]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/kern/kern_resource.c
projects / apple / xnu.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
xnu-1699.32.7.tar.gz
[apple/xnu.git] / bsd / kern / kern_resource.c
diff --git a/bsd/kern/kern_resource.c b/bsd/kern/kern_resource.c
index 13b1248870397106a3211c43b5360032b8914793..d2473dbf0476c2d54e303c72d01cfc0a4ae6526f 100644 (file)
--- a/bsd/kern/kern_resource.c
+++ b/bsd/kern/kern_resource.c
@@ -111,8 +111,9 @@ int donice(struct proc *curp, struct proc *chgp, int n);
 int    dosetrlimit(struct proc *p, u_int which, struct rlimit *limp);
 int    uthread_get_background_state(uthread_t);
 static void do_background_socket(struct proc *p, thread_t thread, int priority);
 int    dosetrlimit(struct proc *p, u_int which, struct rlimit *limp);
 int    uthread_get_background_state(uthread_t);
 static void do_background_socket(struct proc *p, thread_t thread, int priority);
-static int do_background_thread(struct proc *curp, int priority);
-static int do_background_task(struct proc *curp, int priority);
+static int do_background_thread(struct proc *curp, thread_t thread, int priority);
+static int do_background_proc(struct proc *curp, struct proc *targetp, int priority);
+void proc_apply_task_networkbg_internal(proc_t);
 
 rlim_t maxdmap = MAXDSIZ;      /* XXX */ 
 rlim_t maxsmap = MAXSSIZ - PAGE_SIZE;  /* XXX */ 
 
 rlim_t maxdmap = MAXDSIZ;      /* XXX */ 
 rlim_t maxsmap = MAXSSIZ - PAGE_SIZE;  /* XXX */ 
@@ -125,10 +126,10 @@ rlim_t maxsmap = MAXSSIZ - PAGE_SIZE;     /* XXX */
  */
 __private_extern__ int maxfilesperproc = OPEN_MAX;             /* per-proc open files limit */
 
  */
 __private_extern__ int maxfilesperproc = OPEN_MAX;             /* per-proc open files limit */
 
-SYSCTL_INT( _kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW,
+SYSCTL_INT(_kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW | CTLFLAG_LOCKED,
                &maxprocperuid, 0, "Maximum processes allowed per userid" );
 
                &maxprocperuid, 0, "Maximum processes allowed per userid" );
 
-SYSCTL_INT( _kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW,       
+SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW | CTLFLAG_LOCKED,
                &maxfilesperproc, 0, "Maximum files allowed open per process" );
 
 /* Args and fn for proc_iteration callback used in setpriority */
                &maxfilesperproc, 0, "Maximum files allowed open per process" );
 
 /* Args and fn for proc_iteration callback used in setpriority */
@@ -371,8 +372,10 @@ setpriority(struct proc *curp, struct setpriority_args *uap, __unused int32_t *r
                if (uap->who != 0) {
                        return (EINVAL);
                }
                if (uap->who != 0) {
                        return (EINVAL);
                }
-               error = do_background_thread(curp, uap->prio);
-               (void) do_background_socket(curp, current_thread(), uap->prio);
+               error = do_background_thread(curp, current_thread(), uap->prio);
+               if (!error) {
+                       (void) do_background_socket(curp, current_thread(), uap->prio);
+               }
                found++;
                break;
        }
                found++;
                break;
        }
@@ -387,8 +390,10 @@ setpriority(struct proc *curp, struct setpriority_args *uap, __unused int32_t *r
                        refheld = 1;
                }
 
                        refheld = 1;
                }
 
-               error = do_background_task(p, uap->prio);
-               (void) do_background_socket(p, NULL, uap->prio);
+               error = do_background_proc(curp, p, uap->prio);
+               if (!error) {
+                       (void) do_background_socket(p, NULL, uap->prio);
+               }
                
                found++;
                if (refheld != 0)
                
                found++;
                if (refheld != 0)
@@ -421,9 +426,9 @@ donice(struct proc *curp, struct proc *chgp, int n)
        ucred = kauth_cred_proc_ref(curp);
        my_cred = kauth_cred_proc_ref(chgp);
 
        ucred = kauth_cred_proc_ref(curp);
        my_cred = kauth_cred_proc_ref(chgp);
 
-       if (suser(ucred, NULL) && ucred->cr_ruid &&
+       if (suser(ucred, NULL) && kauth_cred_getruid(ucred) &&
            kauth_cred_getuid(ucred) != kauth_cred_getuid(my_cred) &&
            kauth_cred_getuid(ucred) != kauth_cred_getuid(my_cred) &&
-           ucred->cr_ruid != kauth_cred_getuid(my_cred)) {
+           kauth_cred_getruid(ucred) != kauth_cred_getuid(my_cred)) {
                error = EPERM;
                goto out;
        }
                error = EPERM;
                goto out;
        }
@@ -451,19 +456,53 @@ out:
 }
 
 static int
 }
 
 static int
-do_background_task(struct proc *p, int priority)
+do_background_proc(struct proc *curp, struct proc *targetp, int priority)
 {
        int error = 0;
 {
        int error = 0;
+       kauth_cred_t ucred;
+       kauth_cred_t target_cred;
+#if CONFIG_EMBEDDED
        task_category_policy_data_t info;
        task_category_policy_data_t info;
+#endif
+
+       ucred = kauth_cred_get();
+       target_cred = kauth_cred_proc_ref(targetp);
+
+       if (!kauth_cred_issuser(ucred) && kauth_cred_getruid(ucred) &&
+           kauth_cred_getuid(ucred) != kauth_cred_getuid(target_cred) &&
+           kauth_cred_getruid(ucred) != kauth_cred_getuid(target_cred))
+       {
+               error = EPERM;
+               goto out;
+       }
+
+#if CONFIG_MACF
+       error = mac_proc_check_sched(curp, targetp);
+       if (error) 
+               goto out;
+#endif
+
+#if !CONFIG_EMBEDDED
+       if (priority == PRIO_DARWIN_NONUI)
+               error = proc_apply_task_gpuacc(targetp->task, TASK_POLICY_HWACCESS_GPU_ATTRIBUTE_NOACCESS);
+       else
+               error = proc_set1_bgtaskpolicy(targetp->task, priority);
+       if (error)
+               goto out;
+#else /* !CONFIG_EMBEDDED */
 
        /* set the max scheduling priority on the task */
 
        /* set the max scheduling priority on the task */
-       if (priority & PRIO_DARWIN_BG) { 
+       if (priority == PRIO_DARWIN_BG) { 
                info.role = TASK_THROTTLE_APPLICATION;
                info.role = TASK_THROTTLE_APPLICATION;
-       } else {
+       }
+       else if (priority == PRIO_DARWIN_NONUI) { 
+               info.role = TASK_NONUI_APPLICATION;
+       }
+       else {
                info.role = TASK_DEFAULT_APPLICATION;
        }
 
                info.role = TASK_DEFAULT_APPLICATION;
        }
 
-       error = task_policy_set(p->task,
+       error = task_policy_set(targetp->task,
                        TASK_CATEGORY_POLICY,
                        (task_policy_t) &info,
                        TASK_CATEGORY_POLICY_COUNT);
                        TASK_CATEGORY_POLICY,
                        (task_policy_t) &info,
                        TASK_CATEGORY_POLICY_COUNT);
@@ -471,22 +510,24 @@ do_background_task(struct proc *p, int priority)
        if (error)
                goto out;
 
        if (error)
                goto out;
 
-       proc_lock(p);
+       proc_lock(targetp);
 
        /* mark proc structure as backgrounded */
 
        /* mark proc structure as backgrounded */
-       if (priority & PRIO_DARWIN_BG) {
-               p->p_lflag |= P_LBACKGROUND;
+       if (priority == PRIO_DARWIN_BG) {
+               targetp->p_lflag |= P_LBACKGROUND;
        } else {
        } else {
-               p->p_lflag &= ~P_LBACKGROUND;
+               targetp->p_lflag &= ~P_LBACKGROUND;
        }
 
        /* set or reset the disk I/O priority */
        }
 
        /* set or reset the disk I/O priority */
-       p->p_iopol_disk = (priority == PRIO_DARWIN_BG ? 
+       targetp->p_iopol_disk = (priority == PRIO_DARWIN_BG ? 
                        IOPOL_THROTTLE : IOPOL_DEFAULT); 
 
                        IOPOL_THROTTLE : IOPOL_DEFAULT); 
 
-       proc_unlock(p);
+       proc_unlock(targetp);
+#endif /* !CONFIG_EMBEDDED */
 
 out:
 
 out:
+       kauth_cred_unref(&target_cred);
        return (error);
 }
 
        return (error);
 }
 
@@ -497,7 +538,7 @@ do_background_socket(struct proc *p, thread_t thread, int priority)
        struct fileproc                     *fp;
        int                                 i;
 
        struct fileproc                     *fp;
        int                                 i;
 
-       if (priority & PRIO_DARWIN_BG) {
+       if (priority == PRIO_DARWIN_BG) {
                /*
                 * For PRIO_DARWIN_PROCESS (thread is NULL), simply mark
                 * the sockets with the background flag.  There's nothing
                /*
                 * For PRIO_DARWIN_PROCESS (thread is NULL), simply mark
                 * the sockets with the background flag.  There's nothing
@@ -523,12 +564,6 @@ do_background_socket(struct proc *p, thread_t thread, int priority)
                }
 
        } else {
                }
 
        } else {
-               u_int32_t       traffic_mgt;
-               /*
-                * See comments on do_background_thread().  Deregulate network
-                * traffics only for setpriority(PRIO_DARWIN_THREAD).
-                */
-               traffic_mgt = (thread == NULL) ? 0 : TRAFFIC_MGT_SO_BG_REGULATE;
 
                /* disable networking IO throttle.
                 * NOTE - It is a known limitation of the current design that we 
 
                /* disable networking IO throttle.
                 * NOTE - It is a known limitation of the current design that we 
@@ -550,7 +585,7 @@ do_background_socket(struct proc *p, thread_t thread, int priority)
                        if ((thread) && (sockp->so_background_thread != thread)) {
                                continue;
                        }
                        if ((thread) && (sockp->so_background_thread != thread)) {
                                continue;
                        }
-                       socket_clear_traffic_mgt_flags(sockp, TRAFFIC_MGT_SO_BACKGROUND | traffic_mgt);
+                       socket_clear_traffic_mgt_flags(sockp, TRAFFIC_MGT_SO_BACKGROUND);
                        sockp->so_background_thread = NULL;
                }
                proc_fdunlock(p);
                        sockp->so_background_thread = NULL;
                }
                proc_fdunlock(p);
@@ -572,15 +607,26 @@ do_background_socket(struct proc *p, thread_t thread, int priority)
  *      and only TRAFFIC_MGT_SO_BACKGROUND is set via do_background_socket().
  */
 static int
  *      and only TRAFFIC_MGT_SO_BACKGROUND is set via do_background_socket().
  */
 static int
-do_background_thread(struct proc *curp __unused, int priority)
+do_background_thread(struct proc *curp __unused, thread_t thread, int priority)
 {
 {
-       thread_t                                                        thread;
        struct uthread                                          *ut;
        struct uthread                                          *ut;
+#if !CONFIG_EMBEDDED
+       int error = 0;
+#else /* !CONFIG_EMBEDDED */
        thread_precedence_policy_data_t         policy;
        thread_precedence_policy_data_t         policy;
+#endif /* !CONFIG_EMBEDDED */
        
        
-       thread = current_thread();
        ut = get_bsdthread_info(thread);
 
        ut = get_bsdthread_info(thread);
 
+       /* Backgrounding is unsupported for threads in vfork */
+       if ( (ut->uu_flag & UT_VFORK) != 0) {
+               return(EPERM);
+       }
+
+#if !CONFIG_EMBEDDED
+       error = proc_set1_bgthreadpolicy(curp->task, thread_tid(thread), priority);
+       return(error);
+#else /* !CONFIG_EMBEDDED */
        if ( (priority & PRIO_DARWIN_BG) == 0 ) {
                /* turn off backgrounding of thread */
                if ( (ut->uu_flag & UT_BACKGROUND) == 0 ) {
        if ( (priority & PRIO_DARWIN_BG) == 0 ) {
                /* turn off backgrounding of thread */
                if ( (ut->uu_flag & UT_BACKGROUND) == 0 ) {
@@ -630,9 +676,57 @@ do_background_thread(struct proc *curp __unused, int priority)
         * thread then TRAFFIC_MGT_SO_{BACKGROUND,BG_REGULATE} is set.
         * Existing sockets are taken care of by do_background_socket().
         */
         * thread then TRAFFIC_MGT_SO_{BACKGROUND,BG_REGULATE} is set.
         * Existing sockets are taken care of by do_background_socket().
         */
+#endif /* !CONFIG_EMBEDDED */
        return(0);
 }
 
        return(0);
 }
 
+#if CONFIG_EMBEDDED
+int mach_do_background_thread(thread_t thread, int prio);
+
+int
+mach_do_background_thread(thread_t thread, int prio)
+{
+       int                     error           = 0;
+       struct proc             *curp           = NULL;
+       struct proc             *targetp        = NULL;
+       kauth_cred_t    ucred;
+
+       targetp = get_bsdtask_info(get_threadtask(thread));
+       if (!targetp) {
+               return KERN_INVALID_ARGUMENT;
+       }
+
+       curp = proc_self();
+       if (curp == PROC_NULL) {
+               return KERN_FAILURE;
+       }
+
+       ucred = kauth_cred_proc_ref(curp);
+
+       if (suser(ucred, NULL) && curp != targetp) {
+               error = KERN_PROTECTION_FAILURE;
+               goto out;
+       }
+
+       error = do_background_thread(curp, thread, prio);
+       if (!error) {
+               (void) do_background_socket(curp, thread, prio);
+       } else {
+               if (error == EPERM) {
+                       error = KERN_PROTECTION_FAILURE;
+               } else {
+                       error = KERN_FAILURE;
+               }
+       }
+
+out:
+       proc_rele(curp);
+       kauth_cred_unref(&ucred);
+       return error;
+}
+#endif /* CONFIG_EMBEDDED */
+
+#if CONFIG_EMBEDDED
 /*
  * If the thread or its proc has been put into the background
  * with setpriority(PRIO_DARWIN_{THREAD,PROCESS}, *, PRIO_DARWIN_BG),
 /*
  * If the thread or its proc has been put into the background
  * with setpriority(PRIO_DARWIN_{THREAD,PROCESS}, *, PRIO_DARWIN_BG),
@@ -653,6 +747,7 @@ uthread_get_background_state(uthread_t uth)
 
        return 0;
 }
 
        return 0;
 }
+#endif /* CONFIG_EMBEDDED */
 
 /*
  * Returns:    0                       Success
 
 /*
  * Returns:    0                       Success
@@ -1234,19 +1329,70 @@ int
 iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __unused int32_t *retval)
 {
        int     error = 0;
 iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __unused int32_t *retval)
 {
        int     error = 0;
+       struct _iopol_param_t iop_param;
+#if !CONFIG_EMBEDDED
+       int processwide = 0;
+#else /* !CONFIG_EMBEDDED */
        thread_t thread = THREAD_NULL;
        thread_t thread = THREAD_NULL;
-       int *policy;
        struct uthread  *ut = NULL;
        struct uthread  *ut = NULL;
-       struct _iopol_param_t iop_param;
+       int *policy;
+#endif /* !CONFIG_EMBEDDED */
 
        if ((error = copyin(uap->arg, &iop_param, sizeof(iop_param))) != 0)
 
        if ((error = copyin(uap->arg, &iop_param, sizeof(iop_param))) != 0)
-               goto exit;
+               goto out;
 
        if (iop_param.iop_iotype != IOPOL_TYPE_DISK) {
                error = EINVAL;
 
        if (iop_param.iop_iotype != IOPOL_TYPE_DISK) {
                error = EINVAL;
-               goto exit;
+               goto out;
+       }
+
+#if !CONFIG_EMBEDDED
+       switch (iop_param.iop_scope) {
+       case IOPOL_SCOPE_PROCESS:
+               processwide = 1;
+               break;
+       case IOPOL_SCOPE_THREAD:
+               processwide = 0;
+               break;
+       default:
+               error = EINVAL;
+               goto out;
        }
        }
+               
+       switch(uap->cmd) {
+       case IOPOL_CMD_SET:
+               switch (iop_param.iop_policy) {
+               case IOPOL_DEFAULT:
+               case IOPOL_NORMAL:
+               case IOPOL_THROTTLE:
+               case IOPOL_PASSIVE:
+                       if(processwide != 0)
+                               proc_apply_task_diskacc(current_task(), iop_param.iop_policy);
+                       else
+                               proc_apply_thread_selfdiskacc(iop_param.iop_policy);
+                               
+                       break;
+               default:
+                       error = EINVAL;
+                       goto out;
+               }
+               break;
+       
+       case IOPOL_CMD_GET:
+               if(processwide != 0)
+                       iop_param.iop_policy = proc_get_task_disacc(current_task());
+               else
+                       iop_param.iop_policy = proc_get_thread_selfdiskacc();
+                       
+               error = copyout((caddr_t)&iop_param, uap->arg, sizeof(iop_param));
 
 
+               break;
+       default:
+               error = EINVAL; // unknown command
+               break;
+       }
+
+#else /* !CONFIG_EMBEDDED */
        switch (iop_param.iop_scope) {
        case IOPOL_SCOPE_PROCESS:
                policy = &p->p_iopol_disk;
        switch (iop_param.iop_scope) {
        case IOPOL_SCOPE_PROCESS:
                policy = &p->p_iopol_disk;
@@ -1258,7 +1404,7 @@ iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __un
                break;
        default:
                error = EINVAL;
                break;
        default:
                error = EINVAL;
-               goto exit;
+               goto out;
        }
                
        switch(uap->cmd) {
        }
                
        switch(uap->cmd) {
@@ -1274,7 +1420,7 @@ iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __un
                        break;
                default:
                        error = EINVAL;
                        break;
                default:
                        error = EINVAL;
-                       goto exit;
+                       goto out;
                }
                break;
        case IOPOL_CMD_GET:
                }
                break;
        case IOPOL_CMD_GET:
@@ -1300,7 +1446,8 @@ iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __un
                break;
        }
 
                break;
        }
 
-  exit:
+#endif /* !CONFIG_EMBEDDED */
+out:
        *retval = error;
        return (error);
 }
        *retval = error;
        return (error);
 }
@@ -1309,8 +1456,14 @@ iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __un
 boolean_t thread_is_io_throttled(void);
 
 boolean_t
 boolean_t thread_is_io_throttled(void);
 
 boolean_t
-thread_is_io_throttled(void) {
+thread_is_io_throttled(void) 
+{
+
+#if !CONFIG_EMBEDDED
 
 
+       return(proc_get_task_selfdiskacc() == IOPOL_THROTTLE);
+               
+#else /* !CONFIG_EMBEDDED */
        int     policy;
        struct uthread  *ut;
 
        int     policy;
        struct uthread  *ut;
 
@@ -1326,4 +1479,54 @@ thread_is_io_throttled(void) {
                        return TRUE;
        }
        return FALSE;
                        return TRUE;
        }
        return FALSE;
+#endif /* !CONFIG_EMBEDDED */
+}
+
+void
+proc_apply_task_networkbg(void * bsd_info)
+{
+       proc_t p = PROC_NULL;
+       proc_t curp = (proc_t)bsd_info;
+       pid_t pid;
+
+       pid = curp->p_pid;
+       p = proc_find(pid);
+       if (p != PROC_NULL) {
+               do_background_socket(p, NULL, PRIO_DARWIN_BG);
+               proc_rele(p);
+       }
+}
+
+void
+proc_restore_task_networkbg(void * bsd_info)
+{
+       proc_t p = PROC_NULL;
+       proc_t curp = (proc_t)bsd_info;
+       pid_t pid;
+
+       pid = curp->p_pid;
+       p = proc_find(pid);
+       if (p != PROC_NULL) {
+               do_background_socket(p, NULL, 0);
+               proc_rele(p);
+       }
+
+}
+
+void
+proc_set_task_networkbg(void * bsdinfo, int setbg)
+{
+       if (setbg != 0)
+               proc_apply_task_networkbg(bsdinfo);
+       else
+               proc_restore_task_networkbg(bsdinfo);
 }
 }
+
+void
+proc_apply_task_networkbg_internal(proc_t p)
+{
+       if (p != PROC_NULL) {
+               do_background_socket(p, NULL, PRIO_DARWIN_BG);
+       }
+}
+
mirror of XNU