Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/kern/uipc_socket.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/kern/uipc_socket.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.186 retrieving revision 1.197 diff -u -p -r1.186 -r1.197 --- src/sys/kern/uipc_socket.c 2009/01/23 15:40:19 1.186 +++ src/sys/kern/uipc_socket.c 2009/12/29 03:48:18 1.197 @@ -1,11 +1,11 @@ -/* $NetBSD: uipc_socket.c,v 1.186 2009/01/23 15:40:19 pooka Exp $ */ +/* $NetBSD: uipc_socket.c,v 1.197 2009/12/29 03:48:18 elad Exp $ */ /*- - * Copyright (c) 2002, 2007, 2008 The NetBSD Foundation, Inc. + * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Jason R. Thorpe of Wasabi Systems, Inc. + * by Jason R. Thorpe of Wasabi Systems, Inc, and by Andrew Doran. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,7 +63,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.186 2009/01/23 15:40:19 pooka Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.197 2009/12/29 03:48:18 elad Exp $"); #include "opt_compat_netbsd.h" #include "opt_sock_counters.h" @@ -151,6 +151,8 @@ int somaxkva = SOMAXKVA; static int socurkva; static kcondvar_t socurkva_cv; +static kauth_listener_t socket_listener; + #define SOCK_LOAN_CHUNK 65536 static size_t sodopendfree(void); @@ -384,7 +386,7 @@ sosend_loan(struct socket *so, struct ui for (i = 0, va = lva; i < npgs; i++, va += PAGE_SIZE) pmap_kenter_pa(va, VM_PAGE_TO_PHYS(m->m_ext.ext_pgs[i]), - VM_PROT_READ); + VM_PROT_READ, 0); pmap_update(pmap_kernel()); lva += (vaddr_t) iov->iov_base & PAGE_MASK; @@ -428,6 +430,63 @@ getsombuf(struct socket *so, int type) return m; } +static int +socket_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, + void *arg0, void *arg1, void *arg2, void *arg3) +{ + int result; + enum kauth_network_req req; + + result = KAUTH_RESULT_DEFER; + req = (enum kauth_network_req)arg0; + + if ((action != KAUTH_NETWORK_SOCKET) && + (action != KAUTH_NETWORK_BIND)) + return result; + + switch (req) { + case KAUTH_REQ_NETWORK_BIND_PORT: + result = KAUTH_RESULT_ALLOW; + break; + + case KAUTH_REQ_NETWORK_SOCKET_DROP: { + /* Normal users can only drop their own connections. */ + struct socket *so = (struct socket *)arg1; + uid_t sockuid = so->so_uidinfo->ui_uid; + + if (sockuid == kauth_cred_getuid(cred) || + sockuid == kauth_cred_geteuid(cred)) + result = KAUTH_RESULT_ALLOW; + + break; + } + + case KAUTH_REQ_NETWORK_SOCKET_OPEN: + /* We allow "raw" routing/bluetooth sockets to anyone. */ + if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_BLUETOOTH) + result = KAUTH_RESULT_ALLOW; + else { + /* Privileged, let secmodel handle this. */ + if ((u_long)arg2 == SOCK_RAW) + break; + } + + result = KAUTH_RESULT_ALLOW; + + break; + + case KAUTH_REQ_NETWORK_SOCKET_CANSEE: + result = KAUTH_RESULT_ALLOW; + + break; + + default: + break; + } + + return result; +} + void soinit(void) { @@ -445,6 +504,9 @@ soinit(void) callback_register(&vm_map_to_kernel(kernel_map)->vmk_reclaim_callback, &sokva_reclaimerentry, NULL, sokva_reclaim_callback); + + socket_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK, + socket_listener_cb, NULL); } /* @@ -555,6 +617,19 @@ fsocreate(int domain, struct socket **so } int +sofamily(const struct socket *so) +{ + const struct protosw *pr; + const struct domain *dom; + + if ((pr = so->so_proto) == NULL) + return AF_UNSPEC; + if ((dom = pr->pr_domain) == NULL) + return AF_UNSPEC; + return dom->dom_family; +} + +int sobind(struct socket *so, struct mbuf *nam, struct lwp *l) { int error; @@ -828,6 +903,7 @@ sosend(struct socket *so, struct mbuf *a struct proc *p; long space, len, resid, clen, mlen; int error, s, dontroute, atomic; + short wakeup_state = 0; p = l->l_proc; sodopendfree(); @@ -902,11 +978,17 @@ sosend(struct socket *so, struct mbuf *a goto release; } sbunlock(&so->so_snd); + if (wakeup_state & SS_RESTARTSYS) { + error = ERESTART; + goto out; + } error = sbwait(&so->so_snd); if (error) goto out; + wakeup_state = so->so_state; goto restart; } + wakeup_state = 0; mp = ⊤ space -= clen; do { @@ -1082,6 +1164,7 @@ soreceive(struct socket *so, struct mbuf struct mbuf *nextrecord; int mbuf_removed = 0; const struct domain *dom; + short wakeup_state = 0; pr = so->so_proto; atomic = pr->pr_flags & PR_ATOMIC; @@ -1196,12 +1279,16 @@ soreceive(struct socket *so, struct mbuf SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 1"); SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 1"); sbunlock(&so->so_rcv); - error = sbwait(&so->so_rcv); + if (wakeup_state & SS_RESTARTSYS) + error = ERESTART; + else + error = sbwait(&so->so_rcv); if (error != 0) { sounlock(so); splx(s); return error; } + wakeup_state = so->so_state; goto restart; } dontblock: @@ -1340,6 +1427,7 @@ soreceive(struct socket *so, struct mbuf panic("receive 3"); #endif so->so_state &= ~SS_RCVATMARK; + wakeup_state = 0; len = uio->uio_resid; if (so->so_oobmark && len > so->so_oobmark - offset) len = so->so_oobmark - offset; @@ -1472,7 +1560,10 @@ soreceive(struct socket *so, struct mbuf NULL, (struct mbuf *)(long)flags, NULL, l); SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 2"); SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 2"); - error = sbwait(&so->so_rcv); + if (wakeup_state & SS_RESTARTSYS) + error = ERESTART; + else + error = sbwait(&so->so_rcv); if (error != 0) { sbunlock(&so->so_rcv); sounlock(so); @@ -1481,6 +1572,7 @@ soreceive(struct socket *so, struct mbuf } if ((m = so->so_rcv.sb_mb) != NULL) nextrecord = m->m_nextpkt; + wakeup_state = so->so_state; } } @@ -1548,6 +1640,25 @@ soshutdown(struct socket *so, int how) } void +sorestart(struct socket *so) +{ + /* + * An application has called close() on an fd on which another + * of its threads has called a socket system call. + * Mark this and wake everyone up, and code that would block again + * instead returns ERESTART. + * On system call re-entry the fd is validated and EBADF returned. + * Any other fd will block again on the 2nd syscall. + */ + solock(so); + so->so_state |= SS_RESTARTSYS; + cv_broadcast(&so->so_cv); + cv_broadcast(&so->so_snd.sb_cv); + cv_broadcast(&so->so_rcv.sb_cv); + sounlock(so); +} + +void sorflush(struct socket *so) { struct sockbuf *sb, asb; @@ -2078,7 +2189,7 @@ sohasoutofband(struct socket *so) { fownsignal(so->so_pgid, SIGURG, POLL_PRI, POLLPRI|POLLRDBAND, so); - selnotify(&so->so_rcv.sb_sel, POLLPRI | POLLRDBAND, 0); + selnotify(&so->so_rcv.sb_sel, POLLPRI | POLLRDBAND, NOTE_SUBMIT); } static void @@ -2310,7 +2421,7 @@ sysctl_kern_somaxkva(SYSCTLFN_ARGS) } static void -sysctl_kern_somaxkva_setup() +sysctl_kern_somaxkva_setup(void) { KASSERT(socket_sysctllog == NULL);