PERFORCE change 167042 for review

Edward Tomasz Napierala trasz at FreeBSD.org
Wed Aug 5 18:10:34 UTC 2009 

http://perforce.freebsd.org/chv.cgi?CH=167042

Change 167042 by trasz at trasz_anger on 2009/08/05 18:10:30

	Update process limits after credentials change.

Affected files ...

.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#45 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#17 edit

Differences ...

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#45 (text+ko) ====

@@ -1550,6 +1550,60 @@
 }
 
 /*
+ * Called after credentials change, to adjust p_limits.
+ *
+ * XXX: This should be merged with the routine above, after moving
+ * 	the loginclass pointer from 'struct proc' to 'struct ucred'.
+ *
+ * XXX: What about jails?
+ */
+void
+hrl_proc_ucred_changed(struct proc *p)
+{
+	int error, i;
+	struct ucred *cred = p->p_ucred;
+	struct hrl_limit *limit;
+
+	PROC_LOCK_ASSERT(p, MA_OWNED);
+
+	mtx_lock(&hrl_lock);
+
+	/*
+	 * Remove rules for the old user credentials.
+	 */
+	LIST_FOREACH(limit, &p->p_limits, hl_next) {
+		if (limit->hl_rule->hr_subject != HRL_SUBJECT_USER &&
+		    limit->hl_rule->hr_subject != HRL_SUBJECT_GROUP)
+			continue;
+
+		LIST_REMOVE(limit, hl_next);
+		hrl_rule_release(limit->hl_rule);
+		uma_zfree(hrl_limit_zone, limit);
+	}
+	
+	/*
+	 * Now add rules for the current user credentials.
+	 */
+	LIST_FOREACH(limit, &cred->cr_ruidinfo->ui_limits, hl_next) {
+		error = hrl_limit_add_locked(&p->p_limits, limit->hl_rule);
+		KASSERT(error == 0, ("XXX: better error handling needed"));
+	}
+	if (hrl_group_accounting) {
+		for (i = 0; i < cred->cr_ngroups; i++) {
+			LIST_FOREACH(limit,
+			    &cred->cr_gidinfos[i]->gi_limits, hl_next) {
+				error = hrl_limit_add_locked(&p->p_limits,
+				    limit->hl_rule);
+				KASSERT(error == 0,
+				    ("XXX: better error handling needed"));
+			}
+		}
+	}
+
+	mtx_unlock(&hrl_lock);
+}
+
+/*
  * Inherit resource usage information and copy limits from the parent
  * process to the child.
  */

==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#17 (text+ko) ====

@@ -2186,6 +2186,8 @@
 	int i;
 	struct uidinfo *olduip, *newuip;
 
+	PROC_LOCK_ASSERT(p, MA_OWNED);
+
 	/*
 	 * Fix up per-euid resource consumption.
 	 */
@@ -2217,6 +2219,7 @@
 	}
 
 	p->p_ucred = newcred;
+	hrl_proc_ucred_changed(p);
 }
 
 /*-

More information about the p4-projects mailing list