]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/kern/kpi_socketfilter.c
projects / apple / xnu.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
xnu-7195.101.1.tar.gz
[apple/xnu.git] / bsd / kern / kpi_socketfilter.c
diff --git a/bsd/kern/kpi_socketfilter.c b/bsd/kern/kpi_socketfilter.c
index 4492cf15faf5024d8a7003af557b1a3ef0fe3d86..8c3976246fd36a3ca8d17865c5495a8fbb58c273 100644 (file)
--- a/bsd/kern/kpi_socketfilter.c
+++ b/bsd/kern/kpi_socketfilter.c
@@ -60,6 +60,12 @@
 #define SFEF_NODETACH           0x2     /* Detach should not be called */
 #define SFEF_NOSOCKET           0x4     /* Socket is gone */
 
+/*
+ * If you need accounting for KM_IFADDR consider using
+ * KALLOC_HEAP_DEFINE to define a view.
+ */
+#define KM_IFADDR       KHEAP_DEFAULT
+
 struct socket_filter_entry {
        struct socket_filter_entry      *sfe_next_onsocket;
        struct socket_filter_entry      *sfe_next_onfilter;
@@ -85,9 +91,12 @@ struct socket_filter {
 
 TAILQ_HEAD(socket_filter_list, socket_filter);
 
-static struct socket_filter_list        sock_filter_head;
-static lck_rw_t                         *sock_filter_lock = NULL;
-static lck_mtx_t                        *sock_filter_cleanup_lock = NULL;
+static LCK_GRP_DECLARE(sock_filter_lock_grp, "socket filter lock");
+static LCK_RW_DECLARE(sock_filter_lock, &sock_filter_lock_grp);
+static LCK_MTX_DECLARE(sock_filter_cleanup_lock, &sock_filter_lock_grp);
+
+static struct socket_filter_list        sock_filter_head =
+    TAILQ_HEAD_INITIALIZER(sock_filter_head);
 static struct socket_filter_entry       *sock_filter_cleanup_entries = NULL;
 static thread_t                         sock_filter_cleanup_thread = NULL;
 
@@ -143,26 +152,6 @@ sflt_permission_check(struct inpcb *inp)
        return 0;
 }
 
-__private_extern__ void
-sflt_init(void)
-{
-       lck_grp_attr_t  *grp_attrib = NULL;
-       lck_attr_t      *lck_attrib = NULL;
-       lck_grp_t       *lck_group = NULL;
-
-       TAILQ_INIT(&sock_filter_head);
-
-       /* Allocate a rw lock */
-       grp_attrib = lck_grp_attr_alloc_init();
-       lck_group = lck_grp_alloc_init("socket filter lock", grp_attrib);
-       lck_grp_attr_free(grp_attrib);
-       lck_attrib = lck_attr_alloc_init();
-       sock_filter_lock = lck_rw_alloc_init(lck_group, lck_attrib);
-       sock_filter_cleanup_lock = lck_mtx_alloc_init(lck_group, lck_attrib);
-       lck_grp_free(lck_group);
-       lck_attr_free(lck_attrib);
-}
-
 static void
 sflt_retain_locked(struct socket_filter *filter)
 {
@@ -175,14 +164,14 @@ sflt_release_locked(struct socket_filter *filter)
        if (os_ref_release_locked(&filter->sf_refcount) == 0) {
                /* Call the unregistered function */
                if (filter->sf_filter.sf_unregistered) {
-                       lck_rw_unlock_exclusive(sock_filter_lock);
+                       lck_rw_unlock_exclusive(&sock_filter_lock);
                        filter->sf_filter.sf_unregistered(
                                filter->sf_filter.sf_handle);
-                       lck_rw_lock_exclusive(sock_filter_lock);
+                       lck_rw_lock_exclusive(&sock_filter_lock);
                }
 
                /* Free the entry */
-               FREE(filter, M_IFADDR);
+               kheap_free(KM_IFADDR, filter, sizeof(struct socket_filter));
        }
 }
 
@@ -203,7 +192,7 @@ sflt_entry_release(struct socket_filter_entry *entry)
                /* That was the last reference */
 
                /* Take the cleanup lock */
-               lck_mtx_lock(sock_filter_cleanup_lock);
+               lck_mtx_lock(&sock_filter_cleanup_lock);
 
                /* Put this item on the cleanup list */
                entry->sfe_next_oncleanup = sock_filter_cleanup_entries;
@@ -222,7 +211,7 @@ sflt_entry_release(struct socket_filter_entry *entry)
                }
 
                /* Drop the cleanup lock */
-               lck_mtx_unlock(sock_filter_cleanup_lock);
+               lck_mtx_unlock(&sock_filter_cleanup_lock);
        } else if (old <= 0) {
                panic("sflt_entry_release - sfe_refcount (%d) <= 0\n",
                    (int)old);
@@ -236,11 +225,11 @@ sflt_cleanup_thread(void *blah, wait_result_t blah2)
 {
 #pragma unused(blah, blah2)
        while (1) {
-               lck_mtx_lock(sock_filter_cleanup_lock);
+               lck_mtx_lock(&sock_filter_cleanup_lock);
                while (sock_filter_cleanup_entries == NULL) {
                        /* Sleep until we've got something better to do */
                        msleep(&sock_filter_cleanup_entries,
-                           sock_filter_cleanup_lock, PWAIT,
+                           &sock_filter_cleanup_lock, PWAIT,
                            "sflt_cleanup", NULL);
                }
 
@@ -249,10 +238,10 @@ sflt_cleanup_thread(void *blah, wait_result_t blah2)
                sock_filter_cleanup_entries = NULL;
 
                /* Drop the lock */
-               lck_mtx_unlock(sock_filter_cleanup_lock);
+               lck_mtx_unlock(&sock_filter_cleanup_lock);
 
                /* Take the socket filter lock */
-               lck_rw_lock_exclusive(sock_filter_lock);
+               lck_rw_lock_exclusive(&sock_filter_lock);
 
                /* Cleanup every dead item */
                struct socket_filter_entry      *entry;
@@ -265,7 +254,7 @@ sflt_cleanup_thread(void *blah, wait_result_t blah2)
                        if ((entry->sfe_flags & SFEF_NODETACH) == 0 &&
                            entry->sfe_filter->sf_filter.sf_detach) {
                                entry->sfe_flags |= SFEF_NODETACH;
-                               lck_rw_unlock_exclusive(sock_filter_lock);
+                               lck_rw_unlock_exclusive(&sock_filter_lock);
 
                                /*
                                 * Warning - passing a potentially
@@ -274,7 +263,7 @@ sflt_cleanup_thread(void *blah, wait_result_t blah2)
                                entry->sfe_filter->sf_filter.sf_detach(
                                        entry->sfe_cookie, entry->sfe_socket);
 
-                               lck_rw_lock_exclusive(sock_filter_lock);
+                               lck_rw_lock_exclusive(&sock_filter_lock);
                        }
 
                        /*
@@ -308,11 +297,11 @@ sflt_cleanup_thread(void *blah, wait_result_t blah2)
                        sflt_release_locked(entry->sfe_filter);
                        entry->sfe_socket = NULL;
                        entry->sfe_filter = NULL;
-                       FREE(entry, M_IFADDR);
+                       kheap_free(KM_IFADDR, entry, sizeof(struct socket_filter_entry));
                }
 
                /* Drop the socket filter lock */
-               lck_rw_unlock_exclusive(sock_filter_lock);
+               lck_rw_unlock_exclusive(&sock_filter_lock);
        }
        /* NOTREACHED */
 }
@@ -339,8 +328,8 @@ sflt_attach_locked(struct socket *so, struct socket_filter *filter,
                }
        }
        /* allocate the socket filter entry */
-       MALLOC(entry, struct socket_filter_entry *, sizeof(*entry), M_IFADDR,
-           M_WAITOK);
+       entry = kheap_alloc(KM_IFADDR, sizeof(struct socket_filter_entry),
+           Z_WAITOK);
        if (entry == NULL) {
                return ENOMEM;
        }
@@ -369,7 +358,7 @@ sflt_attach_locked(struct socket *so, struct socket_filter *filter,
                 * Release the filter lock --
                 * callers must be aware we will do this
                 */
-               lck_rw_unlock_exclusive(sock_filter_lock);
+               lck_rw_unlock_exclusive(&sock_filter_lock);
 
                /* Unlock the socket */
                if (socklocked) {
@@ -386,7 +375,7 @@ sflt_attach_locked(struct socket *so, struct socket_filter *filter,
                }
 
                /* Lock the filters again */
-               lck_rw_lock_exclusive(sock_filter_lock);
+               lck_rw_lock_exclusive(&sock_filter_lock);
 
                /*
                 * If the attach function returns an error,
@@ -414,7 +403,7 @@ sflt_attach_internal(socket_t socket, sflt_handle handle)
 
        int result = EINVAL;
 
-       lck_rw_lock_exclusive(sock_filter_lock);
+       lck_rw_lock_exclusive(&sock_filter_lock);
 
        struct socket_filter *filter = NULL;
        TAILQ_FOREACH(filter, &sock_filter_head, sf_global_next) {
@@ -427,7 +416,7 @@ sflt_attach_internal(socket_t socket, sflt_handle handle)
                result = sflt_attach_locked(socket, filter, 1);
        }
 
-       lck_rw_unlock_exclusive(sock_filter_lock);
+       lck_rw_unlock_exclusive(&sock_filter_lock);
 
        return result;
 }
@@ -452,11 +441,11 @@ sflt_initsock(struct socket *so)
         */
        struct protosw *proto = so->so_proto->pr_protosw;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        if (TAILQ_FIRST(&proto->pr_filter_head) != NULL) {
                /* Promote lock to exclusive */
-               if (!lck_rw_lock_shared_to_exclusive(sock_filter_lock)) {
-                       lck_rw_lock_exclusive(sock_filter_lock);
+               if (!lck_rw_lock_shared_to_exclusive(&sock_filter_lock)) {
+                       lck_rw_lock_exclusive(&sock_filter_lock);
                }
 
                /*
@@ -495,7 +484,7 @@ sflt_initsock(struct socket *so)
                        filter = filter_next;
                }
        }
-       lck_rw_done(sock_filter_lock);
+       lck_rw_done(&sock_filter_lock);
 }
 
 /*
@@ -506,7 +495,7 @@ sflt_initsock(struct socket *so)
 __private_extern__ void
 sflt_termsock(struct socket *so)
 {
-       lck_rw_lock_exclusive(sock_filter_lock);
+       lck_rw_lock_exclusive(&sock_filter_lock);
 
        struct socket_filter_entry *entry;
 
@@ -537,16 +526,16 @@ sflt_termsock(struct socket *so)
                        entry->sfe_flags |= SFEF_NODETACH;
 
                        /* Drop the lock before calling the detach function */
-                       lck_rw_unlock_exclusive(sock_filter_lock);
+                       lck_rw_unlock_exclusive(&sock_filter_lock);
                        sfe_filter->sf_filter.sf_detach(sfe_cookie, so);
-                       lck_rw_lock_exclusive(sock_filter_lock);
+                       lck_rw_lock_exclusive(&sock_filter_lock);
 
                        /* Release the filter */
                        sflt_release_locked(sfe_filter);
                }
        }
 
-       lck_rw_unlock_exclusive(sock_filter_lock);
+       lck_rw_unlock_exclusive(&sock_filter_lock);
 }
 
 
@@ -561,7 +550,7 @@ sflt_notify_internal(struct socket *so, sflt_event_t event, void *param,
        struct socket_filter_entry *entry;
        int unlocked = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry; entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
                    entry->sfe_filter->sf_filter.sf_notify &&
@@ -572,7 +561,7 @@ sflt_notify_internal(struct socket *so, sflt_event_t event, void *param,
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -588,11 +577,11 @@ sflt_notify_internal(struct socket *so, sflt_event_t event, void *param,
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked != 0) {
                socket_lock(so, 0);
@@ -623,7 +612,7 @@ sflt_ioctl(struct socket *so, u_long cmd, caddr_t data)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -633,7 +622,7 @@ sflt_ioctl(struct socket *so, u_long cmd, caddr_t data)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -649,11 +638,11 @@ sflt_ioctl(struct socket *so, u_long cmd, caddr_t data)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -673,7 +662,7 @@ sflt_bind(struct socket *so, const struct sockaddr *nam)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -683,7 +672,7 @@ sflt_bind(struct socket *so, const struct sockaddr *nam)
                         * release the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -699,11 +688,11 @@ sflt_bind(struct socket *so, const struct sockaddr *nam)
                         * Take the socket filter lock again and
                         * release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -723,7 +712,7 @@ sflt_listen(struct socket *so)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -733,7 +722,7 @@ sflt_listen(struct socket *so)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -749,11 +738,11 @@ sflt_listen(struct socket *so)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -774,7 +763,7 @@ sflt_accept(struct socket *head, struct socket *so,
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -784,7 +773,7 @@ sflt_accept(struct socket *head, struct socket *so,
                         * release the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -800,11 +789,11 @@ sflt_accept(struct socket *head, struct socket *so,
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -824,7 +813,7 @@ sflt_getsockname(struct socket *so, struct sockaddr **local)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -834,7 +823,7 @@ sflt_getsockname(struct socket *so, struct sockaddr **local)
                         * release the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -850,11 +839,11 @@ sflt_getsockname(struct socket *so, struct sockaddr **local)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -874,7 +863,7 @@ sflt_getpeername(struct socket *so, struct sockaddr **remote)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -884,7 +873,7 @@ sflt_getpeername(struct socket *so, struct sockaddr **remote)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -900,11 +889,11 @@ sflt_getpeername(struct socket *so, struct sockaddr **remote)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -924,7 +913,7 @@ sflt_connectin(struct socket *so, const struct sockaddr *remote)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -934,7 +923,7 @@ sflt_connectin(struct socket *so, const struct sockaddr *remote)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -950,11 +939,11 @@ sflt_connectin(struct socket *so, const struct sockaddr *remote)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -970,7 +959,7 @@ sflt_connectout_common(struct socket *so, const struct sockaddr *nam)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -980,7 +969,7 @@ sflt_connectout_common(struct socket *so, const struct sockaddr *nam)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -996,11 +985,11 @@ sflt_connectout_common(struct socket *so, const struct sockaddr *nam)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -1054,7 +1043,7 @@ sflt_setsockopt(struct socket *so, struct sockopt *sopt)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -1064,7 +1053,7 @@ sflt_setsockopt(struct socket *so, struct sockopt *sopt)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -1080,11 +1069,11 @@ sflt_setsockopt(struct socket *so, struct sockopt *sopt)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -1104,7 +1093,7 @@ sflt_getsockopt(struct socket *so, struct sockopt *sopt)
        int unlocked = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                if ((entry->sfe_flags & SFEF_ATTACHED) &&
@@ -1114,7 +1103,7 @@ sflt_getsockopt(struct socket *so, struct sockopt *sopt)
                         * the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -1130,11 +1119,11 @@ sflt_getsockopt(struct socket *so, struct sockopt *sopt)
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -1156,7 +1145,7 @@ sflt_data_out(struct socket *so, const struct sockaddr *to, mbuf_t *data,
        int setsendthread = 0;
        int error = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
        for (entry = so->so_filt; entry && error == 0;
            entry = entry->sfe_next_onsocket) {
                /* skip if this is a subflow socket */
@@ -1170,7 +1159,7 @@ sflt_data_out(struct socket *so, const struct sockaddr *to, mbuf_t *data,
                         * release the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -1191,11 +1180,11 @@ sflt_data_out(struct socket *so, const struct sockaddr *to, mbuf_t *data,
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -1219,7 +1208,7 @@ sflt_data_in(struct socket *so, const struct sockaddr *from, mbuf_t *data,
        int error = 0;
        int unlocked = 0;
 
-       lck_rw_lock_shared(sock_filter_lock);
+       lck_rw_lock_shared(&sock_filter_lock);
 
        for (entry = so->so_filt; entry && (error == 0);
            entry = entry->sfe_next_onsocket) {
@@ -1234,7 +1223,7 @@ sflt_data_in(struct socket *so, const struct sockaddr *from, mbuf_t *data,
                         * release the socket filter lock
                         */
                        sflt_entry_retain(entry);
-                       lck_rw_unlock_shared(sock_filter_lock);
+                       lck_rw_unlock_shared(&sock_filter_lock);
 
                        /* If the socket isn't already unlocked, unlock it */
                        if (unlocked == 0) {
@@ -1250,11 +1239,11 @@ sflt_data_in(struct socket *so, const struct sockaddr *from, mbuf_t *data,
                         * Take the socket filter lock again
                         * and release the entry
                         */
-                       lck_rw_lock_shared(sock_filter_lock);
+                       lck_rw_lock_shared(&sock_filter_lock);
                        sflt_entry_release(entry);
                }
        }
-       lck_rw_unlock_shared(sock_filter_lock);
+       lck_rw_unlock_shared(&sock_filter_lock);
 
        if (unlocked) {
                socket_lock(so, 0);
@@ -1284,7 +1273,7 @@ sflt_detach(socket_t socket, sflt_handle handle)
                return EINVAL;
        }
 
-       lck_rw_lock_exclusive(sock_filter_lock);
+       lck_rw_lock_exclusive(&sock_filter_lock);
        for (entry = socket->so_filt; entry; entry = entry->sfe_next_onsocket) {
                if (entry->sfe_filter->sf_filter.sf_handle == handle &&
                    (entry->sfe_flags & SFEF_ATTACHED) != 0) {
@@ -1295,7 +1284,7 @@ sflt_detach(socket_t socket, sflt_handle handle)
        if (entry != NULL) {
                sflt_detach_locked(entry);
        }
-       lck_rw_unlock_exclusive(sock_filter_lock);
+       lck_rw_unlock_exclusive(&sock_filter_lock);
 
        return result;
 }
@@ -1333,14 +1322,12 @@ sflt_register_common(const struct sflt_filter *filter, int domain, int type,
        }
 
        /* Allocate the socket filter */
-       MALLOC(sock_filt, struct socket_filter *, sizeof(*sock_filt),
-           M_IFADDR, M_WAITOK);
+       sock_filt = kheap_alloc(KM_IFADDR,
+           sizeof(struct socket_filter), Z_WAITOK | Z_ZERO);
        if (sock_filt == NULL) {
                return ENOBUFS;
        }
 
-       bzero(sock_filt, sizeof(*sock_filt));
-
        /* Legacy sflt_filter length; current structure minus extended */
        len = sizeof(*filter) - sizeof(struct sflt_filter_ext);
        /*
@@ -1359,7 +1346,7 @@ sflt_register_common(const struct sflt_filter *filter, int domain, int type,
        }
        bcopy(filter, &sock_filt->sf_filter, len);
 
-       lck_rw_lock_exclusive(sock_filter_lock);
+       lck_rw_lock_exclusive(&sock_filter_lock);
        /* Look for an existing entry */
        TAILQ_FOREACH(match, &sock_filter_head, sf_global_next) {
                if (match->sf_filter.sf_handle ==
@@ -1384,10 +1371,10 @@ sflt_register_common(const struct sflt_filter *filter, int domain, int type,
                        INC_ATOMIC_INT64_LIM(net_api_stats.nas_sfltr_register_os_total);
                }
        }
-       lck_rw_unlock_exclusive(sock_filter_lock);
+       lck_rw_unlock_exclusive(&sock_filter_lock);
 
        if (match != NULL) {
-               FREE(sock_filt, M_IFADDR);
+               kheap_free(KM_IFADDR, sock_filt, sizeof(struct socket_filter));
                return EEXIST;
        }
 
@@ -1415,8 +1402,7 @@ sflt_register_common(const struct sflt_filter *filter, int domain, int type,
                            !SOCK_CHECK_TYPE(so, type)) {
                                continue;
                        }
-                       MALLOC(solist, struct solist *, sizeof(*solist),
-                           M_IFADDR, M_NOWAIT);
+                       solist = kheap_alloc(KHEAP_TEMP, sizeof(struct solist), Z_NOWAIT);
                        if (!solist) {
                                continue;
                        }
@@ -1434,8 +1420,7 @@ sflt_register_common(const struct sflt_filter *filter, int domain, int type,
                            !SOCK_CHECK_TYPE(so, type)) {
                                continue;
                        }
-                       MALLOC(solist, struct solist *, sizeof(*solist),
-                           M_IFADDR, M_NOWAIT);
+                       solist = kheap_alloc(KHEAP_TEMP, sizeof(struct solist), Z_NOWAIT);
                        if (!solist) {
                                continue;
                        }
@@ -1480,7 +1465,7 @@ sflt_register_common(const struct sflt_filter *filter, int domain, int type,
                sock_release(so);
                solist = solisthead;
                solisthead = solisthead->next;
-               FREE(solist, M_IFADDR);
+               kheap_free(KHEAP_TEMP, solist, sizeof(struct solist));
        }
 
        return error;
@@ -1504,7 +1489,7 @@ errno_t
 sflt_unregister(sflt_handle handle)
 {
        struct socket_filter *filter;
-       lck_rw_lock_exclusive(sock_filter_lock);
+       lck_rw_lock_exclusive(&sock_filter_lock);
 
        /* Find the entry by the handle */
        TAILQ_FOREACH(filter, &sock_filter_head, sf_global_next) {
@@ -1537,7 +1522,7 @@ sflt_unregister(sflt_handle handle)
                sflt_release_locked(filter);
        }
 
-       lck_rw_unlock_exclusive(sock_filter_lock);
+       lck_rw_unlock_exclusive(&sock_filter_lock);
 
        if (filter == NULL) {
                return ENOENT;
mirror of XNU