diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index ce618eeba3ba..c040bdf4d3eb 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -769,6 +769,13 @@ solisten_clone(struct socket *head) so->so_fibnum = head->so_fibnum; so->so_proto = head->so_proto; so->so_cred = crhold(head->so_cred); + if (V_socket_hhh[HHOOK_SOCKET_NEWCONN]->hhh_nhooks > 0) { + if (hhook_run_socket(so, head, HHOOK_SOCKET_NEWCONN)) { + sodealloc(so); + log(LOG_DEBUG, "%s: hhook run failed\n", __func__); + return (NULL); + } + } #ifdef MAC mac_socket_newconn(head, so); #endif diff --git a/sys/sys/socketvar.h b/sys/sys/socketvar.h index cba7dd655aa0..15d770721361 100644 --- a/sys/sys/socketvar.h +++ b/sys/sys/socketvar.h @@ -414,7 +414,8 @@ MALLOC_DECLARE(M_SONAME); #define HHOOK_FILT_SOREAD 4 #define HHOOK_FILT_SOWRITE 5 #define HHOOK_SOCKET_CLOSE 6 -#define HHOOK_SOCKET_LAST HHOOK_SOCKET_CLOSE +#define HHOOK_SOCKET_NEWCONN 7 +#define HHOOK_SOCKET_LAST HHOOK_SOCKET_NEWCONN struct socket_hhook_data { struct socket *so;