1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 29 /* 30 * System calls for creating and inquiring about tasks and projects 31 */ 32 33 #include <sys/param.h> 34 #include <sys/types.h> 35 #include <sys/errno.h> 36 #include <sys/thread.h> 37 #include <sys/proc.h> 38 #include <sys/task.h> 39 #include <sys/systm.h> 40 #include <sys/project.h> 41 #include <sys/cpuvar.h> 42 #include <sys/policy.h> 43 #include <sys/zone.h> 44 #include <sys/rctl.h> 45 46 /* 47 * Limit projlist to 256k projects. 48 */ 49 #define MAX_PROJLIST_BUFSIZE 1048576 50 51 typedef struct projlist_walk { 52 projid_t *pw_buf; 53 size_t pw_bufsz; 54 } projlist_walk_t; 55 56 /* 57 * taskid_t tasksys_settaskid(projid_t projid, uint_t flags); 58 * 59 * Overview 60 * Place the calling process in a new task if sufficiently privileged. If the 61 * present task is finalized, the process may not create a new task. 62 * 63 * Return values 64 * 0 on success, errno on failure. 65 */ 66 static long 67 tasksys_settaskid(projid_t projid, uint_t flags) 68 { 69 proc_t *p = ttoproc(curthread); 70 kproject_t *oldpj; 71 kproject_t *kpj; 72 task_t *tk, *oldtk; 73 rctl_entity_p_t e; 74 zone_t *zone; 75 int rctlfail = 0; 76 77 if (secpolicy_tasksys(CRED()) != 0) 78 return (set_errno(EPERM)); 79 80 if (projid < 0 || projid > MAXPROJID) 81 return (set_errno(EINVAL)); 82 83 if (flags & ~TASK_FINAL) 84 return (set_errno(EINVAL)); 85 86 mutex_enter(&pidlock); 87 if (p->p_task->tk_flags & TASK_FINAL) { 88 mutex_exit(&pidlock); 89 return (set_errno(EACCES)); 90 } 91 mutex_exit(&pidlock); 92 93 /* 94 * Try to stop all other lwps in the process while we're changing 95 * our project. This way, curthread doesn't need to grab its own 96 * thread_lock to find its project ID (see curprojid()). If this 97 * is the /proc agent lwp, we know that the other lwps are already 98 * held. If we failed to hold all lwps, bail out and return EINTR. 99 */ 100 if (curthread != p->p_agenttp && !holdlwps(SHOLDFORK1)) 101 return (set_errno(EINTR)); 102 /* 103 * Put a hold on our new project and make sure that nobody is 104 * trying to bind it to a pool while we're joining. 105 */ 106 kpj = project_hold_by_id(projid, p->p_zone, PROJECT_HOLD_INSERT); 107 e.rcep_p.proj = kpj; 108 e.rcep_t = RCENTITY_PROJECT; 109 110 mutex_enter(&p->p_lock); 111 oldpj = p->p_task->tk_proj; 112 zone = p->p_zone; 113 114 mutex_enter(&zone->zone_nlwps_lock); 115 mutex_enter(&zone->zone_mem_lock); 116 117 if (kpj->kpj_nlwps + p->p_lwpcnt > kpj->kpj_nlwps_ctl) 118 if (rctl_test_entity(rc_project_nlwps, kpj->kpj_rctls, p, &e, 119 p->p_lwpcnt, 0) & RCT_DENY) 120 rctlfail = 1; 121 122 if (kpj->kpj_ntasks + 1 > kpj->kpj_ntasks_ctl) 123 if (rctl_test_entity(rc_project_ntasks, kpj->kpj_rctls, p, &e, 124 1, 0) & RCT_DENY) 125 rctlfail = 1; 126 127 if (kpj->kpj_data.kpd_locked_mem + p->p_locked_mem > 128 kpj->kpj_data.kpd_locked_mem_ctl) 129 if (rctl_test_entity(rc_project_locked_mem, kpj->kpj_rctls, p, 130 &e, p->p_locked_mem, 0) & RCT_DENY) 131 rctlfail = 1; 132 133 mutex_enter(&(kpj->kpj_data.kpd_crypto_lock)); 134 if (kpj->kpj_data.kpd_crypto_mem + p->p_crypto_mem > 135 kpj->kpj_data.kpd_crypto_mem_ctl) 136 if (rctl_test_entity(rc_project_crypto_mem, kpj->kpj_rctls, p, 137 &e, p->p_crypto_mem, 0) & RCT_DENY) 138 rctlfail = 1; 139 140 if (rctlfail) { 141 mutex_exit(&(kpj->kpj_data.kpd_crypto_lock)); 142 mutex_exit(&zone->zone_mem_lock); 143 mutex_exit(&zone->zone_nlwps_lock); 144 if (curthread != p->p_agenttp) 145 continuelwps(p); 146 mutex_exit(&p->p_lock); 147 return (set_errno(EAGAIN)); 148 } 149 kpj->kpj_data.kpd_crypto_mem += p->p_crypto_mem; 150 mutex_exit(&(kpj->kpj_data.kpd_crypto_lock)); 151 kpj->kpj_data.kpd_locked_mem += p->p_locked_mem; 152 kpj->kpj_nlwps += p->p_lwpcnt; 153 kpj->kpj_ntasks++; 154 155 oldpj->kpj_data.kpd_locked_mem -= p->p_locked_mem; 156 mutex_enter(&(oldpj->kpj_data.kpd_crypto_lock)); 157 oldpj->kpj_data.kpd_crypto_mem -= p->p_crypto_mem; 158 mutex_exit(&(oldpj->kpj_data.kpd_crypto_lock)); 159 oldpj->kpj_nlwps -= p->p_lwpcnt; 160 161 mutex_exit(&zone->zone_mem_lock); 162 mutex_exit(&zone->zone_nlwps_lock); 163 mutex_exit(&p->p_lock); 164 165 mutex_enter(&kpj->kpj_poolbind); 166 tk = task_create(projid, curproc->p_zone); 167 mutex_enter(&cpu_lock); 168 /* 169 * Returns with p_lock held. 170 */ 171 oldtk = task_join(tk, flags); 172 if (curthread != p->p_agenttp) 173 continuelwps(p); 174 mutex_exit(&p->p_lock); 175 mutex_exit(&cpu_lock); 176 mutex_exit(&kpj->kpj_poolbind); 177 task_rele(oldtk); 178 project_rele(kpj); 179 return (tk->tk_tkid); 180 } 181 182 /* 183 * taskid_t tasksys_gettaskid(void); 184 * 185 * Overview 186 * Return the current task ID for this process. 187 * 188 * Return value 189 * The ID for the task to which the current process belongs. 190 */ 191 static long 192 tasksys_gettaskid() 193 { 194 long ret; 195 proc_t *p = ttoproc(curthread); 196 197 mutex_enter(&pidlock); 198 ret = p->p_task->tk_tkid; 199 mutex_exit(&pidlock); 200 return (ret); 201 } 202 203 /* 204 * projid_t tasksys_getprojid(void); 205 * 206 * Overview 207 * Return the current project ID for this process. 208 * 209 * Return value 210 * The ID for the project to which the current process belongs. 211 */ 212 static long 213 tasksys_getprojid() 214 { 215 long ret; 216 proc_t *p = ttoproc(curthread); 217 218 mutex_enter(&pidlock); 219 ret = p->p_task->tk_proj->kpj_id; 220 mutex_exit(&pidlock); 221 return (ret); 222 } 223 224 static int 225 tasksys_projlist_cb(kproject_t *kp, void *buf) 226 { 227 projlist_walk_t *pw = (projlist_walk_t *)buf; 228 229 if (pw && pw->pw_bufsz >= sizeof (projid_t)) { 230 *pw->pw_buf = kp->kpj_id; 231 pw->pw_buf++; 232 pw->pw_bufsz -= sizeof (projid_t); 233 } 234 235 return (0); 236 } 237 238 /* 239 * long tasksys_projlist(void *buf, size_t bufsz) 240 * 241 * Overview 242 * Return a buffer containing the project IDs of all currently active projects 243 * in the current zone. 244 * 245 * Return values 246 * The minimum size of a buffer sufficiently large to contain all of the 247 * active project IDs, or -1 if an error occurs during copyout. 248 */ 249 static long 250 tasksys_projlist(void *buf, size_t bufsz) 251 { 252 long ret = 0; 253 projlist_walk_t pw; 254 void *kbuf; 255 256 if (buf == NULL || bufsz == 0) 257 return (project_walk_all(getzoneid(), tasksys_projlist_cb, 258 NULL)); 259 260 if (bufsz > MAX_PROJLIST_BUFSIZE) 261 return (set_errno(ENOMEM)); 262 263 kbuf = pw.pw_buf = kmem_zalloc(bufsz, KM_SLEEP); 264 pw.pw_bufsz = bufsz; 265 266 ret = project_walk_all(getzoneid(), tasksys_projlist_cb, &pw); 267 268 if (copyout(kbuf, buf, bufsz) == -1) 269 ret = set_errno(EFAULT); 270 271 kmem_free(kbuf, bufsz); 272 return (ret); 273 } 274 275 long 276 tasksys(int code, projid_t projid, uint_t flags, void *projidbuf, size_t pbufsz) 277 { 278 switch (code) { 279 case 0: 280 return (tasksys_settaskid(projid, flags)); 281 case 1: 282 return (tasksys_gettaskid()); 283 case 2: 284 return (tasksys_getprojid()); 285 case 3: 286 return (tasksys_projlist(projidbuf, pbufsz)); 287 default: 288 return (set_errno(EINVAL)); 289 } 290 } 291