2 * Copyright (c) 1982, 1986, 1989, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
5 * sendfile(2) and related extensions:
6 * Copyright (c) 1998, David Greenman. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
38 #include "opt_capsicum.h"
40 #include "opt_inet6.h"
42 #include "opt_compat.h"
43 #include "opt_ktrace.h"
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/capability.h>
48 #include <sys/kernel.h>
50 #include <sys/mutex.h>
51 #include <sys/sysproto.h>
52 #include <sys/malloc.h>
53 #include <sys/filedesc.h>
54 #include <sys/event.h>
56 #include <sys/fcntl.h>
58 #include <sys/filio.h>
60 #include <sys/mount.h>
62 #include <sys/protosw.h>
63 #include <sys/sf_buf.h>
64 #include <sys/sysent.h>
65 #include <sys/socket.h>
66 #include <sys/socketvar.h>
67 #include <sys/signalvar.h>
68 #include <sys/syscallsubr.h>
69 #include <sys/sysctl.h>
71 #include <sys/vnode.h>
73 #include <sys/ktrace.h>
75 #ifdef COMPAT_FREEBSD32
76 #include <compat/freebsd32/freebsd32_util.h>
81 #include <security/audit/audit.h>
82 #include <security/mac/mac_framework.h>
85 #include <vm/vm_param.h>
86 #include <vm/vm_object.h>
87 #include <vm/vm_page.h>
88 #include <vm/vm_pageout.h>
89 #include <vm/vm_kern.h>
90 #include <vm/vm_extern.h>
92 #if defined(INET) || defined(INET6)
94 #include <netinet/sctp.h>
95 #include <netinet/sctp_peeloff.h>
97 #endif /* INET || INET6 */
100 * Creation flags, OR'ed into socket() and socketpair() type argument.
101 * For stable/9, these are supported but not exposed in the header file.
103 #define SOCK_CLOEXEC 0x10000000
104 #define SOCK_NONBLOCK 0x20000000
106 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags);
107 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp);
109 static int accept1(struct thread *td, struct accept_args *uap, int compat);
110 static int do_sendfile(struct thread *td, struct sendfile_args *uap, int compat);
111 static int getsockname1(struct thread *td, struct getsockname_args *uap,
113 static int getpeername1(struct thread *td, struct getpeername_args *uap,
117 * NSFBUFS-related variables and associated sysctls
123 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0,
124 "Maximum number of sendfile(2) sf_bufs available");
125 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufspeak, CTLFLAG_RD, &nsfbufspeak, 0,
126 "Number of sendfile(2) sf_bufs at peak usage");
127 SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufsused, CTLFLAG_RD, &nsfbufsused, 0,
128 "Number of sendfile(2) sf_bufs in use");
131 * Convert a user file descriptor to a kernel file entry and check that, if
132 * it is a capability, the right rights are present. A reference on the file
133 * entry is held upon returning.
136 getsock_cap(struct filedesc *fdp, int fd, cap_rights_t rights,
137 struct file **fpp, u_int *fflagp)
141 struct file *fp_fromcap;
146 if ((fdp == NULL) || ((fp = fget_unlocked(fdp, fd)) == NULL))
150 * If the file descriptor is for a capability, test rights and use
151 * the file descriptor referenced by the capability.
153 error = cap_funwrap(fp, rights, &fp_fromcap);
155 fdrop(fp, curthread);
158 if (fp != fp_fromcap) {
160 fdrop(fp, curthread);
163 #endif /* CAPABILITIES */
164 if (fp->f_type != DTYPE_SOCKET) {
165 fdrop(fp, curthread);
169 *fflagp = fp->f_flag;
175 * System call interface to the socket abstraction.
177 #if defined(COMPAT_43)
178 #define COMPAT_OLDSOCK
184 struct socket_args /* {
190 struct filedesc *fdp;
193 int fd, error, type, oflag, fflag;
195 AUDIT_ARG_SOCKET(uap->domain, uap->type, uap->protocol);
200 if ((type & SOCK_CLOEXEC) != 0) {
201 type &= ~SOCK_CLOEXEC;
204 if ((type & SOCK_NONBLOCK) != 0) {
205 type &= ~SOCK_NONBLOCK;
210 error = mac_socket_check_create(td->td_ucred, uap->domain, type,
215 fdp = td->td_proc->p_fd;
216 error = falloc(td, &fp, &fd, oflag);
219 /* An extra reference on `fp' has been held for us by falloc(). */
220 error = socreate(uap->domain, &so, type, uap->protocol,
223 fdclose(fdp, fp, fd, td);
225 finit(fp, FREAD | FWRITE | fflag, DTYPE_SOCKET, so, &socketops);
226 if ((fflag & FNONBLOCK) != 0)
227 (void) fo_ioctl(fp, FIONBIO, &fflag, td->td_ucred, td);
228 td->td_retval[0] = fd;
238 struct bind_args /* {
247 if ((error = getsockaddr(&sa, uap->name, uap->namelen)) != 0)
250 error = kern_bind(td, uap->s, sa);
256 kern_bind(td, fd, sa)
266 error = getsock_cap(td->td_proc->p_fd, fd, CAP_BIND, &fp, NULL);
271 if (KTRPOINT(td, KTR_STRUCT))
275 error = mac_socket_check_bind(td->td_ucred, so, sa);
278 error = sobind(so, sa, td);
287 struct listen_args /* {
296 AUDIT_ARG_FD(uap->s);
297 error = getsock_cap(td->td_proc->p_fd, uap->s, CAP_LISTEN, &fp, NULL);
301 error = mac_socket_check_listen(td->td_ucred, so);
304 error = solisten(so, uap->backlog, td);
314 accept1(td, uap, compat)
316 struct accept_args /* {
318 struct sockaddr * __restrict name;
319 socklen_t * __restrict anamelen;
323 struct sockaddr *name;
328 if (uap->name == NULL)
329 return (kern_accept(td, uap->s, NULL, NULL, NULL));
331 error = copyin(uap->anamelen, &namelen, sizeof (namelen));
335 error = kern_accept(td, uap->s, &name, &namelen, &fp);
338 * return a namelen of zero for older code which might
339 * ignore the return value from accept.
342 (void) copyout(&namelen,
343 uap->anamelen, sizeof(*uap->anamelen));
347 if (error == 0 && name != NULL) {
348 #ifdef COMPAT_OLDSOCK
350 ((struct osockaddr *)name)->sa_family =
353 error = copyout(name, uap->name, namelen);
356 error = copyout(&namelen, uap->anamelen,
359 fdclose(td->td_proc->p_fd, fp, td->td_retval[0], td);
361 free(name, M_SONAME);
366 kern_accept(struct thread *td, int s, struct sockaddr **name,
367 socklen_t *namelen, struct file **fp)
369 struct filedesc *fdp;
370 struct file *headfp, *nfp = NULL;
371 struct sockaddr *sa = NULL;
373 struct socket *head, *so;
386 fdp = td->td_proc->p_fd;
387 error = getsock_cap(fdp, s, CAP_ACCEPT, &headfp, &fflag);
390 head = headfp->f_data;
391 if ((head->so_options & SO_ACCEPTCONN) == 0) {
396 error = mac_socket_check_accept(td->td_ucred, head);
400 error = falloc(td, &nfp, &fd, 0);
404 if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) {
409 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) {
410 if (head->so_rcv.sb_state & SBS_CANTRCVMORE) {
411 head->so_error = ECONNABORTED;
414 error = msleep(&head->so_timeo, &accept_mtx, PSOCK | PCATCH,
421 if (head->so_error) {
422 error = head->so_error;
427 so = TAILQ_FIRST(&head->so_comp);
428 KASSERT(!(so->so_qstate & SQ_INCOMP), ("accept1: so SQ_INCOMP"));
429 KASSERT(so->so_qstate & SQ_COMP, ("accept1: so not SQ_COMP"));
432 * Before changing the flags on the socket, we have to bump the
433 * reference count. Otherwise, if the protocol calls sofree(),
434 * the socket will be released due to a zero refcount.
436 SOCK_LOCK(so); /* soref() and so_state update */
437 soref(so); /* file descriptor reference */
439 TAILQ_REMOVE(&head->so_comp, so, so_list);
441 so->so_state |= (head->so_state & SS_NBIO);
442 so->so_qstate &= ~SQ_COMP;
448 /* An extra reference on `nfp' has been held for us by falloc(). */
449 td->td_retval[0] = fd;
451 /* connection has been removed from the listen queue */
452 KNOTE_UNLOCKED(&head->so_rcv.sb_sel.si_note, 0);
454 pgid = fgetown(&head->so_sigio);
456 fsetown(pgid, &so->so_sigio);
458 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops);
459 /* Sync socket nonblocking/async state with file flags */
460 tmp = fflag & FNONBLOCK;
461 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td);
462 tmp = fflag & FASYNC;
463 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td);
465 error = soaccept(so, &sa);
468 * return a namelen of zero for older code which might
469 * ignore the return value from accept.
481 /* check sa_len before it is destroyed */
482 if (*namelen > sa->sa_len)
483 *namelen = sa->sa_len;
485 if (KTRPOINT(td, KTR_STRUCT))
496 * close the new descriptor, assuming someone hasn't ripped it
500 fdclose(fdp, nfp, fd, td);
503 * Release explicitly held references before returning. We return
504 * a reference on nfp to the caller on success if they request it.
523 struct accept_args *uap;
526 return (accept1(td, uap, 0));
529 #ifdef COMPAT_OLDSOCK
533 struct accept_args *uap;
536 return (accept1(td, uap, 1));
538 #endif /* COMPAT_OLDSOCK */
544 struct connect_args /* {
553 error = getsockaddr(&sa, uap->name, uap->namelen);
557 error = kern_connect(td, uap->s, sa);
564 kern_connect(td, fd, sa)
575 error = getsock_cap(td->td_proc->p_fd, fd, CAP_CONNECT, &fp, NULL);
579 if (so->so_state & SS_ISCONNECTING) {
584 if (KTRPOINT(td, KTR_STRUCT))
588 error = mac_socket_check_connect(td->td_ucred, so, sa);
592 error = soconnect(so, sa, td);
595 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
600 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
601 error = msleep(&so->so_timeo, SOCK_MTX(so), PSOCK | PCATCH,
604 if (error == EINTR || error == ERESTART)
610 error = so->so_error;
616 so->so_state &= ~SS_ISCONNECTING;
617 if (error == ERESTART)
625 kern_socketpair(struct thread *td, int domain, int type, int protocol,
628 struct filedesc *fdp = td->td_proc->p_fd;
629 struct file *fp1, *fp2;
630 struct socket *so1, *so2;
631 int fd, error, oflag, fflag;
633 AUDIT_ARG_SOCKET(domain, type, protocol);
637 if ((type & SOCK_CLOEXEC) != 0) {
638 type &= ~SOCK_CLOEXEC;
641 if ((type & SOCK_NONBLOCK) != 0) {
642 type &= ~SOCK_NONBLOCK;
646 /* We might want to have a separate check for socket pairs. */
647 error = mac_socket_check_create(td->td_ucred, domain, type,
652 error = socreate(domain, &so1, type, protocol, td->td_ucred, td);
655 error = socreate(domain, &so2, type, protocol, td->td_ucred, td);
658 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */
659 error = falloc(td, &fp1, &fd, oflag);
663 fp1->f_data = so1; /* so1 already has ref count */
664 error = falloc(td, &fp2, &fd, oflag);
667 fp2->f_data = so2; /* so2 already has ref count */
669 error = soconnect2(so1, so2);
672 if (type == SOCK_DGRAM) {
674 * Datagram socket connection is asymmetric.
676 error = soconnect2(so2, so1);
680 finit(fp1, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp1->f_data,
682 finit(fp2, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp2->f_data,
684 if ((fflag & FNONBLOCK) != 0) {
685 (void) fo_ioctl(fp1, FIONBIO, &fflag, td->td_ucred, td);
686 (void) fo_ioctl(fp2, FIONBIO, &fflag, td->td_ucred, td);
692 fdclose(fdp, fp2, rsv[1], td);
695 fdclose(fdp, fp1, rsv[0], td);
707 sys_socketpair(struct thread *td, struct socketpair_args *uap)
711 error = kern_socketpair(td, uap->domain, uap->type,
715 error = copyout(sv, uap->rsv, 2 * sizeof(int));
717 (void)kern_close(td, sv[0]);
718 (void)kern_close(td, sv[1]);
724 sendit(td, s, mp, flags)
730 struct mbuf *control;
734 #ifdef CAPABILITY_MODE
735 if (IN_CAPABILITY_MODE(td) && (mp->msg_name != NULL))
739 if (mp->msg_name != NULL) {
740 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen);
750 if (mp->msg_control) {
751 if (mp->msg_controllen < sizeof(struct cmsghdr)
752 #ifdef COMPAT_OLDSOCK
753 && mp->msg_flags != MSG_COMPAT
759 error = sockargs(&control, mp->msg_control,
760 mp->msg_controllen, MT_CONTROL);
763 #ifdef COMPAT_OLDSOCK
764 if (mp->msg_flags == MSG_COMPAT) {
767 M_PREPEND(control, sizeof(*cm), M_WAIT);
768 cm = mtod(control, struct cmsghdr *);
769 cm->cmsg_len = control->m_len;
770 cm->cmsg_level = SOL_SOCKET;
771 cm->cmsg_type = SCM_RIGHTS;
778 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE);
787 kern_sendit(td, s, mp, flags, control, segflg)
792 struct mbuf *control;
803 struct uio *ktruio = NULL;
808 if (mp->msg_name != NULL)
809 rights |= CAP_CONNECT;
810 error = getsock_cap(td->td_proc->p_fd, s, rights, &fp, NULL);
813 so = (struct socket *)fp->f_data;
816 if (mp->msg_name != NULL && KTRPOINT(td, KTR_STRUCT))
817 ktrsockaddr(mp->msg_name);
820 if (mp->msg_name != NULL) {
821 error = mac_socket_check_connect(td->td_ucred, so,
826 error = mac_socket_check_send(td->td_ucred, so);
831 auio.uio_iov = mp->msg_iov;
832 auio.uio_iovcnt = mp->msg_iovlen;
833 auio.uio_segflg = segflg;
834 auio.uio_rw = UIO_WRITE;
836 auio.uio_offset = 0; /* XXX */
839 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
840 if ((auio.uio_resid += iov->iov_len) < 0) {
846 if (KTRPOINT(td, KTR_GENIO))
847 ktruio = cloneuio(&auio);
849 len = auio.uio_resid;
850 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td);
852 if (auio.uio_resid != len && (error == ERESTART ||
853 error == EINTR || error == EWOULDBLOCK))
855 /* Generation of SIGPIPE can be controlled per socket */
856 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
857 !(flags & MSG_NOSIGNAL)) {
858 PROC_LOCK(td->td_proc);
859 tdsignal(td, SIGPIPE);
860 PROC_UNLOCK(td->td_proc);
864 td->td_retval[0] = len - auio.uio_resid;
866 if (ktruio != NULL) {
867 ktruio->uio_resid = td->td_retval[0];
868 ktrgenio(s, UIO_WRITE, ktruio, error);
879 struct sendto_args /* {
892 msg.msg_name = uap->to;
893 msg.msg_namelen = uap->tolen;
897 #ifdef COMPAT_OLDSOCK
900 aiov.iov_base = uap->buf;
901 aiov.iov_len = uap->len;
902 error = sendit(td, uap->s, &msg, uap->flags);
906 #ifdef COMPAT_OLDSOCK
910 struct osend_args /* {
925 aiov.iov_base = uap->buf;
926 aiov.iov_len = uap->len;
929 error = sendit(td, uap->s, &msg, uap->flags);
936 struct osendmsg_args /* {
946 error = copyin(uap->msg, &msg, sizeof (struct omsghdr));
949 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
953 msg.msg_flags = MSG_COMPAT;
954 error = sendit(td, uap->s, &msg, uap->flags);
963 struct sendmsg_args /* {
973 error = copyin(uap->msg, &msg, sizeof (msg));
976 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
980 #ifdef COMPAT_OLDSOCK
983 error = sendit(td, uap->s, &msg, uap->flags);
989 kern_recvit(td, s, mp, fromseg, controlp)
993 enum uio_seg fromseg;
994 struct mbuf **controlp;
1001 struct mbuf *m, *control = 0;
1005 struct sockaddr *fromsa = 0;
1007 struct uio *ktruio = NULL;
1010 if (controlp != NULL)
1014 error = getsock_cap(td->td_proc->p_fd, s, CAP_READ, &fp, NULL);
1020 error = mac_socket_check_receive(td->td_ucred, so);
1027 auio.uio_iov = mp->msg_iov;
1028 auio.uio_iovcnt = mp->msg_iovlen;
1029 auio.uio_segflg = UIO_USERSPACE;
1030 auio.uio_rw = UIO_READ;
1032 auio.uio_offset = 0; /* XXX */
1035 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
1036 if ((auio.uio_resid += iov->iov_len) < 0) {
1042 if (KTRPOINT(td, KTR_GENIO))
1043 ktruio = cloneuio(&auio);
1045 len = auio.uio_resid;
1046 error = soreceive(so, &fromsa, &auio, (struct mbuf **)0,
1047 (mp->msg_control || controlp) ? &control : (struct mbuf **)0,
1050 if (auio.uio_resid != len && (error == ERESTART ||
1051 error == EINTR || error == EWOULDBLOCK))
1055 if (ktruio != NULL) {
1056 ktruio->uio_resid = len - auio.uio_resid;
1057 ktrgenio(s, UIO_READ, ktruio, error);
1062 td->td_retval[0] = len - auio.uio_resid;
1064 len = mp->msg_namelen;
1065 if (len <= 0 || fromsa == 0)
1068 /* save sa_len before it is destroyed by MSG_COMPAT */
1069 len = MIN(len, fromsa->sa_len);
1070 #ifdef COMPAT_OLDSOCK
1071 if (mp->msg_flags & MSG_COMPAT)
1072 ((struct osockaddr *)fromsa)->sa_family =
1075 if (fromseg == UIO_USERSPACE) {
1076 error = copyout(fromsa, mp->msg_name,
1081 bcopy(fromsa, mp->msg_name, len);
1083 mp->msg_namelen = len;
1085 if (mp->msg_control && controlp == NULL) {
1086 #ifdef COMPAT_OLDSOCK
1088 * We assume that old recvmsg calls won't receive access
1089 * rights and other control info, esp. as control info
1090 * is always optional and those options didn't exist in 4.3.
1091 * If we receive rights, trim the cmsghdr; anything else
1094 if (control && mp->msg_flags & MSG_COMPAT) {
1095 if (mtod(control, struct cmsghdr *)->cmsg_level !=
1097 mtod(control, struct cmsghdr *)->cmsg_type !=
1099 mp->msg_controllen = 0;
1102 control->m_len -= sizeof (struct cmsghdr);
1103 control->m_data += sizeof (struct cmsghdr);
1106 len = mp->msg_controllen;
1108 mp->msg_controllen = 0;
1109 ctlbuf = mp->msg_control;
1111 while (m && len > 0) {
1112 unsigned int tocopy;
1114 if (len >= m->m_len)
1117 mp->msg_flags |= MSG_CTRUNC;
1121 if ((error = copyout(mtod(m, caddr_t),
1122 ctlbuf, tocopy)) != 0)
1129 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control;
1134 if (fromsa && KTRPOINT(td, KTR_STRUCT))
1135 ktrsockaddr(fromsa);
1138 free(fromsa, M_SONAME);
1140 if (error == 0 && controlp != NULL)
1141 *controlp = control;
1149 recvit(td, s, mp, namelenp)
1157 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL);
1161 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t));
1162 #ifdef COMPAT_OLDSOCK
1163 if (mp->msg_flags & MSG_COMPAT)
1164 error = 0; /* old recvfrom didn't check */
1171 sys_recvfrom(td, uap)
1173 struct recvfrom_args /* {
1178 struct sockaddr * __restrict from;
1179 socklen_t * __restrict fromlenaddr;
1186 if (uap->fromlenaddr) {
1187 error = copyin(uap->fromlenaddr,
1188 &msg.msg_namelen, sizeof (msg.msg_namelen));
1192 msg.msg_namelen = 0;
1194 msg.msg_name = uap->from;
1195 msg.msg_iov = &aiov;
1197 aiov.iov_base = uap->buf;
1198 aiov.iov_len = uap->len;
1199 msg.msg_control = 0;
1200 msg.msg_flags = uap->flags;
1201 error = recvit(td, uap->s, &msg, uap->fromlenaddr);
1206 #ifdef COMPAT_OLDSOCK
1210 struct recvfrom_args *uap;
1213 uap->flags |= MSG_COMPAT;
1214 return (sys_recvfrom(td, uap));
1218 #ifdef COMPAT_OLDSOCK
1222 struct orecv_args /* {
1234 msg.msg_namelen = 0;
1235 msg.msg_iov = &aiov;
1237 aiov.iov_base = uap->buf;
1238 aiov.iov_len = uap->len;
1239 msg.msg_control = 0;
1240 msg.msg_flags = uap->flags;
1241 error = recvit(td, uap->s, &msg, NULL);
1246 * Old recvmsg. This code takes advantage of the fact that the old msghdr
1247 * overlays the new one, missing only the flags, and with the (old) access
1248 * rights where the control fields are now.
1253 struct orecvmsg_args /* {
1255 struct omsghdr *msg;
1263 error = copyin(uap->msg, &msg, sizeof (struct omsghdr));
1266 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1269 msg.msg_flags = uap->flags | MSG_COMPAT;
1271 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen);
1272 if (msg.msg_controllen && error == 0)
1273 error = copyout(&msg.msg_controllen,
1274 &uap->msg->msg_accrightslen, sizeof (int));
1281 sys_recvmsg(td, uap)
1283 struct recvmsg_args /* {
1290 struct iovec *uiov, *iov;
1293 error = copyin(uap->msg, &msg, sizeof (msg));
1296 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1299 msg.msg_flags = uap->flags;
1300 #ifdef COMPAT_OLDSOCK
1301 msg.msg_flags &= ~MSG_COMPAT;
1305 error = recvit(td, uap->s, &msg, NULL);
1308 error = copyout(&msg, uap->msg, sizeof(msg));
1316 sys_shutdown(td, uap)
1318 struct shutdown_args /* {
1327 AUDIT_ARG_FD(uap->s);
1328 error = getsock_cap(td->td_proc->p_fd, uap->s, CAP_SHUTDOWN, &fp,
1332 error = soshutdown(so, uap->how);
1340 sys_setsockopt(td, uap)
1342 struct setsockopt_args /* {
1351 return (kern_setsockopt(td, uap->s, uap->level, uap->name,
1352 uap->val, UIO_USERSPACE, uap->valsize));
1356 kern_setsockopt(td, s, level, name, val, valseg, valsize)
1362 enum uio_seg valseg;
1368 struct sockopt sopt;
1370 if (val == NULL && valsize != 0)
1372 if ((int)valsize < 0)
1375 sopt.sopt_dir = SOPT_SET;
1376 sopt.sopt_level = level;
1377 sopt.sopt_name = name;
1378 sopt.sopt_val = val;
1379 sopt.sopt_valsize = valsize;
1385 sopt.sopt_td = NULL;
1388 panic("kern_setsockopt called with bad valseg");
1392 error = getsock_cap(td->td_proc->p_fd, s, CAP_SETSOCKOPT, &fp, NULL);
1395 error = sosetopt(so, &sopt);
1403 sys_getsockopt(td, uap)
1405 struct getsockopt_args /* {
1409 void * __restrict val;
1410 socklen_t * __restrict avalsize;
1417 error = copyin(uap->avalsize, &valsize, sizeof (valsize));
1422 error = kern_getsockopt(td, uap->s, uap->level, uap->name,
1423 uap->val, UIO_USERSPACE, &valsize);
1426 error = copyout(&valsize, uap->avalsize, sizeof (valsize));
1431 * Kernel version of getsockopt.
1432 * optval can be a userland or userspace. optlen is always a kernel pointer.
1435 kern_getsockopt(td, s, level, name, val, valseg, valsize)
1441 enum uio_seg valseg;
1447 struct sockopt sopt;
1451 if ((int)*valsize < 0)
1454 sopt.sopt_dir = SOPT_GET;
1455 sopt.sopt_level = level;
1456 sopt.sopt_name = name;
1457 sopt.sopt_val = val;
1458 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */
1464 sopt.sopt_td = NULL;
1467 panic("kern_getsockopt called with bad valseg");
1471 error = getsock_cap(td->td_proc->p_fd, s, CAP_GETSOCKOPT, &fp, NULL);
1474 error = sogetopt(so, &sopt);
1475 *valsize = sopt.sopt_valsize;
1482 * getsockname1() - Get socket name.
1486 getsockname1(td, uap, compat)
1488 struct getsockname_args /* {
1490 struct sockaddr * __restrict asa;
1491 socklen_t * __restrict alen;
1495 struct sockaddr *sa;
1499 error = copyin(uap->alen, &len, sizeof(len));
1503 error = kern_getsockname(td, uap->fdes, &sa, &len);
1508 #ifdef COMPAT_OLDSOCK
1510 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1512 error = copyout(sa, uap->asa, (u_int)len);
1516 error = copyout(&len, uap->alen, sizeof(len));
1521 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa,
1533 error = getsock_cap(td->td_proc->p_fd, fd, CAP_GETSOCKNAME, &fp, NULL);
1538 CURVNET_SET(so->so_vnet);
1539 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, sa);
1546 len = MIN(*alen, (*sa)->sa_len);
1549 if (KTRPOINT(td, KTR_STRUCT))
1555 free(*sa, M_SONAME);
1562 sys_getsockname(td, uap)
1564 struct getsockname_args *uap;
1567 return (getsockname1(td, uap, 0));
1570 #ifdef COMPAT_OLDSOCK
1572 ogetsockname(td, uap)
1574 struct getsockname_args *uap;
1577 return (getsockname1(td, uap, 1));
1579 #endif /* COMPAT_OLDSOCK */
1582 * getpeername1() - Get name of peer for connected socket.
1586 getpeername1(td, uap, compat)
1588 struct getpeername_args /* {
1590 struct sockaddr * __restrict asa;
1591 socklen_t * __restrict alen;
1595 struct sockaddr *sa;
1599 error = copyin(uap->alen, &len, sizeof (len));
1603 error = kern_getpeername(td, uap->fdes, &sa, &len);
1608 #ifdef COMPAT_OLDSOCK
1610 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1612 error = copyout(sa, uap->asa, (u_int)len);
1616 error = copyout(&len, uap->alen, sizeof(len));
1621 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa,
1633 error = getsock_cap(td->td_proc->p_fd, fd, CAP_GETPEERNAME, &fp, NULL);
1637 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) {
1642 CURVNET_SET(so->so_vnet);
1643 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, sa);
1650 len = MIN(*alen, (*sa)->sa_len);
1653 if (KTRPOINT(td, KTR_STRUCT))
1658 free(*sa, M_SONAME);
1667 sys_getpeername(td, uap)
1669 struct getpeername_args *uap;
1672 return (getpeername1(td, uap, 0));
1675 #ifdef COMPAT_OLDSOCK
1677 ogetpeername(td, uap)
1679 struct ogetpeername_args *uap;
1682 /* XXX uap should have type `getpeername_args *' to begin with. */
1683 return (getpeername1(td, (struct getpeername_args *)uap, 1));
1685 #endif /* COMPAT_OLDSOCK */
1688 sockargs(mp, buf, buflen, type)
1693 struct sockaddr *sa;
1697 if ((u_int)buflen > MLEN) {
1698 #ifdef COMPAT_OLDSOCK
1699 if (type == MT_SONAME && (u_int)buflen <= 112)
1700 buflen = MLEN; /* unix domain compat. hack */
1703 if ((u_int)buflen > MCLBYTES)
1706 m = m_get(M_WAIT, type);
1707 if ((u_int)buflen > MLEN)
1710 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen);
1715 if (type == MT_SONAME) {
1716 sa = mtod(m, struct sockaddr *);
1718 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1719 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1720 sa->sa_family = sa->sa_len;
1722 sa->sa_len = buflen;
1729 getsockaddr(namp, uaddr, len)
1730 struct sockaddr **namp;
1734 struct sockaddr *sa;
1737 if (len > SOCK_MAXADDRLEN)
1738 return (ENAMETOOLONG);
1739 if (len < offsetof(struct sockaddr, sa_data[0]))
1741 sa = malloc(len, M_SONAME, M_WAITOK);
1742 error = copyin(uaddr, sa, len);
1746 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1747 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1748 sa->sa_family = sa->sa_len;
1756 #include <sys/condvar.h>
1758 struct sendfile_sync {
1765 * Detach mapped page and release resources back to the system.
1768 sf_buf_mext(void *addr, void *args)
1771 struct sendfile_sync *sfs;
1773 m = sf_buf_page(args);
1776 vm_page_unwire(m, 0);
1778 * Check for the object going away on us. This can
1779 * happen since we don't hold a reference to it.
1780 * If so, we're responsible for freeing the page.
1782 if (m->wire_count == 0 && m->object == NULL)
1788 mtx_lock(&sfs->mtx);
1789 KASSERT(sfs->count> 0, ("Sendfile sync botchup count == 0"));
1790 if (--sfs->count == 0)
1791 cv_signal(&sfs->cv);
1792 mtx_unlock(&sfs->mtx);
1798 * int sendfile(int fd, int s, off_t offset, size_t nbytes,
1799 * struct sf_hdtr *hdtr, off_t *sbytes, int flags)
1801 * Send a file specified by 'fd' and starting at 'offset' to a socket
1802 * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes ==
1803 * 0. Optionally add a header and/or trailer to the socket output. If
1804 * specified, write the total number of bytes sent into *sbytes.
1807 sys_sendfile(struct thread *td, struct sendfile_args *uap)
1810 return (do_sendfile(td, uap, 0));
1814 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat)
1816 struct sf_hdtr hdtr;
1817 struct uio *hdr_uio, *trl_uio;
1820 hdr_uio = trl_uio = NULL;
1822 if (uap->hdtr != NULL) {
1823 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
1826 if (hdtr.headers != NULL) {
1827 error = copyinuio(hdtr.headers, hdtr.hdr_cnt, &hdr_uio);
1831 if (hdtr.trailers != NULL) {
1832 error = copyinuio(hdtr.trailers, hdtr.trl_cnt, &trl_uio);
1839 error = kern_sendfile(td, uap, hdr_uio, trl_uio, compat);
1842 free(hdr_uio, M_IOV);
1844 free(trl_uio, M_IOV);
1848 #ifdef COMPAT_FREEBSD4
1850 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap)
1852 struct sendfile_args args;
1856 args.offset = uap->offset;
1857 args.nbytes = uap->nbytes;
1858 args.hdtr = uap->hdtr;
1859 args.sbytes = uap->sbytes;
1860 args.flags = uap->flags;
1862 return (do_sendfile(td, &args, 1));
1864 #endif /* COMPAT_FREEBSD4 */
1867 kern_sendfile(struct thread *td, struct sendfile_args *uap,
1868 struct uio *hdr_uio, struct uio *trl_uio, int compat)
1870 struct file *sock_fp;
1872 struct vm_object *obj = NULL;
1873 struct socket *so = NULL;
1874 struct mbuf *m = NULL;
1878 off_t off, xfsize, fsbytes = 0, sbytes = 0, rem = 0;
1879 int error, hdrlen = 0, mnw = 0;
1882 struct sendfile_sync *sfs = NULL;
1885 * The file descriptor must be a regular file and have a
1886 * backing VM object.
1887 * File offset must be positive. If it goes beyond EOF
1888 * we send only the header/trailer and no payload data.
1890 AUDIT_ARG_FD(uap->fd);
1891 if ((error = fgetvp_read(td, uap->fd, CAP_READ, &vp)) != 0)
1893 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
1894 vn_lock(vp, LK_SHARED | LK_RETRY);
1895 if (vp->v_type == VREG) {
1896 bsize = vp->v_mount->mnt_stat.f_iosize;
1897 if (uap->nbytes == 0) {
1898 error = VOP_GETATTR(vp, &va, td->td_ucred);
1901 VFS_UNLOCK_GIANT(vfslocked);
1911 * Temporarily increase the backing VM
1912 * object's reference count so that a forced
1913 * reclamation of its vnode does not
1914 * immediately destroy it.
1916 VM_OBJECT_LOCK(obj);
1917 if ((obj->flags & OBJ_DEAD) == 0) {
1918 vm_object_reference_locked(obj);
1919 VM_OBJECT_UNLOCK(obj);
1921 VM_OBJECT_UNLOCK(obj);
1926 bsize = 0; /* silence gcc */
1928 VFS_UNLOCK_GIANT(vfslocked);
1933 if (uap->offset < 0) {
1939 * The socket must be a stream socket and connected.
1940 * Remember if it a blocking or non-blocking socket.
1942 if ((error = getsock_cap(td->td_proc->p_fd, uap->s, CAP_WRITE,
1943 &sock_fp, NULL)) != 0)
1945 so = sock_fp->f_data;
1946 if (so->so_type != SOCK_STREAM) {
1950 if ((so->so_state & SS_ISCONNECTED) == 0) {
1955 * Do not wait on memory allocations but return ENOMEM for
1956 * caller to retry later.
1957 * XXX: Experimental.
1959 if (uap->flags & SF_MNOWAIT)
1962 if (uap->flags & SF_SYNC) {
1963 sfs = malloc(sizeof *sfs, M_TEMP, M_WAITOK | M_ZERO);
1964 mtx_init(&sfs->mtx, "sendfile", NULL, MTX_DEF);
1965 cv_init(&sfs->cv, "sendfile");
1969 error = mac_socket_check_send(td->td_ucred, so);
1974 /* If headers are specified copy them into mbufs. */
1975 if (hdr_uio != NULL) {
1976 hdr_uio->uio_td = td;
1977 hdr_uio->uio_rw = UIO_WRITE;
1978 if (hdr_uio->uio_resid > 0) {
1980 * In FBSD < 5.0 the nbytes to send also included
1981 * the header. If compat is specified subtract the
1982 * header size from nbytes.
1985 if (uap->nbytes > hdr_uio->uio_resid)
1986 uap->nbytes -= hdr_uio->uio_resid;
1990 m = m_uiotombuf(hdr_uio, (mnw ? M_NOWAIT : M_WAITOK),
1993 error = mnw ? EAGAIN : ENOBUFS;
1996 hdrlen = m_length(m, NULL);
2001 * Protect against multiple writers to the socket.
2003 * XXXRW: Historically this has assumed non-interruptibility, so now
2004 * we implement that, but possibly shouldn't.
2006 (void)sblock(&so->so_snd, SBL_WAIT | SBL_NOINTR);
2009 * Loop through the pages of the file, starting with the requested
2010 * offset. Get a file page (do I/O if necessary), map the file page
2011 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
2013 * This is done in two loops. The inner loop turns as many pages
2014 * as it can, up to available socket buffer space, without blocking
2015 * into mbufs to have it bulk delivered into the socket send buffer.
2016 * The outer loop checks the state and available space of the socket
2017 * and takes care of the overall progress.
2019 for (off = uap->offset; ; ) {
2025 if ((uap->nbytes != 0 && uap->nbytes == fsbytes) ||
2026 (uap->nbytes == 0 && va.va_size == fsbytes))
2035 * Check the socket state for ongoing connection,
2036 * no errors and space in socket buffer.
2037 * If space is low allow for the remainder of the
2038 * file to be processed if it fits the socket buffer.
2039 * Otherwise block in waiting for sufficient space
2040 * to proceed, or if the socket is nonblocking, return
2041 * to userland with EAGAIN while reporting how far
2043 * We wait until the socket buffer has significant free
2044 * space to do bulk sends. This makes good use of file
2045 * system read ahead and allows packet segmentation
2046 * offloading hardware to take over lots of work. If
2047 * we were not careful here we would send off only one
2050 SOCKBUF_LOCK(&so->so_snd);
2051 if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2)
2052 so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2;
2054 if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
2056 SOCKBUF_UNLOCK(&so->so_snd);
2058 } else if (so->so_error) {
2059 error = so->so_error;
2061 SOCKBUF_UNLOCK(&so->so_snd);
2064 space = sbspace(&so->so_snd);
2067 space < so->so_snd.sb_lowat)) {
2068 if (so->so_state & SS_NBIO) {
2069 SOCKBUF_UNLOCK(&so->so_snd);
2074 * sbwait drops the lock while sleeping.
2075 * When we loop back to retry_space the
2076 * state may have changed and we retest
2079 error = sbwait(&so->so_snd);
2081 * An error from sbwait usually indicates that we've
2082 * been interrupted by a signal. If we've sent anything
2083 * then return bytes sent, otherwise return the error.
2086 SOCKBUF_UNLOCK(&so->so_snd);
2091 SOCKBUF_UNLOCK(&so->so_snd);
2094 * Reduce space in the socket buffer by the size of
2095 * the header mbuf chain.
2096 * hdrlen is set to 0 after the first loop.
2100 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2101 error = vn_lock(vp, LK_SHARED);
2103 VFS_UNLOCK_GIANT(vfslocked);
2106 error = VOP_GETATTR(vp, &va, td->td_ucred);
2107 if (error != 0 || off >= va.va_size) {
2109 VFS_UNLOCK_GIANT(vfslocked);
2112 VFS_UNLOCK_GIANT(vfslocked);
2115 * Loop and construct maximum sized mbuf chain to be bulk
2116 * dumped into socket buffer.
2118 while (space > loopbytes) {
2124 * Calculate the amount to transfer.
2125 * Not to exceed a page, the EOF,
2126 * or the passed in nbytes.
2128 pgoff = (vm_offset_t)(off & PAGE_MASK);
2129 rem = va.va_size - uap->offset;
2130 if (uap->nbytes != 0)
2131 rem = omin(rem, uap->nbytes);
2132 rem -= fsbytes + loopbytes;
2133 xfsize = omin(PAGE_SIZE - pgoff, rem);
2134 xfsize = omin(space - loopbytes, xfsize);
2136 done = 1; /* all data sent */
2141 * Attempt to look up the page. Allocate
2142 * if not found or wait and loop if busy.
2144 pindex = OFF_TO_IDX(off);
2145 VM_OBJECT_LOCK(obj);
2146 pg = vm_page_grab(obj, pindex, VM_ALLOC_NOBUSY |
2147 VM_ALLOC_NORMAL | VM_ALLOC_WIRED | VM_ALLOC_RETRY);
2150 * Check if page is valid for what we need,
2151 * otherwise initiate I/O.
2152 * If we already turned some pages into mbufs,
2153 * send them off before we come here again and
2156 if (pg->valid && vm_page_is_valid(pg, pgoff, xfsize))
2157 VM_OBJECT_UNLOCK(obj);
2159 error = EAGAIN; /* send what we already got */
2160 else if (uap->flags & SF_NODISKIO)
2165 VM_OBJECT_UNLOCK(obj);
2168 * Get the page from backing store.
2169 * XXXMAC: Because we don't have fp->f_cred
2170 * here, we pass in NOCRED. This is probably
2171 * wrong, but is consistent with our original
2174 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2175 error = vn_rdwr(UIO_READ, vp, NULL, MAXBSIZE,
2176 trunc_page(off), UIO_NOCOPY, IO_NODELOCKED |
2177 IO_VMIO | ((MAXBSIZE / bsize) << IO_SEQSHIFT),
2178 td->td_ucred, NOCRED, &resid, td);
2179 VFS_UNLOCK_GIANT(vfslocked);
2181 VM_OBJECT_LOCK(obj);
2186 vm_page_unwire(pg, 0);
2188 * See if anyone else might know about
2189 * this page. If not and it is not valid,
2192 if (pg->wire_count == 0 && pg->valid == 0 &&
2193 pg->busy == 0 && !(pg->oflags & VPO_BUSY))
2196 VM_OBJECT_UNLOCK(obj);
2197 if (error == EAGAIN)
2198 error = 0; /* not a real error */
2203 * Get a sendfile buf. When allocating the
2204 * first buffer for mbuf chain, we usually
2205 * wait as long as necessary, but this wait
2206 * can be interrupted. For consequent
2207 * buffers, do not sleep, since several
2208 * threads might exhaust the buffers and then
2211 sf = sf_buf_alloc(pg, (mnw || m != NULL) ? SFB_NOWAIT :
2214 mbstat.sf_allocfail++;
2216 vm_page_unwire(pg, 0);
2217 KASSERT(pg->object != NULL,
2218 ("kern_sendfile: object disappeared"));
2221 error = (mnw ? EAGAIN : EINTR);
2226 * Get an mbuf and set it up as having
2229 m0 = m_get((mnw ? M_NOWAIT : M_WAITOK), MT_DATA);
2231 error = (mnw ? EAGAIN : ENOBUFS);
2232 sf_buf_mext(NULL, sf);
2235 MEXTADD(m0, sf_buf_kva(sf), PAGE_SIZE, sf_buf_mext,
2236 sfs, sf, M_RDONLY, EXT_SFBUF);
2237 m0->m_data = (char *)sf_buf_kva(sf) + pgoff;
2240 /* Append to mbuf chain. */
2244 m_last(m)->m_next = m0;
2249 /* Keep track of bits processed. */
2250 loopbytes += xfsize;
2254 mtx_lock(&sfs->mtx);
2256 mtx_unlock(&sfs->mtx);
2262 /* Add the buffer chain to the socket buffer. */
2266 mlen = m_length(m, NULL);
2267 SOCKBUF_LOCK(&so->so_snd);
2268 if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
2270 SOCKBUF_UNLOCK(&so->so_snd);
2273 SOCKBUF_UNLOCK(&so->so_snd);
2274 CURVNET_SET(so->so_vnet);
2275 /* Avoid error aliasing. */
2276 err = (*so->so_proto->pr_usrreqs->pru_send)
2277 (so, 0, m, NULL, NULL, td);
2281 * We need two counters to get the
2282 * file offset and nbytes to send
2284 * - sbytes contains the total amount
2285 * of bytes sent, including headers.
2286 * - fsbytes contains the total amount
2287 * of bytes sent from the file.
2295 } else if (error == 0)
2297 m = NULL; /* pru_send always consumes */
2300 /* Quit outer loop on error or when we're done. */
2308 * Send trailers. Wimp out and use writev(2).
2310 if (trl_uio != NULL) {
2311 sbunlock(&so->so_snd);
2312 error = kern_writev(td, uap->s, trl_uio);
2314 sbytes += td->td_retval[0];
2319 sbunlock(&so->so_snd);
2322 * If there was no error we have to clear td->td_retval[0]
2323 * because it may have been set by writev.
2326 td->td_retval[0] = 0;
2328 if (uap->sbytes != NULL) {
2329 copyout(&sbytes, uap->sbytes, sizeof(off_t));
2332 vm_object_deallocate(obj);
2334 vfslocked = VFS_LOCK_GIANT(vp->v_mount);
2336 VFS_UNLOCK_GIANT(vfslocked);
2344 mtx_lock(&sfs->mtx);
2345 if (sfs->count != 0)
2346 cv_wait(&sfs->cv, &sfs->mtx);
2347 KASSERT(sfs->count == 0, ("sendfile sync still busy"));
2348 cv_destroy(&sfs->cv);
2349 mtx_destroy(&sfs->mtx);
2353 if (error == ERESTART)
2361 * Functionality only compiled in if SCTP is defined in the kernel Makefile,
2362 * otherwise all return EOPNOTSUPP.
2363 * XXX: We should make this loadable one day.
2366 sys_sctp_peeloff(td, uap)
2368 struct sctp_peeloff_args /* {
2373 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2374 struct filedesc *fdp;
2375 struct file *nfp = NULL;
2377 struct socket *head, *so;
2381 fdp = td->td_proc->p_fd;
2382 AUDIT_ARG_FD(uap->sd);
2383 error = fgetsock(td, uap->sd, CAP_PEELOFF, &head, &fflag);
2386 if (head->so_proto->pr_protocol != IPPROTO_SCTP) {
2390 error = sctp_can_peel_off(head, (sctp_assoc_t)uap->name);
2394 * At this point we know we do have a assoc to pull
2395 * we proceed to get the fd setup. This may block
2399 error = falloc(td, &nfp, &fd, 0);
2402 td->td_retval[0] = fd;
2404 CURVNET_SET(head->so_vnet);
2405 so = sonewconn(head, SS_ISCONNECTED);
2411 * Before changing the flags on the socket, we have to bump the
2412 * reference count. Otherwise, if the protocol calls sofree(),
2413 * the socket will be released due to a zero refcount.
2416 soref(so); /* file descriptor reference */
2421 TAILQ_REMOVE(&head->so_comp, so, so_list);
2423 so->so_state |= (head->so_state & SS_NBIO);
2424 so->so_state &= ~SS_NOFDREF;
2425 so->so_qstate &= ~SQ_COMP;
2428 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops);
2429 error = sctp_do_peeloff(head, so, (sctp_assoc_t)uap->name);
2432 if (head->so_sigio != NULL)
2433 fsetown(fgetown(&head->so_sigio), &so->so_sigio);
2437 * close the new descriptor, assuming someone hasn't ripped it
2438 * out from under us.
2441 fdclose(fdp, nfp, fd, td);
2444 * Release explicitly held references before returning.
2454 return (EOPNOTSUPP);
2459 sys_sctp_generic_sendmsg (td, uap)
2461 struct sctp_generic_sendmsg_args /* {
2467 struct sctp_sndrcvinfo *sinfo,
2471 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2472 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL;
2474 struct file *fp = NULL;
2476 struct sockaddr *to = NULL;
2478 struct uio *ktruio = NULL;
2481 struct iovec iov[1];
2482 cap_rights_t rights;
2485 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo));
2493 error = getsockaddr(&to, uap->to, uap->tolen);
2498 rights |= CAP_CONNECT;
2501 AUDIT_ARG_FD(uap->sd);
2502 error = getsock_cap(td->td_proc->p_fd, uap->sd, rights, &fp, NULL);
2506 if (to && (KTRPOINT(td, KTR_STRUCT)))
2510 iov[0].iov_base = uap->msg;
2511 iov[0].iov_len = uap->mlen;
2513 so = (struct socket *)fp->f_data;
2514 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
2519 error = mac_socket_check_send(td->td_ucred, so);
2525 auio.uio_iovcnt = 1;
2526 auio.uio_segflg = UIO_USERSPACE;
2527 auio.uio_rw = UIO_WRITE;
2529 auio.uio_offset = 0; /* XXX */
2531 len = auio.uio_resid = uap->mlen;
2532 CURVNET_SET(so->so_vnet);
2533 error = sctp_lower_sosend(so, to, &auio,
2534 (struct mbuf *)NULL, (struct mbuf *)NULL,
2535 uap->flags, u_sinfo, td);
2538 if (auio.uio_resid != len && (error == ERESTART ||
2539 error == EINTR || error == EWOULDBLOCK))
2541 /* Generation of SIGPIPE can be controlled per socket. */
2542 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
2543 !(uap->flags & MSG_NOSIGNAL)) {
2544 PROC_LOCK(td->td_proc);
2545 tdsignal(td, SIGPIPE);
2546 PROC_UNLOCK(td->td_proc);
2550 td->td_retval[0] = len - auio.uio_resid;
2552 if (ktruio != NULL) {
2553 ktruio->uio_resid = td->td_retval[0];
2554 ktrgenio(uap->sd, UIO_WRITE, ktruio, error);
2565 return (EOPNOTSUPP);
2570 sys_sctp_generic_sendmsg_iov(td, uap)
2572 struct sctp_generic_sendmsg_iov_args /* {
2578 struct sctp_sndrcvinfo *sinfo,
2582 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2583 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL;
2585 struct file *fp = NULL;
2588 struct sockaddr *to = NULL;
2590 struct uio *ktruio = NULL;
2593 struct iovec *iov, *tiov;
2594 cap_rights_t rights;
2597 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo));
2604 error = getsockaddr(&to, uap->to, uap->tolen);
2609 rights |= CAP_CONNECT;
2612 AUDIT_ARG_FD(uap->sd);
2613 error = getsock_cap(td->td_proc->p_fd, uap->sd, rights, &fp, NULL);
2617 #ifdef COMPAT_FREEBSD32
2618 if (SV_CURPROC_FLAG(SV_ILP32))
2619 error = freebsd32_copyiniov((struct iovec32 *)uap->iov,
2620 uap->iovlen, &iov, EMSGSIZE);
2623 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE);
2627 if (to && (KTRPOINT(td, KTR_STRUCT)))
2631 so = (struct socket *)fp->f_data;
2632 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
2637 error = mac_socket_check_send(td->td_ucred, so);
2643 auio.uio_iovcnt = uap->iovlen;
2644 auio.uio_segflg = UIO_USERSPACE;
2645 auio.uio_rw = UIO_WRITE;
2647 auio.uio_offset = 0; /* XXX */
2650 for (i = 0; i <uap->iovlen; i++, tiov++) {
2651 if ((auio.uio_resid += tiov->iov_len) < 0) {
2656 len = auio.uio_resid;
2657 CURVNET_SET(so->so_vnet);
2658 error = sctp_lower_sosend(so, to, &auio,
2659 (struct mbuf *)NULL, (struct mbuf *)NULL,
2660 uap->flags, u_sinfo, td);
2663 if (auio.uio_resid != len && (error == ERESTART ||
2664 error == EINTR || error == EWOULDBLOCK))
2666 /* Generation of SIGPIPE can be controlled per socket */
2667 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
2668 !(uap->flags & MSG_NOSIGNAL)) {
2669 PROC_LOCK(td->td_proc);
2670 tdsignal(td, SIGPIPE);
2671 PROC_UNLOCK(td->td_proc);
2675 td->td_retval[0] = len - auio.uio_resid;
2677 if (ktruio != NULL) {
2678 ktruio->uio_resid = td->td_retval[0];
2679 ktrgenio(uap->sd, UIO_WRITE, ktruio, error);
2692 return (EOPNOTSUPP);
2697 sys_sctp_generic_recvmsg(td, uap)
2699 struct sctp_generic_recvmsg_args /* {
2703 struct sockaddr *from,
2704 __socklen_t *fromlenaddr,
2705 struct sctp_sndrcvinfo *sinfo,
2709 #if (defined(INET) || defined(INET6)) && defined(SCTP)
2710 uint8_t sockbufstore[256];
2712 struct iovec *iov, *tiov;
2713 struct sctp_sndrcvinfo sinfo;
2715 struct file *fp = NULL;
2716 struct sockaddr *fromsa;
2722 struct uio *ktruio = NULL;
2725 AUDIT_ARG_FD(uap->sd);
2726 error = getsock_cap(td->td_proc->p_fd, uap->sd, CAP_READ, &fp, NULL);
2730 #ifdef COMPAT_FREEBSD32
2731 if (SV_CURPROC_FLAG(SV_ILP32))
2732 error = freebsd32_copyiniov((struct iovec32 *)uap->iov,
2733 uap->iovlen, &iov, EMSGSIZE);
2736 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE);
2741 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
2746 error = mac_socket_check_receive(td->td_ucred, so);
2752 if (uap->fromlenaddr) {
2753 error = copyin(uap->fromlenaddr,
2754 &fromlen, sizeof (fromlen));
2761 if (uap->msg_flags) {
2762 error = copyin(uap->msg_flags, &msg_flags, sizeof (int));
2770 auio.uio_iovcnt = uap->iovlen;
2771 auio.uio_segflg = UIO_USERSPACE;
2772 auio.uio_rw = UIO_READ;
2774 auio.uio_offset = 0; /* XXX */
2777 for (i = 0; i <uap->iovlen; i++, tiov++) {
2778 if ((auio.uio_resid += tiov->iov_len) < 0) {
2783 len = auio.uio_resid;
2784 fromsa = (struct sockaddr *)sockbufstore;
2787 if (KTRPOINT(td, KTR_GENIO))
2788 ktruio = cloneuio(&auio);
2790 memset(&sinfo, 0, sizeof(struct sctp_sndrcvinfo));
2791 CURVNET_SET(so->so_vnet);
2792 error = sctp_sorecvmsg(so, &auio, (struct mbuf **)NULL,
2793 fromsa, fromlen, &msg_flags,
2794 (struct sctp_sndrcvinfo *)&sinfo, 1);
2797 if (auio.uio_resid != len && (error == ERESTART ||
2798 error == EINTR || error == EWOULDBLOCK))
2802 error = copyout(&sinfo, uap->sinfo, sizeof (sinfo));
2805 if (ktruio != NULL) {
2806 ktruio->uio_resid = len - auio.uio_resid;
2807 ktrgenio(uap->sd, UIO_READ, ktruio, error);
2812 td->td_retval[0] = len - auio.uio_resid;
2814 if (fromlen && uap->from) {
2816 if (len <= 0 || fromsa == 0)
2819 len = MIN(len, fromsa->sa_len);
2820 error = copyout(fromsa, uap->from, (size_t)len);
2824 error = copyout(&len, uap->fromlenaddr, sizeof (socklen_t));
2830 if (KTRPOINT(td, KTR_STRUCT))
2831 ktrsockaddr(fromsa);
2833 if (uap->msg_flags) {
2834 error = copyout(&msg_flags, uap->msg_flags, sizeof (int));
2847 return (EOPNOTSUPP);
projects / FreeBSD / stable / 9.git / blob