master
1/*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2010 The FreeBSD Foundation
5 *
6 * This software was developed by Edward Tomasz Napierala under sponsorship
7 * from the FreeBSD Foundation.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 */
30
31/*
32 * Resource accounting.
33 */
34
35#ifndef _RACCT_H_
36#define _RACCT_H_
37
38#include <sys/cdefs.h>
39#include <sys/types.h>
40#include <sys/queue.h>
41#include <sys/stdint.h>
42#include <sys/sysctl.h>
43
44struct buf;
45struct proc;
46struct rctl_rule_link;
47struct ucred;
48
49/*
50 * Resources.
51 */
52#define RACCT_UNDEFINED -1
53#define RACCT_CPU 0
54#define RACCT_DATA 1
55#define RACCT_STACK 2
56#define RACCT_CORE 3
57#define RACCT_RSS 4
58#define RACCT_MEMLOCK 5
59#define RACCT_NPROC 6
60#define RACCT_NOFILE 7
61#define RACCT_VMEM 8
62#define RACCT_NPTS 9
63#define RACCT_SWAP 10
64#define RACCT_NTHR 11
65#define RACCT_MSGQQUEUED 12
66#define RACCT_MSGQSIZE 13
67#define RACCT_NMSGQ 14
68#define RACCT_NSEM 15
69#define RACCT_NSEMOP 16
70#define RACCT_NSHM 17
71#define RACCT_SHMSIZE 18
72#define RACCT_WALLCLOCK 19
73#define RACCT_PCTCPU 20
74#define RACCT_READBPS 21
75#define RACCT_WRITEBPS 22
76#define RACCT_READIOPS 23
77#define RACCT_WRITEIOPS 24
78#define RACCT_MAX RACCT_WRITEIOPS
79
80/*
81 * Resource properties.
82 */
83#define RACCT_IN_MILLIONS 0x01
84#define RACCT_RECLAIMABLE 0x02
85#define RACCT_INHERITABLE 0x04
86#define RACCT_DENIABLE 0x08
87#define RACCT_SLOPPY 0x10
88#define RACCT_DECAYING 0x20
89
90extern int racct_types[];
91extern bool racct_enable;
92
93#define ASSERT_RACCT_ENABLED() KASSERT(racct_enable, \
94 ("%s called with !racct_enable", __func__))
95
96/*
97 * Amount stored in c_resources[] is 10**6 times bigger than what's
98 * visible to the userland. It gets fixed up when retrieving resource
99 * usage or adding rules.
100 */
101#define RACCT_IS_IN_MILLIONS(X) \
102 ((X) != RACCT_UNDEFINED && (racct_types[(X)] & RACCT_IN_MILLIONS) != 0)
103
104/*
105 * Resource usage can drop, as opposed to only grow. When the process
106 * terminates, its resource usage is subtracted from the respective
107 * per-credential racct containers.
108 */
109#define RACCT_IS_RECLAIMABLE(X) (racct_types[X] & RACCT_RECLAIMABLE)
110
111/*
112 * Children inherit resource usage.
113 */
114#define RACCT_IS_INHERITABLE(X) (racct_types[X] & RACCT_INHERITABLE)
115
116/*
117 * racct_{add,set}(9) can actually return an error and not update resource
118 * usage counters. Note that even when resource is not deniable, allocating
119 * resource might cause signals to be sent by RCTL code.
120 */
121#define RACCT_IS_DENIABLE(X) (racct_types[X] & RACCT_DENIABLE)
122
123/*
124 * Per-process resource usage information makes no sense, but per-credential
125 * one does. This kind of resources are usually allocated for process, but
126 * freed using credentials.
127 */
128#define RACCT_IS_SLOPPY(X) (racct_types[X] & RACCT_SLOPPY)
129
130/*
131 * When a process terminates, its resource usage is not automatically
132 * subtracted from per-credential racct containers. Instead, the resource
133 * usage of per-credential racct containers decays in time.
134 * Resource usage can also drop for such resource.
135 */
136#define RACCT_IS_DECAYING(X) (racct_types[X] & RACCT_DECAYING)
137
138/*
139 * Resource usage can drop, as opposed to only grow.
140 */
141#define RACCT_CAN_DROP(X) (RACCT_IS_RECLAIMABLE(X) | RACCT_IS_DECAYING(X))
142
143/*
144 * The 'racct' structure defines resource consumption for a particular
145 * subject, such as process or jail.
146 *
147 * This structure must be filled with zeroes initially.
148 */
149struct racct {
150 int64_t r_resources[RACCT_MAX + 1];
151 LIST_HEAD(, rctl_rule_link) r_rule_links;
152};
153
154SYSCTL_DECL(_kern_racct);
155
156#ifdef RACCT
157
158extern struct mtx racct_lock;
159
160#define RACCT_LOCK() mtx_lock(&racct_lock)
161#define RACCT_UNLOCK() mtx_unlock(&racct_lock)
162#define RACCT_LOCK_ASSERT() mtx_assert(&racct_lock, MA_OWNED)
163
164#define RACCT_ENABLED() __predict_false(racct_enable)
165
166#define RACCT_PROC_LOCK(p) do { \
167 if (RACCT_ENABLED()) \
168 PROC_LOCK(p); \
169} while (0)
170#define RACCT_PROC_UNLOCK(p) do { \
171 if (RACCT_ENABLED()) \
172 PROC_UNLOCK(p); \
173} while (0)
174
175int racct_add(struct proc *p, int resource, uint64_t amount);
176void racct_add_cred(struct ucred *cred, int resource, uint64_t amount);
177void racct_add_force(struct proc *p, int resource, uint64_t amount);
178void racct_add_buf(struct proc *p, const struct buf *bufp, int is_write);
179int racct_set(struct proc *p, int resource, uint64_t amount);
180int racct_set_unlocked(struct proc *p, int resource, uint64_t amount);
181void racct_set_force(struct proc *p, int resource, uint64_t amount);
182void racct_sub(struct proc *p, int resource, uint64_t amount);
183void racct_sub_cred(struct ucred *cred, int resource, uint64_t amount);
184uint64_t racct_get_limit(struct proc *p, int resource);
185uint64_t racct_get_available(struct proc *p, int resource);
186
187void racct_create(struct racct **racctp);
188void racct_destroy(struct racct **racctp);
189
190int racct_proc_fork(struct proc *parent, struct proc *child);
191void racct_proc_fork_done(struct proc *child);
192void racct_proc_exit(struct proc *p);
193
194void racct_proc_ucred_changed(struct proc *p, struct ucred *oldcred,
195 struct ucred *newcred);
196void racct_move(struct racct *dest, struct racct *src);
197void racct_proc_throttle(struct proc *p, int timeout);
198
199#else
200
201#define RACCT_PROC_LOCK(p) do { } while (0)
202#define RACCT_PROC_UNLOCK(p) do { } while (0)
203
204static inline int
205racct_add(struct proc *p, int resource, uint64_t amount)
206{
207
208 return (0);
209}
210
211static inline void
212racct_add_cred(struct ucred *cred, int resource, uint64_t amount)
213{
214}
215
216static inline void
217racct_add_force(struct proc *p, int resource, uint64_t amount)
218{
219}
220
221static inline int
222racct_set(struct proc *p, int resource, uint64_t amount)
223{
224
225 return (0);
226}
227
228static inline void
229racct_set_force(struct proc *p, int resource, uint64_t amount)
230{
231}
232
233static inline void
234racct_sub(struct proc *p, int resource, uint64_t amount)
235{
236}
237
238static inline void
239racct_sub_cred(struct ucred *cred, int resource, uint64_t amount)
240{
241}
242
243static inline uint64_t
244racct_get_limit(struct proc *p, int resource)
245{
246
247 return (UINT64_MAX);
248}
249
250static inline uint64_t
251racct_get_available(struct proc *p, int resource)
252{
253
254 return (UINT64_MAX);
255}
256
257#define racct_create(x)
258#define racct_destroy(x)
259
260static inline int
261racct_proc_fork(struct proc *parent, struct proc *child)
262{
263
264 return (0);
265}
266
267static inline void
268racct_proc_fork_done(struct proc *child)
269{
270}
271
272static inline void
273racct_proc_exit(struct proc *p)
274{
275}
276
277#endif
278
279#endif /* !_RACCT_H_ */