2 * Copyright (c) 2010 The FreeBSD Foundation
5 * This software was developed by Edward Tomasz Napierala under sponsorship
6 * from the FreeBSD Foundation.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
35 #include <sys/param.h>
37 #include <sys/malloc.h>
38 #include <sys/queue.h>
39 #include <sys/refcount.h>
41 #include <sys/kernel.h>
42 #include <sys/limits.h>
43 #include <sys/loginclass.h>
46 #include <sys/racct.h>
48 #include <sys/resourcevar.h>
50 #include <sys/sysent.h>
51 #include <sys/sysproto.h>
52 #include <sys/systm.h>
53 #include <sys/types.h>
54 #include <sys/eventhandler.h>
56 #include <sys/mutex.h>
57 #include <sys/rwlock.h>
59 #include <sys/taskqueue.h>
65 #error "The RCTL option requires the RACCT option"
68 FEATURE(rctl, "Resource Limits");
71 #define HRF_DONT_INHERIT 1
72 #define HRF_DONT_ACCUMULATE 2
74 /* Default buffer size for rctl_get_rules(2). */
75 #define RCTL_DEFAULT_BUFSIZE 4096
76 #define RCTL_MAX_INBUFLEN 4096
77 #define RCTL_LOG_BUFSIZE 128
80 * 'rctl_rule_link' connects a rule with every racct it's related to.
81 * For example, rule 'user:X:openfiles:deny=N/process' is linked
82 * with uidinfo for user X, and to each process of that user.
84 struct rctl_rule_link {
85 LIST_ENTRY(rctl_rule_link) rrl_next;
86 struct rctl_rule *rrl_rule;
95 static struct dict subjectnames[] = {
96 { "process", RCTL_SUBJECT_TYPE_PROCESS },
97 { "user", RCTL_SUBJECT_TYPE_USER },
98 { "loginclass", RCTL_SUBJECT_TYPE_LOGINCLASS },
99 { "jail", RCTL_SUBJECT_TYPE_JAIL },
102 static struct dict resourcenames[] = {
103 { "cputime", RACCT_CPU },
104 { "datasize", RACCT_DATA },
105 { "stacksize", RACCT_STACK },
106 { "coredumpsize", RACCT_CORE },
107 { "memoryuse", RACCT_RSS },
108 { "memorylocked", RACCT_MEMLOCK },
109 { "maxproc", RACCT_NPROC },
110 { "openfiles", RACCT_NOFILE },
111 { "vmemoryuse", RACCT_VMEM },
112 { "pseudoterminals", RACCT_NPTS },
113 { "swapuse", RACCT_SWAP },
114 { "nthr", RACCT_NTHR },
115 { "msgqqueued", RACCT_MSGQQUEUED },
116 { "msgqsize", RACCT_MSGQSIZE },
117 { "nmsgq", RACCT_NMSGQ },
118 { "nsem", RACCT_NSEM },
119 { "nsemop", RACCT_NSEMOP },
120 { "nshm", RACCT_NSHM },
121 { "shmsize", RACCT_SHMSIZE },
122 { "wallclock", RACCT_WALLCLOCK },
125 static struct dict actionnames[] = {
126 { "sighup", RCTL_ACTION_SIGHUP },
127 { "sigint", RCTL_ACTION_SIGINT },
128 { "sigquit", RCTL_ACTION_SIGQUIT },
129 { "sigill", RCTL_ACTION_SIGILL },
130 { "sigtrap", RCTL_ACTION_SIGTRAP },
131 { "sigabrt", RCTL_ACTION_SIGABRT },
132 { "sigemt", RCTL_ACTION_SIGEMT },
133 { "sigfpe", RCTL_ACTION_SIGFPE },
134 { "sigkill", RCTL_ACTION_SIGKILL },
135 { "sigbus", RCTL_ACTION_SIGBUS },
136 { "sigsegv", RCTL_ACTION_SIGSEGV },
137 { "sigsys", RCTL_ACTION_SIGSYS },
138 { "sigpipe", RCTL_ACTION_SIGPIPE },
139 { "sigalrm", RCTL_ACTION_SIGALRM },
140 { "sigterm", RCTL_ACTION_SIGTERM },
141 { "sigurg", RCTL_ACTION_SIGURG },
142 { "sigstop", RCTL_ACTION_SIGSTOP },
143 { "sigtstp", RCTL_ACTION_SIGTSTP },
144 { "sigchld", RCTL_ACTION_SIGCHLD },
145 { "sigttin", RCTL_ACTION_SIGTTIN },
146 { "sigttou", RCTL_ACTION_SIGTTOU },
147 { "sigio", RCTL_ACTION_SIGIO },
148 { "sigxcpu", RCTL_ACTION_SIGXCPU },
149 { "sigxfsz", RCTL_ACTION_SIGXFSZ },
150 { "sigvtalrm", RCTL_ACTION_SIGVTALRM },
151 { "sigprof", RCTL_ACTION_SIGPROF },
152 { "sigwinch", RCTL_ACTION_SIGWINCH },
153 { "siginfo", RCTL_ACTION_SIGINFO },
154 { "sigusr1", RCTL_ACTION_SIGUSR1 },
155 { "sigusr2", RCTL_ACTION_SIGUSR2 },
156 { "sigthr", RCTL_ACTION_SIGTHR },
157 { "deny", RCTL_ACTION_DENY },
158 { "log", RCTL_ACTION_LOG },
159 { "devctl", RCTL_ACTION_DEVCTL },
162 static void rctl_init(void);
163 SYSINIT(rctl, SI_SUB_RACCT, SI_ORDER_FIRST, rctl_init, NULL);
165 static uma_zone_t rctl_rule_link_zone;
166 static uma_zone_t rctl_rule_zone;
167 static struct rwlock rctl_lock;
168 RW_SYSINIT(rctl_lock, &rctl_lock, "RCTL lock");
170 static int rctl_rule_fully_specified(const struct rctl_rule *rule);
171 static void rctl_rule_to_sbuf(struct sbuf *sb, const struct rctl_rule *rule);
173 MALLOC_DEFINE(M_RCTL, "rctl", "Resource Limits");
176 rctl_subject_type_name(int subject)
180 for (i = 0; subjectnames[i].d_name != NULL; i++) {
181 if (subjectnames[i].d_value == subject)
182 return (subjectnames[i].d_name);
185 panic("rctl_subject_type_name: unknown subject type %d", subject);
189 rctl_action_name(int action)
193 for (i = 0; actionnames[i].d_name != NULL; i++) {
194 if (actionnames[i].d_value == action)
195 return (actionnames[i].d_name);
198 panic("rctl_action_name: unknown action %d", action);
202 rctl_resource_name(int resource)
206 for (i = 0; resourcenames[i].d_name != NULL; i++) {
207 if (resourcenames[i].d_value == resource)
208 return (resourcenames[i].d_name);
211 panic("rctl_resource_name: unknown resource %d", resource);
215 * Return the amount of resource that can be allocated by 'p' before
219 rctl_available_resource(const struct proc *p, const struct rctl_rule *rule)
222 int64_t available = INT64_MAX;
223 struct ucred *cred = p->p_ucred;
225 rw_assert(&rctl_lock, RA_LOCKED);
227 resource = rule->rr_resource;
228 switch (rule->rr_per) {
229 case RCTL_SUBJECT_TYPE_PROCESS:
230 available = rule->rr_amount -
231 p->p_racct->r_resources[resource];
233 case RCTL_SUBJECT_TYPE_USER:
234 available = rule->rr_amount -
235 cred->cr_ruidinfo->ui_racct->r_resources[resource];
237 case RCTL_SUBJECT_TYPE_LOGINCLASS:
238 available = rule->rr_amount -
239 cred->cr_loginclass->lc_racct->r_resources[resource];
241 case RCTL_SUBJECT_TYPE_JAIL:
242 available = rule->rr_amount -
243 cred->cr_prison->pr_prison_racct->prr_racct->
244 r_resources[resource];
247 panic("rctl_compute_available: unknown per %d",
255 * Return non-zero if allocating 'amount' by proc 'p' would exceed
256 * resource limit specified by 'rule'.
259 rctl_would_exceed(const struct proc *p, const struct rctl_rule *rule,
264 rw_assert(&rctl_lock, RA_LOCKED);
266 available = rctl_available_resource(p, rule);
267 if (available >= amount)
274 * Check whether the proc 'p' can allocate 'amount' of 'resource' in addition
275 * to what it keeps allocated now. Returns non-zero if the allocation should
276 * be denied, 0 otherwise.
279 rctl_enforce(struct proc *p, int resource, uint64_t amount)
281 struct rctl_rule *rule;
282 struct rctl_rule_link *link;
286 static int curtime = 0;
287 static struct timeval lasttime;
289 rw_rlock(&rctl_lock);
292 * There may be more than one matching rule; go through all of them.
293 * Denial should be done last, after logging and sending signals.
295 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
296 rule = link->rrl_rule;
297 if (rule->rr_resource != resource)
299 if (!rctl_would_exceed(p, rule, amount)) {
300 link->rrl_exceeded = 0;
304 switch (rule->rr_action) {
305 case RCTL_ACTION_DENY:
308 case RCTL_ACTION_LOG:
310 * If rrl_exceeded != 0, it means we've already
311 * logged a warning for this process.
313 if (link->rrl_exceeded != 0)
317 * If the process state is not fully initialized yet,
318 * we can't access most of the required fields, e.g.
319 * p->p_comm. This happens when called from fork1().
320 * Ignore this rule for now; it will be processed just
321 * after fork, when called from racct_proc_fork_done().
323 if (p->p_state != PRS_NORMAL)
326 if (!ppsratecheck(&lasttime, &curtime, 10))
329 buf = malloc(RCTL_LOG_BUFSIZE, M_RCTL, M_NOWAIT);
331 printf("rctl_enforce: out of memory\n");
334 sbuf_new(&sb, buf, RCTL_LOG_BUFSIZE, SBUF_FIXEDLEN);
335 rctl_rule_to_sbuf(&sb, rule);
337 printf("rctl: rule \"%s\" matched by pid %d "
338 "(%s), uid %d, jail %s\n", sbuf_data(&sb),
339 p->p_pid, p->p_comm, p->p_ucred->cr_uid,
340 p->p_ucred->cr_prison->pr_prison_racct->prr_name);
343 link->rrl_exceeded = 1;
345 case RCTL_ACTION_DEVCTL:
346 if (link->rrl_exceeded != 0)
349 if (p->p_state != PRS_NORMAL)
352 buf = malloc(RCTL_LOG_BUFSIZE, M_RCTL, M_NOWAIT);
354 printf("rctl_enforce: out of memory\n");
357 sbuf_new(&sb, buf, RCTL_LOG_BUFSIZE, SBUF_FIXEDLEN);
358 sbuf_printf(&sb, "rule=");
359 rctl_rule_to_sbuf(&sb, rule);
360 sbuf_printf(&sb, " pid=%d ruid=%d jail=%s",
361 p->p_pid, p->p_ucred->cr_ruid,
362 p->p_ucred->cr_prison->pr_prison_racct->prr_name);
364 devctl_notify_f("RCTL", "rule", "matched",
365 sbuf_data(&sb), M_NOWAIT);
368 link->rrl_exceeded = 1;
371 if (link->rrl_exceeded != 0)
374 if (p->p_state != PRS_NORMAL)
377 KASSERT(rule->rr_action > 0 &&
378 rule->rr_action <= RCTL_ACTION_SIGNAL_MAX,
379 ("rctl_enforce: unknown action %d",
383 * We're using the fact that RCTL_ACTION_SIG* values
384 * are equal to their counterparts from sys/signal.h.
386 kern_psignal(p, rule->rr_action);
387 link->rrl_exceeded = 1;
392 rw_runlock(&rctl_lock);
396 * Return fake error code; the caller should change it
397 * into one proper for the situation - EFSIZ, ENOMEM etc.
406 rctl_get_limit(struct proc *p, int resource)
408 struct rctl_rule *rule;
409 struct rctl_rule_link *link;
410 uint64_t amount = UINT64_MAX;
412 rw_rlock(&rctl_lock);
415 * There may be more than one matching rule; go through all of them.
416 * Denial should be done last, after logging and sending signals.
418 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
419 rule = link->rrl_rule;
420 if (rule->rr_resource != resource)
422 if (rule->rr_action != RCTL_ACTION_DENY)
424 if (rule->rr_amount < amount)
425 amount = rule->rr_amount;
428 rw_runlock(&rctl_lock);
434 rctl_get_available(struct proc *p, int resource)
436 struct rctl_rule *rule;
437 struct rctl_rule_link *link;
438 int64_t available, minavailable, allocated;
440 minavailable = INT64_MAX;
442 rw_rlock(&rctl_lock);
445 * There may be more than one matching rule; go through all of them.
446 * Denial should be done last, after logging and sending signals.
448 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
449 rule = link->rrl_rule;
450 if (rule->rr_resource != resource)
452 if (rule->rr_action != RCTL_ACTION_DENY)
454 available = rctl_available_resource(p, rule);
455 if (available < minavailable)
456 minavailable = available;
459 rw_runlock(&rctl_lock);
462 * XXX: Think about this _hard_.
464 allocated = p->p_racct->r_resources[resource];
465 if (minavailable < INT64_MAX - allocated)
466 minavailable += allocated;
467 if (minavailable < 0)
469 return (minavailable);
473 rctl_rule_matches(const struct rctl_rule *rule, const struct rctl_rule *filter)
476 if (filter->rr_subject_type != RCTL_SUBJECT_TYPE_UNDEFINED) {
477 if (rule->rr_subject_type != filter->rr_subject_type)
480 switch (filter->rr_subject_type) {
481 case RCTL_SUBJECT_TYPE_PROCESS:
482 if (filter->rr_subject.rs_proc != NULL &&
483 rule->rr_subject.rs_proc !=
484 filter->rr_subject.rs_proc)
487 case RCTL_SUBJECT_TYPE_USER:
488 if (filter->rr_subject.rs_uip != NULL &&
489 rule->rr_subject.rs_uip !=
490 filter->rr_subject.rs_uip)
493 case RCTL_SUBJECT_TYPE_LOGINCLASS:
494 if (filter->rr_subject.rs_loginclass != NULL &&
495 rule->rr_subject.rs_loginclass !=
496 filter->rr_subject.rs_loginclass)
499 case RCTL_SUBJECT_TYPE_JAIL:
500 if (filter->rr_subject.rs_prison_racct != NULL &&
501 rule->rr_subject.rs_prison_racct !=
502 filter->rr_subject.rs_prison_racct)
506 panic("rctl_rule_matches: unknown subject type %d",
507 filter->rr_subject_type);
511 if (filter->rr_resource != RACCT_UNDEFINED) {
512 if (rule->rr_resource != filter->rr_resource)
516 if (filter->rr_action != RCTL_ACTION_UNDEFINED) {
517 if (rule->rr_action != filter->rr_action)
521 if (filter->rr_amount != RCTL_AMOUNT_UNDEFINED) {
522 if (rule->rr_amount != filter->rr_amount)
526 if (filter->rr_per != RCTL_SUBJECT_TYPE_UNDEFINED) {
527 if (rule->rr_per != filter->rr_per)
535 str2value(const char *str, int *value, struct dict *table)
542 for (i = 0; table[i].d_name != NULL; i++) {
543 if (strcasecmp(table[i].d_name, str) == 0) {
544 *value = table[i].d_value;
553 str2id(const char *str, id_t *value)
560 *value = strtoul(str, &end, 10);
561 if ((size_t)(end - str) != strlen(str))
568 str2int64(const char *str, int64_t *value)
575 *value = strtoul(str, &end, 10);
576 if ((size_t)(end - str) != strlen(str))
583 * Connect the rule to the racct, increasing refcount for the rule.
586 rctl_racct_add_rule(struct racct *racct, struct rctl_rule *rule)
588 struct rctl_rule_link *link;
590 KASSERT(rctl_rule_fully_specified(rule), ("rule not fully specified"));
592 rctl_rule_acquire(rule);
593 link = uma_zalloc(rctl_rule_link_zone, M_WAITOK);
594 link->rrl_rule = rule;
595 link->rrl_exceeded = 0;
597 rw_wlock(&rctl_lock);
598 LIST_INSERT_HEAD(&racct->r_rule_links, link, rrl_next);
599 rw_wunlock(&rctl_lock);
603 rctl_racct_add_rule_locked(struct racct *racct, struct rctl_rule *rule)
605 struct rctl_rule_link *link;
607 KASSERT(rctl_rule_fully_specified(rule), ("rule not fully specified"));
608 rw_assert(&rctl_lock, RA_WLOCKED);
610 link = uma_zalloc(rctl_rule_link_zone, M_NOWAIT);
613 rctl_rule_acquire(rule);
614 link->rrl_rule = rule;
615 link->rrl_exceeded = 0;
617 LIST_INSERT_HEAD(&racct->r_rule_links, link, rrl_next);
622 * Remove limits for a rules matching the filter and release
623 * the refcounts for the rules, possibly freeing them. Returns
624 * the number of limit structures removed.
627 rctl_racct_remove_rules(struct racct *racct,
628 const struct rctl_rule *filter)
631 struct rctl_rule_link *link, *linktmp;
633 rw_assert(&rctl_lock, RA_WLOCKED);
635 LIST_FOREACH_SAFE(link, &racct->r_rule_links, rrl_next, linktmp) {
636 if (!rctl_rule_matches(link->rrl_rule, filter))
639 LIST_REMOVE(link, rrl_next);
640 rctl_rule_release(link->rrl_rule);
641 uma_zfree(rctl_rule_link_zone, link);
648 rctl_rule_acquire_subject(struct rctl_rule *rule)
651 switch (rule->rr_subject_type) {
652 case RCTL_SUBJECT_TYPE_UNDEFINED:
653 case RCTL_SUBJECT_TYPE_PROCESS:
655 case RCTL_SUBJECT_TYPE_JAIL:
656 if (rule->rr_subject.rs_prison_racct != NULL)
657 prison_racct_hold(rule->rr_subject.rs_prison_racct);
659 case RCTL_SUBJECT_TYPE_USER:
660 if (rule->rr_subject.rs_uip != NULL)
661 uihold(rule->rr_subject.rs_uip);
663 case RCTL_SUBJECT_TYPE_LOGINCLASS:
664 if (rule->rr_subject.rs_loginclass != NULL)
665 loginclass_hold(rule->rr_subject.rs_loginclass);
668 panic("rctl_rule_acquire_subject: unknown subject type %d",
669 rule->rr_subject_type);
674 rctl_rule_release_subject(struct rctl_rule *rule)
677 switch (rule->rr_subject_type) {
678 case RCTL_SUBJECT_TYPE_UNDEFINED:
679 case RCTL_SUBJECT_TYPE_PROCESS:
681 case RCTL_SUBJECT_TYPE_JAIL:
682 if (rule->rr_subject.rs_prison_racct != NULL)
683 prison_racct_free(rule->rr_subject.rs_prison_racct);
685 case RCTL_SUBJECT_TYPE_USER:
686 if (rule->rr_subject.rs_uip != NULL)
687 uifree(rule->rr_subject.rs_uip);
689 case RCTL_SUBJECT_TYPE_LOGINCLASS:
690 if (rule->rr_subject.rs_loginclass != NULL)
691 loginclass_free(rule->rr_subject.rs_loginclass);
694 panic("rctl_rule_release_subject: unknown subject type %d",
695 rule->rr_subject_type);
700 rctl_rule_alloc(int flags)
702 struct rctl_rule *rule;
704 rule = uma_zalloc(rctl_rule_zone, flags);
707 rule->rr_subject_type = RCTL_SUBJECT_TYPE_UNDEFINED;
708 rule->rr_subject.rs_proc = NULL;
709 rule->rr_subject.rs_uip = NULL;
710 rule->rr_subject.rs_loginclass = NULL;
711 rule->rr_subject.rs_prison_racct = NULL;
712 rule->rr_per = RCTL_SUBJECT_TYPE_UNDEFINED;
713 rule->rr_resource = RACCT_UNDEFINED;
714 rule->rr_action = RCTL_ACTION_UNDEFINED;
715 rule->rr_amount = RCTL_AMOUNT_UNDEFINED;
716 refcount_init(&rule->rr_refcount, 1);
722 rctl_rule_duplicate(const struct rctl_rule *rule, int flags)
724 struct rctl_rule *copy;
726 copy = uma_zalloc(rctl_rule_zone, flags);
729 copy->rr_subject_type = rule->rr_subject_type;
730 copy->rr_subject.rs_proc = rule->rr_subject.rs_proc;
731 copy->rr_subject.rs_uip = rule->rr_subject.rs_uip;
732 copy->rr_subject.rs_loginclass = rule->rr_subject.rs_loginclass;
733 copy->rr_subject.rs_prison_racct = rule->rr_subject.rs_prison_racct;
734 copy->rr_per = rule->rr_per;
735 copy->rr_resource = rule->rr_resource;
736 copy->rr_action = rule->rr_action;
737 copy->rr_amount = rule->rr_amount;
738 refcount_init(©->rr_refcount, 1);
739 rctl_rule_acquire_subject(copy);
745 rctl_rule_acquire(struct rctl_rule *rule)
748 KASSERT(rule->rr_refcount > 0, ("rule->rr_refcount <= 0"));
750 refcount_acquire(&rule->rr_refcount);
754 rctl_rule_free(void *context, int pending)
756 struct rctl_rule *rule;
758 rule = (struct rctl_rule *)context;
760 KASSERT(rule->rr_refcount == 0, ("rule->rr_refcount != 0"));
763 * We don't need locking here; rule is guaranteed to be inaccessible.
766 rctl_rule_release_subject(rule);
767 uma_zfree(rctl_rule_zone, rule);
771 rctl_rule_release(struct rctl_rule *rule)
774 KASSERT(rule->rr_refcount > 0, ("rule->rr_refcount <= 0"));
776 if (refcount_release(&rule->rr_refcount)) {
778 * rctl_rule_release() is often called when iterating
779 * over all the uidinfo structures in the system,
780 * holding uihashtbl_lock. Since rctl_rule_free()
781 * might end up calling uifree(), this would lead
782 * to lock recursion. Use taskqueue to avoid this.
784 TASK_INIT(&rule->rr_task, 0, rctl_rule_free, rule);
785 taskqueue_enqueue(taskqueue_thread, &rule->rr_task);
790 rctl_rule_fully_specified(const struct rctl_rule *rule)
793 switch (rule->rr_subject_type) {
794 case RCTL_SUBJECT_TYPE_UNDEFINED:
796 case RCTL_SUBJECT_TYPE_PROCESS:
797 if (rule->rr_subject.rs_proc == NULL)
800 case RCTL_SUBJECT_TYPE_USER:
801 if (rule->rr_subject.rs_uip == NULL)
804 case RCTL_SUBJECT_TYPE_LOGINCLASS:
805 if (rule->rr_subject.rs_loginclass == NULL)
808 case RCTL_SUBJECT_TYPE_JAIL:
809 if (rule->rr_subject.rs_prison_racct == NULL)
813 panic("rctl_rule_fully_specified: unknown subject type %d",
814 rule->rr_subject_type);
816 if (rule->rr_resource == RACCT_UNDEFINED)
818 if (rule->rr_action == RCTL_ACTION_UNDEFINED)
820 if (rule->rr_amount == RCTL_AMOUNT_UNDEFINED)
822 if (rule->rr_per == RCTL_SUBJECT_TYPE_UNDEFINED)
829 rctl_string_to_rule(char *rulestr, struct rctl_rule **rulep)
832 char *subjectstr, *subject_idstr, *resourcestr, *actionstr,
834 struct rctl_rule *rule;
837 rule = rctl_rule_alloc(M_WAITOK);
839 subjectstr = strsep(&rulestr, ":");
840 subject_idstr = strsep(&rulestr, ":");
841 resourcestr = strsep(&rulestr, ":");
842 actionstr = strsep(&rulestr, "=/");
843 amountstr = strsep(&rulestr, "/");
846 if (subjectstr == NULL || subjectstr[0] == '\0')
847 rule->rr_subject_type = RCTL_SUBJECT_TYPE_UNDEFINED;
849 error = str2value(subjectstr, &rule->rr_subject_type, subjectnames);
854 if (subject_idstr == NULL || subject_idstr[0] == '\0') {
855 rule->rr_subject.rs_proc = NULL;
856 rule->rr_subject.rs_uip = NULL;
857 rule->rr_subject.rs_loginclass = NULL;
858 rule->rr_subject.rs_prison_racct = NULL;
860 switch (rule->rr_subject_type) {
861 case RCTL_SUBJECT_TYPE_UNDEFINED:
864 case RCTL_SUBJECT_TYPE_PROCESS:
865 error = str2id(subject_idstr, &id);
868 sx_assert(&allproc_lock, SA_LOCKED);
869 rule->rr_subject.rs_proc = pfind(id);
870 if (rule->rr_subject.rs_proc == NULL) {
874 PROC_UNLOCK(rule->rr_subject.rs_proc);
876 case RCTL_SUBJECT_TYPE_USER:
877 error = str2id(subject_idstr, &id);
880 rule->rr_subject.rs_uip = uifind(id);
882 case RCTL_SUBJECT_TYPE_LOGINCLASS:
883 rule->rr_subject.rs_loginclass =
884 loginclass_find(subject_idstr);
885 if (rule->rr_subject.rs_loginclass == NULL) {
886 error = ENAMETOOLONG;
890 case RCTL_SUBJECT_TYPE_JAIL:
891 rule->rr_subject.rs_prison_racct =
892 prison_racct_find(subject_idstr);
893 if (rule->rr_subject.rs_prison_racct == NULL) {
894 error = ENAMETOOLONG;
899 panic("rctl_string_to_rule: unknown subject type %d",
900 rule->rr_subject_type);
904 if (resourcestr == NULL || resourcestr[0] == '\0')
905 rule->rr_resource = RACCT_UNDEFINED;
907 error = str2value(resourcestr, &rule->rr_resource,
913 if (actionstr == NULL || actionstr[0] == '\0')
914 rule->rr_action = RCTL_ACTION_UNDEFINED;
916 error = str2value(actionstr, &rule->rr_action, actionnames);
921 if (amountstr == NULL || amountstr[0] == '\0')
922 rule->rr_amount = RCTL_AMOUNT_UNDEFINED;
924 error = str2int64(amountstr, &rule->rr_amount);
927 if (RACCT_IS_IN_MILLIONS(rule->rr_resource))
928 rule->rr_amount *= 1000000;
931 if (perstr == NULL || perstr[0] == '\0')
932 rule->rr_per = RCTL_SUBJECT_TYPE_UNDEFINED;
934 error = str2value(perstr, &rule->rr_per, subjectnames);
943 rctl_rule_release(rule);
949 * Link a rule with all the subjects it applies to.
952 rctl_rule_add(struct rctl_rule *rule)
958 struct prison_racct *prr;
959 struct loginclass *lc;
960 struct rctl_rule *rule2;
963 KASSERT(rctl_rule_fully_specified(rule), ("rule not fully specified"));
966 * Some rules just don't make sense. Note that the one below
967 * cannot be rewritten using RACCT_IS_DENIABLE(); the RACCT_PCTCPU,
968 * for example, is not deniable in the racct sense, but the
969 * limit is enforced in a different way, so "deny" rules for %CPU
972 if (rule->rr_action == RCTL_ACTION_DENY &&
973 (rule->rr_resource == RACCT_CPU ||
974 rule->rr_resource == RACCT_WALLCLOCK))
977 if (rule->rr_per == RCTL_SUBJECT_TYPE_PROCESS &&
978 RACCT_IS_SLOPPY(rule->rr_resource))
982 * Make sure there are no duplicated rules. Also, for the "deny"
983 * rules, remove ones differing only by "amount".
985 if (rule->rr_action == RCTL_ACTION_DENY) {
986 rule2 = rctl_rule_duplicate(rule, M_WAITOK);
987 rule2->rr_amount = RCTL_AMOUNT_UNDEFINED;
988 rctl_rule_remove(rule2);
989 rctl_rule_release(rule2);
991 rctl_rule_remove(rule);
993 switch (rule->rr_subject_type) {
994 case RCTL_SUBJECT_TYPE_PROCESS:
995 p = rule->rr_subject.rs_proc;
996 KASSERT(p != NULL, ("rctl_rule_add: NULL proc"));
998 * No resource limits for system processes.
1000 if (p->p_flag & P_SYSTEM)
1003 rctl_racct_add_rule(p->p_racct, rule);
1005 * In case of per-process rule, we don't have anything more
1010 case RCTL_SUBJECT_TYPE_USER:
1011 uip = rule->rr_subject.rs_uip;
1012 KASSERT(uip != NULL, ("rctl_rule_add: NULL uip"));
1013 rctl_racct_add_rule(uip->ui_racct, rule);
1016 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1017 lc = rule->rr_subject.rs_loginclass;
1018 KASSERT(lc != NULL, ("rctl_rule_add: NULL loginclass"));
1019 rctl_racct_add_rule(lc->lc_racct, rule);
1022 case RCTL_SUBJECT_TYPE_JAIL:
1023 prr = rule->rr_subject.rs_prison_racct;
1024 KASSERT(prr != NULL, ("rctl_rule_add: NULL pr"));
1025 rctl_racct_add_rule(prr->prr_racct, rule);
1029 panic("rctl_rule_add: unknown subject type %d",
1030 rule->rr_subject_type);
1034 * Now go through all the processes and add the new rule to the ones
1037 sx_assert(&allproc_lock, SA_LOCKED);
1038 FOREACH_PROC_IN_SYSTEM(p) {
1039 if (p->p_flag & P_SYSTEM)
1042 switch (rule->rr_subject_type) {
1043 case RCTL_SUBJECT_TYPE_USER:
1044 if (cred->cr_uidinfo == rule->rr_subject.rs_uip ||
1045 cred->cr_ruidinfo == rule->rr_subject.rs_uip)
1048 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1049 if (cred->cr_loginclass == rule->rr_subject.rs_loginclass)
1052 case RCTL_SUBJECT_TYPE_JAIL:
1054 for (pr = cred->cr_prison; pr != NULL; pr = pr->pr_parent) {
1055 if (pr->pr_prison_racct == rule->rr_subject.rs_prison_racct) {
1064 panic("rctl_rule_add: unknown subject type %d",
1065 rule->rr_subject_type);
1068 rctl_racct_add_rule(p->p_racct, rule);
1075 rctl_rule_remove_callback(struct racct *racct, void *arg2, void *arg3)
1077 struct rctl_rule *filter = (struct rctl_rule *)arg2;
1080 rw_wlock(&rctl_lock);
1081 found += rctl_racct_remove_rules(racct, filter);
1082 rw_wunlock(&rctl_lock);
1084 *((int *)arg3) += found;
1088 * Remove all rules that match the filter.
1091 rctl_rule_remove(struct rctl_rule *filter)
1096 if (filter->rr_subject_type == RCTL_SUBJECT_TYPE_PROCESS &&
1097 filter->rr_subject.rs_proc != NULL) {
1098 p = filter->rr_subject.rs_proc;
1099 rw_wlock(&rctl_lock);
1100 found = rctl_racct_remove_rules(p->p_racct, filter);
1101 rw_wunlock(&rctl_lock);
1107 loginclass_racct_foreach(rctl_rule_remove_callback, filter,
1109 ui_racct_foreach(rctl_rule_remove_callback, filter,
1111 prison_racct_foreach(rctl_rule_remove_callback, filter,
1114 sx_assert(&allproc_lock, SA_LOCKED);
1115 rw_wlock(&rctl_lock);
1116 FOREACH_PROC_IN_SYSTEM(p) {
1117 found += rctl_racct_remove_rules(p->p_racct, filter);
1119 rw_wunlock(&rctl_lock);
1127 * Appends a rule to the sbuf.
1130 rctl_rule_to_sbuf(struct sbuf *sb, const struct rctl_rule *rule)
1134 sbuf_printf(sb, "%s:", rctl_subject_type_name(rule->rr_subject_type));
1136 switch (rule->rr_subject_type) {
1137 case RCTL_SUBJECT_TYPE_PROCESS:
1138 if (rule->rr_subject.rs_proc == NULL)
1139 sbuf_printf(sb, ":");
1141 sbuf_printf(sb, "%d:",
1142 rule->rr_subject.rs_proc->p_pid);
1144 case RCTL_SUBJECT_TYPE_USER:
1145 if (rule->rr_subject.rs_uip == NULL)
1146 sbuf_printf(sb, ":");
1148 sbuf_printf(sb, "%d:",
1149 rule->rr_subject.rs_uip->ui_uid);
1151 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1152 if (rule->rr_subject.rs_loginclass == NULL)
1153 sbuf_printf(sb, ":");
1155 sbuf_printf(sb, "%s:",
1156 rule->rr_subject.rs_loginclass->lc_name);
1158 case RCTL_SUBJECT_TYPE_JAIL:
1159 if (rule->rr_subject.rs_prison_racct == NULL)
1160 sbuf_printf(sb, ":");
1162 sbuf_printf(sb, "%s:",
1163 rule->rr_subject.rs_prison_racct->prr_name);
1166 panic("rctl_rule_to_sbuf: unknown subject type %d",
1167 rule->rr_subject_type);
1170 amount = rule->rr_amount;
1171 if (amount != RCTL_AMOUNT_UNDEFINED &&
1172 RACCT_IS_IN_MILLIONS(rule->rr_resource))
1175 sbuf_printf(sb, "%s:%s=%jd",
1176 rctl_resource_name(rule->rr_resource),
1177 rctl_action_name(rule->rr_action),
1180 if (rule->rr_per != rule->rr_subject_type)
1181 sbuf_printf(sb, "/%s", rctl_subject_type_name(rule->rr_per));
1185 * Routine used by RCTL syscalls to read in input string.
1188 rctl_read_inbuf(char **inputstr, const char *inbufp, size_t inbuflen)
1195 if (inbuflen > RCTL_MAX_INBUFLEN)
1198 str = malloc(inbuflen + 1, M_RCTL, M_WAITOK);
1199 error = copyinstr(inbufp, str, inbuflen, NULL);
1211 * Routine used by RCTL syscalls to write out output string.
1214 rctl_write_outbuf(struct sbuf *outputsbuf, char *outbufp, size_t outbuflen)
1218 if (outputsbuf == NULL)
1221 sbuf_finish(outputsbuf);
1222 if (outbuflen < sbuf_len(outputsbuf) + 1) {
1223 sbuf_delete(outputsbuf);
1226 error = copyout(sbuf_data(outputsbuf), outbufp,
1227 sbuf_len(outputsbuf) + 1);
1228 sbuf_delete(outputsbuf);
1232 static struct sbuf *
1233 rctl_racct_to_sbuf(struct racct *racct, int sloppy)
1239 sb = sbuf_new_auto();
1240 for (i = 0; i <= RACCT_MAX; i++) {
1241 if (sloppy == 0 && RACCT_IS_SLOPPY(i))
1243 amount = racct->r_resources[i];
1244 if (RACCT_IS_IN_MILLIONS(i))
1246 sbuf_printf(sb, "%s=%jd,", rctl_resource_name(i), amount);
1248 sbuf_setpos(sb, sbuf_len(sb) - 1);
1253 sys_rctl_get_racct(struct thread *td, struct rctl_get_racct_args *uap)
1257 struct rctl_rule *filter;
1258 struct sbuf *outputsbuf = NULL;
1260 struct uidinfo *uip;
1261 struct loginclass *lc;
1262 struct prison_racct *prr;
1264 error = priv_check(td, PRIV_RCTL_GET_RACCT);
1268 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1272 sx_slock(&allproc_lock);
1273 error = rctl_string_to_rule(inputstr, &filter);
1274 free(inputstr, M_RCTL);
1276 sx_sunlock(&allproc_lock);
1280 switch (filter->rr_subject_type) {
1281 case RCTL_SUBJECT_TYPE_PROCESS:
1282 p = filter->rr_subject.rs_proc;
1287 if (p->p_flag & P_SYSTEM) {
1291 outputsbuf = rctl_racct_to_sbuf(p->p_racct, 0);
1293 case RCTL_SUBJECT_TYPE_USER:
1294 uip = filter->rr_subject.rs_uip;
1299 outputsbuf = rctl_racct_to_sbuf(uip->ui_racct, 1);
1301 case RCTL_SUBJECT_TYPE_LOGINCLASS:
1302 lc = filter->rr_subject.rs_loginclass;
1307 outputsbuf = rctl_racct_to_sbuf(lc->lc_racct, 1);
1309 case RCTL_SUBJECT_TYPE_JAIL:
1310 prr = filter->rr_subject.rs_prison_racct;
1315 outputsbuf = rctl_racct_to_sbuf(prr->prr_racct, 1);
1321 rctl_rule_release(filter);
1322 sx_sunlock(&allproc_lock);
1326 error = rctl_write_outbuf(outputsbuf, uap->outbufp, uap->outbuflen);
1332 rctl_get_rules_callback(struct racct *racct, void *arg2, void *arg3)
1334 struct rctl_rule *filter = (struct rctl_rule *)arg2;
1335 struct rctl_rule_link *link;
1336 struct sbuf *sb = (struct sbuf *)arg3;
1338 rw_rlock(&rctl_lock);
1339 LIST_FOREACH(link, &racct->r_rule_links, rrl_next) {
1340 if (!rctl_rule_matches(link->rrl_rule, filter))
1342 rctl_rule_to_sbuf(sb, link->rrl_rule);
1343 sbuf_printf(sb, ",");
1345 rw_runlock(&rctl_lock);
1349 sys_rctl_get_rules(struct thread *td, struct rctl_get_rules_args *uap)
1352 size_t bufsize = RCTL_DEFAULT_BUFSIZE;
1353 char *inputstr, *buf;
1355 struct rctl_rule *filter;
1356 struct rctl_rule_link *link;
1359 error = priv_check(td, PRIV_RCTL_GET_RULES);
1363 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1367 sx_slock(&allproc_lock);
1368 error = rctl_string_to_rule(inputstr, &filter);
1369 free(inputstr, M_RCTL);
1371 sx_sunlock(&allproc_lock);
1376 buf = malloc(bufsize, M_RCTL, M_WAITOK);
1377 sb = sbuf_new(NULL, buf, bufsize, SBUF_FIXEDLEN);
1378 KASSERT(sb != NULL, ("sbuf_new failed"));
1380 sx_assert(&allproc_lock, SA_LOCKED);
1381 FOREACH_PROC_IN_SYSTEM(p) {
1382 rw_rlock(&rctl_lock);
1383 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
1385 * Non-process rules will be added to the buffer later.
1386 * Adding them here would result in duplicated output.
1388 if (link->rrl_rule->rr_subject_type !=
1389 RCTL_SUBJECT_TYPE_PROCESS)
1391 if (!rctl_rule_matches(link->rrl_rule, filter))
1393 rctl_rule_to_sbuf(sb, link->rrl_rule);
1394 sbuf_printf(sb, ",");
1396 rw_runlock(&rctl_lock);
1399 loginclass_racct_foreach(rctl_get_rules_callback, filter, sb);
1400 ui_racct_foreach(rctl_get_rules_callback, filter, sb);
1401 prison_racct_foreach(rctl_get_rules_callback, filter, sb);
1402 if (sbuf_error(sb) == ENOMEM) {
1410 * Remove trailing ",".
1412 if (sbuf_len(sb) > 0)
1413 sbuf_setpos(sb, sbuf_len(sb) - 1);
1415 error = rctl_write_outbuf(sb, uap->outbufp, uap->outbuflen);
1417 rctl_rule_release(filter);
1418 sx_sunlock(&allproc_lock);
1424 sys_rctl_get_limits(struct thread *td, struct rctl_get_limits_args *uap)
1427 size_t bufsize = RCTL_DEFAULT_BUFSIZE;
1428 char *inputstr, *buf;
1430 struct rctl_rule *filter;
1431 struct rctl_rule_link *link;
1433 error = priv_check(td, PRIV_RCTL_GET_LIMITS);
1437 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1441 sx_slock(&allproc_lock);
1442 error = rctl_string_to_rule(inputstr, &filter);
1443 free(inputstr, M_RCTL);
1445 sx_sunlock(&allproc_lock);
1449 if (filter->rr_subject_type == RCTL_SUBJECT_TYPE_UNDEFINED) {
1450 rctl_rule_release(filter);
1451 sx_sunlock(&allproc_lock);
1454 if (filter->rr_subject_type != RCTL_SUBJECT_TYPE_PROCESS) {
1455 rctl_rule_release(filter);
1456 sx_sunlock(&allproc_lock);
1457 return (EOPNOTSUPP);
1459 if (filter->rr_subject.rs_proc == NULL) {
1460 rctl_rule_release(filter);
1461 sx_sunlock(&allproc_lock);
1466 buf = malloc(bufsize, M_RCTL, M_WAITOK);
1467 sb = sbuf_new(NULL, buf, bufsize, SBUF_FIXEDLEN);
1468 KASSERT(sb != NULL, ("sbuf_new failed"));
1470 rw_rlock(&rctl_lock);
1471 LIST_FOREACH(link, &filter->rr_subject.rs_proc->p_racct->r_rule_links,
1473 rctl_rule_to_sbuf(sb, link->rrl_rule);
1474 sbuf_printf(sb, ",");
1476 rw_runlock(&rctl_lock);
1477 if (sbuf_error(sb) == ENOMEM) {
1485 * Remove trailing ",".
1487 if (sbuf_len(sb) > 0)
1488 sbuf_setpos(sb, sbuf_len(sb) - 1);
1490 error = rctl_write_outbuf(sb, uap->outbufp, uap->outbuflen);
1491 rctl_rule_release(filter);
1492 sx_sunlock(&allproc_lock);
1498 sys_rctl_add_rule(struct thread *td, struct rctl_add_rule_args *uap)
1501 struct rctl_rule *rule;
1504 error = priv_check(td, PRIV_RCTL_ADD_RULE);
1508 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1512 sx_slock(&allproc_lock);
1513 error = rctl_string_to_rule(inputstr, &rule);
1514 free(inputstr, M_RCTL);
1516 sx_sunlock(&allproc_lock);
1520 * The 'per' part of a rule is optional.
1522 if (rule->rr_per == RCTL_SUBJECT_TYPE_UNDEFINED &&
1523 rule->rr_subject_type != RCTL_SUBJECT_TYPE_UNDEFINED)
1524 rule->rr_per = rule->rr_subject_type;
1526 if (!rctl_rule_fully_specified(rule)) {
1531 error = rctl_rule_add(rule);
1534 rctl_rule_release(rule);
1535 sx_sunlock(&allproc_lock);
1540 sys_rctl_remove_rule(struct thread *td, struct rctl_remove_rule_args *uap)
1543 struct rctl_rule *filter;
1546 error = priv_check(td, PRIV_RCTL_REMOVE_RULE);
1550 error = rctl_read_inbuf(&inputstr, uap->inbufp, uap->inbuflen);
1554 sx_slock(&allproc_lock);
1555 error = rctl_string_to_rule(inputstr, &filter);
1556 free(inputstr, M_RCTL);
1558 sx_sunlock(&allproc_lock);
1562 error = rctl_rule_remove(filter);
1563 rctl_rule_release(filter);
1564 sx_sunlock(&allproc_lock);
1570 * Update RCTL rule list after credential change.
1573 rctl_proc_ucred_changed(struct proc *p, struct ucred *newcred)
1576 struct rctl_rule_link *link, *newlink;
1577 struct uidinfo *newuip;
1578 struct loginclass *newlc;
1579 struct prison_racct *newprr;
1580 LIST_HEAD(, rctl_rule_link) newrules;
1582 newuip = newcred->cr_ruidinfo;
1583 newlc = newcred->cr_loginclass;
1584 newprr = newcred->cr_prison->pr_prison_racct;
1586 LIST_INIT(&newrules);
1590 * First, count the rules that apply to the process with new
1594 rw_rlock(&rctl_lock);
1595 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
1596 if (link->rrl_rule->rr_subject_type ==
1597 RCTL_SUBJECT_TYPE_PROCESS)
1600 LIST_FOREACH(link, &newuip->ui_racct->r_rule_links, rrl_next)
1602 LIST_FOREACH(link, &newlc->lc_racct->r_rule_links, rrl_next)
1604 LIST_FOREACH(link, &newprr->prr_racct->r_rule_links, rrl_next)
1606 rw_runlock(&rctl_lock);
1609 * Create temporary list. We've dropped the rctl_lock in order
1612 for (i = 0; i < rulecnt; i++) {
1613 newlink = uma_zalloc(rctl_rule_link_zone, M_WAITOK);
1614 newlink->rrl_rule = NULL;
1615 LIST_INSERT_HEAD(&newrules, newlink, rrl_next);
1618 newlink = LIST_FIRST(&newrules);
1621 * Assign rules to the newly allocated list entries.
1623 rw_wlock(&rctl_lock);
1624 LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
1625 if (link->rrl_rule->rr_subject_type ==
1626 RCTL_SUBJECT_TYPE_PROCESS) {
1627 if (newlink == NULL)
1629 rctl_rule_acquire(link->rrl_rule);
1630 newlink->rrl_rule = link->rrl_rule;
1631 newlink = LIST_NEXT(newlink, rrl_next);
1636 LIST_FOREACH(link, &newuip->ui_racct->r_rule_links, rrl_next) {
1637 if (newlink == NULL)
1639 rctl_rule_acquire(link->rrl_rule);
1640 newlink->rrl_rule = link->rrl_rule;
1641 newlink = LIST_NEXT(newlink, rrl_next);
1645 LIST_FOREACH(link, &newlc->lc_racct->r_rule_links, rrl_next) {
1646 if (newlink == NULL)
1648 rctl_rule_acquire(link->rrl_rule);
1649 newlink->rrl_rule = link->rrl_rule;
1650 newlink = LIST_NEXT(newlink, rrl_next);
1654 LIST_FOREACH(link, &newprr->prr_racct->r_rule_links, rrl_next) {
1655 if (newlink == NULL)
1657 rctl_rule_acquire(link->rrl_rule);
1658 newlink->rrl_rule = link->rrl_rule;
1659 newlink = LIST_NEXT(newlink, rrl_next);
1665 * Free the old rule list.
1667 while (!LIST_EMPTY(&p->p_racct->r_rule_links)) {
1668 link = LIST_FIRST(&p->p_racct->r_rule_links);
1669 LIST_REMOVE(link, rrl_next);
1670 rctl_rule_release(link->rrl_rule);
1671 uma_zfree(rctl_rule_link_zone, link);
1675 * Replace lists and we're done.
1677 * XXX: Is there any way to switch list heads instead
1678 * of iterating here?
1680 while (!LIST_EMPTY(&newrules)) {
1681 newlink = LIST_FIRST(&newrules);
1682 LIST_REMOVE(newlink, rrl_next);
1683 LIST_INSERT_HEAD(&p->p_racct->r_rule_links,
1687 rw_wunlock(&rctl_lock);
1693 rw_wunlock(&rctl_lock);
1696 * Rule list changed while we were not holding the rctl_lock.
1697 * Free the new list and try again.
1699 while (!LIST_EMPTY(&newrules)) {
1700 newlink = LIST_FIRST(&newrules);
1701 LIST_REMOVE(newlink, rrl_next);
1702 if (newlink->rrl_rule != NULL)
1703 rctl_rule_release(newlink->rrl_rule);
1704 uma_zfree(rctl_rule_link_zone, newlink);
1711 * Assign RCTL rules to the newly created process.
1714 rctl_proc_fork(struct proc *parent, struct proc *child)
1717 struct rctl_rule_link *link;
1718 struct rctl_rule *rule;
1720 LIST_INIT(&child->p_racct->r_rule_links);
1723 * No limits for kernel processes.
1725 if (child->p_flag & P_SYSTEM)
1729 * Nothing to inherit from P_SYSTEM parents.
1731 if (parent->p_racct == NULL) {
1732 KASSERT(parent->p_flag & P_SYSTEM,
1733 ("non-system process without racct; p = %p", parent));
1737 rw_wlock(&rctl_lock);
1740 * Go through limits applicable to the parent and assign them
1741 * to the child. Rules with 'process' subject have to be duplicated
1742 * in order to make their rr_subject point to the new process.
1744 LIST_FOREACH(link, &parent->p_racct->r_rule_links, rrl_next) {
1745 if (link->rrl_rule->rr_subject_type ==
1746 RCTL_SUBJECT_TYPE_PROCESS) {
1747 rule = rctl_rule_duplicate(link->rrl_rule, M_NOWAIT);
1750 KASSERT(rule->rr_subject.rs_proc == parent,
1751 ("rule->rr_subject.rs_proc != parent"));
1752 rule->rr_subject.rs_proc = child;
1753 error = rctl_racct_add_rule_locked(child->p_racct,
1755 rctl_rule_release(rule);
1759 error = rctl_racct_add_rule_locked(child->p_racct,
1766 rw_wunlock(&rctl_lock);
1770 while (!LIST_EMPTY(&child->p_racct->r_rule_links)) {
1771 link = LIST_FIRST(&child->p_racct->r_rule_links);
1772 LIST_REMOVE(link, rrl_next);
1773 rctl_rule_release(link->rrl_rule);
1774 uma_zfree(rctl_rule_link_zone, link);
1776 rw_wunlock(&rctl_lock);
1781 * Release rules attached to the racct.
1784 rctl_racct_release(struct racct *racct)
1786 struct rctl_rule_link *link;
1788 rw_wlock(&rctl_lock);
1789 while (!LIST_EMPTY(&racct->r_rule_links)) {
1790 link = LIST_FIRST(&racct->r_rule_links);
1791 LIST_REMOVE(link, rrl_next);
1792 rctl_rule_release(link->rrl_rule);
1793 uma_zfree(rctl_rule_link_zone, link);
1795 rw_wunlock(&rctl_lock);
1802 rctl_rule_link_zone = uma_zcreate("rctl_rule_link",
1803 sizeof(struct rctl_rule_link), NULL, NULL, NULL, NULL,
1804 UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
1805 rctl_rule_zone = uma_zcreate("rctl_rule", sizeof(struct rctl_rule),
1806 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
1812 sys_rctl_get_racct(struct thread *td, struct rctl_get_racct_args *uap)
1819 sys_rctl_get_rules(struct thread *td, struct rctl_get_rules_args *uap)
1826 sys_rctl_get_limits(struct thread *td, struct rctl_get_limits_args *uap)
1833 sys_rctl_add_rule(struct thread *td, struct rctl_add_rule_args *uap)
1840 sys_rctl_remove_rule(struct thread *td, struct rctl_remove_rule_args *uap)