freebsd-nq/sys/kern
Gleb Smirnoff 9c64cfe56c The sendfile(2) allows to send extra data from userspace before the file
data (headers).  Historically the size of the headers was not checked
against the socket buffer space.  Application could easily overcommit the
socket buffer space.

With the new sendfile (r293439) the problem remained, but a KASSERT was
inserted that checked that amount of data written to the socket matches
its space.  In case when size of headers is bigger that socket space,
KASSERT fires.  Without INVARIANTS the new sendfile won't panic, but
would report incorrect amount of bytes sent.

o With this change, the headers copyin is moved down into the cycle, after
  the sbspace() check.  The uio size is trimmed by socket space there,
  which fixes the overcommit problem and its consequences.
o The compatibility handling for FreeBSD 4 sendfile headers API is pushed
  up the stack to syscall wrappers.  This required a copy and paste of the
  code, but in turn this allowed to remove extra stack carried parameter
  from fo_sendfile_t, and embrace entire compat code into #ifdef.  If in
  future we got more fo_sendfile_t function, the copy and paste level would
  even reduce.

Reviewed by:	emax, gallatin, Maxim Dounin <mdounin mdounin.ru>
Tested by:	Vitalij Satanivskij <satan ukr.net>
Sponsored by:	Netflix
2016-03-29 19:57:11 +00:00
..
bus_if.m Replace all resource occurrences of '0UL/~0UL' with '0/~0'. 2016-03-03 05:07:35 +00:00
capabilities.conf
clock_if.m
cpufreq_if.m
device_if.m
genassym.sh genassym.sh: call nm(1) with NMFLAGS. 2015-08-14 22:57:13 +00:00
imgact_aout.c Implement vsyscall hack. Prior to 2.13 glibc uses vsyscall 2016-01-09 20:18:53 +00:00
imgact_binmisc.c At the suggestion of jhb, replace atomic_set/clear calls with use of 2015-06-24 15:52:26 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c Remove some NULL checks for M_WAITOK allocations. 2016-03-29 13:56:59 +00:00
imgact_gzip.c Implement lockless resource limits. 2015-06-10 10:48:12 +00:00
imgact_shell.c
inflate.c
init_main.c Rename P_KTHREAD struct proc p_flag to P_KPROC. 2016-02-09 16:30:16 +00:00
init_sysent.c Regen. 2016-03-21 21:38:35 +00:00
kern_acct.c
kern_alq.c Use SI_SUB_LAST instead of SI_SUB_SMP as the "catch-all" subsystem. 2016-03-11 23:18:06 +00:00
kern_clock.c
kern_clocksource.c Fix typo in comment. 2015-07-20 09:37:42 +00:00
kern_condvar.c Use SCHEDULER_STOPPED() in cv_*wait*() instead of checking panicstr. 2016-03-01 22:51:44 +00:00
kern_conf.c Provide yet another KPI for cdev creation, make_dev_s(9). 2016-01-07 20:08:02 +00:00
kern_cons.c CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
kern_context.c
kern_cpu.c
kern_cpuset.c Un-static cpuset_which() - it's useful in other contexts, such as some 2015-06-26 04:14:05 +00:00
kern_ctf.c
kern_descrip.c The sendfile(2) allows to send extra data from userspace before the file 2016-03-29 19:57:11 +00:00
kern_dtrace.c
kern_dump.c - Unbreak dumpsys(9) on sparc64 after r276772 2015-11-16 23:02:33 +00:00
kern_environment.c Allow a dynamic env to override a compiled-in static env by passing in the 2016-02-21 18:35:01 +00:00
kern_et.c
kern_event.c Provide high precision conversion from ns,us,ms -> sbintime in kevent 2016-03-12 23:02:53 +00:00
kern_exec.c Remove some NULL checks for M_WAITOK allocations. 2016-03-29 13:56:59 +00:00
kern_exit.c session: avoid proctree lock on proc exit when possible 2016-01-20 23:33:58 +00:00
kern_fail.c fail(9): Only gather/print stacks if STACK is enabled 2016-03-17 01:05:53 +00:00
kern_ffclock.c
kern_fork.c Rename P_KTHREAD struct proc p_flag to P_KPROC. 2016-02-09 16:30:16 +00:00
kern_gzio.c Move zlib.c from net to libkern. 2015-04-22 14:38:58 +00:00
kern_hhook.c Check that hhk_helper pointer isn't NULL before access. 2015-11-25 07:14:58 +00:00
kern_idle.c
kern_intr.c The part of r285680 which removed release semantic for two stores to 2015-07-21 14:39:34 +00:00
kern_jail.c Fix jail name checking that disallowed anything that starts with '0'. 2015-12-15 17:25:00 +00:00
kern_khelp.c
kern_kthread.c Rename P_KTHREAD struct proc p_flag to P_KPROC. 2016-02-09 16:30:16 +00:00
kern_ktr.c Fix the logic in the ddb command 'show ktr /a'. Prior to r118269 it would 2016-01-31 17:32:20 +00:00
kern_ktrace.c ktrace: tidy up ktrstruct 2016-01-27 19:55:02 +00:00
kern_linker.c Remove some NULL checks for M_WAITOK allocations. 2016-03-29 13:56:59 +00:00
kern_lock.c Don't modify curthread->td_locks unless INVARIANTS is enabled. 2015-08-02 00:03:08 +00:00
kern_lockf.c
kern_lockstat.c Consistently use a reader/writer flag for lockstat probes in rwlock(9) and 2015-07-19 22:24:33 +00:00
kern_loginclass.c Speed up rctl operation with large rulesets, by holding the lock 2015-11-15 12:10:51 +00:00
kern_malloc.c Include sys/_task.h into uma_int.h, so that taskqueue.h isn't a 2016-02-09 20:22:35 +00:00
kern_mbuf.c Plug leak in m_unshare. 2016-03-26 23:39:53 +00:00
kern_mib.c Fix build after r295934. 2016-02-23 23:37:10 +00:00
kern_module.c Provide better debug message on kernel module name clash. 2015-10-10 09:21:55 +00:00
kern_mtxpool.c
kern_mutex.c Don't modify curthread->td_locks unless INVARIANTS is enabled. 2015-08-02 00:03:08 +00:00
kern_ntptime.c Use the monotonic (uptime) counter rather than time-of-day to measure elapsed 2015-07-12 18:38:17 +00:00
kern_numa.c Add an initial NUMA affinity/policy configuration for threads and processes. 2015-07-11 15:21:37 +00:00
kern_osd.c Move the various per-type arrays of OSD data into a single structure array. 2016-03-28 22:18:37 +00:00
kern_physio.c Create an API to reset a struct bio (g_reset_bio). This is mandatory 2016-02-17 17:16:02 +00:00
kern_pmc.c
kern_poll.c When a kernel has DEVICE_POLLING turned on but no drivers have 2015-04-14 14:22:34 +00:00
kern_priv.c
kern_proc.c Rename P_KTHREAD struct proc p_flag to P_KPROC. 2016-02-09 16:30:16 +00:00
kern_procctl.c If process becomes reaper (procctl(PROC_REAP_ACQUIRE)) while already 2015-08-20 22:44:26 +00:00
kern_prot.c Call crextend() before copying old credentials to the new credentials 2016-01-14 10:16:25 +00:00
kern_racct.c Rename P_KTHREAD struct proc p_flag to P_KPROC. 2016-02-09 16:30:16 +00:00
kern_rangelock.c
kern_rctl.c Fix the way RCTL handles rules' rrl_exceeded on credenials change. 2016-01-26 11:28:55 +00:00
kern_resource.c Implement process-shared locks support for libthr.so.3, without 2016-02-28 17:52:33 +00:00
kern_rmlock.c Threads holding a read lock of a sleepable rm lock are not permitted 2015-09-15 22:16:21 +00:00
kern_rwlock.c Don't modify curthread->td_locks unless INVARIANTS is enabled. 2015-08-02 00:03:08 +00:00
kern_sdt.c
kern_sema.c
kern_sendfile.c The sendfile(2) allows to send extra data from userspace before the file 2016-03-29 19:57:11 +00:00
kern_sharedpage.c Split kerne timekeep ABI structure vdso_sv_tk out of the struct 2015-11-23 07:09:35 +00:00
kern_shutdown.c Disable suspend when we're shutting down. This solves the "tell FreeBSD 2015-10-01 10:52:26 +00:00
kern_sig.c Add ptrace(2) reporting for LWP events. 2015-12-29 23:25:26 +00:00
kern_switch.c
kern_sx.c Don't modify curthread->td_locks unless INVARIANTS is enabled. 2015-08-02 00:03:08 +00:00
kern_synch.c Add td_swinvoltick to track last involuntary context switch 2016-03-25 19:35:29 +00:00
kern_syscalls.c Implement lockless resource limits. 2015-06-10 10:48:12 +00:00
kern_sysctl.c Evaluate the sysctl_running fail point before taking the sysctl lock. 2016-01-26 01:15:18 +00:00
kern_tc.c Define fhard in pps_event(..) only when PPS_SYNC is defined to mute 2015-11-02 03:14:37 +00:00
kern_thr.c Add ptrace(2) reporting for LWP events. 2015-12-29 23:25:26 +00:00
kern_thread.c Call kern_thr_exit() instead of duplicating it. 2015-12-29 23:16:20 +00:00
kern_time.c Verify that tv_sec value specified in settimeofday() and clock_settime() 2015-12-27 15:37:07 +00:00
kern_timeout.c If callout_stop_safe() noted that the callout is currently executing, 2016-03-02 18:46:17 +00:00
kern_umtx.c Implement process-shared locks support for libthr.so.3, without 2016-02-28 17:52:33 +00:00
kern_uuid.c
kern_xxx.c
ksched.c Use P1B_PRIO_MAX to designate max posix priority for the RR/FIFO 2015-08-30 18:02:57 +00:00
link_elf_obj.c Convert all panics from the link_elf_obj kernel linker for object 2016-03-07 18:44:06 +00:00
link_elf.c Remove useless checks for NULL before calling free(9), in the kernel 2016-02-10 21:35:00 +00:00
linker_if.m
Make.tags.inc Bring the tags and links entries for amd64 up to date. 2015-10-27 22:59:24 +00:00
Makefile
makesyscalls.sh Do not include system call wrappers in libc for old FreeBSD system calls. 2016-03-12 22:53:46 +00:00
md4c.c
md5c.c
p1003_1b.c In preparation for switching linuxulator to the use the native 1:1 2015-05-24 14:44:06 +00:00
pic_if.m Generalize IPI support for ARM intrng and use it for interrupt 2016-03-24 09:55:11 +00:00
posix4_mib.c Simplify AIO initialization now that it is standard. 2016-03-09 19:05:11 +00:00
sched_4bsd.c kgdb uses td_oncpu to determine if a thread is running and should use 2015-08-03 20:43:36 +00:00
sched_ule.c Summary: Add the interactivity equations to the header comment for our 2015-08-26 16:36:41 +00:00
serdev_if.m
stack_protector.c Use nitems() macro instead of __arraycount() 2015-06-16 20:19:00 +00:00
subr_acl_nfs4.c Expose an interface to determine if an ACE is inherited. 2015-09-04 00:14:20 +00:00
subr_acl_posix1e.c
subr_autoconf.c
subr_blist.c
subr_bufring.c
subr_bus_dma.c Fix a bug introduced in r291716: 2016-01-11 20:38:39 +00:00
subr_bus.c Move pccard_safe_quote() up to subr_bus.c and rename to 2016-03-28 20:16:29 +00:00
subr_busdma_bufalloc.c Fix printf format to allow for bus_size_t not being u_long on all platforms. 2015-10-20 03:25:17 +00:00
subr_capability.c capsicum: plug spurious memset in __cap_rights_init 2015-12-01 02:48:42 +00:00
subr_clock.c
subr_counter.c Free the temporary buffer in sysctl_handle_counter_u64_array(). 2016-03-15 00:21:32 +00:00
subr_devstat.c
subr_disk.c
subr_dummy_vdso_tc.c
subr_eventhandler.c
subr_fattime.c
subr_firmware.c Create a dedicated function for ensuring that cdir and rdir are populated. 2015-07-11 16:22:48 +00:00
subr_hash.c
subr_hints.c
subr_intr.c Generalize IPI support for ARM intrng and use it for interrupt 2016-03-24 09:55:11 +00:00
subr_kdb.c
subr_kobj.c
subr_lock.c
subr_log.c
subr_mbpool.c
subr_mchain.c These files were getting sys/malloc.h and vm/uma.h with header pollution 2016-02-01 17:41:21 +00:00
subr_module.c preload_search_info: make sure mod is set 2015-08-21 15:57:57 +00:00
subr_msgbuf.c
subr_param.c Ensure that maxproc does not exceed pid_max, at the time of boot. 2015-09-21 15:02:59 +00:00
subr_pcpu.c
subr_pctrie.c
subr_power.c
subr_prf.c Add vlog(9). 2015-11-19 05:50:22 +00:00
subr_prof.c
subr_rman.c Use uintmax_t (typedef'd to rman_res_t type) for rman ranges. 2016-03-18 01:28:41 +00:00
subr_rtc.c
subr_sbuf.c Fail the sbuf if vsnprintf(3) fails. 2015-10-02 09:23:14 +00:00
subr_scanf.c
subr_sfbuf.c
subr_sglist.c
subr_sleepqueue.c fail(9): Only gather/print stacks if STACK is enabled 2016-03-17 01:05:53 +00:00
subr_smp.c Since r289279 bufinit() uses mp_ncpus, but some architectures set this 2015-11-08 14:26:50 +00:00
subr_stack.c Add support for a configurable output channel to witness(4). 2015-11-19 05:56:59 +00:00
subr_syscall.c Support an arbitrary number of arguments to DTrace syscall probes. 2015-12-17 00:00:27 +00:00
subr_taskqueue.c Remove taskqueue_enqueue_fast(). 2016-03-01 17:47:32 +00:00
subr_terminal.c
subr_trap.c racct: perform a lockless check for p_throttled 2015-07-13 22:52:11 +00:00
subr_turnstile.c Finish r173600. There is no need to test a condition if both cases 2016-02-10 21:16:37 +00:00
subr_uio.c Add asynchronous command support to the pass(4) driver, and the new 2015-12-03 20:54:55 +00:00
subr_unit.c
subr_vmem.c CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
subr_witness.c The buffer passed to an sbuf drain callback is not necessarily 2015-11-23 18:45:35 +00:00
sys_capability.c Introduce kern_cap_rights_limit(). 2015-08-11 08:43:50 +00:00
sys_generic.c Improve error handling for posix_fallocate(2) and posix_fadvise(2). 2016-02-25 19:58:23 +00:00
sys_pipe.c Make pipes in CloudABI work. 2015-07-29 17:18:27 +00:00
sys_procdesc.c The si_status field of the siginfo_t, provided by the waitid(2) and 2015-07-18 09:02:50 +00:00
sys_process.c Add ptrace(2) reporting for LWP events. 2015-12-29 23:25:26 +00:00
sys_socket.c Refactor the AIO subsystem to permit file-type-specific handling and 2016-03-01 18:12:14 +00:00
syscalls.c Regen. 2016-03-21 21:38:35 +00:00
syscalls.master Fully handle size_t lengths in AIO requests. 2016-03-21 21:37:33 +00:00
systrace_args.c Regen. 2016-03-21 21:38:35 +00:00
sysv_ipc.c
sysv_msg.c Add kern.racct.enable tunable and RACCT_DISABLED config option. 2015-04-29 10:23:02 +00:00
sysv_sem.c semget(): Check for [EEXIST] error first. 2016-02-07 22:12:39 +00:00
sysv_shm.c Change the default setting of kern.ipc.shm_allow_removed from 0 to 1. 2015-10-10 09:29:47 +00:00
tty_compat.c
tty_info.c
tty_inq.c
tty_outq.c
tty_pts.c Implement lockless resource limits. 2015-06-10 10:48:12 +00:00
tty_tty.c tty: replace several curthread->td_proc with stored curproc 2015-07-06 18:53:56 +00:00
tty_ttydisc.c Don't clear the software flow control flag before draining for last 2016-01-26 14:46:39 +00:00
tty.c Don't clear the software flow control flag before draining for last 2016-01-26 14:46:39 +00:00
uipc_accf.c
uipc_debug.c Refactor the AIO subsystem to permit file-type-specific handling and 2016-03-01 18:12:14 +00:00
uipc_domain.c CALLOUT_MPSAFE has lost its meaning since r141428, i.e., for more than ten 2015-05-22 17:05:21 +00:00
uipc_mbuf2.c Add const-qualifiers for source mbuf argument in m_dup(), m_copym(), 2015-08-08 15:50:46 +00:00
uipc_mbuf.c Plug leak in m_unshare. 2016-03-26 23:39:53 +00:00
uipc_mbufhash.c
uipc_mqueue.c fd: remove filedesc argument from fdclose 2015-04-11 15:40:28 +00:00
uipc_sem.c Call ksem_get() with initialized 'rights'. 2015-07-23 23:18:03 +00:00
uipc_shm.c Implement process-shared locks support for libthr.so.3, without 2016-02-28 17:52:33 +00:00
uipc_sockbuf.c Refactor the AIO subsystem to permit file-type-specific handling and 2016-03-01 18:12:14 +00:00
uipc_socket.c o "avaliable" -> "available". 2016-03-21 08:03:50 +00:00
uipc_syscalls.c - Separate sendfile(2) implementation from uipc_syscalls.c into 2016-01-22 02:23:18 +00:00
uipc_usrreq.c Remove the errno argument from unp_drop(). 2016-02-26 12:46:34 +00:00
vfs_acl.c Replace struct filedesc argument in getvnode with struct thread 2015-06-16 13:09:18 +00:00
vfs_aio.c Fully handle size_t lengths in AIO requests. 2016-03-21 21:37:33 +00:00
vfs_bio.c Minor grammar fix in comment. 2016-02-07 16:18:12 +00:00
vfs_cache.c Provide more correct sizing of the KVA consumed by a vnode, used by 2016-02-24 15:15:46 +00:00
vfs_cluster.c The bread() function was inconsistent about whether it would return 2016-01-27 21:23:01 +00:00
vfs_default.c Simplify AIO initialization now that it is standard. 2016-03-09 19:05:11 +00:00
vfs_export.c Pass the expected struct radix_node_head * to vfs_free_netcred. 2016-03-24 04:40:07 +00:00
vfs_extattr.c Replace struct filedesc argument in getvnode with struct thread 2015-06-16 13:09:18 +00:00
vfs_hash.c Track changes to kern.maxvnodes and appropriately increase or decrease 2015-09-06 05:50:51 +00:00
vfs_init.c sysctl: switch sysctllock to a sleepable rmlock, take 2 2015-09-15 23:06:56 +00:00
vfs_lookup.c Refactor the way we restore cn_lkflags; no functional changes. 2016-03-12 09:05:43 +00:00
vfs_mount.c Do not copy by field when converting struct oexport_args to struct 2016-02-04 16:32:21 +00:00
vfs_mountroot.c Wait for root mount tokens before showing the root mount prompt. 2016-03-22 13:46:01 +00:00
vfs_subr.c Provide more correct sizing of the KVA consumed by a vnode, used by 2016-02-24 15:15:46 +00:00
vfs_syscalls.c Simplify AIO initialization now that it is standard. 2016-03-09 19:05:11 +00:00
vfs_vnops.c The struct file f_advice member is overlaid with the devfs f_cdevpriv 2016-01-22 20:35:20 +00:00
vnode_if.src A change to KPI of vm_pager_get_pages() and underlying VOP_GETPAGES(). 2015-12-16 21:30:45 +00:00