1 /*- 2 * Copyright (c) 1982, 1986, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the University of 21 * California, Berkeley and its contributors. 22 * 4. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)kern_resource.c 8.5 (Berkeley) 1/21/94 39 * $Id: kern_resource.c,v 1.24 1997/02/22 09:39:09 peter Exp $ 40 */ 41 42 #include "opt_rlimit.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/sysproto.h> 47 #include <sys/kernel.h> 48 #include <sys/file.h> 49 #include <sys/resourcevar.h> 50 #include <sys/malloc.h> 51 #include <sys/proc.h> 52 53 #include <vm/vm.h> 54 #include <vm/vm_param.h> 55 #include <vm/vm_prot.h> 56 #include <sys/lock.h> 57 #include <vm/pmap.h> 58 #include <vm/vm_map.h> 59 60 int donice __P((struct proc *curp, struct proc *chgp, int n)); 61 int dosetrlimit __P((struct proc *p, u_int which, struct rlimit *limp)); 62 63 /* 64 * Resource controls and accounting. 65 */ 66 67 #ifndef _SYS_SYSPROTO_H_ 68 struct getpriority_args { 69 int which; 70 int who; 71 }; 72 #endif 73 int 74 getpriority(curp, uap, retval) 75 struct proc *curp; 76 register struct getpriority_args *uap; 77 int *retval; 78 { 79 register struct proc *p; 80 register int low = PRIO_MAX + 1; 81 82 switch (uap->which) { 83 84 case PRIO_PROCESS: 85 if (uap->who == 0) 86 p = curp; 87 else 88 p = pfind(uap->who); 89 if (p == 0) 90 break; 91 low = p->p_nice; 92 break; 93 94 case PRIO_PGRP: { 95 register struct pgrp *pg; 96 97 if (uap->who == 0) 98 pg = curp->p_pgrp; 99 else if ((pg = pgfind(uap->who)) == NULL) 100 break; 101 for (p = pg->pg_members.lh_first; p != 0; 102 p = p->p_pglist.le_next) { 103 if (p->p_nice < low) 104 low = p->p_nice; 105 } 106 break; 107 } 108 109 case PRIO_USER: 110 if (uap->who == 0) 111 uap->who = curp->p_ucred->cr_uid; 112 for (p = allproc.lh_first; p != 0; p = p->p_list.le_next) 113 if (p->p_ucred->cr_uid == uap->who && 114 p->p_nice < low) 115 low = p->p_nice; 116 break; 117 118 default: 119 return (EINVAL); 120 } 121 if (low == PRIO_MAX + 1) 122 return (ESRCH); 123 *retval = low; 124 return (0); 125 } 126 127 #ifndef _SYS_SYSPROTO_H_ 128 struct setpriority_args { 129 int which; 130 int who; 131 int prio; 132 }; 133 #endif 134 /* ARGSUSED */ 135 int 136 setpriority(curp, uap, retval) 137 struct proc *curp; 138 register struct setpriority_args *uap; 139 int *retval; 140 { 141 register struct proc *p; 142 int found = 0, error = 0; 143 144 switch (uap->which) { 145 146 case PRIO_PROCESS: 147 if (uap->who == 0) 148 p = curp; 149 else 150 p = pfind(uap->who); 151 if (p == 0) 152 break; 153 error = donice(curp, p, uap->prio); 154 found++; 155 break; 156 157 case PRIO_PGRP: { 158 register struct pgrp *pg; 159 160 if (uap->who == 0) 161 pg = curp->p_pgrp; 162 else if ((pg = pgfind(uap->who)) == NULL) 163 break; 164 for (p = pg->pg_members.lh_first; p != 0; 165 p = p->p_pglist.le_next) { 166 error = donice(curp, p, uap->prio); 167 found++; 168 } 169 break; 170 } 171 172 case PRIO_USER: 173 if (uap->who == 0) 174 uap->who = curp->p_ucred->cr_uid; 175 for (p = allproc.lh_first; p != 0; p = p->p_list.le_next) 176 if (p->p_ucred->cr_uid == uap->who) { 177 error = donice(curp, p, uap->prio); 178 found++; 179 } 180 break; 181 182 default: 183 return (EINVAL); 184 } 185 if (found == 0) 186 return (ESRCH); 187 return (error); 188 } 189 190 int 191 donice(curp, chgp, n) 192 register struct proc *curp, *chgp; 193 register int n; 194 { 195 register struct pcred *pcred = curp->p_cred; 196 197 if (pcred->pc_ucred->cr_uid && pcred->p_ruid && 198 pcred->pc_ucred->cr_uid != chgp->p_ucred->cr_uid && 199 pcred->p_ruid != chgp->p_ucred->cr_uid) 200 return (EPERM); 201 if (n > PRIO_MAX) 202 n = PRIO_MAX; 203 if (n < PRIO_MIN) 204 n = PRIO_MIN; 205 if (n < chgp->p_nice && suser(pcred->pc_ucred, &curp->p_acflag)) 206 return (EACCES); 207 chgp->p_nice = n; 208 (void)resetpriority(chgp); 209 return (0); 210 } 211 212 /* rtprio system call */ 213 #ifndef _SYS_SYSPROTO_H_ 214 struct rtprio_args { 215 int function; 216 pid_t pid; 217 struct rtprio *rtp; 218 }; 219 #endif 220 221 /* 222 * Set realtime priority 223 */ 224 225 /* ARGSUSED */ 226 int 227 rtprio(curp, uap, retval) 228 struct proc *curp; 229 register struct rtprio_args *uap; 230 int *retval; 231 { 232 register struct proc *p; 233 register struct pcred *pcred = curp->p_cred; 234 struct rtprio rtp; 235 int error; 236 237 error = copyin(uap->rtp, &rtp, sizeof(struct rtprio)); 238 if (error) 239 return (error); 240 241 if (uap->pid == 0) 242 p = curp; 243 else 244 p = pfind(uap->pid); 245 246 if (p == 0) 247 return (ESRCH); 248 249 switch (uap->function) { 250 case RTP_LOOKUP: 251 return (copyout(&p->p_rtprio, uap->rtp, sizeof(struct rtprio))); 252 case RTP_SET: 253 if (pcred->pc_ucred->cr_uid && pcred->p_ruid && 254 pcred->pc_ucred->cr_uid != p->p_ucred->cr_uid && 255 pcred->p_ruid != p->p_ucred->cr_uid) 256 return (EPERM); 257 /* disallow setting rtprio in most cases if not superuser */ 258 if (suser(pcred->pc_ucred, &curp->p_acflag)) { 259 /* can't set someone else's */ 260 if (uap->pid) 261 return (EPERM); 262 /* can't set realtime priority */ 263 if (rtp.type == RTP_PRIO_REALTIME) 264 return (EPERM); 265 } 266 switch (rtp.type) { 267 case RTP_PRIO_REALTIME: 268 case RTP_PRIO_NORMAL: 269 case RTP_PRIO_IDLE: 270 if (rtp.prio > RTP_PRIO_MAX) 271 return (EINVAL); 272 p->p_rtprio = rtp; 273 return (0); 274 default: 275 return (EINVAL); 276 } 277 278 default: 279 return (EINVAL); 280 } 281 } 282 283 #if defined(COMPAT_43) || defined(COMPAT_SUNOS) 284 #ifndef _SYS_SYSPROTO_H_ 285 struct osetrlimit_args { 286 u_int which; 287 struct orlimit *rlp; 288 }; 289 #endif 290 /* ARGSUSED */ 291 int 292 osetrlimit(p, uap, retval) 293 struct proc *p; 294 register struct osetrlimit_args *uap; 295 int *retval; 296 { 297 struct orlimit olim; 298 struct rlimit lim; 299 int error; 300 301 if ((error = 302 copyin((caddr_t)uap->rlp, (caddr_t)&olim, sizeof(struct orlimit)))) 303 return (error); 304 lim.rlim_cur = olim.rlim_cur; 305 lim.rlim_max = olim.rlim_max; 306 return (dosetrlimit(p, uap->which, &lim)); 307 } 308 309 #ifndef _SYS_SYSPROTO_H_ 310 struct ogetrlimit_args { 311 u_int which; 312 struct orlimit *rlp; 313 }; 314 #endif 315 /* ARGSUSED */ 316 int 317 ogetrlimit(p, uap, retval) 318 struct proc *p; 319 register struct ogetrlimit_args *uap; 320 int *retval; 321 { 322 struct orlimit olim; 323 324 if (uap->which >= RLIM_NLIMITS) 325 return (EINVAL); 326 olim.rlim_cur = p->p_rlimit[uap->which].rlim_cur; 327 if (olim.rlim_cur == -1) 328 olim.rlim_cur = 0x7fffffff; 329 olim.rlim_max = p->p_rlimit[uap->which].rlim_max; 330 if (olim.rlim_max == -1) 331 olim.rlim_max = 0x7fffffff; 332 return (copyout((caddr_t)&olim, (caddr_t)uap->rlp, sizeof(olim))); 333 } 334 #endif /* COMPAT_43 || COMPAT_SUNOS */ 335 336 #ifndef _SYS_SYSPROTO_H_ 337 struct __setrlimit_args { 338 u_int which; 339 struct rlimit *rlp; 340 }; 341 #endif 342 /* ARGSUSED */ 343 int 344 setrlimit(p, uap, retval) 345 struct proc *p; 346 register struct __setrlimit_args *uap; 347 int *retval; 348 { 349 struct rlimit alim; 350 int error; 351 352 if ((error = 353 copyin((caddr_t)uap->rlp, (caddr_t)&alim, sizeof (struct rlimit)))) 354 return (error); 355 return (dosetrlimit(p, uap->which, &alim)); 356 } 357 358 int 359 dosetrlimit(p, which, limp) 360 struct proc *p; 361 u_int which; 362 struct rlimit *limp; 363 { 364 register struct rlimit *alimp; 365 int error; 366 367 if (which >= RLIM_NLIMITS) 368 return (EINVAL); 369 alimp = &p->p_rlimit[which]; 370 371 /* 372 * Preserve historical bugs by treating negative limits as unsigned. 373 */ 374 if (limp->rlim_cur < 0) 375 limp->rlim_cur = RLIM_INFINITY; 376 if (limp->rlim_max < 0) 377 limp->rlim_max = RLIM_INFINITY; 378 379 if (limp->rlim_cur > alimp->rlim_max || 380 limp->rlim_max > alimp->rlim_max) 381 if ((error = suser(p->p_ucred, &p->p_acflag))) 382 return (error); 383 if (limp->rlim_cur > limp->rlim_max) 384 limp->rlim_cur = limp->rlim_max; 385 if (p->p_limit->p_refcnt > 1 && 386 (p->p_limit->p_lflags & PL_SHAREMOD) == 0) { 387 p->p_limit->p_refcnt--; 388 p->p_limit = limcopy(p->p_limit); 389 alimp = &p->p_rlimit[which]; 390 } 391 392 switch (which) { 393 394 case RLIMIT_DATA: 395 if (limp->rlim_cur > MAXDSIZ) 396 limp->rlim_cur = MAXDSIZ; 397 if (limp->rlim_max > MAXDSIZ) 398 limp->rlim_max = MAXDSIZ; 399 break; 400 401 case RLIMIT_STACK: 402 if (limp->rlim_cur > MAXSSIZ) 403 limp->rlim_cur = MAXSSIZ; 404 if (limp->rlim_max > MAXSSIZ) 405 limp->rlim_max = MAXSSIZ; 406 /* 407 * Stack is allocated to the max at exec time with only 408 * "rlim_cur" bytes accessible. If stack limit is going 409 * up make more accessible, if going down make inaccessible. 410 */ 411 if (limp->rlim_cur != alimp->rlim_cur) { 412 vm_offset_t addr; 413 vm_size_t size; 414 vm_prot_t prot; 415 416 if (limp->rlim_cur > alimp->rlim_cur) { 417 prot = VM_PROT_ALL; 418 size = limp->rlim_cur - alimp->rlim_cur; 419 addr = USRSTACK - limp->rlim_cur; 420 } else { 421 prot = VM_PROT_NONE; 422 size = alimp->rlim_cur - limp->rlim_cur; 423 addr = USRSTACK - alimp->rlim_cur; 424 } 425 addr = trunc_page(addr); 426 size = round_page(size); 427 (void) vm_map_protect(&p->p_vmspace->vm_map, 428 addr, addr+size, prot, FALSE); 429 } 430 break; 431 432 case RLIMIT_NOFILE: 433 if (limp->rlim_cur > maxfilesperproc) 434 limp->rlim_cur = maxfilesperproc; 435 if (limp->rlim_max > maxfilesperproc) 436 limp->rlim_max = maxfilesperproc; 437 break; 438 439 case RLIMIT_NPROC: 440 if (limp->rlim_cur > maxprocperuid) 441 limp->rlim_cur = maxprocperuid; 442 if (limp->rlim_max > maxprocperuid) 443 limp->rlim_max = maxprocperuid; 444 break; 445 } 446 *alimp = *limp; 447 return (0); 448 } 449 450 #ifndef _SYS_SYSPROTO_H_ 451 struct __getrlimit_args { 452 u_int which; 453 struct rlimit *rlp; 454 }; 455 #endif 456 /* ARGSUSED */ 457 int 458 getrlimit(p, uap, retval) 459 struct proc *p; 460 register struct __getrlimit_args *uap; 461 int *retval; 462 { 463 464 if (uap->which >= RLIM_NLIMITS) 465 return (EINVAL); 466 return (copyout((caddr_t)&p->p_rlimit[uap->which], (caddr_t)uap->rlp, 467 sizeof (struct rlimit))); 468 } 469 470 /* 471 * Transform the running time and tick information in proc p into user, 472 * system, and interrupt time usage. 473 */ 474 void 475 calcru(p, up, sp, ip) 476 struct proc *p; 477 struct timeval *up; 478 struct timeval *sp; 479 struct timeval *ip; 480 { 481 quad_t totusec; 482 u_quad_t u, st, ut, it, tot; 483 long sec, usec; 484 int s; 485 struct timeval tv; 486 487 s = splstatclock(); 488 st = p->p_sticks; 489 ut = p->p_uticks; 490 it = p->p_iticks; 491 splx(s); 492 493 tot = st + ut + it; 494 if (tot == 0) { 495 st = 1; 496 tot = 1; 497 } 498 499 sec = p->p_rtime.tv_sec; 500 usec = p->p_rtime.tv_usec; 501 if (p == curproc) { /* XXX what if it's running on another cpu?? */ 502 /* 503 * Adjust for the current time slice. This is actually fairly 504 * important since the error here is on the order of a time 505 * quantum, which is much greater than the sampling error. 506 */ 507 microtime(&tv); 508 sec += tv.tv_sec - runtime.tv_sec; 509 usec += tv.tv_usec - runtime.tv_usec; 510 } 511 totusec = (quad_t)sec * 1000000 + usec; 512 if (totusec < 0) { 513 #ifndef SMP /* sigh, microtime and fork/exit madness here */ 514 /* XXX no %qd in kernel. Truncate. */ 515 printf("calcru: negative time: %ld usec\n", (long)totusec); 516 #endif 517 totusec = 0; 518 } 519 u = totusec; 520 st = (u * st) / tot; 521 sp->tv_sec = st / 1000000; 522 sp->tv_usec = st % 1000000; 523 ut = (u * ut) / tot; 524 up->tv_sec = ut / 1000000; 525 up->tv_usec = ut % 1000000; 526 if (ip != NULL) { 527 it = (u * it) / tot; 528 ip->tv_sec = it / 1000000; 529 ip->tv_usec = it % 1000000; 530 } 531 } 532 533 #ifndef _SYS_SYSPROTO_H_ 534 struct getrusage_args { 535 int who; 536 struct rusage *rusage; 537 }; 538 #endif 539 /* ARGSUSED */ 540 int 541 getrusage(p, uap, retval) 542 register struct proc *p; 543 register struct getrusage_args *uap; 544 int *retval; 545 { 546 register struct rusage *rup; 547 548 switch (uap->who) { 549 550 case RUSAGE_SELF: 551 rup = &p->p_stats->p_ru; 552 calcru(p, &rup->ru_utime, &rup->ru_stime, NULL); 553 break; 554 555 case RUSAGE_CHILDREN: 556 rup = &p->p_stats->p_cru; 557 break; 558 559 default: 560 return (EINVAL); 561 } 562 return (copyout((caddr_t)rup, (caddr_t)uap->rusage, 563 sizeof (struct rusage))); 564 } 565 566 void 567 ruadd(ru, ru2) 568 register struct rusage *ru, *ru2; 569 { 570 register long *ip, *ip2; 571 register int i; 572 573 timevaladd(&ru->ru_utime, &ru2->ru_utime); 574 timevaladd(&ru->ru_stime, &ru2->ru_stime); 575 if (ru->ru_maxrss < ru2->ru_maxrss) 576 ru->ru_maxrss = ru2->ru_maxrss; 577 ip = &ru->ru_first; ip2 = &ru2->ru_first; 578 for (i = &ru->ru_last - &ru->ru_first; i >= 0; i--) 579 *ip++ += *ip2++; 580 } 581 582 /* 583 * Make a copy of the plimit structure. 584 * We share these structures copy-on-write after fork, 585 * and copy when a limit is changed. 586 */ 587 struct plimit * 588 limcopy(lim) 589 struct plimit *lim; 590 { 591 register struct plimit *copy; 592 593 MALLOC(copy, struct plimit *, sizeof(struct plimit), 594 M_SUBPROC, M_WAITOK); 595 bcopy(lim->pl_rlimit, copy->pl_rlimit, 596 sizeof(struct rlimit) * RLIM_NLIMITS); 597 copy->p_lflags = 0; 598 copy->p_refcnt = 1; 599 return (copy); 600 } 601