rctl.c revision 532877c46d04a2d0b254f9b5797720078adcea07
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <sys/id_space.h>
#include <sys/resource.h>
/*
* Resource controls (rctls)
*
* The rctl subsystem provides a mechanism for kernel components to
* register their individual resource controls with the system as a whole,
* such that those controls can subscribe to specific actions while being
* associated with the various process-model entities provided by the kernel:
* the process, the task, the project, and the zone. (In principle, only
* minor modifications would be required to connect the resource control
* functionality to non-process-model entities associated with the system.)
*
* Subsystems register their rctls via rctl_register(). Subsystems
* also wishing to provide additional limits on a given rctl can modify
* them once they have the rctl handle. Each subsystem should store the
* handle to their rctl for direct access.
*
* A primary dictionary, rctl_dict, contains a hash of id to the default
* control definition for each controlled resource-entity pair on the system.
* A secondary dictionary, rctl_dict_by_name, contains a hash of name to
* resource control handles. The resource control handles are distributed by
* the rctl_ids ID space. The handles are private and not to be
* advertised to userland; all userland interactions are via the rctl
* names.
*
* Entities inherit their rctls from their predecessor. Since projects have
* no ancestor, they inherit their rctls from the rctl dict for project
* rctls. It is expected that project controls will be set to their
* appropriate values shortly after project creation, presumably from a
* policy source such as the project database.
*
* Data structures
* The rctl_set_t attached to each of the process model entities is a simple
* hash table keyed on the rctl handle assigned at registration. The entries
* in the hash table are rctl_t's, whose relationship with the active control
* values on that resource and with the global state of the resource we
* illustrate below:
*
* rctl_dict[key] --> rctl_dict_entry
* ^
* |
* +--+---+
* rctl_set[key] ---> | rctl | --> value <-> value <-> system value --> NULL
* +--+---+ ^
* | |
* +------- cursor ------+
*
* That is, the rctl contains a back pointer to the global resource control
* state for this resource, which is also available in the rctl_dict hash
* table mentioned earlier. The rctl contains two pointers to resource
* control values: one, values, indicates the entire sequence of control
* values; the other, cursor, indicates the currently active control
* value--the next value to be enforced. The value list itself is an open,
* doubly-linked list, the last non-NULL member of which is the system value
* for that resource (being the theoretical/conventional maximum allowable
* value for the resource on this OS instance).
*
* Ops Vector
* Subsystems publishing rctls need not provide instances of all of the
* functions specified by the ops vector. In particular, if general
* rctl_*() entry points are not being called, certain functions can be
* omitted. These align as follows:
*
* rctl_set()
* You may wish to provide a set callback if locking circumstances prevent
* it or if the performance cost of requesting the enforced value from the
* resource control is prohibitively expensive. For instance, the currently
* enforced file size limit is stored on the process in the p_fsz_ctl to
* maintain read()/write() performance.
*
* rctl_test()
* You must provide a test callback if you are using the rctl_test()
* interface. An action callback is optional.
*
* rctl_action()
* You may wish to provide an action callback.
*
* Registration
* New resource controls can be added to a running instance by loaded modules
* via registration. (The current implementation does not support unloadable
* modules; this functionality can be added if needed, via an
* activation/deactivation interface involving the manipulation of the
* ops vector for the resource control(s) needing to support unloading.)
*
* Control value ordering
* Because the rctl_val chain on each rctl must be navigable in a
* deterministic way, we have to define an ordering on the rctl_val_t's. The
* defined order is (flags & [maximal], value, flags & [deny-action],
* privilege).
*
* Locking
* rctl_dict_lock must be acquired prior to rctl_lists_lock. Since
* rctl_dict_lock or rctl_lists_lock can be called at the enforcement point
* of any subsystem, holding subsystem locks, it is at all times inappropriate
* to call kmem_alloc(., KM_SLEEP) while holding either of these locks.
* Traversing any of the various resource control entity lists requires
* holding rctl_lists_lock.
*
* Each individual resource control set associated with an entity must have
* its rcs_lock held for the duration of any operations that would add
* resource controls or control values to the set.
*
* The locking subsequence of interest is: p_lock, rctl_dict_lock,
* rctl_lists_lock, entity->rcs_lock.
*
* The projects(4) database and project entity resource controls
* A special case is made for RCENTITY_PROJECT values set through the
* setproject(3PROJECT) interface. setproject() makes use of a private
* interface, setprojrctl(), which passes through an array of resource control
* blocks that need to be set while holding the entity->rcs_lock. This
* ensures that the act of modifying a project's resource controls is
* "atomic" within the kernel.
*
* Within the rctl sub-system, we provide two interfaces that are only used by
* the setprojrctl() code path - rctl_local_insert_all() and
* rctl_local_replace_all(). rctl_local_insert_all() will ensure that the
* resource values specified in *new_values are applied.
* rctl_local_replace_all() will purge the current rctl->rc_projdb and
* rctl->rc_values entries, and apply the *new_values.
*
* These functions modify not only the linked list of active resource controls
* (rctl->rc_values), but also a "cached" linked list (rctl->rc_projdb) of
* values set through these interfaces. To clarify:
*
* rctl->rc_values - a linked list of rctl_val_t. These are the active
* resource values associated with this rctl, and may have been set by
* setrctl() - via prctl(1M), or by setprojrctl() - via
* setproject(3PROJECT).
*
* rctl->rc_projdb - a linked list of rctl_val_t. These reflect the
* resource values set by the setprojrctl() code path. rc_projdb is not
* referenced by any other component of the rctl sub-system.
*
* As various locks are held when calling these functions, we ensure that all
* the possible memory allocations are performed prior to calling the
* function. *alloc_values is a linked list of uninitialized rctl_val_t,
* which may be used to duplicate a new resource control value (passed in as
* one of the members of the *new_values linked list), in order to populate
* rctl->rc_values.
*/
int rctl_dict_size = 64;
int rctl_set_size = 8;
/*
* Default resource control operations and ops vector
* To be used if the particular rcontrol has no specific actions defined, or
* if the subsystem providing the control is quiescing (in preparation for
* unloading, presumably.)
*
* Resource controls with callbacks should fill the unused operations with the
* appropriate default impotent callback.
*/
/*ARGSUSED*/
void
{
}
/*ARGSUSED*/
{
return (0);
}
/*ARGSUSED*/
int
{
return (0);
}
/*ARGSUSED*/
int
{
return (0);
}
};
/*
* Default "absolute" resource control operation and ops vector
* Useful if there is no usage associated with the
* resource control.
*/
/*ARGSUSED*/
int
{
}
};
/*ARGSUSED*/
static uint_t
{
}
static int
{
return (1);
return (0);
return (-1);
}
static void
{
}
/*
* size_t rctl_build_name_buf()
*
* Overview
* rctl_build_name_buf() walks all active resource controls in the dictionary,
* building a buffer of continguous NUL-terminated strings.
*
* Return values
* The size of the buffer is returned, the passed pointer's contents are
* modified to that of the location of the buffer.
*
* Caller's context
* Caller must be in a context suitable for KM_SLEEP allocations.
*/
rctl_build_name_buf(char **rbufp)
{
char *rbufloc;
int i;
/*
* Calculate needed buffer length.
*/
for (i = 0; i < RC_MAX_ENTITY + 1; i++) {
for (rde = rctl_lists[i];
}
/*
* Copy rctl names into our buffer. If the copy length exceeds the
* allocate length (due to registration changes), stop copying, free the
* buffer, and start again.
*/
for (i = 0; i < RC_MAX_ENTITY + 1; i++) {
for (rde = rctl_lists[i];
goto rctl_rebuild_name_buf;
}
}
}
return (req_size);
}
/*
* rctl_dict_entry_t *rctl_dict_lookup(const char *)
*
* Overview
* rctl_dict_lookup() returns the resource control dictionary entry for the
* named resource control.
*
* Return values
* A pointer to the appropriate resource control dictionary entry, or NULL if
* no such named entry exists.
*
* Caller's context
* Caller must not be holding rctl_dict_lock.
*/
rctl_dict_lookup(const char *name)
{
return (NULL);
}
return (rde);
}
/*
* rctl_hndl_t rctl_hndl_lookup(const char *)
*
* Overview
* rctl_hndl_lookup() returns the resource control id (the "handle") for the
* named resource control.
*
* Return values
* The appropriate id, or -1 if no such named entry exists.
*
* Caller's context
* Caller must not be holding rctl_dict_lock.
*/
rctl_hndl_lookup(const char *name)
{
return (-1);
}
/*
* rctl_dict_entry_t * rctl_dict_lookup_hndl(rctl_hndl_t)
*
* Overview
* rctl_dict_lookup_hndl() completes the public lookup functions, by returning
* the resource control dictionary entry matching a given resource control id.
*
* Return values
* A pointer to the matching resource control dictionary entry, or NULL if the
* id does not match any existing entries.
*
* Caller's context
* Caller must not be holding rctl_lists_lock.
*/
{
uint_t i;
for (i = 0; i < RC_MAX_ENTITY + 1; i++) {
for (rde = rctl_lists[i];
return (rde);
}
}
return (NULL);
}
/*
* void rctl_add_default_limit(const char *name, rctl_qty_t value,
* rctl_priv_t privilege, uint_t action)
*
* Overview
* Create a default limit with specified value, privilege, and action.
*
* Return value
* No value returned.
*/
void
{
}
/*
* void rctl_add_legacy_limit(const char *name, const char *mname,
* const char *lname, rctl_qty_t dflt)
*
* Overview
* Create a default privileged limit, using the value obtained from
* value. Exists primarily for System V IPC.
*
* Return value
* No value returned.
*/
void
{
}
static rctl_set_t *
{
return (NULL);
switch (rcd->rcd_entity) {
case RCENTITY_PROCESS:
break;
case RCENTITY_TASK:
break;
case RCENTITY_PROJECT:
break;
case RCENTITY_ZONE:
break;
default:
break;
}
return (rset);
}
static void
rctl_entity_p_t *e)
{
switch (entity) {
case RCENTITY_PROCESS:
break;
case RCENTITY_TASK:
break;
case RCENTITY_PROJECT:
break;
case RCENTITY_ZONE:
break;
default:
break;
}
}
static void
{
uint_t i;
if (rcgp->rcag_nctls > 0) {
}
}
if (rcgp->rcag_nvals > 0) {
}
}
}
static rctl_val_t *
{
rcgp->rcag_nvals--;
return (rval);
}
static rctl_t *
{
rcgp->rcag_nctls--;
return (rctl);
}
static void
{
}
}
}
/*
* void rctl_prealloc_destroy(rctl_alloc_gp_t *)
*
* Overview
* Release all unused memory allocated via one of the "prealloc" functions:
* rctl_set_init_prealloc, rctl_set_dup_prealloc, or rctl_rlimit_set_prealloc.
*
* Return values
* None.
*
* Caller's context
* No restrictions on context.
*/
void
{
}
/*
* int rctl_val_cmp(rctl_val_t *, rctl_val_t *, int)
*
* Overview
* This function defines an ordering to rctl_val_t's in order to allow
* for correct placement in value lists. When the imprecise flag is set,
* the action recipient is ignored. This is to facilitate insert,
* delete, and replace operations by rctlsys.
*
* Return values
* 0 if the val_t's are are considered identical
* -1 if a is ordered lower than b
* 1 if a is lowered higher than b
*
* Caller's context
* No restrictions on context.
*/
int
{
if ((a->rcv_flagaction & RCTL_LOCAL_MAXIMAL) <
(b->rcv_flagaction & RCTL_LOCAL_MAXIMAL))
return (-1);
if ((a->rcv_flagaction & RCTL_LOCAL_MAXIMAL) >
(b->rcv_flagaction & RCTL_LOCAL_MAXIMAL))
return (1);
return (-1);
return (1);
if ((a->rcv_flagaction & RCTL_LOCAL_DENY) <
(b->rcv_flagaction & RCTL_LOCAL_DENY))
return (-1);
if ((a->rcv_flagaction & RCTL_LOCAL_DENY) >
(b->rcv_flagaction & RCTL_LOCAL_DENY))
return (1);
if (a->rcv_privilege < b->rcv_privilege)
return (-1);
if (a->rcv_privilege > b->rcv_privilege)
return (1);
if (imprecise)
return (0);
if (a->rcv_action_recip_pid < b->rcv_action_recip_pid)
return (-1);
if (a->rcv_action_recip_pid > b->rcv_action_recip_pid)
return (1);
return (0);
}
static rctl_val_t *
{
return (rval);
}
return (NULL);
}
/*
* int rctl_val_list_insert(rctl_val_t **, rctl_val_t *)
*
* Overview
* This function inserts the rctl_val_t into the value list provided.
* The insert is always successful unless if the value is a duplicate
* of one already in the list.
*
* Return values
* 1 if the value was a duplicate of an existing value in the list.
* 0 if the insert was successful.
*/
int
{
int equiv;
return (0);
}
if (equiv == 0)
return (1);
if (equiv < 0) {
return (0);
}
}
if (equiv == 0)
return (1);
return (0);
}
static int
{
return (-1);
return (0);
}
}
/*
* If we navigate the entire list and cannot find a match, then
* return failure.
*/
return (-1);
}
return (0);
}
static rctl_val_t *
{
} else {
}
} else {
}
}
return (head);
}
static void
{
rval->rcv_firing_time = 0;
}
static uint_t
{
uint_t n = 0;
n++;
return (n);
}
static void
{
}
}
/*
* rctl_qty_t rctl_model_maximum(rctl_dict_entry_t *, struct proc *)
*
* Overview
* In cases where the operating system supports more than one process
* addressing model, the operating system capabilities will exceed those of
* one or more of these models. Processes in a less capable model must have
* their resources accurately controlled, without diluting those of their
* descendants reached via exec(). rctl_model_maximum() returns the governing
* value for the specified process with respect to a resource control, such
* that the value can used for the RCTLOP_SET callback or compatability
* support.
*
* Return values
* The maximum value for the given process for the specified resource control.
*
* Caller's context
* No restrictions on context.
*/
{
if (p->p_model == DATAMODEL_NATIVE)
return (rde->rcd_max_native);
return (rde->rcd_max_ilp32);
}
/*
* rctl_qty_t rctl_model_value(rctl_dict_entry_t *, struct proc *, rctl_qty_t)
*
* Overview
* Convenience function wrapping the rctl_model_maximum() functionality.
*
* Return values
* The lesser of the process's maximum value and the given value for the
* specified resource control.
*
* Caller's context
* No restrictions on context.
*/
{
}
static void
{
return;
}
return;
}
return;
}
}
}
/*
* rctl_set_t *rctl_set_create()
*
* Overview
* Create an empty resource control set, suitable for attaching to a
* controlled entity.
*
* Return values
* A pointer to the newly created set.
*
* Caller's context
* Safe for KM_SLEEP allocations.
*/
{
KM_SLEEP);
return (rset);
}
/*
* rctl_gp_alloc_t *rctl_set_init_prealloc(rctl_entity_t)
*
* Overview
* rctl_set_init_prealloc() examines the globally defined resource controls
* and their default values and returns a resource control allocation group
* populated with sufficient controls and values to form a representative
* resource control set for the specified entity.
*
* Return values
* A pointer to the newly created allocation group.
*
* Caller's context
* Caller must be in a context suitable for KM_SLEEP allocations.
*/
{
return (ragp);
ragp->rcag_nctls++;
}
return (ragp);
}
/*
* rctl_set_t *rctl_set_init(rctl_entity_t)
*
* Overview
* rctl_set_create() creates a resource control set, initialized with the
* system infinite values on all registered controls, for attachment to a
* system entity requiring resource controls, such as a process or a task.
*
* Return values
* A pointer to the newly filled set.
*
* Caller's context
* Caller must be holding p_lock on entry so that RCTLOP_SET() functions
* may modify task and project members based on the proc structure
* they are passed.
*/
{
ASSERT(e);
return (rset);
}
return (rset);
}
static rctl_t *
{
break;
}
}
return (dup);
}
static void
{
uint_t i;
for (i = 0; i < rctl_set_size; i++) {
while (r != NULL) {
ragp->rcag_nctls++;
r = r->rc_next;
}
}
}
/*
* rctl_alloc_gp_t *rctl_set_dup_prealloc(rctl_set_t *)
*
* Overview
* Given a resource control set, allocate a sufficiently large allocation
* group to contain a duplicate of the set.
*
* Return value
* A pointer to the newly created allocation group.
*
* Caller's context
* Safe for KM_SLEEP allocations.
*/
{
return (ragp);
}
/*
* int rctl_set_dup_ready(rctl_set_t *, rctl_alloc_gp_t *)
*
* Overview
* Verify that the allocation group provided is large enough to allow a
* duplicate of the given resource control set to be constructed from its
* contents.
*
* Return values
* 1 if the allocation group is sufficiently large, 0 otherwise.
*
* Caller's context
* rcs_lock must be held prior to entry.
*/
int
{
return (1);
return (0);
}
/*
* rctl_set_t *rctl_set_dup(rctl_set_t *, struct proc *, struct proc *,
* rctl_set_t *, rctl_alloc_gp_t *, int)
*
* Overview
* Make a duplicate of the resource control set. The proc pointers are those
* of the owning process and of the process associated with the entity
* receiving the duplicate.
*
* Duplication is a 3 stage process. Stage 1 is memory allocation for
* the duplicate set, which is taken care of by rctl_set_dup_prealloc().
* Stage 2 consists of copying all rctls and values from the old set into
* the new. Stage 3 completes the duplication by performing the appropriate
* callbacks for each rctl in the new set.
*
* Stages 2 and 3 are handled by calling rctl_set_dup with the RCD_DUP and
* RCD_CALLBACK functions, respectively. The RCD_CALLBACK flag may only
* be supplied if the newp proc structure reflects the new task and
* project linkage.
*
* Return value
* A pointer to the duplicate set.
*
* Caller's context
* The rcs_lock of the set to be duplicated must be held prior to entry.
*/
{
uint_t i;
ASSERT(e);
/*
* When copying the old set, iterate over that. Otherwise, when
* only callbacks have been requested, iterate over the dup set.
*/
} else {
}
for (i = 0; i < rctl_set_size; i++) {
rctl_t *d;
while (r != NULL) {
} else {
d = r;
}
if (flag & RCD_CALLBACK)
RCTLOP_SET(d, newp, e,
r = r->rc_next;
}
}
return (dup);
}
/*
* void rctl_set_free(rctl_set_t *)
*
* Overview
* Delete resource control set and all attached values.
*
* Return values
* No value returned.
*
* Caller's context
* No restrictions on context.
*/
void
{
uint_t i;
for (i = 0; i < rctl_set_size; i++) {
while (r != NULL) {
rctl_val_t *v = r->rc_values;
r = n;
}
}
}
/*
* void rctl_set_reset(rctl_set_t *)
*
* Overview
* Resets all rctls within the set such that the lowest value becomes active.
*
* Return values
* No value returned.
*
* Caller's context
* No restrictions on context.
*/
void
{
uint_t i;
ASSERT(e);
for (i = 0; i < rctl_set_size; i++) {
while (r != NULL) {
r = r->rc_next;
}
}
}
/*
* void rctl_set_tearoff(rctl_set *, struct proc *)
*
* Overview
* Tear off any resource control values on this set with an action recipient
* equal to the specified process (as they are becoming invalid with the
* process's departure from this set as an observer).
*
* Return values
* No value returned.
*
* Caller's context
* No restrictions on context
*/
void
{
uint_t i;
for (i = 0; i < rctl_set_size; i++) {
while (r != NULL) {
rval->rcv_action_recipient == p) {
(void) rctl_val_list_delete(
goto tearoff_rewalk_list;
}
}
r = r->rc_next;
}
}
}
static int
{
return (0);
}
}
return (-1);
}
/*
* rlim64_t rctl_enforced_value(rctl_hndl_t, rctl_set_t *, struct proc *)
*
* Overview
* Given a process, get the next enforced value on the rctl of the specified
* handle.
*
* Return value
* The enforced value.
*
* Caller's context
* For controls on process collectives, p->p_lock must be held across the
* operation.
*/
/*ARGSUSED*/
{
else
return (ret);
}
/*
* int rctl_global_get(const char *, rctl_dict_entry_t *)
*
* Overview
* Copy a sanitized version of the global rctl for a given resource control
* name. (By sanitization, we mean that the unsafe data pointers have been
* zeroed.)
*
* Return value
* -1 if name not defined, 0 otherwise.
*
* Caller's context
* No restrictions on context. rctl_dict_lock must not be held.
*/
int
{
return (-1);
return (0);
}
/*
* int rctl_global_set(const char *, rctl_dict_entry_t *)
*
* Overview
* Transfer the settable fields of the named rctl to the global rctl matching
* the given resource control name.
*
* Return value
* -1 if name not defined, 0 otherwise.
*
* Caller's context
* No restrictions on context. rctl_dict_lock must not be held.
*/
int
{
return (-1);
return (0);
}
static int
{
int ret = 0;
return (-1);
}
/* using rctl's hndl, get rctl from local set */
return (-1);
}
return (ret);
}
/*ARGSUSED*/
static int
{
/*
* RCTL_FIRST
*/
} else {
/*
* RCTL_NEXT
*/
return (ESRCH);
return (ENOENT);
else
}
return (0);
}
/*
* int rctl_local_get(rctl_hndl_t, rctl_val_t *)
*
* Overview
* Get the rctl value for the given flags.
*
* Return values
* 0 for successful get, errno otherwise.
*/
int
struct proc *p)
{
}
/*ARGSUSED*/
static int
{
return (ESRCH);
}
return (0);
}
/*
* int rctl_local_delete(rctl_hndl_t, rctl_val_t *)
*
* Overview
* Delete the rctl value for the given flags.
*
* Return values
* 0 for successful delete, errno otherwise.
*/
int
{
}
/*
* rctl_local_insert_cb()
*
* Overview
* Insert a new value into the rctl's val list. If an error occurs,
* the val list must be left in the same state as when the function
* was entered.
*
* Return Values
* 0 for successful insert, EINVAL if the value is duplicated in the
* existing list.
*/
/*ARGSUSED*/
static int
{
/*
* Before inserting, confirm there are no duplicates of this value
* and flag level. If there is a duplicate, flag an error and do
* nothing.
*/
return (EINVAL);
}
return (0);
}
/*
* int rctl_local_insert(rctl_hndl_t, rctl_val_t *)
*
* Overview
* Insert the rctl value into the appropriate rctl set for the calling
* process, given the handle.
*/
int
{
}
/*
* rctl_local_insert_all_cb()
*
* Overview
* Called for RCENTITY_PROJECT rctls only, via rctlsys_projset().
*
* Inserts new values from the project database (new_values). alloc_values
* should be a linked list of pre-allocated rctl_val_t, which are used to
* populate (rc_projdb).
*
* Should the *new_values linked list match the contents of the rctl's
* rp_projdb then we do nothing.
*
* Return Values
* 0 is always returned.
*/
/*ARGSUSED*/
static int
{
int modified = 0;
/*
* If this the first time we've set this project rctl, then we delete
* all the privilege values. These privilege values have been set by
* rctl_add_default_limit().
*
* We save some cycles here by not calling rctl_val_list_delete().
*/
else
} else {
}
}
modified = 1;
}
/*
* Delete active values previously set through the project database.
*/
/* Is the old value found in the new values? */
/*
* Delete from the active values if it originated from
* the project database.
*/
tmp_val);
}
modified = 1;
} else
}
/*
* Insert new values from the project database.
*/
while (new_values != NULL) {
/*
* Insert this new value into the rc_projdb, and duplicate this
* entry to the active list.
*/
alloc_values) == 0) {
/* inserted move alloc_values on */
modified = 1;
}
} else {
/*
* Unlike setrctl() we don't want to return an error on
* a duplicate entry; we are concerned solely with
* ensuring that all the values specified are set.
*/
}
new_values = next;
}
/* Teardown any unused rctl_val_t */
while (alloc_values != NULL) {
}
/* Reset the cursor if rctl values have been modified */
if (modified) {
}
return (0);
}
int
{
rctl_local_insert_all_cb, p));
}
/*
* rctl_local_replace_all_cb()
*
* Overview
* Called for RCENTITY_PROJECT rctls only, via rctlsys_projset().
*
* Clears the active rctl values (rc_values), and stored values from the
* previous insertions from the project database (rc_projdb).
*
* Inserts new values from the project database (new_values). alloc_values
* should be a linked list of pre-allocated rctl_val_t, which are used to
* populate (rc_projdb).
*
* Return Values
* 0 is always returned.
*/
/*ARGSUSED*/
static int
{
/* Delete all the privilege vaules */
else
} else {
}
}
/* Delete the contents of rc_projdb */
}
/*
* Insert new values from the project database.
*/
while (new_values != NULL) {
alloc_values) == 0) {
/* inserted, so move alloc_values on */
}
} else {
/*
* Unlike setrctl() we don't want to return an error on
* a duplicate entry; we are concerned solely with
* ensuring that all the values specified are set.
*/
}
new_values = next;
}
/* Teardown any unused rctl_val_t */
while (alloc_values != NULL) {
}
/* Always reset the cursor */
return (0);
}
int
{
}
static int
{
int ret;
/* Verify that old will be delete-able */
return (ESRCH);
/*
* Caller should verify that value being deleted is not the
* system value.
*/
/*
* rctl_local_insert_cb() does the job of flagging an error
* for any duplicate values. So, call rctl_local_insert_cb()
* for the new value first, then do deletion of the old value.
* Since this is a callback function to rctl_local_op, we can
* count on rcs_lock being held at this point. This guarantees
* that there is at no point a visible list which contains both
* new and old values.
*/
return (ret);
return (0);
}
/*
* int rctl_local_replace(rctl_hndl_t, void *, int, uint64_t *)
*
* Overview
* Replace the rctl value with a new one.
*
* Return values
* 0 for successful replace, errno otherwise.
*/
int
struct proc *p)
{
}
/*
* int rctl_rlimit_get(rctl_hndl_t, struct proc *, struct rlimit64 *)
*
* Overview
* To support rlimit compatibility, we need a function which takes a 64-bit
* rlimit and encodes it as appropriate rcontrol values on the given rcontrol.
* This operation is only intended for legacy rlimits.
*/
int
{
int soft_limit_seen = 0;
int test_for_deny = 1;
return (-1);
}
test_for_deny = 0;
/*
* 1. Find the first control value with the RCTL_LOCAL_DENY bit set.
*/
if (test_for_deny &&
continue;
}
/*
* 2. If this is an RCPRIV_BASIC value, then we've found the
* effective soft limit and should set rlim_cur. We should then
* continue looking for another control value with the DENY bit
* set.
*/
if (soft_limit_seen) {
continue;
}
rctl->rc_dict_entry, p))
else
soft_limit_seen = 1;
continue;
}
/*
* 3. This is an RCPRIV_PRIVILEGED value. If we haven't found
* a soft limit candidate, then we've found the effective hard
* and soft limits and should set both If we had found a soft
* limit, then this is only the hard limit and we need only set
* rlim_max.
*/
p))
else
if (!soft_limit_seen)
return (0);
}
/*
* This control sequence is corrupt, as it is not terminated by
* a system privileged control value.
*/
return (-1);
}
/*
* 4. If we run into a RCPRIV_SYSTEM value, then the hard limit (and
* the soft, if we haven't a soft candidate) should be the value of the
* system control value.
*/
else
if (!soft_limit_seen)
return (0);
}
/*
* rctl_alloc_gp_t *rctl_rlimit_set_prealloc(uint_t)
*
* Overview
* Before making a series of calls to rctl_rlimit_set(), we must have a
* preallocated batch of resource control values, as rctl_rlimit_set() can
* potentially consume two resource control values per call.
*
* Return values
* A populated resource control allocation group with 2n resource control
* values.
*
* Caller's context
* Must be safe for KM_SLEEP allocations.
*/
{
return (gp);
}
/*
* int rctl_rlimit_set(rctl_hndl_t, struct proc *, struct rlimit64 *, int,
* int)
*
* Overview
* To support rlimit compatibility, we need a function which takes a 64-bit
* rlimit and encodes it as appropriate rcontrol values on the given rcontrol.
* This operation is only intended for legacy rlimits.
*
* The implementation of rctl_rlimit_set() is a bit clever, as it tries to
* minimize the number of values placed on the value sequence in various
* cases. Furthermore, we don't allow multiple identical privilege-action
* values on the same sequence. (That is, we don't want a sequence like
* "while (1) { rlim.rlim_cur++; setrlimit(..., rlim); }" to exhaust kernel
* memory.) So we want to delete any values with the same privilege value and
* action.
*
* Return values
* 0 for successful set, errno otherwise. Errno will be either EINVAL
* or EPERM, in keeping with defined errnos for ulimit() and setrlimit()
* system calls.
*/
/*ARGSUSED*/
int
{
e.rcep_t = RCENTITY_PROCESS;
return (EINVAL);
return (EINVAL);
/*
* If we are not privileged, we can only lower the hard limit.
*/
secpolicy_resource(cr) != 0)
return (EPERM);
return (EINVAL);
}
break;
(flagaction & ~RCTL_LOCAL_ACTION_MASK)) {
rctl->rc_dict_entry, p,
}
}
}
} else {
}
rval_priv->rcv_firing_time = 0;
rval_basic->rcv_firing_time = 0;
}
return (0);
}
/*
* rctl_hndl_t rctl_register(const char *, rctl_entity_t, int, rlim64_t,
* rlim64_t, rctl_ops_t *)
*
* Overview
* rctl_register() performs a look-up in the dictionary of rctls
* active on the system; if a rctl of that name is absent, an entry is
* made into the dictionary. The rctl is returned with its reference
* count incremented by one. If the rctl name already exists, we panic.
* (Were the resource control system to support dynamic loading and unloading,
* which it is structured for, duplicate registration should lead to load
* failure instead of panicking.)
*
* Each registered rctl has a requirement that a RCPRIV_SYSTEM limit be
* defined. This limit contains the highest possible value for this quantity
* on the system. Furthermore, the registered control must provide infinite
* values for all applicable address space models supported by the operating
* system. Attempts to set resource control values beyond the system limit
* will fail.
*
* Return values
* The rctl's ID.
*
* Caller's context
* Caller must be in a context suitable for KM_SLEEP allocations.
*/
const char *name,
int global_flags,
{
KM_SLEEP);
int localflags;
else
rctl_val->rcv_action_signal = 0;
rctl_val->rcv_firing_time = 0;
/*
* 1. Take global lock, validate nonexistence of name, get ID.
*/
/*
* 2. Insert name-entry pair in rctl_dict_by_name.
*/
/*
* 3. Insert ID-rctl_t * pair in rctl_dict.
*/
/*
* 3a. Insert rctl_dict_entry_t * in appropriate entity list.
*/
switch (entity) {
case RCENTITY_ZONE:
case RCENTITY_PROJECT:
case RCENTITY_TASK:
case RCENTITY_PROCESS:
break;
default:
name);
break;
}
/*
* 4. Drop lock.
*/
return (rhndl);
}
/*
* static int rctl_global_action(rctl_t *r, rctl_set_t *rset, struct proc *p,
* rctl_val_t *v)
*
* Overview
* rctl_global_action() takes, in according with the flags on the rctl_dict
* entry for the given control, the appropriate actions on the exceeded
* control value. Additionally, rctl_global_action() updates the firing time
* on the exceeded value.
*
* Return values
* A bitmask reflecting the actions actually taken.
*
* Caller's context
* No restrictions on context.
*/
/*ARGSUSED*/
static int
{
enum {
SUFFIX_NONE, /* id consumed directly */
SUFFIX_NUMERIC, /* id consumed in suffix */
SUFFIX_STRING /* idstr consumed in suffix */
} suffix = SUFFIX_NONE;
int ret = 0;
v->rcv_firing_time = gethrtime();
switch (v->rcv_privilege) {
case RCPRIV_BASIC:
pr = "basic";
break;
case RCPRIV_PRIVILEGED:
pr = "privileged";
break;
case RCPRIV_SYSTEM:
pr = "system";
break;
default:
pr = "unknown";
break;
}
switch (rde->rcd_entity) {
case RCENTITY_PROCESS:
en = "process";
break;
case RCENTITY_TASK:
en = "task";
break;
case RCENTITY_PROJECT:
en = "project";
break;
case RCENTITY_ZONE:
en = "zone";
break;
default:
en = "unknown entity associated with process";
break;
}
switch (suffix) {
default:
case SUFFIX_NONE:
(void) strlog(0, 0, 0,
"%s rctl %s (value %llu) exceeded by %s %d.",
break;
case SUFFIX_NUMERIC:
(void) strlog(0, 0, 0,
"%s rctl %s (value %llu) exceeded by process %d"
" in %s %d.",
break;
case SUFFIX_STRING:
(void) strlog(0, 0, 0,
"%s rctl %s (value %llu) exceeded by process %d"
" in %s %s.",
break;
}
}
return (ret);
}
static int
{
int ret = 0;
int recip_signal = v->rcv_action_signal;
if (safety == RCA_UNSAFE_ALL) {
if (flagaction & RCTL_LOCAL_DENY) {
}
return (ret);
}
if (flagaction & RCTL_LOCAL_SIGNAL) {
/*
* We can build a siginfo only in the case that it is
* safe for us to drop p_lock. (For asynchronous
* checks this is currently not true.)
*/
mutex_exit(&p->p_lock);
mutex_enter(&p->p_lock);
}
ret |= RCT_SIGNAL;
} else if (p == curproc) {
/*
* Then this is a synchronous test and we can
* direct the signal at the violating thread.
*/
} else {
}
} else if (!unobservable) {
mutex_exit(&p->p_lock);
/*
* Recipient process is still alive, but may not
* be in this task or project any longer. In
* this case, the recipient's resource control
* set pertinent to this control will have
* changed--and we will not deliver the signal,
* as the recipient process is trying to tear
* itself off of its former set.
*/
ret |= RCT_SIGNAL;
else
} else if (sqp) {
}
} else {
if (sqp)
}
mutex_enter(&p->p_lock);
/*
* Since we dropped p_lock, we may no longer be in the
* same task or project as we were at entry. It is thus
* unsafe for us to reacquire the set lock at this
* point; callers of rctl_local_action() must handle
* this possibility.
*/
ret |= RCT_LK_ABANDONED;
} else if (sqp) {
}
}
if ((flagaction & RCTL_LOCAL_DENY) &&
}
return (ret);
}
/*
* int rctl_action(rctl_hndl_t, rctl_set_t *, struct proc *, uint_t)
*
* Overview
* Take the action associated with the enforced value (as defined by
* rctl_get_enforced_value()) being exceeded or encountered. Possibly perform
* a restricted subset of the available actions, if circumstances dictate that
* we cannot safely allocate memory (for a sigqueue_t) or guarantee process
* persistence across the duration of the function (an asynchronous action).
*
* Return values
* Actions taken, according to the rctl_test bitmask.
*
* Caller's context
* Safe to acquire rcs_lock.
*/
int
{
}
int
{
return (ret);
}
if (e == NULL) {
p, &e_tmp);
e = &e_tmp;
}
if ((ret & RCT_LK_ABANDONED) == 0) {
RCTLOP_ACTION(lrctl, p, e);
if (ret & RCT_LK_ABANDONED)
goto rctl_action_acquire;
}
ret &= ~RCT_LK_ABANDONED;
}
return (ret);
}
/*
* int rctl_test(rctl_hndl_t, rctl_set_t *, struct proc *, rctl_qty_t, uint_t)
*
* Overview
* Increment the resource associated with the given handle, returning zero if
* the incremented value does not exceed the threshold for the current limit
* on the resource.
*
* Return values
* Actions taken, according to the rctl_test bitmask.
*
* Caller's context
* p_lock held by caller.
*/
/*ARGSUSED*/
int
{
}
int
{
if (p == &p0) {
/*
* We don't enforce rctls on the kernel itself.
*/
return (ret);
}
/*
* Dereference from rctl_set. We don't enforce newly loaded controls
* that haven't been set on this entity (since the only valid value is
* the infinite system value).
*/
return (ret);
}
/*
* This control is currently unenforced: maximal value on control
* supporting infinitely available resource.
*/
return (ret);
}
/*
* If we have been called by rctl_test, look up the entity pointer
* from the proc pointer.
*/
if (e == NULL) {
p, &e_tmp);
e = &e_tmp;
}
/*
* Get enforced rctl value and current usage. Test the increment
* with the current usage against the enforced value--take action as
* necessary.
*/
if ((ret & RCT_LK_ABANDONED) == 0) {
RCTLOP_ACTION(lrctl, p, e);
if (ret & RCT_LK_ABANDONED)
goto rctl_test_acquire;
}
ret &= ~RCT_LK_ABANDONED;
break;
}
}
return (ret);
}
/*
* void rctl_init(void)
*
* Overview
* Initialize the rctl subsystem, including the primoridal rctls
* provided by the system. New subsystem-specific rctls should _not_ be
* initialized here. (Do it in your own file.)
*
* Return values
* None.
*
* Caller's context
* Safe for KM_SLEEP allocations. Must be called prior to any process model
* initialization.
*/
void
rctl_init(void)
{
"rctl_handles_by_name", rctl_dict_size,
}
/*
* rctl_incr_locked_mem(proc_t *p, kproject_t *proj, rctl_qty_t inc)
*
* Increments the amount of locked memory on a project, and
* zone. If proj is NULL, the proj and zone of proc_t p is used. If
* chargeproc is non-zero, then the charged amount is cached on p->p_locked_mem
* so that the charge can be migrated when a process changes projects.
*
* Return values
* 0 - success
* EAGAIN - attempting to increment locked memory is denied by one
* or more resource entities.
*/
int
int chargeproc)
{
int ret = 0;
} else {
}
e.rcep_t = RCENTITY_PROJECT;
goto out;
}
}
e.rcep_t = RCENTITY_ZONE;
goto out;
}
}
if (chargeproc != 0) {
p->p_locked_mem += inc;
}
out:
return (ret);
}
/*
* rctl_decr_locked_mem(proc_t *p, kproject_t *proj, rctl_qty_t inc)
*
* Decrements the amount of locked memory on a project and
* zone. If proj is NULL, the proj and zone of proc_t p is used. If
* creditproc is non-zero, then the quantity of locked memory is subtracted
* from p->p_locked_mem.
*
* Return values
* none
*/
void
int creditproc)
{
} else {
}
if (creditproc != 0) {
p->p_locked_mem -= inc;
}
}
/*
* rctl_incr_swap(proc_t *, zone_t *, size_t)
*
* Overview
* Increments the swap charge on the specified zone.
*
* Return values
* 0 on success. EAGAIN if swap increment fails due an rctl value
* on the zone.
*
* Callers context
* p_lock held on specified proc.
* swap must be even multiple of PAGESIZE
*/
int
{
e.rcep_t = RCENTITY_ZONE;
return (EAGAIN);
}
}
return (0);
}
/*
* rctl_decr_swap(zone_t *, size_t)
*
* Overview
* Decrements the swap charge on the specified zone.
*
* Return values
* None
*
* Callers context
* swap must be even multiple of PAGESIZE
*/
void
{
}
/*
* Create resource kstat
*/
static kstat_t *
{
char name[KSTAT_STRLEN];
if (ks_zoneid != GLOBAL_ZONEID)
}
return (ksp);
}
/*
* Create zone-specific resource kstat
*/
kstat_t *
{
char name[KSTAT_STRLEN];
}
/*
* Create project-specific resource kstat
*/
kstat_t *
{
char name[KSTAT_STRLEN];
}