PERFORCE change 180723 for review
Edward Tomasz Napierala
trasz at FreeBSD.org
Sat Jul 10 12:22:11 UTC 2010
http://p4web.freebsd.org/@@180723?ac=10
Change 180723 by trasz at trasz_victim on 2010/07/10 12:22:00
Add "options CONTAINERS". I will be useful for benchmarks and will
hopefully make merging into head easier.
Affected files ...
.. //depot/projects/soc2009/trasz_limits/sys/compat/linux/linux_misc.c#13 edit
.. //depot/projects/soc2009/trasz_limits/sys/compat/svr4/imgact_svr4.c#7 edit
.. //depot/projects/soc2009/trasz_limits/sys/compat/svr4/svr4_filio.c#7 edit
.. //depot/projects/soc2009/trasz_limits/sys/conf/NOTES#23 edit
.. //depot/projects/soc2009/trasz_limits/sys/conf/files#31 edit
.. //depot/projects/soc2009/trasz_limits/sys/conf/options#21 edit
.. //depot/projects/soc2009/trasz_limits/sys/i386/linux/imgact_linux.c#6 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/imgact_aout.c#7 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/imgact_elf.c#12 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/imgact_gzip.c#5 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/init_main.c#24 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#22 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_fork.c#18 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#83 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/kern_jail.c#22 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/tty_pts.c#17 edit
.. //depot/projects/soc2009/trasz_limits/sys/kern/vfs_vnops.c#17 edit
.. //depot/projects/soc2009/trasz_limits/sys/sys/container.h#7 edit
.. //depot/projects/soc2009/trasz_limits/sys/vm/vm_map.c#17 edit
.. //depot/projects/soc2009/trasz_limits/sys/vm/vm_unix.c#7 edit
Differences ...
==== //depot/projects/soc2009/trasz_limits/sys/compat/linux/linux_misc.c#13 (text+ko) ====
@@ -359,6 +359,7 @@
* XXX - this is not complete. it should check current usage PLUS
* the resources needed by this library.
*/
+#ifdef CONTAINERS
if (a_out->a_text > maxtsiz) {
error = ENOMEM;
goto cleanup;
@@ -369,6 +370,16 @@
error = ENOMEM;
goto cleanup;
}
+#else
+ PROC_LOCK(td->td_proc);
+ if (a_out->a_text > maxtsiz ||
+ a_out->a_data + bss_size > lim_cur(td->td_proc, RLIMIT_DATA)) {
+ PROC_UNLOCK(td->td_proc);
+ error = ENOMEM;
+ goto cleanup;
+ }
+ PROC_UNLOCK(td->td_proc);
+#endif /* !CONTAINERS */
/*
* Prevent more writers.
@@ -455,10 +466,8 @@
/* allocate some 'anon' space */
error = vm_map_find(&td->td_proc->p_vmspace->vm_map, NULL, 0,
&vmaddr, bss_size, FALSE, VM_PROT_ALL, VM_PROT_ALL, 0);
- if (error) {
- error = ENOMEM;
+ if (error)
goto cleanup;
- }
}
cleanup:
==== //depot/projects/soc2009/trasz_limits/sys/compat/svr4/imgact_svr4.c#7 (text+ko) ====
@@ -107,12 +107,22 @@
/*
* text/data/bss must not exceed limits
*/
+#ifdef CONTAINERS
if (a_out->a_text > maxtsiz)
- return (ENOMEM);
+ return (ENOMEM);
error = rusage_set(imgp->proc, RUSAGE_DATASIZE,
a_out->a_data + bss_size);
if (error)
- return (ENOMEM);
+ return (ENOMEM);
+#else
+ PROC_LOCK(imgp->proc);
+ if (a_out->a_text > maxtsiz ||
+ a_out->a_data + bss_size > lim_cur(imgp->proc, RLIMIT_DATA)) {
+ PROC_UNLOCK(imgp->proc);
+ return (ENOMEM);
+ }
+ PROC_UNLOCK(imgp->proc);
+#endif /* !CONTAINERS */
VOP_UNLOCK(imgp->vp, 0);
==== //depot/projects/soc2009/trasz_limits/sys/compat/svr4/svr4_filio.c#7 (text+ko) ====
@@ -78,8 +78,9 @@
}
PROC_UNLOCK(td->td_proc);
+#ifdef CONTAINERS
rusage_add(td->td_proc, RUSAGE_FILEDESCRIPTORS, uap->nfds);
-
+#endif
pa.fds = uap->fds;
pa.nfds = uap->nfds;
pa.timeout = uap->timeout;
@@ -105,7 +106,9 @@
forget to update it if I add more code */
}
done:
+#ifdef CONTAINERS
rusage_sub(td->td_proc, RUSAGE_FILEDESCRIPTORS, uap->nfds);
+#endif
free(pfd, M_TEMP);
return error;
}
==== //depot/projects/soc2009/trasz_limits/sys/conf/NOTES#23 (text+ko) ====
@@ -1144,6 +1144,9 @@
options MAC_STUB
options MAC_TEST
+# Resource Containers
+options CONTAINERS
+
# Hierarchical Resource Limits
options HRL
==== //depot/projects/soc2009/trasz_limits/sys/conf/files#31 (text+ko) ====
@@ -2084,7 +2084,7 @@
kern/kern_condvar.c standard
kern/kern_conf.c standard
kern/kern_cons.c standard
-kern/kern_container.c standard
+kern/kern_container.c optional containers
kern/kern_cpu.c standard
kern/kern_cpuset.c standard
kern/kern_context.c standard
==== //depot/projects/soc2009/trasz_limits/sys/conf/options#21 (text+ko) ====
@@ -854,5 +854,8 @@
FDT opt_platform.h
FDT_DTB_STATIC opt_platform.h
+# Resource Containers
+CONTAINERS opt_global.h
+
# Hierarchical Resource Limits
HRL opt_hrl.h
==== //depot/projects/soc2009/trasz_limits/sys/i386/linux/imgact_linux.c#6 (text+ko) ====
@@ -105,12 +105,22 @@
/*
* text/data/bss must not exceed limits
*/
+#ifdef CONTAINERS
if (a_out->a_text > maxtsiz)
return (ENOMEM);
error = rusage_set(imgp->proc, RUSAGE_DATASIZE,
a_out->a_data + bss_size);
if (error)
return (ENOMEM);
+#else
+ PROC_LOCK(imgp->proc);
+ if (a_out->a_text > maxtsiz ||
+ a_out->a_data + bss_size > lim_cur(imgp->proc, RLIMIT_DATA)) {
+ PROC_UNLOCK(imgp->proc);
+ return (ENOMEM);
+ }
+ PROC_UNLOCK(imgp->proc);
+#endif /* !CONTAINERS */
VOP_UNLOCK(imgp->vp, 0);
==== //depot/projects/soc2009/trasz_limits/sys/kern/imgact_aout.c#7 (text+ko) ====
@@ -185,6 +185,7 @@
/*
* text/data/bss must not exceed limits
*/
+#ifdef CONTAINERS
if (/* text can't exceed maximum text size */
a_out->a_text > maxtsiz)
return (ENOMEM);
@@ -192,6 +193,18 @@
a_out->a_data + bss_size);
if (error)
return (ENOMEM);
+#else
+ PROC_LOCK(imgp->proc);
+ if (/* text can't exceed maximum text size */
+ a_out->a_text > maxtsiz ||
+
+ /* data + bss can't exceed rlimit */
+ a_out->a_data + bss_size > lim_cur(imgp->proc, RLIMIT_DATA)) {
+ PROC_UNLOCK(imgp->proc);
+ return (ENOMEM);
+ }
+ PROC_UNLOCK(imgp->proc);
+#endif
/*
* Avoid a possible deadlock if the current address space is destroyed
==== //depot/projects/soc2009/trasz_limits/sys/kern/imgact_elf.c#12 (text+ko) ====
@@ -872,6 +872,7 @@
* limits after loading the segments since we do
* not actually fault in all the segments pages.
*/
+#ifdef CONTAINERS
if (text_size > maxtsiz)
return (ENOMEM);
error = rusage_set(imgp->proc, RUSAGE_DATASIZE,
@@ -884,6 +885,15 @@
return (ENOMEM);
PROC_LOCK(imgp->proc);
+#else
+ PROC_LOCK(imgp->proc);
+ if (data_size > lim_cur(imgp->proc, RLIMIT_DATA) ||
+ text_size > maxtsiz ||
+ total_size > lim_cur(imgp->proc, RLIMIT_VMEM)) {
+ PROC_UNLOCK(imgp->proc);
+ return (ENOMEM);
+ }
+#endif /* !CONTAINERS */
vmspace->vm_tsize = text_size >> PAGE_SHIFT;
vmspace->vm_taddr = (caddr_t)(uintptr_t)text_addr;
vmspace->vm_dsize = data_size >> PAGE_SHIFT;
==== //depot/projects/soc2009/trasz_limits/sys/kern/imgact_gzip.c#5 (text+ko) ====
@@ -210,6 +210,7 @@
/*
* text/data/bss must not exceed limits
*/
+#ifdef CONTAINERS
if ( /* text can't exceed maximum text size */
gz->a_out.a_text > maxtsiz) {
gz->where = __LINE__;
@@ -219,6 +220,20 @@
gz->a_out.a_data + gz->bss_size);
if (error)
return (ENOMEM);
+#else
+ PROC_LOCK(gz->ip->proc);
+ if ( /* text can't exceed maximum text size */
+ gz->a_out.a_text > maxtsiz ||
+
+ /* data + bss can't exceed rlimit */
+ gz->a_out.a_data + gz->bss_size >
+ lim_cur(gz->ip->proc, RLIMIT_DATA)) {
+ PROC_UNLOCK(gz->ip->proc);
+ gz->where = __LINE__;
+ return (ENOMEM);
+ }
+ PROC_UNLOCK(gz->ip->proc);
+#endif /* !CONTAINERS */
/* Find out how far we should go */
gz->file_end = gz->file_offset + gz->a_out.a_text + gz->a_out.a_data;
==== //depot/projects/soc2009/trasz_limits/sys/kern/init_main.c#24 (text+ko) ====
@@ -404,7 +404,9 @@
proc0_init(void *dummy __unused)
{
struct proc *p;
+#ifdef CONTAINERS
unsigned error;
+#endif
struct thread *td;
vm_paddr_t pageablemem;
int i;
@@ -563,8 +565,10 @@
* Charge root for one process.
*/
(void)chgproccnt(p->p_ucred->cr_ruidinfo, 1, 0);
+#ifdef CONTAINERS
error = rusage_add(p, RUSAGE_MAXPROCESSES, 1);
KASSERT(error == 0, ("rusage_add failed"));
+#endif
}
SYSINIT(p0init, SI_SUB_INTRINSIC, SI_ORDER_FIRST, proc0_init, NULL);
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#22 (text+ko) ====
@@ -767,12 +767,14 @@
* Decrement the count of procs running with this uid.
*/
(void)chgproccnt(p->p_ucred->cr_ruidinfo, -1, 0);
+#ifdef CONTAINERS
rusage_sub(p->p_pptr, RUSAGE_MAXPROCESSES, 1);
/*
* Destroy resource container associated with the process.
*/
container_proc_exit(p);
+#endif
/*
* Free credentials, arguments, and sigacts.
@@ -933,9 +935,11 @@
if (child->p_pptr == parent)
return;
+#ifdef CONTAINERS
rusage_sub(child->p_pptr, RUSAGE_MAXPROCESSES, 1);
/* XXX: What about return value? */
rusage_add(parent, RUSAGE_MAXPROCESSES, 1);
+#endif
PROC_LOCK(child->p_pptr);
sigqueue_take(child->p_ksi);
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_fork.c#18 (text+ko) ====
@@ -224,9 +224,11 @@
p1 = td->td_proc;
+#ifdef CONTAINERS
error = rusage_add(p1, RUSAGE_MAXPROCESSES, 1);
if (error)
return (error);
+#endif
/*
* Here we don't create a new process, but we divorce
@@ -238,7 +240,9 @@
PROC_LOCK(p1);
if (thread_single(SINGLE_BOUNDARY)) {
PROC_UNLOCK(p1);
+#ifdef CONTAINERS
rusage_sub(p1, RUSAGE_MAXPROCESSES, 1);
+#endif
return (ERESTART);
}
PROC_UNLOCK(p1);
@@ -272,8 +276,10 @@
PROC_UNLOCK(p1);
}
*procp = NULL;
+#ifdef CONTAINERS
if (error)
rusage_sub(p1, RUSAGE_MAXPROCESSES, 1);
+#endif
return (error);
}
@@ -350,6 +356,7 @@
goto fail;
}
+#ifdef CONTAINERS
/*
* Initialize resource container for the child process.
*/
@@ -358,6 +365,7 @@
error = EAGAIN;
goto fail;
}
+#endif
/*
* Increment the count of procs running with this uid. Don't allow
@@ -802,7 +810,9 @@
*procp = p2;
return (0);
fail:
+#ifdef CONTAINERS
container_proc_exit(newproc);
+#endif
sx_sunlock(&proctree_lock);
if (ppsratecheck(&lastfail, &curfail, 1))
printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n",
@@ -816,7 +826,9 @@
vmspace_free(vm2);
uma_zfree(proc_zone, newproc);
pause("fork", hz / 2);
+#ifdef CONTAINERS
rusage_sub(p1, RUSAGE_MAXPROCESSES, 1);
+#endif
return (error);
}
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#83 (text+ko) ====
@@ -55,6 +55,9 @@
#include <vm/uma.h>
#ifdef HRL
+#ifndef CONTAINERS
+#error "The HRL option requires the CONTAINERS option"
+#endif
#define HRF_DEFAULT 0
#define HRF_DONT_INHERIT 1
==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_jail.c#22 (text+ko) ====
@@ -1185,7 +1185,9 @@
root = mypr->pr_root;
vref(root);
}
+#ifdef CONTAINERS
container_create(&pr->pr_container);
+#endif
strlcpy(pr->pr_hostuuid, DEFAULT_HOSTUUID, HOSTUUIDLEN);
pr->pr_flags |= PR_HOST;
#if defined(INET) || defined(INET6)
@@ -2518,7 +2520,9 @@
if (pr->pr_cpuset != NULL)
cpuset_rel(pr->pr_cpuset);
osd_jail_exit(pr);
+#ifdef CONTAINERS
container_destroy(&pr->pr_container);
+#endif
free(pr, M_PRISON);
/* Removing a prison frees a reference on its parent. */
==== //depot/projects/soc2009/trasz_limits/sys/kern/tty_pts.c#17 (text+ko) ====
@@ -713,7 +713,10 @@
int
pts_alloc(int fflags, struct thread *td, struct file *fp)
{
- int unit, ok, error;
+ int unit, ok;
+#ifdef CONTAINERS
+ int error;
+#endif
struct tty *tp;
struct pts_softc *psc;
struct proc *p = td->td_proc;
@@ -722,10 +725,14 @@
/* Resource limiting. */
PROC_LOCK(p);
ok = chgptscnt(uid, 1, lim_cur(p, RLIMIT_NPTS));
+#ifdef CONTAINERS
error = rusage_add(p, RUSAGE_PTY, 1);
+#endif
PROC_UNLOCK(p);
+#ifdef CONTAINERS
if (ok != !error)
printf("pts_alloc: ok = %d, error = %d\n", ok, error);
+#endif
if (!ok)
return (EAGAIN);
@@ -733,7 +740,9 @@
unit = alloc_unr(pts_pool);
if (unit < 0) {
chgptscnt(uid, -1, 0);
+#ifdef CONTAINERS
rusage_sub(p, RUSAGE_PTY, 1);
+#endif
return (EAGAIN);
}
@@ -763,7 +772,10 @@
pts_alloc_external(int fflags, struct thread *td, struct file *fp,
struct cdev *dev, const char *name)
{
- int ok, error;
+ int ok;
+#ifdef CONTAINERS
+ int error;
+#endif
struct tty *tp;
struct pts_softc *psc;
struct proc *p = td->td_proc;
@@ -772,10 +784,14 @@
/* Resource limiting. */
PROC_LOCK(p);
ok = chgptscnt(uid, 1, lim_cur(p, RLIMIT_NPTS));
+#ifdef CONTAINERS
error = rusage_add(p, RUSAGE_PTY, 1);
+#endif
PROC_UNLOCK(p);
+#ifdef CONTAINERS
if (ok != !error)
printf("pts_alloc: ok = %d, error = %d\n", ok, error);
+#endif
if (!ok)
return (EAGAIN);
==== //depot/projects/soc2009/trasz_limits/sys/kern/vfs_vnops.c#17 (text+ko) ====
@@ -1347,6 +1347,19 @@
if (vp->v_type != VREG || td == NULL)
return (0);
- return (rusage_set(td->td_proc, RUSAGE_FILESIZE,
- (uoff_t)uio->uio_offset + uio->uio_resid));
+#ifdef CONTAINERS
+ if (rusage_set(td->td_proc, RUSAGE_FILESIZE,
+ (uoff_t)uio->uio_offset + uio->uio_resid))
+ return (EFBIG);
+#else
+ PROC_LOCK(td->td_proc);
+ if ((uoff_t)uio->uio_offset + uio->uio_resid >
+ lim_cur(td->td_proc, RLIMIT_FSIZE)) {
+ psignal(td->td_proc, SIGXFSZ);
+ PROC_UNLOCK(td->td_proc);
+ return (EFBIG);
+ }
+ PROC_UNLOCK(td->td_proc);
+#endif
+ return (0);
}
==== //depot/projects/soc2009/trasz_limits/sys/sys/container.h#7 (text+ko) ====
==== //depot/projects/soc2009/trasz_limits/sys/vm/vm_map.c#17 (text+ko) ====
@@ -412,11 +412,13 @@
pmap_activate(td);
vmspace_dofree(vm);
}
+#ifdef CONTAINERS
rusage_set(p, RUSAGE_DATASIZE, 0);
rusage_set(p, RUSAGE_STACKSIZE, 0);
rusage_set(p, RUSAGE_MEMORYUSE, 0);
rusage_set(p, RUSAGE_MEMORYLOCKED, 0);
rusage_set(p, RUSAGE_VMEMORYUSE, 0);
+#endif
}
/* Acquire reference to vmspace owned by another process. */
==== //depot/projects/soc2009/trasz_limits/sys/vm/vm_unix.c#7 (text+ko) ====
@@ -74,10 +74,19 @@
{
struct vmspace *vm = td->td_proc->p_vmspace;
vm_offset_t new, old, base;
+#ifndef CONTAINERS
+ rlim_t datalim, vmemlim;
+#endif
int rv;
int error = 0;
boolean_t do_map_wirefuture;
+#ifndef CONTAINERS
+ PROC_LOCK(td->td_proc);
+ datalim = lim_cur(td->td_proc, RLIMIT_DATA);
+ vmemlim = lim_cur(td->td_proc, RLIMIT_VMEM);
+ PROC_UNLOCK(td->td_proc);
+#endif
do_map_wirefuture = FALSE;
new = round_page((vm_offset_t)uap->nsize);
vm_map_lock(&vm->vm_map);
@@ -85,12 +94,23 @@
base = round_page((vm_offset_t) vm->vm_daddr);
old = base + ctob(vm->vm_dsize);
if (new > base) {
+#ifdef CONTAINERS
error = rusage_set(td->td_proc, RUSAGE_DATASIZE,
new - base);
if (error) {
error = ENOMEM;
goto done;
}
+#else
+ /*
+ * Check the resource limit, but allow a process to reduce
+ * its usage, even if it remains over the limit.
+ */
+ if (new - base > datalim && new > old) {
+ error = ENOMEM;
+ goto done;
+ }
+#endif /* !CONTAINERS */
if (new > vm_map_max(&vm->vm_map)) {
error = ENOMEM;
goto done;
@@ -105,12 +125,19 @@
goto done;
}
if (new > old) {
+#ifdef CONTAINERS
error = rusage_set(td->td_proc, RUSAGE_VMEMORYUSE,
vm->vm_map.size + (new - old));
if (error) {
error = ENOMEM;
goto done;
}
+#else
+ if (vm->vm_map.size + (new - old) > vmemlim) {
+ error = ENOMEM;
+ goto done;
+ }
+#endif /* !CONTAINERS */
rv = vm_map_insert(&vm->vm_map, NULL, 0, old, new,
VM_PROT_RW, VM_PROT_ALL, 0);
if (rv != KERN_SUCCESS) {
More information about the p4-projects
mailing list