Commit Graph

36 Commits

Author SHA1 Message Date
avg
3cd5284f93 call racct_proc_ucred_changed() under the proc lock
The lock is required to ensure that the switch to the new credentials
and the transfer of the process's accounting data from the old
credentials to the new ones is done atomically.  Otherwise, some updates
may be applied to the new credentials and then additionally transferred
from the old credentials if the updates happen after proc_set_cred() and
before racct_proc_ucred_changed().

The problem is especially pronounced for RACCT_RSS because
- there is a strict accounting for this resource (it's reclaimable)
- it's updated asynchronously by the vm daemon
- it's updated by setting an absolute value instead of applying a delta

I had to remove a call to rctl_proc_ucred_changed() from
racct_proc_ucred_changed() and make all callers of latter call the
former as well.  The reason is that rctl_proc_ucred_changed, as it is
implemented now, cannot be called while holding the proc lock, so the
lock is dropped after calling racct_proc_ucred_changed.  Additionally,
I've added calls to crhold / crfree around the rctl call, because
without the proc lock there is no gurantee that the new credentials,
owned by the process, will stay stable.  That does not eliminate a
possibility that the credentials passed to the rctl will get stale.
Ideally, rctl_proc_ucred_changed should be able to work under the proc
lock.

Many thanks to kib for pointing out the above problems.

PR:		222027
Discussed with:	kib
No comment:	trasz
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D15048
2018-04-20 13:08:04 +00:00
pfg
cc22a86800 sys/kern: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-27 15:20:12 +00:00
pfg
28823d0656 sys/kern: spelling fixes in comments.
No functional change.
2016-04-29 22:15:33 +00:00
trasz
9411c8c253 Get rid of rctl_lock; use racct_lock where appropriate. The fast paths
already required both of them, so having a separate rctl_lock didn't
buy us anything.

Reviewed by:	mjg@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5914
2016-04-21 16:22:52 +00:00
cem
81f4ce8db7 kern_rctl: Fix resource leak in error path
Ordinarily, rctl_write_outbuf frees 'sb'.  However, if we are in low memory
conditions we skip past the rctl_write_outbuf.  In that case, free 'sb'.

Reported by:	Coverity
CID:		1338539
Sponsored by:	EMC / Isilon Storage Division
2016-04-20 02:09:38 +00:00
trasz
8298725669 Fix debugging printf.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-19 13:36:31 +00:00
trasz
d4ed08909e Allocate RACCT/RCTL zones without UMA_ZONE_NOFREE; no idea why it was there
in the first place.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-15 13:34:59 +00:00
trasz
d690bf0a4e Sort variable declarations.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-15 11:55:29 +00:00
trasz
611644daf2 Fix overflow checking.
There are some other potential problems related to overflowing racct
counters; I'll revisit those later.

Submitted by:	Pieter de Goeje (earlier version)
Reviewed by:	emaste@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-12 18:13:24 +00:00
trasz
fd767bd07b Make it possible to tweak RCTL throttling sysctls at runtime.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-08 18:15:31 +00:00
trasz
825d80e01c Add four new RCTL resources - readbps, readiops, writebps and writeiops,
for limiting disk (actually filesystem) IO.

Note that in some cases these limits are not quite precise. It's ok,
as long as it's within some reasonable bounds.

Testing - and review of the code, in particular the VFS and VM parts - is
very welcome.

MFC after:	1 month
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5080
2016-04-07 04:23:25 +00:00
trasz
cd0a56084a Use proper locking macros in RACCT in RCTL.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-05 11:30:52 +00:00
trasz
e0e88029f1 Add configurable rate limit for "log" and "devctl" actions.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-04-02 09:11:52 +00:00
trasz
fe839a29fe Refactor; no functional changes.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-03-31 17:32:28 +00:00
trasz
1191e72322 Fix overflows, making it impossible to add negative amounts using rctl(8).
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-03-31 17:00:47 +00:00
trasz
8e0224f2c9 Fix the way RCTL handles rules' rrl_exceeded on credenials change.
Because of what this variable does, it was probably harmless - but
still incorrect.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-01-26 11:28:55 +00:00
trasz
9d2d111f78 Tweak comments.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-12-13 11:30:36 +00:00
trasz
ae1d62cec8 Speed up rctl operation with large rulesets, by holding the lock
during iteration instead of relocking it for each traversed rule.

Reviewed by:	mjg@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D4110
2015-11-15 12:10:51 +00:00
trasz
425e227d02 Make naming more consistent; no functional changes.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-11-08 18:11:24 +00:00
trasz
183c511071 Speed up rctl(8) rule retrieval; the difference shows mostly in "rctl -n",
as otherwise most of the time is spent resolving UIDs to names.

Reviewed by:	mjg@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D4059
2015-11-08 18:08:31 +00:00
trasz
802017a04b Add kern.racct.enable tunable and RACCT_DISABLED config option.
The point of this is to be able to add RACCT (with RACCT_DISABLED)
to GENERIC, to avoid having to rebuild the kernel to use rctl(8).

Differential Revision:	https://reviews.freebsd.org/D2369
Reviewed by:	kib@
MFC after:	1 month
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
2015-04-29 10:23:02 +00:00
trasz
d97338334a Add CPU percentage limit enforcement to RCTL. The resouce name is "pcpu".
It was implemented by Rudolf Tomori during Google Summer of Code 2012.
2012-10-26 16:01:08 +00:00
trasz
29ba0a35f6 Stop treating system processes as special. This fixes panics
like the one triggered by this:

# kldload geom_vinum
# pwait `pgrep -S gv_worker` &
# kldunload geom_vinum

or this:

GEOM_JOURNAL: Shutting down geom gjournal 3464572051.
panic: destroying non-empty racct: 1 allocated for resource 6

which were tracked by jh@ to be caused by checking p->p_flag,
while it wasn't initialised yet.  Basically, during fork, the code
checked p_flag, concluded the process isn't marked as P_SYSTEM,
incremented the counter, and later on, when exiting, checked that
the process was marked as P_SYSTEM, and thus didn't decrement it.

Also, I believe there wasn't any good reason for checking P_SYSTEM
in the first place.

Tested by:	jh
2012-04-17 14:31:02 +00:00
trasz
c37ffba90a Enforce upper bound on the input buffer length.
Reported by:	Mateusz Guzik
2012-04-17 13:28:14 +00:00
ed
e97eae1577 Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
This means that their use is restricted to a single C file.
2011-11-07 06:44:47 +00:00
trasz
82df9bbbc4 Fix another bug introduced in r225641, which caused rctl to access certain
fields in 'struct proc' before they got initialized in do_fork().

MFC after:	3 days
2011-10-03 16:23:20 +00:00
kmacy
99851f359e In order to maximize the re-usability of kernel code in user space this
patch modifies makesyscalls.sh to prefix all of the non-compatibility
calls (e.g. not linux_, freebsd32_) with sys_ and updates the kernel
entry points and all places in the code that use them. It also
fixes an additional name space collision between the kernel function
psignal and the libc function of the same name by renaming the kernel
psignal kern_psignal(). By introducing this change now we will ease future
MFCs that change syscalls.

Reviewed by:	rwatson
Approved by:	re (bz)
2011-09-16 13:58:51 +00:00
trasz
284bd48a44 Fix whitespace.
Submitted by:	amdmi3
Approved by:	re (rwatson)
2011-09-07 07:52:45 +00:00
trasz
a8bcc12be3 Work around a kernel panic triggered by forkbomb with an rctl rule
such as j:name:maxproc:sigkill=100.  Proper fix - deferring psignal
to a taskqueue - is somewhat complicated and thus will happen
after 9.0.

Approved by:	re (kib)
2011-09-06 17:22:40 +00:00
trasz
b1c63cf9da Since r224036 the cputime and wallclock are supposed to be in seconds,
not microseconds.  Make it so.

Approved by:	re (kib)
2011-09-04 05:04:34 +00:00
trasz
13232d13fa Rename resource names to match these in login.conf. 2011-07-14 19:18:17 +00:00
trasz
b468f23f53 Style fix - macros are supposed to be uppercase. 2011-07-07 17:44:42 +00:00
trasz
5499b0b9d5 Remove definitions for RACCT_FSIZE and RACCT_SBSIZE - these two are rather
performance-sensitive and not that useful, so I won't be merging them
before 9.0.
2011-05-27 19:57:58 +00:00
trasz
752ffacc69 Change the way rctl interfaces with jails by introducing prison_racct
structure, which acts as a proxy between them.  This makes jail rules
persistent, i.e. they can be added before jail gets created, and they
don't disappear when the jail gets destroyed.
2011-05-03 07:32:58 +00:00
trasz
e80aa2a5fe Rename a misnamed structure field (hr_loginclass), and reorder priv(9)
constants to match the order and naming of syscalls.  No functional changes.
2011-04-10 18:35:43 +00:00
trasz
2f99052d80 Add rctl. It's used by racct to take user-configurable actions based
on the set of rules it maintains and the current resource usage.  It also
privides userland API to manage that ruleset.

Sponsored by:	The FreeBSD Foundation
Reviewed by:	kib (earlier version)
2011-03-30 17:48:15 +00:00