Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/kern/uipc_socket.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/kern/uipc_socket.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.164.2.2 retrieving revision 1.198 diff -u -p -r1.164.2.2 -r1.198 --- src/sys/kern/uipc_socket.c 2008/09/18 04:31:44 1.164.2.2 +++ src/sys/kern/uipc_socket.c 2009/12/29 04:23:43 1.198 @@ -1,11 +1,11 @@ -/* $NetBSD: uipc_socket.c,v 1.164.2.2 2008/09/18 04:31:44 wrstuden Exp $ */ +/* $NetBSD: uipc_socket.c,v 1.198 2009/12/29 04:23:43 elad Exp $ */ /*- - * Copyright (c) 2002, 2007, 2008 The NetBSD Foundation, Inc. + * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc. * All rights reserved. * * This code is derived from software contributed to The NetBSD Foundation - * by Jason R. Thorpe of Wasabi Systems, Inc. + * by Jason R. Thorpe of Wasabi Systems, Inc, and by Andrew Doran. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,9 +63,9 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.164.2.2 2008/09/18 04:31:44 wrstuden Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.198 2009/12/29 04:23:43 elad Exp $"); -#include "opt_inet.h" +#include "opt_compat_netbsd.h" #include "opt_sock_counters.h" #include "opt_sosend_loan.h" #include "opt_mbuftrace.h" @@ -77,7 +77,7 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_socket. #include #include #include -#include +#include #include #include #include @@ -86,12 +86,18 @@ __KERNEL_RCSID(0, "$NetBSD: uipc_socket. #include #include #include +#include #include #include #include #include #include +#ifdef COMPAT_50 +#include +#include +#endif + #include MALLOC_DEFINE(M_SOOPTS, "soopts", "socket options"); @@ -145,11 +151,16 @@ int somaxkva = SOMAXKVA; static int socurkva; static kcondvar_t socurkva_cv; +static kauth_listener_t socket_listener; + #define SOCK_LOAN_CHUNK 65536 static size_t sodopendfree(void); static size_t sodopendfreel(void); +static void sysctl_kern_somaxkva_setup(void); +static struct sysctllog *socket_sysctllog; + static vsize_t sokvareserve(struct socket *so, vsize_t len) { @@ -375,7 +386,7 @@ sosend_loan(struct socket *so, struct ui for (i = 0, va = lva; i < npgs; i++, va += PAGE_SIZE) pmap_kenter_pa(va, VM_PAGE_TO_PHYS(m->m_ext.ext_pgs[i]), - VM_PROT_READ); + VM_PROT_READ, 0); pmap_update(pmap_kernel()); lva += (vaddr_t) iov->iov_base & PAGE_MASK; @@ -419,10 +430,69 @@ getsombuf(struct socket *so, int type) return m; } +static int +socket_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, + void *arg0, void *arg1, void *arg2, void *arg3) +{ + int result; + enum kauth_network_req req; + + result = KAUTH_RESULT_DEFER; + req = (enum kauth_network_req)arg0; + + if ((action != KAUTH_NETWORK_SOCKET) && + (action != KAUTH_NETWORK_BIND)) + return result; + + switch (req) { + case KAUTH_REQ_NETWORK_BIND_PORT: + result = KAUTH_RESULT_ALLOW; + break; + + case KAUTH_REQ_NETWORK_SOCKET_DROP: { + /* Normal users can only drop their own connections. */ + struct socket *so = (struct socket *)arg1; + uid_t sockuid = so->so_uidinfo->ui_uid; + + if (sockuid == kauth_cred_getuid(cred) || + sockuid == kauth_cred_geteuid(cred)) + result = KAUTH_RESULT_ALLOW; + + break; + } + + case KAUTH_REQ_NETWORK_SOCKET_OPEN: + /* We allow "raw" routing/bluetooth sockets to anyone. */ + if ((u_long)arg1 == PF_ROUTE || (u_long)arg1 == PF_BLUETOOTH) + result = KAUTH_RESULT_ALLOW; + else { + /* Privileged, let secmodel handle this. */ + if ((u_long)arg2 == SOCK_RAW) + break; + } + + result = KAUTH_RESULT_ALLOW; + + break; + + case KAUTH_REQ_NETWORK_SOCKET_CANSEE: + result = KAUTH_RESULT_ALLOW; + + break; + + default: + break; + } + + return result; +} + void soinit(void) { + sysctl_kern_somaxkva_setup(); + mutex_init(&so_pendfree_lock, MUTEX_DEFAULT, IPL_VM); softnet_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_NONE); cv_init(&socurkva_cv, "sokva"); @@ -434,6 +504,9 @@ soinit(void) callback_register(&vm_map_to_kernel(kernel_map)->vmk_reclaim_callback, &sokva_reclaimerentry, NULL, sokva_reclaim_callback); + + socket_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK, + socket_listener_cb, NULL); } /* @@ -509,6 +582,7 @@ socreate(int dom, struct socket **aso, i sofree(so); return error; } + so->so_cred = kauth_cred_dup(l->l_cred); sounlock(so); *aso = so; return 0; @@ -544,6 +618,19 @@ fsocreate(int domain, struct socket **so } int +sofamily(const struct socket *so) +{ + const struct protosw *pr; + const struct domain *dom; + + if ((pr = so->so_proto) == NULL) + return AF_UNSPEC; + if ((dom = pr->pr_domain) == NULL) + return AF_UNSPEC; + return dom->dom_family; +} + +int sobind(struct socket *so, struct mbuf *nam, struct lwp *l) { int error; @@ -614,11 +701,9 @@ sofree(struct socket *so) KASSERT(!cv_has_waiters(&so->so_snd.sb_cv)); sorflush(so); refs = so->so_aborting; /* XXX */ -#ifdef INET - /* remove acccept filter if one is present. */ + /* Remove acccept filter if one is present. */ if (so->so_accf != NULL) - do_setopt_accept_filter(so, NULL); -#endif + (void)accept_filt_clear(so); sounlock(so); if (refs == 0) /* XXX */ soput(so); @@ -639,22 +724,25 @@ soclose(struct socket *so) error = 0; solock(so); if (so->so_options & SO_ACCEPTCONN) { - do { - while ((so2 = TAILQ_FIRST(&so->so_q0)) != 0) { + for (;;) { + if ((so2 = TAILQ_FIRST(&so->so_q0)) != 0) { KASSERT(solocked2(so, so2)); (void) soqremque(so2, 0); /* soabort drops the lock. */ (void) soabort(so2); solock(so); + continue; } - while ((so2 = TAILQ_FIRST(&so->so_q)) != 0) { + if ((so2 = TAILQ_FIRST(&so->so_q)) != 0) { KASSERT(solocked2(so, so2)); (void) soqremque(so2, 1); /* soabort drops the lock. */ (void) soabort(so2); solock(so); + continue; } - } while (!TAILQ_EMPTY(&so->so_q0)); + break; + } } if (so->so_pcb == 0) goto discard; @@ -668,7 +756,7 @@ soclose(struct socket *so) if ((so->so_state & SS_ISDISCONNECTING) && so->so_nbio) goto drop; while (so->so_state & SS_ISCONNECTED) { - error = sowait(so, so->so_linger * hz); + error = sowait(so, true, so->so_linger * hz); if (error) break; } @@ -684,6 +772,7 @@ soclose(struct socket *so) discard: if (so->so_state & SS_NOFDREF) panic("soclose: NOFDREF"); + kauth_cred_free(so->so_cred); so->so_state |= SS_NOFDREF; sofree(so); return (error); @@ -816,6 +905,7 @@ sosend(struct socket *so, struct mbuf *a struct proc *p; long space, len, resid, clen, mlen; int error, s, dontroute, atomic; + short wakeup_state = 0; p = l->l_proc; sodopendfree(); @@ -890,11 +980,17 @@ sosend(struct socket *so, struct mbuf *a goto release; } sbunlock(&so->so_snd); + if (wakeup_state & SS_RESTARTSYS) { + error = ERESTART; + goto out; + } error = sbwait(&so->so_snd); if (error) goto out; + wakeup_state = so->so_state; goto restart; } + wakeup_state = 0; mp = ⊤ space -= clen; do { @@ -1070,6 +1166,7 @@ soreceive(struct socket *so, struct mbuf struct mbuf *nextrecord; int mbuf_removed = 0; const struct domain *dom; + short wakeup_state = 0; pr = so->so_proto; atomic = pr->pr_flags & PR_ATOMIC; @@ -1184,12 +1281,16 @@ soreceive(struct socket *so, struct mbuf SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 1"); SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 1"); sbunlock(&so->so_rcv); - error = sbwait(&so->so_rcv); + if (wakeup_state & SS_RESTARTSYS) + error = ERESTART; + else + error = sbwait(&so->so_rcv); if (error != 0) { sounlock(so); splx(s); return error; } + wakeup_state = so->so_state; goto restart; } dontblock: @@ -1328,6 +1429,7 @@ soreceive(struct socket *so, struct mbuf panic("receive 3"); #endif so->so_state &= ~SS_RCVATMARK; + wakeup_state = 0; len = uio->uio_resid; if (so->so_oobmark && len > so->so_oobmark - offset) len = so->so_oobmark - offset; @@ -1460,7 +1562,10 @@ soreceive(struct socket *so, struct mbuf NULL, (struct mbuf *)(long)flags, NULL, l); SBLASTRECORDCHK(&so->so_rcv, "soreceive sbwait 2"); SBLASTMBUFCHK(&so->so_rcv, "soreceive sbwait 2"); - error = sbwait(&so->so_rcv); + if (wakeup_state & SS_RESTARTSYS) + error = ERESTART; + else + error = sbwait(&so->so_rcv); if (error != 0) { sbunlock(&so->so_rcv); sounlock(so); @@ -1469,6 +1574,7 @@ soreceive(struct socket *so, struct mbuf } if ((m = so->so_rcv.sb_mb) != NULL) nextrecord = m->m_nextpkt; + wakeup_state = so->so_state; } } @@ -1536,6 +1642,25 @@ soshutdown(struct socket *so, int how) } void +sorestart(struct socket *so) +{ + /* + * An application has called close() on an fd on which another + * of its threads has called a socket system call. + * Mark this and wake everyone up, and code that would block again + * instead returns ERESTART. + * On system call re-entry the fd is validated and EBADF returned. + * Any other fd will block again on the 2nd syscall. + */ + solock(so); + so->so_state |= SS_RESTARTSYS; + cv_broadcast(&so->so_cv); + cv_broadcast(&so->so_snd.sb_cv); + cv_broadcast(&so->so_rcv.sb_cv); + sounlock(so); +} + +void sorflush(struct socket *so) { struct sockbuf *sb, asb; @@ -1570,35 +1695,33 @@ sorflush(struct socket *so) static int sosetopt1(struct socket *so, const struct sockopt *sopt) { - int error, optval; + int error = EINVAL, optval, opt; struct linger l; struct timeval tv; - switch (sopt->sopt_name) { + switch ((opt = sopt->sopt_name)) { -#ifdef INET case SO_ACCEPTFILTER: - error = do_setopt_accept_filter(so, sopt); - if (error) - return error; + error = accept_filt_setopt(so, sopt); + KASSERT(solocked(so)); break; -#endif case SO_LINGER: error = sockopt_get(sopt, &l, sizeof(l)); + solock(so); if (error) - return (error); - + break; if (l.l_linger < 0 || l.l_linger > USHRT_MAX || - l.l_linger > (INT_MAX / hz)) - return EDOM; + l.l_linger > (INT_MAX / hz)) { + error = EDOM; + break; + } so->so_linger = l.l_linger; if (l.l_onoff) so->so_options |= SO_LINGER; else so->so_options &= ~SO_LINGER; - - break; + break; case SO_DEBUG: case SO_KEEPALIVE: @@ -1609,14 +1732,17 @@ sosetopt1(struct socket *so, const struc case SO_REUSEPORT: case SO_OOBINLINE: case SO_TIMESTAMP: +#ifdef SO_OTIMESTAMP + case SO_OTIMESTAMP: +#endif error = sockopt_getint(sopt, &optval); + solock(so); if (error) - return (error); - + break; if (optval) - so->so_options |= sopt->sopt_name; + so->so_options |= opt; else - so->so_options &= ~sopt->sopt_name; + so->so_options &= ~opt; break; case SO_SNDBUF: @@ -1624,28 +1750,33 @@ sosetopt1(struct socket *so, const struc case SO_SNDLOWAT: case SO_RCVLOWAT: error = sockopt_getint(sopt, &optval); + solock(so); if (error) - return (error); + break; /* * Values < 1 make no sense for any of these * options, so disallow them. */ - if (optval < 1) - return EINVAL; + if (optval < 1) { + error = EINVAL; + break; + } - switch (sopt->sopt_name) { + switch (opt) { case SO_SNDBUF: - if (sbreserve(&so->so_snd, (u_long)optval, so) == 0) - return ENOBUFS; - + if (sbreserve(&so->so_snd, (u_long)optval, so) == 0) { + error = ENOBUFS; + break; + } so->so_snd.sb_flags &= ~SB_AUTOSIZE; break; case SO_RCVBUF: - if (sbreserve(&so->so_rcv, (u_long)optval, so) == 0) - return ENOBUFS; - + if (sbreserve(&so->so_rcv, (u_long)optval, so) == 0) { + error = ENOBUFS; + break; + } so->so_rcv.sb_flags &= ~SB_AUTOSIZE; break; @@ -1669,20 +1800,40 @@ sosetopt1(struct socket *so, const struc } break; +#ifdef COMPAT_50 + case SO_OSNDTIMEO: + case SO_ORCVTIMEO: { + struct timeval50 otv; + error = sockopt_get(sopt, &otv, sizeof(otv)); + if (error) { + solock(so); + break; + } + timeval50_to_timeval(&otv, &tv); + opt = opt == SO_OSNDTIMEO ? SO_SNDTIMEO : SO_RCVTIMEO; + error = 0; + /*FALLTHROUGH*/ + } +#endif /* COMPAT_50 */ + case SO_SNDTIMEO: case SO_RCVTIMEO: - error = sockopt_get(sopt, &tv, sizeof(tv)); if (error) - return (error); + error = sockopt_get(sopt, &tv, sizeof(tv)); + solock(so); + if (error) + break; - if (tv.tv_sec > (INT_MAX - tv.tv_usec / tick) / hz) - return EDOM; + if (tv.tv_sec > (INT_MAX - tv.tv_usec / tick) / hz) { + error = EDOM; + break; + } optval = tv.tv_sec * hz + tv.tv_usec / tick; if (optval == 0 && tv.tv_usec != 0) optval = 1; - switch (sopt->sopt_name) { + switch (opt) { case SO_SNDTIMEO: so->so_snd.sb_timeo = optval; break; @@ -1693,9 +1844,12 @@ sosetopt1(struct socket *so, const struc break; default: - return ENOPROTOOPT; + solock(so); + error = ENOPROTOOPT; + break; } - return 0; + KASSERT(solocked(so)); + return error; } int @@ -1703,11 +1857,13 @@ sosetopt(struct socket *so, struct socko { int error, prerr; - solock(so); - if (sopt->sopt_level == SOL_SOCKET) + if (sopt->sopt_level == SOL_SOCKET) { error = sosetopt1(so, sopt); - else + KASSERT(solocked(so)); + } else { error = ENOPROTOOPT; + solock(so); + } if ((error == 0 || error == ENOPROTOOPT) && so->so_proto != NULL && so->so_proto->pr_ctloutput != NULL) { @@ -1750,17 +1906,15 @@ so_setsockopt(struct lwp *l, struct sock static int sogetopt1(struct socket *so, struct sockopt *sopt) { - int error, optval; + int error, optval, opt; struct linger l; struct timeval tv; - switch (sopt->sopt_name) { + switch ((opt = sopt->sopt_name)) { -#ifdef INET case SO_ACCEPTFILTER: - error = do_getopt_accept_filter(so, sopt); + error = accept_filt_getopt(so, sopt); break; -#endif case SO_LINGER: l.l_onoff = (so->so_options & SO_LINGER) ? 1 : 0; @@ -1778,8 +1932,10 @@ sogetopt1(struct socket *so, struct sock case SO_BROADCAST: case SO_OOBINLINE: case SO_TIMESTAMP: - error = sockopt_setint(sopt, - (so->so_options & sopt->sopt_name) ? 1 : 0); +#ifdef SO_OTIMESTAMP + case SO_OTIMESTAMP: +#endif + error = sockopt_setint(sopt, (so->so_options & opt) ? 1 : 0); break; case SO_TYPE: @@ -1807,9 +1963,25 @@ sogetopt1(struct socket *so, struct sock error = sockopt_setint(sopt, so->so_rcv.sb_lowat); break; +#ifdef COMPAT_50 + case SO_OSNDTIMEO: + case SO_ORCVTIMEO: { + struct timeval50 otv; + + optval = (opt == SO_OSNDTIMEO ? + so->so_snd.sb_timeo : so->so_rcv.sb_timeo); + + otv.tv_sec = optval / hz; + otv.tv_usec = (optval % hz) * tick; + + error = sockopt_set(sopt, &otv, sizeof(otv)); + break; + } +#endif /* COMPAT_50 */ + case SO_SNDTIMEO: case SO_RCVTIMEO: - optval = (sopt->sopt_name == SO_SNDTIMEO ? + optval = (opt == SO_SNDTIMEO ? so->so_snd.sb_timeo : so->so_rcv.sb_timeo); tv.tv_sec = optval / hz; @@ -1853,22 +2025,26 @@ sogetopt(struct socket *so, struct socko * alloc sockopt data buffer buffer * - will be released at destroy */ -static void -sockopt_alloc(struct sockopt *sopt, size_t len) +static int +sockopt_alloc(struct sockopt *sopt, size_t len, km_flag_t kmflag) { KASSERT(sopt->sopt_size == 0); - if (len > sizeof(sopt->sopt_buf)) - sopt->sopt_data = malloc(len, M_SOOPTS, M_WAITOK | M_ZERO); - else + if (len > sizeof(sopt->sopt_buf)) { + sopt->sopt_data = kmem_zalloc(len, kmflag); + if (sopt->sopt_data == NULL) + return ENOMEM; + } else sopt->sopt_data = sopt->sopt_buf; sopt->sopt_size = len; + return 0; } /* * initialise sockopt storage + * - MAY sleep during allocation */ void sockopt_init(struct sockopt *sopt, int level, int name, size_t size) @@ -1878,7 +2054,7 @@ sockopt_init(struct sockopt *sopt, int l sopt->sopt_level = level; sopt->sopt_name = name; - sockopt_alloc(sopt, size); + (void)sockopt_alloc(sopt, size, KM_SLEEP); } /* @@ -1890,7 +2066,7 @@ sockopt_destroy(struct sockopt *sopt) { if (sopt->sopt_data != sopt->sopt_buf) - free(sopt->sopt_data, M_SOOPTS); + kmem_free(sopt->sopt_data, sopt->sopt_size); memset(sopt, 0, sizeof(*sopt)); } @@ -1898,14 +2074,18 @@ sockopt_destroy(struct sockopt *sopt) /* * set sockopt value * - value is copied into sockopt - * - memory is allocated when necessary + * - memory is allocated when necessary, will not sleep */ int sockopt_set(struct sockopt *sopt, const void *buf, size_t len) { + int error; - if (sopt->sopt_size == 0) - sockopt_alloc(sopt, len); + if (sopt->sopt_size == 0) { + error = sockopt_alloc(sopt, len, KM_NOSLEEP); + if (error) + return error; + } KASSERT(sopt->sopt_size == len); memcpy(sopt->sopt_data, buf, len); @@ -1951,16 +2131,21 @@ sockopt_getint(const struct sockopt *sop * set sockopt value from mbuf * - ONLY for legacy code * - mbuf is released by sockopt + * - will not sleep */ int sockopt_setmbuf(struct sockopt *sopt, struct mbuf *m) { size_t len; + int error; len = m_length(m); - if (sopt->sopt_size == 0) - sockopt_alloc(sopt, len); + if (sopt->sopt_size == 0) { + error = sockopt_alloc(sopt, len, KM_NOSLEEP); + if (error) + return error; + } KASSERT(sopt->sopt_size == len); m_copydata(m, 0, len, sopt->sopt_data); @@ -1973,23 +2158,30 @@ sockopt_setmbuf(struct sockopt *sopt, st * get sockopt value into mbuf * - ONLY for legacy code * - mbuf to be released by the caller + * - will not sleep */ struct mbuf * sockopt_getmbuf(const struct sockopt *sopt) { struct mbuf *m; - m = m_get(M_WAIT, MT_SOOPTS); - if (m == NULL) + if (sopt->sopt_size > MCLBYTES) return NULL; - m->m_len = MLEN; - m_copyback(m, 0, sopt->sopt_size, sopt->sopt_data); - if (m_length(m) != max(sopt->sopt_size, MLEN)) { - m_freem(m); + m = m_get(M_DONTWAIT, MT_SOOPTS); + if (m == NULL) return NULL; + + if (sopt->sopt_size > MLEN) { + MCLGET(m, M_DONTWAIT); + if ((m->m_flags & M_EXT) == 0) { + m_free(m); + return NULL; + } } - m->m_len = min(sopt->sopt_size, MLEN); + + memcpy(mtod(m, void *), sopt->sopt_data, sopt->sopt_size); + m->m_len = sopt->sopt_size; return m; } @@ -1999,7 +2191,7 @@ sohasoutofband(struct socket *so) { fownsignal(so->so_pgid, SIGURG, POLL_PRI, POLLPRI|POLLRDBAND, so); - selnotify(&so->so_rcv.sb_sel, POLLPRI | POLLRDBAND, 0); + selnotify(&so->so_rcv.sb_sel, POLLPRI | POLLRDBAND, NOTE_SUBMIT); } static void @@ -2230,16 +2422,18 @@ sysctl_kern_somaxkva(SYSCTLFN_ARGS) return (error); } -SYSCTL_SETUP(sysctl_kern_somaxkva_setup, "sysctl kern.somaxkva setup") +static void +sysctl_kern_somaxkva_setup(void) { - sysctl_createv(clog, 0, NULL, NULL, + KASSERT(socket_sysctllog == NULL); + sysctl_createv(&socket_sysctllog, 0, NULL, NULL, CTLFLAG_PERMANENT, CTLTYPE_NODE, "kern", NULL, NULL, 0, NULL, 0, CTL_KERN, CTL_EOL); - sysctl_createv(clog, 0, NULL, NULL, + sysctl_createv(&socket_sysctllog, 0, NULL, NULL, CTLFLAG_PERMANENT|CTLFLAG_READWRITE, CTLTYPE_INT, "somaxkva", SYSCTL_DESCR("Maximum amount of kernel memory to be "