]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/ip_divert.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-6153.141.1.tar.gz
[apple/xnu.git] / bsd / netinet / ip_divert.c
1 /*
2 * Copyright (c) 2000-2019 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1988, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * $FreeBSD: src/sys/netinet/ip_divert.c,v 1.98 2004/08/17 22:05:54 andre Exp $
61 */
62
63 #if !INET
64 #error "IPDIVERT requires INET."
65 #endif
66
67 #include <sys/param.h>
68 #include <sys/kernel.h>
69 #include <sys/malloc.h>
70 #include <sys/mbuf.h>
71 #include <sys/socket.h>
72 #include <sys/domain.h>
73 #include <sys/protosw.h>
74 #include <sys/socketvar.h>
75 #include <sys/sysctl.h>
76 #include <sys/systm.h>
77 #include <sys/proc.h>
78
79 #include <machine/endian.h>
80
81 #include <net/if.h>
82 #include <net/route.h>
83 #include <net/kpi_protocol.h>
84
85 #include <netinet/in.h>
86 #include <netinet/in_systm.h>
87 #include <netinet/ip.h>
88 #include <netinet/in_pcb.h>
89 #include <netinet/in_var.h>
90 #include <netinet/ip_var.h>
91 #include <netinet/ip_fw.h>
92 #include <netinet/ip_divert.h>
93
94 #include <kern/zalloc.h>
95 #include <libkern/OSAtomic.h>
96
97 /*
98 * Divert sockets
99 */
100
101 /*
102 * Allocate enough space to hold a full IP packet
103 */
104 #define DIVSNDQ (65536 + 100)
105 #define DIVRCVQ (65536 + 100)
106
107 /*
108 * Divert sockets work in conjunction with ipfw, see the divert(4)
109 * manpage for features.
110 * Internally, packets selected by ipfw in ip_input() or ip_output(),
111 * and never diverted before, are passed to the input queue of the
112 * divert socket with a given 'divert_port' number (as specified in
113 * the matching ipfw rule), and they are tagged with a 16 bit cookie
114 * (representing the rule number of the matching ipfw rule), which
115 * is passed to process reading from the socket.
116 *
117 * Packets written to the divert socket are again tagged with a cookie
118 * (usually the same as above) and a destination address.
119 * If the destination address is INADDR_ANY then the packet is
120 * treated as outgoing and sent to ip_output(), otherwise it is
121 * treated as incoming and sent to ip_input().
122 * In both cases, the packet is tagged with the cookie.
123 *
124 * On reinjection, processing in ip_input() and ip_output()
125 * will be exactly the same as for the original packet, except that
126 * ipfw processing will start at the rule number after the one
127 * written in the cookie (so, tagging a packet with a cookie of 0
128 * will cause it to be effectively considered as a standard packet).
129 */
130
131 /* Internal variables */
132 static struct inpcbhead divcb;
133 static struct inpcbinfo divcbinfo;
134
135 static u_int32_t div_sendspace = DIVSNDQ; /* XXX sysctl ? */
136 static u_int32_t div_recvspace = DIVRCVQ; /* XXX sysctl ? */
137
138 /* Optimization: have this preinitialized */
139 static struct sockaddr_in divsrc = {
140 .sin_len = sizeof(divsrc),
141 .sin_family = AF_INET,
142 .sin_port = 0,
143 .sin_addr = { .s_addr = 0 },
144 .sin_zero = { 0, 0, 0, 0, 0, 0, 0, 0 }
145 };
146
147 /* Internal functions */
148 static int div_output(struct socket *so,
149 struct mbuf *m, struct sockaddr_in *addr, struct mbuf *control);
150
151 extern int load_ipfw(void);
152 /*
153 * Initialize divert connection block queue.
154 */
155 void
156 div_init(struct protosw *pp, struct domain *dp)
157 {
158 #pragma unused(dp)
159 static int div_initialized = 0;
160 struct inpcbinfo *pcbinfo;
161
162 VERIFY((pp->pr_flags & (PR_INITIALIZED | PR_ATTACHED)) == PR_ATTACHED);
163
164 if (div_initialized) {
165 return;
166 }
167 div_initialized = 1;
168
169 LIST_INIT(&divcb);
170 divcbinfo.ipi_listhead = &divcb;
171 /*
172 * XXX We don't use the hash list for divert IP, but it's easier
173 * to allocate a one entry hash list than it is to check all
174 * over the place for ipi_hashbase == NULL.
175 */
176 divcbinfo.ipi_hashbase = hashinit(1, M_PCB, &divcbinfo.ipi_hashmask);
177 divcbinfo.ipi_porthashbase = hashinit(1, M_PCB, &divcbinfo.ipi_porthashmask);
178 divcbinfo.ipi_zone = zinit(sizeof(struct inpcb), (512 * sizeof(struct inpcb)),
179 4096, "divzone");
180 pcbinfo = &divcbinfo;
181 /*
182 * allocate lock group attribute and group for udp pcb mutexes
183 */
184 pcbinfo->ipi_lock_grp_attr = lck_grp_attr_alloc_init();
185
186 pcbinfo->ipi_lock_grp = lck_grp_alloc_init("divcb", pcbinfo->ipi_lock_grp_attr);
187
188 /*
189 * allocate the lock attribute for divert pcb mutexes
190 */
191 pcbinfo->ipi_lock_attr = lck_attr_alloc_init();
192
193 if ((pcbinfo->ipi_lock = lck_rw_alloc_init(pcbinfo->ipi_lock_grp,
194 pcbinfo->ipi_lock_attr)) == NULL) {
195 panic("%s: unable to allocate PCB lock\n", __func__);
196 /* NOTREACHED */
197 }
198
199 in_pcbinfo_attach(&divcbinfo);
200
201 #if IPFIREWALL
202 if (!IPFW_LOADED) {
203 load_ipfw();
204 }
205 #endif
206 }
207
208 /*
209 * IPPROTO_DIVERT is not a real IP protocol; don't allow any packets
210 * with that protocol number to enter the system from the outside.
211 */
212 void
213 div_input(struct mbuf *m, __unused int off)
214 {
215 OSAddAtomic(1, &ipstat.ips_noproto);
216 m_freem(m);
217 }
218
219 /*
220 * Divert a packet by passing it up to the divert socket at port 'port'.
221 *
222 * Setup generic address and protocol structures for div_input routine,
223 * then pass them along with mbuf chain.
224 */
225 void
226 divert_packet(struct mbuf *m, int incoming, int port, int rule)
227 {
228 struct ip *ip;
229 struct inpcb *inp;
230 struct socket *sa;
231 u_int16_t nport;
232
233 /* Sanity check */
234 KASSERT(port != 0, ("%s: port=0", __FUNCTION__));
235
236 divsrc.sin_port = rule; /* record matching rule */
237
238 /* Assure header */
239 if (m->m_len < sizeof(struct ip) &&
240 (m = m_pullup(m, sizeof(struct ip))) == 0) {
241 return;
242 }
243 ip = mtod(m, struct ip *);
244
245 /*
246 * Record receive interface address, if any.
247 * But only for incoming packets.
248 */
249 divsrc.sin_addr.s_addr = 0;
250 if (incoming) {
251 struct ifaddr *ifa;
252
253 /* Sanity check */
254 KASSERT((m->m_flags & M_PKTHDR), ("%s: !PKTHDR", __FUNCTION__));
255
256 /* Find IP address for receive interface */
257 ifnet_lock_shared(m->m_pkthdr.rcvif);
258 TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) {
259 IFA_LOCK(ifa);
260 if (ifa->ifa_addr->sa_family != AF_INET) {
261 IFA_UNLOCK(ifa);
262 continue;
263 }
264 divsrc.sin_addr =
265 ((struct sockaddr_in *)(void *) ifa->ifa_addr)->sin_addr;
266 IFA_UNLOCK(ifa);
267 break;
268 }
269 ifnet_lock_done(m->m_pkthdr.rcvif);
270 }
271 /*
272 * Record the incoming interface name whenever we have one.
273 */
274 bzero(&divsrc.sin_zero, sizeof(divsrc.sin_zero));
275 if (m->m_pkthdr.rcvif) {
276 /*
277 * Hide the actual interface name in there in the
278 * sin_zero array. XXX This needs to be moved to a
279 * different sockaddr type for divert, e.g.
280 * sockaddr_div with multiple fields like
281 * sockaddr_dl. Presently we have only 7 bytes
282 * but that will do for now as most interfaces
283 * are 4 or less + 2 or less bytes for unit.
284 * There is probably a faster way of doing this,
285 * possibly taking it from the sockaddr_dl on the iface.
286 * This solves the problem of a P2P link and a LAN interface
287 * having the same address, which can result in the wrong
288 * interface being assigned to the packet when fed back
289 * into the divert socket. Theoretically if the daemon saves
290 * and re-uses the sockaddr_in as suggested in the man pages,
291 * this iface name will come along for the ride.
292 * (see div_output for the other half of this.)
293 */
294 snprintf(divsrc.sin_zero, sizeof(divsrc.sin_zero),
295 "%s", if_name(m->m_pkthdr.rcvif));
296 }
297
298 /* Put packet on socket queue, if any */
299 sa = NULL;
300 nport = htons((u_int16_t)port);
301 lck_rw_lock_shared(divcbinfo.ipi_lock);
302 LIST_FOREACH(inp, &divcb, inp_list) {
303 if (inp->inp_lport == nport) {
304 sa = inp->inp_socket;
305 }
306 }
307 if (sa) {
308 int error = 0;
309
310 socket_lock(sa, 1);
311 if (sbappendaddr(&sa->so_rcv, (struct sockaddr *)&divsrc,
312 m, (struct mbuf *)0, &error) != 0) {
313 sorwakeup(sa);
314 }
315 socket_unlock(sa, 1);
316 } else {
317 m_freem(m);
318 OSAddAtomic(1, &ipstat.ips_noproto);
319 OSAddAtomic(-1, &ipstat.ips_delivered);
320 }
321 lck_rw_done(divcbinfo.ipi_lock);
322 }
323
324 /*
325 * Deliver packet back into the IP processing machinery.
326 *
327 * If no address specified, or address is 0.0.0.0, send to ip_output();
328 * otherwise, send to ip_input() and mark as having been received on
329 * the interface with that address.
330 * ###LOCK called in inet_proto mutex when from div_send.
331 */
332 static int
333 div_output(struct socket *so, struct mbuf *m, struct sockaddr_in *sin,
334 struct mbuf *control)
335 {
336 struct inpcb *const inp = sotoinpcb(so);
337 struct ip *const ip = mtod(m, struct ip *);
338 int error = 0;
339 int sotc = SO_TC_UNSPEC;
340
341 if (control != NULL) {
342 int ignored;
343
344 (void) so_tc_from_control(contro, &sotc, &ignored);
345
346 m_freem(control); /* XXX */
347 control = NULL;
348 }
349 if (sotc == SO_TC_UNSPEC) {
350 sotc = so->so_traffic_class;
351 }
352
353 /* Loopback avoidance and state recovery */
354 if (sin) {
355 struct m_tag *mtag;
356 struct divert_tag *dt;
357 int len = 0;
358 char *c = sin->sin_zero;
359
360 mtag = m_tag_create(KERNEL_MODULE_TAG_ID, KERNEL_TAG_TYPE_DIVERT,
361 sizeof(struct divert_tag), M_NOWAIT, m);
362 if (mtag == NULL) {
363 error = ENOBUFS;
364 goto cantsend;
365 }
366 dt = (struct divert_tag *)(mtag + 1);
367 dt->info = 0;
368 dt->cookie = sin->sin_port;
369 m_tag_prepend(m, mtag);
370
371 /*
372 * Find receive interface with the given name or IP address.
373 * The name is user supplied data so don't trust it's size or
374 * that it is zero terminated. The name has priority.
375 * We are presently assuming that the sockaddr_in
376 * has not been replaced by a sockaddr_div, so we limit it
377 * to 16 bytes in total. the name is stuffed (if it exists)
378 * in the sin_zero[] field.
379 */
380 while (*c++ && (len++ < sizeof(sin->sin_zero))) {
381 ;
382 }
383 if ((len > 0) && (len < sizeof(sin->sin_zero))) {
384 m->m_pkthdr.rcvif = ifunit(sin->sin_zero);
385 }
386 }
387
388 /* Reinject packet into the system as incoming or outgoing */
389 if (!sin || sin->sin_addr.s_addr == 0) {
390 struct ip_out_args ipoa;
391 struct route ro;
392 struct ip_moptions *imo;
393
394 bzero(&ipoa, sizeof(ipoa));
395 ipoa.ipoa_boundif = IFSCOPE_NONE;
396 ipoa.ipoa_flags = IPOAF_SELECT_SRCIF;
397 ipoa.ipoa_sotc = SO_TC_UNSPEC;
398 ipoa.ipoa_netsvctype = _NET_SERVICE_TYPE_UNSPEC;
399
400 /*
401 * Don't allow both user specified and setsockopt options,
402 * and don't allow packet length sizes that will crash
403 */
404 if (((ip->ip_hl != (sizeof(*ip) >> 2)) && inp->inp_options) ||
405 ((u_short)ntohs(ip->ip_len) > m->m_pkthdr.len)) {
406 error = EINVAL;
407 goto cantsend;
408 }
409
410 /* Convert fields to host order for ip_output() */
411 #if BYTE_ORDER != BIG_ENDIAN
412 NTOHS(ip->ip_len);
413 NTOHS(ip->ip_off);
414 #endif
415
416 OSAddAtomic(1, &ipstat.ips_rawout);
417 /* Copy the cached route and take an extra reference */
418 inp_route_copyout(inp, &ro);
419
420 if (sotc != SO_TC_UNSPEC) {
421 ipoa.ipoa_flags |= IPOAF_QOSMARKING_ALLOWED;
422 ipoa.ipoa_sotc = sotc;
423 }
424 set_packet_service_class(m, so, sotc, 0);
425
426 imo = inp->inp_moptions;
427 if (imo != NULL) {
428 IMO_ADDREF(imo);
429 }
430 socket_unlock(so, 0);
431 #if CONFIG_MACF_NET
432 mac_mbuf_label_associate_inpcb(inp, m);
433 #endif
434 /* Send packet to output processing */
435 error = ip_output(m, inp->inp_options, &ro,
436 (so->so_options & SO_DONTROUTE) |
437 IP_ALLOWBROADCAST | IP_RAWOUTPUT | IP_OUTARGS,
438 imo, &ipoa);
439
440 socket_lock(so, 0);
441 if (imo != NULL) {
442 IMO_REMREF(imo);
443 }
444 /* Synchronize cached PCB route */
445 inp_route_copyin(inp, &ro);
446 } else {
447 struct ifaddr *ifa;
448
449 /* If no luck with the name above. check by IP address. */
450 if (m->m_pkthdr.rcvif == NULL) {
451 struct sockaddr_in _sin;
452 /*
453 * Make sure there are no distractions for
454 * ifa_ifwithaddr; use sanitized version.
455 */
456 bzero(&_sin, sizeof(_sin));
457 _sin.sin_family = AF_INET;
458 _sin.sin_len = sizeof(struct sockaddr_in);
459 _sin.sin_addr.s_addr = sin->sin_addr.s_addr;
460 if (!(ifa = ifa_ifwithaddr(SA(&_sin)))) {
461 error = EADDRNOTAVAIL;
462 goto cantsend;
463 }
464 m->m_pkthdr.rcvif = ifa->ifa_ifp;
465 IFA_REMREF(ifa);
466 }
467 #if CONFIG_MACF_NET
468 mac_mbuf_label_associate_socket(so, m);
469 #endif
470 /* Send packet to input processing */
471 proto_inject(PF_INET, m);
472 }
473
474 return error;
475
476 cantsend:
477 m_freem(m);
478 return error;
479 }
480
481 static int
482 div_attach(struct socket *so, int proto, struct proc *p)
483 {
484 struct inpcb *inp;
485 int error;
486
487
488 inp = sotoinpcb(so);
489 if (inp) {
490 panic("div_attach");
491 }
492 if ((error = proc_suser(p)) != 0) {
493 return error;
494 }
495
496 error = soreserve(so, div_sendspace, div_recvspace);
497 if (error) {
498 return error;
499 }
500 error = in_pcballoc(so, &divcbinfo, p);
501 if (error) {
502 return error;
503 }
504 inp = (struct inpcb *)so->so_pcb;
505 inp->inp_ip_p = proto;
506 inp->inp_vflag |= INP_IPV4;
507 inp->inp_flags |= INP_HDRINCL;
508 /* The socket is always "connected" because
509 * we always know "where" to send the packet */
510 so->so_state |= SS_ISCONNECTED;
511
512 #ifdef MORE_DICVLOCK_DEBUG
513 printf("div_attach: so=0x%llx sopcb=0x%llx lock=0x%llx ref=%x\n",
514 (uint64_t)VM_KERNEL_ADDRPERM(so),
515 (uint64_t)VM_KERNEL_ADDRPERM(so->so_pcb),
516 (uint64_t)VM_KERNEL_ADDRPERM(&(sotoinpcb(so)->inpcb_mtx)),
517 so->so_usecount);
518 #endif
519 return 0;
520 }
521
522 static int
523 div_detach(struct socket *so)
524 {
525 struct inpcb *inp;
526
527 #ifdef MORE_DICVLOCK_DEBUG
528 printf("div_detach: so=0x%llx sopcb=0x%llx lock=0x%llx ref=%x\n",
529 (uint64_t)VM_KERNEL_ADDRPERM(so),
530 (uint64_t)VM_KERNEL_ADDRPERM(so->so_pcb),
531 (uint64_t)VM_KERNEL_ADDRPERM(&(sotoinpcb(so)->inpcb_mtx)),
532 so->so_usecount);
533 #endif
534 inp = sotoinpcb(so);
535 if (inp == 0) {
536 panic("div_detach: so=%p null inp\n", so);
537 }
538 in_pcbdetach(inp);
539 inp->inp_state = INPCB_STATE_DEAD;
540 return 0;
541 }
542
543 static int
544 div_abort(struct socket *so)
545 {
546 soisdisconnected(so);
547 return div_detach(so);
548 }
549
550 static int
551 div_disconnect(struct socket *so)
552 {
553 if ((so->so_state & SS_ISCONNECTED) == 0) {
554 return ENOTCONN;
555 }
556 return div_abort(so);
557 }
558
559 static int
560 div_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
561 {
562 struct inpcb *inp;
563 int error;
564
565 inp = sotoinpcb(so);
566 /* in_pcbbind assumes that the socket is a sockaddr_in
567 * and in_pcbbind requires a valid address. Since divert
568 * sockets don't we need to make sure the address is
569 * filled in properly.
570 * XXX -- divert should not be abusing in_pcbind
571 * and should probably have its own family.
572 */
573 if (nam->sa_family != AF_INET) {
574 error = EAFNOSUPPORT;
575 } else {
576 ((struct sockaddr_in *)(void *)nam)->sin_addr.s_addr = INADDR_ANY;
577 error = in_pcbbind(inp, nam, p);
578 }
579 return error;
580 }
581
582 static int
583 div_shutdown(struct socket *so)
584 {
585 socantsendmore(so);
586 return 0;
587 }
588
589 static int
590 div_send(struct socket *so, __unused int flags, struct mbuf *m, struct sockaddr *nam,
591 struct mbuf *control, __unused struct proc *p)
592 {
593 /* Packet must have a header (but that's about it) */
594 if (m->m_len < sizeof(struct ip) &&
595 (m = m_pullup(m, sizeof(struct ip))) == 0) {
596 OSAddAtomic(1, &ipstat.ips_toosmall);
597 m_freem(m);
598 return EINVAL;
599 }
600
601 /* Send packet */
602 return div_output(so, m, SIN(nam), control);
603 }
604
605 #if 0
606 static int
607 div_pcblist SYSCTL_HANDLER_ARGS
608 {
609 #pragma unused(oidp, arg1, arg2)
610 int error, i, n;
611 struct inpcb *inp, **inp_list;
612 inp_gen_t gencnt;
613 struct xinpgen xig;
614
615 /*
616 * The process of preparing the TCB list is too time-consuming and
617 * resource-intensive to repeat twice on every request.
618 */
619 lck_rw_lock_exclusive(divcbinfo.ipi_lock);
620 if (req->oldptr == USER_ADDR_NULL) {
621 n = divcbinfo.ipi_count;
622 req->oldidx = 2 * (sizeof xig)
623 + (n + n / 8) * sizeof(struct xinpcb);
624 lck_rw_done(divcbinfo.ipi_lock);
625 return 0;
626 }
627
628 if (req->newptr != USER_ADDR_NULL) {
629 lck_rw_done(divcbinfo.ipi_lock);
630 return EPERM;
631 }
632
633 /*
634 * OK, now we're committed to doing something.
635 */
636 gencnt = divcbinfo.ipi_gencnt;
637 n = divcbinfo.ipi_count;
638
639 bzero(&xig, sizeof(xig));
640 xig.xig_len = sizeof xig;
641 xig.xig_count = n;
642 xig.xig_gen = gencnt;
643 xig.xig_sogen = so_gencnt;
644 error = SYSCTL_OUT(req, &xig, sizeof xig);
645 if (error) {
646 lck_rw_done(divcbinfo.ipi_lock);
647 return error;
648 }
649
650 inp_list = _MALLOC(n * sizeof *inp_list, M_TEMP, M_WAITOK);
651 if (inp_list == 0) {
652 lck_rw_done(divcbinfo.ipi_lock);
653 return ENOMEM;
654 }
655
656 for (inp = LIST_FIRST(divcbinfo.ipi_listhead), i = 0; inp && i < n;
657 inp = LIST_NEXT(inp, inp_list)) {
658 #ifdef __APPLE__
659 if (inp->inp_gencnt <= gencnt && inp->inp_state != INPCB_STATE_DEAD)
660 #else
661 if (inp->inp_gencnt <= gencnt && !prison_xinpcb(req->p, inp))
662 #endif
663 { inp_list[i++] = inp;}
664 }
665 n = i;
666
667 error = 0;
668 for (i = 0; i < n; i++) {
669 inp = inp_list[i];
670 if (inp->inp_gencnt <= gencnt && inp->inp_state != INPCB_STATE_DEAD) {
671 struct xinpcb xi;
672
673 bzero(&xi, sizeof(xi));
674 xi.xi_len = sizeof xi;
675 /* XXX should avoid extra copy */
676 inpcb_to_compat(inp, &xi.xi_inp);
677 if (inp->inp_socket) {
678 sotoxsocket(inp->inp_socket, &xi.xi_socket);
679 }
680 error = SYSCTL_OUT(req, &xi, sizeof xi);
681 }
682 }
683 if (!error) {
684 /*
685 * Give the user an updated idea of our state.
686 * If the generation differs from what we told
687 * her before, she knows that something happened
688 * while we were processing this request, and it
689 * might be necessary to retry.
690 */
691 bzero(&xig, sizeof(xig));
692 xig.xig_len = sizeof xig;
693 xig.xig_gen = divcbinfo.ipi_gencnt;
694 xig.xig_sogen = so_gencnt;
695 xig.xig_count = divcbinfo.ipi_count;
696 error = SYSCTL_OUT(req, &xig, sizeof xig);
697 }
698 FREE(inp_list, M_TEMP);
699 lck_rw_done(divcbinfo.ipi_lock);
700 return error;
701 }
702 #endif
703
704 __private_extern__ int
705 div_lock(struct socket *so, int refcount, void *lr)
706 {
707 void *lr_saved;
708
709 if (lr == NULL) {
710 lr_saved = __builtin_return_address(0);
711 } else {
712 lr_saved = lr;
713 }
714
715 #ifdef MORE_DICVLOCK_DEBUG
716 printf("div_lock: so=0x%llx sopcb=0x%llx lock=0x%llx ref=%x "
717 "lr=0x%llx\n", (uint64_t)VM_KERNEL_ADDRPERM(so),
718 (uint64_t)VM_KERNEL_ADDRPERM(so->so_pcb), so->so_pcb ?
719 (uint64_t)VM_KERNEL_ADDRPERM(&(sotoinpcb(so)->inpcb_mtx)) : NULL,
720 so->so_usecount, (uint64_t)VM_KERNEL_ADDRPERM(lr_saved));
721 #endif
722 if (so->so_pcb) {
723 lck_mtx_lock(&((struct inpcb *)so->so_pcb)->inpcb_mtx);
724 } else {
725 panic("div_lock: so=%p NO PCB! lr=%p lrh= lrh= %s\n",
726 so, lr_saved, solockhistory_nr(so));
727 /* NOTREACHED */
728 }
729
730 if (so->so_usecount < 0) {
731 panic("div_lock: so=%p so_pcb=%p lr=%p ref=%x lrh= %s\n",
732 so, so->so_pcb, lr_saved, so->so_usecount,
733 solockhistory_nr(so));
734 /* NOTREACHED */
735 }
736
737 if (refcount) {
738 so->so_usecount++;
739 }
740 so->lock_lr[so->next_lock_lr] = lr_saved;
741 so->next_lock_lr = (so->next_lock_lr + 1) % SO_LCKDBG_MAX;
742
743 return 0;
744 }
745
746 __private_extern__ int
747 div_unlock(struct socket *so, int refcount, void *lr)
748 {
749 void *lr_saved;
750 lck_mtx_t * mutex_held;
751 struct inpcb *inp = sotoinpcb(so);
752
753 if (lr == NULL) {
754 lr_saved = __builtin_return_address(0);
755 } else {
756 lr_saved = lr;
757 }
758
759 #ifdef MORE_DICVLOCK_DEBUG
760 printf("div_unlock: so=0x%llx sopcb=0x%llx lock=0x%llx ref=%x "
761 "lr=0x%llx\n", (uint64_t)VM_KERNEL_ADDRPERM(so),
762 (uint64_t)VM_KERNEL_ADDRPERM(so->so_pcb), so->so_pcb ?
763 (uint64_t)VM_KERNEL_ADDRPERM(&(sotoinpcb(so)->inpcb_mtx)) : NULL,
764 so->so_usecount, lr_saved);
765 #endif
766 if (refcount) {
767 so->so_usecount--;
768 }
769
770 if (so->so_usecount < 0) {
771 panic("div_unlock: so=%p usecount=%x lrh= %s\n",
772 so, so->so_usecount, solockhistory_nr(so));
773 /* NOTREACHED */
774 }
775 if (so->so_pcb == NULL) {
776 panic("div_unlock: so=%p NO PCB usecount=%x lr=%p lrh= %s\n",
777 so, so->so_usecount, lr_saved, solockhistory_nr(so));
778 /* NOTREACHED */
779 }
780 mutex_held = &((struct inpcb *)so->so_pcb)->inpcb_mtx;
781
782 if (so->so_usecount == 0 && (inp->inp_wantcnt == WNT_STOPUSING)) {
783 lck_rw_lock_exclusive(divcbinfo.ipi_lock);
784 if (inp->inp_state != INPCB_STATE_DEAD) {
785 in_pcbdetach(inp);
786 }
787 in_pcbdispose(inp);
788 lck_rw_done(divcbinfo.ipi_lock);
789 return 0;
790 }
791 LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
792 so->unlock_lr[so->next_unlock_lr] = lr_saved;
793 so->next_unlock_lr = (so->next_unlock_lr + 1) % SO_LCKDBG_MAX;
794 lck_mtx_unlock(mutex_held);
795 return 0;
796 }
797
798 __private_extern__ lck_mtx_t *
799 div_getlock(struct socket *so, __unused int flags)
800 {
801 struct inpcb *inpcb = (struct inpcb *)so->so_pcb;
802
803 if (so->so_pcb) {
804 if (so->so_usecount < 0) {
805 panic("div_getlock: so=%p usecount=%x lrh= %s\n",
806 so, so->so_usecount, solockhistory_nr(so));
807 }
808 return &inpcb->inpcb_mtx;
809 } else {
810 panic("div_getlock: so=%p NULL NO PCB lrh= %s\n",
811 so, solockhistory_nr(so));
812 return so->so_proto->pr_domain->dom_mtx;
813 }
814 }
815
816 struct pr_usrreqs div_usrreqs = {
817 .pru_abort = div_abort,
818 .pru_attach = div_attach,
819 .pru_bind = div_bind,
820 .pru_control = in_control,
821 .pru_detach = div_detach,
822 .pru_disconnect = div_disconnect,
823 .pru_peeraddr = in_getpeeraddr,
824 .pru_send = div_send,
825 .pru_shutdown = div_shutdown,
826 .pru_sockaddr = in_getsockaddr,
827 .pru_sosend = sosend,
828 .pru_soreceive = soreceive,
829 };
mirror of XNU