17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5c6939658Ssl108498 * Common Development and Distribution License (the "License"). 6c6939658Ssl108498 * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*c1a9a9c3Skrishna * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 277c478bd9Sstevel@tonic-gate 280209230bSgjelinek 297c478bd9Sstevel@tonic-gate /* 307c478bd9Sstevel@tonic-gate * System calls for creating and inquiring about tasks and projects 317c478bd9Sstevel@tonic-gate */ 327c478bd9Sstevel@tonic-gate 337c478bd9Sstevel@tonic-gate #include <sys/param.h> 347c478bd9Sstevel@tonic-gate #include <sys/types.h> 357c478bd9Sstevel@tonic-gate #include <sys/errno.h> 367c478bd9Sstevel@tonic-gate #include <sys/thread.h> 377c478bd9Sstevel@tonic-gate #include <sys/proc.h> 387c478bd9Sstevel@tonic-gate #include <sys/task.h> 397c478bd9Sstevel@tonic-gate #include <sys/systm.h> 407c478bd9Sstevel@tonic-gate #include <sys/project.h> 417c478bd9Sstevel@tonic-gate #include <sys/cpuvar.h> 427c478bd9Sstevel@tonic-gate #include <sys/policy.h> 437c478bd9Sstevel@tonic-gate #include <sys/zone.h> 44c6939658Ssl108498 #include <sys/rctl.h> 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate /* 477c478bd9Sstevel@tonic-gate * Limit projlist to 256k projects. 487c478bd9Sstevel@tonic-gate */ 497c478bd9Sstevel@tonic-gate #define MAX_PROJLIST_BUFSIZE 1048576 507c478bd9Sstevel@tonic-gate 517c478bd9Sstevel@tonic-gate typedef struct projlist_walk { 527c478bd9Sstevel@tonic-gate projid_t *pw_buf; 537c478bd9Sstevel@tonic-gate size_t pw_bufsz; 547c478bd9Sstevel@tonic-gate } projlist_walk_t; 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate /* 577c478bd9Sstevel@tonic-gate * taskid_t tasksys_settaskid(projid_t projid, uint_t flags); 587c478bd9Sstevel@tonic-gate * 597c478bd9Sstevel@tonic-gate * Overview 607c478bd9Sstevel@tonic-gate * Place the calling process in a new task if sufficiently privileged. If the 617c478bd9Sstevel@tonic-gate * present task is finalized, the process may not create a new task. 627c478bd9Sstevel@tonic-gate * 637c478bd9Sstevel@tonic-gate * Return values 647c478bd9Sstevel@tonic-gate * 0 on success, errno on failure. 657c478bd9Sstevel@tonic-gate */ 667c478bd9Sstevel@tonic-gate static long 677c478bd9Sstevel@tonic-gate tasksys_settaskid(projid_t projid, uint_t flags) 687c478bd9Sstevel@tonic-gate { 697c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread); 707c478bd9Sstevel@tonic-gate kproject_t *oldpj; 717c478bd9Sstevel@tonic-gate kproject_t *kpj; 727c478bd9Sstevel@tonic-gate task_t *tk, *oldtk; 737c478bd9Sstevel@tonic-gate rctl_entity_p_t e; 747c478bd9Sstevel@tonic-gate zone_t *zone; 757c478bd9Sstevel@tonic-gate int rctlfail = 0; 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate if (secpolicy_tasksys(CRED()) != 0) 787c478bd9Sstevel@tonic-gate return (set_errno(EPERM)); 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate if (projid < 0 || projid > MAXPROJID) 817c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 827c478bd9Sstevel@tonic-gate 837c478bd9Sstevel@tonic-gate if (flags & ~TASK_FINAL) 847c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 877c478bd9Sstevel@tonic-gate if (p->p_task->tk_flags & TASK_FINAL) { 887c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 897c478bd9Sstevel@tonic-gate return (set_errno(EACCES)); 907c478bd9Sstevel@tonic-gate } 917c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate /* 947c478bd9Sstevel@tonic-gate * Try to stop all other lwps in the process while we're changing 957c478bd9Sstevel@tonic-gate * our project. This way, curthread doesn't need to grab its own 967c478bd9Sstevel@tonic-gate * thread_lock to find its project ID (see curprojid()). If this 977c478bd9Sstevel@tonic-gate * is the /proc agent lwp, we know that the other lwps are already 987c478bd9Sstevel@tonic-gate * held. If we failed to hold all lwps, bail out and return EINTR. 997c478bd9Sstevel@tonic-gate */ 1007c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp && !holdlwps(SHOLDFORK1)) 1017c478bd9Sstevel@tonic-gate return (set_errno(EINTR)); 1027c478bd9Sstevel@tonic-gate /* 1037c478bd9Sstevel@tonic-gate * Put a hold on our new project and make sure that nobody is 1047c478bd9Sstevel@tonic-gate * trying to bind it to a pool while we're joining. 1057c478bd9Sstevel@tonic-gate */ 1060209230bSgjelinek kpj = project_hold_by_id(projid, p->p_zone, PROJECT_HOLD_INSERT); 1077c478bd9Sstevel@tonic-gate e.rcep_p.proj = kpj; 1087c478bd9Sstevel@tonic-gate e.rcep_t = RCENTITY_PROJECT; 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate mutex_enter(&p->p_lock); 1117c478bd9Sstevel@tonic-gate oldpj = p->p_task->tk_proj; 1127c478bd9Sstevel@tonic-gate zone = p->p_zone; 1137c478bd9Sstevel@tonic-gate 1147c478bd9Sstevel@tonic-gate mutex_enter(&zone->zone_nlwps_lock); 1150209230bSgjelinek mutex_enter(&zone->zone_mem_lock); 1167c478bd9Sstevel@tonic-gate 1177c478bd9Sstevel@tonic-gate if (kpj->kpj_nlwps + p->p_lwpcnt > kpj->kpj_nlwps_ctl) 1187c478bd9Sstevel@tonic-gate if (rctl_test_entity(rc_project_nlwps, kpj->kpj_rctls, p, &e, 1197c478bd9Sstevel@tonic-gate p->p_lwpcnt, 0) & RCT_DENY) 1207c478bd9Sstevel@tonic-gate rctlfail = 1; 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate if (kpj->kpj_ntasks + 1 > kpj->kpj_ntasks_ctl) 1237c478bd9Sstevel@tonic-gate if (rctl_test_entity(rc_project_ntasks, kpj->kpj_rctls, p, &e, 1247c478bd9Sstevel@tonic-gate 1, 0) & RCT_DENY) 1257c478bd9Sstevel@tonic-gate rctlfail = 1; 1267c478bd9Sstevel@tonic-gate 127*c1a9a9c3Skrishna if (kpj->kpj_data.kpd_locked_mem + p->p_locked_mem > 128*c1a9a9c3Skrishna kpj->kpj_data.kpd_locked_mem_ctl) 129c6939658Ssl108498 if (rctl_test_entity(rc_project_locked_mem, kpj->kpj_rctls, p, 130c6939658Ssl108498 &e, p->p_locked_mem, 0) & RCT_DENY) 131c6939658Ssl108498 rctlfail = 1; 132c6939658Ssl108498 133*c1a9a9c3Skrishna mutex_enter(&(kpj->kpj_data.kpd_crypto_lock)); 134*c1a9a9c3Skrishna if (kpj->kpj_data.kpd_crypto_mem + p->p_crypto_mem > 135*c1a9a9c3Skrishna kpj->kpj_data.kpd_crypto_mem_ctl) 136*c1a9a9c3Skrishna if (rctl_test_entity(rc_project_crypto_mem, kpj->kpj_rctls, p, 137*c1a9a9c3Skrishna &e, p->p_crypto_mem, 0) & RCT_DENY) 138*c1a9a9c3Skrishna rctlfail = 1; 139*c1a9a9c3Skrishna 1407c478bd9Sstevel@tonic-gate if (rctlfail) { 141*c1a9a9c3Skrishna mutex_exit(&(kpj->kpj_data.kpd_crypto_lock)); 1420209230bSgjelinek mutex_exit(&zone->zone_mem_lock); 1437c478bd9Sstevel@tonic-gate mutex_exit(&zone->zone_nlwps_lock); 1447c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp) 1457c478bd9Sstevel@tonic-gate continuelwps(p); 1467c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1477c478bd9Sstevel@tonic-gate return (set_errno(EAGAIN)); 1487c478bd9Sstevel@tonic-gate } 149*c1a9a9c3Skrishna kpj->kpj_data.kpd_crypto_mem += p->p_crypto_mem; 150*c1a9a9c3Skrishna mutex_exit(&(kpj->kpj_data.kpd_crypto_lock)); 151c6939658Ssl108498 kpj->kpj_data.kpd_locked_mem += p->p_locked_mem; 1527c478bd9Sstevel@tonic-gate kpj->kpj_nlwps += p->p_lwpcnt; 1537c478bd9Sstevel@tonic-gate kpj->kpj_ntasks++; 1547c478bd9Sstevel@tonic-gate 155c6939658Ssl108498 oldpj->kpj_data.kpd_locked_mem -= p->p_locked_mem; 156*c1a9a9c3Skrishna mutex_enter(&(oldpj->kpj_data.kpd_crypto_lock)); 157*c1a9a9c3Skrishna oldpj->kpj_data.kpd_crypto_mem -= p->p_crypto_mem; 158*c1a9a9c3Skrishna mutex_exit(&(oldpj->kpj_data.kpd_crypto_lock)); 1597c478bd9Sstevel@tonic-gate oldpj->kpj_nlwps -= p->p_lwpcnt; 1607c478bd9Sstevel@tonic-gate 1610209230bSgjelinek mutex_exit(&zone->zone_mem_lock); 1627c478bd9Sstevel@tonic-gate mutex_exit(&zone->zone_nlwps_lock); 1637c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1647c478bd9Sstevel@tonic-gate 1657c478bd9Sstevel@tonic-gate mutex_enter(&kpj->kpj_poolbind); 1667c478bd9Sstevel@tonic-gate tk = task_create(projid, curproc->p_zone); 1677c478bd9Sstevel@tonic-gate mutex_enter(&cpu_lock); 1687c478bd9Sstevel@tonic-gate /* 1697c478bd9Sstevel@tonic-gate * Returns with p_lock held. 1707c478bd9Sstevel@tonic-gate */ 1717c478bd9Sstevel@tonic-gate oldtk = task_join(tk, flags); 1727c478bd9Sstevel@tonic-gate if (curthread != p->p_agenttp) 1737c478bd9Sstevel@tonic-gate continuelwps(p); 1747c478bd9Sstevel@tonic-gate mutex_exit(&p->p_lock); 1757c478bd9Sstevel@tonic-gate mutex_exit(&cpu_lock); 1767c478bd9Sstevel@tonic-gate mutex_exit(&kpj->kpj_poolbind); 1777c478bd9Sstevel@tonic-gate task_rele(oldtk); 1787c478bd9Sstevel@tonic-gate project_rele(kpj); 1797c478bd9Sstevel@tonic-gate return (tk->tk_tkid); 1807c478bd9Sstevel@tonic-gate } 1817c478bd9Sstevel@tonic-gate 1827c478bd9Sstevel@tonic-gate /* 1837c478bd9Sstevel@tonic-gate * taskid_t tasksys_gettaskid(void); 1847c478bd9Sstevel@tonic-gate * 1857c478bd9Sstevel@tonic-gate * Overview 1867c478bd9Sstevel@tonic-gate * Return the current task ID for this process. 1877c478bd9Sstevel@tonic-gate * 1887c478bd9Sstevel@tonic-gate * Return value 1897c478bd9Sstevel@tonic-gate * The ID for the task to which the current process belongs. 1907c478bd9Sstevel@tonic-gate */ 1917c478bd9Sstevel@tonic-gate static long 1927c478bd9Sstevel@tonic-gate tasksys_gettaskid() 1937c478bd9Sstevel@tonic-gate { 1947c478bd9Sstevel@tonic-gate long ret; 1957c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread); 1967c478bd9Sstevel@tonic-gate 1977c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 1987c478bd9Sstevel@tonic-gate ret = p->p_task->tk_tkid; 1997c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 2007c478bd9Sstevel@tonic-gate return (ret); 2017c478bd9Sstevel@tonic-gate } 2027c478bd9Sstevel@tonic-gate 2037c478bd9Sstevel@tonic-gate /* 2047c478bd9Sstevel@tonic-gate * projid_t tasksys_getprojid(void); 2057c478bd9Sstevel@tonic-gate * 2067c478bd9Sstevel@tonic-gate * Overview 2077c478bd9Sstevel@tonic-gate * Return the current project ID for this process. 2087c478bd9Sstevel@tonic-gate * 2097c478bd9Sstevel@tonic-gate * Return value 2107c478bd9Sstevel@tonic-gate * The ID for the project to which the current process belongs. 2117c478bd9Sstevel@tonic-gate */ 2127c478bd9Sstevel@tonic-gate static long 2137c478bd9Sstevel@tonic-gate tasksys_getprojid() 2147c478bd9Sstevel@tonic-gate { 2157c478bd9Sstevel@tonic-gate long ret; 2167c478bd9Sstevel@tonic-gate proc_t *p = ttoproc(curthread); 2177c478bd9Sstevel@tonic-gate 2187c478bd9Sstevel@tonic-gate mutex_enter(&pidlock); 2197c478bd9Sstevel@tonic-gate ret = p->p_task->tk_proj->kpj_id; 2207c478bd9Sstevel@tonic-gate mutex_exit(&pidlock); 2217c478bd9Sstevel@tonic-gate return (ret); 2227c478bd9Sstevel@tonic-gate } 2237c478bd9Sstevel@tonic-gate 2247c478bd9Sstevel@tonic-gate static int 2257c478bd9Sstevel@tonic-gate tasksys_projlist_cb(kproject_t *kp, void *buf) 2267c478bd9Sstevel@tonic-gate { 2277c478bd9Sstevel@tonic-gate projlist_walk_t *pw = (projlist_walk_t *)buf; 2287c478bd9Sstevel@tonic-gate 2297c478bd9Sstevel@tonic-gate if (pw && pw->pw_bufsz >= sizeof (projid_t)) { 2307c478bd9Sstevel@tonic-gate *pw->pw_buf = kp->kpj_id; 2317c478bd9Sstevel@tonic-gate pw->pw_buf++; 2327c478bd9Sstevel@tonic-gate pw->pw_bufsz -= sizeof (projid_t); 2337c478bd9Sstevel@tonic-gate } 2347c478bd9Sstevel@tonic-gate 2357c478bd9Sstevel@tonic-gate return (0); 2367c478bd9Sstevel@tonic-gate } 2377c478bd9Sstevel@tonic-gate 2387c478bd9Sstevel@tonic-gate /* 2397c478bd9Sstevel@tonic-gate * long tasksys_projlist(void *buf, size_t bufsz) 2407c478bd9Sstevel@tonic-gate * 2417c478bd9Sstevel@tonic-gate * Overview 2427c478bd9Sstevel@tonic-gate * Return a buffer containing the project IDs of all currently active projects 2437c478bd9Sstevel@tonic-gate * in the current zone. 2447c478bd9Sstevel@tonic-gate * 2457c478bd9Sstevel@tonic-gate * Return values 2467c478bd9Sstevel@tonic-gate * The minimum size of a buffer sufficiently large to contain all of the 2477c478bd9Sstevel@tonic-gate * active project IDs, or -1 if an error occurs during copyout. 2487c478bd9Sstevel@tonic-gate */ 2497c478bd9Sstevel@tonic-gate static long 2507c478bd9Sstevel@tonic-gate tasksys_projlist(void *buf, size_t bufsz) 2517c478bd9Sstevel@tonic-gate { 2527c478bd9Sstevel@tonic-gate long ret = 0; 2537c478bd9Sstevel@tonic-gate projlist_walk_t pw; 2547c478bd9Sstevel@tonic-gate void *kbuf; 2557c478bd9Sstevel@tonic-gate 2567c478bd9Sstevel@tonic-gate if (buf == NULL || bufsz == 0) 2577c478bd9Sstevel@tonic-gate return (project_walk_all(getzoneid(), tasksys_projlist_cb, 2587c478bd9Sstevel@tonic-gate NULL)); 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate if (bufsz > MAX_PROJLIST_BUFSIZE) 2617c478bd9Sstevel@tonic-gate return (set_errno(ENOMEM)); 2627c478bd9Sstevel@tonic-gate 2637c478bd9Sstevel@tonic-gate kbuf = pw.pw_buf = kmem_zalloc(bufsz, KM_SLEEP); 2647c478bd9Sstevel@tonic-gate pw.pw_bufsz = bufsz; 2657c478bd9Sstevel@tonic-gate 2667c478bd9Sstevel@tonic-gate ret = project_walk_all(getzoneid(), tasksys_projlist_cb, &pw); 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate if (copyout(kbuf, buf, bufsz) == -1) 2697c478bd9Sstevel@tonic-gate ret = set_errno(EFAULT); 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate kmem_free(kbuf, bufsz); 2727c478bd9Sstevel@tonic-gate return (ret); 2737c478bd9Sstevel@tonic-gate } 2747c478bd9Sstevel@tonic-gate 2757c478bd9Sstevel@tonic-gate long 2767c478bd9Sstevel@tonic-gate tasksys(int code, projid_t projid, uint_t flags, void *projidbuf, size_t pbufsz) 2777c478bd9Sstevel@tonic-gate { 2787c478bd9Sstevel@tonic-gate switch (code) { 2797c478bd9Sstevel@tonic-gate case 0: 2807c478bd9Sstevel@tonic-gate return (tasksys_settaskid(projid, flags)); 2817c478bd9Sstevel@tonic-gate case 1: 2827c478bd9Sstevel@tonic-gate return (tasksys_gettaskid()); 2837c478bd9Sstevel@tonic-gate case 2: 2847c478bd9Sstevel@tonic-gate return (tasksys_getprojid()); 2857c478bd9Sstevel@tonic-gate case 3: 2867c478bd9Sstevel@tonic-gate return (tasksys_projlist(projidbuf, pbufsz)); 2877c478bd9Sstevel@tonic-gate default: 2887c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 2897c478bd9Sstevel@tonic-gate } 2907c478bd9Sstevel@tonic-gate } 291