17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5c6939658Ssl108498 * Common Development and Distribution License (the "License").
6c6939658Ssl108498 * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate *
87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate * and limitations under the License.
127c478bd9Sstevel@tonic-gate *
137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate *
197c478bd9Sstevel@tonic-gate * CDDL HEADER END
207c478bd9Sstevel@tonic-gate */
217c478bd9Sstevel@tonic-gate /*
22ff19e029SMenno Lageman * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
237c478bd9Sstevel@tonic-gate */
247c478bd9Sstevel@tonic-gate
25*74bf7296SBryan Cantrill /*
26*74bf7296SBryan Cantrill * Copyright (c) 2013, Joyent, Inc. All rights reserved.
27*74bf7296SBryan Cantrill */
280209230bSgjelinek
297c478bd9Sstevel@tonic-gate /*
307c478bd9Sstevel@tonic-gate * System calls for creating and inquiring about tasks and projects
317c478bd9Sstevel@tonic-gate */
327c478bd9Sstevel@tonic-gate
337c478bd9Sstevel@tonic-gate #include <sys/param.h>
347c478bd9Sstevel@tonic-gate #include <sys/types.h>
357c478bd9Sstevel@tonic-gate #include <sys/errno.h>
367c478bd9Sstevel@tonic-gate #include <sys/thread.h>
377c478bd9Sstevel@tonic-gate #include <sys/proc.h>
387c478bd9Sstevel@tonic-gate #include <sys/task.h>
397c478bd9Sstevel@tonic-gate #include <sys/systm.h>
407c478bd9Sstevel@tonic-gate #include <sys/project.h>
417c478bd9Sstevel@tonic-gate #include <sys/cpuvar.h>
427c478bd9Sstevel@tonic-gate #include <sys/policy.h>
437c478bd9Sstevel@tonic-gate #include <sys/zone.h>
44c6939658Ssl108498 #include <sys/rctl.h>
457c478bd9Sstevel@tonic-gate
467c478bd9Sstevel@tonic-gate /*
477c478bd9Sstevel@tonic-gate * Limit projlist to 256k projects.
487c478bd9Sstevel@tonic-gate */
497c478bd9Sstevel@tonic-gate #define MAX_PROJLIST_BUFSIZE 1048576
507c478bd9Sstevel@tonic-gate
517c478bd9Sstevel@tonic-gate typedef struct projlist_walk {
527c478bd9Sstevel@tonic-gate projid_t *pw_buf;
537c478bd9Sstevel@tonic-gate size_t pw_bufsz;
547c478bd9Sstevel@tonic-gate } projlist_walk_t;
557c478bd9Sstevel@tonic-gate
567c478bd9Sstevel@tonic-gate /*
577c478bd9Sstevel@tonic-gate * taskid_t tasksys_settaskid(projid_t projid, uint_t flags);
587c478bd9Sstevel@tonic-gate *
597c478bd9Sstevel@tonic-gate * Overview
607c478bd9Sstevel@tonic-gate * Place the calling process in a new task if sufficiently privileged. If the
617c478bd9Sstevel@tonic-gate * present task is finalized, the process may not create a new task.
627c478bd9Sstevel@tonic-gate *
637c478bd9Sstevel@tonic-gate * Return values
647c478bd9Sstevel@tonic-gate * 0 on success, errno on failure.
657c478bd9Sstevel@tonic-gate */
667c478bd9Sstevel@tonic-gate static long
tasksys_settaskid(projid_t projid,uint_t flags)677c478bd9Sstevel@tonic-gate tasksys_settaskid(projid_t projid, uint_t flags)
687c478bd9Sstevel@tonic-gate {
697c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread);
707c478bd9Sstevel@tonic-gate kproject_t *oldpj;
717c478bd9Sstevel@tonic-gate kproject_t *kpj;
727c478bd9Sstevel@tonic-gate task_t *tk, *oldtk;
737c478bd9Sstevel@tonic-gate rctl_entity_p_t e;
747c478bd9Sstevel@tonic-gate zone_t *zone;
757c478bd9Sstevel@tonic-gate int rctlfail = 0;
767c478bd9Sstevel@tonic-gate
777c478bd9Sstevel@tonic-gate if (secpolicy_tasksys(CRED()) != 0)
787c478bd9Sstevel@tonic-gate return (set_errno(EPERM));
797c478bd9Sstevel@tonic-gate
807c478bd9Sstevel@tonic-gate if (projid < 0 || projid > MAXPROJID)
817c478bd9Sstevel@tonic-gate return (set_errno(EINVAL));
827c478bd9Sstevel@tonic-gate
837c478bd9Sstevel@tonic-gate if (flags & ~TASK_FINAL)
847c478bd9Sstevel@tonic-gate return (set_errno(EINVAL));
857c478bd9Sstevel@tonic-gate
867c478bd9Sstevel@tonic-gate mutex_enter(&pidlock);
877c478bd9Sstevel@tonic-gate if (p->p_task->tk_flags & TASK_FINAL) {
887c478bd9Sstevel@tonic-gate mutex_exit(&pidlock);
897c478bd9Sstevel@tonic-gate return (set_errno(EACCES));
907c478bd9Sstevel@tonic-gate }
917c478bd9Sstevel@tonic-gate mutex_exit(&pidlock);
927c478bd9Sstevel@tonic-gate
937c478bd9Sstevel@tonic-gate /*
947c478bd9Sstevel@tonic-gate * Try to stop all other lwps in the process while we're changing
957c478bd9Sstevel@tonic-gate * our project. This way, curthread doesn't need to grab its own
967c478bd9Sstevel@tonic-gate * thread_lock to find its project ID (see curprojid()). If this
977c478bd9Sstevel@tonic-gate * is the /proc agent lwp, we know that the other lwps are already
987c478bd9Sstevel@tonic-gate * held. If we failed to hold all lwps, bail out and return EINTR.
997c478bd9Sstevel@tonic-gate */
1007c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp && !holdlwps(SHOLDFORK1))
1017c478bd9Sstevel@tonic-gate return (set_errno(EINTR));
1027c478bd9Sstevel@tonic-gate /*
1037c478bd9Sstevel@tonic-gate * Put a hold on our new project and make sure that nobody is
1047c478bd9Sstevel@tonic-gate * trying to bind it to a pool while we're joining.
1057c478bd9Sstevel@tonic-gate */
1060209230bSgjelinek kpj = project_hold_by_id(projid, p->p_zone, PROJECT_HOLD_INSERT);
1077c478bd9Sstevel@tonic-gate e.rcep_p.proj = kpj;
1087c478bd9Sstevel@tonic-gate e.rcep_t = RCENTITY_PROJECT;
1097c478bd9Sstevel@tonic-gate
1107c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock);
1117c478bd9Sstevel@tonic-gate oldpj = p->p_task->tk_proj;
1127c478bd9Sstevel@tonic-gate zone = p->p_zone;
1137c478bd9Sstevel@tonic-gate
1147c478bd9Sstevel@tonic-gate mutex_enter(&zone->zone_nlwps_lock);
1150209230bSgjelinek mutex_enter(&zone->zone_mem_lock);
1167c478bd9Sstevel@tonic-gate
1177c478bd9Sstevel@tonic-gate if (kpj->kpj_nlwps + p->p_lwpcnt > kpj->kpj_nlwps_ctl)
1187c478bd9Sstevel@tonic-gate if (rctl_test_entity(rc_project_nlwps, kpj->kpj_rctls, p, &e,
1197c478bd9Sstevel@tonic-gate p->p_lwpcnt, 0) & RCT_DENY)
1207c478bd9Sstevel@tonic-gate rctlfail = 1;
1217c478bd9Sstevel@tonic-gate
1227c478bd9Sstevel@tonic-gate if (kpj->kpj_ntasks + 1 > kpj->kpj_ntasks_ctl)
1237c478bd9Sstevel@tonic-gate if (rctl_test_entity(rc_project_ntasks, kpj->kpj_rctls, p, &e,
1247c478bd9Sstevel@tonic-gate 1, 0) & RCT_DENY)
1257c478bd9Sstevel@tonic-gate rctlfail = 1;
1267c478bd9Sstevel@tonic-gate
127ff19e029SMenno Lageman if (kpj != proj0p && kpj->kpj_nprocs + 1 > kpj->kpj_nprocs_ctl)
128ff19e029SMenno Lageman if (rctl_test_entity(rc_project_nprocs, kpj->kpj_rctls, p, &e,
129ff19e029SMenno Lageman 1, 0) & RCT_DENY)
130ff19e029SMenno Lageman rctlfail = 1;
131ff19e029SMenno Lageman
132c1a9a9c3Skrishna if (kpj->kpj_data.kpd_locked_mem + p->p_locked_mem >
133c1a9a9c3Skrishna kpj->kpj_data.kpd_locked_mem_ctl)
134c6939658Ssl108498 if (rctl_test_entity(rc_project_locked_mem, kpj->kpj_rctls, p,
135c6939658Ssl108498 &e, p->p_locked_mem, 0) & RCT_DENY)
136c6939658Ssl108498 rctlfail = 1;
137c6939658Ssl108498
138c1a9a9c3Skrishna mutex_enter(&(kpj->kpj_data.kpd_crypto_lock));
139c1a9a9c3Skrishna if (kpj->kpj_data.kpd_crypto_mem + p->p_crypto_mem >
140c1a9a9c3Skrishna kpj->kpj_data.kpd_crypto_mem_ctl)
141c1a9a9c3Skrishna if (rctl_test_entity(rc_project_crypto_mem, kpj->kpj_rctls, p,
142c1a9a9c3Skrishna &e, p->p_crypto_mem, 0) & RCT_DENY)
143c1a9a9c3Skrishna rctlfail = 1;
144c1a9a9c3Skrishna
1457c478bd9Sstevel@tonic-gate if (rctlfail) {
146c1a9a9c3Skrishna mutex_exit(&(kpj->kpj_data.kpd_crypto_lock));
1470209230bSgjelinek mutex_exit(&zone->zone_mem_lock);
1487c478bd9Sstevel@tonic-gate mutex_exit(&zone->zone_nlwps_lock);
1497c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp)
1507c478bd9Sstevel@tonic-gate continuelwps(p);
1517c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock);
152*74bf7296SBryan Cantrill project_rele(kpj);
1537c478bd9Sstevel@tonic-gate return (set_errno(EAGAIN));
1547c478bd9Sstevel@tonic-gate }
155c1a9a9c3Skrishna kpj->kpj_data.kpd_crypto_mem += p->p_crypto_mem;
156c1a9a9c3Skrishna mutex_exit(&(kpj->kpj_data.kpd_crypto_lock));
157c6939658Ssl108498 kpj->kpj_data.kpd_locked_mem += p->p_locked_mem;
1587c478bd9Sstevel@tonic-gate kpj->kpj_nlwps += p->p_lwpcnt;
1597c478bd9Sstevel@tonic-gate kpj->kpj_ntasks++;
160ff19e029SMenno Lageman kpj->kpj_nprocs++;
1617c478bd9Sstevel@tonic-gate
162c6939658Ssl108498 oldpj->kpj_data.kpd_locked_mem -= p->p_locked_mem;
163c1a9a9c3Skrishna mutex_enter(&(oldpj->kpj_data.kpd_crypto_lock));
164c1a9a9c3Skrishna oldpj->kpj_data.kpd_crypto_mem -= p->p_crypto_mem;
165c1a9a9c3Skrishna mutex_exit(&(oldpj->kpj_data.kpd_crypto_lock));
1667c478bd9Sstevel@tonic-gate oldpj->kpj_nlwps -= p->p_lwpcnt;
167ff19e029SMenno Lageman oldpj->kpj_nprocs--;
1687c478bd9Sstevel@tonic-gate
1690209230bSgjelinek mutex_exit(&zone->zone_mem_lock);
1707c478bd9Sstevel@tonic-gate mutex_exit(&zone->zone_nlwps_lock);
1717c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock);
1727c478bd9Sstevel@tonic-gate
1737c478bd9Sstevel@tonic-gate mutex_enter(&kpj->kpj_poolbind);
1747c478bd9Sstevel@tonic-gate tk = task_create(projid, curproc->p_zone);
1757c478bd9Sstevel@tonic-gate mutex_enter(&cpu_lock);
1767c478bd9Sstevel@tonic-gate /*
1777c478bd9Sstevel@tonic-gate * Returns with p_lock held.
1787c478bd9Sstevel@tonic-gate */
1797c478bd9Sstevel@tonic-gate oldtk = task_join(tk, flags);
1807c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp)
1817c478bd9Sstevel@tonic-gate continuelwps(p);
1827c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock);
1837c478bd9Sstevel@tonic-gate mutex_exit(&cpu_lock);
1847c478bd9Sstevel@tonic-gate mutex_exit(&kpj->kpj_poolbind);
1857c478bd9Sstevel@tonic-gate task_rele(oldtk);
1867c478bd9Sstevel@tonic-gate project_rele(kpj);
1877c478bd9Sstevel@tonic-gate return (tk->tk_tkid);
1887c478bd9Sstevel@tonic-gate }
1897c478bd9Sstevel@tonic-gate
1907c478bd9Sstevel@tonic-gate /*
1917c478bd9Sstevel@tonic-gate * taskid_t tasksys_gettaskid(void);
1927c478bd9Sstevel@tonic-gate *
1937c478bd9Sstevel@tonic-gate * Overview
1947c478bd9Sstevel@tonic-gate * Return the current task ID for this process.
1957c478bd9Sstevel@tonic-gate *
1967c478bd9Sstevel@tonic-gate * Return value
1977c478bd9Sstevel@tonic-gate * The ID for the task to which the current process belongs.
1987c478bd9Sstevel@tonic-gate */
1997c478bd9Sstevel@tonic-gate static long
tasksys_gettaskid()2007c478bd9Sstevel@tonic-gate tasksys_gettaskid()
2017c478bd9Sstevel@tonic-gate {
2027c478bd9Sstevel@tonic-gate long ret;
2037c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread);
2047c478bd9Sstevel@tonic-gate
2057c478bd9Sstevel@tonic-gate mutex_enter(&pidlock);
2067c478bd9Sstevel@tonic-gate ret = p->p_task->tk_tkid;
2077c478bd9Sstevel@tonic-gate mutex_exit(&pidlock);
2087c478bd9Sstevel@tonic-gate return (ret);
2097c478bd9Sstevel@tonic-gate }
2107c478bd9Sstevel@tonic-gate
2117c478bd9Sstevel@tonic-gate /*
2127c478bd9Sstevel@tonic-gate * projid_t tasksys_getprojid(void);
2137c478bd9Sstevel@tonic-gate *
2147c478bd9Sstevel@tonic-gate * Overview
2157c478bd9Sstevel@tonic-gate * Return the current project ID for this process.
2167c478bd9Sstevel@tonic-gate *
2177c478bd9Sstevel@tonic-gate * Return value
2187c478bd9Sstevel@tonic-gate * The ID for the project to which the current process belongs.
2197c478bd9Sstevel@tonic-gate */
2207c478bd9Sstevel@tonic-gate static long
tasksys_getprojid()2217c478bd9Sstevel@tonic-gate tasksys_getprojid()
2227c478bd9Sstevel@tonic-gate {
2237c478bd9Sstevel@tonic-gate long ret;
2247c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread);
2257c478bd9Sstevel@tonic-gate
2267c478bd9Sstevel@tonic-gate mutex_enter(&pidlock);
2277c478bd9Sstevel@tonic-gate ret = p->p_task->tk_proj->kpj_id;
2287c478bd9Sstevel@tonic-gate mutex_exit(&pidlock);
2297c478bd9Sstevel@tonic-gate return (ret);
2307c478bd9Sstevel@tonic-gate }
2317c478bd9Sstevel@tonic-gate
2327c478bd9Sstevel@tonic-gate static int
tasksys_projlist_cb(kproject_t * kp,void * buf)2337c478bd9Sstevel@tonic-gate tasksys_projlist_cb(kproject_t *kp, void *buf)
2347c478bd9Sstevel@tonic-gate {
2357c478bd9Sstevel@tonic-gate projlist_walk_t *pw = (projlist_walk_t *)buf;
2367c478bd9Sstevel@tonic-gate
2377c478bd9Sstevel@tonic-gate if (pw && pw->pw_bufsz >= sizeof (projid_t)) {
2387c478bd9Sstevel@tonic-gate *pw->pw_buf = kp->kpj_id;
2397c478bd9Sstevel@tonic-gate pw->pw_buf++;
2407c478bd9Sstevel@tonic-gate pw->pw_bufsz -= sizeof (projid_t);
2417c478bd9Sstevel@tonic-gate }
2427c478bd9Sstevel@tonic-gate
2437c478bd9Sstevel@tonic-gate return (0);
2447c478bd9Sstevel@tonic-gate }
2457c478bd9Sstevel@tonic-gate
2467c478bd9Sstevel@tonic-gate /*
2477c478bd9Sstevel@tonic-gate * long tasksys_projlist(void *buf, size_t bufsz)
2487c478bd9Sstevel@tonic-gate *
2497c478bd9Sstevel@tonic-gate * Overview
2507c478bd9Sstevel@tonic-gate * Return a buffer containing the project IDs of all currently active projects
2517c478bd9Sstevel@tonic-gate * in the current zone.
2527c478bd9Sstevel@tonic-gate *
2537c478bd9Sstevel@tonic-gate * Return values
2547c478bd9Sstevel@tonic-gate * The minimum size of a buffer sufficiently large to contain all of the
2557c478bd9Sstevel@tonic-gate * active project IDs, or -1 if an error occurs during copyout.
2567c478bd9Sstevel@tonic-gate */
2577c478bd9Sstevel@tonic-gate static long
tasksys_projlist(void * buf,size_t bufsz)2587c478bd9Sstevel@tonic-gate tasksys_projlist(void *buf, size_t bufsz)
2597c478bd9Sstevel@tonic-gate {
2607c478bd9Sstevel@tonic-gate long ret = 0;
2617c478bd9Sstevel@tonic-gate projlist_walk_t pw;
2627c478bd9Sstevel@tonic-gate void *kbuf;
2637c478bd9Sstevel@tonic-gate
2647c478bd9Sstevel@tonic-gate if (buf == NULL || bufsz == 0)
2657c478bd9Sstevel@tonic-gate return (project_walk_all(getzoneid(), tasksys_projlist_cb,
2667c478bd9Sstevel@tonic-gate NULL));
2677c478bd9Sstevel@tonic-gate
2687c478bd9Sstevel@tonic-gate if (bufsz > MAX_PROJLIST_BUFSIZE)
2697c478bd9Sstevel@tonic-gate return (set_errno(ENOMEM));
2707c478bd9Sstevel@tonic-gate
2717c478bd9Sstevel@tonic-gate kbuf = pw.pw_buf = kmem_zalloc(bufsz, KM_SLEEP);
2727c478bd9Sstevel@tonic-gate pw.pw_bufsz = bufsz;
2737c478bd9Sstevel@tonic-gate
2747c478bd9Sstevel@tonic-gate ret = project_walk_all(getzoneid(), tasksys_projlist_cb, &pw);
2757c478bd9Sstevel@tonic-gate
2767c478bd9Sstevel@tonic-gate if (copyout(kbuf, buf, bufsz) == -1)
2777c478bd9Sstevel@tonic-gate ret = set_errno(EFAULT);
2787c478bd9Sstevel@tonic-gate
2797c478bd9Sstevel@tonic-gate kmem_free(kbuf, bufsz);
2807c478bd9Sstevel@tonic-gate return (ret);
2817c478bd9Sstevel@tonic-gate }
2827c478bd9Sstevel@tonic-gate
2837c478bd9Sstevel@tonic-gate long
tasksys(int code,projid_t projid,uint_t flags,void * projidbuf,size_t pbufsz)2847c478bd9Sstevel@tonic-gate tasksys(int code, projid_t projid, uint_t flags, void *projidbuf, size_t pbufsz)
2857c478bd9Sstevel@tonic-gate {
2867c478bd9Sstevel@tonic-gate switch (code) {
2877c478bd9Sstevel@tonic-gate case 0:
2887c478bd9Sstevel@tonic-gate return (tasksys_settaskid(projid, flags));
2897c478bd9Sstevel@tonic-gate case 1:
2907c478bd9Sstevel@tonic-gate return (tasksys_gettaskid());
2917c478bd9Sstevel@tonic-gate case 2:
2927c478bd9Sstevel@tonic-gate return (tasksys_getprojid());
2937c478bd9Sstevel@tonic-gate case 3:
2947c478bd9Sstevel@tonic-gate return (tasksys_projlist(projidbuf, pbufsz));
2957c478bd9Sstevel@tonic-gate default:
2967c478bd9Sstevel@tonic-gate return (set_errno(EINVAL));
2977c478bd9Sstevel@tonic-gate }
2987c478bd9Sstevel@tonic-gate }
299