/*
- * Copyright (c) 2000-2005 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1998-2007 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
-/* Copyright (c) 1998, 1999 Apple Computer, Inc. All Rights Reserved */
/* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
/*
* Copyright (c) 1982, 1986, 1988, 1990, 1993
* @(#)uipc_socket.c 8.3 (Berkeley) 4/15/94
* $FreeBSD: src/sys/kern/uipc_socket.c,v 1.68.2.16 2001/06/14 20:46:06 ume Exp $
*/
+/*
+ * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce
+ * support for mandatory and extensible security protections. This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ */
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/filedesc.h>
+#include <sys/proc.h>
#include <sys/proc_internal.h>
#include <sys/kauth.h>
#include <sys/file_internal.h>
#include <sys/uio.h>
#include <sys/ev.h>
#include <sys/kdebug.h>
+#include <sys/un.h>
#include <net/route.h>
#include <netinet/in.h>
#include <netinet/in_pcb.h>
#include <kern/zalloc.h>
#include <kern/locks.h>
#include <machine/limits.h>
+#include <libkern/OSAtomic.h>
+#include <pexpert/pexpert.h>
+
+#if CONFIG_MACF
+#include <security/mac.h>
+#include <security/mac_framework.h>
+#endif /* MAC */
+
+/* how a timeval looks to a 64-bit process */
+struct timeval64 {
+ int64_t tv_sec;
+ int32_t tv_usec;
+};
int so_cache_hw = 0;
int so_cache_timeouts = 0;
u_long so_cache_time = 0;
int so_cache_init_done = 0;
struct zone *so_cache_zone;
-extern int get_inpcb_str_size();
-extern int get_tcp_str_size();
static lck_grp_t *so_cache_mtx_grp;
static lck_attr_t *so_cache_mtx_attr;
#include <machine/limits.h>
-static void filt_sordetach(struct knote *kn);
-static int filt_soread(struct knote *kn, long hint);
-static void filt_sowdetach(struct knote *kn);
-static int filt_sowrite(struct knote *kn, long hint);
-static int filt_solisten(struct knote *kn, long hint);
+static void filt_sordetach(struct knote *kn);
+static int filt_soread(struct knote *kn, long hint);
+static void filt_sowdetach(struct knote *kn);
+static int filt_sowrite(struct knote *kn, long hint);
+static int filt_solisten(struct knote *kn, long hint);
+
+static int
+sooptcopyin_timeval(struct sockopt *sopt, struct timeval * tv_p);
+
+static int
+sooptcopyout_timeval(struct sockopt *sopt, const struct timeval * tv_p);
static struct filterops solisten_filtops =
- { 1, NULL, filt_sordetach, filt_solisten };
+ { 1, NULL, filt_sordetach, filt_solisten };
static struct filterops soread_filtops =
- { 1, NULL, filt_sordetach, filt_soread };
+ { 1, NULL, filt_sordetach, filt_soread };
static struct filterops sowrite_filtops =
- { 1, NULL, filt_sowdetach, filt_sowrite };
+ { 1, NULL, filt_sowdetach, filt_sowrite };
-#define EVEN_MORE_LOCKING_DEBUG 0
+#define EVEN_MORE_LOCKING_DEBUG 0
int socket_debug = 0;
int socket_zone = M_SOCKET;
so_gen_t so_gencnt; /* generation count for sockets */
MALLOC_DEFINE(M_SONAME, "soname", "socket name");
MALLOC_DEFINE(M_PCB, "pcb", "protocol control block");
-#define DBG_LAYER_IN_BEG NETDBG_CODE(DBG_NETSOCK, 0)
-#define DBG_LAYER_IN_END NETDBG_CODE(DBG_NETSOCK, 2)
-#define DBG_LAYER_OUT_BEG NETDBG_CODE(DBG_NETSOCK, 1)
-#define DBG_LAYER_OUT_END NETDBG_CODE(DBG_NETSOCK, 3)
-#define DBG_FNC_SOSEND NETDBG_CODE(DBG_NETSOCK, (4 << 8) | 1)
-#define DBG_FNC_SORECEIVE NETDBG_CODE(DBG_NETSOCK, (8 << 8))
-#define DBG_FNC_SOSHUTDOWN NETDBG_CODE(DBG_NETSOCK, (9 << 8))
+#define DBG_LAYER_IN_BEG NETDBG_CODE(DBG_NETSOCK, 0)
+#define DBG_LAYER_IN_END NETDBG_CODE(DBG_NETSOCK, 2)
+#define DBG_LAYER_OUT_BEG NETDBG_CODE(DBG_NETSOCK, 1)
+#define DBG_LAYER_OUT_END NETDBG_CODE(DBG_NETSOCK, 3)
+#define DBG_FNC_SOSEND NETDBG_CODE(DBG_NETSOCK, (4 << 8) | 1)
+#define DBG_FNC_SORECEIVE NETDBG_CODE(DBG_NETSOCK, (8 << 8))
+#define DBG_FNC_SOSHUTDOWN NETDBG_CODE(DBG_NETSOCK, (9 << 8))
-#define MAX_SOOPTGETM_SIZE (128 * MCLBYTES)
+#define MAX_SOOPTGETM_SIZE (128 * MCLBYTES)
SYSCTL_DECL(_kern_ipc);
-static int somaxconn = SOMAXCONN;
-SYSCTL_INT(_kern_ipc, KIPC_SOMAXCONN, somaxconn, CTLFLAG_RW, &somaxconn,
- 0, "");
+int somaxconn = SOMAXCONN;
+SYSCTL_INT(_kern_ipc, KIPC_SOMAXCONN, somaxconn, CTLFLAG_RW, &somaxconn, 0, "");
/* Should we get a maximum also ??? */
static int sosendmaxchain = 65536;
static int sosendminchain = 16384;
static int sorecvmincopy = 16384;
SYSCTL_INT(_kern_ipc, OID_AUTO, sosendminchain, CTLFLAG_RW, &sosendminchain,
- 0, "");
+ 0, "");
SYSCTL_INT(_kern_ipc, OID_AUTO, sorecvmincopy, CTLFLAG_RW, &sorecvmincopy,
- 0, "");
+ 0, "");
-void so_cache_timer();
+/*
+ * Set to enable jumbo clusters (if available) for large writes when
+ * the socket is marked with SOF_MULTIPAGES; see below.
+ */
+int sosendjcl = 1;
+SYSCTL_INT(_kern_ipc, OID_AUTO, sosendjcl, CTLFLAG_RW, &sosendjcl, 0, "");
+
+/*
+ * Set this to ignore SOF_MULTIPAGES and use jumbo clusters for large
+ * writes on the socket for all protocols on any network interfaces,
+ * depending upon sosendjcl above. Be extra careful when setting this
+ * to 1, because sending down packets that cross physical pages down to
+ * broken drivers (those that falsely assume that the physical pages
+ * are contiguous) might lead to system panics or silent data corruption.
+ * When set to 0, the system will respect SOF_MULTIPAGES, which is set
+ * only for TCP sockets whose outgoing interface is IFNET_MULTIPAGES
+ * capable. Set this to 1 only for testing/debugging purposes.
+ */
+int sosendjcl_ignore_capab = 0;
+SYSCTL_INT(_kern_ipc, OID_AUTO, sosendjcl_ignore_capab, CTLFLAG_RW,
+ &sosendjcl_ignore_capab, 0, "");
/*
* Socket operation routines.
* switching out to the protocol specific routines.
*/
+/* sys_generic.c */
+extern void postevent(struct socket *, struct sockbuf *, int);
+extern void evsofree(struct socket *);
+
+/* TODO: these should be in header file */
+extern int get_inpcb_str_size(void);
+extern int get_tcp_str_size(void);
+extern struct domain *pffinddomain(int);
+extern struct protosw *pffindprotonotype(int, int);
+extern int soclose_locked(struct socket *);
+extern int soo_kqfilter(struct fileproc *, struct knote *, struct proc *);
+
#ifdef __APPLE__
vm_size_t so_cache_zone_element_size;
-static int sodelayed_copy(struct socket *so, struct uio *uio, struct mbuf **free_list, int *resid);
+static int sodelayed_copy(struct socket *, struct uio *, struct mbuf **, int *);
+static void cached_sock_alloc(struct socket **, int);
+static void cached_sock_free(struct socket *);
+static void so_cache_timer(void *);
+
+void soclose_wait_locked(struct socket *so);
-void socketinit()
+void
+socketinit(void)
{
- vm_size_t str_size;
+ vm_size_t str_size;
if (so_cache_init_done) {
printf("socketinit: already called...\n");
return;
}
+ PE_parse_boot_argn("socket_debug", &socket_debug, sizeof (socket_debug));
+
/*
* allocate lock group attribute and group for socket cache mutex
*/
so_cache_mtx_grp_attr = lck_grp_attr_alloc_init();
- so_cache_mtx_grp = lck_grp_alloc_init("so_cache", so_cache_mtx_grp_attr);
-
+ so_cache_mtx_grp = lck_grp_alloc_init("so_cache",
+ so_cache_mtx_grp_attr);
+
/*
* allocate the lock attribute for socket cache mutex
*/
so_cache_mtx_attr = lck_attr_alloc_init();
- so_cache_init_done = 1;
+ so_cache_init_done = 1;
- so_cache_mtx = lck_mtx_alloc_init(so_cache_mtx_grp, so_cache_mtx_attr); /* cached sockets mutex */
-
- if (so_cache_mtx == NULL)
+ /* cached sockets mutex */
+ so_cache_mtx = lck_mtx_alloc_init(so_cache_mtx_grp, so_cache_mtx_attr);
+
+ if (so_cache_mtx == NULL)
return; /* we're hosed... */
- str_size = (vm_size_t)( sizeof(struct socket) + 4 +
- get_inpcb_str_size() + 4 +
- get_tcp_str_size());
- so_cache_zone = zinit (str_size, 120000*str_size, 8192, "socache zone");
+ str_size = (vm_size_t)(sizeof (struct socket) + 4 +
+ get_inpcb_str_size() + 4 + get_tcp_str_size());
+
+ so_cache_zone = zinit(str_size, 120000*str_size, 8192, "socache zone");
#if TEMPDEBUG
- printf("cached_sock_alloc -- so_cache_zone size is %x\n", str_size);
+ printf("cached_sock_alloc -- so_cache_zone size is %x\n", str_size);
#endif
- timeout(so_cache_timer, NULL, (SO_CACHE_FLUSH_INTERVAL * hz));
-
- so_cache_zone_element_size = str_size;
+ timeout(so_cache_timer, NULL, (SO_CACHE_FLUSH_INTERVAL * hz));
- sflt_init();
+ so_cache_zone_element_size = str_size;
+ sflt_init();
}
-void cached_sock_alloc(so, waitok)
-struct socket **so;
-int waitok;
-
+static void
+cached_sock_alloc(struct socket **so, int waitok)
{
- caddr_t temp;
- register u_long offset;
-
+ caddr_t temp;
+ register u_long offset;
lck_mtx_lock(so_cache_mtx);
- if (cached_sock_count) {
- cached_sock_count--;
- *so = socket_cache_head;
- if (*so == 0)
- panic("cached_sock_alloc: cached sock is null");
+ if (cached_sock_count) {
+ cached_sock_count--;
+ *so = socket_cache_head;
+ if (*so == 0)
+ panic("cached_sock_alloc: cached sock is null");
- socket_cache_head = socket_cache_head->cache_next;
- if (socket_cache_head)
- socket_cache_head->cache_prev = 0;
- else
- socket_cache_tail = 0;
+ socket_cache_head = socket_cache_head->cache_next;
+ if (socket_cache_head)
+ socket_cache_head->cache_prev = 0;
+ else
+ socket_cache_tail = 0;
lck_mtx_unlock(so_cache_mtx);
- temp = (*so)->so_saved_pcb;
- bzero((caddr_t)*so, sizeof(struct socket));
+ temp = (*so)->so_saved_pcb;
+ bzero((caddr_t)*so, sizeof (struct socket));
#if TEMPDEBUG
- kprintf("cached_sock_alloc - retreiving cached sock %x - count == %d\n", *so,
- cached_sock_count);
+ kprintf("cached_sock_alloc - retreiving cached sock %p - "
+ "count == %d\n", *so, cached_sock_count);
#endif
- (*so)->so_saved_pcb = temp;
- (*so)->cached_in_sock_layer = 1;
-
- }
- else {
+ (*so)->so_saved_pcb = temp;
+ (*so)->cached_in_sock_layer = 1;
+ } else {
#if TEMPDEBUG
- kprintf("Allocating cached sock %x from memory\n", *so);
+ kprintf("Allocating cached sock %p from memory\n", *so);
#endif
- lck_mtx_unlock(so_cache_mtx);
-
- if (waitok)
- *so = (struct socket *) zalloc(so_cache_zone);
- else
- *so = (struct socket *) zalloc_noblock(so_cache_zone);
-
- if (*so == 0)
- return;
+ lck_mtx_unlock(so_cache_mtx);
- bzero((caddr_t)*so, sizeof(struct socket));
+ if (waitok)
+ *so = (struct socket *)zalloc(so_cache_zone);
+ else
+ *so = (struct socket *)zalloc_noblock(so_cache_zone);
- /*
- * Define offsets for extra structures into our single block of
- * memory. Align extra structures on longword boundaries.
- */
+ if (*so == 0)
+ return;
+ bzero((caddr_t)*so, sizeof (struct socket));
- offset = (u_long) *so;
- offset += sizeof(struct socket);
- if (offset & 0x3) {
- offset += 4;
- offset &= 0xfffffffc;
- }
- (*so)->so_saved_pcb = (caddr_t) offset;
- offset += get_inpcb_str_size();
- if (offset & 0x3) {
- offset += 4;
- offset &= 0xfffffffc;
- }
+ /*
+ * Define offsets for extra structures into our single block of
+ * memory. Align extra structures on longword boundaries.
+ */
+ offset = (u_long) *so;
+ offset += sizeof (struct socket);
+ if (offset & 0x3) {
+ offset += 4;
+ offset &= 0xfffffffc;
+ }
+ (*so)->so_saved_pcb = (caddr_t)offset;
+ offset += get_inpcb_str_size();
+ if (offset & 0x3) {
+ offset += 4;
+ offset &= 0xfffffffc;
+ }
- ((struct inpcb *) (*so)->so_saved_pcb)->inp_saved_ppcb = (caddr_t) offset;
+ ((struct inpcb *)(*so)->so_saved_pcb)->inp_saved_ppcb =
+ (caddr_t)offset;
#if TEMPDEBUG
- kprintf("Allocating cached socket - %x, pcb=%x tcpcb=%x\n", *so,
- (*so)->so_saved_pcb,
+ kprintf("Allocating cached socket - %p, pcb=%p tcpcb=%p\n",
+ *so, (*so)->so_saved_pcb,
((struct inpcb *)(*so)->so_saved_pcb)->inp_saved_ppcb);
#endif
- }
+ }
- (*so)->cached_in_sock_layer = 1;
+ (*so)->cached_in_sock_layer = 1;
}
-
-void cached_sock_free(so)
-struct socket *so;
+static void
+cached_sock_free(struct socket *so)
{
lck_mtx_lock(so_cache_mtx);
--cached_sock_count;
lck_mtx_unlock(so_cache_mtx);
#if TEMPDEBUG
- kprintf("Freeing overflowed cached socket %x\n", so);
+ kprintf("Freeing overflowed cached socket %p\n", so);
#endif
zfree(so_cache_zone, so);
- }
- else {
+ } else {
#if TEMPDEBUG
- kprintf("Freeing socket %x into cache\n", so);
+ kprintf("Freeing socket %p into cache\n", so);
#endif
if (so_cache_hw < cached_sock_count)
so_cache_hw = cached_sock_count;
}
#if TEMPDEBUG
- kprintf("Freed cached sock %x into cache - count is %d\n", so, cached_sock_count);
+ kprintf("Freed cached sock %p into cache - count is %d\n",
+ so, cached_sock_count);
#endif
-
-
}
-
-void so_cache_timer()
+static void
+so_cache_timer(__unused void *dummy)
{
register struct socket *p;
register int n_freed = 0;
-
lck_mtx_lock(so_cache_mtx);
++so_cache_time;
- while ( (p = socket_cache_tail) )
- {
+ while ((p = socket_cache_tail)) {
if ((so_cache_time - p->cache_timestamp) < SO_CACHE_TIME_LIMIT)
- break;
+ break;
so_cache_timeouts++;
-
- if ( (socket_cache_tail = p->cache_prev) )
- p->cache_prev->cache_next = 0;
- if (--cached_sock_count == 0)
- socket_cache_head = 0;
+ if ((socket_cache_tail = p->cache_prev))
+ p->cache_prev->cache_next = 0;
+ if (--cached_sock_count == 0)
+ socket_cache_head = 0;
zfree(so_cache_zone, p);
-
- if (++n_freed >= SO_CACHE_MAX_FREE_BATCH)
- {
- so_cache_max_freed++;
+
+ if (++n_freed >= SO_CACHE_MAX_FREE_BATCH) {
+ so_cache_max_freed++;
break;
}
}
lck_mtx_unlock(so_cache_mtx);
timeout(so_cache_timer, NULL, (SO_CACHE_FLUSH_INTERVAL * hz));
-
-
}
#endif /* __APPLE__ */
* the protocols can be easily modified to do this.
*/
struct socket *
-soalloc(waitok, dom, type)
- int waitok;
- int dom;
- int type;
+soalloc(int waitok, int dom, int type)
{
struct socket *so;
- if ((dom == PF_INET) && (type == SOCK_STREAM))
- cached_sock_alloc(&so, waitok);
- else
- {
- MALLOC_ZONE(so, struct socket *, sizeof(*so), socket_zone, M_WAITOK);
- if (so)
- bzero(so, sizeof *so);
+ if ((dom == PF_INET) && (type == SOCK_STREAM)) {
+ cached_sock_alloc(&so, waitok);
+ } else {
+ MALLOC_ZONE(so, struct socket *, sizeof (*so), socket_zone,
+ M_WAITOK);
+ if (so != NULL)
+ bzero(so, sizeof (*so));
}
/* XXX race condition for reentrant kernel */
//###LD Atomic add for so_gencnt
- if (so) {
- so->so_gencnt = ++so_gencnt;
- so->so_zone = socket_zone;
+ if (so != NULL) {
+ so->so_gencnt = ++so_gencnt;
+ so->so_zone = socket_zone;
+#if CONFIG_MACF_SOCKET
+ /* Convert waitok to M_WAITOK/M_NOWAIT for MAC Framework. */
+ if (mac_socket_label_init(so, !waitok) != 0) {
+ sodealloc(so);
+ return (NULL);
+ }
+#endif /* MAC_SOCKET */
}
- return so;
+ return (so);
}
+/*
+ * Returns: 0 Success
+ * EAFNOSUPPORT
+ * EPROTOTYPE
+ * EPROTONOSUPPORT
+ * ENOBUFS
+ * <pru_attach>:ENOBUFS[AF_UNIX]
+ * <pru_attach>:ENOBUFS[TCP]
+ * <pru_attach>:ENOMEM[TCP]
+ * <pru_attach>:EISCONN[TCP]
+ * <pru_attach>:??? [other protocol families, IPSEC]
+ */
int
-socreate(dom, aso, type, proto)
- int dom;
- struct socket **aso;
- register int type;
- int proto;
+socreate(int dom, struct socket **aso, int type, int proto)
{
struct proc *p = current_proc();
register struct protosw *prp;
else
prp = pffindtype(dom, type);
- if (prp == 0 || prp->pr_usrreqs->pru_attach == 0)
- return (EPROTONOSUPPORT);
-#ifndef __APPLE__
-
- if (p->p_prison && jail_socket_unixiproute_only &&
- prp->pr_domain->dom_family != PF_LOCAL &&
- prp->pr_domain->dom_family != PF_INET &&
- prp->pr_domain->dom_family != PF_ROUTE) {
+ if (prp == 0 || prp->pr_usrreqs->pru_attach == 0) {
+ if (pffinddomain(dom) == NULL) {
+ return (EAFNOSUPPORT);
+ }
+ if (proto != 0) {
+ if (pffindprotonotype(dom, proto) != NULL) {
+ return (EPROTOTYPE);
+ }
+ }
return (EPROTONOSUPPORT);
}
-
-#endif
if (prp->pr_type != type)
return (EPROTOTYPE);
so = soalloc(p != 0, dom, type);
TAILQ_INIT(&so->so_comp);
so->so_type = type;
-#ifdef __APPLE__
if (p != 0) {
so->so_uid = kauth_cred_getuid(kauth_cred_get());
- if (!suser(kauth_cred_get(),NULL))
+ if (!suser(kauth_cred_get(), NULL))
so->so_state = SS_PRIV;
}
-#else
- so->so_cred = kauth_cred_get_with_ref();
-#endif
so->so_proto = prp;
#ifdef __APPLE__
so->so_rcv.sb_flags |= SB_RECV; /* XXX */
#endif
so->next_lock_lr = 0;
so->next_unlock_lr = 0;
-
-
+
+#if CONFIG_MACF_SOCKET
+ mac_socket_label_associate(kauth_cred_get(), so);
+#endif /* MAC_SOCKET */
+
//### Attachement will create the per pcb lock if necessary and increase refcount
- so->so_usecount++; /* for creation, make sure it's done before socket is inserted in lists */
+ /*
+ * for creation, make sure it's done before
+ * socket is inserted in lists
+ */
+ so->so_usecount++;
error = (*prp->pr_usrreqs->pru_attach)(so, proto, p);
if (error) {
- /*
- * Warning:
- * If so_pcb is not zero, the socket will be leaked,
- * so protocol attachment handler must be coded carefuly
+ /*
+ * Warning:
+ * If so_pcb is not zero, the socket will be leaked,
+ * so protocol attachment handler must be coded carefuly
*/
so->so_state |= SS_NOFDREF;
so->so_usecount--;
so->so_options |= SO_DEBUG;
#endif
#endif
-
*aso = so;
return (0);
}
+/*
+ * Returns: 0 Success
+ * <pru_bind>:EINVAL Invalid argument [COMMON_START]
+ * <pru_bind>:EAFNOSUPPORT Address family not supported
+ * <pru_bind>:EADDRNOTAVAIL Address not available.
+ * <pru_bind>:EINVAL Invalid argument
+ * <pru_bind>:EAFNOSUPPORT Address family not supported [notdef]
+ * <pru_bind>:EACCES Permission denied
+ * <pru_bind>:EADDRINUSE Address in use
+ * <pru_bind>:EAGAIN Resource unavailable, try again
+ * <pru_bind>:EPERM Operation not permitted
+ * <pru_bind>:???
+ * <sf_bind>:???
+ *
+ * Notes: It's not possible to fully enumerate the return codes above,
+ * since socket filter authors and protocol family authors may
+ * not choose to limit their error returns to those listed, even
+ * though this may result in some software operating incorrectly.
+ *
+ * The error codes which are enumerated above are those known to
+ * be returned by the tcp_usr_bind function supplied.
+ */
int
-sobind(so, nam)
- struct socket *so;
- struct sockaddr *nam;
-
+sobind(struct socket *so, struct sockaddr *nam)
{
struct proc *p = current_proc();
int error = 0;
- struct socket_filter_entry *filter;
- int filtered = 0;
+ struct socket_filter_entry *filter;
+ int filtered = 0;
socket_lock(so, 1);
+ /*
+ * If this is a bind request on a previously-accepted socket
+ * that has been marked as inactive, reject it now before
+ * we go any further.
+ */
+ if (so->so_flags & SOF_DEFUNCT) {
+ error = EINVAL;
+ goto out;
+ }
+
/* Socket filter */
error = 0;
for (filter = so->so_filt; filter && (error == 0);
- filter = filter->sfe_next_onsocket) {
+ filter = filter->sfe_next_onsocket) {
if (filter->sfe_filter->sf_filter.sf_bind) {
if (filtered == 0) {
filtered = 1;
sflt_use(so);
socket_unlock(so, 0);
}
- error = filter->sfe_filter->sf_filter.sf_bind(
- filter->sfe_cookie, so, nam);
+ error = filter->sfe_filter->sf_filter.
+ sf_bind(filter->sfe_cookie, so, nam);
}
}
if (filtered != 0) {
sflt_unuse(so);
}
/* End socket filter */
-
+
if (error == 0)
error = (*so->so_proto->pr_usrreqs->pru_bind)(so, nam, p);
-
+out:
socket_unlock(so, 1);
-
+
if (error == EJUSTRETURN)
error = 0;
-
+
return (error);
}
void
-sodealloc(so)
- struct socket *so;
+sodealloc(struct socket *so)
{
so->so_gencnt = ++so_gencnt;
-#ifndef __APPLE__
- if (so->so_rcv.sb_hiwat)
- (void)chgsbsize(so->so_cred->cr_uidinfo,
- &so->so_rcv.sb_hiwat, 0, RLIM_INFINITY);
- if (so->so_snd.sb_hiwat)
- (void)chgsbsize(so->so_cred->cr_uidinfo,
- &so->so_snd.sb_hiwat, 0, RLIM_INFINITY);
-#ifdef INET
- if (so->so_accf != NULL) {
- if (so->so_accf->so_accept_filter != NULL &&
- so->so_accf->so_accept_filter->accf_destroy != NULL) {
- so->so_accf->so_accept_filter->accf_destroy(so);
- }
- if (so->so_accf->so_accept_filter_str != NULL)
- FREE(so->so_accf->so_accept_filter_str, M_ACCF);
- FREE(so->so_accf, M_ACCF);
- }
-#endif /* INET */
- kauth_cred_unref(&so->so_cred);
- zfreei(so->so_zone, so);
-#else
- if (so->cached_in_sock_layer == 1)
- cached_sock_free(so);
- else {
- if (so->cached_in_sock_layer == -1)
- panic("sodealloc: double dealloc: so=%x\n", so);
- so->cached_in_sock_layer = -1;
- FREE_ZONE(so, sizeof(*so), so->so_zone);
+#if CONFIG_MACF_SOCKET
+ mac_socket_label_destroy(so);
+#endif /* MAC_SOCKET */
+ if (so->cached_in_sock_layer == 1) {
+ cached_sock_free(so);
+ } else {
+ if (so->cached_in_sock_layer == -1)
+ panic("sodealloc: double dealloc: so=%p\n", so);
+ so->cached_in_sock_layer = -1;
+ FREE_ZONE(so, sizeof (*so), so->so_zone);
}
-#endif /* __APPLE__ */
}
+/*
+ * Returns: 0 Success
+ * EINVAL
+ * EOPNOTSUPP
+ * <pru_listen>:EINVAL[AF_UNIX]
+ * <pru_listen>:EINVAL[TCP]
+ * <pru_listen>:EADDRNOTAVAIL[TCP] Address not available.
+ * <pru_listen>:EINVAL[TCP] Invalid argument
+ * <pru_listen>:EAFNOSUPPORT[TCP] Address family not supported [notdef]
+ * <pru_listen>:EACCES[TCP] Permission denied
+ * <pru_listen>:EADDRINUSE[TCP] Address in use
+ * <pru_listen>:EAGAIN[TCP] Resource unavailable, try again
+ * <pru_listen>:EPERM[TCP] Operation not permitted
+ * <sf_listen>:???
+ *
+ * Notes: Other <pru_listen> returns depend on the protocol family; all
+ * <sf_listen> returns depend on what the filter author causes
+ * their filter to return.
+ */
int
-solisten(so, backlog)
- register struct socket *so;
- int backlog;
-
+solisten(struct socket *so, int backlog)
{
struct proc *p = current_proc();
- int error;
+ int error = 0;
+ struct socket_filter_entry *filter;
+ int filtered = 0;
socket_lock(so, 1);
-
- {
- struct socket_filter_entry *filter;
- int filtered = 0;
- error = 0;
- for (filter = so->so_filt; filter && (error == 0);
- filter = filter->sfe_next_onsocket) {
- if (filter->sfe_filter->sf_filter.sf_listen) {
- if (filtered == 0) {
- filtered = 1;
- sflt_use(so);
- socket_unlock(so, 0);
- }
- error = filter->sfe_filter->sf_filter.sf_listen(
- filter->sfe_cookie, so);
+ if (so->so_proto == NULL) {
+ error = EINVAL;
+ goto out;
+ }
+ if ((so->so_proto->pr_flags & PR_CONNREQUIRED) == 0) {
+ error = EOPNOTSUPP;
+ goto out;
+ }
+
+ /*
+ * If the listen request is made on a socket that is not fully
+ * disconnected, or on a previously-accepted socket that has
+ * been marked as inactive, reject the request now.
+ */
+ if ((so->so_state &
+ (SS_ISCONNECTED|SS_ISCONNECTING|SS_ISDISCONNECTING)) ||
+ (so->so_flags & SOF_DEFUNCT)) {
+ error = EINVAL;
+ goto out;
+ }
+
+ if ((so->so_restrictions & SO_RESTRICT_DENYIN) != 0) {
+ error = EPERM;
+ goto out;
+ }
+
+ error = 0;
+ for (filter = so->so_filt; filter && (error == 0);
+ filter = filter->sfe_next_onsocket) {
+ if (filter->sfe_filter->sf_filter.sf_listen) {
+ if (filtered == 0) {
+ filtered = 1;
+ sflt_use(so);
+ socket_unlock(so, 0);
}
+ error = filter->sfe_filter->sf_filter.
+ sf_listen(filter->sfe_cookie, so);
}
- if (filtered != 0) {
- socket_lock(so, 0);
- sflt_unuse(so);
- }
+ }
+ if (filtered != 0) {
+ socket_lock(so, 0);
+ sflt_unuse(so);
}
if (error == 0) {
error = (*so->so_proto->pr_usrreqs->pru_listen)(so, p);
}
-
+
if (error) {
- socket_unlock(so, 1);
if (error == EJUSTRETURN)
error = 0;
- return (error);
+ goto out;
}
-
+
if (TAILQ_EMPTY(&so->so_comp))
so->so_options |= SO_ACCEPTCONN;
- if (backlog < 0 || backlog > somaxconn)
+ /*
+ * POSIX: The implementation may have an upper limit on the length of
+ * the listen queue-either global or per accepting socket. If backlog
+ * exceeds this limit, the length of the listen queue is set to the
+ * limit.
+ *
+ * If listen() is called with a backlog argument value that is less
+ * than 0, the function behaves as if it had been called with a backlog
+ * argument value of 0.
+ *
+ * A backlog argument of 0 may allow the socket to accept connections,
+ * in which case the length of the listen queue may be set to an
+ * implementation-defined minimum value.
+ */
+ if (backlog <= 0 || backlog > somaxconn)
backlog = somaxconn;
- so->so_qlimit = backlog;
+ so->so_qlimit = backlog;
+out:
socket_unlock(so, 1);
- return (0);
+ return (error);
}
void
-sofreelastref(so, dealloc)
- register struct socket *so;
- int dealloc;
+sofreelastref(struct socket *so, int dealloc)
{
- int error;
struct socket *head = so->so_head;
- /*### Assume socket is locked */
+ /* Assume socket is locked */
/* Remove any filters - may be called more than once */
sflt_termsock(so);
-
- if ((!(so->so_flags & SOF_PCBCLEARING)) || ((so->so_state & SS_NOFDREF) == 0)) {
+
+ if ((!(so->so_flags & SOF_PCBCLEARING)) ||
+ ((so->so_state & SS_NOFDREF) == 0)) {
#ifdef __APPLE__
selthreadclear(&so->so_snd.sb_sel);
selthreadclear(&so->so_rcv.sb_sel);
sbrelease(&so->so_snd);
#endif
sorflush(so);
-
+
/* 3932268: disable upcall */
so->so_rcv.sb_flags &= ~SB_UPCALL;
so->so_snd.sb_flags &= ~SB_UPCALL;
-
+
if (dealloc)
sodealloc(so);
}
+void
+soclose_wait_locked(struct socket *so)
+{
+ lck_mtx_t *mutex_held;
+
+ if (so->so_proto->pr_getlock != NULL)
+ mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+ else
+ mutex_held = so->so_proto->pr_domain->dom_mtx;
+ lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+
+ /*
+ * Double check here and return if there's no outstanding upcall;
+ * otherwise proceed further only if SOF_UPCALLCLOSEWAIT is set.
+ */
+ if (!(so->so_flags & SOF_UPCALLINUSE) ||
+ !(so->so_flags & SOF_UPCALLCLOSEWAIT))
+ return;
+
+ so->so_flags |= SOF_CLOSEWAIT;
+ (void) msleep((caddr_t)&so->so_upcall, mutex_held, (PZERO - 1),
+ "soclose_wait_locked", NULL);
+ lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+ so->so_flags &= ~SOF_CLOSEWAIT;
+}
+
/*
* Close a socket on last file table reference removal.
* Initiate disconnect if connected.
* Free socket when disconnect complete.
*/
int
-soclose_locked(so)
- register struct socket *so;
+soclose_locked(struct socket *so)
{
int error = 0;
- lck_mtx_t * mutex_held;
+ lck_mtx_t *mutex_held;
struct timespec ts;
if (so->so_usecount == 0) {
- panic("soclose: so=%x refcount=0\n", so);
+ panic("soclose: so=%p refcount=0\n", so);
}
sflt_notify(so, sock_evt_closing, NULL);
-
+
if ((so->so_options & SO_ACCEPTCONN)) {
- struct socket *sp;
-
- /* We do not want new connection to be added to the connection queues */
+ struct socket *sp, *sonext;
+ int socklock = 0;
+
+ /*
+ * We do not want new connection to be added
+ * to the connection queues
+ */
so->so_options &= ~SO_ACCEPTCONN;
-
- while ((sp = TAILQ_FIRST(&so->so_incomp)) != NULL) {
- /* A bit tricky here. We need to keep
- * a lock if it's a protocol global lock
- * but we want the head, not the socket locked
- * in the case of per-socket lock...
+
+ for (sp = TAILQ_FIRST(&so->so_incomp); sp != NULL; sp = sonext) {
+ sonext = TAILQ_NEXT(sp, so_list);
+
+ /* Radar 5350314
+ * skip sockets thrown away by tcpdropdropblreq
+ * they will get cleanup by the garbage collection.
+ * otherwise, remove the incomp socket from the queue
+ * and let soabort trigger the appropriate cleanup.
*/
+ if (sp->so_flags & SOF_OVERFLOW)
+ continue;
+
if (so->so_proto->pr_getlock != NULL) {
+ /* lock ordering for consistency with the rest of the stack,
+ * we lock the socket first and then grabb the head.
+ */
socket_unlock(so, 0);
socket_lock(sp, 1);
- }
- (void) soabort(sp);
- if (so->so_proto->pr_getlock != NULL) {
- socket_unlock(sp, 1);
socket_lock(so, 0);
+ socklock = 1;
}
+
+ TAILQ_REMOVE(&so->so_incomp, sp, so_list);
+ so->so_incqlen--;
+
+ if (sp->so_state & SS_INCOMP) {
+ sp->so_state &= ~SS_INCOMP;
+ sp->so_head = NULL;
+
+ (void) soabort(sp);
+ }
+
+ if (socklock)
+ socket_unlock(sp, 1);
}
while ((sp = TAILQ_FIRST(&so->so_comp)) != NULL) {
/* Dequeue from so_comp since sofree() won't do it */
- TAILQ_REMOVE(&so->so_comp, sp, so_list);
+ TAILQ_REMOVE(&so->so_comp, sp, so_list);
so->so_qlen--;
if (so->so_proto->pr_getlock != NULL) {
socket_lock(sp, 1);
}
- sp->so_state &= ~SS_COMP;
- sp->so_head = NULL;
+ if (sp->so_state & SS_COMP) {
+ sp->so_state &= ~SS_COMP;
+ sp->so_head = NULL;
+
+ (void) soabort(sp);
+ }
- (void) soabort(sp);
if (so->so_proto->pr_getlock != NULL) {
socket_unlock(sp, 1);
socket_lock(so, 0);
if ((so->so_state & SS_ISDISCONNECTING) &&
(so->so_state & SS_NBIO))
goto drop;
- if (so->so_proto->pr_getlock != NULL)
+ if (so->so_proto->pr_getlock != NULL)
mutex_held = (*so->so_proto->pr_getlock)(so, 0);
- else
+ else
mutex_held = so->so_proto->pr_domain->dom_mtx;
while (so->so_state & SS_ISCONNECTED) {
ts.tv_sec = (so->so_linger/100);
- ts.tv_nsec = (so->so_linger % 100) * NSEC_PER_USEC * 1000 * 10;
- error = msleep((caddr_t)&so->so_timeo, mutex_held,
- PSOCK | PCATCH, "soclos", &ts);
+ ts.tv_nsec = (so->so_linger % 100) *
+ NSEC_PER_USEC * 1000 * 10;
+ error = msleep((caddr_t)&so->so_timeo,
+ mutex_held, PSOCK | PCATCH, "soclose", &ts);
if (error) {
- /* It's OK when the time fires, don't report an error */
+ /*
+ * It's OK when the time fires,
+ * don't report an error
+ */
if (error == EWOULDBLOCK)
error = 0;
break;
}
drop:
if (so->so_usecount == 0)
- panic("soclose: usecount is zero so=%x\n", so);
+ panic("soclose: usecount is zero so=%p\n", so);
if (so->so_pcb && !(so->so_flags & SOF_PCBCLEARING)) {
int error2 = (*so->so_proto->pr_usrreqs->pru_detach)(so);
if (error == 0)
error = error2;
}
if (so->so_usecount <= 0)
- panic("soclose: usecount is zero so=%x\n", so);
+ panic("soclose: usecount is zero so=%p\n", so);
discard:
if (so->so_pcb && so->so_state & SS_NOFDREF)
panic("soclose: NOFDREF");
}
int
-soclose(so)
- register struct socket *so;
+soclose(struct socket *so)
{
int error = 0;
socket_lock(so, 1);
- if (so->so_retaincnt == 0)
+
+ if (so->so_flags & SOF_UPCALLINUSE)
+ soclose_wait_locked(so);
+
+ if (so->so_retaincnt == 0) {
error = soclose_locked(so);
- else { /* if the FD is going away, but socket is retained in kernel remove its reference */
+ } else {
+ /*
+ * if the FD is going away, but socket is
+ * retained in kernel remove its reference
+ */
so->so_usecount--;
if (so->so_usecount < 2)
- panic("soclose: retaincnt non null and so=%x usecount=%x\n", so->so_usecount);
+ panic("soclose: retaincnt non null and so=%p "
+ "usecount=%d\n", so, so->so_usecount);
}
socket_unlock(so, 1);
return (error);
}
-
/*
* Must be called at splnet...
*/
-//#### Should already be locked
+/* Should already be locked */
int
-soabort(so)
- struct socket *so;
+soabort(struct socket *so)
{
int error;
#ifdef MORE_LOCKING_DEBUG
- lck_mtx_t * mutex_held;
+ lck_mtx_t *mutex_held;
- if (so->so_proto->pr_getlock != NULL)
+ if (so->so_proto->pr_getlock != NULL)
mutex_held = (*so->so_proto->pr_getlock)(so, 0);
- else
+ else
mutex_held = so->so_proto->pr_domain->dom_mtx;
lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
#endif
- error = (*so->so_proto->pr_usrreqs->pru_abort)(so);
- if (error) {
- sofree(so);
- return error;
+ if ((so->so_flags & SOF_ABORTED) == 0) {
+ so->so_flags |= SOF_ABORTED;
+ error = (*so->so_proto->pr_usrreqs->pru_abort)(so);
+ if (error) {
+ sofree(so);
+ return (error);
+ }
}
return (0);
}
int
-soacceptlock(so, nam, dolock)
- register struct socket *so;
- struct sockaddr **nam;
- int dolock;
+soacceptlock(struct socket *so, struct sockaddr **nam, int dolock)
{
int error;
- if (dolock) socket_lock(so, 1);
+ if (dolock)
+ socket_lock(so, 1);
if ((so->so_state & SS_NOFDREF) == 0)
panic("soaccept: !NOFDREF");
so->so_state &= ~SS_NOFDREF;
error = (*so->so_proto->pr_usrreqs->pru_accept)(so, nam);
-
- if (dolock) socket_unlock(so, 1);
+
+ if (dolock)
+ socket_unlock(so, 1);
return (error);
}
+
int
-soaccept(so, nam)
- register struct socket *so;
- struct sockaddr **nam;
+soaccept(struct socket *so, struct sockaddr **nam)
{
return (soacceptlock(so, nam, 1));
}
int
-soconnectlock(so, nam, dolock)
- register struct socket *so;
- struct sockaddr *nam;
- int dolock;
-
+soacceptfilter(struct socket *so)
{
- int s;
- int error;
- struct proc *p = current_proc();
+ struct sockaddr *local = NULL, *remote = NULL;
+ struct socket_filter_entry *filter;
+ int error = 0, filtered = 0;
+ struct socket *head = so->so_head;
- if (dolock) socket_lock(so, 1);
+ /*
+ * There's no need to hold the lock; this socket
+ * has not been made visible to the filter(s).
+ */
+ if ((sock_getaddr(so, &remote, 1) != 0) ||
+ sock_getaddr(so, &local, 0) != 0) {
+ so->so_state &= ~(SS_NOFDREF | SS_COMP);
+ so->so_head = NULL;
+ soclose(so);
+ /* Out of resources; try it again next time */
+ error = ECONNABORTED;
+ goto done;
+ }
- if (so->so_options & SO_ACCEPTCONN) {
- if (dolock) socket_unlock(so, 1);
- return (EOPNOTSUPP);
+ /*
+ * At this point, we have a reference on the listening socket
+ * so we know it won't be going away. Do the same for the newly
+ * accepted socket while we invoke the accept callback routine.
+ */
+ socket_lock(so, 1);
+ for (filter = so->so_filt; filter != NULL && error == 0;
+ filter = filter->sfe_next_onsocket) {
+ if (filter->sfe_filter->sf_filter.sf_accept != NULL) {
+ if (!filtered) {
+ filtered = 1;
+ sflt_use(so);
+ socket_unlock(so, 0);
+ }
+ error = filter->sfe_filter->sf_filter.
+ sf_accept(filter->sfe_cookie,
+ head, so, local, remote);
+ }
}
+
+ if (filtered) {
+ socket_lock(so, 0);
+ sflt_unuse(so);
+ }
+
/*
- * If protocol is connection-based, can only connect once.
- * Otherwise, if connected, try to disconnect first.
- * This allows user to disconnect by connecting to, e.g.,
- * a null address.
+ * If we get EJUSTRETURN from one of the filters, mark this socket
+ * as inactive and return it anyway. This newly accepted socket
+ * will be disconnected later before we hand it off to the caller.
*/
- if (so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING) &&
- ((so->so_proto->pr_flags & PR_CONNREQUIRED) ||
- (error = sodisconnectlocked(so))))
- error = EISCONN;
- else {
+ if (error == EJUSTRETURN) {
+ error = 0;
+ so->so_flags |= SOF_DEFUNCT;
+ /* Prevent data from being appended to the socket buffers */
+ so->so_snd.sb_flags |= SB_DROP;
+ so->so_rcv.sb_flags |= SB_DROP;
+ }
+
+ if (error != 0) {
/*
- * Run connect filter before calling protocol:
+ * This may seem like a duplication to the above error
+ * handling part when we return ECONNABORTED, except
+ * the following is done while holding the lock since
+ * the socket has been exposed to the filter(s) earlier.
+ */
+ so->so_state &= ~(SS_NOFDREF | SS_COMP);
+ so->so_head = NULL;
+ socket_unlock(so, 1);
+ soclose(so);
+ /* Propagate socket filter's error code to the caller */
+ } else {
+ socket_unlock(so, 1);
+ }
+done:
+ /* Callee checks for NULL pointer */
+ sock_freeaddr(remote);
+ sock_freeaddr(local);
+ return (error);
+}
+
+/*
+ * Returns: 0 Success
+ * EOPNOTSUPP Operation not supported on socket
+ * EISCONN Socket is connected
+ * <pru_connect>:EADDRNOTAVAIL Address not available.
+ * <pru_connect>:EINVAL Invalid argument
+ * <pru_connect>:EAFNOSUPPORT Address family not supported [notdef]
+ * <pru_connect>:EACCES Permission denied
+ * <pru_connect>:EADDRINUSE Address in use
+ * <pru_connect>:EAGAIN Resource unavailable, try again
+ * <pru_connect>:EPERM Operation not permitted
+ * <sf_connect_out>:??? [anything a filter writer might set]
+ */
+int
+soconnectlock(struct socket *so, struct sockaddr *nam, int dolock)
+{
+ int error;
+ struct proc *p = current_proc();
+
+ if (dolock)
+ socket_lock(so, 1);
+
+ /*
+ * If this is a listening socket or if this is a previously-accepted
+ * socket that has been marked as inactive, reject the connect request.
+ */
+ if ((so->so_options & SO_ACCEPTCONN) || (so->so_flags & SOF_DEFUNCT)) {
+ if (dolock)
+ socket_unlock(so, 1);
+ return (EOPNOTSUPP);
+ }
+
+ if ((so->so_restrictions & SO_RESTRICT_DENYOUT) != 0) {
+ if (dolock)
+ socket_unlock(so, 1);
+ return (EPERM);
+ }
+
+ /*
+ * If protocol is connection-based, can only connect once.
+ * Otherwise, if connected, try to disconnect first.
+ * This allows user to disconnect by connecting to, e.g.,
+ * a null address.
+ */
+ if (so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING) &&
+ ((so->so_proto->pr_flags & PR_CONNREQUIRED) ||
+ (error = sodisconnectlocked(so)))) {
+ error = EISCONN;
+ } else {
+ /*
+ * Run connect filter before calling protocol:
* - non-blocking connect returns before completion;
*/
- {
- struct socket_filter_entry *filter;
- int filtered = 0;
- error = 0;
- for (filter = so->so_filt; filter && (error == 0);
- filter = filter->sfe_next_onsocket) {
- if (filter->sfe_filter->sf_filter.sf_connect_out) {
- if (filtered == 0) {
- filtered = 1;
- sflt_use(so);
- socket_unlock(so, 0);
- }
- error = filter->sfe_filter->sf_filter.sf_connect_out(
- filter->sfe_cookie, so, nam);
+ struct socket_filter_entry *filter;
+ int filtered = 0;
+
+ error = 0;
+ for (filter = so->so_filt; filter && (error == 0);
+ filter = filter->sfe_next_onsocket) {
+ if (filter->sfe_filter->sf_filter.sf_connect_out) {
+ if (filtered == 0) {
+ filtered = 1;
+ sflt_use(so);
+ socket_unlock(so, 0);
}
- }
- if (filtered != 0) {
- socket_lock(so, 0);
- sflt_unuse(so);
+ error = filter->sfe_filter->sf_filter.
+ sf_connect_out(filter->sfe_cookie, so, nam);
}
}
+ if (filtered != 0) {
+ socket_lock(so, 0);
+ sflt_unuse(so);
+ }
+
if (error) {
if (error == EJUSTRETURN)
error = 0;
- if (dolock) socket_unlock(so, 1);
- return error;
+ if (dolock)
+ socket_unlock(so, 1);
+ return (error);
}
-
+
error = (*so->so_proto->pr_usrreqs->pru_connect)(so, nam, p);
}
- if (dolock) socket_unlock(so, 1);
+ if (dolock)
+ socket_unlock(so, 1);
return (error);
}
int
-soconnect(so, nam)
- register struct socket *so;
- struct sockaddr *nam;
+soconnect(struct socket *so, struct sockaddr *nam)
{
return (soconnectlock(so, nam, 1));
}
+/*
+ * Returns: 0 Success
+ * <pru_connect2>:EINVAL[AF_UNIX]
+ * <pru_connect2>:EPROTOTYPE[AF_UNIX]
+ * <pru_connect2>:??? [other protocol families]
+ *
+ * Notes: <pru_connect2> is not supported by [TCP].
+ */
int
-soconnect2(so1, so2)
- register struct socket *so1;
- struct socket *so2;
+soconnect2(struct socket *so1, struct socket *so2)
{
int error;
socket_lock(so1, 1);
- if (so2->so_proto->pr_lock)
+ if (so2->so_proto->pr_lock)
socket_lock(so2, 1);
error = (*so1->so_proto->pr_usrreqs->pru_connect2)(so1, so2);
-
+
socket_unlock(so1, 1);
- if (so2->so_proto->pr_lock)
+ if (so2->so_proto->pr_lock)
socket_unlock(so2, 1);
return (error);
}
-
int
-sodisconnectlocked(so)
- register struct socket *so;
+sodisconnectlocked(struct socket *so)
{
int error;
error = EALREADY;
goto bad;
}
-
+
error = (*so->so_proto->pr_usrreqs->pru_disconnect)(so);
-
+
if (error == 0) {
sflt_notify(so, sock_evt_disconnected, NULL);
}
-
bad:
return (error);
}
-//### Locking version
+
+/* Locking version */
int
-sodisconnect(so)
- register struct socket *so;
+sodisconnect(struct socket *so)
{
- int error;
+ int error;
socket_lock(so, 1);
error = sodisconnectlocked(so);
socket_unlock(so, 1);
- return(error);
+ return (error);
}
#define SBLOCKWAIT(f) (((f) & MSG_DONTWAIT) ? M_DONTWAIT : M_WAIT)
/*
* sosendcheck will lock the socket buffer if it isn't locked and
* verify that there is space for the data being inserted.
+ *
+ * Returns: 0 Success
+ * EPIPE
+ * sblock:EWOULDBLOCK
+ * sblock:EINTR
+ * sbwait:EBADF
+ * sbwait:EINTR
+ * [so_error]:???
*/
-
static int
-sosendcheck(
- struct socket *so,
- struct sockaddr *addr,
- long resid,
- long clen,
- long atomic,
- int flags,
- int *sblocked)
+sosendcheck(struct socket *so, struct sockaddr *addr, long resid, long clen,
+ long atomic, int flags, int *sblocked)
{
int error = 0;
long space;
restart:
if (*sblocked == 0) {
if ((so->so_snd.sb_flags & SB_LOCK) != 0 &&
- so->so_send_filt_thread != 0 &&
- so->so_send_filt_thread == current_thread()) {
+ so->so_send_filt_thread != 0 &&
+ so->so_send_filt_thread == current_thread()) {
/*
* We're being called recursively from a filter,
* allow this to continue. Radar 4150520.
* to perform an unlock later.
*/
assumelock = 1;
- }
- else {
+ } else {
error = sblock(&so->so_snd, SBLOCKWAIT(flags));
if (error) {
- return error;
+ return (error);
}
*sblocked = 1;
}
}
-
- if (so->so_state & SS_CANTSENDMORE)
- return EPIPE;
-
+
+ /*
+ * If a send attempt is made on a previously-accepted socket
+ * that has been marked as inactive (disconnected), reject
+ * the request.
+ */
+ if (so->so_flags & SOF_DEFUNCT)
+ return (ENOTCONN);
+
+ if (so->so_state & SS_CANTSENDMORE)
+ return (EPIPE);
+
if (so->so_error) {
error = so->so_error;
so->so_error = 0;
- return error;
+ return (error);
}
-
+
if ((so->so_state & SS_ISCONNECTED) == 0) {
- /*
- * `sendto' and `sendmsg' is allowed on a connection-
- * based socket if it supports implied connect.
- * Return ENOTCONN if not connected and no address is
- * supplied.
- */
- if ((so->so_proto->pr_flags & PR_CONNREQUIRED) &&
- (so->so_proto->pr_flags & PR_IMPLOPCL) == 0) {
+ if ((so->so_proto->pr_flags & PR_CONNREQUIRED) != 0) {
if ((so->so_state & SS_ISCONFIRMING) == 0 &&
- !(resid == 0 && clen != 0))
- return ENOTCONN;
- } else if (addr == 0 && !(flags&MSG_HOLD))
- return (so->so_proto->pr_flags & PR_CONNREQUIRED) ? ENOTCONN : EDESTADDRREQ;
+ !(resid == 0 && clen != 0))
+ return (ENOTCONN);
+ } else if (addr == 0 && !(flags&MSG_HOLD)) {
+ return ((so->so_proto->pr_flags & PR_CONNREQUIRED) ?
+ ENOTCONN : EDESTADDRREQ);
+ }
}
space = sbspace(&so->so_snd);
if (flags & MSG_OOB)
space += 1024;
if ((atomic && resid > so->so_snd.sb_hiwat) ||
- clen > so->so_snd.sb_hiwat)
- return EMSGSIZE;
- if (space < resid + clen &&
- (atomic || space < so->so_snd.sb_lowat || space < clen)) {
- if ((so->so_state & SS_NBIO) || (flags & MSG_NBIO) || assumelock) {
- return EWOULDBLOCK;
+ clen > so->so_snd.sb_hiwat)
+ return (EMSGSIZE);
+ if (space < resid + clen &&
+ (atomic || space < (long)so->so_snd.sb_lowat || space < clen)) {
+ if ((so->so_state & SS_NBIO) || (flags & MSG_NBIO) ||
+ assumelock) {
+ return (EWOULDBLOCK);
}
sbunlock(&so->so_snd, 1);
error = sbwait(&so->so_snd);
if (error) {
- return error;
+ return (error);
}
goto restart;
}
-
- return 0;
+
+ return (0);
}
/*
* MSG_HOLD: go thru most of sosend(), but just enqueue the mbuf
* MSG_SEND: go thru as for MSG_HOLD on current fragment, then
* point at the mbuf chain being constructed and go from there.
+ *
+ * Returns: 0 Success
+ * EOPNOTSUPP
+ * EINVAL
+ * ENOBUFS
+ * uiomove:EFAULT
+ * sosendcheck:EPIPE
+ * sosendcheck:EWOULDBLOCK
+ * sosendcheck:EINTR
+ * sosendcheck:EBADF
+ * sosendcheck:EINTR
+ * sosendcheck:??? [value from so_error]
+ * <pru_send>:ECONNRESET[TCP]
+ * <pru_send>:EINVAL[TCP]
+ * <pru_send>:ENOBUFS[TCP]
+ * <pru_send>:EADDRINUSE[TCP]
+ * <pru_send>:EADDRNOTAVAIL[TCP]
+ * <pru_send>:EAFNOSUPPORT[TCP]
+ * <pru_send>:EACCES[TCP]
+ * <pru_send>:EAGAIN[TCP]
+ * <pru_send>:EPERM[TCP]
+ * <pru_send>:EMSGSIZE[TCP]
+ * <pru_send>:EHOSTUNREACH[TCP]
+ * <pru_send>:ENETUNREACH[TCP]
+ * <pru_send>:ENETDOWN[TCP]
+ * <pru_send>:ENOMEM[TCP]
+ * <pru_send>:ENOBUFS[TCP]
+ * <pru_send>:???[TCP] [ignorable: mostly IPSEC/firewall/DLIL]
+ * <pru_send>:EINVAL[AF_UNIX]
+ * <pru_send>:EOPNOTSUPP[AF_UNIX]
+ * <pru_send>:EPIPE[AF_UNIX]
+ * <pru_send>:ENOTCONN[AF_UNIX]
+ * <pru_send>:EISCONN[AF_UNIX]
+ * <pru_send>:???[AF_UNIX] [whatever a filter author chooses]
+ * <sf_data_out>:??? [whatever a filter author chooses]
+ *
+ * Notes: Other <pru_send> returns depend on the protocol family; all
+ * <sf_data_out> returns depend on what the filter author causes
+ * their filter to return.
*/
int
-sosend(so, addr, uio, top, control, flags)
- register struct socket *so;
- struct sockaddr *addr;
- struct uio *uio;
- struct mbuf *top;
- struct mbuf *control;
- int flags;
-
+sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
+ struct mbuf *top, struct mbuf *control, int flags)
{
struct mbuf **mp;
register struct mbuf *m, *freelist = NULL;
int sblocked = 0;
struct proc *p = current_proc();
- if (uio)
+ if (uio) {
// LP64todo - fix this!
resid = uio_resid(uio);
- else
+ } else {
resid = top->m_pkthdr.len;
-
- KERNEL_DEBUG((DBG_FNC_SOSEND | DBG_FUNC_START),
- so,
- resid,
- so->so_snd.sb_cc,
- so->so_snd.sb_lowat,
- so->so_snd.sb_hiwat);
+ }
+ KERNEL_DEBUG((DBG_FNC_SOSEND | DBG_FUNC_START), so, resid,
+ so->so_snd.sb_cc, so->so_snd.sb_lowat, so->so_snd.sb_hiwat);
socket_lock(so, 1);
+ if (so->so_type != SOCK_STREAM && (flags & MSG_OOB) != 0) {
+ error = EOPNOTSUPP;
+ socket_unlock(so, 1);
+ goto out;
+ }
/*
* In theory resid should be unsigned.
(flags & MSG_DONTROUTE) && (so->so_options & SO_DONTROUTE) == 0 &&
(so->so_proto->pr_flags & PR_ATOMIC);
if (p)
- p->p_stats->p_ru.ru_msgsnd++;
+ OSIncrementAtomic(&p->p_stats->p_ru.ru_msgsnd);
if (control)
clen = control->m_len;
do {
- error = sosendcheck(so, addr, resid, clen, atomic, flags, &sblocked);
+ error = sosendcheck(so, addr, resid, clen, atomic, flags,
+ &sblocked);
if (error) {
goto release;
}
mp = ⊤
- space = sbspace(&so->so_snd) - clen + ((flags & MSG_OOB) ? 1024 : 0);
+ space = sbspace(&so->so_snd) - clen + ((flags & MSG_OOB) ?
+ 1024 : 0);
do {
-
- if (uio == NULL) {
+ struct socket_filter_entry *filter;
+ int filtered;
+ boolean_t recursive;
+
+ if (uio == NULL) {
/*
* Data is prepackaged in "top".
*/
if (flags & MSG_EOR)
top->m_flags |= M_EOR;
} else {
- int chainlength;
- int bytes_to_copy;
-
+ int chainlength;
+ int bytes_to_copy;
+ boolean_t jumbocl;
+
bytes_to_copy = min(resid, space);
-
+
if (sosendminchain > 0) {
chainlength = 0;
- } else
+ } else {
chainlength = sosendmaxchain;
-
+ }
+
+ /*
+ * Attempt to use larger than system page-size
+ * clusters for large writes only if there is
+ * a jumbo cluster pool and if the socket is
+ * marked accordingly.
+ */
+ jumbocl = sosendjcl && njcl > 0 &&
+ ((so->so_flags & SOF_MULTIPAGES) ||
+ sosendjcl_ignore_capab);
+
socket_unlock(so, 0);
-
+
do {
int num_needed;
int hdrs_needed = (top == 0) ? 1 : 0;
-
+
/*
- * try to maintain a local cache of mbuf clusters needed to complete this write
- * the list is further limited to the number that are currently needed to fill the socket
- * this mechanism allows a large number of mbufs/clusters to be grabbed under a single
- * mbuf lock... if we can't get any clusters, than fall back to trying for mbufs
- * if we fail early (or miscalcluate the number needed) make sure to release any clusters
- * we haven't yet consumed.
+ * try to maintain a local cache of mbuf
+ * clusters needed to complete this
+ * write the list is further limited to
+ * the number that are currently needed
+ * to fill the socket this mechanism
+ * allows a large number of mbufs/
+ * clusters to be grabbed under a single
+ * mbuf lock... if we can't get any
+ * clusters, than fall back to trying
+ * for mbufs if we fail early (or
+ * miscalcluate the number needed) make
+ * sure to release any clusters we
+ * haven't yet consumed.
*/
- if (freelist == NULL && bytes_to_copy > MCLBYTES) {
- num_needed = bytes_to_copy / NBPG;
+ if (freelist == NULL &&
+ bytes_to_copy > NBPG && jumbocl) {
+ num_needed =
+ bytes_to_copy / M16KCLBYTES;
+
+ if ((bytes_to_copy -
+ (num_needed * M16KCLBYTES))
+ >= MINCLSIZE)
+ num_needed++;
+
+ freelist =
+ m_getpackets_internal(
+ (unsigned int *)&num_needed,
+ hdrs_needed, M_WAIT, 0,
+ M16KCLBYTES);
+ /*
+ * Fall back to 4K cluster size
+ * if allocation failed
+ */
+ }
+
+ if (freelist == NULL &&
+ bytes_to_copy > MCLBYTES) {
+ num_needed =
+ bytes_to_copy / NBPG;
- if ((bytes_to_copy - (num_needed * NBPG)) >= MINCLSIZE)
+ if ((bytes_to_copy -
+ (num_needed * NBPG)) >=
+ MINCLSIZE)
num_needed++;
-
- freelist = m_getpackets_internal(&num_needed, hdrs_needed, M_WAIT, 0, NBPG);
- /* Fall back to cluster size if allocation failed */
+
+ freelist =
+ m_getpackets_internal(
+ (unsigned int *)&num_needed,
+ hdrs_needed, M_WAIT, 0,
+ NBPG);
+ /*
+ * Fall back to cluster size
+ * if allocation failed
+ */
}
-
- if (freelist == NULL && bytes_to_copy > MINCLSIZE) {
- num_needed = bytes_to_copy / MCLBYTES;
-
- if ((bytes_to_copy - (num_needed * MCLBYTES)) >= MINCLSIZE)
+
+ if (freelist == NULL &&
+ bytes_to_copy > MINCLSIZE) {
+ num_needed =
+ bytes_to_copy / MCLBYTES;
+
+ if ((bytes_to_copy -
+ (num_needed * MCLBYTES)) >=
+ MINCLSIZE)
num_needed++;
-
- freelist = m_getpackets_internal(&num_needed, hdrs_needed, M_WAIT, 0, MCLBYTES);
- /* Fall back to a single mbuf if allocation failed */
+
+ freelist =
+ m_getpackets_internal(
+ (unsigned int *)&num_needed,
+ hdrs_needed, M_WAIT, 0,
+ MCLBYTES);
+ /*
+ * Fall back to a single mbuf
+ * if allocation failed
+ */
}
-
+
if (freelist == NULL) {
if (top == 0)
- MGETHDR(freelist, M_WAIT, MT_DATA);
+ MGETHDR(freelist,
+ M_WAIT, MT_DATA);
else
- MGET(freelist, M_WAIT, MT_DATA);
+ MGET(freelist,
+ M_WAIT, MT_DATA);
if (freelist == NULL) {
error = ENOBUFS;
goto release;
}
/*
- * For datagram protocols, leave room
- * for protocol headers in first mbuf.
+ * For datagram protocols,
+ * leave room for protocol
+ * headers in first mbuf.
*/
- if (atomic && top == 0 && bytes_to_copy < MHLEN)
- MH_ALIGN(freelist, bytes_to_copy);
+ if (atomic && top == 0 &&
+ bytes_to_copy < MHLEN) {
+ MH_ALIGN(freelist,
+ bytes_to_copy);
+ }
}
m = freelist;
freelist = m->m_next;
m->m_next = NULL;
-
+
if ((m->m_flags & M_EXT))
mlen = m->m_ext.ext_size;
else if ((m->m_flags & M_PKTHDR))
- mlen = MHLEN - m_leadingspace(m);
+ mlen =
+ MHLEN - m_leadingspace(m);
else
mlen = MLEN;
len = min(mlen, bytes_to_copy);
chainlength += len;
-
+
space -= len;
- error = uiomove(mtod(m, caddr_t), (int)len, uio);
-
+ error = uiomove(mtod(m, caddr_t),
+ (int)len, uio);
+
// LP64todo - fix this!
resid = uio_resid(uio);
-
+
m->m_len = len;
*mp = m;
top->m_pkthdr.len += len;
- if (error)
+ if (error)
break;
mp = &m->m_next;
if (resid <= 0) {
break;
}
bytes_to_copy = min(resid, space);
-
- } while (space > 0 && (chainlength < sosendmaxchain || atomic || resid < MINCLSIZE));
-
+
+ } while (space > 0 &&
+ (chainlength < sosendmaxchain || atomic ||
+ resid < MINCLSIZE));
+
socket_lock(so, 0);
-
+
if (error)
goto release;
}
-
- if (flags & (MSG_HOLD|MSG_SEND))
- {
+
+ if (flags & (MSG_HOLD|MSG_SEND)) {
/* Enqueue for later, go away if HOLD */
register struct mbuf *mb1;
- if (so->so_temp && (flags & MSG_FLUSH))
- {
+ if (so->so_temp && (flags & MSG_FLUSH)) {
m_freem(so->so_temp);
so->so_temp = NULL;
}
so->so_temp = top;
mb1 = top;
while (mb1->m_next)
- mb1 = mb1->m_next;
+ mb1 = mb1->m_next;
so->so_tail = mb1;
- if (flags & MSG_HOLD)
- {
+ if (flags & MSG_HOLD) {
top = NULL;
goto release;
}
top = so->so_temp;
- }
- if (dontroute)
- so->so_options |= SO_DONTROUTE;
- /* Compute flags here, for pru_send and NKEs */
- sendflags = (flags & MSG_OOB) ? PRUS_OOB :
- /*
- * If the user set MSG_EOF, the protocol
- * understands this flag and nothing left to
- * send then use PRU_SEND_EOF instead of PRU_SEND.
- */
- ((flags & MSG_EOF) &&
- (so->so_proto->pr_flags & PR_IMPLOPCL) &&
- (resid <= 0)) ?
+ }
+ if (dontroute)
+ so->so_options |= SO_DONTROUTE;
+
+ /* Compute flags here, for pru_send and NKEs */
+ sendflags = (flags & MSG_OOB) ? PRUS_OOB :
+ /*
+ * If the user set MSG_EOF, the protocol
+ * understands this flag and nothing left to
+ * send then use PRU_SEND_EOF instead of PRU_SEND.
+ */
+ ((flags & MSG_EOF) &&
+ (so->so_proto->pr_flags & PR_IMPLOPCL) &&
+ (resid <= 0)) ?
PRUS_EOF :
- /* If there is more to send set PRUS_MORETOCOME */
- (resid > 0 && space > 0) ? PRUS_MORETOCOME : 0;
-
+ /* If there is more to send set PRUS_MORETOCOME */
+ (resid > 0 && space > 0) ? PRUS_MORETOCOME : 0;
+
/*
* Socket filter processing
*/
- {
- struct socket_filter_entry *filter;
- int filtered;
-
- filtered = 0;
- error = 0;
- for (filter = so->so_filt; filter && (error == 0);
- filter = filter->sfe_next_onsocket) {
- if (filter->sfe_filter->sf_filter.sf_data_out) {
- int so_flags = 0;
- if (filtered == 0) {
- filtered = 1;
- so->so_send_filt_thread = current_thread();
- sflt_use(so);
- socket_unlock(so, 0);
- so_flags = (sendflags & MSG_OOB) ? sock_data_filt_flag_oob : 0;
- }
- error = filter->sfe_filter->sf_filter.sf_data_out(
- filter->sfe_cookie, so, addr, &top, &control, so_flags);
+ recursive = (so->so_send_filt_thread != NULL);
+ filtered = 0;
+ error = 0;
+ for (filter = so->so_filt; filter && (error == 0);
+ filter = filter->sfe_next_onsocket) {
+ if (filter->sfe_filter->sf_filter.sf_data_out) {
+ int so_flags = 0;
+ if (filtered == 0) {
+ filtered = 1;
+ so->so_send_filt_thread =
+ current_thread();
+ sflt_use(so);
+ socket_unlock(so, 0);
+ so_flags =
+ (sendflags & MSG_OOB) ?
+ sock_data_filt_flag_oob : 0;
}
+ error = filter->sfe_filter->sf_filter.
+ sf_data_out(filter->sfe_cookie, so,
+ addr, &top, &control, so_flags);
}
-
- if (filtered) {
- /*
- * At this point, we've run at least one filter.
- * The socket is unlocked as is the socket buffer.
- */
- socket_lock(so, 0);
- sflt_unuse(so);
+ }
+
+ if (filtered) {
+ /*
+ * At this point, we've run at least one
+ * filter. The socket is unlocked as is
+ * the socket buffer. Clear the recorded
+ * filter thread only when we are outside
+ * of a filter's context. This allows for
+ * a filter to issue multiple inject calls
+ * from its sf_data_out callback routine.
+ */
+ socket_lock(so, 0);
+ sflt_unuse(so);
+ if (!recursive)
so->so_send_filt_thread = 0;
- if (error) {
- if (error == EJUSTRETURN) {
- error = 0;
- clen = 0;
- control = 0;
- top = 0;
- }
-
- goto release;
+ if (error) {
+ if (error == EJUSTRETURN) {
+ error = 0;
+ clen = 0;
+ control = 0;
+ top = 0;
}
+
+ goto release;
}
}
/*
* End Socket filter processing
*/
-
+
if (error == EJUSTRETURN) {
/* A socket filter handled this data */
error = 0;
- }
- else {
- error = (*so->so_proto->pr_usrreqs->pru_send)(so,
- sendflags, top, addr, control, p);
+ } else {
+ error = (*so->so_proto->pr_usrreqs->pru_send)
+ (so, sendflags, top, addr, control, p);
}
#ifdef __APPLE__
- if (flags & MSG_SEND)
- so->so_temp = NULL;
+ if (flags & MSG_SEND)
+ so->so_temp = NULL;
#endif
- if (dontroute)
- so->so_options &= ~SO_DONTROUTE;
- clen = 0;
- control = 0;
- top = 0;
- mp = ⊤
- if (error)
- goto release;
+ if (dontroute)
+ so->so_options &= ~SO_DONTROUTE;
+
+ clen = 0;
+ control = 0;
+ top = 0;
+ mp = ⊤
+ if (error)
+ goto release;
} while (resid && space > 0);
} while (resid);
if (control)
m_freem(control);
if (freelist)
- m_freem_list(freelist);
+ m_freem_list(freelist);
- KERNEL_DEBUG(DBG_FNC_SOSEND | DBG_FUNC_END,
- so,
- resid,
- so->so_snd.sb_cc,
- space,
- error);
+ KERNEL_DEBUG(DBG_FNC_SOSEND | DBG_FUNC_END, so, resid, so->so_snd.sb_cc,
+ space, error);
return (error);
}
* The caller may receive the data as a single mbuf chain by supplying
* an mbuf **mp0 for use in returning the chain. The uio is then used
* only for the count in uio_resid.
+ *
+ * Returns: 0 Success
+ * ENOBUFS
+ * ENOTCONN
+ * EWOULDBLOCK
+ * uiomove:EFAULT
+ * sblock:EWOULDBLOCK
+ * sblock:EINTR
+ * sbwait:EBADF
+ * sbwait:EINTR
+ * sodelayed_copy:EFAULT
+ * <pru_rcvoob>:EINVAL[TCP]
+ * <pru_rcvoob>:EWOULDBLOCK[TCP]
+ * <pru_rcvoob>:???
+ * <pr_domain->dom_externalize>:EMSGSIZE[AF_UNIX]
+ * <pr_domain->dom_externalize>:ENOBUFS[AF_UNIX]
+ * <pr_domain->dom_externalize>:???
+ *
+ * Notes: Additional return values from calls through <pru_rcvoob> and
+ * <pr_domain->dom_externalize> depend on protocols other than
+ * TCP or AF_UNIX, which are documented above.
*/
int
-soreceive(so, psa, uio, mp0, controlp, flagsp)
- register struct socket *so;
- struct sockaddr **psa;
- struct uio *uio;
- struct mbuf **mp0;
- struct mbuf **controlp;
- int *flagsp;
+soreceive(struct socket *so, struct sockaddr **psa, struct uio *uio,
+ struct mbuf **mp0, struct mbuf **controlp, int *flagsp)
{
register struct mbuf *m, **mp, *ml = NULL;
register int flags, len, error, offset;
int moff, type = 0;
// LP64todo - fix this!
int orig_resid = uio_resid(uio);
- volatile struct mbuf *free_list;
- volatile int delayed_copy_len;
+ struct mbuf *free_list;
+ int delayed_copy_len;
int can_delay;
int need_event;
struct proc *p = current_proc();
-
- // LP64todo - fix this!
- KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_START,
- so,
- uio_resid(uio),
- so->so_rcv.sb_cc,
- so->so_rcv.sb_lowat,
- so->so_rcv.sb_hiwat);
+ // LP64todo - fix this!
+ KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_START, so, uio_resid(uio),
+ so->so_rcv.sb_cc, so->so_rcv.sb_lowat, so->so_rcv.sb_hiwat);
socket_lock(so, 1);
flags = *flagsp &~ MSG_EOR;
else
flags = 0;
- /*
- * When SO_WANTOOBFLAG is set we try to get out-of-band data
- * regardless of the flags argument. Here is the case were
- * out-of-band data is not inline.
- */
- if ((flags & MSG_OOB) ||
- ((so->so_options & SO_WANTOOBFLAG) != 0 &&
- (so->so_options & SO_OOBINLINE) == 0 &&
- (so->so_oobmark || (so->so_state & SS_RCVATMARK)))) {
+
+ /*
+ * If a recv attempt is made on a previously-accepted socket
+ * that has been marked as inactive (disconnected), reject
+ * the request.
+ */
+ if (so->so_flags & SOF_DEFUNCT) {
+ struct sockbuf *sb = &so->so_rcv;
+
+ /*
+ * This socket should have been disconnected and flushed
+ * prior to being returned from accept; there should be
+ * no data on its receive list, so panic otherwise.
+ */
+ sb_empty_assert(sb, __func__);
+ socket_unlock(so, 1);
+ return (ENOTCONN);
+ }
+
+ /*
+ * When SO_WANTOOBFLAG is set we try to get out-of-band data
+ * regardless of the flags argument. Here is the case were
+ * out-of-band data is not inline.
+ */
+ if ((flags & MSG_OOB) ||
+ ((so->so_options & SO_WANTOOBFLAG) != 0 &&
+ (so->so_options & SO_OOBINLINE) == 0 &&
+ (so->so_oobmark || (so->so_state & SS_RCVATMARK)))) {
m = m_get(M_WAIT, MT_DATA);
if (m == NULL) {
socket_unlock(so, 1);
- KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, ENOBUFS,0,0,0,0);
+ KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END,
+ ENOBUFS, 0, 0, 0, 0);
return (ENOBUFS);
}
error = (*pr->pr_usrreqs->pru_rcvoob)(so, m, flags & MSG_PEEK);
do {
// LP64todo - fix this!
error = uiomove(mtod(m, caddr_t),
- (int) min(uio_resid(uio), m->m_len), uio);
+ (int)min(uio_resid(uio), m->m_len), uio);
m = m_free(m);
} while (uio_resid(uio) && error == 0 && m);
socket_lock(so, 0);
#ifdef __APPLE__
if ((so->so_options & SO_WANTOOBFLAG) != 0) {
if (error == EWOULDBLOCK || error == EINVAL) {
- /*
+ /*
* Let's try to get normal data:
- * EWOULDBLOCK: out-of-band data not receive yet;
- * EINVAL: out-of-band data already read.
+ * EWOULDBLOCK: out-of-band data not
+ * receive yet. EINVAL: out-of-band data
+ * already read.
*/
error = 0;
goto nooob;
- } else if (error == 0 && flagsp)
+ } else if (error == 0 && flagsp) {
*flagsp |= MSG_OOB;
- }
+ }
+ }
socket_unlock(so, 1);
- KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,0,0,0,0);
+ KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,
+ 0, 0, 0, 0);
#endif
return (error);
}
restart:
#ifdef MORE_LOCKING_DEBUG
if (so->so_usecount <= 1)
- printf("soreceive: sblock so=%x ref=%d on socket\n", so, so->so_usecount);
+ printf("soreceive: sblock so=%p ref=%d on socket\n",
+ so, so->so_usecount);
#endif
+ /*
+ * See if the socket has been closed (SS_NOFDREF|SS_CANTRCVMORE)
+ * and if so just return to the caller. This could happen when
+ * soreceive() is called by a socket upcall function during the
+ * time the socket is freed. The socket buffer would have been
+ * locked across the upcall, therefore we cannot put this thread
+ * to sleep (else we will deadlock) or return EWOULDBLOCK (else
+ * we may livelock), because the lock on the socket buffer will
+ * only be released when the upcall routine returns to its caller.
+ * Because the socket has been officially closed, there can be
+ * no further read on it.
+ */
+ if ((so->so_state & (SS_NOFDREF | SS_CANTRCVMORE)) ==
+ (SS_NOFDREF | SS_CANTRCVMORE)) {
+ socket_unlock(so, 1);
+ return (0);
+ }
+
error = sblock(&so->so_rcv, SBLOCKWAIT(flags));
if (error) {
socket_unlock(so, 1);
- KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,0,0,0,0);
+ KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,
+ 0, 0, 0, 0);
return (error);
}
*/
if (m == 0 || (((flags & MSG_DONTWAIT) == 0 &&
so->so_rcv.sb_cc < uio_resid(uio)) &&
- (so->so_rcv.sb_cc < so->so_rcv.sb_lowat ||
+ (so->so_rcv.sb_cc < so->so_rcv.sb_lowat ||
((flags & MSG_WAITALL) && uio_resid(uio) <= so->so_rcv.sb_hiwat)) &&
m->m_nextpkt == 0 && (pr->pr_flags & PR_ATOMIC) == 0)) {
+ /*
+ * Panic if we notice inconsistencies in the socket's
+ * receive list; both sb_mb and sb_cc should correctly
+ * reflect the contents of the list, otherwise we may
+ * end up with false positives during select() or poll()
+ * which could put the application in a bad state.
+ */
+ if (m == NULL && so->so_rcv.sb_cc != 0)
+ panic("soreceive corrupted so_rcv: m %p cc %lu",
+ m, so->so_rcv.sb_cc);
- KASSERT(m != 0 || !so->so_rcv.sb_cc, ("receive 1"));
if (so->so_error) {
if (m)
goto dontblock;
goto release;
}
for (; m; m = m->m_next)
- if (m->m_type == MT_OOBDATA || (m->m_flags & M_EOR)) {
+ if (m->m_type == MT_OOBDATA || (m->m_flags & M_EOR)) {
m = so->so_rcv.sb_mb;
goto dontblock;
}
}
if (uio_resid(uio) == 0)
goto release;
- if ((so->so_state & SS_NBIO) || (flags & (MSG_DONTWAIT|MSG_NBIO))) {
+ if ((so->so_state & SS_NBIO) ||
+ (flags & (MSG_DONTWAIT|MSG_NBIO))) {
error = EWOULDBLOCK;
goto release;
}
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 1");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 1");
sbunlock(&so->so_rcv, 1);
-#ifdef EVEN_MORE_LOCKING_DEBUG
+#if EVEN_MORE_LOCKING_DEBUG
if (socket_debug)
- printf("Waiting for socket data\n");
+ printf("Waiting for socket data\n");
#endif
error = sbwait(&so->so_rcv);
-#ifdef EVEN_MORE_LOCKING_DEBUG
+#if EVEN_MORE_LOCKING_DEBUG
if (socket_debug)
- printf("SORECEIVE - sbwait returned %d\n", error);
+ printf("SORECEIVE - sbwait returned %d\n", error);
#endif
if (so->so_usecount < 1)
- panic("soreceive: after 2nd sblock so=%x ref=%d on socket\n", so, so->so_usecount);
+ panic("soreceive: after 2nd sblock so=%p ref=%d on "
+ "socket\n", so, so->so_usecount);
if (error) {
socket_unlock(so, 1);
- KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,0,0,0,0);
- return (error);
+ KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,
+ 0, 0, 0, 0);
+ return (error);
}
goto restart;
}
* fill out the uio structure properly.
*/
if (p)
- p->p_stats->p_ru.ru_msgrcv++;
+ OSIncrementAtomic(&p->p_stats->p_ru.ru_msgrcv);
#endif /* __APPLE__ */
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive 1");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive 1");
nextrecord = m->m_nextpkt;
if ((pr->pr_flags & PR_ADDR) && m->m_type == MT_SONAME) {
KASSERT(m->m_type == MT_SONAME, ("receive 1a"));
+#if CONFIG_MACF_SOCKET_SUBSET
+ /*
+ * Call the MAC framework for policy checking if we're in
+ * the user process context and the socket isn't connected.
+ */
+ if (p != kernproc && !(so->so_state & SS_ISCONNECTED)) {
+ struct mbuf *m0 = m;
+ /*
+ * Dequeue this record (temporarily) from the receive
+ * list since we're about to drop the socket's lock
+ * where a new record may arrive and be appended to
+ * the list. Upon MAC policy failure, the record
+ * will be freed. Otherwise, we'll add it back to
+ * the head of the list. We cannot rely on SB_LOCK
+ * because append operation uses the socket's lock.
+ */
+ do {
+ m->m_nextpkt = NULL;
+ sbfree(&so->so_rcv, m);
+ m = m->m_next;
+ } while (m != NULL);
+ m = m0;
+ so->so_rcv.sb_mb = nextrecord;
+ SB_EMPTY_FIXUP(&so->so_rcv);
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive 1a");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive 1a");
+ socket_unlock(so, 0);
+ if (mac_socket_check_received(proc_ucred(p), so,
+ mtod(m, struct sockaddr *)) != 0) {
+ /*
+ * MAC policy failure; free this record and
+ * process the next record (or block until
+ * one is available). We have adjusted sb_cc
+ * and sb_mbcnt above so there is no need to
+ * call sbfree() again.
+ */
+ do {
+ m = m_free(m);
+ } while (m != NULL);
+ /*
+ * Clear SB_LOCK but don't unlock the socket.
+ * Process the next record or wait for one.
+ */
+ socket_lock(so, 0);
+ sbunlock(&so->so_rcv, 1);
+ goto restart;
+ }
+ socket_lock(so, 0);
+ /*
+ * Re-adjust the socket receive list and re-enqueue
+ * the record in front of any packets which may have
+ * been appended while we dropped the lock.
+ */
+ for (m = m0; m->m_next != NULL; m = m->m_next)
+ sballoc(&so->so_rcv, m);
+ sballoc(&so->so_rcv, m);
+ if (so->so_rcv.sb_mb == NULL) {
+ so->so_rcv.sb_lastrecord = m0;
+ so->so_rcv.sb_mbtail = m;
+ }
+ m = m0;
+ nextrecord = m->m_nextpkt = so->so_rcv.sb_mb;
+ so->so_rcv.sb_mb = m;
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive 1b");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive 1b");
+ }
+#endif /* CONFIG_MACF_SOCKET_SUBSET */
orig_resid = 0;
if (psa) {
*psa = dup_sockaddr(mtod(m, struct sockaddr *),
- mp0 == 0);
+ mp0 == 0);
if ((*psa == 0) && (flags & MSG_NEEDSA)) {
error = EWOULDBLOCK;
goto release;
} else {
sbfree(&so->so_rcv, m);
if (m->m_next == 0 && so->so_rcv.sb_cc != 0)
- panic("soreceive: about to create invalid socketbuf");
+ panic("soreceive: about to create invalid "
+ "socketbuf");
MFREE(m, so->so_rcv.sb_mb);
m = so->so_rcv.sb_mb;
+ if (m != NULL) {
+ m->m_nextpkt = nextrecord;
+ } else {
+ so->so_rcv.sb_mb = nextrecord;
+ SB_EMPTY_FIXUP(&so->so_rcv);
+ }
}
}
- while (m && m->m_type == MT_CONTROL && error == 0) {
- if (flags & MSG_PEEK) {
- if (controlp)
- *controlp = m_copy(m, 0, m->m_len);
- m = m->m_next;
- } else {
- sbfree(&so->so_rcv, m);
- if (controlp) {
- if (pr->pr_domain->dom_externalize &&
- mtod(m, struct cmsghdr *)->cmsg_type ==
- SCM_RIGHTS) {
- socket_unlock(so, 0); /* release socket lock: see 3903171 */
- error = (*pr->pr_domain->dom_externalize)(m);
- socket_lock(so, 0);
+
+ /*
+ * Process one or more MT_CONTROL mbufs present before any data mbufs
+ * in the first mbuf chain on the socket buffer. If MSG_PEEK, we
+ * just copy the data; if !MSG_PEEK, we call into the protocol to
+ * perform externalization.
+ */
+ if (m != NULL && m->m_type == MT_CONTROL) {
+ struct mbuf *cm = NULL, *cmn;
+ struct mbuf **cme = &cm;
+ struct sockbuf *sb_rcv = &so->so_rcv;
+
+ /*
+ * Externalizing the control messages would require us to
+ * drop the socket's lock below. Once we re-acquire the
+ * lock, the mbuf chain might change. In order to preserve
+ * consistency, we unlink all control messages from the
+ * first mbuf chain in one shot and link them separately
+ * onto a different chain.
+ */
+ do {
+ if (flags & MSG_PEEK) {
+ if (controlp != NULL) {
+ *controlp = m_copy(m, 0, m->m_len);
+ controlp = &(*controlp)->m_next;
}
- *controlp = m;
- if (m->m_next == 0 && so->so_rcv.sb_cc != 0)
- panic("soreceive: so->so_rcv.sb_mb->m_next == 0 && so->so_rcv.sb_cc != 0");
- so->so_rcv.sb_mb = m->m_next;
- m->m_next = 0;
- m = so->so_rcv.sb_mb;
+ m = m->m_next;
} else {
- MFREE(m, so->so_rcv.sb_mb);
- m = so->so_rcv.sb_mb;
+ m->m_nextpkt = NULL;
+ sbfree(sb_rcv, m);
+ sb_rcv->sb_mb = m->m_next;
+ m->m_next = NULL;
+ *cme = m;
+ cme = &(*cme)->m_next;
+ m = sb_rcv->sb_mb;
}
+ } while (m != NULL && m->m_type == MT_CONTROL);
+
+ if (!(flags & MSG_PEEK)) {
+ if (sb_rcv->sb_mb != NULL) {
+ sb_rcv->sb_mb->m_nextpkt = nextrecord;
+ } else {
+ sb_rcv->sb_mb = nextrecord;
+ SB_EMPTY_FIXUP(sb_rcv);
+ }
+ if (nextrecord == NULL)
+ sb_rcv->sb_lastrecord = m;
}
- if (controlp) {
- orig_resid = 0;
- controlp = &(*controlp)->m_next;
+
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive ctl");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive ctl");
+
+ while (cm != NULL) {
+ int cmsg_type;
+
+ cmn = cm->m_next;
+ cm->m_next = NULL;
+ cmsg_type = mtod(cm, struct cmsghdr *)->cmsg_type;
+
+ /*
+ * Call the protocol to externalize SCM_RIGHTS message
+ * and return the modified message to the caller upon
+ * success. Otherwise, all other control messages are
+ * returned unmodified to the caller. Note that we
+ * only get into this loop if MSG_PEEK is not set.
+ */
+ if (pr->pr_domain->dom_externalize != NULL &&
+ cmsg_type == SCM_RIGHTS) {
+ /*
+ * Release socket lock: see 3903171. This
+ * would also allow more records to be appended
+ * to the socket buffer. We still have SB_LOCK
+ * set on it, so we can be sure that the head
+ * of the mbuf chain won't change.
+ */
+ socket_unlock(so, 0);
+ error = (*pr->pr_domain->dom_externalize)(cm);
+ socket_lock(so, 0);
+ } else {
+ error = 0;
+ }
+
+ if (controlp != NULL && error == 0) {
+ *controlp = cm;
+ controlp = &(*controlp)->m_next;
+ orig_resid = 0;
+ } else {
+ (void) m_free(cm);
+ }
+ cm = cmn;
}
+ orig_resid = 0;
+ if (sb_rcv->sb_mb != NULL)
+ nextrecord = sb_rcv->sb_mb->m_nextpkt;
+ else
+ nextrecord = NULL;
}
- if (m) {
- if ((flags & MSG_PEEK) == 0)
- m->m_nextpkt = nextrecord;
+
+ if (m != NULL) {
+ if (!(flags & MSG_PEEK)) {
+ /*
+ * We get here because m points to an mbuf following
+ * any MT_SONAME or MT_CONTROL mbufs which have been
+ * processed above. In any case, m should be pointing
+ * to the head of the mbuf chain, and the nextrecord
+ * should be either NULL or equal to m->m_nextpkt.
+ * See comments above about SB_LOCK.
+ */
+ if (m != so->so_rcv.sb_mb || m->m_nextpkt != nextrecord)
+ panic("soreceive: post-control !sync so=%p "
+ "m=%p nextrecord=%p\n", so, m, nextrecord);
+
+ if (nextrecord == NULL)
+ so->so_rcv.sb_lastrecord = m;
+ }
type = m->m_type;
if (type == MT_OOBDATA)
flags |= MSG_OOB;
+ } else {
+ if (!(flags & MSG_PEEK)) {
+ so->so_rcv.sb_mb = nextrecord;
+ SB_EMPTY_FIXUP(&so->so_rcv);
+ }
}
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive 2");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive 2");
+
moff = 0;
offset = 0;
if (!(flags & MSG_PEEK) && uio_resid(uio) > sorecvmincopy)
- can_delay = 1;
+ can_delay = 1;
else
- can_delay = 0;
+ can_delay = 0;
need_event = 0;
if (m->m_type == MT_OOBDATA) {
if (type != MT_OOBDATA)
break;
- } else if (type == MT_OOBDATA)
+ } else if (type == MT_OOBDATA) {
break;
-#ifndef __APPLE__
-/*
- * This assertion needs rework. The trouble is Appletalk is uses many
- * mbuf types (NOT listed in mbuf.h!) which will trigger this panic.
- * For now just remove the assertion... CSM 9/98
- */
- else
- KASSERT(m->m_type == MT_DATA || m->m_type == MT_HEADER,
- ("receive 3"));
-#else
+ }
/*
- * Make sure to allways set MSG_OOB event when getting
+ * Make sure to allways set MSG_OOB event when getting
* out of band data inline.
*/
if ((so->so_options & SO_WANTOOBFLAG) != 0 &&
- (so->so_options & SO_OOBINLINE) != 0 &&
- (so->so_state & SS_RCVATMARK) != 0) {
+ (so->so_options & SO_OOBINLINE) != 0 &&
+ (so->so_state & SS_RCVATMARK) != 0) {
flags |= MSG_OOB;
}
-#endif
so->so_state &= ~SS_RCVATMARK;
// LP64todo - fix this!
len = uio_resid(uio) - delayed_copy_len;
* block interrupts again.
*/
if (mp == 0) {
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive uiomove");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive uiomove");
if (can_delay && len == m->m_len) {
- /*
+ /*
* only delay the copy if we're consuming the
* mbuf and we're NOT in MSG_PEEK mode
* and we have enough data to make it worthwile
- * to drop and retake the funnel... can_delay
- * reflects the state of the 2 latter constraints
- * moff should always be zero in these cases
+ * to drop and retake the lock... can_delay
+ * reflects the state of the 2 latter
+ * constraints moff should always be zero
+ * in these cases
*/
- delayed_copy_len += len;
+ delayed_copy_len += len;
} else {
-
- if (delayed_copy_len) {
- error = sodelayed_copy(so, uio, &free_list, &delayed_copy_len);
+ if (delayed_copy_len) {
+ error = sodelayed_copy(so, uio,
+ &free_list, &delayed_copy_len);
if (error) {
goto release;
}
+ /*
+ * can only get here if MSG_PEEK is not
+ * set therefore, m should point at the
+ * head of the rcv queue; if it doesn't,
+ * it means something drastically
+ * changed while we were out from behind
+ * the lock in sodelayed_copy. perhaps
+ * a RST on the stream. in any event,
+ * the stream has been interrupted. it's
+ * probably best just to return whatever
+ * data we've moved and let the caller
+ * sort it out...
+ */
if (m != so->so_rcv.sb_mb) {
- /*
- * can only get here if MSG_PEEK is not set
- * therefore, m should point at the head of the rcv queue...
- * if it doesn't, it means something drastically changed
- * while we were out from behind the funnel in sodelayed_copy...
- * perhaps a RST on the stream... in any event, the stream has
- * been interrupted... it's probably best just to return
- * whatever data we've moved and let the caller sort it out...
- */
- break;
+ break;
}
}
socket_unlock(so, 0);
- error = uiomove(mtod(m, caddr_t) + moff, (int)len, uio);
+ error = uiomove(mtod(m, caddr_t) + moff,
+ (int)len, uio);
socket_lock(so, 0);
if (error)
- goto release;
+ goto release;
}
- } else
+ } else {
uio_setresid(uio, (uio_resid(uio) - len));
-
+ }
if (len == m->m_len - moff) {
if (m->m_flags & M_EOR)
flags |= MSG_EOR;
*mp = (struct mbuf *)0;
} else {
if (free_list == NULL)
- free_list = m;
- else
- ml->m_next = m;
- ml = m;
+ free_list = m;
+ else
+ ml->m_next = m;
+ ml = m;
so->so_rcv.sb_mb = m = m->m_next;
- ml->m_next = 0;
+ ml->m_next = 0;
}
- if (m)
+ if (m != NULL) {
m->m_nextpkt = nextrecord;
+ if (nextrecord == NULL)
+ so->so_rcv.sb_lastrecord = m;
+ } else {
+ so->so_rcv.sb_mb = nextrecord;
+ SB_EMPTY_FIXUP(&so->so_rcv);
+ }
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive 3");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive 3");
}
} else {
- if (flags & MSG_PEEK)
+ if (flags & MSG_PEEK) {
moff += len;
- else {
+ } else {
if (mp)
*mp = m_copym(m, 0, len, M_WAIT);
m->m_data += len;
if ((flags & MSG_PEEK) == 0) {
so->so_oobmark -= len;
if (so->so_oobmark == 0) {
- so->so_state |= SS_RCVATMARK;
- /*
- * delay posting the actual event until after
- * any delayed copy processing has finished
- */
- need_event = 1;
- break;
+ so->so_state |= SS_RCVATMARK;
+ /*
+ * delay posting the actual event until
+ * after any delayed copy processing
+ * has finished
+ */
+ need_event = 1;
+ break;
}
} else {
offset += len;
break;
}
}
- if (flags & MSG_EOR)
+ if (flags & MSG_EOR)
break;
/*
- * If the MSG_WAITALL or MSG_WAITSTREAM flag is set (for non-atomic socket),
- * we must not quit until "uio->uio_resid == 0" or an error
- * termination. If a signal/timeout occurs, return
- * with a short count but without error.
- * Keep sockbuf locked against other readers.
+ * If the MSG_WAITALL or MSG_WAITSTREAM flag is set
+ * (for non-atomic socket), we must not quit until
+ * "uio->uio_resid == 0" or an error termination.
+ * If a signal/timeout occurs, return with a short
+ * count but without error. Keep sockbuf locked
+ * against other readers.
*/
- while (flags & (MSG_WAITALL|MSG_WAITSTREAM) && m == 0 && (uio_resid(uio) - delayed_copy_len) > 0 &&
+ while (flags & (MSG_WAITALL|MSG_WAITSTREAM) && m == 0 &&
+ (uio_resid(uio) - delayed_copy_len) > 0 &&
!sosendallatonce(so) && !nextrecord) {
if (so->so_error || so->so_state & SS_CANTRCVMORE)
- goto release;
+ goto release;
+
+ /*
+ * Depending on the protocol (e.g. TCP), the following
+ * might cause the socket lock to be dropped and later
+ * be reacquired, and more data could have arrived and
+ * have been appended to the receive socket buffer by
+ * the time it returns. Therefore, we only sleep in
+ * sbwait() below if and only if the socket buffer is
+ * empty, in order to avoid a false sleep.
+ */
+ if (pr->pr_flags & PR_WANTRCVD && so->so_pcb &&
+ (((struct inpcb *)so->so_pcb)->inp_state !=
+ INPCB_STATE_DEAD))
+ (*pr->pr_usrreqs->pru_rcvd)(so, flags);
+
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 2");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 2");
- if (pr->pr_flags & PR_WANTRCVD && so->so_pcb && (((struct inpcb *)so->so_pcb)->inp_state != INPCB_STATE_DEAD))
- (*pr->pr_usrreqs->pru_rcvd)(so, flags);
- if (sbwait(&so->so_rcv)) {
- error = 0;
+ if (so->so_rcv.sb_mb == NULL && sbwait(&so->so_rcv)) {
+ error = 0;
goto release;
}
/*
- * have to wait until after we get back from the sbwait to do the copy because
- * we will drop the funnel if we have enough data that has been delayed... by dropping
- * the funnel we open up a window allowing the netisr thread to process the incoming packets
- * and to change the state of this socket... we're issuing the sbwait because
- * the socket is empty and we're expecting the netisr thread to wake us up when more
- * packets arrive... if we allow that processing to happen and then sbwait, we
- * could stall forever with packets sitting in the socket if no further packets
- * arrive from the remote side.
+ * have to wait until after we get back from the sbwait
+ * to do the copy because we will drop the lock if we
+ * have enough data that has been delayed... by dropping
+ * the lock we open up a window allowing the netisr
+ * thread to process the incoming packets and to change
+ * the state of this socket... we're issuing the sbwait
+ * because the socket is empty and we're expecting the
+ * netisr thread to wake us up when more packets arrive;
+ * if we allow that processing to happen and then sbwait
+ * we could stall forever with packets sitting in the
+ * socket if no further packets arrive from the remote
+ * side.
*
- * we want to copy before we've collected all the data to satisfy this request to
- * allow the copy to overlap the incoming packet processing on an MP system
+ * we want to copy before we've collected all the data
+ * to satisfy this request to allow the copy to overlap
+ * the incoming packet processing on an MP system
*/
- if (delayed_copy_len > sorecvmincopy && (delayed_copy_len > (so->so_rcv.sb_hiwat / 2))) {
-
- error = sodelayed_copy(so, uio, &free_list, &delayed_copy_len);
+ if (delayed_copy_len > sorecvmincopy &&
+ (delayed_copy_len > (so->so_rcv.sb_hiwat / 2))) {
+ error = sodelayed_copy(so, uio,
+ &free_list, &delayed_copy_len);
if (error)
- goto release;
+ goto release;
}
m = so->so_rcv.sb_mb;
if (m) {
}
#ifdef MORE_LOCKING_DEBUG
if (so->so_usecount <= 1)
- panic("soreceive: after big while so=%x ref=%d on socket\n", so, so->so_usecount);
+ panic("soreceive: after big while so=%p ref=%d on socket\n",
+ so, so->so_usecount);
#endif
if (m && pr->pr_flags & PR_ATOMIC) {
#ifdef __APPLE__
- if (so->so_options & SO_DONTTRUNC)
+ if (so->so_options & SO_DONTTRUNC) {
flags |= MSG_RCVMORE;
- else {
+ } else {
#endif
flags |= MSG_TRUNC;
if ((flags & MSG_PEEK) == 0)
}
#endif
}
+
+ /*
+ * pru_rcvd below (for TCP) may cause more data to be received
+ * if the socket lock is dropped prior to sending the ACK; some
+ * legacy OpenTransport applications don't handle this well
+ * (if it receives less data than requested while MSG_HAVEMORE
+ * is set), and so we set the flag now based on what we know
+ * prior to calling pru_rcvd.
+ */
+ if ((so->so_options & SO_WANTMORE) && so->so_rcv.sb_cc > 0)
+ flags |= MSG_HAVEMORE;
+
if ((flags & MSG_PEEK) == 0) {
- if (m == 0)
+ if (m == 0) {
so->so_rcv.sb_mb = nextrecord;
+ /*
+ * First part is an inline SB_EMPTY_FIXUP(). Second
+ * part makes sure sb_lastrecord is up-to-date if
+ * there is still data in the socket buffer.
+ */
+ if (so->so_rcv.sb_mb == NULL) {
+ so->so_rcv.sb_mbtail = NULL;
+ so->so_rcv.sb_lastrecord = NULL;
+ } else if (nextrecord->m_nextpkt == NULL) {
+ so->so_rcv.sb_lastrecord = nextrecord;
+ }
+ }
+ SBLASTRECORDCHK(&so->so_rcv, "soreceive 4");
+ SBLASTMBUFCHK(&so->so_rcv, "soreceive 4");
if (pr->pr_flags & PR_WANTRCVD && so->so_pcb)
(*pr->pr_usrreqs->pru_rcvd)(so, flags);
}
#ifdef __APPLE__
- if ((so->so_options & SO_WANTMORE) && so->so_rcv.sb_cc > 0)
- flags |= MSG_HAVEMORE;
-
if (delayed_copy_len) {
error = sodelayed_copy(so, uio, &free_list, &delayed_copy_len);
if (error)
- goto release;
+ goto release;
}
if (free_list) {
- m_freem_list((struct mbuf *)free_list);
+ m_freem_list((struct mbuf *)free_list);
free_list = (struct mbuf *)0;
}
if (need_event)
- postevent(so, 0, EV_OOB);
+ postevent(so, 0, EV_OOB);
#endif
if (orig_resid == uio_resid(uio) && orig_resid &&
(flags & MSG_EOR) == 0 && (so->so_state & SS_CANTRCVMORE) == 0) {
release:
#ifdef MORE_LOCKING_DEBUG
if (so->so_usecount <= 1)
- panic("soreceive: release so=%x ref=%d on socket\n", so, so->so_usecount);
+ panic("soreceive: release so=%p ref=%d on socket\n",
+ so, so->so_usecount);
#endif
if (delayed_copy_len) {
- error = sodelayed_copy(so, uio, &free_list, &delayed_copy_len);
+ error = sodelayed_copy(so, uio, &free_list, &delayed_copy_len);
}
if (free_list) {
- m_freem_list((struct mbuf *)free_list);
+ m_freem_list((struct mbuf *)free_list);
}
sbunlock(&so->so_rcv, 0); /* will unlock socket */
- // LP64todo - fix this!
- KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END,
- so,
- uio_resid(uio),
- so->so_rcv.sb_cc,
- 0,
- error);
+ // LP64todo - fix this!
+ KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, so, uio_resid(uio),
+ so->so_rcv.sb_cc, 0, error);
return (error);
}
-
-static int sodelayed_copy(struct socket *so, struct uio *uio, struct mbuf **free_list, int *resid)
+/*
+ * Returns: 0 Success
+ * uiomove:EFAULT
+ */
+static int
+sodelayed_copy(struct socket *so, struct uio *uio, struct mbuf **free_list,
+ int *resid)
{
- int error = 0;
+ int error = 0;
struct mbuf *m;
m = *free_list;
socket_unlock(so, 0);
- while (m && error == 0) {
+ while (m && error == 0) {
- error = uiomove(mtod(m, caddr_t), (int)m->m_len, uio);
+ error = uiomove(mtod(m, caddr_t), (int)m->m_len, uio);
m = m->m_next;
}
- m_freem_list(*free_list);
-
- *free_list = (struct mbuf *)NULL;
- *resid = 0;
-
- socket_lock(so, 0);
+ m_freem_list(*free_list);
+
+ *free_list = (struct mbuf *)NULL;
+ *resid = 0;
+
+ socket_lock(so, 0);
+
+ return (error);
+}
+
+
+/*
+ * Returns: 0 Success
+ * EINVAL
+ * ENOTCONN
+ * <pru_shutdown>:EINVAL
+ * <pru_shutdown>:EADDRNOTAVAIL[TCP]
+ * <pru_shutdown>:ENOBUFS[TCP]
+ * <pru_shutdown>:EMSGSIZE[TCP]
+ * <pru_shutdown>:EHOSTUNREACH[TCP]
+ * <pru_shutdown>:ENETUNREACH[TCP]
+ * <pru_shutdown>:ENETDOWN[TCP]
+ * <pru_shutdown>:ENOMEM[TCP]
+ * <pru_shutdown>:EACCES[TCP]
+ * <pru_shutdown>:EMSGSIZE[TCP]
+ * <pru_shutdown>:ENOBUFS[TCP]
+ * <pru_shutdown>:???[TCP] [ignorable: mostly IPSEC/firewall/DLIL]
+ * <pru_shutdown>:??? [other protocol families]
+ */
+int
+soshutdown(struct socket *so, int how)
+{
+ int error;
+
+ switch (how) {
+ case SHUT_RD:
+ case SHUT_WR:
+ case SHUT_RDWR:
+ socket_lock(so, 1);
+ if ((so->so_state &
+ (SS_ISCONNECTED|SS_ISCONNECTING|SS_ISDISCONNECTING)) == 0) {
+ error = ENOTCONN;
+ } else {
+ error = soshutdownlock(so, how);
+ }
+ socket_unlock(so, 1);
+ break;
+ default:
+ error = EINVAL;
+ break;
+ }
return (error);
}
-
int
-soshutdown(so, how)
- register struct socket *so;
- int how;
+soshutdownlock(struct socket *so, int how)
{
- register struct protosw *pr = so->so_proto;
- int ret;
+ struct protosw *pr = so->so_proto;
+ int error = 0;
- socket_lock(so, 1);
-
sflt_notify(so, sock_evt_shutdown, &how);
if (how != SHUT_WR) {
+ if ((so->so_state & SS_CANTRCVMORE) != 0) {
+ /* read already shut down */
+ error = ENOTCONN;
+ goto done;
+ }
sorflush(so);
postevent(so, 0, EV_RCLOSED);
}
if (how != SHUT_RD) {
- ret = ((*pr->pr_usrreqs->pru_shutdown)(so));
- postevent(so, 0, EV_WCLOSED);
- KERNEL_DEBUG(DBG_FNC_SOSHUTDOWN | DBG_FUNC_END, 0,0,0,0,0);
- socket_unlock(so, 1);
- return(ret);
+ if ((so->so_state & SS_CANTSENDMORE) != 0) {
+ /* write already shut down */
+ error = ENOTCONN;
+ goto done;
+ }
+ error = (*pr->pr_usrreqs->pru_shutdown)(so);
+ postevent(so, 0, EV_WCLOSED);
}
-
- KERNEL_DEBUG(DBG_FNC_SOSHUTDOWN | DBG_FUNC_END, 0,0,0,0,0);
- socket_unlock(so, 1);
- return (0);
+done:
+ KERNEL_DEBUG(DBG_FNC_SOSHUTDOWN | DBG_FUNC_END, 0, 0, 0, 0, 0);
+ return (error);
}
void
-sorflush(so)
- register struct socket *so;
+sorflush(struct socket *so)
{
register struct sockbuf *sb = &so->so_rcv;
register struct protosw *pr = so->so_proto;
struct sockbuf asb;
#ifdef MORE_LOCKING_DEBUG
- lck_mtx_t * mutex_held;
+ lck_mtx_t *mutex_held;
- if (so->so_proto->pr_getlock != NULL)
+ if (so->so_proto->pr_getlock != NULL)
mutex_held = (*so->so_proto->pr_getlock)(so, 0);
- else
+ else
mutex_held = so->so_proto->pr_domain->dom_mtx;
lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
#endif
sb->sb_sel.si_note = asb.sb_sel.si_note;
sb->sb_flags = SB_KNOTE;
}
- if (pr->pr_flags & PR_RIGHTS && pr->pr_domain->dom_dispose)
+ if (asb.sb_flags & SB_DROP)
+ sb->sb_flags |= SB_DROP;
+ if (asb.sb_flags & SB_UNIX)
+ sb->sb_flags |= SB_UNIX;
+ if ((pr->pr_flags & PR_RIGHTS) && pr->pr_domain->dom_dispose) {
+ boolean_t unp = (pr->pr_domain->dom_dispose == unp_dispose);
+ /*
+ * Currently AF_UNIX domain uses a global domain mutex;
+ * unp_dispose() may end up calling soclose() on another
+ * AF_UNIX socket and therefore the lock must not be held
+ * across the call.
+ */
+ if (unp)
+ socket_unlock(so, 0);
(*pr->pr_domain->dom_dispose)(asb.sb_mb);
+ if (unp)
+ socket_lock(so, 0);
+ }
sbrelease(&asb);
}
* to be some kind of integer, but not a specific size.
* In addition to their use here, these functions are also called by the
* protocol-level pr_ctloutput() routines.
+ *
+ * Returns: 0 Success
+ * EINVAL
+ * copyin:EFAULT
*/
int
-sooptcopyin(sopt, buf, len, minlen)
- struct sockopt *sopt;
- void *buf;
- size_t len;
- size_t minlen;
+sooptcopyin(struct sockopt *sopt, void *buf, size_t len, size_t minlen)
{
size_t valsize;
* is set to however much we actually retrieved.
*/
if ((valsize = sopt->sopt_valsize) < minlen)
- return EINVAL;
+ return (EINVAL);
if (valsize > len)
sopt->sopt_valsize = valsize = len;
return (copyin(sopt->sopt_val, buf, valsize));
bcopy(CAST_DOWN(caddr_t, sopt->sopt_val), buf, valsize);
- return 0;
+ return (0);
+}
+
+/*
+ * sooptcopyin_timeval
+ * Copy in a timeval value into tv_p, and take into account whether the
+ * the calling process is 64-bit or 32-bit. Moved the sanity checking
+ * code here so that we can verify the 64-bit tv_sec value before we lose
+ * the top 32-bits assigning tv64.tv_sec to tv_p->tv_sec.
+ */
+static int
+sooptcopyin_timeval(struct sockopt *sopt, struct timeval * tv_p)
+{
+ int error;
+
+ if (proc_is64bit(sopt->sopt_p)) {
+ struct timeval64 tv64;
+
+ if (sopt->sopt_valsize < sizeof(tv64)) {
+ return (EINVAL);
+ }
+ sopt->sopt_valsize = sizeof(tv64);
+ error = copyin(sopt->sopt_val, &tv64, sizeof(tv64));
+ if (error != 0) {
+ return (error);
+ }
+ if (tv64.tv_sec < 0 || tv64.tv_sec > LONG_MAX
+ || tv64.tv_usec < 0 || tv64.tv_usec >= 1000000) {
+ return (EDOM);
+ }
+ tv_p->tv_sec = tv64.tv_sec;
+ tv_p->tv_usec = tv64.tv_usec;
+ } else {
+ if (sopt->sopt_valsize < sizeof(*tv_p)) {
+ return (EINVAL);
+ }
+ sopt->sopt_valsize = sizeof(*tv_p);
+ if (sopt->sopt_p != 0) {
+ error = copyin(sopt->sopt_val, tv_p, sizeof(*tv_p));
+ if (error != 0) {
+ return (error);
+ }
+ } else {
+ bcopy(CAST_DOWN(caddr_t, sopt->sopt_val), tv_p,
+ sizeof(*tv_p));
+ }
+ if (tv_p->tv_sec < 0 || tv_p->tv_sec > LONG_MAX
+ || tv_p->tv_usec < 0 || tv_p->tv_usec >= 1000000) {
+ return (EDOM);
+ }
+ }
+ return (0);
}
+/*
+ * Returns: 0 Success
+ * EINVAL
+ * ENOPROTOOPT
+ * ENOBUFS
+ * EDOM
+ * sooptcopyin:EINVAL
+ * sooptcopyin:EFAULT
+ * sooptcopyin_timeval:EINVAL
+ * sooptcopyin_timeval:EFAULT
+ * sooptcopyin_timeval:EDOM
+ * <pr_ctloutput>:EOPNOTSUPP[AF_UNIX]
+ * <pr_ctloutput>:???w
+ * sflt_attach_private:??? [whatever a filter author chooses]
+ * <sf_setoption>:??? [whatever a filter author chooses]
+ *
+ * Notes: Other <pru_listen> returns depend on the protocol family; all
+ * <sf_listen> returns depend on what the filter author causes
+ * their filter to return.
+ */
int
-sosetopt(so, sopt)
- struct socket *so;
- struct sockopt *sopt;
+sosetopt(struct socket *so, struct sockopt *sopt)
{
int error, optval;
struct linger l;
struct timeval tv;
- short val;
+ struct socket_filter_entry *filter;
+ int filtered = 0;
+#if CONFIG_MACF_SOCKET
+ struct mac extmac;
+#endif /* MAC_SOCKET */
socket_lock(so, 1);
+ if ((so->so_state & (SS_CANTRCVMORE | SS_CANTSENDMORE))
+ == (SS_CANTRCVMORE | SS_CANTSENDMORE)) {
+ /* the socket has been shutdown, no more sockopt's */
+ error = EINVAL;
+ goto bad;
+ }
if (sopt->sopt_dir != SOPT_SET) {
sopt->sopt_dir = SOPT_SET;
}
- {
- struct socket_filter_entry *filter;
- int filtered = 0;
- error = 0;
- for (filter = so->so_filt; filter && (error == 0);
- filter = filter->sfe_next_onsocket) {
- if (filter->sfe_filter->sf_filter.sf_setoption) {
- if (filtered == 0) {
- filtered = 1;
- sflt_use(so);
- socket_unlock(so, 0);
- }
- error = filter->sfe_filter->sf_filter.sf_setoption(
- filter->sfe_cookie, so, sopt);
+ error = 0;
+ for (filter = so->so_filt; filter && (error == 0);
+ filter = filter->sfe_next_onsocket) {
+ if (filter->sfe_filter->sf_filter.sf_setoption) {
+ if (filtered == 0) {
+ filtered = 1;
+ sflt_use(so);
+ socket_unlock(so, 0);
}
+ error = filter->sfe_filter->sf_filter.
+ sf_setoption(filter->sfe_cookie, so, sopt);
}
-
- if (filtered != 0) {
- socket_lock(so, 0);
- sflt_unuse(so);
-
- if (error) {
- if (error == EJUSTRETURN)
- error = 0;
- goto bad;
- }
+ }
+
+ if (filtered != 0) {
+ socket_lock(so, 0);
+ sflt_unuse(so);
+
+ if (error) {
+ if (error == EJUSTRETURN)
+ error = 0;
+ goto bad;
}
}
error = 0;
if (sopt->sopt_level != SOL_SOCKET) {
if (so->so_proto && so->so_proto->pr_ctloutput) {
- error = (*so->so_proto->pr_ctloutput)
- (so, sopt);
+ error = (*so->so_proto->pr_ctloutput)(so, sopt);
socket_unlock(so, 1);
return (error);
}
switch (sopt->sopt_name) {
case SO_LINGER:
case SO_LINGER_SEC:
- error = sooptcopyin(sopt, &l, sizeof l, sizeof l);
+ error = sooptcopyin(sopt, &l, sizeof (l), sizeof (l));
if (error)
goto bad;
- so->so_linger = (sopt->sopt_name == SO_LINGER) ? l.l_linger : l.l_linger * hz;
+ so->so_linger = (sopt->sopt_name == SO_LINGER) ?
+ l.l_linger : l.l_linger * hz;
if (l.l_onoff)
so->so_options |= SO_LINGER;
else
case SO_WANTMORE:
case SO_WANTOOBFLAG:
#endif
- error = sooptcopyin(sopt, &optval, sizeof optval,
- sizeof optval);
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
if (error)
goto bad;
if (optval)
case SO_RCVBUF:
case SO_SNDLOWAT:
case SO_RCVLOWAT:
- error = sooptcopyin(sopt, &optval, sizeof optval,
- sizeof optval);
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
if (error)
goto bad;
case SO_SNDBUF:
case SO_RCVBUF:
if (sbreserve(sopt->sopt_name == SO_SNDBUF ?
- &so->so_snd : &so->so_rcv,
- (u_long) optval) == 0) {
+ &so->so_snd : &so->so_rcv,
+ (u_long) optval) == 0) {
error = ENOBUFS;
goto bad;
}
+ if (sopt->sopt_name == SO_SNDBUF)
+ so->so_snd.sb_flags |= SB_USRSIZE;
+ else
+ so->so_rcv.sb_flags |= SB_USRSIZE;
break;
/*
case SO_SNDTIMEO:
case SO_RCVTIMEO:
- error = sooptcopyin(sopt, &tv, sizeof tv,
- sizeof tv);
+ error = sooptcopyin_timeval(sopt, &tv);
if (error)
goto bad;
- if (tv.tv_sec < 0 || tv.tv_sec > LONG_MAX ||
- tv.tv_usec < 0 || tv.tv_usec >= 1000000) {
- error = EDOM;
- goto bad;
- }
-
switch (sopt->sopt_name) {
case SO_SNDTIMEO:
so->so_snd.sb_timeo = tv;
{
struct so_nke nke;
- error = sooptcopyin(sopt, &nke,
- sizeof nke, sizeof nke);
+ error = sooptcopyin(sopt, &nke, sizeof (nke),
+ sizeof (nke));
if (error)
- goto bad;
+ goto bad;
- error = sflt_attach_private(so, NULL, nke.nke_handle, 1);
+ error = sflt_attach_private(so, NULL,
+ nke.nke_handle, 1);
break;
}
case SO_NOSIGPIPE:
- error = sooptcopyin(sopt, &optval, sizeof optval,
- sizeof optval);
- if (error)
- goto bad;
- if (optval)
- so->so_flags |= SOF_NOSIGPIPE;
- else
- so->so_flags &= ~SOF_NOSIGPIPE;
-
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
+ if (error)
+ goto bad;
+ if (optval)
+ so->so_flags |= SOF_NOSIGPIPE;
+ else
+ so->so_flags &= ~SOF_NOSIGPIPE;
+
break;
case SO_NOADDRERR:
- error = sooptcopyin(sopt, &optval, sizeof optval,
- sizeof optval);
- if (error)
- goto bad;
- if (optval)
- so->so_flags |= SOF_NOADDRAVAIL;
- else
- so->so_flags &= ~SOF_NOADDRAVAIL;
-
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
+ if (error)
+ goto bad;
+ if (optval)
+ so->so_flags |= SOF_NOADDRAVAIL;
+ else
+ so->so_flags &= ~SOF_NOADDRAVAIL;
+
+ break;
+
+ case SO_REUSESHAREUID:
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
+ if (error)
+ goto bad;
+ if (optval)
+ so->so_flags |= SOF_REUSESHAREUID;
+ else
+ so->so_flags &= ~SOF_REUSESHAREUID;
+ break;
+#ifdef __APPLE_API_PRIVATE
+ case SO_NOTIFYCONFLICT:
+ if (kauth_cred_issuser(kauth_cred_get()) == 0) {
+ error = EPERM;
+ goto bad;
+ }
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
+ if (error)
+ goto bad;
+ if (optval)
+ so->so_flags |= SOF_NOTIFYCONFLICT;
+ else
+ so->so_flags &= ~SOF_NOTIFYCONFLICT;
+ break;
+#endif
+ case SO_RESTRICTIONS:
+ if (kauth_cred_issuser(kauth_cred_get()) == 0) {
+ error = EPERM;
+ goto bad;
+ }
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
+ if (error)
+ goto bad;
+ so->so_restrictions = (optval & (SO_RESTRICT_DENYIN |
+ SO_RESTRICT_DENYOUT | SO_RESTRICT_DENYSET));
+ break;
+
+ case SO_LABEL:
+#if CONFIG_MACF_SOCKET
+ if ((error = sooptcopyin(sopt, &extmac, sizeof (extmac),
+ sizeof (extmac))) != 0)
+ goto bad;
+
+ error = mac_setsockopt_label(proc_ucred(sopt->sopt_p),
+ so, &extmac);
+#else
+ error = EOPNOTSUPP;
+#endif /* MAC_SOCKET */
+ break;
+
+#ifdef __APPLE_API_PRIVATE
+ case SO_UPCALLCLOSEWAIT:
+ error = sooptcopyin(sopt, &optval, sizeof (optval),
+ sizeof (optval));
+ if (error)
+ goto bad;
+ if (optval)
+ so->so_flags |= SOF_UPCALLCLOSEWAIT;
+ else
+ so->so_flags &= ~SOF_UPCALLCLOSEWAIT;
break;
+#endif
default:
error = ENOPROTOOPT;
break;
}
if (error == 0 && so->so_proto && so->so_proto->pr_ctloutput) {
- (void) ((*so->so_proto->pr_ctloutput)
- (so, sopt));
+ (void) ((*so->so_proto->pr_ctloutput)(so, sopt));
}
}
bad:
return (error);
}
-/* Helper routine for getsockopt */
+/* Helper routines for getsockopt */
int
-sooptcopyout(sopt, buf, len)
- struct sockopt *sopt;
- void *buf;
- size_t len;
+sooptcopyout(struct sockopt *sopt, void *buf, size_t len)
{
int error;
size_t valsize;
else
bcopy(buf, CAST_DOWN(caddr_t, sopt->sopt_val), valsize);
}
- return error;
+ return (error);
+}
+
+static int
+sooptcopyout_timeval(struct sockopt *sopt, const struct timeval * tv_p)
+{
+ int error;
+ size_t len;
+ struct timeval64 tv64;
+ const void * val;
+ size_t valsize;
+
+ error = 0;
+ if (proc_is64bit(sopt->sopt_p)) {
+ len = sizeof(struct timeval64);
+ tv64.tv_sec = tv_p->tv_sec;
+ tv64.tv_usec = tv_p->tv_usec;
+ val = &tv64;
+ } else {
+ len = sizeof(struct timeval);
+ val = tv_p;
+ }
+ valsize = min(len, sopt->sopt_valsize);
+ sopt->sopt_valsize = valsize;
+ if (sopt->sopt_val != USER_ADDR_NULL) {
+ if (sopt->sopt_p != 0)
+ error = copyout(val, sopt->sopt_val, valsize);
+ else
+ bcopy(val, CAST_DOWN(caddr_t, sopt->sopt_val), valsize);
+ }
+ return (error);
}
+/*
+ * Return: 0 Success
+ * ENOPROTOOPT
+ * <pr_ctloutput>:EOPNOTSUPP[AF_UNIX]
+ * <pr_ctloutput>:???
+ * <sf_getoption>:???
+ */
int
-sogetopt(so, sopt)
- struct socket *so;
- struct sockopt *sopt;
+sogetopt(struct socket *so, struct sockopt *sopt)
{
int error, optval;
struct linger l;
struct timeval tv;
+ struct socket_filter_entry *filter;
+ int filtered = 0;
+#if CONFIG_MACF_SOCKET
+ struct mac extmac;
+#endif /* MAC_SOCKET */
- if (sopt->sopt_dir != SOPT_GET) {
- sopt->sopt_dir = SOPT_GET;
- }
+ if (sopt->sopt_dir != SOPT_GET) {
+ sopt->sopt_dir = SOPT_GET;
+ }
socket_lock(so, 1);
-
- {
- struct socket_filter_entry *filter;
- int filtered = 0;
- error = 0;
- for (filter = so->so_filt; filter && (error == 0);
- filter = filter->sfe_next_onsocket) {
- if (filter->sfe_filter->sf_filter.sf_getoption) {
- if (filtered == 0) {
- filtered = 1;
- sflt_use(so);
- socket_unlock(so, 0);
- }
- error = filter->sfe_filter->sf_filter.sf_getoption(
- filter->sfe_cookie, so, sopt);
+
+ error = 0;
+ for (filter = so->so_filt; filter && (error == 0);
+ filter = filter->sfe_next_onsocket) {
+ if (filter->sfe_filter->sf_filter.sf_getoption) {
+ if (filtered == 0) {
+ filtered = 1;
+ sflt_use(so);
+ socket_unlock(so, 0);
}
+ error = filter->sfe_filter->sf_filter.
+ sf_getoption(filter->sfe_cookie, so, sopt);
}
- if (filtered != 0) {
- socket_lock(so, 0);
- sflt_unuse(so);
-
- if (error) {
- if (error == EJUSTRETURN)
- error = 0;
- socket_unlock(so, 1);
- return error;
- }
+ }
+ if (filtered != 0) {
+ socket_lock(so, 0);
+ sflt_unuse(so);
+
+ if (error) {
+ if (error == EJUSTRETURN)
+ error = 0;
+ socket_unlock(so, 1);
+ return (error);
}
}
error = 0;
if (sopt->sopt_level != SOL_SOCKET) {
if (so->so_proto && so->so_proto->pr_ctloutput) {
- error = (*so->so_proto->pr_ctloutput)
- (so, sopt);
+ error = (*so->so_proto->pr_ctloutput)(so, sopt);
socket_unlock(so, 1);
return (error);
} else {
case SO_LINGER:
case SO_LINGER_SEC:
l.l_onoff = so->so_options & SO_LINGER;
- l.l_linger = (sopt->sopt_name == SO_LINGER) ? so->so_linger :
- so->so_linger / hz;
- error = sooptcopyout(sopt, &l, sizeof l);
+ l.l_linger = (sopt->sopt_name == SO_LINGER) ?
+ so->so_linger : so->so_linger / hz;
+ error = sooptcopyout(sopt, &l, sizeof (l));
break;
case SO_USELOOPBACK:
#endif
optval = so->so_options & sopt->sopt_name;
integer:
- error = sooptcopyout(sopt, &optval, sizeof optval);
+ error = sooptcopyout(sopt, &optval, sizeof (optval));
break;
case SO_TYPE:
#ifdef __APPLE__
case SO_NREAD:
- {
- int pkt_total;
- struct mbuf *m1;
+ if (so->so_proto->pr_flags & PR_ATOMIC) {
+ int pkt_total;
+ struct mbuf *m1;
- pkt_total = 0;
- m1 = so->so_rcv.sb_mb;
- if (so->so_proto->pr_flags & PR_ATOMIC)
- {
+ pkt_total = 0;
+ m1 = so->so_rcv.sb_mb;
while (m1) {
- if (m1->m_type == MT_DATA)
+ if (m1->m_type == MT_DATA || m1->m_type == MT_HEADER ||
+ m1->m_type == MT_OOBDATA)
pkt_total += m1->m_len;
m1 = m1->m_next;
}
optval = pkt_total;
- } else
- optval = so->so_rcv.sb_cc;
+ } else {
+ optval = so->so_rcv.sb_cc - so->so_rcv.sb_ctl;
+ }
goto integer;
- }
+
case SO_NWRITE:
optval = so->so_snd.sb_cc;
- goto integer;
+ goto integer;
#endif
case SO_ERROR:
optval = so->so_error;
case SO_SNDTIMEO:
case SO_RCVTIMEO:
tv = (sopt->sopt_name == SO_SNDTIMEO ?
- so->so_snd.sb_timeo : so->so_rcv.sb_timeo);
+ so->so_snd.sb_timeo : so->so_rcv.sb_timeo);
- error = sooptcopyout(sopt, &tv, sizeof tv);
- break;
+ error = sooptcopyout_timeval(sopt, &tv);
+ break;
case SO_NOSIGPIPE:
optval = (so->so_flags & SOF_NOSIGPIPE);
optval = (so->so_flags & SOF_NOADDRAVAIL);
goto integer;
+ case SO_REUSESHAREUID:
+ optval = (so->so_flags & SOF_REUSESHAREUID);
+ goto integer;
+
+#ifdef __APPLE_API_PRIVATE
+ case SO_NOTIFYCONFLICT:
+ optval = (so->so_flags & SOF_NOTIFYCONFLICT);
+ goto integer;
+#endif
+ case SO_RESTRICTIONS:
+ optval = so->so_restrictions & (SO_RESTRICT_DENYIN |
+ SO_RESTRICT_DENYOUT | SO_RESTRICT_DENYSET);
+ goto integer;
+
+ case SO_LABEL:
+#if CONFIG_MACF_SOCKET
+ if ((error = sooptcopyin(sopt, &extmac, sizeof (extmac),
+ sizeof (extmac))) != 0 ||
+ (error = mac_socket_label_get(proc_ucred(
+ sopt->sopt_p), so, &extmac)) != 0)
+ break;
+
+ error = sooptcopyout(sopt, &extmac, sizeof (extmac));
+#else
+ error = EOPNOTSUPP;
+#endif /* MAC_SOCKET */
+ break;
+
+ case SO_PEERLABEL:
+#if CONFIG_MACF_SOCKET
+ if ((error = sooptcopyin(sopt, &extmac, sizeof (extmac),
+ sizeof (extmac))) != 0 ||
+ (error = mac_socketpeer_label_get(proc_ucred(
+ sopt->sopt_p), so, &extmac)) != 0)
+ break;
+
+ error = sooptcopyout(sopt, &extmac, sizeof (extmac));
+#else
+ error = EOPNOTSUPP;
+#endif /* MAC_SOCKET */
+ break;
+
+#ifdef __APPLE_API_PRIVATE
+ case SO_UPCALLCLOSEWAIT:
+ optval = (so->so_flags & SOF_UPCALLCLOSEWAIT);
+ goto integer;
+#endif
+
default:
error = ENOPROTOOPT;
break;
int sopt_size = sopt->sopt_valsize;
if (sopt_size > MAX_SOOPTGETM_SIZE)
- return EMSGSIZE;
+ return (EMSGSIZE);
MGET(m, sopt->sopt_p ? M_WAIT : M_DONTWAIT, MT_DATA);
if (m == 0)
- return ENOBUFS;
+ return (ENOBUFS);
if (sopt_size > MLEN) {
MCLGET(m, sopt->sopt_p ? M_WAIT : M_DONTWAIT);
if ((m->m_flags & M_EXT) == 0) {
m_free(m);
- return ENOBUFS;
+ return (ENOBUFS);
}
m->m_len = min(MCLBYTES, sopt_size);
} else {
MGET(m, sopt->sopt_p ? M_WAIT : M_DONTWAIT, MT_DATA);
if (m == 0) {
m_freem(*mp);
- return ENOBUFS;
+ return (ENOBUFS);
}
if (sopt_size > MLEN) {
MCLGET(m, sopt->sopt_p ? M_WAIT : M_DONTWAIT);
if ((m->m_flags & M_EXT) == 0) {
m_freem(*mp);
- return ENOBUFS;
+ return (ENOBUFS);
}
m->m_len = min(MCLBYTES, sopt_size);
} else {
m_prev->m_next = m;
m_prev = m;
}
- return 0;
+ return (0);
}
/* XXX; copyin sopt data into mbuf chain for (__FreeBSD__ < 3) routines. */
struct mbuf *m0 = m;
if (sopt->sopt_val == USER_ADDR_NULL)
- return 0;
+ return (0);
while (m != NULL && sopt->sopt_valsize >= m->m_len) {
if (sopt->sopt_p != NULL) {
int error;
- error = copyin(sopt->sopt_val, mtod(m, char *), m->m_len);
+ error = copyin(sopt->sopt_val, mtod(m, char *),
+ m->m_len);
if (error != 0) {
m_freem(m0);
- return(error);
+ return (error);
}
- } else
- bcopy(CAST_DOWN(caddr_t, sopt->sopt_val), mtod(m, char *), m->m_len);
+ } else {
+ bcopy(CAST_DOWN(caddr_t, sopt->sopt_val),
+ mtod(m, char *), m->m_len);
+ }
sopt->sopt_valsize -= m->m_len;
- sopt->sopt_val += m->m_len;
+ sopt->sopt_val += m->m_len;
m = m->m_next;
}
if (m != NULL) /* should be allocated enoughly at ip6_sooptmcopyin() */
panic("soopt_mcopyin");
- return 0;
+ return (0);
}
/* XXX; copyout mbuf chain data into soopt for (__FreeBSD__ < 3) routines. */
size_t valsize = 0;
if (sopt->sopt_val == USER_ADDR_NULL)
- return 0;
+ return (0);
while (m != NULL && sopt->sopt_valsize >= m->m_len) {
if (sopt->sopt_p != NULL) {
int error;
- error = copyout(mtod(m, char *), sopt->sopt_val, m->m_len);
+ error = copyout(mtod(m, char *), sopt->sopt_val,
+ m->m_len);
if (error != 0) {
m_freem(m0);
- return(error);
+ return (error);
}
- } else
- bcopy(mtod(m, char *), CAST_DOWN(caddr_t, sopt->sopt_val), m->m_len);
- sopt->sopt_valsize -= m->m_len;
- sopt->sopt_val += m->m_len;
- valsize += m->m_len;
- m = m->m_next;
+ } else {
+ bcopy(mtod(m, char *),
+ CAST_DOWN(caddr_t, sopt->sopt_val), m->m_len);
+ }
+ sopt->sopt_valsize -= m->m_len;
+ sopt->sopt_val += m->m_len;
+ valsize += m->m_len;
+ m = m->m_next;
}
if (m != NULL) {
/* enough soopt buffer should be given from user-land */
m_freem(m0);
- return(EINVAL);
+ return (EINVAL);
}
sopt->sopt_valsize = valsize;
- return 0;
+ return (0);
}
void
-sohasoutofband(so)
- register struct socket *so;
+sohasoutofband(struct socket *so)
{
- struct proc *p;
if (so->so_pgid < 0)
gsignal(-so->so_pgid, SIGURG);
- else if (so->so_pgid > 0 && (p = pfind(so->so_pgid)) != 0)
- psignal(p, SIGURG);
+ else if (so->so_pgid > 0)
+ proc_signal(so->so_pgid, SIGURG);
selwakeup(&so->so_rcv.sb_sel);
}
if (revents == 0) {
if (events & (POLLIN | POLLPRI | POLLRDNORM | POLLRDBAND)) {
- /* Darwin sets the flag first, BSD calls selrecord first */
+ /*
+ * Darwin sets the flag first,
+ * BSD calls selrecord first
+ */
so->so_rcv.sb_flags |= SB_SEL;
selrecord(p, &so->so_rcv.sb_sel, wql);
}
if (events & (POLLOUT | POLLWRNORM)) {
- /* Darwin sets the flag first, BSD calls selrecord first */
+ /*
+ * Darwin sets the flag first,
+ * BSD calls selrecord first
+ */
so->so_snd.sb_flags |= SB_SEL;
selrecord(p, &so->so_snd.sb_sel, wql);
}
return (revents);
}
-int soo_kqfilter(struct fileproc *fp, struct knote *kn, struct proc *p);
-
int
-soo_kqfilter(__unused struct fileproc *fp, struct knote *kn, __unused struct proc *p)
+soo_kqfilter(__unused struct fileproc *fp, struct knote *kn,
+ __unused struct proc *p)
{
struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
struct sockbuf *sb;
+
socket_lock(so, 1);
+#if CONFIG_MACF_SOCKET
+ if (mac_socket_check_kqfilter(proc_ucred(p), kn, so) != 0) {
+ socket_unlock(so, 1);
+ return (1);
+ }
+#endif /* MAC_SOCKET */
+
switch (kn->kn_filter) {
case EVFILT_READ:
if (so->so_options & SO_ACCEPTCONN)
if ((hint & SO_FILT_HINT_LOCKED) == 0)
socket_lock(so, 1);
+ kn->kn_data = so->so_rcv.sb_cc - so->so_rcv.sb_ctl;
+
if (so->so_oobmark) {
if (kn->kn_flags & EV_OOBAND) {
- kn->kn_data = so->so_rcv.sb_cc - so->so_oobmark;
+ kn->kn_data -= so->so_oobmark;
if ((hint & SO_FILT_HINT_LOCKED) == 0)
socket_unlock(so, 1);
return (1);
kn->kn_data = so->so_oobmark;
kn->kn_flags |= EV_OOBAND;
} else {
- kn->kn_data = so->so_rcv.sb_cc;
if (so->so_state & SS_CANTRCVMORE) {
kn->kn_flags |= EV_EOF;
kn->kn_fflags = so->so_error;
if ((hint & SO_FILT_HINT_LOCKED) == 0)
socket_unlock(so, 1);
- return( kn->kn_flags & EV_OOBAND ||
- kn->kn_data >= ((kn->kn_sfflags & NOTE_LOWAT) ?
- kn->kn_sdata : so->so_rcv.sb_lowat));
+ return ((kn->kn_flags & EV_OOBAND) ||
+ kn->kn_data >= ((kn->kn_sfflags & NOTE_LOWAT) ?
+ kn->kn_sdata : so->so_rcv.sb_lowat));
}
static void
struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
socket_lock(so, 1);
- if(so->so_snd.sb_flags & SB_KNOTE)
+ if (so->so_snd.sb_flags & SB_KNOTE)
if (KNOTE_DETACH(&so->so_snd.sb_sel.si_note, kn))
so->so_snd.sb_flags &= ~SB_KNOTE;
socket_unlock(so, 1);
kn->kn_data = sbspace(&so->so_snd);
if (so->so_state & SS_CANTSENDMORE) {
- kn->kn_flags |= EV_EOF;
+ kn->kn_flags |= EV_EOF;
kn->kn_fflags = so->so_error;
if ((hint & SO_FILT_HINT_LOCKED) == 0)
socket_unlock(so, 1);
int
-socket_lock(so, refcount)
- struct socket *so;
- int refcount;
+socket_lock(struct socket *so, int refcount)
{
int error = 0, lr_saved;
if (so->so_proto->pr_lock) {
error = (*so->so_proto->pr_lock)(so, refcount, lr_saved);
- }
- else {
+ } else {
#ifdef MORE_LOCKING_DEBUG
- lck_mtx_assert(so->so_proto->pr_domain->dom_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_assert(so->so_proto->pr_domain->dom_mtx,
+ LCK_MTX_ASSERT_NOTOWNED);
#endif
lck_mtx_lock(so->so_proto->pr_domain->dom_mtx);
if (refcount)
so->so_usecount++;
- so->lock_lr[so->next_lock_lr] = (void *)lr_saved;
+ so->lock_lr[so->next_lock_lr] = (u_int32_t)lr_saved;
so->next_lock_lr = (so->next_lock_lr+1) % SO_LCKDBG_MAX;
}
- return(error);
-
+ return (error);
}
int
-socket_unlock(so, refcount)
- struct socket *so;
- int refcount;
+socket_unlock(struct socket *so, int refcount)
{
int error = 0, lr_saved;
- lck_mtx_t * mutex_held;
+ lck_mtx_t *mutex_held;
lr_saved = (unsigned int) __builtin_return_address(0);
if (so->so_proto == NULL)
- panic("socket_unlock null so_proto so=%x\n", so);
+ panic("socket_unlock null so_proto so=%p\n", so);
- if (so && so->so_proto->pr_unlock)
+ if (so && so->so_proto->pr_unlock) {
error = (*so->so_proto->pr_unlock)(so, refcount, lr_saved);
- else {
+ } else {
mutex_held = so->so_proto->pr_domain->dom_mtx;
#ifdef MORE_LOCKING_DEBUG
lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
#endif
- so->unlock_lr[so->next_unlock_lr] = (void *)lr_saved;
+ so->unlock_lr[so->next_unlock_lr] = (u_int32_t)lr_saved;
so->next_unlock_lr = (so->next_unlock_lr+1) % SO_LCKDBG_MAX;
if (refcount) {
if (so->so_usecount <= 0)
- panic("socket_unlock: bad refcount so=%x value=%d\n", so, so->so_usecount);
+ panic("socket_unlock: bad refcount so=%p "
+ "value=%d\n", so, so->so_usecount);
so->so_usecount--;
if (so->so_usecount == 0) {
sofreelastref(so, 1);
lck_mtx_unlock(mutex_held);
}
- return(error);
+ return (error);
}
-//### Called with socket locked, will unlock socket
+
+/* Called with socket locked, will unlock socket */
void
-sofree(so)
- struct socket *so;
+sofree(struct socket *so)
{
- lck_mtx_t * mutex_held;
- if (so->so_proto->pr_getlock != NULL)
+ lck_mtx_t *mutex_held;
+ if (so->so_proto->pr_getlock != NULL)
mutex_held = (*so->so_proto->pr_getlock)(so, 0);
- else
+ else
mutex_held = so->so_proto->pr_domain->dom_mtx;
lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
-
+
sofreelastref(so, 0);
}
void
-soreference(so)
- struct socket *so;
+soreference(struct socket *so)
{
socket_lock(so, 1); /* locks & take one reference on socket */
socket_unlock(so, 0); /* unlock only */
}
void
-sodereference(so)
- struct socket *so;
+sodereference(struct socket *so)
{
socket_lock(so, 0);
socket_unlock(so, 1);
}
+
+/*
+ * Set or clear SOF_MULTIPAGES on the socket to enable or disable the
+ * possibility of using jumbo clusters. Caller must ensure to hold
+ * the socket lock.
+ */
+void
+somultipages(struct socket *so, boolean_t set)
+{
+ if (set)
+ so->so_flags |= SOF_MULTIPAGES;
+ else
+ so->so_flags &= ~SOF_MULTIPAGES;
+}