17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5c6939658Ssl108498 * Common Development and Distribution License (the "License"). 6c6939658Ssl108498 * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22ff19e029SMenno Lageman * Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved. 237c478bd9Sstevel@tonic-gate */ 247c478bd9Sstevel@tonic-gate 25*74bf7296SBryan Cantrill /* 26*74bf7296SBryan Cantrill * Copyright (c) 2013, Joyent, Inc. All rights reserved. 27*74bf7296SBryan Cantrill */ 280209230bSgjelinek 297c478bd9Sstevel@tonic-gate /* 307c478bd9Sstevel@tonic-gate * System calls for creating and inquiring about tasks and projects 317c478bd9Sstevel@tonic-gate */ 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate #include <sys/param.h> 347c478bd9Sstevel@tonic-gate #include <sys/types.h> 357c478bd9Sstevel@tonic-gate #include <sys/errno.h> 367c478bd9Sstevel@tonic-gate #include <sys/thread.h> 377c478bd9Sstevel@tonic-gate #include <sys/proc.h> 387c478bd9Sstevel@tonic-gate #include <sys/task.h> 397c478bd9Sstevel@tonic-gate #include <sys/systm.h> 407c478bd9Sstevel@tonic-gate #include <sys/project.h> 417c478bd9Sstevel@tonic-gate #include <sys/cpuvar.h> 427c478bd9Sstevel@tonic-gate #include <sys/policy.h> 437c478bd9Sstevel@tonic-gate #include <sys/zone.h> 44c6939658Ssl108498 #include <sys/rctl.h> 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate /* 477c478bd9Sstevel@tonic-gate * Limit projlist to 256k projects. 487c478bd9Sstevel@tonic-gate */ 497c478bd9Sstevel@tonic-gate #define MAX_PROJLIST_BUFSIZE 1048576 507c478bd9Sstevel@tonic-gate 517c478bd9Sstevel@tonic-gate typedef struct projlist_walk { 527c478bd9Sstevel@tonic-gate projid_t *pw_buf; 537c478bd9Sstevel@tonic-gate size_t pw_bufsz; 547c478bd9Sstevel@tonic-gate } projlist_walk_t; 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate /* 577c478bd9Sstevel@tonic-gate * taskid_t tasksys_settaskid(projid_t projid, uint_t flags); 587c478bd9Sstevel@tonic-gate * 597c478bd9Sstevel@tonic-gate * Overview 607c478bd9Sstevel@tonic-gate * Place the calling process in a new task if sufficiently privileged. If the 617c478bd9Sstevel@tonic-gate * present task is finalized, the process may not create a new task. 627c478bd9Sstevel@tonic-gate * 637c478bd9Sstevel@tonic-gate * Return values 647c478bd9Sstevel@tonic-gate * 0 on success, errno on failure. 657c478bd9Sstevel@tonic-gate */ 667c478bd9Sstevel@tonic-gate static long 677c478bd9Sstevel@tonic-gate tasksys_settaskid(projid_t projid, uint_t flags) 687c478bd9Sstevel@tonic-gate { 697c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread); 707c478bd9Sstevel@tonic-gate kproject_t *oldpj; 717c478bd9Sstevel@tonic-gate kproject_t *kpj; 727c478bd9Sstevel@tonic-gate task_t *tk, *oldtk; 737c478bd9Sstevel@tonic-gate rctl_entity_p_t e; 747c478bd9Sstevel@tonic-gate zone_t *zone; 757c478bd9Sstevel@tonic-gate int rctlfail = 0; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate if (secpolicy_tasksys(CRED()) != 0) 787c478bd9Sstevel@tonic-gate return (set_errno(EPERM)); 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate if (projid < 0 || projid > MAXPROJID) 817c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 827c478bd9Sstevel@tonic-gate 837c478bd9Sstevel@tonic-gate if (flags & ~TASK_FINAL) 847c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 877c478bd9Sstevel@tonic-gate if (p->p_task->tk_flags & TASK_FINAL) { 887c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 897c478bd9Sstevel@tonic-gate return (set_errno(EACCES)); 907c478bd9Sstevel@tonic-gate } 917c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate /* 947c478bd9Sstevel@tonic-gate * Try to stop all other lwps in the process while we're changing 957c478bd9Sstevel@tonic-gate * our project. This way, curthread doesn't need to grab its own 967c478bd9Sstevel@tonic-gate * thread_lock to find its project ID (see curprojid()). If this 977c478bd9Sstevel@tonic-gate * is the /proc agent lwp, we know that the other lwps are already 987c478bd9Sstevel@tonic-gate * held. If we failed to hold all lwps, bail out and return EINTR. 997c478bd9Sstevel@tonic-gate */ 1007c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp && !holdlwps(SHOLDFORK1)) 1017c478bd9Sstevel@tonic-gate return (set_errno(EINTR)); 1027c478bd9Sstevel@tonic-gate /* 1037c478bd9Sstevel@tonic-gate * Put a hold on our new project and make sure that nobody is 1047c478bd9Sstevel@tonic-gate * trying to bind it to a pool while we're joining. 1057c478bd9Sstevel@tonic-gate */ 1060209230bSgjelinek kpj = project_hold_by_id(projid, p->p_zone, PROJECT_HOLD_INSERT); 1077c478bd9Sstevel@tonic-gate e.rcep_p.proj = kpj; 1087c478bd9Sstevel@tonic-gate e.rcep_t = RCENTITY_PROJECT; 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 1117c478bd9Sstevel@tonic-gate oldpj = p->p_task->tk_proj; 1127c478bd9Sstevel@tonic-gate zone = p->p_zone; 1137c478bd9Sstevel@tonic-gate 1147c478bd9Sstevel@tonic-gate mutex_enter(&zone->zone_nlwps_lock); 1150209230bSgjelinek mutex_enter(&zone->zone_mem_lock); 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate if (kpj->kpj_nlwps + p->p_lwpcnt > kpj->kpj_nlwps_ctl) 1187c478bd9Sstevel@tonic-gate if (rctl_test_entity(rc_project_nlwps, kpj->kpj_rctls, p, &e, 1197c478bd9Sstevel@tonic-gate p->p_lwpcnt, 0) & RCT_DENY) 1207c478bd9Sstevel@tonic-gate rctlfail = 1; 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate if (kpj->kpj_ntasks + 1 > kpj->kpj_ntasks_ctl) 1237c478bd9Sstevel@tonic-gate if (rctl_test_entity(rc_project_ntasks, kpj->kpj_rctls, p, &e, 1247c478bd9Sstevel@tonic-gate 1, 0) & RCT_DENY) 1257c478bd9Sstevel@tonic-gate rctlfail = 1; 1267c478bd9Sstevel@tonic-gate 127ff19e029SMenno Lageman if (kpj != proj0p && kpj->kpj_nprocs + 1 > kpj->kpj_nprocs_ctl) 128ff19e029SMenno Lageman if (rctl_test_entity(rc_project_nprocs, kpj->kpj_rctls, p, &e, 129ff19e029SMenno Lageman 1, 0) & RCT_DENY) 130ff19e029SMenno Lageman rctlfail = 1; 131ff19e029SMenno Lageman 132c1a9a9c3Skrishna if (kpj->kpj_data.kpd_locked_mem + p->p_locked_mem > 133c1a9a9c3Skrishna kpj->kpj_data.kpd_locked_mem_ctl) 134c6939658Ssl108498 if (rctl_test_entity(rc_project_locked_mem, kpj->kpj_rctls, p, 135c6939658Ssl108498 &e, p->p_locked_mem, 0) & RCT_DENY) 136c6939658Ssl108498 rctlfail = 1; 137c6939658Ssl108498 138c1a9a9c3Skrishna mutex_enter(&(kpj->kpj_data.kpd_crypto_lock)); 139c1a9a9c3Skrishna if (kpj->kpj_data.kpd_crypto_mem + p->p_crypto_mem > 140c1a9a9c3Skrishna kpj->kpj_data.kpd_crypto_mem_ctl) 141c1a9a9c3Skrishna if (rctl_test_entity(rc_project_crypto_mem, kpj->kpj_rctls, p, 142c1a9a9c3Skrishna &e, p->p_crypto_mem, 0) & RCT_DENY) 143c1a9a9c3Skrishna rctlfail = 1; 144c1a9a9c3Skrishna 1457c478bd9Sstevel@tonic-gate if (rctlfail) { 146c1a9a9c3Skrishna mutex_exit(&(kpj->kpj_data.kpd_crypto_lock)); 1470209230bSgjelinek mutex_exit(&zone->zone_mem_lock); 1487c478bd9Sstevel@tonic-gate mutex_exit(&zone->zone_nlwps_lock); 1497c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp) 1507c478bd9Sstevel@tonic-gate continuelwps(p); 1517c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 152*74bf7296SBryan Cantrill project_rele(kpj); 1537c478bd9Sstevel@tonic-gate return (set_errno(EAGAIN)); 1547c478bd9Sstevel@tonic-gate } 155c1a9a9c3Skrishna kpj->kpj_data.kpd_crypto_mem += p->p_crypto_mem; 156c1a9a9c3Skrishna mutex_exit(&(kpj->kpj_data.kpd_crypto_lock)); 157c6939658Ssl108498 kpj->kpj_data.kpd_locked_mem += p->p_locked_mem; 1587c478bd9Sstevel@tonic-gate kpj->kpj_nlwps += p->p_lwpcnt; 1597c478bd9Sstevel@tonic-gate kpj->kpj_ntasks++; 160ff19e029SMenno Lageman kpj->kpj_nprocs++; 1617c478bd9Sstevel@tonic-gate 162c6939658Ssl108498 oldpj->kpj_data.kpd_locked_mem -= p->p_locked_mem; 163c1a9a9c3Skrishna mutex_enter(&(oldpj->kpj_data.kpd_crypto_lock)); 164c1a9a9c3Skrishna oldpj->kpj_data.kpd_crypto_mem -= p->p_crypto_mem; 165c1a9a9c3Skrishna mutex_exit(&(oldpj->kpj_data.kpd_crypto_lock)); 1667c478bd9Sstevel@tonic-gate oldpj->kpj_nlwps -= p->p_lwpcnt; 167ff19e029SMenno Lageman oldpj->kpj_nprocs--; 1687c478bd9Sstevel@tonic-gate 1690209230bSgjelinek mutex_exit(&zone->zone_mem_lock); 1707c478bd9Sstevel@tonic-gate mutex_exit(&zone->zone_nlwps_lock); 1717c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1727c478bd9Sstevel@tonic-gate 1737c478bd9Sstevel@tonic-gate mutex_enter(&kpj->kpj_poolbind); 1747c478bd9Sstevel@tonic-gate tk = task_create(projid, curproc->p_zone); 1757c478bd9Sstevel@tonic-gate mutex_enter(&cpu_lock); 1767c478bd9Sstevel@tonic-gate /* 1777c478bd9Sstevel@tonic-gate * Returns with p_lock held. 1787c478bd9Sstevel@tonic-gate */ 1797c478bd9Sstevel@tonic-gate oldtk = task_join(tk, flags); 1807c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp) 1817c478bd9Sstevel@tonic-gate continuelwps(p); 1827c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1837c478bd9Sstevel@tonic-gate mutex_exit(&cpu_lock); 1847c478bd9Sstevel@tonic-gate mutex_exit(&kpj->kpj_poolbind); 1857c478bd9Sstevel@tonic-gate task_rele(oldtk); 1867c478bd9Sstevel@tonic-gate project_rele(kpj); 1877c478bd9Sstevel@tonic-gate return (tk->tk_tkid); 1887c478bd9Sstevel@tonic-gate } 1897c478bd9Sstevel@tonic-gate 1907c478bd9Sstevel@tonic-gate /* 1917c478bd9Sstevel@tonic-gate * taskid_t tasksys_gettaskid(void); 1927c478bd9Sstevel@tonic-gate * 1937c478bd9Sstevel@tonic-gate * Overview 1947c478bd9Sstevel@tonic-gate * Return the current task ID for this process. 1957c478bd9Sstevel@tonic-gate * 1967c478bd9Sstevel@tonic-gate * Return value 1977c478bd9Sstevel@tonic-gate * The ID for the task to which the current process belongs. 1987c478bd9Sstevel@tonic-gate */ 1997c478bd9Sstevel@tonic-gate static long 2007c478bd9Sstevel@tonic-gate tasksys_gettaskid() 2017c478bd9Sstevel@tonic-gate { 2027c478bd9Sstevel@tonic-gate long ret; 2037c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread); 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 2067c478bd9Sstevel@tonic-gate ret = p->p_task->tk_tkid; 2077c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 2087c478bd9Sstevel@tonic-gate return (ret); 2097c478bd9Sstevel@tonic-gate } 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate /* 2127c478bd9Sstevel@tonic-gate * projid_t tasksys_getprojid(void); 2137c478bd9Sstevel@tonic-gate * 2147c478bd9Sstevel@tonic-gate * Overview 2157c478bd9Sstevel@tonic-gate * Return the current project ID for this process. 2167c478bd9Sstevel@tonic-gate * 2177c478bd9Sstevel@tonic-gate * Return value 2187c478bd9Sstevel@tonic-gate * The ID for the project to which the current process belongs. 2197c478bd9Sstevel@tonic-gate */ 2207c478bd9Sstevel@tonic-gate static long 2217c478bd9Sstevel@tonic-gate tasksys_getprojid() 2227c478bd9Sstevel@tonic-gate { 2237c478bd9Sstevel@tonic-gate long ret; 2247c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread); 2257c478bd9Sstevel@tonic-gate 2267c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 2277c478bd9Sstevel@tonic-gate ret = p->p_task->tk_proj->kpj_id; 2287c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 2297c478bd9Sstevel@tonic-gate return (ret); 2307c478bd9Sstevel@tonic-gate } 2317c478bd9Sstevel@tonic-gate 2327c478bd9Sstevel@tonic-gate static int 2337c478bd9Sstevel@tonic-gate tasksys_projlist_cb(kproject_t *kp, void *buf) 2347c478bd9Sstevel@tonic-gate { 2357c478bd9Sstevel@tonic-gate projlist_walk_t *pw = (projlist_walk_t *)buf; 2367c478bd9Sstevel@tonic-gate 2377c478bd9Sstevel@tonic-gate if (pw && pw->pw_bufsz >= sizeof (projid_t)) { 2387c478bd9Sstevel@tonic-gate *pw->pw_buf = kp->kpj_id; 2397c478bd9Sstevel@tonic-gate pw->pw_buf++; 2407c478bd9Sstevel@tonic-gate pw->pw_bufsz -= sizeof (projid_t); 2417c478bd9Sstevel@tonic-gate } 2427c478bd9Sstevel@tonic-gate 2437c478bd9Sstevel@tonic-gate return (0); 2447c478bd9Sstevel@tonic-gate } 2457c478bd9Sstevel@tonic-gate 2467c478bd9Sstevel@tonic-gate /* 2477c478bd9Sstevel@tonic-gate * long tasksys_projlist(void *buf, size_t bufsz) 2487c478bd9Sstevel@tonic-gate * 2497c478bd9Sstevel@tonic-gate * Overview 2507c478bd9Sstevel@tonic-gate * Return a buffer containing the project IDs of all currently active projects 2517c478bd9Sstevel@tonic-gate * in the current zone. 2527c478bd9Sstevel@tonic-gate * 2537c478bd9Sstevel@tonic-gate * Return values 2547c478bd9Sstevel@tonic-gate * The minimum size of a buffer sufficiently large to contain all of the 2557c478bd9Sstevel@tonic-gate * active project IDs, or -1 if an error occurs during copyout. 2567c478bd9Sstevel@tonic-gate */ 2577c478bd9Sstevel@tonic-gate static long 2587c478bd9Sstevel@tonic-gate tasksys_projlist(void *buf, size_t bufsz) 2597c478bd9Sstevel@tonic-gate { 2607c478bd9Sstevel@tonic-gate long ret = 0; 2617c478bd9Sstevel@tonic-gate projlist_walk_t pw; 2627c478bd9Sstevel@tonic-gate void *kbuf; 2637c478bd9Sstevel@tonic-gate 2647c478bd9Sstevel@tonic-gate if (buf == NULL || bufsz == 0) 2657c478bd9Sstevel@tonic-gate return (project_walk_all(getzoneid(), tasksys_projlist_cb, 2667c478bd9Sstevel@tonic-gate NULL)); 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate if (bufsz > MAX_PROJLIST_BUFSIZE) 2697c478bd9Sstevel@tonic-gate return (set_errno(ENOMEM)); 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate kbuf = pw.pw_buf = kmem_zalloc(bufsz, KM_SLEEP); 2727c478bd9Sstevel@tonic-gate pw.pw_bufsz = bufsz; 2737c478bd9Sstevel@tonic-gate 2747c478bd9Sstevel@tonic-gate ret = project_walk_all(getzoneid(), tasksys_projlist_cb, &pw); 2757c478bd9Sstevel@tonic-gate 2767c478bd9Sstevel@tonic-gate if (copyout(kbuf, buf, bufsz) == -1) 2777c478bd9Sstevel@tonic-gate ret = set_errno(EFAULT); 2787c478bd9Sstevel@tonic-gate 2797c478bd9Sstevel@tonic-gate kmem_free(kbuf, bufsz); 2807c478bd9Sstevel@tonic-gate return (ret); 2817c478bd9Sstevel@tonic-gate } 2827c478bd9Sstevel@tonic-gate 2837c478bd9Sstevel@tonic-gate long 2847c478bd9Sstevel@tonic-gate tasksys(int code, projid_t projid, uint_t flags, void *projidbuf, size_t pbufsz) 2857c478bd9Sstevel@tonic-gate { 2867c478bd9Sstevel@tonic-gate switch (code) { 2877c478bd9Sstevel@tonic-gate case 0: 2887c478bd9Sstevel@tonic-gate return (tasksys_settaskid(projid, flags)); 2897c478bd9Sstevel@tonic-gate case 1: 2907c478bd9Sstevel@tonic-gate return (tasksys_gettaskid()); 2917c478bd9Sstevel@tonic-gate case 2: 2927c478bd9Sstevel@tonic-gate return (tasksys_getprojid()); 2937c478bd9Sstevel@tonic-gate case 3: 2947c478bd9Sstevel@tonic-gate return (tasksys_projlist(projidbuf, pbufsz)); 2957c478bd9Sstevel@tonic-gate default: 2967c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 2977c478bd9Sstevel@tonic-gate } 2987c478bd9Sstevel@tonic-gate } 299