2 * Copyright (c) 2010 The FreeBSD Foundation
5 * This software was developed by Edward Tomasz Napierala under sponsorship
6 * from the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
35 #include <sys/param.h>
37 #include <sys/malloc.h>
38 #include <sys/queue.h>
39 #include <sys/refcount.h>
41 #include <sys/kernel.h>
42 #include <sys/limits.h>
43 #include <sys/loginclass.h>
46 #include <sys/racct.h>
48 #include <sys/resourcevar.h>
50 #include <sys/sysent.h>
51 #include <sys/sysproto.h>
52 #include <sys/systm.h>
53 #include <sys/types.h>
54 #include <sys/eventhandler.h>
56 #include <sys/mutex.h>
57 #include <sys/rwlock.h>
59 #include <sys/taskqueue.h>
65 #error "The RCTL option requires the RACCT option"
68 FEATURE(rctl, "Resource Limits");
71 #define HRF_DONT_INHERIT 1
72 #define HRF_DONT_ACCUMULATE 2
74 /* Default buffer size for rctl_get_rules(2). */
75 #define RCTL_DEFAULT_BUFSIZE 4096
76 #define RCTL_MAX_INBUFLEN 4096
77 #define RCTL_LOG_BUFSIZE 128
79 #define RCTL_PCPU_SHIFT (10 * 1000000)
82 * 'rctl_rule_link' connects a rule with every racct it's related to.
83 * For example, rule 'user:X:openfiles:deny=N/process' is linked
84 * with uidinfo for user X, and to each process of that user.
86 struct rctl_rule_link {
87 LIST_ENTRY(rctl_rule_link) rrl_next;
88 struct rctl_rule *rrl_rule;
97 static struct dict subjectnames[] = {
98 { "process", RCTL_SUBJECT_TYPE_PROCESS },
99 { "user", RCTL_SUBJECT_TYPE_USER },
100 { "loginclass", RCTL_SUBJECT_TYPE_LOGINCLASS },
101 { "jail", RCTL_SUBJECT_TYPE_JAIL },
104 static struct dict resourcenames[] = {
105 { "cputime", RACCT_CPU },
106 { "datasize", RACCT_DATA },
107 { "stacksize", RACCT_STACK },
108 { "coredumpsize", RACCT_CORE },
109 { "memoryuse", RACCT_RSS },
110 { "memorylocked", RACCT_MEMLOCK },
111 { "maxproc", RACCT_NPROC },
112 { "openfiles", RACCT_NOFILE },
113 { "vmemoryuse", RACCT_VMEM },
114 { "pseudoterminals", RACCT_NPTS },
115 { "swapuse", RACCT_SWAP },
116 { "nthr", RACCT_NTHR },
117 { "msgqqueued", RACCT_MSGQQUEUED },
118 { "msgqsize", RACCT_MSGQSIZE },
119 { "nmsgq", RACCT_NMSGQ },
120 { "nsem", RACCT_NSEM },
121 { "nsemop", RACCT_NSEMOP },
122 { "nshm", RACCT_NSHM },
123 { "shmsize", RACCT_SHMSIZE },
124 { "wallclock", RACCT_WALLCLOCK },
125 { "pcpu", RACCT_PCTCPU },
128 static struct dict actionnames[] = {
129 { "sighup", RCTL_ACTION_SIGHUP },
130 { "sigint", RCTL_ACTION_SIGINT },
131 { "sigquit", RCTL_ACTION_SIGQUIT },
132 { "sigill", RCTL_ACTION_SIGILL },
133 { "sigtrap", RCTL_ACTION_SIGTRAP },
134 { "sigabrt", RCTL_ACTION_SIGABRT },
135 { "sigemt", RCTL_ACTION_SIGEMT },
136 { "sigfpe", RCTL_ACTION_SIGFPE },
137 { "sigkill", RCTL_ACTION_SIGKILL },
138 { "sigbus", RCTL_ACTION_SIGBUS },
139 { "sigsegv", RCTL_ACTION_SIGSEGV },
140 { "sigsys", RCTL_ACTION_SIGSYS },
141 { "sigpipe", RCTL_ACTION_SIGPIPE },
142 { "sigalrm", RCTL_ACTION_SIGALRM },
143 { "sigterm", RCTL_ACTION_SIGTERM },
144 { "sigurg", RCTL_ACTION_SIGURG },
145 { "sigstop", RCTL_ACTION_SIGSTOP },
146 { "sigtstp", RCTL_ACTION_SIGTSTP },
147 { "sigchld", RCTL_ACTION_SIGCHLD },
148 { "sigttin", RCTL_ACTION_SIGTTIN },
149 { "sigttou", RCTL_ACTION_SIGTTOU },
150 { "sigio", RCTL_ACTION_SIGIO },
151 { "sigxcpu", RCTL_ACTION_SIGXCPU },
152 { "sigxfsz", RCTL_ACTION_SIGXFSZ },
153 { "sigvtalrm", RCTL_ACTION_SIGVTALRM },
154 { "sigprof", RCTL_ACTION_SIGPROF },
155 { "sigwinch", RCTL_ACTION_SIGWINCH },
156 { "siginfo", RCTL_ACTION_SIGINFO },
157 { "sigusr1", RCTL_ACTION_SIGUSR1 },
158 { "sigusr2", RCTL_ACTION_SIGUSR2 },
159 { "sigthr", RCTL_ACTION_SIGTHR },
160 { "deny", RCTL_ACTION_DENY },
161 { "log", RCTL_ACTION_LOG },
162 { "devctl", RCTL_ACTION_DEVCTL },
165 static void rctl_init(void);
166 SYSINIT(rctl, SI_SUB_RACCT, SI_ORDER_FIRST, rctl_init, NULL);
168 static uma_zone_t rctl_rule_link_zone;
169 static uma_zone_t rctl_rule_zone;
170 static struct rwlock rctl_lock;
171 RW_SYSINIT(rctl_lock, &rctl_lock, "RCTL lock");
173 static int rctl_rule_fully_specified(const struct rctl_rule *rule);
174 static void rctl_rule_to_sbuf(struct sbuf *sb, const struct rctl_rule *rule);
176 static MALLOC_DEFINE(M_RCTL, "rctl", "Resource Limits");
179 rctl_subject_type_name(int subject)
183 for (i = 0; subjectnames[i].d_name != NULL; i++) {
184 if (subjectnames[i].d_value == subject)
185 return (subjectnames[i].d_name);
188 panic("rctl_subject_type_name: unknown subject type %d", subject);
192 rctl_action_name(int action)
196 for (i = 0; actionnames[i].d_name != NULL; i++) {
197 if (actionnames[i].d_value == action)
198 return (actionnames[i].d_name);
201 panic("rctl_action_name: unknown action %d", action);
205 rctl_resource_name(int resource)
209 for (i = 0; resourcenames[i].d_name != NULL; i++) {
210 if (resourcenames[i].d_value == resource)
211 return (resourcenames[i].d_name);
214 panic("rctl_resource_name: unknown resource %d", resource);
218 * Return the amount of resource that can be allocated by 'p' before
222 rctl_available_resource(const struct proc *p, const struct rctl_rule *rule)
225 int64_t available = INT64_MAX;
226 struct ucred *cred = p->p_ucred;
228 ASSERT_RACCT_ENABLED();
229 rw_assert(&rctl_lock, RA_LOCKED);
231 resource = rule->rr_resource;
232 switch (rule->rr_per) {
233 case RCTL_SUBJECT_TYPE_PROCESS:
234 available = rule->rr_amount -
235 p->p_racct->r_resources[resource];
237 case RCTL_SUBJECT_TYPE_USER:
238 available = rule->rr_amount -
239 cred->cr_ruidinfo->ui_racct->r_resources[resource];
241 case RCTL_SUBJECT_TYPE_LOGINCLASS:
242 available = rule->rr_amount -
243 cred->cr_loginclass->lc_racct->r_resources[resource];
245 case RCTL_SUBJECT_TYPE_JAIL:
246 available = rule->rr_amount -
247 cred->cr_prison->pr_prison_racct->prr_racct->
248 r_resources[resource];
251 panic("rctl_compute_available: unknown per %d",
259 * Return non-zero if allocating 'amount' by proc 'p' would exceed
260 * resource limit specified by 'rule'.
263 rctl_would_exceed(const struct proc *p, const struct rctl_rule *rule,
268 ASSERT_RACCT_ENABLED();
270 rw_assert(&rctl_lock, RA_LOCKED);
272 available = rctl_available_resource(p, rule);
273 if (available >= amount)
280 * Special version of rctl_available() function for the %cpu resource.
281 * We slightly cheat here and return less than we normally would.
284 rctl_pcpu_available(const struct proc *p) {
285 struct rctl_rule *rule;
286 struct rctl_rule_link *link;
287 int64_t available, minavailable, limit;
289 ASSERT_RACCT_ENABLED();
291 minavailable = INT64_MAX;
294 rw_rlock(&rctl_lock);
296 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
297 rule = link->rrl_rule;
298 if (rule->rr_resource != RACCT_PCTCPU)
300 if (rule->rr_action != RCTL_ACTION_DENY)
302 available = rctl_available_resource(p, rule);
303 if (available < minavailable) {
304 minavailable = available;
305 limit = rule->rr_amount;
309 rw_runlock(&rctl_lock);
312 * Return slightly less than actual value of the available
313 * %cpu resource. This makes %cpu throttling more aggressive
314 * and lets us act sooner than the limits are already exceeded.
317 if (limit > 2 * RCTL_PCPU_SHIFT)
318 minavailable -= RCTL_PCPU_SHIFT;
320 minavailable -= (limit / 2);
323 return (minavailable);
327 * Check whether the proc 'p' can allocate 'amount' of 'resource' in addition
328 * to what it keeps allocated now. Returns non-zero if the allocation should
329 * be denied, 0 otherwise.
332 rctl_enforce(struct proc *p, int resource, uint64_t amount)
334 struct rctl_rule *rule;
335 struct rctl_rule_link *link;
339 static int curtime = 0;
340 static struct timeval lasttime;
342 ASSERT_RACCT_ENABLED();
344 rw_rlock(&rctl_lock);
347 * There may be more than one matching rule; go through all of them.
348 * Denial should be done last, after logging and sending signals.
350 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
351 rule = link->rrl_rule;
352 if (rule->rr_resource != resource)
354 if (!rctl_would_exceed(p, rule, amount)) {
355 link->rrl_exceeded = 0;
359 switch (rule->rr_action) {
360 case RCTL_ACTION_DENY:
363 case RCTL_ACTION_LOG:
365 * If rrl_exceeded != 0, it means we've already
366 * logged a warning for this process.
368 if (link->rrl_exceeded != 0)
372 * If the process state is not fully initialized yet,
373 * we can't access most of the required fields, e.g.
374 * p->p_comm. This happens when called from fork1().
375 * Ignore this rule for now; it will be processed just
376 * after fork, when called from racct_proc_fork_done().
378 if (p->p_state != PRS_NORMAL)
381 if (!ppsratecheck(&lasttime, &curtime, 10))
384 buf = malloc(RCTL_LOG_BUFSIZE, M_RCTL, M_NOWAIT);
386 printf("rctl_enforce: out of memory\n");
389 sbuf_new(&sb, buf, RCTL_LOG_BUFSIZE, SBUF_FIXEDLEN);
390 rctl_rule_to_sbuf(&sb, rule);
392 printf("rctl: rule \"%s\" matched by pid %d "
393 "(%s), uid %d, jail %s\n", sbuf_data(&sb),
394 p->p_pid, p->p_comm, p->p_ucred->cr_uid,
395 p->p_ucred->cr_prison->pr_prison_racct->prr_name);
398 link->rrl_exceeded = 1;
400 case RCTL_ACTION_DEVCTL:
401 if (link->rrl_exceeded != 0)
404 if (p->p_state != PRS_NORMAL)
407 buf = malloc(RCTL_LOG_BUFSIZE, M_RCTL, M_NOWAIT);
409 printf("rctl_enforce: out of memory\n");
412 sbuf_new(&sb, buf, RCTL_LOG_BUFSIZE, SBUF_FIXEDLEN);
413 sbuf_printf(&sb, "rule=");
414 rctl_rule_to_sbuf(&sb, rule);
415 sbuf_printf(&sb, " pid=%d ruid=%d jail=%s",
416 p->p_pid, p->p_ucred->cr_ruid,
417 p->p_ucred->cr_prison->pr_prison_racct->prr_name);
419 devctl_notify_f("RCTL", "rule", "matched",
420 sbuf_data(&sb), M_NOWAIT);
423 link->rrl_exceeded = 1;
426 if (link->rrl_exceeded != 0)
429 if (p->p_state != PRS_NORMAL)
432 KASSERT(rule->rr_action > 0 &&
433 rule->rr_action <= RCTL_ACTION_SIGNAL_MAX,
434 ("rctl_enforce: unknown action %d",
438 * We're using the fact that RCTL_ACTION_SIG* values
439 * are equal to their counterparts from sys/signal.h.
441 kern_psignal(p, rule->rr_action);
442 link->rrl_exceeded = 1;
447 rw_runlock(&rctl_lock);
451 * Return fake error code; the caller should change it
452 * into one proper for the situation - EFSIZ, ENOMEM etc.
461 rctl_get_limit(struct proc *p, int resource)
463 struct rctl_rule *rule;
464 struct rctl_rule_link *link;
465 uint64_t amount = UINT64_MAX;
467 ASSERT_RACCT_ENABLED();
469 rw_rlock(&rctl_lock);
472 * There may be more than one matching rule; go through all of them.
473 * Denial should be done last, after logging and sending signals.
475 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
476 rule = link->rrl_rule;
477 if (rule->rr_resource != resource)
479 if (rule->rr_action != RCTL_ACTION_DENY)
481 if (rule->rr_amount < amount)
482 amount = rule->rr_amount;
485 rw_runlock(&rctl_lock);
491 rctl_get_available(struct proc *p, int resource)
493 struct rctl_rule *rule;
494 struct rctl_rule_link *link;
495 int64_t available, minavailable, allocated;
497 minavailable = INT64_MAX;
499 ASSERT_RACCT_ENABLED();
501 rw_rlock(&rctl_lock);
504 * There may be more than one matching rule; go through all of them.
505 * Denial should be done last, after logging and sending signals.
507 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
508 rule = link->rrl_rule;
509 if (rule->rr_resource != resource)
511 if (rule->rr_action != RCTL_ACTION_DENY)
513 available = rctl_available_resource(p, rule);
514 if (available < minavailable)
515 minavailable = available;
518 rw_runlock(&rctl_lock);
521 * XXX: Think about this _hard_.
523 allocated = p->p_racct->r_resources[resource];
524 if (minavailable < INT64_MAX - allocated)
525 minavailable += allocated;
526 if (minavailable < 0)
528 return (minavailable);
532 rctl_rule_matches(const struct rctl_rule *rule, const struct rctl_rule *filter)
535 ASSERT_RACCT_ENABLED();
537 if (filter->rr_subject_type != RCTL_SUBJECT_TYPE_UNDEFINED) {
538 if (rule->rr_subject_type != filter->rr_subject_type)
541 switch (filter->rr_subject_type) {
542 case RCTL_SUBJECT_TYPE_PROCESS:
543 if (filter->rr_subject.rs_proc != NULL &&
544 rule->rr_subject.rs_proc !=
545 filter->rr_subject.rs_proc)
548 case RCTL_SUBJECT_TYPE_USER:
549 if (filter->rr_subject.rs_uip != NULL &&
550 rule->rr_subject.rs_uip !=
551 filter->rr_subject.rs_uip)
554 case RCTL_SUBJECT_TYPE_LOGINCLASS:
555 if (filter->rr_subject.rs_loginclass != NULL &&
556 rule->rr_subject.rs_loginclass !=
557 filter->rr_subject.rs_loginclass)
560 case RCTL_SUBJECT_TYPE_JAIL:
561 if (filter->rr_subject.rs_prison_racct != NULL &&
562 rule->rr_subject.rs_prison_racct !=
563 filter->rr_subject.rs_prison_racct)
567 panic("rctl_rule_matches: unknown subject type %d",
568 filter->rr_subject_type);
572 if (filter->rr_resource != RACCT_UNDEFINED) {
573 if (rule->rr_resource != filter->rr_resource)
577 if (filter->rr_action != RCTL_ACTION_UNDEFINED) {
578 if (rule->rr_action != filter->rr_action)
582 if (filter->rr_amount != RCTL_AMOUNT_UNDEFINED) {
583 if (rule->rr_amount != filter->rr_amount)
587 if (filter->rr_per != RCTL_SUBJECT_TYPE_UNDEFINED) {
588 if (rule->rr_per != filter->rr_per)
596 str2value(const char *str, int *value, struct dict *table)
603 for (i = 0; table[i].d_name != NULL; i++) {
604 if (strcasecmp(table[i].d_name, str) == 0) {
605 *value = table[i].d_value;
614 str2id(const char *str, id_t *value)
621 *value = strtoul(str, &end, 10);
622 if ((size_t)(end - str) != strlen(str))
629 str2int64(const char *str, int64_t *value)
636 *value = strtoul(str, &end, 10);
637 if ((size_t)(end - str) != strlen(str))
644 * Connect the rule to the racct, increasing refcount for the rule.
647 rctl_racct_add_rule(struct racct *racct, struct rctl_rule *rule)
649 struct rctl_rule_link *link;
651 ASSERT_RACCT_ENABLED();
652 KASSERT(rctl_rule_fully_specified(rule), ("rule not fully specified"));
654 rctl_rule_acquire(rule);
655 link = uma_zalloc(rctl_rule_link_zone, M_WAITOK);
656 link->rrl_rule = rule;
657 link->rrl_exceeded = 0;
659 rw_wlock(&rctl_lock);
660 LIST_INSERT_HEAD(&racct->r_rule_links, link, rrl_next);
661 rw_wunlock(&rctl_lock);
665 rctl_racct_add_rule_locked(struct racct *racct, struct rctl_rule *rule)
667 struct rctl_rule_link *link;
669 ASSERT_RACCT_ENABLED();
670 KASSERT(rctl_rule_fully_specified(rule), ("rule not fully specified"));
671 rw_assert(&rctl_lock, RA_WLOCKED);
673 link = uma_zalloc(rctl_rule_link_zone, M_NOWAIT);
676 rctl_rule_acquire(rule);
677 link->rrl_rule = rule;
678 link->rrl_exceeded = 0;
680 LIST_INSERT_HEAD(&racct->r_rule_links, link, rrl_next);
685 * Remove limits for a rules matching the filter and release
686 * the refcounts for the rules, possibly freeing them. Returns
687 * the number of limit structures removed.
690 rctl_racct_remove_rules(struct racct *racct,
691 const struct rctl_rule *filter)
694 struct rctl_rule_link *link, *linktmp;
696 ASSERT_RACCT_ENABLED();
697 rw_assert(&rctl_lock, RA_WLOCKED);
699 LIST_FOREACH_SAFE(link, &racct->r_rule_links, rrl_next, linktmp) {
700 if (!rctl_rule_matches(link->rrl_rule, filter))
703 LIST_REMOVE(link, rrl_next);
704 rctl_rule_release(link->rrl_rule);
705 uma_zfree(rctl_rule_link_zone, link);
712 rctl_rule_acquire_subject(struct rctl_rule *rule)
715 ASSERT_RACCT_ENABLED();
717 switch (rule->rr_subject_type) {
718 case RCTL_SUBJECT_TYPE_UNDEFINED:
719 case RCTL_SUBJECT_TYPE_PROCESS:
721 case RCTL_SUBJECT_TYPE_JAIL:
722 if (rule->rr_subject.rs_prison_racct != NULL)
723 prison_racct_hold(rule->rr_subject.rs_prison_racct);
725 case RCTL_SUBJECT_TYPE_USER:
726 if (rule->rr_subject.rs_uip != NULL)
727 uihold(rule->rr_subject.rs_uip);
729 case RCTL_SUBJECT_TYPE_LOGINCLASS:
730 if (rule->rr_subject.rs_loginclass != NULL)
731 loginclass_hold(rule->rr_subject.rs_loginclass);
734 panic("rctl_rule_acquire_subject: unknown subject type %d",
735 rule->rr_subject_type);
740 rctl_rule_release_subject(struct rctl_rule *rule)
743 ASSERT_RACCT_ENABLED();
745 switch (rule->rr_subject_type) {
746 case RCTL_SUBJECT_TYPE_UNDEFINED:
747 case RCTL_SUBJECT_TYPE_PROCESS:
749 case RCTL_SUBJECT_TYPE_JAIL:
750 if (rule->rr_subject.rs_prison_racct != NULL)
751 prison_racct_free(rule->rr_subject.rs_prison_racct);
753 case RCTL_SUBJECT_TYPE_USER:
754 if (rule->rr_subject.rs_uip != NULL)
755 uifree(rule->rr_subject.rs_uip);
757 case RCTL_SUBJECT_TYPE_LOGINCLASS:
758 if (rule->rr_subject.rs_loginclass != NULL)
759 loginclass_free(rule->rr_subject.rs_loginclass);
762 panic("rctl_rule_release_subject: unknown subject type %d",
763 rule->rr_subject_type);
768 rctl_rule_alloc(int flags)
770 struct rctl_rule *rule;
772 ASSERT_RACCT_ENABLED();
774 rule = uma_zalloc(rctl_rule_zone, flags);
777 rule->rr_subject_type = RCTL_SUBJECT_TYPE_UNDEFINED;
778 rule->rr_subject.rs_proc = NULL;
779 rule->rr_subject.rs_uip = NULL;
780 rule->rr_subject.rs_loginclass = NULL;
781 rule->rr_subject.rs_prison_racct = NULL;
782 rule->rr_per = RCTL_SUBJECT_TYPE_UNDEFINED;
783 rule->rr_resource = RACCT_UNDEFINED;
784 rule->rr_action = RCTL_ACTION_UNDEFINED;
785 rule->rr_amount = RCTL_AMOUNT_UNDEFINED;
786 refcount_init(&rule->rr_refcount, 1);
792 rctl_rule_duplicate(const struct rctl_rule *rule, int flags)
794 struct rctl_rule *copy;
796 ASSERT_RACCT_ENABLED();
798 copy = uma_zalloc(rctl_rule_zone, flags);
801 copy->rr_subject_type = rule->rr_subject_type;
802 copy->rr_subject.rs_proc = rule->rr_subject.rs_proc;
803 copy->rr_subject.rs_uip = rule->rr_subject.rs_uip;
804 copy->rr_subject.rs_loginclass = rule->rr_subject.rs_loginclass;
805 copy->rr_subject.rs_prison_racct = rule->rr_subject.rs_prison_racct;
806 copy->rr_per = rule->rr_per;
807 copy->rr_resource = rule->rr_resource;
808 copy->rr_action = rule->rr_action;
809 copy->rr_amount = rule->rr_amount;
810 refcount_init(©->rr_refcount, 1);
811 rctl_rule_acquire_subject(copy);
817 rctl_rule_acquire(struct rctl_rule *rule)
820 ASSERT_RACCT_ENABLED();
821 KASSERT(rule->rr_refcount > 0, ("rule->rr_refcount <= 0"));
823 refcount_acquire(&rule->rr_refcount);
827 rctl_rule_free(void *context, int pending)
829 struct rctl_rule *rule;
831 rule = (struct rctl_rule *)context;
833 ASSERT_RACCT_ENABLED();
834 KASSERT(rule->rr_refcount == 0, ("rule->rr_refcount != 0"));
837 * We don't need locking here; rule is guaranteed to be inaccessible.
840 rctl_rule_release_subject(rule);
841 uma_zfree(rctl_rule_zone, rule);
845 rctl_rule_release(struct rctl_rule *rule)
848 ASSERT_RACCT_ENABLED();
849 KASSERT(rule->rr_refcount > 0, ("rule->rr_refcount <= 0"));
851 if (refcount_release(&rule->rr_refcount)) {
853 * rctl_rule_release() is often called when iterating
854 * over all the uidinfo structures in the system,
855 * holding uihashtbl_lock. Since rctl_rule_free()
856 * might end up calling uifree(), this would lead
857 * to lock recursion. Use taskqueue to avoid this.
859 TASK_INIT(&rule->rr_task, 0, rctl_rule_free, rule);
860 taskqueue_enqueue(taskqueue_thread, &rule->rr_task);
865 rctl_rule_fully_specified(const struct rctl_rule *rule)
868 ASSERT_RACCT_ENABLED();
870 switch (rule->rr_subject_type) {
871 case RCTL_SUBJECT_TYPE_UNDEFINED:
873 case RCTL_SUBJECT_TYPE_PROCESS:
874 if (rule->rr_subject.rs_proc == NULL)
877 case RCTL_SUBJECT_TYPE_USER:
878 if (rule->rr_subject.rs_uip == NULL)
881 case RCTL_SUBJECT_TYPE_LOGINCLASS:
882 if (rule->rr_subject.rs_loginclass == NULL)
885 case RCTL_SUBJECT_TYPE_JAIL:
886 if (rule->rr_subject.rs_prison_racct == NULL)
890 panic("rctl_rule_fully_specified: unknown subject type %d",
891 rule->rr_subject_type);
893 if (rule->rr_resource == RACCT_UNDEFINED)
895 if (rule->rr_action == RCTL_ACTION_UNDEFINED)
897 if (rule->rr_amount == RCTL_AMOUNT_UNDEFINED)
899 if (rule->rr_per == RCTL_SUBJECT_TYPE_UNDEFINED)
906 rctl_string_to_rule(char *rulestr, struct rctl_rule **rulep)
909 char *subjectstr, *subject_idstr, *resourcestr, *actionstr,
911 struct rctl_rule *rule;
914 ASSERT_RACCT_ENABLED();
916 rule = rctl_rule_alloc(M_WAITOK);
918 subjectstr = strsep(&rulestr, ":");
919 subject_idstr = strsep(&rulestr, ":");
920 resourcestr = strsep(&rulestr, ":");
921 actionstr = strsep(&rulestr, "=/");
922 amountstr = strsep(&rulestr, "/");
925 if (subjectstr == NULL || subjectstr[0] == '\0')
926 rule->rr_subject_type = RCTL_SUBJECT_TYPE_UNDEFINED;
928 error = str2value(subjectstr, &rule->rr_subject_type, subjectnames);
933 if (subject_idstr == NULL || subject_idstr[0] == '\0') {
934 rule->rr_subject.rs_proc = NULL;
935 rule->rr_subject.rs_uip = NULL;
936 rule->rr_subject.rs_loginclass = NULL;
937 rule->rr_subject.rs_prison_racct = NULL;
939 switch (rule->rr_subject_type) {
940 case RCTL_SUBJECT_TYPE_UNDEFINED:
943 case RCTL_SUBJECT_TYPE_PROCESS:
944 error = str2id(subject_idstr, &id);
947 sx_assert(&allproc_lock, SA_LOCKED);
948 rule->rr_subject.rs_proc = pfind(id);
949 if (rule->rr_subject.rs_proc == NULL) {
953 PROC_UNLOCK(rule->rr_subject.rs_proc);
955 case RCTL_SUBJECT_TYPE_USER:
956 error = str2id(subject_idstr, &id);
959 rule->rr_subject.rs_uip = uifind(id);
961 case RCTL_SUBJECT_TYPE_LOGINCLASS:
962 rule->rr_subject.rs_loginclass =
963 loginclass_find(subject_idstr);
964 if (rule->rr_subject.rs_loginclass == NULL) {
965 error = ENAMETOOLONG;
969 case RCTL_SUBJECT_TYPE_JAIL:
970 rule->rr_subject.rs_prison_racct =
971 prison_racct_find(subject_idstr);
972 if (rule->rr_subject.rs_prison_racct == NULL) {
973 error = ENAMETOOLONG;
978 panic("rctl_string_to_rule: unknown subject type %d",
979 rule->rr_subject_type);
983 if (resourcestr == NULL || resourcestr[0] == '\0')
984 rule->rr_resource = RACCT_UNDEFINED;
986 error = str2value(resourcestr, &rule->rr_resource,
992 if (actionstr == NULL || actionstr[0] == '\0')
993 rule->rr_action = RCTL_ACTION_UNDEFINED;
995 error = str2value(actionstr, &rule->rr_action, actionnames);
1000 if (amountstr == NULL || amountstr[0] == '\0')
1001 rule->rr_amount = RCTL_AMOUNT_UNDEFINED;
1003 error = str2int64(amountstr, &rule->rr_amount);
1006 if (RACCT_IS_IN_MILLIONS(rule->rr_resource))
1007 rule->rr_amount *= 1000000;
1010 if (perstr == NULL || perstr[0] == '\0')
1011 rule->rr_per = RCTL_SUBJECT_TYPE_UNDEFINED;
1013 error = str2value(perstr, &rule->rr_per, subjectnames);
1022 rctl_rule_release(rule);
1028 * Link a rule with all the subjects it applies to.
1031 rctl_rule_add(struct rctl_rule *rule)
1035 struct uidinfo *uip;
1037 struct prison_racct *prr;
1038 struct loginclass *lc;
1039 struct rctl_rule *rule2;
1042 ASSERT_RACCT_ENABLED();
1043 KASSERT(rctl_rule_fully_specified(rule), ("rule not fully specified"));
1046 * Some rules just don't make sense. Note that the one below
1047 * cannot be rewritten using RACCT_IS_DENIABLE(); the RACCT_PCTCPU,
1048 * for example, is not deniable in the racct sense, but the
1049 * limit is enforced in a different way, so "deny" rules for %CPU
1052 if (rule->rr_action == RCTL_ACTION_DENY &&
1053 (rule->rr_resource == RACCT_CPU ||
1054 rule->rr_resource == RACCT_WALLCLOCK))
1055 return (EOPNOTSUPP);
1057 if (rule->rr_per == RCTL_SUBJECT_TYPE_PROCESS &&
1058 RACCT_IS_SLOPPY(rule->rr_resource))
1059 return (EOPNOTSUPP);
1062 * Make sure there are no duplicated rules. Also, for the "deny"
1063 * rules, remove ones differing only by "amount".
1065 if (rule->rr_action == RCTL_ACTION_DENY) {
1066 rule2 = rctl_rule_duplicate(rule, M_WAITOK);
1067 rule2->rr_amount = RCTL_AMOUNT_UNDEFINED;
1068 rctl_rule_remove(rule2);
1069 rctl_rule_release(rule2);
1071 rctl_rule_remove(rule);
1073 switch (rule->rr_subject_type) {
1074 case RCTL_SUBJECT_TYPE_PROCESS:
1075 p = rule->rr_subject.rs_proc;
1076 KASSERT(p != NULL, ("rctl_rule_add: NULL proc"));
1078 rctl_racct_add_rule(p->p_racct, rule);
1080 * In case of per-process rule, we don't have anything more
1085 case RCTL_SUBJECT_TYPE_USER:
1086 uip = rule->rr_subject.rs_uip;
1087 KASSERT(uip != NULL, ("rctl_rule_add: NULL uip"));
1088 rctl_racct_add_rule(uip->ui_racct, rule);
1091 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1092 lc = rule->rr_subject.rs_loginclass;
1093 KASSERT(lc != NULL, ("rctl_rule_add: NULL loginclass"));
1094 rctl_racct_add_rule(lc->lc_racct, rule);
1097 case RCTL_SUBJECT_TYPE_JAIL:
1098 prr = rule->rr_subject.rs_prison_racct;
1099 KASSERT(prr != NULL, ("rctl_rule_add: NULL pr"));
1100 rctl_racct_add_rule(prr->prr_racct, rule);
1104 panic("rctl_rule_add: unknown subject type %d",
1105 rule->rr_subject_type);
1109 * Now go through all the processes and add the new rule to the ones
1112 sx_assert(&allproc_lock, SA_LOCKED);
1113 FOREACH_PROC_IN_SYSTEM(p) {
1115 switch (rule->rr_subject_type) {
1116 case RCTL_SUBJECT_TYPE_USER:
1117 if (cred->cr_uidinfo == rule->rr_subject.rs_uip ||
1118 cred->cr_ruidinfo == rule->rr_subject.rs_uip)
1121 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1122 if (cred->cr_loginclass == rule->rr_subject.rs_loginclass)
1125 case RCTL_SUBJECT_TYPE_JAIL:
1127 for (pr = cred->cr_prison; pr != NULL; pr = pr->pr_parent) {
1128 if (pr->pr_prison_racct == rule->rr_subject.rs_prison_racct) {
1137 panic("rctl_rule_add: unknown subject type %d",
1138 rule->rr_subject_type);
1141 rctl_racct_add_rule(p->p_racct, rule);
1148 rctl_rule_remove_callback(struct racct *racct, void *arg2, void *arg3)
1150 struct rctl_rule *filter = (struct rctl_rule *)arg2;
1153 ASSERT_RACCT_ENABLED();
1155 rw_wlock(&rctl_lock);
1156 found += rctl_racct_remove_rules(racct, filter);
1157 rw_wunlock(&rctl_lock);
1159 *((int *)arg3) += found;
1163 * Remove all rules that match the filter.
1166 rctl_rule_remove(struct rctl_rule *filter)
1171 ASSERT_RACCT_ENABLED();
1173 if (filter->rr_subject_type == RCTL_SUBJECT_TYPE_PROCESS &&
1174 filter->rr_subject.rs_proc != NULL) {
1175 p = filter->rr_subject.rs_proc;
1176 rw_wlock(&rctl_lock);
1177 found = rctl_racct_remove_rules(p->p_racct, filter);
1178 rw_wunlock(&rctl_lock);
1184 loginclass_racct_foreach(rctl_rule_remove_callback, filter,
1186 ui_racct_foreach(rctl_rule_remove_callback, filter,
1188 prison_racct_foreach(rctl_rule_remove_callback, filter,
1191 sx_assert(&allproc_lock, SA_LOCKED);
1192 rw_wlock(&rctl_lock);
1193 FOREACH_PROC_IN_SYSTEM(p) {
1194 found += rctl_racct_remove_rules(p->p_racct, filter);
1196 rw_wunlock(&rctl_lock);
1204 * Appends a rule to the sbuf.
1207 rctl_rule_to_sbuf(struct sbuf *sb, const struct rctl_rule *rule)
1211 ASSERT_RACCT_ENABLED();
1213 sbuf_printf(sb, "%s:", rctl_subject_type_name(rule->rr_subject_type));
1215 switch (rule->rr_subject_type) {
1216 case RCTL_SUBJECT_TYPE_PROCESS:
1217 if (rule->rr_subject.rs_proc == NULL)
1218 sbuf_printf(sb, ":");
1220 sbuf_printf(sb, "%d:",
1221 rule->rr_subject.rs_proc->p_pid);
1223 case RCTL_SUBJECT_TYPE_USER:
1224 if (rule->rr_subject.rs_uip == NULL)
1225 sbuf_printf(sb, ":");
1227 sbuf_printf(sb, "%d:",
1228 rule->rr_subject.rs_uip->ui_uid);
1230 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1231 if (rule->rr_subject.rs_loginclass == NULL)
1232 sbuf_printf(sb, ":");
1234 sbuf_printf(sb, "%s:",
1235 rule->rr_subject.rs_loginclass->lc_name);
1237 case RCTL_SUBJECT_TYPE_JAIL:
1238 if (rule->rr_subject.rs_prison_racct == NULL)
1239 sbuf_printf(sb, ":");
1241 sbuf_printf(sb, "%s:",
1242 rule->rr_subject.rs_prison_racct->prr_name);
1245 panic("rctl_rule_to_sbuf: unknown subject type %d",
1246 rule->rr_subject_type);
1249 amount = rule->rr_amount;
1250 if (amount != RCTL_AMOUNT_UNDEFINED &&
1251 RACCT_IS_IN_MILLIONS(rule->rr_resource))
1254 sbuf_printf(sb, "%s:%s=%jd",
1255 rctl_resource_name(rule->rr_resource),
1256 rctl_action_name(rule->rr_action),
1259 if (rule->rr_per != rule->rr_subject_type)
1260 sbuf_printf(sb, "/%s", rctl_subject_type_name(rule->rr_per));
1264 * Routine used by RCTL syscalls to read in input string.
1267 rctl_read_inbuf(char **inputstr, const char *inbufp, size_t inbuflen)
1272 ASSERT_RACCT_ENABLED();
1276 if (inbuflen > RCTL_MAX_INBUFLEN)
1279 str = malloc(inbuflen + 1, M_RCTL, M_WAITOK);
1280 error = copyinstr(inbufp, str, inbuflen, NULL);
1292 * Routine used by RCTL syscalls to write out output string.
1295 rctl_write_outbuf(struct sbuf *outputsbuf, char *outbufp, size_t outbuflen)
1299 ASSERT_RACCT_ENABLED();
1301 if (outputsbuf == NULL)
1304 sbuf_finish(outputsbuf);
1305 if (outbuflen < sbuf_len(outputsbuf) + 1) {
1306 sbuf_delete(outputsbuf);
1309 error = copyout(sbuf_data(outputsbuf), outbufp,
1310 sbuf_len(outputsbuf) + 1);
1311 sbuf_delete(outputsbuf);
1315 static struct sbuf *
1316 rctl_racct_to_sbuf(struct racct *racct, int sloppy)
1322 ASSERT_RACCT_ENABLED();
1324 sb = sbuf_new_auto();
1325 for (i = 0; i <= RACCT_MAX; i++) {
1326 if (sloppy == 0 && RACCT_IS_SLOPPY(i))
1328 amount = racct->r_resources[i];
1329 if (RACCT_IS_IN_MILLIONS(i))
1331 sbuf_printf(sb, "%s=%jd,", rctl_resource_name(i), amount);
1333 sbuf_setpos(sb, sbuf_len(sb) - 1);
1338 sys_rctl_get_racct(struct thread *td, struct rctl_get_racct_args *uap)
1342 struct rctl_rule *filter;
1343 struct sbuf *outputsbuf = NULL;
1345 struct uidinfo *uip;
1346 struct loginclass *lc;
1347 struct prison_racct *prr;
1352 error = priv_check(td, PRIV_RCTL_GET_RACCT);
1356 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1360 sx_slock(&allproc_lock);
1361 error = rctl_string_to_rule(inputstr, &filter);
1362 free(inputstr, M_RCTL);
1364 sx_sunlock(&allproc_lock);
1368 switch (filter->rr_subject_type) {
1369 case RCTL_SUBJECT_TYPE_PROCESS:
1370 p = filter->rr_subject.rs_proc;
1375 outputsbuf = rctl_racct_to_sbuf(p->p_racct, 0);
1377 case RCTL_SUBJECT_TYPE_USER:
1378 uip = filter->rr_subject.rs_uip;
1383 outputsbuf = rctl_racct_to_sbuf(uip->ui_racct, 1);
1385 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1386 lc = filter->rr_subject.rs_loginclass;
1391 outputsbuf = rctl_racct_to_sbuf(lc->lc_racct, 1);
1393 case RCTL_SUBJECT_TYPE_JAIL:
1394 prr = filter->rr_subject.rs_prison_racct;
1399 outputsbuf = rctl_racct_to_sbuf(prr->prr_racct, 1);
1405 rctl_rule_release(filter);
1406 sx_sunlock(&allproc_lock);
1410 error = rctl_write_outbuf(outputsbuf, uap->outbufp, uap->outbuflen);
1416 rctl_get_rules_callback(struct racct *racct, void *arg2, void *arg3)
1418 struct rctl_rule *filter = (struct rctl_rule *)arg2;
1419 struct rctl_rule_link *link;
1420 struct sbuf *sb = (struct sbuf *)arg3;
1422 ASSERT_RACCT_ENABLED();
1424 rw_rlock(&rctl_lock);
1425 LIST_FOREACH(link, &racct->r_rule_links, rrl_next) {
1426 if (!rctl_rule_matches(link->rrl_rule, filter))
1428 rctl_rule_to_sbuf(sb, link->rrl_rule);
1429 sbuf_printf(sb, ",");
1431 rw_runlock(&rctl_lock);
1435 sys_rctl_get_rules(struct thread *td, struct rctl_get_rules_args *uap)
1438 size_t bufsize = RCTL_DEFAULT_BUFSIZE;
1439 char *inputstr, *buf;
1441 struct rctl_rule *filter;
1442 struct rctl_rule_link *link;
1448 error = priv_check(td, PRIV_RCTL_GET_RULES);
1452 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1456 sx_slock(&allproc_lock);
1457 error = rctl_string_to_rule(inputstr, &filter);
1458 free(inputstr, M_RCTL);
1460 sx_sunlock(&allproc_lock);
1465 buf = malloc(bufsize, M_RCTL, M_WAITOK);
1466 sb = sbuf_new(NULL, buf, bufsize, SBUF_FIXEDLEN);
1467 KASSERT(sb != NULL, ("sbuf_new failed"));
1469 sx_assert(&allproc_lock, SA_LOCKED);
1470 FOREACH_PROC_IN_SYSTEM(p) {
1471 rw_rlock(&rctl_lock);
1472 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
1474 * Non-process rules will be added to the buffer later.
1475 * Adding them here would result in duplicated output.
1477 if (link->rrl_rule->rr_subject_type !=
1478 RCTL_SUBJECT_TYPE_PROCESS)
1480 if (!rctl_rule_matches(link->rrl_rule, filter))
1482 rctl_rule_to_sbuf(sb, link->rrl_rule);
1483 sbuf_printf(sb, ",");
1485 rw_runlock(&rctl_lock);
1488 loginclass_racct_foreach(rctl_get_rules_callback, filter, sb);
1489 ui_racct_foreach(rctl_get_rules_callback, filter, sb);
1490 prison_racct_foreach(rctl_get_rules_callback, filter, sb);
1491 if (sbuf_error(sb) == ENOMEM) {
1499 * Remove trailing ",".
1501 if (sbuf_len(sb) > 0)
1502 sbuf_setpos(sb, sbuf_len(sb) - 1);
1504 error = rctl_write_outbuf(sb, uap->outbufp, uap->outbuflen);
1506 rctl_rule_release(filter);
1507 sx_sunlock(&allproc_lock);
1513 sys_rctl_get_limits(struct thread *td, struct rctl_get_limits_args *uap)
1516 size_t bufsize = RCTL_DEFAULT_BUFSIZE;
1517 char *inputstr, *buf;
1519 struct rctl_rule *filter;
1520 struct rctl_rule_link *link;
1525 error = priv_check(td, PRIV_RCTL_GET_LIMITS);
1529 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1533 sx_slock(&allproc_lock);
1534 error = rctl_string_to_rule(inputstr, &filter);
1535 free(inputstr, M_RCTL);
1537 sx_sunlock(&allproc_lock);
1541 if (filter->rr_subject_type == RCTL_SUBJECT_TYPE_UNDEFINED) {
1542 rctl_rule_release(filter);
1543 sx_sunlock(&allproc_lock);
1546 if (filter->rr_subject_type != RCTL_SUBJECT_TYPE_PROCESS) {
1547 rctl_rule_release(filter);
1548 sx_sunlock(&allproc_lock);
1549 return (EOPNOTSUPP);
1551 if (filter->rr_subject.rs_proc == NULL) {
1552 rctl_rule_release(filter);
1553 sx_sunlock(&allproc_lock);
1558 buf = malloc(bufsize, M_RCTL, M_WAITOK);
1559 sb = sbuf_new(NULL, buf, bufsize, SBUF_FIXEDLEN);
1560 KASSERT(sb != NULL, ("sbuf_new failed"));
1562 rw_rlock(&rctl_lock);
1563 LIST_FOREACH(link, &filter->rr_subject.rs_proc->p_racct->r_rule_links,
1565 rctl_rule_to_sbuf(sb, link->rrl_rule);
1566 sbuf_printf(sb, ",");
1568 rw_runlock(&rctl_lock);
1569 if (sbuf_error(sb) == ENOMEM) {
1577 * Remove trailing ",".
1579 if (sbuf_len(sb) > 0)
1580 sbuf_setpos(sb, sbuf_len(sb) - 1);
1582 error = rctl_write_outbuf(sb, uap->outbufp, uap->outbuflen);
1583 rctl_rule_release(filter);
1584 sx_sunlock(&allproc_lock);
1590 sys_rctl_add_rule(struct thread *td, struct rctl_add_rule_args *uap)
1593 struct rctl_rule *rule;
1599 error = priv_check(td, PRIV_RCTL_ADD_RULE);
1603 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1607 sx_slock(&allproc_lock);
1608 error = rctl_string_to_rule(inputstr, &rule);
1609 free(inputstr, M_RCTL);
1611 sx_sunlock(&allproc_lock);
1615 * The 'per' part of a rule is optional.
1617 if (rule->rr_per == RCTL_SUBJECT_TYPE_UNDEFINED &&
1618 rule->rr_subject_type != RCTL_SUBJECT_TYPE_UNDEFINED)
1619 rule->rr_per = rule->rr_subject_type;
1621 if (!rctl_rule_fully_specified(rule)) {
1626 error = rctl_rule_add(rule);
1629 rctl_rule_release(rule);
1630 sx_sunlock(&allproc_lock);
1635 sys_rctl_remove_rule(struct thread *td, struct rctl_remove_rule_args *uap)
1638 struct rctl_rule *filter;
1644 error = priv_check(td, PRIV_RCTL_REMOVE_RULE);
1648 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1652 sx_slock(&allproc_lock);
1653 error = rctl_string_to_rule(inputstr, &filter);
1654 free(inputstr, M_RCTL);
1656 sx_sunlock(&allproc_lock);
1660 error = rctl_rule_remove(filter);
1661 rctl_rule_release(filter);
1662 sx_sunlock(&allproc_lock);
1668 * Update RCTL rule list after credential change.
1671 rctl_proc_ucred_changed(struct proc *p, struct ucred *newcred)
1674 struct rctl_rule_link *link, *newlink;
1675 struct uidinfo *newuip;
1676 struct loginclass *newlc;
1677 struct prison_racct *newprr;
1678 LIST_HEAD(, rctl_rule_link) newrules;
1680 ASSERT_RACCT_ENABLED();
1682 newuip = newcred->cr_ruidinfo;
1683 newlc = newcred->cr_loginclass;
1684 newprr = newcred->cr_prison->pr_prison_racct;
1686 LIST_INIT(&newrules);
1690 * First, count the rules that apply to the process with new
1694 rw_rlock(&rctl_lock);
1695 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
1696 if (link->rrl_rule->rr_subject_type ==
1697 RCTL_SUBJECT_TYPE_PROCESS)
1700 LIST_FOREACH(link, &newuip->ui_racct->r_rule_links, rrl_next)
1702 LIST_FOREACH(link, &newlc->lc_racct->r_rule_links, rrl_next)
1704 LIST_FOREACH(link, &newprr->prr_racct->r_rule_links, rrl_next)
1706 rw_runlock(&rctl_lock);
1709 * Create temporary list. We've dropped the rctl_lock in order
1712 for (i = 0; i < rulecnt; i++) {
1713 newlink = uma_zalloc(rctl_rule_link_zone, M_WAITOK);
1714 newlink->rrl_rule = NULL;
1715 LIST_INSERT_HEAD(&newrules, newlink, rrl_next);
1718 newlink = LIST_FIRST(&newrules);
1721 * Assign rules to the newly allocated list entries.
1723 rw_wlock(&rctl_lock);
1724 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
1725 if (link->rrl_rule->rr_subject_type ==
1726 RCTL_SUBJECT_TYPE_PROCESS) {
1727 if (newlink == NULL)
1729 rctl_rule_acquire(link->rrl_rule);
1730 newlink->rrl_rule = link->rrl_rule;
1731 newlink = LIST_NEXT(newlink, rrl_next);
1736 LIST_FOREACH(link, &newuip->ui_racct->r_rule_links, rrl_next) {
1737 if (newlink == NULL)
1739 rctl_rule_acquire(link->rrl_rule);
1740 newlink->rrl_rule = link->rrl_rule;
1741 newlink = LIST_NEXT(newlink, rrl_next);
1745 LIST_FOREACH(link, &newlc->lc_racct->r_rule_links, rrl_next) {
1746 if (newlink == NULL)
1748 rctl_rule_acquire(link->rrl_rule);
1749 newlink->rrl_rule = link->rrl_rule;
1750 newlink = LIST_NEXT(newlink, rrl_next);
1754 LIST_FOREACH(link, &newprr->prr_racct->r_rule_links, rrl_next) {
1755 if (newlink == NULL)
1757 rctl_rule_acquire(link->rrl_rule);
1758 newlink->rrl_rule = link->rrl_rule;
1759 newlink = LIST_NEXT(newlink, rrl_next);
1765 * Free the old rule list.
1767 while (!LIST_EMPTY(&p->p_racct->r_rule_links)) {
1768 link = LIST_FIRST(&p->p_racct->r_rule_links);
1769 LIST_REMOVE(link, rrl_next);
1770 rctl_rule_release(link->rrl_rule);
1771 uma_zfree(rctl_rule_link_zone, link);
1775 * Replace lists and we're done.
1777 * XXX: Is there any way to switch list heads instead
1778 * of iterating here?
1780 while (!LIST_EMPTY(&newrules)) {
1781 newlink = LIST_FIRST(&newrules);
1782 LIST_REMOVE(newlink, rrl_next);
1783 LIST_INSERT_HEAD(&p->p_racct->r_rule_links,
1787 rw_wunlock(&rctl_lock);
1793 rw_wunlock(&rctl_lock);
1796 * Rule list changed while we were not holding the rctl_lock.
1797 * Free the new list and try again.
1799 while (!LIST_EMPTY(&newrules)) {
1800 newlink = LIST_FIRST(&newrules);
1801 LIST_REMOVE(newlink, rrl_next);
1802 if (newlink->rrl_rule != NULL)
1803 rctl_rule_release(newlink->rrl_rule);
1804 uma_zfree(rctl_rule_link_zone, newlink);
1811 * Assign RCTL rules to the newly created process.
1814 rctl_proc_fork(struct proc *parent, struct proc *child)
1817 struct rctl_rule_link *link;
1818 struct rctl_rule *rule;
1820 LIST_INIT(&child->p_racct->r_rule_links);
1822 ASSERT_RACCT_ENABLED();
1823 KASSERT(parent->p_racct != NULL, ("process without racct; p = %p", parent));
1825 rw_wlock(&rctl_lock);
1828 * Go through limits applicable to the parent and assign them
1829 * to the child. Rules with 'process' subject have to be duplicated
1830 * in order to make their rr_subject point to the new process.
1832 LIST_FOREACH(link, &parent->p_racct->r_rule_links, rrl_next) {
1833 if (link->rrl_rule->rr_subject_type ==
1834 RCTL_SUBJECT_TYPE_PROCESS) {
1835 rule = rctl_rule_duplicate(link->rrl_rule, M_NOWAIT);
1838 KASSERT(rule->rr_subject.rs_proc == parent,
1839 ("rule->rr_subject.rs_proc != parent"));
1840 rule->rr_subject.rs_proc = child;
1841 error = rctl_racct_add_rule_locked(child->p_racct,
1843 rctl_rule_release(rule);
1847 error = rctl_racct_add_rule_locked(child->p_racct,
1854 rw_wunlock(&rctl_lock);
1858 while (!LIST_EMPTY(&child->p_racct->r_rule_links)) {
1859 link = LIST_FIRST(&child->p_racct->r_rule_links);
1860 LIST_REMOVE(link, rrl_next);
1861 rctl_rule_release(link->rrl_rule);
1862 uma_zfree(rctl_rule_link_zone, link);
1864 rw_wunlock(&rctl_lock);
1869 * Release rules attached to the racct.
1872 rctl_racct_release(struct racct *racct)
1874 struct rctl_rule_link *link;
1876 ASSERT_RACCT_ENABLED();
1878 rw_wlock(&rctl_lock);
1879 while (!LIST_EMPTY(&racct->r_rule_links)) {
1880 link = LIST_FIRST(&racct->r_rule_links);
1881 LIST_REMOVE(link, rrl_next);
1882 rctl_rule_release(link->rrl_rule);
1883 uma_zfree(rctl_rule_link_zone, link);
1885 rw_wunlock(&rctl_lock);
1895 rctl_rule_link_zone = uma_zcreate("rctl_rule_link",
1896 sizeof(struct rctl_rule_link), NULL, NULL, NULL, NULL,
1897 UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
1898 rctl_rule_zone = uma_zcreate("rctl_rule", sizeof(struct rctl_rule),
1899 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
1905 sys_rctl_get_racct(struct thread *td, struct rctl_get_racct_args *uap)
1912 sys_rctl_get_rules(struct thread *td, struct rctl_get_rules_args *uap)
1919 sys_rctl_get_limits(struct thread *td, struct rctl_get_limits_args *uap)
1926 sys_rctl_add_rule(struct thread *td, struct rctl_add_rule_args *uap)
1933 sys_rctl_remove_rule(struct thread *td, struct rctl_remove_rule_args *uap)