2 * linux/kernel/vserver/switch.c
4 * Virtual Server: Syscall Switch
6 * Copyright (C) 2003-2007 Herbert Pƶtzl
9 * V0.02 added signal to context
10 * V0.03 added rlimit functions
11 * V0.04 added iattr, task/xid functions
12 * V0.05 added debug/history stuff
13 * V0.06 added compat32 layer
14 * V0.07 vcmd args and perms
15 * V0.08 added status commands
19 #include <linux/linkage.h>
20 #include <linux/sched.h>
21 #include <linux/compat.h>
22 #include <asm/errno.h>
24 #include <linux/vs_context.h>
25 #include <linux/vs_network.h>
26 #include <linux/vserver/switch.h>
28 #include "vci_config.h"
31 int vc_get_version(uint32_t id)
33 #ifdef CONFIG_VSERVER_LEGACY_VERSION
35 return VCI_LEGACY_VERSION;
41 int vc_get_vci(uint32_t id)
43 return vci_kernel_config();
46 #include <linux/vserver/context_cmd.h>
47 #include <linux/vserver/cvirt_cmd.h>
48 #include <linux/vserver/cacct_cmd.h>
49 #include <linux/vserver/limit_cmd.h>
50 #include <linux/vserver/network_cmd.h>
51 #include <linux/vserver/sched_cmd.h>
52 #include <linux/vserver/debug_cmd.h>
53 #include <linux/vserver/inode_cmd.h>
54 #include <linux/vserver/dlimit_cmd.h>
55 #include <linux/vserver/signal_cmd.h>
56 #include <linux/vserver/space_cmd.h>
58 #include <linux/vserver/legacy.h>
59 #include <linux/vserver/inode.h>
60 #include <linux/vserver/dlimit.h>
64 #define __COMPAT(name, id, data, compat) \
65 (compat) ? name ## _x32 (id, data) : name (id, data)
67 #define __COMPAT(name, id, data, compat) \
73 long do_vcmd(uint32_t cmd, uint32_t id,
74 struct vx_info *vxi, struct nx_info *nxi,
75 void __user *data, int compat)
79 case VCMD_get_version:
80 return vc_get_version(id);
82 return vc_get_vci(id);
85 return vc_task_xid(id, data);
87 return vc_vx_info(vxi, data);
90 return vc_task_nid(id, data);
92 return vc_nx_info(nxi, data);
94 case VCMD_set_space_v0:
95 /* this is version 1 */
97 return vc_set_space(vxi, data);
99 case VCMD_get_space_mask:
100 return vc_get_space_mask(vxi, data);
102 #ifdef CONFIG_IA32_EMULATION
103 case VCMD_get_rlimit:
104 return __COMPAT(vc_get_rlimit, vxi, data, compat);
105 case VCMD_set_rlimit:
106 return __COMPAT(vc_set_rlimit, vxi, data, compat);
108 case VCMD_get_rlimit:
109 return vc_get_rlimit(vxi, data);
110 case VCMD_set_rlimit:
111 return vc_set_rlimit(vxi, data);
113 case VCMD_get_rlimit_mask:
114 return vc_get_rlimit_mask(id, data);
115 case VCMD_reset_minmax:
116 return vc_reset_minmax(vxi, data);
118 case VCMD_get_vhi_name:
119 return vc_get_vhi_name(vxi, data);
120 case VCMD_set_vhi_name:
121 return vc_set_vhi_name(vxi, data);
124 return vc_ctx_stat(vxi, data);
126 return vc_virt_stat(vxi, data);
128 return vc_sock_stat(vxi, data);
129 case VCMD_rlimit_stat:
130 return vc_rlimit_stat(vxi, data);
132 case VCMD_set_cflags:
133 return vc_set_cflags(vxi, data);
134 case VCMD_get_cflags:
135 return vc_get_cflags(vxi, data);
137 case VCMD_set_ccaps_v0:
138 return vc_set_ccaps_v0(vxi, data);
139 /* this is version 1 */
141 return vc_set_ccaps(vxi, data);
142 case VCMD_get_ccaps_v0:
143 return vc_get_ccaps_v0(vxi, data);
144 /* this is version 1 */
146 return vc_get_ccaps(vxi, data);
148 return vc_set_bcaps(vxi, data);
150 return vc_get_bcaps(vxi, data);
152 case VCMD_set_nflags:
153 return vc_set_nflags(nxi, data);
154 case VCMD_get_nflags:
155 return vc_get_nflags(nxi, data);
158 return vc_set_ncaps(nxi, data);
160 return vc_get_ncaps(nxi, data);
162 #ifdef CONFIG_VSERVER_LEGACY
163 case VCMD_set_sched_v2:
164 return vc_set_sched_v2(vxi, data);
166 case VCMD_set_sched_v3:
167 return vc_set_sched_v3(vxi, data);
168 case VCMD_set_sched_v4:
169 return vc_set_sched_v4(vxi, data);
170 /* this is version 5 */
172 return vc_set_sched(vxi, data);
174 return vc_get_sched(vxi, data);
175 case VCMD_sched_info:
176 return vc_sched_info(vxi, data);
178 case VCMD_add_dlimit:
179 return __COMPAT(vc_add_dlimit, id, data, compat);
180 case VCMD_rem_dlimit:
181 return __COMPAT(vc_rem_dlimit, id, data, compat);
182 case VCMD_set_dlimit:
183 return __COMPAT(vc_set_dlimit, id, data, compat);
184 case VCMD_get_dlimit:
185 return __COMPAT(vc_get_dlimit, id, data, compat);
188 return vc_ctx_kill(vxi, data);
191 return vc_wait_exit(vxi, data);
193 #ifdef CONFIG_VSERVER_LEGACY
194 case VCMD_create_context:
195 return vc_ctx_create(id, NULL);
199 return __COMPAT(vc_get_iattr, id, data, compat);
201 return __COMPAT(vc_set_iattr, id, data, compat);
203 case VCMD_enter_space_v0:
204 return vc_enter_space(vxi, NULL);
205 /* this is version 1 */
206 case VCMD_enter_space:
207 return vc_enter_space(vxi, data);
209 case VCMD_ctx_create_v0:
210 return vc_ctx_create(id, NULL);
211 case VCMD_ctx_create:
212 return vc_ctx_create(id, data);
213 case VCMD_ctx_migrate_v0:
214 return vc_ctx_migrate(vxi, NULL);
215 case VCMD_ctx_migrate:
216 return vc_ctx_migrate(vxi, data);
218 case VCMD_net_create_v0:
219 return vc_net_create(id, NULL);
220 case VCMD_net_create:
221 return vc_net_create(id, data);
222 case VCMD_net_migrate:
223 return vc_net_migrate(nxi, data);
225 return vc_net_add(nxi, data);
226 case VCMD_net_remove:
227 return vc_net_remove(nxi, data);
229 #ifdef CONFIG_VSERVER_HISTORY
230 case VCMD_dump_history:
231 return vc_dump_history(id);
232 case VCMD_read_history:
233 return __COMPAT(vc_read_history, id, data, compat);
235 #ifdef CONFIG_VSERVER_MONITOR
236 case VCMD_read_monitor:
237 return __COMPAT(vc_read_monitor, id, data, compat);
239 #ifdef CONFIG_VSERVER_LEGACY
240 case VCMD_new_s_context:
241 return vc_new_s_context(id, data);
243 #ifdef CONFIG_VSERVER_LEGACYNET
244 case VCMD_set_ipv4root:
245 return vc_set_ipv4root(id, data);
248 vxwprintk(1, "unimplemented VCMD_%02d_%d[%d]",
249 VC_CATEGORY(cmd), VC_COMMAND(cmd), VC_VERSION(cmd));
255 #define __VCMD(vcmd, _perm, _args, _flags) \
256 case VCMD_ ## vcmd: perm = _perm; \
257 args = _args; flags = _flags; break
260 #define VCA_NONE 0x00
264 #define VCF_NONE 0x00
265 #define VCF_INFO 0x01
266 #define VCF_ADMIN 0x02
267 #define VCF_ARES 0x06 /* includes admin */
268 #define VCF_SETUP 0x08
270 #define VCF_ZIDOK 0x10 /* zero id okay */
274 long do_vserver(uint32_t cmd, uint32_t id, void __user *data, int compat)
277 int permit = -1, state = 0;
278 int perm = -1, args = 0, flags = 0;
279 struct vx_info *vxi = NULL;
280 struct nx_info *nxi = NULL;
283 /* unpriviledged commands */
284 __VCMD(get_version, 0, VCA_NONE, 0);
285 __VCMD(get_vci, 0, VCA_NONE, 0);
286 __VCMD(get_rlimit_mask, 0, VCA_NONE, 0);
287 __VCMD(get_space_mask, 0, VCA_NONE, 0);
290 __VCMD(task_xid, 2, VCA_NONE, 0);
291 __VCMD(reset_minmax, 2, VCA_VXI, 0);
292 __VCMD(vx_info, 3, VCA_VXI, VCF_INFO);
293 __VCMD(get_bcaps, 3, VCA_VXI, VCF_INFO);
294 __VCMD(get_ccaps_v0, 3, VCA_VXI, VCF_INFO);
295 __VCMD(get_ccaps, 3, VCA_VXI, VCF_INFO);
296 __VCMD(get_cflags, 3, VCA_VXI, VCF_INFO);
297 __VCMD(get_vhi_name, 3, VCA_VXI, VCF_INFO);
298 __VCMD(get_rlimit, 3, VCA_VXI, VCF_INFO);
300 __VCMD(ctx_stat, 3, VCA_VXI, VCF_INFO);
301 __VCMD(virt_stat, 3, VCA_VXI, VCF_INFO);
302 __VCMD(sock_stat, 3, VCA_VXI, VCF_INFO);
303 __VCMD(rlimit_stat, 3, VCA_VXI, VCF_INFO);
305 __VCMD(task_nid, 2, VCA_NONE, 0);
306 __VCMD(nx_info, 3, VCA_NXI, VCF_INFO);
307 __VCMD(get_ncaps, 3, VCA_NXI, VCF_INFO);
308 __VCMD(get_nflags, 3, VCA_NXI, VCF_INFO);
310 __VCMD(get_iattr, 2, VCA_NONE, 0);
311 __VCMD(get_dlimit, 3, VCA_NONE, VCF_INFO);
312 __VCMD(get_sched, 3, VCA_VXI, VCF_INFO);
313 __VCMD(sched_info, 3, VCA_VXI, VCF_INFO|VCF_ZIDOK);
315 /* lower admin commands */
316 __VCMD(wait_exit, 4, VCA_VXI, VCF_INFO);
317 __VCMD(ctx_create_v0, 5, VCA_NONE, 0);
318 __VCMD(ctx_create, 5, VCA_NONE, 0);
319 __VCMD(ctx_migrate_v0, 5, VCA_VXI, VCF_ADMIN);
320 __VCMD(ctx_migrate, 5, VCA_VXI, VCF_ADMIN);
321 __VCMD(enter_space_v0, 5, VCA_VXI, VCF_ADMIN);
322 __VCMD(enter_space, 5, VCA_VXI, VCF_ADMIN);
324 __VCMD(net_create_v0, 5, VCA_NONE, 0);
325 __VCMD(net_create, 5, VCA_NONE, 0);
326 __VCMD(net_migrate, 5, VCA_NXI, VCF_ADMIN);
328 /* higher admin commands */
329 __VCMD(ctx_kill, 6, VCA_VXI, VCF_ARES);
330 __VCMD(set_space_v0, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
331 __VCMD(set_space, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
333 __VCMD(set_ccaps_v0, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
334 __VCMD(set_ccaps, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
335 __VCMD(set_bcaps, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
336 __VCMD(set_cflags, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
338 __VCMD(set_vhi_name, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
339 __VCMD(set_rlimit, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
340 __VCMD(set_sched, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
341 __VCMD(set_sched_v2, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
342 __VCMD(set_sched_v3, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
343 __VCMD(set_sched_v4, 7, VCA_VXI, VCF_ARES|VCF_SETUP);
345 __VCMD(set_ncaps, 7, VCA_NXI, VCF_ARES|VCF_SETUP);
346 __VCMD(set_nflags, 7, VCA_NXI, VCF_ARES|VCF_SETUP);
347 __VCMD(net_add, 8, VCA_NXI, VCF_ARES|VCF_SETUP);
348 __VCMD(net_remove, 8, VCA_NXI, VCF_ARES|VCF_SETUP);
350 __VCMD(set_iattr, 7, VCA_NONE, 0);
351 __VCMD(set_dlimit, 7, VCA_NONE, VCF_ARES);
352 __VCMD(add_dlimit, 8, VCA_NONE, VCF_ARES);
353 __VCMD(rem_dlimit, 8, VCA_NONE, VCF_ARES);
355 /* debug level admin commands */
356 #ifdef CONFIG_VSERVER_HISTORY
357 __VCMD(dump_history, 9, VCA_NONE, 0);
358 __VCMD(read_history, 9, VCA_NONE, 0);
360 #ifdef CONFIG_VSERVER_MONITOR
361 __VCMD(read_monitor, 9, VCA_NONE, 0);
364 /* legacy commands */
365 #ifdef CONFIG_VSERVER_LEGACY
366 __VCMD(new_s_context, 1, VCA_NONE, 0);
367 __VCMD(create_context, 5, VCA_NONE, 0);
369 #ifdef CONFIG_VSERVER_LEGACYNET
370 __VCMD(set_ipv4root, 5, VCA_NONE, 0);
376 vxdprintk(VXD_CBIT(switch, 0),
377 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]",
378 VC_CATEGORY(cmd), VC_COMMAND(cmd),
379 VC_VERSION(cmd), id, data, compat,
387 #ifdef CONFIG_VSERVER_LEGACY
388 if (!capable(CAP_CONTEXT) &&
389 /* dirty hack for capremove */
390 !(cmd==VCMD_new_s_context && id==-2))
393 if (!capable(CAP_CONTEXT))
398 /* moved here from the individual commands */
400 if ((perm > 1) && !capable(CAP_SYS_ADMIN))
404 /* vcmd involves resource management */
406 if ((flags & VCF_ARES) && !capable(CAP_SYS_RESOURCE))
410 /* various legacy exceptions */
412 #ifdef CONFIG_VSERVER_LEGACY
413 case VCMD_set_cflags:
414 case VCMD_set_ccaps_v0:
416 if (vx_check(0, VS_WATCH))
420 case VCMD_ctx_create_v0:
422 /* will go away when spectator is a cap */
423 case VCMD_ctx_migrate_v0:
424 case VCMD_ctx_migrate:
432 /* will go away when spectator is a cap */
433 case VCMD_net_migrate:
441 /* legacy special casing */
442 case VCMD_set_space_v0:
447 /* vcmds are fine by default */
450 /* admin type vcmds require admin ... */
451 if (flags & VCF_ADMIN)
452 permit = vx_check(0, VS_ADMIN) ? 1 : 0;
454 /* ... but setup type vcmds override that */
455 if (!permit && (flags & VCF_SETUP))
456 permit = vx_flags(VXF_STATE_SETUP, 0) ? 2 : 0;
464 if (!id && (flags & VCF_ZIDOK))
468 if (args & VCA_VXI) {
469 vxi = lookup_vx_info(id);
473 if ((flags & VCF_ADMIN) &&
474 /* special case kill for shutdown */
475 (cmd != VCMD_ctx_kill) &&
476 /* can context be administrated? */
477 !vx_info_flags(vxi, VXF_STATE_ADMIN, 0)) {
483 if (args & VCA_NXI) {
484 nxi = lookup_nx_info(id);
488 if ((flags & VCF_ADMIN) &&
489 /* can context be administrated? */
490 !nx_info_flags(nxi, NXF_STATE_ADMIN, 0)) {
497 ret = do_vcmd(cmd, id, vxi, nxi, data, compat);
500 if ((args & VCA_NXI) && nxi)
503 if ((args & VCA_VXI) && vxi)
506 vxdprintk(VXD_CBIT(switch, 1),
507 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]",
508 VC_CATEGORY(cmd), VC_COMMAND(cmd),
509 VC_VERSION(cmd), ret, ret, state, permit);
514 sys_vserver(uint32_t cmd, uint32_t id, void __user *data)
516 return do_vserver(cmd, id, data, 0);
522 sys32_vserver(uint32_t cmd, uint32_t id, void __user *data)
524 return do_vserver(cmd, id, data, 1);
527 #endif /* CONFIG_COMPAT */
git://git.onelab.eu / linux-2.6.git / blob