2 * Copyright (c) 1982, 1986, 1989, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
5 * sendfile(2) and related extensions:
6 * Copyright (c) 1998, David Greenman. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. All advertising materials mentioning features or use of this software
17 * must display the following acknowledgement:
18 * This product includes software developed by the University of
19 * California, Berkeley and its contributors.
20 * 4. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94
37 * $FreeBSD: src/sys/kern/uipc_syscalls.c,v 1.65.2.17 2003/04/04 17:11:16 tegge Exp $
38 * $DragonFly: src/sys/kern/uipc_syscalls.c,v 1.13 2003/09/07 20:36:11 daver Exp $
41 #include "opt_compat.h"
42 #include "opt_ktrace.h"
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
47 #include <sys/sysproto.h>
48 #include <sys/malloc.h>
49 #include <sys/filedesc.h>
50 #include <sys/event.h>
52 #include <sys/fcntl.h>
54 #include <sys/filio.h>
55 #include <sys/kern_syscall.h>
57 #include <sys/protosw.h>
58 #include <sys/socket.h>
59 #include <sys/socketvar.h>
60 #include <sys/signalvar.h>
62 #include <sys/vnode.h>
64 #include <sys/mount.h>
66 #include <sys/ktrace.h>
69 #include <vm/vm_object.h>
70 #include <vm/vm_page.h>
71 #include <vm/vm_pageout.h>
72 #include <vm/vm_kern.h>
73 #include <vm/vm_extern.h>
74 #include <sys/file2.h>
76 static void sf_buf_init(void *arg);
77 SYSINIT(sock_sf, SI_SUB_MBUF, SI_ORDER_ANY, sf_buf_init, NULL)
79 static int sendit(int s, struct msghdr *mp, int flags, int *res);
80 static int recvit(int s, struct msghdr *mp, caddr_t namelenp, int *res);
82 static int do_sendfile(struct sendfile_args *uap, int compat);
84 static SLIST_HEAD(, sf_buf) sf_freelist;
85 static vm_offset_t sf_base;
86 static struct sf_buf *sf_bufs;
87 static int sf_buf_alloc_want;
90 * System call interface to the socket abstraction.
92 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
93 #define COMPAT_OLDSOCK
96 extern struct fileops socketops;
99 * socket_args(int domain, int type, int protocol)
102 socket(struct socket_args *uap)
104 struct thread *td = curthread;
105 struct proc *p = td->td_proc;
106 struct filedesc *fdp;
114 error = falloc(p, &fp, &fd);
118 error = socreate(uap->domain, &so, uap->type, uap->protocol, td);
120 if (fdp->fd_ofiles[fd] == fp) {
121 fdp->fd_ofiles[fd] = NULL;
125 fp->f_data = (caddr_t)so;
126 fp->f_flag = FREAD|FWRITE;
127 fp->f_ops = &socketops;
128 fp->f_type = DTYPE_SOCKET;
129 uap->sysmsg_result = fd;
136 kern_bind(int s, struct sockaddr *sa)
138 struct thread *td = curthread;
139 struct proc *p = td->td_proc;
144 error = holdsock(p->p_fd, s, &fp);
147 error = sobind((struct socket *)fp->f_data, sa, td);
153 * bind_args(int s, caddr_t name, int namelen)
156 bind(struct bind_args *uap)
161 error = getsockaddr(&sa, uap->name, uap->namelen);
164 error = kern_bind(uap->s, sa);
171 kern_listen(int s, int backlog)
173 struct thread *td = curthread;
174 struct proc *p = td->td_proc;
179 error = holdsock(p->p_fd, s, &fp);
182 error = solisten((struct socket *)fp->f_data, backlog, td);
188 * listen_args(int s, int backlog)
191 listen(struct listen_args *uap)
195 error = kern_listen(uap->s, uap->backlog);
200 * The second argument to kern_accept() is a handle to a struct sockaddr.
201 * This allows kern_accept() to return a pointer to an allocated struct
202 * sockaddr which must be freed later with FREE(). The caller must
203 * initialize *name to NULL.
206 kern_accept(int s, struct sockaddr **name, int *namelen, int *res)
208 struct thread *td = curthread;
209 struct proc *p = td->td_proc;
210 struct filedesc *fdp = p->p_fd;
211 struct file *lfp = NULL;
212 struct file *nfp = NULL;
215 struct socket *head, *so;
217 u_int fflag; /* type must match fp->f_flag */
220 if (name && namelen && *namelen < 0)
223 error = holdsock(fdp, s, &lfp);
227 head = (struct socket *)lfp->f_data;
228 if ((head->so_options & SO_ACCEPTCONN) == 0) {
233 while (TAILQ_EMPTY(&head->so_comp) && head->so_error == 0) {
234 if (head->so_state & SS_CANTRCVMORE) {
235 head->so_error = ECONNABORTED;
238 if ((head->so_state & SS_NBIO) != 0) {
239 head->so_error = EWOULDBLOCK;
242 error = tsleep((caddr_t)&head->so_timeo, PCATCH, "accept", 0);
248 if (head->so_error) {
249 error = head->so_error;
256 * At this point we know that there is at least one connection
257 * ready to be accepted. Remove it from the queue prior to
258 * allocating the file descriptor for it since falloc() may
259 * block allowing another process to accept the connection
262 so = TAILQ_FIRST(&head->so_comp);
263 TAILQ_REMOVE(&head->so_comp, so, so_list);
267 error = falloc(p, &nfp, &fd);
270 * Probably ran out of file descriptors. Put the
271 * unaccepted connection back onto the queue and
272 * do another wakeup so some other process might
273 * have a chance at it.
275 TAILQ_INSERT_HEAD(&head->so_comp, so, so_list);
277 wakeup_one(&head->so_timeo);
284 /* connection has been removed from the listen queue */
285 KNOTE(&head->so_rcv.sb_sel.si_note, 0);
287 so->so_state &= ~SS_COMP;
289 if (head->so_sigio != NULL)
290 fsetown(fgetown(head->so_sigio), &so->so_sigio);
292 nfp->f_data = (caddr_t)so;
294 nfp->f_ops = &socketops;
295 nfp->f_type = DTYPE_SOCKET;
296 /* Sync socket nonblocking/async state with file flags */
297 tmp = fflag & FNONBLOCK;
298 (void) fo_ioctl(nfp, FIONBIO, (caddr_t)&tmp, td);
299 tmp = fflag & FASYNC;
300 (void) fo_ioctl(nfp, FIOASYNC, (caddr_t)&tmp, td);
303 error = soaccept(so, &sa);
306 * Set the returned name and namelen as applicable. Set the returned
307 * namelen to 0 for older code which might ignore the return value
311 if (sa && name && namelen) {
312 if (*namelen > sa->sa_len)
313 *namelen = sa->sa_len;
322 * close the new descriptor, assuming someone hasn't ripped it
323 * out from under us. Note that *res is normally ignored if an
324 * error is returned but a syscall message will still have access
325 * to the result code.
329 if (fdp->fd_ofiles[fd] == nfp) {
330 fdp->fd_ofiles[fd] = NULL;
337 * Release explicitly held references before returning.
347 * accept_args(int s, caddr_t name, int *anamelen)
350 accept(struct accept_args *uap)
352 struct sockaddr *sa = NULL;
357 error = copyin(uap->anamelen, &sa_len, sizeof(sa_len));
361 error = kern_accept(uap->s, &sa, &sa_len, &uap->sysmsg_result);
364 error = copyout(sa, uap->name, sa_len);
366 error = copyout(&sa_len, uap->anamelen,
367 sizeof(*uap->anamelen));
372 error = kern_accept(uap->s, NULL, 0, &uap->sysmsg_result);
377 #ifdef COMPAT_OLDSOCK
379 oaccept(struct accept_args *uap)
381 struct sockaddr *sa = NULL;
386 error = copyin(uap->anamelen, &sa_len, sizeof(sa_len));
390 error = kern_accept(uap->s, &sa, &sa_len, &uap->sysmsg_result);
394 * return a namelen of zero for older code which
395 * might ignore the return value from accept.
398 copyout(&sa_len, uap->anamelen, sizeof(*uap->anamelen));
401 * Convert sa to the 4.3BSD sockaddr structure.
403 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
404 error = copyout(sa, uap->name, sa_len);
406 error = copyout(&sa_len, uap->anamelen,
407 sizeof(*uap->anamelen));
413 error = kern_accept(uap->s, NULL, 0, &uap->sysmsg_result);
417 #endif /* COMPAT_OLDSOCK */
420 kern_connect(int s, struct sockaddr *sa)
422 struct thread *td = curthread;
423 struct proc *p = td->td_proc;
428 error = holdsock(p->p_fd, s, &fp);
431 so = (struct socket *)fp->f_data;
432 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
436 error = soconnect(so, sa, td);
439 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
444 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
445 error = tsleep((caddr_t)&so->so_timeo, PCATCH, "connec", 0);
450 error = so->so_error;
455 so->so_state &= ~SS_ISCONNECTING;
456 if (error == ERESTART)
464 * connect_args(int s, caddr_t name, int namelen)
467 connect(struct connect_args *uap)
472 error = getsockaddr(&sa, uap->name, uap->namelen);
475 error = kern_connect(uap->s, sa);
482 kern_socketpair(int domain, int type, int protocol, int *sv)
484 struct thread *td = curthread;
485 struct proc *p = td->td_proc;
486 struct filedesc *fdp;
487 struct file *fp1, *fp2;
488 struct socket *so1, *so2;
493 error = socreate(domain, &so1, type, protocol, td);
496 error = socreate(domain, &so2, type, protocol, td);
499 error = falloc(p, &fp1, &fd);
504 fp1->f_data = (caddr_t)so1;
505 error = falloc(p, &fp2, &fd);
509 fp2->f_data = (caddr_t)so2;
511 error = soconnect2(so1, so2);
514 if (type == SOCK_DGRAM) {
516 * Datagram socket connection is asymmetric.
518 error = soconnect2(so2, so1);
522 fp1->f_flag = fp2->f_flag = FREAD|FWRITE;
523 fp1->f_ops = fp2->f_ops = &socketops;
524 fp1->f_type = fp2->f_type = DTYPE_SOCKET;
529 if (fdp->fd_ofiles[sv[1]] == fp2) {
530 fdp->fd_ofiles[sv[1]] = NULL;
535 if (fdp->fd_ofiles[sv[0]] == fp1) {
536 fdp->fd_ofiles[sv[0]] = NULL;
548 * socketpair(int domain, int type, int protocol, int *rsv)
551 socketpair(struct socketpair_args *uap)
555 error = kern_socketpair(uap->domain, uap->type, uap->protocol, sockv);
558 error = copyout(sockv, uap->rsv, sizeof(sockv));
563 sendit(int s, struct msghdr *mp, int flags, int *res)
565 struct thread *td = curthread;
566 struct proc *p = td->td_proc;
571 struct mbuf *control;
576 struct iovec *ktriov = NULL;
580 error = holdsock(p->p_fd, s, &fp);
583 auio.uio_iov = mp->msg_iov;
584 auio.uio_iovcnt = mp->msg_iovlen;
585 auio.uio_segflg = UIO_USERSPACE;
586 auio.uio_rw = UIO_WRITE;
588 auio.uio_offset = 0; /* XXX */
591 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
592 if ((auio.uio_resid += iov->iov_len) < 0) {
598 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen);
606 if (mp->msg_control) {
607 if (mp->msg_controllen < sizeof(struct cmsghdr)
608 #ifdef COMPAT_OLDSOCK
609 && mp->msg_flags != MSG_COMPAT
615 error = sockargs(&control, mp->msg_control,
616 mp->msg_controllen, MT_CONTROL);
619 #ifdef COMPAT_OLDSOCK
620 if (mp->msg_flags == MSG_COMPAT) {
623 M_PREPEND(control, sizeof(*cm), M_WAIT);
628 cm = mtod(control, struct cmsghdr *);
629 cm->cmsg_len = control->m_len;
630 cm->cmsg_level = SOL_SOCKET;
631 cm->cmsg_type = SCM_RIGHTS;
639 if (KTRPOINT(td, KTR_GENIO)) {
640 int iovlen = auio.uio_iovcnt * sizeof (struct iovec);
642 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK);
643 bcopy((caddr_t)auio.uio_iov, (caddr_t)ktriov, iovlen);
647 len = auio.uio_resid;
648 so = (struct socket *)fp->f_data;
649 error = so->so_proto->pr_usrreqs->pru_sosend(so, to, &auio, 0, control,
652 if (auio.uio_resid != len && (error == ERESTART ||
653 error == EINTR || error == EWOULDBLOCK))
659 *res = len - auio.uio_resid;
661 if (ktriov != NULL) {
663 ktruio.uio_iov = ktriov;
664 ktruio.uio_resid = *res;
665 ktrgenio(p->p_tracep, s, UIO_WRITE, &ktruio, error);
667 FREE(ktriov, M_TEMP);
678 * sendto_args(int s, caddr_t buf, size_t len, int flags, caddr_t to, int tolen)
681 sendto(struct sendto_args *uap)
686 msg.msg_name = uap->to;
687 msg.msg_namelen = uap->tolen;
691 #ifdef COMPAT_OLDSOCK
694 aiov.iov_base = uap->buf;
695 aiov.iov_len = uap->len;
696 return (sendit(uap->s, &msg, uap->flags, &uap->sysmsg_result));
699 #ifdef COMPAT_OLDSOCK
701 * osend_args(int s, caddr_t buf, int len, int flags)
704 osend(struct osend_args *uap)
713 aiov.iov_base = uap->buf;
714 aiov.iov_len = uap->len;
717 return (sendit(uap->s, &msg, uap->flags, &uap->sysmsg_result));
721 * osendmsg_args(int s, caddr_t msg, int flags)
724 osendmsg(struct osendmsg_args *uap)
727 struct iovec aiov[UIO_SMALLIOV], *iov;
730 error = copyin(uap->msg, (caddr_t)&msg, sizeof (struct omsghdr));
733 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) {
734 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV)
736 MALLOC(iov, struct iovec *,
737 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV,
741 error = copyin((caddr_t)msg.msg_iov, (caddr_t)iov,
742 (unsigned)(msg.msg_iovlen * sizeof (struct iovec)));
745 msg.msg_flags = MSG_COMPAT;
747 error = sendit(uap->s, &msg, uap->flags, &uap->sysmsg_result);
756 * sendmsg_args(int s, caddr_t msg, int flags)
759 sendmsg(struct sendmsg_args *uap)
762 struct iovec aiov[UIO_SMALLIOV], *iov;
765 error = copyin(uap->msg, (caddr_t)&msg, sizeof (msg));
768 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) {
769 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV)
771 MALLOC(iov, struct iovec *,
772 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV,
776 if (msg.msg_iovlen &&
777 (error = copyin((caddr_t)msg.msg_iov, (caddr_t)iov,
778 (unsigned)(msg.msg_iovlen * sizeof (struct iovec)))))
781 #ifdef COMPAT_OLDSOCK
784 error = sendit(uap->s, &msg, uap->flags, &uap->sysmsg_result);
792 recvit(int s, struct msghdr *mp, caddr_t namelenp, int *res)
794 struct thread *td = curthread;
795 struct proc *p = td->td_proc;
801 struct mbuf *m, *control = 0;
804 struct sockaddr *fromsa = 0;
806 struct iovec *ktriov = NULL;
810 error = holdsock(p->p_fd, s, &fp);
813 auio.uio_iov = mp->msg_iov;
814 auio.uio_iovcnt = mp->msg_iovlen;
815 auio.uio_segflg = UIO_USERSPACE;
816 auio.uio_rw = UIO_READ;
818 auio.uio_offset = 0; /* XXX */
821 for (i = 0; i < mp->msg_iovlen; i++, iov++) {
822 if ((auio.uio_resid += iov->iov_len) < 0) {
828 if (KTRPOINT(td, KTR_GENIO)) {
829 int iovlen = auio.uio_iovcnt * sizeof (struct iovec);
831 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK);
832 bcopy((caddr_t)auio.uio_iov, (caddr_t)ktriov, iovlen);
836 len = auio.uio_resid;
837 so = (struct socket *)fp->f_data;
838 error = so->so_proto->pr_usrreqs->pru_soreceive(so, &fromsa, &auio,
839 (struct mbuf **)0, mp->msg_control ? &control : (struct mbuf **)0,
842 if (auio.uio_resid != len && (error == ERESTART ||
843 error == EINTR || error == EWOULDBLOCK))
847 if (ktriov != NULL) {
849 ktruio.uio_iov = ktriov;
850 ktruio.uio_resid = len - auio.uio_resid;
851 ktrgenio(p->p_tracep, s, UIO_READ, &ktruio, error);
853 FREE(ktriov, M_TEMP);
858 *res = len - auio.uio_resid;
860 len = mp->msg_namelen;
861 if (len <= 0 || fromsa == 0)
864 /* save sa_len before it is destroyed by MSG_COMPAT */
865 len = MIN(len, fromsa->sa_len);
866 #ifdef COMPAT_OLDSOCK
867 if (mp->msg_flags & MSG_COMPAT)
868 ((struct osockaddr *)fromsa)->sa_family =
871 error = copyout(fromsa,
872 (caddr_t)mp->msg_name, (unsigned)len);
876 mp->msg_namelen = len;
878 (error = copyout((caddr_t)&len, namelenp, sizeof (int)))) {
879 #ifdef COMPAT_OLDSOCK
880 if (mp->msg_flags & MSG_COMPAT)
881 error = 0; /* old recvfrom didn't check */
887 if (mp->msg_control) {
888 #ifdef COMPAT_OLDSOCK
890 * We assume that old recvmsg calls won't receive access
891 * rights and other control info, esp. as control info
892 * is always optional and those options didn't exist in 4.3.
893 * If we receive rights, trim the cmsghdr; anything else
896 if (control && mp->msg_flags & MSG_COMPAT) {
897 if (mtod(control, struct cmsghdr *)->cmsg_level !=
899 mtod(control, struct cmsghdr *)->cmsg_type !=
901 mp->msg_controllen = 0;
904 control->m_len -= sizeof (struct cmsghdr);
905 control->m_data += sizeof (struct cmsghdr);
908 len = mp->msg_controllen;
910 mp->msg_controllen = 0;
911 ctlbuf = (caddr_t) mp->msg_control;
913 while (m && len > 0) {
919 mp->msg_flags |= MSG_CTRUNC;
923 if ((error = copyout((caddr_t)mtod(m, caddr_t),
924 ctlbuf, tocopy)) != 0)
931 mp->msg_controllen = ctlbuf - (caddr_t)mp->msg_control;
936 FREE(fromsa, M_SONAME);
943 * recvfrom_args(int s, caddr_t buf, size_t len, int flags,
944 * caddr_t from, int *fromlenaddr)
947 recvfrom(struct recvfrom_args *uap)
953 if (uap->fromlenaddr) {
954 error = copyin((caddr_t)uap->fromlenaddr,
955 (caddr_t)&msg.msg_namelen, sizeof (msg.msg_namelen));
960 msg.msg_name = uap->from;
963 aiov.iov_base = uap->buf;
964 aiov.iov_len = uap->len;
966 msg.msg_flags = uap->flags;
967 return (recvit(uap->s, &msg, (caddr_t)uap->fromlenaddr, &uap->sysmsg_result));
970 #ifdef COMPAT_OLDSOCK
972 orecvfrom(struct recvfrom_args *uap)
974 uap->flags |= MSG_COMPAT;
975 return (recvfrom(uap));
979 #ifdef COMPAT_OLDSOCK
981 * struct orecv_args(int s, caddr_t buf, int len, int flags)
984 orecv(struct orecv_args *uap)
993 aiov.iov_base = uap->buf;
994 aiov.iov_len = uap->len;
996 msg.msg_flags = uap->flags;
997 return (recvit(uap->s, &msg, (caddr_t)0, &uap->sysmsg_result));
1001 * Old recvmsg. This code takes advantage of the fact that the old msghdr
1002 * overlays the new one, missing only the flags, and with the (old) access
1003 * rights where the control fields are now.
1005 * orecvmsg_args(int s, struct omsghdr *msg, int flags)
1008 orecvmsg(struct orecvmsg_args *uap)
1011 struct iovec aiov[UIO_SMALLIOV], *iov;
1014 error = copyin((caddr_t)uap->msg, (caddr_t)&msg,
1015 sizeof (struct omsghdr));
1018 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) {
1019 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV)
1021 MALLOC(iov, struct iovec *,
1022 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV,
1026 msg.msg_flags = uap->flags | MSG_COMPAT;
1027 error = copyin((caddr_t)msg.msg_iov, (caddr_t)iov,
1028 (unsigned)(msg.msg_iovlen * sizeof (struct iovec)));
1032 error = recvit(uap->s, &msg, (caddr_t)&uap->msg->msg_namelen, &uap->sysmsg_result);
1034 if (msg.msg_controllen && error == 0)
1035 error = copyout((caddr_t)&msg.msg_controllen,
1036 (caddr_t)&uap->msg->msg_accrightslen, sizeof (int));
1045 * recvmsg_args(int s, struct msghdr *msg, int flags)
1048 recvmsg(struct recvmsg_args *uap)
1051 struct iovec aiov[UIO_SMALLIOV], *uiov, *iov;
1054 error = copyin((caddr_t)uap->msg, (caddr_t)&msg, sizeof (msg));
1057 if ((u_int)msg.msg_iovlen >= UIO_SMALLIOV) {
1058 if ((u_int)msg.msg_iovlen >= UIO_MAXIOV)
1060 MALLOC(iov, struct iovec *,
1061 sizeof(struct iovec) * (u_int)msg.msg_iovlen, M_IOV,
1065 #ifdef COMPAT_OLDSOCK
1066 msg.msg_flags = uap->flags &~ MSG_COMPAT;
1068 msg.msg_flags = uap->flags;
1072 error = copyin((caddr_t)uiov, (caddr_t)iov,
1073 (unsigned)(msg.msg_iovlen * sizeof (struct iovec)));
1076 error = recvit(uap->s, &msg, (caddr_t)0, &uap->sysmsg_result);
1079 error = copyout((caddr_t)&msg, (caddr_t)uap->msg, sizeof(msg));
1088 * shutdown_args(int s, int how)
1092 shutdown(struct shutdown_args *uap)
1094 struct thread *td = curthread;
1095 struct proc *p = td->td_proc;
1100 error = holdsock(p->p_fd, uap->s, &fp);
1103 error = soshutdown((struct socket *)fp->f_data, uap->how);
1109 * setsockopt_args(int s, int level, int name, caddr_t val, int valsize)
1113 setsockopt(struct setsockopt_args *uap)
1115 struct thread *td = curthread;
1116 struct proc *p = td->td_proc;
1118 struct sockopt sopt;
1121 if (uap->val == 0 && uap->valsize != 0)
1123 if (uap->valsize < 0)
1126 error = holdsock(p->p_fd, uap->s, &fp);
1130 sopt.sopt_dir = SOPT_SET;
1131 sopt.sopt_level = uap->level;
1132 sopt.sopt_name = uap->name;
1133 sopt.sopt_val = uap->val;
1134 sopt.sopt_valsize = uap->valsize;
1136 error = sosetopt((struct socket *)fp->f_data, &sopt);
1142 * getsockopt_Args(int s, int level, int name, caddr_t val, int *avalsize)
1146 getsockopt(struct getsockopt_args *uap)
1148 struct thread *td = curthread;
1149 struct proc *p = td->td_proc;
1152 struct sockopt sopt;
1154 error = holdsock(p->p_fd, uap->s, &fp);
1158 error = copyin((caddr_t)uap->avalsize, (caddr_t)&valsize,
1172 sopt.sopt_dir = SOPT_GET;
1173 sopt.sopt_level = uap->level;
1174 sopt.sopt_name = uap->name;
1175 sopt.sopt_val = uap->val;
1176 sopt.sopt_valsize = (size_t)valsize; /* checked non-negative above */
1179 error = sogetopt((struct socket *)fp->f_data, &sopt);
1181 valsize = sopt.sopt_valsize;
1182 error = copyout((caddr_t)&valsize,
1183 (caddr_t)uap->avalsize, sizeof (valsize));
1190 * The second argument to kern_getsockname() is a handle to a struct sockaddr.
1191 * This allows kern_getsockname() to return a pointer to an allocated struct
1192 * sockaddr which must be freed later with FREE(). The caller must
1193 * initialize *name to NULL.
1196 kern_getsockname(int s, struct sockaddr **name, int *namelen)
1198 struct thread *td = curthread;
1199 struct proc *p = td->td_proc;
1202 struct sockaddr *sa = NULL;
1205 error = holdsock(p->p_fd, s, &fp);
1212 so = (struct socket *)fp->f_data;
1213 error = (*so->so_proto->pr_usrreqs->pru_sockaddr)(so, &sa);
1218 *namelen = MIN(*namelen, sa->sa_len);
1228 * getsockname_args(int fdes, caddr_t asa, int *alen)
1233 getsockname(struct getsockname_args *uap)
1235 struct sockaddr *sa = NULL;
1238 error = copyin(uap->alen, &sa_len, sizeof(sa_len));
1242 error = kern_getsockname(uap->fdes, &sa, &sa_len);
1245 error = copyout(sa, uap->asa, sa_len);
1247 error = copyout(&sa_len, uap->alen, sizeof(*uap->alen));
1253 #ifdef COMPAT_OLDSOCK
1255 ogetsockname(struct getsockname_args *uap)
1257 struct sockaddr *sa = NULL;
1260 error = copyin(uap->alen, &sa_len, sizeof(sa_len));
1264 error = kern_getsockname(uap->fdes, &sa, &sa_len);
1268 * Convert sa to the 4.3BSD sockaddr structure.
1270 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1271 error = copyout(sa, uap->asa, sa_len);
1274 error = copyout(&sa_len, uap->alen, sizeof(*uap->alen));
1280 #endif /* COMPAT_OLDSOCK */
1283 * The second argument to kern_getpeername() is a handle to a struct sockaddr.
1284 * This allows kern_getpeername() to return a pointer to an allocated struct
1285 * sockaddr which must be freed later with FREE(). The caller must
1286 * initialize *name to NULL.
1289 kern_getpeername(int s, struct sockaddr **name, int *namelen)
1291 struct thread *td = curthread;
1292 struct proc *p = td->td_proc;
1295 struct sockaddr *sa = NULL;
1298 error = holdsock(p->p_fd, s, &fp);
1305 so = (struct socket *)fp->f_data;
1306 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) {
1310 error = (*so->so_proto->pr_usrreqs->pru_peeraddr)(so, &sa);
1315 *namelen = MIN(*namelen, sa->sa_len);
1325 * getpeername_args(int fdes, caddr_t asa, int *alen)
1327 * Get name of peer for connected socket.
1330 getpeername(struct getpeername_args *uap)
1332 struct sockaddr *sa = NULL;
1335 error = copyin(uap->alen, &sa_len, sizeof(sa_len));
1339 error = kern_getpeername(uap->fdes, &sa, &sa_len);
1342 error = copyout(sa, uap->asa, sa_len);
1344 error = copyout(&sa_len, uap->alen, sizeof(*uap->alen));
1350 #ifdef COMPAT_OLDSOCK
1352 ogetpeername(struct ogetpeername_args *uap)
1354 struct sockaddr *sa = NULL;
1357 error = copyin(uap->alen, &sa_len, sizeof(sa_len));
1361 error = kern_getpeername(uap->fdes, &sa, &sa_len);
1365 * Convert sa to the 4.3BSD sockaddr structure.
1367 ((struct osockaddr *)sa)->sa_family = sa->sa_family;
1368 error = copyout(sa, uap->asa, sa_len);
1371 error = copyout(&sa_len, uap->alen, sizeof(*uap->alen));
1376 #endif /* COMPAT_OLDSOCK */
1379 sockargs(mp, buf, buflen, type)
1384 struct sockaddr *sa;
1388 if ((u_int)buflen > MLEN) {
1389 #ifdef COMPAT_OLDSOCK
1390 if (type == MT_SONAME && (u_int)buflen <= 112)
1391 buflen = MLEN; /* unix domain compat. hack */
1396 m = m_get(M_WAIT, type);
1400 error = copyin(buf, mtod(m, caddr_t), (u_int)buflen);
1405 if (type == MT_SONAME) {
1406 sa = mtod(m, struct sockaddr *);
1408 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1409 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1410 sa->sa_family = sa->sa_len;
1412 sa->sa_len = buflen;
1419 getsockaddr(struct sockaddr **namp, caddr_t uaddr, size_t len)
1421 struct sockaddr *sa;
1425 if (len > SOCK_MAXADDRLEN)
1426 return ENAMETOOLONG;
1427 if (len < offsetof(struct sockaddr, sa_data[0]))
1429 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK);
1430 error = copyin(uaddr, sa, len);
1434 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN
1435 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1436 sa->sa_family = sa->sa_len;
1445 * holdsock() - load the struct file pointer associated
1446 * with a socket into *fpp. If an error occurs, non-zero
1447 * will be returned and *fpp will be set to NULL.
1450 holdsock(fdp, fdes, fpp)
1451 struct filedesc *fdp;
1455 struct file *fp = NULL;
1458 if ((unsigned)fdes >= fdp->fd_nfiles ||
1459 (fp = fdp->fd_ofiles[fdes]) == NULL) {
1461 } else if (fp->f_type != DTYPE_SOCKET) {
1472 * Allocate a pool of sf_bufs (sendfile(2) or "super-fast" if you prefer. :-))
1475 sf_buf_init(void *arg)
1479 SLIST_INIT(&sf_freelist);
1480 sf_base = kmem_alloc_pageable(kernel_map, nsfbufs * PAGE_SIZE);
1481 sf_bufs = malloc(nsfbufs * sizeof(struct sf_buf), M_TEMP, M_NOWAIT);
1482 bzero(sf_bufs, nsfbufs * sizeof(struct sf_buf));
1483 for (i = 0; i < nsfbufs; i++) {
1484 sf_bufs[i].kva = sf_base + i * PAGE_SIZE;
1485 SLIST_INSERT_HEAD(&sf_freelist, &sf_bufs[i], free_list);
1490 * Get an sf_buf from the freelist. Will block if none are available.
1500 while ((sf = SLIST_FIRST(&sf_freelist)) == NULL) {
1501 sf_buf_alloc_want = 1;
1502 error = tsleep(&sf_freelist, PCATCH, "sfbufa", 0);
1507 SLIST_REMOVE_HEAD(&sf_freelist, free_list);
1514 #define dtosf(x) (&sf_bufs[((uintptr_t)(x) - (uintptr_t)sf_base) >> PAGE_SHIFT])
1516 sf_buf_ref(caddr_t addr, u_int size)
1521 if (sf->refcnt == 0)
1522 panic("sf_buf_ref: referencing a free sf_buf");
1527 * Lose a reference to an sf_buf. When none left, detach mapped page
1528 * and release resources back to the system.
1530 * Must be called at splimp.
1533 sf_buf_free(caddr_t addr, u_int size)
1540 if (sf->refcnt == 0)
1541 panic("sf_buf_free: freeing free sf_buf");
1543 if (sf->refcnt == 0) {
1544 pmap_qremove((vm_offset_t)addr, 1);
1547 vm_page_unwire(m, 0);
1549 * Check for the object going away on us. This can
1550 * happen since we don't hold a reference to it.
1551 * If so, we're responsible for freeing the page.
1553 if (m->wire_count == 0 && m->object == NULL)
1557 SLIST_INSERT_HEAD(&sf_freelist, sf, free_list);
1558 if (sf_buf_alloc_want) {
1559 sf_buf_alloc_want = 0;
1560 wakeup(&sf_freelist);
1567 * int sendfile(int fd, int s, off_t offset, size_t nbytes,
1568 * struct sf_hdtr *hdtr, off_t *sbytes, int flags)
1570 * Send a file specified by 'fd' and starting at 'offset' to a socket
1571 * specified by 's'. Send only 'nbytes' of the file or until EOF if
1572 * nbytes == 0. Optionally add a header and/or trailer to the socket
1573 * output. If specified, write the total number of bytes sent into *sbytes.
1576 sendfile(struct sendfile_args *uap)
1578 return (do_sendfile(uap, 0));
1583 osendfile(struct osendfile_args *uap)
1585 struct sendfile_args args;
1589 args.offset = uap->offset;
1590 args.nbytes = uap->nbytes;
1591 args.hdtr = uap->hdtr;
1592 args.sbytes = uap->sbytes;
1593 args.flags = uap->flags;
1595 return (do_sendfile(&args, 1));
1600 do_sendfile(struct sendfile_args *uap, int compat)
1602 struct thread *td = curthread;
1603 struct proc *p = td->td_proc;
1605 struct filedesc *fdp;
1607 struct vm_object *obj;
1612 struct writev_args nuap;
1613 struct sf_hdtr hdtr;
1614 off_t off, xfsize, hdtr_size, sbytes = 0;
1623 * Do argument checking. Must be a regular file in, stream
1624 * type and connected socket out, positive offset.
1626 fp = holdfp(fdp, uap->fd, FREAD);
1631 if (fp->f_type != DTYPE_VNODE) {
1635 vp = (struct vnode *)fp->f_data;
1637 if (vp->v_type != VREG || VOP_GETVOBJECT(vp, &obj) != 0) {
1642 error = holdsock(p->p_fd, uap->s, &fp);
1645 so = (struct socket *)fp->f_data;
1646 if (so->so_type != SOCK_STREAM) {
1650 if ((so->so_state & SS_ISCONNECTED) == 0) {
1654 if (uap->offset < 0) {
1660 * If specified, get the pointer to the sf_hdtr struct for
1661 * any headers/trailers.
1663 if (uap->hdtr != NULL) {
1664 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
1668 * Send any headers. Wimp out and use writev(2).
1670 if (hdtr.headers != NULL) {
1672 nuap.iovp = hdtr.headers;
1673 nuap.iovcnt = hdtr.hdr_cnt;
1674 error = writev(&nuap);
1678 sbytes += nuap.sysmsg_result;
1680 hdtr_size += nuap.sysmsg_result;
1685 * Protect against multiple writers to the socket.
1687 (void) sblock(&so->so_snd, M_WAITOK);
1690 * Loop through the pages in the file, starting with the requested
1691 * offset. Get a file page (do I/O if necessary), map the file page
1692 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
1695 for (off = uap->offset; ; off += xfsize, sbytes += xfsize) {
1699 pindex = OFF_TO_IDX(off);
1702 * Calculate the amount to transfer. Not to exceed a page,
1703 * the EOF, or the passed in nbytes.
1705 xfsize = obj->un_pager.vnp.vnp_size - off;
1706 if (xfsize > PAGE_SIZE)
1708 pgoff = (vm_offset_t)(off & PAGE_MASK);
1709 if (PAGE_SIZE - pgoff < xfsize)
1710 xfsize = PAGE_SIZE - pgoff;
1711 if (uap->nbytes && xfsize > (uap->nbytes - sbytes))
1712 xfsize = uap->nbytes - sbytes;
1716 * Optimize the non-blocking case by looking at the socket space
1717 * before going to the extra work of constituting the sf_buf.
1719 if ((so->so_state & SS_NBIO) && sbspace(&so->so_snd) <= 0) {
1720 if (so->so_state & SS_CANTSENDMORE)
1724 sbunlock(&so->so_snd);
1728 * Attempt to look up the page.
1730 * Allocate if not found
1732 * Wait and loop if busy.
1734 pg = vm_page_lookup(obj, pindex);
1737 pg = vm_page_alloc(obj, pindex, VM_ALLOC_NORMAL);
1743 } else if (vm_page_sleep_busy(pg, TRUE, "sfpbsy")) {
1748 * Wire the page so it does not get ripped out from under
1755 * If page is not valid for what we need, initiate I/O
1758 if (!pg->valid || !vm_page_is_valid(pg, pgoff, xfsize)) {
1764 * Ensure that our page is still around when the I/O
1767 vm_page_io_start(pg);
1770 * Get the page from backing store.
1772 bsize = vp->v_mount->mnt_stat.f_iosize;
1773 auio.uio_iov = &aiov;
1774 auio.uio_iovcnt = 1;
1776 aiov.iov_len = MAXBSIZE;
1777 auio.uio_resid = MAXBSIZE;
1778 auio.uio_offset = trunc_page(off);
1779 auio.uio_segflg = UIO_NOCOPY;
1780 auio.uio_rw = UIO_READ;
1782 vn_lock(vp, LK_SHARED | LK_NOPAUSE | LK_RETRY, td);
1783 error = VOP_READ(vp, &auio,
1784 IO_VMIO | ((MAXBSIZE / bsize) << 16),
1786 VOP_UNLOCK(vp, 0, td);
1787 vm_page_flag_clear(pg, PG_ZERO);
1788 vm_page_io_finish(pg);
1790 vm_page_unwire(pg, 0);
1792 * See if anyone else might know about this page.
1793 * If not and it is not valid, then free it.
1795 if (pg->wire_count == 0 && pg->valid == 0 &&
1796 pg->busy == 0 && !(pg->flags & PG_BUSY) &&
1797 pg->hold_count == 0) {
1801 sbunlock(&so->so_snd);
1808 * Get a sendfile buf. We usually wait as long as necessary,
1809 * but this wait can be interrupted.
1811 if ((sf = sf_buf_alloc()) == NULL) {
1813 vm_page_unwire(pg, 0);
1814 if (pg->wire_count == 0 && pg->object == NULL)
1817 sbunlock(&so->so_snd);
1824 * Allocate a kernel virtual page and insert the physical page
1829 pmap_qenter(sf->kva, &pg, 1);
1831 * Get an mbuf header and set it up as having external storage.
1833 MGETHDR(m, M_WAIT, MT_DATA);
1836 sf_buf_free((void *)sf->kva, PAGE_SIZE);
1837 sbunlock(&so->so_snd);
1840 m->m_ext.ext_free = sf_buf_free;
1841 m->m_ext.ext_ref = sf_buf_ref;
1842 m->m_ext.ext_buf = (void *)sf->kva;
1843 m->m_ext.ext_size = PAGE_SIZE;
1844 m->m_data = (char *) sf->kva + pgoff;
1845 m->m_flags |= M_EXT;
1846 m->m_pkthdr.len = m->m_len = xfsize;
1848 * Add the buffer to the socket buffer chain.
1853 * Make sure that the socket is still able to take more data.
1854 * CANTSENDMORE being true usually means that the connection
1855 * was closed. so_error is true when an error was sensed after
1857 * The state is checked after the page mapping and buffer
1858 * allocation above since those operations may block and make
1859 * any socket checks stale. From this point forward, nothing
1860 * blocks before the pru_send (or more accurately, any blocking
1861 * results in a loop back to here to re-check).
1863 if ((so->so_state & SS_CANTSENDMORE) || so->so_error) {
1864 if (so->so_state & SS_CANTSENDMORE) {
1867 error = so->so_error;
1871 sbunlock(&so->so_snd);
1876 * Wait for socket space to become available. We do this just
1877 * after checking the connection state above in order to avoid
1878 * a race condition with sbwait().
1880 if (sbspace(&so->so_snd) < so->so_snd.sb_lowat) {
1881 if (so->so_state & SS_NBIO) {
1883 sbunlock(&so->so_snd);
1888 error = sbwait(&so->so_snd);
1890 * An error from sbwait usually indicates that we've
1891 * been interrupted by a signal. If we've sent anything
1892 * then return bytes sent, otherwise return the error.
1896 sbunlock(&so->so_snd);
1903 (*so->so_proto->pr_usrreqs->pru_send)(so, 0, m, 0, 0, td);
1906 sbunlock(&so->so_snd);
1910 sbunlock(&so->so_snd);
1913 * Send trailers. Wimp out and use writev(2).
1915 if (uap->hdtr != NULL && hdtr.trailers != NULL) {
1917 nuap.iovp = hdtr.trailers;
1918 nuap.iovcnt = hdtr.trl_cnt;
1919 error = writev(&nuap);
1923 sbytes += nuap.sysmsg_result;
1925 hdtr_size += nuap.sysmsg_result;
1929 if (uap->sbytes != NULL) {
1931 sbytes += hdtr_size;
1932 copyout(&sbytes, uap->sbytes, sizeof(off_t));