Date: Wed, 6 May 2009 21:02:11 GMT From: Marko Zec <zec@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 161680 for review Message-ID: <200905062102.n46L2Bak034477@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=161680 Change 161680 by zec@zec_tpx32 on 2009/05/06 21:01:33 First attempt at truly virtualizing domainname and hostname in options VIMAGE builds. To get there, we have to introduce new container struct called vprocg, to store the virtualized instances of domainname and hostname. Furthermore, we add one additional layer of indirection from td->td_ucred to vnet and vprocg, and that indirection container is struct vimage. So td_ucred points to a vimage, and vnet and vprocg hang off of struct vimage now. A special case of V_hostname is G_hostname, which always resolves to V_hostname in the default vimage. Hence, an ugly specialied #define is introduced for this case. While here, we also introduce struct vi_req and accompanying #defines for different actions, which will be used by a temporary vimage management API which is expected to become merged in the next step. Affected files ... .. //depot/projects/vimage-commit/src/sys/i386/ibcs2/ibcs2_socksys.c#7 edit .. //depot/projects/vimage-commit/src/sys/kern/init_main.c#9 edit .. //depot/projects/vimage-commit/src/sys/kern/kern_mib.c#12 edit .. //depot/projects/vimage-commit/src/sys/kern/kern_vimage.c#14 edit .. //depot/projects/vimage-commit/src/sys/nlm/nlm_advlock.c#6 edit .. //depot/projects/vimage-commit/src/sys/sys/kernel.h#9 edit .. //depot/projects/vimage-commit/src/sys/sys/ucred.h#5 edit .. //depot/projects/vimage-commit/src/sys/sys/vimage.h#19 edit Differences ... ==== //depot/projects/vimage-commit/src/sys/i386/ibcs2/ibcs2_socksys.c#7 (text+ko) ==== @@ -174,6 +174,7 @@ struct thread *td; struct setipdomainname_args *uap; { + INIT_VPROCG(TD_TO_VPROCG(td)); char hname[MAXHOSTNAMELEN], *ptr; int error, sctl[2], hlen; ==== //depot/projects/vimage-commit/src/sys/kern/init_main.c#9 (text+ko) ==== @@ -454,7 +454,7 @@ p->p_ucred->cr_ruidinfo = uifind(0); p->p_ucred->cr_prison = NULL; /* Don't jail it. */ #ifdef VIMAGE - p->p_ucred->cr_vnet = LIST_FIRST(&vnet_head); + p->p_ucred->cr_vimage = LIST_FIRST(&vimage_head); #endif #ifdef AUDIT audit_cred_kproc0(p->p_ucred); ==== //depot/projects/vimage-commit/src/sys/kern/kern_mib.c#12 (text+ko) ==== @@ -208,8 +208,9 @@ SYSCTL_STRING(_hw, HW_MACHINE_ARCH, machine_arch, CTLFLAG_RD, machine_arch, 0, "System architecture"); -/* should become #ifndef VIMAGE */ +#ifdef VIMAGE_GLOBALS char hostname[MAXHOSTNAMELEN]; +#endif /* * This mutex is used to protect the hostname and domainname variables, and @@ -348,12 +349,14 @@ 0, 0, sysctl_kern_config, "", "Kernel configuration file"); #endif -/* should become #ifndef VIMAGE */ +#ifdef VIMAGE_GLOBALS char domainname[MAXHOSTNAMELEN]; /* Protected by hostname_mtx. */ +#endif static int sysctl_domainname(SYSCTL_HANDLER_ARGS) { + INIT_VPROCG(TD_TO_VPROCG(req->td)); char tmpdomainname[MAXHOSTNAMELEN]; int error; ==== //depot/projects/vimage-commit/src/sys/kern/kern_vimage.c#14 (text+ko) ==== @@ -56,7 +56,9 @@ static int vnet_mod_destructor(struct vnet_modlink *); #ifdef VIMAGE +struct vimage_list_head vimage_head; struct vnet_list_head vnet_head; +struct vprocg_list_head vprocg_head; #endif void ==== //depot/projects/vimage-commit/src/sys/nlm/nlm_advlock.c#6 (text+ko) ==== @@ -41,6 +41,7 @@ #include <sys/syslog.h> #include <sys/systm.h> #include <sys/unistd.h> +#include <sys/vimage.h> #include <sys/vnode.h> #include <rpc/rpcclnt.h> @@ -1222,12 +1223,12 @@ } mtx_lock(&hostname_mtx); - snprintf(oh_space, 32, "%d@%s", svid, hostname); + snprintf(oh_space, 32, "%d@%s", svid, G_hostname); mtx_unlock(&hostname_mtx); oh_len = strlen(oh_space); memset(lock, 0, sizeof(*lock)); - lock->caller_name = hostname; + lock->caller_name = G_hostname; lock->fh.n_len = fhlen; lock->fh.n_bytes = fh; lock->oh.n_len = oh_len; ==== //depot/projects/vimage-commit/src/sys/sys/kernel.h#9 (text+ko) ==== @@ -58,8 +58,10 @@ extern struct mtx hostname_mtx; extern unsigned long hostid; extern char hostuuid[64]; +#ifdef VIMAGE_GLOBALS extern char hostname[MAXHOSTNAMELEN]; extern char domainname[MAXHOSTNAMELEN]; +#endif extern char kernelname[MAXPATHLEN]; extern int tick; /* usec per tick (1000000 / hz) */ ==== //depot/projects/vimage-commit/src/sys/sys/ucred.h#5 (text+ko) ==== @@ -55,7 +55,7 @@ struct uidinfo *cr_uidinfo; /* per euid resource consumption */ struct uidinfo *cr_ruidinfo; /* per ruid resource consumption */ struct prison *cr_prison; /* jail(2) */ - struct vnet *cr_vnet; /* vimage / vnet */ + struct vimage *cr_vimage; /* vimage */ void *cr_pspare[2]; /* general use 2 */ #define cr_endcopy cr_label struct label *cr_label; /* MAC label */ ==== //depot/projects/vimage-commit/src/sys/sys/vimage.h#19 (text+ko) ==== @@ -44,6 +44,13 @@ #define VNET_DEBUG #endif +struct vimage; +struct vprocg; +struct vnet; +struct vi_req; +struct kld_sym_lookup; +struct ifnet; + typedef int vnet_attach_fn(const void *); typedef int vnet_detach_fn(const void *); @@ -111,6 +118,7 @@ /* Major module IDs for vimage sysctl virtualization. */ #define V_GLOBAL 0 /* global variable - no indirection */ #define V_NET 1 +#define V_PROCG 2 /* Name mappings for minor module IDs in vimage sysctl virtualization. */ #define V_MOD_vnet_net VNET_MOD_NET @@ -121,6 +129,8 @@ #define V_MOD_vnet_pf VNET_MOD_PF #define V_MOD_vnet_gif VNET_MOD_GIF #define V_MOD_vnet_ipsec VNET_MOD_IPSEC + +#define V_MOD_vprocg 0 /* no minor module ids like in vnet */ int vi_symlookup(struct kld_sym_lookup *, char *); void vnet_mod_register(const struct vnet_modinfo *); @@ -128,6 +138,15 @@ void vnet_mod_deregister(const struct vnet_modinfo *); void vnet_mod_deregister_multi(const struct vnet_modinfo *, void *, char *); +int vi_td_ioctl(u_long, struct vi_req *, struct thread *); +int vi_if_move(struct vi_req *, struct ifnet *, struct vimage *); +void if_reassign_common(struct ifnet *, struct vnet *, const char *); + +struct vimage *vnet2vimage(struct vnet *); +struct vimage *vimage_by_name(struct vimage *, char *); +char *vnet_name(struct vnet *); +int vi_child_of(struct vimage *, struct vimage *); + #endif /* !VIMAGE_GLOBALS */ #ifdef VIMAGE_GLOBALS @@ -157,65 +176,90 @@ #define VNET_SYMMAP_END { NULL, 0 } #endif /* !VIMAGE_GLOBALS */ -#ifdef VIMAGE +struct vimage { + LIST_ENTRY(vimage) vi_le; /* all vimage list */ + LIST_ENTRY(vimage) vi_sibling; /* vimages with same parent */ + LIST_HEAD(, vimage) vi_child_head; /* direct offspring list */ + struct vimage *vi_parent; /* ptr to parent vimage */ + u_int vi_id; /* ID num */ + u_int vi_ucredrefc; /* # of ucreds pointing to us */ + char vi_name[MAXHOSTNAMELEN]; + struct vnet *v_net; + struct vprocg *v_procg; +}; + struct vnet { void *mod_data[VNET_MOD_MAX]; LIST_ENTRY(vnet) vnet_le; /* all vnets list */ u_int vnet_magic_n; + u_int vnet_id; u_int ifccnt; u_int sockcnt; }; -#endif + +struct vprocg { + LIST_ENTRY(vprocg) vprocg_le; + u_int vprocg_ref; /* reference count */ + u_int vprocg_id; /* ID num */ + u_int nprocs; + char _hostname[MAXHOSTNAMELEN]; + char _domainname[MAXHOSTNAMELEN]; +}; +#ifndef VIMAGE_GLOBALS #ifdef VIMAGE -#define curvnet curthread->td_vnet +LIST_HEAD(vimage_list_head, vimage); +extern struct vimage_list_head vimage_head; #else -#define curvnet NULL +extern struct vprocg vprocg_0; +#endif #endif -#define VNET_MAGIC_N 0x3e0d8f29 +#define curvnet curthread->td_vnet + +#define VNET_MAGIC_N 0x3e0d8f29 #ifdef VIMAGE #ifdef VNET_DEBUG -#define VNET_ASSERT(condition) \ +#define VNET_ASSERT(condition) \ if (!(condition)) { \ printf("VNET_ASSERT @ %s:%d %s():\n", \ __FILE__, __LINE__, __FUNCTION__); \ panic(#condition); \ } -#define CURVNET_SET_QUIET(arg) \ +#define CURVNET_SET_QUIET(arg) \ VNET_ASSERT((arg)->vnet_magic_n == VNET_MAGIC_N); \ struct vnet *saved_vnet = curvnet; \ const char *saved_vnet_lpush = curthread->td_vnet_lpush; \ curvnet = arg; \ curthread->td_vnet_lpush = __FUNCTION__; -#define CURVNET_SET_VERBOSE(arg) \ +#define CURVNET_SET_VERBOSE(arg) \ CURVNET_SET_QUIET(arg) \ if (saved_vnet) \ - printf("curvnet_set(%p) in %s() on cpu %d, prev %p in %s()\n", curvnet, \ - curthread->td_vnet_lpush, curcpu, \ + printf("curvnet_set(%p) in %s() on cpu %d, prev %p in %s()\n",\ + curvnet, curthread->td_vnet_lpush, curcpu, \ saved_vnet, saved_vnet_lpush); -#define CURVNET_SET(arg) CURVNET_SET_VERBOSE(arg) +#define CURVNET_SET(arg) CURVNET_SET_VERBOSE(arg) -#define CURVNET_RESTORE() \ +#define CURVNET_RESTORE() \ VNET_ASSERT(saved_vnet == NULL || \ saved_vnet->vnet_magic_n == VNET_MAGIC_N); \ curvnet = saved_vnet; \ curthread->td_vnet_lpush = saved_vnet_lpush; #else /* !VNET_DEBUG */ -#define VNET_ASSERT(condition) +#define VNET_ASSERT(condition) -#define CURVNET_SET(arg) \ +#define CURVNET_SET(arg) \ struct vnet *saved_vnet = curvnet; \ curvnet = arg; -#define CURVNET_SET_VERBOSE(arg) CURVNET_SET(arg) -#define CURVNET_SET_QUIET(arg) CURVNET_SET(arg) +#define CURVNET_SET_VERBOSE(arg) CURVNET_SET(arg) +#define CURVNET_SET_QUIET(arg) CURVNET_SET(arg) -#define CURVNET_RESTORE() \ +#define CURVNET_RESTORE() \ curvnet = saved_vnet; #endif /* !VNET_DEBUG */ #else /* !VIMAGE */ @@ -251,29 +295,73 @@ #define VNET_FOREACH(arg) #endif -#define TD_TO_VNET(td) (td)->td_ucred->cr_vnet +#ifdef VIMAGE +LIST_HEAD(vprocg_list_head, vprocg); +extern struct vprocg_list_head vprocg_head; +#define INIT_VPROCG(arg) struct vprocg *vprocg = (arg); +#define VPROCG_ITERLOOP_BEGIN() \ + struct vprocg *vprocg_iter; \ + LIST_FOREACH(vprocg_iter, &vprocg_head, vprocg_le) { + +#define VPROCG_ITERLOOP_END() \ + } +#else +#define INIT_VPROCG(arg) +#define VPROCG_ITERLOOP_BEGIN() +#define VPROCG_ITERLOOP_END() +#endif + +#ifdef VIMAGE +#define IS_DEFAULT_VIMAGE(arg) ((arg)->vi_id == 0) +#define IS_DEFAULT_VNET(arg) ((arg)->vnet_id == 0) +#else +#define IS_DEFAULT_VIMAGE(arg) 1 +#define IS_DEFAULT_VNET(arg) 1 +#endif + +#define TD_TO_VIMAGE(td) (td)->td_ucred->cr_vimage +#define TD_TO_VNET(td) (td)->td_ucred->cr_vimage->v_net +#define TD_TO_VPROCG(td) (td)->td_ucred->cr_vimage->v_procg +#define P_TO_VIMAGE(p) (p)->p_ucred->cr_vimage +#define P_TO_VNET(p) (p)->p_ucred->cr_vimage->v_net +#define P_TO_VPROCG(p) (p)->p_ucred->cr_vimage->v_procg /* Non-VIMAGE null-macros */ -#define IS_DEFAULT_VNET(arg) 1 #define VNET_LIST_RLOCK() #define VNET_LIST_RUNLOCK() -#define INIT_VPROCG(arg) -#define INIT_VCPU(arg) -#define TD_TO_VIMAGE(td) -#define TD_TO_VPROCG(td) -#define TD_TO_VCPU(td) -#define P_TO_VIMAGE(p) -#define P_TO_VNET(p) -#define P_TO_VPROCG(p) -#define P_TO_VCPU(p) /* XXX those defines bellow should probably go into vprocg.h and vcpu.h */ -#define VPROCG(sym) (sym) -#define VCPU(sym) (sym) +#define VPROCG(sym) VSYM(vprocg, sym) + +#ifdef VIMAGE +#define G_hostname thread0.td_ucred->cr_vimage->v_procg->_hostname +#else +#define G_hostname VPROCG(hostname) +#endif #define V_hostname VPROCG(hostname) -#define G_hostname VPROCG(hostname) /* global hostname */ #define V_domainname VPROCG(domainname) +#define V_morphing_symlinks VPROCG(morphing_symlinks) + +struct vi_req { + int req_action; /* What to do with this reqest? */ + u_short vi_proc_count; /* current number of processes */ + u_short vi_child_count; /* current number of child vnets */ + int vi_if_count; /* current number network interfaces */ + int vi_sock_count; + char vi_name[MAXPATHLEN]; + char vi_if_xname[MAXPATHLEN]; /* XXX should be IFNAMSIZ */ +}; + +#define VI_CREATE 0x00000001 +#define VI_DESTROY 0x00000002 +#define VI_MODIFY 0x00000004 +#define VI_SWITCHTO 0x00000008 +#define VI_IFACE 0x00000010 + +#define VI_GET 0x00000100 +#define VI_GETNEXT 0x00000200 +#define VI_GETNEXT_RECURSE 0x00000300 /* * Size-guards for the vimage structures.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905062102.n46L2Bak034477>