X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/b7266188b87f3620ec3f9f717e57194a7dd989fe..99c3a10404e5d1ef94397ab4df5a8b74711fc4d3:/bsd/kern/kern_resource.c diff --git a/bsd/kern/kern_resource.c b/bsd/kern/kern_resource.c index 02b61872a..ca41339ea 100644 --- a/bsd/kern/kern_resource.c +++ b/bsd/kern/kern_resource.c @@ -102,16 +102,19 @@ #include #include /* for absolutetime_to_microtime() */ -#include /* for TRAFFIC_MGT_SO_BACKGROUND */ +#include /* for TRAFFIC_MGT_SO_* */ #include /* for struct socket */ #include int donice(struct proc *curp, struct proc *chgp, int n); int dosetrlimit(struct proc *p, u_int which, struct rlimit *limp); -static void do_background_socket(struct proc *curp, thread_t thread, int priority); -static int do_background_thread(struct proc *curp, int priority); -static int do_background_task(struct proc *curp, int priority); +int uthread_get_background_state(uthread_t); +static void do_background_socket(struct proc *p, thread_t thread, int priority); +static int do_background_thread(struct proc *curp, thread_t thread, int priority); +static int do_background_proc(struct proc *curp, struct proc *targetp, int priority); +void proc_apply_task_networkbg_internal(proc_t, thread_t); +void proc_restore_task_networkbg_internal(proc_t, thread_t); rlim_t maxdmap = MAXDSIZ; /* XXX */ rlim_t maxsmap = MAXSSIZ - PAGE_SIZE; /* XXX */ @@ -124,10 +127,10 @@ rlim_t maxsmap = MAXSSIZ - PAGE_SIZE; /* XXX */ */ __private_extern__ int maxfilesperproc = OPEN_MAX; /* per-proc open files limit */ -SYSCTL_INT( _kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW, +SYSCTL_INT(_kern, KERN_MAXPROCPERUID, maxprocperuid, CTLFLAG_RW | CTLFLAG_LOCKED, &maxprocperuid, 0, "Maximum processes allowed per userid" ); -SYSCTL_INT( _kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW, +SYSCTL_INT(_kern, KERN_MAXFILESPERPROC, maxfilesperproc, CTLFLAG_RW | CTLFLAG_LOCKED, &maxfilesperproc, 0, "Maximum files allowed open per process" ); /* Args and fn for proc_iteration callback used in setpriority */ @@ -231,7 +234,7 @@ getpriority(struct proc *curp, struct getpriority_args *uap, int32_t *retval) ut = get_bsdthread_info(thread); low = 0; - if ( (ut->uu_flag & UT_BACKGROUND) != 0 ) { + if ( (ut->uu_flag & UT_BACKGROUND_TRAFFIC_MGT) != 0 ) { low = 1; } break; @@ -366,12 +369,17 @@ setpriority(struct proc *curp, struct setpriority_args *uap, __unused int32_t *r } case PRIO_DARWIN_THREAD: { + /* process marked for termination no priority management */ + if ((curp->p_lflag & P_LPTERMINATE) != 0) + return(EINVAL); /* we currently only support the current thread */ if (uap->who != 0) { return (EINVAL); } - error = do_background_thread(curp, uap->prio); - (void) do_background_socket(curp, current_thread(), uap->prio); + error = do_background_thread(curp, current_thread(), uap->prio); + if (!error) { + (void) do_background_socket(curp, current_thread(), uap->prio); + } found++; break; } @@ -386,14 +394,16 @@ setpriority(struct proc *curp, struct setpriority_args *uap, __unused int32_t *r refheld = 1; } - error = do_background_task(p, uap->prio); - (void) do_background_socket(p, NULL, uap->prio); + /* process marked for termination no priority management */ + if ((p->p_lflag & P_LPTERMINATE) != 0) { + error = EINVAL; + } else { + error = do_background_proc(curp, p, uap->prio); + if (!error) { + (void) do_background_socket(p, NULL, uap->prio); + } - proc_lock(p); - p->p_iopol_disk = (uap->prio == PRIO_DARWIN_BG ? - IOPOL_THROTTLE : IOPOL_DEFAULT); - proc_unlock(p); - + } found++; if (refheld != 0) proc_rele(p); @@ -425,9 +435,9 @@ donice(struct proc *curp, struct proc *chgp, int n) ucred = kauth_cred_proc_ref(curp); my_cred = kauth_cred_proc_ref(chgp); - if (suser(ucred, NULL) && ucred->cr_ruid && + if (suser(ucred, NULL) && kauth_cred_getruid(ucred) && kauth_cred_getuid(ucred) != kauth_cred_getuid(my_cred) && - ucred->cr_ruid != kauth_cred_getuid(my_cred)) { + kauth_cred_getruid(ucred) != kauth_cred_getuid(my_cred)) { error = EPERM; goto out; } @@ -455,36 +465,57 @@ out: } static int -do_background_task(struct proc *p, int priority) +do_background_proc(struct proc *curp, struct proc *targetp, int priority) { int error = 0; - task_category_policy_data_t info; + kauth_cred_t ucred; + kauth_cred_t target_cred; - if (priority & PRIO_DARWIN_BG) { - info.role = TASK_THROTTLE_APPLICATION; - } else { - info.role = TASK_DEFAULT_APPLICATION; + ucred = kauth_cred_get(); + target_cred = kauth_cred_proc_ref(targetp); + + if (!kauth_cred_issuser(ucred) && kauth_cred_getruid(ucred) && + kauth_cred_getuid(ucred) != kauth_cred_getuid(target_cred) && + kauth_cred_getruid(ucred) != kauth_cred_getuid(target_cred)) + { + error = EPERM; + goto out; } - error = task_policy_set(p->task, - TASK_CATEGORY_POLICY, - (task_policy_t) &info, - TASK_CATEGORY_POLICY_COUNT); +#if CONFIG_MACF + error = mac_proc_check_sched(curp, targetp); + if (error) + goto out; +#endif + + if (priority == PRIO_DARWIN_NONUI) + error = proc_apply_task_gpuacc(targetp->task, TASK_POLICY_HWACCESS_GPU_ATTRIBUTE_NOACCESS); + else + error = proc_set_and_apply_bgtaskpolicy(targetp->task, priority); + if (error) + goto out; + +out: + kauth_cred_unref(&target_cred); return (error); } static void -do_background_socket(struct proc *curp, thread_t thread, int priority) +do_background_socket(struct proc *p, thread_t thread, int priority) { struct filedesc *fdp; struct fileproc *fp; int i; - if (priority & PRIO_DARWIN_BG) { - /* enable network throttle process-wide (if no thread is specified) */ + if (priority == PRIO_DARWIN_BG) { + /* + * For PRIO_DARWIN_PROCESS (thread is NULL), simply mark + * the sockets with the background flag. There's nothing + * to do here for the PRIO_DARWIN_THREAD case. + */ if (thread == NULL) { - proc_fdlock(curp); - fdp = curp->p_fd; + proc_fdlock(p); + fdp = p->p_fd; for (i = 0; i < fdp->fd_nfiles; i++) { struct socket *sockp; @@ -495,20 +526,21 @@ do_background_socket(struct proc *curp, thread_t thread, int priority) continue; } sockp = (struct socket *)fp->f_fglob->fg_data; - sockp->so_traffic_mgt_flags |= TRAFFIC_MGT_SO_BACKGROUND; + socket_set_traffic_mgt_flags(sockp, TRAFFIC_MGT_SO_BACKGROUND); sockp->so_background_thread = NULL; } - proc_fdunlock(curp); + proc_fdunlock(p); } } else { + /* disable networking IO throttle. * NOTE - It is a known limitation of the current design that we * could potentially clear TRAFFIC_MGT_SO_BACKGROUND bit for * sockets created by other threads within this process. */ - proc_fdlock(curp); - fdp = curp->p_fd; + proc_fdlock(p); + fdp = p->p_fd; for ( i = 0; i < fdp->fd_nfiles; i++ ) { struct socket *sockp; @@ -522,10 +554,10 @@ do_background_socket(struct proc *curp, thread_t thread, int priority) if ((thread) && (sockp->so_background_thread != thread)) { continue; } - sockp->so_traffic_mgt_flags &= ~TRAFFIC_MGT_SO_BACKGROUND; + socket_clear_traffic_mgt_flags(sockp, TRAFFIC_MGT_SO_BACKGROUND); sockp->so_background_thread = NULL; } - proc_fdunlock(curp); + proc_fdunlock(p); } } @@ -534,58 +566,78 @@ do_background_socket(struct proc *curp, thread_t thread, int priority) * do_background_thread * Returns: 0 Success * XXX - todo - does this need a MACF hook? + * + * NOTE: To maintain binary compatibility with PRIO_DARWIN_THREAD with respect + * to network traffic management, UT_BACKGROUND_TRAFFIC_MGT is set/cleared + * along with UT_BACKGROUND flag, as the latter alone no longer implies + * any form of traffic regulation (it simply means that the thread is + * background.) With PRIO_DARWIN_PROCESS, any form of network traffic + * management must be explicitly requested via whatever means appropriate, + * and only TRAFFIC_MGT_SO_BACKGROUND is set via do_background_socket(). */ static int -do_background_thread(struct proc *curp __unused, int priority) +do_background_thread(struct proc *curp __unused, thread_t thread, int priority) { - thread_t thread; struct uthread *ut; - thread_precedence_policy_data_t policy; + int error = 0; - thread = current_thread(); ut = get_bsdthread_info(thread); - if ( (priority & PRIO_DARWIN_BG) == 0 ) { - /* turn off backgrounding of thread */ - if ( (ut->uu_flag & UT_BACKGROUND) == 0 ) { - /* already off */ - return(0); - } + /* Backgrounding is unsupported for threads in vfork */ + if ( (ut->uu_flag & UT_VFORK) != 0) { + return(EPERM); + } - /* clear background bit in thread and disable disk IO throttle */ - ut->uu_flag &= ~UT_BACKGROUND; - ut->uu_iopol_disk = IOPOL_NORMAL; + error = proc_set_and_apply_bgthreadpolicy(curp->task, thread_tid(thread), priority); + return(error); - /* reset thread priority (we did not save previous value) */ - policy.importance = 0; - thread_policy_set( thread, THREAD_PRECEDENCE_POLICY, - (thread_policy_t)&policy, - THREAD_PRECEDENCE_POLICY_COUNT ); - return(0); +} + +#if CONFIG_EMBEDDED +int mach_do_background_thread(thread_t thread, int prio); + +int +mach_do_background_thread(thread_t thread, int prio) +{ + int error = 0; + struct proc *curp = NULL; + struct proc *targetp = NULL; + kauth_cred_t ucred; + + targetp = get_bsdtask_info(get_threadtask(thread)); + if (!targetp) { + return KERN_INVALID_ARGUMENT; } - - /* background this thread */ - if ( (ut->uu_flag & UT_BACKGROUND) != 0 ) { - /* already backgrounded */ - return(0); + + curp = proc_self(); + if (curp == PROC_NULL) { + return KERN_FAILURE; } - /* tag thread as background and throttle disk IO */ - ut->uu_flag |= UT_BACKGROUND; - ut->uu_iopol_disk = IOPOL_THROTTLE; + ucred = kauth_cred_proc_ref(curp); - policy.importance = INT_MIN; - thread_policy_set( thread, THREAD_PRECEDENCE_POLICY, - (thread_policy_t)&policy, - THREAD_PRECEDENCE_POLICY_COUNT ); - - /* throttle networking IO happens in socket( ) syscall. - * If UT_BACKGROUND is set in the current thread then - * TRAFFIC_MGT_SO_BACKGROUND socket option is set. - */ - return(0); -} + if (suser(ucred, NULL) && curp != targetp) { + error = KERN_PROTECTION_FAILURE; + goto out; + } + error = do_background_thread(curp, thread, prio); + if (!error) { + (void) do_background_socket(curp, thread, prio); + } else { + if (error == EPERM) { + error = KERN_PROTECTION_FAILURE; + } else { + error = KERN_FAILURE; + } + } + +out: + proc_rele(curp); + kauth_cred_unref(&ucred); + return error; +} +#endif /* CONFIG_EMBEDDED */ /* * Returns: 0 Success @@ -729,12 +781,7 @@ dosetrlimit(struct proc *p, u_int which, struct rlimit *limp) size = round_page_64(limp->rlim_cur); size -= round_page_64(alimp->rlim_cur); -#if STACK_GROWTH_UP - /* go to top of current stack */ - addr = p->user_stack + round_page_64(alimp->rlim_cur); -#else /* STACK_GROWTH_UP */ addr = p->user_stack - round_page_64(limp->rlim_cur); -#endif /* STACK_GROWTH_UP */ kr = mach_vm_protect(current_map(), addr, size, FALSE, VM_PROT_DEFAULT); @@ -756,28 +803,6 @@ dosetrlimit(struct proc *p, u_int which, struct rlimit *limp) */ cur_sp = thread_adjuserstack(current_thread(), 0); -#if STACK_GROWTH_UP - if (cur_sp >= p->user_stack && - cur_sp < (p->user_stack + - round_page_64(alimp->rlim_cur))) { - /* current stack pointer is in main stack */ - if (cur_sp >= (p->user_stack + - round_page_64(limp->rlim_cur))) { - /* - * New limit would cause - * current usage to be invalid: - * reject new limit. - */ - error = EINVAL; - goto out; - } - } else { - /* not on the main stack: reject */ - error = EINVAL; - goto out; - } - -#else /* STACK_GROWTH_UP */ if (cur_sp <= p->user_stack && cur_sp > (p->user_stack - round_page_64(alimp->rlim_cur))) { @@ -797,16 +822,11 @@ dosetrlimit(struct proc *p, u_int which, struct rlimit *limp) error = EINVAL; goto out; } -#endif /* STACK_GROWTH_UP */ size = round_page_64(alimp->rlim_cur); size -= round_page_64(limp->rlim_cur); -#if STACK_GROWTH_UP - addr = p->user_stack + round_page_64(limp->rlim_cur); -#else /* STACK_GROWTH_UP */ addr = p->user_stack - round_page_64(alimp->rlim_cur); -#endif /* STACK_GROWTH_UP */ kr = mach_vm_protect(current_map(), addr, size, @@ -930,15 +950,15 @@ calcru(struct proc *p, struct timeval *up, struct timeval *sp, struct timeval *i task = p->task; if (task) { - task_basic_info_32_data_t tinfo; + mach_task_basic_info_data_t tinfo; task_thread_times_info_data_t ttimesinfo; task_events_info_data_t teventsinfo; mach_msg_type_number_t task_info_count, task_ttimes_count; mach_msg_type_number_t task_events_count; struct timeval ut,st; - task_info_count = TASK_BASIC_INFO_32_COUNT; - task_info(task, TASK_BASIC2_INFO_32, + task_info_count = MACH_TASK_BASIC_INFO_COUNT; + task_info(task, MACH_TASK_BASIC_INFO, (task_info_t)&tinfo, &task_info_count); ut.tv_sec = tinfo.user_time.seconds; ut.tv_usec = tinfo.user_time.microseconds; @@ -974,7 +994,7 @@ calcru(struct proc *p, struct timeval *up, struct timeval *sp, struct timeval *i if (p->p_stats->p_ru.ru_nivcsw < 0) p->p_stats->p_ru.ru_nivcsw = 0; - p->p_stats->p_ru.ru_maxrss = tinfo.resident_size; + p->p_stats->p_ru.ru_maxrss = tinfo.resident_size_max; } } @@ -1167,31 +1187,27 @@ int iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __unused int32_t *retval) { int error = 0; - thread_t thread = THREAD_NULL; - int *policy; - struct uthread *ut = NULL; struct _iopol_param_t iop_param; + int processwide = 0; if ((error = copyin(uap->arg, &iop_param, sizeof(iop_param))) != 0) - goto exit; + goto out; if (iop_param.iop_iotype != IOPOL_TYPE_DISK) { error = EINVAL; - goto exit; + goto out; } switch (iop_param.iop_scope) { case IOPOL_SCOPE_PROCESS: - policy = &p->p_iopol_disk; + processwide = 1; break; case IOPOL_SCOPE_THREAD: - thread = current_thread(); - ut = get_bsdthread_info(thread); - policy = &ut->uu_iopol_disk; + processwide = 0; break; default: error = EINVAL; - goto exit; + goto out; } switch(uap->cmd) { @@ -1201,39 +1217,34 @@ iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __un case IOPOL_NORMAL: case IOPOL_THROTTLE: case IOPOL_PASSIVE: - proc_lock(p); - *policy = iop_param.iop_policy; - proc_unlock(p); + case IOPOL_UTILITY: + if(processwide != 0) + proc_apply_task_diskacc(current_task(), iop_param.iop_policy); + else + proc_apply_thread_selfdiskacc(iop_param.iop_policy); + break; default: error = EINVAL; - goto exit; + goto out; } break; + case IOPOL_CMD_GET: - switch (*policy) { - case IOPOL_DEFAULT: - case IOPOL_NORMAL: - case IOPOL_THROTTLE: - case IOPOL_PASSIVE: - iop_param.iop_policy = *policy; - break; - default: // in-kernel - // this should never happen - printf("%s: unknown I/O policy %d\n", __func__, *policy); - // restore to default value - *policy = IOPOL_DEFAULT; - iop_param.iop_policy = *policy; - } - + if(processwide != 0) + iop_param.iop_policy = proc_get_task_disacc(current_task()); + else + iop_param.iop_policy = proc_get_thread_selfdiskacc(); + error = copyout((caddr_t)&iop_param, uap->arg, sizeof(iop_param)); + break; default: error = EINVAL; // unknown command break; } - exit: +out: *retval = error; return (error); } @@ -1242,20 +1253,63 @@ iopolicysys(__unused struct proc *p, __unused struct iopolicysys_args *uap, __un boolean_t thread_is_io_throttled(void); boolean_t -thread_is_io_throttled(void) { - - int policy; - struct uthread *ut; +thread_is_io_throttled(void) +{ + return(proc_get_task_selfdiskacc() == IOPOL_THROTTLE); +} - policy = current_proc()->p_iopol_disk; +void +proc_apply_task_networkbg(void * bsd_info) +{ + proc_t p = PROC_NULL; + proc_t curp = (proc_t)bsd_info; + pid_t pid; + + pid = curp->p_pid; + p = proc_find(pid); + if (p != PROC_NULL) { + do_background_socket(p, NULL, PRIO_DARWIN_BG); + proc_rele(p); + } +} - ut = get_bsdthread_info(current_thread()); +void +proc_restore_task_networkbg(void * bsd_info) +{ + proc_t p = PROC_NULL; + proc_t curp = (proc_t)bsd_info; + pid_t pid; + + pid = curp->p_pid; + p = proc_find(pid); + if (p != PROC_NULL) { + do_background_socket(p, NULL, 0); + proc_rele(p); + } - if (ut->uu_iopol_disk != IOPOL_DEFAULT) - policy = ut->uu_iopol_disk; +} - if (policy == IOPOL_THROTTLE) - return TRUE; +void +proc_set_task_networkbg(void * bsdinfo, int setbg) +{ + if (setbg != 0) + proc_apply_task_networkbg(bsdinfo); + else + proc_restore_task_networkbg(bsdinfo); +} - return FALSE; +void +proc_apply_task_networkbg_internal(proc_t p, thread_t thread) +{ + if (p != PROC_NULL) { + do_background_socket(p, thread, PRIO_DARWIN_BG); + } +} +void +proc_restore_task_networkbg_internal(proc_t p, thread_t thread) +{ + if (p != PROC_NULL) { + do_background_socket(p, thread, PRIO_DARWIN_BG); + } } +