1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1980, 1986, 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph 9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 * the permission of UNIX System Laboratories, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/cdefs.h> 38 #include "opt_param.h" 39 #include "opt_msgbuf.h" 40 #include "opt_maxphys.h" 41 #include "opt_maxusers.h" 42 43 #include <sys/param.h> 44 #include <sys/_maxphys.h> 45 #include <sys/systm.h> 46 #include <sys/buf.h> 47 #include <sys/kernel.h> 48 #include <sys/limits.h> 49 #include <sys/msgbuf.h> 50 #include <sys/sysctl.h> 51 #include <sys/proc.h> 52 #include <sys/vnode.h> 53 54 #include <vm/vm.h> 55 #include <vm/vm_param.h> 56 #include <vm/pmap.h> 57 58 /* 59 * System parameter formulae. 60 */ 61 62 #ifndef HZ 63 # define HZ 1000 64 # ifndef HZ_VM 65 # define HZ_VM 100 66 # endif 67 #else 68 # ifndef HZ_VM 69 # define HZ_VM HZ 70 # endif 71 #endif 72 /* See the comments in init_param2() for these. */ 73 #define NPROC (20 + 16 * maxusers) 74 #ifndef MAXFILES 75 #define MAXFILES (40 + 32 * maxusers) 76 #endif 77 #ifndef NBUF 78 #define NBUF 0 79 #endif 80 81 static int sysctl_kern_vm_guest(SYSCTL_HANDLER_ARGS); 82 83 int hz; /* system clock's frequency */ 84 int tick; /* usec per tick (1000000 / hz) */ 85 time_t tick_seconds_max; /* max hz * seconds an integer can hold */ 86 struct bintime tick_bt; /* bintime per tick (1s / hz) */ 87 sbintime_t tick_sbt; 88 int maxusers; /* base tunable */ 89 int maxproc; /* maximum # of processes */ 90 int maxprocperuid; /* max # of procs per user */ 91 int maxfiles; /* sys. wide open files limit */ 92 int maxfilesperproc; /* per-proc open files limit */ 93 int msgbufsize; /* size of kernel message buffer */ 94 int nbuf; /* number of bcache bufs */ 95 int bio_transient_maxcnt; 96 int ngroups_max; /* max # groups per process */ 97 int nswbuf; 98 pid_t pid_max = PID_MAX; 99 u_long maxswzone; /* max swmeta KVA storage */ 100 u_long maxbcache; /* max buffer cache KVA storage */ 101 u_long maxpipekva; /* Limit on pipe KVA */ 102 u_long maxphys; /* max raw I/O transfer size */ 103 int vm_guest = VM_GUEST_NO; /* Running as virtual machine guest? */ 104 u_long maxtsiz; /* max text size */ 105 u_long dfldsiz; /* initial data size limit */ 106 u_long maxdsiz; /* max data size */ 107 u_long dflssiz; /* initial stack size limit */ 108 u_long maxssiz; /* max stack size */ 109 u_long sgrowsiz; /* amount to grow stack */ 110 111 SYSCTL_INT(_kern, OID_AUTO, hz, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &hz, 0, 112 "Number of clock ticks per second"); 113 SYSCTL_INT(_kern, OID_AUTO, hz_max, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, HZ_MAXIMUM, 114 "Maximum hz value supported"); 115 SYSCTL_INT(_kern, OID_AUTO, hz_min, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, HZ_MINIMUM, 116 "Minimum hz value supported"); 117 SYSCTL_INT(_kern, OID_AUTO, nbuf, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &nbuf, 0, 118 "Number of buffers in the buffer cache"); 119 SYSCTL_INT(_kern, OID_AUTO, nswbuf, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &nswbuf, 0, 120 "Number of swap buffers"); 121 SYSCTL_INT(_kern, OID_AUTO, msgbufsize, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &msgbufsize, 0, 122 "Size of the kernel message buffer"); 123 SYSCTL_LONG(_kern, OID_AUTO, maxswzone, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &maxswzone, 0, 124 "Maximum memory for swap metadata"); 125 SYSCTL_LONG(_kern, OID_AUTO, maxbcache, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, &maxbcache, 0, 126 "Maximum value of vfs.maxbufspace"); 127 SYSCTL_INT(_kern, OID_AUTO, bio_transient_maxcnt, CTLFLAG_RDTUN | CTLFLAG_NOFETCH, 128 &bio_transient_maxcnt, 0, 129 "Maximum number of transient BIOs mappings"); 130 SYSCTL_ULONG(_kern, OID_AUTO, maxtsiz, CTLFLAG_RWTUN | CTLFLAG_NOFETCH, &maxtsiz, 0, 131 "Maximum text size"); 132 SYSCTL_ULONG(_kern, OID_AUTO, dfldsiz, CTLFLAG_RWTUN | CTLFLAG_NOFETCH, &dfldsiz, 0, 133 "Initial data size limit"); 134 SYSCTL_ULONG(_kern, OID_AUTO, maxdsiz, CTLFLAG_RWTUN | CTLFLAG_NOFETCH, &maxdsiz, 0, 135 "Maximum data size"); 136 SYSCTL_ULONG(_kern, OID_AUTO, dflssiz, CTLFLAG_RWTUN | CTLFLAG_NOFETCH, &dflssiz, 0, 137 "Initial stack size limit"); 138 SYSCTL_ULONG(_kern, OID_AUTO, maxssiz, CTLFLAG_RWTUN | CTLFLAG_NOFETCH, &maxssiz, 0, 139 "Maximum stack size"); 140 SYSCTL_ULONG(_kern, OID_AUTO, sgrowsiz, CTLFLAG_RWTUN | CTLFLAG_NOFETCH, &sgrowsiz, 0, 141 "Amount to grow stack on a stack fault"); 142 SYSCTL_PROC(_kern, OID_AUTO, vm_guest, 143 CTLFLAG_RD | CTLTYPE_STRING | CTLFLAG_MPSAFE, NULL, 0, 144 sysctl_kern_vm_guest, "A", 145 "Virtual machine guest detected?"); 146 147 /* 148 * The elements of this array are ordered based upon the values of the 149 * corresponding enum VM_GUEST members. 150 */ 151 static const char *const vm_guest_sysctl_names[] = { 152 [VM_GUEST_NO] = "none", 153 [VM_GUEST_VM] = "generic", 154 [VM_GUEST_XEN] = "xen", 155 [VM_GUEST_HV] = "hv", 156 [VM_GUEST_VMWARE] = "vmware", 157 [VM_GUEST_KVM] = "kvm", 158 [VM_GUEST_BHYVE] = "bhyve", 159 [VM_GUEST_VBOX] = "vbox", 160 [VM_GUEST_PARALLELS] = "parallels", 161 [VM_GUEST_NVMM] = "nvmm", 162 }; 163 _Static_assert(nitems(vm_guest_sysctl_names) == VM_GUEST_LAST, 164 "new vm guest type not added to vm_guest_sysctl_names"); 165 166 /* 167 * Boot time overrides that are not scaled against main memory 168 */ 169 void 170 init_param1(void) 171 { 172 173 TSENTER(); 174 175 /* 176 * arm64 and riscv currently hard-code the thread0 kstack size 177 * to KSTACK_PAGES, ignoring the tunable. 178 */ 179 TUNABLE_INT_FETCH("kern.kstack_pages", &kstack_pages); 180 181 hz = -1; 182 TUNABLE_INT_FETCH("kern.hz", &hz); 183 if (hz == -1) 184 hz = vm_guest > VM_GUEST_NO ? HZ_VM : HZ; 185 186 /* range check the "hz" value */ 187 if (__predict_false(hz < HZ_MINIMUM)) 188 hz = HZ_MINIMUM; 189 else if (__predict_false(hz > HZ_MAXIMUM)) 190 hz = HZ_MAXIMUM; 191 192 tick = 1000000 / hz; 193 tick_sbt = SBT_1S / hz; 194 tick_bt = sbttobt(tick_sbt); 195 tick_seconds_max = INT_MAX / hz; 196 197 /* 198 * Arrange for ticks to wrap 10 minutes after boot to help catch 199 * sign problems sooner. 200 */ 201 ticksl = INT_MAX - (hz * 10 * 60); 202 203 vn_lock_pair_pause_max = hz / 100; 204 if (vn_lock_pair_pause_max == 0) 205 vn_lock_pair_pause_max = 1; 206 207 #ifdef VM_SWZONE_SIZE_MAX 208 maxswzone = VM_SWZONE_SIZE_MAX; 209 #endif 210 TUNABLE_LONG_FETCH("kern.maxswzone", &maxswzone); 211 #ifdef VM_BCACHE_SIZE_MAX 212 maxbcache = VM_BCACHE_SIZE_MAX; 213 #endif 214 TUNABLE_LONG_FETCH("kern.maxbcache", &maxbcache); 215 msgbufsize = MSGBUF_SIZE; 216 TUNABLE_INT_FETCH("kern.msgbufsize", &msgbufsize); 217 218 maxtsiz = MAXTSIZ; 219 TUNABLE_ULONG_FETCH("kern.maxtsiz", &maxtsiz); 220 dfldsiz = DFLDSIZ; 221 TUNABLE_ULONG_FETCH("kern.dfldsiz", &dfldsiz); 222 maxdsiz = MAXDSIZ; 223 TUNABLE_ULONG_FETCH("kern.maxdsiz", &maxdsiz); 224 dflssiz = DFLSSIZ; 225 TUNABLE_ULONG_FETCH("kern.dflssiz", &dflssiz); 226 maxssiz = MAXSSIZ; 227 TUNABLE_ULONG_FETCH("kern.maxssiz", &maxssiz); 228 sgrowsiz = SGROWSIZ; 229 TUNABLE_ULONG_FETCH("kern.sgrowsiz", &sgrowsiz); 230 231 /* 232 * Let the administrator set {NGROUPS_MAX}. 233 * 234 * Values less than NGROUPS_MAX would violate POSIX/SuS (see the 235 * specification for <limits.h>, paragraph "Runtime Increasable 236 * Values"). 237 * 238 * On the other hand, INT_MAX would result in an overflow for the common 239 * 'ngroups_max + 1' computation (to obtain the size of the internal 240 * groups array, its first element being reserved for the effective 241 * GID). Also, the number of allocated bytes for the group array must 242 * not overflow on 32-bit machines. For all these reasons, we limit the 243 * number of supplementary groups to some very high number that we 244 * expect will never be reached in all practical uses and ensures we 245 * avoid the problems just exposed, even if 'gid_t' was to be enlarged 246 * by a magnitude. 247 */ 248 ngroups_max = NGROUPS_MAX; 249 TUNABLE_INT_FETCH("kern.ngroups", &ngroups_max); 250 if (ngroups_max < NGROUPS_MAX) 251 ngroups_max = NGROUPS_MAX; 252 else { 253 const int ngroups_max_max = (1 << 24) - 1; 254 255 if (ngroups_max > ngroups_max_max) 256 ngroups_max = ngroups_max_max; 257 } 258 259 /* 260 * Only allow to lower the maximal pid. 261 * Prevent setting up a non-bootable system if pid_max is too low. 262 */ 263 TUNABLE_INT_FETCH("kern.pid_max", &pid_max); 264 if (pid_max > PID_MAX) 265 pid_max = PID_MAX; 266 else if (pid_max < 300) 267 pid_max = 300; 268 269 TUNABLE_INT_FETCH("vfs.unmapped_buf_allowed", &unmapped_buf_allowed); 270 TSEXIT(); 271 } 272 273 /* 274 * Boot time overrides that are scaled against main memory 275 */ 276 void 277 init_param2(long physpages) 278 { 279 long maxproc_clamp, maxfiles_clamp; 280 281 TSENTER(); 282 /* Base parameters */ 283 maxusers = MAXUSERS; 284 TUNABLE_INT_FETCH("kern.maxusers", &maxusers); 285 if (maxusers == 0) { 286 maxusers = pgtok(physpages) / (2 * 1024); 287 if (maxusers < 32) 288 maxusers = 32; 289 #ifdef VM_MAX_AUTOTUNE_MAXUSERS 290 if (maxusers > VM_MAX_AUTOTUNE_MAXUSERS) 291 maxusers = VM_MAX_AUTOTUNE_MAXUSERS; 292 #endif 293 /* 294 * Scales down the function in which maxusers grows once 295 * we hit 384 (16MB to get a new "user"). 296 */ 297 if (maxusers > 384) 298 maxusers = 384 + ((maxusers - 384) / 8); 299 } 300 301 /* 302 * The following can be overridden after boot via sysctl. Note: unless 303 * overridden, these macros are ultimately based on 'maxusers'. Limit 304 * maxproc so that kmap entries cannot be exhausted by processes. The 305 * default for 'maxproc' linearly scales as 16 times 'maxusers' (so, 306 * linearly with 8 processes per MB up to 768MB, then 1 process per MB; 307 * overridable by a tunable), and is then clamped at 21 + 1/3 processes 308 * per MB (which never happens by default as long as physical memory is 309 * > ~1.5MB). 310 */ 311 maxproc = NPROC; 312 TUNABLE_INT_FETCH("kern.maxproc", &maxproc); 313 maxproc_clamp = pgtok(physpages) / (3 * 1024 / 64); 314 if (maxproc > maxproc_clamp) 315 maxproc = maxproc_clamp; 316 if (maxproc > pid_max) 317 maxproc = pid_max; 318 maxprocperuid = (maxproc * 9) / 10; 319 320 /* 321 * 'maxfiles' by default is set to 32 files per MB (overridable by 322 * a tunable), and is then clamped at 64 files per MB (which thus never 323 * happens by default). (The default MAXFILES is for all practical 324 * purposes not used, as it gives a lower value than 32 files per MB as 325 * soon as there is more than ~2.5MB of memory.) 326 */ 327 maxfiles = imax(MAXFILES, pgtok(physpages) / (1024 / 32)); 328 TUNABLE_INT_FETCH("kern.maxfiles", &maxfiles); 329 maxfiles_clamp = pgtok(physpages) / (1024 / 64); 330 if (maxfiles > maxfiles_clamp) 331 maxfiles = maxfiles_clamp; 332 maxfilesperproc = (maxfiles / 10) * 9; 333 TUNABLE_INT_FETCH("kern.maxfilesperproc", &maxfilesperproc); 334 335 /* 336 * Cannot be changed after boot. 337 */ 338 nbuf = NBUF; 339 TUNABLE_INT_FETCH("kern.nbuf", &nbuf); 340 TUNABLE_INT_FETCH("kern.bio_transient_maxcnt", &bio_transient_maxcnt); 341 maxphys = MAXPHYS; 342 TUNABLE_ULONG_FETCH("kern.maxphys", &maxphys); 343 if (maxphys == 0) { 344 maxphys = MAXPHYS; 345 } else if (__bitcountl(maxphys) != 1) { /* power of two */ 346 if (flsl(maxphys) == NBBY * sizeof(maxphys)) 347 maxphys = MAXPHYS; 348 else 349 maxphys = 1UL << flsl(maxphys); 350 } 351 if (maxphys < PAGE_SIZE) 352 maxphys = MAXPHYS; 353 354 /* 355 * Physical buffers are pre-allocated buffers (struct buf) that 356 * are used as temporary holders for I/O, such as paging I/O. 357 */ 358 TUNABLE_INT_FETCH("kern.nswbuf", &nswbuf); 359 360 /* 361 * The default for maxpipekva is min(1/64 of the kernel address space, 362 * max(1/64 of main memory, 512KB)). See sys_pipe.c for more details. 363 */ 364 maxpipekva = ptoa(physpages / 64); 365 TUNABLE_LONG_FETCH("kern.ipc.maxpipekva", &maxpipekva); 366 if (maxpipekva < 512 * 1024) 367 maxpipekva = 512 * 1024; 368 if (maxpipekva > (VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS) / 64) 369 maxpipekva = (VM_MAX_KERNEL_ADDRESS - VM_MIN_KERNEL_ADDRESS) / 370 64; 371 TSEXIT(); 372 } 373 374 /* 375 * Sysctl stringifying handler for kern.vm_guest. 376 */ 377 static int 378 sysctl_kern_vm_guest(SYSCTL_HANDLER_ARGS) 379 { 380 return (SYSCTL_OUT_STR(req, vm_guest_sysctl_names[vm_guest])); 381 } 382