PERFORCE change 165627 for review
Edward Tomasz Napierala
trasz at FreeBSD.org
Sun Jul 5 12:07:26 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=165627
Change 165627 by trasz at trasz_victim on 2009/07/05 12:07:15
Add a tunable to disable per-group resource usage accounting,
since it will probably be a reason for a major slowdown. Disable
it by default, since it doesn't work.
Affected files ...
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#24 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#14 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_resource.c#12 edit
Differences ...
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#24 (text+ko) ====
@@ -52,6 +52,9 @@
#define HRF_DONT_INHERIT 1
#define HRF_DONT_ACCUMULATE 2
+int hrl_group_accounting = 0;
+TUNABLE_INT("kern.hrl_group_accounting", &hrl_group_accounting);
+SYSCTL_INT(_kern, OID_AUTO, hrl_group_accounting, CTLFLAG_RD, &hrl_group_accounting, 0, "");
struct hrl_node {
struct hrl_rule hn_rule;
@@ -174,9 +177,11 @@
KASSERT(cred->cr_ruidinfo->ui_usage.hu_resources[resource] >= 0, ("resource usage propagation meltdown"));
for (pr = cred->cr_prison; pr != NULL; pr = pr->pr_parent)
KASSERT(pr->pr_usage.hu_resources[resource] >= 0, ("resource usage propagation meltdown"));
- for (i = 0; i < cred->cr_ngroups; i++) {
- for (resource = 0; resource < HRL_RESOURCE_MAX; resource++)
- KASSERT(cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] >= 0, ("resource usage propagation meltdown"));
+ if (hrl_group_accounting) {
+ for (i = 0; i < cred->cr_ngroups; i++) {
+ for (resource = 0; resource < HRL_RESOURCE_MAX; resource++)
+ KASSERT(cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] >= 0, ("resource usage propagation meltdown"));
+ }
}
#endif
}
@@ -291,18 +296,20 @@
/*
* XXX: Slow.
*/
- for (i = 0; i < cred->cr_ngroups; i++) {
- /*
- * Make sure we don't account a group more than once if it appears
- * in cr_groups[] more than once.
- */
- for (j = 0; j < i; j++) {
- if (cred->cr_groups[i] == cred->cr_groups[j])
- goto skip_group;
+ if (hrl_group_accounting) {
+ for (i = 0; i < cred->cr_ngroups; i++) {
+ /*
+ * Make sure we don't account a group more than once if it appears
+ * in cr_groups[] more than once.
+ */
+ for (j = 0; j < i; j++) {
+ if (cred->cr_groups[i] == cred->cr_groups[j])
+ goto skip_group;
+ }
+ cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] += amount;
+skip_group:
+ continue;
}
- cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] += amount;
-skip_group:
- continue;
}
#ifdef INVARIANTS
hrl_assert_proc(p);
@@ -350,18 +357,20 @@
/*
* XXX: Slow.
*/
- for (i = 0; i < cred->cr_ngroups; i++) {
- /*
- * Make sure we don't account a group more than once if it appears
- * in cr_groups[] more than once.
- */
- for (j = 0; j < i; j++) {
- if (cred->cr_groups[i] == cred->cr_groups[j])
- goto skip_group;
+ if (hrl_group_accounting) {
+ for (i = 0; i < cred->cr_ngroups; i++) {
+ /*
+ * Make sure we don't account a group more than once if it appears
+ * in cr_groups[] more than once.
+ */
+ for (j = 0; j < i; j++) {
+ if (cred->cr_groups[i] == cred->cr_groups[j])
+ goto skip_group;
+ }
+ cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] += diff;
+skip_group:
+ continue;
}
- cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] += diff;
-skip_group:
- continue;
}
#ifdef INVARIANTS
hrl_assert_proc(p);
@@ -401,18 +410,20 @@
/*
* XXX: Slow.
*/
- for (i = 0; i < cred->cr_ngroups; i++) {
- /*
- * Make sure we don't account a group more than once if it appears
- * in cr_groups[] more than once.
- */
- for (j = 0; j < i; j++) {
- if (cred->cr_groups[i] == cred->cr_groups[j])
- goto skip_group;
+ if (hrl_group_accounting) {
+ for (i = 0; i < cred->cr_ngroups; i++) {
+ /*
+ * Make sure we don't account a group more than once if it appears
+ * in cr_groups[] more than once.
+ */
+ for (j = 0; j < i; j++) {
+ if (cred->cr_groups[i] == cred->cr_groups[j])
+ goto skip_group;
+ }
+ cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] -= amount;
+skip_group:
+ continue;
}
- cred->cr_gidinfos[i]->gi_usage.hu_resources[resource] -= amount;
-skip_group:
- continue;
}
#ifdef INVARIANTS
hrl_assert_proc(p);
@@ -900,6 +911,9 @@
id_t gid;
struct gidinfo *gip;
+ if (!hrl_group_accounting)
+ return (EOPNOTSUPP);
+
error = str2id(inputstr, &gid);
if (error)
return (error);
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#14 (text+ko) ====
@@ -79,6 +79,8 @@
#include <security/audit/audit.h>
#include <security/mac/mac_framework.h>
+extern int hrl_group_accounting;
+
static MALLOC_DEFINE(M_CRED, "cred", "credentials");
SYSCTL_NODE(_security, OID_AUTO, bsd, CTLFLAG_RW, 0, "BSD security policy");
@@ -824,8 +826,11 @@
{
struct proc *p = td->td_proc;
struct ucred *newcred, *oldcred;
+#if 0
struct gidinfo *gidinfos[NGROUPS], *oldgidinfos[NGROUPS];
- int i, error, oldngroups = 0;
+ int i, oldngroups = 0;
+#endif
+ int error;
if (ngrp > NGROUPS)
return (EINVAL);
@@ -856,9 +861,11 @@
* have the egid in the groups[0]). We risk security holes
* when running non-BSD software if we do not do the same.
*/
+#if 0
oldngroups = newcred->cr_ngroups - 1;
for (i = 0; i < oldngroups; i++)
oldgidinfos[i] = newcred->cr_gidinfos[i + 1];
+#endif
newcred->cr_ngroups = 1;
} else {
crsetgroups_locked(newcred, ngrp, groups);
@@ -875,23 +882,31 @@
setsugid(p);
change_cred(p, newcred);
PROC_UNLOCK(p);
+#if 0
for (i = 0; i < oldngroups; i++)
gifree(oldgidinfos[i]);
+#endif
/* Don't free gidinfos[]. */
crfree(oldcred);
+#if 0
for (i = 0; i < newcred->cr_ngroups; i++)
KASSERT(newcred->cr_gidinfos[i]->gi_gid == newcred->cr_groups[i], ("Whoops."));
+#endif
return (0);
fail:
PROC_UNLOCK(p);
+#if 0
for (i = 0; i < oldngroups; i++)
gifree(oldgidinfos[i]);
for (i = 0; i < ngrp; i++)
gifree(gidinfos[i]);
+#endif
crfree(newcred);
+#if 0
for (i = 0; i < newcred->cr_ngroups; i++)
KASSERT(newcred->cr_gidinfos[i]->gi_gid == newcred->cr_groups[i], ("Whoops."));
+#endif
return (error);
}
@@ -1878,8 +1893,10 @@
uifree(cr->cr_uidinfo);
if (cr->cr_ruidinfo != NULL)
uifree(cr->cr_ruidinfo);
- for (i = 0; i < cr->cr_ngroups; i++)
- gifree(cr->cr_gidinfos[i]);
+ if (hrl_group_accounting) {
+ for (i = 0; i < cr->cr_ngroups; i++)
+ gifree(cr->cr_gidinfos[i]);
+ }
/*
* Free a prison, if any.
*/
@@ -1926,8 +1943,10 @@
crsetgroups(dest, src->cr_ngroups, src->cr_groups);
uihold(dest->cr_uidinfo);
uihold(dest->cr_ruidinfo);
- for (i = 0; i < dest->cr_ngroups; i++)
- gihold(dest->cr_gidinfos[i]);
+ if (hrl_group_accounting) {
+ for (i = 0; i < dest->cr_ngroups; i++)
+ gihold(dest->cr_gidinfos[i]);
+ }
prison_hold(dest->cr_prison);
#ifdef VIMAGE
KASSERT(src->cr_vimage != NULL, ("cr_vimage == NULL"));
@@ -2205,10 +2224,12 @@
/*
* Fix up per-group resource consumption.
*/
- for (i = 0; i < p->p_ucred->cr_ngroups; i++)
- hrl_usage_subtract(&p->p_ucred->cr_gidinfos[i]->gi_usage, &p->p_usage);
- for (i = 0; i < newcred->cr_ngroups; i++)
- hrl_usage_add(&newcred->cr_gidinfos[i]->gi_usage, &p->p_usage);
+ if (hrl_group_accounting) {
+ for (i = 0; i < p->p_ucred->cr_ngroups; i++)
+ hrl_usage_subtract(&p->p_ucred->cr_gidinfos[i]->gi_usage, &p->p_usage);
+ for (i = 0; i < newcred->cr_ngroups; i++)
+ hrl_usage_add(&newcred->cr_gidinfos[i]->gi_usage, &p->p_usage);
+ }
p->p_ucred = newcred;
}
@@ -2240,9 +2261,11 @@
{
newcred->cr_groups[0] = egip->gi_gid;
- gihold(egip);
- gifree(newcred->cr_gidinfos[0]);
- newcred->cr_gidinfos[0] = egip;
+ if (hrl_group_accounting) {
+ gihold(egip);
+ gifree(newcred->cr_gidinfos[0]);
+ newcred->cr_gidinfos[0] = egip;
+ }
}
/*-
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_resource.c#12 (text+ko) ====
More information about the p4-projects
mailing list