| 1 | /* |
|---|---|
| 2 | * Copyright (c) 2000-2020 Apple Inc. All rights reserved. |
| 3 | * |
| 4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
| 5 | * |
| 6 | * This file contains Original Code and/or Modifications of Original Code |
| 7 | * as defined in and that are subject to the Apple Public Source License |
| 8 | * Version 2.0 (the 'License'). You may not use this file except in |
| 9 | * compliance with the License. The rights granted to you under the License |
| 10 | * may not be used to create, or enable the creation or redistribution of, |
| 11 | * unlawful or unlicensed copies of an Apple operating system, or to |
| 12 | * circumvent, violate, or enable the circumvention or violation of, any |
| 13 | * terms of an Apple operating system software license agreement. |
| 14 | * |
| 15 | * Please obtain a copy of the License at |
| 16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
| 17 | * |
| 18 | * The Original Code and all software distributed under the License are |
| 19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
| 20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
| 21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
| 22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
| 23 | * Please see the License for the specific language governing rights and |
| 24 | * limitations under the License. |
| 25 | * |
| 26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
| 27 | */ |
| 28 | /* Copyright (c) 1998, 1999 Apple Computer, Inc. All Rights Reserved */ |
| 29 | /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */ |
| 30 | /* |
| 31 | * Copyright (c) 1982, 1986, 1990, 1993 |
| 32 | * The Regents of the University of California. All rights reserved. |
| 33 | * |
| 34 | * Redistribution and use in source and binary forms, with or without |
| 35 | * modification, are permitted provided that the following conditions |
| 36 | * are met: |
| 37 | * 1. Redistributions of source code must retain the above copyright |
| 38 | * notice, this list of conditions and the following disclaimer. |
| 39 | * 2. Redistributions in binary form must reproduce the above copyright |
| 40 | * notice, this list of conditions and the following disclaimer in the |
| 41 | * documentation and/or other materials provided with the distribution. |
| 42 | * 3. All advertising materials mentioning features or use of this software |
| 43 | * must display the following acknowledgement: |
| 44 | * This product includes software developed by the University of |
| 45 | * California, Berkeley and its contributors. |
| 46 | * 4. Neither the name of the University nor the names of its contributors |
| 47 | * may be used to endorse or promote products derived from this software |
| 48 | * without specific prior written permission. |
| 49 | * |
| 50 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
| 51 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 52 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 53 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
| 54 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 55 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 56 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 57 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 58 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 59 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 60 | * SUCH DAMAGE. |
| 61 | * |
| 62 | * @(#)socketvar.h 8.3 (Berkeley) 2/19/95 |
| 63 | * $FreeBSD: src/sys/sys/socketvar.h,v 1.46.2.6 2001/08/31 13:45:49 jlemon Exp $ |
| 64 | */ |
| 65 | /* |
| 66 | * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce |
| 67 | * support for mandatory and extensible security protections. This notice |
| 68 | * is included in support of clause 2.2 (b) of the Apple Public License, |
| 69 | * Version 2.0. |
| 70 | */ |
| 71 | |
| 72 | #ifndef _SYS_SOCKETVAR_H_ |
| 73 | #define _SYS_SOCKETVAR_H_ |
| 74 | |
| 75 | #include <sys/appleapiopts.h> |
| 76 | #include <sys/cdefs.h> |
| 77 | #include <sys/constrained_ctypes.h> |
| 78 | #include <sys/types.h> /* u_quad_t */ |
| 79 | #ifdef KERNEL_PRIVATE |
| 80 | #include <sys/queue.h> /* for TAILQ macros */ |
| 81 | #include <sys/select.h> /* for struct selinfo */ |
| 82 | #include <net/kext_net.h> |
| 83 | #include <sys/ev.h> |
| 84 | #include <uuid/uuid.h> |
| 85 | #ifdef BSD_KERNEL_PRIVATE |
| 86 | #include <sys/eventhandler.h> |
| 87 | #endif /* BSD_KERNEL_PRIVATE */ |
| 88 | #endif /* KERNEL_PRIVATE */ |
| 89 | #if !KERNEL |
| 90 | #include <TargetConditionals.h> |
| 91 | #include <uuid/uuid.h> |
| 92 | #endif |
| 93 | |
| 94 | typedef u_quad_t so_gen_t; |
| 95 | |
| 96 | #ifdef KERNEL_PRIVATE |
| 97 | struct mbuf; |
| 98 | struct socket_filter_entry; |
| 99 | struct protosw; |
| 100 | struct sockif; |
| 101 | struct sockutil; |
| 102 | |
| 103 | /* strings for sleep message: */ |
| 104 | extern char netio[], netcon[], netcls[]; |
| 105 | #define SOCKET_CACHE_ON |
| 106 | #define SO_CACHE_FLUSH_INTERVAL 1 /* Seconds */ |
| 107 | #define SO_CACHE_TIME_LIMIT (120/SO_CACHE_FLUSH_INTERVAL) /* Seconds */ |
| 108 | #define SO_CACHE_MAX_FREE_BATCH 50 |
| 109 | #define MAX_CACHED_SOCKETS 512 |
| 110 | #define TEMPDEBUG 0 |
| 111 | #endif /* KERNEL_PRIVATE */ |
| 112 | |
| 113 | #ifdef PRIVATE |
| 114 | #define SO_TC_STATS_MAX 4 |
| 115 | |
| 116 | struct data_stats { |
| 117 | u_int64_t rxpackets; |
| 118 | u_int64_t rxbytes; |
| 119 | u_int64_t txpackets; |
| 120 | u_int64_t txbytes; |
| 121 | }; |
| 122 | #endif /* PRIVATE */ |
| 123 | |
| 124 | #ifdef KERNEL_PRIVATE |
| 125 | /* |
| 126 | * Kernel structure per socket. |
| 127 | * Contains send and receive buffer queues, |
| 128 | * handle on protocol and pointer to protocol |
| 129 | * private data and error information. |
| 130 | */ |
| 131 | struct socket { |
| 132 | int so_zone; /* zone we were allocated from */ |
| 133 | short so_type; /* generic type, see socket.h */ |
| 134 | uint16_t so_protocol; |
| 135 | int so_family; |
| 136 | u_short so_error; /* error affecting connection */ |
| 137 | u_int32_t so_options; /* from socket call, see socket.h */ |
| 138 | short so_linger; /* time to linger while closing */ |
| 139 | short so_state; /* internal state flags SS_*, below */ |
| 140 | void *so_pcb; /* protocol control block */ |
| 141 | struct protosw *so_proto; /* protocol handle */ |
| 142 | /* |
| 143 | * Variables for connection queueing. |
| 144 | * Socket where accepts occur is so_head in all subsidiary sockets. |
| 145 | * If so_head is 0, socket is not related to an accept. |
| 146 | * For head socket so_incomp queues partially completed connections, |
| 147 | * while so_comp is a queue of connections ready to be accepted. |
| 148 | * If a connection is aborted and it has so_head set, then |
| 149 | * it has to be pulled out of either so_incomp or so_comp. |
| 150 | * We allow connections to queue up based on current queue lengths |
| 151 | * and limit on number of queued connections for this socket. |
| 152 | */ |
| 153 | struct socket *so_head; /* back pointer to accept socket */ |
| 154 | TAILQ_HEAD(, socket) so_incomp; /* q of partially unaccepted conns */ |
| 155 | TAILQ_HEAD(, socket) so_comp; /* q of complete unaccepted conns */ |
| 156 | TAILQ_ENTRY(socket) so_list; /* list of unaccepted connections */ |
| 157 | short so_qlen; /* number of unaccepted connections */ |
| 158 | short so_incqlen; /* number of unaccepted incomplete |
| 159 | * connections */ |
| 160 | short so_qlimit; /* max number queued connections */ |
| 161 | short so_timeo; /* connection timeout */ |
| 162 | pid_t so_pgid; /* pgid for signals */ |
| 163 | u_int32_t so_oobmark; /* chars to oob mark */ |
| 164 | /* |
| 165 | * Variables for socket buffering. |
| 166 | */ |
| 167 | struct sockbuf { |
| 168 | uint32_t sb_cc; /* actual chars in buffer */ |
| 169 | uint32_t sb_hiwat; /* max actual char count */ |
| 170 | uint32_t sb_mbcnt; /* chars of mbufs used */ |
| 171 | uint32_t sb_mbmax; /* max chars of mbufs to use */ |
| 172 | uint32_t sb_ctl; /* non-data chars in buffer */ |
| 173 | uint32_t sb_lowat; /* low water mark */ |
| 174 | struct mbuf *sb_mb; /* the mbuf chain */ |
| 175 | struct mbuf *sb_mbtail; /* the last mbuf in the chain */ |
| 176 | struct mbuf *sb_lastrecord; /* first mbuf of last record */ |
| 177 | struct socket *sb_so; /* socket back ptr for kexts */ |
| 178 | struct selinfo sb_sel; /* process selecting rd/wr */ |
| 179 | struct timeval sb_timeo; /* timeout for read/write */ |
| 180 | uint32_t sb_flags; /* flags, see below */ |
| 181 | uint32_t sb_idealsize; /* Ideal size for the sb based |
| 182 | * on bandwidth and delay */ |
| 183 | void (*sb_upcall)(struct socket *, void *arg, int waitf); |
| 184 | void *sb_upcallarg; /* Arg for above */ |
| 185 | uint32_t sb_wantlock; /* # of SB_LOCK waiters */ |
| 186 | uint32_t sb_waiters; /* # of data/space waiters */ |
| 187 | thread_t sb_cfil_thread; /* content filter thread */ |
| 188 | uint32_t sb_cfil_refs; /* # of nested calls */ |
| 189 | uint32_t sb_preconn_hiwat; /* preconnect hiwat mark */ |
| 190 | struct mbuf *sb_sendhead; |
| 191 | int sb_sendoff; |
| 192 | } so_rcv, so_snd; |
| 193 | #define SB_MAX (8192*1024) /* default for max chars in sockbuf */ |
| 194 | #define SB_MSIZE_ADJ 256 /* fixed adjustment for mbuf */ |
| 195 | #define LOW_SB_MAX (2*9*1024) /* lower limit on max socket buffer |
| 196 | * size, 2 max datagrams */ |
| 197 | #define SB_LOCK 0x1 /* lock on data queue */ |
| 198 | #define SB_NOINTR 0x2 /* operations not interruptible */ |
| 199 | #define SB_RECV 0x4 /* this is rcv sb */ |
| 200 | #define SB_SEL 0x8 /* someone is selecting */ |
| 201 | #define SB_ASYNC 0x10 /* ASYNC I/O, need signals */ |
| 202 | #define SB_UPCALL 0x20 /* someone wants an upcall */ |
| 203 | #define SB_KNOTE 0x40 /* kernel note attached */ |
| 204 | #define SB_DROP 0x80 /* does not accept any more data */ |
| 205 | #define SB_UNIX 0x100 /* UNIX domain socket buffer */ |
| 206 | #define SB_USRSIZE 0x200 /* user specified sbreserve */ |
| 207 | #define SB_AUTOSIZE 0x400 /* automatically size socket buffer */ |
| 208 | #define SB_TRIM 0x800 /* Trim the socket buffer */ |
| 209 | #define SB_NOCOMPRESS 0x1000 /* do not compress socket buffer */ |
| 210 | #define SB_SNDBYTE_CNT 0x2000 /* keep track of snd bytes per interface */ |
| 211 | #define SB_UPCALL_LOCK 0x4000 /* Keep socket locked when doing the upcall */ |
| 212 | #define SB_LIMITED 0x8000 /* Socket buffer size limited */ |
| 213 | #define SB_KCTL 0x10000 /* kernel control socket buffer */ |
| 214 | #define SB_SENDHEAD 0x20000 |
| 215 | /* XXX Note that Unix domain socket's sb_flags is defined as short */ |
| 216 | caddr_t so_tpcb; /* Misc. protocol control block, used |
| 217 | * by some kexts */ |
| 218 | |
| 219 | void (*so_event)(struct socket *, void *, uint32_t); |
| 220 | void *so_eventarg; /* Arg for above */ |
| 221 | kauth_cred_t so_cred; /* cred of who opened the socket */ |
| 222 | /* NB: generation count must not be first; easiest to make it last. */ |
| 223 | so_gen_t so_gencnt; /* generation count */ |
| 224 | STAILQ_ENTRY(socket) so_cache_ent; /* socache entry */ |
| 225 | caddr_t so_saved_pcb; /* Saved pcb when cacheing */ |
| 226 | u_int64_t cache_timestamp; /* time socket was cached */ |
| 227 | uint32_t so_eventmask; /* event mask */ |
| 228 | |
| 229 | pid_t last_pid; /* pid of most recent accessor */ |
| 230 | u_int64_t last_upid; /* upid of most recent accessor */ |
| 231 | |
| 232 | struct socket_filter_entry *so_filt; /* NKE hook */ |
| 233 | u_int32_t so_flags; /* Flags */ |
| 234 | #define SOF_NOSIGPIPE 0x00000001 |
| 235 | #define SOF_NOADDRAVAIL 0x00000002 /* EADDRNOTAVAIL if src addr is gone */ |
| 236 | #define SOF_PCBCLEARING 0x00000004 /* pru_disconnect done; don't |
| 237 | * call pru_detach */ |
| 238 | #define SOF_DEFUNCT 0x00000008 /* socket marked as inactive */ |
| 239 | #define SOF_CLOSEWAIT 0x00000010 /* blocked in close awaiting some events */ |
| 240 | #define SOF_REUSESHAREUID 0x00000040 /* Allows SO_REUSEADDR/SO_REUSEPORT |
| 241 | * for multiple so_uid */ |
| 242 | #define SOF_MULTIPAGES 0x00000080 /* jumbo clusters may be used for sosend */ |
| 243 | #define SOF_ABORTED 0x00000100 /* soabort was already called once */ |
| 244 | #define SOF_OVERFLOW 0x00000200 /* socket was dropped as overflow of |
| 245 | * listen q */ |
| 246 | #define SOF_NOTIFYCONFLICT 0x00000400 /* notify that a bind was done on a |
| 247 | * port already in use */ |
| 248 | #define SOF_UPCALLCLOSEWAIT 0x00000800 /* block close until upcall returns */ |
| 249 | #define SOF_BINDRANDOMPORT 0x00001000 /* Randomized port number for bind */ |
| 250 | #define SOF_NPX_SETOPTSHUT 0x00002000 /* Non POSIX extension to allow |
| 251 | * setsockopt(2) after shut down */ |
| 252 | #define SOF_RECV_TRAFFIC_CLASS 0x00004000 /* Receive TC as ancillary data */ |
| 253 | #define SOF_NODEFUNCT 0x00008000 /* socket cannot be defunct'd */ |
| 254 | #define SOF_PRIVILEGED_TRAFFIC_CLASS 0x00010000 /* traffic class is privileged */ |
| 255 | #define SOF_SUSPENDED 0x00020000 /* i/f output queue is suspended */ |
| 256 | #define SOF_INCOMP_INPROGRESS 0x00040000 /* incomp socket is being processed */ |
| 257 | #define SOF_NOTSENT_LOWAT 0x00080000 /* A different lowat on not sent |
| 258 | * data has been set */ |
| 259 | #define SOF_KNOTE 0x00100000 /* socket is on the EV_SOCK klist */ |
| 260 | #define SOF_MARK_WAKE_PKT 0x00200000 /* Mark next packet as wake packet, one shot */ |
| 261 | #define SOF_RECV_WAKE_PKT 0x00400000 /* Receive wake packet indication as ancillary data */ |
| 262 | #define SOF_FLOW_DIVERT 0x00800000 /* Flow Divert is enabled */ |
| 263 | #define SOF_MP_SUBFLOW 0x01000000 /* is a multipath subflow socket */ |
| 264 | #define SOF_MP_SEC_SUBFLOW 0x04000000 /* Set up secondary flow */ |
| 265 | #define SOF_MP_TRYFAILOVER 0x08000000 /* Failing subflow */ |
| 266 | #define SOF_DELEGATED 0x10000000 /* on behalf of another process */ |
| 267 | #define SOF_CONTENT_FILTER 0x20000000 /* Content filter enabled */ |
| 268 | |
| 269 | u_int32_t so_flags1; |
| 270 | #define SOF1_POST_FALLBACK_SYNC 0x00000001 /* fallback to TCP */ |
| 271 | #define SOF1_AWDL_PRIVILEGED 0x00000002 /* unused */ |
| 272 | #define SOF1_IF_2KCL 0x00000004 /* interface prefers 2 KB clusters */ |
| 273 | #define SOF1_DEFUNCTINPROG 0x00000008 |
| 274 | #define SOF1_DATA_IDEMPOTENT 0x00000010 /* idempotent data for TFO */ |
| 275 | #define SOF1_PRECONNECT_DATA 0x00000020 /* request for preconnect data */ |
| 276 | #define SOF1_EXTEND_BK_IDLE_WANTED 0x00000040 /* option set */ |
| 277 | #define SOF1_EXTEND_BK_IDLE_INPROG 0x00000080 /* socket */ |
| 278 | #define SOF1_CACHED_IN_SOCK_LAYER 0x00000100 /* bundled with inpcb and tcpcb */ |
| 279 | #define SOF1_TFO_REWIND 0x00000200 /* rewind mptcp meta data */ |
| 280 | #define SOF1_CELLFALLBACK 0x00000400 /* Initiated by cell fallback */ |
| 281 | #define SOF1_QOSMARKING_ALLOWED 0x00000800 /* policy allows DSCP map */ |
| 282 | #define SOF1_TC_NET_SERV_TYPE 0x00001000 /* traffic class set by SO_NETWORK_SERVICE_TYPE */ |
| 283 | #define SOF1_TRAFFIC_MGT_SO_BACKGROUND 0x00002000 /* background socket */ |
| 284 | #define SOF1_TRAFFIC_MGT_TCP_RECVBG 0x00004000 /* Only TCP sockets, receiver throttling */ |
| 285 | #define SOF1_QOSMARKING_POLICY_OVERRIDE 0x00008000 /* Opt-out of QoS marking NECP policy */ |
| 286 | #define SOF1_DATA_AUTHENTICATED 0x00010000 /* idempotent data is authenticated */ |
| 287 | #define SOF1_ACCEPT_LIST_HELD 0x00020000 /* Another thread is accessing one of the accept lists */ |
| 288 | #define SOF1_CONTENT_FILTER_SKIP 0x00040000 /* Content filter should be skipped, socket is blessed */ |
| 289 | #define SOF1_HAS_NECP_CLIENT_UUID 0x00080000 /* NECP client UUID option set */ |
| 290 | #define SOF1_IN_KERNEL_SOCKET 0x00100000 /* Socket created in kernel via KPI */ |
| 291 | #define SOF1_CONNECT_COUNTED 0x00200000 /* connect() call was counted */ |
| 292 | #define SOF1_DNS_COUNTED 0x00400000 /* socket counted to send DNS queries */ |
| 293 | #define SOF1_MPKL_SEND_INFO 0x00800000 /* SO_MPKL_SEND_INFO option is set */ |
| 294 | #define SOF1_INBOUND 0x01000000 /* Created via a passive listener */ |
| 295 | #define SOF1_WANT_KEV_SOCK_CLOSED 0x02000000 /* Want generation of KEV_SOCKET_CLOSED event */ |
| 296 | #define SOF1_FLOW_DIVERT_SKIP 0x04000000 /* Flow divert already declined to handle the socket */ |
| 297 | #define SOF1_KNOWN_TRACKER 0x08000000 /* Socket is a connection to a known tracker */ |
| 298 | #define SOF1_TRACKER_NON_APP_INITIATED 0x10000000 /* Tracker connection is non-app initiated */ |
| 299 | #define SOF1_APPROVED_APP_DOMAIN 0x20000000 /* Connection is for an approved associated app domain */ |
| 300 | |
| 301 | uint32_t so_upcallusecount; /* number of upcalls in progress */ |
| 302 | int so_usecount; /* refcounting of socket use */ |
| 303 | int so_retaincnt; |
| 304 | uint16_t so_traffic_class; |
| 305 | int8_t so_netsvctype; |
| 306 | uint8_t so_restrictions; |
| 307 | thread_t so_send_filt_thread; |
| 308 | |
| 309 | /* for debug pruposes */ |
| 310 | #define SO_LCKDBG_MAX 4 /* number of debug locking Link Registers recorded */ |
| 311 | void *lock_lr[SO_LCKDBG_MAX]; /* locking calling history */ |
| 312 | void *unlock_lr[SO_LCKDBG_MAX]; /* unlocking caller history */ |
| 313 | u_int8_t next_lock_lr; |
| 314 | u_int8_t next_unlock_lr; |
| 315 | |
| 316 | u_int16_t so_pktheadroom; /* headroom before packet payload */ |
| 317 | |
| 318 | u_int32_t so_ifdenied_notifies; /* # of notifications generated */ |
| 319 | |
| 320 | thread_t so_background_thread; /* thread that marked |
| 321 | * this socket background */ |
| 322 | struct data_stats so_tc_stats[SO_TC_STATS_MAX]; |
| 323 | struct klist so_klist; /* klist for EV_SOCK events */ |
| 324 | |
| 325 | struct flow_divert_pcb *so_fd_pcb; /* Flow Divert control block */ |
| 326 | |
| 327 | struct soflow_db *so_flow_db; |
| 328 | |
| 329 | #if CONTENT_FILTER |
| 330 | struct cfil_info *so_cfil; |
| 331 | u_int32_t so_state_change_cnt; /* incr for each connect, disconnect */ |
| 332 | #endif |
| 333 | |
| 334 | pid_t e_pid; /* pid of the effective owner */ |
| 335 | u_int64_t e_upid; /* upid of the effective owner */ |
| 336 | pid_t so_rpid; /* pid of the responsible process */ |
| 337 | |
| 338 | uuid_t last_uuid; /* uuid of most recent accessor */ |
| 339 | uuid_t e_uuid; /* uuid of effective owner */ |
| 340 | uuid_t so_vuuid; /* UUID of the Voucher originator */ |
| 341 | uuid_t so_ruuid; /* UUID of the responsible process */ |
| 342 | |
| 343 | uid_t so_persona_id; /* persona of effective owner */ |
| 344 | |
| 345 | int32_t so_policy_gencnt; /* UUID policy gencnt */ |
| 346 | |
| 347 | u_int64_t so_extended_bk_start; |
| 348 | |
| 349 | u_int8_t so_fallback_mode; |
| 350 | #define SO_FALLBACK_MODE_NONE 0 /* No fallback */ |
| 351 | #define SO_FALLBACK_MODE_FAILOVER 1 /* Fell back after failing over */ |
| 352 | #define SO_FALLBACK_MODE_SLOW 2 /* Fell back after a slow timer */ |
| 353 | #define SO_FALLBACK_MODE_FAST 3 /* Fell back after a fast timer */ |
| 354 | #define SO_FALLBACK_MODE_PREFER 4 /* Fell back with a headstart */ |
| 355 | |
| 356 | u_int8_t so_log_seqn; /* Multi-layer Packet Logging rolling sequence number */ |
| 357 | uint8_t so_mpkl_send_proto; |
| 358 | uuid_t so_mpkl_send_uuid; |
| 359 | }; |
| 360 | |
| 361 | /* Control message accessor in mbufs */ |
| 362 | |
| 363 | #define _MIN_NXT_CMSGHDR_PTR(cmsg) \ |
| 364 | ((char *)(cmsg) + \ |
| 365 | __DARWIN_ALIGN32((__uint32_t)(cmsg)->cmsg_len) + \ |
| 366 | __DARWIN_ALIGN32(sizeof(struct cmsghdr))) |
| 367 | |
| 368 | #define M_FIRST_CMSGHDR(m) \ |
| 369 | ((char *)(m) != (char *)0L && \ |
| 370 | (size_t)(m)->m_len >= sizeof (struct cmsghdr) && \ |
| 371 | (socklen_t)(m)->m_len >= \ |
| 372 | __DARWIN_ALIGN32(((struct cmsghdr *)(void *)(m)->m_data)->cmsg_len) ? \ |
| 373 | (struct cmsghdr *)(void *)(m)->m_data : (struct cmsghdr *)0L) |
| 374 | |
| 375 | #define M_NXT_CMSGHDR(m, cmsg) \ |
| 376 | ((char *)(cmsg) == (char *)0L ? M_FIRST_CMSGHDR(m) : \ |
| 377 | _MIN_NXT_CMSGHDR_PTR(cmsg) > ((char *)(m)->m_data) + (m)->m_len || \ |
| 378 | _MIN_NXT_CMSGHDR_PTR(cmsg) < (char *)(m)->m_data ? \ |
| 379 | (struct cmsghdr *)0L /* NULL */ : \ |
| 380 | (struct cmsghdr *)(void *)((unsigned char *)(cmsg) + \ |
| 381 | __DARWIN_ALIGN32((__uint32_t)(cmsg)->cmsg_len))) |
| 382 | |
| 383 | /* |
| 384 | * Need receive options |
| 385 | */ |
| 386 | #define SO_RECV_CONTROL_OPTS(so) \ |
| 387 | (((so)->so_options & \ |
| 388 | (SO_TIMESTAMP | SO_TIMESTAMP_MONOTONIC | SO_TIMESTAMP_CONTINUOUS)) || \ |
| 389 | ((so)->so_flags & (SOF_RECV_TRAFFIC_CLASS | SOF_RECV_WAKE_PKT))) |
| 390 | |
| 391 | /* |
| 392 | * Socket state bits. |
| 393 | */ |
| 394 | #define SS_NOFDREF 0x0001 /* no file table ref any more */ |
| 395 | #define SS_ISCONNECTED 0x0002 /* socket connected to a peer */ |
| 396 | #define SS_ISCONNECTING 0x0004 /* in process of connecting to peer */ |
| 397 | #define SS_ISDISCONNECTING 0x0008 /* in process of disconnecting */ |
| 398 | #define SS_CANTSENDMORE 0x0010 /* can't send more data to peer */ |
| 399 | #define SS_CANTRCVMORE 0x0020 /* can't receive more data from peer */ |
| 400 | #define SS_RCVATMARK 0x0040 /* at mark on input */ |
| 401 | |
| 402 | #define SS_PRIV 0x0080 /* privileged for broadcast, raw... */ |
| 403 | #define SS_NBIO 0x0100 /* non-blocking ops */ |
| 404 | #define SS_ASYNC 0x0200 /* async i/o notify */ |
| 405 | #define SS_ISCONFIRMING 0x0400 /* deciding to accept connection req */ |
| 406 | #define SS_INCOMP 0x0800 /* Unaccepted, incomplete connection */ |
| 407 | #define SS_COMP 0x1000 /* unaccepted, complete connection */ |
| 408 | #define SS_ISDISCONNECTED 0x2000 /* socket disconnected from peer */ |
| 409 | #define SS_DRAINING 0x4000 /* close waiting for blocked system |
| 410 | * calls to drain */ |
| 411 | #define SS_DEFUNCT 0x8000 /* has been fully defunct'd */ |
| 412 | #endif /* KERNEL_PRIVATE */ |
| 413 | |
| 414 | #if defined(__LP64__) |
| 415 | #define _XSOCKET_PTR(x) u_int32_t |
| 416 | #else |
| 417 | #define _XSOCKET_PTR(x) x |
| 418 | #endif |
| 419 | |
| 420 | #ifdef PRIVATE |
| 421 | /* Flags returned in data field for EVFILT_SOCK events. */ |
| 422 | #define SOCKEV_CONNECTED 0x00000001 /* connected */ |
| 423 | #define SOCKEV_DISCONNECTED 0x00000002 /* disconnected */ |
| 424 | #endif /* PRIVATE */ |
| 425 | |
| 426 | #pragma pack(4) |
| 427 | |
| 428 | struct xsockbuf { |
| 429 | u_int32_t sb_cc; |
| 430 | u_int32_t sb_hiwat; |
| 431 | u_int32_t sb_mbcnt; |
| 432 | u_int32_t sb_mbmax; |
| 433 | int32_t sb_lowat; |
| 434 | short sb_flags; |
| 435 | short sb_timeo; |
| 436 | }; |
| 437 | |
| 438 | /* |
| 439 | * Externalized form of struct socket used by the sysctl(3) interface. |
| 440 | */ |
| 441 | struct xsocket { |
| 442 | u_int32_t xso_len; /* length of this structure */ |
| 443 | _XSOCKET_PTR(struct socket *) xso_so; /* makes a convenient handle */ |
| 444 | short so_type; |
| 445 | short so_options; |
| 446 | short so_linger; |
| 447 | short so_state; |
| 448 | _XSOCKET_PTR(caddr_t) so_pcb; /* another convenient handle */ |
| 449 | int xso_protocol; |
| 450 | int xso_family; |
| 451 | short so_qlen; |
| 452 | short so_incqlen; |
| 453 | short so_qlimit; |
| 454 | short so_timeo; |
| 455 | u_short so_error; |
| 456 | pid_t so_pgid; |
| 457 | u_int32_t so_oobmark; |
| 458 | struct xsockbuf so_rcv; |
| 459 | struct xsockbuf so_snd; |
| 460 | uid_t so_uid; /* XXX */ |
| 461 | }; |
| 462 | |
| 463 | #if XNU_TARGET_OS_OSX || KERNEL || !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR) |
| 464 | struct xsocket64 { |
| 465 | u_int32_t xso_len; /* length of this structure */ |
| 466 | u_int64_t xso_so; /* makes a convenient handle */ |
| 467 | short so_type; |
| 468 | short so_options; |
| 469 | short so_linger; |
| 470 | short so_state; |
| 471 | u_int64_t so_pcb; /* another convenient handle */ |
| 472 | int xso_protocol; |
| 473 | int xso_family; |
| 474 | short so_qlen; |
| 475 | short so_incqlen; |
| 476 | short so_qlimit; |
| 477 | short so_timeo; |
| 478 | u_short so_error; |
| 479 | pid_t so_pgid; |
| 480 | u_int32_t so_oobmark; |
| 481 | struct xsockbuf so_rcv; |
| 482 | struct xsockbuf so_snd; |
| 483 | uid_t so_uid; /* XXX */ |
| 484 | }; |
| 485 | #endif /* XNU_TARGET_OS_OSX || KERNEL || !(TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR) */ |
| 486 | |
| 487 | #ifdef PRIVATE |
| 488 | #define XSO_SOCKET 0x001 |
| 489 | #define XSO_RCVBUF 0x002 |
| 490 | #define XSO_SNDBUF 0x004 |
| 491 | #define XSO_STATS 0x008 |
| 492 | #define XSO_INPCB 0x010 |
| 493 | #define XSO_TCPCB 0x020 |
| 494 | #define XSO_KCREG 0x040 |
| 495 | #define XSO_KCB 0x080 |
| 496 | #define XSO_EVT 0x100 |
| 497 | #define XSO_UNPCB 0x200 |
| 498 | |
| 499 | struct xsocket_n { |
| 500 | u_int32_t xso_len; /* length of this structure */ |
| 501 | u_int32_t xso_kind; /* XSO_SOCKET */ |
| 502 | u_int64_t xso_so; /* makes a convenient handle */ |
| 503 | short so_type; |
| 504 | u_int32_t so_options; |
| 505 | short so_linger; |
| 506 | short so_state; |
| 507 | u_int64_t so_pcb; /* another convenient handle */ |
| 508 | int xso_protocol; |
| 509 | int xso_family; |
| 510 | short so_qlen; |
| 511 | short so_incqlen; |
| 512 | short so_qlimit; |
| 513 | short so_timeo; |
| 514 | u_short so_error; |
| 515 | pid_t so_pgid; |
| 516 | u_int32_t so_oobmark; |
| 517 | uid_t so_uid; /* XXX */ |
| 518 | pid_t so_last_pid; |
| 519 | pid_t so_e_pid; |
| 520 | so_gen_t so_gencnt; |
| 521 | u_int32_t so_flags; |
| 522 | u_int32_t so_flags1; |
| 523 | int32_t so_usecount; |
| 524 | int32_t so_retaincnt; |
| 525 | u_int32_t xso_filter_flags; |
| 526 | }; |
| 527 | |
| 528 | /* |
| 529 | * Values for xso_filter_flags |
| 530 | */ |
| 531 | #define XSOFF_SO_FILT 0x01 /* socket filter attached */ |
| 532 | #define XSOFF_FLOW_DB 0x02 /* flow database attached */ |
| 533 | #define XSOFF_CFIL 0x04 /* content filter attached */ |
| 534 | #define XSOFF_FLOW_DIV 0x08 /* flow divert attached */ |
| 535 | |
| 536 | struct xsockbuf_n { |
| 537 | u_int32_t xsb_len; /* length of this structure */ |
| 538 | u_int32_t xsb_kind; /* XSO_RCVBUF or XSO_SNDBUF */ |
| 539 | u_int32_t sb_cc; |
| 540 | u_int32_t sb_hiwat; |
| 541 | u_int32_t sb_mbcnt; |
| 542 | u_int32_t sb_mbmax; |
| 543 | int32_t sb_lowat; |
| 544 | short sb_flags; |
| 545 | short sb_timeo; |
| 546 | }; |
| 547 | |
| 548 | struct xsockstat_n { |
| 549 | u_int32_t xst_len; /* length of this structure */ |
| 550 | u_int32_t xst_kind; /* XSO_STATS */ |
| 551 | struct data_stats xst_tc_stats[SO_TC_STATS_MAX]; |
| 552 | }; |
| 553 | |
| 554 | /* |
| 555 | * Global socket statistics |
| 556 | */ |
| 557 | struct soextbkidlestat { |
| 558 | u_int32_t so_xbkidle_maxperproc; |
| 559 | u_int32_t so_xbkidle_time; |
| 560 | u_int32_t so_xbkidle_rcvhiwat; |
| 561 | int32_t so_xbkidle_notsupp; |
| 562 | int32_t so_xbkidle_toomany; |
| 563 | int32_t so_xbkidle_wantok; |
| 564 | int32_t so_xbkidle_active; |
| 565 | int32_t so_xbkidle_nocell; |
| 566 | int32_t so_xbkidle_notime; |
| 567 | int32_t so_xbkidle_forced; |
| 568 | int32_t so_xbkidle_resumed; |
| 569 | int32_t so_xbkidle_expired; |
| 570 | int32_t so_xbkidle_resched; |
| 571 | int32_t so_xbkidle_nodlgtd; |
| 572 | int32_t so_xbkidle_drained; |
| 573 | }; |
| 574 | #endif /* PRIVATE */ |
| 575 | |
| 576 | #pragma pack() |
| 577 | |
| 578 | #ifdef KERNEL_PRIVATE |
| 579 | #include <sys/kpi_mbuf.h> |
| 580 | |
| 581 | /* |
| 582 | * Argument structure for sosetopt et seq. This is in the KERNEL |
| 583 | * section because it will never be visible to user code. |
| 584 | */ |
| 585 | enum sopt_dir { SOPT_GET, SOPT_SET }; |
| 586 | struct sockopt { |
| 587 | enum sopt_dir sopt_dir; /* is this a get or a set? */ |
| 588 | int sopt_level; /* second arg of [gs]etsockopt */ |
| 589 | int sopt_name; /* third arg of [gs]etsockopt */ |
| 590 | user_addr_t sopt_val; /* fourth arg of [gs]etsockopt */ |
| 591 | size_t sopt_valsize; /* (almost) fifth arg of [gs]etsockopt */ |
| 592 | struct proc *sopt_p; /* calling process or null if kernel */ |
| 593 | }; |
| 594 | |
| 595 | #ifdef BSD_KERNEL_PRIVATE |
| 596 | struct cmsghdr; |
| 597 | extern boolean_t is_cmsg_valid(struct mbuf *control, struct cmsghdr *cmsg); |
| 598 | |
| 599 | /* |
| 600 | * Socket extension mechanism: control block hooks: |
| 601 | * This is the "head" of any control block for an extenstion |
| 602 | * Note: we separate intercept function dispatch vectors from |
| 603 | * the NFDescriptor to permit selective replacement during |
| 604 | * operation, e.g., to disable some functions. |
| 605 | */ |
| 606 | struct kextcb { |
| 607 | struct kextcb *e_next; /* Next kext control block */ |
| 608 | void *e_fcb; /* Real filter control block */ |
| 609 | struct NFDescriptor *e_nfd; /* NKE Descriptor */ |
| 610 | /* Plug-in support - intercept functions */ |
| 611 | struct sockif *e_soif; /* Socket functions */ |
| 612 | struct sockutil *e_sout; /* Sockbuf utility functions */ |
| 613 | }; |
| 614 | #define EXT_NULL 0x0 /* STATE: Not in use */ |
| 615 | |
| 616 | /* Hints for socket event processing */ |
| 617 | #define SO_FILT_HINT_LOCKED 0x00000001 /* socket is already locked */ |
| 618 | #define SO_FILT_HINT_CONNRESET 0x00000002 /* Reset is received */ |
| 619 | #define SO_FILT_HINT_CANTRCVMORE 0x00000004 /* No more data to read */ |
| 620 | #define SO_FILT_HINT_CANTSENDMORE 0x00000008 /* Can't write more data */ |
| 621 | #define SO_FILT_HINT_TIMEOUT 0x00000010 /* timeout */ |
| 622 | #define SO_FILT_HINT_NOSRCADDR 0x00000020 /* No src address available */ |
| 623 | #define SO_FILT_HINT_IFDENIED 0x00000040 /* interface denied access */ |
| 624 | #define SO_FILT_HINT_SUSPEND 0x00000080 /* output queue suspended */ |
| 625 | #define SO_FILT_HINT_RESUME 0x00000100 /* output queue resumed */ |
| 626 | #define SO_FILT_HINT_KEEPALIVE 0x00000200 /* TCP Keepalive received */ |
| 627 | #define SO_FILT_HINT_ADAPTIVE_WTIMO 0x00000400 /* TCP adaptive write timeout */ |
| 628 | #define SO_FILT_HINT_ADAPTIVE_RTIMO 0x00000800 /* TCP adaptive read timeout */ |
| 629 | #define SO_FILT_HINT_CONNECTED 0x00001000 /* socket is connected */ |
| 630 | #define SO_FILT_HINT_DISCONNECTED 0x00002000 /* socket is disconnected */ |
| 631 | #define SO_FILT_HINT_CONNINFO_UPDATED 0x00004000 /* updated conninfo avail. */ |
| 632 | #define SO_FILT_HINT_MPFAILOVER 0x00008000 /* multipath failover */ |
| 633 | #define SO_FILT_HINT_MPSTATUS 0x00010000 /* multipath status */ |
| 634 | #define SO_FILT_HINT_MUSTRST 0x00020000 /* must send RST and close */ |
| 635 | #define SO_FILT_HINT_MPCANTRCVMORE 0x00040000 /* MPTCP DFIN Received */ |
| 636 | #define SO_FILT_HINT_NOTIFY_ACK 0x00080000 /* Notify Acknowledgement */ |
| 637 | #define SO_FILT_HINT_MP_SUB_ERROR 0x00100000 /* Error happend on subflow */ |
| 638 | #define SO_FILT_HINT_WAKE_PKT 0x00200000 /* received wake packet */ |
| 639 | |
| 640 | #define SO_FILT_HINT_BITS \ |
| 641 | "\020\1LOCKED\2CONNRESET\3CANTRCVMORE\4CANTSENDMORE\5TIMEOUT" \ |
| 642 | "\6NOSRCADDR\7IFDENIED\10SUSPEND\11RESUME\12KEEPALIVE\13AWTIMO" \ |
| 643 | "\14ARTIMO\15CONNECTED\16DISCONNECTED\17CONNINFO_UPDATED" \ |
| 644 | "\20MPFAILOVER\21MPSTATUS\22MUSTRST\23MPCANTRCVMORE\24NOTIFYACK"\ |
| 645 | "\25MPSUBERROR\26WAKEPKT" |
| 646 | |
| 647 | /* Mask for hints that have corresponding kqueue events */ |
| 648 | #define SO_FILT_HINT_EV \ |
| 649 | (SO_FILT_HINT_CONNRESET | SO_FILT_HINT_CANTRCVMORE | \ |
| 650 | SO_FILT_HINT_CANTSENDMORE | SO_FILT_HINT_TIMEOUT | \ |
| 651 | SO_FILT_HINT_NOSRCADDR | SO_FILT_HINT_IFDENIED | \ |
| 652 | SO_FILT_HINT_SUSPEND | SO_FILT_HINT_RESUME | \ |
| 653 | SO_FILT_HINT_KEEPALIVE | SO_FILT_HINT_ADAPTIVE_WTIMO | \ |
| 654 | SO_FILT_HINT_ADAPTIVE_RTIMO | SO_FILT_HINT_CONNECTED | \ |
| 655 | SO_FILT_HINT_DISCONNECTED | SO_FILT_HINT_CONNINFO_UPDATED | \ |
| 656 | SO_FILT_HINT_NOTIFY_ACK | SO_FILT_HINT_WAKE_PKT) |
| 657 | |
| 658 | #if SENDFILE |
| 659 | struct sf_buf { |
| 660 | SLIST_ENTRY(sf_buf) free_list; /* list of free buffer slots */ |
| 661 | int refcnt; /* reference count */ |
| 662 | struct vm_page *m; /* currently mapped page */ |
| 663 | vm_offset_t kva; /* va of mapping */ |
| 664 | }; |
| 665 | #endif /* SENDFILE */ |
| 666 | |
| 667 | #define SBLASTRECORDCHK(sb, s) \ |
| 668 | if (socket_debug) sblastrecordchk(sb, s); |
| 669 | |
| 670 | #define SBLASTMBUFCHK(sb, s) \ |
| 671 | if (socket_debug) sblastmbufchk(sb, s); |
| 672 | |
| 673 | #define SB_EMPTY_FIXUP(sb) { \ |
| 674 | if ((sb)->sb_mb == NULL) { \ |
| 675 | (sb)->sb_mbtail = NULL; \ |
| 676 | (sb)->sb_lastrecord = NULL; \ |
| 677 | } \ |
| 678 | } |
| 679 | |
| 680 | #define SB_MB_CHECK(sb) do { \ |
| 681 | if (((sb)->sb_mb != NULL && \ |
| 682 | (sb)->sb_cc == 0) || \ |
| 683 | ((sb)->sb_mb == NULL && (sb)->sb_cc > 0)) \ |
| 684 | panic("corrupt so_rcv: sb_mb %p sb_cc %d\n", \ |
| 685 | (sb)->sb_mb, (sb)->sb_cc); \ |
| 686 | } while (0) |
| 687 | |
| 688 | #define SODEFUNCTLOG(fmt, ...) do { \ |
| 689 | if (sodefunctlog) \ |
| 690 | printf(fmt, __VA_ARGS__); \ |
| 691 | } while (0) |
| 692 | |
| 693 | #define SOTHROTTLELOG(fmt, ...) do { \ |
| 694 | if (sothrottlelog) \ |
| 695 | printf(fmt, __VA_ARGS__); \ |
| 696 | } while (0) |
| 697 | |
| 698 | /* |
| 699 | * For debugging traffic class behaviors |
| 700 | */ |
| 701 | #define SOTCDB_RESERVED 0x01 |
| 702 | #define SOTCDB_NO_MTC 0x02 /* Do not set the mbuf traffic class */ |
| 703 | #define SOTCDB_NO_SENDTCPBG 0x04 /* Do not use background TCP CC algorithm for sender */ |
| 704 | #define SOTCDB_NO_LCLTST 0x08 /* Do not test for local destination for setting DSCP */ |
| 705 | #define SOTCDB_NO_DSCPTST 0x10 /* Overwritte any existing DSCP code */ |
| 706 | #define SOTCDB_NO_RECVTCPBG 0x20 /* Do not use throttling on receiver-side of TCP */ |
| 707 | #define SOTCDB_NO_PRIVILEGED 0x40 /* Do not set privileged traffic flag */ |
| 708 | |
| 709 | #define SOCK_DOM(so) ((so)->so_family) |
| 710 | #define SOCK_TYPE(so) ((so)->so_type) |
| 711 | #define SOCK_PROTO(so) ((so)->so_protocol) |
| 712 | |
| 713 | #define SOCK_CHECK_DOM(so, dom) (SOCK_DOM(so) == (dom)) |
| 714 | #define SOCK_CHECK_TYPE(so, type) (SOCK_TYPE(so) == (type)) |
| 715 | #define SOCK_CHECK_PROTO(so, proto) (SOCK_PROTO(so) == (proto)) |
| 716 | |
| 717 | /* |
| 718 | * Socket process information |
| 719 | */ |
| 720 | struct so_procinfo { |
| 721 | pid_t spi_pid; |
| 722 | pid_t spi_epid; |
| 723 | uuid_t spi_uuid; |
| 724 | uuid_t spi_euuid; |
| 725 | int spi_delegated; |
| 726 | char spi_proc_name[MAXCOMLEN + 1]; |
| 727 | char spi_e_proc_name[MAXCOMLEN + 1]; |
| 728 | }; |
| 729 | |
| 730 | extern uint32_t sb_max; |
| 731 | extern so_gen_t so_gencnt; |
| 732 | extern int socket_debug; |
| 733 | extern int sosendjcl; |
| 734 | extern int sosendjcl_ignore_capab; |
| 735 | extern int sodefunctlog; |
| 736 | extern int sothrottlelog; |
| 737 | extern int sorestrictrecv; |
| 738 | extern int sorestrictsend; |
| 739 | extern int somaxconn; |
| 740 | extern uint32_t tcp_autosndbuf_max; |
| 741 | extern uint32_t tcp_autosndbuf_inc; |
| 742 | extern u_int32_t sotcdb; |
| 743 | extern u_int32_t net_io_policy_log; |
| 744 | extern u_int32_t net_io_policy_throttle_best_effort; |
| 745 | #if CONFIG_PROC_UUID_POLICY |
| 746 | extern u_int32_t net_io_policy_uuid; |
| 747 | #endif /* CONFIG_PROC_UUID_POLICY */ |
| 748 | |
| 749 | extern struct soextbkidlestat soextbkidlestat; |
| 750 | |
| 751 | extern int soreserveheadroom; |
| 752 | |
| 753 | #endif /* BSD_KERNEL_PRIVATE */ |
| 754 | |
| 755 | struct mbuf; |
| 756 | struct sockaddr; |
| 757 | struct ucred; |
| 758 | struct uio; |
| 759 | |
| 760 | #define SOCK_MSG_SA 0x01 |
| 761 | #define SOCK_MSG_CONTROL 0x02 |
| 762 | #define SOCK_MSG_DATA 0x04 |
| 763 | |
| 764 | struct recv_msg_elem { |
| 765 | struct uio *uio; |
| 766 | struct sockaddr *psa; |
| 767 | struct mbuf *controlp; |
| 768 | int which; |
| 769 | int flags; |
| 770 | }; |
| 771 | __CCT_DECLARE_CONSTRAINED_PTR_TYPES(struct recv_msg_elem, recv_msg_elem); |
| 772 | |
| 773 | /* |
| 774 | * From uipc_socket and friends |
| 775 | */ |
| 776 | __BEGIN_DECLS |
| 777 | __ASSUME_PTR_ABI_SINGLE_BEGIN |
| 778 | /* Exported */ |
| 779 | extern int sbappendaddr(struct sockbuf *sb, struct sockaddr *asa, |
| 780 | struct mbuf *m0, struct mbuf *control, int *error_out); |
| 781 | extern int sbappendchain(struct sockbuf *sb, struct mbuf *m, int space); |
| 782 | extern int sbappendrecord(struct sockbuf *sb, struct mbuf *m0); |
| 783 | extern int sbappendrecord_nodrop(struct sockbuf *sb, struct mbuf *m0); |
| 784 | extern void sbflush(struct sockbuf *sb); |
| 785 | extern int sbspace(struct sockbuf *sb); |
| 786 | extern int soabort(struct socket *so); |
| 787 | extern void socantrcvmore(struct socket *so); |
| 788 | extern void socantsendmore(struct socket *so); |
| 789 | extern int sodisconnect(struct socket *so); |
| 790 | extern void sofree(struct socket *so); |
| 791 | extern void sofreelastref(struct socket *, int); |
| 792 | extern void soisconnected(struct socket *so); |
| 793 | extern boolean_t socanwrite(struct socket *so); |
| 794 | extern void soisconnecting(struct socket *so); |
| 795 | extern void soisdisconnected(struct socket *so); |
| 796 | extern void soisdisconnecting(struct socket *so); |
| 797 | extern struct socket *sonewconn(struct socket *head, int connstatus, |
| 798 | const struct sockaddr *from); |
| 799 | extern int sopoll(struct socket *so, int events, struct ucred *cred, void *wql); |
| 800 | extern int sooptcopyin(struct sockopt *sopt, void * __sized_by(len), size_t len, |
| 801 | size_t minlen) |
| 802 | __attribute__ ((warn_unused_result)); |
| 803 | extern int sooptcopyout(struct sockopt *sopt, void *data, size_t len) |
| 804 | __attribute__ ((warn_unused_result)); |
| 805 | extern int soopt_cred_check(struct socket *so, int priv, boolean_t allow_root, |
| 806 | boolean_t ignore_delegate); |
| 807 | extern int soreceive(struct socket *so, struct sockaddr **paddr, |
| 808 | struct uio *uio, struct mbuf **mp0, struct mbuf **controlp, int *flagsp); |
| 809 | extern int soreserve(struct socket *so, uint32_t sndcc, uint32_t rcvcc); |
| 810 | extern void soreserve_preconnect(struct socket *so, unsigned int pre_cc); |
| 811 | extern void sorwakeup(struct socket *so); |
| 812 | extern int sosend(struct socket *so, struct sockaddr *addr, struct uio *uio, |
| 813 | struct mbuf *top, struct mbuf *control, int flags); |
| 814 | extern int sosend_reinject(struct socket *so, struct sockaddr *addr, struct mbuf *top, |
| 815 | struct mbuf *control, uint32_t sendflags); |
| 816 | extern int sosend_list(struct socket *so, struct mbuf *pktlist, size_t total_pkt_len, u_int *pktcnt, int flags); |
| 817 | extern int soreceive_list(struct socket *so, struct recv_msg_elem *msgarray, |
| 818 | u_int msgcnt, int *flags); |
| 819 | extern int soreceive_m_list(struct socket *, u_int *, struct mbuf **madrp, |
| 820 | struct mbuf **, struct mbuf **, int *); |
| 821 | extern void sonullevent(struct socket *so, void *arg, uint32_t hint); |
| 822 | extern struct mbuf *sbconcat_mbufs(struct sockbuf *sb, struct sockaddr *asa, struct mbuf *m0, |
| 823 | struct mbuf *control); |
| 824 | |
| 825 | |
| 826 | __ASSUME_PTR_ABI_SINGLE_END |
| 827 | __END_DECLS |
| 828 | |
| 829 | #ifdef BSD_KERNEL_PRIVATE |
| 830 | struct file; |
| 831 | struct filedesc; |
| 832 | struct so_tcdbg; |
| 833 | |
| 834 | __BEGIN_DECLS |
| 835 | __ASSUME_PTR_ABI_SINGLE_BEGIN |
| 836 | /* Not exported */ |
| 837 | extern void socketinit(void); |
| 838 | extern struct sockaddr *dup_sockaddr(struct sockaddr *sa, int canwait); |
| 839 | extern int getsock(struct filedesc *fdp, int fd, struct file **fpp); |
| 840 | extern int sockargs(struct mbuf **mp, user_addr_t data, socklen_t buflen, int type); |
| 841 | extern void get_sockev_state(struct socket *, u_int32_t *); |
| 842 | extern void so_update_last_owner_locked(struct socket *, struct proc *); |
| 843 | extern void so_update_policy(struct socket *); |
| 844 | extern void so_acquire_accept_list(struct socket *, struct socket *); |
| 845 | extern void so_release_accept_list(struct socket *); |
| 846 | |
| 847 | extern int sbappend(struct sockbuf *sb, struct mbuf *m); |
| 848 | extern int sbappend_nodrop(struct sockbuf *sb, struct mbuf *m); |
| 849 | extern int sbappendstream(struct sockbuf *sb, struct mbuf *m); |
| 850 | extern int sbappendcontrol(struct sockbuf *sb, struct mbuf *m0, |
| 851 | struct mbuf *control, int *error_out); |
| 852 | extern int sbappendstream_rcvdemux(struct socket *so, struct mbuf *m); |
| 853 | #if MPTCP |
| 854 | extern int sbappendmptcpstream_rcv(struct sockbuf *sb, struct mbuf *m); |
| 855 | #endif /* MPTCP */ |
| 856 | extern void sbcheck(struct sockbuf *sb); |
| 857 | extern void sblastmbufchk(struct sockbuf *, const char *); |
| 858 | extern void sblastrecordchk(struct sockbuf *, const char *); |
| 859 | extern struct mbuf *sbcreatecontrol(caddr_t p, int size, int type, int level); |
| 860 | extern struct mbuf **sbcreatecontrol_mbuf(caddr_t p, int size, int type, |
| 861 | int level, struct mbuf **m); |
| 862 | extern void sbdrop(struct sockbuf *sb, int len); |
| 863 | extern void sbdroprecord(struct sockbuf *sb); |
| 864 | extern void sbrelease(struct sockbuf *sb); |
| 865 | extern int sbreserve(struct sockbuf *sb, uint32_t cc); |
| 866 | extern void sbtoxsockbuf(struct sockbuf *sb, struct xsockbuf *xsb); |
| 867 | extern int sbwait(struct sockbuf *sb); |
| 868 | extern void sbwakeup(struct sockbuf *sb); |
| 869 | extern void sb_empty_assert(struct sockbuf *, const char *); |
| 870 | extern int sb_notify(struct sockbuf *sb); |
| 871 | extern void sballoc(struct sockbuf *sb, struct mbuf *m); |
| 872 | extern void sbfree(struct sockbuf *sb, struct mbuf *m); |
| 873 | |
| 874 | /* Note: zero out the buffer and set sa_len to size */ |
| 875 | extern void * __header_indexable alloc_sockaddr(size_t size, zalloc_flags_t flags); |
| 876 | |
| 877 | #if XNU_TARGET_OS_OSX |
| 878 | #define free_sockaddr(sa) do { \ |
| 879 | __typed_allocators_ignore_push \ |
| 880 | kheap_free_addr(KHEAP_SONAME, (sa)); \ |
| 881 | __typed_allocators_ignore_pop \ |
| 882 | } while (0) |
| 883 | #else /* XNU_TARGET_OS_OSX */ |
| 884 | #define free_sockaddr(sa) do { \ |
| 885 | if ((sa) != NULL) { \ |
| 886 | __typed_allocators_ignore_push \ |
| 887 | kheap_free_bounded(KHEAP_SONAME, (sa), 1, UINT8_MAX); \ |
| 888 | __typed_allocators_ignore_pop \ |
| 889 | } \ |
| 890 | } while (0) |
| 891 | #endif /* XNU_TARGET_OS_OSX */ |
| 892 | |
| 893 | /* |
| 894 | * Flags to sblock(). |
| 895 | */ |
| 896 | #define SBL_WAIT 0x00000001 /* Wait if not immediately available. */ |
| 897 | #define SBL_NOINTR 0x00000002 /* Force non-interruptible sleep. */ |
| 898 | #define SBL_IGNDEFUNCT 0x00000004 /* Ignore defunct'd state */ |
| 899 | #define SBL_VALID (SBL_WAIT | SBL_NOINTR | SBL_IGNDEFUNCT) |
| 900 | extern int sblock(struct sockbuf *sb, uint32_t flags); |
| 901 | extern void sbunlock(struct sockbuf *sb, boolean_t keeplocked); |
| 902 | |
| 903 | extern int soaccept(struct socket *so, struct sockaddr **nam); |
| 904 | extern int soacceptlock(struct socket *so, struct sockaddr **nam, int dolock); |
| 905 | extern int soacceptfilter(struct socket *so, struct socket *head); |
| 906 | extern struct socket *soalloc(int waitok, int dom, int type); |
| 907 | extern int sobindlock(struct socket *so, struct sockaddr *nam, int dolock); |
| 908 | extern int soclose(struct socket *so); |
| 909 | extern int soclose_locked(struct socket *so); |
| 910 | extern void soclose_wait_locked(struct socket *so); |
| 911 | extern int soconnect(struct socket *so, struct sockaddr *nam); |
| 912 | extern int soconnectlock(struct socket *so, struct sockaddr *nam, int dolock); |
| 913 | extern int soconnect2(struct socket *so1, struct socket *so2); |
| 914 | extern int soconnectxlocked(struct socket *so, struct sockaddr *src, |
| 915 | struct sockaddr *dst, struct proc *, uint32_t, sae_associd_t, |
| 916 | sae_connid_t *, uint32_t, void *, u_int32_t, uio_t, user_ssize_t *); |
| 917 | extern int sodisconnectx(struct socket *so, sae_associd_t, sae_connid_t); |
| 918 | extern int sodisconnectxlocked(struct socket *so, sae_associd_t, sae_connid_t); |
| 919 | /* flags for socreate_internal */ |
| 920 | #define SOCF_MPTCP 0x1 /* MPTCP-subflow */ |
| 921 | extern int socreate_internal(int dom, struct socket **aso, int type, int proto, |
| 922 | struct proc *, uint32_t, struct proc *); |
| 923 | extern int socreate(int dom, struct socket **aso, int type, int proto); |
| 924 | extern int socreate_delegate(int dom, struct socket **aso, int type, int proto, |
| 925 | pid_t epid); |
| 926 | extern void sodealloc(struct socket *so); |
| 927 | extern int sodisconnectlocked(struct socket *so); |
| 928 | extern void soreference(struct socket *so); |
| 929 | extern void sodereference(struct socket *so); |
| 930 | extern void somultipages(struct socket *, boolean_t); |
| 931 | extern void soif2kcl(struct socket *, boolean_t); |
| 932 | extern int sosetdefunct(struct proc *, struct socket *, int level, boolean_t); |
| 933 | extern int sodefunct(struct proc *, struct socket *, int level); |
| 934 | extern int soresume(struct proc *, struct socket *, int); |
| 935 | extern void resume_proc_sockets(proc_t); |
| 936 | extern int so_check_extended_bk_idle_time(struct socket *); |
| 937 | extern void so_drain_extended_bk_idle(struct socket *); |
| 938 | extern void sohasoutofband(struct socket *so); |
| 939 | extern void sodisconnectwakeup(struct socket *so); |
| 940 | extern int soisthrottled(struct socket *so); |
| 941 | extern int soisprivilegedtraffic(struct socket *so); |
| 942 | extern int soissrcbackground(struct socket *so); |
| 943 | extern int soissrcrealtime(struct socket *so); |
| 944 | extern int soissrcbesteffort(struct socket *so); |
| 945 | extern void soclearfastopen(struct socket *so); |
| 946 | extern int solisten(struct socket *so, int backlog); |
| 947 | extern struct socket *sodropablereq(struct socket *head); |
| 948 | extern lck_mtx_t *socket_getlock(struct socket *so, int flags); |
| 949 | extern void socket_lock(struct socket *so, int refcount); |
| 950 | extern void socket_lock_assert_owned(struct socket *so); |
| 951 | extern int socket_try_lock(struct socket *so); |
| 952 | extern void socket_unlock(struct socket *so, int refcount); |
| 953 | extern int sogetaddr_locked(struct socket *, struct sockaddr **, int); |
| 954 | extern const char *solockhistory_nr(struct socket *); |
| 955 | extern void soevent(struct socket *so, uint32_t hint); |
| 956 | extern void sorflush(struct socket *so); |
| 957 | extern void sowflush(struct socket *so); |
| 958 | extern void sowakeup(struct socket *so, struct sockbuf *sb, struct socket *so2); |
| 959 | extern int soioctl(struct socket *so, u_long cmd, caddr_t data, struct proc *p); |
| 960 | extern int sogetoptlock(struct socket *so, struct sockopt *sopt, int); |
| 961 | extern int sosetoptlock(struct socket *so, struct sockopt *sopt, int); |
| 962 | extern int soshutdown(struct socket *so, int how); |
| 963 | extern int soshutdownlock(struct socket *so, int how); |
| 964 | extern int soshutdownlock_final(struct socket *so, int how); |
| 965 | extern void sotoxsocket(struct socket *so, struct xsocket *xso); |
| 966 | #if XNU_TARGET_OS_OSX |
| 967 | extern void sotoxsocket64(struct socket *so, struct xsocket64 *xso); |
| 968 | #endif /* XNU_TARGET_OS_OSX */ |
| 969 | extern int sosendallatonce(struct socket *so); |
| 970 | extern int soreadable(struct socket *so); |
| 971 | extern int sowriteable(struct socket *so); |
| 972 | extern void sowwakeup(struct socket *so); |
| 973 | extern int sosendcheck(struct socket *, struct sockaddr *, user_ssize_t, |
| 974 | int32_t, int32_t, int, int *); |
| 975 | |
| 976 | extern int soo_ioctl(struct fileproc *, u_long, caddr_t, vfs_context_t); |
| 977 | extern int soo_stat(struct socket *, void *, int); |
| 978 | extern int soo_select(struct fileproc *, int, void *, vfs_context_t); |
| 979 | extern int soo_kqfilter(struct fileproc *, struct knote *, struct kevent_qos_s *); |
| 980 | |
| 981 | #define TRACKER_DOMAIN_MAX 253 |
| 982 | #define TRACKER_DOMAIN_SHORT_MAX 63 |
| 983 | |
| 984 | typedef struct tracker_metadata { |
| 985 | uint32_t flags; |
| 986 | char domain[TRACKER_DOMAIN_MAX + 1]; |
| 987 | char domain_owner[TRACKER_DOMAIN_MAX + 1]; |
| 988 | } tracker_metadata_t; |
| 989 | |
| 990 | typedef struct tracker_metadata_short { |
| 991 | uint32_t flags; |
| 992 | char domain[TRACKER_DOMAIN_SHORT_MAX + 1]; |
| 993 | char domain_owner[TRACKER_DOMAIN_SHORT_MAX + 1]; |
| 994 | } tracker_metadata_short_t; |
| 995 | |
| 996 | extern int tracker_lookup(uuid_t app_uuid, struct sockaddr *, tracker_metadata_t *metadata); |
| 997 | |
| 998 | /* |
| 999 | * Socket flow management |
| 1000 | */ |
| 1001 | |
| 1002 | #define IS_INET(so) (so != NULL && (SOCK_CHECK_DOM(so, AF_INET) || SOCK_CHECK_DOM(so, AF_INET6))) |
| 1003 | #define IS_TCP(so) (so != NULL && SOCK_CHECK_TYPE(so, SOCK_STREAM) && SOCK_CHECK_PROTO(so, IPPROTO_TCP)) |
| 1004 | #define IS_UDP(so) (so != NULL && SOCK_CHECK_TYPE(so, SOCK_DGRAM) && SOCK_CHECK_PROTO(so, IPPROTO_UDP)) |
| 1005 | |
| 1006 | // For iOS, keep track of flows for UDP sockets only. |
| 1007 | // For OSX, keep track of flows for all datagram sockets. |
| 1008 | #if !XNU_TARGET_OS_OSX |
| 1009 | #define NEED_DGRAM_FLOW_TRACKING(so) (IS_INET(so) && IS_UDP(so)) |
| 1010 | #else |
| 1011 | #define NEED_DGRAM_FLOW_TRACKING(so) (IS_INET(so) && !IS_TCP(so)) |
| 1012 | #endif |
| 1013 | |
| 1014 | // Check if socket flow tracking is present for socket |
| 1015 | #define SOFLOW_ENABLED(so) (so != NULL && (so->so_flow_db != NULL)) |
| 1016 | |
| 1017 | extern struct soflow_hash_entry *soflow_get_flow(struct socket *, struct sockaddr *, struct sockaddr *, struct mbuf *, size_t, bool, u_short); |
| 1018 | extern void soflow_free_flow(struct soflow_hash_entry *); |
| 1019 | extern void soflow_detach(struct socket *); |
| 1020 | |
| 1021 | /* Service class flags used for setting service class on a packet */ |
| 1022 | #define PKT_SCF_IPV6 0x00000001 /* IPv6 packet */ |
| 1023 | #define PKT_SCF_TCP_ACK 0x00000002 /* Pure TCP ACK */ |
| 1024 | #define PKT_SCF_TCP_SYN 0x00000004 /* TCP SYN */ |
| 1025 | |
| 1026 | extern void set_packet_service_class(struct mbuf *, struct socket *, |
| 1027 | mbuf_svc_class_t, u_int32_t); |
| 1028 | extern void so_tc_update_stats(struct mbuf *, struct socket *, |
| 1029 | mbuf_svc_class_t); |
| 1030 | extern int so_tos_from_control(struct mbuf *); |
| 1031 | extern int so_tc_from_control(struct mbuf *, int *); |
| 1032 | extern mbuf_svc_class_t so_tc2msc(int); |
| 1033 | extern int so_svc2tc(mbuf_svc_class_t); |
| 1034 | |
| 1035 | extern void set_tcp_stream_priority(struct socket *so); |
| 1036 | |
| 1037 | extern int so_set_net_service_type(struct socket *, int); |
| 1038 | extern int so_set_traffic_class(struct socket *, int); |
| 1039 | extern void so_set_default_traffic_class(struct socket *); |
| 1040 | extern int so_set_opportunistic(struct socket *, int); |
| 1041 | extern int so_get_opportunistic(struct socket *); |
| 1042 | extern int so_set_recv_anyif(struct socket *, int); |
| 1043 | extern int so_get_recv_anyif(struct socket *); |
| 1044 | extern int so_set_effective_pid(struct socket *so, int epid, struct proc *p, boolean_t check_cred); |
| 1045 | extern int so_set_effective_uuid(struct socket *so, uuid_t euuid, struct proc *p, boolean_t check_cred); |
| 1046 | extern int so_set_restrictions(struct socket *, uint32_t); |
| 1047 | extern uint32_t so_get_restrictions(struct socket *); |
| 1048 | #if (DEVELOPMENT || DEBUG) |
| 1049 | extern int so_set_tcdbg(struct socket *, struct so_tcdbg *); |
| 1050 | extern int sogetopt_tcdbg(struct socket *, struct sockopt *); |
| 1051 | #endif /* (DEVELOPMENT || DEBUG) */ |
| 1052 | |
| 1053 | extern int so_isdstlocal(struct socket *); |
| 1054 | extern void so_recv_data_stat(struct socket *, struct mbuf *, size_t); |
| 1055 | extern void so_inc_recv_data_stat(struct socket *, size_t, size_t, uint32_t); |
| 1056 | extern int so_wait_for_if_feedback(struct socket *); |
| 1057 | extern int soopt_getm(struct sockopt *sopt, struct mbuf **mp); |
| 1058 | extern int soopt_mcopyin(struct sockopt *sopt, struct mbuf *m); |
| 1059 | extern int soopt_mcopyout(struct sockopt *sopt, struct mbuf *m); |
| 1060 | extern boolean_t so_cache_timer(void); |
| 1061 | |
| 1062 | extern void mptcp_fallback_sbdrop(struct socket *so, struct mbuf *m, int len); |
| 1063 | extern void mptcp_preproc_sbdrop(struct socket *, struct mbuf *, unsigned int); |
| 1064 | extern void mptcp_postproc_sbdrop(struct mbuf *, u_int64_t, u_int32_t, |
| 1065 | u_int32_t); |
| 1066 | |
| 1067 | extern void netpolicy_post_msg(uint32_t, struct netpolicy_event_data *, |
| 1068 | uint32_t); |
| 1069 | |
| 1070 | extern int tcp_notsent_lowat_check(struct socket *so); |
| 1071 | |
| 1072 | extern user_ssize_t recv_msg_array_resid(struct recv_msg_elem * __counted_by(count), u_int count); |
| 1073 | |
| 1074 | void sotoxsocket_n(struct socket *, struct xsocket_n *); |
| 1075 | void sbtoxsockbuf_n(struct sockbuf *, struct xsockbuf_n *); |
| 1076 | void sbtoxsockstat_n(struct socket *, struct xsockstat_n *); |
| 1077 | |
| 1078 | __ASSUME_PTR_ABI_SINGLE_END |
| 1079 | __END_DECLS |
| 1080 | #endif /* BSD_KERNEL_PRIVATE */ |
| 1081 | #endif /* KERNEL_PRIVATE */ |
| 1082 | |
| 1083 | // Tracker actions |
| 1084 | enum so_tracker_action { |
| 1085 | SO_TRACKER_ACTION_INVALID = 0, |
| 1086 | SO_TRACKER_ACTION_ADD = 1, |
| 1087 | SO_TRACKER_ACTION_DUMP_BY_APP = 2, |
| 1088 | SO_TRACKER_ACTION_DUMP_ALL = 3, |
| 1089 | SO_TRACKER_ACTION_DUMP_MAX, |
| 1090 | }; |
| 1091 | |
| 1092 | // Tracker TLV attributes |
| 1093 | enum so_tracker_attribute { |
| 1094 | SO_TRACKER_ATTRIBUTE_INVALID = 0, |
| 1095 | SO_TRACKER_ATTRIBUTE_ADDRESS_FAMILY = 1, |
| 1096 | SO_TRACKER_ATTRIBUTE_ADDRESS = 2, |
| 1097 | SO_TRACKER_ATTRIBUTE_APP_UUID = 3, |
| 1098 | SO_TRACKER_ATTRIBUTE_DOMAIN = 4, |
| 1099 | SO_TRACKER_ATTRIBUTE_DOMAIN_OWNER = 5, |
| 1100 | SO_TRACKER_ATTRIBUTE_FLAGS = 6, |
| 1101 | SO_TRACKER_ATTRIBUTE_DUMP_ENTRY = 7, |
| 1102 | SO_TRACKER_ATTRIBUTE_MEMORY_USED = 8, |
| 1103 | SO_TRACKER_ATTRIBUTE_MAX, |
| 1104 | }; |
| 1105 | |
| 1106 | // Tracker flags |
| 1107 | #define SO_TRACKER_ATTRIBUTE_FLAGS_APP_APPROVED 0x00000001 |
| 1108 | #define SO_TRACKER_ATTRIBUTE_FLAGS_TRACKER 0x00000002 |
| 1109 | #define SO_TRACKER_ATTRIBUTE_FLAGS_DOMAIN_SHORT 0x00000004 |
| 1110 | |
| 1111 | #ifndef KERNEL |
| 1112 | #define SO_TRACKER_TRANSPARENCY_VERSION 3 |
| 1113 | extern int tracker_action(int action, char *buffer, size_t buffer_size); |
| 1114 | #endif |
| 1115 | |
| 1116 | #endif /* !_SYS_SOCKETVAR_H_ */ |
| 1117 |
Generated while processing xnu/security/mac_audit.c
Generated on 2024-Jun-06 from project xnu revision 10063.121.3
Powered by 
Code Browser 2.1
Generator usage only permitted with license.