_msg.msg_controllen = mp->msg_controllen;
1688 user_msg.msg_control = mp->msg_control;
1689 user_msg.msg_iovlen = mp->msg_iovlen;
1690 user_msg.msg_iov = mp->msg_iov;
1691 user_msg.msg_namelen = mp->msg_namelen;
1692 user_msg.msg_name = mp->msg_name;
1693
1694 error = sendit(p, so, &user_msg, auio, uap->flags,
1695 &tmpval);
1696 if (error != 0)
1697 break;
1698 }
1699 }
1700 len_after = uio_array_resid(uiop, uap->cnt);
1701
1702 VERIFY(len_after <= len_before);
1703
1704 if (error != 0) {
1705 if (len_after != len_before && (error == ERESTART ||
1706 error == EINTR || error == EWOULDBLOCK ||
1707 error == ENOBUFS))
1708 error = 0;
1709 /* Generation of SIGPIPE can be controlled per socket */
1710 if (error == EPIPE && !(so->so_flags & SOF_NOSIGPIPE))
1711 psignal(p, SIGPIPE);
1712 }
1713 if (error == 0) {
1714 uiocnt = externalize_user_msghdr_array(umsgp,
1715 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
1716 UIO_WRITE, uap->cnt, user_msg_x, uiop);
1717
1718 *retval = (int)(uiocnt);
1719 }
1720 out:
1721 if (need_drop)
1722 file_drop(uap->s);
1723 if (umsgp != NULL)
1724 _FREE(umsgp, M_TEMP);
1725 if (uiop != NULL) {
1726 free_uio_array(uiop, uap->cnt);
1727 _FREE(uiop, M_TEMP);
1728 }
1729 if (user_msg_x != NULL)
1730 _FREE(user_msg_x, M_TEMP);
1731
1732 KERNEL_DEBUG(DBG_FNC_SENDMSG_X | DBG_FUNC_END, error, 0, 0, 0, 0);
1733
1734 return (error);
1735 }
1736
1737
1738 static int
1739 copyout_sa(struct sockaddr *fromsa, user_addr_t name, socklen_t *namelen)
1740 {
1741 int error = 0;
1742 socklen_t sa_len = 0;
1743 ssize_t len;
1744
1745 len = *namelen;
1746 if (len <= 0 || fromsa == 0) {
1747 len = 0;
1748 } else {
1749 #ifndef MIN
1750 #define MIN(a, b) ((a) > (b) ? (b) : (a))
1751 #endif
1752 sa_len = fromsa->sa_len;
1753 len = MIN((unsigned int)len, sa_len);
1754 error = copyout(fromsa, name, (unsigned)len);
1755 if (error)
1756 goto out;
1757 }
1758 *namelen = sa_len;
1759 out:
1760 return (0);
1761 }
1762
1763 static int
1764 copyout_control(struct proc *p, struct mbuf *m, user_addr_t control,
1765 socklen_t *controllen, int *flags)
1766 {
1767 int error = 0;
1768 ssize_t len;
1769 user_addr_t ctlbuf;
1770
1771 len = *controllen;
1772 *controllen = 0;
1773 ctlbuf = control;
1774
1775 while (m && len > 0) {
1776 unsigned int tocopy;
1777 struct cmsghdr *cp = mtod(m, struct cmsghdr *);
1778 int cp_size = CMSG_ALIGN(cp->cmsg_len);
1779 int buflen = m->m_len;
1780
1781 while (buflen > 0 && len > 0) {
1782 /*
1783 * SCM_TIMESTAMP hack because struct timeval has a
1784 * different size for 32 bits and 64 bits processes
1785 */
1786 if (cp->cmsg_level == SOL_SOCKET && cp->cmsg_type == SCM_TIMESTAMP) {
1787 unsigned char tmp_buffer[CMSG_SPACE(sizeof(struct user64_timeval))];
1788 struct cmsghdr *tmp_cp = (struct cmsghdr *)(void *)tmp_buffer;
1789 int tmp_space;
1790 struct timeval *tv = (struct timeval *)(void *)CMSG_DATA(cp);
1791
1792 tmp_cp->cmsg_level = SOL_SOCKET;
1793 tmp_cp->cmsg_type = SCM_TIMESTAMP;
1794
1795 if (proc_is64bit(p)) {
1796 struct user64_timeval *tv64 = (struct user64_timeval *)(void *)CMSG_DATA(tmp_cp);
1797
1798 tv64->tv_sec = tv->tv_sec;
1799 tv64->tv_usec = tv->tv_usec;
1800
1801 tmp_cp->cmsg_len = CMSG_LEN(sizeof(struct user64_timeval));
1802 tmp_space = CMSG_SPACE(sizeof(struct user64_timeval));
1803 } else {
1804 struct user32_timeval *tv32 = (struct user32_timeval *)(void *)CMSG_DATA(tmp_cp);
1805
1806 tv32->tv_sec = tv->tv_sec;
1807 tv32->tv_usec = tv->tv_usec;
1808
1809 tmp_cp->cmsg_len = CMSG_LEN(sizeof(struct user32_timeval));
1810 tmp_space = CMSG_SPACE(sizeof(struct user32_timeval));
1811 }
1812 if (len >= tmp_space) {
1813 tocopy = tmp_space;
1814 } else {
1815 *flags |= MSG_CTRUNC;
1816 tocopy = len;
1817 }
1818 error = copyout(tmp_buffer, ctlbuf, tocopy);
1819 if (error)
1820 goto out;
1821 } else {
1822 if (cp_size > buflen) {
1823 panic("cp_size > buflen, something"
1824 "wrong with alignment!");
1825 }
1826 if (len >= cp_size) {
1827 tocopy = cp_size;
1828 } else {
1829 *flags |= MSG_CTRUNC;
1830 tocopy = len;
1831 }
1832 error = copyout((caddr_t) cp, ctlbuf, tocopy);
1833 if (error)
1834 goto out;
1835 }
1836
1837 ctlbuf += tocopy;
1838 len -= tocopy;
1839
1840 buflen -= cp_size;
1841 cp = (struct cmsghdr *)(void *)
1842 ((unsigned char *) cp + cp_size);
1843 cp_size = CMSG_ALIGN(cp->cmsg_len);
1844 }
1845
1846 m = m->m_next;
1847 }
1848 *controllen = ctlbuf - control;
1849 out:
1850 return (error);
1851 }
1852
1853 /*
1854 * Returns: 0 Success
1855 * ENOTSOCK
1856 * EINVAL
1857 * EBADF
1858 * EACCES Mandatory Access Control failure
1859 * copyout:EFAULT
1860 * fp_lookup:EBADF
1861 * <pru_soreceive>:ENOBUFS
1862 * <pru_soreceive>:ENOTCONN
1863 * <pru_soreceive>:EWOULDBLOCK
1864 * <pru_soreceive>:EFAULT
1865 * <pru_soreceive>:EINTR
1866 * <pru_soreceive>:EBADF
1867 * <pru_soreceive>:EINVAL
1868 * <pru_soreceive>:EMSGSIZE
1869 * <pru_soreceive>:???
1870 *
1871 * Notes: Additional return values from calls through <pru_soreceive>
1872 * depend on protocols other than TCP or AF_UNIX, which are
1873 * documented above.
1874 */
1875 static int
1876 recvit(struct proc *p, int s, struct user_msghdr *mp, uio_t uiop,
1877 user_addr_t namelenp, int32_t *retval)
1878 {
1879 ssize_t len;
1880 int error;
1881 struct mbuf *control = 0;
1882 struct socket *so;
1883 struct sockaddr *fromsa = 0;
1884 struct fileproc *fp;
1885
1886 KERNEL_DEBUG(DBG_FNC_RECVIT | DBG_FUNC_START, 0, 0, 0, 0, 0);
1887 proc_fdlock(p);
1888 if ((error = fp_lookup(p, s, &fp, 1))) {
1889 KERNEL_DEBUG(DBG_FNC_RECVIT | DBG_FUNC_END, error, 0, 0, 0, 0);
1890 proc_fdunlock(p);
1891 return (error);
1892 }
1893 if (fp->f_type != DTYPE_SOCKET) {
1894 fp_drop(p, s, fp, 1);
1895 proc_fdunlock(p);
1896 return (ENOTSOCK);
1897 }
1898
1899 so = (struct socket *)fp->f_data;
1900 if (so == NULL) {
1901 fp_drop(p, s, fp, 1);
1902 proc_fdunlock(p);
1903 return (EBADF);
1904 }
1905
1906 proc_fdunlock(p);
1907
1908 #if CONFIG_MACF_SOCKET_SUBSET
1909 /*
1910 * We check the state without holding the socket lock;
1911 * if a race condition occurs, it would simply result
1912 * in an extra call to the MAC check function.
1913 */
1914 if (!(so->so_state & SS_DEFUNCT) &&
1915 !(so->so_state & SS_ISCONNECTED) &&
1916 !(so->so_proto->pr_flags & PR_CONNREQUIRED) &&
1917 (error = mac_socket_check_receive(kauth_cred_get(), so)) != 0)
1918 goto out1;
1919 #endif /* MAC_SOCKET_SUBSET */
1920 if (uio_resid(uiop) < 0) {
1921 KERNEL_DEBUG(DBG_FNC_RECVIT | DBG_FUNC_END, EINVAL, 0, 0, 0, 0);
1922 error = EINVAL;
1923 goto out1;
1924 }
1925
1926 len = uio_resid(uiop);
1927 error = so->so_proto->pr_usrreqs->pru_soreceive(so, &fromsa, uiop,
1928 (struct mbuf **)0, mp->msg_control ? &control : (struct mbuf **)0,
1929 &mp->msg_flags);
1930 if (fromsa)
1931 AUDIT_ARG(sockaddr, vfs_context_cwd(vfs_context_current()),
1932 fromsa);
1933 if (error) {
1934 if (uio_resid(uiop) != len && (error == ERESTART ||
1935 error == EINTR || error == EWOULDBLOCK))
1936 error = 0;
1937 }
1938 if (error)
1939 goto out;
1940
1941 *retval = len - uio_resid(uiop);
1942
1943 if (mp->msg_name) {
1944 error = copyout_sa(fromsa, mp->msg_name, &mp->msg_namelen);
1945 if (error)
1946 goto out;
1947 /* return the actual, untruncated address length */
1948 if (namelenp &&
1949 (error = copyout((caddr_t)&mp->msg_namelen, namelenp,
1950 sizeof (int)))) {
1951 goto out;
1952 }
1953 }
1954
1955 if (mp->msg_control) {
1956 error = copyout_control(p, control, mp->msg_control,
1957 &mp->msg_controllen, &mp->msg_flags);
1958 }
1959 out:
1960 if (fromsa)
1961 FREE(fromsa, M_SONAME);
1962 if (control)
1963 m_freem(control);
1964 KERNEL_DEBUG(DBG_FNC_RECVIT | DBG_FUNC_END, error, 0, 0, 0, 0);
1965 out1:
1966 fp_drop(p, s, fp, 0);
1967 return (error);
1968 }
1969
1970 /*
1971 * Returns: 0 Success
1972 * ENOMEM
1973 * copyin:EFAULT
1974 * recvit:???
1975 * read:??? [4056224: applicable for pipes]
1976 *
1977 * Notes: The read entry point is only called as part of support for
1978 * binary backward compatability; new code should use read
1979 * instead of recv or recvfrom when attempting to read data
1980 * from pipes.
1981 *
1982 * For full documentation of the return codes from recvit, see
1983 * the block header for the recvit function.
1984 */
1985 int
1986 recvfrom(struct proc *p, struct recvfrom_args *uap, int32_t *retval)
1987 {
1988 __pthread_testcancel(1);
1989 return (recvfrom_nocancel(p, (struct recvfrom_nocancel_args *)uap,
1990 retval));
1991 }
1992
1993 int
1994 recvfrom_nocancel(struct proc *p, struct recvfrom_nocancel_args *uap,
1995 int32_t *retval)
1996 {
1997 struct user_msghdr msg;
1998 int error;
1999 uio_t auio = NULL;
2000
2001 KERNEL_DEBUG(DBG_FNC_RECVFROM | DBG_FUNC_START, 0, 0, 0, 0, 0);
2002 AUDIT_ARG(fd, uap->s);
2003
2004 if (uap->fromlenaddr) {
2005 error = copyin(uap->fromlenaddr,
2006 (caddr_t)&msg.msg_namelen, sizeof (msg.msg_namelen));
2007 if (error)
2008 return (error);
2009 } else {
2010 msg.msg_namelen = 0;
2011 }
2012 msg.msg_name = uap->from;
2013 auio = uio_create(1, 0,
2014 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
2015 UIO_READ);
2016 if (auio == NULL) {
2017 return (ENOMEM);
2018 }
2019
2020 uio_addiov(auio, uap->buf, uap->len);
2021 /* no need to set up msg_iov. recvit uses uio_t we send it */
2022 msg.msg_iov = 0;
2023 msg.msg_iovlen = 0;
2024 msg.msg_control = 0;
2025 msg.msg_controllen = 0;
2026 msg.msg_flags = uap->flags;
2027 error = recvit(p, uap->s, &msg, auio, uap->fromlenaddr, retval);
2028 if (auio != NULL) {
2029 uio_free(auio);
2030 }
2031
2032 KERNEL_DEBUG(DBG_FNC_RECVFROM | DBG_FUNC_END, error, 0, 0, 0, 0);
2033
2034 return (error);
2035 }
2036
2037 /*
2038 * Returns: 0 Success
2039 * EMSGSIZE
2040 * ENOMEM
2041 * copyin:EFAULT
2042 * copyout:EFAULT
2043 * recvit:???
2044 *
2045 * Notes: For full documentation of the return codes from recvit, see
2046 * the block header for the recvit function.
2047 */
2048 int
2049 recvmsg(struct proc *p, struct recvmsg_args *uap, int32_t *retval)
2050 {
2051 __pthread_testcancel(1);
2052 return (recvmsg_nocancel(p, (struct recvmsg_nocancel_args *)uap,
2053 retval));
2054 }
2055
2056 int
2057 recvmsg_nocancel(struct proc *p, struct recvmsg_nocancel_args *uap,
2058 int32_t *retval)
2059 {
2060 struct user32_msghdr msg32;
2061 struct user64_msghdr msg64;
2062 struct user_msghdr user_msg;
2063 caddr_t msghdrp;
2064 int size_of_msghdr;
2065 user_addr_t uiov;
2066 int error;
2067 uio_t auio = NULL;
2068 struct user_iovec *iovp;
2069
2070 KERNEL_DEBUG(DBG_FNC_RECVMSG | DBG_FUNC_START, 0, 0, 0, 0, 0);
2071 AUDIT_ARG(fd, uap->s);
2072 if (IS_64BIT_PROCESS(p)) {
2073 msghdrp = (caddr_t)&msg64;
2074 size_of_msghdr = sizeof (msg64);
2075 } else {
2076 msghdrp = (caddr_t)&msg32;
2077 size_of_msghdr = sizeof (msg32);
2078 }
2079 error = copyin(uap->msg, msghdrp, size_of_msghdr);
2080 if (error) {
2081 KERNEL_DEBUG(DBG_FNC_RECVMSG | DBG_FUNC_END, error, 0, 0, 0, 0);
2082 return (error);
2083 }
2084
2085 /* only need to copy if user process is not 64-bit */
2086 if (IS_64BIT_PROCESS(p)) {
2087 user_msg.msg_flags = msg64.msg_flags;
2088 user_msg.msg_controllen = msg64.msg_controllen;
2089 user_msg.msg_control = msg64.msg_control;
2090 user_msg.msg_iovlen = msg64.msg_iovlen;
2091 user_msg.msg_iov = msg64.msg_iov;
2092 user_msg.msg_namelen = msg64.msg_namelen;
2093 user_msg.msg_name = msg64.msg_name;
2094 } else {
2095 user_msg.msg_flags = msg32.msg_flags;
2096 user_msg.msg_controllen = msg32.msg_controllen;
2097 user_msg.msg_control = msg32.msg_control;
2098 user_msg.msg_iovlen = msg32.msg_iovlen;
2099 user_msg.msg_iov = msg32.msg_iov;
2100 user_msg.msg_namelen = msg32.msg_namelen;
2101 user_msg.msg_name = msg32.msg_name;
2102 }
2103
2104 if (user_msg.msg_iovlen <= 0 || user_msg.msg_iovlen > UIO_MAXIOV) {
2105 KERNEL_DEBUG(DBG_FNC_RECVMSG | DBG_FUNC_END, EMSGSIZE,
2106 0, 0, 0, 0);
2107 return (EMSGSIZE);
2108 }
2109
2110 user_msg.msg_flags = uap->flags;
2111
2112 /* allocate a uio large enough to hold the number of iovecs passed */
2113 auio = uio_create(user_msg.msg_iovlen, 0,
2114 (IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32),
2115 UIO_READ);
2116 if (auio == NULL) {
2117 error = ENOMEM;
2118 goto done;
2119 }
2120
2121 /*
2122 * get location of iovecs within the uio. then copyin the iovecs from
2123 * user space.
2124 */
2125 iovp = uio_iovsaddr(auio);
2126 if (iovp == NULL) {
2127 error = ENOMEM;
2128 goto done;
2129 }
2130 uiov = user_msg.msg_iov;
2131 user_msg.msg_iov = CAST_USER_ADDR_T(iovp);
2132 error = copyin_user_iovec_array(uiov,
2133 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
2134 user_msg.msg_iovlen, iovp);
2135 if (error)
2136 goto done;
2137
2138 /* finish setup of uio_t */
2139 error = uio_calculateresid(auio);
2140 if (error) {
2141 goto done;
2142 }
2143
2144 error = recvit(p, uap->s, &user_msg, auio, 0, retval);
2145 if (!error) {
2146 user_msg.msg_iov = uiov;
2147 if (IS_64BIT_PROCESS(p)) {
2148 msg64.msg_flags = user_msg.msg_flags;
2149 msg64.msg_controllen = user_msg.msg_controllen;
2150 msg64.msg_control = user_msg.msg_control;
2151 msg64.msg_iovlen = user_msg.msg_iovlen;
2152 msg64.msg_iov = user_msg.msg_iov;
2153 msg64.msg_namelen = user_msg.msg_namelen;
2154 msg64.msg_name = user_msg.msg_name;
2155 } else {
2156 msg32.msg_flags = user_msg.msg_flags;
2157 msg32.msg_controllen = user_msg.msg_controllen;
2158 msg32.msg_control = user_msg.msg_control;
2159 msg32.msg_iovlen = user_msg.msg_iovlen;
2160 msg32.msg_iov = user_msg.msg_iov;
2161 msg32.msg_namelen = user_msg.msg_namelen;
2162 msg32.msg_name = user_msg.msg_name;
2163 }
2164 error = copyout(msghdrp, uap->msg, size_of_msghdr);
2165 }
2166 done:
2167 if (auio != NULL) {
2168 uio_free(auio);
2169 }
2170 KERNEL_DEBUG(DBG_FNC_RECVMSG | DBG_FUNC_END, error, 0, 0, 0, 0);
2171 return (error);
2172 }
2173
2174 int
2175 recvmsg_x(struct proc *p, struct recvmsg_x_args *uap, user_ssize_t *retval)
2176 {
2177 int error = EOPNOTSUPP;
2178 struct user_msghdr_x *user_msg_x = NULL;
2179 struct recv_msg_elem *recv_msg_array = NULL;
2180 struct socket *so;
2181 user_ssize_t len_before = 0, len_after;
2182 int need_drop = 0;
2183 size_t size_of_msghdr;
2184 void *umsgp = NULL;
2185 u_int i;
2186 u_int uiocnt;
2187
2188 KERNEL_DEBUG(DBG_FNC_RECVMSG_X | DBG_FUNC_START, 0, 0, 0, 0, 0);
2189
2190 error = file_socket(uap->s, &so);
2191 if (error) {
2192 goto out;
2193 }
2194 need_drop = 1;
2195 if (so == NULL) {
2196 error = EBADF;
2197 goto out;
2198 }
2199 /*
2200 * Input parameter range check
2201 */
2202 if (uap->cnt == 0 || uap->cnt > UIO_MAXIOV) {
2203 error = EINVAL;
2204 goto out;
2205 }
2206 if (uap->cnt > somaxrecvmsgx)
2207 uap->cnt = somaxrecvmsgx;
2208
2209 user_msg_x = _MALLOC(uap->cnt * sizeof(struct user_msghdr_x),
2210 M_TEMP, M_WAITOK | M_ZERO);
2211 if (user_msg_x == NULL) {
2212 DBG_PRINTF("%s _MALLOC() user_msg_x failed\n", __func__);
2213 error = ENOMEM;
2214 goto out;
2215 }
2216 recv_msg_array = alloc_recv_msg_array(uap->cnt);
2217 if (recv_msg_array == NULL) {
2218 DBG_PRINTF("%s alloc_recv_msg_array() failed\n", __func__);
2219 error = ENOMEM;
2220 goto out;
2221 }
2222 size_of_msghdr = IS_64BIT_PROCESS(p) ?
2223 sizeof(struct user64_msghdr_x) : sizeof(struct user32_msghdr_x);
2224
2225 umsgp = _MALLOC(uap->cnt * size_of_msghdr, M_TEMP, M_WAITOK | M_ZERO);
2226 if (umsgp == NULL) {
2227 DBG_PRINTF("%s _MALLOC() umsgp failed\n", __func__);
2228 error = ENOMEM;
2229 goto out;
2230 }
2231 error = copyin(uap->msgp, umsgp, uap->cnt * size_of_msghdr);
2232 if (error) {
2233 DBG_PRINTF("%s copyin() failed\n", __func__);
2234 goto out;
2235 }
2236 error = internalize_recv_msghdr_array(umsgp,
2237 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
2238 UIO_READ, uap->cnt, user_msg_x, recv_msg_array);
2239 if (error) {
2240 DBG_PRINTF("%s copyin_user_msghdr_array() failed\n", __func__);
2241 goto out;
2242 }
2243 /*
2244 * Make sure the size of each message iovec and
2245 * the aggregate size of all the iovec is valid
2246 */
2247 if (recv_msg_array_is_valid(recv_msg_array, uap->cnt) == 0) {
2248 error = EINVAL;
2249 goto out;
2250 }
2251 /*
2252 * Sanity check on passed arguments
2253 */
2254 for (i = 0; i < uap->cnt; i++) {
2255 struct user_msghdr_x *mp = user_msg_x + i;
2256
2257 if (mp->msg_flags != 0) {
2258 error = EINVAL;
2259 goto out;
2260 }
2261 }
2262 #if CONFIG_MACF_SOCKET_SUBSET
2263 /*
2264 * We check the state without holding the socket lock;
2265 * if a race condition occurs, it would simply result
2266 * in an extra call to the MAC check function.
2267 */
2268 if (!(so->so_state & SS_DEFUNCT) &&
2269 !(so->so_state & SS_ISCONNECTED) &&
2270 !(so->so_proto->pr_flags & PR_CONNREQUIRED) &&
2271 (error = mac_socket_check_receive(kauth_cred_get(), so)) != 0)
2272 goto out;
2273 #endif /* MAC_SOCKET_SUBSET */
2274
2275 len_before = recv_msg_array_resid(recv_msg_array, uap->cnt);
2276
2277 if (so->so_proto->pr_usrreqs->pru_soreceive_list !=
2278 pru_soreceive_list_notsupp &&
2279 somaxrecvmsgx == 0) {
2280 error = so->so_proto->pr_usrreqs->pru_soreceive_list(so,
2281 recv_msg_array, uap->cnt, &uap->flags);
2282 } else {
2283 int flags = uap->flags;
2284
2285 for (i = 0; i < uap->cnt; i++) {
2286 struct recv_msg_elem *recv_msg_elem;
2287 uio_t auio;
2288 struct sockaddr **psa;
2289 struct mbuf **controlp;
2290
2291 recv_msg_elem = recv_msg_array + i;
2292 auio = recv_msg_elem->uio;
2293
2294 /*
2295 * Do not block if we got at least one packet
2296 */
2297 if (i > 0)
2298 flags |= MSG_DONTWAIT;
2299
2300 psa = (recv_msg_elem->which & SOCK_MSG_SA) ?
2301 &recv_msg_elem->psa : NULL;
2302 controlp = (recv_msg_elem->which & SOCK_MSG_CONTROL) ?
2303 &recv_msg_elem->controlp : NULL;
2304
2305 error = so->so_proto->pr_usrreqs->pru_soreceive(so, psa,
2306 auio, (struct mbuf **)0, controlp, &flags);
2307 if (error)
2308 break;
2309 /*
2310 * We have some data
2311 */
2312 recv_msg_elem->which |= SOCK_MSG_DATA;
2313 /*
2314 * Stop on partial copy
2315 */
2316 if (flags & (MSG_RCVMORE | MSG_TRUNC))
2317 break;
2318 }
2319 if ((uap->flags & MSG_DONTWAIT) == 0)
2320 flags &= ~MSG_DONTWAIT;
2321 uap->flags = flags;
2322 }
2323
2324 len_after = recv_msg_array_resid(recv_msg_array, uap->cnt);
2325
2326 if (error) {
2327 if (len_after != len_before && (error == ERESTART ||
2328 error == EINTR || error == EWOULDBLOCK))
2329 error = 0;
2330 else
2331 goto out;
2332 }
2333
2334 uiocnt = externalize_recv_msghdr_array(umsgp,
2335 IS_64BIT_PROCESS(p) ? UIO_USERSPACE64 : UIO_USERSPACE32,
2336 UIO_READ, uap->cnt, user_msg_x, recv_msg_array);
2337
2338 error = copyout(umsgp, uap->msgp, uap->cnt * size_of_msghdr);
2339 if (error) {
2340 DBG_PRINTF("%s copyout() failed\n", __func__);
2341 goto out;
2342 }
2343 *retval = (int)(uiocnt);
2344
2345 for (i = 0; i < uap->cnt; i++) {
2346 struct user_msghdr_x *mp = user_msg_x + i;
2347 struct recv_msg_elem *recv_msg_elem = recv_msg_array + i;
2348 struct sockaddr *fromsa = recv_msg_elem->psa;
2349
2350 if (mp->msg_name) {
2351 error = copyout_sa(fromsa, mp->msg_name,
2352 &mp->msg_namelen);
2353 if (error)
2354 goto out;
2355 }
2356 if (mp->msg_control) {
2357 error = copyout_control(p, recv_msg_elem->controlp,
2358 mp->msg_control, &mp->msg_controllen,
2359 &mp->msg_flags);
2360 if (error)
2361 goto out;
2362 }
2363 }
2364 out:
2365 if (need_drop)
2366 file_drop(uap->s);
2367 if (umsgp != NULL)
2368 _FREE(umsgp, M_TEMP);
2369 if (recv_msg_array != NULL)
2370 free_recv_msg_array(recv_msg_array, uap->cnt);
2371 if (user_msg_x != NULL)
2372 _FREE(user_msg_x, M_TEMP);
2373
2374 KERNEL_DEBUG(DBG_FNC_RECVMSG_X | DBG_FUNC_END, error, 0, 0, 0, 0);
2375
2376 return (error);
2377 }
2378
2379 /*
2380 * Returns: 0 Success
2381 * EBADF
2382 * file_socket:ENOTSOCK
2383 * file_socket:EBADF
2384 * soshutdown:EINVAL
2385 * soshutdown:ENOTCONN
2386 * soshutdown:EADDRNOTAVAIL[TCP]
2387 * soshutdown:ENOBUFS[TCP]
2388 * soshutdown:EMSGSIZE[TCP]
2389 * soshutdown:EHOSTUNREACH[TCP]
2390 * soshutdown:ENETUNREACH[TCP]
2391 * soshutdown:ENETDOWN[TCP]
2392 * soshutdown:ENOMEM[TCP]
2393 * soshutdown:EACCES[TCP]
2394 * soshutdown:EMSGSIZE[TCP]
2395 * soshutdown:ENOBUFS[TCP]
2396 * soshutdown:???[TCP] [ignorable: mostly IPSEC/firewall/DLIL]
2397 * soshutdown:??? [other protocol families]
2398 */
2399 /* ARGSUSED */
2400 int
2401 shutdown(__unused struct proc *p, struct shutdown_args *uap,
2402 __unused int32_t *retval)
2403 {
2404 struct socket *so;
2405 int error;
2406
2407 AUDIT_ARG(fd, uap->s);
2408 error = file_socket(uap->s, &so);
2409 if (error)
2410 return (error);
2411 if (so == NULL) {
2412 error = EBADF;
2413 goto out;
2414 }
2415 error = soshutdown((struct socket *)so, uap->how);
2416 out:
2417 file_drop(uap->s);
2418 return (error);
2419 }
2420
2421 /*
2422 * Returns: 0 Success
2423 * EFAULT
2424 * EINVAL
2425 * EACCES Mandatory Access Control failure
2426 * file_socket:ENOTSOCK
2427 * file_socket:EBADF
2428 * sosetopt:EINVAL
2429 * sosetopt:ENOPROTOOPT
2430 * sosetopt:ENOBUFS
2431 * sosetopt:EDOM
2432 * sosetopt:EFAULT
2433 * sosetopt:EOPNOTSUPP[AF_UNIX]
2434 * sosetopt:???
2435 */
2436 /* ARGSUSED */
2437 int
2438 setsockopt(struct proc *p, struct setsockopt_args *uap,
2439 __unused int32_t *retval)
2440 {
2441 struct socket *so;
2442 struct sockopt sopt;
2443 int error;
2444
2445 AUDIT_ARG(fd, uap->s);
2446 if (uap->val == 0 && uap->valsize != 0)
2447 return (EFAULT);
2448 /* No bounds checking on size (it's unsigned) */
2449
2450 error = file_socket(uap->s, &so);
2451 if (error)
2452 return (error);
2453
2454 sopt.sopt_dir = SOPT_SET;
2455 sopt.sopt_level = uap->level;
2456 sopt.sopt_name = uap->name;
2457 sopt.sopt_val = uap->val;
2458 sopt.sopt_valsize = uap->valsize;
2459 sopt.sopt_p = p;
2460
2461 if (so == NULL) {
2462 error = EINVAL;
2463 goto out;
2464 }
2465 #if CONFIG_MACF_SOCKET_SUBSET
2466 if ((error = mac_socket_check_setsockopt(kauth_cred_get(), so,
2467 &sopt)) != 0)
2468 goto out;
2469 #endif /* MAC_SOCKET_SUBSET */
2470 error = sosetoptlock(so, &sopt, 1); /* will lock socket */
2471 out:
2472 file_drop(uap->s);
2473 return (error);
2474 }
2475
2476
2477
2478 /*
2479 * Returns: 0 Success
2480 * EINVAL
2481 * EBADF
2482 * EACCES Mandatory Access Control failure
2483 * copyin:EFAULT
2484 * copyout:EFAULT
2485 * file_socket:ENOTSOCK
2486 * file_socket:EBADF
2487 * sogetopt:???
2488 */
2489 int
2490 getsockopt(struct proc *p, struct getsockopt_args *uap,
2491 __unused int32_t *retval)
2492 {
2493 int error;
2494 socklen_t valsize;
2495 struct sockopt sopt;
2496 struct socket *so;
2497
2498 error = file_socket(uap->s, &so);
2499 if (error)
2500 return (error);
2501 if (uap->val) {
2502 error = copyin(uap->avalsize, (caddr_t)&valsize,
2503 sizeof (valsize));
2504 if (error)
2505 goto out;
2506 /* No bounds checking on size (it's unsigned) */
2507 } else {
2508 valsize = 0;
2509 }
2510 sopt.sopt_dir = SOPT_GET;
2511 sopt.sopt_level = uap->level;
2512 sopt.sopt_name = uap->name;
2513 sopt.sopt_val = uap->val;
2514 sopt.sopt_valsize = (size_t)valsize; /* checked non-negative above */
2515 sopt.sopt_p = p;
2516
2517 if (so == NULL) {
2518 error = EBADF;
2519 goto out;
2520 }
2521 #if CONFIG_MACF_SOCKET_SUBSET
2522 if ((error = mac_socket_check_getsockopt(kauth_cred_get(), so,
2523 &sopt)) != 0)
2524 goto out;
2525 #endif /* MAC_SOCKET_SUBSET */
2526 error = sogetoptlock((struct socket *)so, &sopt, 1); /* will lock */
2527 if (error == 0) {
2528 valsize = sopt.sopt_valsize;
2529 error = copyout((caddr_t)&valsize, uap->avalsize,
2530 sizeof (valsize));
2531 }
2532 out:
2533 file_drop(uap->s);
2534 return (error);
2535 }
2536
2537
2538 /*
2539 * Get socket name.
2540 *
2541 * Returns: 0 Success
2542 * EBADF
2543 * file_socket:ENOTSOCK
2544 * file_socket:EBADF
2545 * copyin:EFAULT
2546 * copyout:EFAULT
2547 * <pru_sockaddr>:ENOBUFS[TCP]
2548 * <pru_sockaddr>:ECONNRESET[TCP]
2549 * <pru_sockaddr>:EINVAL[AF_UNIX]
2550 * <sf_getsockname>:???
2551 */
2552 /* ARGSUSED */
2553 int
2554 getsockname(__unused struct proc *p, struct getsockname_args *uap,
2555 __unused int32_t *retval)
2556 {
2557 struct socket *so;
2558 struct sockaddr *sa;
2559 socklen_t len;
2560 socklen_t sa_len;
2561 int error;
2562
2563 error = file_socket(uap->fdes, &so);
2564 if (error)
2565 return (error);
2566 error = copyin(uap->alen, (caddr_t)&len, sizeof (socklen_t));
2567 if (error)
2568 goto out;
2569 if (so == NULL) {
2570 error = EBADF;
2571 goto out;
2572 }
2573 sa = 0;
2574 socket_lock(so, 1);
2575 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, &sa);
2576 if (error == 0) {
2577 error = sflt_getsockname(so, &sa);
2578 if (error == EJUSTRETURN)
2579 error = 0;
2580 }
2581 socket_unlock(so, 1);
2582 if (error)
2583 goto bad;
2584 if (sa == 0) {
2585 len = 0;
2586 goto gotnothing;
2587 }
2588
2589 sa_len = sa->sa_len;
2590 len = MIN(len, sa_len);
2591 error = copyout((caddr_t)sa, uap->asa, len);
2592 if (error)
2593 goto bad;
2594 /* return the actual, untruncated address length */
2595 len = sa_len;
2596 gotnothing:
2597 error = copyout((caddr_t)&len, uap->alen, sizeof (socklen_t));
2598 bad:
2599 if (sa)
2600 FREE(sa, M_SONAME);
2601 out:
2602 file_drop(uap->fdes);
2603 return (error);
2604 }
2605
2606 /*
2607 * Get name of peer for connected socket.
2608 *
2609 * Returns: 0 Success
2610 * EBADF
2611 * EINVAL
2612 * ENOTCONN
2613 * file_socket:ENOTSOCK
2614 * file_socket:EBADF
2615 * copyin:EFAULT
2616 * copyout:EFAULT
2617 * <pru_peeraddr>:???
2618 * <sf_getpeername>:???
2619 */
2620 /* ARGSUSED */
2621 int
2622 getpeername(__unused struct proc *p, struct getpeername_args *uap,
2623 __unused int32_t *retval)
2624 {
2625 struct socket *so;
2626 struct sockaddr *sa;
2627 socklen_t len;
2628 socklen_t sa_len;
2629 int error;
2630
2631 error = file_socket(uap->fdes, &so);
2632 if (error)
2633 return (error);
2634 if (so == NULL) {
2635 error = EBADF;
2636 goto out;
2637 }
2638
2639 socket_lock(so, 1);
2640
2641 if ((so->so_state & (SS_CANTRCVMORE | SS_CANTSENDMORE)) ==
2642 (SS_CANTRCVMORE | SS_CANTSENDMORE)) {
2643 /* the socket has been shutdown, no more getpeername's */
2644 socket_unlock(so, 1);
2645 error = EINVAL;
2646 goto out;
2647 }
2648
2649 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) {
2650 socket_unlock(so, 1);
2651 error = ENOTCONN;
2652 goto out;
2653 }
2654 error = copyin(uap->alen, (caddr_t)&len, sizeof (socklen_t));
2655 if (error) {
2656 socket_unlock(so, 1);
2657 goto out;
2658 }
2659 sa = 0;
2660 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, &sa);
2661 if (error == 0) {
2662 error = sflt_getpeername(so, &sa);
2663 if (error == EJUSTRETURN)
2664 error = 0;
2665 }
2666 socket_unlock(so, 1);
2667 if (error)
2668 goto bad;
2669 if (sa == 0) {
2670 len = 0;
2671 goto gotnothing;
2672 }
2673 sa_len = sa->sa_len;
2674 len = MIN(len, sa_len);
2675 error = copyout(sa, uap->asa, len);
2676 if (error)
2677 goto bad;
2678 /* return the actual, untruncated address length */
2679 len = sa_len;
2680 gotnothing:
2681 error = copyout((caddr_t)&len, uap->alen, sizeof (socklen_t));
2682 bad:
2683 if (sa) FREE(sa, M_SONAME);
2684 out:
2685 file_drop(uap->fdes);
2686 return (error);
2687 }
2688
2689 int
2690 sockargs(struct mbuf **mp, user_addr_t data, int buflen, int type)
2691 {
2692 struct sockaddr *sa;
2693 struct mbuf *m;
2694 int error;
2695
2696 size_t alloc_buflen = (size_t)buflen;
2697
2698 if (alloc_buflen > INT_MAX/2)
2699 return (EINVAL);
2700 #ifdef __LP64__
2701 /*
2702 * The fd's in the buffer must expand to be pointers, thus we need twice
2703 * as much space
2704 */
2705 if (type == MT_CONTROL)
2706 alloc_buflen = ((buflen - sizeof(struct cmsghdr))*2) +
2707 sizeof(struct cmsghdr);
2708 #endif
2709 if (alloc_buflen > MLEN) {
2710 if (type == MT_SONAME && alloc_buflen <= 112)
2711 alloc_buflen = MLEN; /* unix domain compat. hack */
2712 else if (alloc_buflen > MCLBYTES)
2713 return (EINVAL);
2714 }
2715 m = m_get(M_WAIT, type);
2716 if (m == NULL)
2717 return (ENOBUFS);
2718 if (alloc_buflen > MLEN) {
2719 MCLGET(m, M_WAIT);
2720 if ((m->m_flags & M_EXT) == 0) {
2721 m_free(m);
2722 return (ENOBUFS);
2723 }
2724 }
2725 /*
2726 * K64: We still copyin the original buflen because it gets expanded
2727 * later and we lie about the size of the mbuf because it only affects
2728 * unp_* functions
2729 */
2730 m->m_len = buflen;
2731 error = copyin(data, mtod(m, caddr_t), (u_int)buflen);
2732 if (error) {
2733 (void) m_free(m);
2734 } else {
2735 *mp = m;
2736 if (type == MT_SONAME) {
2737 sa = mtod(m, struct sockaddr *);
2738 sa->sa_len = buflen;
2739 }
2740 }
2741 return (error);
2742 }
2743
2744 /*
2745 * Given a user_addr_t of length len, allocate and fill out a *sa.
2746 *
2747 * Returns: 0 Success
2748 * ENAMETOOLONG Filename too long
2749 * EINVAL Invalid argument
2750 * ENOMEM Not enough space
2751 * copyin:EFAULT Bad address
2752 */
2753 static int
2754 getsockaddr(struct socket *so, struct sockaddr **namp, user_addr_t uaddr,
2755 size_t len, boolean_t translate_unspec)
2756 {
2757 struct sockaddr *sa;
2758 int error;
2759
2760 if (len > SOCK_MAXADDRLEN)
2761 return (ENAMETOOLONG);
2762
2763 if (len < offsetof(struct sockaddr, sa_data[0]))
2764 return (EINVAL);
2765
2766 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK | M_ZERO);
2767 if (sa == NULL) {
2768 return (ENOMEM);
2769 }
2770 error = copyin(uaddr, (caddr_t)sa, len);
2771 if (error) {
2772 FREE(sa, M_SONAME);
2773 } else {
2774 /*
2775 * Force sa_family to AF_INET on AF_INET sockets to handle
2776 * legacy applications that use AF_UNSPEC (0). On all other
2777 * sockets we leave it unchanged and let the lower layer
2778 * handle it.
2779 */
2780 if (translate_unspec && sa->sa_family == AF_UNSPEC &&
2781 SOCK_CHECK_DOM(so, PF_INET) &&
2782 len == sizeof (struct sockaddr_in))
2783 sa->sa_family = AF_INET;
2784
2785 sa->sa_len = len;
2786 *namp = sa;
2787 }
2788 return (error);
2789 }
2790
2791 static int
2792 getsockaddr_s(struct socket *so, struct sockaddr_storage *ss,
2793 user_addr_t uaddr, size_t len, boolean_t translate_unspec)
2794 {
2795 int error;
2796
2797 if (ss == NULL || uaddr == USER_ADDR_NULL ||
2798 len < offsetof(struct sockaddr, sa_data[0]))
2799 return (EINVAL);
2800
2801 /*
2802 * sockaddr_storage size is less than SOCK_MAXADDRLEN,
2803 * so the check here is inclusive.
2804 */
2805 if (len > sizeof (*ss))
2806 return (ENAMETOOLONG);
2807
2808 bzero(ss, sizeof (*ss));
2809 error = copyin(uaddr, (caddr_t)ss, len);
2810 if (error == 0) {
2811 /*
2812 * Force sa_family to AF_INET on AF_INET sockets to handle
2813 * legacy applications that use AF_UNSPEC (0). On all other
2814 * sockets we leave it unchanged and let the lower layer
2815 * handle it.
2816 */
2817 if (translate_unspec && ss->ss_family == AF_UNSPEC &&
2818 SOCK_CHECK_DOM(so, PF_INET) &&
2819 len == sizeof (struct sockaddr_in))
2820 ss->ss_family = AF_INET;
2821
2822 ss->ss_len = len;
2823 }
2824 return (error);
2825 }
2826
2827 /*
2828 * Hard limit on the number of source and/or destination addresses
2829 * that can be specified by an application.
2830 */
2831 #define SOCKADDRLIST_MAX_ENTRIES 64
2832
2833 static int
2834 getsockaddrlist(struct socket *so, struct sockaddr_list **slp,
2835 user_addr_t uaddr, socklen_t uaddrlen, boolean_t xlate_unspec)
2836 {
2837 struct sockaddr_list *sl;
2838 int error = 0;
2839
2840 *slp = NULL;
2841
2842 if (uaddr == USER_ADDR_NULL || uaddrlen == 0)
2843 return (EINVAL);
2844
2845 sl = sockaddrlist_alloc(M_WAITOK);
2846 if (sl == NULL)
2847 return (ENOMEM);
2848
2849 VERIFY(sl->sl_cnt == 0);
2850 while (uaddrlen > 0 && sl->sl_cnt < SOCKADDRLIST_MAX_ENTRIES) {
2851 struct sockaddr_storage ss;
2852 struct sockaddr_entry *se;
2853 struct sockaddr *sa;
2854
2855 if (uaddrlen < sizeof (struct sockaddr)) {
2856 error = EINVAL;
2857 break;
2858 }
2859
2860 bzero(&ss, sizeof (ss));
2861 error = copyin(uaddr, (caddr_t)&ss, sizeof (struct sockaddr));
2862 if (error != 0)
2863 break;
2864
2865 /* getsockaddr does the same but we need them now */
2866 if (uaddrlen < ss.ss_len ||
2867 ss.ss_len < offsetof(struct sockaddr, sa_data[0])) {
2868 error = EINVAL;
2869 break;
2870 } else if (ss.ss_len > sizeof (ss)) {
2871 /*
2872 * sockaddr_storage size is less than SOCK_MAXADDRLEN,
2873 * so the check here is inclusive. We could user the
2874 * latter instead, but seems like an overkill for now.
2875 */
2876 error = ENAMETOOLONG;
2877 break;
2878 }
2879
2880 se = sockaddrentry_alloc(M_WAITOK);
2881 if (se == NULL)
2882 break;
2883
2884 sockaddrlist_insert(sl, se);
2885
2886 error = getsockaddr(so, &sa, uaddr, ss.ss_len, xlate_unspec);
2887 if (error != 0)
2888 break;
2889
2890 VERIFY(sa != NULL && sa->sa_len == ss.ss_len);
2891 se->se_addr = sa;
2892
2893 uaddr += ss.ss_len;
2894 VERIFY(((signed)uaddrlen - ss.ss_len) >= 0);
2895 uaddrlen -= ss.ss_len;
2896 }
2897
2898 if (error != 0)
2899 sockaddrlist_free(sl);
2900 else
2901 *slp = sl;
2902
2903 return (error);
2904 }
2905
2906 int
2907 internalize_user_msghdr_array(const void *src, int spacetype, int direction,
2908 u_int count, struct user_msghdr_x *dst, struct uio **uiop)
2909 {
2910 int error = 0;
2911 u_int i;
2912 u_int namecnt = 0;
2913 u_int ctlcnt = 0;
2914
2915 for (i = 0; i < count; i++) {
2916 uio_t auio;
2917 struct user_iovec *iovp;
2918 struct user_msghdr_x *user_msg = dst + i;
2919
2920 if (spacetype == UIO_USERSPACE64) {
2921 const struct user64_msghdr_x *msghdr64;
2922
2923 msghdr64 = ((const struct user64_msghdr_x *)src) + i;
2924
2925 user_msg->msg_name = msghdr64->msg_name;
2926 user_msg->msg_namelen = msghdr64->msg_namelen;
2927 user_msg->msg_iov = msghdr64->msg_iov;
2928 user_msg->msg_iovlen = msghdr64->msg_iovlen;
2929 user_msg->msg_control = msghdr64->msg_control;
2930 user_msg->msg_controllen = msghdr64->msg_controllen;
2931 user_msg->msg_flags = msghdr64->msg_flags;
2932 user_msg->msg_datalen = msghdr64->msg_datalen;
2933 } else {
2934 const struct user32_msghdr_x *msghdr32;
2935
2936 msghdr32 = ((const struct user32_msghdr_x *)src) + i;
2937
2938 user_msg->msg_name = msghdr32->msg_name;
2939 user_msg->msg_namelen = msghdr32->msg_namelen;
2940 user_msg->msg_iov = msghdr32->msg_iov;
2941 user_msg->msg_iovlen = msghdr32->msg_iovlen;
2942 user_msg->msg_control = msghdr32->msg_control;
2943 user_msg->msg_controllen = msghdr32->msg_controllen;
2944 user_msg->msg_flags = msghdr32->msg_flags;
2945 user_msg->msg_datalen = msghdr32->msg_datalen;
2946 }
2947
2948 if (user_msg->msg_iovlen <= 0 ||
2949 user_msg->msg_iovlen > UIO_MAXIOV) {
2950 error = EMSGSIZE;
2951 goto done;
2952 }
2953 auio = uio_create(user_msg->msg_iovlen, 0, spacetype,
2954 direction);
2955 if (auio == NULL) {
2956 error = ENOMEM;
2957 goto done;
2958 }
2959 uiop[i] = auio;
2960
2961 iovp = uio_iovsaddr(auio);
2962 if (iovp == NULL) {
2963 error = ENOMEM;
2964 goto done;
2965 }
2966 error = copyin_user_iovec_array(user_msg->msg_iov,
2967 spacetype, user_msg->msg_iovlen, iovp);
2968 if (error)
2969 goto done;
2970 user_msg->msg_iov = CAST_USER_ADDR_T(iovp);
2971
2972 error = uio_calculateresid(auio);
2973 if (error)
2974 goto done;
2975 user_msg->msg_datalen = uio_resid(auio);
2976
2977 if (user_msg->msg_name && user_msg->msg_namelen)
2978 namecnt++;
2979 if (user_msg->msg_control && user_msg->msg_controllen)
2980 ctlcnt++;
2981 }
2982 done:
2983
2984 return (error);
2985 }
2986
2987 int
2988 internalize_recv_msghdr_array(const void *src, int spacetype, int direction,
2989 u_int count, struct user_msghdr_x *dst,
2990 struct recv_msg_elem *recv_msg_array)
2991 {
2992 int error = 0;
2993 u_int i;
2994
2995 for (i = 0; i < count; i++) {
2996 struct user_iovec *iovp;
2997 struct user_msghdr_x *user_msg = dst + i;
2998 struct recv_msg_elem *recv_msg_elem = recv_msg_array + i;
2999
3000 if (spacetype == UIO_USERSPACE64) {
3001 const struct user64_msghdr_x *msghdr64;
3002
3003 msghdr64 = ((const struct user64_msghdr_x *)src) + i;
3004
3005 user_msg->msg_name = msghdr64->msg_name;
3006 user_msg->msg_namelen = msghdr64->msg_namelen;
3007 user_msg->msg_iov = msghdr64->msg_iov;
3008 user_msg->msg_iovlen = msghdr64->msg_iovlen;
3009 user_msg->msg_control = msghdr64->msg_control;
3010 user_msg->msg_controllen = msghdr64->msg_controllen;
3011 user_msg->msg_flags = msghdr64->msg_flags;
3012 user_msg->msg_datalen = msghdr64->msg_datalen;
3013 } else {
3014 const struct user32_msghdr_x *msghdr32;
3015
3016 msghdr32 = ((const struct user32_msghdr_x *)src) + i;
3017
3018 user_msg->msg_name = msghdr32->msg_name;
3019 user_msg->msg_namelen = msghdr32->msg_namelen;
3020 user_msg->msg_iov = msghdr32->msg_iov;
3021 user_msg->msg_iovlen = msghdr32->msg_iovlen;
3022 user_msg->msg_control = msghdr32->msg_control;
3023 user_msg->msg_controllen = msghdr32->msg_controllen;
3024 user_msg->msg_flags = msghdr32->msg_flags;
3025 user_msg->msg_datalen = msghdr32->msg_datalen;
3026 }
3027
3028 if (user_msg->msg_iovlen <= 0 ||
3029 user_msg->msg_iovlen > UIO_MAXIOV) {
3030 error = EMSGSIZE;
3031 goto done;
3032 }
3033 recv_msg_elem->uio = uio_create(user_msg->msg_iovlen, 0,
3034 spacetype, direction);
3035 if (recv_msg_elem->uio == NULL) {
3036 error = ENOMEM;
3037 goto done;
3038 }
3039
3040 iovp = uio_iovsaddr(recv_msg_elem->uio);
3041 if (iovp == NULL) {
3042 error = ENOMEM;
3043 goto done;
3044 }
3045 error = copyin_user_iovec_array(user_msg->msg_iov,
3046 spacetype, user_msg->msg_iovlen, iovp);
3047 if (error)
3048 goto done;
3049 user_msg->msg_iov = CAST_USER_ADDR_T(iovp);
3050
3051 error = uio_calculateresid(recv_msg_elem->uio);
3052 if (error)
3053 goto done;
3054 user_msg->msg_datalen = uio_resid(recv_msg_elem->uio);
3055
3056 if (user_msg->msg_name && user_msg->msg_namelen)
3057 recv_msg_elem->which |= SOCK_MSG_SA;
3058 if (user_msg->msg_control && user_msg->msg_controllen)
3059 recv_msg_elem->which |= SOCK_MSG_CONTROL;
3060 }
3061 done:
3062
3063 return (error);
3064 }
3065
3066 u_int
3067 externalize_user_msghdr_array(void *dst, int spacetype, int direction,
3068 u_int count, const struct user_msghdr_x *src, struct uio **uiop)
3069 {
3070 #pragma unused(direction)
3071 u_int i;
3072 int seenlast = 0;
3073 u_int retcnt = 0;
3074
3075 for (i = 0; i < count; i++) {
3076 const struct user_msghdr_x *user_msg = src + i;
3077 uio_t auio = uiop[i];
3078 user_ssize_t len = user_msg->msg_datalen - uio_resid(auio);
3079
3080 if (user_msg->msg_datalen != 0 && len == 0)
3081 seenlast = 1;
3082
3083 if (seenlast == 0)
3084 retcnt ++;
3085
3086 if (spacetype == UIO_USERSPACE64) {
3087 struct user64_msghdr_x *msghdr64;
3088
3089 msghdr64 = ((struct user64_msghdr_x *)dst) + i;
3090
3091 msghdr64->msg_flags = user_msg->msg_flags;
3092 msghdr64->msg_datalen = len;
3093
3094 } else {
3095 struct user32_msghdr_x *msghdr32;
3096
3097 msghdr32 = ((struct user32_msghdr_x *)dst) + i;
3098
3099 msghdr32->msg_flags = user_msg->msg_flags;
3100 msghdr32->msg_datalen = len;
3101 }
3102 }
3103 return (retcnt);
3104 }
3105
3106 u_int
3107 externalize_recv_msghdr_array(void *dst, int spacetype, int direction,
3108 u_int count, const struct user_msghdr_x *src,
3109 struct recv_msg_elem *recv_msg_array)
3110 {
3111 u_int i;
3112 int seenlast = 0;
3113 u_int retcnt = 0;
3114
3115 for (i = 0; i < count; i++) {
3116 const struct user_msghdr_x *user_msg = src + i;
3117 struct recv_msg_elem *recv_msg_elem = recv_msg_array + i;
3118 user_ssize_t len;
3119
3120 len = user_msg->msg_datalen - uio_resid(recv_msg_elem->uio);
3121
3122 if (direction == UIO_READ) {
3123 if ((recv_msg_elem->which & SOCK_MSG_DATA) == 0)
3124 seenlast = 1;
3125 } else {
3126 if (user_msg->msg_datalen != 0 && len == 0)
3127 seenlast = 1;
3128 }
3129
3130 if (seenlast == 0)
3131 retcnt ++;
3132
3133 if (spacetype == UIO_USERSPACE64) {
3134 struct user64_msghdr_x *msghdr64;
3135
3136 msghdr64 = ((struct user64_msghdr_x *)dst) + i;
3137
3138 msghdr64->msg_flags = user_msg->msg_flags;
3139 msghdr64->msg_datalen = len;
3140
3141 } else {
3142 struct user32_msghdr_x *msghdr32;
3143
3144 msghdr32 = ((struct user32_msghdr_x *)dst) + i;
3145
3146 msghdr32->msg_flags = user_msg->msg_flags;
3147 msghdr32->msg_datalen = len;
3148 }
3149 }
3150 return (retcnt);
3151 }
3152
3153 void
3154 free_uio_array(struct uio **uiop, u_int count)
3155 {
3156 u_int i;
3157
3158 for (i = 0; i < count; i++) {
3159 if (uiop[i] != NULL)
3160 uio_free(uiop[i]);
3161 }
3162 }
3163
3164 __private_extern__ user_ssize_t
3165 uio_array_resid(struct uio **uiop, u_int count)
3166 {
3167 user_ssize_t len = 0;
3168 u_int i;
3169
3170 for (i = 0; i < count; i++) {
3171 struct uio *auio = uiop[i];
3172
3173 if (auio != NULL)
3174 len += uio_resid(auio);
3175 }
3176 return (len);
3177 }
3178
3179 int
3180 uio_array_is_valid(struct uio **uiop, u_int count)
3181 {
3182 user_ssize_t len = 0;
3183 u_int i;
3184
3185 for (i = 0; i < count; i++) {
3186 struct uio *auio = uiop[i];
3187
3188 if (auio != NULL) {
3189 user_ssize_t resid = uio_resid(auio);
3190
3191 /*
3192 * Sanity check on the validity of the iovec:
3193 * no point of going over sb_max
3194 */
3195 if (resid < 0 || (u_int32_t)resid > sb_max)
3196 return (0);
3197
3198 len += resid;
3199 if (len < 0 || (u_int32_t)len > sb_max)
3200 return (0);
3201 }
3202 }
3203 return (1);
3204 }
3205
3206
3207 struct recv_msg_elem *
3208 alloc_recv_msg_array(u_int count)
3209 {
3210 struct recv_msg_elem *recv_msg_array;
3211
3212 recv_msg_array = _MALLOC(count * sizeof(struct recv_msg_elem),
3213 M_TEMP, M_WAITOK | M_ZERO);
3214
3215 return (recv_msg_array);
3216 }
3217
3218 void
3219 free_recv_msg_array(struct recv_msg_elem *recv_msg_array, u_int count)
3220 {
3221 u_int i;
3222
3223 for (i = 0; i < count; i++) {
3224 struct recv_msg_elem *recv_msg_elem = recv_msg_array + i;
3225
3226 if (recv_msg_elem->uio != NULL)
3227 uio_free(recv_msg_elem->uio);
3228 if (recv_msg_elem->psa != NULL)
3229 _FREE(recv_msg_elem->psa, M_TEMP);
3230 if (recv_msg_elem->controlp != NULL)
3231 m_freem(recv_msg_elem->controlp);
3232 }
3233 _FREE(recv_msg_array, M_TEMP);
3234 }
3235
3236
3237 __private_extern__ user_ssize_t
3238 recv_msg_array_resid(struct recv_msg_elem *recv_msg_array, u_int count)
3239 {
3240 user_ssize_t len = 0;
3241 u_int i;
3242
3243 for (i = 0; i < count; i++) {
3244 struct recv_msg_elem *recv_msg_elem = recv_msg_array + i;
3245
3246 if (recv_msg_elem->uio != NULL)
3247 len += uio_resid(recv_msg_elem->uio);
3248 }
3249 return (len);
3250 }
3251
3252 int
3253 recv_msg_array_is_valid(struct recv_msg_elem *recv_msg_array, u_int count)
3254 {
3255 user_ssize_t len = 0;
3256 u_int i;
3257
3258 for (i = 0; i < count; i++) {
3259 struct recv_msg_elem *recv_msg_elem = recv_msg_array + i;
3260
3261 if (recv_msg_elem->uio != NULL) {
3262 user_ssize_t resid = uio_resid(recv_msg_elem->uio);
3263
3264 /*
3265 * Sanity check on the validity of the iovec:
3266 * no point of going over sb_max
3267 */
3268 if (resid < 0 || (u_int32_t)resid > sb_max)
3269 return (0);
3270
3271 len += resid;
3272 if (len < 0 || (u_int32_t)len > sb_max)
3273 return (0);
3274 }
3275 }
3276 return (1);
3277 }
3278
3279 #if SENDFILE
3280
3281 #define SFUIOBUFS 64
3282
3283 /* Macros to compute the number of mbufs needed depending on cluster size */
3284 #define HOWMANY_16K(n) ((((unsigned int)(n) - 1) >> M16KCLSHIFT) + 1)
3285 #define HOWMANY_4K(n) ((((unsigned int)(n) - 1) >> MBIGCLSHIFT) + 1)
3286
3287 /* Upper send limit in bytes (SFUIOBUFS * PAGESIZE) */
3288 #define SENDFILE_MAX_BYTES (SFUIOBUFS << PGSHIFT)
3289
3290 /* Upper send limit in the number of mbuf clusters */
3291 #define SENDFILE_MAX_16K HOWMANY_16K(SENDFILE_MAX_BYTES)
3292 #define SENDFILE_MAX_4K HOWMANY_4K(SENDFILE_MAX_BYTES)
3293
3294 static void
3295 alloc_sendpkt(int how, size_t pktlen, unsigned int *maxchunks,
3296 struct mbuf **m, boolean_t jumbocl)
3297 {
3298 unsigned int needed;
3299
3300 if (pktlen == 0)
3301 panic("%s: pktlen (%ld) must be non-zero\n", __func__, pktlen);
3302
3303 /*
3304 * Try to allocate for the whole thing. Since we want full control
3305 * over the buffer size and be able to accept partial result, we can't
3306 * use mbuf_allocpacket(). The logic below is similar to sosend().
3307 */
3308 *m = NULL;
3309 if (pktlen > MBIGCLBYTES && jumbocl) {
3310 needed = MIN(SENDFILE_MAX_16K, HOWMANY_16K(pktlen));
3311 *m = m_getpackets_internal(&needed, 1, how, 0, M16KCLBYTES);
3312 }
3313 if (*m == NULL) {
3314 needed = MIN(SENDFILE_MAX_4K, HOWMANY_4K(pktlen));
3315 *m = m_getpackets_internal(&needed, 1, how, 0, MBIGCLBYTES);
3316 }
3317
3318 /*
3319 * Our previous attempt(s) at allocation had failed; the system
3320 * may be short on mbufs, and we want to block until they are
3321 * available. This time, ask just for 1 mbuf and don't return
3322 * until we get it.
3323 */
3324 if (*m == NULL) {
3325 needed = 1;
3326 *m = m_getpackets_internal(&needed, 1, M_WAIT, 1, MBIGCLBYTES);
3327 }
3328 if (*m == NULL)
3329 panic("%s: blocking allocation returned NULL\n", __func__);
3330
3331 *maxchunks = needed;
3332 }
3333
3334 /*
3335 * sendfile(2).
3336 * int sendfile(int fd, int s, off_t offset, off_t *nbytes,
3337 * struct sf_hdtr *hdtr, int flags)
3338 *
3339 * Send a file specified by 'fd' and starting at 'offset' to a socket
3340 * specified by 's'. Send only '*nbytes' of the file or until EOF if
3341 * *nbytes == 0. Optionally add a header and/or trailer to the socket
3342 * output. If specified, write the total number of bytes sent into *nbytes.
3343 */
3344 int
3345 sendfile(struct proc *p, struct sendfile_args *uap, __unused int *retval)
3346 {
3347 struct fileproc *fp;
3348 struct vnode *vp;
3349 struct socket *so;
3350 struct writev_nocancel_args nuap;
3351 user_ssize_t writev_retval;
3352 struct user_sf_hdtr user_hdtr;
3353 struct user32_sf_hdtr user32_hdtr;
3354 struct user64_sf_hdtr user64_hdtr;
3355 off_t off, xfsize;
3356 off_t nbytes = 0, sbytes = 0;
3357 int error = 0;
3358 size_t sizeof_hdtr;
3359 off_t file_size;
3360 struct vfs_context context = *vfs_context_current();
3361
3362 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE | DBG_FUNC_START), uap->s,
3363 0, 0, 0, 0);
3364
3365 AUDIT_ARG(fd, uap->fd);
3366 AUDIT_ARG(value32, uap->s);
3367
3368 /*
3369 * Do argument checking. Must be a regular file in, stream
3370 * type and connected socket out, positive offset.
3371 */
3372 if ((error = fp_getfvp(p, uap->fd, &fp, &vp))) {
3373 goto done;
3374 }
3375 if ((fp->f_flag & FREAD) == 0) {
3376 error = EBADF;
3377 goto done1;
3378 }
3379 if (vnode_isreg(vp) == 0) {
3380 error = ENOTSUP;
3381 goto done1;
3382 }
3383 error = file_socket(uap->s, &so);
3384 if (error) {
3385 goto done1;
3386 }
3387 if (so == NULL) {
3388 error = EBADF;
3389 goto done2;
3390 }
3391 if (so->so_type != SOCK_STREAM) {
3392 error = EINVAL;
3393 goto done2;
3394 }
3395 if ((so->so_state & SS_ISCONNECTED) == 0) {
3396 error = ENOTCONN;
3397 goto done2;
3398 }
3399 if (uap->offset < 0) {
3400 error = EINVAL;
3401 goto done2;
3402 }
3403 if (uap->nbytes == USER_ADDR_NULL) {
3404 error = EINVAL;
3405 goto done2;
3406 }
3407 if (uap->flags != 0) {
3408 error = EINVAL;
3409 goto done2;
3410 }
3411
3412 context.vc_ucred = fp->f_fglob->fg_cred;
3413
3414 #if CONFIG_MACF_SOCKET_SUBSET
3415 /* JMM - fetch connected sockaddr? */
3416 error = mac_socket_check_send(context.vc_ucred, so, NULL);
3417 if (error)
3418 goto done2;
3419 #endif
3420
3421 /*
3422 * Get number of bytes to send
3423 * Should it applies to size of header and trailer?
3424 * JMM - error handling?
3425 */
3426 copyin(uap->nbytes, &nbytes, sizeof (off_t));
3427
3428 /*
3429 * If specified, get the pointer to the sf_hdtr struct for
3430 * any headers/trailers.
3431 */
3432 if (uap->hdtr != USER_ADDR_NULL) {
3433 caddr_t hdtrp;
3434
3435 bzero(&user_hdtr, sizeof (user_hdtr));
3436 if (IS_64BIT_PROCESS(p)) {
3437 hdtrp = (caddr_t)&user64_hdtr;
3438 sizeof_hdtr = sizeof (user64_hdtr);
3439 } else {
3440 hdtrp = (caddr_t)&user32_hdtr;
3441 sizeof_hdtr = sizeof (user32_hdtr);
3442 }
3443 error = copyin(uap->hdtr, hdtrp, sizeof_hdtr);
3444 if (error)
3445 goto done2;
3446 if (IS_64BIT_PROCESS(p)) {
3447 user_hdtr.headers = user64_hdtr.headers;
3448 user_hdtr.hdr_cnt = user64_hdtr.hdr_cnt;
3449 user_hdtr.trailers = user64_hdtr.trailers;
3450 user_hdtr.trl_cnt = user64_hdtr.trl_cnt;
3451 } else {
3452 user_hdtr.headers = user32_hdtr.headers;
3453 user_hdtr.hdr_cnt = user32_hdtr.hdr_cnt;
3454 user_hdtr.trailers = user32_hdtr.trailers;
3455 user_hdtr.trl_cnt = user32_hdtr.trl_cnt;
3456 }
3457
3458 /*
3459 * Send any headers. Wimp out and use writev(2).
3460 */
3461 if (user_hdtr.headers != USER_ADDR_NULL) {
3462 bzero(&nuap, sizeof (struct writev_args));
3463 nuap.fd = uap->s;
3464 nuap.iovp = user_hdtr.headers;
3465 nuap.iovcnt = user_hdtr.hdr_cnt;
3466 error = writev_nocancel(p, &nuap, &writev_retval);
3467 if (error) {
3468 goto done2;
3469 }
3470 sbytes += writev_retval;
3471 }
3472 }
3473
3474 /*
3475 * Get the file size for 2 reasons:
3476 * 1. We don't want to allocate more mbufs than necessary
3477 * 2. We don't want to read past the end of file
3478 */
3479 if ((error = vnode_size(vp, &file_size, vfs_context_current())) != 0) {
3480 goto done2;
3481 }
3482
3483 /*
3484 * Simply read file data into a chain of mbufs that used with scatter
3485 * gather reads. We're not (yet?) setup to use zero copy external
3486 * mbufs that point to the file pages.
3487 */
3488 socket_lock(so, 1);
3489 error = sblock(&so->so_snd, SBL_WAIT);
3490 if (error) {
3491 socket_unlock(so, 1);
3492 goto done2;
3493 }
3494 for (off = uap->offset; ; off += xfsize, sbytes += xfsize) {
3495 mbuf_t m0 = NULL, m;
3496 unsigned int nbufs = SFUIOBUFS, i;
3497 uio_t auio;
3498 char uio_buf[UIO_SIZEOF(SFUIOBUFS)]; /* 1 KB !!! */
3499 size_t uiolen;
3500 user_ssize_t rlen;
3501 off_t pgoff;
3502 size_t pktlen;
3503 boolean_t jumbocl;
3504
3505 /*
3506 * Calculate the amount to transfer.
3507 * Align to round number of pages.
3508 * Not to exceed send socket buffer,
3509 * the EOF, or the passed in nbytes.
3510 */
3511 xfsize = sbspace(&so->so_snd);
3512
3513 if (xfsize <= 0) {
3514 if (so->so_state & SS_CANTSENDMORE) {
3515 error = EPIPE;
3516 goto done3;
3517 } else if ((so->so_state & SS_NBIO)) {
3518 error = EAGAIN;
3519 goto done3;
3520 } else {
3521 xfsize = PAGE_SIZE;
3522 }
3523 }
3524
3525 if (xfsize > SENDFILE_MAX_BYTES)
3526 xfsize = SENDFILE_MAX_BYTES;
3527 else if (xfsize > PAGE_SIZE)
3528 xfsize = trunc_page(xfsize);
3529 pgoff = off & PAGE_MASK_64;
3530 if (pgoff > 0 && PAGE_SIZE - pgoff < xfsize)
3531 xfsize = PAGE_SIZE_64 - pgoff;
3532 if (nbytes && xfsize > (nbytes - sbytes))
3533 xfsize = nbytes - sbytes;
3534 if (xfsize <= 0)
3535 break;
3536 if (off + xfsize > file_size)
3537 xfsize = file_size - off;
3538 if (xfsize <= 0)
3539 break;
3540
3541 /*
3542 * Attempt to use larger than system page-size clusters for
3543 * large writes only if there is a jumbo cluster pool and
3544 * if the socket is marked accordingly.
3545 */
3546 jumbocl = sosendjcl && njcl > 0 &&
3547 ((so->so_flags & SOF_MULTIPAGES) || sosendjcl_ignore_capab);
3548
3549 socket_unlock(so, 0);
3550 alloc_sendpkt(M_WAIT, xfsize, &nbufs, &m0, jumbocl);
3551 pktlen = mbuf_pkthdr_maxlen(m0);
3552 if (pktlen < (size_t)xfsize)
3553 xfsize = pktlen;
3554
3555 auio = uio_createwithbuffer(nbufs, off, UIO_SYSSPACE,
3556 UIO_READ, &uio_buf[0], sizeof (uio_buf));
3557 if (auio == NULL) {
3558 printf("sendfile failed. nbufs = %d. %s", nbufs,
3559 "File a radar related to rdar://10146739.\n");
3560 mbuf_freem(m0);
3561 error = ENXIO;
3562 socket_lock(so, 0);
3563 goto done3;
3564 }
3565
3566 for (i = 0, m = m0, uiolen = 0;
3567 i < nbufs && m != NULL && uiolen < (size_t)xfsize;
3568 i++, m = mbuf_next(m)) {
3569 size_t mlen = mbuf_maxlen(m);
3570
3571 if (mlen + uiolen > (size_t)xfsize)
3572 mlen = xfsize - uiolen;
3573 mbuf_setlen(m, mlen);
3574 uio_addiov(auio, CAST_USER_ADDR_T(mbuf_datastart(m)),
3575 mlen);
3576 uiolen += mlen;
3577 }
3578
3579 if (xfsize != uio_resid(auio))
3580 printf("sendfile: xfsize: %lld != uio_resid(auio): "
3581 "%lld\n", xfsize, (long long)uio_resid(auio));
3582
3583 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE_READ | DBG_FUNC_START),
3584 uap->s, (unsigned int)((xfsize >> 32) & 0x0ffffffff),
3585 (unsigned int)(xfsize & 0x0ffffffff), 0, 0);
3586 error = fo_read(fp, auio, FOF_OFFSET, &context);
3587 socket_lock(so, 0);
3588 if (error != 0) {
3589 if (uio_resid(auio) != xfsize && (error == ERESTART ||
3590 error == EINTR || error == EWOULDBLOCK)) {
3591 error = 0;
3592 } else {
3593 mbuf_freem(m0);
3594 goto done3;
3595 }
3596 }
3597 xfsize -= uio_resid(auio);
3598 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE_READ | DBG_FUNC_END),
3599 uap->s, (unsigned int)((xfsize >> 32) & 0x0ffffffff),
3600 (unsigned int)(xfsize & 0x0ffffffff), 0, 0);
3601
3602 if (xfsize == 0) {
3603 // printf("sendfile: fo_read 0 bytes, EOF\n");
3604 break;
3605 }
3606 if (xfsize + off > file_size)
3607 printf("sendfile: xfsize: %lld + off: %lld > file_size:"
3608 "%lld\n", xfsize, off, file_size);
3609 for (i = 0, m = m0, rlen = 0;
3610 i < nbufs && m != NULL && rlen < xfsize;
3611 i++, m = mbuf_next(m)) {
3612 size_t mlen = mbuf_maxlen(m);
3613
3614 if (rlen + mlen > (size_t)xfsize)
3615 mlen = xfsize - rlen;
3616 mbuf_setlen(m, mlen);
3617
3618 rlen += mlen;
3619 }
3620 mbuf_pkthdr_setlen(m0, xfsize);
3621
3622 retry_space:
3623 /*
3624 * Make sure that the socket is still able to take more data.
3625 * CANTSENDMORE being true usually means that the connection
3626 * was closed. so_error is true when an error was sensed after
3627 * a previous send.
3628 * The state is checked after the page mapping and buffer
3629 * allocation above since those operations may block and make
3630 * any socket checks stale. From this point forward, nothing
3631 * blocks before the pru_send (or more accurately, any blocking
3632 * results in a loop back to here to re-check).
3633 */
3634 if ((so->so_state & SS_CANTSENDMORE) || so->so_error) {
3635 if (so->so_state & SS_CANTSENDMORE) {
3636 error = EPIPE;
3637 } else {
3638 error = so->so_error;
3639 so->so_error = 0;
3640 }
3641 m_freem(m0);
3642 goto done3;
3643 }
3644 /*
3645 * Wait for socket space to become available. We do this just
3646 * after checking the connection state above in order to avoid
3647 * a race condition with sbwait().
3648 */
3649 if (sbspace(&so->so_snd) < (long)so->so_snd.sb_lowat) {
3650 if (so->so_state & SS_NBIO) {
3651 m_freem(m0);
3652 error = EAGAIN;
3653 goto done3;
3654 }
3655 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE_WAIT |
3656 DBG_FUNC_START), uap->s, 0, 0, 0, 0);
3657 error = sbwait(&so->so_snd);
3658 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE_WAIT|
3659 DBG_FUNC_END), uap->s, 0, 0, 0, 0);
3660 /*
3661 * An error from sbwait usually indicates that we've
3662 * been interrupted by a signal. If we've sent anything
3663 * then return bytes sent, otherwise return the error.
3664 */
3665 if (error) {
3666 m_freem(m0);
3667 goto done3;
3668 }
3669 goto retry_space;
3670 }
3671
3672 struct mbuf *control = NULL;
3673 {
3674 /*
3675 * Socket filter processing
3676 */
3677
3678 error = sflt_data_out(so, NULL, &m0, &control, 0);
3679 if (error) {
3680 if (error == EJUSTRETURN) {
3681 error = 0;
3682 continue;
3683 }
3684 goto done3;
3685 }
3686 /*
3687 * End Socket filter processing
3688 */
3689 }
3690 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE_SEND | DBG_FUNC_START),
3691 uap->s, 0, 0, 0, 0);
3692 error = (*so->so_proto->pr_usrreqs->pru_send)(so, 0, m0,
3693 0, control, p);
3694 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE_SEND | DBG_FUNC_START),
3695 uap->s, 0, 0, 0, 0);
3696 if (error) {
3697 goto done3;
3698 }
3699 }
3700 sbunlock(&so->so_snd, FALSE); /* will unlock socket */
3701 /*
3702 * Send trailers. Wimp out and use writev(2).
3703 */
3704 if (uap->hdtr != USER_ADDR_NULL &&
3705 user_hdtr.trailers != USER_ADDR_NULL) {
3706 bzero(&nuap, sizeof (struct writev_args));
3707 nuap.fd = uap->s;
3708 nuap.iovp = user_hdtr.trailers;
3709 nuap.iovcnt = user_hdtr.trl_cnt;
3710 error = writev_nocancel(p, &nuap, &writev_retval);
3711 if (error) {
3712 goto done2;
3713 }
3714 sbytes += writev_retval;
3715 }
3716 done2:
3717 file_drop(uap->s);
3718 done1:
3719 file_drop(uap->fd);
3720 done:
3721 if (uap->nbytes != USER_ADDR_NULL) {
3722 /* XXX this appears bogus for some early failure conditions */
3723 copyout(&sbytes, uap->nbytes, sizeof (off_t));
3724 }
3725 KERNEL_DEBUG_CONSTANT((DBG_FNC_SENDFILE | DBG_FUNC_END), uap->s,
3726 (unsigned int)((sbytes >> 32) & 0x0ffffffff),
3727 (unsigned int)(sbytes & 0x0ffffffff), error, 0);
3728 return (error);
3729 done3:
3730 sbunlock(&so->so_snd, FALSE); /* will unlock socket */
3731 goto done2;
3732 }
3733
3734
3735 #endif /* SENDFILE */
mirror of XNU