2 * Copyright (c) 1982, 1986, 1989, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
5 * sendfile(2) and related extensions:
6 * Copyright (c) 1998, David Greenman. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
38 #include "opt_capsicum.h"
40 #include "opt_inet6.h"
42 #include "opt_compat.h"
43 #include "opt_ktrace.h"
45 #include <sys/param.h>
46 #include <sys/systm.h>
47 #include <sys/capsicum.h>
48 #include <sys/condvar.h>
49 #include <sys/kernel.h>
51 #include <sys/mutex.h>
52 #include <sys/sysproto.h>
53 #include <sys/malloc.h>
54 #include <sys/filedesc.h>
55 #include <sys/event.h>
57 #include <sys/fcntl.h>
59 #include <sys/filio.h>
62 #include <sys/mount.h>
64 #include <sys/protosw.h>
65 #include <sys/rwlock.h>
66 #include <sys/sf_buf.h>
67 #include <sys/sf_sync.h>
68 #include <sys/sf_base.h>
69 #include <sys/sysent.h>
70 #include <sys/socket.h>
71 #include <sys/socketvar.h>
72 #include <sys/signalvar.h>
73 #include <sys/syscallsubr.h>
74 #include <sys/sysctl.h>
76 #include <sys/vnode.h>
78 #include <sys/ktrace.h>
80 #ifdef COMPAT_FREEBSD32
81 #include <compat/freebsd32/freebsd32_util.h>
86 #include <security/audit/audit.h>
87 #include <security/mac/mac_framework.h>
90 #include <vm/vm_param.h>
91 #include <vm/vm_object.h>
92 #include <vm/vm_page.h>
93 #include <vm/vm_pager.h>
94 #include <vm/vm_kern.h>
95 #include <vm/vm_extern.h>
98 #if defined(INET) || defined(INET6)
100 #include <netinet/sctp.h>
101 #include <netinet/sctp_peeloff.h>
103 #endif /* INET || INET6 */
106 * Flags for accept1() and kern_accept4(), in addition to SOCK_CLOEXEC
109 #define ACCEPT4_INHERIT 0x1
110 #define ACCEPT4_COMPAT 0x2
112 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags);
113 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp);
115 static int accept1(struct thread *td, int s, struct sockaddr *uname,
116 socklen_t *anamelen, int flags);
117 static int do_sendfile(struct thread *td, struct sendfile_args *uap,
119 static int getsockname1(struct thread *td, struct getsockname_args *uap,
121 static int getpeername1(struct thread *td, struct getpeername_args *uap,
124 counter_u64_t sfstat[sizeof(struct sfstat) / sizeof(uint64_t)];
126 static int filt_sfsync_attach(struct knote *kn);
127 static void filt_sfsync_detach(struct knote *kn);
128 static int filt_sfsync(struct knote *kn, long hint);
131 * sendfile(2)-related variables and associated sysctls
133 static SYSCTL_NODE(_kern_ipc, OID_AUTO, sendfile, CTLFLAG_RW, 0,
134 "sendfile(2) tunables");
135 static int sfreadahead = 1;
136 SYSCTL_INT(_kern_ipc_sendfile, OID_AUTO, readahead, CTLFLAG_RW,
137 &sfreadahead, 0, "Number of sendfile(2) read-ahead MAXBSIZE blocks");
140 static int sf_sync_debug = 0;
141 SYSCTL_INT(_debug, OID_AUTO, sf_sync_debug, CTLFLAG_RW,
142 &sf_sync_debug, 0, "Output debugging during sf_sync lifecycle");
143 #define SFSYNC_DPRINTF(s, ...) \
146 printf((s), ##__VA_ARGS__); \
149 #define SFSYNC_DPRINTF(c, ...)
152 static uma_zone_t zone_sfsync;
154 static struct filterops sendfile_filtops = {
156 .f_attach = filt_sfsync_attach,
157 .f_detach = filt_sfsync_detach,
158 .f_event = filt_sfsync,
162 sfstat_init(const void *unused)
165 COUNTER_ARRAY_ALLOC(sfstat, sizeof(struct sfstat) / sizeof(uint64_t),
168 SYSINIT(sfstat, SI_SUB_MBUF, SI_ORDER_FIRST, sfstat_init, NULL);
171 sf_sync_init(const void *unused)
174 zone_sfsync = uma_zcreate("sendfile_sync", sizeof(struct sendfile_sync),
179 kqueue_add_filteropts(EVFILT_SENDFILE, &sendfile_filtops);
181 SYSINIT(sf_sync, SI_SUB_MBUF, SI_ORDER_FIRST, sf_sync_init, NULL);
184 sfstat_sysctl(SYSCTL_HANDLER_ARGS)
188 COUNTER_ARRAY_COPY(sfstat, &s, sizeof(s) / sizeof(uint64_t));
190 COUNTER_ARRAY_ZERO(sfstat, sizeof(s) / sizeof(uint64_t));
191 return (SYSCTL_OUT(req, &s, sizeof(s)));
193 SYSCTL_PROC(_kern_ipc, OID_AUTO, sfstat, CTLTYPE_OPAQUE | CTLFLAG_RW,
194 NULL, 0, sfstat_sysctl, "I", "sendfile statistics");
197 * Convert a user file descriptor to a kernel file entry and check if required
198 * capability rights are present.
199 * A reference on the file entry is held upon returning.
202 getsock_cap(struct filedesc *fdp, int fd, cap_rights_t *rightsp,
203 struct file **fpp, u_int *fflagp)
208 error = fget_unlocked(fdp, fd, rightsp, 0, &fp, NULL);
211 if (fp->f_type != DTYPE_SOCKET) {
212 fdrop(fp, curthread);
216 *fflagp = fp->f_flag;
222 * System call interface to the socket abstraction.
224 #if defined(COMPAT_43)
225 #define COMPAT_OLDSOCK
231 struct socket_args /* {
239 int fd, error, type, oflag, fflag;
241 AUDIT_ARG_SOCKET(uap->domain, uap->type, uap->protocol);
246 if ((type & SOCK_CLOEXEC) != 0) {
247 type &= ~SOCK_CLOEXEC;
250 if ((type & SOCK_NONBLOCK) != 0) {
251 type &= ~SOCK_NONBLOCK;
256 error = mac_socket_check_create(td->td_ucred, uap->domain, type,
261 error = falloc(td, &fp, &fd, oflag);
264 /* An extra reference on `fp' has been held for us by falloc(). */
265 error = socreate(uap->domain, &so, type, uap->protocol,
268 fdclose(td->td_proc->p_fd, fp, fd, td);
270 finit(fp, FREAD | FWRITE | fflag, DTYPE_SOCKET, so, &socketops);
271 if ((fflag & FNONBLOCK) != 0)
272 (void) fo_ioctl(fp, FIONBIO, &fflag, td->td_ucred, td);
273 td->td_retval[0] = fd;
283 struct bind_args /* {
292 error = getsockaddr(&sa, uap->name, uap->namelen);
294 error = kern_bind(td, uap->s, sa);
301 kern_bindat(struct thread *td, int dirfd, int fd, struct sockaddr *sa)
309 AUDIT_ARG_SOCKADDR(td, dirfd, sa);
310 error = getsock_cap(td->td_proc->p_fd, fd,
311 cap_rights_init(&rights, CAP_BIND), &fp, NULL);
316 if (KTRPOINT(td, KTR_STRUCT))
320 error = mac_socket_check_bind(td->td_ucred, so, sa);
323 if (dirfd == AT_FDCWD)
324 error = sobind(so, sa, td);
326 error = sobindat(dirfd, so, sa, td);
335 kern_bind(struct thread *td, int fd, struct sockaddr *sa)
338 return (kern_bindat(td, AT_FDCWD, fd, sa));
345 struct bindat_args /* {
355 error = getsockaddr(&sa, uap->name, uap->namelen);
357 error = kern_bindat(td, uap->fd, uap->s, sa);
367 struct listen_args /* {
377 AUDIT_ARG_FD(uap->s);
378 error = getsock_cap(td->td_proc->p_fd, uap->s,
379 cap_rights_init(&rights, CAP_LISTEN), &fp, NULL);
383 error = mac_socket_check_listen(td->td_ucred, so);
386 error = solisten(so, uap->backlog, td);
396 accept1(td, s, uname, anamelen, flags)
399 struct sockaddr *uname;
403 struct sockaddr *name;
409 return (kern_accept4(td, s, NULL, NULL, flags, NULL));
411 error = copyin(anamelen, &namelen, sizeof (namelen));
415 error = kern_accept4(td, s, &name, &namelen, flags, &fp);
420 if (error == 0 && uname != NULL) {
421 #ifdef COMPAT_OLDSOCK
422 if (flags & ACCEPT4_COMPAT)
423 ((struct osockaddr *)name)->sa_family =
426 error = copyout(name, uname, namelen);
429 error = copyout(&namelen, anamelen,
432 fdclose(td->td_proc->p_fd, fp, td->td_retval[0], td);
434 free(name, M_SONAME);
439 kern_accept(struct thread *td, int s, struct sockaddr **name,
440 socklen_t *namelen, struct file **fp)
442 return (kern_accept4(td, s, name, namelen, ACCEPT4_INHERIT, fp));
446 kern_accept4(struct thread *td, int s, struct sockaddr **name,
447 socklen_t *namelen, int flags, struct file **fp)
449 struct filedesc *fdp;
450 struct file *headfp, *nfp = NULL;
451 struct sockaddr *sa = NULL;
452 struct socket *head, *so;
462 fdp = td->td_proc->p_fd;
463 error = getsock_cap(fdp, s, cap_rights_init(&rights, CAP_ACCEPT),
467 head = headfp->f_data;
468 if ((head->so_options & SO_ACCEPTCONN) == 0) {
473 error = mac_socket_check_accept(td->td_ucred, head);
477 error = falloc(td, &nfp, &fd, (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0);
481 if ((head->so_state & SS_NBIO) && TAILQ_EMPTY(&head->so_comp)) {
486 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) {
487 if (head->so_rcv.sb_state & SBS_CANTRCVMORE) {
488 head->so_error = ECONNABORTED;
491 error = msleep(&head->so_timeo, &accept_mtx, PSOCK | PCATCH,
498 if (head->so_error) {
499 error = head->so_error;
504 so = TAILQ_FIRST(&head->so_comp);
505 KASSERT(!(so->so_qstate & SQ_INCOMP), ("accept1: so SQ_INCOMP"));
506 KASSERT(so->so_qstate & SQ_COMP, ("accept1: so not SQ_COMP"));
509 * Before changing the flags on the socket, we have to bump the
510 * reference count. Otherwise, if the protocol calls sofree(),
511 * the socket will be released due to a zero refcount.
513 SOCK_LOCK(so); /* soref() and so_state update */
514 soref(so); /* file descriptor reference */
516 TAILQ_REMOVE(&head->so_comp, so, so_list);
518 if (flags & ACCEPT4_INHERIT)
519 so->so_state |= (head->so_state & SS_NBIO);
521 so->so_state |= (flags & SOCK_NONBLOCK) ? SS_NBIO : 0;
522 so->so_qstate &= ~SQ_COMP;
528 /* An extra reference on `nfp' has been held for us by falloc(). */
529 td->td_retval[0] = fd;
531 /* connection has been removed from the listen queue */
532 KNOTE_UNLOCKED(&head->so_rcv.sb_sel.si_note, 0);
534 if (flags & ACCEPT4_INHERIT) {
535 pgid = fgetown(&head->so_sigio);
537 fsetown(pgid, &so->so_sigio);
539 fflag &= ~(FNONBLOCK | FASYNC);
540 if (flags & SOCK_NONBLOCK)
544 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops);
545 /* Sync socket nonblocking/async state with file flags */
546 tmp = fflag & FNONBLOCK;
547 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td);
548 tmp = fflag & FASYNC;
549 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td);
551 error = soaccept(so, &sa);
559 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, sa);
561 /* check sa_len before it is destroyed */
562 if (*namelen > sa->sa_len)
563 *namelen = sa->sa_len;
565 if (KTRPOINT(td, KTR_STRUCT))
575 * close the new descriptor, assuming someone hasn't ripped it
579 fdclose(fdp, nfp, fd, td);
582 * Release explicitly held references before returning. We return
583 * a reference on nfp to the caller on success if they request it.
602 struct accept_args *uap;
605 return (accept1(td, uap->s, uap->name, uap->anamelen, ACCEPT4_INHERIT));
611 struct accept4_args *uap;
614 if (uap->flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK))
617 return (accept1(td, uap->s, uap->name, uap->anamelen, uap->flags));
620 #ifdef COMPAT_OLDSOCK
624 struct accept_args *uap;
627 return (accept1(td, uap->s, uap->name, uap->anamelen,
628 ACCEPT4_INHERIT | ACCEPT4_COMPAT));
630 #endif /* COMPAT_OLDSOCK */
636 struct connect_args /* {
645 error = getsockaddr(&sa, uap->name, uap->namelen);
647 error = kern_connect(td, uap->s, sa);
654 kern_connectat(struct thread *td, int dirfd, int fd, struct sockaddr *sa)
659 int error, interrupted = 0;
662 AUDIT_ARG_SOCKADDR(td, dirfd, sa);
663 error = getsock_cap(td->td_proc->p_fd, fd,
664 cap_rights_init(&rights, CAP_CONNECT), &fp, NULL);
668 if (so->so_state & SS_ISCONNECTING) {
673 if (KTRPOINT(td, KTR_STRUCT))
677 error = mac_socket_check_connect(td->td_ucred, so, sa);
681 if (dirfd == AT_FDCWD)
682 error = soconnect(so, sa, td);
684 error = soconnectat(dirfd, so, sa, td);
687 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
692 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
693 error = msleep(&so->so_timeo, SOCK_MTX(so), PSOCK | PCATCH,
696 if (error == EINTR || error == ERESTART)
702 error = so->so_error;
708 so->so_state &= ~SS_ISCONNECTING;
709 if (error == ERESTART)
717 kern_connect(struct thread *td, int fd, struct sockaddr *sa)
720 return (kern_connectat(td, AT_FDCWD, fd, sa));
725 sys_connectat(td, uap)
727 struct connectat_args /* {
737 error = getsockaddr(&sa, uap->name, uap->namelen);
739 error = kern_connectat(td, uap->fd, uap->s, sa);
746 kern_socketpair(struct thread *td, int domain, int type, int protocol,
749 struct filedesc *fdp = td->td_proc->p_fd;
750 struct file *fp1, *fp2;
751 struct socket *so1, *so2;
752 int fd, error, oflag, fflag;
754 AUDIT_ARG_SOCKET(domain, type, protocol);
758 if ((type & SOCK_CLOEXEC) != 0) {
759 type &= ~SOCK_CLOEXEC;
762 if ((type & SOCK_NONBLOCK) != 0) {
763 type &= ~SOCK_NONBLOCK;
767 /* We might want to have a separate check for socket pairs. */
768 error = mac_socket_check_create(td->td_ucred, domain, type,
773 error = socreate(domain, &so1, type, protocol, td->td_ucred, td);
776 error = socreate(domain, &so2, type, protocol, td->td_ucred, td);
779 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */
780 error = falloc(td, &fp1, &fd, oflag);
784 fp1->f_data = so1; /* so1 already has ref count */
785 error = falloc(td, &fp2, &fd, oflag);
788 fp2->f_data = so2; /* so2 already has ref count */
790 error = soconnect2(so1, so2);
793 if (type == SOCK_DGRAM) {
795 * Datagram socket connection is asymmetric.
797 error = soconnect2(so2, so1);
801 finit(fp1, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp1->f_data,
803 finit(fp2, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp2->f_data,
805 if ((fflag & FNONBLOCK) != 0) {
806 (void) fo_ioctl(fp1, FIONBIO, &fflag, td->td_ucred, td);
807 (void) fo_ioctl(fp2, FIONBIO, &fflag, td->td_ucred, td);
813 fdclose(fdp, fp2, rsv[1], td);
816 fdclose(fdp, fp1, rsv[0], td);
828 sys_socketpair(struct thread *td, struct socketpair_args *uap)
832 error = kern_socketpair(td, uap->domain, uap->type,
836 error = copyout(sv, uap->rsv, 2 * sizeof(int));
838 (void)kern_close(td, sv[0]);
839 (void)kern_close(td, sv[1]);
845 sendit(td, s, mp, flags)
851 struct mbuf *control;
855 #ifdef CAPABILITY_MODE
856 if (IN_CAPABILITY_MODE(td) && (mp->msg_name != NULL))
860 if (mp->msg_name != NULL) {
861 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen);
871 if (mp->msg_control) {
872 if (mp->msg_controllen < sizeof(struct cmsghdr)
873 #ifdef COMPAT_OLDSOCK
874 && mp->msg_flags != MSG_COMPAT
880 error = sockargs(&control, mp->msg_control,
881 mp->msg_controllen, MT_CONTROL);
884 #ifdef COMPAT_OLDSOCK
885 if (mp->msg_flags == MSG_COMPAT) {
888 M_PREPEND(control, sizeof(*cm), M_WAITOK);
889 cm = mtod(control, struct cmsghdr *);
890 cm->cmsg_len = control->m_len;
891 cm->cmsg_level = SOL_SOCKET;
892 cm->cmsg_type = SCM_RIGHTS;
899 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE);
907 kern_sendit(td, s, mp, flags, control, segflg)
912 struct mbuf *control;
921 struct uio *ktruio = NULL;
927 cap_rights_init(&rights, CAP_SEND);
928 if (mp->msg_name != NULL) {
929 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, mp->msg_name);
930 cap_rights_set(&rights, CAP_CONNECT);
932 error = getsock_cap(td->td_proc->p_fd, s, &rights, &fp, NULL);
935 so = (struct socket *)fp->f_data;
938 if (mp->msg_name != NULL && KTRPOINT(td, KTR_STRUCT))
939 ktrsockaddr(mp->msg_name);
942 if (mp->msg_name != NULL) {
943 error = mac_socket_check_connect(td->td_ucred, so,
948 error = mac_socket_check_send(td->td_ucred, so);
953 auio.uio_iov = mp->msg_iov;
954 auio.uio_iovcnt = mp->msg_iovlen;
955 auio.uio_segflg = segflg;
956 auio.uio_rw = UIO_WRITE;
958 auio.uio_offset = 0; /* XXX */
961 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
962 if ((auio.uio_resid += iov->iov_len) < 0) {
968 if (KTRPOINT(td, KTR_GENIO))
969 ktruio = cloneuio(&auio);
971 len = auio.uio_resid;
972 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td);
974 if (auio.uio_resid != len && (error == ERESTART ||
975 error == EINTR || error == EWOULDBLOCK))
977 /* Generation of SIGPIPE can be controlled per socket */
978 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
979 !(flags & MSG_NOSIGNAL)) {
980 PROC_LOCK(td->td_proc);
981 tdsignal(td, SIGPIPE);
982 PROC_UNLOCK(td->td_proc);
986 td->td_retval[0] = len - auio.uio_resid;
988 if (ktruio != NULL) {
989 ktruio->uio_resid = td->td_retval[0];
990 ktrgenio(s, UIO_WRITE, ktruio, error);
1001 struct sendto_args /* {
1013 msg.msg_name = uap->to;
1014 msg.msg_namelen = uap->tolen;
1015 msg.msg_iov = &aiov;
1017 msg.msg_control = 0;
1018 #ifdef COMPAT_OLDSOCK
1021 aiov.iov_base = uap->buf;
1022 aiov.iov_len = uap->len;
1023 return (sendit(td, uap->s, &msg, uap->flags));
1026 #ifdef COMPAT_OLDSOCK
1030 struct osend_args /* {
1041 msg.msg_namelen = 0;
1042 msg.msg_iov = &aiov;
1044 aiov.iov_base = uap->buf;
1045 aiov.iov_len = uap->len;
1046 msg.msg_control = 0;
1048 return (sendit(td, uap->s, &msg, uap->flags));
1054 struct osendmsg_args /* {
1064 error = copyin(uap->msg, &msg, sizeof (struct omsghdr));
1067 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1071 msg.msg_flags = MSG_COMPAT;
1072 error = sendit(td, uap->s, &msg, uap->flags);
1079 sys_sendmsg(td, uap)
1081 struct sendmsg_args /* {
1091 error = copyin(uap->msg, &msg, sizeof (msg));
1094 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1098 #ifdef COMPAT_OLDSOCK
1101 error = sendit(td, uap->s, &msg, uap->flags);
1107 kern_recvit(td, s, mp, fromseg, controlp)
1111 enum uio_seg fromseg;
1112 struct mbuf **controlp;
1116 struct mbuf *m, *control = NULL;
1120 struct sockaddr *fromsa = NULL;
1121 cap_rights_t rights;
1123 struct uio *ktruio = NULL;
1128 if (controlp != NULL)
1132 error = getsock_cap(td->td_proc->p_fd, s,
1133 cap_rights_init(&rights, CAP_RECV), &fp, NULL);
1139 error = mac_socket_check_receive(td->td_ucred, so);
1146 auio.uio_iov = mp->msg_iov;
1147 auio.uio_iovcnt = mp->msg_iovlen;
1148 auio.uio_segflg = UIO_USERSPACE;
1149 auio.uio_rw = UIO_READ;
1151 auio.uio_offset = 0; /* XXX */
1154 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
1155 if ((auio.uio_resid += iov->iov_len) < 0) {
1161 if (KTRPOINT(td, KTR_GENIO))
1162 ktruio = cloneuio(&auio);
1164 len = auio.uio_resid;
1165 error = soreceive(so, &fromsa, &auio, NULL,
1166 (mp->msg_control || controlp) ? &control : NULL,
1169 if (auio.uio_resid != len && (error == ERESTART ||
1170 error == EINTR || error == EWOULDBLOCK))
1174 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, fromsa);
1176 if (ktruio != NULL) {
1177 ktruio->uio_resid = len - auio.uio_resid;
1178 ktrgenio(s, UIO_READ, ktruio, error);
1183 td->td_retval[0] = len - auio.uio_resid;
1185 len = mp->msg_namelen;
1186 if (len <= 0 || fromsa == NULL)
1189 /* save sa_len before it is destroyed by MSG_COMPAT */
1190 len = MIN(len, fromsa->sa_len);
1191 #ifdef COMPAT_OLDSOCK
1192 if (mp->msg_flags & MSG_COMPAT)
1193 ((struct osockaddr *)fromsa)->sa_family =
1196 if (fromseg == UIO_USERSPACE) {
1197 error = copyout(fromsa, mp->msg_name,
1202 bcopy(fromsa, mp->msg_name, len);
1204 mp->msg_namelen = len;
1206 if (mp->msg_control && controlp == NULL) {
1207 #ifdef COMPAT_OLDSOCK
1209 * We assume that old recvmsg calls won't receive access
1210 * rights and other control info, esp. as control info
1211 * is always optional and those options didn't exist in 4.3.
1212 * If we receive rights, trim the cmsghdr; anything else
1215 if (control && mp->msg_flags & MSG_COMPAT) {
1216 if (mtod(control, struct cmsghdr *)->cmsg_level !=
1218 mtod(control, struct cmsghdr *)->cmsg_type !=
1220 mp->msg_controllen = 0;
1223 control->m_len -= sizeof (struct cmsghdr);
1224 control->m_data += sizeof (struct cmsghdr);
1227 len = mp->msg_controllen;
1229 mp->msg_controllen = 0;
1230 ctlbuf = mp->msg_control;
1232 while (m && len > 0) {
1233 unsigned int tocopy;
1235 if (len >= m->m_len)
1238 mp->msg_flags |= MSG_CTRUNC;
1242 if ((error = copyout(mtod(m, caddr_t),
1243 ctlbuf, tocopy)) != 0)
1250 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control;
1255 if (fromsa && KTRPOINT(td, KTR_STRUCT))
1256 ktrsockaddr(fromsa);
1258 free(fromsa, M_SONAME);
1260 if (error == 0 && controlp != NULL)
1261 *controlp = control;
1269 recvit(td, s, mp, namelenp)
1277 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL);
1280 if (namelenp != NULL) {
1281 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t));
1282 #ifdef COMPAT_OLDSOCK
1283 if (mp->msg_flags & MSG_COMPAT)
1284 error = 0; /* old recvfrom didn't check */
1291 sys_recvfrom(td, uap)
1293 struct recvfrom_args /* {
1298 struct sockaddr * __restrict from;
1299 socklen_t * __restrict fromlenaddr;
1306 if (uap->fromlenaddr) {
1307 error = copyin(uap->fromlenaddr,
1308 &msg.msg_namelen, sizeof (msg.msg_namelen));
1312 msg.msg_namelen = 0;
1314 msg.msg_name = uap->from;
1315 msg.msg_iov = &aiov;
1317 aiov.iov_base = uap->buf;
1318 aiov.iov_len = uap->len;
1319 msg.msg_control = 0;
1320 msg.msg_flags = uap->flags;
1321 error = recvit(td, uap->s, &msg, uap->fromlenaddr);
1326 #ifdef COMPAT_OLDSOCK
1330 struct recvfrom_args *uap;
1333 uap->flags |= MSG_COMPAT;
1334 return (sys_recvfrom(td, uap));
1338 #ifdef COMPAT_OLDSOCK
1342 struct orecv_args /* {
1353 msg.msg_namelen = 0;
1354 msg.msg_iov = &aiov;
1356 aiov.iov_base = uap->buf;
1357 aiov.iov_len = uap->len;
1358 msg.msg_control = 0;
1359 msg.msg_flags = uap->flags;
1360 return (recvit(td, uap->s, &msg, NULL));
1364 * Old recvmsg. This code takes advantage of the fact that the old msghdr
1365 * overlays the new one, missing only the flags, and with the (old) access
1366 * rights where the control fields are now.
1371 struct orecvmsg_args /* {
1373 struct omsghdr *msg;
1381 error = copyin(uap->msg, &msg, sizeof (struct omsghdr));
1384 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1387 msg.msg_flags = uap->flags | MSG_COMPAT;
1389 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen);
1390 if (msg.msg_controllen && error == 0)
1391 error = copyout(&msg.msg_controllen,
1392 &uap->msg->msg_accrightslen, sizeof (int));
1399 sys_recvmsg(td, uap)
1401 struct recvmsg_args /* {
1408 struct iovec *uiov, *iov;
1411 error = copyin(uap->msg, &msg, sizeof (msg));
1414 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE);
1417 msg.msg_flags = uap->flags;
1418 #ifdef COMPAT_OLDSOCK
1419 msg.msg_flags &= ~MSG_COMPAT;
1423 error = recvit(td, uap->s, &msg, NULL);
1426 error = copyout(&msg, uap->msg, sizeof(msg));
1434 sys_shutdown(td, uap)
1436 struct shutdown_args /* {
1443 cap_rights_t rights;
1446 AUDIT_ARG_FD(uap->s);
1447 error = getsock_cap(td->td_proc->p_fd, uap->s,
1448 cap_rights_init(&rights, CAP_SHUTDOWN), &fp, NULL);
1451 error = soshutdown(so, uap->how);
1459 sys_setsockopt(td, uap)
1461 struct setsockopt_args /* {
1470 return (kern_setsockopt(td, uap->s, uap->level, uap->name,
1471 uap->val, UIO_USERSPACE, uap->valsize));
1475 kern_setsockopt(td, s, level, name, val, valseg, valsize)
1481 enum uio_seg valseg;
1486 struct sockopt sopt;
1487 cap_rights_t rights;
1490 if (val == NULL && valsize != 0)
1492 if ((int)valsize < 0)
1495 sopt.sopt_dir = SOPT_SET;
1496 sopt.sopt_level = level;
1497 sopt.sopt_name = name;
1498 sopt.sopt_val = val;
1499 sopt.sopt_valsize = valsize;
1505 sopt.sopt_td = NULL;
1508 panic("kern_setsockopt called with bad valseg");
1512 error = getsock_cap(td->td_proc->p_fd, s,
1513 cap_rights_init(&rights, CAP_SETSOCKOPT), &fp, NULL);
1516 error = sosetopt(so, &sopt);
1524 sys_getsockopt(td, uap)
1526 struct getsockopt_args /* {
1530 void * __restrict val;
1531 socklen_t * __restrict avalsize;
1538 error = copyin(uap->avalsize, &valsize, sizeof (valsize));
1543 error = kern_getsockopt(td, uap->s, uap->level, uap->name,
1544 uap->val, UIO_USERSPACE, &valsize);
1547 error = copyout(&valsize, uap->avalsize, sizeof (valsize));
1552 * Kernel version of getsockopt.
1553 * optval can be a userland or userspace. optlen is always a kernel pointer.
1556 kern_getsockopt(td, s, level, name, val, valseg, valsize)
1562 enum uio_seg valseg;
1567 struct sockopt sopt;
1568 cap_rights_t rights;
1573 if ((int)*valsize < 0)
1576 sopt.sopt_dir = SOPT_GET;
1577 sopt.sopt_level = level;
1578 sopt.sopt_name = name;
1579 sopt.sopt_val = val;
1580 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */
1586 sopt.sopt_td = NULL;
1589 panic("kern_getsockopt called with bad valseg");
1593 error = getsock_cap(td->td_proc->p_fd, s,
1594 cap_rights_init(&rights, CAP_GETSOCKOPT), &fp, NULL);
1597 error = sogetopt(so, &sopt);
1598 *valsize = sopt.sopt_valsize;
1605 * getsockname1() - Get socket name.
1609 getsockname1(td, uap, compat)
1611 struct getsockname_args /* {
1613 struct sockaddr * __restrict asa;
1614 socklen_t * __restrict alen;
1618 struct sockaddr *sa;
1622 error = copyin(uap->alen, &len, sizeof(len));
1626 error = kern_getsockname(td, uap->fdes, &sa, &len);
1631 #ifdef COMPAT_OLDSOCK
1633 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1635 error = copyout(sa, uap->asa, (u_int)len);
1639 error = copyout(&len, uap->alen, sizeof(len));
1644 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa,
1649 cap_rights_t rights;
1654 error = getsock_cap(td->td_proc->p_fd, fd,
1655 cap_rights_init(&rights, CAP_GETSOCKNAME), &fp, NULL);
1660 CURVNET_SET(so->so_vnet);
1661 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, sa);
1668 len = MIN(*alen, (*sa)->sa_len);
1671 if (KTRPOINT(td, KTR_STRUCT))
1676 if (error != 0 && *sa != NULL) {
1677 free(*sa, M_SONAME);
1684 sys_getsockname(td, uap)
1686 struct getsockname_args *uap;
1689 return (getsockname1(td, uap, 0));
1692 #ifdef COMPAT_OLDSOCK
1694 ogetsockname(td, uap)
1696 struct getsockname_args *uap;
1699 return (getsockname1(td, uap, 1));
1701 #endif /* COMPAT_OLDSOCK */
1704 * getpeername1() - Get name of peer for connected socket.
1708 getpeername1(td, uap, compat)
1710 struct getpeername_args /* {
1712 struct sockaddr * __restrict asa;
1713 socklen_t * __restrict alen;
1717 struct sockaddr *sa;
1721 error = copyin(uap->alen, &len, sizeof (len));
1725 error = kern_getpeername(td, uap->fdes, &sa, &len);
1730 #ifdef COMPAT_OLDSOCK
1732 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1734 error = copyout(sa, uap->asa, (u_int)len);
1738 error = copyout(&len, uap->alen, sizeof(len));
1743 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa,
1748 cap_rights_t rights;
1753 error = getsock_cap(td->td_proc->p_fd, fd,
1754 cap_rights_init(&rights, CAP_GETPEERNAME), &fp, NULL);
1758 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) {
1763 CURVNET_SET(so->so_vnet);
1764 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, sa);
1771 len = MIN(*alen, (*sa)->sa_len);
1774 if (KTRPOINT(td, KTR_STRUCT))
1778 if (error != 0 && *sa != NULL) {
1779 free(*sa, M_SONAME);
1788 sys_getpeername(td, uap)
1790 struct getpeername_args *uap;
1793 return (getpeername1(td, uap, 0));
1796 #ifdef COMPAT_OLDSOCK
1798 ogetpeername(td, uap)
1800 struct ogetpeername_args *uap;
1803 /* XXX uap should have type `getpeername_args *' to begin with. */
1804 return (getpeername1(td, (struct getpeername_args *)uap, 1));
1806 #endif /* COMPAT_OLDSOCK */
1809 sockargs(mp, buf, buflen, type)
1814 struct sockaddr *sa;
1818 if (buflen > MLEN) {
1819 #ifdef COMPAT_OLDSOCK
1820 if (type == MT_SONAME && buflen <= 112)
1821 buflen = MLEN; /* unix domain compat. hack */
1824 if (buflen > MCLBYTES)
1827 m = m_get2(buflen, M_WAITOK, type, 0);
1829 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen);
1834 if (type == MT_SONAME) {
1835 sa = mtod(m, struct sockaddr *);
1837 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1838 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1839 sa->sa_family = sa->sa_len;
1841 sa->sa_len = buflen;
1848 getsockaddr(namp, uaddr, len)
1849 struct sockaddr **namp;
1853 struct sockaddr *sa;
1856 if (len > SOCK_MAXADDRLEN)
1857 return (ENAMETOOLONG);
1858 if (len < offsetof(struct sockaddr, sa_data[0]))
1860 sa = malloc(len, M_SONAME, M_WAITOK);
1861 error = copyin(uaddr, sa, len);
1865 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1866 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1867 sa->sa_family = sa->sa_len;
1876 filt_sfsync_attach(struct knote *kn)
1878 struct sendfile_sync *sfs = (struct sendfile_sync *) kn->kn_sdata;
1879 struct knlist *knl = &sfs->klist;
1881 SFSYNC_DPRINTF("%s: kn=%p, sfs=%p\n", __func__, kn, sfs);
1884 * Validate that we actually received this via the kernel API.
1886 if ((kn->kn_flags & EV_FLAG1) == 0)
1889 kn->kn_ptr.p_v = sfs;
1890 kn->kn_flags &= ~EV_FLAG1;
1892 knl->kl_lock(knl->kl_lockarg);
1894 * If we're in the "freeing" state,
1895 * don't allow the add. That way we don't
1896 * end up racing with some other thread that
1897 * is trying to finish some setup.
1899 if (sfs->state == SF_STATE_FREEING) {
1900 knl->kl_unlock(knl->kl_lockarg);
1903 knlist_add(&sfs->klist, kn, 1);
1904 knl->kl_unlock(knl->kl_lockarg);
1910 * Called when a knote is being detached.
1913 filt_sfsync_detach(struct knote *kn)
1916 struct sendfile_sync *sfs;
1919 sfs = kn->kn_ptr.p_v;
1922 SFSYNC_DPRINTF("%s: kn=%p, sfs=%p\n", __func__, kn, sfs);
1924 knl->kl_lock(knl->kl_lockarg);
1925 if (!knlist_empty(knl))
1926 knlist_remove(knl, kn, 1);
1929 * If the list is empty _AND_ the refcount is 0
1930 * _AND_ we've finished the setup phase and now
1931 * we're in the running phase, we can free the
1932 * underlying sendfile_sync.
1934 * But we shouldn't do it before finishing the
1935 * underlying divorce from the knote.
1937 * So, we have the sfsync lock held; transition
1938 * it to "freeing", then unlock, then free
1941 if (knlist_empty(knl)) {
1942 if (sfs->state == SF_STATE_COMPLETED && sfs->count == 0) {
1943 SFSYNC_DPRINTF("%s: (%llu) sfs=%p; completed, "
1944 "count==0, empty list: time to free!\n",
1946 (unsigned long long) curthread->td_tid,
1948 sf_sync_set_state(sfs, SF_STATE_FREEING, 1);
1952 knl->kl_unlock(knl->kl_lockarg);
1955 * Only call free if we're the one who has transitioned things
1956 * to free. Otherwise we could race with another thread that
1957 * is currently tearing things down.
1960 SFSYNC_DPRINTF("%s: (%llu) sfs=%p, %s:%d\n",
1962 (unsigned long long) curthread->td_tid,
1971 filt_sfsync(struct knote *kn, long hint)
1973 struct sendfile_sync *sfs = (struct sendfile_sync *) kn->kn_ptr.p_v;
1976 SFSYNC_DPRINTF("%s: kn=%p, sfs=%p\n", __func__, kn, sfs);
1979 * XXX add a lock assertion here!
1981 ret = (sfs->count == 0 && sfs->state == SF_STATE_COMPLETED);
1988 * Detach mapped page and release resources back to the system.
1991 sf_buf_mext(struct mbuf *mb, void *addr, void *args)
1994 struct sendfile_sync *sfs;
1996 m = sf_buf_page(args);
1999 vm_page_unwire(m, 0);
2001 * Check for the object going away on us. This can
2002 * happen since we don't hold a reference to it.
2003 * If so, we're responsible for freeing the page.
2005 if (m->wire_count == 0 && m->object == NULL)
2013 * sfs may be invalid at this point, don't use it!
2015 return (EXT_FREE_OK);
2019 * Called to remove a reference to a sf_sync object.
2021 * This is generally done during the mbuf free path to signify
2022 * that one of the mbufs in the transaction has been completed.
2024 * If we're doing SF_SYNC and the refcount is zero then we'll wake
2027 * IF we're doing SF_KQUEUE and the refcount is zero then we'll
2028 * fire off the knote.
2031 sf_sync_deref(struct sendfile_sync *sfs)
2038 mtx_lock(&sfs->mtx);
2039 KASSERT(sfs->count> 0, ("Sendfile sync botchup count == 0"));
2043 * Only fire off the wakeup / kqueue notification if
2044 * we are in the running state.
2046 if (sfs->count == 0 && sfs->state == SF_STATE_COMPLETED) {
2047 if (sfs->flags & SF_SYNC)
2048 cv_signal(&sfs->cv);
2050 if (sfs->flags & SF_KQUEUE) {
2051 SFSYNC_DPRINTF("%s: (%llu) sfs=%p: knote!\n",
2053 (unsigned long long) curthread->td_tid,
2055 KNOTE_LOCKED(&sfs->klist, 1);
2059 * If we're not waiting around for a sync,
2060 * check if the knote list is empty.
2061 * If it is, we transition to free.
2063 * XXX I think it's about time I added some state
2064 * or flag that says whether we're supposed to be
2065 * waiting around until we've done a signal.
2067 * XXX Ie, the reason that I don't free it here
2068 * is because the caller will free the last reference,
2069 * not us. That should be codified in some flag
2070 * that indicates "self-free" rather than checking
2071 * for SF_SYNC all the time.
2073 if ((sfs->flags & SF_SYNC) == 0 && knlist_empty(&sfs->klist)) {
2074 SFSYNC_DPRINTF("%s: (%llu) sfs=%p; completed, "
2075 "count==0, empty list: time to free!\n",
2077 (unsigned long long) curthread->td_tid,
2079 sf_sync_set_state(sfs, SF_STATE_FREEING, 1);
2084 mtx_unlock(&sfs->mtx);
2087 * Attempt to do a free here.
2089 * We do this outside of the lock because it may destroy the
2090 * lock in question as it frees things. We can optimise this
2093 * XXX yes, we should make it a requirement to hold the
2094 * lock across sf_sync_free().
2097 SFSYNC_DPRINTF("%s: (%llu) sfs=%p\n",
2099 (unsigned long long) curthread->td_tid,
2106 * Allocate a sendfile_sync state structure.
2108 * For now this only knows about the "sleep" sync, but later it will
2109 * grow various other personalities.
2111 struct sendfile_sync *
2112 sf_sync_alloc(uint32_t flags)
2114 struct sendfile_sync *sfs;
2116 sfs = uma_zalloc(zone_sfsync, M_WAITOK | M_ZERO);
2117 mtx_init(&sfs->mtx, "sendfile", NULL, MTX_DEF);
2118 cv_init(&sfs->cv, "sendfile");
2120 sfs->state = SF_STATE_SETUP;
2121 knlist_init_mtx(&sfs->klist, &sfs->mtx);
2123 SFSYNC_DPRINTF("%s: sfs=%p, flags=0x%08x\n", __func__, sfs, sfs->flags);
2129 * Take a reference to a sfsync instance.
2131 * This has to map 1:1 to free calls coming in via sf_buf_mext(),
2132 * so typically this will be referenced once for each mbuf allocated.
2135 sf_sync_ref(struct sendfile_sync *sfs)
2141 mtx_lock(&sfs->mtx);
2143 mtx_unlock(&sfs->mtx);
2147 sf_sync_syscall_wait(struct sendfile_sync *sfs)
2153 KASSERT(mtx_owned(&sfs->mtx), ("%s: sfs=%p: not locked but should be!",
2158 * If we're not requested to wait during the syscall,
2159 * don't bother waiting.
2161 if ((sfs->flags & SF_SYNC) == 0)
2165 * This is a bit suboptimal and confusing, so bear with me.
2167 * Ideally sf_sync_syscall_wait() will wait until
2168 * all pending mbuf transmit operations are done.
2169 * This means that when sendfile becomes async, it'll
2170 * run in the background and will transition from
2171 * RUNNING to COMPLETED when it's finished acquiring
2172 * new things to send. Then, when the mbufs finish
2173 * sending, COMPLETED + sfs->count == 0 is enough to
2174 * know that no further work is being done.
2176 * So, we will sleep on both RUNNING and COMPLETED.
2177 * It's up to the (in progress) async sendfile loop
2178 * to transition the sf_sync from RUNNING to
2179 * COMPLETED so the wakeup above will actually
2180 * do the cv_signal() call.
2182 if (sfs->state != SF_STATE_COMPLETED && sfs->state != SF_STATE_RUNNING)
2185 if (sfs->count != 0)
2186 cv_wait(&sfs->cv, &sfs->mtx);
2187 KASSERT(sfs->count == 0, ("sendfile sync still busy"));
2194 * Free an sf_sync if it's appropriate to.
2197 sf_sync_free(struct sendfile_sync *sfs)
2203 SFSYNC_DPRINTF("%s: (%lld) sfs=%p; called; state=%d, flags=0x%08x "
2206 (long long) curthread->td_tid,
2212 mtx_lock(&sfs->mtx);
2215 * We keep the sf_sync around if the state is active,
2216 * we are doing kqueue notification and we have active
2219 * If the caller wants to free us right this second it
2220 * should transition this to the freeing state.
2222 * So, complain loudly if they break this rule.
2224 if (sfs->state != SF_STATE_FREEING) {
2225 printf("%s: (%llu) sfs=%p; not freeing; let's wait!\n",
2227 (unsigned long long) curthread->td_tid,
2229 mtx_unlock(&sfs->mtx);
2233 KASSERT(sfs->count == 0, ("sendfile sync still busy"));
2234 cv_destroy(&sfs->cv);
2236 * This doesn't call knlist_detach() on each knote; it just frees
2239 knlist_delete(&sfs->klist, curthread, 1);
2240 mtx_destroy(&sfs->mtx);
2241 SFSYNC_DPRINTF("%s: (%llu) sfs=%p; freeing\n",
2243 (unsigned long long) curthread->td_tid,
2245 uma_zfree(zone_sfsync, sfs);
2249 * Setup a sf_sync to post a kqueue notification when things are complete.
2252 sf_sync_kqueue_setup(struct sendfile_sync *sfs, struct sf_hdtr_kq *sfkq)
2257 sfs->flags |= SF_KQUEUE;
2259 /* Check the flags are valid */
2260 if ((sfkq->kq_flags & ~(EV_CLEAR | EV_DISPATCH | EV_ONESHOT)) != 0)
2263 SFSYNC_DPRINTF("%s: sfs=%p: kqfd=%d, flags=0x%08x, ident=%p, udata=%p\n",
2268 (void *) sfkq->kq_ident,
2269 (void *) sfkq->kq_udata);
2271 /* Setup and register a knote on the given kqfd. */
2272 kev.ident = (uintptr_t) sfkq->kq_ident;
2273 kev.filter = EVFILT_SENDFILE;
2274 kev.flags = EV_ADD | EV_ENABLE | EV_FLAG1 | sfkq->kq_flags;
2275 kev.data = (intptr_t) sfs;
2276 kev.udata = sfkq->kq_udata;
2278 error = kqfd_register(sfkq->kq_fd, &kev, curthread, 1);
2280 SFSYNC_DPRINTF("%s: returned %d\n", __func__, error);
2286 sf_sync_set_state(struct sendfile_sync *sfs, sendfile_sync_state_t state,
2289 sendfile_sync_state_t old_state;
2292 mtx_lock(&sfs->mtx);
2295 * Update our current state.
2297 old_state = sfs->state;
2299 SFSYNC_DPRINTF("%s: (%llu) sfs=%p; going from %d to %d\n",
2301 (unsigned long long) curthread->td_tid,
2307 * If we're transitioning from RUNNING to COMPLETED and the count is
2308 * zero, then post the knote. The caller may have completed the
2309 * send before we updated the state to COMPLETED and we need to make
2310 * sure this is communicated.
2312 if (old_state == SF_STATE_RUNNING
2313 && state == SF_STATE_COMPLETED
2315 && sfs->flags & SF_KQUEUE) {
2316 SFSYNC_DPRINTF("%s: (%llu) sfs=%p: triggering knote!\n",
2318 (unsigned long long) curthread->td_tid,
2320 KNOTE_LOCKED(&sfs->klist, 1);
2324 mtx_unlock(&sfs->mtx);
2328 * Set the retval/errno for the given transaction.
2330 * This will eventually/ideally be used when the KNOTE is fired off
2331 * to signify the completion of this transaction.
2333 * The sfsync lock should be held before entering this function.
2336 sf_sync_set_retval(struct sendfile_sync *sfs, off_t retval, int xerrno)
2339 KASSERT(mtx_owned(&sfs->mtx), ("%s: sfs=%p: not locked but should be!",
2343 SFSYNC_DPRINTF("%s: (%llu) sfs=%p: errno=%d, retval=%jd\n",
2345 (unsigned long long) curthread->td_tid,
2350 sfs->retval = retval;
2351 sfs->xerrno = xerrno;
2357 * int sendfile(int fd, int s, off_t offset, size_t nbytes,
2358 * struct sf_hdtr *hdtr, off_t *sbytes, int flags)
2360 * Send a file specified by 'fd' and starting at 'offset' to a socket
2361 * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes ==
2362 * 0. Optionally add a header and/or trailer to the socket output. If
2363 * specified, write the total number of bytes sent into *sbytes.
2366 sys_sendfile(struct thread *td, struct sendfile_args *uap)
2369 return (do_sendfile(td, uap, 0));
2373 _do_sendfile(struct thread *td, int src_fd, int sock_fd, int flags,
2374 int compat, off_t offset, size_t nbytes, off_t *sbytes,
2375 struct uio *hdr_uio,
2376 struct uio *trl_uio, struct sf_hdtr_kq *hdtr_kq)
2378 cap_rights_t rights;
2379 struct sendfile_sync *sfs = NULL;
2385 AUDIT_ARG_FD(src_fd);
2387 if (hdtr_kq != NULL)
2391 * sendfile(2) can start at any offset within a file so we require
2392 * CAP_READ+CAP_SEEK = CAP_PREAD.
2394 if ((error = fget_read(td, src_fd,
2395 cap_rights_init(&rights, CAP_PREAD), &fp)) != 0) {
2400 * IF SF_KQUEUE is set but we haven't copied in anything for
2401 * kqueue data, error out.
2403 if (flags & SF_KQUEUE && do_kqueue == 0) {
2404 SFSYNC_DPRINTF("%s: SF_KQUEUE but no KQUEUE data!\n", __func__);
2409 * If we need to wait for completion, initialise the sfsync
2412 if (flags & (SF_SYNC | SF_KQUEUE))
2413 sfs = sf_sync_alloc(flags & (SF_SYNC | SF_KQUEUE));
2415 if (flags & SF_KQUEUE) {
2416 error = sf_sync_kqueue_setup(sfs, hdtr_kq);
2418 SFSYNC_DPRINTF("%s: (%llu) error; sfs=%p\n",
2420 (unsigned long long) curthread->td_tid,
2422 sf_sync_set_state(sfs, SF_STATE_FREEING, 0);
2429 * Do the sendfile call.
2431 * If this fails, it'll free the mbuf chain which will free up the
2432 * sendfile_sync references.
2434 error = fo_sendfile(fp, sock_fd, hdr_uio, trl_uio, offset,
2435 nbytes, sbytes, flags, compat ? SFK_COMPAT : 0, sfs, td);
2438 * If the sendfile call succeeded, transition the sf_sync state
2439 * to RUNNING, then COMPLETED.
2441 * If the sendfile call failed, then the sendfile call may have
2442 * actually sent some data first - so we check to see whether
2443 * any data was sent. If some data was queued (ie, count > 0)
2444 * then we can't call free; we have to wait until the partial
2445 * transaction completes before we continue along.
2447 * This has the side effect of firing off the knote
2448 * if the refcount has hit zero by the time we get here.
2451 mtx_lock(&sfs->mtx);
2452 if (error == 0 || sfs->count > 0) {
2454 * When it's time to do async sendfile, the transition
2455 * to RUNNING signifies that we're actually actively
2456 * adding and completing mbufs. When the last disk
2457 * buffer is read (ie, when we're not doing any
2458 * further read IO and all subsequent stuff is mbuf
2459 * transmissions) we'll transition to COMPLETED
2460 * and when the final mbuf is freed, the completion
2463 sf_sync_set_state(sfs, SF_STATE_RUNNING, 1);
2466 * Set the retval before we signal completed.
2467 * If we do it the other way around then transitioning to
2468 * COMPLETED may post the knote before you set the return
2471 * XXX for now, errno is always 0, as we don't post
2472 * knotes if sendfile failed. Maybe that'll change later.
2474 sf_sync_set_retval(sfs, *sbytes, error);
2477 * And now transition to completed, which will kick off
2478 * the knote if required.
2480 sf_sync_set_state(sfs, SF_STATE_COMPLETED, 1);
2483 * Error isn't zero, sfs_count is zero, so we
2484 * won't have some other thing to wake things up.
2487 sf_sync_set_state(sfs, SF_STATE_FREEING, 1);
2492 * Next - wait if appropriate.
2494 sf_sync_syscall_wait(sfs);
2497 * If we're not doing kqueue notifications, we can
2498 * transition this immediately to the freeing state.
2500 if ((sfs->flags & SF_KQUEUE) == 0) {
2501 sf_sync_set_state(sfs, SF_STATE_FREEING, 1);
2505 mtx_unlock(&sfs->mtx);
2509 * If do_free is set, free here.
2511 * If we're doing no-kqueue notification and it's just sleep notification,
2512 * we also do free; it's the only chance we have.
2514 if (sfs != NULL && do_free == 1) {
2519 * XXX Should we wait until the send has completed before freeing the source
2520 * file handle? It's the previous behaviour, sure, but is it required?
2521 * We've wired down the page references after all.
2532 do_sendfile(struct thread *td, struct sendfile_args *uap, int compat)
2534 struct sf_hdtr hdtr;
2535 struct sf_hdtr_kq hdtr_kq;
2536 struct uio *hdr_uio, *trl_uio;
2542 * File offset must be positive. If it goes beyond EOF
2543 * we send only the header/trailer and no payload data.
2545 if (uap->offset < 0)
2548 hdr_uio = trl_uio = NULL;
2550 if (uap->hdtr != NULL) {
2551 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
2554 if (hdtr.headers != NULL) {
2555 error = copyinuio(hdtr.headers, hdtr.hdr_cnt, &hdr_uio);
2559 if (hdtr.trailers != NULL) {
2560 error = copyinuio(hdtr.trailers, hdtr.trl_cnt, &trl_uio);
2566 * If SF_KQUEUE is set, then we need to also copy in
2567 * the kqueue data after the normal hdtr set and set
2570 if (uap->flags & SF_KQUEUE) {
2571 error = copyin(((char *) uap->hdtr) + sizeof(hdtr),
2581 error = _do_sendfile(td, uap->fd, uap->s, uap->flags, compat,
2582 uap->offset, uap->nbytes, &sbytes, hdr_uio, trl_uio, &hdtr_kq);
2584 if (uap->sbytes != NULL) {
2585 copyout(&sbytes, uap->sbytes, sizeof(off_t));
2588 free(hdr_uio, M_IOV);
2589 free(trl_uio, M_IOV);
2593 #ifdef COMPAT_FREEBSD4
2595 freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap)
2597 struct sendfile_args args;
2601 args.offset = uap->offset;
2602 args.nbytes = uap->nbytes;
2603 args.hdtr = uap->hdtr;
2604 args.sbytes = uap->sbytes;
2605 args.flags = uap->flags;
2607 return (do_sendfile(td, &args, 1));
2609 #endif /* COMPAT_FREEBSD4 */
2612 sendfile_readpage(vm_object_t obj, struct vnode *vp, int nd,
2613 off_t off, int xfsize, int bsize, struct thread *td, vm_page_t *res)
2618 int error, readahead, rv;
2620 pindex = OFF_TO_IDX(off);
2621 VM_OBJECT_WLOCK(obj);
2622 m = vm_page_grab(obj, pindex, (vp != NULL ? VM_ALLOC_NOBUSY |
2623 VM_ALLOC_IGN_SBUSY : 0) | VM_ALLOC_WIRED | VM_ALLOC_NORMAL);
2626 * Check if page is valid for what we need, otherwise initiate I/O.
2628 * The non-zero nd argument prevents disk I/O, instead we
2629 * return the caller what he specified in nd. In particular,
2630 * if we already turned some pages into mbufs, nd == EAGAIN
2631 * and the main function send them the pages before we come
2632 * here again and block.
2634 if (m->valid != 0 && vm_page_is_valid(m, off & PAGE_MASK, xfsize)) {
2637 VM_OBJECT_WUNLOCK(obj);
2640 } else if (nd != 0) {
2648 * Get the page from backing store.
2652 VM_OBJECT_WUNLOCK(obj);
2653 readahead = sfreadahead * MAXBSIZE;
2656 * Use vn_rdwr() instead of the pager interface for
2657 * the vnode, to allow the read-ahead.
2659 * XXXMAC: Because we don't have fp->f_cred here, we
2660 * pass in NOCRED. This is probably wrong, but is
2661 * consistent with our original implementation.
2663 error = vn_rdwr(UIO_READ, vp, NULL, readahead, trunc_page(off),
2664 UIO_NOCOPY, IO_NODELOCKED | IO_VMIO | ((readahead /
2665 bsize) << IO_SEQSHIFT), td->td_ucred, NOCRED, &resid, td);
2666 SFSTAT_INC(sf_iocnt);
2667 VM_OBJECT_WLOCK(obj);
2669 if (vm_pager_has_page(obj, pindex, NULL, NULL)) {
2670 rv = vm_pager_get_pages(obj, &m, 1, 0);
2671 SFSTAT_INC(sf_iocnt);
2672 m = vm_page_lookup(obj, pindex);
2675 else if (rv != VM_PAGER_OK) {
2684 m->valid = VM_PAGE_BITS_ALL;
2692 } else if (m != NULL) {
2695 vm_page_unwire(m, 0);
2698 * See if anyone else might know about this page. If
2699 * not and it is not valid, then free it.
2701 if (m->wire_count == 0 && m->valid == 0 && !vm_page_busied(m))
2705 KASSERT(error != 0 || (m->wire_count > 0 &&
2706 vm_page_is_valid(m, off & PAGE_MASK, xfsize)),
2707 ("wrong page state m %p off %#jx xfsize %d", m, (uintmax_t)off,
2709 VM_OBJECT_WUNLOCK(obj);
2714 sendfile_getobj(struct thread *td, struct file *fp, vm_object_t *obj_res,
2715 struct vnode **vp_res, struct shmfd **shmfd_res, off_t *obj_size,
2721 struct shmfd *shmfd;
2724 vp = *vp_res = NULL;
2726 shmfd = *shmfd_res = NULL;
2730 * The file descriptor must be a regular file and have a
2731 * backing VM object.
2733 if (fp->f_type == DTYPE_VNODE) {
2735 vn_lock(vp, LK_SHARED | LK_RETRY);
2736 if (vp->v_type != VREG) {
2740 *bsize = vp->v_mount->mnt_stat.f_iosize;
2741 error = VOP_GETATTR(vp, &va, td->td_ucred);
2744 *obj_size = va.va_size;
2750 } else if (fp->f_type == DTYPE_SHM) {
2752 obj = shmfd->shm_object;
2753 *obj_size = shmfd->shm_size;
2759 VM_OBJECT_WLOCK(obj);
2760 if ((obj->flags & OBJ_DEAD) != 0) {
2761 VM_OBJECT_WUNLOCK(obj);
2767 * Temporarily increase the backing VM object's reference
2768 * count so that a forced reclamation of its vnode does not
2769 * immediately destroy it.
2771 vm_object_reference_locked(obj);
2772 VM_OBJECT_WUNLOCK(obj);
2784 kern_sendfile_getsock(struct thread *td, int s, struct file **sock_fp,
2787 cap_rights_t rights;
2794 * The socket must be a stream socket and connected.
2796 error = getsock_cap(td->td_proc->p_fd, s, cap_rights_init(&rights,
2797 CAP_SEND), sock_fp, NULL);
2800 *so = (*sock_fp)->f_data;
2801 if ((*so)->so_type != SOCK_STREAM)
2803 if (((*so)->so_state & SS_ISCONNECTED) == 0)
2809 vn_sendfile(struct file *fp, int sockfd, struct uio *hdr_uio,
2810 struct uio *trl_uio, off_t offset, size_t nbytes, off_t *sent, int flags,
2811 int kflags, struct sendfile_sync *sfs, struct thread *td)
2813 struct file *sock_fp;
2815 struct vm_object *obj;
2820 struct shmfd *shmfd;
2822 off_t off, xfsize, fsbytes, sbytes, rem, obj_size;
2823 int error, bsize, nd, hdrlen, mnw;
2829 fsbytes = sbytes = 0;
2834 error = sendfile_getobj(td, fp, &obj, &vp, &shmfd, &obj_size, &bsize);
2840 error = kern_sendfile_getsock(td, sockfd, &sock_fp, &so);
2845 * Do not wait on memory allocations but return ENOMEM for
2846 * caller to retry later.
2847 * XXX: Experimental.
2849 if (flags & SF_MNOWAIT)
2853 error = mac_socket_check_send(td->td_ucred, so);
2858 /* If headers are specified copy them into mbufs. */
2859 if (hdr_uio != NULL) {
2860 hdr_uio->uio_td = td;
2861 hdr_uio->uio_rw = UIO_WRITE;
2862 if (hdr_uio->uio_resid > 0) {
2864 * In FBSD < 5.0 the nbytes to send also included
2865 * the header. If compat is specified subtract the
2866 * header size from nbytes.
2868 if (kflags & SFK_COMPAT) {
2869 if (nbytes > hdr_uio->uio_resid)
2870 nbytes -= hdr_uio->uio_resid;
2874 m = m_uiotombuf(hdr_uio, (mnw ? M_NOWAIT : M_WAITOK),
2877 error = mnw ? EAGAIN : ENOBUFS;
2880 hdrlen = m_length(m, NULL);
2885 * Protect against multiple writers to the socket.
2887 * XXXRW: Historically this has assumed non-interruptibility, so now
2888 * we implement that, but possibly shouldn't.
2890 (void)sblock(&so->so_snd, SBL_WAIT | SBL_NOINTR);
2893 * Loop through the pages of the file, starting with the requested
2894 * offset. Get a file page (do I/O if necessary), map the file page
2895 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
2897 * This is done in two loops. The inner loop turns as many pages
2898 * as it can, up to available socket buffer space, without blocking
2899 * into mbufs to have it bulk delivered into the socket send buffer.
2900 * The outer loop checks the state and available space of the socket
2901 * and takes care of the overall progress.
2903 for (off = offset; ; ) {
2909 if ((nbytes != 0 && nbytes == fsbytes) ||
2910 (nbytes == 0 && obj_size == fsbytes))
2919 * Check the socket state for ongoing connection,
2920 * no errors and space in socket buffer.
2921 * If space is low allow for the remainder of the
2922 * file to be processed if it fits the socket buffer.
2923 * Otherwise block in waiting for sufficient space
2924 * to proceed, or if the socket is nonblocking, return
2925 * to userland with EAGAIN while reporting how far
2927 * We wait until the socket buffer has significant free
2928 * space to do bulk sends. This makes good use of file
2929 * system read ahead and allows packet segmentation
2930 * offloading hardware to take over lots of work. If
2931 * we were not careful here we would send off only one
2934 SOCKBUF_LOCK(&so->so_snd);
2935 if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2)
2936 so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2;
2938 if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
2940 SOCKBUF_UNLOCK(&so->so_snd);
2942 } else if (so->so_error) {
2943 error = so->so_error;
2945 SOCKBUF_UNLOCK(&so->so_snd);
2948 space = sbspace(&so->so_snd);
2951 space < so->so_snd.sb_lowat)) {
2952 if (so->so_state & SS_NBIO) {
2953 SOCKBUF_UNLOCK(&so->so_snd);
2958 * sbwait drops the lock while sleeping.
2959 * When we loop back to retry_space the
2960 * state may have changed and we retest
2963 error = sbwait(&so->so_snd);
2965 * An error from sbwait usually indicates that we've
2966 * been interrupted by a signal. If we've sent anything
2967 * then return bytes sent, otherwise return the error.
2970 SOCKBUF_UNLOCK(&so->so_snd);
2975 SOCKBUF_UNLOCK(&so->so_snd);
2978 * Reduce space in the socket buffer by the size of
2979 * the header mbuf chain.
2980 * hdrlen is set to 0 after the first loop.
2985 error = vn_lock(vp, LK_SHARED);
2988 error = VOP_GETATTR(vp, &va, td->td_ucred);
2989 if (error != 0 || off >= va.va_size) {
2993 obj_size = va.va_size;
2997 * Loop and construct maximum sized mbuf chain to be bulk
2998 * dumped into socket buffer.
3000 while (space > loopbytes) {
3005 * Calculate the amount to transfer.
3006 * Not to exceed a page, the EOF,
3007 * or the passed in nbytes.
3009 pgoff = (vm_offset_t)(off & PAGE_MASK);
3010 rem = obj_size - offset;
3012 rem = omin(rem, nbytes);
3013 rem -= fsbytes + loopbytes;
3014 xfsize = omin(PAGE_SIZE - pgoff, rem);
3015 xfsize = omin(space - loopbytes, xfsize);
3017 done = 1; /* all data sent */
3022 * Attempt to look up the page. Allocate
3023 * if not found or wait and loop if busy.
3026 nd = EAGAIN; /* send what we already got */
3027 else if ((flags & SF_NODISKIO) != 0)
3031 error = sendfile_readpage(obj, vp, nd, off,
3032 xfsize, bsize, td, &pg);
3034 if (error == EAGAIN)
3035 error = 0; /* not a real error */
3040 * Get a sendfile buf. When allocating the
3041 * first buffer for mbuf chain, we usually
3042 * wait as long as necessary, but this wait
3043 * can be interrupted. For consequent
3044 * buffers, do not sleep, since several
3045 * threads might exhaust the buffers and then
3048 sf = sf_buf_alloc(pg, (mnw || m != NULL) ? SFB_NOWAIT :
3051 SFSTAT_INC(sf_allocfail);
3053 vm_page_unwire(pg, 0);
3054 KASSERT(pg->object != NULL,
3055 ("%s: object disappeared", __func__));
3058 error = (mnw ? EAGAIN : EINTR);
3063 * Get an mbuf and set it up as having
3066 m0 = m_get((mnw ? M_NOWAIT : M_WAITOK), MT_DATA);
3068 error = (mnw ? EAGAIN : ENOBUFS);
3069 (void)sf_buf_mext(NULL, NULL, sf);
3072 if (m_extadd(m0, (caddr_t )sf_buf_kva(sf), PAGE_SIZE,
3073 sf_buf_mext, sfs, sf, M_RDONLY, EXT_SFBUF,
3074 (mnw ? M_NOWAIT : M_WAITOK)) != 0) {
3075 error = (mnw ? EAGAIN : ENOBUFS);
3076 (void)sf_buf_mext(NULL, NULL, sf);
3080 m0->m_data = (char *)sf_buf_kva(sf) + pgoff;
3083 /* Append to mbuf chain. */
3087 m_last(m)->m_next = m0;
3092 /* Keep track of bits processed. */
3093 loopbytes += xfsize;
3097 * XXX eventually this should be a sfsync
3107 /* Add the buffer chain to the socket buffer. */
3111 mlen = m_length(m, NULL);
3112 SOCKBUF_LOCK(&so->so_snd);
3113 if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
3115 SOCKBUF_UNLOCK(&so->so_snd);
3118 SOCKBUF_UNLOCK(&so->so_snd);
3119 CURVNET_SET(so->so_vnet);
3120 /* Avoid error aliasing. */
3121 err = (*so->so_proto->pr_usrreqs->pru_send)
3122 (so, 0, m, NULL, NULL, td);
3126 * We need two counters to get the
3127 * file offset and nbytes to send
3129 * - sbytes contains the total amount
3130 * of bytes sent, including headers.
3131 * - fsbytes contains the total amount
3132 * of bytes sent from the file.
3140 } else if (error == 0)
3142 m = NULL; /* pru_send always consumes */
3145 /* Quit outer loop on error or when we're done. */
3153 * Send trailers. Wimp out and use writev(2).
3155 if (trl_uio != NULL) {
3156 sbunlock(&so->so_snd);
3157 error = kern_writev(td, sockfd, trl_uio);
3159 sbytes += td->td_retval[0];
3164 sbunlock(&so->so_snd);
3167 * If there was no error we have to clear td->td_retval[0]
3168 * because it may have been set by writev.
3171 td->td_retval[0] = 0;
3177 vm_object_deallocate(obj);
3183 if (error == ERESTART)
3191 * Functionality only compiled in if SCTP is defined in the kernel Makefile,
3192 * otherwise all return EOPNOTSUPP.
3193 * XXX: We should make this loadable one day.
3196 sys_sctp_peeloff(td, uap)
3198 struct sctp_peeloff_args /* {
3203 #if (defined(INET) || defined(INET6)) && defined(SCTP)
3204 struct file *nfp = NULL;
3205 struct socket *head, *so;
3206 cap_rights_t rights;
3210 AUDIT_ARG_FD(uap->sd);
3211 error = fgetsock(td, uap->sd, cap_rights_init(&rights, CAP_PEELOFF),
3215 if (head->so_proto->pr_protocol != IPPROTO_SCTP) {
3219 error = sctp_can_peel_off(head, (sctp_assoc_t)uap->name);
3223 * At this point we know we do have a assoc to pull
3224 * we proceed to get the fd setup. This may block
3228 error = falloc(td, &nfp, &fd, 0);
3231 td->td_retval[0] = fd;
3233 CURVNET_SET(head->so_vnet);
3234 so = sonewconn(head, SS_ISCONNECTED);
3240 * Before changing the flags on the socket, we have to bump the
3241 * reference count. Otherwise, if the protocol calls sofree(),
3242 * the socket will be released due to a zero refcount.
3245 soref(so); /* file descriptor reference */
3250 TAILQ_REMOVE(&head->so_comp, so, so_list);
3252 so->so_state |= (head->so_state & SS_NBIO);
3253 so->so_state &= ~SS_NOFDREF;
3254 so->so_qstate &= ~SQ_COMP;
3257 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops);
3258 error = sctp_do_peeloff(head, so, (sctp_assoc_t)uap->name);
3261 if (head->so_sigio != NULL)
3262 fsetown(fgetown(&head->so_sigio), &so->so_sigio);
3266 * close the new descriptor, assuming someone hasn't ripped it
3267 * out from under us.
3270 fdclose(td->td_proc->p_fd, nfp, fd, td);
3273 * Release explicitly held references before returning.
3283 return (EOPNOTSUPP);
3288 sys_sctp_generic_sendmsg (td, uap)
3290 struct sctp_generic_sendmsg_args /* {
3296 struct sctp_sndrcvinfo *sinfo,
3300 #if (defined(INET) || defined(INET6)) && defined(SCTP)
3301 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL;
3303 struct file *fp = NULL;
3304 struct sockaddr *to = NULL;
3306 struct uio *ktruio = NULL;
3309 struct iovec iov[1];
3310 cap_rights_t rights;
3313 if (uap->sinfo != NULL) {
3314 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo));
3320 cap_rights_init(&rights, CAP_SEND);
3321 if (uap->tolen != 0) {
3322 error = getsockaddr(&to, uap->to, uap->tolen);
3327 cap_rights_set(&rights, CAP_CONNECT);
3330 AUDIT_ARG_FD(uap->sd);
3331 error = getsock_cap(td->td_proc->p_fd, uap->sd, &rights, &fp, NULL);
3335 if (to && (KTRPOINT(td, KTR_STRUCT)))
3339 iov[0].iov_base = uap->msg;
3340 iov[0].iov_len = uap->mlen;
3342 so = (struct socket *)fp->f_data;
3343 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
3348 error = mac_socket_check_send(td->td_ucred, so);
3354 auio.uio_iovcnt = 1;
3355 auio.uio_segflg = UIO_USERSPACE;
3356 auio.uio_rw = UIO_WRITE;
3358 auio.uio_offset = 0; /* XXX */
3360 len = auio.uio_resid = uap->mlen;
3361 CURVNET_SET(so->so_vnet);
3362 error = sctp_lower_sosend(so, to, &auio, (struct mbuf *)NULL,
3363 (struct mbuf *)NULL, uap->flags, u_sinfo, td);
3366 if (auio.uio_resid != len && (error == ERESTART ||
3367 error == EINTR || error == EWOULDBLOCK))
3369 /* Generation of SIGPIPE can be controlled per socket. */
3370 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
3371 !(uap->flags & MSG_NOSIGNAL)) {
3372 PROC_LOCK(td->td_proc);
3373 tdsignal(td, SIGPIPE);
3374 PROC_UNLOCK(td->td_proc);
3378 td->td_retval[0] = len - auio.uio_resid;
3380 if (ktruio != NULL) {
3381 ktruio->uio_resid = td->td_retval[0];
3382 ktrgenio(uap->sd, UIO_WRITE, ktruio, error);
3392 return (EOPNOTSUPP);
3397 sys_sctp_generic_sendmsg_iov(td, uap)
3399 struct sctp_generic_sendmsg_iov_args /* {
3405 struct sctp_sndrcvinfo *sinfo,
3409 #if (defined(INET) || defined(INET6)) && defined(SCTP)
3410 struct sctp_sndrcvinfo sinfo, *u_sinfo = NULL;
3412 struct file *fp = NULL;
3413 struct sockaddr *to = NULL;
3415 struct uio *ktruio = NULL;
3418 struct iovec *iov, *tiov;
3419 cap_rights_t rights;
3423 if (uap->sinfo != NULL) {
3424 error = copyin(uap->sinfo, &sinfo, sizeof (sinfo));
3429 cap_rights_init(&rights, CAP_SEND);
3430 if (uap->tolen != 0) {
3431 error = getsockaddr(&to, uap->to, uap->tolen);
3436 cap_rights_set(&rights, CAP_CONNECT);
3439 AUDIT_ARG_FD(uap->sd);
3440 error = getsock_cap(td->td_proc->p_fd, uap->sd, &rights, &fp, NULL);
3444 #ifdef COMPAT_FREEBSD32
3445 if (SV_CURPROC_FLAG(SV_ILP32))
3446 error = freebsd32_copyiniov((struct iovec32 *)uap->iov,
3447 uap->iovlen, &iov, EMSGSIZE);
3450 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE);
3454 if (to && (KTRPOINT(td, KTR_STRUCT)))
3458 so = (struct socket *)fp->f_data;
3459 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
3464 error = mac_socket_check_send(td->td_ucred, so);
3470 auio.uio_iovcnt = uap->iovlen;
3471 auio.uio_segflg = UIO_USERSPACE;
3472 auio.uio_rw = UIO_WRITE;
3474 auio.uio_offset = 0; /* XXX */
3477 for (i = 0; i <uap->iovlen; i++, tiov++) {
3478 if ((auio.uio_resid += tiov->iov_len) < 0) {
3483 len = auio.uio_resid;
3484 CURVNET_SET(so->so_vnet);
3485 error = sctp_lower_sosend(so, to, &auio,
3486 (struct mbuf *)NULL, (struct mbuf *)NULL,
3487 uap->flags, u_sinfo, td);
3490 if (auio.uio_resid != len && (error == ERESTART ||
3491 error == EINTR || error == EWOULDBLOCK))
3493 /* Generation of SIGPIPE can be controlled per socket */
3494 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) &&
3495 !(uap->flags & MSG_NOSIGNAL)) {
3496 PROC_LOCK(td->td_proc);
3497 tdsignal(td, SIGPIPE);
3498 PROC_UNLOCK(td->td_proc);
3502 td->td_retval[0] = len - auio.uio_resid;
3504 if (ktruio != NULL) {
3505 ktruio->uio_resid = td->td_retval[0];
3506 ktrgenio(uap->sd, UIO_WRITE, ktruio, error);
3518 return (EOPNOTSUPP);
3523 sys_sctp_generic_recvmsg(td, uap)
3525 struct sctp_generic_recvmsg_args /* {
3529 struct sockaddr *from,
3530 __socklen_t *fromlenaddr,
3531 struct sctp_sndrcvinfo *sinfo,
3535 #if (defined(INET) || defined(INET6)) && defined(SCTP)
3536 uint8_t sockbufstore[256];
3538 struct iovec *iov, *tiov;
3539 struct sctp_sndrcvinfo sinfo;
3541 struct file *fp = NULL;
3542 struct sockaddr *fromsa;
3543 cap_rights_t rights;
3545 struct uio *ktruio = NULL;
3548 int error, fromlen, i, msg_flags;
3550 AUDIT_ARG_FD(uap->sd);
3551 error = getsock_cap(td->td_proc->p_fd, uap->sd,
3552 cap_rights_init(&rights, CAP_RECV), &fp, NULL);
3555 #ifdef COMPAT_FREEBSD32
3556 if (SV_CURPROC_FLAG(SV_ILP32))
3557 error = freebsd32_copyiniov((struct iovec32 *)uap->iov,
3558 uap->iovlen, &iov, EMSGSIZE);
3561 error = copyiniov(uap->iov, uap->iovlen, &iov, EMSGSIZE);
3566 if (so->so_proto->pr_protocol != IPPROTO_SCTP) {
3571 error = mac_socket_check_receive(td->td_ucred, so);
3576 if (uap->fromlenaddr != NULL) {
3577 error = copyin(uap->fromlenaddr, &fromlen, sizeof (fromlen));
3583 if (uap->msg_flags) {
3584 error = copyin(uap->msg_flags, &msg_flags, sizeof (int));
3591 auio.uio_iovcnt = uap->iovlen;
3592 auio.uio_segflg = UIO_USERSPACE;
3593 auio.uio_rw = UIO_READ;
3595 auio.uio_offset = 0; /* XXX */
3598 for (i = 0; i <uap->iovlen; i++, tiov++) {
3599 if ((auio.uio_resid += tiov->iov_len) < 0) {
3604 len = auio.uio_resid;
3605 fromsa = (struct sockaddr *)sockbufstore;
3608 if (KTRPOINT(td, KTR_GENIO))
3609 ktruio = cloneuio(&auio);
3611 memset(&sinfo, 0, sizeof(struct sctp_sndrcvinfo));
3612 CURVNET_SET(so->so_vnet);
3613 error = sctp_sorecvmsg(so, &auio, (struct mbuf **)NULL,
3614 fromsa, fromlen, &msg_flags,
3615 (struct sctp_sndrcvinfo *)&sinfo, 1);
3618 if (auio.uio_resid != len && (error == ERESTART ||
3619 error == EINTR || error == EWOULDBLOCK))
3623 error = copyout(&sinfo, uap->sinfo, sizeof (sinfo));
3626 if (ktruio != NULL) {
3627 ktruio->uio_resid = len - auio.uio_resid;
3628 ktrgenio(uap->sd, UIO_READ, ktruio, error);
3633 td->td_retval[0] = len - auio.uio_resid;
3635 if (fromlen && uap->from) {
3637 if (len <= 0 || fromsa == 0)
3640 len = MIN(len, fromsa->sa_len);
3641 error = copyout(fromsa, uap->from, (size_t)len);
3645 error = copyout(&len, uap->fromlenaddr, sizeof (socklen_t));
3650 if (KTRPOINT(td, KTR_STRUCT))
3651 ktrsockaddr(fromsa);
3653 if (uap->msg_flags) {
3654 error = copyout(&msg_flags, uap->msg_flags, sizeof (int));
3666 return (EOPNOTSUPP);
projects / FreeBSD / FreeBSD.git / blob