2 * Copyright (c) 1982, 1986, 1989, 1990, 1993
3 * The Regents of the University of California. All rights reserved.
5 * sendfile(2) and related extensions:
6 * Copyright (c) 1998, David Greenman. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. All advertising materials mentioning features or use of this software
17 * must display the following acknowledgement:
18 * This product includes software developed by the University of
19 * California, Berkeley and its contributors.
20 * 4. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94
37 * $FreeBSD: src/sys/kern/uipc_syscalls.c,v 1.65.2.17 2003/04/04 17:11:16 tegge Exp $
38 * $DragonFly: src/sys/kern/uipc_syscalls.c,v 1.58 2005/09/02 07:16:58 hsu Exp $
41 #include "opt_ktrace.h"
44 #include <sys/param.h>
45 #include <sys/systm.h>
46 #include <sys/kernel.h>
47 #include <sys/sysproto.h>
48 #include <sys/malloc.h>
49 #include <sys/filedesc.h>
50 #include <sys/event.h>
52 #include <sys/fcntl.h>
54 #include <sys/filio.h>
55 #include <sys/kern_syscall.h>
57 #include <sys/protosw.h>
58 #include <sys/sfbuf.h>
59 #include <sys/socket.h>
60 #include <sys/socketvar.h>
61 #include <sys/socketops.h>
63 #include <sys/vnode.h>
65 #include <sys/mount.h>
67 #include <sys/ktrace.h>
70 #include <vm/vm_object.h>
71 #include <vm/vm_page.h>
72 #include <vm/vm_pageout.h>
73 #include <vm/vm_kern.h>
74 #include <vm/vm_extern.h>
75 #include <sys/file2.h>
76 #include <sys/signalvar.h>
78 #include <sys/thread2.h>
79 #include <sys/msgport2.h>
82 #include <netinet/sctp_peeloff.h>
90 static MALLOC_DEFINE(M_SENDFILE, "sendfile", "sendfile sfbuf ref structures");
93 * System call interface to the socket abstraction.
96 extern struct fileops socketops;
99 * socket_args(int domain, int type, int protocol)
102 kern_socket(int domain, int type, int protocol, int *res)
104 struct thread *td = curthread;
105 struct proc *p = td->td_proc;
106 struct filedesc *fdp;
114 error = falloc(p, &fp, &fd);
117 error = socreate(domain, &so, type, protocol, td);
119 if (fdp->fd_files[fd].fp == fp) {
124 fp->f_type = DTYPE_SOCKET;
125 fp->f_flag = FREAD | FWRITE;
126 fp->f_ops = &socketops;
135 socket(struct socket_args *uap)
139 error = kern_socket(uap->domain, uap->type, uap->protocol,
140 &uap->sysmsg_result);
146 kern_bind(int s, struct sockaddr *sa)
148 struct thread *td = curthread;
149 struct proc *p = td->td_proc;
154 error = holdsock(p->p_fd, s, &fp);
157 error = sobind((struct socket *)fp->f_data, sa, td);
163 * bind_args(int s, caddr_t name, int namelen)
166 bind(struct bind_args *uap)
171 error = getsockaddr(&sa, uap->name, uap->namelen);
174 error = kern_bind(uap->s, sa);
181 kern_listen(int s, int backlog)
183 struct thread *td = curthread;
184 struct proc *p = td->td_proc;
189 error = holdsock(p->p_fd, s, &fp);
192 error = solisten((struct socket *)fp->f_data, backlog, td);
198 * listen_args(int s, int backlog)
201 listen(struct listen_args *uap)
205 error = kern_listen(uap->s, uap->backlog);
210 * Returns the accepted socket as well.
213 soaccept_predicate(struct netmsg *msg0)
215 struct netmsg_so_notify *msg = (struct netmsg_so_notify *)msg0;
216 struct socket *head = msg->nm_so;
218 if (head->so_error != 0) {
219 msg->nm_lmsg.ms_error = head->so_error;
222 if (!TAILQ_EMPTY(&head->so_comp)) {
223 /* Abuse nm_so field as copy in/copy out parameter. XXX JH */
224 msg->nm_so = TAILQ_FIRST(&head->so_comp);
225 TAILQ_REMOVE(&head->so_comp, msg->nm_so, so_list);
228 msg->nm_lmsg.ms_error = 0;
231 if (head->so_state & SS_CANTRCVMORE) {
232 msg->nm_lmsg.ms_error = ECONNABORTED;
235 if (head->so_state & SS_NBIO) {
236 msg->nm_lmsg.ms_error = EWOULDBLOCK;
244 * The second argument to kern_accept() is a handle to a struct sockaddr.
245 * This allows kern_accept() to return a pointer to an allocated struct
246 * sockaddr which must be freed later with FREE(). The caller must
247 * initialize *name to NULL.
250 kern_accept(int s, struct sockaddr **name, int *namelen, int *res)
252 struct thread *td = curthread;
253 struct proc *p = td->td_proc;
254 struct filedesc *fdp = p->p_fd;
255 struct file *lfp = NULL;
256 struct file *nfp = NULL;
258 struct socket *head, *so;
259 struct netmsg_so_notify msg;
262 u_int fflag; /* type must match fp->f_flag */
265 if (name && namelen && *namelen < 0)
268 error = holdsock(fdp, s, &lfp);
272 error = falloc(p, &nfp, &fd);
273 if (error) { /* Probably ran out of file descriptors. */
280 head = (struct socket *)lfp->f_data;
281 if ((head->so_options & SO_ACCEPTCONN) == 0) {
286 /* optimize for uniprocessor case later XXX JH */
287 port = head->so_proto->pr_mport(head, NULL, PRU_PRED);
288 lwkt_initmsg(&msg.nm_lmsg, &curthread->td_msgport,
289 MSGF_PCATCH | MSGF_ABORTABLE,
290 lwkt_cmd_func(netmsg_so_notify),
291 lwkt_cmd_func(netmsg_so_notify_abort));
292 msg.nm_predicate = soaccept_predicate;
294 msg.nm_etype = NM_REVENT;
295 error = lwkt_domsg(port, &msg.nm_lmsg);
300 * At this point we have the connection that's ready to be accepted.
306 /* connection has been removed from the listen queue */
307 KNOTE(&head->so_rcv.sb_sel.si_note, 0);
309 so->so_state &= ~SS_COMP;
311 if (head->so_sigio != NULL)
312 fsetown(fgetown(head->so_sigio), &so->so_sigio);
314 nfp->f_type = DTYPE_SOCKET;
316 nfp->f_ops = &socketops;
318 /* Sync socket nonblocking/async state with file flags */
319 tmp = fflag & FNONBLOCK;
320 (void) fo_ioctl(nfp, FIONBIO, (caddr_t)&tmp, td);
321 tmp = fflag & FASYNC;
322 (void) fo_ioctl(nfp, FIOASYNC, (caddr_t)&tmp, td);
325 error = soaccept(so, &sa);
328 * Set the returned name and namelen as applicable. Set the returned
329 * namelen to 0 for older code which might ignore the return value
333 if (sa && name && namelen) {
334 if (*namelen > sa->sa_len)
335 *namelen = sa->sa_len;
345 * close the new descriptor, assuming someone hasn't ripped it
346 * out from under us. Note that *res is normally ignored if an
347 * error is returned but a syscall message will still have access
348 * to the result code.
352 if (fdp->fd_files[fd].fp == nfp) {
359 * Release explicitly held references before returning.
368 * accept_args(int s, caddr_t name, int *anamelen)
371 accept(struct accept_args *uap)
373 struct sockaddr *sa = NULL;
378 error = copyin(uap->anamelen, &sa_len, sizeof(sa_len));
382 error = kern_accept(uap->s, &sa, &sa_len, &uap->sysmsg_result);
385 error = copyout(sa, uap->name, sa_len);
387 error = copyout(&sa_len, uap->anamelen,
388 sizeof(*uap->anamelen));
393 error = kern_accept(uap->s, NULL, 0, &uap->sysmsg_result);
399 * Returns TRUE if predicate satisfied.
402 soconnected_predicate(struct netmsg *msg0)
404 struct netmsg_so_notify *msg = (struct netmsg_so_notify *)msg0;
405 struct socket *so = msg->nm_so;
407 /* check predicate */
408 if (!(so->so_state & SS_ISCONNECTING) || so->so_error != 0) {
409 msg->nm_lmsg.ms_error = so->so_error;
417 kern_connect(int s, struct sockaddr *sa)
419 struct thread *td = curthread;
420 struct proc *p = td->td_proc;
425 error = holdsock(p->p_fd, s, &fp);
428 so = (struct socket *)fp->f_data;
429 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
433 error = soconnect(so, sa, td);
436 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) {
440 if ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) {
441 struct netmsg_so_notify msg;
444 port = so->so_proto->pr_mport(so, sa, PRU_PRED);
445 lwkt_initmsg(&msg.nm_lmsg,
446 &curthread->td_msgport,
447 MSGF_PCATCH | MSGF_ABORTABLE,
448 lwkt_cmd_func(netmsg_so_notify),
449 lwkt_cmd_func(netmsg_so_notify_abort));
450 msg.nm_predicate = soconnected_predicate;
452 msg.nm_etype = NM_REVENT;
453 error = lwkt_domsg(port, &msg.nm_lmsg);
456 error = so->so_error;
460 so->so_state &= ~SS_ISCONNECTING;
461 if (error == ERESTART)
469 * connect_args(int s, caddr_t name, int namelen)
472 connect(struct connect_args *uap)
477 error = getsockaddr(&sa, uap->name, uap->namelen);
480 error = kern_connect(uap->s, sa);
487 kern_socketpair(int domain, int type, int protocol, int *sv)
489 struct thread *td = curthread;
490 struct proc *p = td->td_proc;
491 struct filedesc *fdp;
492 struct file *fp1, *fp2;
493 struct socket *so1, *so2;
498 error = socreate(domain, &so1, type, protocol, td);
501 error = socreate(domain, &so2, type, protocol, td);
504 error = falloc(p, &fp1, &fd);
509 error = falloc(p, &fp2, &fd);
514 error = soconnect2(so1, so2);
517 if (type == SOCK_DGRAM) {
519 * Datagram socket connection is asymmetric.
521 error = soconnect2(so2, so1);
525 fp1->f_type = fp2->f_type = DTYPE_SOCKET;
526 fp1->f_flag = fp2->f_flag = FREAD|FWRITE;
527 fp1->f_ops = fp2->f_ops = &socketops;
532 if (fdp->fd_files[sv[1]].fp == fp2) {
533 funsetfd(fdp, sv[1]);
538 if (fdp->fd_files[sv[0]].fp == fp1) {
539 funsetfd(fdp, sv[0]);
551 * socketpair(int domain, int type, int protocol, int *rsv)
554 socketpair(struct socketpair_args *uap)
558 error = kern_socketpair(uap->domain, uap->type, uap->protocol, sockv);
561 error = copyout(sockv, uap->rsv, sizeof(sockv));
566 kern_sendmsg(int s, struct sockaddr *sa, struct uio *auio,
567 struct mbuf *control, int flags, int *res)
569 struct thread *td = curthread;
570 struct proc *p = td->td_proc;
575 struct iovec *ktriov = NULL;
579 error = holdsock(p->p_fd, s, &fp);
582 if (auio->uio_resid < 0) {
587 if (KTRPOINT(td, KTR_GENIO)) {
588 int iovlen = auio->uio_iovcnt * sizeof (struct iovec);
590 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK);
591 bcopy((caddr_t)auio->uio_iov, (caddr_t)ktriov, iovlen);
595 len = auio->uio_resid;
596 so = (struct socket *)fp->f_data;
597 error = so_pru_sosend(so, sa, auio, NULL, control, flags, td);
599 if (auio->uio_resid != len && (error == ERESTART ||
600 error == EINTR || error == EWOULDBLOCK))
606 if (ktriov != NULL) {
608 ktruio.uio_iov = ktriov;
609 ktruio.uio_resid = len - auio->uio_resid;
610 ktrgenio(p->p_tracep, s, UIO_WRITE, &ktruio, error);
612 FREE(ktriov, M_TEMP);
616 *res = len - auio->uio_resid;
623 * sendto_args(int s, caddr_t buf, size_t len, int flags, caddr_t to, int tolen)
626 sendto(struct sendto_args *uap)
628 struct thread *td = curthread;
631 struct sockaddr *sa = NULL;
635 error = getsockaddr(&sa, uap->to, uap->tolen);
639 aiov.iov_base = uap->buf;
640 aiov.iov_len = uap->len;
641 auio.uio_iov = &aiov;
644 auio.uio_resid = uap->len;
645 auio.uio_segflg = UIO_USERSPACE;
646 auio.uio_rw = UIO_WRITE;
649 error = kern_sendmsg(uap->s, sa, &auio, NULL, uap->flags,
650 &uap->sysmsg_result);
658 * sendmsg_args(int s, caddr_t msg, int flags)
661 sendmsg(struct sendmsg_args *uap)
663 struct thread *td = curthread;
666 struct iovec aiov[UIO_SMALLIOV], *iov = NULL;
667 struct sockaddr *sa = NULL;
668 struct mbuf *control = NULL;
671 error = copyin(uap->msg, (caddr_t)&msg, sizeof(msg));
676 * Conditionally copyin msg.msg_name.
679 error = getsockaddr(&sa, msg.msg_name, msg.msg_namelen);
687 error = iovec_copyin(msg.msg_iov, &iov, aiov, msg.msg_iovlen,
692 auio.uio_iovcnt = msg.msg_iovlen;
694 auio.uio_segflg = UIO_USERSPACE;
695 auio.uio_rw = UIO_WRITE;
699 * Conditionally copyin msg.msg_control.
701 if (msg.msg_control) {
702 if (msg.msg_controllen < sizeof(struct cmsghdr) ||
703 msg.msg_controllen > MLEN) {
707 control = m_get(MB_WAIT, MT_CONTROL);
708 if (control == NULL) {
712 control->m_len = msg.msg_controllen;
713 error = copyin(msg.msg_control, mtod(control, caddr_t),
721 error = kern_sendmsg(uap->s, sa, &auio, control, uap->flags,
722 &uap->sysmsg_result);
727 iovec_free(&iov, aiov);
732 * kern_recvmsg() takes a handle to sa and control. If the handle is non-
733 * null, it returns a dynamically allocated struct sockaddr and an mbuf.
734 * Don't forget to FREE() and m_free() these if they are returned.
737 kern_recvmsg(int s, struct sockaddr **sa, struct uio *auio,
738 struct mbuf **control, int *flags, int *res)
740 struct thread *td = curthread;
741 struct proc *p = td->td_proc;
746 struct iovec *ktriov = NULL;
750 error = holdsock(p->p_fd, s, &fp);
753 if (auio->uio_resid < 0) {
758 if (KTRPOINT(td, KTR_GENIO)) {
759 int iovlen = auio->uio_iovcnt * sizeof (struct iovec);
761 MALLOC(ktriov, struct iovec *, iovlen, M_TEMP, M_WAITOK);
762 bcopy(auio->uio_iov, ktriov, iovlen);
766 len = auio->uio_resid;
767 so = (struct socket *)fp->f_data;
768 error = so_pru_soreceive(so, sa, auio, NULL, control, flags);
770 if (auio->uio_resid != len && (error == ERESTART ||
771 error == EINTR || error == EWOULDBLOCK))
775 if (ktriov != NULL) {
777 ktruio.uio_iov = ktriov;
778 ktruio.uio_resid = len - auio->uio_resid;
779 ktrgenio(p->p_tracep, s, UIO_READ, &ktruio, error);
781 FREE(ktriov, M_TEMP);
785 *res = len - auio->uio_resid;
792 * recvfrom_args(int s, caddr_t buf, size_t len, int flags,
793 * caddr_t from, int *fromlenaddr)
796 recvfrom(struct recvfrom_args *uap)
798 struct thread *td = curthread;
801 struct sockaddr *sa = NULL;
804 if (uap->from && uap->fromlenaddr) {
805 error = copyin(uap->fromlenaddr, &fromlen, sizeof(fromlen));
813 aiov.iov_base = uap->buf;
814 aiov.iov_len = uap->len;
815 auio.uio_iov = &aiov;
818 auio.uio_resid = uap->len;
819 auio.uio_segflg = UIO_USERSPACE;
820 auio.uio_rw = UIO_READ;
823 error = kern_recvmsg(uap->s, uap->from ? &sa : NULL, &auio, NULL,
824 &uap->flags, &uap->sysmsg_result);
826 if (error == 0 && uap->from) {
827 /* note: sa may still be NULL */
829 fromlen = MIN(fromlen, sa->sa_len);
830 error = copyout(sa, uap->from, fromlen);
835 error = copyout(&fromlen, uap->fromlenaddr,
846 * recvmsg_args(int s, struct msghdr *msg, int flags)
849 recvmsg(struct recvmsg_args *uap)
851 struct thread *td = curthread;
854 struct iovec aiov[UIO_SMALLIOV], *iov = NULL;
855 struct mbuf *m, *control = NULL;
856 struct sockaddr *sa = NULL;
858 socklen_t *ufromlenp, *ucontrollenp;
859 int error, fromlen, controllen, len, flags, *uflagsp;
862 * This copyin handles everything except the iovec.
864 error = copyin(uap->msg, &msg, sizeof(msg));
868 if (msg.msg_name && msg.msg_namelen < 0)
870 if (msg.msg_control && msg.msg_controllen < 0)
873 ufromlenp = (socklen_t *)((caddr_t)uap->msg + offsetof(struct msghdr,
875 ucontrollenp = (socklen_t *)((caddr_t)uap->msg + offsetof(struct msghdr,
877 uflagsp = (int *)((caddr_t)uap->msg + offsetof(struct msghdr,
883 error = iovec_copyin(msg.msg_iov, &iov, aiov, msg.msg_iovlen,
888 auio.uio_iovcnt = msg.msg_iovlen;
890 auio.uio_segflg = UIO_USERSPACE;
891 auio.uio_rw = UIO_READ;
896 error = kern_recvmsg(uap->s, msg.msg_name ? &sa : NULL, &auio,
897 msg.msg_control ? &control : NULL, &flags, &uap->sysmsg_result);
900 * Conditionally copyout the name and populate the namelen field.
902 if (error == 0 && msg.msg_name) {
903 fromlen = MIN(msg.msg_namelen, sa->sa_len);
904 error = copyout(sa, msg.msg_name, fromlen);
906 error = copyout(&fromlen, ufromlenp,
911 * Copyout msg.msg_control and msg.msg_controllen.
913 if (error == 0 && msg.msg_control) {
914 len = msg.msg_controllen;
916 ctlbuf = (caddr_t)msg.msg_control;
918 while(m && len > 0) {
921 if (len >= m->m_len) {
924 msg.msg_flags |= MSG_CTRUNC;
928 error = copyout(mtod(m, caddr_t), ctlbuf, tocopy);
936 controllen = ctlbuf - (caddr_t)msg.msg_control;
937 error = copyout(&controllen, ucontrollenp,
938 sizeof(*ucontrollenp));
942 error = copyout(&flags, uflagsp, sizeof(*uflagsp));
947 iovec_free(&iov, aiov);
954 * If sopt->sopt_td == NULL, then sopt->sopt_val is treated as an
955 * in kernel pointer instead of a userland pointer. This allows us
956 * to manipulate socket options in the emulation code.
959 kern_setsockopt(int s, struct sockopt *sopt)
961 struct thread *td = curthread;
962 struct proc *p = td->td_proc;
966 if (sopt->sopt_val == 0 && sopt->sopt_valsize != 0)
968 if (sopt->sopt_valsize < 0)
971 error = holdsock(p->p_fd, s, &fp);
975 error = sosetopt((struct socket *)fp->f_data, sopt);
981 * setsockopt_args(int s, int level, int name, caddr_t val, int valsize)
984 setsockopt(struct setsockopt_args *uap)
986 struct thread *td = curthread;
990 sopt.sopt_level = uap->level;
991 sopt.sopt_name = uap->name;
992 sopt.sopt_val = uap->val;
993 sopt.sopt_valsize = uap->valsize;
996 error = kern_setsockopt(uap->s, &sopt);
1001 * If sopt->sopt_td == NULL, then sopt->sopt_val is treated as an
1002 * in kernel pointer instead of a userland pointer. This allows us
1003 * to manipulate socket options in the emulation code.
1006 kern_getsockopt(int s, struct sockopt *sopt)
1008 struct thread *td = curthread;
1009 struct proc *p = td->td_proc;
1013 if (sopt->sopt_val == 0 && sopt->sopt_valsize != 0)
1015 if (sopt->sopt_valsize < 0)
1018 error = holdsock(p->p_fd, s, &fp);
1022 error = sogetopt((struct socket *)fp->f_data, sopt);
1028 * getsockopt_Args(int s, int level, int name, caddr_t val, int *avalsize)
1031 getsockopt(struct getsockopt_args *uap)
1033 struct thread *td = curthread;
1034 struct sockopt sopt;
1038 error = copyin(uap->avalsize, &valsize, sizeof(valsize));
1047 sopt.sopt_level = uap->level;
1048 sopt.sopt_name = uap->name;
1049 sopt.sopt_val = uap->val;
1050 sopt.sopt_valsize = valsize;
1053 error = kern_getsockopt(uap->s, &sopt);
1055 valsize = sopt.sopt_valsize;
1056 error = copyout(&valsize, uap->avalsize, sizeof(valsize));
1062 * The second argument to kern_getsockname() is a handle to a struct sockaddr.
1063 * This allows kern_getsockname() to return a pointer to an allocated struct
1064 * sockaddr which must be freed later with FREE(). The caller must
1065 * initialize *name to NULL.
1068 kern_getsockname(int s, struct sockaddr **name, int *namelen)
1070 struct thread *td = curthread;
1071 struct proc *p = td->td_proc;
1074 struct sockaddr *sa = NULL;
1077 error = holdsock(p->p_fd, s, &fp);
1084 so = (struct socket *)fp->f_data;
1085 error = so_pru_sockaddr(so, &sa);
1090 *namelen = MIN(*namelen, sa->sa_len);
1100 * getsockname_args(int fdes, caddr_t asa, int *alen)
1105 getsockname(struct getsockname_args *uap)
1107 struct sockaddr *sa = NULL;
1110 error = copyin(uap->alen, &sa_len, sizeof(sa_len));
1114 error = kern_getsockname(uap->fdes, &sa, &sa_len);
1117 error = copyout(sa, uap->asa, sa_len);
1119 error = copyout(&sa_len, uap->alen, sizeof(*uap->alen));
1126 * The second argument to kern_getpeername() is a handle to a struct sockaddr.
1127 * This allows kern_getpeername() to return a pointer to an allocated struct
1128 * sockaddr which must be freed later with FREE(). The caller must
1129 * initialize *name to NULL.
1132 kern_getpeername(int s, struct sockaddr **name, int *namelen)
1134 struct thread *td = curthread;
1135 struct proc *p = td->td_proc;
1138 struct sockaddr *sa = NULL;
1141 error = holdsock(p->p_fd, s, &fp);
1148 so = (struct socket *)fp->f_data;
1149 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) {
1153 error = so_pru_peeraddr(so, &sa);
1158 *namelen = MIN(*namelen, sa->sa_len);
1168 * getpeername_args(int fdes, caddr_t asa, int *alen)
1170 * Get name of peer for connected socket.
1173 getpeername(struct getpeername_args *uap)
1175 struct sockaddr *sa = NULL;
1178 error = copyin(uap->alen, &sa_len, sizeof(sa_len));
1182 error = kern_getpeername(uap->fdes, &sa, &sa_len);
1185 error = copyout(sa, uap->asa, sa_len);
1187 error = copyout(&sa_len, uap->alen, sizeof(*uap->alen));
1194 getsockaddr(struct sockaddr **namp, caddr_t uaddr, size_t len)
1196 struct sockaddr *sa;
1200 if (len > SOCK_MAXADDRLEN)
1201 return ENAMETOOLONG;
1202 if (len < offsetof(struct sockaddr, sa_data[0]))
1204 MALLOC(sa, struct sockaddr *, len, M_SONAME, M_WAITOK);
1205 error = copyin(uaddr, sa, len);
1209 #if BYTE_ORDER != BIG_ENDIAN
1211 * The bind(), connect(), and sendto() syscalls were not
1212 * versioned for COMPAT_43. Thus, this check must stay.
1214 if (sa->sa_family == 0 && sa->sa_len < AF_MAX)
1215 sa->sa_family = sa->sa_len;
1224 * holdsock() - load the struct file pointer associated
1225 * with a socket into *fpp. If an error occurs, non-zero
1226 * will be returned and *fpp will be set to NULL.
1229 holdsock(struct filedesc *fdp, int fdes, struct file **fpp)
1235 if ((unsigned)fdes >= fdp->fd_nfiles)
1237 if ((fp = fdp->fd_files[fdes].fp) == NULL)
1239 if (fp->f_type != DTYPE_SOCKET)
1247 * Detach a mapped page and release resources back to the system.
1248 * We must release our wiring and if the object is ripped out
1249 * from under the vm_page we become responsible for freeing the
1252 * XXX HACK XXX TEMPORARY UNTIL WE IMPLEMENT EXT MBUF REFERENCE COUNTING
1255 sf_buf_mref(void *arg)
1257 struct sfbuf_mref *sfm = arg;
1263 sf_buf_mfree(void *arg)
1265 struct sfbuf_mref *sfm = arg;
1268 KKASSERT(sfm->mref_count > 0);
1269 if (--sfm->mref_count == 0) {
1270 m = sf_buf_page(sfm->sf);
1271 sf_buf_free(sfm->sf);
1273 vm_page_unwire(m, 0);
1274 if (m->wire_count == 0 && m->object == NULL)
1275 vm_page_try_to_free(m);
1277 free(sfm, M_SENDFILE);
1283 * int sendfile(int fd, int s, off_t offset, size_t nbytes,
1284 * struct sf_hdtr *hdtr, off_t *sbytes, int flags)
1286 * Send a file specified by 'fd' and starting at 'offset' to a socket
1287 * specified by 's'. Send only 'nbytes' of the file or until EOF if
1288 * nbytes == 0. Optionally add a header and/or trailer to the socket
1289 * output. If specified, write the total number of bytes sent into *sbytes.
1291 * In FreeBSD kern/uipc_syscalls.c,v 1.103, a bug was fixed that caused
1292 * the headers to count against the remaining bytes to be sent from
1293 * the file descriptor. We may wish to implement a compatibility syscall
1297 sendfile(struct sendfile_args *uap)
1299 struct thread *td = curthread;
1300 struct proc *p = td->td_proc;
1302 struct filedesc *fdp;
1303 struct vnode *vp = NULL;
1304 struct sf_hdtr hdtr;
1305 struct iovec aiov[UIO_SMALLIOV], *iov = NULL;
1307 struct mbuf *mheader = NULL;
1308 off_t hdtr_size = 0, sbytes;
1309 int error, hbytes = 0, tbytes;
1315 * Do argument checking. Must be a regular file in, stream
1316 * type and connected socket out, positive offset.
1318 fp = holdfp(fdp, uap->fd, FREAD);
1322 if (fp->f_type != DTYPE_VNODE) {
1326 vp = (struct vnode *)fp->f_data;
1331 * If specified, get the pointer to the sf_hdtr struct for
1332 * any headers/trailers.
1335 error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
1342 error = iovec_copyin(hdtr.headers, &iov, aiov,
1343 hdtr.hdr_cnt, &hbytes);
1347 auio.uio_iovcnt = hdtr.hdr_cnt;
1348 auio.uio_offset = 0;
1349 auio.uio_segflg = UIO_USERSPACE;
1350 auio.uio_rw = UIO_WRITE;
1352 auio.uio_resid = hbytes;
1354 mheader = m_uiomove(&auio);
1356 iovec_free(&iov, aiov);
1357 if (mheader == NULL)
1362 error = kern_sendfile(vp, uap->s, uap->offset, uap->nbytes, mheader,
1363 &sbytes, uap->flags);
1368 * Send trailers. Wimp out and use writev(2).
1370 if (uap->hdtr != NULL && hdtr.trailers != NULL) {
1371 error = iovec_copyin(hdtr.trailers, &iov, aiov,
1372 hdtr.trl_cnt, &auio.uio_resid);
1376 auio.uio_iovcnt = hdtr.trl_cnt;
1377 auio.uio_offset = 0;
1378 auio.uio_segflg = UIO_USERSPACE;
1379 auio.uio_rw = UIO_WRITE;
1382 error = kern_sendmsg(uap->s, NULL, &auio, NULL, 0, &tbytes);
1384 iovec_free(&iov, aiov);
1387 hdtr_size += tbytes; /* trailer bytes successfully sent */
1391 if (uap->sbytes != NULL) {
1392 sbytes += hdtr_size;
1393 copyout(&sbytes, uap->sbytes, sizeof(off_t));
1401 kern_sendfile(struct vnode *vp, int sfd, off_t offset, size_t nbytes,
1402 struct mbuf *mheader, off_t *sbytes, int flags)
1404 struct thread *td = curthread;
1405 struct proc *p = td->td_proc;
1406 struct vm_object *obj;
1411 struct sfbuf_mref *sfm;
1417 if (vp->v_type != VREG || VOP_GETVOBJECT(vp, &obj) != 0) {
1421 error = holdsock(p->p_fd, sfd, &fp);
1424 so = (struct socket *)fp->f_data;
1425 if (so->so_type != SOCK_STREAM) {
1429 if ((so->so_state & SS_ISCONNECTED) == 0) {
1440 * Protect against multiple writers to the socket.
1442 (void) sblock(&so->so_snd, M_WAITOK);
1445 * Loop through the pages in the file, starting with the requested
1446 * offset. Get a file page (do I/O if necessary), map the file page
1447 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
1450 for (off = offset; ; off += xfsize, *sbytes += xfsize + hbytes) {
1454 pindex = OFF_TO_IDX(off);
1457 * Calculate the amount to transfer. Not to exceed a page,
1458 * the EOF, or the passed in nbytes.
1460 xfsize = obj->un_pager.vnp.vnp_size - off;
1461 if (xfsize > PAGE_SIZE)
1463 pgoff = (vm_offset_t)(off & PAGE_MASK);
1464 if (PAGE_SIZE - pgoff < xfsize)
1465 xfsize = PAGE_SIZE - pgoff;
1466 if (nbytes && xfsize > (nbytes - *sbytes))
1467 xfsize = nbytes - *sbytes;
1471 * Optimize the non-blocking case by looking at the socket space
1472 * before going to the extra work of constituting the sf_buf.
1474 if ((so->so_state & SS_NBIO) && sbspace(&so->so_snd) <= 0) {
1475 if (so->so_state & SS_CANTSENDMORE)
1479 sbunlock(&so->so_snd);
1483 * Attempt to look up the page.
1485 * Allocate if not found, wait and loop if busy, then
1486 * wire the page. critical section protection is
1487 * required to maintain the object association (an
1488 * interrupt can free the page) through to the
1489 * vm_page_wire() call.
1492 pg = vm_page_lookup(obj, pindex);
1494 pg = vm_page_alloc(obj, pindex, VM_ALLOC_NORMAL);
1501 } else if (vm_page_sleep_busy(pg, TRUE, "sfpbsy")) {
1509 * If page is not valid for what we need, initiate I/O
1512 if (!pg->valid || !vm_page_is_valid(pg, pgoff, xfsize)) {
1518 * Ensure that our page is still around when the I/O
1521 vm_page_io_start(pg);
1524 * Get the page from backing store.
1526 bsize = vp->v_mount->mnt_stat.f_iosize;
1527 auio.uio_iov = &aiov;
1528 auio.uio_iovcnt = 1;
1530 aiov.iov_len = MAXBSIZE;
1531 auio.uio_resid = MAXBSIZE;
1532 auio.uio_offset = trunc_page(off);
1533 auio.uio_segflg = UIO_NOCOPY;
1534 auio.uio_rw = UIO_READ;
1536 vn_lock(vp, LK_SHARED | LK_NOPAUSE | LK_RETRY, td);
1537 error = VOP_READ(vp, &auio,
1538 IO_VMIO | ((MAXBSIZE / bsize) << 16),
1540 VOP_UNLOCK(vp, 0, td);
1541 vm_page_flag_clear(pg, PG_ZERO);
1542 vm_page_io_finish(pg);
1545 vm_page_unwire(pg, 0);
1546 vm_page_try_to_free(pg);
1548 sbunlock(&so->so_snd);
1555 * Get a sendfile buf. We usually wait as long as necessary,
1556 * but this wait can be interrupted.
1558 if ((sf = sf_buf_alloc(pg, SFB_CATCH)) == NULL) {
1560 vm_page_unwire(pg, 0);
1561 vm_page_try_to_free(pg);
1563 sbunlock(&so->so_snd);
1569 * Get an mbuf header and set it up as having external storage.
1571 MGETHDR(m, MB_WAIT, MT_DATA);
1575 sbunlock(&so->so_snd);
1580 * sfm is a temporary hack, use a per-cpu cache for this.
1582 sfm = malloc(sizeof(struct sfbuf_mref), M_SENDFILE, M_WAITOK);
1584 sfm->mref_count = 1;
1586 m->m_ext.ext_free = sf_buf_mfree;
1587 m->m_ext.ext_ref = sf_buf_mref;
1588 m->m_ext.ext_arg = sfm;
1589 m->m_ext.ext_buf = (void *)sf->kva;
1590 m->m_ext.ext_size = PAGE_SIZE;
1591 m->m_data = (char *) sf->kva + pgoff;
1592 m->m_flags |= M_EXT;
1593 m->m_pkthdr.len = m->m_len = xfsize;
1594 KKASSERT((m->m_flags & (M_EXT_CLUSTER)) == 0);
1596 if (mheader != NULL) {
1597 hbytes = mheader->m_pkthdr.len;
1598 mheader->m_pkthdr.len += m->m_pkthdr.len;
1606 * Add the buffer to the socket buffer chain.
1611 * Make sure that the socket is still able to take more data.
1612 * CANTSENDMORE being true usually means that the connection
1613 * was closed. so_error is true when an error was sensed after
1615 * The state is checked after the page mapping and buffer
1616 * allocation above since those operations may block and make
1617 * any socket checks stale. From this point forward, nothing
1618 * blocks before the pru_send (or more accurately, any blocking
1619 * results in a loop back to here to re-check).
1621 if ((so->so_state & SS_CANTSENDMORE) || so->so_error) {
1622 if (so->so_state & SS_CANTSENDMORE) {
1625 error = so->so_error;
1629 sbunlock(&so->so_snd);
1634 * Wait for socket space to become available. We do this just
1635 * after checking the connection state above in order to avoid
1636 * a race condition with sbwait().
1638 if (sbspace(&so->so_snd) < so->so_snd.sb_lowat) {
1639 if (so->so_state & SS_NBIO) {
1641 sbunlock(&so->so_snd);
1646 error = sbwait(&so->so_snd);
1648 * An error from sbwait usually indicates that we've
1649 * been interrupted by a signal. If we've sent anything
1650 * then return bytes sent, otherwise return the error.
1654 sbunlock(&so->so_snd);
1660 error = so_pru_send(so, 0, m, NULL, NULL, td);
1663 sbunlock(&so->so_snd);
1667 if (mheader != NULL) {
1668 *sbytes += mheader->m_pkthdr.len;
1669 error = so_pru_send(so, 0, mheader, NULL, NULL, td);
1672 sbunlock(&so->so_snd);
1677 if (mheader != NULL)
1683 sctp_peeloff(struct sctp_peeloff_args *uap)
1686 struct thread *td = curthread;
1687 struct proc *p = td->td_proc;
1688 struct filedesc *fdp = p->p_fd;
1689 struct file *lfp = NULL;
1690 struct file *nfp = NULL;
1692 struct socket *head, *so;
1695 short fflag; /* type must match fp->f_flag */
1697 assoc_id = uap->name;
1698 error = holdsock(fdp, uap->sd, &lfp);
1703 head = (struct socket *)lfp->f_data;
1704 error = sctp_can_peel_off(head, assoc_id);
1710 * At this point we know we do have a assoc to pull
1711 * we proceed to get the fd setup. This may block
1715 fflag = lfp->f_flag;
1716 error = falloc(p, &nfp, &fd);
1719 * Probably ran out of file descriptors. Put the
1720 * unaccepted connection back onto the queue and
1721 * do another wakeup so some other process might
1722 * have a chance at it.
1728 uap->sysmsg_result = fd;
1730 so = sctp_get_peeloff(head, assoc_id, &error);
1733 * Either someone else peeled it off OR
1734 * we can't get a socket.
1738 so->so_state &= ~SS_COMP;
1739 so->so_state &= ~SS_NOFDREF;
1741 if (head->so_sigio != NULL)
1742 fsetown(fgetown(head->so_sigio), &so->so_sigio);
1744 nfp->f_type = DTYPE_SOCKET;
1745 nfp->f_flag = fflag;
1746 nfp->f_ops = &socketops;
1751 * close the new descriptor, assuming someone hasn't ripped it
1752 * out from under us.
1755 if (fdp->fd_files[fd].fp == nfp) {
1762 * Release explicitly held references before returning.