PERFORCE change 167042 for review
Edward Tomasz Napierala
trasz at FreeBSD.org
Wed Aug 5 18:10:34 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=167042
Change 167042 by trasz at trasz_anger on 2009/08/05 18:10:30
Update process limits after credentials change.
Affected files ...
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#45 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#17 edit
Differences ...
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#45 (text+ko) ====
@@ -1550,6 +1550,60 @@
}
/*
+ * Called after credentials change, to adjust p_limits.
+ *
+ * XXX: This should be merged with the routine above, after moving
+ * the loginclass pointer from 'struct proc' to 'struct ucred'.
+ *
+ * XXX: What about jails?
+ */
+void
+hrl_proc_ucred_changed(struct proc *p)
+{
+ int error, i;
+ struct ucred *cred = p->p_ucred;
+ struct hrl_limit *limit;
+
+ PROC_LOCK_ASSERT(p, MA_OWNED);
+
+ mtx_lock(&hrl_lock);
+
+ /*
+ * Remove rules for the old user credentials.
+ */
+ LIST_FOREACH(limit, &p->p_limits, hl_next) {
+ if (limit->hl_rule->hr_subject != HRL_SUBJECT_USER &&
+ limit->hl_rule->hr_subject != HRL_SUBJECT_GROUP)
+ continue;
+
+ LIST_REMOVE(limit, hl_next);
+ hrl_rule_release(limit->hl_rule);
+ uma_zfree(hrl_limit_zone, limit);
+ }
+
+ /*
+ * Now add rules for the current user credentials.
+ */
+ LIST_FOREACH(limit, &cred->cr_ruidinfo->ui_limits, hl_next) {
+ error = hrl_limit_add_locked(&p->p_limits, limit->hl_rule);
+ KASSERT(error == 0, ("XXX: better error handling needed"));
+ }
+ if (hrl_group_accounting) {
+ for (i = 0; i < cred->cr_ngroups; i++) {
+ LIST_FOREACH(limit,
+ &cred->cr_gidinfos[i]->gi_limits, hl_next) {
+ error = hrl_limit_add_locked(&p->p_limits,
+ limit->hl_rule);
+ KASSERT(error == 0,
+ ("XXX: better error handling needed"));
+ }
+ }
+ }
+
+ mtx_unlock(&hrl_lock);
+}
+
+/*
* Inherit resource usage information and copy limits from the parent
* process to the child.
*/
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#17 (text+ko) ====
@@ -2186,6 +2186,8 @@
int i;
struct uidinfo *olduip, *newuip;
+ PROC_LOCK_ASSERT(p, MA_OWNED);
+
/*
* Fix up per-euid resource consumption.
*/
@@ -2217,6 +2219,7 @@
}
p->p_ucred = newcred;
+ hrl_proc_ucred_changed(p);
}
/*-
More information about the p4-projects
mailing list