2 * linux/kernel/vserver/context.c
4 * Virtual Server: Context Support
6 * Copyright (C) 2003-2004 Herbert Pƶtzl
9 * V0.02 vx_ctx_kill syscall command
10 * V0.03 replaced context_info calls
11 * V0.04 redesign of struct (de)alloc
12 * V0.05 rlimit basic implementation
13 * V0.06 task_xid and info commands
14 * V0.07 context flags and caps
15 * V0.08 switch to RCU based hash
19 #include <linux/config.h>
20 #include <linux/slab.h>
21 #include <linux/vserver.h>
22 #include <linux/vserver/legacy.h>
23 #include <linux/vs_base.h>
24 #include <linux/vs_context.h>
25 #include <linux/kernel_stat.h>
26 #include <linux/namespace.h>
27 #include <linux/rcupdate.h>
29 #define CKRM_VSERVER_INTEGRATION
30 #ifdef CKRM_VSERVER_INTEGRATION
31 #include <linux/ckrm.h>
32 #endif //CKRM_VSERVER_INTEGRATION
34 #include <asm/errno.h>
39 * allocate an initialized vx_info struct
40 * doesn't make it visible (hash) */
42 static struct vx_info *__alloc_vx_info(xid_t xid)
44 struct vx_info *new = NULL;
46 vxdprintk("alloc_vx_info(%d)\n", xid);
48 /* would this benefit from a slab cache? */
49 new = kmalloc(sizeof(struct vx_info), GFP_KERNEL);
53 memset (new, 0, sizeof(struct vx_info));
55 INIT_RCU_HEAD(&new->vx_rcu);
56 INIT_HLIST_NODE(&new->vx_hlist);
57 atomic_set(&new->vx_refcnt, 0);
58 atomic_set(&new->vx_usecnt, 0);
60 /* rest of init goes here */
61 vx_info_init_limit(&new->limit);
62 vx_info_init_sched(&new->sched);
63 vx_info_init_cvirt(&new->cvirt);
64 vx_info_init_cacct(&new->cacct);
66 new->vx_flags = VXF_STATE_SETUP|VXF_STATE_INIT;
67 new->vx_bcaps = CAP_INIT_EFF_SET;
70 vxdprintk("alloc_vx_info(%d) = %p\n", xid, new);
74 /* __dealloc_vx_info()
76 * final disposal of vx_info */
78 static void __dealloc_vx_info(struct vx_info *vxi)
80 vxdprintk("dealloc_vx_info(%p)\n", vxi);
82 vxi->vx_hlist.next = LIST_POISON1;
85 if (vxi->vx_namespace)
86 put_namespace(vxi->vx_namespace);
88 put_fs_struct(vxi->vx_fs);
90 vx_info_exit_limit(&vxi->limit);
91 vx_info_exit_sched(&vxi->sched);
92 vx_info_exit_cvirt(&vxi->cvirt);
93 vx_info_exit_cacct(&vxi->cacct);
95 BUG_ON(atomic_read(&vxi->vx_usecnt));
96 BUG_ON(atomic_read(&vxi->vx_refcnt));
102 /* hash table for vx_info hash */
104 #define VX_HASH_SIZE 13
106 struct hlist_head vx_info_hash[VX_HASH_SIZE];
108 static spinlock_t vx_info_hash_lock = SPIN_LOCK_UNLOCKED;
111 static inline unsigned int __hashval(xid_t xid)
113 return (xid % VX_HASH_SIZE);
120 * add the vxi to the global hash table
121 * requires the hash_lock to be held */
123 static inline void __hash_vx_info(struct vx_info *vxi)
125 struct hlist_head *head;
127 vxdprintk("__hash_vx_info: %p[#%d]\n", vxi, vxi->vx_id);
129 head = &vx_info_hash[__hashval(vxi->vx_id)];
130 hlist_add_head_rcu(&vxi->vx_hlist, head);
133 /* __unhash_vx_info()
135 * remove the vxi from the global hash table
136 * requires the hash_lock to be held */
138 static inline void __unhash_vx_info(struct vx_info *vxi)
140 vxdprintk("__unhash_vx_info: %p[#%d]\n", vxi, vxi->vx_id);
141 hlist_del_rcu(&vxi->vx_hlist);
146 /* __lookup_vx_info()
148 * requires the rcu_read_lock()
149 * doesn't increment the vx_refcnt */
151 static inline struct vx_info *__lookup_vx_info(xid_t xid)
153 struct hlist_head *head = &vx_info_hash[__hashval(xid)];
154 struct hlist_node *pos;
156 hlist_for_each_rcu(pos, head) {
157 struct vx_info *vxi =
158 hlist_entry(pos, struct vx_info, vx_hlist);
160 if (vxi->vx_id == xid) {
170 * find unused dynamic xid
171 * requires the hash_lock to be held */
173 static inline xid_t __vx_dynamic_id(void)
175 static xid_t seq = MAX_S_CONTEXT;
179 if (++seq > MAX_S_CONTEXT)
181 if (!__lookup_vx_info(seq))
183 } while (barrier != seq);
189 * locate or create the requested context
190 * get() it and if new hash it */
192 static struct vx_info * __loc_vx_info(int id, int *err)
194 struct vx_info *new, *vxi = NULL;
196 vxdprintk("loc_vx_info(%d)\n", id);
198 if (!(new = __alloc_vx_info(id))) {
203 spin_lock(&vx_info_hash_lock);
205 /* dynamic context requested */
206 if (id == VX_DYNAMIC_ID) {
207 id = __vx_dynamic_id();
209 printk(KERN_ERR "no dynamic context available.\n");
214 /* existing context requested */
215 else if ((vxi = __lookup_vx_info(id))) {
216 /* context in setup is not available */
217 if (vxi->vx_flags & VXF_STATE_SETUP) {
218 vxdprintk("loc_vx_info(%d) = %p (not available)\n", id, vxi);
222 vxdprintk("loc_vx_info(%d) = %p (found)\n", id, vxi);
229 /* new context requested */
230 vxdprintk("loc_vx_info(%d) = %p (new)\n", id, new);
231 __hash_vx_info(get_vx_info(new));
232 vxi = new, new = NULL;
236 spin_unlock(&vx_info_hash_lock);
238 __dealloc_vx_info(new);
248 void rcu_free_vx_info(struct rcu_head *head)
250 struct vx_info *vxi = container_of(head, struct vx_info, vx_rcu);
253 BUG_ON(!vxi || !head);
255 usecnt = atomic_read(&vxi->vx_usecnt);
258 refcnt = atomic_read(&vxi->vx_refcnt);
262 __dealloc_vx_info(vxi);
264 printk("!!! rcu didn't free\n");
267 void unhash_vx_info(struct vx_info *vxi)
269 spin_lock(&vx_info_hash_lock);
270 __unhash_vx_info(vxi);
271 spin_unlock(&vx_info_hash_lock);
276 * search for a vx_info and get() it
277 * negative id means current */
279 struct vx_info *locate_vx_info(int id)
284 vxi = get_vx_info(current->vx_info);
287 vxi = get_vx_info(__lookup_vx_info(id));
293 /* vx_info_is_hashed()
295 * verify that xid is still hashed */
297 int vx_info_is_hashed(xid_t xid)
302 hashed = (__lookup_vx_info(xid) != NULL);
307 #ifdef CONFIG_VSERVER_LEGACY
310 struct vx_info *alloc_vx_info(xid_t xid)
312 return __alloc_vx_info(xid);
316 struct vx_info *locate_or_create_vx_info(int id)
320 return __loc_vx_info(id, &err);
325 #ifdef CONFIG_PROC_FS
327 #define hlist_for_each_rcu(pos, head) \
328 for (pos = (head)->first; pos && ({ prefetch(pos->next); 1;}); \
329 pos = pos->next, ({ smp_read_barrier_depends(); 0;}))
331 int get_xid_list(int index, unsigned int *xids, int size)
333 int hindex, nr_xids = 0;
336 for (hindex = 0; hindex < VX_HASH_SIZE; hindex++) {
337 struct hlist_head *head = &vx_info_hash[hindex];
338 struct hlist_node *pos;
340 hlist_for_each_rcu(pos, head) {
346 vxi = hlist_entry(pos, struct vx_info, vx_hlist);
347 xids[nr_xids] = vxi->vx_id;
348 if (++nr_xids >= size)
358 int vx_migrate_user(struct task_struct *p, struct vx_info *vxi)
360 struct user_struct *new_user, *old_user;
364 new_user = alloc_uid(vxi->vx_id, p->uid);
369 if (new_user != old_user) {
370 atomic_inc(&new_user->processes);
371 atomic_dec(&old_user->processes);
378 void vx_mask_bcaps(struct task_struct *p)
380 struct vx_info *vxi = p->vx_info;
382 p->cap_effective &= vxi->vx_bcaps;
383 p->cap_inheritable &= vxi->vx_bcaps;
384 p->cap_permitted &= vxi->vx_bcaps;
388 #include <linux/file.h>
390 static inline int vx_nofiles_task(struct task_struct *tsk)
392 struct files_struct *files = tsk->files;
393 const unsigned long *obptr, *cbptr;
396 spin_lock(&files->file_lock);
397 obptr = files->open_fds->fds_bits;
398 cbptr = files->close_on_exec->fds_bits;
399 count = files->max_fds / (sizeof(unsigned long) * 8);
400 for (total = 0; count > 0; count--) {
402 total += hweight_long(*obptr);
405 total += hweight_long(*cbptr);
408 spin_unlock(&files->file_lock);
412 static inline int vx_openfd_task(struct task_struct *tsk)
414 struct files_struct *files = tsk->files;
415 const unsigned long *bptr;
418 spin_lock(&files->file_lock);
419 bptr = files->open_fds->fds_bits;
420 count = files->max_fds / (sizeof(unsigned long) * 8);
421 for (total = 0; count > 0; count--) {
423 total += hweight_long(*bptr);
426 spin_unlock(&files->file_lock);
431 * migrate task to new context
432 * gets vxi, puts old_vxi on change
435 int vx_migrate_task(struct task_struct *p, struct vx_info *vxi)
437 struct vx_info *old_vxi;
443 old_vxi = task_get_vx_info(p);
447 vxdprintk("vx_migrate_task(%p,%p[#%d.%d)\n", p, vxi,
448 vxi->vx_id, atomic_read(&vxi->vx_usecnt));
450 if (!(ret = vx_migrate_user(p, vxi))) {
454 openfd = vx_openfd_task(p);
455 nofiles = vx_nofiles_task(p);
458 atomic_dec(&old_vxi->cacct.nr_threads);
459 atomic_dec(&old_vxi->limit.rcur[RLIMIT_NPROC]);
460 atomic_sub(nofiles, &vxi->limit.rcur[RLIMIT_NOFILE]);
461 atomic_sub(openfd, &vxi->limit.rcur[RLIMIT_OPENFD]);
463 atomic_inc(&vxi->cacct.nr_threads);
464 atomic_inc(&vxi->limit.rcur[RLIMIT_NPROC]);
465 atomic_add(nofiles, &vxi->limit.rcur[RLIMIT_NOFILE]);
466 atomic_add(openfd, &vxi->limit.rcur[RLIMIT_OPENFD]);
467 /* should be handled in set_vx_info !! */
469 clr_vx_info(&p->vx_info);
470 set_vx_info(&p->vx_info, vxi);
475 /* obsoleted by clr/set */
476 // put_vx_info(old_vxi);
481 #ifdef CKRM_VSERVER_INTEGRATION
485 #endif //CKRM_VSERVER_INTEGRATION
488 put_vx_info(old_vxi);
492 int vx_set_init(struct vx_info *vxi, struct task_struct *p)
499 vxi->vx_initpid = p->tgid;
504 /* vserver syscall commands below here */
506 /* taks xid and vx_info functions */
508 #include <asm/uaccess.h>
511 int vc_task_xid(uint32_t id, void __user *data)
516 struct task_struct *tsk;
518 if (!vx_check(0, VX_ADMIN|VX_WATCH))
521 read_lock(&tasklist_lock);
522 tsk = find_task_by_pid(id);
523 xid = (tsk) ? tsk->xid : -ESRCH;
524 read_unlock(&tasklist_lock);
532 int vc_vx_info(uint32_t id, void __user *data)
535 struct vcmd_vx_info_v0 vc_data;
537 if (!vx_check(0, VX_ADMIN))
539 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RESOURCE))
542 vxi = locate_vx_info(id);
546 vc_data.xid = vxi->vx_id;
547 vc_data.initpid = vxi->vx_initpid;
550 if (copy_to_user (data, &vc_data, sizeof(vc_data)))
556 /* context functions */
558 int vc_ctx_create(uint32_t xid, void __user *data)
560 struct vx_info *new_vxi;
563 if (!capable(CAP_SYS_ADMIN))
566 if ((xid >= MIN_D_CONTEXT) && (xid != VX_DYNAMIC_ID))
572 new_vxi = __loc_vx_info(xid, &ret);
575 if (!(new_vxi->vx_flags & VXF_STATE_SETUP)) {
580 ret = new_vxi->vx_id;
581 vx_migrate_task(current, new_vxi);
582 /* if this fails, we might end up with a hashed vx_info */
584 put_vx_info(new_vxi);
589 int vc_ctx_migrate(uint32_t id, void __user *data)
593 if (!capable(CAP_SYS_ADMIN))
596 /* dirty hack until Spectator becomes a cap */
602 vxi = locate_vx_info(id);
605 vx_migrate_task(current, vxi);
611 int vc_get_cflags(uint32_t id, void __user *data)
614 struct vcmd_ctx_flags_v0 vc_data;
616 if (!capable(CAP_SYS_ADMIN))
619 vxi = locate_vx_info(id);
623 vc_data.flagword = vxi->vx_flags;
625 /* special STATE flag handling */
626 vc_data.mask = vx_mask_flags(~0UL, vxi->vx_flags, VXF_ONE_TIME);
630 if (copy_to_user (data, &vc_data, sizeof(vc_data)))
635 int vc_set_cflags(uint32_t id, void __user *data)
638 struct vcmd_ctx_flags_v0 vc_data;
639 uint64_t mask, trigger;
641 if (!capable(CAP_SYS_ADMIN))
643 if (copy_from_user (&vc_data, data, sizeof(vc_data)))
646 vxi = locate_vx_info(id);
650 /* special STATE flag handling */
651 mask = vx_mask_mask(vc_data.mask, vxi->vx_flags, VXF_ONE_TIME);
652 trigger = (mask & vxi->vx_flags) ^ (mask & vc_data.flagword);
654 if (trigger & VXF_STATE_SETUP)
655 vx_mask_bcaps(current);
656 if (trigger & VXF_STATE_INIT)
657 if (vxi == current->vx_info)
658 vx_set_init(vxi, current);
660 vxi->vx_flags = vx_mask_flags(vxi->vx_flags,
661 vc_data.flagword, mask);
666 int vc_get_ccaps(uint32_t id, void __user *data)
669 struct vcmd_ctx_caps_v0 vc_data;
671 if (!capable(CAP_SYS_ADMIN))
674 vxi = locate_vx_info(id);
678 vc_data.bcaps = vxi->vx_bcaps;
679 vc_data.ccaps = vxi->vx_ccaps;
680 vc_data.cmask = ~0UL;
683 if (copy_to_user (data, &vc_data, sizeof(vc_data)))
688 int vc_set_ccaps(uint32_t id, void __user *data)
691 struct vcmd_ctx_caps_v0 vc_data;
693 if (!capable(CAP_SYS_ADMIN))
695 if (copy_from_user (&vc_data, data, sizeof(vc_data)))
698 vxi = locate_vx_info(id);
702 vxi->vx_bcaps &= vc_data.bcaps;
703 vxi->vx_ccaps = vx_mask_flags(vxi->vx_ccaps,
704 vc_data.ccaps, vc_data.cmask);
709 #include <linux/module.h>
711 EXPORT_SYMBOL_GPL(rcu_free_vx_info);
712 EXPORT_SYMBOL_GPL(vx_info_hash_lock);
713 EXPORT_SYMBOL_GPL(unhash_vx_info);
git://git.onelab.eu / linux-2.6.git / blob