]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/kern/uipc_socket.c
xnu-4570.41.2.tar.gz
[apple/xnu.git] / bsd / kern / uipc_socket.c
index 6b57b3cf8733da668789a871b9f52f41dafc6f3f..7d744eff9154492e400b006ead6cdc06088fdd74 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998-2014 Apple Inc. All rights reserved.
+ * Copyright (c) 1998-2017 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  *
 #include <sys/kern_event.h>
 #include <net/route.h>
 #include <net/init.h>
+#include <net/net_api_stats.h>
 #include <net/ntstat.h>
 #include <net/content_filter.h>
 #include <netinet/in.h>
 #include <netinet/in_pcb.h>
+#include <netinet/in_tclass.h>
+#include <netinet/tcp_var.h>
 #include <netinet/ip6.h>
 #include <netinet6/ip6_var.h>
 #include <netinet/flow_divert.h>
 #include <pexpert/pexpert.h>
 #include <kern/assert.h>
 #include <kern/task.h>
+#include <kern/policy_internal.h>
+
 #include <sys/kpi_mbuf.h>
 #include <sys/mcache.h>
 #include <sys/unpcb.h>
+#include <libkern/section_keywords.h>
 
 #if CONFIG_MACF
-#include <security/mac.h>
 #include <security/mac_framework.h>
 #endif /* MAC */
 
 #include <netinet/mptcp_var.h>
 #endif /* MULTIPATH */
 
+#define ROUNDUP(a, b) (((a) + ((b) - 1)) & (~((b) - 1)))
+
+#if DEBUG || DEVELOPMENT
+#define        DEBUG_KERNEL_ADDRPERM(_v) (_v)
+#else
+#define        DEBUG_KERNEL_ADDRPERM(_v) VM_KERNEL_ADDRPERM(_v)
+#endif
+
 /* TODO: this should be in a header file somewhere */
 extern char *proc_name_address(void *p);
+extern char *proc_best_name(proc_t);
 
 static u_int32_t       so_cache_hw;    /* High water mark for socache */
 static u_int32_t       so_cache_timeouts;      /* number of timeouts */
@@ -146,32 +160,61 @@ static lck_mtx_t  *so_cache_mtx;
 
 #include <machine/limits.h>
 
+static int     filt_sorattach(struct knote *kn, struct kevent_internal_s *kev);
 static void    filt_sordetach(struct knote *kn);
 static int     filt_soread(struct knote *kn, long hint);
+static int     filt_sortouch(struct knote *kn, struct kevent_internal_s *kev);
+static int     filt_sorprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev);
+
+static int     filt_sowattach(struct knote *kn, struct kevent_internal_s *kev);
 static void    filt_sowdetach(struct knote *kn);
 static int     filt_sowrite(struct knote *kn, long hint);
+static int     filt_sowtouch(struct knote *kn, struct kevent_internal_s *kev);
+static int     filt_sowprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev);
+
+static int     filt_sockattach(struct knote *kn, struct kevent_internal_s *kev);
 static void    filt_sockdetach(struct knote *kn);
 static int     filt_sockev(struct knote *kn, long hint);
+static int     filt_socktouch(struct knote *kn, struct kevent_internal_s *kev);
+static int     filt_sockprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev);
 
 static int sooptcopyin_timeval(struct sockopt *, struct timeval *);
 static int sooptcopyout_timeval(struct sockopt *, const struct timeval *);
 
-static struct filterops soread_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) soread_filtops = {
        .f_isfd = 1,
+       .f_attach = filt_sorattach,
        .f_detach = filt_sordetach,
        .f_event = filt_soread,
+       .f_touch = filt_sortouch,
+       .f_process = filt_sorprocess,
 };
 
-static struct filterops sowrite_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) sowrite_filtops = {
        .f_isfd = 1,
+       .f_attach = filt_sowattach,
        .f_detach = filt_sowdetach,
        .f_event = filt_sowrite,
+       .f_touch = filt_sowtouch,
+       .f_process = filt_sowprocess,
 };
 
-static struct filterops sock_filtops = {
+SECURITY_READ_ONLY_EARLY(struct filterops) sock_filtops = {
        .f_isfd = 1,
+       .f_attach = filt_sockattach,
        .f_detach = filt_sockdetach,
        .f_event = filt_sockev,
+       .f_touch = filt_socktouch,
+       .f_process = filt_sockprocess,
+};
+
+SECURITY_READ_ONLY_EARLY(struct filterops) soexcept_filtops = {
+       .f_isfd = 1,
+       .f_attach = filt_sorattach,
+       .f_detach = filt_sordetach,
+       .f_event = filt_soread,
+       .f_touch = filt_sortouch,
+       .f_process = filt_sorprocess,
 };
 
 SYSCTL_DECL(_kern_ipc);
@@ -182,6 +225,10 @@ int socket_debug = 0;
 SYSCTL_INT(_kern_ipc, OID_AUTO, socket_debug,
        CTLFLAG_RW | CTLFLAG_LOCKED, &socket_debug, 0, "");
 
+static unsigned long sodefunct_calls = 0;
+SYSCTL_LONG(_kern_ipc, OID_AUTO, sodefunct_calls, CTLFLAG_LOCKED,
+    &sodefunct_calls, "");
+
 static int socket_zone = M_SOCKET;
 so_gen_t       so_gencnt;      /* generation count for sockets */
 
@@ -236,6 +283,15 @@ int sosendjcl_ignore_capab = 0;
 SYSCTL_INT(_kern_ipc, OID_AUTO, sosendjcl_ignore_capab,
        CTLFLAG_RW | CTLFLAG_LOCKED, &sosendjcl_ignore_capab, 0, "");
 
+/*
+ * Set this to ignore SOF1_IF_2KCL and use big clusters for large
+ * writes on the socket for all protocols on any network interfaces.
+ * Be extra careful when setting this to 1, because sending down packets with
+ * clusters larger that 2 KB might lead to system panics or data corruption.
+ * When set to 0, the system will respect SOF1_IF_2KCL, which is set
+ * on the outgoing interface
+ * Set this to 1  for testing/debugging purposes only.
+ */
 int sosendbigcl_ignore_capab = 0;
 SYSCTL_INT(_kern_ipc, OID_AUTO, sosendbigcl_ignore_capab,
        CTLFLAG_RW | CTLFLAG_LOCKED, &sosendbigcl_ignore_capab, 0, "");
@@ -256,30 +312,70 @@ int sorestrictsend = 1;
 SYSCTL_INT(_kern_ipc, OID_AUTO, sorestrictsend, CTLFLAG_RW | CTLFLAG_LOCKED,
        &sorestrictsend, 0, "Enable outbound interface restrictions");
 
+int soreserveheadroom = 1;
+SYSCTL_INT(_kern_ipc, OID_AUTO, soreserveheadroom, CTLFLAG_RW | CTLFLAG_LOCKED,
+       &soreserveheadroom, 0, "To allocate contiguous datagram buffers");
+
+#if (DEBUG || DEVELOPMENT)
+int so_notsent_lowat_check = 1;
+SYSCTL_INT(_kern_ipc, OID_AUTO, notsent_lowat, CTLFLAG_RW|CTLFLAG_LOCKED,
+    &so_notsent_lowat_check, 0, "enable/disable notsnet lowat check");
+#endif /* DEBUG || DEVELOPMENT */
+
+int so_accept_list_waits = 0;
+#if (DEBUG || DEVELOPMENT)
+SYSCTL_INT(_kern_ipc, OID_AUTO, accept_list_waits, CTLFLAG_RW|CTLFLAG_LOCKED,
+    &so_accept_list_waits, 0, "number of waits for listener incomp list");
+#endif /* DEBUG || DEVELOPMENT */
+
 extern struct inpcbinfo tcbinfo;
 
 /* TODO: these should be in header file */
 extern int get_inpcb_str_size(void);
 extern int get_tcp_str_size(void);
 
-static unsigned int sl_zone_size;              /* size of sockaddr_list */
-static struct zone *sl_zone;                   /* zone for sockaddr_list */
-
-static unsigned int se_zone_size;              /* size of sockaddr_entry */
-static struct zone *se_zone;                   /* zone for sockaddr_entry */
-
 vm_size_t      so_cache_zone_element_size;
 
-static int sodelayed_copy(struct socket *, struct uio *, struct mbuf **, user_ssize_t *);
+static int sodelayed_copy(struct socket *, struct uio *, struct mbuf **,
+    user_ssize_t *);
 static void cached_sock_alloc(struct socket **, int);
 static void cached_sock_free(struct socket *);
 
+/*
+ * Maximum of extended background idle sockets per process
+ * Set to zero to disable further setting of the option
+ */
+
+#define        SO_IDLE_BK_IDLE_MAX_PER_PROC    1
+#define        SO_IDLE_BK_IDLE_TIME            600
+#define        SO_IDLE_BK_IDLE_RCV_HIWAT       131072
+
+struct soextbkidlestat soextbkidlestat;
+
+SYSCTL_UINT(_kern_ipc, OID_AUTO, maxextbkidleperproc,
+       CTLFLAG_RW | CTLFLAG_LOCKED, &soextbkidlestat.so_xbkidle_maxperproc, 0,
+       "Maximum of extended background idle sockets per process");
+
+SYSCTL_UINT(_kern_ipc, OID_AUTO, extbkidletime, CTLFLAG_RW | CTLFLAG_LOCKED,
+       &soextbkidlestat.so_xbkidle_time, 0,
+       "Time in seconds to keep extended background idle sockets");
+
+SYSCTL_UINT(_kern_ipc, OID_AUTO, extbkidlercvhiwat, CTLFLAG_RW | CTLFLAG_LOCKED,
+       &soextbkidlestat.so_xbkidle_rcvhiwat, 0,
+       "High water mark for extended background idle sockets");
+
+SYSCTL_STRUCT(_kern_ipc, OID_AUTO, extbkidlestat, CTLFLAG_RD | CTLFLAG_LOCKED,
+       &soextbkidlestat, soextbkidlestat, "");
+
+int so_set_extended_bk_idle(struct socket *, int);
+
+
 /*
  * SOTCDB_NO_DSCP is set by default, to prevent the networking stack from
  * setting the DSCP code on the packet based on the service class; see
  * <rdar://problem/11277343> for details.
  */
-__private_extern__ u_int32_t sotcdb = SOTCDB_NO_DSCP;
+__private_extern__ u_int32_t sotcdb = 0;
 SYSCTL_INT(_kern_ipc, OID_AUTO, sotcdb, CTLFLAG_RW | CTLFLAG_LOCKED,
        &sotcdb, 0, "");
 
@@ -289,6 +385,22 @@ socketinit(void)
        _CASSERT(sizeof(so_gencnt) == sizeof(uint64_t));
        VERIFY(IS_P2ALIGNED(&so_gencnt, sizeof(uint32_t)));
 
+#ifdef __LP64__
+       _CASSERT(sizeof(struct sa_endpoints) == sizeof(struct user64_sa_endpoints));
+       _CASSERT(offsetof(struct sa_endpoints, sae_srcif) == offsetof(struct user64_sa_endpoints, sae_srcif));
+       _CASSERT(offsetof(struct sa_endpoints, sae_srcaddr) == offsetof(struct user64_sa_endpoints, sae_srcaddr));
+       _CASSERT(offsetof(struct sa_endpoints, sae_srcaddrlen) == offsetof(struct user64_sa_endpoints, sae_srcaddrlen));
+       _CASSERT(offsetof(struct sa_endpoints, sae_dstaddr) == offsetof(struct user64_sa_endpoints, sae_dstaddr));
+       _CASSERT(offsetof(struct sa_endpoints, sae_dstaddrlen) == offsetof(struct user64_sa_endpoints, sae_dstaddrlen));
+#else
+       _CASSERT(sizeof(struct sa_endpoints) == sizeof(struct user32_sa_endpoints));
+       _CASSERT(offsetof(struct sa_endpoints, sae_srcif) == offsetof(struct user32_sa_endpoints, sae_srcif));
+       _CASSERT(offsetof(struct sa_endpoints, sae_srcaddr) == offsetof(struct user32_sa_endpoints, sae_srcaddr));
+       _CASSERT(offsetof(struct sa_endpoints, sae_srcaddrlen) == offsetof(struct user32_sa_endpoints, sae_srcaddrlen));
+       _CASSERT(offsetof(struct sa_endpoints, sae_dstaddr) == offsetof(struct user32_sa_endpoints, sae_dstaddr));
+       _CASSERT(offsetof(struct sa_endpoints, sae_dstaddrlen) == offsetof(struct user32_sa_endpoints, sae_dstaddrlen));
+#endif
+
        if (socketinit_done) {
                printf("socketinit: already called...\n");
                return;
@@ -321,29 +433,15 @@ socketinit(void)
        so_cache_zone_element_size = (vm_size_t)(sizeof (struct socket) + 4
            + get_inpcb_str_size() + 4 + get_tcp_str_size());
 
-       so_cache_zone = zinit(so_cache_zone_element_size, 
+       so_cache_zone = zinit(so_cache_zone_element_size,
            (120000 * so_cache_zone_element_size), 8192, "socache zone");
        zone_change(so_cache_zone, Z_CALLERACCT, FALSE);
        zone_change(so_cache_zone, Z_NOENCRYPT, TRUE);
 
-       sl_zone_size = sizeof (struct sockaddr_list);
-       if ((sl_zone = zinit(sl_zone_size, 1024 * sl_zone_size, 1024,
-           "sockaddr_list")) == NULL) {
-               panic("%s: unable to allocate sockaddr_list zone\n", __func__);
-               /* NOTREACHED */
-       }
-       zone_change(sl_zone, Z_CALLERACCT, FALSE);
-       zone_change(sl_zone, Z_EXPAND, TRUE);
-
-       se_zone_size = sizeof (struct sockaddr_entry);
-       if ((se_zone = zinit(se_zone_size, 1024 * se_zone_size, 1024,
-           "sockaddr_entry")) == NULL) {
-               panic("%s: unable to allocate sockaddr_entry zone\n", __func__);
-               /* NOTREACHED */
-       }
-       zone_change(se_zone, Z_CALLERACCT, FALSE);
-       zone_change(se_zone, Z_EXPAND, TRUE);
-
+       bzero(&soextbkidlestat, sizeof(struct soextbkidlestat));
+       soextbkidlestat.so_xbkidle_maxperproc = SO_IDLE_BK_IDLE_MAX_PER_PROC;
+       soextbkidlestat.so_xbkidle_time = SO_IDLE_BK_IDLE_TIME;
+       soextbkidlestat.so_xbkidle_rcvhiwat = SO_IDLE_BK_IDLE_RCV_HIWAT;
 
        in_pcbinit();
        sflt_init();
@@ -390,8 +488,8 @@ cached_sock_alloc(struct socket **so, int waitok)
                bzero((caddr_t)*so, sizeof (struct socket));
 
                /*
-                * Define offsets for extra structures into our 
-                * single block of memory. Align extra structures 
+                * Define offsets for extra structures into our
+                * single block of memory. Align extra structures
                 * on longword boundaries.
                 */
 
@@ -409,7 +507,7 @@ cached_sock_alloc(struct socket **so, int waitok)
                    (caddr_t)offset;
        }
 
-       (*so)->cached_in_sock_layer = true;
+       OSBitOrAtomic(SOF1_CACHED_IN_SOCK_LAYER, &(*so)->so_flags1);
 }
 
 static void
@@ -465,10 +563,12 @@ so_update_policy(struct socket *so)
 
 #if NECP
 static void
-so_update_necp_policy(struct socket *so, struct sockaddr *override_local_addr, struct sockaddr *override_remote_addr)
+so_update_necp_policy(struct socket *so, struct sockaddr *override_local_addr,
+    struct sockaddr *override_remote_addr)
 {
        if (SOCK_DOM(so) == PF_INET || SOCK_DOM(so) == PF_INET6)
-               inp_update_necp_policy(sotoinpcb(so), override_local_addr, override_remote_addr, 0);
+               inp_update_necp_policy(sotoinpcb(so), override_local_addr,
+                   override_remote_addr, 0);
 }
 #endif /* NECP */
 
@@ -486,7 +586,7 @@ so_cache_timer(void)
        while (!STAILQ_EMPTY(&so_cache_head)) {
                VERIFY(cached_sock_count > 0);
                p = STAILQ_FIRST(&so_cache_head);
-               if ((so_cache_time - p->cache_timestamp) < 
+               if ((so_cache_time - p->cache_timestamp) <
                        SO_CACHE_TIME_LIMIT)
                        break;
 
@@ -532,6 +632,12 @@ soalloc(int waitok, int dom, int type)
        if (so != NULL) {
                so->so_gencnt = OSIncrementAtomic64((SInt64 *)&so_gencnt);
                so->so_zone = socket_zone;
+
+               /*
+                * Increment the socket allocation statistics
+                */
+               INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_alloc_total);
+
 #if CONFIG_MACF_SOCKET
                /* Convert waitok to  M_WAITOK/M_NOWAIT for MAC Framework. */
                if (mac_socket_label_init(so, !waitok) != 0) {
@@ -579,19 +685,48 @@ socreate_internal(int dom, struct socket **aso, int type, int proto,
        if (so == NULL)
                return (ENOBUFS);
 
+       switch (dom) {
+               case PF_LOCAL:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_local_total);
+                       break;
+               case PF_INET:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_inet_total);
+                       if (type == SOCK_STREAM) {
+                               INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet_stream_total);
+                       } else  {
+                               INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet_dgram_total);
+                       }
+                       break;
+               case PF_ROUTE:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_route_total);
+                       break;
+               case PF_NDRV:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_ndrv_total);
+                       break;
+               case PF_KEY:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_key_total);
+                       break;
+               case PF_INET6:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_inet6_total);
+                       if (type == SOCK_STREAM) {
+                               INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet6_stream_total);
+                       } else {
+                               INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet6_dgram_total);
+                       }
+                       break;
+               case PF_SYSTEM:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_system_total);
+                       break;
+               case PF_MULTIPATH:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_multipath_total);
+                       break;
+               default:
+                       INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_domain_other_total);
+                       break;
+       }
+
        if (flags & SOCF_ASYNC)
                so->so_state |= SS_NBIO;
-#if MULTIPATH
-       if (flags & SOCF_MP_SUBFLOW) {
-               /*
-                * A multipath subflow socket is used internally in the kernel,
-                * therefore it does not have a file desciptor associated by
-                * default.
-                */
-               so->so_state |= SS_NOFDREF;
-               so->so_flags |= SOF_MP_SUBFLOW;
-       }
-#endif /* MULTIPATH */
 
        TAILQ_INIT(&so->so_incomp);
        TAILQ_INIT(&so->so_comp);
@@ -637,6 +772,7 @@ socreate_internal(int dom, struct socket **aso, int type, int proto,
                 * so protocol attachment handler must be coded carefuly
                 */
                so->so_state |= SS_NOFDREF;
+               VERIFY(so->so_usecount > 0);
                so->so_usecount--;
                sofreelastref(so, 1);   /* will deallocate the socket */
                return (error);
@@ -657,7 +793,8 @@ socreate_internal(int dom, struct socket **aso, int type, int proto,
         * If this thread or task is marked to create backgrounded sockets,
         * mark the socket as background.
         */
-       if (proc_get_effective_thread_policy(current_thread(), TASK_POLICY_NEW_SOCKETS_BG)) {
+       if (proc_get_effective_thread_policy(current_thread(),
+           TASK_POLICY_NEW_SOCKETS_BG)) {
                socket_set_traffic_mgt_flags(so, TRAFFIC_MGT_SO_BACKGROUND);
                so->so_background_thread = current_thread();
        }
@@ -764,24 +901,24 @@ sobindlock(struct socket *so, struct sockaddr *nam, int dolock)
 
        if (dolock)
                socket_lock(so, 1);
-       VERIFY(so->so_usecount > 1);
 
        so_update_last_owner_locked(so, p);
        so_update_policy(so);
-       
+
 #if NECP
        so_update_necp_policy(so, nam, NULL);
 #endif /* NECP */
-       
+
        /*
         * If this is a bind request on a socket that has been marked
         * as inactive, reject it now before we go any further.
         */
        if (so->so_flags & SOF_DEFUNCT) {
                error = EINVAL;
-               SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] (%d)\n",
-                   __func__, proc_pid(p), (uint64_t)VM_KERNEL_ADDRPERM(so),
-                   SOCK_DOM(so), SOCK_TYPE(so), error));
+               SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] (%d)\n",
+                   __func__, proc_pid(p), proc_best_name(p),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so), error);
                goto out;
        }
 
@@ -825,7 +962,7 @@ sodealloc(struct socket *so)
        mac_socket_label_destroy(so);
 #endif /* MAC_SOCKET */
 
-       if (so->cached_in_sock_layer) {
+       if (so->so_flags1 & SOF1_CACHED_IN_SOCK_LAYER) {
                cached_sock_free(so);
        } else {
                FREE_ZONE(so, sizeof (*so), so->so_zone);
@@ -861,11 +998,11 @@ solisten(struct socket *so, int backlog)
 
        so_update_last_owner_locked(so, p);
        so_update_policy(so);
-       
+
 #if NECP
        so_update_necp_policy(so, NULL, NULL);
 #endif /* NECP */
-       
+
        if (so->so_proto == NULL) {
                error = EINVAL;
                goto out;
@@ -885,10 +1022,11 @@ solisten(struct socket *so, int backlog)
            (so->so_flags & SOF_DEFUNCT)) {
                error = EINVAL;
                if (so->so_flags & SOF_DEFUNCT) {
-                       SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] "
+                       SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] "
                            "(%d)\n", __func__, proc_pid(p),
-                           (uint64_t)VM_KERNEL_ADDRPERM(so),
-                           SOCK_DOM(so), SOCK_TYPE(so), error));
+                           proc_best_name(p),
+                           (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                           SOCK_DOM(so), SOCK_TYPE(so), error);
                }
                goto out;
        }
@@ -933,6 +1071,75 @@ out:
        return (error);
 }
 
+/*
+ * The "accept list lock" protects the fields related to the listener queues
+ * because we can unlock a socket to respect the lock ordering between
+ * the listener socket and its clients sockets. The lock ordering is first to
+ * acquire the client socket before the listener socket.
+ *
+ * The accept list lock serializes access to the following fields:
+ * - of the listener socket:
+ *   - so_comp
+ *   - so_incomp
+ *   - so_qlen
+ *   - so_inqlen
+ * - of client sockets that are in so_comp or so_incomp:
+ *   - so_head
+ *   - so_list
+ *
+ * As one can see the accept list lock protects the consistent of the
+ * linkage of the client sockets.
+ *
+ * Note that those fields may be read without holding the accept list lock
+ * for a preflight provided the accept list lock is taken when committing
+ * to take an action based on the result of the preflight. The preflight
+ * saves the cost of doing the unlock/lock dance.
+ */
+void
+so_acquire_accept_list(struct socket *head, struct socket *so)
+{
+       lck_mtx_t *mutex_held;
+
+       if (head->so_proto->pr_getlock == NULL) {
+               return;
+       }
+       mutex_held = (*head->so_proto->pr_getlock)(head, PR_F_WILLUNLOCK);
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
+
+       if (!(head->so_flags1 & SOF1_ACCEPT_LIST_HELD)) {
+               head->so_flags1 |= SOF1_ACCEPT_LIST_HELD;
+               return;
+       }
+       if (so != NULL) {
+               socket_unlock(so, 0);
+       }
+       while (head->so_flags1 & SOF1_ACCEPT_LIST_HELD) {
+               so_accept_list_waits += 1;
+               msleep((caddr_t)&head->so_incomp, mutex_held,
+                   PSOCK | PCATCH, __func__, NULL);
+       }
+       head->so_flags1 |= SOF1_ACCEPT_LIST_HELD;
+       if (so != NULL) {
+               socket_unlock(head, 0);
+               socket_lock(so, 0);
+               socket_lock(head, 0);
+       }
+}
+
+void
+so_release_accept_list(struct socket *head)
+{
+       if (head->so_proto->pr_getlock != NULL) {
+               lck_mtx_t *mutex_held;
+
+               mutex_held = (*head->so_proto->pr_getlock)(head, 0);
+               LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
+
+               head->so_flags1 &= ~SOF1_ACCEPT_LIST_HELD;
+               wakeup((caddr_t)&head->so_incomp);
+       }
+}
+
 void
 sofreelastref(struct socket *so, int dealloc)
 {
@@ -949,11 +1156,30 @@ sofreelastref(struct socket *so, int dealloc)
                return;
        }
        if (head != NULL) {
-               socket_lock(head, 1);
+               /*
+                * Need to lock the listener when the protocol has
+                * per socket locks
+                */
+               if (head->so_proto->pr_getlock != NULL) {
+                       socket_lock(head, 1);
+                       so_acquire_accept_list(head, so);
+               }
                if (so->so_state & SS_INCOMP) {
+                       so->so_state &= ~SS_INCOMP;
                        TAILQ_REMOVE(&head->so_incomp, so, so_list);
                        head->so_incqlen--;
+                       head->so_qlen--;
+                       so->so_head = NULL;
+
+                       if (head->so_proto->pr_getlock != NULL) {
+                               so_release_accept_list(head);
+                               socket_unlock(head, 1);
+                       }
                } else if (so->so_state & SS_COMP) {
+                       if (head->so_proto->pr_getlock != NULL) {
+                               so_release_accept_list(head);
+                               socket_unlock(head, 1);
+                       }
                        /*
                         * We must not decommission a socket that's
                         * on the accept(2) queue.  If we do, then
@@ -965,15 +1191,14 @@ sofreelastref(struct socket *so, int dealloc)
                        so->so_rcv.sb_flags &= ~(SB_SEL|SB_UPCALL);
                        so->so_snd.sb_flags &= ~(SB_SEL|SB_UPCALL);
                        so->so_event = sonullevent;
-                       socket_unlock(head, 1);
                        return;
                } else {
-                       panic("sofree: not queued");
+                       if (head->so_proto->pr_getlock != NULL) {
+                               so_release_accept_list(head);
+                       socket_unlock(head, 1);
+       }
+                       printf("sofree: not queued\n");
                }
-               head->so_qlen--;
-               so->so_state &= ~SS_INCOMP;
-               so->so_head = NULL;
-               socket_unlock(head, 1);
        }
        sowflush(so);
        sorflush(so);
@@ -986,7 +1211,7 @@ sofreelastref(struct socket *so, int dealloc)
 
        /* 3932268: disable upcall */
        so->so_rcv.sb_flags &= ~SB_UPCALL;
-       so->so_snd.sb_flags &= ~SB_UPCALL;
+       so->so_snd.sb_flags &= ~(SB_UPCALL|SB_SNDBYTE_CNT);
        so->so_event = sonullevent;
 
        if (dealloc)
@@ -999,10 +1224,10 @@ soclose_wait_locked(struct socket *so)
        lck_mtx_t *mutex_held;
 
        if (so->so_proto->pr_getlock != NULL)
-               mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+               mutex_held = (*so->so_proto->pr_getlock)(so, PR_F_WILLUNLOCK);
        else
                mutex_held = so->so_proto->pr_domain->dom_mtx;
-       lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
 
        /*
         * Double check here and return if there's no outstanding upcall;
@@ -1013,9 +1238,10 @@ soclose_wait_locked(struct socket *so)
        so->so_rcv.sb_flags &= ~SB_UPCALL;
        so->so_snd.sb_flags &= ~SB_UPCALL;
        so->so_flags |= SOF_CLOSEWAIT;
+
        (void) msleep((caddr_t)&so->so_upcallusecount, mutex_held, (PZERO - 1),
            "soclose_wait_locked", NULL);
-       lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
        so->so_flags &= ~SOF_CLOSEWAIT;
 }
 
@@ -1028,7 +1254,6 @@ int
 soclose_locked(struct socket *so)
 {
        int error = 0;
-       lck_mtx_t *mutex_held;
        struct timespec ts;
 
        if (so->so_usecount == 0) {
@@ -1052,9 +1277,15 @@ soclose_locked(struct socket *so)
        }
 #endif /* CONTENT_FILTER */
 
+       if (so->so_flags1 & SOF1_EXTEND_BK_IDLE_INPROG) {
+               soresume(current_proc(), so, 1);
+               so->so_flags1 &= ~SOF1_EXTEND_BK_IDLE_WANTED;
+       }
+
        if ((so->so_options & SO_ACCEPTCONN)) {
                struct socket *sp, *sonext;
-               int socklock = 0;
+               int persocklock = 0;
+               int incomp_overflow_only;
 
                /*
                 * We do not want new connection to be added
@@ -1062,10 +1293,19 @@ soclose_locked(struct socket *so)
                 */
                so->so_options &= ~SO_ACCEPTCONN;
 
-               for (sp = TAILQ_FIRST(&so->so_incomp);
-                   sp != NULL; sp = sonext) {
-                       sonext = TAILQ_NEXT(sp, so_list);
+               /*
+                * We can drop the lock on the listener once
+                * we've acquired the incoming list
+                */
+               if (so->so_proto->pr_getlock != NULL) {
+                       persocklock = 1;
+                       so_acquire_accept_list(so, NULL);
+                       socket_unlock(so, 0);
+               }
+again:
+               incomp_overflow_only = 1;
 
+               TAILQ_FOREACH_SAFE(sp, &so->so_incomp, so_list, sonext) {
                        /*
                         * Radar 5350314
                         * skip sockets thrown away by tcpdropdropblreq
@@ -1076,53 +1316,72 @@ soclose_locked(struct socket *so)
                        if (sp->so_flags & SOF_OVERFLOW)
                                continue;
 
-                       if (so->so_proto->pr_getlock != NULL) {
-                               /*
-                                * Lock ordering for consistency with the
-                                * rest of the stack, we lock the socket
-                                * first and then grabb the head.
-                                */
-                               socket_unlock(so, 0);
+                       if (persocklock != 0)
                                socket_lock(sp, 1);
-                               socket_lock(so, 0);
-                               socklock = 1;
-                       }
-
-                       TAILQ_REMOVE(&so->so_incomp, sp, so_list);
-                       so->so_incqlen--;
 
+                       /*
+                        * Radar 27945981
+                        * The extra reference for the list insure the
+                        * validity of the socket pointer when we perform the
+                        * unlock of the head above
+                        */
                        if (sp->so_state & SS_INCOMP) {
                                sp->so_state &= ~SS_INCOMP;
                                sp->so_head = NULL;
+                               TAILQ_REMOVE(&so->so_incomp, sp, so_list);
+                               so->so_incqlen--;
+                               so->so_qlen--;
 
                                (void) soabort(sp);
+                       } else {
+                               panic("%s sp %p in so_incomp but !SS_INCOMP",
+                                   __func__, sp);
                        }
 
-                       if (socklock)
+                       if (persocklock != 0)
                                socket_unlock(sp, 1);
                }
 
-               while ((sp = TAILQ_FIRST(&so->so_comp)) != NULL) {
+               TAILQ_FOREACH_SAFE(sp, &so->so_comp, so_list, sonext) {
                        /* Dequeue from so_comp since sofree() won't do it */
-                       TAILQ_REMOVE(&so->so_comp, sp, so_list);
-                       so->so_qlen--;
-
-                       if (so->so_proto->pr_getlock != NULL) {
-                               socket_unlock(so, 0);
+                       if (persocklock != 0)
                                socket_lock(sp, 1);
-                       }
 
                        if (sp->so_state & SS_COMP) {
                                sp->so_state &= ~SS_COMP;
                                sp->so_head = NULL;
+                               TAILQ_REMOVE(&so->so_comp, sp, so_list);
+                               so->so_qlen--;
 
                                (void) soabort(sp);
+                       } else {
+                               panic("%s sp %p in so_comp but !SS_COMP",
+                                   __func__, sp);
                        }
 
-                       if (so->so_proto->pr_getlock != NULL) {
+                       if (persocklock)
                                socket_unlock(sp, 1);
-                               socket_lock(so, 0);
                        }
+
+               if (incomp_overflow_only == 0 && !TAILQ_EMPTY(&so->so_incomp)) {
+#if (DEBUG|DEVELOPMENT)
+                       panic("%s head %p so_comp not empty\n", __func__, so);
+#endif /* (DEVELOPMENT || DEBUG) */
+
+                       goto again;
+               }
+
+               if (!TAILQ_EMPTY(&so->so_comp)) {
+#if (DEBUG|DEVELOPMENT)
+                       panic("%s head %p so_comp not empty\n", __func__, so);
+#endif /* (DEVELOPMENT || DEBUG) */
+
+                       goto again;
+               }
+
+               if (persocklock) {
+                       socket_lock(so, 0);
+                       so_release_accept_list(so);
                }
        }
        if (so->so_pcb == NULL) {
@@ -1137,11 +1396,13 @@ soclose_locked(struct socket *so)
                                goto drop;
                }
                if (so->so_options & SO_LINGER) {
+                       lck_mtx_t *mutex_held;
+
                        if ((so->so_state & SS_ISDISCONNECTING) &&
                            (so->so_state & SS_NBIO))
                                goto drop;
                        if (so->so_proto->pr_getlock != NULL)
-                               mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+                               mutex_held = (*so->so_proto->pr_getlock)(so, PR_F_WILLUNLOCK);
                        else
                                mutex_held = so->so_proto->pr_domain->dom_mtx;
                        while (so->so_state & SS_ISCONNECTED) {
@@ -1184,15 +1445,13 @@ discard:
        }
        so->so_state |= SS_NOFDREF;
 
-       if (so->so_flags & SOF_MP_SUBFLOW)
-               so->so_flags &= ~SOF_MP_SUBFLOW;
-
        if ((so->so_flags & SOF_KNOTE) != 0)
                KNOTE(&so->so_klist, SO_FILT_HINT_LOCKED);
 
        atomic_add_32(&so->so_proto->pr_domain->dom_refs, -1);
        evsofree(so);
 
+       VERIFY(so->so_usecount > 0);
        so->so_usecount--;
        sofree(so);
        return (error);
@@ -1236,7 +1495,7 @@ soabort(struct socket *so)
                mutex_held = (*so->so_proto->pr_getlock)(so, 0);
        else
                mutex_held = so->so_proto->pr_domain->dom_mtx;
-       lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
 #endif
 
        if ((so->so_flags & SOF_ABORTED) == 0) {
@@ -1281,11 +1540,10 @@ soaccept(struct socket *so, struct sockaddr **nam)
 }
 
 int
-soacceptfilter(struct socket *so)
+soacceptfilter(struct socket *so, struct socket *head)
 {
        struct sockaddr *local = NULL, *remote = NULL;
        int error = 0;
-       struct socket *head = so->so_head;
 
        /*
         * Hold the lock even if this socket has not been made visible
@@ -1295,8 +1553,7 @@ soacceptfilter(struct socket *so)
        socket_lock(so, 1);
        if (sogetaddr_locked(so, &remote, 1) != 0 ||
            sogetaddr_locked(so, &local, 0) != 0) {
-               so->so_state &= ~(SS_NOFDREF | SS_COMP);
-               so->so_head = NULL;
+               so->so_state &= ~SS_NOFDREF;
                socket_unlock(so, 1);
                soclose(so);
                /* Out of resources; try it again next time */
@@ -1324,8 +1581,7 @@ soacceptfilter(struct socket *so)
                 * the following is done while holding the lock since
                 * the socket has been exposed to the filter(s) earlier.
                 */
-               so->so_state &= ~(SS_NOFDREF | SS_COMP);
-               so->so_head = NULL;
+               so->so_state &= ~SS_NOFDREF;
                socket_unlock(so, 1);
                soclose(so);
                /* Propagate socket filter's error code to the caller */
@@ -1375,10 +1631,11 @@ soconnectlock(struct socket *so, struct sockaddr *nam, int dolock)
        if ((so->so_options & SO_ACCEPTCONN) || (so->so_flags & SOF_DEFUNCT)) {
                error = EOPNOTSUPP;
                if (so->so_flags & SOF_DEFUNCT) {
-                       SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] "
+                       SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] "
                            "(%d)\n", __func__, proc_pid(p),
-                           (uint64_t)VM_KERNEL_ADDRPERM(so),
-                           SOCK_DOM(so), SOCK_TYPE(so), error));
+                           proc_best_name(p),
+                           (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                           SOCK_DOM(so), SOCK_TYPE(so), error);
                }
                if (dolock)
                        socket_unlock(so, 1);
@@ -1452,16 +1709,16 @@ soconnect2(struct socket *so1, struct socket *so2)
 }
 
 int
-soconnectxlocked(struct socket *so, struct sockaddr_list **src_sl,
-    struct sockaddr_list **dst_sl, struct proc *p, uint32_t ifscope,
-    associd_t aid, connid_t *pcid, uint32_t flags, void *arg,
-    uint32_t arglen)
+soconnectxlocked(struct socket *so, struct sockaddr *src,
+    struct sockaddr *dst, struct proc *p, uint32_t ifscope,
+    sae_associd_t aid, sae_connid_t *pcid, uint32_t flags, void *arg,
+    uint32_t arglen, uio_t auio, user_ssize_t *bytes_written)
 {
        int error;
 
        so_update_last_owner_locked(so, p);
        so_update_policy(so);
-       
+
        /*
         * If this is a listening socket or if this is a previously-accepted
         * socket that has been marked as inactive, reject the connect request.
@@ -1469,10 +1726,11 @@ soconnectxlocked(struct socket *so, struct sockaddr_list **src_sl,
        if ((so->so_options & SO_ACCEPTCONN) || (so->so_flags & SOF_DEFUNCT)) {
                error = EOPNOTSUPP;
                if (so->so_flags & SOF_DEFUNCT) {
-                       SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] "
+                       SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] "
                            "(%d)\n", __func__, proc_pid(p),
-                           (uint64_t)VM_KERNEL_ADDRPERM(so),
-                           SOCK_DOM(so), SOCK_TYPE(so), error));
+                           proc_best_name(p),
+                           (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                           SOCK_DOM(so), SOCK_TYPE(so), error);
                }
                return (error);
        }
@@ -1496,14 +1754,16 @@ soconnectxlocked(struct socket *so, struct sockaddr_list **src_sl,
                 * Run connect filter before calling protocol:
                 *  - non-blocking connect returns before completion;
                 */
-               error = sflt_connectxout(so, dst_sl);
+               error = sflt_connectout(so, dst);
                if (error != 0) {
+                       /* Disable PRECONNECT_DATA, as we don't need to send a SYN anymore. */
+                       so->so_flags1 &= ~SOF1_PRECONNECT_DATA;
                        if (error == EJUSTRETURN)
                                error = 0;
                } else {
                        error = (*so->so_proto->pr_usrreqs->pru_connectx)
-                           (so, src_sl, dst_sl, p, ifscope, aid, pcid,
-                           flags, arg, arglen);
+                           (so, src, dst, p, ifscope, aid, pcid,
+                           flags, arg, arglen, auio, bytes_written);
                }
        }
 
@@ -1545,7 +1805,7 @@ sodisconnect(struct socket *so)
 }
 
 int
-sodisconnectxlocked(struct socket *so, associd_t aid, connid_t cid)
+sodisconnectxlocked(struct socket *so, sae_associd_t aid, sae_connid_t cid)
 {
        int error;
 
@@ -1566,7 +1826,7 @@ sodisconnectxlocked(struct socket *so, associd_t aid, connid_t cid)
 }
 
 int
-sodisconnectx(struct socket *so, associd_t aid, connid_t cid)
+sodisconnectx(struct socket *so, sae_associd_t aid, sae_connid_t cid)
 {
        int error;
 
@@ -1576,12 +1836,6 @@ sodisconnectx(struct socket *so, associd_t aid, connid_t cid)
        return (error);
 }
 
-int
-sopeelofflocked(struct socket *so, associd_t aid, struct socket **psop)
-{
-       return ((*so->so_proto->pr_usrreqs->pru_peeloff)(so, aid, psop));
-}
-
 #define        SBLOCKWAIT(f)   (((f) & MSG_DONTWAIT) ? 0 : SBL_WAIT)
 
 /*
@@ -1635,9 +1889,10 @@ restart:
        if (so->so_flags & SOF_DEFUNCT) {
 defunct:
                error = EPIPE;
-               SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] (%d)\n",
-                   __func__, proc_selfpid(), (uint64_t)VM_KERNEL_ADDRPERM(so),
-                   SOCK_DOM(so), SOCK_TYPE(so), error));
+               SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] (%d)\n",
+                   __func__, proc_selfpid(), proc_best_name(current_proc()),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so), error);
                return (error);
        }
 
@@ -1651,7 +1906,7 @@ defunct:
                        cfil_sock_data_pending(&so->so_snd) != 0)
                        CFIL_LOG(LOG_INFO,
                                "so %llx ignore SS_CANTSENDMORE",
-                               (uint64_t)VM_KERNEL_ADDRPERM(so));
+                               (uint64_t)DEBUG_KERNEL_ADDRPERM(so));
                else
 #endif /* CONTENT_FILTER */
                        return (EPIPE);
@@ -1665,23 +1920,16 @@ defunct:
        if ((so->so_state & SS_ISCONNECTED) == 0) {
                if ((so->so_proto->pr_flags & PR_CONNREQUIRED) != 0) {
                        if (((so->so_state & SS_ISCONFIRMING) == 0) &&
-                           (resid != 0 || clen == 0)) {
-#if MPTCP
-                               /* 
-                                * MPTCP Fast Join sends data before the 
-                                * socket is truly connected.
-                                */
-                               if ((so->so_flags & (SOF_MP_SUBFLOW |
-                                       SOF_MPTCP_FASTJOIN)) !=
-                                   (SOF_MP_SUBFLOW | SOF_MPTCP_FASTJOIN))
-#endif /* MPTCP */                     
+                           (resid != 0 || clen == 0) &&
+                           !(so->so_flags1 & SOF1_PRECONNECT_DATA))
                                return (ENOTCONN);
-                       }
+
                } else if (addr == 0 && !(flags&MSG_HOLD)) {
                        return ((so->so_proto->pr_flags & PR_CONNREQUIRED) ?
                            ENOTCONN : EDESTADDRREQ);
                }
        }
+
        if (so->so_flags & SOF_ENABLE_MSGS)
                space = msgq_sbspace(so, control);
        else
@@ -1694,8 +1942,21 @@ defunct:
                return (EMSGSIZE);
 
        if ((space < resid + clen &&
-           (atomic || space < (int32_t)so->so_snd.sb_lowat || space < clen)) ||
+           (atomic || (space < (int32_t)so->so_snd.sb_lowat) ||
+           space < clen)) ||
            (so->so_type == SOCK_STREAM && so_wait_for_if_feedback(so))) {
+               /*
+                * don't block the connectx call when there's more data
+                * than can be copied.
+                */
+               if (so->so_flags1 & SOF1_PRECONNECT_DATA) {
+                       if (space == 0) {
+                               return (EWOULDBLOCK);
+                       }
+                       if (space < (int32_t)so->so_snd.sb_lowat) {
+                               return (0);
+                       }
+               }
                if ((so->so_state & SS_NBIO) || (flags & MSG_NBIO) ||
                    assumelock) {
                        return (EWOULDBLOCK);
@@ -1779,12 +2040,14 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
 {
        struct mbuf **mp;
        struct mbuf *m, *freelist = NULL;
-       user_ssize_t space, len, resid;
+       user_ssize_t space, len, resid, orig_resid;
        int clen = 0, error, dontroute, mlen, sendflags;
        int atomic = sosendallatonce(so) || top;
        int sblocked = 0;
        struct proc *p = current_proc();
        struct mbuf *control_copy = NULL;
+       uint16_t headroom = 0;
+       boolean_t en_tracing = FALSE;
 
        if (uio != NULL)
                resid = uio_resid(uio);
@@ -1796,22 +2059,39 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
 
        socket_lock(so, 1);
 
+       /*
+        * trace if tracing & network (vs. unix) sockets & and
+        * non-loopback
+        */
+       if (ENTR_SHOULDTRACE &&
+           (SOCK_CHECK_DOM(so, AF_INET) || SOCK_CHECK_DOM(so, AF_INET6))) {
+               struct inpcb *inp = sotoinpcb(so);
+               if (inp->inp_last_outifp != NULL &&
+                   !(inp->inp_last_outifp->if_flags & IFF_LOOPBACK)) {
+                       en_tracing = TRUE;
+                       KERNEL_ENERGYTRACE(kEnTrActKernSockWrite, DBG_FUNC_START,
+                           VM_KERNEL_ADDRPERM(so),
+                           ((so->so_state & SS_NBIO) ? kEnTrFlagNonBlocking : 0),
+                           (int64_t)resid);
+                       orig_resid = resid;
+               }
+       }
+
        /*
         * Re-injection should not affect process accounting
         */
        if ((flags & MSG_SKIPCFIL) == 0) {
-       so_update_last_owner_locked(so, p);
-       so_update_policy(so);
-       
+               so_update_last_owner_locked(so, p);
+               so_update_policy(so);
+
 #if NECP
-       so_update_necp_policy(so, NULL, addr);
+               so_update_necp_policy(so, NULL, addr);
 #endif /* NECP */
        }
-       
+
        if (so->so_type != SOCK_STREAM && (flags & MSG_OOB) != 0) {
                error = EOPNOTSUPP;
-               socket_unlock(so, 1);
-               goto out;
+               goto out_locked;
        }
 
        /*
@@ -1830,8 +2110,7 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
        if (resid < 0 || resid > INT_MAX || (so->so_type == SOCK_STREAM &&
            !(so->so_flags & SOF_ENABLE_MSGS) && (flags & MSG_EOR))) {
                error = EINVAL;
-               socket_unlock(so, 1);
-               goto out;
+               goto out_locked;
        }
 
        dontroute = (flags & MSG_DONTROUTE) &&
@@ -1842,11 +2121,14 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
        if (control != NULL)
                clen = control->m_len;
 
+       if (soreserveheadroom != 0)
+               headroom = so->so_pktheadroom;
+
        do {
                error = sosendcheck(so, addr, resid, clen, atomic, flags,
                    &sblocked, control);
                if (error)
-                       goto release;
+                       goto out_locked;
 
                mp = &top;
                if (so->so_flags & SOF_ENABLE_MSGS)
@@ -1868,22 +2150,26 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                int bytes_to_copy;
                                boolean_t jumbocl;
                                boolean_t bigcl;
+                               int bytes_to_alloc;
 
                                bytes_to_copy = imin(resid, space);
 
+                               bytes_to_alloc = bytes_to_copy;
+                               if (top == NULL)
+                                       bytes_to_alloc += headroom;
+
                                if (sosendminchain > 0)
                                        chainlength = 0;
                                else
                                        chainlength = sosendmaxchain;
 
                                /*
-                                * Use big 4 KB cluster only when outgoing
-                                * interface does not want 2 LB clusters
+                                * Use big 4 KB cluster when the outgoing interface
+                                * does not prefer 2 KB clusters
                                 */
-                               bigcl = 
-                                   !(so->so_flags1 & SOF1_IF_2KCL) ||
+                               bigcl = !(so->so_flags1 & SOF1_IF_2KCL) ||
                                    sosendbigcl_ignore_capab;
-                               
+
                                /*
                                 * Attempt to use larger than system page-size
                                 * clusters for large writes only if there is
@@ -1917,12 +2203,12 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                         * haven't yet consumed.
                                         */
                                        if (freelist == NULL &&
-                                           bytes_to_copy > MBIGCLBYTES &&
+                                           bytes_to_alloc > MBIGCLBYTES &&
                                            jumbocl) {
                                                num_needed =
-                                                   bytes_to_copy / M16KCLBYTES;
+                                                   bytes_to_alloc / M16KCLBYTES;
 
-                                               if ((bytes_to_copy -
+                                               if ((bytes_to_alloc -
                                                    (num_needed * M16KCLBYTES))
                                                    >= MINCLSIZE)
                                                        num_needed++;
@@ -1939,12 +2225,12 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                        }
 
                                        if (freelist == NULL &&
-                                           bytes_to_copy > MCLBYTES &&
+                                           bytes_to_alloc > MCLBYTES &&
                                            bigcl) {
                                                num_needed =
-                                                   bytes_to_copy / MBIGCLBYTES;
+                                                   bytes_to_alloc / MBIGCLBYTES;
 
-                                               if ((bytes_to_copy -
+                                               if ((bytes_to_alloc -
                                                    (num_needed * MBIGCLBYTES)) >=
                                                    MINCLSIZE)
                                                        num_needed++;
@@ -1960,12 +2246,34 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                                 */
                                        }
 
-                                       if (freelist == NULL &&
-                                           bytes_to_copy > MINCLSIZE) {
+                                       /*
+                                        * Allocate a cluster as we want to
+                                        * avoid to split the data in more
+                                        * that one segment and using MINCLSIZE
+                                        * would lead us to allocate two mbufs
+                                        */
+                                       if (soreserveheadroom != 0 &&
+                                           freelist == NULL &&
+                                           ((top == NULL &&
+                                           bytes_to_alloc > _MHLEN) ||
+                                           bytes_to_alloc > _MLEN)) {
+                                               num_needed = ROUNDUP(bytes_to_alloc, MCLBYTES) /
+                                                   MCLBYTES;
+                                               freelist =
+                                                   m_getpackets_internal(
+                                                   (unsigned int *)&num_needed,
+                                                   hdrs_needed, M_WAIT, 0,
+                                                   MCLBYTES);
+                                               /*
+                                                * Fall back to a single mbuf
+                                                * if allocation failed
+                                                */
+                                       } else if (freelist == NULL &&
+                                           bytes_to_alloc > MINCLSIZE) {
                                                num_needed =
-                                                   bytes_to_copy / MCLBYTES;
+                                                   bytes_to_alloc / MCLBYTES;
 
-                                               if ((bytes_to_copy -
+                                               if ((bytes_to_alloc -
                                                    (num_needed * MCLBYTES)) >=
                                                    MINCLSIZE)
                                                        num_needed++;
@@ -1980,7 +2288,20 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                                 * if allocation failed
                                                 */
                                        }
+                                       /*
+                                        * For datagram protocols, leave
+                                        * headroom for protocol headers
+                                        * in the first cluster of the chain
+                                        */
+                                       if (freelist != NULL && atomic &&
+                                           top == NULL && headroom > 0) {
+                                               freelist->m_data += headroom;
+                                       }
 
+                                       /*
+                                        * Fall back to regular mbufs without
+                                        * reserving the socket headroom
+                                        */
                                        if (freelist == NULL) {
                                                if (top == NULL)
                                                        MGETHDR(freelist,
@@ -1992,7 +2313,7 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                                if (freelist == NULL) {
                                                        error = ENOBUFS;
                                                        socket_lock(so, 0);
-                                                       goto release;
+                                                       goto out_locked;
                                                }
                                                /*
                                                 * For datagram protocols,
@@ -2010,12 +2331,13 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                        m->m_next = NULL;
 
                                        if ((m->m_flags & M_EXT))
-                                               mlen = m->m_ext.ext_size;
+                                               mlen = m->m_ext.ext_size -
+                                                   m_leadingspace(m);
                                        else if ((m->m_flags & M_PKTHDR))
                                                mlen =
                                                    MHLEN - m_leadingspace(m);
                                        else
-                                               mlen = MLEN;
+                                               mlen = MLEN - m_leadingspace(m);
                                        len = imin(mlen, bytes_to_copy);
 
                                        chainlength += len;
@@ -2047,7 +2369,7 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                socket_lock(so, 0);
 
                                if (error)
-                                       goto release;
+                                       goto out_locked;
                        }
 
                        if (flags & (MSG_HOLD|MSG_SEND)) {
@@ -2067,26 +2389,27 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                so->so_tail = mb1;
                                if (flags & MSG_HOLD) {
                                        top = NULL;
-                                       goto release;
+                                       goto out_locked;
                                }
                                top = so->so_temp;
                        }
                        if (dontroute)
                                so->so_options |= SO_DONTROUTE;
 
-                       /* Compute flags here, for pru_send and NKEs */
+                       /*
+                        * Compute flags here, for pru_send and NKEs
+                        *
+                        * If the user set MSG_EOF, the protocol
+                        * understands this flag and nothing left to
+                        * send then use PRU_SEND_EOF instead of PRU_SEND.
+                        */
                        sendflags = (flags & MSG_OOB) ? PRUS_OOB :
-                           /*
-                            * If the user set MSG_EOF, the protocol
-                            * understands this flag and nothing left to
-                            * send then use PRU_SEND_EOF instead of PRU_SEND.
-                            */
                            ((flags & MSG_EOF) &&
-                            (so->so_proto->pr_flags & PR_IMPLOPCL) &&
-                            (resid <= 0)) ? PRUS_EOF :
-                            /* If there is more to send set PRUS_MORETOCOME */
-                            (resid > 0 && space > 0) ? PRUS_MORETOCOME : 0;
-                       
+                           (so->so_proto->pr_flags & PR_IMPLOPCL) &&
+                           (resid <= 0)) ? PRUS_EOF :
+                           /* If there is more to send set PRUS_MORETOCOME */
+                           (resid > 0 && space > 0) ? PRUS_MORETOCOME : 0;
+
                        if ((flags & MSG_SKIPCFIL) == 0) {
                                /*
                                 * Socket filter processing
@@ -2101,14 +2424,14 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                                control = NULL;
                                                top = NULL;
                                        }
-                                       goto release;
+                                       goto out_locked;
                                }
 #if CONTENT_FILTER
                                /*
                                 * Content filter processing
                                 */
                                error = cfil_sock_data_out(so, addr, top,
-                                  control, (sendflags & MSG_OOB) ?
+                                   control, (sendflags & MSG_OOB) ?
                                    sock_data_filt_flag_oob : 0);
                                if (error) {
                                        if (error == EJUSTRETURN) {
@@ -2117,7 +2440,7 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                                                control = NULL;
                                                top = NULL;
                                                }
-                                       goto release;
+                                       goto out_locked;
                                }
 #endif /* CONTENT_FILTER */
                        }
@@ -2144,16 +2467,15 @@ sosend(struct socket *so, struct sockaddr *addr, struct uio *uio,
                        top = NULL;
                        mp = &top;
                        if (error)
-                               goto release;
+                               goto out_locked;
                } while (resid && space > 0);
        } while (resid);
 
-release:
+out_locked:
        if (sblocked)
                sbunlock(&so->so_snd, FALSE);   /* will unlock socket */
        else
                socket_unlock(so, 1);
-out:
        if (top != NULL)
                m_freem(top);
        if (control != NULL)
@@ -2163,24 +2485,39 @@ out:
        if (control_copy != NULL)
                m_freem(control_copy);
 
-       KERNEL_DEBUG(DBG_FNC_SOSEND | DBG_FUNC_END, so, resid, so->so_snd.sb_cc,
-           space, error);
+       soclearfastopen(so);
+
+       if (en_tracing) {
+               /* resid passed here is the bytes left in uio */
+               KERNEL_ENERGYTRACE(kEnTrActKernSockWrite, DBG_FUNC_END,
+                   VM_KERNEL_ADDRPERM(so),
+                   ((error == EWOULDBLOCK) ? kEnTrFlagNoWork : 0),
+                   (int64_t)(orig_resid - resid));
+       }
+       KERNEL_DEBUG(DBG_FNC_SOSEND | DBG_FUNC_END, so, resid,
+           so->so_snd.sb_cc, space, error);
 
        return (error);
 }
 
+/*
+ * Supported only connected sockets (no address) without ancillary data
+ * (control mbuf) for atomic protocols
+ */
 int
-sosend_list(struct socket *so, struct sockaddr *addr, struct uio **uioarray,
-     u_int uiocnt, struct mbuf *top, struct mbuf *control, int flags)
+sosend_list(struct socket *so, struct uio **uioarray, u_int uiocnt, int flags)
 {
        struct mbuf *m, *freelist = NULL;
        user_ssize_t len, resid;
-       int clen = 0, error, dontroute, mlen;
-       int atomic = sosendallatonce(so) || top;
+       int error, dontroute, mlen;
+       int atomic = sosendallatonce(so);
        int sblocked = 0;
        struct proc *p = current_proc();
        u_int uiofirst = 0;
        u_int uiolast = 0;
+       struct mbuf *top = NULL;
+       uint16_t headroom = 0;
+       boolean_t bigcl;
 
        KERNEL_DEBUG((DBG_FNC_SOSEND_LIST | DBG_FUNC_START), so, uiocnt,
            so->so_snd.sb_cc, so->so_snd.sb_lowat, so->so_snd.sb_hiwat);
@@ -2201,10 +2538,7 @@ sosend_list(struct socket *so, struct sockaddr *addr, struct uio **uioarray,
                error = EINVAL;
                goto out;
        }
-       if (uioarray != NULL)
-               resid = uio_array_resid(uioarray, uiocnt);
-       else
-               resid = mbuf_pkt_list_len(top);
+       resid = uio_array_resid(uioarray, uiocnt);
 
        /*
         * In theory resid should be unsigned.
@@ -2220,166 +2554,186 @@ sosend_list(struct socket *so, struct sockaddr *addr, struct uio **uioarray,
                error = EINVAL;
                goto out;
        }
-       /*
-        * Disallow functionality not currently supported
-        * Note: Will need to treat arrays of addresses and controls
-        */
-       if (addr != NULL) {
-               printf("%s addr not supported\n", __func__);
-               error = EOPNOTSUPP;
-               goto out;
-       }
-       if (control != NULL) {
-               printf("%s control not supported\n", __func__);
-               error = EOPNOTSUPP;
-               goto out;
-       }
 
        socket_lock(so, 1);
        so_update_last_owner_locked(so, p);
        so_update_policy(so);
-       
+
 #if NECP
-       so_update_necp_policy(so, NULL, addr);
+       so_update_necp_policy(so, NULL, NULL);
 #endif /* NECP */
-       
+
        dontroute = (flags & MSG_DONTROUTE) &&
            (so->so_options & SO_DONTROUTE) == 0 &&
            (so->so_proto->pr_flags & PR_ATOMIC);
        OSIncrementAtomicLong(&p->p_stats->p_ru.ru_msgsnd);
 
-       if (control != NULL)
-               clen = control->m_len;
-
-       error = sosendcheck(so, addr, resid, clen, atomic, flags,
-           &sblocked, control);
+       error = sosendcheck(so, NULL, resid, 0, atomic, flags,
+           &sblocked, NULL);
        if (error)
                goto release;
 
+       /*
+        * Use big 4 KB clusters when the outgoing interface does not prefer
+        * 2 KB clusters
+        */
+       bigcl = !(so->so_flags1 & SOF1_IF_2KCL) || sosendbigcl_ignore_capab;
+
+       if (soreserveheadroom != 0)
+               headroom = so->so_pktheadroom;
+
        do {
                int i;
+               int num_needed = 0;
+               int chainlength;
+               size_t maxpktlen = 0;
+               int bytes_to_alloc;
 
-               if (uioarray == NULL) {
-                       /*
-                        * Data is prepackaged in "top".
-                        */
-                       resid = 0;
-               } else {
-                       int num_needed = 0;
-                       int chainlength;
-                       size_t maxpktlen = 0;
+               if (sosendminchain > 0)
+                       chainlength = 0;
+               else
+                       chainlength = sosendmaxchain;
 
-                       if (sosendminchain > 0)
-                               chainlength = 0;
-                       else
-                               chainlength = sosendmaxchain;
+               socket_unlock(so, 0);
 
-                       socket_unlock(so, 0);
+               /*
+                * Find a set of uio that fit in a reasonable number
+                * of mbuf packets
+                */
+               for (i = uiofirst; i < uiocnt; i++) {
+                       struct uio *auio = uioarray[i];
 
-                       /*
-                        * Find a set of uio that fit in a reasonable number
-                        * of mbuf packets 
-                        */
-                       for (i = uiofirst; i < uiocnt; i++) {
-                               struct uio *auio = uioarray[i];
+                       len = uio_resid(auio);
 
-                               len = uio_resid(auio);
+                       /* Do nothing for empty messages */
+                       if (len == 0)
+                               continue;
 
-                               /* Do nothing for empty messages */
-                               if (len == 0)
-                                       continue;
+                       num_needed += 1;
+                       uiolast += 1;
 
-                               num_needed += 1;
-                               uiolast += 1;
-                               
-                               if (len > maxpktlen)
-                                       maxpktlen = len;
+                       if (len > maxpktlen)
+                               maxpktlen = len;
 
-                               chainlength += len;
-                               if (chainlength > sosendmaxchain)
-                                       break;
-                       }
-                       /*
-                        * Nothing left to send
-                        */
-                       if (num_needed == 0) {
-                               socket_lock(so, 0);
+                       chainlength += len;
+                       if (chainlength > sosendmaxchain)
                                break;
-                       }
-                       /*
-                        * Allocate the mbuf packets at once
-                        */
-                       freelist = m_allocpacket_internal(
-                           (unsigned int *)&num_needed,
-                           maxpktlen, NULL, M_WAIT, 1, 0);
-
-                       if (freelist == NULL) {
-                               socket_lock(so, 0);
-                               error = ENOMEM;
-                               goto release;
-                       }
-                       /*
-                        * Copy each uio of the set into its own mbuf packet
-                        */
-                       for (i = uiofirst, m = freelist;
-                           i < uiolast && m != NULL;
-                           i++) {
-                               int bytes_to_copy;
-                               struct mbuf *n;
-                               struct uio *auio = uioarray[i];
-
-                               bytes_to_copy = uio_resid(auio);
+               }
+               /*
+                * Nothing left to send
+                */
+               if (num_needed == 0) {
+                       socket_lock(so, 0);
+                       break;
+               }
+               /*
+                * Allocate buffer large enough to include headroom space for
+                * network and link header
+                *
+                */
+               bytes_to_alloc = maxpktlen + headroom;
 
-                               /* Do nothing for empty messages */
-                               if (bytes_to_copy == 0)
-                                       continue;
+               /*
+                * Allocate a single contiguous buffer of the smallest available
+                * size when possible
+                */
+               if (bytes_to_alloc > MCLBYTES &&
+                   bytes_to_alloc <= MBIGCLBYTES && bigcl) {
+                       freelist = m_getpackets_internal(
+                           (unsigned int *)&num_needed,
+                           num_needed, M_WAIT, 1,
+                           MBIGCLBYTES);
+               } else if (bytes_to_alloc > _MHLEN &&
+                   bytes_to_alloc <= MCLBYTES) {
+                       freelist = m_getpackets_internal(
+                           (unsigned int *)&num_needed,
+                           num_needed, M_WAIT, 1,
+                           MCLBYTES);
+               } else {
+                       freelist = m_allocpacket_internal(
+                           (unsigned int *)&num_needed,
+                           bytes_to_alloc, NULL, M_WAIT, 1, 0);
+               }
 
-                               for (n = m; n != NULL; n = n->m_next) {
-                                       mlen = mbuf_maxlen(n);
+               if (freelist == NULL) {
+                       socket_lock(so, 0);
+                       error = ENOMEM;
+                       goto release;
+               }
+               /*
+                * Copy each uio of the set into its own mbuf packet
+                */
+               for (i = uiofirst, m = freelist;
+                   i < uiolast && m != NULL;
+                   i++) {
+                       int bytes_to_copy;
+                       struct mbuf *n;
+                       struct uio *auio = uioarray[i];
 
-                                       len = imin(mlen, bytes_to_copy);
+                       bytes_to_copy = uio_resid(auio);
 
-                                       /* 
-                                        * Note: uiomove() decrements the iovec
-                                        * length
-                                        */
-                                       error = uiomove(mtod(n, caddr_t),
-                                           len, auio);
-                                       if (error != 0)
-                                               break;
-                                       n->m_len = len;
-                                       m->m_pkthdr.len += len;
+                       /* Do nothing for empty messages */
+                       if (bytes_to_copy == 0)
+                               continue;
+                       /*
+                        * Leave headroom for protocol headers
+                        * in the first mbuf of the chain
+                        */
+                       m->m_data += headroom;
+
+                       for (n = m; n != NULL; n = n->m_next) {
+                               if ((m->m_flags & M_EXT))
+                                       mlen = m->m_ext.ext_size -
+                                           m_leadingspace(m);
+                               else if ((m->m_flags & M_PKTHDR))
+                                       mlen =
+                                           MHLEN - m_leadingspace(m);
+                               else
+                                       mlen = MLEN - m_leadingspace(m);
+                               len = imin(mlen, bytes_to_copy);
 
-                                       VERIFY(m->m_pkthdr.len <= maxpktlen);
-                                       
-                                       bytes_to_copy -= len;
-                                       resid -= len;
-                               }
-                               if (m->m_pkthdr.len == 0) {
-                                       printf("%s so %llx pkt %llx len null\n",
-                                           __func__,
-                                           (uint64_t)VM_KERNEL_ADDRPERM(so),
-                                           (uint64_t)VM_KERNEL_ADDRPERM(m));
-                               }
+                               /*
+                                * Note: uiomove() decrements the iovec
+                                * length
+                                */
+                               error = uiomove(mtod(n, caddr_t),
+                                   len, auio);
                                if (error != 0)
                                        break;
-                               m = m->m_nextpkt;
-                       }
+                               n->m_len = len;
+                               m->m_pkthdr.len += len;
 
-                       socket_lock(so, 0);
+                               VERIFY(m->m_pkthdr.len <= maxpktlen);
 
-                       if (error)
-                               goto release;
-                       top = freelist;
-                       freelist = NULL;
+                               bytes_to_copy -= len;
+                               resid -= len;
+                       }
+                       if (m->m_pkthdr.len == 0) {
+                               printf(
+                                   "%s:%d so %llx pkt %llx type %u len null\n",
+                                   __func__, __LINE__,
+                                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                                   (uint64_t)DEBUG_KERNEL_ADDRPERM(m),
+                                   m->m_type);
+                       }
+                       if (error != 0)
+                               break;
+                       m = m->m_nextpkt;
                }
 
+               socket_lock(so, 0);
+
+               if (error)
+                       goto release;
+               top = freelist;
+               freelist = NULL;
+
                if (dontroute)
                        so->so_options |= SO_DONTROUTE;
 
                if ((flags & MSG_SKIPCFIL) == 0) {
                        struct mbuf **prevnextp = NULL;
-                       
+
                        for (i = uiofirst, m = top;
                            i < uiolast && m != NULL;
                            i++) {
@@ -2388,18 +2742,18 @@ sosend_list(struct socket *so, struct sockaddr *addr, struct uio **uioarray,
                                /*
                                 * Socket filter processing
                                 */
-                               error = sflt_data_out(so, addr, &m,
-                                   &control, 0);
+                               error = sflt_data_out(so, NULL, &m,
+                                   NULL, 0);
                                if (error != 0 && error != EJUSTRETURN)
                                        goto release;
-                               
+
 #if CONTENT_FILTER
                                if (error == 0) {
                                        /*
                                         * Content filter processing
                                         */
-                                       error = cfil_sock_data_out(so, addr, m,
-                                          control, 0);
+                                       error = cfil_sock_data_out(so, NULL, m,
+                                           NULL, 0);
                                        if (error != 0 && error != EJUSTRETURN)
                                                goto release;
                                }
@@ -2414,8 +2768,8 @@ sosend_list(struct socket *so, struct sockaddr *addr, struct uio **uioarray,
                                                *prevnextp = nextpkt;
                                        else
                                                top = nextpkt;
-                               }                               
-                               
+                               }
+
                                m = nextpkt;
                                if (m != NULL)
                                        prevnextp = &m->m_nextpkt;
@@ -2423,12 +2777,11 @@ sosend_list(struct socket *so, struct sockaddr *addr, struct uio **uioarray,
                }
                if (top != NULL)
                        error = (*so->so_proto->pr_usrreqs->pru_send_list)
-                           (so, 0, top, addr, control, p);
+                           (so, 0, top, NULL, NULL, p);
 
                if (dontroute)
                        so->so_options &= ~SO_DONTROUTE;
 
-               clen = 0;
                top = NULL;
                uiofirst = uiolast;
        } while (resid > 0 && error == 0);
@@ -2440,8 +2793,6 @@ release:
 out:
        if (top != NULL)
                m_freem(top);
-       if (control != NULL)
-               m_freem(control);
        if (freelist != NULL)
                m_freem_list(freelist);
 
@@ -2451,6 +2802,256 @@ out:
        return (error);
 }
 
+/*
+ * May return ERESTART when packet is dropped by MAC policy check
+ */
+static int
+soreceive_addr(struct proc *p, struct socket *so, struct sockaddr **psa,
+    int flags, struct mbuf **mp, struct mbuf **nextrecordp, int canwait)
+{
+       int error = 0;
+       struct mbuf *m = *mp;
+       struct mbuf *nextrecord = *nextrecordp;
+
+       KASSERT(m->m_type == MT_SONAME, ("receive 1a"));
+#if CONFIG_MACF_SOCKET_SUBSET
+       /*
+        * Call the MAC framework for policy checking if we're in
+        * the user process context and the socket isn't connected.
+        */
+       if (p != kernproc && !(so->so_state & SS_ISCONNECTED)) {
+               struct mbuf *m0 = m;
+               /*
+                * Dequeue this record (temporarily) from the receive
+                * list since we're about to drop the socket's lock
+                * where a new record may arrive and be appended to
+                * the list.  Upon MAC policy failure, the record
+                * will be freed.  Otherwise, we'll add it back to
+                * the head of the list.  We cannot rely on SB_LOCK
+                * because append operation uses the socket's lock.
+                */
+               do {
+                       m->m_nextpkt = NULL;
+                       sbfree(&so->so_rcv, m);
+                       m = m->m_next;
+               } while (m != NULL);
+               m = m0;
+               so->so_rcv.sb_mb = nextrecord;
+               SB_EMPTY_FIXUP(&so->so_rcv);
+               SBLASTRECORDCHK(&so->so_rcv, "soreceive 1a");
+               SBLASTMBUFCHK(&so->so_rcv, "soreceive 1a");
+               socket_unlock(so, 0);
+
+               if (mac_socket_check_received(proc_ucred(p), so,
+                   mtod(m, struct sockaddr *)) != 0) {
+                       /*
+                        * MAC policy failure; free this record and
+                        * process the next record (or block until
+                        * one is available).  We have adjusted sb_cc
+                        * and sb_mbcnt above so there is no need to
+                        * call sbfree() again.
+                        */
+                       m_freem(m);
+                       /*
+                        * Clear SB_LOCK but don't unlock the socket.
+                        * Process the next record or wait for one.
+                        */
+                       socket_lock(so, 0);
+                       sbunlock(&so->so_rcv, TRUE); /* stay locked */
+                       error = ERESTART;
+                       goto done;
+               }
+               socket_lock(so, 0);
+               /*
+                * If the socket has been defunct'd, drop it.
+                */
+               if (so->so_flags & SOF_DEFUNCT) {
+                       m_freem(m);
+                       error = ENOTCONN;
+                       goto done;
+               }
+               /*
+                * Re-adjust the socket receive list and re-enqueue
+                * the record in front of any packets which may have
+                * been appended while we dropped the lock.
+                */
+               for (m = m0; m->m_next != NULL; m = m->m_next)
+                       sballoc(&so->so_rcv, m);
+               sballoc(&so->so_rcv, m);
+               if (so->so_rcv.sb_mb == NULL) {
+                       so->so_rcv.sb_lastrecord = m0;
+                       so->so_rcv.sb_mbtail = m;
+               }
+               m = m0;
+               nextrecord = m->m_nextpkt = so->so_rcv.sb_mb;
+               so->so_rcv.sb_mb = m;
+               SBLASTRECORDCHK(&so->so_rcv, "soreceive 1b");
+               SBLASTMBUFCHK(&so->so_rcv, "soreceive 1b");
+       }
+#endif /* CONFIG_MACF_SOCKET_SUBSET */
+       if (psa != NULL) {
+               *psa = dup_sockaddr(mtod(m, struct sockaddr *), canwait);
+               if ((*psa == NULL) && (flags & MSG_NEEDSA)) {
+                       error = EWOULDBLOCK;
+                       goto done;
+               }
+       }
+       if (flags & MSG_PEEK) {
+               m = m->m_next;
+       } else {
+               sbfree(&so->so_rcv, m);
+               if (m->m_next == NULL && so->so_rcv.sb_cc != 0) {
+                       panic("%s: about to create invalid socketbuf",
+                           __func__);
+                       /* NOTREACHED */
+               }
+               MFREE(m, so->so_rcv.sb_mb);
+               m = so->so_rcv.sb_mb;
+               if (m != NULL) {
+                       m->m_nextpkt = nextrecord;
+               } else {
+                       so->so_rcv.sb_mb = nextrecord;
+                       SB_EMPTY_FIXUP(&so->so_rcv);
+               }
+       }
+done:
+       *mp = m;
+       *nextrecordp = nextrecord;
+
+       return (error);
+}
+
+/*
+ * Process one or more MT_CONTROL mbufs present before any data mbufs
+ * in the first mbuf chain on the socket buffer.  If MSG_PEEK, we
+ * just copy the data; if !MSG_PEEK, we call into the protocol to
+ * perform externalization.
+ */
+static int
+soreceive_ctl(struct socket *so, struct mbuf **controlp, int flags,
+    struct mbuf **mp, struct mbuf **nextrecordp)
+{
+       int error = 0;
+       struct mbuf *cm = NULL, *cmn;
+       struct mbuf **cme = &cm;
+       struct sockbuf *sb_rcv = &so->so_rcv;
+       struct mbuf **msgpcm = NULL;
+       struct mbuf *m = *mp;
+       struct mbuf *nextrecord = *nextrecordp;
+       struct protosw *pr = so->so_proto;
+
+       /*
+        * Externalizing the control messages would require us to
+        * drop the socket's lock below.  Once we re-acquire the
+        * lock, the mbuf chain might change.  In order to preserve
+        * consistency, we unlink all control messages from the
+        * first mbuf chain in one shot and link them separately
+        * onto a different chain.
+        */
+       do {
+               if (flags & MSG_PEEK) {
+                       if (controlp != NULL) {
+                               if (*controlp == NULL) {
+                                       msgpcm = controlp;
+                               }
+                               *controlp = m_copy(m, 0, m->m_len);
+
+                               /*
+                                * If we failed to allocate an mbuf,
+                                * release any previously allocated
+                                * mbufs for control data. Return
+                                * an error. Keep the mbufs in the
+                                * socket as this is using
+                                * MSG_PEEK flag.
+                                */
+                               if (*controlp == NULL) {
+                                       m_freem(*msgpcm);
+                                       error = ENOBUFS;
+                                       goto done;
+                               }
+                               controlp = &(*controlp)->m_next;
+                       }
+                       m = m->m_next;
+               } else {
+                       m->m_nextpkt = NULL;
+                       sbfree(sb_rcv, m);
+                       sb_rcv->sb_mb = m->m_next;
+                       m->m_next = NULL;
+                       *cme = m;
+                       cme = &(*cme)->m_next;
+                       m = sb_rcv->sb_mb;
+               }
+       } while (m != NULL && m->m_type == MT_CONTROL);
+
+       if (!(flags & MSG_PEEK)) {
+               if (sb_rcv->sb_mb != NULL) {
+                       sb_rcv->sb_mb->m_nextpkt = nextrecord;
+               } else {
+                       sb_rcv->sb_mb = nextrecord;
+                       SB_EMPTY_FIXUP(sb_rcv);
+               }
+               if (nextrecord == NULL)
+                       sb_rcv->sb_lastrecord = m;
+       }
+
+       SBLASTRECORDCHK(&so->so_rcv, "soreceive ctl");
+       SBLASTMBUFCHK(&so->so_rcv, "soreceive ctl");
+
+       while (cm != NULL) {
+               int cmsg_type;
+
+               cmn = cm->m_next;
+               cm->m_next = NULL;
+               cmsg_type = mtod(cm, struct cmsghdr *)->cmsg_type;
+
+               /*
+                * Call the protocol to externalize SCM_RIGHTS message
+                * and return the modified message to the caller upon
+                * success.  Otherwise, all other control messages are
+                * returned unmodified to the caller.  Note that we
+                * only get into this loop if MSG_PEEK is not set.
+                */
+               if (pr->pr_domain->dom_externalize != NULL &&
+                   cmsg_type == SCM_RIGHTS) {
+                       /*
+                        * Release socket lock: see 3903171.  This
+                        * would also allow more records to be appended
+                        * to the socket buffer.  We still have SB_LOCK
+                        * set on it, so we can be sure that the head
+                        * of the mbuf chain won't change.
+                        */
+                       socket_unlock(so, 0);
+                       error = (*pr->pr_domain->dom_externalize)(cm);
+                       socket_lock(so, 0);
+               } else {
+                       error = 0;
+               }
+
+               if (controlp != NULL && error == 0) {
+                       *controlp = cm;
+                       controlp = &(*controlp)->m_next;
+               } else {
+                       (void) m_free(cm);
+               }
+               cm = cmn;
+       }
+       /*
+        * Update the value of nextrecord in case we received new
+        * records when the socket was unlocked above for
+        * externalizing SCM_RIGHTS.
+        */
+       if (m != NULL)
+               nextrecord = sb_rcv->sb_mb->m_nextpkt;
+       else
+               nextrecord = sb_rcv->sb_mb;
+
+done:
+       *mp = m;
+       *nextrecordp = nextrecord;
+
+       return (error);
+}
+
 /*
  * Implement receive operations on a socket.
  * We depend on the way that records are added to the sockbuf
@@ -2497,15 +3098,13 @@ soreceive(struct socket *so, struct sockaddr **psa, struct uio *uio,
        int flags, error, offset;
        user_ssize_t len;
        struct protosw *pr = so->so_proto;
-       int moff, type =0;
+       int moff, type = 0;
        user_ssize_t orig_resid = uio_resid(uio);
        user_ssize_t delayed_copy_len;
        int can_delay;
        int need_event;
        struct proc *p = current_proc();
-
-       KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_START, so, uio_resid(uio),
-           so->so_rcv.sb_cc, so->so_rcv.sb_lowat, so->so_rcv.sb_hiwat);
+       boolean_t en_tracing = FALSE;
 
        /*
         * Sanity check on the length passed by caller as we are making 'int'
@@ -2514,6 +3113,10 @@ soreceive(struct socket *so, struct sockaddr **psa, struct uio *uio,
        if (orig_resid < 0 || orig_resid > INT_MAX)
                return (EINVAL);
 
+       KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_START, so,
+           uio_resid(uio), so->so_rcv.sb_cc, so->so_rcv.sb_lowat,
+           so->so_rcv.sb_hiwat);
+
        socket_lock(so, 1);
        so_update_last_owner_locked(so, p);
        so_update_policy(so);
@@ -2543,9 +3146,10 @@ soreceive(struct socket *so, struct sockaddr **psa, struct uio *uio,
                struct sockbuf *sb = &so->so_rcv;
 
                error = ENOTCONN;
-               SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] (%d)\n",
-                   __func__, proc_pid(p), (uint64_t)VM_KERNEL_ADDRPERM(so),
-                   SOCK_DOM(so), SOCK_TYPE(so), error));
+               SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] (%d)\n",
+                   __func__, proc_pid(p), proc_best_name(p),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so), error);
                /*
                 * This socket should have been disconnected and flushed
                 * prior to being returned from sodefunct(); there should
@@ -2557,6 +3161,40 @@ soreceive(struct socket *so, struct sockaddr **psa, struct uio *uio,
                return (error);
        }
 
+       if ((so->so_flags1 & SOF1_PRECONNECT_DATA) &&
+           pr->pr_usrreqs->pru_preconnect) {
+               /*
+                * A user may set the CONNECT_RESUME_ON_READ_WRITE-flag but not
+                * calling write() right after this. *If* the app calls a read
+                * we do not want to block this read indefinetely. Thus,
+                * we trigger a connect so that the session gets initiated.
+                */
+               error = (*pr->pr_usrreqs->pru_preconnect)(so);
+
+               if (error) {
+                       socket_unlock(so, 1);
+                       return (error);
+               }
+       }
+
+       if (ENTR_SHOULDTRACE &&
+           (SOCK_CHECK_DOM(so, AF_INET) || SOCK_CHECK_DOM(so, AF_INET6))) {
+               /*
+                * enable energy tracing for inet sockets that go over
+                * non-loopback interfaces only.
+                */
+               struct inpcb *inp = sotoinpcb(so);
+               if (inp->inp_last_outifp != NULL &&
+                   !(inp->inp_last_outifp->if_flags & IFF_LOOPBACK)) {
+                       en_tracing = TRUE;
+                       KERNEL_ENERGYTRACE(kEnTrActKernSockRead, DBG_FUNC_START,
+                           VM_KERNEL_ADDRPERM(so),
+                           ((so->so_state & SS_NBIO) ?
+                           kEnTrFlagNonBlocking : 0),
+                           (int64_t)orig_resid);
+               }
+       }
+
        /*
         * When SO_WANTOOBFLAG is set we try to get out-of-band data
         * regardless of the flags argument. Here is the case were
@@ -2602,6 +3240,11 @@ bad:
                        }
                }
                socket_unlock(so, 1);
+               if (en_tracing) {
+                       KERNEL_ENERGYTRACE(kEnTrActKernSockRead, DBG_FUNC_END,
+                           VM_KERNEL_ADDRPERM(so), 0,
+                           (int64_t)(orig_resid - uio_resid(uio)));
+               }
                KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,
                    0, 0, 0, 0);
 
@@ -2621,7 +3264,7 @@ restart:
 #ifdef MORE_LOCKING_DEBUG
        if (so->so_usecount <= 1)
                printf("soreceive: sblock so=0x%llx ref=%d on socket\n",
-                   (uint64_t)VM_KERNEL_ADDRPERM(so), so->so_usecount);
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so), so->so_usecount);
 #endif
        /*
         * See if the socket has been closed (SS_NOFDREF|SS_CANTRCVMORE)
@@ -2650,6 +3293,11 @@ restart:
                socket_unlock(so, 1);
                KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,
                    0, 0, 0, 0);
+               if (en_tracing) {
+                       KERNEL_ENERGYTRACE(kEnTrActKernSockRead, DBG_FUNC_END,
+                           VM_KERNEL_ADDRPERM(so), 0,
+                           (int64_t)(orig_resid - uio_resid(uio)));
+               }
                return (error);
        }
 
@@ -2696,8 +3344,8 @@ restart:
                                cfil_sock_data_pending(&so->so_rcv) != 0)
                                CFIL_LOG(LOG_INFO,
                                        "so %llx ignore SS_CANTRCVMORE",
-                                       (uint64_t)VM_KERNEL_ADDRPERM(so));
-                       else 
+                                       (uint64_t)DEBUG_KERNEL_ADDRPERM(so));
+                       else
 #endif /* CONTENT_FILTER */
                        if (m != NULL)
                                goto dontblock;
@@ -2716,6 +3364,7 @@ restart:
                }
                if (uio_resid(uio) == 0)
                        goto release;
+
                if ((so->so_state & SS_NBIO) ||
                    (flags & (MSG_DONTWAIT|MSG_NBIO))) {
                        error = EWOULDBLOCK;
@@ -2743,6 +3392,11 @@ restart:
                        socket_unlock(so, 1);
                        KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, error,
                            0, 0, 0, 0);
+                       if (en_tracing) {
+                               KERNEL_ENERGYTRACE(kEnTrActKernSockRead, DBG_FUNC_END,
+                                   VM_KERNEL_ADDRPERM(so), 0,
+                                   (int64_t)(orig_resid - uio_resid(uio)));
+                       }
                        return (error);
                }
                goto restart;
@@ -2752,111 +3406,15 @@ dontblock:
        SBLASTRECORDCHK(&so->so_rcv, "soreceive 1");
        SBLASTMBUFCHK(&so->so_rcv, "soreceive 1");
        nextrecord = m->m_nextpkt;
-       if ((pr->pr_flags & PR_ADDR) && m->m_type == MT_SONAME) {
-               KASSERT(m->m_type == MT_SONAME, ("receive 1a"));
-#if CONFIG_MACF_SOCKET_SUBSET
-               /*
-                * Call the MAC framework for policy checking if we're in
-                * the user process context and the socket isn't connected.
-                */
-               if (p != kernproc && !(so->so_state & SS_ISCONNECTED)) {
-                       struct mbuf *m0 = m;
-                       /*
-                        * Dequeue this record (temporarily) from the receive
-                        * list since we're about to drop the socket's lock
-                        * where a new record may arrive and be appended to
-                        * the list.  Upon MAC policy failure, the record
-                        * will be freed.  Otherwise, we'll add it back to
-                        * the head of the list.  We cannot rely on SB_LOCK
-                        * because append operation uses the socket's lock.
-                        */
-                       do {
-                               m->m_nextpkt = NULL;
-                               sbfree(&so->so_rcv, m);
-                               m = m->m_next;
-                       } while (m != NULL);
-                       m = m0;
-                       so->so_rcv.sb_mb = nextrecord;
-                       SB_EMPTY_FIXUP(&so->so_rcv);
-                       SBLASTRECORDCHK(&so->so_rcv, "soreceive 1a");
-                       SBLASTMBUFCHK(&so->so_rcv, "soreceive 1a");
-                       socket_unlock(so, 0);
 
-                       if (mac_socket_check_received(proc_ucred(p), so,
-                           mtod(m, struct sockaddr *)) != 0) {
-                               /*
-                                * MAC policy failure; free this record and
-                                * process the next record (or block until
-                                * one is available).  We have adjusted sb_cc
-                                * and sb_mbcnt above so there is no need to
-                                * call sbfree() again.
-                                */
-                               do {
-                                       m = m_free(m);
-                               } while (m != NULL);
-                               /*
-                                * Clear SB_LOCK but don't unlock the socket.
-                                * Process the next record or wait for one.
-                                */
-                               socket_lock(so, 0);
-                               sbunlock(&so->so_rcv, TRUE); /* stay locked */
-                               goto restart;
-                       }
-                       socket_lock(so, 0);
-                       /*
-                        * If the socket has been defunct'd, drop it.
-                        */
-                       if (so->so_flags & SOF_DEFUNCT) {
-                               m_freem(m);
-                               error = ENOTCONN;
-                               goto release;
-                       }
-                       /*
-                        * Re-adjust the socket receive list and re-enqueue
-                        * the record in front of any packets which may have
-                        * been appended while we dropped the lock.
-                        */
-                       for (m = m0; m->m_next != NULL; m = m->m_next)
-                               sballoc(&so->so_rcv, m);
-                       sballoc(&so->so_rcv, m);
-                       if (so->so_rcv.sb_mb == NULL) {
-                               so->so_rcv.sb_lastrecord = m0;
-                               so->so_rcv.sb_mbtail = m;
-                       }
-                       m = m0;
-                       nextrecord = m->m_nextpkt = so->so_rcv.sb_mb;
-                       so->so_rcv.sb_mb = m;
-                       SBLASTRECORDCHK(&so->so_rcv, "soreceive 1b");
-                       SBLASTMBUFCHK(&so->so_rcv, "soreceive 1b");
-               }
-#endif /* CONFIG_MACF_SOCKET_SUBSET */
+       if ((pr->pr_flags & PR_ADDR) && m->m_type == MT_SONAME) {
+               error = soreceive_addr(p, so, psa, flags, &m, &nextrecord,
+                   mp0 == NULL);
+               if (error == ERESTART)
+                       goto restart;
+               else if (error != 0)
+                       goto release;
                orig_resid = 0;
-               if (psa != NULL) {
-                       *psa = dup_sockaddr(mtod(m, struct sockaddr *),
-                           mp0 == NULL);
-                       if ((*psa == NULL) && (flags & MSG_NEEDSA)) {
-                               error = EWOULDBLOCK;
-                               goto release;
-                       }
-               }
-               if (flags & MSG_PEEK) {
-                       m = m->m_next;
-               } else {
-                       sbfree(&so->so_rcv, m);
-                       if (m->m_next == NULL && so->so_rcv.sb_cc != 0) {
-                               panic("%s: about to create invalid socketbuf",
-                                   __func__);
-                               /* NOTREACHED */
-                       }
-                       MFREE(m, so->so_rcv.sb_mb);
-                       m = so->so_rcv.sb_mb;
-                       if (m != NULL) {
-                               m->m_nextpkt = nextrecord;
-                       } else {
-                               so->so_rcv.sb_mb = nextrecord;
-                               SB_EMPTY_FIXUP(&so->so_rcv);
-                       }
-               }
        }
 
        /*
@@ -2866,118 +3424,11 @@ dontblock:
         * perform externalization.
         */
        if (m != NULL && m->m_type == MT_CONTROL) {
-               struct mbuf *cm = NULL, *cmn;
-               struct mbuf **cme = &cm;
-               struct sockbuf *sb_rcv = &so->so_rcv;
-               struct mbuf **msgpcm = NULL;
-
-               /*
-                * Externalizing the control messages would require us to
-                * drop the socket's lock below.  Once we re-acquire the
-                * lock, the mbuf chain might change.  In order to preserve
-                * consistency, we unlink all control messages from the
-                * first mbuf chain in one shot and link them separately
-                * onto a different chain.
-                */
-               do {
-                       if (flags & MSG_PEEK) {
-                               if (controlp != NULL) {
-                                       if (*controlp == NULL) {
-                                               msgpcm = controlp;
-                                       }
-                                       *controlp = m_copy(m, 0, m->m_len);
-
-                                       /*
-                                        * If we failed to allocate an mbuf,
-                                        * release any previously allocated
-                                        * mbufs for control data. Return
-                                        * an error. Keep the mbufs in the
-                                        * socket as this is using
-                                        * MSG_PEEK flag.
-                                        */
-                                       if (*controlp == NULL) {
-                                               m_freem(*msgpcm);
-                                               error = ENOBUFS;
-                                               goto release;
-                                       }
-                                       controlp = &(*controlp)->m_next;
-                               }
-                               m = m->m_next;
-                       } else {
-                               m->m_nextpkt = NULL;
-                               sbfree(sb_rcv, m);
-                               sb_rcv->sb_mb = m->m_next;
-                               m->m_next = NULL;
-                               *cme = m;
-                               cme = &(*cme)->m_next;
-                               m = sb_rcv->sb_mb;
-                       }
-               } while (m != NULL && m->m_type == MT_CONTROL);
-
-               if (!(flags & MSG_PEEK)) {
-                       if (sb_rcv->sb_mb != NULL) {
-                               sb_rcv->sb_mb->m_nextpkt = nextrecord;
-                       } else {
-                               sb_rcv->sb_mb = nextrecord;
-                               SB_EMPTY_FIXUP(sb_rcv);
-                       }
-                       if (nextrecord == NULL)
-                               sb_rcv->sb_lastrecord = m;
-               }
-
-               SBLASTRECORDCHK(&so->so_rcv, "soreceive ctl");
-               SBLASTMBUFCHK(&so->so_rcv, "soreceive ctl");
-
-               while (cm != NULL) {
-                       int cmsg_type;
-
-                       cmn = cm->m_next;
-                       cm->m_next = NULL;
-                       cmsg_type = mtod(cm, struct cmsghdr *)->cmsg_type;
-
-                       /*
-                        * Call the protocol to externalize SCM_RIGHTS message
-                        * and return the modified message to the caller upon
-                        * success.  Otherwise, all other control messages are
-                        * returned unmodified to the caller.  Note that we
-                        * only get into this loop if MSG_PEEK is not set.
-                        */
-                       if (pr->pr_domain->dom_externalize != NULL &&
-                           cmsg_type == SCM_RIGHTS) {
-                               /*
-                                * Release socket lock: see 3903171.  This
-                                * would also allow more records to be appended
-                                * to the socket buffer.  We still have SB_LOCK
-                                * set on it, so we can be sure that the head
-                                * of the mbuf chain won't change.
-                                */
-                               socket_unlock(so, 0);
-                               error = (*pr->pr_domain->dom_externalize)(cm);
-                               socket_lock(so, 0);
-                       } else {
-                               error = 0;
-                       }
-
-                       if (controlp != NULL && error == 0) {
-                               *controlp = cm;
-                               controlp = &(*controlp)->m_next;
-                               orig_resid = 0;
-                       } else {
-                               (void) m_free(cm);
-                       }
-                       cm = cmn;
-               }
-               /*
-                * Update the value of nextrecord in case we received new
-                * records when the socket was unlocked above for
-                * externalizing SCM_RIGHTS.
-                */
-               if (m != NULL)
-                       nextrecord = sb_rcv->sb_mb->m_nextpkt;
-               else
-                       nextrecord = sb_rcv->sb_mb;
-               orig_resid = 0;
-       }
+               error = soreceive_ctl(so, controlp, flags, &m, &nextrecord);
+               if (error != 0)
+                       goto release;
+               orig_resid = 0;
+       }
 
        /*
         * If the socket is a TCP socket with message delivery
@@ -3390,6 +3841,12 @@ release:
 
        sbunlock(&so->so_rcv, FALSE);   /* will unlock socket */
 
+       if (en_tracing) {
+               KERNEL_ENERGYTRACE(kEnTrActKernSockRead, DBG_FUNC_END,
+                   VM_KERNEL_ADDRPERM(so),
+                   ((error == EWOULDBLOCK) ? kEnTrFlagNoWork : 0),
+                   (int64_t)(orig_resid - uio_resid(uio)));
+       }
        KERNEL_DEBUG(DBG_FNC_SORECEIVE | DBG_FUNC_END, so, uio_resid(uio),
            so->so_rcv.sb_cc, 0, error);
 
@@ -3425,54 +3882,59 @@ sodelayed_copy(struct socket *so, struct uio *uio, struct mbuf **free_list,
        return (error);
 }
 
+static int
+sodelayed_copy_list(struct socket *so, struct recv_msg_elem *msgarray,
+    u_int uiocnt, struct mbuf **free_list, user_ssize_t *resid)
+{
+#pragma unused(so)
+       int error = 0;
+       struct mbuf *ml, *m;
+       int i = 0;
+       struct uio *auio;
+
+       for (ml = *free_list, i = 0; ml != NULL && i < uiocnt;
+           ml = ml->m_nextpkt, i++) {
+               auio = msgarray[i].uio;
+               for (m = ml; m != NULL; m = m->m_next) {
+                       error = uiomove(mtod(m, caddr_t), m->m_len, auio);
+                       if (error != 0)
+                               goto out;
+               }
+       }
+out:
+       m_freem_list(*free_list);
+
+       *free_list = NULL;
+       *resid = 0;
+
+       return (error);
+}
+
 int
-soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
-       u_int uiocnt, struct mbuf **mp0, struct mbuf **controlp, int *flagsp)
+soreceive_list(struct socket *so, struct recv_msg_elem *msgarray, u_int uiocnt,
+    int *flagsp)
 {
-       struct mbuf *m, **mp;
+       struct mbuf *m;
        struct mbuf *nextrecord;
-       struct mbuf *ml = NULL, *free_list = NULL;
-       int flags, error, offset;
-       user_ssize_t len;
+       struct mbuf *ml = NULL, *free_list = NULL, *free_tail = NULL;
+       int error;
+       user_ssize_t len, pktlen, delayed_copy_len = 0;
        struct protosw *pr = so->so_proto;
-       user_ssize_t orig_resid, resid;
+       user_ssize_t resid;
        struct proc *p = current_proc();
        struct uio *auio = NULL;
-       int i = 0;
+       int npkts = 0;
        int sblocked = 0;
+       struct sockaddr **psa = NULL;
+       struct mbuf **controlp = NULL;
+       int can_delay;
+       int flags;
+       struct mbuf *free_others = NULL;
 
        KERNEL_DEBUG(DBG_FNC_SORECEIVE_LIST | DBG_FUNC_START,
            so, uiocnt,
            so->so_rcv.sb_cc, so->so_rcv.sb_lowat, so->so_rcv.sb_hiwat);
 
-       mp = mp0;
-       if (psa != NULL)
-               *psa = NULL;
-       if (controlp != NULL)
-               *controlp = NULL;
-       if (flagsp != NULL)
-               flags = *flagsp &~ MSG_EOR;
-       else
-               flags = 0;
-       /*
-        * Disallow functionality not currently supported
-        */
-       if (mp0 != NULL) {
-               printf("%s mp0 not supported\n", __func__);
-               error = EOPNOTSUPP;
-               goto out;
-       }
-       if (psa != NULL) {
-               printf("%s sockaddr not supported\n", __func__);
-               error = EOPNOTSUPP;
-               goto out;
-       }
-       if (controlp != NULL) {
-               printf("%s control not supported\n", __func__);
-               error = EOPNOTSUPP;
-               goto out;
-       }
-
        /*
         * Sanity checks:
         * - Only supports don't wait flags
@@ -3481,9 +3943,14 @@ soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
         * - Protocol must support packet chains
         * - The uio array is NULL (should we panic?)
         */
-       if (flags & ~(MSG_DONTWAIT | MSG_NBIO)) {
-               printf("%s flags not supported\n", __func__);
-               error = EOPNOTSUPP;
+       if (flagsp != NULL)
+               flags = *flagsp;
+       else
+               flags = 0;
+       if (flags & ~(MSG_PEEK | MSG_WAITALL | MSG_DONTWAIT | MSG_NEEDSA |
+           MSG_NBIO)) {
+               printf("%s invalid flags 0x%x\n", __func__, flags);
+               error = EINVAL;
                goto out;
        }
        if (so->so_type != SOCK_DGRAM) {
@@ -3498,7 +3965,7 @@ soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
                error = EPROTONOSUPPORT;
                goto out;
        }
-       if (uioarray == NULL) {
+       if (msgarray == NULL) {
                printf("%s uioarray is NULL\n", __func__);
                error = EINVAL;
                goto out;
@@ -3512,12 +3979,17 @@ soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
         * Sanity check on the length passed by caller as we are making 'int'
         * comparisons
         */
-       resid = orig_resid = uio_array_resid(uioarray, uiocnt);
-       if (orig_resid < 0 || orig_resid > INT_MAX) {
+       resid = recv_msg_array_resid(msgarray, uiocnt);
+       if (resid < 0 || resid > INT_MAX) {
                error = EINVAL;
                goto out;
        }
 
+       if (!(flags & MSG_PEEK) && sorecvmincopy > 0)
+               can_delay = 1;
+       else
+               can_delay = 0;
+
        socket_lock(so, 1);
        so_update_last_owner_locked(so, p);
        so_update_policy(so);
@@ -3525,7 +3997,7 @@ soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
 #if NECP
        so_update_necp_policy(so, NULL, NULL);
 #endif /* NECP */
-       
+
        /*
         * If a recv attempt is made on a previously-accepted socket
         * that has been marked as inactive (disconnected), reject
@@ -3535,9 +4007,10 @@ soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
                struct sockbuf *sb = &so->so_rcv;
 
                error = ENOTCONN;
-               SODEFUNCTLOG(("%s[%d]: defunct so 0x%llx [%d,%d] (%d)\n",
-                   __func__, proc_pid(p), (uint64_t)VM_KERNEL_ADDRPERM(so),
-                   SOCK_DOM(so), SOCK_TYPE(so), error));
+               SODEFUNCTLOG("%s[%d, %s]: defunct so 0x%llx [%d,%d] (%d)\n",
+                   __func__, proc_pid(p), proc_best_name(p),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so), error);
                /*
                 * This socket should have been disconnected and flushed
                 * prior to being returned from sodefunct(); there should
@@ -3547,8 +4020,15 @@ soreceive_list(struct socket *so, struct sockaddr **psa, struct uio **uioarray,
                        sb_empty_assert(sb, __func__);
                goto release;
        }
-       if (mp != NULL)
-               *mp = NULL;
+
+next:
+       /*
+        * The uio may be empty
+        */
+       if (npkts >= uiocnt) {
+               error = 0;
+               goto release;
+       }
 restart:
        /*
         * See if the socket has been closed (SS_NOFDREF|SS_CANTRCVMORE)
@@ -3574,23 +4054,13 @@ restart:
        }
        sblocked = 1;
 
-       /*
-        * Skip empty uio
-        */
-       auio = uioarray[i];
-       while (uio_resid(auio) == 0) {
-               i++;
-               if (i >= uiocnt) {
-                       error = 0;
-                       goto release;
-               }
-       }
-
        m = so->so_rcv.sb_mb;
        /*
         * Block awaiting more datagram if needed
         */
-       if (m == NULL) {
+       if (m == NULL || (((flags & MSG_DONTWAIT) == 0 &&
+           (so->so_rcv.sb_cc < so->so_rcv.sb_lowat ||
+           ((flags & MSG_WAITALL) && npkts < uiocnt))))) {
                /*
                 * Panic if we notice inconsistencies in the socket's
                 * receive list; both sb_mb and sb_cc should correctly
@@ -3602,6 +4072,8 @@ restart:
 
                if (so->so_error) {
                        error = so->so_error;
+                       if ((flags & MSG_PEEK) == 0)
+                               so->so_error = 0;
                        goto release;
                }
                if (so->so_state & SS_CANTRCVMORE) {
@@ -3619,14 +4091,12 @@ restart:
                }
                /*
                 * Do not block if we got some data
-                * Note: We could use MSG_WAITALL to wait
                 */
-               resid = uio_array_resid(uioarray, uiocnt);
-               if (resid != orig_resid) {
+               if (free_list != NULL) {
                        error = 0;
                        goto release;
                }
-               
+
                SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 1");
                SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 1");
 
@@ -3640,13 +4110,6 @@ restart:
                goto restart;
        }
 
-       if (m->m_pkthdr.len == 0) {
-               printf("%s so %llx pkt %llx len is null\n",
-                       __func__,
-                       (uint64_t)VM_KERNEL_ADDRPERM(so),
-                       (uint64_t)VM_KERNEL_ADDRPERM(m));
-               goto restart;
-       }
        OSIncrementAtomicLong(&p->p_stats->p_ru.ru_msgrcv);
        SBLASTRECORDCHK(&so->so_rcv, "soreceive 1");
        SBLASTMBUFCHK(&so->so_rcv, "soreceive 1");
@@ -3654,97 +4117,106 @@ restart:
        /*
         * Consume the current uio index as we have a datagram
         */
-       i += 1;
+       auio = msgarray[npkts].uio;
+       resid = uio_resid(auio);
+       msgarray[npkts].which |= SOCK_MSG_DATA;
+       psa = (msgarray[npkts].which & SOCK_MSG_SA) ?
+           &msgarray[npkts].psa : NULL;
+       controlp = (msgarray[npkts].which & SOCK_MSG_CONTROL) ?
+           &msgarray[npkts].controlp : NULL;
+       npkts += 1;
        nextrecord = m->m_nextpkt;
 
-#if SO_RECEIVE_LIST_SOCKADDR_NOT_YET
        if ((pr->pr_flags & PR_ADDR) && m->m_type == MT_SONAME) {
-               /*
-                * to be adapted from soreceive()
-                */
+               error = soreceive_addr(p, so, psa, flags, &m, &nextrecord, 1);
+               if (error == ERESTART)
+                       goto restart;
+               else if (error != 0)
+                       goto release;
        }
-#endif /* SO_RECEIVE_LIST_SOCKADDR_NOT_YET */
 
-#if SO_RECEIVE_LIST_CONTROL_NOT_YET
-       /*
-        * Process one or more MT_CONTROL mbufs present before any data mbufs
-        * in the first mbuf chain on the socket buffer.  If MSG_PEEK, we
-        * just copy the data; if !MSG_PEEK, we call into the protocol to
-        * perform externalization.
-        */
        if (m != NULL && m->m_type == MT_CONTROL) {
-               /*
-                * to be adapted from soreceive()
-                */
+               error = soreceive_ctl(so, controlp, flags, &m, &nextrecord);
+               if (error != 0)
+                       goto release;
        }
-#endif /* SO_RECEIVE_LIST_CONTROL_NOT_YET */
 
-       offset = 0;
+       if (m->m_pkthdr.len == 0) {
+               printf("%s:%d so %llx pkt %llx type %u pktlen null\n",
+                   __func__, __LINE__,
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(m),
+                   m->m_type);
+       }
 
        /*
-        * Loop to copy out the mbufs of the current record
+        * Loop to copy the mbufs of the current record
+        * Support zero length packets
         */
-       while (m != NULL && uio_resid(auio) > 0 && error == 0) {
-               len = uio_resid(auio);
-
+       ml = NULL;
+       pktlen = 0;
+       while (m != NULL && (len = resid - pktlen) >= 0 && error == 0) {
                if (m->m_len == 0)
-                       printf("%s: so %llx m %llx m_len is 0\n",
-                               __func__,
-                               (uint64_t)VM_KERNEL_ADDRPERM(so),
-                               (uint64_t)VM_KERNEL_ADDRPERM(m));
-
+                       panic("%p m_len zero", m);
+               if (m->m_type == 0)
+                       panic("%p m_type zero", m);
                /*
                 * Clip to the residual length
                 */
                if (len > m->m_len)
                        len = m->m_len;
+               pktlen += len;
                /*
-                * If mp is set, just pass back the mbufs.
-                * Otherwise copy them out via the uio, then free.
+                * Copy the mbufs via the uio or delay the copy
                 * Sockbuf must be consistent here (points to current mbuf,
                 * it points to next record) when we drop priority;
                 * we must note any additions to the sockbuf when we
                 * block interrupts again.
                 */
-               if (mp != NULL) {
-                       uio_setresid(auio, (uio_resid(auio) - len));
-               } else {
-                       SBLASTRECORDCHK(&so->so_rcv, "soreceive uiomove");
-                       SBLASTMBUFCHK(&so->so_rcv, "soreceive uiomove");
-
+               if (len > 0 && can_delay == 0) {
                        socket_unlock(so, 0);
                        error = uiomove(mtod(m, caddr_t), (int)len, auio);
                        socket_lock(so, 0);
-
                        if (error)
                                goto release;
+               } else {
+                       delayed_copy_len += len;
                }
+
                if (len == m->m_len) {
                        /*
-                        * m was entirely copied  
+                        * m was entirely copied
                         */
-                       nextrecord = m->m_nextpkt;
                        sbfree(&so->so_rcv, m);
+                       nextrecord = m->m_nextpkt;
                        m->m_nextpkt = NULL;
 
                        /*
-                        * Move to m_next 
+                        * Set the first packet to the head of the free list
                         */
-                       if (mp != NULL) {
-                               *mp = m;
-                               mp = &m->m_next;
-                               so->so_rcv.sb_mb = m = m->m_next;
-                               *mp = NULL;
-                       } else {
-                               if (free_list == NULL)
-                                       free_list = m;
-                               else
-                                       ml->m_next = m;
-                               ml = m;
-                               so->so_rcv.sb_mb = m = m->m_next;
-                               ml->m_next = NULL;
-                               ml->m_nextpkt = NULL;
+                       if (free_list == NULL)
+                               free_list = m;
+                       /*
+                        * Link current packet to tail of free list
+                        */
+                       if (ml == NULL) {
+                               if (free_tail != NULL)
+                                       free_tail->m_nextpkt = m;
+                               free_tail = m;
                        }
+                       /*
+                        * Link current mbuf to last mbuf of current packet
+                        */
+                       if (ml != NULL)
+                               ml->m_next = m;
+                       ml = m;
+
+                       /*
+                        * Move next buf to head of socket buffer
+                        */
+                       so->so_rcv.sb_mb = m = ml->m_next;
+                       ml->m_next = NULL;
+
                        if (m != NULL) {
                                m->m_nextpkt = nextrecord;
                                if (nextrecord == NULL)
@@ -3759,27 +4231,6 @@ restart:
                        /*
                         * Stop the loop on partial copy
                         */
-                       if (mp != NULL) {
-                               int copy_flag;
-
-                               if (flags & MSG_DONTWAIT)
-                                       copy_flag = M_DONTWAIT;
-                               else
-                                       copy_flag = M_WAIT;
-                               *mp = m_copym(m, 0, len, copy_flag);
-                               /*
-                                * Failed to allocate an mbuf?
-                                * Adjust uio_resid back, it was
-                                * adjusted down by len bytes which
-                                * we didn't copy over.
-                                */
-                               if (*mp == NULL) {
-                                       uio_setresid(auio,
-                                           (uio_resid(auio) + len));
-                                       error = ENOMEM;
-                                       break;
-                               }
-                       }
                        break;
                }
        }
@@ -3787,7 +4238,7 @@ restart:
        if (so->so_usecount <= 1) {
                panic("%s: after big while so=%llx ref=%d on socket\n",
                    __func__,
-                   (uint64_t)VM_KERNEL_ADDRPERM(so), so->so_usecount);
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so), so->so_usecount);
                /* NOTREACHED */
        }
 #endif
@@ -3796,6 +4247,22 @@ restart:
         */
        if (m != NULL) {
                if (so->so_options & SO_DONTTRUNC) {
+                       /*
+                        * Copyout first the freelist then the partial mbuf
+                        */
+                       socket_unlock(so, 0);
+                       if (delayed_copy_len)
+                               error = sodelayed_copy_list(so, msgarray,
+                                   uiocnt, &free_list, &delayed_copy_len);
+
+                       if (error == 0) {
+                               error = uiomove(mtod(m, caddr_t), (int)len,
+                                   auio);
+                       }
+                       socket_lock(so, 0);
+                       if (error)
+                               goto release;
+
                        m->m_data += len;
                        m->m_len -= len;
                        so->so_rcv.sb_cc -= len;
@@ -3832,21 +4299,24 @@ restart:
         * - There was no error
         * - A packet was not truncated
         * - We can still receive more data
-        */             
-       if (i < uiocnt && error == 0 &&
-           (flags & (MSG_RCVMORE | MSG_TRUNC)) == 0 
-           && (so->so_state & SS_CANTRCVMORE) == 0) {
+        */
+       if (npkts < uiocnt && error == 0 &&
+           (flags & (MSG_RCVMORE | MSG_TRUNC)) == 0 &&
+           (so->so_state & SS_CANTRCVMORE) == 0) {
                sbunlock(&so->so_rcv, TRUE);    /* keep socket locked */
                sblocked = 0;
 
-               goto restart;
+               goto next;
        }
+       if (flagsp != NULL)
+               *flagsp |= flags;
 
 release:
        /*
         * pru_rcvd may cause more data to be received if the socket lock
         * is dropped so we set MSG_HAVEMORE now based on what we know.
-        * That way the caller won't be surprised if it receives less data than requested.
+        * That way the caller won't be surprised if it receives less data
+        * than requested.
         */
        if ((so->so_options & SO_WANTMORE) && so->so_rcv.sb_cc > 0)
                flags |= MSG_HAVEMORE;
@@ -3854,18 +4324,22 @@ release:
        if (pr->pr_flags & PR_WANTRCVD && so->so_pcb)
                (*pr->pr_usrreqs->pru_rcvd)(so, flags);
 
-       if (flagsp != NULL)
-               *flagsp |= flags;
        if (sblocked)
                sbunlock(&so->so_rcv, FALSE);   /* will unlock socket */
        else
                socket_unlock(so, 1);
+
+       if (delayed_copy_len)
+               error = sodelayed_copy_list(so, msgarray, uiocnt,
+                   &free_list, &delayed_copy_len);
 out:
        /*
-        * Amortize the cost 
+        * Amortize the cost of freeing the mbufs
         */
        if (free_list != NULL)
                m_freem_list(free_list);
+       if (free_others != NULL)
+               m_freem_list(free_others);
 
        KERNEL_DEBUG(DBG_FNC_SORECEIVE_LIST | DBG_FUNC_END, error,
            0, 0, 0, 0);
@@ -3971,7 +4445,7 @@ soshutdownlock(struct socket *so, int how)
                }
        }
 #endif /* CONTENT_FILTER */
-       
+
        error = soshutdownlock_final(so, how);
 
 done:
@@ -3982,20 +4456,6 @@ void
 sowflush(struct socket *so)
 {
        struct sockbuf *sb = &so->so_snd;
-#ifdef notyet
-       lck_mtx_t *mutex_held;
-       /*
-        * XXX: This code is currently commented out, because we may get here
-        * as part of sofreelastref(), and at that time, pr_getlock() may no
-        * longer be able to return us the lock; this will be fixed in future.
-        */
-       if (so->so_proto->pr_getlock != NULL)
-               mutex_held = (*so->so_proto->pr_getlock)(so, 0);
-       else
-               mutex_held = so->so_proto->pr_domain->dom_mtx;
-
-       lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
-#endif /* notyet */
 
        /*
         * Obtain lock on the socket buffer (SB_LOCK).  This is required
@@ -4036,7 +4496,7 @@ sorflush(struct socket *so)
        else
                mutex_held = so->so_proto->pr_domain->dom_mtx;
 
-       lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
 #endif /* notyet */
 
        sflt_notify(so, sock_evt_flush_read, NULL);
@@ -4215,6 +4675,33 @@ sooptcopyin_timeval(struct sockopt *sopt, struct timeval *tv_p)
        return (0);
 }
 
+int
+soopt_cred_check(struct socket *so, int priv, boolean_t allow_root)
+{
+       kauth_cred_t cred =  NULL;
+       proc_t ep = PROC_NULL;
+       uid_t uid;
+       int error = 0;
+
+       if (so->so_flags & SOF_DELEGATED) {
+               ep = proc_find(so->e_pid);
+               if (ep)
+                       cred = kauth_cred_proc_ref(ep);
+       }
+
+       uid = kauth_cred_getuid(cred ? cred : so->so_cred);
+
+       /* uid is 0 for root */
+       if (uid != 0 || !allow_root)
+               error = priv_check_cred(cred ? cred : so->so_cred, priv, 0);
+       if (cred)
+               kauth_cred_unref(&cred);
+       if (ep != PROC_NULL)
+               proc_rele(ep);
+
+       return (error);
+}
+
 /*
  * Returns:    0                       Success
  *             EINVAL
@@ -4315,6 +4802,7 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                case SO_WANTMORE:
                case SO_WANTOOBFLAG:
                case SO_NOWAKEFROMSLEEP:
+               case SO_NOAPNFALLBK:
                        error = sooptcopyin(sopt, &optval, sizeof (optval),
                            sizeof (optval));
                        if (error != 0)
@@ -4369,7 +4857,8 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                                if (so->so_snd.sb_flags & SB_UNIX) {
                                        struct unpcb *unp =
                                            (struct unpcb *)(so->so_pcb);
-                                       if (unp != NULL && unp->unp_conn != NULL) {
+                                       if (unp != NULL &&
+                                           unp->unp_conn != NULL) {
                                                hiwat += unp->unp_conn->unp_cc;
                                        }
                                }
@@ -4382,13 +4871,13 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                                        sowwakeup(so);
                                }
                                break;
-                       }
+                       }
                        case SO_RCVLOWAT: {
                                int64_t data_len;
                                so->so_rcv.sb_lowat =
                                    (optval > so->so_rcv.sb_hiwat) ?
                                    so->so_rcv.sb_hiwat : optval;
-                               data_len = so->so_rcv.sb_cc 
+                               data_len = so->so_rcv.sb_cc
                                    - so->so_rcv.sb_ctl;
                                if (data_len >= so->so_rcv.sb_lowat)
                                    sorwakeup(so);
@@ -4493,27 +4982,33 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                        if (error != 0)
                                goto out;
                        if (optval != 0) {
-                               kauth_cred_t cred =  NULL;
-                               proc_t ep = PROC_NULL;
-
-                               if (so->so_flags & SOF_DELEGATED) {
-                                       ep = proc_find(so->e_pid);
-                                       if (ep)
-                                               cred = kauth_cred_proc_ref(ep);
-                               }
-                               error = priv_check_cred(
-                                   cred ? cred : so->so_cred,
-                                   PRIV_NET_RESTRICTED_AWDL, 0);
+                               error = soopt_cred_check(so,
+                                   PRIV_NET_RESTRICTED_AWDL, false);
                                if (error == 0)
                                        inp_set_awdl_unrestricted(
                                            sotoinpcb(so));
-                               if (cred)
-                                       kauth_cred_unref(&cred);
-                               if (ep != PROC_NULL)
-                                       proc_rele(ep);
                        } else
                                inp_clear_awdl_unrestricted(sotoinpcb(so));
                        break;
+               case SO_INTCOPROC_ALLOW:
+                       if (SOCK_DOM(so) != PF_INET6) {
+                               error = EOPNOTSUPP;
+                               goto out;
+                       }
+                       error = sooptcopyin(sopt, &optval, sizeof(optval),
+                           sizeof(optval));
+                       if (error != 0)
+                               goto out;
+                       if (optval != 0 &&
+                                       inp_get_intcoproc_allowed(sotoinpcb(so)) == FALSE) {
+                               error = soopt_cred_check(so,
+                                   PRIV_NET_RESTRICTED_INTCOPROC, false);
+                               if (error == 0)
+                                       inp_set_intcoproc_allowed(
+                                           sotoinpcb(so));
+                       } else if (optval == 0)
+                               inp_clear_intcoproc_allowed(sotoinpcb(so));
+                       break;
 
                case SO_LABEL:
 #if CONFIG_MACF_SOCKET
@@ -4578,9 +5073,16 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                            sizeof (optval));
                        if (error != 0)
                                goto out;
+                       if (optval >= SO_TC_NET_SERVICE_OFFSET) {
+                               int netsvc = optval - SO_TC_NET_SERVICE_OFFSET;
+                               error = so_set_net_service_type(so, netsvc);
+                               goto out;
+                       }
                        error = so_set_traffic_class(so, optval);
                        if (error != 0)
                                goto out;
+                       so->so_flags1 &= ~SOF1_TC_NET_SERV_TYPE;
+                       so->so_netsvctype = _NET_SERVICE_TYPE_UNSPEC;
                        break;
                }
 
@@ -4596,6 +5098,7 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                        break;
                }
 
+#if (DEVELOPMENT || DEBUG)
                case SO_TRAFFIC_CLASS_DBG: {
                        struct so_tcdbg so_tcdbg;
 
@@ -4608,6 +5111,7 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                                goto out;
                        break;
                }
+#endif /* (DEVELOPMENT || DEBUG) */
 
                case SO_PRIVILEGED_TRAFFIC_CLASS:
                        error = priv_check_cred(kauth_cred_get(),
@@ -4653,10 +5157,12 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                                char d[MAX_IPv6_STR_LEN];
                                struct inpcb *inp = sotoinpcb(so);
 
-                               SODEFUNCTLOG(("%s[%d]: so 0x%llx [%s %s:%d -> "
-                                   "%s:%d] is now marked as %seligible for "
+                               SODEFUNCTLOG("%s[%d, %s]: so 0x%llx "
+                                   "[%s %s:%d -> %s:%d] is now marked "
+                                   "as %seligible for "
                                    "defunct\n", __func__, proc_selfpid(),
-                                   (uint64_t)VM_KERNEL_ADDRPERM(so),
+                                   proc_best_name(current_proc()),
+                                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
                                    (SOCK_TYPE(so) == SOCK_STREAM) ?
                                    "TCP" : "UDP", inet_ntop(SOCK_DOM(so),
                                    ((SOCK_DOM(so) == PF_INET) ?
@@ -4669,15 +5175,17 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                                    (void *)&inp->in6p_faddr, d, sizeof (d)),
                                    ntohs(inp->in6p_fport),
                                    (so->so_flags & SOF_NODEFUNCT) ?
-                                   "not " : ""));
+                                   "not " : "");
                        } else {
-                               SODEFUNCTLOG(("%s[%d]: so 0x%llx [%d,%d] is "
-                                   "now marked as %seligible for defunct\n",
+                               SODEFUNCTLOG("%s[%d, %s]: so 0x%llx [%d,%d] "
+                                   "is now marked as %seligible for "
+                                   "defunct\n",
                                    __func__, proc_selfpid(),
-                                   (uint64_t)VM_KERNEL_ADDRPERM(so),
+                                   proc_best_name(current_proc()),
+                                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
                                    SOCK_DOM(so), SOCK_TYPE(so),
                                    (so->so_flags & SOF_NODEFUNCT) ?
-                                   "not " : ""));
+                                   "not " : "");
                        }
                        break;
 
@@ -4736,52 +5244,121 @@ sosetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                        error = so_set_effective_uuid(so, euuid, sopt->sopt_p);
                        break;
                }
-                               
+
 #if NECP
                case SO_NECP_ATTRIBUTES:
                        error = necp_set_socket_attributes(so, sopt);
                        break;
-#endif /* NECP */
 
-#if MPTCP
-               case SO_MPTCP_FASTJOIN:
-                       if (!((so->so_flags & SOF_MP_SUBFLOW) ||
-                           ((SOCK_CHECK_DOM(so, PF_MULTIPATH)) &&
-                           (SOCK_CHECK_PROTO(so, IPPROTO_TCP))))) {
-                               error = ENOPROTOOPT;
+               case SO_NECP_CLIENTUUID:
+                       if (SOCK_DOM(so) == PF_MULTIPATH) {
+                               /* Handled by MPTCP itself */
                                break;
                        }
 
-                       error = sooptcopyin(sopt, &optval, sizeof (optval),
-                           sizeof (optval));
-                       if (error != 0)
+                       if (SOCK_DOM(so) != PF_INET && SOCK_DOM(so) != PF_INET6) {
+                               error = EINVAL;
                                goto out;
-                       if (optval == 0)
-                               so->so_flags &= ~SOF_MPTCP_FASTJOIN;
-                       else
-                               so->so_flags |= SOF_MPTCP_FASTJOIN;
-                       break;
-#endif /* MPTCP */
+                       }
 
-               default:
-                       error = ENOPROTOOPT;
-                       break;
-               }
-               if (error == 0 && so->so_proto != NULL &&
-                   so->so_proto->pr_ctloutput != NULL) {
-                       (void) so->so_proto->pr_ctloutput(so, sopt);
-               }
-       }
-out:
-       if (dolock)
-               socket_unlock(so, 1);
-       return (error);
-}
+                       struct inpcb *inp = sotoinpcb(so);
+                       if (!uuid_is_null(inp->necp_client_uuid)) {
+                               // Clear out the old client UUID if present
+                               necp_inpcb_remove_cb(inp);
+                       }
 
-/* Helper routines for getsockopt */
-int
-sooptcopyout(struct sockopt *sopt, void *buf, size_t len)
-{
+                       error = sooptcopyin(sopt, &inp->necp_client_uuid,
+                                           sizeof(uuid_t), sizeof(uuid_t));
+                       if (error != 0) {
+                               goto out;
+                       }
+
+                       if (uuid_is_null(inp->necp_client_uuid)) {
+                               error = EINVAL;
+                               goto out;
+                       }
+
+                       error = necp_client_register_socket_flow(so->last_pid,
+                           inp->necp_client_uuid, inp);
+                       if (error != 0) {
+                               uuid_clear(inp->necp_client_uuid);
+                               goto out;
+                       }
+
+                       if (inp->inp_lport != 0) {
+                               // There is bound local port, so this is not
+                               // a fresh socket. Assign to the client.
+                               necp_client_assign_from_socket(so->last_pid, inp->necp_client_uuid, inp);
+                       }
+
+                       break;
+#endif /* NECP */
+
+               case SO_EXTENDED_BK_IDLE:
+                       error = sooptcopyin(sopt, &optval, sizeof (optval),
+                           sizeof (optval));
+                       if (error == 0)
+                               error = so_set_extended_bk_idle(so, optval);
+                       break;
+
+               case SO_MARK_CELLFALLBACK:
+                       error = sooptcopyin(sopt, &optval, sizeof(optval),
+                           sizeof(optval));
+                       if (error != 0)
+                               goto out;
+                       if (optval < 0) {
+                               error = EINVAL;
+                               goto out;
+                       }
+                       if (optval == 0)
+                               so->so_flags1 &= ~SOF1_CELLFALLBACK;
+                       else
+                               so->so_flags1 |= SOF1_CELLFALLBACK;
+                       break;
+
+               case SO_NET_SERVICE_TYPE: {
+                       error = sooptcopyin(sopt, &optval, sizeof(optval),
+                           sizeof(optval));
+                       if (error != 0)
+                               goto out;
+                       error = so_set_net_service_type(so, optval);
+                       break;
+               }
+
+               case SO_QOSMARKING_POLICY_OVERRIDE:
+                       error = priv_check_cred(kauth_cred_get(),
+                           PRIV_NET_QOSMARKING_POLICY_OVERRIDE, 0);
+                       if (error != 0)
+                               goto out;
+                       error = sooptcopyin(sopt, &optval, sizeof(optval),
+                           sizeof(optval));
+                       if (error != 0)
+                               goto out;
+                       if (optval == 0)
+                               so->so_flags1 &= ~SOF1_QOSMARKING_POLICY_OVERRIDE;
+                       else
+                               so->so_flags1 |= SOF1_QOSMARKING_POLICY_OVERRIDE;
+                       break;
+
+               default:
+                       error = ENOPROTOOPT;
+                       break;
+               }
+               if (error == 0 && so->so_proto != NULL &&
+                   so->so_proto->pr_ctloutput != NULL) {
+                       (void) so->so_proto->pr_ctloutput(so, sopt);
+               }
+       }
+out:
+       if (dolock)
+               socket_unlock(so, 1);
+       return (error);
+}
+
+/* Helper routines for getsockopt */
+int
+sooptcopyout(struct sockopt *sopt, void *buf, size_t len)
+{
        int     error;
        size_t  valsize;
 
@@ -4812,8 +5389,8 @@ sooptcopyout_timeval(struct sockopt *sopt, const struct timeval *tv_p)
 {
        int                     error;
        size_t                  len;
-       struct user64_timeval   tv64;
-       struct user32_timeval   tv32;
+       struct user64_timeval   tv64 = {};
+       struct user32_timeval   tv32 = {};
        const void *            val;
        size_t                  valsize;
 
@@ -4913,6 +5490,7 @@ sogetoptlock(struct socket *so, struct sockopt *sopt, int dolock)
                case SO_WANTMORE:
                case SO_WANTOOBFLAG:
                case SO_NOWAKEFROMSLEEP:
+               case SO_NOAPNFALLBK:
                        optval = so->so_options & sopt->sopt_name;
 integer:
                        error = sooptcopyout(sopt, &optval, sizeof (optval));
@@ -5027,7 +5605,7 @@ integer:
                        goto integer;
 
                case SO_AWDL_UNRESTRICTED:
-                       if (SOCK_DOM(so) == PF_INET || 
+                       if (SOCK_DOM(so) == PF_INET ||
                            SOCK_DOM(so) == PF_INET6) {
                                optval = inp_get_awdl_unrestricted(
                                    sotoinpcb(so));
@@ -5036,6 +5614,15 @@ integer:
                                error = EOPNOTSUPP;
                        break;
 
+               case SO_INTCOPROC_ALLOW:
+                       if (SOCK_DOM(so) == PF_INET6) {
+                               optval = inp_get_intcoproc_allowed(
+                                   sotoinpcb(so));
+                               goto integer;
+                       } else
+                               error = EOPNOTSUPP;
+                       break;
+
                case SO_LABEL:
 #if CONFIG_MACF_SOCKET
                        if ((error = sooptcopyin(sopt, &extmac, sizeof (extmac),
@@ -5074,7 +5661,7 @@ integer:
                        goto integer;
 
                case SO_NP_EXTENSIONS: {
-                       struct so_np_extensions sonpx;
+                       struct so_np_extensions sonpx = {};
 
                        sonpx.npx_flags = (so->so_flags & SOF_NPX_SETOPTSHUT) ?
                            SONPX_SETOPTSHUT : 0;
@@ -5098,9 +5685,11 @@ integer:
                            sizeof (so->so_tc_stats));
                        break;
 
+#if (DEVELOPMENT || DEBUG)
                case SO_TRAFFIC_CLASS_DBG:
                        error = sogetopt_tcdbg(so, sopt);
                        break;
+#endif /* (DEVELOPMENT || DEBUG) */
 
                case SO_PRIVILEGED_TRAFFIC_CLASS:
                        optval = (so->so_flags & SOF_PRIVILEGED_TRAFFIC_CLASS);
@@ -5140,11 +5729,28 @@ integer:
                        error = flow_divert_token_get(so, sopt);
                        break;
 #endif /* FLOW_DIVERT */
-                       
+
 #if NECP
                case SO_NECP_ATTRIBUTES:
                        error = necp_get_socket_attributes(so, sopt);
                        break;
+
+               case SO_NECP_CLIENTUUID:
+               {
+                       uuid_t *ncu;
+
+                       if (SOCK_DOM(so) == PF_MULTIPATH) {
+                               ncu = &mpsotomppcb(so)->necp_client_uuid;
+                       } else if (SOCK_DOM(so) == PF_INET || SOCK_DOM(so) == PF_INET6) {
+                               ncu = &sotoinpcb(so)->necp_client_uuid;
+                       } else {
+                               error = EINVAL;
+                               goto out;
+                       }
+
+                       error = sooptcopyout(sopt, ncu, sizeof(uuid_t));
+                       break;
+               }
 #endif /* NECP */
 
 #if CONTENT_FILTER
@@ -5153,23 +5759,29 @@ integer:
 
                        sock_id = cfil_sock_id_from_socket(so);
 
-                       error = sooptcopyout(sopt, &sock_id, 
+                       error = sooptcopyout(sopt, &sock_id,
                                sizeof(cfil_sock_id_t));
                        break;
                }
 #endif /* CONTENT_FILTER */
 
-#if MPTCP
-               case SO_MPTCP_FASTJOIN:
-                       if (!((so->so_flags & SOF_MP_SUBFLOW) ||
-                           ((SOCK_CHECK_DOM(so, PF_MULTIPATH)) &&
-                           (SOCK_CHECK_PROTO(so, IPPROTO_TCP))))) {
-                               error = ENOPROTOOPT;
-                               break;
-                       }
-                       optval = (so->so_flags & SOF_MPTCP_FASTJOIN);
-                       break;
-#endif /* MPTCP */
+               case SO_EXTENDED_BK_IDLE:
+                       optval = (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED);
+                       goto integer;
+               case SO_MARK_CELLFALLBACK:
+                       optval = ((so->so_flags1 & SOF1_CELLFALLBACK) > 0)
+                           ? 1 : 0;
+                       goto integer;
+               case SO_NET_SERVICE_TYPE: {
+                       if ((so->so_flags1 & SOF1_TC_NET_SERV_TYPE))
+                               optval = so->so_netsvctype;
+                       else
+                               optval = NET_SERVICE_TYPE_BE;
+                       goto integer;
+               }
+               case SO_NETSVC_MARKING_LEVEL:
+                       optval = so_get_netsvc_marking_level(so);
+                       goto integer;
 
                default:
                        error = ENOPROTOOPT;
@@ -5318,6 +5930,10 @@ sohasoutofband(struct socket *so)
        else if (so->so_pgid > 0)
                proc_signal(so->so_pgid, SIGURG);
        selwakeup(&so->so_rcv.sb_sel);
+       if (so->so_rcv.sb_flags & SB_KNOTE) {
+               KNOTE(&so->so_rcv.sb_sel.si_note,
+                   (NOTE_OOB | SO_FILT_HINT_LOCKED));
+       }
 }
 
 int
@@ -5368,14 +5984,15 @@ sopoll(struct socket *so, int events, kauth_cred_t cred, void * wql)
 }
 
 int
-soo_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx)
+soo_kqfilter(struct fileproc *fp, struct knote *kn,
+               struct kevent_internal_s *kev, vfs_context_t ctx)
 {
 #pragma unused(fp)
 #if !CONFIG_MACF_SOCKET
 #pragma unused(ctx)
 #endif /* MAC_SOCKET */
        struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
-       struct klist *skl;
+       int result;
 
        socket_lock(so, 1);
        so_update_last_owner_locked(so, PROC_NULL);
@@ -5385,71 +6002,48 @@ soo_kqfilter(struct fileproc *fp, struct knote *kn, vfs_context_t ctx)
        if (mac_socket_check_kqfilter(proc_ucred(vfs_context_proc(ctx)),
            kn, so) != 0) {
                socket_unlock(so, 1);
-               return (1);
+               kn->kn_flags = EV_ERROR;
+               kn->kn_data = EPERM;
+               return 0;
        }
 #endif /* MAC_SOCKET */
 
        switch (kn->kn_filter) {
        case EVFILT_READ:
-               kn->kn_fop = &soread_filtops;
-               skl = &so->so_rcv.sb_sel.si_note;
+               kn->kn_filtid = EVFILTID_SOREAD;
                break;
        case EVFILT_WRITE:
-               kn->kn_fop = &sowrite_filtops;
-               skl = &so->so_snd.sb_sel.si_note;
+               kn->kn_filtid = EVFILTID_SOWRITE;
                break;
        case EVFILT_SOCK:
-               kn->kn_fop = &sock_filtops;
-               skl = &so->so_klist;
+               kn->kn_filtid = EVFILTID_SCK;
+               break;
+       case EVFILT_EXCEPT:
+               kn->kn_filtid = EVFILTID_SOEXCEPT;
                break;
        default:
                socket_unlock(so, 1);
-               return (1);
-       }
-
-       if (KNOTE_ATTACH(skl, kn)) {
-               switch (kn->kn_filter) {
-               case EVFILT_READ:
-                       so->so_rcv.sb_flags |= SB_KNOTE;
-                       break;
-               case EVFILT_WRITE:
-                       so->so_snd.sb_flags |= SB_KNOTE;
-                       break;
-               case EVFILT_SOCK:
-                       so->so_flags |= SOF_KNOTE;
-                       break;
-               default:
-                       socket_unlock(so, 1);
-                       return (1);
-               }
+               kn->kn_flags = EV_ERROR;
+               kn->kn_data = EINVAL;
+               return 0;
        }
-       socket_unlock(so, 1);
-       return (0);
-}
 
-static void
-filt_sordetach(struct knote *kn)
-{
-       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       /*
+        * call the appropriate sub-filter attach
+        * with the socket still locked
+        */
+       result = knote_fops(kn)->f_attach(kn, kev);
 
-       socket_lock(so, 1);
-       if (so->so_rcv.sb_flags & SB_KNOTE)
-               if (KNOTE_DETACH(&so->so_rcv.sb_sel.si_note, kn))
-                       so->so_rcv.sb_flags &= ~SB_KNOTE;
        socket_unlock(so, 1);
+
+       return result;
 }
 
-/*ARGSUSED*/
 static int
-filt_soread(struct knote *kn, long hint)
+filt_soread_common(struct knote *kn, struct socket *so)
 {
-       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
-
-       if ((hint & SO_FILT_HINT_LOCKED) == 0)
-               socket_lock(so, 1);
-
        if (so->so_options & SO_ACCEPTCONN) {
-               int isempty;
+               int is_not_empty;
 
                /*
                 * Radar 6615193 handle the listen case dynamically
@@ -5458,62 +6052,47 @@ filt_soread(struct knote *kn, long hint)
                 */
 
                kn->kn_data = so->so_qlen;
-               isempty = ! TAILQ_EMPTY(&so->so_comp);
+               is_not_empty = ! TAILQ_EMPTY(&so->so_comp);
 
-               if ((hint & SO_FILT_HINT_LOCKED) == 0)
-                       socket_unlock(so, 1);
-
-               return (isempty);
+               return (is_not_empty);
        }
 
        /* socket isn't a listener */
-
+       /*
+        * NOTE_LOWAT specifies new low water mark in data, i.e.
+        * the bytes of protocol data. We therefore exclude any
+        * control bytes.
+        */
        kn->kn_data = so->so_rcv.sb_cc - so->so_rcv.sb_ctl;
 
-       if (so->so_oobmark) {
-               if (kn->kn_flags & EV_OOBAND) {
+       if (kn->kn_sfflags & NOTE_OOB) {
+               if (so->so_oobmark || (so->so_state & SS_RCVATMARK)) {
+                       kn->kn_fflags |= NOTE_OOB;
                        kn->kn_data -= so->so_oobmark;
-                       if ((hint & SO_FILT_HINT_LOCKED) == 0)
-                               socket_unlock(so, 1);
-                       return (1);
-               }
-               kn->kn_data = so->so_oobmark;
-               kn->kn_flags |= EV_OOBAND;
-       } else {
-               if ((so->so_state & SS_CANTRCVMORE)
-#if CONTENT_FILTER
-               && cfil_sock_data_pending(&so->so_rcv) == 0
-#endif /* CONTENT_FILTER */
-               ) {
-                       kn->kn_flags |= EV_EOF;
-                       kn->kn_fflags = so->so_error;
-                       if ((hint & SO_FILT_HINT_LOCKED) == 0)
-                               socket_unlock(so, 1);
                        return (1);
                }
        }
 
-       if (so->so_state & SS_RCVATMARK) {
-               if (kn->kn_flags & EV_OOBAND) {
-                       if ((hint & SO_FILT_HINT_LOCKED) == 0)
-                               socket_unlock(so, 1);
-                       return (1);
-               }
-               kn->kn_flags |= EV_OOBAND;
-       } else if (kn->kn_flags & EV_OOBAND) {
-               kn->kn_data = 0;
-               if ((hint & SO_FILT_HINT_LOCKED) == 0)
-                       socket_unlock(so, 1);
-               return (0);
+       if ((so->so_state & SS_CANTRCVMORE)
+#if CONTENT_FILTER
+           && cfil_sock_data_pending(&so->so_rcv) == 0
+#endif /* CONTENT_FILTER */
+          ) {
+               kn->kn_flags |= EV_EOF;
+               kn->kn_fflags = so->so_error;
+               return (1);
        }
 
        if (so->so_error) {     /* temporary udp error */
-               if ((hint & SO_FILT_HINT_LOCKED) == 0)
-                       socket_unlock(so, 1);
                return (1);
        }
 
        int64_t lowwat = so->so_rcv.sb_lowat;
+       /*
+        * Ensure that when NOTE_LOWAT is used, the derived
+        * low water mark is bounded by socket's rcv buf's
+        * high and low water mark values.
+        */
        if (kn->kn_sfflags & NOTE_LOWAT) {
                if (kn->kn_sdata > so->so_rcv.sb_hiwat)
                        lowwat = so->so_rcv.sb_hiwat;
@@ -5521,22 +6100,114 @@ filt_soread(struct knote *kn, long hint)
                        lowwat = kn->kn_sdata;
        }
 
+       /*
+        * The order below is important. Since NOTE_LOWAT
+        * overrides sb_lowat, check for NOTE_LOWAT case
+        * first.
+        */
+       if (kn->kn_sfflags & NOTE_LOWAT)
+               return (kn->kn_data >= lowwat);
+
+       return (so->so_rcv.sb_cc >= lowwat);
+}
+
+static int
+filt_sorattach(struct knote *kn, __unused struct kevent_internal_s *kev)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+
+       /* socket locked */
+
+       /*
+        * If the caller explicitly asked for OOB results (e.g. poll())
+        * from EVFILT_READ, then save that off in the hookid field
+        * and reserve the kn_flags EV_OOBAND bit for output only.
+        */
+       if (kn->kn_filter == EVFILT_READ &&
+           kn->kn_flags & EV_OOBAND) {
+               kn->kn_flags &= ~EV_OOBAND;
+               kn->kn_hookid = EV_OOBAND;
+       } else {
+               kn->kn_hookid = 0;
+       }
+       if (KNOTE_ATTACH(&so->so_rcv.sb_sel.si_note, kn))
+               so->so_rcv.sb_flags |= SB_KNOTE;
+
+       /* indicate if event is already fired */
+       return filt_soread_common(kn, so);
+}
+
+static void
+filt_sordetach(struct knote *kn)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+
+       socket_lock(so, 1);
+       if (so->so_rcv.sb_flags & SB_KNOTE)
+               if (KNOTE_DETACH(&so->so_rcv.sb_sel.si_note, kn))
+                       so->so_rcv.sb_flags &= ~SB_KNOTE;
+       socket_unlock(so, 1);
+}
+
+/*ARGSUSED*/
+static int
+filt_soread(struct knote *kn, long hint)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int retval;
+
+       if ((hint & SO_FILT_HINT_LOCKED) == 0)
+               socket_lock(so, 1);
+
+       retval = filt_soread_common(kn, so);
+
        if ((hint & SO_FILT_HINT_LOCKED) == 0)
                socket_unlock(so, 1);
 
-       return ((kn->kn_flags & EV_OOBAND) || kn->kn_data >= lowwat);
+       return retval;
 }
 
-static void
-filt_sowdetach(struct knote *kn)
+static int
+filt_sortouch(struct knote *kn, struct kevent_internal_s *kev)
 {
        struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int retval;
+
        socket_lock(so, 1);
 
-       if (so->so_snd.sb_flags & SB_KNOTE)
-               if (KNOTE_DETACH(&so->so_snd.sb_sel.si_note, kn))
-                       so->so_snd.sb_flags &= ~SB_KNOTE;
+       /* save off the new input fflags and data */
+       kn->kn_sfflags = kev->fflags;
+       kn->kn_sdata = kev->data;
+       if ((kn->kn_status & KN_UDATA_SPECIFIC) == 0)
+               kn->kn_udata = kev->udata;
+
+       /* determine if changes result in fired events */
+       retval = filt_soread_common(kn, so);
+
+       socket_unlock(so, 1);
+
+       return retval;
+}
+
+static int
+filt_sorprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev)
+{
+#pragma unused(data)
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int retval;
+
+       socket_lock(so, 1);
+       retval = filt_soread_common(kn, so);
+       if (retval) {
+               *kev = kn->kn_kevent;
+               if (kn->kn_flags & EV_CLEAR) {
+                       kn->kn_fflags = 0;
+                       kn->kn_data = 0;
+               }
+       }
        socket_unlock(so, 1);
+
+       return retval;
 }
 
 int
@@ -5551,31 +6222,25 @@ so_wait_for_if_feedback(struct socket *so)
        return (0);
 }
 
-/*ARGSUSED*/
 static int
-filt_sowrite(struct knote *kn, long hint)
+filt_sowrite_common(struct knote *kn, struct socket *so)
 {
-       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
        int ret = 0;
 
-       if ((hint & SO_FILT_HINT_LOCKED) == 0)
-               socket_lock(so, 1);
-
        kn->kn_data = sbspace(&so->so_snd);
        if (so->so_state & SS_CANTSENDMORE) {
                kn->kn_flags |= EV_EOF;
                kn->kn_fflags = so->so_error;
-               ret = 1;
-               goto out;
+               return 1;
        }
        if (so->so_error) {     /* temporary udp error */
-               ret = 1;
-               goto out;
+               return 1;
        }
-       if (((so->so_state & SS_ISCONNECTED) == 0) &&
-           (so->so_proto->pr_flags & PR_CONNREQUIRED)) {
-               ret = 0;
-               goto out;
+       if (!socanwrite(so)) {
+               return 0;
+       }
+       if (so->so_flags1 & SOF1_PRECONNECT_DATA) {
+               return 1;
        }
        int64_t lowwat = so->so_snd.sb_lowat;
        if (kn->kn_sfflags & NOTE_LOWAT) {
@@ -5585,10 +6250,14 @@ filt_sowrite(struct knote *kn, long hint)
                        lowwat = kn->kn_sdata;
        }
        if (kn->kn_data >= lowwat) {
-               if (so->so_flags & SOF_NOTSENT_LOWAT) {
-                       if ((SOCK_DOM(so) == PF_INET
-                           || SOCK_DOM(so) == PF_INET6)
-                           && so->so_type == SOCK_STREAM) {
+               if ((so->so_flags & SOF_NOTSENT_LOWAT)
+#if (DEBUG || DEVELOPMENT)
+                   && so_notsent_lowat_check == 1
+#endif /* DEBUG || DEVELOPMENT */
+                   ) {
+                       if ((SOCK_DOM(so) == PF_INET ||
+                           SOCK_DOM(so) == PF_INET6) &&
+                           so->so_type == SOCK_STREAM) {
                                ret = tcp_notsent_lowat_check(so);
                        }
 #if MPTCP
@@ -5598,7 +6267,7 @@ filt_sowrite(struct knote *kn, long hint)
                        }
 #endif
                        else {
-                               return (1);
+                               return 1;
                        }
                } else {
                        ret = 1;
@@ -5606,120 +6275,344 @@ filt_sowrite(struct knote *kn, long hint)
        }
        if (so_wait_for_if_feedback(so))
                ret = 0;
-out:
+       return (ret);
+}
+
+static int
+filt_sowattach(struct knote *kn, __unused struct kevent_internal_s *kev)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+
+       /* socket locked */
+       if (KNOTE_ATTACH(&so->so_snd.sb_sel.si_note, kn))
+               so->so_snd.sb_flags |= SB_KNOTE;
+
+       /* determine if its already fired */
+       return filt_sowrite_common(kn, so);
+}
+
+static void
+filt_sowdetach(struct knote *kn)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       socket_lock(so, 1);
+
+       if (so->so_snd.sb_flags & SB_KNOTE)
+               if (KNOTE_DETACH(&so->so_snd.sb_sel.si_note, kn))
+                       so->so_snd.sb_flags &= ~SB_KNOTE;
+       socket_unlock(so, 1);
+}
+
+/*ARGSUSED*/
+static int
+filt_sowrite(struct knote *kn, long hint)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int ret;
+
+       if ((hint & SO_FILT_HINT_LOCKED) == 0)
+               socket_lock(so, 1);
+
+       ret = filt_sowrite_common(kn, so);
+
        if ((hint & SO_FILT_HINT_LOCKED) == 0)
                socket_unlock(so, 1);
+
+       return ret;
+}
+
+static int
+filt_sowtouch(struct knote *kn, struct kevent_internal_s *kev)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int ret;
+
+       socket_lock(so, 1);
+
+       /*save off the new input fflags and data */
+       kn->kn_sfflags = kev->fflags;
+       kn->kn_sdata = kev->data;
+       if ((kn->kn_status & KN_UDATA_SPECIFIC) == 0)
+               kn->kn_udata = kev->udata;
+
+       /* determine if these changes result in a triggered event */
+       ret = filt_sowrite_common(kn, so);
+
+       socket_unlock(so, 1);
+
+       return ret;
+}
+
+static int
+filt_sowprocess(struct knote *kn, struct filt_process_s *data, struct kevent_internal_s *kev)
+{
+#pragma unused(data)
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int ret;
+
+       socket_lock(so, 1);
+       ret = filt_sowrite_common(kn, so);
+       if (ret) {
+               *kev = kn->kn_kevent;
+               if (kn->kn_flags & EV_CLEAR) {
+                       kn->kn_fflags = 0;
+                       kn->kn_data = 0;
+               }
+       }
+       socket_unlock(so, 1);
+       return ret;
+}
+
+static int
+filt_sockev_common(struct knote *kn, struct socket *so, long ev_hint)
+{
+       int ret = 0;
+       uint32_t level_trigger = 0;
+
+       if (ev_hint & SO_FILT_HINT_CONNRESET) {
+               kn->kn_fflags |= NOTE_CONNRESET;
+       }
+       if (ev_hint & SO_FILT_HINT_TIMEOUT) {
+               kn->kn_fflags |= NOTE_TIMEOUT;
+       }
+       if (ev_hint & SO_FILT_HINT_NOSRCADDR) {
+               kn->kn_fflags |= NOTE_NOSRCADDR;
+       }
+       if (ev_hint & SO_FILT_HINT_IFDENIED) {
+               kn->kn_fflags |= NOTE_IFDENIED;
+       }
+       if (ev_hint & SO_FILT_HINT_KEEPALIVE) {
+               kn->kn_fflags |= NOTE_KEEPALIVE;
+       }
+       if (ev_hint & SO_FILT_HINT_ADAPTIVE_WTIMO) {
+               kn->kn_fflags |= NOTE_ADAPTIVE_WTIMO;
+       }
+       if (ev_hint & SO_FILT_HINT_ADAPTIVE_RTIMO) {
+               kn->kn_fflags |= NOTE_ADAPTIVE_RTIMO;
+       }
+       if ((ev_hint & SO_FILT_HINT_CONNECTED) ||
+           (so->so_state & SS_ISCONNECTED)) {
+               kn->kn_fflags |= NOTE_CONNECTED;
+               level_trigger |= NOTE_CONNECTED;
+       }
+       if ((ev_hint & SO_FILT_HINT_DISCONNECTED) ||
+           (so->so_state & SS_ISDISCONNECTED)) {
+               kn->kn_fflags |= NOTE_DISCONNECTED;
+               level_trigger |= NOTE_DISCONNECTED;
+       }
+       if (ev_hint & SO_FILT_HINT_CONNINFO_UPDATED) {
+               if (so->so_proto != NULL &&
+                   (so->so_proto->pr_flags & PR_EVCONNINFO))
+                       kn->kn_fflags |= NOTE_CONNINFO_UPDATED;
+       }
+
+       if ((ev_hint & SO_FILT_HINT_NOTIFY_ACK) ||
+           tcp_notify_ack_active(so)) {
+               kn->kn_fflags |= NOTE_NOTIFY_ACK;
+       }
+
+       if ((so->so_state & SS_CANTRCVMORE)
+#if CONTENT_FILTER
+           && cfil_sock_data_pending(&so->so_rcv) == 0
+#endif /* CONTENT_FILTER */
+           ) {
+               kn->kn_fflags |= NOTE_READCLOSED;
+               level_trigger |= NOTE_READCLOSED;
+       }
+
+       if (so->so_state & SS_CANTSENDMORE) {
+               kn->kn_fflags |= NOTE_WRITECLOSED;
+               level_trigger |= NOTE_WRITECLOSED;
+       }
+
+       if ((ev_hint & SO_FILT_HINT_SUSPEND) ||
+           (so->so_flags & SOF_SUSPENDED)) {
+               kn->kn_fflags &= ~(NOTE_SUSPEND | NOTE_RESUME);
+
+               /* If resume event was delivered before, reset it */
+               kn->kn_hookid &= ~NOTE_RESUME;
+
+               kn->kn_fflags |= NOTE_SUSPEND;
+               level_trigger |= NOTE_SUSPEND;
+       }
+
+       if ((ev_hint & SO_FILT_HINT_RESUME) ||
+           (so->so_flags & SOF_SUSPENDED) == 0) {
+               kn->kn_fflags &= ~(NOTE_SUSPEND | NOTE_RESUME);
+
+               /* If suspend event was delivered before, reset it */
+               kn->kn_hookid &= ~NOTE_SUSPEND;
+
+               kn->kn_fflags |= NOTE_RESUME;
+               level_trigger |= NOTE_RESUME;
+       }
+
+       if (so->so_error != 0) {
+               ret = 1;
+               kn->kn_data = so->so_error;
+               kn->kn_flags |= EV_EOF;
+       } else {
+               get_sockev_state(so, (u_int32_t *)&(kn->kn_data));
+       }
+
+       /* Reset any events that are not requested on this knote */
+       kn->kn_fflags &= (kn->kn_sfflags & EVFILT_SOCK_ALL_MASK);
+       level_trigger &= (kn->kn_sfflags & EVFILT_SOCK_ALL_MASK);
+
+       /* Find the level triggerred events that are already delivered */
+       level_trigger &= kn->kn_hookid;
+       level_trigger &= EVFILT_SOCK_LEVEL_TRIGGER_MASK;
+
+       /* Do not deliver level triggerred events more than once */
+       if ((kn->kn_fflags & ~level_trigger) != 0)
+               ret = 1;
+
        return (ret);
 }
 
+static int
+filt_sockattach(struct knote *kn, __unused struct kevent_internal_s *kev)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+
+       /* socket locked */
+       kn->kn_hookid = 0;
+       if (KNOTE_ATTACH(&so->so_klist, kn))
+               so->so_flags |= SOF_KNOTE;
+
+       /* determine if event already fired */
+       return filt_sockev_common(kn, so, 0);
+}
+
 static void
 filt_sockdetach(struct knote *kn)
 {
        struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
        socket_lock(so, 1);
 
-       if ((so->so_flags & SOF_KNOTE) != 0)
-               if (KNOTE_DETACH(&so->so_klist, kn))
-                       so->so_flags &= ~SOF_KNOTE;
+       if ((so->so_flags & SOF_KNOTE) != 0)
+               if (KNOTE_DETACH(&so->so_klist, kn))
+                       so->so_flags &= ~SOF_KNOTE;
+       socket_unlock(so, 1);
+}
+
+static int
+filt_sockev(struct knote *kn, long hint)
+{
+       int ret = 0, locked = 0;
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       long ev_hint = (hint & SO_FILT_HINT_EV);
+
+       if ((hint & SO_FILT_HINT_LOCKED) == 0) {
+               socket_lock(so, 1);
+               locked = 1;
+       }
+
+       ret = filt_sockev_common(kn, so, ev_hint);
+
+       if (locked)
+               socket_unlock(so, 1);
+
+       return ret;
+}
+
+
+
+/*
+ *     filt_socktouch - update event state
+ */
+static int
+filt_socktouch(
+       struct knote *kn,
+       struct kevent_internal_s *kev)
+{
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       uint32_t changed_flags;
+       int ret;
+
+       socket_lock(so, 1);
+
+       /* save off the [result] data and fflags */
+       changed_flags = (kn->kn_sfflags ^ kn->kn_hookid);
+
+       /* save off the new input fflags and data */
+       kn->kn_sfflags = kev->fflags;
+       kn->kn_sdata = kev->data;
+       if ((kn->kn_status & KN_UDATA_SPECIFIC) == 0)
+               kn->kn_udata = kev->udata;
+
+       /* restrict the current results to the (smaller?) set of new interest */
+       /*
+        * For compatibility with previous implementations, we leave kn_fflags
+        * as they were before.
+        */
+       //kn->kn_fflags &= kev->fflags;
+
+       /*
+        * Since we keep track of events that are already
+        * delivered, if any of those events are not requested
+        * anymore the state related to them can be reset
+        */
+       kn->kn_hookid &=
+           ~(changed_flags & EVFILT_SOCK_LEVEL_TRIGGER_MASK);
+
+       /* determine if we have events to deliver */
+       ret = filt_sockev_common(kn, so, 0);
+
        socket_unlock(so, 1);
+
+       return ret;
 }
 
+/*
+ *     filt_sockprocess - query event fired state and return data
+ */
 static int
-filt_sockev(struct knote *kn, long hint)
+filt_sockprocess(
+       struct knote *kn,
+       struct filt_process_s *data,
+       struct kevent_internal_s *kev)
 {
-       int ret = 0, locked = 0;
-       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
-       long ev_hint = (hint & SO_FILT_HINT_EV);
-
-       if ((hint & SO_FILT_HINT_LOCKED) == 0) {
-               socket_lock(so, 1);
-               locked = 1;
-       }
-
-       if (ev_hint & SO_FILT_HINT_CONNRESET) {
-               if (kn->kn_sfflags & NOTE_CONNRESET)
-                       kn->kn_fflags |= NOTE_CONNRESET;
-       }
-       if (ev_hint & SO_FILT_HINT_TIMEOUT) {
-               if (kn->kn_sfflags & NOTE_TIMEOUT)
-                       kn->kn_fflags |= NOTE_TIMEOUT;
-       }
-       if (ev_hint & SO_FILT_HINT_NOSRCADDR) {
-               if (kn->kn_sfflags & NOTE_NOSRCADDR)
-                       kn->kn_fflags |= NOTE_NOSRCADDR;
-       }
-       if (ev_hint & SO_FILT_HINT_IFDENIED) {
-               if ((kn->kn_sfflags & NOTE_IFDENIED))
-                       kn->kn_fflags |= NOTE_IFDENIED;
-       }
-       if (ev_hint & SO_FILT_HINT_KEEPALIVE) {
-               if (kn->kn_sfflags & NOTE_KEEPALIVE)
-                       kn->kn_fflags |= NOTE_KEEPALIVE;
-       }
-       if (ev_hint & SO_FILT_HINT_ADAPTIVE_WTIMO) {
-               if (kn->kn_sfflags & NOTE_ADAPTIVE_WTIMO)
-                       kn->kn_fflags |= NOTE_ADAPTIVE_WTIMO;
-       }
-       if (ev_hint & SO_FILT_HINT_ADAPTIVE_RTIMO) {
-               if (kn->kn_sfflags & NOTE_ADAPTIVE_RTIMO)
-                       kn->kn_fflags |= NOTE_ADAPTIVE_RTIMO;
-       }
-       if (ev_hint & SO_FILT_HINT_CONNECTED) {
-               if (kn->kn_sfflags & NOTE_CONNECTED)
-                       kn->kn_fflags |= NOTE_CONNECTED;
-       }
-       if (ev_hint & SO_FILT_HINT_DISCONNECTED) {
-               if (kn->kn_sfflags & NOTE_DISCONNECTED)
-                       kn->kn_fflags |= NOTE_DISCONNECTED;
-       }
-       if (ev_hint & SO_FILT_HINT_CONNINFO_UPDATED) {
-               if (so->so_proto != NULL &&
-                   (so->so_proto->pr_flags & PR_EVCONNINFO) &&
-                   (kn->kn_sfflags & NOTE_CONNINFO_UPDATED))
-                       kn->kn_fflags |= NOTE_CONNINFO_UPDATED;
-       }
+#pragma unused(data)
 
-       if ((kn->kn_sfflags & NOTE_READCLOSED) &&
-           (so->so_state & SS_CANTRCVMORE)
-#if CONTENT_FILTER
-               && cfil_sock_data_pending(&so->so_rcv) == 0
-#endif /* CONTENT_FILTER */
-               )
-               kn->kn_fflags |= NOTE_READCLOSED;
+       struct socket *so = (struct socket *)kn->kn_fp->f_fglob->fg_data;
+       int ret = 0;
 
-       if ((kn->kn_sfflags & NOTE_WRITECLOSED) &&
-           (so->so_state & SS_CANTSENDMORE))
-               kn->kn_fflags |= NOTE_WRITECLOSED;
+       socket_lock(so, 1);
 
-       if ((kn->kn_sfflags & NOTE_SUSPEND) &&
-           ((ev_hint & SO_FILT_HINT_SUSPEND) ||
-           (so->so_flags & SOF_SUSPENDED))) {
-               kn->kn_fflags &= ~(NOTE_SUSPEND | NOTE_RESUME);
-               kn->kn_fflags |= NOTE_SUSPEND;
-       }
+       ret = filt_sockev_common(kn, so, 0);
+       if (ret) {
+               *kev = kn->kn_kevent;
 
-       if ((kn->kn_sfflags & NOTE_RESUME) &&
-           ((ev_hint & SO_FILT_HINT_RESUME) ||
-           (so->so_flags & SOF_SUSPENDED) == 0)) {
-               kn->kn_fflags &= ~(NOTE_SUSPEND | NOTE_RESUME);
-               kn->kn_fflags |= NOTE_RESUME;
-       }
+               /*
+                * Store the state of the events being delivered. This
+                * state can be used to deliver level triggered events
+                * ateast once and still avoid waking up the application
+                * multiple times as long as the event is active.
+                */
+               if (kn->kn_fflags != 0)
+                       kn->kn_hookid |= (kn->kn_fflags &
+                                         EVFILT_SOCK_LEVEL_TRIGGER_MASK);
 
-       if (so->so_error != 0) {
-               ret = 1;
-               kn->kn_data = so->so_error;
-               kn->kn_flags |= EV_EOF;
-       } else {
-               get_sockev_state(so, (u_int32_t *)&(kn->kn_data));
+               /*
+                * NOTE_RESUME and NOTE_SUSPEND are an exception, deliver
+                * only one of them and remember the last one that was
+                * delivered last
+                */
+               if (kn->kn_fflags & NOTE_SUSPEND)
+                       kn->kn_hookid &= ~NOTE_RESUME;
+               if (kn->kn_fflags & NOTE_RESUME)
+                       kn->kn_hookid &= ~NOTE_SUSPEND;
+
+               if (kn->kn_flags & EV_CLEAR) {
+                       kn->kn_data = 0;
+                       kn->kn_fflags = 0;
+               }
        }
 
-       if (kn->kn_fflags != 0)
-               ret = 1;
-
-       if (locked)
-               socket_unlock(so, 1);
+       socket_unlock(so, 1);
 
-       return (ret);
+       return ret;
 }
 
 void
@@ -5727,6 +6620,13 @@ get_sockev_state(struct socket *so, u_int32_t *statep)
 {
        u_int32_t state = *(statep);
 
+       /*
+        * If the state variable is already used by a previous event,
+        * reset it.
+        */
+       if (state != 0)
+               return;
+
        if (so->so_state & SS_ISCONNECTED)
                state |= SOCKEV_CONNECTED;
        else
@@ -5755,19 +6655,18 @@ solockhistory_nr(struct socket *so)
        return (lock_history_str);
 }
 
-int
+void
 socket_lock(struct socket *so, int refcount)
 {
-       int error = 0;
        void *lr_saved;
 
        lr_saved = __builtin_return_address(0);
 
        if (so->so_proto->pr_lock) {
-               error = (*so->so_proto->pr_lock)(so, refcount, lr_saved);
+               (*so->so_proto->pr_lock)(so, refcount, lr_saved);
        } else {
 #ifdef MORE_LOCKING_DEBUG
-               lck_mtx_assert(so->so_proto->pr_domain->dom_mtx,
+               LCK_MTX_ASSERT(so->so_proto->pr_domain->dom_mtx,
                    LCK_MTX_ASSERT_NOTOWNED);
 #endif
                lck_mtx_lock(so->so_proto->pr_domain->dom_mtx);
@@ -5776,14 +6675,37 @@ socket_lock(struct socket *so, int refcount)
                so->lock_lr[so->next_lock_lr] = lr_saved;
                so->next_lock_lr = (so->next_lock_lr+1) % SO_LCKDBG_MAX;
        }
+}
 
-       return (error);
+void
+socket_lock_assert_owned(struct socket *so)
+{
+       lck_mtx_t *mutex_held;
+
+       if (so->so_proto->pr_getlock != NULL)
+               mutex_held = (*so->so_proto->pr_getlock)(so, 0);
+       else
+               mutex_held = so->so_proto->pr_domain->dom_mtx;
+
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
 }
 
 int
+socket_try_lock(struct socket *so)
+{
+       lck_mtx_t *mtx;
+
+       if (so->so_proto->pr_getlock != NULL)
+               mtx = (*so->so_proto->pr_getlock)(so, 0);
+       else
+               mtx = so->so_proto->pr_domain->dom_mtx;
+
+       return (lck_mtx_try_lock(mtx));
+}
+
+void
 socket_unlock(struct socket *so, int refcount)
 {
-       int error = 0;
        void *lr_saved;
        lck_mtx_t *mutex_held;
 
@@ -5795,11 +6717,11 @@ socket_unlock(struct socket *so, int refcount)
        }
 
        if (so && so->so_proto->pr_unlock) {
-               error = (*so->so_proto->pr_unlock)(so, refcount, lr_saved);
+               (*so->so_proto->pr_unlock)(so, refcount, lr_saved);
        } else {
                mutex_held = so->so_proto->pr_domain->dom_mtx;
 #ifdef MORE_LOCKING_DEBUG
-               lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+               LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
 #endif
                so->unlock_lr[so->next_unlock_lr] = lr_saved;
                so->next_unlock_lr = (so->next_unlock_lr+1) % SO_LCKDBG_MAX;
@@ -5819,8 +6741,6 @@ socket_unlock(struct socket *so, int refcount)
                }
                lck_mtx_unlock(mutex_held);
        }
-
-       return (error);
 }
 
 /* Called with socket locked, will unlock socket */
@@ -5833,7 +6753,7 @@ sofree(struct socket *so)
                mutex_held = (*so->so_proto->pr_getlock)(so, 0);
        else
                mutex_held = so->so_proto->pr_domain->dom_mtx;
-       lck_mtx_assert(mutex_held, LCK_MTX_ASSERT_OWNED);
+       LCK_MTX_ASSERT(mutex_held, LCK_MTX_ASSERT_OWNED);
 
        sofreelastref(so, 0);
 }
@@ -5909,18 +6829,55 @@ sosetdefunct(struct proc *p, struct socket *so, int level, boolean_t noforce)
        if (so->so_flags & SOF_NODEFUNCT) {
                if (noforce) {
                        err = EOPNOTSUPP;
-                       SODEFUNCTLOG(("%s[%d]: (target pid %d level %d) "
-                           "so 0x%llx [%d,%d] is not eligible for defunct "
-                           "(%d)\n", __func__, proc_selfpid(), proc_pid(p),
-                           level, (uint64_t)VM_KERNEL_ADDRPERM(so),
-                           SOCK_DOM(so), SOCK_TYPE(so), err));
+                       SODEFUNCTLOG("%s[%d, %s]: (target pid %d "
+                           "name %s level %d) so 0x%llx [%d,%d] "
+                           "is not eligible for defunct "
+                           "(%d)\n", __func__, proc_selfpid(),
+                           proc_best_name(current_proc()), proc_pid(p),
+                           proc_best_name(p), level,
+                           (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                           SOCK_DOM(so), SOCK_TYPE(so), err);
                        return (err);
                }
                so->so_flags &= ~SOF_NODEFUNCT;
-               SODEFUNCTLOG(("%s[%d]: (target pid %d level %d) so 0x%llx "
-                   "[%d,%d] defunct by force\n", __func__, proc_selfpid(),
-                   proc_pid(p), level, (uint64_t)VM_KERNEL_ADDRPERM(so),
-                   SOCK_DOM(so), SOCK_TYPE(so)));
+               SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
+                   "so 0x%llx [%d,%d] defunct by force\n", __func__,
+                   proc_selfpid(), proc_best_name(current_proc()),
+                   proc_pid(p), proc_best_name(p), level,
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so));
+       } else if (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) {
+               struct inpcb *inp = (struct inpcb *)so->so_pcb;
+               struct ifnet *ifp = inp->inp_last_outifp;
+
+               if (ifp && IFNET_IS_CELLULAR(ifp)) {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_nocell);
+               } else if (so->so_flags & SOF_DELEGATED) {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_nodlgtd);
+               } else if (soextbkidlestat.so_xbkidle_time == 0) {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_notime);
+               } else if (noforce) {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_active);
+
+                       so->so_flags1 |= SOF1_EXTEND_BK_IDLE_INPROG;
+                       so->so_extended_bk_start = net_uptime();
+                       OSBitOrAtomic(P_LXBKIDLEINPROG, &p->p_ladvflag);
+
+                       inpcb_timer_sched(inp->inp_pcbinfo, INPCB_TIMER_LAZY);
+
+                       err = EOPNOTSUPP;
+                       SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s "
+                           "level %d) extend bk idle so 0x%llx rcv hw %d "
+                           "cc %d\n",
+                           __func__, proc_selfpid(),
+                           proc_best_name(current_proc()), proc_pid(p),
+                           proc_best_name(p), level,
+                           (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                           so->so_rcv.sb_hiwat, so->so_rcv.sb_cc);
+                       return (err);
+               } else {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_forced);
+               }
        }
 
        so->so_flags |= SOF_DEFUNCT;
@@ -5942,10 +6899,12 @@ sosetdefunct(struct proc *p, struct socket *so, int level, boolean_t noforce)
        }
 
 done:
-       SODEFUNCTLOG(("%s[%d]: (target pid %d level %d) so 0x%llx [%d,%d] %s "
-           "defunct\n", __func__, proc_selfpid(), proc_pid(p), level,
-           (uint64_t)VM_KERNEL_ADDRPERM(so), SOCK_DOM(so), SOCK_TYPE(so),
-           defunct ? "is already" : "marked as"));
+       SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
+           "so 0x%llx [%d,%d] %s defunct%s\n", __func__, proc_selfpid(),
+           proc_best_name(current_proc()), proc_pid(p), proc_best_name(p),
+           level, (uint64_t)DEBUG_KERNEL_ADDRPERM(so), SOCK_DOM(so),
+           SOCK_TYPE(so), defunct ? "is already" : "marked as",
+           (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) ? " extbkidle" : "");
 
        return (err);
 }
@@ -5970,10 +6929,12 @@ sodefunct(struct proc *p, struct socket *so, int level)
                char d[MAX_IPv6_STR_LEN];
                struct inpcb *inp = sotoinpcb(so);
 
-               SODEFUNCTLOG(("%s[%d]: (target pid %d level %d) so 0x%llx [%s "
-                   "%s:%d -> %s:%d] is now defunct [rcv_si 0x%x, snd_si 0x%x, "
-                   "rcv_fl 0x%x, snd_fl 0x%x]\n", __func__, proc_selfpid(),
-                   proc_pid(p), level, (uint64_t)VM_KERNEL_ADDRPERM(so),
+               SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
+                   "so 0x%llx [%s %s:%d -> %s:%d] is now defunct "
+                   "[rcv_si 0x%x, snd_si 0x%x, rcv_fl 0x%x, snd_fl 0x%x]\n",
+                   __func__, proc_selfpid(), proc_best_name(current_proc()),
+                   proc_pid(p), proc_best_name(p), level,
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
                    (SOCK_TYPE(so) == SOCK_STREAM) ? "TCP" : "UDP",
                    inet_ntop(SOCK_DOM(so), ((SOCK_DOM(so) == PF_INET) ?
                    (void *)&inp->inp_laddr.s_addr : (void *)&inp->in6p_laddr),
@@ -5983,15 +6944,18 @@ sodefunct(struct proc *p, struct socket *so, int level)
                    d, sizeof (d)), ntohs(inp->in6p_fport),
                    (uint32_t)rcv->sb_sel.si_flags,
                    (uint32_t)snd->sb_sel.si_flags,
-                   rcv->sb_flags, snd->sb_flags));
+                   rcv->sb_flags, snd->sb_flags);
        } else {
-               SODEFUNCTLOG(("%s[%d]: (target pid %d level %d) so 0x%llx "
-                   "[%d,%d] is now defunct [rcv_si 0x%x, snd_si 0x%x, "
-                   "rcv_fl 0x%x, snd_fl 0x%x]\n", __func__, proc_selfpid(),
-                   proc_pid(p), level, (uint64_t)VM_KERNEL_ADDRPERM(so),
-                   SOCK_DOM(so), SOCK_TYPE(so), (uint32_t)rcv->sb_sel.si_flags,
+               SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s level %d) "
+                   "so 0x%llx [%d,%d] is now defunct [rcv_si 0x%x, "
+                   "snd_si 0x%x, rcv_fl 0x%x, snd_fl 0x%x]\n", __func__,
+                   proc_selfpid(), proc_best_name(current_proc()),
+                   proc_pid(p), proc_best_name(p), level,
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so),
+                   (uint32_t)rcv->sb_sel.si_flags,
                    (uint32_t)snd->sb_sel.si_flags, rcv->sb_flags,
-                   snd->sb_flags));
+                   snd->sb_flags);
        }
 
        /*
@@ -6020,7 +6984,7 @@ sodefunct(struct proc *p, struct socket *so, int level)
         * Explicitly handle connectionless-protocol disconnection
         * and release any remaining data in the socket buffers.
         */
-       if (!(so->so_flags & SS_ISDISCONNECTED))
+       if (!(so->so_state & SS_ISDISCONNECTED))
                (void) soisdisconnected(so);
 
        if (so->so_error == 0)
@@ -6037,11 +7001,207 @@ sodefunct(struct proc *p, struct socket *so, int level)
                sbrelease(snd);
        }
        so->so_state |= SS_DEFUNCT;
+       OSIncrementAtomicLong((volatile long *)&sodefunct_calls);
 
 done:
        return (0);
 }
 
+int
+soresume(struct proc *p, struct socket *so, int locked)
+{
+       if (locked == 0)
+               socket_lock(so, 1);
+
+       if (so->so_flags1 & SOF1_EXTEND_BK_IDLE_INPROG) {
+               SODEFUNCTLOG("%s[%d, %s]: (target pid %d name %s) so 0x%llx "
+                   "[%d,%d] resumed from bk idle\n",
+                   __func__, proc_selfpid(), proc_best_name(current_proc()),
+                   proc_pid(p), proc_best_name(p),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so));
+
+               so->so_flags1 &= ~SOF1_EXTEND_BK_IDLE_INPROG;
+               so->so_extended_bk_start = 0;
+               OSBitAndAtomic(~P_LXBKIDLEINPROG, &p->p_ladvflag);
+
+               OSIncrementAtomic(&soextbkidlestat.so_xbkidle_resumed);
+               OSDecrementAtomic(&soextbkidlestat.so_xbkidle_active);
+               VERIFY(soextbkidlestat.so_xbkidle_active >= 0);
+       }
+       if (locked == 0)
+               socket_unlock(so, 1);
+
+       return (0);
+}
+
+/*
+ * Does not attempt to account for sockets that are delegated from
+ * the current process
+ */
+int
+so_set_extended_bk_idle(struct socket *so, int optval)
+{
+       int error = 0;
+
+       if ((SOCK_DOM(so) != PF_INET && SOCK_DOM(so) != PF_INET6) ||
+           SOCK_PROTO(so) != IPPROTO_TCP) {
+               OSDecrementAtomic(&soextbkidlestat.so_xbkidle_notsupp);
+               error = EOPNOTSUPP;
+       } else if (optval == 0) {
+               so->so_flags1 &= ~SOF1_EXTEND_BK_IDLE_WANTED;
+
+               soresume(current_proc(), so, 1);
+       } else {
+               struct proc *p = current_proc();
+               int i;
+               struct filedesc *fdp;
+               int count = 0;
+
+               /*
+                * Unlock socket to avoid lock ordering issue with
+                * the proc fd table lock
+                */
+               socket_unlock(so, 0);
+
+               proc_fdlock(p);
+
+               fdp = p->p_fd;
+               for (i = 0; i < fdp->fd_nfiles; i++) {
+                       struct fileproc *fp = fdp->fd_ofiles[i];
+                       struct socket *so2;
+
+                       if (fp == NULL ||
+                           (fdp->fd_ofileflags[i] & UF_RESERVED) != 0 ||
+                           FILEGLOB_DTYPE(fp->f_fglob) != DTYPE_SOCKET)
+                               continue;
+
+                       so2 = (struct socket *)fp->f_fglob->fg_data;
+                       if (so != so2 &&
+                           so2->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED)
+                               count++;
+                       if (count >= soextbkidlestat.so_xbkidle_maxperproc)
+                               break;
+               }
+               proc_fdunlock(p);
+
+               socket_lock(so, 0);
+
+               if (count >= soextbkidlestat.so_xbkidle_maxperproc) {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_toomany);
+                       error = EBUSY;
+               } else if (so->so_flags & SOF_DELEGATED) {
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_nodlgtd);
+                       error = EBUSY;
+               } else {
+                       so->so_flags1 |= SOF1_EXTEND_BK_IDLE_WANTED;
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_wantok);
+               }
+               SODEFUNCTLOG("%s[%d, %s]: so 0x%llx [%d,%d] "
+                   "%s marked for extended bk idle\n",
+                   __func__, proc_selfpid(), proc_best_name(current_proc()),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so),
+                   (so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) ?
+                   "is" : "not");
+       }
+
+       return (error);
+}
+
+static void
+so_stop_extended_bk_idle(struct socket *so)
+{
+       so->so_flags1 &= ~SOF1_EXTEND_BK_IDLE_INPROG;
+       so->so_extended_bk_start = 0;
+
+       OSDecrementAtomic(&soextbkidlestat.so_xbkidle_active);
+       VERIFY(soextbkidlestat.so_xbkidle_active >= 0);
+       /*
+        * Force defunct
+        */
+       sosetdefunct(current_proc(), so,
+           SHUTDOWN_SOCKET_LEVEL_DISCONNECT_INTERNAL, FALSE);
+       if (so->so_flags & SOF_DEFUNCT) {
+               sodefunct(current_proc(), so,
+                   SHUTDOWN_SOCKET_LEVEL_DISCONNECT_INTERNAL);
+       }
+}
+
+void
+so_drain_extended_bk_idle(struct socket *so)
+{
+       if (so && (so->so_flags1 & SOF1_EXTEND_BK_IDLE_INPROG)) {
+               /*
+                * Only penalize sockets that have outstanding data
+                */
+               if (so->so_rcv.sb_cc || so->so_snd.sb_cc) {
+                       so_stop_extended_bk_idle(so);
+
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_drained);
+               }
+       }
+}
+
+/*
+ * Return values tells if socket is still in extended background idle
+ */
+int
+so_check_extended_bk_idle_time(struct socket *so)
+{
+       int ret = 1;
+
+       if ((so->so_flags1 & SOF1_EXTEND_BK_IDLE_INPROG)) {
+               SODEFUNCTLOG("%s[%d, %s]: so 0x%llx [%d,%d]\n",
+                   __func__, proc_selfpid(), proc_best_name(current_proc()),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so));
+               if (net_uptime() - so->so_extended_bk_start >
+                   soextbkidlestat.so_xbkidle_time) {
+                       so_stop_extended_bk_idle(so);
+
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_expired);
+
+                       ret = 0;
+               } else {
+                       struct inpcb *inp = (struct inpcb *)so->so_pcb;
+
+                       inpcb_timer_sched(inp->inp_pcbinfo, INPCB_TIMER_LAZY);
+                       OSIncrementAtomic(&soextbkidlestat.so_xbkidle_resched);
+               }
+       }
+
+       return (ret);
+}
+
+void
+resume_proc_sockets(proc_t p)
+{
+       if (p->p_ladvflag & P_LXBKIDLEINPROG) {
+               struct filedesc *fdp;
+               int i;
+
+               proc_fdlock(p);
+               fdp = p->p_fd;
+               for (i = 0; i < fdp->fd_nfiles; i++) {
+                       struct fileproc *fp;
+                       struct socket *so;
+
+                       fp = fdp->fd_ofiles[i];
+                       if (fp == NULL ||
+                           (fdp->fd_ofileflags[i] & UF_RESERVED) != 0 ||
+                           FILEGLOB_DTYPE(fp->f_fglob) != DTYPE_SOCKET)
+                               continue;
+
+                       so = (struct socket *)fp->f_fglob->fg_data;
+                       (void) soresume(p, so, 0);
+               }
+               proc_fdunlock(p);
+
+               OSBitAndAtomic(~P_LXBKIDLEINPROG, &p->p_ladvflag);
+       }
+}
+
 __private_extern__ int
 so_set_recv_anyif(struct socket *so, int optval)
 {
@@ -6058,6 +7218,7 @@ so_set_recv_anyif(struct socket *so, int optval)
                        sotoinpcb(so)->inp_flags &= ~INP_RECV_ANYIF;
        }
 
+
        return (ret);
 }
 
@@ -6099,7 +7260,7 @@ so_set_restrictions(struct socket *so, uint32_t vals)
        nocell_old = (so->so_restrictions & SO_RESTRICT_DENY_CELLULAR);
        noexpensive_old = (so->so_restrictions & SO_RESTRICT_DENY_EXPENSIVE);
        so->so_restrictions |= (vals & (SO_RESTRICT_DENY_IN |
-           SO_RESTRICT_DENY_OUT | SO_RESTRICT_DENY_CELLULAR | 
+           SO_RESTRICT_DENY_OUT | SO_RESTRICT_DENY_CELLULAR |
            SO_RESTRICT_DENY_EXPENSIVE));
        nocell_new = (so->so_restrictions & SO_RESTRICT_DENY_CELLULAR);
        noexpensive_new = (so->so_restrictions & SO_RESTRICT_DENY_EXPENSIVE);
@@ -6114,7 +7275,10 @@ so_set_restrictions(struct socket *so, uint32_t vals)
        if (SOCK_DOM(so) == PF_INET) {
 #endif /* !INET6 */
                if (nocell_new - nocell_old != 0) {
-                       /* if deny cellular is now set, do what's needed for INPCB */
+                       /*
+                        * if deny cellular is now set, do what's needed
+                        * for INPCB
+                        */
                        inp_set_nocellular(sotoinpcb(so));
                }
                if (noexpensive_new - noexpensive_old != 0) {
@@ -6122,6 +7286,9 @@ so_set_restrictions(struct socket *so, uint32_t vals)
                }
        }
 
+       if (SOCK_DOM(so) == PF_MULTIPATH)
+               mptcp_set_restrictions(so);
+
        return (0);
 }
 
@@ -6129,129 +7296,10 @@ uint32_t
 so_get_restrictions(struct socket *so)
 {
        return (so->so_restrictions & (SO_RESTRICT_DENY_IN |
-           SO_RESTRICT_DENY_OUT | 
+           SO_RESTRICT_DENY_OUT |
            SO_RESTRICT_DENY_CELLULAR | SO_RESTRICT_DENY_EXPENSIVE));
 }
 
-struct sockaddr_entry *
-sockaddrentry_alloc(int how)
-{
-       struct sockaddr_entry *se;
-
-       se = (how == M_WAITOK) ? zalloc(se_zone) : zalloc_noblock(se_zone);
-       if (se != NULL)
-               bzero(se, se_zone_size);
-
-       return (se);
-}
-
-void
-sockaddrentry_free(struct sockaddr_entry *se)
-{
-       if (se->se_addr != NULL) {
-               FREE(se->se_addr, M_SONAME);
-               se->se_addr = NULL;
-       }
-       zfree(se_zone, se);
-}
-
-struct sockaddr_entry *
-sockaddrentry_dup(const struct sockaddr_entry *src_se, int how)
-{
-       struct sockaddr_entry *dst_se;
-
-       dst_se = sockaddrentry_alloc(how);
-       if (dst_se != NULL) {
-               int len = src_se->se_addr->sa_len;
-
-               MALLOC(dst_se->se_addr, struct sockaddr *,
-                   len, M_SONAME, how | M_ZERO);
-               if (dst_se->se_addr != NULL) {
-                       bcopy(src_se->se_addr, dst_se->se_addr, len);
-               } else {
-                       sockaddrentry_free(dst_se);
-                       dst_se = NULL;
-               }
-       }
-
-       return (dst_se);
-}
-
-struct sockaddr_list *
-sockaddrlist_alloc(int how)
-{
-       struct sockaddr_list *sl;
-
-       sl = (how == M_WAITOK) ? zalloc(sl_zone) : zalloc_noblock(sl_zone);
-       if (sl != NULL) {
-               bzero(sl, sl_zone_size);
-               TAILQ_INIT(&sl->sl_head);
-       }
-       return (sl);
-}
-
-void
-sockaddrlist_free(struct sockaddr_list *sl)
-{
-       struct sockaddr_entry *se, *tse;
-
-       TAILQ_FOREACH_SAFE(se, &sl->sl_head, se_link, tse) {
-               sockaddrlist_remove(sl, se);
-               sockaddrentry_free(se);
-       }
-       VERIFY(sl->sl_cnt == 0 && TAILQ_EMPTY(&sl->sl_head));
-       zfree(sl_zone, sl);
-}
-
-void
-sockaddrlist_insert(struct sockaddr_list *sl, struct sockaddr_entry *se)
-{
-       VERIFY(!(se->se_flags & SEF_ATTACHED));
-       se->se_flags |= SEF_ATTACHED;
-       TAILQ_INSERT_TAIL(&sl->sl_head, se, se_link);
-       sl->sl_cnt++;
-       VERIFY(sl->sl_cnt != 0);
-}
-
-void
-sockaddrlist_remove(struct sockaddr_list *sl, struct sockaddr_entry *se)
-{
-       VERIFY(se->se_flags & SEF_ATTACHED);
-       se->se_flags &= ~SEF_ATTACHED;
-       VERIFY(sl->sl_cnt != 0);
-       sl->sl_cnt--;
-       TAILQ_REMOVE(&sl->sl_head, se, se_link);
-}
-
-struct sockaddr_list *
-sockaddrlist_dup(const struct sockaddr_list *src_sl, int how)
-{
-       struct sockaddr_entry *src_se, *tse;
-       struct sockaddr_list *dst_sl;
-
-       dst_sl = sockaddrlist_alloc(how);
-       if (dst_sl == NULL)
-               return (NULL);
-
-       TAILQ_FOREACH_SAFE(src_se, &src_sl->sl_head, se_link, tse) {
-               struct sockaddr_entry *dst_se;
-
-               if (src_se->se_addr == NULL)
-                       continue;
-
-               dst_se = sockaddrentry_dup(src_se, how);
-               if (dst_se == NULL) {
-                       sockaddrlist_free(dst_sl);
-                       return (NULL);
-               }
-
-               sockaddrlist_insert(dst_sl, dst_se);
-       }
-       VERIFY(src_sl->sl_cnt == dst_sl->sl_cnt);
-
-       return (dst_sl);
-}
-
 int
 so_set_effective_pid(struct socket *so, int epid, struct proc *p)
 {
@@ -6322,14 +7370,16 @@ done:
                uuid_unparse(so->e_uuid, buf);
                log(LOG_DEBUG, "%s[%s,%d]: so 0x%llx [%d,%d] epid %d (%s) "
                    "euuid %s%s\n", __func__, proc_name_address(p),
-                   proc_pid(p), (uint64_t)VM_KERNEL_ADDRPERM(so), SOCK_DOM(so),
-                   SOCK_TYPE(so), so->e_pid, proc_name_address(ep), buf,
+                   proc_pid(p), (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so),
+                   so->e_pid, proc_name_address(ep), buf,
                    ((so->so_flags & SOF_DELEGATED) ? " [delegated]" : ""));
        } else if (error != 0 && net_io_policy_log) {
                log(LOG_ERR, "%s[%s,%d]: so 0x%llx [%d,%d] epid %d (%s) "
                    "ERROR (%d)\n", __func__, proc_name_address(p),
-                   proc_pid(p), (uint64_t)VM_KERNEL_ADDRPERM(so), SOCK_DOM(so),
-                   SOCK_TYPE(so), epid, (ep == PROC_NULL) ? "PROC_NULL" :
+                   proc_pid(p), (uint64_t)DEBUG_KERNEL_ADDRPERM(so),
+                   SOCK_DOM(so), SOCK_TYPE(so),
+                   epid, (ep == PROC_NULL) ? "PROC_NULL" :
                    proc_name_address(ep), error);
        }
 
@@ -6358,7 +7408,7 @@ so_set_effective_uuid(struct socket *so, uuid_t euuid, struct proc *p)
        /* UUID must not be all-zeroes (reserved for kernel) */
        if (uuid_is_null(euuid)) {
                error = EINVAL;
-               goto done;;
+               goto done;
        }
 
        /*
@@ -6422,14 +7472,14 @@ done:
                uuid_unparse(so->e_uuid, buf);
                log(LOG_DEBUG, "%s[%s,%d]: so 0x%llx [%d,%d] epid %d "
                    "euuid %s%s\n", __func__, proc_name_address(p), proc_pid(p),
-                   (uint64_t)VM_KERNEL_ADDRPERM(so), SOCK_DOM(so),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so), SOCK_DOM(so),
                    SOCK_TYPE(so), so->e_pid, buf,
                    ((so->so_flags & SOF_DELEGATED) ? " [delegated]" : ""));
        } else if (error != 0 && net_io_policy_log) {
                uuid_unparse(euuid, buf);
                log(LOG_DEBUG, "%s[%s,%d]: so 0x%llx [%d,%d] euuid %s "
                    "ERROR (%d)\n", __func__, proc_name_address(p), proc_pid(p),
-                   (uint64_t)VM_KERNEL_ADDRPERM(so), SOCK_DOM(so),
+                   (uint64_t)DEBUG_KERNEL_ADDRPERM(so), SOCK_DOM(so),
                    SOCK_TYPE(so), buf, error);
        }
 
@@ -6471,7 +7521,7 @@ netpolicy_post_msg(uint32_t ev_code, struct netpolicy_event_data *ev_data,
 }
 
 void
-socket_post_kev_msg(uint32_t ev_code, 
+socket_post_kev_msg(uint32_t ev_code,
     struct kev_socket_event_data *ev_data,
     uint32_t ev_datalen)
 {
@@ -6508,7 +7558,7 @@ socket_post_kev_msg_closed(struct socket *so)
                            min(peersa->sa_len,
                            sizeof (ev.ev_data.kev_peername)));
                        socket_post_kev_msg(KEV_SOCKET_CLOSED,
-                           &ev.ev_data, sizeof (ev));  
+                           &ev.ev_data, sizeof (ev));
                }
        }
        if (socksa != NULL)