freebsd-skq/sys/kern/kern_vimage.c
Marko Zec 29b02909eb Introduce a new virtualization container, provisionally named vprocg, to hold
virtualized instances of hostname and domainname, as well as a new top-level
virtualization struct vimage, which holds pointers to struct vnet and struct
vprocg.  Struct vprocg is likely to become replaced in the near future with
a new jail management API import.

As a consequence of this change, change struct ucred to point to a struct
vimage, instead of directly pointing to a vnet.

Merge vnet / vimage / ucred refcounting infrastructure from p4 / vimage
branch.

Permit kldload / kldunload operations to be executed only from the default
vimage context.

This change should have no functional impact on nooptions VIMAGE kernel
builds.

Reviewed by:	bz
Approved by:	julian (mentor)
2009-05-08 14:11:06 +00:00

405 lines
11 KiB
C

/*-
* Copyright (c) 2004-2008 University of Zagreb
* Copyright (c) 2006-2008 FreeBSD Foundation
*
* This software was developed by the University of Zagreb and the
* FreeBSD Foundation under sponsorship by the Stichting NLnet and the
* FreeBSD Foundation.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include "opt_ddb.h"
#include <sys/param.h>
#include <sys/types.h>
#include <sys/kernel.h>
#include <sys/linker.h>
#include <sys/malloc.h>
#include <sys/systm.h>
#include <sys/vimage.h>
#ifdef DDB
#include <ddb/ddb.h>
#endif
#ifndef VIMAGE_GLOBALS
MALLOC_DEFINE(M_VIMAGE, "vimage", "vimage resource container");
MALLOC_DEFINE(M_VNET, "vnet", "network stack control block");
MALLOC_DEFINE(M_VPROCG, "vprocg", "process group control block");
static TAILQ_HEAD(vnet_modlink_head, vnet_modlink) vnet_modlink_head;
static TAILQ_HEAD(vnet_modpending_head, vnet_modlink) vnet_modpending_head;
static void vnet_mod_complete_registration(struct vnet_modlink *);
static int vnet_mod_constructor(struct vnet_modlink *);
static int vnet_mod_destructor(struct vnet_modlink *);
#ifdef VIMAGE
struct vimage_list_head vimage_head;
struct vnet_list_head vnet_head;
struct vprocg_list_head vprocg_head;
#else
#ifndef VIMAGE_GLOBALS
struct vprocg vprocg_0;
#endif
#endif
void
vnet_mod_register(const struct vnet_modinfo *vmi)
{
vnet_mod_register_multi(vmi, NULL, NULL);
}
void
vnet_mod_register_multi(const struct vnet_modinfo *vmi, void *iarg,
char *iname)
{
struct vnet_modlink *vml, *vml_iter;
/* Do not register the same {module, iarg} pair more than once. */
TAILQ_FOREACH(vml_iter, &vnet_modlink_head, vml_mod_le)
if (vml_iter->vml_modinfo == vmi && vml_iter->vml_iarg == iarg)
break;
if (vml_iter != NULL)
panic("registering an already registered vnet module: %s",
vml_iter->vml_modinfo->vmi_name);
vml = malloc(sizeof(struct vnet_modlink), M_VIMAGE, M_NOWAIT);
/*
* XXX we support only statically assigned module IDs at the time.
* In principle modules should be able to get a dynamically
* assigned ID at registration time.
*
* If a module is registered in multiple instances, then each
* instance must have both iarg and iname set.
*/
if (vmi->vmi_id >= VNET_MOD_MAX)
panic("invalid vnet module ID: %d", vmi->vmi_id);
if (vmi->vmi_name == NULL)
panic("vnet module with no name: %d", vmi->vmi_id);
if ((iarg == NULL) ^ (iname == NULL))
panic("invalid vnet module instance: %s", vmi->vmi_name);
vml->vml_modinfo = vmi;
vml->vml_iarg = iarg;
vml->vml_iname = iname;
/* Check whether the module we depend on is already registered. */
if (vmi->vmi_dependson != vmi->vmi_id) {
TAILQ_FOREACH(vml_iter, &vnet_modlink_head, vml_mod_le)
if (vml_iter->vml_modinfo->vmi_id ==
vmi->vmi_dependson)
break; /* Depencency found, we are done. */
if (vml_iter == NULL) {
#ifdef DEBUG_ORDERING
printf("dependency %d missing for vnet mod %s,"
"postponing registration\n",
vmi->vmi_dependson, vmi->vmi_name);
#endif /* DEBUG_ORDERING */
TAILQ_INSERT_TAIL(&vnet_modpending_head, vml,
vml_mod_le);
return;
}
}
vnet_mod_complete_registration(vml);
}
void
vnet_mod_complete_registration(struct vnet_modlink *vml)
{
VNET_ITERATOR_DECL(vnet_iter);
struct vnet_modlink *vml_iter;
TAILQ_INSERT_TAIL(&vnet_modlink_head, vml, vml_mod_le);
VNET_FOREACH(vnet_iter) {
CURVNET_SET_QUIET(vnet_iter);
vnet_mod_constructor(vml);
CURVNET_RESTORE();
}
/* Check for pending modules depending on us. */
do {
TAILQ_FOREACH(vml_iter, &vnet_modpending_head, vml_mod_le)
if (vml_iter->vml_modinfo->vmi_dependson ==
vml->vml_modinfo->vmi_id)
break;
if (vml_iter != NULL) {
#ifdef DEBUG_ORDERING
printf("vnet mod %s now registering,"
"dependency %d loaded\n",
vml_iter->vml_modinfo->vmi_name,
vml->vml_modinfo->vmi_id);
#endif /* DEBUG_ORDERING */
TAILQ_REMOVE(&vnet_modpending_head, vml_iter,
vml_mod_le);
vnet_mod_complete_registration(vml_iter);
}
} while (vml_iter != NULL);
}
void
vnet_mod_deregister(const struct vnet_modinfo *vmi)
{
vnet_mod_deregister_multi(vmi, NULL, NULL);
}
void
vnet_mod_deregister_multi(const struct vnet_modinfo *vmi, void *iarg,
char *iname)
{
VNET_ITERATOR_DECL(vnet_iter);
struct vnet_modlink *vml;
TAILQ_FOREACH(vml, &vnet_modlink_head, vml_mod_le)
if (vml->vml_modinfo == vmi && vml->vml_iarg == iarg)
break;
if (vml == NULL)
panic("cannot deregister unregistered vnet module %s",
vmi->vmi_name);
VNET_FOREACH(vnet_iter) {
CURVNET_SET_QUIET(vnet_iter);
vnet_mod_destructor(vml);
CURVNET_RESTORE();
}
TAILQ_REMOVE(&vnet_modlink_head, vml, vml_mod_le);
free(vml, M_VIMAGE);
}
static int
vnet_mod_constructor(struct vnet_modlink *vml)
{
const struct vnet_modinfo *vmi = vml->vml_modinfo;
#ifdef DEBUG_ORDERING
printf("instantiating vnet_%s", vmi->vmi_name);
if (vml->vml_iarg)
printf("/%s", vml->vml_iname);
printf(": ");
#ifdef VIMAGE
if (vmi->vmi_size)
printf("malloc(%zu); ", vmi->vmi_size);
#endif
if (vmi->vmi_iattach != NULL)
printf("iattach()");
printf("\n");
#endif
#ifdef VIMAGE
if (vmi->vmi_size) {
void *mem = malloc(vmi->vmi_size, M_VNET,
M_NOWAIT | M_ZERO);
if (mem == NULL) /* XXX should return error, not panic. */
panic("vi_alloc: malloc for %s\n", vmi->vmi_name);
curvnet->mod_data[vmi->vmi_id] = mem;
}
#endif
if (vmi->vmi_iattach != NULL)
vmi->vmi_iattach(vml->vml_iarg);
return (0);
}
static int
vnet_mod_destructor(struct vnet_modlink *vml)
{
const struct vnet_modinfo *vmi = vml->vml_modinfo;
#ifdef DEBUG_ORDERING
printf("destroying vnet_%s", vmi->vmi_name);
if (vml->vml_iarg)
printf("/%s", vml->vml_iname);
printf(": ");
if (vmi->vmi_idetach != NULL)
printf("idetach(); ");
#ifdef VIMAGE
if (vmi->vmi_size)
printf("free()");
#endif
printf("\n");
#endif
if (vmi->vmi_idetach)
vmi->vmi_idetach(vml->vml_iarg);
#ifdef VIMAGE
if (vmi->vmi_size) {
if (curvnet->mod_data[vmi->vmi_id] == NULL)
panic("vi_destroy: %s\n", vmi->vmi_name);
free(curvnet->mod_data[vmi->vmi_id], M_VNET);
curvnet->mod_data[vmi->vmi_id] = NULL;
}
#endif
return (0);
}
/*
* vi_symlookup() attempts to resolve name to address queries for
* variables which have been moved from global namespace to virtualization
* container structures, but are still directly accessed from legacy
* userspace processes via kldsym(2) and kmem(4) interfaces.
*/
int
vi_symlookup(struct kld_sym_lookup *lookup, char *symstr)
{
struct vnet_modlink *vml;
struct vnet_symmap *mapentry;
TAILQ_FOREACH(vml, &vnet_modlink_head, vml_mod_le) {
if (vml->vml_modinfo->vmi_symmap == NULL)
continue;
for (mapentry = vml->vml_modinfo->vmi_symmap;
mapentry->name != NULL; mapentry++) {
if (strcmp(symstr, mapentry->name) == 0) {
#ifdef VIMAGE
lookup->symvalue =
(u_long) curvnet->mod_data[
vml->vml_modinfo->vmi_id];
lookup->symvalue += mapentry->offset;
#else
lookup->symvalue = (u_long) mapentry->offset;
#endif
lookup->symsize = mapentry->size;
return (0);
}
}
}
return (ENOENT);
}
static void
vi_init(void *unused)
{
#ifdef VIMAGE
struct vimage *vip;
struct vprocg *vprocg;
struct vnet *vnet;
#endif
TAILQ_INIT(&vnet_modlink_head);
TAILQ_INIT(&vnet_modpending_head);
#ifdef VIMAGE
LIST_INIT(&vimage_head);
LIST_INIT(&vprocg_head);
LIST_INIT(&vnet_head);
vip = malloc(sizeof(struct vimage), M_VIMAGE, M_NOWAIT | M_ZERO);
if (vip == NULL)
panic("malloc failed for struct vimage");
LIST_INSERT_HEAD(&vimage_head, vip, vi_le);
vprocg = malloc(sizeof(struct vprocg), M_VPROCG, M_NOWAIT | M_ZERO);
if (vprocg == NULL)
panic("malloc failed for struct vprocg");
vip->v_procg = vprocg;
LIST_INSERT_HEAD(&vprocg_head, vprocg, vprocg_le);
vnet = malloc(sizeof(struct vnet), M_VNET, M_NOWAIT | M_ZERO);
if (vnet == NULL)
panic("vi_alloc: malloc failed");
LIST_INSERT_HEAD(&vnet_head, vnet, vnet_le);
vnet->vnet_magic_n = VNET_MAGIC_N;
vip->v_net = vnet;
/* We MUST clear curvnet in vi_init_done before going SMP. */
curvnet = LIST_FIRST(&vnet_head);
#endif
}
static void
vi_init_done(void *unused)
{
struct vnet_modlink *vml_iter;
#ifdef VIMAGE
curvnet = NULL;
#endif
if (TAILQ_EMPTY(&vnet_modpending_head))
return;
printf("vnet modules with unresolved dependencies:\n");
TAILQ_FOREACH(vml_iter, &vnet_modpending_head, vml_mod_le)
printf(" %d:%s depending on %d\n",
vml_iter->vml_modinfo->vmi_id,
vml_iter->vml_modinfo->vmi_name,
vml_iter->vml_modinfo->vmi_dependson);
panic("going nowhere without my vnet modules!");
}
SYSINIT(vimage, SI_SUB_VIMAGE, SI_ORDER_FIRST, vi_init, NULL);
SYSINIT(vimage_done, SI_SUB_VIMAGE_DONE, SI_ORDER_FIRST, vi_init_done, NULL);
#endif /* !VIMAGE_GLOBALS */
#ifdef VIMAGE
#ifdef DDB
static void
db_vnet_ptr(void *arg)
{
if (arg)
db_printf(" %p", arg);
else
#if SIZE_MAX == UINT32_MAX /* 32-bit arch */
db_printf(" 0");
#else /* 64-bit arch, most probaly... */
db_printf(" 0");
#endif
}
DB_SHOW_COMMAND(vnets, db_show_vnets)
{
VNET_ITERATOR_DECL(vnet_iter);
#if SIZE_MAX == UINT32_MAX /* 32-bit arch */
db_printf(" vnet ifs socks");
db_printf(" net inet inet6 ipsec netgraph\n");
#else /* 64-bit arch, most probaly... */
db_printf(" vnet ifs socks");
db_printf(" net inet inet6 ipsec netgraph\n");
#endif
VNET_FOREACH(vnet_iter) {
db_printf("%p %3d %5d",
vnet_iter, vnet_iter->ifccnt, vnet_iter->sockcnt);
db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_NET]);
db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_INET]);
db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_INET6]);
db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_IPSEC]);
db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_NETGRAPH]);
db_printf("\n");
}
}
#endif
#endif /* VIMAGE */