1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1982, 1986, 1989, 1990, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * @(#)uipc_syscalls.c 8.4 (Berkeley) 2/21/94 32 */ 33 34 #include <sys/cdefs.h> 35 __FBSDID("$FreeBSD$"); 36 37 #include "opt_capsicum.h" 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 #include "opt_ktrace.h" 41 42 #include <sys/param.h> 43 #include <sys/systm.h> 44 #include <sys/capsicum.h> 45 #include <sys/kernel.h> 46 #include <sys/lock.h> 47 #include <sys/mutex.h> 48 #include <sys/sysproto.h> 49 #include <sys/malloc.h> 50 #include <sys/filedesc.h> 51 #include <sys/proc.h> 52 #include <sys/filio.h> 53 #include <sys/jail.h> 54 #include <sys/mbuf.h> 55 #include <sys/protosw.h> 56 #include <sys/rwlock.h> 57 #include <sys/socket.h> 58 #include <sys/socketvar.h> 59 #include <sys/syscallsubr.h> 60 #ifdef COMPAT_43 61 #include <sys/sysent.h> 62 #endif 63 #include <sys/uio.h> 64 #include <sys/un.h> 65 #include <sys/unpcb.h> 66 #ifdef KTRACE 67 #include <sys/ktrace.h> 68 #endif 69 #ifdef COMPAT_FREEBSD32 70 #include <compat/freebsd32/freebsd32_util.h> 71 #endif 72 73 #include <net/vnet.h> 74 75 #include <security/audit/audit.h> 76 #include <security/mac/mac_framework.h> 77 78 static int sendit(struct thread *td, int s, struct msghdr *mp, int flags); 79 static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp); 80 81 static int accept1(struct thread *td, int s, struct sockaddr *uname, 82 socklen_t *anamelen, int flags); 83 static int sockargs(struct mbuf **, char *, socklen_t, int); 84 85 /* 86 * Convert a user file descriptor to a kernel file entry and check if required 87 * capability rights are present. 88 * If required copy of current set of capability rights is returned. 89 * A reference on the file entry is held upon returning. 90 */ 91 int 92 getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp, 93 struct file **fpp, struct filecaps *havecapsp) 94 { 95 struct file *fp; 96 int error; 97 98 error = fget_cap(td, fd, rightsp, &fp, havecapsp); 99 if (__predict_false(error != 0)) 100 return (error); 101 if (__predict_false(fp->f_type != DTYPE_SOCKET)) { 102 fdrop(fp, td); 103 if (havecapsp != NULL) 104 filecaps_free(havecapsp); 105 return (ENOTSOCK); 106 } 107 *fpp = fp; 108 return (0); 109 } 110 111 int 112 getsock(struct thread *td, int fd, cap_rights_t *rightsp, struct file **fpp) 113 { 114 struct file *fp; 115 int error; 116 117 error = fget_unlocked(td, fd, rightsp, &fp); 118 if (__predict_false(error != 0)) 119 return (error); 120 if (__predict_false(fp->f_type != DTYPE_SOCKET)) { 121 fdrop(fp, td); 122 return (ENOTSOCK); 123 } 124 *fpp = fp; 125 return (0); 126 } 127 128 /* 129 * System call interface to the socket abstraction. 130 */ 131 #if defined(COMPAT_43) 132 #define COMPAT_OLDSOCK 133 #endif 134 135 int 136 sys_socket(struct thread *td, struct socket_args *uap) 137 { 138 139 return (kern_socket(td, uap->domain, uap->type, uap->protocol)); 140 } 141 142 int 143 kern_socket(struct thread *td, int domain, int type, int protocol) 144 { 145 struct socket *so; 146 struct file *fp; 147 int fd, error, oflag, fflag; 148 149 AUDIT_ARG_SOCKET(domain, type, protocol); 150 151 oflag = 0; 152 fflag = 0; 153 if ((type & SOCK_CLOEXEC) != 0) { 154 type &= ~SOCK_CLOEXEC; 155 oflag |= O_CLOEXEC; 156 } 157 if ((type & SOCK_NONBLOCK) != 0) { 158 type &= ~SOCK_NONBLOCK; 159 fflag |= FNONBLOCK; 160 } 161 162 #ifdef MAC 163 error = mac_socket_check_create(td->td_ucred, domain, type, protocol); 164 if (error != 0) 165 return (error); 166 #endif 167 error = falloc(td, &fp, &fd, oflag); 168 if (error != 0) 169 return (error); 170 /* An extra reference on `fp' has been held for us by falloc(). */ 171 error = socreate(domain, &so, type, protocol, td->td_ucred, td); 172 if (error != 0) { 173 fdclose(td, fp, fd); 174 } else { 175 finit(fp, FREAD | FWRITE | fflag, DTYPE_SOCKET, so, &socketops); 176 if ((fflag & FNONBLOCK) != 0) 177 (void) fo_ioctl(fp, FIONBIO, &fflag, td->td_ucred, td); 178 td->td_retval[0] = fd; 179 } 180 fdrop(fp, td); 181 return (error); 182 } 183 184 int 185 sys_bind(struct thread *td, struct bind_args *uap) 186 { 187 struct sockaddr *sa; 188 int error; 189 190 error = getsockaddr(&sa, uap->name, uap->namelen); 191 if (error == 0) { 192 error = kern_bindat(td, AT_FDCWD, uap->s, sa); 193 free(sa, M_SONAME); 194 } 195 return (error); 196 } 197 198 int 199 kern_bindat(struct thread *td, int dirfd, int fd, struct sockaddr *sa) 200 { 201 struct socket *so; 202 struct file *fp; 203 int error; 204 205 #ifdef CAPABILITY_MODE 206 if (IN_CAPABILITY_MODE(td) && (dirfd == AT_FDCWD)) 207 return (ECAPMODE); 208 #endif 209 210 AUDIT_ARG_FD(fd); 211 AUDIT_ARG_SOCKADDR(td, dirfd, sa); 212 error = getsock(td, fd, &cap_bind_rights, &fp); 213 if (error != 0) 214 return (error); 215 so = fp->f_data; 216 #ifdef KTRACE 217 if (KTRPOINT(td, KTR_STRUCT)) 218 ktrsockaddr(sa); 219 #endif 220 #ifdef MAC 221 error = mac_socket_check_bind(td->td_ucred, so, sa); 222 if (error == 0) { 223 #endif 224 if (dirfd == AT_FDCWD) 225 error = sobind(so, sa, td); 226 else 227 error = sobindat(dirfd, so, sa, td); 228 #ifdef MAC 229 } 230 #endif 231 fdrop(fp, td); 232 return (error); 233 } 234 235 int 236 sys_bindat(struct thread *td, struct bindat_args *uap) 237 { 238 struct sockaddr *sa; 239 int error; 240 241 error = getsockaddr(&sa, uap->name, uap->namelen); 242 if (error == 0) { 243 error = kern_bindat(td, uap->fd, uap->s, sa); 244 free(sa, M_SONAME); 245 } 246 return (error); 247 } 248 249 int 250 sys_listen(struct thread *td, struct listen_args *uap) 251 { 252 253 return (kern_listen(td, uap->s, uap->backlog)); 254 } 255 256 int 257 kern_listen(struct thread *td, int s, int backlog) 258 { 259 struct socket *so; 260 struct file *fp; 261 int error; 262 263 AUDIT_ARG_FD(s); 264 error = getsock(td, s, &cap_listen_rights, &fp); 265 if (error == 0) { 266 so = fp->f_data; 267 #ifdef MAC 268 error = mac_socket_check_listen(td->td_ucred, so); 269 if (error == 0) 270 #endif 271 error = solisten(so, backlog, td); 272 fdrop(fp, td); 273 } 274 return (error); 275 } 276 277 /* 278 * accept1() 279 */ 280 static int 281 accept1(td, s, uname, anamelen, flags) 282 struct thread *td; 283 int s; 284 struct sockaddr *uname; 285 socklen_t *anamelen; 286 int flags; 287 { 288 struct sockaddr *name; 289 socklen_t namelen; 290 struct file *fp; 291 int error; 292 293 if (uname == NULL) 294 return (kern_accept4(td, s, NULL, NULL, flags, NULL)); 295 296 error = copyin(anamelen, &namelen, sizeof (namelen)); 297 if (error != 0) 298 return (error); 299 300 error = kern_accept4(td, s, &name, &namelen, flags, &fp); 301 302 if (error != 0) 303 return (error); 304 305 if (error == 0 && uname != NULL) { 306 #ifdef COMPAT_OLDSOCK 307 if (SV_PROC_FLAG(td->td_proc, SV_AOUT) && 308 (flags & ACCEPT4_COMPAT) != 0) 309 ((struct osockaddr *)name)->sa_family = 310 name->sa_family; 311 #endif 312 error = copyout(name, uname, namelen); 313 } 314 if (error == 0) 315 error = copyout(&namelen, anamelen, 316 sizeof(namelen)); 317 if (error != 0) 318 fdclose(td, fp, td->td_retval[0]); 319 fdrop(fp, td); 320 free(name, M_SONAME); 321 return (error); 322 } 323 324 int 325 kern_accept(struct thread *td, int s, struct sockaddr **name, 326 socklen_t *namelen, struct file **fp) 327 { 328 return (kern_accept4(td, s, name, namelen, ACCEPT4_INHERIT, fp)); 329 } 330 331 int 332 kern_accept4(struct thread *td, int s, struct sockaddr **name, 333 socklen_t *namelen, int flags, struct file **fp) 334 { 335 struct file *headfp, *nfp = NULL; 336 struct sockaddr *sa = NULL; 337 struct socket *head, *so; 338 struct filecaps fcaps; 339 u_int fflag; 340 pid_t pgid; 341 int error, fd, tmp; 342 343 if (name != NULL) 344 *name = NULL; 345 346 AUDIT_ARG_FD(s); 347 error = getsock_cap(td, s, &cap_accept_rights, 348 &headfp, &fcaps); 349 if (error != 0) 350 return (error); 351 fflag = atomic_load_int(&headfp->f_flag); 352 head = headfp->f_data; 353 if (!SOLISTENING(head)) { 354 error = EINVAL; 355 goto done; 356 } 357 #ifdef MAC 358 error = mac_socket_check_accept(td->td_ucred, head); 359 if (error != 0) 360 goto done; 361 #endif 362 error = falloc_caps(td, &nfp, &fd, 363 (flags & SOCK_CLOEXEC) ? O_CLOEXEC : 0, &fcaps); 364 if (error != 0) 365 goto done; 366 SOCK_LOCK(head); 367 if (!SOLISTENING(head)) { 368 SOCK_UNLOCK(head); 369 error = EINVAL; 370 goto noconnection; 371 } 372 373 error = solisten_dequeue(head, &so, flags); 374 if (error != 0) 375 goto noconnection; 376 377 /* An extra reference on `nfp' has been held for us by falloc(). */ 378 td->td_retval[0] = fd; 379 380 /* Connection has been removed from the listen queue. */ 381 KNOTE_UNLOCKED(&head->so_rdsel.si_note, 0); 382 383 if (flags & ACCEPT4_INHERIT) { 384 pgid = fgetown(&head->so_sigio); 385 if (pgid != 0) 386 fsetown(pgid, &so->so_sigio); 387 } else { 388 fflag &= ~(FNONBLOCK | FASYNC); 389 if (flags & SOCK_NONBLOCK) 390 fflag |= FNONBLOCK; 391 } 392 393 finit(nfp, fflag, DTYPE_SOCKET, so, &socketops); 394 /* Sync socket nonblocking/async state with file flags */ 395 tmp = fflag & FNONBLOCK; 396 (void) fo_ioctl(nfp, FIONBIO, &tmp, td->td_ucred, td); 397 tmp = fflag & FASYNC; 398 (void) fo_ioctl(nfp, FIOASYNC, &tmp, td->td_ucred, td); 399 error = soaccept(so, &sa); 400 if (error != 0) 401 goto noconnection; 402 if (sa == NULL) { 403 if (name) 404 *namelen = 0; 405 goto done; 406 } 407 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, sa); 408 if (name) { 409 /* check sa_len before it is destroyed */ 410 if (*namelen > sa->sa_len) 411 *namelen = sa->sa_len; 412 #ifdef KTRACE 413 if (KTRPOINT(td, KTR_STRUCT)) 414 ktrsockaddr(sa); 415 #endif 416 *name = sa; 417 sa = NULL; 418 } 419 noconnection: 420 free(sa, M_SONAME); 421 422 /* 423 * close the new descriptor, assuming someone hasn't ripped it 424 * out from under us. 425 */ 426 if (error != 0) 427 fdclose(td, nfp, fd); 428 429 /* 430 * Release explicitly held references before returning. We return 431 * a reference on nfp to the caller on success if they request it. 432 */ 433 done: 434 if (nfp == NULL) 435 filecaps_free(&fcaps); 436 if (fp != NULL) { 437 if (error == 0) { 438 *fp = nfp; 439 nfp = NULL; 440 } else 441 *fp = NULL; 442 } 443 if (nfp != NULL) 444 fdrop(nfp, td); 445 fdrop(headfp, td); 446 return (error); 447 } 448 449 int 450 sys_accept(td, uap) 451 struct thread *td; 452 struct accept_args *uap; 453 { 454 455 return (accept1(td, uap->s, uap->name, uap->anamelen, ACCEPT4_INHERIT)); 456 } 457 458 int 459 sys_accept4(td, uap) 460 struct thread *td; 461 struct accept4_args *uap; 462 { 463 464 if (uap->flags & ~(SOCK_CLOEXEC | SOCK_NONBLOCK)) 465 return (EINVAL); 466 467 return (accept1(td, uap->s, uap->name, uap->anamelen, uap->flags)); 468 } 469 470 #ifdef COMPAT_OLDSOCK 471 int 472 oaccept(struct thread *td, struct oaccept_args *uap) 473 { 474 475 return (accept1(td, uap->s, uap->name, uap->anamelen, 476 ACCEPT4_INHERIT | ACCEPT4_COMPAT)); 477 } 478 #endif /* COMPAT_OLDSOCK */ 479 480 int 481 sys_connect(struct thread *td, struct connect_args *uap) 482 { 483 struct sockaddr *sa; 484 int error; 485 486 error = getsockaddr(&sa, uap->name, uap->namelen); 487 if (error == 0) { 488 error = kern_connectat(td, AT_FDCWD, uap->s, sa); 489 free(sa, M_SONAME); 490 } 491 return (error); 492 } 493 494 int 495 kern_connectat(struct thread *td, int dirfd, int fd, struct sockaddr *sa) 496 { 497 struct socket *so; 498 struct file *fp; 499 int error; 500 501 #ifdef CAPABILITY_MODE 502 if (IN_CAPABILITY_MODE(td) && (dirfd == AT_FDCWD)) 503 return (ECAPMODE); 504 #endif 505 506 AUDIT_ARG_FD(fd); 507 AUDIT_ARG_SOCKADDR(td, dirfd, sa); 508 error = getsock(td, fd, &cap_connect_rights, &fp); 509 if (error != 0) 510 return (error); 511 so = fp->f_data; 512 if (so->so_state & SS_ISCONNECTING) { 513 error = EALREADY; 514 goto done1; 515 } 516 #ifdef KTRACE 517 if (KTRPOINT(td, KTR_STRUCT)) 518 ktrsockaddr(sa); 519 #endif 520 #ifdef MAC 521 error = mac_socket_check_connect(td->td_ucred, so, sa); 522 if (error != 0) 523 goto bad; 524 #endif 525 error = soconnectat(dirfd, so, sa, td); 526 if (error != 0) 527 goto bad; 528 if ((so->so_state & SS_NBIO) && (so->so_state & SS_ISCONNECTING)) { 529 error = EINPROGRESS; 530 goto done1; 531 } 532 SOCK_LOCK(so); 533 while ((so->so_state & SS_ISCONNECTING) && so->so_error == 0) { 534 error = msleep(&so->so_timeo, &so->so_lock, PSOCK | PCATCH, 535 "connec", 0); 536 if (error != 0) 537 break; 538 } 539 if (error == 0) { 540 error = so->so_error; 541 so->so_error = 0; 542 } 543 SOCK_UNLOCK(so); 544 bad: 545 if (error == ERESTART) 546 error = EINTR; 547 done1: 548 fdrop(fp, td); 549 return (error); 550 } 551 552 int 553 sys_connectat(struct thread *td, struct connectat_args *uap) 554 { 555 struct sockaddr *sa; 556 int error; 557 558 error = getsockaddr(&sa, uap->name, uap->namelen); 559 if (error == 0) { 560 error = kern_connectat(td, uap->fd, uap->s, sa); 561 free(sa, M_SONAME); 562 } 563 return (error); 564 } 565 566 int 567 kern_socketpair(struct thread *td, int domain, int type, int protocol, 568 int *rsv) 569 { 570 struct file *fp1, *fp2; 571 struct socket *so1, *so2; 572 int fd, error, oflag, fflag; 573 574 AUDIT_ARG_SOCKET(domain, type, protocol); 575 576 oflag = 0; 577 fflag = 0; 578 if ((type & SOCK_CLOEXEC) != 0) { 579 type &= ~SOCK_CLOEXEC; 580 oflag |= O_CLOEXEC; 581 } 582 if ((type & SOCK_NONBLOCK) != 0) { 583 type &= ~SOCK_NONBLOCK; 584 fflag |= FNONBLOCK; 585 } 586 #ifdef MAC 587 /* We might want to have a separate check for socket pairs. */ 588 error = mac_socket_check_create(td->td_ucred, domain, type, 589 protocol); 590 if (error != 0) 591 return (error); 592 #endif 593 error = socreate(domain, &so1, type, protocol, td->td_ucred, td); 594 if (error != 0) 595 return (error); 596 error = socreate(domain, &so2, type, protocol, td->td_ucred, td); 597 if (error != 0) 598 goto free1; 599 /* On success extra reference to `fp1' and 'fp2' is set by falloc. */ 600 error = falloc(td, &fp1, &fd, oflag); 601 if (error != 0) 602 goto free2; 603 rsv[0] = fd; 604 fp1->f_data = so1; /* so1 already has ref count */ 605 error = falloc(td, &fp2, &fd, oflag); 606 if (error != 0) 607 goto free3; 608 fp2->f_data = so2; /* so2 already has ref count */ 609 rsv[1] = fd; 610 error = soconnect2(so1, so2); 611 if (error != 0) 612 goto free4; 613 if (type == SOCK_DGRAM) { 614 /* 615 * Datagram socket connection is asymmetric. 616 */ 617 error = soconnect2(so2, so1); 618 if (error != 0) 619 goto free4; 620 } else if (so1->so_proto->pr_flags & PR_CONNREQUIRED) { 621 struct unpcb *unp, *unp2; 622 unp = sotounpcb(so1); 623 unp2 = sotounpcb(so2); 624 /* 625 * No need to lock the unps, because the sockets are brand-new. 626 * No other threads can be using them yet 627 */ 628 unp_copy_peercred(td, unp, unp2, unp); 629 } 630 finit(fp1, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp1->f_data, 631 &socketops); 632 finit(fp2, FREAD | FWRITE | fflag, DTYPE_SOCKET, fp2->f_data, 633 &socketops); 634 if ((fflag & FNONBLOCK) != 0) { 635 (void) fo_ioctl(fp1, FIONBIO, &fflag, td->td_ucred, td); 636 (void) fo_ioctl(fp2, FIONBIO, &fflag, td->td_ucred, td); 637 } 638 fdrop(fp1, td); 639 fdrop(fp2, td); 640 return (0); 641 free4: 642 fdclose(td, fp2, rsv[1]); 643 fdrop(fp2, td); 644 free3: 645 fdclose(td, fp1, rsv[0]); 646 fdrop(fp1, td); 647 free2: 648 if (so2 != NULL) 649 (void)soclose(so2); 650 free1: 651 if (so1 != NULL) 652 (void)soclose(so1); 653 return (error); 654 } 655 656 int 657 sys_socketpair(struct thread *td, struct socketpair_args *uap) 658 { 659 int error, sv[2]; 660 661 error = kern_socketpair(td, uap->domain, uap->type, 662 uap->protocol, sv); 663 if (error != 0) 664 return (error); 665 error = copyout(sv, uap->rsv, 2 * sizeof(int)); 666 if (error != 0) { 667 (void)kern_close(td, sv[0]); 668 (void)kern_close(td, sv[1]); 669 } 670 return (error); 671 } 672 673 static int 674 sendit(struct thread *td, int s, struct msghdr *mp, int flags) 675 { 676 struct mbuf *control; 677 struct sockaddr *to; 678 int error; 679 680 #ifdef CAPABILITY_MODE 681 if (IN_CAPABILITY_MODE(td) && (mp->msg_name != NULL)) 682 return (ECAPMODE); 683 #endif 684 685 if (mp->msg_name != NULL) { 686 error = getsockaddr(&to, mp->msg_name, mp->msg_namelen); 687 if (error != 0) { 688 to = NULL; 689 goto bad; 690 } 691 mp->msg_name = to; 692 } else { 693 to = NULL; 694 } 695 696 if (mp->msg_control) { 697 if (mp->msg_controllen < sizeof(struct cmsghdr) 698 #ifdef COMPAT_OLDSOCK 699 && (mp->msg_flags != MSG_COMPAT || 700 !SV_PROC_FLAG(td->td_proc, SV_AOUT)) 701 #endif 702 ) { 703 error = EINVAL; 704 goto bad; 705 } 706 error = sockargs(&control, mp->msg_control, 707 mp->msg_controllen, MT_CONTROL); 708 if (error != 0) 709 goto bad; 710 #ifdef COMPAT_OLDSOCK 711 if (mp->msg_flags == MSG_COMPAT && 712 SV_PROC_FLAG(td->td_proc, SV_AOUT)) { 713 struct cmsghdr *cm; 714 715 M_PREPEND(control, sizeof(*cm), M_WAITOK); 716 cm = mtod(control, struct cmsghdr *); 717 cm->cmsg_len = control->m_len; 718 cm->cmsg_level = SOL_SOCKET; 719 cm->cmsg_type = SCM_RIGHTS; 720 } 721 #endif 722 } else { 723 control = NULL; 724 } 725 726 error = kern_sendit(td, s, mp, flags, control, UIO_USERSPACE); 727 728 bad: 729 free(to, M_SONAME); 730 return (error); 731 } 732 733 int 734 kern_sendit(struct thread *td, int s, struct msghdr *mp, int flags, 735 struct mbuf *control, enum uio_seg segflg) 736 { 737 struct file *fp; 738 struct uio auio; 739 struct iovec *iov; 740 struct socket *so; 741 cap_rights_t *rights; 742 #ifdef KTRACE 743 struct uio *ktruio = NULL; 744 #endif 745 ssize_t len; 746 int i, error; 747 748 AUDIT_ARG_FD(s); 749 rights = &cap_send_rights; 750 if (mp->msg_name != NULL) { 751 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, mp->msg_name); 752 rights = &cap_send_connect_rights; 753 } 754 error = getsock(td, s, rights, &fp); 755 if (error != 0) { 756 m_freem(control); 757 return (error); 758 } 759 so = (struct socket *)fp->f_data; 760 761 #ifdef KTRACE 762 if (mp->msg_name != NULL && KTRPOINT(td, KTR_STRUCT)) 763 ktrsockaddr(mp->msg_name); 764 #endif 765 #ifdef MAC 766 if (mp->msg_name != NULL) { 767 error = mac_socket_check_connect(td->td_ucred, so, 768 mp->msg_name); 769 if (error != 0) { 770 m_freem(control); 771 goto bad; 772 } 773 } 774 error = mac_socket_check_send(td->td_ucred, so); 775 if (error != 0) { 776 m_freem(control); 777 goto bad; 778 } 779 #endif 780 781 auio.uio_iov = mp->msg_iov; 782 auio.uio_iovcnt = mp->msg_iovlen; 783 auio.uio_segflg = segflg; 784 auio.uio_rw = UIO_WRITE; 785 auio.uio_td = td; 786 auio.uio_offset = 0; /* XXX */ 787 auio.uio_resid = 0; 788 iov = mp->msg_iov; 789 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 790 if ((auio.uio_resid += iov->iov_len) < 0) { 791 error = EINVAL; 792 m_freem(control); 793 goto bad; 794 } 795 } 796 #ifdef KTRACE 797 if (KTRPOINT(td, KTR_GENIO)) 798 ktruio = cloneuio(&auio); 799 #endif 800 len = auio.uio_resid; 801 error = sosend(so, mp->msg_name, &auio, 0, control, flags, td); 802 if (error != 0) { 803 if (auio.uio_resid != len && 804 (so->so_proto->pr_flags & PR_ATOMIC) == 0 && 805 (error == ERESTART || error == EINTR || 806 error == EWOULDBLOCK)) 807 error = 0; 808 /* Generation of SIGPIPE can be controlled per socket */ 809 if (error == EPIPE && !(so->so_options & SO_NOSIGPIPE) && 810 !(flags & MSG_NOSIGNAL)) { 811 PROC_LOCK(td->td_proc); 812 tdsignal(td, SIGPIPE); 813 PROC_UNLOCK(td->td_proc); 814 } 815 } 816 if (error == 0) 817 td->td_retval[0] = len - auio.uio_resid; 818 #ifdef KTRACE 819 if (ktruio != NULL) { 820 ktruio->uio_resid = td->td_retval[0]; 821 ktrgenio(s, UIO_WRITE, ktruio, error); 822 } 823 #endif 824 bad: 825 fdrop(fp, td); 826 return (error); 827 } 828 829 int 830 sys_sendto(struct thread *td, struct sendto_args *uap) 831 { 832 struct msghdr msg; 833 struct iovec aiov; 834 835 msg.msg_name = __DECONST(void *, uap->to); 836 msg.msg_namelen = uap->tolen; 837 msg.msg_iov = &aiov; 838 msg.msg_iovlen = 1; 839 msg.msg_control = 0; 840 #ifdef COMPAT_OLDSOCK 841 if (SV_PROC_FLAG(td->td_proc, SV_AOUT)) 842 msg.msg_flags = 0; 843 #endif 844 aiov.iov_base = __DECONST(void *, uap->buf); 845 aiov.iov_len = uap->len; 846 return (sendit(td, uap->s, &msg, uap->flags)); 847 } 848 849 #ifdef COMPAT_OLDSOCK 850 int 851 osend(struct thread *td, struct osend_args *uap) 852 { 853 struct msghdr msg; 854 struct iovec aiov; 855 856 msg.msg_name = 0; 857 msg.msg_namelen = 0; 858 msg.msg_iov = &aiov; 859 msg.msg_iovlen = 1; 860 aiov.iov_base = __DECONST(void *, uap->buf); 861 aiov.iov_len = uap->len; 862 msg.msg_control = 0; 863 msg.msg_flags = 0; 864 return (sendit(td, uap->s, &msg, uap->flags)); 865 } 866 867 int 868 osendmsg(struct thread *td, struct osendmsg_args *uap) 869 { 870 struct msghdr msg; 871 struct iovec *iov; 872 int error; 873 874 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 875 if (error != 0) 876 return (error); 877 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 878 if (error != 0) 879 return (error); 880 msg.msg_iov = iov; 881 msg.msg_flags = MSG_COMPAT; 882 error = sendit(td, uap->s, &msg, uap->flags); 883 free(iov, M_IOV); 884 return (error); 885 } 886 #endif 887 888 int 889 sys_sendmsg(struct thread *td, struct sendmsg_args *uap) 890 { 891 struct msghdr msg; 892 struct iovec *iov; 893 int error; 894 895 error = copyin(uap->msg, &msg, sizeof (msg)); 896 if (error != 0) 897 return (error); 898 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 899 if (error != 0) 900 return (error); 901 msg.msg_iov = iov; 902 #ifdef COMPAT_OLDSOCK 903 if (SV_PROC_FLAG(td->td_proc, SV_AOUT)) 904 msg.msg_flags = 0; 905 #endif 906 error = sendit(td, uap->s, &msg, uap->flags); 907 free(iov, M_IOV); 908 return (error); 909 } 910 911 int 912 kern_recvit(struct thread *td, int s, struct msghdr *mp, enum uio_seg fromseg, 913 struct mbuf **controlp) 914 { 915 struct uio auio; 916 struct iovec *iov; 917 struct mbuf *control, *m; 918 caddr_t ctlbuf; 919 struct file *fp; 920 struct socket *so; 921 struct sockaddr *fromsa = NULL; 922 #ifdef KTRACE 923 struct uio *ktruio = NULL; 924 #endif 925 ssize_t len; 926 int error, i; 927 928 if (controlp != NULL) 929 *controlp = NULL; 930 931 AUDIT_ARG_FD(s); 932 error = getsock(td, s, &cap_recv_rights, &fp); 933 if (error != 0) 934 return (error); 935 so = fp->f_data; 936 937 #ifdef MAC 938 error = mac_socket_check_receive(td->td_ucred, so); 939 if (error != 0) { 940 fdrop(fp, td); 941 return (error); 942 } 943 #endif 944 945 auio.uio_iov = mp->msg_iov; 946 auio.uio_iovcnt = mp->msg_iovlen; 947 auio.uio_segflg = UIO_USERSPACE; 948 auio.uio_rw = UIO_READ; 949 auio.uio_td = td; 950 auio.uio_offset = 0; /* XXX */ 951 auio.uio_resid = 0; 952 iov = mp->msg_iov; 953 for (i = 0; i < mp->msg_iovlen; i++, iov++) { 954 if ((auio.uio_resid += iov->iov_len) < 0) { 955 fdrop(fp, td); 956 return (EINVAL); 957 } 958 } 959 #ifdef KTRACE 960 if (KTRPOINT(td, KTR_GENIO)) 961 ktruio = cloneuio(&auio); 962 #endif 963 control = NULL; 964 len = auio.uio_resid; 965 error = soreceive(so, &fromsa, &auio, NULL, 966 (mp->msg_control || controlp) ? &control : NULL, 967 &mp->msg_flags); 968 if (error != 0) { 969 if (auio.uio_resid != len && (error == ERESTART || 970 error == EINTR || error == EWOULDBLOCK)) 971 error = 0; 972 } 973 if (fromsa != NULL) 974 AUDIT_ARG_SOCKADDR(td, AT_FDCWD, fromsa); 975 #ifdef KTRACE 976 if (ktruio != NULL) { 977 ktruio->uio_resid = len - auio.uio_resid; 978 ktrgenio(s, UIO_READ, ktruio, error); 979 } 980 #endif 981 if (error != 0) 982 goto out; 983 td->td_retval[0] = len - auio.uio_resid; 984 if (mp->msg_name) { 985 len = mp->msg_namelen; 986 if (len <= 0 || fromsa == NULL) 987 len = 0; 988 else { 989 /* save sa_len before it is destroyed by MSG_COMPAT */ 990 len = MIN(len, fromsa->sa_len); 991 #ifdef COMPAT_OLDSOCK 992 if ((mp->msg_flags & MSG_COMPAT) != 0 && 993 SV_PROC_FLAG(td->td_proc, SV_AOUT)) 994 ((struct osockaddr *)fromsa)->sa_family = 995 fromsa->sa_family; 996 #endif 997 if (fromseg == UIO_USERSPACE) { 998 error = copyout(fromsa, mp->msg_name, 999 (unsigned)len); 1000 if (error != 0) 1001 goto out; 1002 } else 1003 bcopy(fromsa, mp->msg_name, len); 1004 } 1005 mp->msg_namelen = len; 1006 } 1007 if (mp->msg_control && controlp == NULL) { 1008 #ifdef COMPAT_OLDSOCK 1009 /* 1010 * We assume that old recvmsg calls won't receive access 1011 * rights and other control info, esp. as control info 1012 * is always optional and those options didn't exist in 4.3. 1013 * If we receive rights, trim the cmsghdr; anything else 1014 * is tossed. 1015 */ 1016 if (control && (mp->msg_flags & MSG_COMPAT) != 0 && 1017 SV_PROC_FLAG(td->td_proc, SV_AOUT)) { 1018 if (mtod(control, struct cmsghdr *)->cmsg_level != 1019 SOL_SOCKET || 1020 mtod(control, struct cmsghdr *)->cmsg_type != 1021 SCM_RIGHTS) { 1022 mp->msg_controllen = 0; 1023 goto out; 1024 } 1025 control->m_len -= sizeof (struct cmsghdr); 1026 control->m_data += sizeof (struct cmsghdr); 1027 } 1028 #endif 1029 ctlbuf = mp->msg_control; 1030 len = mp->msg_controllen; 1031 mp->msg_controllen = 0; 1032 for (m = control; m != NULL && len >= m->m_len; m = m->m_next) { 1033 if ((error = copyout(mtod(m, caddr_t), ctlbuf, 1034 m->m_len)) != 0) 1035 goto out; 1036 1037 ctlbuf += m->m_len; 1038 len -= m->m_len; 1039 mp->msg_controllen += m->m_len; 1040 } 1041 if (m != NULL) { 1042 mp->msg_flags |= MSG_CTRUNC; 1043 m_dispose_extcontrolm(m); 1044 } 1045 } 1046 out: 1047 fdrop(fp, td); 1048 #ifdef KTRACE 1049 if (fromsa && KTRPOINT(td, KTR_STRUCT)) 1050 ktrsockaddr(fromsa); 1051 #endif 1052 free(fromsa, M_SONAME); 1053 1054 if (error == 0 && controlp != NULL) 1055 *controlp = control; 1056 else if (control != NULL) { 1057 if (error != 0) 1058 m_dispose_extcontrolm(control); 1059 m_freem(control); 1060 } 1061 1062 return (error); 1063 } 1064 1065 static int 1066 recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp) 1067 { 1068 int error; 1069 1070 error = kern_recvit(td, s, mp, UIO_USERSPACE, NULL); 1071 if (error != 0) 1072 return (error); 1073 if (namelenp != NULL) { 1074 error = copyout(&mp->msg_namelen, namelenp, sizeof (socklen_t)); 1075 #ifdef COMPAT_OLDSOCK 1076 if ((mp->msg_flags & MSG_COMPAT) != 0 && 1077 SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1078 error = 0; /* old recvfrom didn't check */ 1079 #endif 1080 } 1081 return (error); 1082 } 1083 1084 static int 1085 kern_recvfrom(struct thread *td, int s, void *buf, size_t len, int flags, 1086 struct sockaddr *from, socklen_t *fromlenaddr) 1087 { 1088 struct msghdr msg; 1089 struct iovec aiov; 1090 int error; 1091 1092 if (fromlenaddr != NULL) { 1093 error = copyin(fromlenaddr, &msg.msg_namelen, 1094 sizeof (msg.msg_namelen)); 1095 if (error != 0) 1096 goto done2; 1097 } else { 1098 msg.msg_namelen = 0; 1099 } 1100 msg.msg_name = from; 1101 msg.msg_iov = &aiov; 1102 msg.msg_iovlen = 1; 1103 aiov.iov_base = buf; 1104 aiov.iov_len = len; 1105 msg.msg_control = 0; 1106 msg.msg_flags = flags; 1107 error = recvit(td, s, &msg, fromlenaddr); 1108 done2: 1109 return (error); 1110 } 1111 1112 int 1113 sys_recvfrom(struct thread *td, struct recvfrom_args *uap) 1114 { 1115 return (kern_recvfrom(td, uap->s, uap->buf, uap->len, 1116 uap->flags, uap->from, uap->fromlenaddr)); 1117 } 1118 1119 1120 #ifdef COMPAT_OLDSOCK 1121 int 1122 orecvfrom(struct thread *td, struct orecvfrom_args *uap) 1123 { 1124 return (kern_recvfrom(td, uap->s, uap->buf, uap->len, 1125 uap->flags | MSG_COMPAT, uap->from, uap->fromlenaddr)); 1126 } 1127 #endif 1128 1129 #ifdef COMPAT_OLDSOCK 1130 int 1131 orecv(struct thread *td, struct orecv_args *uap) 1132 { 1133 struct msghdr msg; 1134 struct iovec aiov; 1135 1136 msg.msg_name = 0; 1137 msg.msg_namelen = 0; 1138 msg.msg_iov = &aiov; 1139 msg.msg_iovlen = 1; 1140 aiov.iov_base = uap->buf; 1141 aiov.iov_len = uap->len; 1142 msg.msg_control = 0; 1143 msg.msg_flags = uap->flags; 1144 return (recvit(td, uap->s, &msg, NULL)); 1145 } 1146 1147 /* 1148 * Old recvmsg. This code takes advantage of the fact that the old msghdr 1149 * overlays the new one, missing only the flags, and with the (old) access 1150 * rights where the control fields are now. 1151 */ 1152 int 1153 orecvmsg(struct thread *td, struct orecvmsg_args *uap) 1154 { 1155 struct msghdr msg; 1156 struct iovec *iov; 1157 int error; 1158 1159 error = copyin(uap->msg, &msg, sizeof (struct omsghdr)); 1160 if (error != 0) 1161 return (error); 1162 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1163 if (error != 0) 1164 return (error); 1165 msg.msg_flags = uap->flags | MSG_COMPAT; 1166 msg.msg_iov = iov; 1167 error = recvit(td, uap->s, &msg, &uap->msg->msg_namelen); 1168 if (msg.msg_controllen && error == 0) 1169 error = copyout(&msg.msg_controllen, 1170 &uap->msg->msg_accrightslen, sizeof (int)); 1171 free(iov, M_IOV); 1172 return (error); 1173 } 1174 #endif 1175 1176 int 1177 sys_recvmsg(struct thread *td, struct recvmsg_args *uap) 1178 { 1179 struct msghdr msg; 1180 struct iovec *uiov, *iov; 1181 int error; 1182 1183 error = copyin(uap->msg, &msg, sizeof (msg)); 1184 if (error != 0) 1185 return (error); 1186 error = copyiniov(msg.msg_iov, msg.msg_iovlen, &iov, EMSGSIZE); 1187 if (error != 0) 1188 return (error); 1189 msg.msg_flags = uap->flags; 1190 #ifdef COMPAT_OLDSOCK 1191 if (SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1192 msg.msg_flags &= ~MSG_COMPAT; 1193 #endif 1194 uiov = msg.msg_iov; 1195 msg.msg_iov = iov; 1196 error = recvit(td, uap->s, &msg, NULL); 1197 if (error == 0) { 1198 msg.msg_iov = uiov; 1199 error = copyout(&msg, uap->msg, sizeof(msg)); 1200 } 1201 free(iov, M_IOV); 1202 return (error); 1203 } 1204 1205 int 1206 sys_shutdown(struct thread *td, struct shutdown_args *uap) 1207 { 1208 1209 return (kern_shutdown(td, uap->s, uap->how)); 1210 } 1211 1212 int 1213 kern_shutdown(struct thread *td, int s, int how) 1214 { 1215 struct socket *so; 1216 struct file *fp; 1217 int error; 1218 1219 AUDIT_ARG_FD(s); 1220 error = getsock(td, s, &cap_shutdown_rights, &fp); 1221 if (error == 0) { 1222 so = fp->f_data; 1223 error = soshutdown(so, how); 1224 /* 1225 * Previous versions did not return ENOTCONN, but 0 in 1226 * case the socket was not connected. Some important 1227 * programs like syslogd up to r279016, 2015-02-19, 1228 * still depend on this behavior. 1229 */ 1230 if (error == ENOTCONN && 1231 td->td_proc->p_osrel < P_OSREL_SHUTDOWN_ENOTCONN) 1232 error = 0; 1233 fdrop(fp, td); 1234 } 1235 return (error); 1236 } 1237 1238 int 1239 sys_setsockopt(struct thread *td, struct setsockopt_args *uap) 1240 { 1241 1242 return (kern_setsockopt(td, uap->s, uap->level, uap->name, 1243 uap->val, UIO_USERSPACE, uap->valsize)); 1244 } 1245 1246 int 1247 kern_setsockopt(struct thread *td, int s, int level, int name, const void *val, 1248 enum uio_seg valseg, socklen_t valsize) 1249 { 1250 struct socket *so; 1251 struct file *fp; 1252 struct sockopt sopt; 1253 int error; 1254 1255 if (val == NULL && valsize != 0) 1256 return (EFAULT); 1257 if ((int)valsize < 0) 1258 return (EINVAL); 1259 1260 sopt.sopt_dir = SOPT_SET; 1261 sopt.sopt_level = level; 1262 sopt.sopt_name = name; 1263 sopt.sopt_val = __DECONST(void *, val); 1264 sopt.sopt_valsize = valsize; 1265 switch (valseg) { 1266 case UIO_USERSPACE: 1267 sopt.sopt_td = td; 1268 break; 1269 case UIO_SYSSPACE: 1270 sopt.sopt_td = NULL; 1271 break; 1272 default: 1273 panic("kern_setsockopt called with bad valseg"); 1274 } 1275 1276 AUDIT_ARG_FD(s); 1277 error = getsock(td, s, &cap_setsockopt_rights, &fp); 1278 if (error == 0) { 1279 so = fp->f_data; 1280 error = sosetopt(so, &sopt); 1281 fdrop(fp, td); 1282 } 1283 return(error); 1284 } 1285 1286 int 1287 sys_getsockopt(struct thread *td, struct getsockopt_args *uap) 1288 { 1289 socklen_t valsize; 1290 int error; 1291 1292 if (uap->val) { 1293 error = copyin(uap->avalsize, &valsize, sizeof (valsize)); 1294 if (error != 0) 1295 return (error); 1296 } 1297 1298 error = kern_getsockopt(td, uap->s, uap->level, uap->name, 1299 uap->val, UIO_USERSPACE, &valsize); 1300 1301 if (error == 0) 1302 error = copyout(&valsize, uap->avalsize, sizeof (valsize)); 1303 return (error); 1304 } 1305 1306 /* 1307 * Kernel version of getsockopt. 1308 * optval can be a userland or userspace. optlen is always a kernel pointer. 1309 */ 1310 int 1311 kern_getsockopt(struct thread *td, int s, int level, int name, void *val, 1312 enum uio_seg valseg, socklen_t *valsize) 1313 { 1314 struct socket *so; 1315 struct file *fp; 1316 struct sockopt sopt; 1317 int error; 1318 1319 if (val == NULL) 1320 *valsize = 0; 1321 if ((int)*valsize < 0) 1322 return (EINVAL); 1323 1324 sopt.sopt_dir = SOPT_GET; 1325 sopt.sopt_level = level; 1326 sopt.sopt_name = name; 1327 sopt.sopt_val = val; 1328 sopt.sopt_valsize = (size_t)*valsize; /* checked non-negative above */ 1329 switch (valseg) { 1330 case UIO_USERSPACE: 1331 sopt.sopt_td = td; 1332 break; 1333 case UIO_SYSSPACE: 1334 sopt.sopt_td = NULL; 1335 break; 1336 default: 1337 panic("kern_getsockopt called with bad valseg"); 1338 } 1339 1340 AUDIT_ARG_FD(s); 1341 error = getsock(td, s, &cap_getsockopt_rights, &fp); 1342 if (error == 0) { 1343 so = fp->f_data; 1344 error = sogetopt(so, &sopt); 1345 *valsize = sopt.sopt_valsize; 1346 fdrop(fp, td); 1347 } 1348 return (error); 1349 } 1350 1351 static int 1352 user_getsockname(struct thread *td, int fdes, struct sockaddr *asa, 1353 socklen_t *alen, bool compat) 1354 { 1355 struct sockaddr *sa; 1356 socklen_t len; 1357 int error; 1358 1359 error = copyin(alen, &len, sizeof(len)); 1360 if (error != 0) 1361 return (error); 1362 1363 error = kern_getsockname(td, fdes, &sa, &len); 1364 if (error != 0) 1365 return (error); 1366 1367 if (len != 0) { 1368 #ifdef COMPAT_OLDSOCK 1369 if (compat && SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1370 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1371 #endif 1372 error = copyout(sa, asa, len); 1373 } 1374 free(sa, M_SONAME); 1375 if (error == 0) 1376 error = copyout(&len, alen, sizeof(len)); 1377 return (error); 1378 } 1379 1380 int 1381 kern_getsockname(struct thread *td, int fd, struct sockaddr **sa, 1382 socklen_t *alen) 1383 { 1384 struct socket *so; 1385 struct file *fp; 1386 socklen_t len; 1387 int error; 1388 1389 AUDIT_ARG_FD(fd); 1390 error = getsock(td, fd, &cap_getsockname_rights, &fp); 1391 if (error != 0) 1392 return (error); 1393 so = fp->f_data; 1394 *sa = NULL; 1395 CURVNET_SET(so->so_vnet); 1396 error = so->so_proto->pr_sockaddr(so, sa); 1397 CURVNET_RESTORE(); 1398 if (error != 0) 1399 goto bad; 1400 if (*sa == NULL) 1401 len = 0; 1402 else 1403 len = MIN(*alen, (*sa)->sa_len); 1404 *alen = len; 1405 #ifdef KTRACE 1406 if (KTRPOINT(td, KTR_STRUCT)) 1407 ktrsockaddr(*sa); 1408 #endif 1409 bad: 1410 fdrop(fp, td); 1411 if (error != 0 && *sa != NULL) { 1412 free(*sa, M_SONAME); 1413 *sa = NULL; 1414 } 1415 return (error); 1416 } 1417 1418 int 1419 sys_getsockname(struct thread *td, struct getsockname_args *uap) 1420 { 1421 return (user_getsockname(td, uap->fdes, uap->asa, uap->alen, false)); 1422 } 1423 1424 #ifdef COMPAT_OLDSOCK 1425 int 1426 ogetsockname(struct thread *td, struct ogetsockname_args *uap) 1427 { 1428 return (user_getsockname(td, uap->fdes, uap->asa, uap->alen, true)); 1429 } 1430 #endif /* COMPAT_OLDSOCK */ 1431 1432 static int 1433 user_getpeername(struct thread *td, int fdes, struct sockaddr *asa, 1434 socklen_t *alen, bool compat) 1435 { 1436 struct sockaddr *sa; 1437 socklen_t len; 1438 int error; 1439 1440 error = copyin(alen, &len, sizeof (len)); 1441 if (error != 0) 1442 return (error); 1443 1444 error = kern_getpeername(td, fdes, &sa, &len); 1445 if (error != 0) 1446 return (error); 1447 1448 if (len != 0) { 1449 #ifdef COMPAT_OLDSOCK 1450 if (compat && SV_PROC_FLAG(td->td_proc, SV_AOUT)) 1451 ((struct osockaddr *)sa)->sa_family = sa->sa_family; 1452 #endif 1453 error = copyout(sa, asa, len); 1454 } 1455 free(sa, M_SONAME); 1456 if (error == 0) 1457 error = copyout(&len, alen, sizeof(len)); 1458 return (error); 1459 } 1460 1461 int 1462 kern_getpeername(struct thread *td, int fd, struct sockaddr **sa, 1463 socklen_t *alen) 1464 { 1465 struct socket *so; 1466 struct file *fp; 1467 socklen_t len; 1468 int error; 1469 1470 AUDIT_ARG_FD(fd); 1471 error = getsock(td, fd, &cap_getpeername_rights, &fp); 1472 if (error != 0) 1473 return (error); 1474 so = fp->f_data; 1475 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONFIRMING)) == 0) { 1476 error = ENOTCONN; 1477 goto done; 1478 } 1479 *sa = NULL; 1480 CURVNET_SET(so->so_vnet); 1481 error = so->so_proto->pr_peeraddr(so, sa); 1482 CURVNET_RESTORE(); 1483 if (error != 0) 1484 goto bad; 1485 if (*sa == NULL) 1486 len = 0; 1487 else 1488 len = MIN(*alen, (*sa)->sa_len); 1489 *alen = len; 1490 #ifdef KTRACE 1491 if (KTRPOINT(td, KTR_STRUCT)) 1492 ktrsockaddr(*sa); 1493 #endif 1494 bad: 1495 if (error != 0 && *sa != NULL) { 1496 free(*sa, M_SONAME); 1497 *sa = NULL; 1498 } 1499 done: 1500 fdrop(fp, td); 1501 return (error); 1502 } 1503 1504 int 1505 sys_getpeername(struct thread *td, struct getpeername_args *uap) 1506 { 1507 return (user_getpeername(td, uap->fdes, uap->asa, uap->alen, false)); 1508 } 1509 1510 #ifdef COMPAT_OLDSOCK 1511 int 1512 ogetpeername(struct thread *td, struct ogetpeername_args *uap) 1513 { 1514 return (user_getpeername(td, uap->fdes, uap->asa, uap->alen, true)); 1515 } 1516 #endif /* COMPAT_OLDSOCK */ 1517 1518 static int 1519 sockargs(struct mbuf **mp, char *buf, socklen_t buflen, int type) 1520 { 1521 struct sockaddr *sa; 1522 struct mbuf *m; 1523 int error; 1524 1525 if (buflen > MLEN) { 1526 #ifdef COMPAT_OLDSOCK 1527 if (type == MT_SONAME && buflen <= 112 && 1528 SV_CURPROC_FLAG(SV_AOUT)) 1529 buflen = MLEN; /* unix domain compat. hack */ 1530 else 1531 #endif 1532 if (buflen > MCLBYTES) 1533 return (EMSGSIZE); 1534 } 1535 m = m_get2(buflen, M_WAITOK, type, 0); 1536 m->m_len = buflen; 1537 error = copyin(buf, mtod(m, void *), buflen); 1538 if (error != 0) 1539 (void) m_free(m); 1540 else { 1541 *mp = m; 1542 if (type == MT_SONAME) { 1543 sa = mtod(m, struct sockaddr *); 1544 1545 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1546 if (sa->sa_family == 0 && sa->sa_len < AF_MAX && 1547 SV_CURPROC_FLAG(SV_AOUT)) 1548 sa->sa_family = sa->sa_len; 1549 #endif 1550 sa->sa_len = buflen; 1551 } 1552 } 1553 return (error); 1554 } 1555 1556 int 1557 getsockaddr(struct sockaddr **namp, const struct sockaddr *uaddr, size_t len) 1558 { 1559 struct sockaddr *sa; 1560 int error; 1561 1562 if (len > SOCK_MAXADDRLEN) 1563 return (ENAMETOOLONG); 1564 if (len < offsetof(struct sockaddr, sa_data[0])) 1565 return (EINVAL); 1566 sa = malloc(len, M_SONAME, M_WAITOK); 1567 error = copyin(uaddr, sa, len); 1568 if (error != 0) { 1569 free(sa, M_SONAME); 1570 } else { 1571 #if defined(COMPAT_OLDSOCK) && BYTE_ORDER != BIG_ENDIAN 1572 if (sa->sa_family == 0 && sa->sa_len < AF_MAX && 1573 SV_CURPROC_FLAG(SV_AOUT)) 1574 sa->sa_family = sa->sa_len; 1575 #endif 1576 sa->sa_len = len; 1577 *namp = sa; 1578 } 1579 return (error); 1580 } 1581 1582 /* 1583 * Dispose of externalized rights from an SCM_RIGHTS message. This function 1584 * should be used in error or truncation cases to avoid leaking file descriptors 1585 * into the recipient's (the current thread's) table. 1586 */ 1587 void 1588 m_dispose_extcontrolm(struct mbuf *m) 1589 { 1590 struct cmsghdr *cm; 1591 struct file *fp; 1592 struct thread *td; 1593 socklen_t clen, datalen; 1594 int error, fd, *fds, nfd; 1595 1596 td = curthread; 1597 for (; m != NULL; m = m->m_next) { 1598 if (m->m_type != MT_EXTCONTROL) 1599 continue; 1600 cm = mtod(m, struct cmsghdr *); 1601 clen = m->m_len; 1602 while (clen > 0) { 1603 if (clen < sizeof(*cm)) 1604 panic("%s: truncated mbuf %p", __func__, m); 1605 datalen = CMSG_SPACE(cm->cmsg_len - CMSG_SPACE(0)); 1606 if (clen < datalen) 1607 panic("%s: truncated mbuf %p", __func__, m); 1608 1609 if (cm->cmsg_level == SOL_SOCKET && 1610 cm->cmsg_type == SCM_RIGHTS) { 1611 fds = (int *)CMSG_DATA(cm); 1612 nfd = (cm->cmsg_len - CMSG_SPACE(0)) / 1613 sizeof(int); 1614 1615 while (nfd-- > 0) { 1616 fd = *fds++; 1617 error = fget(td, fd, &cap_no_rights, 1618 &fp); 1619 if (error == 0) { 1620 fdclose(td, fp, fd); 1621 fdrop(fp, td); 1622 } 1623 } 1624 } 1625 clen -= datalen; 1626 cm = (struct cmsghdr *)((uint8_t *)cm + datalen); 1627 } 1628 m_chtype(m, MT_CONTROL); 1629 } 1630 } 1631