1994-05-24 10:09:53 +00:00
|
|
|
/*-
|
|
|
|
* Copyright (c) 1982, 1986, 1991, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
|
|
|
* (c) UNIX System Laboratories, Inc.
|
|
|
|
* All or some portions of this file are derived from material licensed
|
|
|
|
* to the University of California by American Telephone and Telegraph
|
|
|
|
* Co. or Unix System Laboratories, Inc. and are reproduced herein with
|
|
|
|
* the permission of UNIX System Laboratories, Inc.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
|
|
* must display the following acknowledgement:
|
|
|
|
* This product includes software developed by the University of
|
|
|
|
* California, Berkeley and its contributors.
|
|
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* @(#)kern_resource.c 8.5 (Berkeley) 1/21/94
|
1999-08-28 01:08:13 +00:00
|
|
|
* $FreeBSD$
|
1994-05-24 10:09:53 +00:00
|
|
|
*/
|
|
|
|
|
1997-12-16 17:40:42 +00:00
|
|
|
#include "opt_compat.h"
|
1996-12-22 23:17:09 +00:00
|
|
|
#include "opt_rlimit.h"
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/param.h>
|
1994-05-25 09:21:21 +00:00
|
|
|
#include <sys/systm.h>
|
1995-11-12 06:43:28 +00:00
|
|
|
#include <sys/sysproto.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/file.h>
|
2000-09-05 22:11:13 +00:00
|
|
|
#include <sys/kernel.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/resourcevar.h>
|
|
|
|
#include <sys/malloc.h>
|
2000-12-01 06:59:18 +00:00
|
|
|
#include <sys/mutex.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
#include <sys/proc.h>
|
1999-11-29 11:29:04 +00:00
|
|
|
#include <sys/time.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
|
|
|
|
#include <vm/vm.h>
|
1995-12-07 12:48:31 +00:00
|
|
|
#include <vm/vm_param.h>
|
1997-02-10 02:22:35 +00:00
|
|
|
#include <sys/lock.h>
|
1995-12-07 12:48:31 +00:00
|
|
|
#include <vm/pmap.h>
|
|
|
|
#include <vm/vm_map.h>
|
1994-05-24 10:09:53 +00:00
|
|
|
|
1998-02-09 06:11:36 +00:00
|
|
|
static int donice __P((struct proc *curp, struct proc *chgp, int n));
|
1999-01-31 03:15:13 +00:00
|
|
|
/* dosetrlimit non-static: Needed by SysVR4 emulator */
|
1999-01-30 06:25:00 +00:00
|
|
|
int dosetrlimit __P((struct proc *p, u_int which, struct rlimit *limp));
|
1994-10-10 01:00:49 +00:00
|
|
|
|
2000-09-05 22:11:13 +00:00
|
|
|
static MALLOC_DEFINE(M_UIDINFO, "uidinfo", "uidinfo structures");
|
|
|
|
#define UIHASH(uid) (&uihashtbl[(uid) & uihash])
|
2000-11-26 12:08:17 +00:00
|
|
|
static struct mtx uihashtbl_mtx;
|
2000-09-05 22:11:13 +00:00
|
|
|
static LIST_HEAD(uihashhead, uidinfo) *uihashtbl;
|
|
|
|
static u_long uihash; /* size of hash table - 1 */
|
|
|
|
|
|
|
|
static struct uidinfo *uilookup __P((uid_t uid));
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Resource controls and accounting.
|
|
|
|
*/
|
|
|
|
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1994-05-24 10:09:53 +00:00
|
|
|
struct getpriority_args {
|
|
|
|
int which;
|
|
|
|
int who;
|
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
getpriority(curp, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
struct proc *curp;
|
|
|
|
register struct getpriority_args *uap;
|
|
|
|
{
|
1998-01-19 12:39:00 +00:00
|
|
|
register struct proc *p;
|
1994-05-24 10:09:53 +00:00
|
|
|
register int low = PRIO_MAX + 1;
|
|
|
|
|
|
|
|
switch (uap->which) {
|
|
|
|
|
|
|
|
case PRIO_PROCESS:
|
|
|
|
if (uap->who == 0)
|
|
|
|
p = curp;
|
|
|
|
else
|
|
|
|
p = pfind(uap->who);
|
|
|
|
if (p == 0)
|
|
|
|
break;
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if (p_can(curp, p, P_CAN_SEE, NULL))
|
2000-06-04 04:28:31 +00:00
|
|
|
break;
|
1994-05-24 10:09:53 +00:00
|
|
|
low = p->p_nice;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case PRIO_PGRP: {
|
|
|
|
register struct pgrp *pg;
|
|
|
|
|
|
|
|
if (uap->who == 0)
|
|
|
|
pg = curp->p_pgrp;
|
|
|
|
else if ((pg = pgfind(uap->who)) == NULL)
|
|
|
|
break;
|
1999-11-16 10:56:05 +00:00
|
|
|
LIST_FOREACH(p, &pg->pg_members, p_pglist) {
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if (!p_can(curp, p, P_CAN_SEE, NULL) && p->p_nice < low)
|
1994-05-24 10:09:53 +00:00
|
|
|
low = p->p_nice;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
case PRIO_USER:
|
|
|
|
if (uap->who == 0)
|
|
|
|
uap->who = curp->p_ucred->cr_uid;
|
2000-12-13 00:17:05 +00:00
|
|
|
ALLPROC_LOCK(AP_SHARED);
|
1999-11-16 10:56:05 +00:00
|
|
|
LIST_FOREACH(p, &allproc, p_list)
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if (!p_can(curp, p, P_CAN_SEE, NULL) &&
|
2000-06-04 04:28:31 +00:00
|
|
|
p->p_ucred->cr_uid == uap->who &&
|
1994-05-24 10:09:53 +00:00
|
|
|
p->p_nice < low)
|
|
|
|
low = p->p_nice;
|
2000-12-13 00:17:05 +00:00
|
|
|
ALLPROC_LOCK(AP_RELEASE);
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
if (low == PRIO_MAX + 1)
|
|
|
|
return (ESRCH);
|
1998-01-19 12:39:00 +00:00
|
|
|
curp->p_retval[0] = low;
|
1994-05-24 10:09:53 +00:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1994-05-24 10:09:53 +00:00
|
|
|
struct setpriority_args {
|
|
|
|
int which;
|
|
|
|
int who;
|
|
|
|
int prio;
|
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
/* ARGSUSED */
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
setpriority(curp, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
struct proc *curp;
|
|
|
|
register struct setpriority_args *uap;
|
|
|
|
{
|
|
|
|
register struct proc *p;
|
|
|
|
int found = 0, error = 0;
|
|
|
|
|
|
|
|
switch (uap->which) {
|
|
|
|
|
|
|
|
case PRIO_PROCESS:
|
|
|
|
if (uap->who == 0)
|
|
|
|
p = curp;
|
|
|
|
else
|
|
|
|
p = pfind(uap->who);
|
|
|
|
if (p == 0)
|
|
|
|
break;
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if (p_can(curp, p, P_CAN_SEE, NULL))
|
2000-06-04 04:28:31 +00:00
|
|
|
break;
|
1994-05-24 10:09:53 +00:00
|
|
|
error = donice(curp, p, uap->prio);
|
|
|
|
found++;
|
|
|
|
break;
|
|
|
|
|
|
|
|
case PRIO_PGRP: {
|
|
|
|
register struct pgrp *pg;
|
1995-05-30 08:16:23 +00:00
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
if (uap->who == 0)
|
|
|
|
pg = curp->p_pgrp;
|
|
|
|
else if ((pg = pgfind(uap->who)) == NULL)
|
|
|
|
break;
|
1999-11-16 10:56:05 +00:00
|
|
|
LIST_FOREACH(p, &pg->pg_members, p_pglist) {
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if (!p_can(curp, p, P_CAN_SEE, NULL)) {
|
2000-06-04 04:28:31 +00:00
|
|
|
error = donice(curp, p, uap->prio);
|
|
|
|
found++;
|
|
|
|
}
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
case PRIO_USER:
|
|
|
|
if (uap->who == 0)
|
|
|
|
uap->who = curp->p_ucred->cr_uid;
|
2000-12-13 00:17:05 +00:00
|
|
|
ALLPROC_LOCK(AP_SHARED);
|
1999-11-16 10:56:05 +00:00
|
|
|
LIST_FOREACH(p, &allproc, p_list)
|
2000-06-04 04:28:31 +00:00
|
|
|
if (p->p_ucred->cr_uid == uap->who &&
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
!p_can(curp, p, P_CAN_SEE, NULL)) {
|
1994-05-24 10:09:53 +00:00
|
|
|
error = donice(curp, p, uap->prio);
|
|
|
|
found++;
|
|
|
|
}
|
2000-12-13 00:17:05 +00:00
|
|
|
ALLPROC_LOCK(AP_RELEASE);
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
if (found == 0)
|
|
|
|
return (ESRCH);
|
|
|
|
return (error);
|
|
|
|
}
|
|
|
|
|
1998-02-09 06:11:36 +00:00
|
|
|
static int
|
1994-05-24 10:09:53 +00:00
|
|
|
donice(curp, chgp, n)
|
|
|
|
register struct proc *curp, *chgp;
|
|
|
|
register int n;
|
|
|
|
{
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
int error;
|
1994-05-24 10:09:53 +00:00
|
|
|
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if ((error = p_can(curp, chgp, P_CAN_SCHED, NULL)))
|
|
|
|
return (error);
|
1994-05-24 10:09:53 +00:00
|
|
|
if (n > PRIO_MAX)
|
|
|
|
n = PRIO_MAX;
|
|
|
|
if (n < PRIO_MIN)
|
|
|
|
n = PRIO_MIN;
|
1999-04-27 12:21:16 +00:00
|
|
|
if (n < chgp->p_nice && suser(curp))
|
1994-05-24 10:09:53 +00:00
|
|
|
return (EACCES);
|
|
|
|
chgp->p_nice = n;
|
|
|
|
(void)resetpriority(chgp);
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
1994-09-01 05:12:53 +00:00
|
|
|
/* rtprio system call */
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1994-09-01 05:12:53 +00:00
|
|
|
struct rtprio_args {
|
1994-10-02 04:48:21 +00:00
|
|
|
int function;
|
|
|
|
pid_t pid;
|
1995-11-11 01:48:17 +00:00
|
|
|
struct rtprio *rtp;
|
1994-09-01 05:12:53 +00:00
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-09-01 05:12:53 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Set realtime priority
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* ARGSUSED */
|
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
rtprio(curp, uap)
|
1994-09-01 05:12:53 +00:00
|
|
|
struct proc *curp;
|
|
|
|
register struct rtprio_args *uap;
|
|
|
|
{
|
|
|
|
register struct proc *p;
|
1994-10-02 04:48:21 +00:00
|
|
|
struct rtprio rtp;
|
|
|
|
int error;
|
|
|
|
|
1995-11-11 01:48:17 +00:00
|
|
|
error = copyin(uap->rtp, &rtp, sizeof(struct rtprio));
|
1994-10-02 04:48:21 +00:00
|
|
|
if (error)
|
|
|
|
return (error);
|
1994-09-01 05:12:53 +00:00
|
|
|
|
1994-10-02 04:48:21 +00:00
|
|
|
if (uap->pid == 0)
|
1994-09-01 05:12:53 +00:00
|
|
|
p = curp;
|
|
|
|
else
|
1994-10-02 04:48:21 +00:00
|
|
|
p = pfind(uap->pid);
|
1994-09-01 05:12:53 +00:00
|
|
|
|
|
|
|
if (p == 0)
|
|
|
|
return (ESRCH);
|
|
|
|
|
1994-10-02 04:48:21 +00:00
|
|
|
switch (uap->function) {
|
|
|
|
case RTP_LOOKUP:
|
2001-02-12 00:20:08 +00:00
|
|
|
pri_to_rtp(&p->p_pri, &rtp);
|
|
|
|
return (copyout(&rtp, uap->rtp, sizeof(struct rtprio)));
|
1994-10-02 04:48:21 +00:00
|
|
|
case RTP_SET:
|
o Centralize inter-process access control, introducing:
int p_can(p1, p2, operation, privused)
which allows specification of subject process, object process,
inter-process operation, and an optional call-by-reference privused
flag, allowing the caller to determine if privilege was required
for the call to succeed. This allows jail, kern.ps_showallprocs and
regular credential-based interaction checks to occur in one block of
code. Possible operations are P_CAN_SEE, P_CAN_SCHED, P_CAN_KILL,
and P_CAN_DEBUG. p_can currently breaks out as a wrapper to a
series of static function checks in kern_prot, which should not
be invoked directly.
o Commented out capabilities entries are included for some checks.
o Update most inter-process authorization to make use of p_can() instead
of manual checks, PRISON_CHECK(), P_TRESPASS(), and
kern.ps_showallprocs.
o Modify suser{,_xxx} to use const arguments, as it no longer modifies
process flags due to the disabling of ASU.
o Modify some checks/errors in procfs so that ENOENT is returned instead
of ESRCH, further improving concealment of processes that should not
be visible to other processes. Also introduce new access checks to
improve hiding of processes for procfs_lookup(), procfs_getattr(),
procfs_readdir(). Correct a bug reported by bp concerning not
handling the CREATE case in procfs_lookup(). Remove volatile flag in
procfs that caused apparently spurious qualifier warnigns (approved by
bde).
o Add comment noting that ktrace() has not been updated, as its access
control checks are different from ptrace(), whereas they should
probably be the same. Further discussion should happen on this topic.
Reviewed by: bde, green, phk, freebsd-security, others
Approved by: bde
Obtained from: TrustedBSD Project
2000-08-30 04:49:09 +00:00
|
|
|
if ((error = p_can(curp, p, P_CAN_SCHED, NULL)))
|
|
|
|
return (error);
|
1994-10-02 04:48:21 +00:00
|
|
|
/* disallow setting rtprio in most cases if not superuser */
|
2000-08-24 04:54:31 +00:00
|
|
|
if (suser(curp) != 0) {
|
1994-10-02 04:48:21 +00:00
|
|
|
/* can't set someone else's */
|
|
|
|
if (uap->pid)
|
1995-05-30 08:16:23 +00:00
|
|
|
return (EPERM);
|
1994-10-02 04:48:21 +00:00
|
|
|
/* can't set realtime priority */
|
1998-02-04 18:43:10 +00:00
|
|
|
/*
|
|
|
|
* Realtime priority has to be restricted for reasons which should be
|
|
|
|
* obvious. However, for idle priority, there is a potential for
|
|
|
|
* system deadlock if an idleprio process gains a lock on a resource
|
|
|
|
* that other processes need (and the idleprio process can't run
|
|
|
|
* due to a CPU-bound normal process). Fix me! XXX
|
|
|
|
*/
|
|
|
|
#if 0
|
1998-03-04 10:25:55 +00:00
|
|
|
if (RTP_PRIO_IS_REALTIME(rtp.type))
|
1998-02-04 18:43:10 +00:00
|
|
|
#endif
|
|
|
|
if (rtp.type != RTP_PRIO_NORMAL)
|
1994-10-02 04:48:21 +00:00
|
|
|
return (EPERM);
|
|
|
|
}
|
2001-02-12 00:20:08 +00:00
|
|
|
if (rtp_to_pri(&rtp, &p->p_pri) == 0)
|
1994-10-02 04:48:21 +00:00
|
|
|
return (0);
|
2001-02-12 00:20:08 +00:00
|
|
|
return (EINVAL);
|
1994-10-02 04:48:21 +00:00
|
|
|
default:
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
}
|
1994-09-01 05:12:53 +00:00
|
|
|
|
2001-02-12 00:20:08 +00:00
|
|
|
int
|
|
|
|
rtp_to_pri(struct rtprio *rtp, struct priority *pri)
|
|
|
|
{
|
|
|
|
|
|
|
|
if (rtp->prio > RTP_PRIO_MAX)
|
|
|
|
return (-1);
|
|
|
|
switch (RTP_PRIO_BASE(rtp->type)) {
|
|
|
|
case RTP_PRIO_REALTIME:
|
|
|
|
pri->pri_level = PRI_MIN_REALTIME + rtp->prio;
|
|
|
|
break;
|
|
|
|
case RTP_PRIO_NORMAL:
|
|
|
|
pri->pri_level = PRI_MIN_TIMESHARE + rtp->prio;
|
|
|
|
break;
|
|
|
|
case RTP_PRIO_IDLE:
|
|
|
|
pri->pri_level = PRI_MIN_IDLE + rtp->prio;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
return (-1);
|
|
|
|
}
|
|
|
|
pri->pri_class = rtp->type;
|
|
|
|
pri->pri_native = pri->pri_level;
|
|
|
|
pri->pri_user = pri->pri_level;
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
pri_to_rtp(struct priority *pri, struct rtprio *rtp)
|
|
|
|
{
|
|
|
|
|
|
|
|
switch (PRI_BASE(pri->pri_class)) {
|
|
|
|
case PRI_REALTIME:
|
|
|
|
rtp->prio = pri->pri_level - PRI_MIN_REALTIME;
|
|
|
|
break;
|
|
|
|
case PRI_TIMESHARE:
|
|
|
|
rtp->prio = pri->pri_level - PRI_MIN_TIMESHARE;
|
|
|
|
break;
|
|
|
|
case PRI_IDLE:
|
|
|
|
rtp->prio = pri->pri_level - PRI_MIN_IDLE;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
rtp->type = pri->pri_class;
|
|
|
|
}
|
|
|
|
|
1994-05-24 10:09:53 +00:00
|
|
|
#if defined(COMPAT_43) || defined(COMPAT_SUNOS)
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1995-11-11 01:48:17 +00:00
|
|
|
struct osetrlimit_args {
|
1994-05-24 10:09:53 +00:00
|
|
|
u_int which;
|
1995-11-11 01:48:17 +00:00
|
|
|
struct orlimit *rlp;
|
1994-05-24 10:09:53 +00:00
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
/* ARGSUSED */
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
osetrlimit(p, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
struct proc *p;
|
1995-11-11 01:48:17 +00:00
|
|
|
register struct osetrlimit_args *uap;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
|
|
|
struct orlimit olim;
|
|
|
|
struct rlimit lim;
|
|
|
|
int error;
|
|
|
|
|
1994-09-25 19:34:02 +00:00
|
|
|
if ((error =
|
1995-11-11 01:48:17 +00:00
|
|
|
copyin((caddr_t)uap->rlp, (caddr_t)&olim, sizeof(struct orlimit))))
|
1994-05-24 10:09:53 +00:00
|
|
|
return (error);
|
|
|
|
lim.rlim_cur = olim.rlim_cur;
|
|
|
|
lim.rlim_max = olim.rlim_max;
|
|
|
|
return (dosetrlimit(p, uap->which, &lim));
|
|
|
|
}
|
|
|
|
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1995-11-11 01:48:17 +00:00
|
|
|
struct ogetrlimit_args {
|
1994-05-24 10:09:53 +00:00
|
|
|
u_int which;
|
|
|
|
struct orlimit *rlp;
|
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
/* ARGSUSED */
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
ogetrlimit(p, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
struct proc *p;
|
1995-11-11 01:48:17 +00:00
|
|
|
register struct ogetrlimit_args *uap;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
|
|
|
struct orlimit olim;
|
|
|
|
|
|
|
|
if (uap->which >= RLIM_NLIMITS)
|
|
|
|
return (EINVAL);
|
|
|
|
olim.rlim_cur = p->p_rlimit[uap->which].rlim_cur;
|
|
|
|
if (olim.rlim_cur == -1)
|
|
|
|
olim.rlim_cur = 0x7fffffff;
|
|
|
|
olim.rlim_max = p->p_rlimit[uap->which].rlim_max;
|
|
|
|
if (olim.rlim_max == -1)
|
|
|
|
olim.rlim_max = 0x7fffffff;
|
|
|
|
return (copyout((caddr_t)&olim, (caddr_t)uap->rlp, sizeof(olim)));
|
|
|
|
}
|
|
|
|
#endif /* COMPAT_43 || COMPAT_SUNOS */
|
|
|
|
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1994-05-24 10:09:53 +00:00
|
|
|
struct __setrlimit_args {
|
|
|
|
u_int which;
|
1995-11-11 01:48:17 +00:00
|
|
|
struct rlimit *rlp;
|
1994-05-24 10:09:53 +00:00
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
/* ARGSUSED */
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
setrlimit(p, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
struct proc *p;
|
|
|
|
register struct __setrlimit_args *uap;
|
|
|
|
{
|
|
|
|
struct rlimit alim;
|
|
|
|
int error;
|
|
|
|
|
1994-09-25 19:34:02 +00:00
|
|
|
if ((error =
|
1995-11-11 01:48:17 +00:00
|
|
|
copyin((caddr_t)uap->rlp, (caddr_t)&alim, sizeof (struct rlimit))))
|
1994-05-24 10:09:53 +00:00
|
|
|
return (error);
|
|
|
|
return (dosetrlimit(p, uap->which, &alim));
|
|
|
|
}
|
|
|
|
|
1999-01-30 06:25:00 +00:00
|
|
|
int
|
1994-05-24 10:09:53 +00:00
|
|
|
dosetrlimit(p, which, limp)
|
|
|
|
struct proc *p;
|
|
|
|
u_int which;
|
|
|
|
struct rlimit *limp;
|
|
|
|
{
|
|
|
|
register struct rlimit *alimp;
|
|
|
|
int error;
|
|
|
|
|
|
|
|
if (which >= RLIM_NLIMITS)
|
|
|
|
return (EINVAL);
|
|
|
|
alimp = &p->p_rlimit[which];
|
1994-12-06 22:53:37 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Preserve historical bugs by treating negative limits as unsigned.
|
|
|
|
*/
|
|
|
|
if (limp->rlim_cur < 0)
|
|
|
|
limp->rlim_cur = RLIM_INFINITY;
|
|
|
|
if (limp->rlim_max < 0)
|
|
|
|
limp->rlim_max = RLIM_INFINITY;
|
|
|
|
|
1995-05-30 08:16:23 +00:00
|
|
|
if (limp->rlim_cur > alimp->rlim_max ||
|
1994-05-24 10:09:53 +00:00
|
|
|
limp->rlim_max > alimp->rlim_max)
|
This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
|
|
|
if ((error = suser_xxx(0, p, PRISON_ROOT)))
|
1994-05-24 10:09:53 +00:00
|
|
|
return (error);
|
|
|
|
if (limp->rlim_cur > limp->rlim_max)
|
|
|
|
limp->rlim_cur = limp->rlim_max;
|
|
|
|
if (p->p_limit->p_refcnt > 1 &&
|
|
|
|
(p->p_limit->p_lflags & PL_SHAREMOD) == 0) {
|
|
|
|
p->p_limit->p_refcnt--;
|
|
|
|
p->p_limit = limcopy(p->p_limit);
|
|
|
|
alimp = &p->p_rlimit[which];
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (which) {
|
|
|
|
|
1998-05-28 09:30:28 +00:00
|
|
|
case RLIMIT_CPU:
|
|
|
|
if (limp->rlim_cur > RLIM_INFINITY / (rlim_t)1000000)
|
|
|
|
p->p_limit->p_cpulimit = RLIM_INFINITY;
|
|
|
|
else
|
|
|
|
p->p_limit->p_cpulimit =
|
|
|
|
(rlim_t)1000000 * limp->rlim_cur;
|
|
|
|
break;
|
1994-05-24 10:09:53 +00:00
|
|
|
case RLIMIT_DATA:
|
1994-12-06 22:53:37 +00:00
|
|
|
if (limp->rlim_cur > MAXDSIZ)
|
1994-05-25 09:21:21 +00:00
|
|
|
limp->rlim_cur = MAXDSIZ;
|
1994-12-06 22:53:37 +00:00
|
|
|
if (limp->rlim_max > MAXDSIZ)
|
1994-05-25 09:21:21 +00:00
|
|
|
limp->rlim_max = MAXDSIZ;
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case RLIMIT_STACK:
|
1994-12-06 22:53:37 +00:00
|
|
|
if (limp->rlim_cur > MAXSSIZ)
|
1994-05-25 09:21:21 +00:00
|
|
|
limp->rlim_cur = MAXSSIZ;
|
1994-12-06 22:53:37 +00:00
|
|
|
if (limp->rlim_max > MAXSSIZ)
|
1994-05-25 09:21:21 +00:00
|
|
|
limp->rlim_max = MAXSSIZ;
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Stack is allocated to the max at exec time with only
|
|
|
|
* "rlim_cur" bytes accessible. If stack limit is going
|
|
|
|
* up make more accessible, if going down make inaccessible.
|
|
|
|
*/
|
|
|
|
if (limp->rlim_cur != alimp->rlim_cur) {
|
|
|
|
vm_offset_t addr;
|
|
|
|
vm_size_t size;
|
|
|
|
vm_prot_t prot;
|
|
|
|
|
1994-12-06 22:53:37 +00:00
|
|
|
if (limp->rlim_cur > alimp->rlim_cur) {
|
1994-05-24 10:09:53 +00:00
|
|
|
prot = VM_PROT_ALL;
|
|
|
|
size = limp->rlim_cur - alimp->rlim_cur;
|
|
|
|
addr = USRSTACK - limp->rlim_cur;
|
|
|
|
} else {
|
|
|
|
prot = VM_PROT_NONE;
|
|
|
|
size = alimp->rlim_cur - limp->rlim_cur;
|
|
|
|
addr = USRSTACK - alimp->rlim_cur;
|
|
|
|
}
|
|
|
|
addr = trunc_page(addr);
|
|
|
|
size = round_page(size);
|
|
|
|
(void) vm_map_protect(&p->p_vmspace->vm_map,
|
|
|
|
addr, addr+size, prot, FALSE);
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
|
|
|
|
case RLIMIT_NOFILE:
|
1995-02-20 19:42:42 +00:00
|
|
|
if (limp->rlim_cur > maxfilesperproc)
|
|
|
|
limp->rlim_cur = maxfilesperproc;
|
|
|
|
if (limp->rlim_max > maxfilesperproc)
|
|
|
|
limp->rlim_max = maxfilesperproc;
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case RLIMIT_NPROC:
|
1995-02-20 19:42:42 +00:00
|
|
|
if (limp->rlim_cur > maxprocperuid)
|
|
|
|
limp->rlim_cur = maxprocperuid;
|
|
|
|
if (limp->rlim_max > maxprocperuid)
|
|
|
|
limp->rlim_max = maxprocperuid;
|
2001-02-20 23:34:16 +00:00
|
|
|
if (limp->rlim_cur < 1)
|
|
|
|
limp->rlim_cur = 1;
|
|
|
|
if (limp->rlim_max < 1)
|
|
|
|
limp->rlim_max = 1;
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
*alimp = *limp;
|
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1994-05-24 10:09:53 +00:00
|
|
|
struct __getrlimit_args {
|
|
|
|
u_int which;
|
|
|
|
struct rlimit *rlp;
|
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
/* ARGSUSED */
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
getrlimit(p, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
struct proc *p;
|
|
|
|
register struct __getrlimit_args *uap;
|
|
|
|
{
|
|
|
|
|
|
|
|
if (uap->which >= RLIM_NLIMITS)
|
|
|
|
return (EINVAL);
|
|
|
|
return (copyout((caddr_t)&p->p_rlimit[uap->which], (caddr_t)uap->rlp,
|
|
|
|
sizeof (struct rlimit)));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Transform the running time and tick information in proc p into user,
|
|
|
|
* system, and interrupt time usage.
|
|
|
|
*/
|
1994-05-25 09:21:21 +00:00
|
|
|
void
|
1994-05-24 10:09:53 +00:00
|
|
|
calcru(p, up, sp, ip)
|
1996-01-16 18:10:19 +00:00
|
|
|
struct proc *p;
|
|
|
|
struct timeval *up;
|
|
|
|
struct timeval *sp;
|
|
|
|
struct timeval *ip;
|
1994-05-24 10:09:53 +00:00
|
|
|
{
|
1999-03-13 19:46:13 +00:00
|
|
|
/* {user, system, interrupt, total} {ticks, usec}; previous tu: */
|
|
|
|
u_int64_t ut, uu, st, su, it, iu, tt, tu, ptu;
|
1996-01-16 18:10:19 +00:00
|
|
|
int s;
|
1994-05-24 10:09:53 +00:00
|
|
|
struct timeval tv;
|
|
|
|
|
2001-01-24 11:06:39 +00:00
|
|
|
mtx_assert(&sched_lock, MA_OWNED);
|
1998-04-04 13:26:20 +00:00
|
|
|
/* XXX: why spl-protect ? worst case is an off-by-one report */
|
1994-05-24 10:09:53 +00:00
|
|
|
s = splstatclock();
|
|
|
|
ut = p->p_uticks;
|
1999-03-13 19:46:13 +00:00
|
|
|
st = p->p_sticks;
|
1994-05-24 10:09:53 +00:00
|
|
|
it = p->p_iticks;
|
|
|
|
splx(s);
|
|
|
|
|
1999-03-13 19:46:13 +00:00
|
|
|
tt = ut + st + it;
|
|
|
|
if (tt == 0) {
|
1996-06-08 11:48:28 +00:00
|
|
|
st = 1;
|
1999-03-13 19:46:13 +00:00
|
|
|
tt = 1;
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
|
1999-03-13 19:46:13 +00:00
|
|
|
tu = p->p_runtime;
|
1998-04-04 13:26:20 +00:00
|
|
|
if (p == curproc) {
|
1994-05-24 10:09:53 +00:00
|
|
|
/*
|
|
|
|
* Adjust for the current time slice. This is actually fairly
|
|
|
|
* important since the error here is on the order of a time
|
|
|
|
* quantum, which is much greater than the sampling error.
|
|
|
|
*/
|
2001-02-22 20:12:52 +00:00
|
|
|
microuptime(&tv);
|
|
|
|
if (timevalcmp(&tv, PCPU_PTR(switchtime), <))
|
2000-06-10 19:21:20 +00:00
|
|
|
printf("microuptime() went backwards (%ld.%06ld -> %ld.%06ld)\n",
|
2001-02-22 20:12:52 +00:00
|
|
|
PCPU_GET(switchtime.tv_sec), PCPU_GET(switchtime.tv_usec),
|
|
|
|
tv.tv_sec, tv.tv_usec);
|
1999-11-29 11:29:04 +00:00
|
|
|
else
|
2001-02-22 20:12:52 +00:00
|
|
|
tu += (tv.tv_usec - PCPU_GET(switchtime.tv_usec)) +
|
|
|
|
(tv.tv_sec - PCPU_GET(switchtime.tv_sec)) *
|
2001-01-10 04:43:51 +00:00
|
|
|
(int64_t)1000000;
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
2000-01-28 20:40:29 +00:00
|
|
|
ptu = p->p_uu + p->p_su + p->p_iu;
|
1999-03-13 19:46:13 +00:00
|
|
|
if (tu < ptu || (int64_t)tu < 0) {
|
1996-06-08 11:48:28 +00:00
|
|
|
/* XXX no %qd in kernel. Truncate. */
|
1997-08-26 00:20:11 +00:00
|
|
|
printf("calcru: negative time of %ld usec for pid %d (%s)\n",
|
1999-03-13 19:46:13 +00:00
|
|
|
(long)tu, p->p_pid, p->p_comm);
|
|
|
|
tu = ptu;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Subdivide tu. */
|
|
|
|
uu = (tu * ut) / tt;
|
|
|
|
su = (tu * st) / tt;
|
|
|
|
iu = tu - uu - su;
|
|
|
|
|
|
|
|
/* Enforce monotonicity. */
|
2000-01-28 20:40:29 +00:00
|
|
|
if (uu < p->p_uu || su < p->p_su || iu < p->p_iu) {
|
|
|
|
if (uu < p->p_uu)
|
|
|
|
uu = p->p_uu;
|
|
|
|
else if (uu + p->p_su + p->p_iu > tu)
|
|
|
|
uu = tu - p->p_su - p->p_iu;
|
1999-03-13 19:46:13 +00:00
|
|
|
if (st == 0)
|
2000-01-28 20:40:29 +00:00
|
|
|
su = p->p_su;
|
1999-03-13 19:46:13 +00:00
|
|
|
else {
|
|
|
|
su = ((tu - uu) * st) / (st + it);
|
2000-01-28 20:40:29 +00:00
|
|
|
if (su < p->p_su)
|
|
|
|
su = p->p_su;
|
|
|
|
else if (uu + su + p->p_iu > tu)
|
|
|
|
su = tu - uu - p->p_iu;
|
1999-03-13 19:46:13 +00:00
|
|
|
}
|
2000-01-28 20:40:29 +00:00
|
|
|
KASSERT(uu + su + p->p_iu <= tu,
|
1999-03-13 19:46:13 +00:00
|
|
|
("calcru: monotonisation botch 1"));
|
|
|
|
iu = tu - uu - su;
|
2000-01-28 20:40:29 +00:00
|
|
|
KASSERT(iu >= p->p_iu,
|
1999-03-13 19:46:13 +00:00
|
|
|
("calcru: monotonisation botch 2"));
|
1995-10-23 19:05:50 +00:00
|
|
|
}
|
2000-01-28 20:40:29 +00:00
|
|
|
p->p_uu = uu;
|
|
|
|
p->p_su = su;
|
|
|
|
p->p_iu = iu;
|
1999-03-13 19:46:13 +00:00
|
|
|
|
|
|
|
up->tv_sec = uu / 1000000;
|
|
|
|
up->tv_usec = uu % 1000000;
|
|
|
|
sp->tv_sec = su / 1000000;
|
|
|
|
sp->tv_usec = su % 1000000;
|
1994-05-24 10:09:53 +00:00
|
|
|
if (ip != NULL) {
|
1999-03-13 19:46:13 +00:00
|
|
|
ip->tv_sec = iu / 1000000;
|
|
|
|
ip->tv_usec = iu % 1000000;
|
1994-05-24 10:09:53 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1995-11-12 06:43:28 +00:00
|
|
|
#ifndef _SYS_SYSPROTO_H_
|
1994-05-24 10:09:53 +00:00
|
|
|
struct getrusage_args {
|
|
|
|
int who;
|
|
|
|
struct rusage *rusage;
|
|
|
|
};
|
1995-11-12 06:43:28 +00:00
|
|
|
#endif
|
1994-05-24 10:09:53 +00:00
|
|
|
/* ARGSUSED */
|
1994-05-25 09:21:21 +00:00
|
|
|
int
|
1997-11-06 19:29:57 +00:00
|
|
|
getrusage(p, uap)
|
1994-05-24 10:09:53 +00:00
|
|
|
register struct proc *p;
|
|
|
|
register struct getrusage_args *uap;
|
|
|
|
{
|
|
|
|
register struct rusage *rup;
|
|
|
|
|
|
|
|
switch (uap->who) {
|
|
|
|
|
|
|
|
case RUSAGE_SELF:
|
|
|
|
rup = &p->p_stats->p_ru;
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_lock_spin(&sched_lock);
|
1994-05-24 10:09:53 +00:00
|
|
|
calcru(p, &rup->ru_utime, &rup->ru_stime, NULL);
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock_spin(&sched_lock);
|
1994-05-24 10:09:53 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case RUSAGE_CHILDREN:
|
|
|
|
rup = &p->p_stats->p_cru;
|
|
|
|
break;
|
|
|
|
|
|
|
|
default:
|
|
|
|
return (EINVAL);
|
|
|
|
}
|
|
|
|
return (copyout((caddr_t)rup, (caddr_t)uap->rusage,
|
|
|
|
sizeof (struct rusage)));
|
|
|
|
}
|
|
|
|
|
1994-05-25 09:21:21 +00:00
|
|
|
void
|
1994-05-24 10:09:53 +00:00
|
|
|
ruadd(ru, ru2)
|
|
|
|
register struct rusage *ru, *ru2;
|
|
|
|
{
|
|
|
|
register long *ip, *ip2;
|
|
|
|
register int i;
|
|
|
|
|
|
|
|
timevaladd(&ru->ru_utime, &ru2->ru_utime);
|
|
|
|
timevaladd(&ru->ru_stime, &ru2->ru_stime);
|
|
|
|
if (ru->ru_maxrss < ru2->ru_maxrss)
|
|
|
|
ru->ru_maxrss = ru2->ru_maxrss;
|
|
|
|
ip = &ru->ru_first; ip2 = &ru2->ru_first;
|
|
|
|
for (i = &ru->ru_last - &ru->ru_first; i >= 0; i--)
|
|
|
|
*ip++ += *ip2++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Make a copy of the plimit structure.
|
|
|
|
* We share these structures copy-on-write after fork,
|
|
|
|
* and copy when a limit is changed.
|
|
|
|
*/
|
|
|
|
struct plimit *
|
|
|
|
limcopy(lim)
|
|
|
|
struct plimit *lim;
|
|
|
|
{
|
|
|
|
register struct plimit *copy;
|
|
|
|
|
|
|
|
MALLOC(copy, struct plimit *, sizeof(struct plimit),
|
|
|
|
M_SUBPROC, M_WAITOK);
|
1998-05-28 09:30:28 +00:00
|
|
|
bcopy(lim->pl_rlimit, copy->pl_rlimit, sizeof(struct plimit));
|
1994-05-24 10:09:53 +00:00
|
|
|
copy->p_lflags = 0;
|
|
|
|
copy->p_refcnt = 1;
|
|
|
|
return (copy);
|
|
|
|
}
|
2000-09-05 22:11:13 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the uidinfo structure for a uid. This structure is used to
|
|
|
|
* track the total resource consumption (process count, socket buffer
|
|
|
|
* size, etc.) for the uid and impose limits.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
uihashinit()
|
|
|
|
{
|
2000-11-26 12:08:17 +00:00
|
|
|
|
2000-09-05 22:11:13 +00:00
|
|
|
uihashtbl = hashinit(maxproc / 16, M_UIDINFO, &uihash);
|
2000-11-26 12:08:17 +00:00
|
|
|
mtx_init(&uihashtbl_mtx, "uidinfo hash", MTX_DEF);
|
2000-09-05 22:11:13 +00:00
|
|
|
}
|
|
|
|
|
2000-11-26 12:08:17 +00:00
|
|
|
/*
|
|
|
|
* lookup a uidinfo struct for the parameter uid.
|
|
|
|
* uihashtbl_mtx must be locked.
|
|
|
|
*/
|
2000-09-05 22:11:13 +00:00
|
|
|
static struct uidinfo *
|
|
|
|
uilookup(uid)
|
|
|
|
uid_t uid;
|
|
|
|
{
|
|
|
|
struct uihashhead *uipp;
|
|
|
|
struct uidinfo *uip;
|
|
|
|
|
2000-11-26 12:08:17 +00:00
|
|
|
mtx_assert(&uihashtbl_mtx, MA_OWNED);
|
2000-09-05 22:11:13 +00:00
|
|
|
uipp = UIHASH(uid);
|
|
|
|
LIST_FOREACH(uip, uipp, ui_hash)
|
|
|
|
if (uip->ui_uid == uid)
|
|
|
|
break;
|
|
|
|
|
|
|
|
return (uip);
|
|
|
|
}
|
|
|
|
|
2000-11-26 12:08:17 +00:00
|
|
|
/*
|
2000-12-01 06:59:18 +00:00
|
|
|
* Find or allocate a struct uidinfo for a particular uid.
|
|
|
|
* Increase refcount on uidinfo struct returned.
|
2000-11-26 12:08:17 +00:00
|
|
|
* uifree() should be called on a struct uidinfo when released.
|
|
|
|
*/
|
2000-09-05 22:11:13 +00:00
|
|
|
struct uidinfo *
|
|
|
|
uifind(uid)
|
|
|
|
uid_t uid;
|
|
|
|
{
|
|
|
|
struct uidinfo *uip;
|
|
|
|
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_lock(&uihashtbl_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
uip = uilookup(uid);
|
2001-03-09 18:40:34 +00:00
|
|
|
if (uip == NULL) {
|
|
|
|
struct uidinfo *old_uip;
|
|
|
|
|
|
|
|
mtx_unlock(&uihashtbl_mtx);
|
|
|
|
uip = malloc(sizeof(*uip), M_UIDINFO, M_WAITOK | M_ZERO);
|
|
|
|
mtx_lock(&uihashtbl_mtx);
|
|
|
|
/*
|
|
|
|
* There's a chance someone created our uidinfo while we
|
|
|
|
* were in malloc and not holding the lock, so we have to
|
|
|
|
* make sure we don't insert a duplicate uidinfo
|
|
|
|
*/
|
|
|
|
if ((old_uip = uilookup(uid)) != NULL) {
|
|
|
|
/* someone else beat us to it */
|
|
|
|
free(uip, M_UIDINFO);
|
|
|
|
uip = old_uip;
|
|
|
|
} else {
|
|
|
|
mtx_init(&uip->ui_mtx, "uidinfo struct", MTX_DEF);
|
|
|
|
uip->ui_uid = uid;
|
|
|
|
LIST_INSERT_HEAD(UIHASH(uid), uip, ui_hash);
|
|
|
|
}
|
|
|
|
}
|
2000-11-26 12:08:17 +00:00
|
|
|
uihold(uip);
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uihashtbl_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
return (uip);
|
|
|
|
}
|
|
|
|
|
2000-11-30 19:15:22 +00:00
|
|
|
/*
|
2000-12-01 06:59:18 +00:00
|
|
|
* Place another refcount on a uidinfo struct.
|
2000-11-30 19:15:22 +00:00
|
|
|
*/
|
|
|
|
void
|
|
|
|
uihold(uip)
|
2000-12-01 06:59:18 +00:00
|
|
|
struct uidinfo *uip;
|
2000-11-30 19:15:22 +00:00
|
|
|
{
|
|
|
|
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_lock(&uip->ui_mtx);
|
2000-11-30 19:15:22 +00:00
|
|
|
uip->ui_ref++;
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-11-30 19:15:22 +00:00
|
|
|
}
|
|
|
|
|
2000-12-01 06:59:18 +00:00
|
|
|
/*-
|
|
|
|
* Since uidinfo structs have a long lifetime, we use an
|
2000-11-30 19:15:22 +00:00
|
|
|
* opportunistic refcounting scheme to avoid locking the lookup hash
|
|
|
|
* for each release.
|
|
|
|
*
|
2000-12-01 06:59:18 +00:00
|
|
|
* If the refcount hits 0, we need to free the structure,
|
2000-11-30 19:15:22 +00:00
|
|
|
* which means we need to lock the hash.
|
2000-12-01 06:59:18 +00:00
|
|
|
* Optimal case:
|
|
|
|
* After locking the struct and lowering the refcount, if we find
|
|
|
|
* that we don't need to free, simply unlock and return.
|
|
|
|
* Suboptimal case:
|
|
|
|
* If refcount lowering results in need to free, bump the count
|
2000-11-30 19:15:22 +00:00
|
|
|
* back up, loose the lock and aquire the locks in the proper
|
2000-12-01 06:59:18 +00:00
|
|
|
* order to try again.
|
2000-11-26 12:08:17 +00:00
|
|
|
*/
|
|
|
|
void
|
2000-09-05 22:11:13 +00:00
|
|
|
uifree(uip)
|
2000-12-01 06:59:18 +00:00
|
|
|
struct uidinfo *uip;
|
2000-09-05 22:11:13 +00:00
|
|
|
{
|
|
|
|
|
2000-12-01 06:59:18 +00:00
|
|
|
/* Prepare for optimal case. */
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_lock(&uip->ui_mtx);
|
2000-12-01 06:59:18 +00:00
|
|
|
|
2000-11-30 19:15:22 +00:00
|
|
|
if (--uip->ui_ref != 0) {
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-11-30 19:15:22 +00:00
|
|
|
return;
|
|
|
|
}
|
2000-12-01 06:59:18 +00:00
|
|
|
|
|
|
|
/* Prepare for suboptimal case. */
|
2000-11-30 19:15:22 +00:00
|
|
|
uip->ui_ref++;
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
|
|
|
mtx_lock(&uihashtbl_mtx);
|
|
|
|
mtx_lock(&uip->ui_mtx);
|
2000-12-01 06:59:18 +00:00
|
|
|
|
2000-11-30 19:15:22 +00:00
|
|
|
/*
|
2000-12-01 06:59:18 +00:00
|
|
|
* We must subtract one from the count again because we backed out
|
|
|
|
* our initial subtraction before dropping the lock.
|
|
|
|
* Since another thread may have added a reference after we dropped the
|
|
|
|
* initial lock we have to test for zero again.
|
2000-11-30 19:15:22 +00:00
|
|
|
*/
|
2000-09-05 22:11:13 +00:00
|
|
|
if (--uip->ui_ref == 0) {
|
2000-11-30 19:15:22 +00:00
|
|
|
LIST_REMOVE(uip, ui_hash);
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uihashtbl_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
if (uip->ui_sbsize != 0)
|
|
|
|
/* XXX no %qd in kernel. Truncate. */
|
2000-09-18 17:03:03 +00:00
|
|
|
printf("freeing uidinfo: uid = %d, sbsize = %ld\n",
|
2000-09-05 22:11:13 +00:00
|
|
|
uip->ui_uid, (long)uip->ui_sbsize);
|
|
|
|
if (uip->ui_proccnt != 0)
|
2000-09-18 17:03:03 +00:00
|
|
|
printf("freeing uidinfo: uid = %d, proccnt = %ld\n",
|
2000-09-05 22:11:13 +00:00
|
|
|
uip->ui_uid, uip->ui_proccnt);
|
2000-11-26 12:08:17 +00:00
|
|
|
mtx_destroy(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
FREE(uip, M_UIDINFO);
|
2000-11-26 12:08:17 +00:00
|
|
|
return;
|
2000-09-05 22:11:13 +00:00
|
|
|
}
|
2000-12-01 06:59:18 +00:00
|
|
|
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uihashtbl_mtx);
|
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Change the count associated with number of processes
|
|
|
|
* a given user is using. When 'max' is 0, don't enforce a limit
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
chgproccnt(uip, diff, max)
|
|
|
|
struct uidinfo *uip;
|
|
|
|
int diff;
|
|
|
|
int max;
|
|
|
|
{
|
2000-11-26 12:08:17 +00:00
|
|
|
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_lock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
/* don't allow them to exceed max, but allow subtraction */
|
2000-11-26 12:08:17 +00:00
|
|
|
if (diff > 0 && uip->ui_proccnt + diff > max && max != 0) {
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
return (0);
|
2000-11-26 12:08:17 +00:00
|
|
|
}
|
2000-09-05 22:11:13 +00:00
|
|
|
uip->ui_proccnt += diff;
|
|
|
|
if (uip->ui_proccnt < 0)
|
2000-09-18 17:03:03 +00:00
|
|
|
printf("negative proccnt for uid = %d\n", uip->ui_uid);
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
return (1);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Change the total socket buffer size a user has used.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
chgsbsize(uip, hiwat, to, max)
|
|
|
|
struct uidinfo *uip;
|
|
|
|
u_long *hiwat;
|
|
|
|
u_long to;
|
|
|
|
rlim_t max;
|
|
|
|
{
|
|
|
|
rlim_t new;
|
|
|
|
int s;
|
|
|
|
|
|
|
|
s = splnet();
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_lock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
new = uip->ui_sbsize + to - *hiwat;
|
|
|
|
/* don't allow them to exceed max, but allow subtraction */
|
|
|
|
if (to > *hiwat && new > max) {
|
|
|
|
splx(s);
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
uip->ui_sbsize = new;
|
|
|
|
*hiwat = to;
|
|
|
|
if (uip->ui_sbsize < 0)
|
2000-09-18 17:03:03 +00:00
|
|
|
printf("negative sbsize for uid = %d\n", uip->ui_uid);
|
2000-09-05 22:11:13 +00:00
|
|
|
splx(s);
|
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks)
mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN.
We change the caller interface for the two different types of locks
because the semantics are entirely different for each case, and this
makes it explicitly clear and, at the same time, it rids us of the
extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea
that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the
lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed
to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and
mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN
locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only
inline the _obtain_lock()s in order to ensure that the inlined code
fits into a cache line. In the spin lock case, we inline recursion and
actually only perform a function call if we need to spin. This change
has been made with the idea that we generally tend to avoid spin locks
and that also the spin locks that we do have and are heavily used
(i.e. sched_lock) do recurse, and therefore in an effort to reduce
function call overhead for some architectures (such as alpha), we
inline recursion for this case.
Create a new malloc type for the witness code and retire from using
the M_DEV type. The new type is called M_WITNESS and is only declared
if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the
"optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN
and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently
need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
2001-02-09 06:11:45 +00:00
|
|
|
mtx_unlock(&uip->ui_mtx);
|
2000-09-05 22:11:13 +00:00
|
|
|
return (1);
|
|
|
|
}
|