17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5da6c28aaSamw * Common Development and Distribution License (the "License"). 6da6c28aaSamw * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 226b30bbc4Srh87107 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #include <sys/proc.h> 277c478bd9Sstevel@tonic-gate #include <sys/systm.h> 287c478bd9Sstevel@tonic-gate #include <sys/param.h> 297c478bd9Sstevel@tonic-gate #include <sys/kmem.h> 307c478bd9Sstevel@tonic-gate #include <sys/sysmacros.h> 317c478bd9Sstevel@tonic-gate #include <sys/types.h> 327c478bd9Sstevel@tonic-gate #include <sys/cmn_err.h> 337c478bd9Sstevel@tonic-gate #include <sys/user.h> 347c478bd9Sstevel@tonic-gate #include <sys/cred.h> 357c478bd9Sstevel@tonic-gate #include <sys/vnode.h> 367c478bd9Sstevel@tonic-gate #include <sys/file.h> 377c478bd9Sstevel@tonic-gate #include <sys/pathname.h> 387c478bd9Sstevel@tonic-gate #include <sys/modctl.h> 397c478bd9Sstevel@tonic-gate #include <sys/acctctl.h> 407c478bd9Sstevel@tonic-gate #include <sys/bitmap.h> 417c478bd9Sstevel@tonic-gate #include <sys/exacct.h> 427c478bd9Sstevel@tonic-gate #include <sys/policy.h> 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate /* 457c478bd9Sstevel@tonic-gate * acctctl(2) 467c478bd9Sstevel@tonic-gate * 477c478bd9Sstevel@tonic-gate * acctctl() provides the administrative interface to the extended accounting 487c478bd9Sstevel@tonic-gate * subsystem. The process and task accounting facilities are configurable: 497c478bd9Sstevel@tonic-gate * resources can be individually specified for recording in the appropriate 507c478bd9Sstevel@tonic-gate * accounting file. 517c478bd9Sstevel@tonic-gate * 527c478bd9Sstevel@tonic-gate * The current implementation of acctctl() requires that the process and task 537c478bd9Sstevel@tonic-gate * and flow files be distinct across all zones. 547c478bd9Sstevel@tonic-gate * 557c478bd9Sstevel@tonic-gate * Locking 567c478bd9Sstevel@tonic-gate * Each accounting species has an ac_info_t which contains a mutex, 577c478bd9Sstevel@tonic-gate * used to protect the ac_info_t's contents, and to serialize access to the 587c478bd9Sstevel@tonic-gate * appropriate file. 597c478bd9Sstevel@tonic-gate */ 607c478bd9Sstevel@tonic-gate 617c478bd9Sstevel@tonic-gate static list_t exacct_globals_list; 627c478bd9Sstevel@tonic-gate static kmutex_t exacct_globals_list_lock; 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate static int 657c478bd9Sstevel@tonic-gate ac_state_set(ac_info_t *info, void *buf, size_t bufsz) 667c478bd9Sstevel@tonic-gate { 677c478bd9Sstevel@tonic-gate int state; 687c478bd9Sstevel@tonic-gate 697c478bd9Sstevel@tonic-gate if (buf == NULL || (bufsz != sizeof (int))) 707c478bd9Sstevel@tonic-gate return (EINVAL); 717c478bd9Sstevel@tonic-gate 727c478bd9Sstevel@tonic-gate if (copyin(buf, &state, bufsz) != 0) 737c478bd9Sstevel@tonic-gate return (EFAULT); 747c478bd9Sstevel@tonic-gate 757c478bd9Sstevel@tonic-gate if (state != AC_ON && state != AC_OFF) 767c478bd9Sstevel@tonic-gate return (EINVAL); 777c478bd9Sstevel@tonic-gate 787c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 797c478bd9Sstevel@tonic-gate info->ac_state = state; 807c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 817c478bd9Sstevel@tonic-gate return (0); 827c478bd9Sstevel@tonic-gate } 837c478bd9Sstevel@tonic-gate 847c478bd9Sstevel@tonic-gate static int 857c478bd9Sstevel@tonic-gate ac_state_get(ac_info_t *info, void *buf, size_t bufsz) 867c478bd9Sstevel@tonic-gate { 877c478bd9Sstevel@tonic-gate if (buf == NULL || (bufsz != sizeof (int))) 887c478bd9Sstevel@tonic-gate return (EINVAL); 897c478bd9Sstevel@tonic-gate 907c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 917c478bd9Sstevel@tonic-gate if (copyout(&info->ac_state, buf, bufsz) != 0) { 927c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 937c478bd9Sstevel@tonic-gate return (EFAULT); 947c478bd9Sstevel@tonic-gate } 957c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 967c478bd9Sstevel@tonic-gate return (0); 977c478bd9Sstevel@tonic-gate } 987c478bd9Sstevel@tonic-gate 997c478bd9Sstevel@tonic-gate static boolean_t 1007c478bd9Sstevel@tonic-gate ac_file_in_use(vnode_t *vp) 1017c478bd9Sstevel@tonic-gate { 1027c478bd9Sstevel@tonic-gate boolean_t in_use = B_FALSE; 1037c478bd9Sstevel@tonic-gate struct exacct_globals *acg; 1047c478bd9Sstevel@tonic-gate 1057c478bd9Sstevel@tonic-gate if (vp == NULL) 1067c478bd9Sstevel@tonic-gate return (B_FALSE); 1077c478bd9Sstevel@tonic-gate mutex_enter(&exacct_globals_list_lock); 1087c478bd9Sstevel@tonic-gate /* 1097c478bd9Sstevel@tonic-gate * Start off by grabbing all locks. 1107c478bd9Sstevel@tonic-gate */ 1117c478bd9Sstevel@tonic-gate for (acg = list_head(&exacct_globals_list); acg != NULL; 1127c478bd9Sstevel@tonic-gate acg = list_next(&exacct_globals_list, acg)) { 1137c478bd9Sstevel@tonic-gate mutex_enter(&acg->ac_proc.ac_lock); 1147c478bd9Sstevel@tonic-gate mutex_enter(&acg->ac_task.ac_lock); 1157c478bd9Sstevel@tonic-gate mutex_enter(&acg->ac_flow.ac_lock); 116*da14cebeSEric Cheng mutex_enter(&acg->ac_net.ac_lock); 1177c478bd9Sstevel@tonic-gate } 1187c478bd9Sstevel@tonic-gate 1197c478bd9Sstevel@tonic-gate for (acg = list_head(&exacct_globals_list); !in_use && acg != NULL; 1207c478bd9Sstevel@tonic-gate acg = list_next(&exacct_globals_list, acg)) { 1217c478bd9Sstevel@tonic-gate /* 1227c478bd9Sstevel@tonic-gate * We need to verify that we aren't already using this file for 1237c478bd9Sstevel@tonic-gate * accounting in any zone. 1247c478bd9Sstevel@tonic-gate */ 1257c478bd9Sstevel@tonic-gate if (vn_compare(acg->ac_proc.ac_vnode, vp) || 1267c478bd9Sstevel@tonic-gate vn_compare(acg->ac_task.ac_vnode, vp) || 127*da14cebeSEric Cheng vn_compare(acg->ac_flow.ac_vnode, vp) || 128*da14cebeSEric Cheng vn_compare(acg->ac_net.ac_vnode, vp)) 1297c478bd9Sstevel@tonic-gate in_use = B_TRUE; 1307c478bd9Sstevel@tonic-gate } 1317c478bd9Sstevel@tonic-gate 1327c478bd9Sstevel@tonic-gate /* 1337c478bd9Sstevel@tonic-gate * Drop all locks. 1347c478bd9Sstevel@tonic-gate */ 1357c478bd9Sstevel@tonic-gate for (acg = list_head(&exacct_globals_list); acg != NULL; 1367c478bd9Sstevel@tonic-gate acg = list_next(&exacct_globals_list, acg)) { 1377c478bd9Sstevel@tonic-gate mutex_exit(&acg->ac_proc.ac_lock); 1387c478bd9Sstevel@tonic-gate mutex_exit(&acg->ac_task.ac_lock); 1397c478bd9Sstevel@tonic-gate mutex_exit(&acg->ac_flow.ac_lock); 140*da14cebeSEric Cheng mutex_exit(&acg->ac_net.ac_lock); 1417c478bd9Sstevel@tonic-gate } 1427c478bd9Sstevel@tonic-gate mutex_exit(&exacct_globals_list_lock); 1437c478bd9Sstevel@tonic-gate return (in_use); 1447c478bd9Sstevel@tonic-gate } 1457c478bd9Sstevel@tonic-gate 1467c478bd9Sstevel@tonic-gate static int 1477c478bd9Sstevel@tonic-gate ac_file_set(ac_info_t *info, void *ubuf, size_t bufsz) 1487c478bd9Sstevel@tonic-gate { 1497c478bd9Sstevel@tonic-gate int error = 0; 1507c478bd9Sstevel@tonic-gate void *kbuf; 1517c478bd9Sstevel@tonic-gate void *namebuf; 1527c478bd9Sstevel@tonic-gate int namelen; 1537c478bd9Sstevel@tonic-gate vnode_t *vp; 1547c478bd9Sstevel@tonic-gate void *hdr; 1557c478bd9Sstevel@tonic-gate size_t hdrsize; 156074e084fSml93401 vattr_t va; 1577c478bd9Sstevel@tonic-gate 1587c478bd9Sstevel@tonic-gate if (ubuf == NULL) { 1597c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 1607c478bd9Sstevel@tonic-gate 1617c478bd9Sstevel@tonic-gate /* 1627c478bd9Sstevel@tonic-gate * Closing accounting file 1637c478bd9Sstevel@tonic-gate */ 1647c478bd9Sstevel@tonic-gate if (info->ac_vnode != NULL) { 165da6c28aaSamw error = VOP_CLOSE(info->ac_vnode, FWRITE, 1, 0, 166da6c28aaSamw CRED(), NULL); 1677c478bd9Sstevel@tonic-gate if (error) { 1687c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 1697c478bd9Sstevel@tonic-gate return (error); 1707c478bd9Sstevel@tonic-gate } 1717c478bd9Sstevel@tonic-gate VN_RELE(info->ac_vnode); 1727c478bd9Sstevel@tonic-gate info->ac_vnode = NULL; 1737c478bd9Sstevel@tonic-gate } 1747c478bd9Sstevel@tonic-gate if (info->ac_file != NULL) { 1757c478bd9Sstevel@tonic-gate kmem_free(info->ac_file, strlen(info->ac_file) + 1); 1767c478bd9Sstevel@tonic-gate info->ac_file = NULL; 1777c478bd9Sstevel@tonic-gate } 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 1807c478bd9Sstevel@tonic-gate return (error); 1817c478bd9Sstevel@tonic-gate } 1827c478bd9Sstevel@tonic-gate 1837c478bd9Sstevel@tonic-gate if (bufsz < 2 || bufsz > MAXPATHLEN) 1847c478bd9Sstevel@tonic-gate return (EINVAL); 1857c478bd9Sstevel@tonic-gate 1867c478bd9Sstevel@tonic-gate /* 1877c478bd9Sstevel@tonic-gate * We have to copy in the whole buffer since we can't tell the length 1887c478bd9Sstevel@tonic-gate * of the string in user's address space. 1897c478bd9Sstevel@tonic-gate */ 1907c478bd9Sstevel@tonic-gate kbuf = kmem_zalloc(bufsz, KM_SLEEP); 1917c478bd9Sstevel@tonic-gate if ((error = copyinstr((char *)ubuf, (char *)kbuf, bufsz, NULL)) != 0) { 1927c478bd9Sstevel@tonic-gate kmem_free(kbuf, bufsz); 1937c478bd9Sstevel@tonic-gate return (error); 1947c478bd9Sstevel@tonic-gate } 1957c478bd9Sstevel@tonic-gate if (*((char *)kbuf) != '/') { 1967c478bd9Sstevel@tonic-gate kmem_free(kbuf, bufsz); 1977c478bd9Sstevel@tonic-gate return (EINVAL); 1987c478bd9Sstevel@tonic-gate } 1997c478bd9Sstevel@tonic-gate 2007c478bd9Sstevel@tonic-gate /* 2017c478bd9Sstevel@tonic-gate * Now, allocate the space where we are going to save the 2027c478bd9Sstevel@tonic-gate * name of the accounting file and kmem_free kbuf. We have to do this 2037c478bd9Sstevel@tonic-gate * now because it is not good to sleep in kmem_alloc() while 2047c478bd9Sstevel@tonic-gate * holding ac_info's lock. 2057c478bd9Sstevel@tonic-gate */ 2067c478bd9Sstevel@tonic-gate namelen = strlen(kbuf) + 1; 2077c478bd9Sstevel@tonic-gate namebuf = kmem_alloc(namelen, KM_SLEEP); 2087c478bd9Sstevel@tonic-gate (void) strcpy(namebuf, kbuf); 2097c478bd9Sstevel@tonic-gate kmem_free(kbuf, bufsz); 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate /* 2127c478bd9Sstevel@tonic-gate * Check if this file already exists. 2137c478bd9Sstevel@tonic-gate */ 2147c478bd9Sstevel@tonic-gate error = lookupname(namebuf, UIO_SYSSPACE, FOLLOW, NULLVPP, &vp); 2157c478bd9Sstevel@tonic-gate 2167c478bd9Sstevel@tonic-gate /* 2177c478bd9Sstevel@tonic-gate * Check if the file is already in use. 2187c478bd9Sstevel@tonic-gate */ 2197c478bd9Sstevel@tonic-gate if (!error) { 2207c478bd9Sstevel@tonic-gate if (ac_file_in_use(vp)) { 2217c478bd9Sstevel@tonic-gate /* 2227c478bd9Sstevel@tonic-gate * If we're already using it then return EBUSY 2237c478bd9Sstevel@tonic-gate */ 2247c478bd9Sstevel@tonic-gate kmem_free(namebuf, namelen); 2257c478bd9Sstevel@tonic-gate VN_RELE(vp); 2267c478bd9Sstevel@tonic-gate return (EBUSY); 2277c478bd9Sstevel@tonic-gate } 2287c478bd9Sstevel@tonic-gate VN_RELE(vp); 2297c478bd9Sstevel@tonic-gate } 2307c478bd9Sstevel@tonic-gate 2317c478bd9Sstevel@tonic-gate /* 232074e084fSml93401 * Create an exacct header here because exacct_create_header() may 233074e084fSml93401 * sleep so we should not be holding ac_lock. At this point we cannot 234074e084fSml93401 * reliably know if we need the header or not, so we may end up not 235074e084fSml93401 * using the header. 236074e084fSml93401 */ 237074e084fSml93401 hdr = exacct_create_header(&hdrsize); 238074e084fSml93401 239074e084fSml93401 /* 2407c478bd9Sstevel@tonic-gate * Now, grab info's ac_lock and try to set up everything. 2417c478bd9Sstevel@tonic-gate */ 2427c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 2437c478bd9Sstevel@tonic-gate 2447c478bd9Sstevel@tonic-gate if ((error = vn_open(namebuf, UIO_SYSSPACE, 245074e084fSml93401 FCREAT | FWRITE | FOFFMAX, 0600, &vp, CRCREAT, 0)) != 0) { 2467c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 2477c478bd9Sstevel@tonic-gate kmem_free(namebuf, namelen); 248074e084fSml93401 kmem_free(hdr, hdrsize); 2497c478bd9Sstevel@tonic-gate return (error); 2507c478bd9Sstevel@tonic-gate } 2517c478bd9Sstevel@tonic-gate 2527c478bd9Sstevel@tonic-gate if (vp->v_type != VREG) { 2537c478bd9Sstevel@tonic-gate VN_RELE(vp); 2547c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 2557c478bd9Sstevel@tonic-gate kmem_free(namebuf, namelen); 256074e084fSml93401 kmem_free(hdr, hdrsize); 2577c478bd9Sstevel@tonic-gate return (EACCES); 2587c478bd9Sstevel@tonic-gate } 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate if (info->ac_vnode != NULL) { 2617c478bd9Sstevel@tonic-gate /* 2627c478bd9Sstevel@tonic-gate * Switch from an old file to a new file by swapping 2637c478bd9Sstevel@tonic-gate * their vnode pointers. 2647c478bd9Sstevel@tonic-gate */ 2657c478bd9Sstevel@tonic-gate vnode_t *oldvp; 2667c478bd9Sstevel@tonic-gate oldvp = info->ac_vnode; 2677c478bd9Sstevel@tonic-gate info->ac_vnode = vp; 2687c478bd9Sstevel@tonic-gate vp = oldvp; 2697c478bd9Sstevel@tonic-gate } else { 2707c478bd9Sstevel@tonic-gate /* 2717c478bd9Sstevel@tonic-gate * Start writing accounting records to a new file. 2727c478bd9Sstevel@tonic-gate */ 2737c478bd9Sstevel@tonic-gate info->ac_vnode = vp; 2747c478bd9Sstevel@tonic-gate vp = NULL; 2757c478bd9Sstevel@tonic-gate } 2767c478bd9Sstevel@tonic-gate if (vp) { 2777c478bd9Sstevel@tonic-gate /* 2787c478bd9Sstevel@tonic-gate * We still need to close the old file. 2797c478bd9Sstevel@tonic-gate */ 280da6c28aaSamw if ((error = VOP_CLOSE(vp, FWRITE, 1, 0, CRED(), NULL)) != 0) { 2817c478bd9Sstevel@tonic-gate VN_RELE(vp); 2827c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 2837c478bd9Sstevel@tonic-gate kmem_free(namebuf, namelen); 284074e084fSml93401 kmem_free(hdr, hdrsize); 2857c478bd9Sstevel@tonic-gate return (error); 2867c478bd9Sstevel@tonic-gate } 2877c478bd9Sstevel@tonic-gate VN_RELE(vp); 2887c478bd9Sstevel@tonic-gate if (info->ac_file != NULL) { 2897c478bd9Sstevel@tonic-gate kmem_free(info->ac_file, 2907c478bd9Sstevel@tonic-gate strlen(info->ac_file) + 1); 2917c478bd9Sstevel@tonic-gate info->ac_file = NULL; 2927c478bd9Sstevel@tonic-gate } 2937c478bd9Sstevel@tonic-gate } 2947c478bd9Sstevel@tonic-gate info->ac_file = namebuf; 2957c478bd9Sstevel@tonic-gate 2967c478bd9Sstevel@tonic-gate /* 297074e084fSml93401 * Write the exacct header only if the file is empty. 2987c478bd9Sstevel@tonic-gate */ 299074e084fSml93401 error = VOP_GETATTR(info->ac_vnode, &va, AT_SIZE, CRED(), NULL); 300074e084fSml93401 if (error == 0 && va.va_size == 0) 3017c478bd9Sstevel@tonic-gate error = exacct_write_header(info, hdr, hdrsize); 3027c478bd9Sstevel@tonic-gate 303074e084fSml93401 mutex_exit(&info->ac_lock); 304074e084fSml93401 kmem_free(hdr, hdrsize); 3057c478bd9Sstevel@tonic-gate return (error); 3067c478bd9Sstevel@tonic-gate } 3077c478bd9Sstevel@tonic-gate 3087c478bd9Sstevel@tonic-gate static int 3097c478bd9Sstevel@tonic-gate ac_file_get(ac_info_t *info, void *buf, size_t bufsz) 3107c478bd9Sstevel@tonic-gate { 3117c478bd9Sstevel@tonic-gate int error = 0; 3127c478bd9Sstevel@tonic-gate vnode_t *vnode; 3137c478bd9Sstevel@tonic-gate char *file; 3147c478bd9Sstevel@tonic-gate 3157c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 3167c478bd9Sstevel@tonic-gate file = info->ac_file; 3177c478bd9Sstevel@tonic-gate vnode = info->ac_vnode; 3187c478bd9Sstevel@tonic-gate 3197c478bd9Sstevel@tonic-gate if (file == NULL || vnode == NULL) { 3207c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 3217c478bd9Sstevel@tonic-gate return (ENOTACTIVE); 3227c478bd9Sstevel@tonic-gate } 3237c478bd9Sstevel@tonic-gate 3247c478bd9Sstevel@tonic-gate if (strlen(file) >= bufsz) 3257c478bd9Sstevel@tonic-gate error = ENOMEM; 3267c478bd9Sstevel@tonic-gate else 3277c478bd9Sstevel@tonic-gate error = copyoutstr(file, buf, MAXPATHLEN, NULL); 3287c478bd9Sstevel@tonic-gate 3297c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 3307c478bd9Sstevel@tonic-gate return (error); 3317c478bd9Sstevel@tonic-gate } 3327c478bd9Sstevel@tonic-gate 3337c478bd9Sstevel@tonic-gate static int 3347c478bd9Sstevel@tonic-gate ac_res_set(ac_info_t *info, void *buf, size_t bufsz, int maxres) 3357c478bd9Sstevel@tonic-gate { 3367c478bd9Sstevel@tonic-gate ac_res_t *res; 3377c478bd9Sstevel@tonic-gate ac_res_t *tmp; 3387c478bd9Sstevel@tonic-gate ulong_t *maskp; 3397c478bd9Sstevel@tonic-gate int id; 3407c478bd9Sstevel@tonic-gate uint_t counter = 0; 3417c478bd9Sstevel@tonic-gate 3427c478bd9Sstevel@tonic-gate /* 3437c478bd9Sstevel@tonic-gate * Validate that a non-zero buffer, sized within limits and to an 3447c478bd9Sstevel@tonic-gate * integral number of ac_res_t's has been specified. 3457c478bd9Sstevel@tonic-gate */ 3467c478bd9Sstevel@tonic-gate if (bufsz == 0 || 3477c478bd9Sstevel@tonic-gate bufsz > sizeof (ac_res_t) * (AC_MAX_RES + 1) || 3487c478bd9Sstevel@tonic-gate (bufsz / sizeof (ac_res_t)) * sizeof (ac_res_t) != bufsz) 3497c478bd9Sstevel@tonic-gate return (EINVAL); 3507c478bd9Sstevel@tonic-gate 3517c478bd9Sstevel@tonic-gate tmp = res = kmem_alloc(bufsz, KM_SLEEP); 3527c478bd9Sstevel@tonic-gate if (copyin(buf, res, bufsz) != 0) { 3537c478bd9Sstevel@tonic-gate kmem_free(res, bufsz); 3547c478bd9Sstevel@tonic-gate return (EFAULT); 3557c478bd9Sstevel@tonic-gate } 3567c478bd9Sstevel@tonic-gate 3577c478bd9Sstevel@tonic-gate maskp = (ulong_t *)&info->ac_mask; 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 3607c478bd9Sstevel@tonic-gate while ((id = tmp->ar_id) != AC_NONE && counter < maxres + 1) { 3617c478bd9Sstevel@tonic-gate if (id > maxres || id < 0) { 3627c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 3637c478bd9Sstevel@tonic-gate kmem_free(res, bufsz); 3647c478bd9Sstevel@tonic-gate return (EINVAL); 3657c478bd9Sstevel@tonic-gate } 3667c478bd9Sstevel@tonic-gate if (tmp->ar_state == AC_ON) { 3677c478bd9Sstevel@tonic-gate BT_SET(maskp, id); 3687c478bd9Sstevel@tonic-gate } else if (tmp->ar_state == AC_OFF) { 3697c478bd9Sstevel@tonic-gate BT_CLEAR(maskp, id); 3707c478bd9Sstevel@tonic-gate } else { 3717c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 3727c478bd9Sstevel@tonic-gate kmem_free(res, bufsz); 3737c478bd9Sstevel@tonic-gate return (EINVAL); 3747c478bd9Sstevel@tonic-gate } 3757c478bd9Sstevel@tonic-gate tmp++; 3767c478bd9Sstevel@tonic-gate counter++; 3777c478bd9Sstevel@tonic-gate } 3787c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 3797c478bd9Sstevel@tonic-gate kmem_free(res, bufsz); 3807c478bd9Sstevel@tonic-gate return (0); 3817c478bd9Sstevel@tonic-gate } 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate static int 3847c478bd9Sstevel@tonic-gate ac_res_get(ac_info_t *info, void *buf, size_t bufsz, int maxres) 3857c478bd9Sstevel@tonic-gate { 3867c478bd9Sstevel@tonic-gate int error = 0; 3877c478bd9Sstevel@tonic-gate ac_res_t *res; 3887c478bd9Sstevel@tonic-gate ac_res_t *tmp; 3897c478bd9Sstevel@tonic-gate size_t ressz = sizeof (ac_res_t) * (maxres + 1); 3907c478bd9Sstevel@tonic-gate ulong_t *maskp; 3917c478bd9Sstevel@tonic-gate int id; 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate if (bufsz < ressz) 3947c478bd9Sstevel@tonic-gate return (EINVAL); 3957c478bd9Sstevel@tonic-gate tmp = res = kmem_alloc(ressz, KM_SLEEP); 3967c478bd9Sstevel@tonic-gate 3977c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 3987c478bd9Sstevel@tonic-gate maskp = (ulong_t *)&info->ac_mask; 3997c478bd9Sstevel@tonic-gate for (id = 1; id <= maxres; id++) { 4007c478bd9Sstevel@tonic-gate tmp->ar_id = id; 4017c478bd9Sstevel@tonic-gate tmp->ar_state = BT_TEST(maskp, id); 4027c478bd9Sstevel@tonic-gate tmp++; 4037c478bd9Sstevel@tonic-gate } 4047c478bd9Sstevel@tonic-gate tmp->ar_id = AC_NONE; 4057c478bd9Sstevel@tonic-gate tmp->ar_state = AC_OFF; 4067c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 4077c478bd9Sstevel@tonic-gate error = copyout(res, buf, ressz); 4087c478bd9Sstevel@tonic-gate kmem_free(res, ressz); 4097c478bd9Sstevel@tonic-gate return (error); 4107c478bd9Sstevel@tonic-gate } 4117c478bd9Sstevel@tonic-gate 4127c478bd9Sstevel@tonic-gate /* 4137c478bd9Sstevel@tonic-gate * acctctl() 4147c478bd9Sstevel@tonic-gate * 4157c478bd9Sstevel@tonic-gate * Overview 4167c478bd9Sstevel@tonic-gate * acctctl() is the entry point for the acctctl(2) system call. 4177c478bd9Sstevel@tonic-gate * 4187c478bd9Sstevel@tonic-gate * Return values 4197c478bd9Sstevel@tonic-gate * On successful completion, return 0; otherwise -1 is returned and errno is 4207c478bd9Sstevel@tonic-gate * set appropriately. 4217c478bd9Sstevel@tonic-gate * 4227c478bd9Sstevel@tonic-gate * Caller's context 4237c478bd9Sstevel@tonic-gate * Called from the system call path. 4247c478bd9Sstevel@tonic-gate */ 4257c478bd9Sstevel@tonic-gate int 4267c478bd9Sstevel@tonic-gate acctctl(int cmd, void *buf, size_t bufsz) 4277c478bd9Sstevel@tonic-gate { 4287c478bd9Sstevel@tonic-gate int error = 0; 4297c478bd9Sstevel@tonic-gate int mode = AC_MODE(cmd); 4307c478bd9Sstevel@tonic-gate int option = AC_OPTION(cmd); 4317c478bd9Sstevel@tonic-gate int maxres; 4327c478bd9Sstevel@tonic-gate ac_info_t *info; 4337c478bd9Sstevel@tonic-gate zone_t *zone = curproc->p_zone; 4347c478bd9Sstevel@tonic-gate struct exacct_globals *acg; 4357c478bd9Sstevel@tonic-gate 4367c478bd9Sstevel@tonic-gate acg = zone_getspecific(exacct_zone_key, zone); 4377c478bd9Sstevel@tonic-gate /* 4387c478bd9Sstevel@tonic-gate * exacct_zone_key and associated per-zone state were initialized when 4397c478bd9Sstevel@tonic-gate * the module was loaded. 4407c478bd9Sstevel@tonic-gate */ 4417c478bd9Sstevel@tonic-gate ASSERT(exacct_zone_key != ZONE_KEY_UNINITIALIZED); 4427c478bd9Sstevel@tonic-gate ASSERT(acg != NULL); 4437c478bd9Sstevel@tonic-gate 4447c478bd9Sstevel@tonic-gate switch (mode) { /* sanity check */ 4457c478bd9Sstevel@tonic-gate case AC_TASK: 4467c478bd9Sstevel@tonic-gate info = &acg->ac_task; 4477c478bd9Sstevel@tonic-gate maxres = AC_TASK_MAX_RES; 4487c478bd9Sstevel@tonic-gate break; 4497c478bd9Sstevel@tonic-gate case AC_PROC: 4507c478bd9Sstevel@tonic-gate info = &acg->ac_proc; 4517c478bd9Sstevel@tonic-gate maxres = AC_PROC_MAX_RES; 4527c478bd9Sstevel@tonic-gate break; 4537c478bd9Sstevel@tonic-gate /* 454*da14cebeSEric Cheng * Flow/net accounting isn't configurable in non-global 4557c478bd9Sstevel@tonic-gate * zones, but we have this field on a per-zone basis for future 4567c478bd9Sstevel@tonic-gate * expansion as well as the ability to return default "unset" 4577c478bd9Sstevel@tonic-gate * values for the various AC_*_GET queries. AC_*_SET commands 458*da14cebeSEric Cheng * fail with EPERM for AC_FLOW and AC_NET in non-global zones. 4597c478bd9Sstevel@tonic-gate */ 460*da14cebeSEric Cheng case AC_FLOW: 4617c478bd9Sstevel@tonic-gate info = &acg->ac_flow; 4627c478bd9Sstevel@tonic-gate maxres = AC_FLOW_MAX_RES; 4637c478bd9Sstevel@tonic-gate break; 464*da14cebeSEric Cheng case AC_NET: 465*da14cebeSEric Cheng info = &acg->ac_net; 466*da14cebeSEric Cheng maxres = AC_NET_MAX_RES; 467*da14cebeSEric Cheng break; 4687c478bd9Sstevel@tonic-gate default: 4697c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 4707c478bd9Sstevel@tonic-gate } 4717c478bd9Sstevel@tonic-gate 4727c478bd9Sstevel@tonic-gate switch (option) { 4737c478bd9Sstevel@tonic-gate case AC_STATE_SET: 4747c478bd9Sstevel@tonic-gate if ((error = secpolicy_acct(CRED())) != 0) 4757c478bd9Sstevel@tonic-gate break; 476*da14cebeSEric Cheng if ((mode == AC_FLOW || mode == AC_NET) && 477*da14cebeSEric Cheng getzoneid() != GLOBAL_ZONEID) { 4787c478bd9Sstevel@tonic-gate error = EPERM; 4797c478bd9Sstevel@tonic-gate break; 4807c478bd9Sstevel@tonic-gate } 4817c478bd9Sstevel@tonic-gate error = ac_state_set(info, buf, bufsz); 4827c478bd9Sstevel@tonic-gate break; 4837c478bd9Sstevel@tonic-gate case AC_STATE_GET: 4847c478bd9Sstevel@tonic-gate error = ac_state_get(info, buf, bufsz); 4857c478bd9Sstevel@tonic-gate break; 4867c478bd9Sstevel@tonic-gate case AC_FILE_SET: 4877c478bd9Sstevel@tonic-gate if ((error = secpolicy_acct(CRED())) != 0) 4887c478bd9Sstevel@tonic-gate break; 489*da14cebeSEric Cheng if ((mode == AC_FLOW || mode == AC_NET) && 490*da14cebeSEric Cheng getzoneid() != GLOBAL_ZONEID) { 4917c478bd9Sstevel@tonic-gate error = EPERM; 4927c478bd9Sstevel@tonic-gate break; 4937c478bd9Sstevel@tonic-gate } 4947c478bd9Sstevel@tonic-gate error = ac_file_set(info, buf, bufsz); 4957c478bd9Sstevel@tonic-gate break; 4967c478bd9Sstevel@tonic-gate case AC_FILE_GET: 4977c478bd9Sstevel@tonic-gate error = ac_file_get(info, buf, bufsz); 4987c478bd9Sstevel@tonic-gate break; 4997c478bd9Sstevel@tonic-gate case AC_RES_SET: 5007c478bd9Sstevel@tonic-gate if ((error = secpolicy_acct(CRED())) != 0) 5017c478bd9Sstevel@tonic-gate break; 502*da14cebeSEric Cheng if ((mode == AC_FLOW || mode == AC_NET) && 503*da14cebeSEric Cheng getzoneid() != GLOBAL_ZONEID) { 5047c478bd9Sstevel@tonic-gate error = EPERM; 5057c478bd9Sstevel@tonic-gate break; 5067c478bd9Sstevel@tonic-gate } 5077c478bd9Sstevel@tonic-gate error = ac_res_set(info, buf, bufsz, maxres); 5087c478bd9Sstevel@tonic-gate break; 5097c478bd9Sstevel@tonic-gate case AC_RES_GET: 5107c478bd9Sstevel@tonic-gate error = ac_res_get(info, buf, bufsz, maxres); 5117c478bd9Sstevel@tonic-gate break; 5127c478bd9Sstevel@tonic-gate default: 5137c478bd9Sstevel@tonic-gate return (set_errno(EINVAL)); 5147c478bd9Sstevel@tonic-gate } 5157c478bd9Sstevel@tonic-gate if (error) 5167c478bd9Sstevel@tonic-gate return (set_errno(error)); 5177c478bd9Sstevel@tonic-gate return (0); 5187c478bd9Sstevel@tonic-gate } 5197c478bd9Sstevel@tonic-gate 5207c478bd9Sstevel@tonic-gate static struct sysent ac_sysent = { 5217c478bd9Sstevel@tonic-gate 3, 5227c478bd9Sstevel@tonic-gate SE_NOUNLOAD | SE_ARGC | SE_32RVAL1, 5237c478bd9Sstevel@tonic-gate acctctl 5247c478bd9Sstevel@tonic-gate }; 5257c478bd9Sstevel@tonic-gate 5267c478bd9Sstevel@tonic-gate static struct modlsys modlsys = { 5277c478bd9Sstevel@tonic-gate &mod_syscallops, 5287c478bd9Sstevel@tonic-gate "acctctl system call", 5297c478bd9Sstevel@tonic-gate &ac_sysent 5307c478bd9Sstevel@tonic-gate }; 5317c478bd9Sstevel@tonic-gate 5327c478bd9Sstevel@tonic-gate #ifdef _SYSCALL32_IMPL 5337c478bd9Sstevel@tonic-gate static struct modlsys modlsys32 = { 5347c478bd9Sstevel@tonic-gate &mod_syscallops32, 5357c478bd9Sstevel@tonic-gate "32-bit acctctl system call", 5367c478bd9Sstevel@tonic-gate &ac_sysent 5377c478bd9Sstevel@tonic-gate }; 5387c478bd9Sstevel@tonic-gate #endif 5397c478bd9Sstevel@tonic-gate 5407c478bd9Sstevel@tonic-gate static struct modlinkage modlinkage = { 5417c478bd9Sstevel@tonic-gate MODREV_1, 5427c478bd9Sstevel@tonic-gate &modlsys, 5437c478bd9Sstevel@tonic-gate #ifdef _SYSCALL32_IMPL 5447c478bd9Sstevel@tonic-gate &modlsys32, 5457c478bd9Sstevel@tonic-gate #endif 5467c478bd9Sstevel@tonic-gate NULL 5477c478bd9Sstevel@tonic-gate }; 5487c478bd9Sstevel@tonic-gate 5497c478bd9Sstevel@tonic-gate /* ARGSUSED */ 5507c478bd9Sstevel@tonic-gate static void * 5517c478bd9Sstevel@tonic-gate exacct_zone_init(zoneid_t zoneid) 5527c478bd9Sstevel@tonic-gate { 5537c478bd9Sstevel@tonic-gate struct exacct_globals *acg; 5547c478bd9Sstevel@tonic-gate 5557c478bd9Sstevel@tonic-gate acg = kmem_zalloc(sizeof (*acg), KM_SLEEP); 5567c478bd9Sstevel@tonic-gate mutex_enter(&exacct_globals_list_lock); 5577c478bd9Sstevel@tonic-gate list_insert_tail(&exacct_globals_list, acg); 5587c478bd9Sstevel@tonic-gate mutex_exit(&exacct_globals_list_lock); 5597c478bd9Sstevel@tonic-gate return (acg); 5607c478bd9Sstevel@tonic-gate } 5617c478bd9Sstevel@tonic-gate 5627c478bd9Sstevel@tonic-gate static void 5637c478bd9Sstevel@tonic-gate exacct_free_info(ac_info_t *info) 5647c478bd9Sstevel@tonic-gate { 5657c478bd9Sstevel@tonic-gate mutex_enter(&info->ac_lock); 5667c478bd9Sstevel@tonic-gate if (info->ac_vnode) { 567da6c28aaSamw (void) VOP_CLOSE(info->ac_vnode, FWRITE, 1, 0, kcred, NULL); 5687c478bd9Sstevel@tonic-gate VN_RELE(info->ac_vnode); 5697c478bd9Sstevel@tonic-gate kmem_free(info->ac_file, strlen(info->ac_file) + 1); 5707c478bd9Sstevel@tonic-gate } 5717c478bd9Sstevel@tonic-gate info->ac_state = AC_OFF; 5727c478bd9Sstevel@tonic-gate info->ac_vnode = NULL; 5737c478bd9Sstevel@tonic-gate info->ac_file = NULL; 5747c478bd9Sstevel@tonic-gate mutex_exit(&info->ac_lock); 5757c478bd9Sstevel@tonic-gate } 5767c478bd9Sstevel@tonic-gate 5777c478bd9Sstevel@tonic-gate /* ARGSUSED */ 5787c478bd9Sstevel@tonic-gate static void 5797c478bd9Sstevel@tonic-gate exacct_zone_shutdown(zoneid_t zoneid, void *data) 5807c478bd9Sstevel@tonic-gate { 5817c478bd9Sstevel@tonic-gate struct exacct_globals *acg = data; 5827c478bd9Sstevel@tonic-gate 5837c478bd9Sstevel@tonic-gate /* 5847c478bd9Sstevel@tonic-gate * The accounting files need to be closed during shutdown rather than 5857c478bd9Sstevel@tonic-gate * destroy, since otherwise the filesystem they reside on may fail to 5867c478bd9Sstevel@tonic-gate * unmount, thus causing the entire zone halt/reboot to fail. 5877c478bd9Sstevel@tonic-gate */ 5887c478bd9Sstevel@tonic-gate exacct_free_info(&acg->ac_proc); 5897c478bd9Sstevel@tonic-gate exacct_free_info(&acg->ac_task); 5907c478bd9Sstevel@tonic-gate exacct_free_info(&acg->ac_flow); 591*da14cebeSEric Cheng exacct_free_info(&acg->ac_net); 5927c478bd9Sstevel@tonic-gate } 5937c478bd9Sstevel@tonic-gate 5947c478bd9Sstevel@tonic-gate /* ARGSUSED */ 5957c478bd9Sstevel@tonic-gate static void 5967c478bd9Sstevel@tonic-gate exacct_zone_fini(zoneid_t zoneid, void *data) 5977c478bd9Sstevel@tonic-gate { 5987c478bd9Sstevel@tonic-gate struct exacct_globals *acg = data; 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate mutex_enter(&exacct_globals_list_lock); 6017c478bd9Sstevel@tonic-gate list_remove(&exacct_globals_list, acg); 6027c478bd9Sstevel@tonic-gate mutex_exit(&exacct_globals_list_lock); 6037c478bd9Sstevel@tonic-gate 6047c478bd9Sstevel@tonic-gate mutex_destroy(&acg->ac_proc.ac_lock); 6057c478bd9Sstevel@tonic-gate mutex_destroy(&acg->ac_task.ac_lock); 6067c478bd9Sstevel@tonic-gate mutex_destroy(&acg->ac_flow.ac_lock); 607*da14cebeSEric Cheng mutex_destroy(&acg->ac_net.ac_lock); 6087c478bd9Sstevel@tonic-gate kmem_free(acg, sizeof (*acg)); 6097c478bd9Sstevel@tonic-gate } 6107c478bd9Sstevel@tonic-gate 6117c478bd9Sstevel@tonic-gate int 6127c478bd9Sstevel@tonic-gate _init() 6137c478bd9Sstevel@tonic-gate { 6147c478bd9Sstevel@tonic-gate int error; 6157c478bd9Sstevel@tonic-gate 6167c478bd9Sstevel@tonic-gate mutex_init(&exacct_globals_list_lock, NULL, MUTEX_DEFAULT, NULL); 6177c478bd9Sstevel@tonic-gate list_create(&exacct_globals_list, sizeof (struct exacct_globals), 6187c478bd9Sstevel@tonic-gate offsetof(struct exacct_globals, ac_link)); 6197c478bd9Sstevel@tonic-gate zone_key_create(&exacct_zone_key, exacct_zone_init, 6207c478bd9Sstevel@tonic-gate exacct_zone_shutdown, exacct_zone_fini); 6217c478bd9Sstevel@tonic-gate 6227c478bd9Sstevel@tonic-gate if ((error = mod_install(&modlinkage)) != 0) { 6237c478bd9Sstevel@tonic-gate (void) zone_key_delete(exacct_zone_key); 6247c478bd9Sstevel@tonic-gate exacct_zone_key = ZONE_KEY_UNINITIALIZED; 6257c478bd9Sstevel@tonic-gate mutex_destroy(&exacct_globals_list_lock); 6267c478bd9Sstevel@tonic-gate list_destroy(&exacct_globals_list); 6277c478bd9Sstevel@tonic-gate } 6287c478bd9Sstevel@tonic-gate return (error); 6297c478bd9Sstevel@tonic-gate } 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate int 6327c478bd9Sstevel@tonic-gate _info(struct modinfo *modinfop) 6337c478bd9Sstevel@tonic-gate { 6347c478bd9Sstevel@tonic-gate return (mod_info(&modlinkage, modinfop)); 6357c478bd9Sstevel@tonic-gate } 6367c478bd9Sstevel@tonic-gate 6377c478bd9Sstevel@tonic-gate int 6387c478bd9Sstevel@tonic-gate _fini() 6397c478bd9Sstevel@tonic-gate { 6407c478bd9Sstevel@tonic-gate return (EBUSY); 6417c478bd9Sstevel@tonic-gate } 642