From owner-p4-projects@FreeBSD.ORG Sat Nov 13 21:16:07 2010 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 06AE9106566C; Sat, 13 Nov 2010 21:16:07 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BD27A106564A for ; Sat, 13 Nov 2010 21:16:06 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:4f8:fff6::2d]) by mx1.freebsd.org (Postfix) with ESMTP id A801E8FC08 for ; Sat, 13 Nov 2010 21:16:06 +0000 (UTC) Received: from skunkworks.freebsd.org (localhost [127.0.0.1]) by skunkworks.freebsd.org (8.14.4/8.14.4) with ESMTP id oADLG6Yi048196 for ; Sat, 13 Nov 2010 21:16:06 GMT (envelope-from trasz@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.4/8.14.4/Submit) id oADLG6Ox048193 for perforce@freebsd.org; Sat, 13 Nov 2010 21:16:06 GMT (envelope-from trasz@freebsd.org) Date: Sat, 13 Nov 2010 21:16:06 GMT Message-Id: <201011132116.oADLG6Ox048193@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to trasz@freebsd.org using -f From: Edward Tomasz Napierala To: Perforce Change Reviews Precedence: bulk Cc: Subject: PERFORCE change 185757 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Nov 2010 21:16:07 -0000 http://p4web.freebsd.org/@@185757?ac=10 Change 185757 by trasz@trasz_victim on 2010/11/13 21:15:06 Add socket buffer space accounting. Affected files ... .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_container.c#35 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/uipc_sockbuf.c#4 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/uipc_socket.c#17 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/uipc_usrreq.c#8 edit .. //depot/projects/soc2009/trasz_limits/sys/sys/container.h#16 edit Differences ... ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_container.c#35 (text+ko) ==== @@ -66,6 +66,7 @@ SDT_PROVIDER_DEFINE(container); SDT_PROBE_DEFINE3(container, kernel, rusage, add, add, "struct proc *", "int", "uint64_t"); SDT_PROBE_DEFINE3(container, kernel, rusage, add_failure, add-failure, "struct proc *", "int", "uint64_t"); +SDT_PROBE_DEFINE3(container, kernel, rusage, add_cred, add-cred, "struct ucred *", "int", "uint64_t"); SDT_PROBE_DEFINE3(container, kernel, rusage, add_force, add-force, "struct proc *", "int", "uint64_t"); SDT_PROBE_DEFINE3(container, kernel, rusage, set, set, "struct proc *", "int", "uint64_t"); SDT_PROBE_DEFINE3(container, kernel, rusage, set_failure, set-failure, "struct proc *", "int", "uint64_t"); @@ -100,6 +101,7 @@ case RUSAGE_CORE: case RUSAGE_MEMLOCK: case RUSAGE_NPROC: + case RUSAGE_SBSIZE: case RUSAGE_SWAP: case RUSAGE_NTHR: case RUSAGE_WALLCLOCK: @@ -129,6 +131,7 @@ { switch (resource) { + case RUSAGE_SBSIZE: case RUSAGE_SWAP: return (1); default: @@ -425,7 +428,30 @@ } /* - * Increase allocation of 'resource' by 'amount' for process 'p'. + * Increase allocation of 'resource' by 'amount' for credential 'cred'. Doesn't + * check for limits and never fails. + */ +void +rusage_add_cred(struct ucred *cred, int resource, uint64_t amount) +{ + + SDT_PROBE(container, kernel, rusage, add_cred, cred, resource, amount, 0, 0); + + KASSERT(amount > 0, ("rusage_add_cred: invalid amount for resource %d: %ju", + resource, amount)); + KASSERT(container_resource_sloppy(resource), + ("rusage_add_cred: called for non-sloppy resource %d", resource)); + + mtx_lock(&container_lock); + container_alloc_resource(&cred->cr_ruidinfo->ui_container, resource, amount); + container_alloc_resource(&cred->cr_prison->pr_container, resource, amount); + container_alloc_resource(&cred->cr_loginclass->lc_container, resource, amount); + mtx_unlock(&container_lock); +} + +/* + * Increase allocation of 'resource' by 'amount' for process 'p'. Doesn't check + * for limits and never fails. */ void rusage_add_force(struct proc *p, int resource, uint64_t amount) ==== //depot/projects/soc2009/trasz_limits/sys/kern/uipc_sockbuf.c#4 (text+ko) ==== @@ -36,6 +36,7 @@ #include #include /* for aio_swake proto */ +#include /* for aio_swake proto */ #include #include #include @@ -290,6 +291,9 @@ struct thread *td) { rlim_t sbsize_limit; +#ifdef CONTAINER + int error; +#endif SOCKBUF_LOCK_ASSERT(sb); @@ -308,9 +312,21 @@ PROC_UNLOCK(td->td_proc); } else sbsize_limit = RLIM_INFINITY; +#ifdef CONTAINER + if (td != NULL) { + error = rusage_add(td->td_proc, RUSAGE_SBSIZE, cc); + if (error) + return (0); + } else + rusage_add_cred(so->so_cred, RUSAGE_SBSIZE, cc); +#endif if (!chgsbsize(so->so_cred->cr_uidinfo, &sb->sb_hiwat, cc, - sbsize_limit)) + sbsize_limit)) { +#ifdef CONTAINER + rusage_sub_cred(so->so_cred, RUSAGE_SBSIZE, cc); +#endif return (0); + } sb->sb_mbmax = min(cc * sb_efficiency, sb_max); if (sb->sb_lowat > sb->sb_hiwat) sb->sb_lowat = sb->sb_hiwat; @@ -337,6 +353,10 @@ { sbflush_internal(sb); +#ifdef CONTAINERS + if (sb->sb_hiwat != 0) + rusage_sub_cred(so->so_cred, RUSAGE_SBSIZE, sb->sb_hiwat); +#endif (void)chgsbsize(so->so_cred->cr_uidinfo, &sb->sb_hiwat, 0, RLIM_INFINITY); sb->sb_mbmax = 0; ==== //depot/projects/soc2009/trasz_limits/sys/kern/uipc_socket.c#17 (text+ko) ==== @@ -104,6 +104,7 @@ #include #include +#include #include #include #include @@ -321,12 +322,22 @@ so->so_vnet->vnet_sockcnt--; #endif mtx_unlock(&so_global_mtx); - if (so->so_rcv.sb_hiwat) + if (so->so_rcv.sb_hiwat) { +#ifdef CONTAINERS + rusage_sub_cred(so->so_cred, RUSAGE_SBSIZE, + so->so_rcv.sb_hiwat); +#endif (void)chgsbsize(so->so_cred->cr_uidinfo, &so->so_rcv.sb_hiwat, 0, RLIM_INFINITY); - if (so->so_snd.sb_hiwat) + } + if (so->so_snd.sb_hiwat) { +#ifdef CONTAINERS + rusage_sub_cred(so->so_cred, RUSAGE_SBSIZE, + so->so_snd.sb_hiwat); +#endif (void)chgsbsize(so->so_cred->cr_uidinfo, &so->so_snd.sb_hiwat, 0, RLIM_INFINITY); + } #ifdef INET /* remove acccept filter if one is present. */ if (so->so_accf != NULL) ==== //depot/projects/soc2009/trasz_limits/sys/kern/uipc_usrreq.c#8 (text+ko) ==== @@ -62,6 +62,7 @@ #include "opt_ddb.h" #include +#include #include #include #include /* XXX must be before */ @@ -775,6 +776,9 @@ SOCKBUF_LOCK(&so2->so_snd); so2->so_snd.sb_mbmax += unp->unp_mbcnt - mbcnt; newhiwat = so2->so_snd.sb_hiwat + unp->unp_cc - sbcc; +#ifdef CONTAINERS + rusage_add_cred(so2->so_cred, RUSAGE_SBSIZE, newhiwat - so2->so_snd.sb_hiwat); +#endif (void)chgsbsize(so2->so_cred->cr_uidinfo, &so2->so_snd.sb_hiwat, newhiwat, RLIM_INFINITY); sowwakeup_locked(so2); @@ -950,6 +954,9 @@ SOCKBUF_LOCK(&so->so_snd); newhiwat = so->so_snd.sb_hiwat - (sbcc - unp2->unp_cc); +#ifdef CONTAINERS + rusage_add_cred(so->so_cred, RUSAGE_SBSIZE, newhiwat - so->so_snd.sb_hiwat); +#endif (void)chgsbsize(so->so_cred->cr_uidinfo, &so->so_snd.sb_hiwat, newhiwat, RLIM_INFINITY); so->so_snd.sb_mbmax -= mbcnt_delta; ==== //depot/projects/soc2009/trasz_limits/sys/sys/container.h#16 (text+ko) ==== @@ -106,6 +106,7 @@ }; int rusage_add(struct proc *p, int resource, uint64_t amount); +void rusage_add_cred(struct ucred *cred, int resource, uint64_t amount); void rusage_add_force(struct proc *p, int resource, uint64_t amount); int rusage_set(struct proc *p, int resource, uint64_t amount); void rusage_sub(struct proc *p, int resource, uint64_t amount);