/*
- * Copyright (c) 1998-2016 Apple Inc. All rights reserved.
+ * Copyright (c) 1998-2018 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
#include <sys/kern_event.h>
#include <net/route.h>
#include <net/init.h>
+#include <net/net_api_stats.h>
#include <net/ntstat.h>
#include <net/content_filter.h>
#include <netinet/in.h>
#include <sys/kpi_mbuf.h>
#include <sys/mcache.h>
#include <sys/unpcb.h>
+#include <libkern/section_keywords.h>
#if CONFIG_MACF
-#include <security/mac.h>
#include <security/mac_framework.h>
#endif /* MAC */
/* TODO: this should be in a header file somewhere */
extern char *proc_name_address(void *p);
-extern char *proc_best_name(proc_t);
static u_int32_t so_cache_hw; /* High water mark for socache */
static u_int32_t so_cache_timeouts; /* number of timeouts */
#include <machine/limits.h>
-static int filt_sorattach(struct knote *kn);
+static int filt_sorattach(struct knote *kn, struct kevent_internal_s *kev);
static void filt_sordetach(struct knote *kn);
static int filt_soread(struct knote *kn, long hint);
static int filt_sortouch(struct knote *kn, struct kevent_internal_s *kev);
static int filt_sorprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev);
-static int filt_sowattach(struct knote *kn);
+static int filt_sowattach(struct knote *kn, struct kevent_internal_s *kev);
static void filt_sowdetach(struct knote *kn);
static int filt_sowrite(struct knote *kn, long hint);
static int filt_sowtouch(struct knote *kn, struct kevent_internal_s *kev);
static int filt_sowprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev);
-static int filt_sockattach(struct knote *kn);
+static int filt_sockattach(struct knote *kn, struct kevent_internal_s *kev);
static void filt_sockdetach(struct knote *kn);
static int filt_sockev(struct knote *kn, long hint);
static int filt_socktouch(struct knote *kn, struct kevent_internal_s *kev);
static int sooptcopyin_timeval(struct sockopt *, struct timeval *);
static int sooptcopyout_timeval(struct sockopt *, const struct timeval *);
-struct filterops soread_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) soread_filtops = {
.f_isfd = 1,
.f_attach = filt_sorattach,
.f_detach = filt_sordetach,
.f_process = filt_sorprocess,
};
-struct filterops sowrite_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) sowrite_filtops = {
.f_isfd = 1,
.f_attach = filt_sowattach,
.f_detach = filt_sowdetach,
.f_process = filt_sowprocess,
};
-struct filterops sock_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) sock_filtops = {
.f_isfd = 1,
.f_attach = filt_sockattach,
.f_detach = filt_sockdetach,
.f_process = filt_sockprocess,
};
-struct filterops soexcept_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) soexcept_filtops = {
.f_isfd = 1,
.f_attach = filt_sorattach,
.f_detach = filt_sordetach,
&so_notsent_lowat_check, 0, "enable/disable notsnet lowat check");
#endif /* DEBUG || DEVELOPMENT */
+int so_accept_list_waits = 0;
+#if (DEBUG || DEVELOPMENT)
+SYSCTL_INT(_kern_ipc, OID_AUTO, accept_list_waits, CTLFLAG_RW|CTLFLAG_LOCKED,
+ &so_accept_list_waits, 0, "number of waits for listener incomp list");
+#endif /* DEBUG || DEVELOPMENT */
+
extern struct inpcbinfo tcbinfo;
/* TODO: these should be in header file */
extern int get_inpcb_str_size(void);
extern int get_tcp_str_size(void);
-static unsigned int sl_zone_size; /* size of sockaddr_list */
-static struct zone *sl_zone; /* zone for sockaddr_list */
-
-static unsigned int se_zone_size; /* size of sockaddr_entry */
-static struct zone *se_zone; /* zone for sockaddr_entry */
-
vm_size_t so_cache_zone_element_size;
static int sodelayed_copy(struct socket *, struct uio *, struct mbuf **,
int so_set_extended_bk_idle(struct socket *, int);
+
/*
* SOTCDB_NO_DSCP is set by default, to prevent the networking stack from
* setting the DSCP code on the packet based on the service class; see
zone_change(so_cache_zone, Z_CALLERACCT, FALSE);
zone_change(so_cache_zone, Z_NOENCRYPT, TRUE);
- sl_zone_size = sizeof (struct sockaddr_list);
- if ((sl_zone = zinit(sl_zone_size, 1024 * sl_zone_size, 1024,
- "sockaddr_list")) == NULL) {
- panic("%s: unable to allocate sockaddr_list zone\n", __func__);
- /* NOTREACHED */
- }
- zone_change(sl_zone, Z_CALLERACCT, FALSE);
- zone_change(sl_zone, Z_EXPAND, TRUE);
-
- se_zone_size = sizeof (struct sockaddr_entry);
- if ((se_zone = zinit(se_zone_size, 1024 * se_zone_size, 1024,
- "sockaddr_entry")) == NULL) {
- panic("%s: unable to allocate sockaddr_entry zone\n", __func__);
- /* NOTREACHED */
- }
- zone_change(se_zone, Z_CALLERACCT, FALSE);
- zone_change(se_zone, Z_EXPAND, TRUE);
-
bzero(&soextbkidlestat, sizeof(struct soextbkidlestat));
soextbkidlestat.so_xbkidle_maxperproc = SO_IDLE_BK_IDLE_MAX_PER_PROC;
soextbkidlestat.so_xbkidle_time = SO_IDLE_BK_IDLE_TIME;
if (so != NULL) {
so->so_gencnt = OSIncrementAtomic64((SInt64 *)&so_gencnt);
so->so_zone = socket_zone;
+
+ /*
+ * Increment the socket allocation statistics
+ */
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_alloc_total);
+
#if CONFIG_MACF_SOCKET
/* Convert waitok to M_WAITOK/M_NOWAIT for MAC Framework. */
if (mac_socket_label_init(so, !waitok) != 0) {
if (so == NULL)
return (ENOBUFS);
+ switch (dom) {
+ case PF_LOCAL:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_local_total);
+ break;
+ case PF_INET:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_inet_total);
+ if (type == SOCK_STREAM) {
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet_stream_total);
+ } else {
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet_dgram_total);
+ }
+ break;
+ case PF_ROUTE:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_route_total);
+ break;
+ case PF_NDRV:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_ndrv_total);
+ break;
+ case PF_KEY:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_key_total);
+ break;
+ case PF_INET6:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_inet6_total);
+ if (type == SOCK_STREAM) {
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet6_stream_total);
+ } else {
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet6_dgram_total);
+ }
+ break;
+ case PF_SYSTEM:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_system_total);
+ break;
+ case PF_MULTIPATH:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_multipath_total);
+ break;
+ default:
+ INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_other_total);
+ break;
+ }
+
if (flags & SOCF_ASYNC)
so->so_state |= SS_NBIO;
-#if MULTIPATH
- if (flags & SOCF_MP_SUBFLOW) {
- /*
- * A multipath subflow socket is used internally in the kernel,
- * therefore it does not have a file desciptor associated by
- * default.
- */
- so->so_state |= SS_NOFDREF;
- so->so_flags |= SOF_MP_SUBFLOW;
- }
-#endif /* MULTIPATH */
TAILQ_INIT(&so->so_incomp);
TAILQ_INIT(&so->so_comp);
* so protocol attachment handler must be coded carefuly
*/
so->so_state |= SS_NOFDREF;
+ VERIFY(so->so_usecount > 0);
so->so_usecount--;
sofreelastref(so, 1); /* will deallocate the socket */
return (error);
if (dolock)
socket_lock(so, 1);
- VERIFY(so->so_usecount > 1);
so_update_last_owner_locked(so, p);
so_update_policy(so);
return (error);
}
+/*
+ * The "accept list lock" protects the fields related to the listener queues
+ * because we can unlock a socket to respect the lock ordering between
+ * the listener socket and its clients sockets. The lock ordering is first to
+ * acquire the client socket before the listener socket.
+ *
+ * The accept list lock serializes access to the following fields:
+ * - of the listener socket:
+ * - so_comp
+ * - so_incomp
+ * - so_qlen
+ * - so_inqlen
+ * - of client sockets that are in so_comp or so_incomp:
+ * - so_head
+ * - so_list
+ *
+ * As one can see the accept list lock protects the consistent of the
+ * linkage of the client sockets.
+ *
+ * Note that those fields may be read without holding the accept list lock
+ * for a preflight provided the accept list lock is taken when committing
+ * to take an action based on the result of the preflight. The preflight
+ * saves the cost of doing the unlock/lock dance.
+ */
+void
+so_acquire_accept_list(struct socket *head, struct socket *so)
+{
+ lck_mtx_t *mutex_held;
+
+ if (head->so_proto->pr_getlock == NULL) {
+ return;
+ }
+ mutex_held = (*head->so_proto->pr_getlock)(head, PR_F_WILLUNLOCK);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
+
+ if (!(head->so_flags1 & SOF1_ACCEPT_LIST_HELD)) {
+ head->so_flags1 |= SOF1_ACCEPT_LIST_HELD;
+ return;
+ }
+ if (so != NULL) {
+ socket_unlock(so, 0);
+ }
+ while (head->so_flags1 & SOF1_ACCEPT_LIST_HELD) {
+ so_accept_list_waits += 1;
+ msleep((caddr_t)&head->so_incomp, mutex_held,
+ PSOCK | PCATCH, __func__, NULL);
+ }
+ head->so_flags1 |= SOF1_ACCEPT_LIST_HELD;
+ if (so != NULL) {
+ socket_unlock(head, 0);
+ socket_lock(so, 0);
+ socket_lock(head, 0);
+ }
+}
+
+void
+so_release_accept_list(struct socket *head)
+{
+ if (head->so_proto->pr_getlock != NULL) {
+ lck_mtx_t *mutex_held;
+
+ mutex_held = (*head->so_proto->pr_getlock)(head, 0);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
+
+ head->so_flags1 &= ~SOF1_ACCEPT_LIST_HELD;
+ wakeup((caddr_t)&head->so_incomp);
+ }
+}
+
void
sofreelastref(struct socket *so, int dealloc)
{
return;
}
if (head != NULL) {
- socket_lock(head, 1);
+ /*
+ * Need to lock the listener when the protocol has
+ * per socket locks
+ */
+ if (head->so_proto->pr_getlock != NULL) {
+ socket_lock(head, 1);
+ so_acquire_accept_list(head, so);
+ }
if (so->so_state & SS_INCOMP) {
+ so->so_state &= ~SS_INCOMP;
TAILQ_REMOVE(&head->so_incomp, so, so_list);
head->so_incqlen--;
+ head->so_qlen--;
+ so->so_head = NULL;
+
+ if (head->so_proto->pr_getlock != NULL) {
+ so_release_accept_list(head);
+ socket_unlock(head, 1);
+ }
} else if (so->so_state & SS_COMP) {
+ if (head->so_proto->pr_getlock != NULL) {
+ so_release_accept_list(head);
+ socket_unlock(head, 1);
+ }
/*
* We must not decommission a socket that's
* on the accept(2) queue. If we do, then
so->so_rcv.sb_flags &= ~(SB_SEL|SB_UPCALL);
so->so_snd.sb_flags &= ~(SB_SEL|SB_UPCALL);
so->so_event = sonullevent;
- socket_unlock(head, 1);
return;
} else {
- panic("sofree: not queued");
+ if (head->so_proto->pr_getlock != NULL) {
+ so_release_accept_list(head);
+ socket_unlock(head, 1);
+ }
+ printf("sofree: not queued\n");
}
- head->so_qlen--;
- so->so_state &= ~SS_INCOMP;
- so->so_head = NULL;
- socket_unlock(head, 1);
}
sowflush(so);
sorflush(so);
lck_mtx_t *mutex_held;
if (so->so_proto->pr_getlock != NULL)
- mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+ mutex_held = (*so->so_proto->pr_getlock)(so, PR_F_WILLUNLOCK);
else
mutex_held = so->so_proto->pr_domain->dom_mtx;
- lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
/*
* Double check here and return if there's no outstanding upcall;
so->so_rcv.sb_flags &= ~SB_UPCALL;
so->so_snd.sb_flags &= ~SB_UPCALL;
so->so_flags |= SOF_CLOSEWAIT;
+
(void) msleep((caddr_t)&so->so_upcallusecount, mutex_held, (PZERO - 1),
"soclose_wait_locked", NULL);
- lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
so->so_flags &= ~SOF_CLOSEWAIT;
}
soclose_locked(struct socket *so)
{
int error = 0;
- lck_mtx_t *mutex_held;
struct timespec ts;
if (so->so_usecount == 0) {
if ((so->so_options & SO_ACCEPTCONN)) {
struct socket *sp, *sonext;
- int socklock = 0;
+ int persocklock = 0;
+ int incomp_overflow_only;
/*
* We do not want new connection to be added
*/
so->so_options &= ~SO_ACCEPTCONN;
- for (sp = TAILQ_FIRST(&so->so_incomp);
- sp != NULL; sp = sonext) {
- sonext = TAILQ_NEXT(sp, so_list);
+ /*
+ * We can drop the lock on the listener once
+ * we've acquired the incoming list
+ */
+ if (so->so_proto->pr_getlock != NULL) {
+ persocklock = 1;
+ so_acquire_accept_list(so, NULL);
+ socket_unlock(so, 0);
+ }
+again:
+ incomp_overflow_only = 1;
+ TAILQ_FOREACH_SAFE(sp, &so->so_incomp, so_list, sonext) {
/*
* Radar 5350314
* skip sockets thrown away by tcpdropdropblreq
if (sp->so_flags & SOF_OVERFLOW)
continue;
- if (so->so_proto->pr_getlock != NULL) {
- /*
- * Lock ordering for consistency with the
- * rest of the stack, we lock the socket
- * first and then grabb the head.
- */
- socket_unlock(so, 0);
+ if (persocklock != 0)
socket_lock(sp, 1);
- socket_lock(so, 0);
- socklock = 1;
- }
-
- TAILQ_REMOVE(&so->so_incomp, sp, so_list);
- so->so_incqlen--;
+ /*
+ * Radar 27945981
+ * The extra reference for the list insure the
+ * validity of the socket pointer when we perform the
+ * unlock of the head above
+ */
if (sp->so_state & SS_INCOMP) {
sp->so_state &= ~SS_INCOMP;
sp->so_head = NULL;
+ TAILQ_REMOVE(&so->so_incomp, sp, so_list);
+ so->so_incqlen--;
+ so->so_qlen--;
(void) soabort(sp);
+ } else {
+ panic("%s sp %p in so_incomp but !SS_INCOMP",
+ __func__, sp);
}
- if (socklock)
+ if (persocklock != 0)
socket_unlock(sp, 1);
}
- while ((sp = TAILQ_FIRST(&so->so_comp)) != NULL) {
+ TAILQ_FOREACH_SAFE(sp, &so->so_comp, so_list, sonext) {
/* Dequeue from so_comp since sofree() won't do it */
- TAILQ_REMOVE(&so->so_comp, sp, so_list);
- so->so_qlen--;
-
- if (so->so_proto->pr_getlock != NULL) {
- socket_unlock(so, 0);
+ if (persocklock != 0)
socket_lock(sp, 1);
- }
if (sp->so_state & SS_COMP) {
sp->so_state &= ~SS_COMP;
sp->so_head = NULL;
+ TAILQ_REMOVE(&so->so_comp, sp, so_list);
+ so->so_qlen--;
(void) soabort(sp);
+ } else {
+ panic("%s sp %p in so_comp but !SS_COMP",
+ __func__, sp);
}
- if (so->so_proto->pr_getlock != NULL) {
+ if (persocklock)
socket_unlock(sp, 1);
- socket_lock(so, 0);
}
+
+ if (incomp_overflow_only == 0 && !TAILQ_EMPTY(&so->so_incomp)) {
+#if (DEBUG|DEVELOPMENT)
+ panic("%s head %p so_comp not empty\n", __func__, so);
+#endif /* (DEVELOPMENT || DEBUG) */
+
+ goto again;
+ }
+
+ if (!TAILQ_EMPTY(&so->so_comp)) {
+#if (DEBUG|DEVELOPMENT)
+ panic("%s head %p so_comp not empty\n", __func__, so);
+#endif /* (DEVELOPMENT || DEBUG) */
+
+ goto again;
+ }
+
+ if (persocklock) {
+ socket_lock(so, 0);
+ so_release_accept_list(so);
}
}
if (so->so_pcb == NULL) {
goto drop;
}
if (so->so_options & SO_LINGER) {
+ lck_mtx_t *mutex_held;
+
if ((so->so_state & SS_ISDISCONNECTING) &&
(so->so_state & SS_NBIO))
goto drop;
if (so->so_proto->pr_getlock != NULL)
- mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+ mutex_held = (*so->so_proto->pr_getlock)(so, PR_F_WILLUNLOCK);
else
mutex_held = so->so_proto->pr_domain->dom_mtx;
while (so->so_state & SS_ISCONNECTED) {
}
so->so_state |= SS_NOFDREF;
- if (so->so_flags & SOF_MP_SUBFLOW)
- so->so_flags &= ~SOF_MP_SUBFLOW;
-
if ((so->so_flags & SOF_KNOTE) != 0)
KNOTE(&so->so_klist, SO_FILT_HINT_LOCKED);
atomic_add_32(&so->so_proto->pr_domain->dom_refs, -1);
evsofree(so);
+ VERIFY(so->so_usecount > 0);
so->so_usecount--;
sofree(so);
return (error);
mutex_held = (*so->so_proto->pr_getlock)(so, 0);
else
mutex_held = so->so_proto->pr_domain->dom_mtx;
- lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
#endif
if ((so->so_flags & SOF_ABORTED) == 0) {
}
int
-soacceptfilter(struct socket *so)
+soacceptfilter(struct socket *so, struct socket *head)
{
struct sockaddr *local = NULL, *remote = NULL;
int error = 0;
- struct socket *head = so->so_head;
/*
* Hold the lock even if this socket has not been made visible
socket_lock(so, 1);
if (sogetaddr_locked(so, &remote, 1) != 0 ||
sogetaddr_locked(so, &local, 0) != 0) {
- so->so_state &= ~(SS_NOFDREF | SS_COMP);
- so->so_head = NULL;
+ so->so_state &= ~SS_NOFDREF;
socket_unlock(so, 1);
soclose(so);
/* Out of resources; try it again next time */
* the following is done while holding the lock since
* the socket has been exposed to the filter(s) earlier.
*/
- so->so_state &= ~(SS_NOFDREF | SS_COMP);
- so->so_head = NULL;
+ so->so_state &= ~SS_NOFDREF;
socket_unlock(so, 1);
soclose(so);
/* Propagate socket filter's error code to the caller */
}
int
-soconnectxlocked(struct socket *so, struct sockaddr_list **src_sl,
- struct sockaddr_list **dst_sl, struct proc *p, uint32_t ifscope,
+soconnectxlocked(struct socket *so, struct sockaddr *src,
+ struct sockaddr *dst, struct proc *p, uint32_t ifscope,
sae_associd_t aid, sae_connid_t *pcid, uint32_t flags, void *arg,
uint32_t arglen, uio_t auio, user_ssize_t *bytes_written)
{
* Run connect filter before calling protocol:
* - non-blocking connect returns before completion;
*/
- error = sflt_connectxout(so, dst_sl);
+ error = sflt_connectout(so, dst);
if (error != 0) {
/* Disable PRECONNECT_DATA, as we don't need to send a SYN anymore. */
so->so_flags1 &= ~SOF1_PRECONNECT_DATA;
error = 0;
} else {
error = (*so->so_proto->pr_usrreqs->pru_connectx)
- (so, src_sl, dst_sl, p, ifscope, aid, pcid,
+ (so, src, dst, p, ifscope, aid, pcid,
flags, arg, arglen, auio, bytes_written);
}
}
return (error);
}
-int
-sopeelofflocked(struct socket *so, sae_associd_t aid, struct socket **psop)
-{
- return ((*so->so_proto->pr_usrreqs->pru_peeloff)(so, aid, psop));
-}
-
#define SBLOCKWAIT(f) (((f) & MSG_DONTWAIT) ? 0 : SBL_WAIT)
/*
if ((so->so_proto->pr_flags & PR_CONNREQUIRED) != 0) {
if (((so->so_state & SS_ISCONFIRMING) == 0) &&
(resid != 0 || clen == 0) &&
- !(so->so_flags1 & SOF1_PRECONNECT_DATA)) {
-#if MPTCP
- /*
- * MPTCP Fast Join sends data before the
- * socket is truly connected.
- */
- if ((so->so_flags & (SOF_MP_SUBFLOW |
- SOF_MPTCP_FASTJOIN)) !=
- (SOF_MP_SUBFLOW | SOF_MPTCP_FASTJOIN))
-#endif /* MPTCP */
+ !(so->so_flags1 & SOF1_PRECONNECT_DATA))
return (ENOTCONN);
- }
+
} else if (addr == 0 && !(flags&MSG_HOLD)) {
return ((so->so_proto->pr_flags & PR_CONNREQUIRED) ?
ENOTCONN : EDESTADDRREQ);
if (so->so_type != SOCK_STREAM && (flags & MSG_OOB) != 0) {
error = EOPNOTSUPP;
- socket_unlock(so, 1);
- goto out;
+ goto out_locked;
}
/*
if (resid < 0 || resid > INT_MAX || (so->so_type == SOCK_STREAM &&
!(so->so_flags & SOF_ENABLE_MSGS) && (flags & MSG_EOR))) {
error = EINVAL;
- socket_unlock(so, 1);
- goto out;
+ goto out_locked;
}
dontroute = (flags & MSG_DONTROUTE) &&
error = sosendcheck(so, addr, resid, clen, atomic, flags,
&sblocked, control);
if (error)
- goto release;
+ goto out_locked;
mp = ⊤
if (so->so_flags & SOF_ENABLE_MSGS)
if (freelist == NULL) {
error = ENOBUFS;
socket_lock(so, 0);
- goto release;
+ goto out_locked;
}
/*
* For datagram protocols,
if ((m->m_flags & M_EXT))
mlen = m->m_ext.ext_size -
- m_leadingspace(m);
+ M_LEADINGSPACE(m);
else if ((m->m_flags & M_PKTHDR))
mlen =
- MHLEN - m_leadingspace(m);
+ MHLEN - M_LEADINGSPACE(m);
else
- mlen = MLEN - m_leadingspace(m);
+ mlen = MLEN - M_LEADINGSPACE(m);
len = imin(mlen, bytes_to_copy);
chainlength += len;
socket_lock(so, 0);
if (error)
- goto release;
+ goto out_locked;
}
if (flags & (MSG_HOLD|MSG_SEND)) {
so->so_tail = mb1;
if (flags & MSG_HOLD) {
top = NULL;
- goto release;
+ goto out_locked;
}
top = so->so_temp;
}
control = NULL;
top = NULL;
}
- goto release;
+ goto out_locked;
}
#if CONTENT_FILTER
/*
* Content filter processing
*/
error = cfil_sock_data_out(so, addr, top,
- control, (sendflags & MSG_OOB) ?
- sock_data_filt_flag_oob : 0);
+ control, sendflags);
if (error) {
if (error == EJUSTRETURN) {
error = 0;
control = NULL;
top = NULL;
}
- goto release;
+ goto out_locked;
}
#endif /* CONTENT_FILTER */
}
top = NULL;
mp = ⊤
if (error)
- goto release;
+ goto out_locked;
} while (resid && space > 0);
} while (resid);
-release:
+out_locked:
if (sblocked)
sbunlock(&so->so_snd, FALSE); /* will unlock socket */
else
socket_unlock(so, 1);
-out:
if (top != NULL)
m_freem(top);
if (control != NULL)
if (control_copy != NULL)
m_freem(control_copy);
- /*
- * One write has been done. This was enough. Get back to "normal"
- * behavior.
- */
- if (so->so_flags1 & SOF1_PRECONNECT_DATA)
- so->so_flags1 &= ~SOF1_PRECONNECT_DATA;
+ soclearfastopen(so);
if (en_tracing) {
/* resid passed here is the bytes left in uio */
return (error);
}
+int
+sosend_reinject(struct socket *so, struct sockaddr *addr, struct mbuf *top, struct mbuf *control, uint32_t sendflags)
+{
+ struct mbuf *m0, *control_end;
+
+ socket_lock_assert_owned(so);
+
+ /*
+ * top must points to mbuf chain to be sent.
+ * If control is not NULL, top must be packet header
+ */
+ VERIFY(top != NULL &&
+ (control == NULL || top->m_flags & M_PKTHDR));
+
+ /*
+ * If control is not passed in, see if we can get it
+ * from top.
+ */
+ if (control == NULL && (top->m_flags & M_PKTHDR) == 0) {
+ // Locate start of control if present and start of data
+ for (m0 = top; m0 != NULL; m0 = m0->m_next) {
+ if (m0->m_flags & M_PKTHDR) {
+ top = m0;
+ break;
+ } else if (m0->m_type == MT_CONTROL) {
+ if (control == NULL) {
+ // Found start of control
+ control = m0;
+ }
+ if (control != NULL && m0->m_next != NULL && m0->m_next->m_type != MT_CONTROL) {
+ // Found end of control
+ control_end = m0;
+ }
+ }
+ }
+ if (control_end != NULL)
+ control_end->m_next = NULL;
+ }
+
+ int error = (*so->so_proto->pr_usrreqs->pru_send)
+ (so, sendflags, top, addr, control, current_proc());
+
+ return error;
+}
+
/*
* Supported only connected sockets (no address) without ancillary data
* (control mbuf) for atomic protocols
for (n = m; n != NULL; n = n->m_next) {
if ((m->m_flags & M_EXT))
mlen = m->m_ext.ext_size -
- m_leadingspace(m);
+ M_LEADINGSPACE(m);
else if ((m->m_flags & M_PKTHDR))
mlen =
- MHLEN - m_leadingspace(m);
+ MHLEN - M_LEADINGSPACE(m);
else
- mlen = MLEN - m_leadingspace(m);
+ mlen = MLEN - M_LEADINGSPACE(m);
len = imin(mlen, bytes_to_copy);
/*
else
mutex_held = so->so_proto->pr_domain->dom_mtx;
- lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
#endif /* notyet */
sflt_notify(so, sock_evt_flush_read, NULL);
return (0);
}
-static int
-soopt_cred_check(struct socket *so, int priv)
+int
+soopt_cred_check(struct socket *so, int priv, boolean_t allow_root)
{
kauth_cred_t cred = NULL;
proc_t ep = PROC_NULL;
- int error;
+ uid_t uid;
+ int error = 0;
if (so->so_flags & SOF_DELEGATED) {
ep = proc_find(so->e_pid);
if (ep)
cred = kauth_cred_proc_ref(ep);
}
- error = priv_check_cred(cred ? cred : so->so_cred, priv, 0);
+
+ uid = kauth_cred_getuid(cred ? cred : so->so_cred);
+
+ /* uid is 0 for root */
+ if (uid != 0 || !allow_root)
+ error = priv_check_cred(cred ? cred : so->so_cred, priv, 0);
if (cred)
kauth_cred_unref(&cred);
if (ep != PROC_NULL)
case SO_OOBINLINE:
case SO_TIMESTAMP:
case SO_TIMESTAMP_MONOTONIC:
+ case SO_TIMESTAMP_CONTINUOUS:
case SO_DONTTRUNC:
case SO_WANTMORE:
case SO_WANTOOBFLAG:
goto out;
if (optval != 0) {
error = soopt_cred_check(so,
- PRIV_NET_RESTRICTED_AWDL);
+ PRIV_NET_RESTRICTED_AWDL, false);
if (error == 0)
inp_set_awdl_unrestricted(
sotoinpcb(so));
if (optval != 0 &&
inp_get_intcoproc_allowed(sotoinpcb(so)) == FALSE) {
error = soopt_cred_check(so,
- PRIV_NET_RESTRICTED_INTCOPROC);
+ PRIV_NET_RESTRICTED_INTCOPROC, false);
if (error == 0)
inp_set_intcoproc_allowed(
sotoinpcb(so));
so->so_flags |= SOF_PRIVILEGED_TRAFFIC_CLASS;
break;
+#if (DEVELOPMENT || DEBUG)
+ case SO_DEFUNCTIT:
+ error = sosetdefunct(current_proc(), so, 0, FALSE);
+ if (error == 0)
+ error = sodefunct(current_proc(), so, 0);
+
+ break;
+#endif /* (DEVELOPMENT || DEBUG) */
+
case SO_DEFUNCTOK:
error = sooptcopyin(sopt, &optval, sizeof (optval),
sizeof (optval));
case SO_NECP_ATTRIBUTES:
error = necp_set_socket_attributes(so, sopt);
break;
-#endif /* NECP */
-#if MPTCP
- case SO_MPTCP_FASTJOIN:
- if (!((so->so_flags & SOF_MP_SUBFLOW) ||
- ((SOCK_CHECK_DOM(so, PF_MULTIPATH)) &&
- (SOCK_CHECK_PROTO(so, IPPROTO_TCP))))) {
- error = ENOPROTOOPT;
+ case SO_NECP_CLIENTUUID:
+ if (SOCK_DOM(so) == PF_MULTIPATH) {
+ /* Handled by MPTCP itself */
break;
}
- error = sooptcopyin(sopt, &optval, sizeof (optval),
- sizeof (optval));
- if (error != 0)
+ if (SOCK_DOM(so) != PF_INET && SOCK_DOM(so) != PF_INET6) {
+ error = EINVAL;
goto out;
- if (optval == 0)
- so->so_flags &= ~SOF_MPTCP_FASTJOIN;
- else
- so->so_flags |= SOF_MPTCP_FASTJOIN;
+ }
+
+ struct inpcb *inp = sotoinpcb(so);
+ if (!uuid_is_null(inp->necp_client_uuid)) {
+ // Clear out the old client UUID if present
+ necp_inpcb_remove_cb(inp);
+ }
+
+ error = sooptcopyin(sopt, &inp->necp_client_uuid,
+ sizeof(uuid_t), sizeof(uuid_t));
+ if (error != 0) {
+ goto out;
+ }
+
+ if (uuid_is_null(inp->necp_client_uuid)) {
+ error = EINVAL;
+ goto out;
+ }
+
+ error = necp_client_register_socket_flow(so->last_pid,
+ inp->necp_client_uuid, inp);
+ if (error != 0) {
+ uuid_clear(inp->necp_client_uuid);
+ goto out;
+ }
+
+ if (inp->inp_lport != 0) {
+ // There is bound local port, so this is not
+ // a fresh socket. Assign to the client.
+ necp_client_assign_from_socket(so->last_pid, inp->necp_client_uuid, inp);
+ }
+
break;
-#endif /* MPTCP */
+#endif /* NECP */
case SO_EXTENDED_BK_IDLE:
error = sooptcopyin(sopt, &optval, sizeof (optval),
{
int error;
size_t len;
- struct user64_timeval tv64;
- struct user32_timeval tv32;
+ struct user64_timeval tv64 = {};
+ struct user32_timeval tv32 = {};
const void * val;
size_t valsize;
case SO_OOBINLINE:
case SO_TIMESTAMP:
case SO_TIMESTAMP_MONOTONIC:
+ case SO_TIMESTAMP_CONTINUOUS:
case SO_DONTTRUNC:
case SO_WANTMORE:
case SO_WANTOOBFLAG:
goto integer;
case SO_NP_EXTENSIONS: {
- struct so_np_extensions sonpx;
+ struct so_np_extensions sonpx = {};
sonpx.npx_flags = (so->so_flags & SOF_NPX_SETOPTSHUT) ?
SONPX_SETOPTSHUT : 0;
case SO_NECP_ATTRIBUTES:
error = necp_get_socket_attributes(so, sopt);
break;
+
+ case SO_NECP_CLIENTUUID:
+ {
+ uuid_t *ncu;
+
+ if (SOCK_DOM(so) == PF_MULTIPATH) {
+ ncu = &mpsotomppcb(so)->necp_client_uuid;
+ } else if (SOCK_DOM(so) == PF_INET || SOCK_DOM(so) == PF_INET6) {
+ ncu = &sotoinpcb(so)->necp_client_uuid;
+ } else {
+ error = EINVAL;
+ goto out;
+ }
+
+ error = sooptcopyout(sopt, ncu, sizeof(uuid_t));
+ break;
+ }
#endif /* NECP */
#if CONTENT_FILTER
}
#endif /* CONTENT_FILTER */
-#if MPTCP
- case SO_MPTCP_FASTJOIN:
- if (!((so->so_flags & SOF_MP_SUBFLOW) ||
- ((SOCK_CHECK_DOM(so, PF_MULTIPATH)) &&
- (SOCK_CHECK_PROTO(so, IPPROTO_TCP))))) {
- error = ENOPROTOOPT;
- break;
- }
- optval = (so->so_flags & SOF_MPTCP_FASTJOIN);
- /* Fixed along with rdar://19391339 */
- goto integer;
-#endif /* MPTCP */
-
case SO_EXTENDED_BK_IDLE:
optval = (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED);
goto integer;
}
int
-soo_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx)
+soo_kqfilter(struct fileproc *fp, struct knote *kn,
+ struct kevent_internal_s *kev, vfs_context_t ctx)
{
#pragma unused(fp)
#if !CONFIG_MACF_SOCKET
* call the appropriate sub-filter attach
* with the socket still locked
*/
- result = knote_fops(kn)->f_attach(kn);
+ result = knote_fops(kn)->f_attach(kn, kev);
socket_unlock(so, 1);
}
static int
-filt_sorattach(struct knote *kn)
+filt_sorattach(struct knote *kn, __unused struct kevent_internal_s *kev)
{
struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
/* save off the new input fflags and data */
kn->kn_sfflags = kev->fflags;
kn->kn_sdata = kev->data;
- if ((kn->kn_status & KN_UDATA_SPECIFIC) == 0)
- kn->kn_udata = kev->udata;
/* determine if changes result in fired events */
retval = filt_soread_common(kn, so);
}
static int
-filt_sowattach(struct knote *kn)
+filt_sowattach(struct knote *kn, __unused struct kevent_internal_s *kev)
{
struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
/*save off the new input fflags and data */
kn->kn_sfflags = kev->fflags;
kn->kn_sdata = kev->data;
- if ((kn->kn_status & KN_UDATA_SPECIFIC) == 0)
- kn->kn_udata = kev->udata;
/* determine if these changes result in a triggered event */
ret = filt_sowrite_common(kn, so);
}
static int
-filt_sockattach(struct knote *kn)
+filt_sockattach(struct knote *kn, __unused struct kevent_internal_s *kev)
{
struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
/* save off the new input fflags and data */
kn->kn_sfflags = kev->fflags;
kn->kn_sdata = kev->data;
- if ((kn->kn_status & KN_UDATA_SPECIFIC) == 0)
- kn->kn_udata = kev->udata;
/* restrict the current results to the (smaller?) set of new interest */
/*
return (lock_history_str);
}
-int
+void
socket_lock(struct socket *so, int refcount)
{
- int error = 0;
void *lr_saved;
lr_saved = __builtin_return_address(0);
if (so->so_proto->pr_lock) {
- error = (*so->so_proto->pr_lock)(so, refcount, lr_saved);
+ (*so->so_proto->pr_lock)(so, refcount, lr_saved);
} else {
#ifdef MORE_LOCKING_DEBUG
- lck_mtx_assert(so->so_proto->pr_domain->dom_mtx,
+ LCK_MTX_ASSERT(so->so_proto->pr_domain->dom_mtx,
LCK_MTX_ASSERT_NOTOWNED);
#endif
lck_mtx_lock(so->so_proto->pr_domain->dom_mtx);
so->lock_lr[so->next_lock_lr] = lr_saved;
so->next_lock_lr = (so->next_lock_lr+1) % SO_LCKDBG_MAX;
}
+}
- return (error);
+void
+socket_lock_assert_owned(struct socket *so)
+{
+ lck_mtx_t *mutex_held;
+
+ if (so->so_proto->pr_getlock != NULL)
+ mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+ else
+ mutex_held = so->so_proto->pr_domain->dom_mtx;
+
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
}
int
+socket_try_lock(struct socket *so)
+{
+ lck_mtx_t *mtx;
+
+ if (so->so_proto->pr_getlock != NULL)
+ mtx = (*so->so_proto->pr_getlock)(so, 0);
+ else
+ mtx = so->so_proto->pr_domain->dom_mtx;
+
+ return (lck_mtx_try_lock(mtx));
+}
+
+void
socket_unlock(struct socket *so, int refcount)
{
- int error = 0;
void *lr_saved;
lck_mtx_t *mutex_held;
}
if (so && so->so_proto->pr_unlock) {
- error = (*so->so_proto->pr_unlock)(so, refcount, lr_saved);
+ (*so->so_proto->pr_unlock)(so, refcount, lr_saved);
} else {
mutex_held = so->so_proto->pr_domain->dom_mtx;
#ifdef MORE_LOCKING_DEBUG
- lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
#endif
so->unlock_lr[so->next_unlock_lr] = lr_saved;
so->next_unlock_lr = (so->next_unlock_lr+1) % SO_LCKDBG_MAX;
}
lck_mtx_unlock(mutex_held);
}
-
- return (error);
}
/* Called with socket locked, will unlock socket */
mutex_held = (*so->so_proto->pr_getlock)(so, 0);
else
mutex_held = so->so_proto->pr_domain->dom_mtx;
- lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
sofreelastref(so, 0);
}
if (so->so_flags & SOF_NODEFUNCT) {
if (noforce) {
err = EOPNOTSUPP;
+ if (p != PROC_NULL) {
+ SODEFUNCTLOG("%s[%d, %s]: (target pid %d "
+ "name %s level %d) so 0x%llx [%d,%d] "
+ "is not eligible for defunct "
+ "(%d)\n", __func__, proc_selfpid(),
+ proc_best_name(current_proc()), proc_pid(p),
+ proc_best_name(p), level,
+ (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+ SOCK_DOM(so), SOCK_TYPE(so), err);
+ }
+ return (err);
+ }
+ so->so_flags &= ~SOF_NODEFUNCT;
+ if (p != PROC_NULL) {
SODEFUNCTLOG("%s[%d, %s]: (target pid %d "
"name %s level %d) so 0x%llx [%d,%d] "
- "is not eligible for defunct "
+ "defunct by force "
"(%d)\n", __func__, proc_selfpid(),
proc_best_name(current_proc()), proc_pid(p),
proc_best_name(p), level,
(uint64_t)DEBUG_KERNEL_ADDRPERM(so),
SOCK_DOM(so), SOCK_TYPE(so), err);
- return (err);
}
- so->so_flags &= ~SOF_NODEFUNCT;
- SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
- "so 0x%llx [%d,%d] defunct by force\n", __func__,
- proc_selfpid(), proc_best_name(current_proc()),
- proc_pid(p), proc_best_name(p), level,
- (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
- SOCK_DOM(so), SOCK_TYPE(so));
} else if (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) {
struct inpcb *inp = (struct inpcb *)so->so_pcb;
struct ifnet *ifp = inp->inp_last_outifp;
OSIncrementAtomic(&soextbkidlestat.so_xbkidle_nodlgtd);
} else if (soextbkidlestat.so_xbkidle_time == 0) {
OSIncrementAtomic(&soextbkidlestat.so_xbkidle_notime);
- } else if (noforce) {
+ } else if (noforce && p != PROC_NULL) {
OSIncrementAtomic(&soextbkidlestat.so_xbkidle_active);
so->so_flags1 |= SOF1_EXTEND_BK_IDLE_INPROG;
inpcb_timer_sched(inp->inp_pcbinfo, INPCB_TIMER_LAZY);
err = EOPNOTSUPP;
- SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s "
- "level %d) extend bk idle so 0x%llx rcv hw %d "
- "cc %d\n",
- __func__, proc_selfpid(),
+ SODEFUNCTLOG("%s[%d, %s]: (target pid %d "
+ "name %s level %d) so 0x%llx [%d,%d] "
+ "extend bk idle "
+ "(%d)\n", __func__, proc_selfpid(),
proc_best_name(current_proc()), proc_pid(p),
proc_best_name(p), level,
(uint64_t)DEBUG_KERNEL_ADDRPERM(so),
- so->so_rcv.sb_hiwat, so->so_rcv.sb_cc);
+ SOCK_DOM(so), SOCK_TYPE(so), err);
return (err);
} else {
OSIncrementAtomic(&soextbkidlestat.so_xbkidle_forced);
}
done:
- SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
- "so 0x%llx [%d,%d] %s defunct%s\n", __func__, proc_selfpid(),
- proc_best_name(current_proc()), proc_pid(p), proc_best_name(p),
- level, (uint64_t)DEBUG_KERNEL_ADDRPERM(so), SOCK_DOM(so),
- SOCK_TYPE(so), defunct ? "is already" : "marked as",
- (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) ? " extbkidle" : "");
-
+ if (p != PROC_NULL) {
+ SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
+ "so 0x%llx [%d,%d] %s defunct%s\n", __func__,
+ proc_selfpid(), proc_best_name(current_proc()),
+ proc_pid(p), proc_best_name(p), level,
+ (uint64_t)DEBUG_KERNEL_ADDRPERM(so), SOCK_DOM(so),
+ SOCK_TYPE(so), defunct ? "is already" : "marked as",
+ (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) ?
+ " extbkidle" : "");
+ }
return (err);
}
char d[MAX_IPv6_STR_LEN];
struct inpcb *inp = sotoinpcb(so);
- SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
- "so 0x%llx [%s %s:%d -> %s:%d] is now defunct "
- "[rcv_si 0x%x, snd_si 0x%x, rcv_fl 0x%x, snd_fl 0x%x]\n",
- __func__, proc_selfpid(), proc_best_name(current_proc()),
- proc_pid(p), proc_best_name(p), level,
- (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
- (SOCK_TYPE(so) == SOCK_STREAM) ? "TCP" : "UDP",
- inet_ntop(SOCK_DOM(so), ((SOCK_DOM(so) == PF_INET) ?
- (void *)&inp->inp_laddr.s_addr : (void *)&inp->in6p_laddr),
- s, sizeof (s)), ntohs(inp->in6p_lport),
- inet_ntop(SOCK_DOM(so), (SOCK_DOM(so) == PF_INET) ?
- (void *)&inp->inp_faddr.s_addr : (void *)&inp->in6p_faddr,
- d, sizeof (d)), ntohs(inp->in6p_fport),
- (uint32_t)rcv->sb_sel.si_flags,
- (uint32_t)snd->sb_sel.si_flags,
- rcv->sb_flags, snd->sb_flags);
- } else {
+ if (p != PROC_NULL) {
+ SODEFUNCTLOG(
+ "%s[%d, %s]: (target pid %d name %s level %d) "
+ "so 0x%llx [%s %s:%d -> %s:%d] is now defunct "
+ "[rcv_si 0x%x, snd_si 0x%x, rcv_fl 0x%x, "
+ " snd_fl 0x%x]\n", __func__,
+ proc_selfpid(), proc_best_name(current_proc()),
+ proc_pid(p), proc_best_name(p), level,
+ (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+ (SOCK_TYPE(so) == SOCK_STREAM) ? "TCP" : "UDP",
+ inet_ntop(SOCK_DOM(so), ((SOCK_DOM(so) == PF_INET) ?
+ (void *)&inp->inp_laddr.s_addr :
+ (void *)&inp->in6p_laddr),
+ s, sizeof (s)), ntohs(inp->in6p_lport),
+ inet_ntop(SOCK_DOM(so), (SOCK_DOM(so) == PF_INET) ?
+ (void *)&inp->inp_faddr.s_addr :
+ (void *)&inp->in6p_faddr,
+ d, sizeof (d)), ntohs(inp->in6p_fport),
+ (uint32_t)rcv->sb_sel.si_flags,
+ (uint32_t)snd->sb_sel.si_flags,
+ rcv->sb_flags, snd->sb_flags);
+ }
+ } else if (p != PROC_NULL) {
SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
"so 0x%llx [%d,%d] is now defunct [rcv_si 0x%x, "
"snd_si 0x%x, rcv_fl 0x%x, snd_fl 0x%x]\n", __func__,
* Explicitly handle connectionless-protocol disconnection
* and release any remaining data in the socket buffers.
*/
- if (!(so->so_flags & SS_ISDISCONNECTED))
+ if (!(so->so_state & SS_ISDISCONNECTED))
(void) soisdisconnected(so);
if (so->so_error == 0)
struct filedesc *fdp;
int count = 0;
+ /*
+ * Unlock socket to avoid lock ordering issue with
+ * the proc fd table lock
+ */
+ socket_unlock(so, 0);
+
proc_fdlock(p);
fdp = p->p_fd;
if (count >= soextbkidlestat.so_xbkidle_maxperproc)
break;
}
+ proc_fdunlock(p);
+
+ socket_lock(so, 0);
+
if (count >= soextbkidlestat.so_xbkidle_maxperproc) {
OSIncrementAtomic(&soextbkidlestat.so_xbkidle_toomany);
error = EBUSY;
SOCK_DOM(so), SOCK_TYPE(so),
(so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) ?
"is" : "not");
-
- proc_fdunlock(p);
}
return (error);
sotoinpcb(so)->inp_flags &= ~INP_RECV_ANYIF;
}
+
return (ret);
}
}
}
+ if (SOCK_DOM(so) == PF_MULTIPATH)
+ mptcp_set_restrictions(so);
+
return (0);
}
SO_RESTRICT_DENY_CELLULAR | SO_RESTRICT_DENY_EXPENSIVE));
}
-struct sockaddr_entry *
-sockaddrentry_alloc(int how)
-{
- struct sockaddr_entry *se;
-
- se = (how == M_WAITOK) ? zalloc(se_zone) : zalloc_noblock(se_zone);
- if (se != NULL)
- bzero(se, se_zone_size);
-
- return (se);
-}
-
-void
-sockaddrentry_free(struct sockaddr_entry *se)
-{
- if (se->se_addr != NULL) {
- FREE(se->se_addr, M_SONAME);
- se->se_addr = NULL;
- }
- zfree(se_zone, se);
-}
-
-struct sockaddr_entry *
-sockaddrentry_dup(const struct sockaddr_entry *src_se, int how)
-{
- struct sockaddr_entry *dst_se;
-
- dst_se = sockaddrentry_alloc(how);
- if (dst_se != NULL) {
- int len = src_se->se_addr->sa_len;
-
- MALLOC(dst_se->se_addr, struct sockaddr *,
- len, M_SONAME, how | M_ZERO);
- if (dst_se->se_addr != NULL) {
- bcopy(src_se->se_addr, dst_se->se_addr, len);
- } else {
- sockaddrentry_free(dst_se);
- dst_se = NULL;
- }
- }
-
- return (dst_se);
-}
-
-struct sockaddr_list *
-sockaddrlist_alloc(int how)
-{
- struct sockaddr_list *sl;
-
- sl = (how == M_WAITOK) ? zalloc(sl_zone) : zalloc_noblock(sl_zone);
- if (sl != NULL) {
- bzero(sl, sl_zone_size);
- TAILQ_INIT(&sl->sl_head);
- }
- return (sl);
-}
-
-void
-sockaddrlist_free(struct sockaddr_list *sl)
-{
- struct sockaddr_entry *se, *tse;
-
- TAILQ_FOREACH_SAFE(se, &sl->sl_head, se_link, tse) {
- sockaddrlist_remove(sl, se);
- sockaddrentry_free(se);
- }
- VERIFY(sl->sl_cnt == 0 && TAILQ_EMPTY(&sl->sl_head));
- zfree(sl_zone, sl);
-}
-
-void
-sockaddrlist_insert(struct sockaddr_list *sl, struct sockaddr_entry *se)
-{
- VERIFY(!(se->se_flags & SEF_ATTACHED));
- se->se_flags |= SEF_ATTACHED;
- TAILQ_INSERT_TAIL(&sl->sl_head, se, se_link);
- sl->sl_cnt++;
- VERIFY(sl->sl_cnt != 0);
-}
-
-void
-sockaddrlist_remove(struct sockaddr_list *sl, struct sockaddr_entry *se)
-{
- VERIFY(se->se_flags & SEF_ATTACHED);
- se->se_flags &= ~SEF_ATTACHED;
- VERIFY(sl->sl_cnt != 0);
- sl->sl_cnt--;
- TAILQ_REMOVE(&sl->sl_head, se, se_link);
-}
-
-struct sockaddr_list *
-sockaddrlist_dup(const struct sockaddr_list *src_sl, int how)
-{
- struct sockaddr_entry *src_se, *tse;
- struct sockaddr_list *dst_sl;
-
- dst_sl = sockaddrlist_alloc(how);
- if (dst_sl == NULL)
- return (NULL);
-
- TAILQ_FOREACH_SAFE(src_se, &src_sl->sl_head, se_link, tse) {
- struct sockaddr_entry *dst_se;
-
- if (src_se->se_addr == NULL)
- continue;
-
- dst_se = sockaddrentry_dup(src_se, how);
- if (dst_se == NULL) {
- sockaddrlist_free(dst_sl);
- return (NULL);
- }
-
- sockaddrlist_insert(dst_sl, dst_se);
- }
- VERIFY(src_sl->sl_cnt == dst_sl->sl_cnt);
-
- return (dst_sl);
-}
-
int
so_set_effective_pid(struct socket *so, int epid, struct proc *p)
{
projects / apple / xnu.git / blobdiff