From owner-p4-projects@FreeBSD.ORG Wed Aug 5 18:10:33 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 982BD1065673; Wed, 5 Aug 2009 18:10:33 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 57D5A106564A for ; Wed, 5 Aug 2009 18:10:33 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 45E098FC0A for ; Wed, 5 Aug 2009 18:10:33 +0000 (UTC) (envelope-from trasz@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n75IAXYM082558 for ; Wed, 5 Aug 2009 18:10:33 GMT (envelope-from trasz@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n75IAXit082556 for perforce@freebsd.org; Wed, 5 Aug 2009 18:10:33 GMT (envelope-from trasz@freebsd.org) Date: Wed, 5 Aug 2009 18:10:33 GMT Message-Id: <200908051810.n75IAXit082556@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to trasz@freebsd.org using -f From: Edward Tomasz Napierala To: Perforce Change Reviews Cc: Subject: PERFORCE change 167042 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Aug 2009 18:10:34 -0000 http://perforce.freebsd.org/chv.cgi?CH=167042 Change 167042 by trasz@trasz_anger on 2009/08/05 18:10:30 Update process limits after credentials change. Affected files ... .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#45 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#17 edit Differences ... ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#45 (text+ko) ==== @@ -1550,6 +1550,60 @@ } /* + * Called after credentials change, to adjust p_limits. + * + * XXX: This should be merged with the routine above, after moving + * the loginclass pointer from 'struct proc' to 'struct ucred'. + * + * XXX: What about jails? + */ +void +hrl_proc_ucred_changed(struct proc *p) +{ + int error, i; + struct ucred *cred = p->p_ucred; + struct hrl_limit *limit; + + PROC_LOCK_ASSERT(p, MA_OWNED); + + mtx_lock(&hrl_lock); + + /* + * Remove rules for the old user credentials. + */ + LIST_FOREACH(limit, &p->p_limits, hl_next) { + if (limit->hl_rule->hr_subject != HRL_SUBJECT_USER && + limit->hl_rule->hr_subject != HRL_SUBJECT_GROUP) + continue; + + LIST_REMOVE(limit, hl_next); + hrl_rule_release(limit->hl_rule); + uma_zfree(hrl_limit_zone, limit); + } + + /* + * Now add rules for the current user credentials. + */ + LIST_FOREACH(limit, &cred->cr_ruidinfo->ui_limits, hl_next) { + error = hrl_limit_add_locked(&p->p_limits, limit->hl_rule); + KASSERT(error == 0, ("XXX: better error handling needed")); + } + if (hrl_group_accounting) { + for (i = 0; i < cred->cr_ngroups; i++) { + LIST_FOREACH(limit, + &cred->cr_gidinfos[i]->gi_limits, hl_next) { + error = hrl_limit_add_locked(&p->p_limits, + limit->hl_rule); + KASSERT(error == 0, + ("XXX: better error handling needed")); + } + } + } + + mtx_unlock(&hrl_lock); +} + +/* * Inherit resource usage information and copy limits from the parent * process to the child. */ ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_prot.c#17 (text+ko) ==== @@ -2186,6 +2186,8 @@ int i; struct uidinfo *olduip, *newuip; + PROC_LOCK_ASSERT(p, MA_OWNED); + /* * Fix up per-euid resource consumption. */ @@ -2217,6 +2219,7 @@ } p->p_ucred = newcred; + hrl_proc_ucred_changed(p); } /*-