Date: Sat, 10 Jul 2010 12:22:10 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 180723 for review Message-ID: <201007101222.o6ACMA9E031088@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@180723?ac=10 Change 180723 by trasz@trasz_victim on 2010/07/10 12:22:00 Add "options CONTAINERS". I will be useful for benchmarks and will hopefully make merging into head easier. Affected files ... .. //depot/projects/soc2009/trasz_limits/sys/compat/linux/linux_misc.c#13 edit .. //depot/projects/soc2009/trasz_limits/sys/compat/svr4/imgact_svr4.c#7 edit .. //depot/projects/soc2009/trasz_limits/sys/compat/svr4/svr4_filio.c#7 edit .. //depot/projects/soc2009/trasz_limits/sys/conf/NOTES#23 edit .. //depot/projects/soc2009/trasz_limits/sys/conf/files#31 edit .. //depot/projects/soc2009/trasz_limits/sys/conf/options#21 edit .. //depot/projects/soc2009/trasz_limits/sys/i386/linux/imgact_linux.c#6 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/imgact_aout.c#7 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/imgact_elf.c#12 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/imgact_gzip.c#5 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/init_main.c#24 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#22 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_fork.c#18 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#83 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_jail.c#22 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/tty_pts.c#17 edit .. //depot/projects/soc2009/trasz_limits/sys/kern/vfs_vnops.c#17 edit .. //depot/projects/soc2009/trasz_limits/sys/sys/container.h#7 edit .. //depot/projects/soc2009/trasz_limits/sys/vm/vm_map.c#17 edit .. //depot/projects/soc2009/trasz_limits/sys/vm/vm_unix.c#7 edit Differences ... ==== //depot/projects/soc2009/trasz_limits/sys/compat/linux/linux_misc.c#13 (text+ko) ==== @@ -359,6 +359,7 @@ * XXX - this is not complete. it should check current usage PLUS * the resources needed by this library. */ +#ifdef CONTAINERS if (a_out->a_text > maxtsiz) { error = ENOMEM; goto cleanup; @@ -369,6 +370,16 @@ error = ENOMEM; goto cleanup; } +#else + PROC_LOCK(td->td_proc); + if (a_out->a_text > maxtsiz || + a_out->a_data + bss_size > lim_cur(td->td_proc, RLIMIT_DATA)) { + PROC_UNLOCK(td->td_proc); + error = ENOMEM; + goto cleanup; + } + PROC_UNLOCK(td->td_proc); +#endif /* !CONTAINERS */ /* * Prevent more writers. @@ -455,10 +466,8 @@ /* allocate some 'anon' space */ error = vm_map_find(&td->td_proc->p_vmspace->vm_map, NULL, 0, &vmaddr, bss_size, FALSE, VM_PROT_ALL, VM_PROT_ALL, 0); - if (error) { - error = ENOMEM; + if (error) goto cleanup; - } } cleanup: ==== //depot/projects/soc2009/trasz_limits/sys/compat/svr4/imgact_svr4.c#7 (text+ko) ==== @@ -107,12 +107,22 @@ /* * text/data/bss must not exceed limits */ +#ifdef CONTAINERS if (a_out->a_text > maxtsiz) - return (ENOMEM); + return (ENOMEM); error = rusage_set(imgp->proc, RUSAGE_DATASIZE, a_out->a_data + bss_size); if (error) - return (ENOMEM); + return (ENOMEM); +#else + PROC_LOCK(imgp->proc); + if (a_out->a_text > maxtsiz || + a_out->a_data + bss_size > lim_cur(imgp->proc, RLIMIT_DATA)) { + PROC_UNLOCK(imgp->proc); + return (ENOMEM); + } + PROC_UNLOCK(imgp->proc); +#endif /* !CONTAINERS */ VOP_UNLOCK(imgp->vp, 0); ==== //depot/projects/soc2009/trasz_limits/sys/compat/svr4/svr4_filio.c#7 (text+ko) ==== @@ -78,8 +78,9 @@ } PROC_UNLOCK(td->td_proc); +#ifdef CONTAINERS rusage_add(td->td_proc, RUSAGE_FILEDESCRIPTORS, uap->nfds); - +#endif pa.fds = uap->fds; pa.nfds = uap->nfds; pa.timeout = uap->timeout; @@ -105,7 +106,9 @@ forget to update it if I add more code */ } done: +#ifdef CONTAINERS rusage_sub(td->td_proc, RUSAGE_FILEDESCRIPTORS, uap->nfds); +#endif free(pfd, M_TEMP); return error; } ==== //depot/projects/soc2009/trasz_limits/sys/conf/NOTES#23 (text+ko) ==== @@ -1144,6 +1144,9 @@ options MAC_STUB options MAC_TEST +# Resource Containers +options CONTAINERS + # Hierarchical Resource Limits options HRL ==== //depot/projects/soc2009/trasz_limits/sys/conf/files#31 (text+ko) ==== @@ -2084,7 +2084,7 @@ kern/kern_condvar.c standard kern/kern_conf.c standard kern/kern_cons.c standard -kern/kern_container.c standard +kern/kern_container.c optional containers kern/kern_cpu.c standard kern/kern_cpuset.c standard kern/kern_context.c standard ==== //depot/projects/soc2009/trasz_limits/sys/conf/options#21 (text+ko) ==== @@ -854,5 +854,8 @@ FDT opt_platform.h FDT_DTB_STATIC opt_platform.h +# Resource Containers +CONTAINERS opt_global.h + # Hierarchical Resource Limits HRL opt_hrl.h ==== //depot/projects/soc2009/trasz_limits/sys/i386/linux/imgact_linux.c#6 (text+ko) ==== @@ -105,12 +105,22 @@ /* * text/data/bss must not exceed limits */ +#ifdef CONTAINERS if (a_out->a_text > maxtsiz) return (ENOMEM); error = rusage_set(imgp->proc, RUSAGE_DATASIZE, a_out->a_data + bss_size); if (error) return (ENOMEM); +#else + PROC_LOCK(imgp->proc); + if (a_out->a_text > maxtsiz || + a_out->a_data + bss_size > lim_cur(imgp->proc, RLIMIT_DATA)) { + PROC_UNLOCK(imgp->proc); + return (ENOMEM); + } + PROC_UNLOCK(imgp->proc); +#endif /* !CONTAINERS */ VOP_UNLOCK(imgp->vp, 0); ==== //depot/projects/soc2009/trasz_limits/sys/kern/imgact_aout.c#7 (text+ko) ==== @@ -185,6 +185,7 @@ /* * text/data/bss must not exceed limits */ +#ifdef CONTAINERS if (/* text can't exceed maximum text size */ a_out->a_text > maxtsiz) return (ENOMEM); @@ -192,6 +193,18 @@ a_out->a_data + bss_size); if (error) return (ENOMEM); +#else + PROC_LOCK(imgp->proc); + if (/* text can't exceed maximum text size */ + a_out->a_text > maxtsiz || + + /* data + bss can't exceed rlimit */ + a_out->a_data + bss_size > lim_cur(imgp->proc, RLIMIT_DATA)) { + PROC_UNLOCK(imgp->proc); + return (ENOMEM); + } + PROC_UNLOCK(imgp->proc); +#endif /* * Avoid a possible deadlock if the current address space is destroyed ==== //depot/projects/soc2009/trasz_limits/sys/kern/imgact_elf.c#12 (text+ko) ==== @@ -872,6 +872,7 @@ * limits after loading the segments since we do * not actually fault in all the segments pages. */ +#ifdef CONTAINERS if (text_size > maxtsiz) return (ENOMEM); error = rusage_set(imgp->proc, RUSAGE_DATASIZE, @@ -884,6 +885,15 @@ return (ENOMEM); PROC_LOCK(imgp->proc); +#else + PROC_LOCK(imgp->proc); + if (data_size > lim_cur(imgp->proc, RLIMIT_DATA) || + text_size > maxtsiz || + total_size > lim_cur(imgp->proc, RLIMIT_VMEM)) { + PROC_UNLOCK(imgp->proc); + return (ENOMEM); + } +#endif /* !CONTAINERS */ vmspace->vm_tsize = text_size >> PAGE_SHIFT; vmspace->vm_taddr = (caddr_t)(uintptr_t)text_addr; vmspace->vm_dsize = data_size >> PAGE_SHIFT; ==== //depot/projects/soc2009/trasz_limits/sys/kern/imgact_gzip.c#5 (text+ko) ==== @@ -210,6 +210,7 @@ /* * text/data/bss must not exceed limits */ +#ifdef CONTAINERS if ( /* text can't exceed maximum text size */ gz->a_out.a_text > maxtsiz) { gz->where = __LINE__; @@ -219,6 +220,20 @@ gz->a_out.a_data + gz->bss_size); if (error) return (ENOMEM); +#else + PROC_LOCK(gz->ip->proc); + if ( /* text can't exceed maximum text size */ + gz->a_out.a_text > maxtsiz || + + /* data + bss can't exceed rlimit */ + gz->a_out.a_data + gz->bss_size > + lim_cur(gz->ip->proc, RLIMIT_DATA)) { + PROC_UNLOCK(gz->ip->proc); + gz->where = __LINE__; + return (ENOMEM); + } + PROC_UNLOCK(gz->ip->proc); +#endif /* !CONTAINERS */ /* Find out how far we should go */ gz->file_end = gz->file_offset + gz->a_out.a_text + gz->a_out.a_data; ==== //depot/projects/soc2009/trasz_limits/sys/kern/init_main.c#24 (text+ko) ==== @@ -404,7 +404,9 @@ proc0_init(void *dummy __unused) { struct proc *p; +#ifdef CONTAINERS unsigned error; +#endif struct thread *td; vm_paddr_t pageablemem; int i; @@ -563,8 +565,10 @@ * Charge root for one process. */ (void)chgproccnt(p->p_ucred->cr_ruidinfo, 1, 0); +#ifdef CONTAINERS error = rusage_add(p, RUSAGE_MAXPROCESSES, 1); KASSERT(error == 0, ("rusage_add failed")); +#endif } SYSINIT(p0init, SI_SUB_INTRINSIC, SI_ORDER_FIRST, proc0_init, NULL); ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_exit.c#22 (text+ko) ==== @@ -767,12 +767,14 @@ * Decrement the count of procs running with this uid. */ (void)chgproccnt(p->p_ucred->cr_ruidinfo, -1, 0); +#ifdef CONTAINERS rusage_sub(p->p_pptr, RUSAGE_MAXPROCESSES, 1); /* * Destroy resource container associated with the process. */ container_proc_exit(p); +#endif /* * Free credentials, arguments, and sigacts. @@ -933,9 +935,11 @@ if (child->p_pptr == parent) return; +#ifdef CONTAINERS rusage_sub(child->p_pptr, RUSAGE_MAXPROCESSES, 1); /* XXX: What about return value? */ rusage_add(parent, RUSAGE_MAXPROCESSES, 1); +#endif PROC_LOCK(child->p_pptr); sigqueue_take(child->p_ksi); ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_fork.c#18 (text+ko) ==== @@ -224,9 +224,11 @@ p1 = td->td_proc; +#ifdef CONTAINERS error = rusage_add(p1, RUSAGE_MAXPROCESSES, 1); if (error) return (error); +#endif /* * Here we don't create a new process, but we divorce @@ -238,7 +240,9 @@ PROC_LOCK(p1); if (thread_single(SINGLE_BOUNDARY)) { PROC_UNLOCK(p1); +#ifdef CONTAINERS rusage_sub(p1, RUSAGE_MAXPROCESSES, 1); +#endif return (ERESTART); } PROC_UNLOCK(p1); @@ -272,8 +276,10 @@ PROC_UNLOCK(p1); } *procp = NULL; +#ifdef CONTAINERS if (error) rusage_sub(p1, RUSAGE_MAXPROCESSES, 1); +#endif return (error); } @@ -350,6 +356,7 @@ goto fail; } +#ifdef CONTAINERS /* * Initialize resource container for the child process. */ @@ -358,6 +365,7 @@ error = EAGAIN; goto fail; } +#endif /* * Increment the count of procs running with this uid. Don't allow @@ -802,7 +810,9 @@ *procp = p2; return (0); fail: +#ifdef CONTAINERS container_proc_exit(newproc); +#endif sx_sunlock(&proctree_lock); if (ppsratecheck(&lastfail, &curfail, 1)) printf("maxproc limit exceeded by uid %i, please see tuning(7) and login.conf(5).\n", @@ -816,7 +826,9 @@ vmspace_free(vm2); uma_zfree(proc_zone, newproc); pause("fork", hz / 2); +#ifdef CONTAINERS rusage_sub(p1, RUSAGE_MAXPROCESSES, 1); +#endif return (error); } ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_hrl.c#83 (text+ko) ==== @@ -55,6 +55,9 @@ #include <vm/uma.h> #ifdef HRL +#ifndef CONTAINERS +#error "The HRL option requires the CONTAINERS option" +#endif #define HRF_DEFAULT 0 #define HRF_DONT_INHERIT 1 ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_jail.c#22 (text+ko) ==== @@ -1185,7 +1185,9 @@ root = mypr->pr_root; vref(root); } +#ifdef CONTAINERS container_create(&pr->pr_container); +#endif strlcpy(pr->pr_hostuuid, DEFAULT_HOSTUUID, HOSTUUIDLEN); pr->pr_flags |= PR_HOST; #if defined(INET) || defined(INET6) @@ -2518,7 +2520,9 @@ if (pr->pr_cpuset != NULL) cpuset_rel(pr->pr_cpuset); osd_jail_exit(pr); +#ifdef CONTAINERS container_destroy(&pr->pr_container); +#endif free(pr, M_PRISON); /* Removing a prison frees a reference on its parent. */ ==== //depot/projects/soc2009/trasz_limits/sys/kern/tty_pts.c#17 (text+ko) ==== @@ -713,7 +713,10 @@ int pts_alloc(int fflags, struct thread *td, struct file *fp) { - int unit, ok, error; + int unit, ok; +#ifdef CONTAINERS + int error; +#endif struct tty *tp; struct pts_softc *psc; struct proc *p = td->td_proc; @@ -722,10 +725,14 @@ /* Resource limiting. */ PROC_LOCK(p); ok = chgptscnt(uid, 1, lim_cur(p, RLIMIT_NPTS)); +#ifdef CONTAINERS error = rusage_add(p, RUSAGE_PTY, 1); +#endif PROC_UNLOCK(p); +#ifdef CONTAINERS if (ok != !error) printf("pts_alloc: ok = %d, error = %d\n", ok, error); +#endif if (!ok) return (EAGAIN); @@ -733,7 +740,9 @@ unit = alloc_unr(pts_pool); if (unit < 0) { chgptscnt(uid, -1, 0); +#ifdef CONTAINERS rusage_sub(p, RUSAGE_PTY, 1); +#endif return (EAGAIN); } @@ -763,7 +772,10 @@ pts_alloc_external(int fflags, struct thread *td, struct file *fp, struct cdev *dev, const char *name) { - int ok, error; + int ok; +#ifdef CONTAINERS + int error; +#endif struct tty *tp; struct pts_softc *psc; struct proc *p = td->td_proc; @@ -772,10 +784,14 @@ /* Resource limiting. */ PROC_LOCK(p); ok = chgptscnt(uid, 1, lim_cur(p, RLIMIT_NPTS)); +#ifdef CONTAINERS error = rusage_add(p, RUSAGE_PTY, 1); +#endif PROC_UNLOCK(p); +#ifdef CONTAINERS if (ok != !error) printf("pts_alloc: ok = %d, error = %d\n", ok, error); +#endif if (!ok) return (EAGAIN); ==== //depot/projects/soc2009/trasz_limits/sys/kern/vfs_vnops.c#17 (text+ko) ==== @@ -1347,6 +1347,19 @@ if (vp->v_type != VREG || td == NULL) return (0); - return (rusage_set(td->td_proc, RUSAGE_FILESIZE, - (uoff_t)uio->uio_offset + uio->uio_resid)); +#ifdef CONTAINERS + if (rusage_set(td->td_proc, RUSAGE_FILESIZE, + (uoff_t)uio->uio_offset + uio->uio_resid)) + return (EFBIG); +#else + PROC_LOCK(td->td_proc); + if ((uoff_t)uio->uio_offset + uio->uio_resid > + lim_cur(td->td_proc, RLIMIT_FSIZE)) { + psignal(td->td_proc, SIGXFSZ); + PROC_UNLOCK(td->td_proc); + return (EFBIG); + } + PROC_UNLOCK(td->td_proc); +#endif + return (0); } ==== //depot/projects/soc2009/trasz_limits/sys/sys/container.h#7 (text+ko) ==== ==== //depot/projects/soc2009/trasz_limits/sys/vm/vm_map.c#17 (text+ko) ==== @@ -412,11 +412,13 @@ pmap_activate(td); vmspace_dofree(vm); } +#ifdef CONTAINERS rusage_set(p, RUSAGE_DATASIZE, 0); rusage_set(p, RUSAGE_STACKSIZE, 0); rusage_set(p, RUSAGE_MEMORYUSE, 0); rusage_set(p, RUSAGE_MEMORYLOCKED, 0); rusage_set(p, RUSAGE_VMEMORYUSE, 0); +#endif } /* Acquire reference to vmspace owned by another process. */ ==== //depot/projects/soc2009/trasz_limits/sys/vm/vm_unix.c#7 (text+ko) ==== @@ -74,10 +74,19 @@ { struct vmspace *vm = td->td_proc->p_vmspace; vm_offset_t new, old, base; +#ifndef CONTAINERS + rlim_t datalim, vmemlim; +#endif int rv; int error = 0; boolean_t do_map_wirefuture; +#ifndef CONTAINERS + PROC_LOCK(td->td_proc); + datalim = lim_cur(td->td_proc, RLIMIT_DATA); + vmemlim = lim_cur(td->td_proc, RLIMIT_VMEM); + PROC_UNLOCK(td->td_proc); +#endif do_map_wirefuture = FALSE; new = round_page((vm_offset_t)uap->nsize); vm_map_lock(&vm->vm_map); @@ -85,12 +94,23 @@ base = round_page((vm_offset_t) vm->vm_daddr); old = base + ctob(vm->vm_dsize); if (new > base) { +#ifdef CONTAINERS error = rusage_set(td->td_proc, RUSAGE_DATASIZE, new - base); if (error) { error = ENOMEM; goto done; } +#else + /* + * Check the resource limit, but allow a process to reduce + * its usage, even if it remains over the limit. + */ + if (new - base > datalim && new > old) { + error = ENOMEM; + goto done; + } +#endif /* !CONTAINERS */ if (new > vm_map_max(&vm->vm_map)) { error = ENOMEM; goto done; @@ -105,12 +125,19 @@ goto done; } if (new > old) { +#ifdef CONTAINERS error = rusage_set(td->td_proc, RUSAGE_VMEMORYUSE, vm->vm_map.size + (new - old)); if (error) { error = ENOMEM; goto done; } +#else + if (vm->vm_map.size + (new - old) > vmemlim) { + error = ENOMEM; + goto done; + } +#endif /* !CONTAINERS */ rv = vm_map_insert(&vm->vm_map, NULL, 0, old, new, VM_PROT_RW, VM_PROT_ALL, 0); if (rv != KERN_SUCCESS) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007101222.o6ACMA9E031088>