Print this page
Remove most KEBE comments and accompanying unused code or variables/fields.
OS-5192 need faster clock_gettime
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Joshua M. Clulow <jmc@joyent.com>
Reviewed by: Ryan Zezeski <ryan@zinascii.com>
Mismerge in zone.c frees stats that aren't there.
Mismerge in zone.c create zone mcap kstats too many times
OS-338 Kstat counters to show "slow" VFS operations
OS-5189 lx dev enumeration can deadlock with zfs
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
OS-5187 improve /proc/diskstat handling
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
OS-5179 flatten zvol entries for /dev and /proc/partitions
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
Undo merge damage from zone kstats
OS-4915 want FX high priority zone configuration option
OS-4925 ps pri shows misleading value for zone in RT scheduling class
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
OS-4781 would like to be able to add CT_PR_EV_EXIT to fatal event set of current contract
OS-4017 would like zfs-io-priority values > 1024
OS-3820 lxbrand ptrace(2): the next generation
OS-3685 lxbrand PTRACE_O_TRACEFORK race condition
OS-3834 lxbrand 64-bit strace(1) reports 64-bit process as using x32 ABI
OS-3794 lxbrand panic on init signal death
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Bryan Cantrill <bryan@joyent.com>
OS-3776 project rctls should be in sync with zone rctls
OS-3429 Expose zone's init exit status
OS-3342 dlmgmtd needs to be mindful of lock ordering
OS-2608 dlmgmtd needs to record zone identifiers
OS-3492 zone_free asserts to its destruction when dlmgmtd has fallen
OS-3494 zoneadmd tears down networking too soon when boot fails
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
OS-803 make phys mem cap a bit harder
OS-1043 minimize vm_getusage impact
OS-11 rcapd behaves poorly when under extreme load
OS-399 zone phys. mem. cap should be a rctl and have associated kstat
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/os/zone.c
+++ new/usr/src/uts/common/os/zone.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24 - * Copyright 2015, Joyent Inc. All rights reserved.
24 + * Copyright 2016, Joyent Inc.
25 25 */
26 26
27 27 /*
28 28 * Zones
29 29 *
30 30 * A zone is a named collection of processes, namespace constraints,
31 31 * and other system resources which comprise a secure and manageable
32 32 * application containment facility.
33 33 *
34 34 * Zones (represented by the reference counted zone_t) are tracked in
35 35 * the kernel in the zonehash. Elsewhere in the kernel, Zone IDs
36 36 * (zoneid_t) are used to track zone association. Zone IDs are
37 37 * dynamically generated when the zone is created; if a persistent
38 38 * identifier is needed (core files, accounting logs, audit trail,
39 39 * etc.), the zone name should be used.
40 40 *
41 41 *
42 42 * Global Zone:
43 43 *
44 44 * The global zone (zoneid 0) is automatically associated with all
45 45 * system resources that have not been bound to a user-created zone.
46 46 * This means that even systems where zones are not in active use
47 47 * have a global zone, and all processes, mounts, etc. are
48 48 * associated with that zone. The global zone is generally
49 49 * unconstrained in terms of privileges and access, though the usual
50 50 * credential and privilege based restrictions apply.
51 51 *
52 52 *
53 53 * Zone States:
54 54 *
55 55 * The states in which a zone may be in and the transitions are as
56 56 * follows:
57 57 *
58 58 * ZONE_IS_UNINITIALIZED: primordial state for a zone. The partially
59 59 * initialized zone is added to the list of active zones on the system but
60 60 * isn't accessible.
61 61 *
62 62 * ZONE_IS_INITIALIZED: Initialization complete except the ZSD callbacks are
63 63 * not yet completed. Not possible to enter the zone, but attributes can
64 64 * be retrieved.
65 65 *
66 66 * ZONE_IS_READY: zsched (the kernel dummy process for a zone) is
67 67 * ready. The zone is made visible after the ZSD constructor callbacks are
68 68 * executed. A zone remains in this state until it transitions into
69 69 * the ZONE_IS_BOOTING state as a result of a call to zone_boot().
70 70 *
71 71 * ZONE_IS_BOOTING: in this shortlived-state, zsched attempts to start
72 72 * init. Should that fail, the zone proceeds to the ZONE_IS_SHUTTING_DOWN
73 73 * state.
74 74 *
75 75 * ZONE_IS_RUNNING: The zone is open for business: zsched has
76 76 * successfully started init. A zone remains in this state until
77 77 * zone_shutdown() is called.
78 78 *
79 79 * ZONE_IS_SHUTTING_DOWN: zone_shutdown() has been called, the system is
80 80 * killing all processes running in the zone. The zone remains
81 81 * in this state until there are no more user processes running in the zone.
82 82 * zone_create(), zone_enter(), and zone_destroy() on this zone will fail.
83 83 * Since zone_shutdown() is restartable, it may be called successfully
84 84 * multiple times for the same zone_t. Setting of the zone's state to
85 85 * ZONE_IS_SHUTTING_DOWN is synchronized with mounts, so VOP_MOUNT() may check
86 86 * the zone's status without worrying about it being a moving target.
87 87 *
88 88 * ZONE_IS_EMPTY: zone_shutdown() has been called, and there
89 89 * are no more user processes in the zone. The zone remains in this
90 90 * state until there are no more kernel threads associated with the
91 91 * zone. zone_create(), zone_enter(), and zone_destroy() on this zone will
92 92 * fail.
93 93 *
94 94 * ZONE_IS_DOWN: All kernel threads doing work on behalf of the zone
95 95 * have exited. zone_shutdown() returns. Henceforth it is not possible to
96 96 * join the zone or create kernel threads therein.
97 97 *
98 98 * ZONE_IS_DYING: zone_destroy() has been called on the zone; zone
99 99 * remains in this state until zsched exits. Calls to zone_find_by_*()
100 100 * return NULL from now on.
101 101 *
102 102 * ZONE_IS_DEAD: zsched has exited (zone_ntasks == 0). There are no
103 103 * processes or threads doing work on behalf of the zone. The zone is
104 104 * removed from the list of active zones. zone_destroy() returns, and
105 105 * the zone can be recreated.
106 106 *
107 107 * ZONE_IS_FREE (internal state): zone_ref goes to 0, ZSD destructor
108 108 * callbacks are executed, and all memory associated with the zone is
109 109 * freed.
110 110 *
111 111 * Threads can wait for the zone to enter a requested state by using
112 112 * zone_status_wait() or zone_status_timedwait() with the desired
113 113 * state passed in as an argument. Zone state transitions are
114 114 * uni-directional; it is not possible to move back to an earlier state.
115 115 *
116 116 *
117 117 * Zone-Specific Data:
118 118 *
119 119 * Subsystems needing to maintain zone-specific data can store that
120 120 * data using the ZSD mechanism. This provides a zone-specific data
121 121 * store, similar to thread-specific data (see pthread_getspecific(3C)
122 122 * or the TSD code in uts/common/disp/thread.c. Also, ZSD can be used
123 123 * to register callbacks to be invoked when a zone is created, shut
124 124 * down, or destroyed. This can be used to initialize zone-specific
125 125 * data for new zones and to clean up when zones go away.
126 126 *
127 127 *
128 128 * Data Structures:
129 129 *
130 130 * The per-zone structure (zone_t) is reference counted, and freed
131 131 * when all references are released. zone_hold and zone_rele can be
132 132 * used to adjust the reference count. In addition, reference counts
133 133 * associated with the cred_t structure are tracked separately using
134 134 * zone_cred_hold and zone_cred_rele.
135 135 *
136 136 * Pointers to active zone_t's are stored in two hash tables; one
137 137 * for searching by id, the other for searching by name. Lookups
138 138 * can be performed on either basis, using zone_find_by_id and
139 139 * zone_find_by_name. Both return zone_t pointers with the zone
140 140 * held, so zone_rele should be called when the pointer is no longer
141 141 * needed. Zones can also be searched by path; zone_find_by_path
142 142 * returns the zone with which a path name is associated (global
143 143 * zone if the path is not within some other zone's file system
144 144 * hierarchy). This currently requires iterating through each zone,
145 145 * so it is slower than an id or name search via a hash table.
146 146 *
147 147 *
148 148 * Locking:
149 149 *
150 150 * zonehash_lock: This is a top-level global lock used to protect the
151 151 * zone hash tables and lists. Zones cannot be created or destroyed
152 152 * while this lock is held.
153 153 * zone_status_lock: This is a global lock protecting zone state.
154 154 * Zones cannot change state while this lock is held. It also
155 155 * protects the list of kernel threads associated with a zone.
156 156 * zone_lock: This is a per-zone lock used to protect several fields of
157 157 * the zone_t (see <sys/zone.h> for details). In addition, holding
158 158 * this lock means that the zone cannot go away.
159 159 * zone_nlwps_lock: This is a per-zone lock used to protect the fields
160 160 * related to the zone.max-lwps rctl.
161 161 * zone_mem_lock: This is a per-zone lock used to protect the fields
162 162 * related to the zone.max-locked-memory and zone.max-swap rctls.
163 163 * zone_rctl_lock: This is a per-zone lock used to protect other rctls,
164 164 * currently just max_lofi
165 165 * zsd_key_lock: This is a global lock protecting the key state for ZSD.
166 166 * zone_deathrow_lock: This is a global lock protecting the "deathrow"
167 167 * list (a list of zones in the ZONE_IS_DEAD state).
168 168 *
169 169 * Ordering requirements:
170 170 * pool_lock --> cpu_lock --> zonehash_lock --> zone_status_lock -->
171 171 * zone_lock --> zsd_key_lock --> pidlock --> p_lock
172 172 *
173 173 * When taking zone_mem_lock or zone_nlwps_lock, the lock ordering is:
174 174 * zonehash_lock --> a_lock --> pidlock --> p_lock --> zone_mem_lock
175 175 * zonehash_lock --> a_lock --> pidlock --> p_lock --> zone_nlwps_lock
176 176 *
177 177 * Blocking memory allocations are permitted while holding any of the
178 178 * zone locks.
179 179 *
180 180 *
181 181 * System Call Interface:
182 182 *
183 183 * The zone subsystem can be managed and queried from user level with
184 184 * the following system calls (all subcodes of the primary "zone"
185 185 * system call):
186 186 * - zone_create: creates a zone with selected attributes (name,
187 187 * root path, privileges, resource controls, ZFS datasets)
188 188 * - zone_enter: allows the current process to enter a zone
189 189 * - zone_getattr: reports attributes of a zone
190 190 * - zone_setattr: set attributes of a zone
191 191 * - zone_boot: set 'init' running for the zone
192 192 * - zone_list: lists all zones active in the system
193 193 * - zone_lookup: looks up zone id based on name
194 194 * - zone_shutdown: initiates shutdown process (see states above)
195 195 * - zone_destroy: completes shutdown process (see states above)
196 196 *
197 197 */
198 198
199 199 #include <sys/priv_impl.h>
200 200 #include <sys/cred.h>
201 201 #include <c2/audit.h>
202 202 #include <sys/debug.h>
203 203 #include <sys/file.h>
204 204 #include <sys/kmem.h>
205 205 #include <sys/kstat.h>
206 206 #include <sys/mutex.h>
207 207 #include <sys/note.h>
208 208 #include <sys/pathname.h>
209 209 #include <sys/proc.h>
210 210 #include <sys/project.h>
211 211 #include <sys/sysevent.h>
212 212 #include <sys/task.h>
213 213 #include <sys/systm.h>
214 214 #include <sys/types.h>
215 215 #include <sys/utsname.h>
216 216 #include <sys/vnode.h>
217 217 #include <sys/vfs.h>
218 218 #include <sys/systeminfo.h>
219 219 #include <sys/policy.h>
220 220 #include <sys/cred_impl.h>
221 221 #include <sys/contract_impl.h>
222 222 #include <sys/contract/process_impl.h>
223 223 #include <sys/class.h>
224 224 #include <sys/pool.h>
225 225 #include <sys/pool_pset.h>
226 226 #include <sys/pset.h>
227 227 #include <sys/strlog.h>
228 228 #include <sys/sysmacros.h>
229 229 #include <sys/callb.h>
230 230 #include <sys/vmparam.h>
231 231 #include <sys/corectl.h>
232 232 #include <sys/ipc_impl.h>
233 233 #include <sys/klpd.h>
234 234
235 235 #include <sys/door.h>
236 236 #include <sys/cpuvar.h>
237 237 #include <sys/sdt.h>
238 238
239 239 #include <sys/uadmin.h>
240 240 #include <sys/session.h>
241 241 #include <sys/cmn_err.h>
242 242 #include <sys/modhash.h>
|
↓ open down ↓ |
208 lines elided |
↑ open up ↑ |
243 243 #include <sys/sunddi.h>
244 244 #include <sys/nvpair.h>
245 245 #include <sys/rctl.h>
246 246 #include <sys/fss.h>
247 247 #include <sys/brand.h>
248 248 #include <sys/zone.h>
249 249 #include <net/if.h>
250 250 #include <sys/cpucaps.h>
251 251 #include <vm/seg.h>
252 252 #include <sys/mac.h>
253 +#include <sys/rt.h>
254 +#include <sys/fx.h>
253 255
254 256 /*
255 257 * This constant specifies the number of seconds that threads waiting for
256 258 * subsystems to release a zone's general-purpose references will wait before
257 259 * they log the zone's reference counts. The constant's value shouldn't
258 260 * be so small that reference counts are unnecessarily reported for zones
259 261 * whose references are slowly released. On the other hand, it shouldn't be so
260 262 * large that users reboot their systems out of frustration over hung zones
261 263 * before the system logs the zones' reference counts.
262 264 */
263 265 #define ZONE_DESTROY_TIMEOUT_SECS 60
264 266
265 267 /* List of data link IDs which are accessible from the zone */
266 268 typedef struct zone_dl {
267 269 datalink_id_t zdl_id;
268 270 nvlist_t *zdl_net;
269 271 list_node_t zdl_linkage;
270 272 } zone_dl_t;
271 273
272 274 /*
273 275 * cv used to signal that all references to the zone have been released. This
274 276 * needs to be global since there may be multiple waiters, and the first to
275 277 * wake up will free the zone_t, hence we cannot use zone->zone_cv.
276 278 */
277 279 static kcondvar_t zone_destroy_cv;
278 280 /*
279 281 * Lock used to serialize access to zone_cv. This could have been per-zone,
280 282 * but then we'd need another lock for zone_destroy_cv, and why bother?
281 283 */
282 284 static kmutex_t zone_status_lock;
283 285
284 286 /*
285 287 * ZSD-related global variables.
286 288 */
287 289 static kmutex_t zsd_key_lock; /* protects the following two */
288 290 /*
289 291 * The next caller of zone_key_create() will be assigned a key of ++zsd_keyval.
290 292 */
291 293 static zone_key_t zsd_keyval = 0;
292 294 /*
293 295 * Global list of registered keys. We use this when a new zone is created.
294 296 */
295 297 static list_t zsd_registered_keys;
296 298
297 299 int zone_hash_size = 256;
298 300 static mod_hash_t *zonehashbyname, *zonehashbyid, *zonehashbylabel;
299 301 static kmutex_t zonehash_lock;
300 302 static uint_t zonecount;
301 303 static id_space_t *zoneid_space;
302 304
303 305 /*
304 306 * The global zone (aka zone0) is the all-seeing, all-knowing zone in which the
305 307 * kernel proper runs, and which manages all other zones.
306 308 *
307 309 * Although not declared as static, the variable "zone0" should not be used
308 310 * except for by code that needs to reference the global zone early on in boot,
309 311 * before it is fully initialized. All other consumers should use
310 312 * 'global_zone'.
311 313 */
312 314 zone_t zone0;
313 315 zone_t *global_zone = NULL; /* Set when the global zone is initialized */
314 316
315 317 /*
316 318 * List of active zones, protected by zonehash_lock.
317 319 */
318 320 static list_t zone_active;
319 321
320 322 /*
321 323 * List of destroyed zones that still have outstanding cred references.
322 324 * Used for debugging. Uses a separate lock to avoid lock ordering
323 325 * problems in zone_free.
324 326 */
325 327 static list_t zone_deathrow;
326 328 static kmutex_t zone_deathrow_lock;
327 329
328 330 /* number of zones is limited by virtual interface limit in IP */
329 331 uint_t maxzones = 8192;
330 332
331 333 /* Event channel to sent zone state change notifications */
332 334 evchan_t *zone_event_chan;
333 335
334 336 /*
335 337 * This table holds the mapping from kernel zone states to
336 338 * states visible in the state notification API.
337 339 * The idea is that we only expose "obvious" states and
338 340 * do not expose states which are just implementation details.
339 341 */
340 342 const char *zone_status_table[] = {
341 343 ZONE_EVENT_UNINITIALIZED, /* uninitialized */
342 344 ZONE_EVENT_INITIALIZED, /* initialized */
343 345 ZONE_EVENT_READY, /* ready */
344 346 ZONE_EVENT_READY, /* booting */
345 347 ZONE_EVENT_RUNNING, /* running */
346 348 ZONE_EVENT_SHUTTING_DOWN, /* shutting_down */
347 349 ZONE_EVENT_SHUTTING_DOWN, /* empty */
348 350 ZONE_EVENT_SHUTTING_DOWN, /* down */
349 351 ZONE_EVENT_SHUTTING_DOWN, /* dying */
350 352 ZONE_EVENT_UNINITIALIZED, /* dead */
351 353 };
352 354
353 355 /*
354 356 * This array contains the names of the subsystems listed in zone_ref_subsys_t
355 357 * (see sys/zone.h).
356 358 */
357 359 static char *zone_ref_subsys_names[] = {
358 360 "NFS", /* ZONE_REF_NFS */
359 361 "NFSv4", /* ZONE_REF_NFSV4 */
360 362 "SMBFS", /* ZONE_REF_SMBFS */
361 363 "MNTFS", /* ZONE_REF_MNTFS */
362 364 "LOFI", /* ZONE_REF_LOFI */
|
↓ open down ↓ |
100 lines elided |
↑ open up ↑ |
363 365 "VFS", /* ZONE_REF_VFS */
364 366 "IPC" /* ZONE_REF_IPC */
365 367 };
366 368
367 369 /*
368 370 * This isn't static so lint doesn't complain.
369 371 */
370 372 rctl_hndl_t rc_zone_cpu_shares;
371 373 rctl_hndl_t rc_zone_locked_mem;
372 374 rctl_hndl_t rc_zone_max_swap;
375 +rctl_hndl_t rc_zone_phys_mem;
373 376 rctl_hndl_t rc_zone_max_lofi;
374 377 rctl_hndl_t rc_zone_cpu_cap;
375 378 rctl_hndl_t rc_zone_zfs_io_pri;
376 379 rctl_hndl_t rc_zone_nlwps;
377 380 rctl_hndl_t rc_zone_nprocs;
378 381 rctl_hndl_t rc_zone_shmmax;
379 382 rctl_hndl_t rc_zone_shmmni;
380 383 rctl_hndl_t rc_zone_semmni;
381 384 rctl_hndl_t rc_zone_msgmni;
382 385
383 386 const char * const zone_default_initname = "/sbin/init";
384 387 static char * const zone_prefix = "/zone/";
385 388 static int zone_shutdown(zoneid_t zoneid);
386 389 static int zone_add_datalink(zoneid_t, datalink_id_t);
387 390 static int zone_remove_datalink(zoneid_t, datalink_id_t);
388 391 static int zone_list_datalink(zoneid_t, int *, datalink_id_t *);
389 392 static int zone_set_network(zoneid_t, zone_net_data_t *);
390 393 static int zone_get_network(zoneid_t, zone_net_data_t *);
391 394
392 395 typedef boolean_t zsd_applyfn_t(kmutex_t *, boolean_t, zone_t *, zone_key_t);
393 396
394 397 static void zsd_apply_all_zones(zsd_applyfn_t *, zone_key_t);
395 398 static void zsd_apply_all_keys(zsd_applyfn_t *, zone_t *);
396 399 static boolean_t zsd_apply_create(kmutex_t *, boolean_t, zone_t *, zone_key_t);
397 400 static boolean_t zsd_apply_shutdown(kmutex_t *, boolean_t, zone_t *,
398 401 zone_key_t);
399 402 static boolean_t zsd_apply_destroy(kmutex_t *, boolean_t, zone_t *, zone_key_t);
400 403 static boolean_t zsd_wait_for_creator(zone_t *, struct zsd_entry *,
401 404 kmutex_t *);
402 405 static boolean_t zsd_wait_for_inprogress(zone_t *, struct zsd_entry *,
403 406 kmutex_t *);
404 407
405 408 /*
406 409 * Bump this number when you alter the zone syscall interfaces; this is
407 410 * because we need to have support for previous API versions in libc
408 411 * to support patching; libc calls into the kernel to determine this number.
409 412 *
410 413 * Version 1 of the API is the version originally shipped with Solaris 10
411 414 * Version 2 alters the zone_create system call in order to support more
412 415 * arguments by moving the args into a structure; and to do better
413 416 * error reporting when zone_create() fails.
414 417 * Version 3 alters the zone_create system call in order to support the
415 418 * import of ZFS datasets to zones.
416 419 * Version 4 alters the zone_create system call in order to support
417 420 * Trusted Extensions.
418 421 * Version 5 alters the zone_boot system call, and converts its old
419 422 * bootargs parameter to be set by the zone_setattr API instead.
420 423 * Version 6 adds the flag argument to zone_create.
421 424 */
422 425 static const int ZONE_SYSCALL_API_VERSION = 6;
423 426
424 427 /*
425 428 * Certain filesystems (such as NFS and autofs) need to know which zone
426 429 * the mount is being placed in. Because of this, we need to be able to
427 430 * ensure that a zone isn't in the process of being created/destroyed such
428 431 * that nfs_mount() thinks it is in the global/NGZ zone, while by the time
429 432 * it gets added the list of mounted zones, it ends up on the wrong zone's
430 433 * mount list. Since a zone can't reside on an NFS file system, we don't
431 434 * have to worry about the zonepath itself.
432 435 *
433 436 * The following functions: block_mounts()/resume_mounts() and
434 437 * mount_in_progress()/mount_completed() are used by zones and the VFS
435 438 * layer (respectively) to synchronize zone state transitions and new
436 439 * mounts within a zone. This syncronization is on a per-zone basis, so
437 440 * activity for one zone will not interfere with activity for another zone.
438 441 *
439 442 * The semantics are like a reader-reader lock such that there may
440 443 * either be multiple mounts (or zone state transitions, if that weren't
441 444 * serialized by zonehash_lock) in progress at the same time, but not
442 445 * both.
443 446 *
444 447 * We use cv's so the user can ctrl-C out of the operation if it's
445 448 * taking too long.
446 449 *
447 450 * The semantics are such that there is unfair bias towards the
448 451 * "current" operation. This means that zone halt may starve if
449 452 * there is a rapid succession of new mounts coming in to the zone.
450 453 */
451 454 /*
452 455 * Prevent new mounts from progressing to the point of calling
453 456 * VFS_MOUNT(). If there are already mounts in this "region", wait for
454 457 * them to complete.
455 458 */
456 459 static int
457 460 block_mounts(zone_t *zp)
458 461 {
459 462 int retval = 0;
460 463
461 464 /*
462 465 * Since it may block for a long time, block_mounts() shouldn't be
463 466 * called with zonehash_lock held.
464 467 */
465 468 ASSERT(MUTEX_NOT_HELD(&zonehash_lock));
466 469 mutex_enter(&zp->zone_mount_lock);
467 470 while (zp->zone_mounts_in_progress > 0) {
468 471 if (cv_wait_sig(&zp->zone_mount_cv, &zp->zone_mount_lock) == 0)
469 472 goto signaled;
470 473 }
471 474 /*
472 475 * A negative value of mounts_in_progress indicates that mounts
473 476 * have been blocked by (-mounts_in_progress) different callers
474 477 * (remotely possible if two threads enter zone_shutdown at the same
475 478 * time).
476 479 */
477 480 zp->zone_mounts_in_progress--;
478 481 retval = 1;
479 482 signaled:
480 483 mutex_exit(&zp->zone_mount_lock);
481 484 return (retval);
482 485 }
483 486
484 487 /*
485 488 * The VFS layer may progress with new mounts as far as we're concerned.
486 489 * Allow them to progress if we were the last obstacle.
487 490 */
488 491 static void
489 492 resume_mounts(zone_t *zp)
490 493 {
491 494 mutex_enter(&zp->zone_mount_lock);
492 495 if (++zp->zone_mounts_in_progress == 0)
493 496 cv_broadcast(&zp->zone_mount_cv);
494 497 mutex_exit(&zp->zone_mount_lock);
495 498 }
496 499
497 500 /*
498 501 * The VFS layer is busy with a mount; this zone should wait until all
499 502 * of its mounts are completed to progress.
500 503 */
501 504 void
502 505 mount_in_progress(zone_t *zp)
503 506 {
504 507 mutex_enter(&zp->zone_mount_lock);
505 508 while (zp->zone_mounts_in_progress < 0)
506 509 cv_wait(&zp->zone_mount_cv, &zp->zone_mount_lock);
507 510 zp->zone_mounts_in_progress++;
508 511 mutex_exit(&zp->zone_mount_lock);
509 512 }
510 513
511 514 /*
512 515 * VFS is done with one mount; wake up any waiting block_mounts()
513 516 * callers if this is the last mount.
514 517 */
515 518 void
516 519 mount_completed(zone_t *zp)
517 520 {
518 521 mutex_enter(&zp->zone_mount_lock);
519 522 if (--zp->zone_mounts_in_progress == 0)
520 523 cv_broadcast(&zp->zone_mount_cv);
521 524 mutex_exit(&zp->zone_mount_lock);
522 525 }
523 526
524 527 /*
525 528 * ZSD routines.
526 529 *
527 530 * Zone Specific Data (ZSD) is modeled after Thread Specific Data as
528 531 * defined by the pthread_key_create() and related interfaces.
529 532 *
530 533 * Kernel subsystems may register one or more data items and/or
531 534 * callbacks to be executed when a zone is created, shutdown, or
532 535 * destroyed.
533 536 *
534 537 * Unlike the thread counterpart, destructor callbacks will be executed
535 538 * even if the data pointer is NULL and/or there are no constructor
536 539 * callbacks, so it is the responsibility of such callbacks to check for
537 540 * NULL data values if necessary.
538 541 *
539 542 * The locking strategy and overall picture is as follows:
540 543 *
541 544 * When someone calls zone_key_create(), a template ZSD entry is added to the
542 545 * global list "zsd_registered_keys", protected by zsd_key_lock. While
543 546 * holding that lock all the existing zones are marked as
544 547 * ZSD_CREATE_NEEDED and a copy of the ZSD entry added to the per-zone
545 548 * zone_zsd list (protected by zone_lock). The global list is updated first
546 549 * (under zone_key_lock) to make sure that newly created zones use the
547 550 * most recent list of keys. Then under zonehash_lock we walk the zones
548 551 * and mark them. Similar locking is used in zone_key_delete().
549 552 *
550 553 * The actual create, shutdown, and destroy callbacks are done without
551 554 * holding any lock. And zsd_flags are used to ensure that the operations
552 555 * completed so that when zone_key_create (and zone_create) is done, as well as
553 556 * zone_key_delete (and zone_destroy) is done, all the necessary callbacks
554 557 * are completed.
555 558 *
556 559 * When new zones are created constructor callbacks for all registered ZSD
557 560 * entries will be called. That also uses the above two phases of marking
558 561 * what needs to be done, and then running the callbacks without holding
559 562 * any locks.
560 563 *
561 564 * The framework does not provide any locking around zone_getspecific() and
562 565 * zone_setspecific() apart from that needed for internal consistency, so
563 566 * callers interested in atomic "test-and-set" semantics will need to provide
564 567 * their own locking.
565 568 */
566 569
567 570 /*
568 571 * Helper function to find the zsd_entry associated with the key in the
569 572 * given list.
570 573 */
571 574 static struct zsd_entry *
572 575 zsd_find(list_t *l, zone_key_t key)
573 576 {
574 577 struct zsd_entry *zsd;
575 578
576 579 for (zsd = list_head(l); zsd != NULL; zsd = list_next(l, zsd)) {
577 580 if (zsd->zsd_key == key) {
578 581 return (zsd);
579 582 }
580 583 }
581 584 return (NULL);
582 585 }
583 586
584 587 /*
585 588 * Helper function to find the zsd_entry associated with the key in the
586 589 * given list. Move it to the front of the list.
587 590 */
588 591 static struct zsd_entry *
589 592 zsd_find_mru(list_t *l, zone_key_t key)
590 593 {
591 594 struct zsd_entry *zsd;
592 595
593 596 for (zsd = list_head(l); zsd != NULL; zsd = list_next(l, zsd)) {
594 597 if (zsd->zsd_key == key) {
595 598 /*
596 599 * Move to head of list to keep list in MRU order.
597 600 */
598 601 if (zsd != list_head(l)) {
599 602 list_remove(l, zsd);
600 603 list_insert_head(l, zsd);
601 604 }
602 605 return (zsd);
603 606 }
604 607 }
605 608 return (NULL);
606 609 }
607 610
608 611 void
609 612 zone_key_create(zone_key_t *keyp, void *(*create)(zoneid_t),
610 613 void (*shutdown)(zoneid_t, void *), void (*destroy)(zoneid_t, void *))
611 614 {
612 615 struct zsd_entry *zsdp;
613 616 struct zsd_entry *t;
614 617 struct zone *zone;
615 618 zone_key_t key;
616 619
617 620 zsdp = kmem_zalloc(sizeof (*zsdp), KM_SLEEP);
618 621 zsdp->zsd_data = NULL;
619 622 zsdp->zsd_create = create;
620 623 zsdp->zsd_shutdown = shutdown;
621 624 zsdp->zsd_destroy = destroy;
622 625
623 626 /*
624 627 * Insert in global list of callbacks. Makes future zone creations
625 628 * see it.
626 629 */
627 630 mutex_enter(&zsd_key_lock);
628 631 key = zsdp->zsd_key = ++zsd_keyval;
629 632 ASSERT(zsd_keyval != 0);
630 633 list_insert_tail(&zsd_registered_keys, zsdp);
631 634 mutex_exit(&zsd_key_lock);
632 635
633 636 /*
634 637 * Insert for all existing zones and mark them as needing
635 638 * a create callback.
636 639 */
637 640 mutex_enter(&zonehash_lock); /* stop the world */
638 641 for (zone = list_head(&zone_active); zone != NULL;
639 642 zone = list_next(&zone_active, zone)) {
640 643 zone_status_t status;
641 644
642 645 mutex_enter(&zone->zone_lock);
643 646
644 647 /* Skip zones that are on the way down or not yet up */
645 648 status = zone_status_get(zone);
646 649 if (status >= ZONE_IS_DOWN ||
647 650 status == ZONE_IS_UNINITIALIZED) {
648 651 mutex_exit(&zone->zone_lock);
649 652 continue;
650 653 }
651 654
652 655 t = zsd_find_mru(&zone->zone_zsd, key);
653 656 if (t != NULL) {
654 657 /*
655 658 * A zsd_configure already inserted it after
656 659 * we dropped zsd_key_lock above.
657 660 */
658 661 mutex_exit(&zone->zone_lock);
659 662 continue;
660 663 }
661 664 t = kmem_zalloc(sizeof (*t), KM_SLEEP);
662 665 t->zsd_key = key;
663 666 t->zsd_create = create;
664 667 t->zsd_shutdown = shutdown;
665 668 t->zsd_destroy = destroy;
666 669 if (create != NULL) {
667 670 t->zsd_flags = ZSD_CREATE_NEEDED;
668 671 DTRACE_PROBE2(zsd__create__needed,
669 672 zone_t *, zone, zone_key_t, key);
670 673 }
671 674 list_insert_tail(&zone->zone_zsd, t);
672 675 mutex_exit(&zone->zone_lock);
673 676 }
674 677 mutex_exit(&zonehash_lock);
675 678
676 679 if (create != NULL) {
677 680 /* Now call the create callback for this key */
678 681 zsd_apply_all_zones(zsd_apply_create, key);
679 682 }
680 683 /*
681 684 * It is safe for consumers to use the key now, make it
682 685 * globally visible. Specifically zone_getspecific() will
683 686 * always successfully return the zone specific data associated
684 687 * with the key.
685 688 */
686 689 *keyp = key;
687 690
688 691 }
689 692
690 693 /*
691 694 * Function called when a module is being unloaded, or otherwise wishes
692 695 * to unregister its ZSD key and callbacks.
693 696 *
694 697 * Remove from the global list and determine the functions that need to
695 698 * be called under a global lock. Then call the functions without
696 699 * holding any locks. Finally free up the zone_zsd entries. (The apply
697 700 * functions need to access the zone_zsd entries to find zsd_data etc.)
698 701 */
699 702 int
700 703 zone_key_delete(zone_key_t key)
701 704 {
702 705 struct zsd_entry *zsdp = NULL;
703 706 zone_t *zone;
704 707
705 708 mutex_enter(&zsd_key_lock);
706 709 zsdp = zsd_find_mru(&zsd_registered_keys, key);
707 710 if (zsdp == NULL) {
708 711 mutex_exit(&zsd_key_lock);
709 712 return (-1);
710 713 }
711 714 list_remove(&zsd_registered_keys, zsdp);
712 715 mutex_exit(&zsd_key_lock);
713 716
714 717 mutex_enter(&zonehash_lock);
715 718 for (zone = list_head(&zone_active); zone != NULL;
716 719 zone = list_next(&zone_active, zone)) {
717 720 struct zsd_entry *del;
718 721
719 722 mutex_enter(&zone->zone_lock);
720 723 del = zsd_find_mru(&zone->zone_zsd, key);
721 724 if (del == NULL) {
722 725 /*
723 726 * Somebody else got here first e.g the zone going
724 727 * away.
725 728 */
726 729 mutex_exit(&zone->zone_lock);
727 730 continue;
728 731 }
729 732 ASSERT(del->zsd_shutdown == zsdp->zsd_shutdown);
730 733 ASSERT(del->zsd_destroy == zsdp->zsd_destroy);
731 734 if (del->zsd_shutdown != NULL &&
732 735 (del->zsd_flags & ZSD_SHUTDOWN_ALL) == 0) {
733 736 del->zsd_flags |= ZSD_SHUTDOWN_NEEDED;
734 737 DTRACE_PROBE2(zsd__shutdown__needed,
735 738 zone_t *, zone, zone_key_t, key);
736 739 }
737 740 if (del->zsd_destroy != NULL &&
738 741 (del->zsd_flags & ZSD_DESTROY_ALL) == 0) {
739 742 del->zsd_flags |= ZSD_DESTROY_NEEDED;
740 743 DTRACE_PROBE2(zsd__destroy__needed,
741 744 zone_t *, zone, zone_key_t, key);
742 745 }
743 746 mutex_exit(&zone->zone_lock);
744 747 }
745 748 mutex_exit(&zonehash_lock);
746 749 kmem_free(zsdp, sizeof (*zsdp));
747 750
748 751 /* Now call the shutdown and destroy callback for this key */
749 752 zsd_apply_all_zones(zsd_apply_shutdown, key);
750 753 zsd_apply_all_zones(zsd_apply_destroy, key);
751 754
752 755 /* Now we can free up the zsdp structures in each zone */
753 756 mutex_enter(&zonehash_lock);
754 757 for (zone = list_head(&zone_active); zone != NULL;
755 758 zone = list_next(&zone_active, zone)) {
756 759 struct zsd_entry *del;
757 760
758 761 mutex_enter(&zone->zone_lock);
759 762 del = zsd_find(&zone->zone_zsd, key);
760 763 if (del != NULL) {
761 764 list_remove(&zone->zone_zsd, del);
762 765 ASSERT(!(del->zsd_flags & ZSD_ALL_INPROGRESS));
763 766 kmem_free(del, sizeof (*del));
764 767 }
765 768 mutex_exit(&zone->zone_lock);
766 769 }
767 770 mutex_exit(&zonehash_lock);
768 771
769 772 return (0);
770 773 }
771 774
772 775 /*
773 776 * ZSD counterpart of pthread_setspecific().
774 777 *
775 778 * Since all zsd callbacks, including those with no create function,
776 779 * have an entry in zone_zsd, if the key is registered it is part of
777 780 * the zone_zsd list.
778 781 * Return an error if the key wasn't registerd.
779 782 */
780 783 int
781 784 zone_setspecific(zone_key_t key, zone_t *zone, const void *data)
782 785 {
783 786 struct zsd_entry *t;
784 787
785 788 mutex_enter(&zone->zone_lock);
786 789 t = zsd_find_mru(&zone->zone_zsd, key);
787 790 if (t != NULL) {
788 791 /*
789 792 * Replace old value with new
790 793 */
791 794 t->zsd_data = (void *)data;
792 795 mutex_exit(&zone->zone_lock);
793 796 return (0);
794 797 }
795 798 mutex_exit(&zone->zone_lock);
796 799 return (-1);
797 800 }
798 801
799 802 /*
800 803 * ZSD counterpart of pthread_getspecific().
801 804 */
802 805 void *
803 806 zone_getspecific(zone_key_t key, zone_t *zone)
804 807 {
805 808 struct zsd_entry *t;
806 809 void *data;
807 810
808 811 mutex_enter(&zone->zone_lock);
809 812 t = zsd_find_mru(&zone->zone_zsd, key);
810 813 data = (t == NULL ? NULL : t->zsd_data);
811 814 mutex_exit(&zone->zone_lock);
812 815 return (data);
813 816 }
814 817
815 818 /*
816 819 * Function used to initialize a zone's list of ZSD callbacks and data
817 820 * when the zone is being created. The callbacks are initialized from
818 821 * the template list (zsd_registered_keys). The constructor callback is
819 822 * executed later (once the zone exists and with locks dropped).
820 823 */
821 824 static void
822 825 zone_zsd_configure(zone_t *zone)
823 826 {
824 827 struct zsd_entry *zsdp;
825 828 struct zsd_entry *t;
826 829
827 830 ASSERT(MUTEX_HELD(&zonehash_lock));
828 831 ASSERT(list_head(&zone->zone_zsd) == NULL);
829 832 mutex_enter(&zone->zone_lock);
830 833 mutex_enter(&zsd_key_lock);
831 834 for (zsdp = list_head(&zsd_registered_keys); zsdp != NULL;
832 835 zsdp = list_next(&zsd_registered_keys, zsdp)) {
833 836 /*
834 837 * Since this zone is ZONE_IS_UNCONFIGURED, zone_key_create
835 838 * should not have added anything to it.
836 839 */
837 840 ASSERT(zsd_find(&zone->zone_zsd, zsdp->zsd_key) == NULL);
838 841
839 842 t = kmem_zalloc(sizeof (*t), KM_SLEEP);
840 843 t->zsd_key = zsdp->zsd_key;
841 844 t->zsd_create = zsdp->zsd_create;
842 845 t->zsd_shutdown = zsdp->zsd_shutdown;
843 846 t->zsd_destroy = zsdp->zsd_destroy;
844 847 if (zsdp->zsd_create != NULL) {
845 848 t->zsd_flags = ZSD_CREATE_NEEDED;
846 849 DTRACE_PROBE2(zsd__create__needed,
847 850 zone_t *, zone, zone_key_t, zsdp->zsd_key);
848 851 }
849 852 list_insert_tail(&zone->zone_zsd, t);
850 853 }
851 854 mutex_exit(&zsd_key_lock);
852 855 mutex_exit(&zone->zone_lock);
853 856 }
854 857
855 858 enum zsd_callback_type { ZSD_CREATE, ZSD_SHUTDOWN, ZSD_DESTROY };
856 859
857 860 /*
858 861 * Helper function to execute shutdown or destructor callbacks.
859 862 */
860 863 static void
861 864 zone_zsd_callbacks(zone_t *zone, enum zsd_callback_type ct)
862 865 {
863 866 struct zsd_entry *t;
864 867
865 868 ASSERT(ct == ZSD_SHUTDOWN || ct == ZSD_DESTROY);
866 869 ASSERT(ct != ZSD_SHUTDOWN || zone_status_get(zone) >= ZONE_IS_EMPTY);
867 870 ASSERT(ct != ZSD_DESTROY || zone_status_get(zone) >= ZONE_IS_DOWN);
868 871
869 872 /*
870 873 * Run the callback solely based on what is registered for the zone
871 874 * in zone_zsd. The global list can change independently of this
872 875 * as keys are registered and unregistered and we don't register new
873 876 * callbacks for a zone that is in the process of going away.
874 877 */
875 878 mutex_enter(&zone->zone_lock);
876 879 for (t = list_head(&zone->zone_zsd); t != NULL;
877 880 t = list_next(&zone->zone_zsd, t)) {
878 881 zone_key_t key = t->zsd_key;
879 882
880 883 /* Skip if no callbacks registered */
881 884
882 885 if (ct == ZSD_SHUTDOWN) {
883 886 if (t->zsd_shutdown != NULL &&
884 887 (t->zsd_flags & ZSD_SHUTDOWN_ALL) == 0) {
885 888 t->zsd_flags |= ZSD_SHUTDOWN_NEEDED;
886 889 DTRACE_PROBE2(zsd__shutdown__needed,
887 890 zone_t *, zone, zone_key_t, key);
888 891 }
889 892 } else {
890 893 if (t->zsd_destroy != NULL &&
891 894 (t->zsd_flags & ZSD_DESTROY_ALL) == 0) {
892 895 t->zsd_flags |= ZSD_DESTROY_NEEDED;
893 896 DTRACE_PROBE2(zsd__destroy__needed,
894 897 zone_t *, zone, zone_key_t, key);
895 898 }
896 899 }
897 900 }
898 901 mutex_exit(&zone->zone_lock);
899 902
900 903 /* Now call the shutdown and destroy callback for this key */
901 904 zsd_apply_all_keys(zsd_apply_shutdown, zone);
902 905 zsd_apply_all_keys(zsd_apply_destroy, zone);
903 906
904 907 }
905 908
906 909 /*
907 910 * Called when the zone is going away; free ZSD-related memory, and
908 911 * destroy the zone_zsd list.
909 912 */
910 913 static void
911 914 zone_free_zsd(zone_t *zone)
912 915 {
913 916 struct zsd_entry *t, *next;
914 917
915 918 /*
916 919 * Free all the zsd_entry's we had on this zone.
917 920 */
918 921 mutex_enter(&zone->zone_lock);
919 922 for (t = list_head(&zone->zone_zsd); t != NULL; t = next) {
920 923 next = list_next(&zone->zone_zsd, t);
921 924 list_remove(&zone->zone_zsd, t);
922 925 ASSERT(!(t->zsd_flags & ZSD_ALL_INPROGRESS));
923 926 kmem_free(t, sizeof (*t));
924 927 }
925 928 list_destroy(&zone->zone_zsd);
926 929 mutex_exit(&zone->zone_lock);
927 930
928 931 }
929 932
930 933 /*
931 934 * Apply a function to all zones for particular key value.
932 935 *
933 936 * The applyfn has to drop zonehash_lock if it does some work, and
934 937 * then reacquire it before it returns.
935 938 * When the lock is dropped we don't follow list_next even
936 939 * if it is possible to do so without any hazards. This is
937 940 * because we want the design to allow for the list of zones
938 941 * to change in any arbitrary way during the time the
939 942 * lock was dropped.
940 943 *
941 944 * It is safe to restart the loop at list_head since the applyfn
942 945 * changes the zsd_flags as it does work, so a subsequent
943 946 * pass through will have no effect in applyfn, hence the loop will terminate
944 947 * in at worst O(N^2).
945 948 */
946 949 static void
947 950 zsd_apply_all_zones(zsd_applyfn_t *applyfn, zone_key_t key)
948 951 {
949 952 zone_t *zone;
950 953
951 954 mutex_enter(&zonehash_lock);
952 955 zone = list_head(&zone_active);
953 956 while (zone != NULL) {
954 957 if ((applyfn)(&zonehash_lock, B_FALSE, zone, key)) {
955 958 /* Lock dropped - restart at head */
956 959 zone = list_head(&zone_active);
957 960 } else {
958 961 zone = list_next(&zone_active, zone);
959 962 }
960 963 }
961 964 mutex_exit(&zonehash_lock);
962 965 }
963 966
964 967 /*
965 968 * Apply a function to all keys for a particular zone.
966 969 *
967 970 * The applyfn has to drop zonehash_lock if it does some work, and
968 971 * then reacquire it before it returns.
969 972 * When the lock is dropped we don't follow list_next even
970 973 * if it is possible to do so without any hazards. This is
971 974 * because we want the design to allow for the list of zsd callbacks
972 975 * to change in any arbitrary way during the time the
973 976 * lock was dropped.
974 977 *
975 978 * It is safe to restart the loop at list_head since the applyfn
976 979 * changes the zsd_flags as it does work, so a subsequent
977 980 * pass through will have no effect in applyfn, hence the loop will terminate
978 981 * in at worst O(N^2).
979 982 */
980 983 static void
981 984 zsd_apply_all_keys(zsd_applyfn_t *applyfn, zone_t *zone)
982 985 {
983 986 struct zsd_entry *t;
984 987
985 988 mutex_enter(&zone->zone_lock);
986 989 t = list_head(&zone->zone_zsd);
987 990 while (t != NULL) {
988 991 if ((applyfn)(NULL, B_TRUE, zone, t->zsd_key)) {
989 992 /* Lock dropped - restart at head */
990 993 t = list_head(&zone->zone_zsd);
991 994 } else {
992 995 t = list_next(&zone->zone_zsd, t);
993 996 }
994 997 }
995 998 mutex_exit(&zone->zone_lock);
996 999 }
997 1000
998 1001 /*
999 1002 * Call the create function for the zone and key if CREATE_NEEDED
1000 1003 * is set.
1001 1004 * If some other thread gets here first and sets CREATE_INPROGRESS, then
1002 1005 * we wait for that thread to complete so that we can ensure that
1003 1006 * all the callbacks are done when we've looped over all zones/keys.
1004 1007 *
1005 1008 * When we call the create function, we drop the global held by the
1006 1009 * caller, and return true to tell the caller it needs to re-evalute the
1007 1010 * state.
1008 1011 * If the caller holds zone_lock then zone_lock_held is set, and zone_lock
1009 1012 * remains held on exit.
1010 1013 */
1011 1014 static boolean_t
1012 1015 zsd_apply_create(kmutex_t *lockp, boolean_t zone_lock_held,
1013 1016 zone_t *zone, zone_key_t key)
1014 1017 {
1015 1018 void *result;
1016 1019 struct zsd_entry *t;
1017 1020 boolean_t dropped;
1018 1021
1019 1022 if (lockp != NULL) {
1020 1023 ASSERT(MUTEX_HELD(lockp));
1021 1024 }
1022 1025 if (zone_lock_held) {
1023 1026 ASSERT(MUTEX_HELD(&zone->zone_lock));
1024 1027 } else {
1025 1028 mutex_enter(&zone->zone_lock);
1026 1029 }
1027 1030
1028 1031 t = zsd_find(&zone->zone_zsd, key);
1029 1032 if (t == NULL) {
1030 1033 /*
1031 1034 * Somebody else got here first e.g the zone going
1032 1035 * away.
1033 1036 */
1034 1037 if (!zone_lock_held)
1035 1038 mutex_exit(&zone->zone_lock);
1036 1039 return (B_FALSE);
1037 1040 }
1038 1041 dropped = B_FALSE;
1039 1042 if (zsd_wait_for_inprogress(zone, t, lockp))
1040 1043 dropped = B_TRUE;
1041 1044
1042 1045 if (t->zsd_flags & ZSD_CREATE_NEEDED) {
1043 1046 t->zsd_flags &= ~ZSD_CREATE_NEEDED;
1044 1047 t->zsd_flags |= ZSD_CREATE_INPROGRESS;
1045 1048 DTRACE_PROBE2(zsd__create__inprogress,
1046 1049 zone_t *, zone, zone_key_t, key);
1047 1050 mutex_exit(&zone->zone_lock);
1048 1051 if (lockp != NULL)
1049 1052 mutex_exit(lockp);
1050 1053
1051 1054 dropped = B_TRUE;
1052 1055 ASSERT(t->zsd_create != NULL);
1053 1056 DTRACE_PROBE2(zsd__create__start,
1054 1057 zone_t *, zone, zone_key_t, key);
1055 1058
1056 1059 result = (*t->zsd_create)(zone->zone_id);
1057 1060
1058 1061 DTRACE_PROBE2(zsd__create__end,
1059 1062 zone_t *, zone, voidn *, result);
1060 1063
1061 1064 ASSERT(result != NULL);
1062 1065 if (lockp != NULL)
1063 1066 mutex_enter(lockp);
1064 1067 mutex_enter(&zone->zone_lock);
1065 1068 t->zsd_data = result;
1066 1069 t->zsd_flags &= ~ZSD_CREATE_INPROGRESS;
1067 1070 t->zsd_flags |= ZSD_CREATE_COMPLETED;
1068 1071 cv_broadcast(&t->zsd_cv);
1069 1072 DTRACE_PROBE2(zsd__create__completed,
1070 1073 zone_t *, zone, zone_key_t, key);
1071 1074 }
1072 1075 if (!zone_lock_held)
1073 1076 mutex_exit(&zone->zone_lock);
1074 1077 return (dropped);
1075 1078 }
1076 1079
1077 1080 /*
1078 1081 * Call the shutdown function for the zone and key if SHUTDOWN_NEEDED
1079 1082 * is set.
1080 1083 * If some other thread gets here first and sets *_INPROGRESS, then
1081 1084 * we wait for that thread to complete so that we can ensure that
1082 1085 * all the callbacks are done when we've looped over all zones/keys.
1083 1086 *
1084 1087 * When we call the shutdown function, we drop the global held by the
1085 1088 * caller, and return true to tell the caller it needs to re-evalute the
1086 1089 * state.
1087 1090 * If the caller holds zone_lock then zone_lock_held is set, and zone_lock
1088 1091 * remains held on exit.
1089 1092 */
1090 1093 static boolean_t
1091 1094 zsd_apply_shutdown(kmutex_t *lockp, boolean_t zone_lock_held,
1092 1095 zone_t *zone, zone_key_t key)
1093 1096 {
1094 1097 struct zsd_entry *t;
1095 1098 void *data;
1096 1099 boolean_t dropped;
1097 1100
1098 1101 if (lockp != NULL) {
1099 1102 ASSERT(MUTEX_HELD(lockp));
1100 1103 }
1101 1104 if (zone_lock_held) {
1102 1105 ASSERT(MUTEX_HELD(&zone->zone_lock));
1103 1106 } else {
1104 1107 mutex_enter(&zone->zone_lock);
1105 1108 }
1106 1109
1107 1110 t = zsd_find(&zone->zone_zsd, key);
1108 1111 if (t == NULL) {
1109 1112 /*
1110 1113 * Somebody else got here first e.g the zone going
1111 1114 * away.
1112 1115 */
1113 1116 if (!zone_lock_held)
1114 1117 mutex_exit(&zone->zone_lock);
1115 1118 return (B_FALSE);
1116 1119 }
1117 1120 dropped = B_FALSE;
1118 1121 if (zsd_wait_for_creator(zone, t, lockp))
1119 1122 dropped = B_TRUE;
1120 1123
1121 1124 if (zsd_wait_for_inprogress(zone, t, lockp))
1122 1125 dropped = B_TRUE;
1123 1126
1124 1127 if (t->zsd_flags & ZSD_SHUTDOWN_NEEDED) {
1125 1128 t->zsd_flags &= ~ZSD_SHUTDOWN_NEEDED;
1126 1129 t->zsd_flags |= ZSD_SHUTDOWN_INPROGRESS;
1127 1130 DTRACE_PROBE2(zsd__shutdown__inprogress,
1128 1131 zone_t *, zone, zone_key_t, key);
1129 1132 mutex_exit(&zone->zone_lock);
1130 1133 if (lockp != NULL)
1131 1134 mutex_exit(lockp);
1132 1135 dropped = B_TRUE;
1133 1136
1134 1137 ASSERT(t->zsd_shutdown != NULL);
1135 1138 data = t->zsd_data;
1136 1139
1137 1140 DTRACE_PROBE2(zsd__shutdown__start,
1138 1141 zone_t *, zone, zone_key_t, key);
1139 1142
1140 1143 (t->zsd_shutdown)(zone->zone_id, data);
1141 1144 DTRACE_PROBE2(zsd__shutdown__end,
1142 1145 zone_t *, zone, zone_key_t, key);
1143 1146
1144 1147 if (lockp != NULL)
1145 1148 mutex_enter(lockp);
1146 1149 mutex_enter(&zone->zone_lock);
1147 1150 t->zsd_flags &= ~ZSD_SHUTDOWN_INPROGRESS;
1148 1151 t->zsd_flags |= ZSD_SHUTDOWN_COMPLETED;
1149 1152 cv_broadcast(&t->zsd_cv);
1150 1153 DTRACE_PROBE2(zsd__shutdown__completed,
1151 1154 zone_t *, zone, zone_key_t, key);
1152 1155 }
1153 1156 if (!zone_lock_held)
1154 1157 mutex_exit(&zone->zone_lock);
1155 1158 return (dropped);
1156 1159 }
1157 1160
1158 1161 /*
1159 1162 * Call the destroy function for the zone and key if DESTROY_NEEDED
1160 1163 * is set.
1161 1164 * If some other thread gets here first and sets *_INPROGRESS, then
1162 1165 * we wait for that thread to complete so that we can ensure that
1163 1166 * all the callbacks are done when we've looped over all zones/keys.
1164 1167 *
1165 1168 * When we call the destroy function, we drop the global held by the
1166 1169 * caller, and return true to tell the caller it needs to re-evalute the
1167 1170 * state.
1168 1171 * If the caller holds zone_lock then zone_lock_held is set, and zone_lock
1169 1172 * remains held on exit.
1170 1173 */
1171 1174 static boolean_t
1172 1175 zsd_apply_destroy(kmutex_t *lockp, boolean_t zone_lock_held,
1173 1176 zone_t *zone, zone_key_t key)
1174 1177 {
1175 1178 struct zsd_entry *t;
1176 1179 void *data;
1177 1180 boolean_t dropped;
1178 1181
1179 1182 if (lockp != NULL) {
1180 1183 ASSERT(MUTEX_HELD(lockp));
1181 1184 }
1182 1185 if (zone_lock_held) {
1183 1186 ASSERT(MUTEX_HELD(&zone->zone_lock));
1184 1187 } else {
1185 1188 mutex_enter(&zone->zone_lock);
1186 1189 }
1187 1190
1188 1191 t = zsd_find(&zone->zone_zsd, key);
1189 1192 if (t == NULL) {
1190 1193 /*
1191 1194 * Somebody else got here first e.g the zone going
1192 1195 * away.
1193 1196 */
1194 1197 if (!zone_lock_held)
1195 1198 mutex_exit(&zone->zone_lock);
1196 1199 return (B_FALSE);
1197 1200 }
1198 1201 dropped = B_FALSE;
1199 1202 if (zsd_wait_for_creator(zone, t, lockp))
1200 1203 dropped = B_TRUE;
1201 1204
1202 1205 if (zsd_wait_for_inprogress(zone, t, lockp))
1203 1206 dropped = B_TRUE;
1204 1207
1205 1208 if (t->zsd_flags & ZSD_DESTROY_NEEDED) {
1206 1209 t->zsd_flags &= ~ZSD_DESTROY_NEEDED;
1207 1210 t->zsd_flags |= ZSD_DESTROY_INPROGRESS;
1208 1211 DTRACE_PROBE2(zsd__destroy__inprogress,
1209 1212 zone_t *, zone, zone_key_t, key);
1210 1213 mutex_exit(&zone->zone_lock);
1211 1214 if (lockp != NULL)
1212 1215 mutex_exit(lockp);
1213 1216 dropped = B_TRUE;
1214 1217
1215 1218 ASSERT(t->zsd_destroy != NULL);
1216 1219 data = t->zsd_data;
1217 1220 DTRACE_PROBE2(zsd__destroy__start,
1218 1221 zone_t *, zone, zone_key_t, key);
1219 1222
1220 1223 (t->zsd_destroy)(zone->zone_id, data);
1221 1224 DTRACE_PROBE2(zsd__destroy__end,
1222 1225 zone_t *, zone, zone_key_t, key);
1223 1226
1224 1227 if (lockp != NULL)
1225 1228 mutex_enter(lockp);
1226 1229 mutex_enter(&zone->zone_lock);
1227 1230 t->zsd_data = NULL;
1228 1231 t->zsd_flags &= ~ZSD_DESTROY_INPROGRESS;
1229 1232 t->zsd_flags |= ZSD_DESTROY_COMPLETED;
1230 1233 cv_broadcast(&t->zsd_cv);
1231 1234 DTRACE_PROBE2(zsd__destroy__completed,
1232 1235 zone_t *, zone, zone_key_t, key);
1233 1236 }
1234 1237 if (!zone_lock_held)
1235 1238 mutex_exit(&zone->zone_lock);
1236 1239 return (dropped);
1237 1240 }
1238 1241
1239 1242 /*
1240 1243 * Wait for any CREATE_NEEDED flag to be cleared.
1241 1244 * Returns true if lockp was temporarily dropped while waiting.
1242 1245 */
1243 1246 static boolean_t
1244 1247 zsd_wait_for_creator(zone_t *zone, struct zsd_entry *t, kmutex_t *lockp)
1245 1248 {
1246 1249 boolean_t dropped = B_FALSE;
1247 1250
1248 1251 while (t->zsd_flags & ZSD_CREATE_NEEDED) {
1249 1252 DTRACE_PROBE2(zsd__wait__for__creator,
1250 1253 zone_t *, zone, struct zsd_entry *, t);
1251 1254 if (lockp != NULL) {
1252 1255 dropped = B_TRUE;
1253 1256 mutex_exit(lockp);
1254 1257 }
1255 1258 cv_wait(&t->zsd_cv, &zone->zone_lock);
1256 1259 if (lockp != NULL) {
1257 1260 /* First drop zone_lock to preserve order */
1258 1261 mutex_exit(&zone->zone_lock);
1259 1262 mutex_enter(lockp);
1260 1263 mutex_enter(&zone->zone_lock);
1261 1264 }
1262 1265 }
1263 1266 return (dropped);
1264 1267 }
1265 1268
1266 1269 /*
1267 1270 * Wait for any INPROGRESS flag to be cleared.
1268 1271 * Returns true if lockp was temporarily dropped while waiting.
1269 1272 */
1270 1273 static boolean_t
1271 1274 zsd_wait_for_inprogress(zone_t *zone, struct zsd_entry *t, kmutex_t *lockp)
1272 1275 {
1273 1276 boolean_t dropped = B_FALSE;
1274 1277
1275 1278 while (t->zsd_flags & ZSD_ALL_INPROGRESS) {
1276 1279 DTRACE_PROBE2(zsd__wait__for__inprogress,
1277 1280 zone_t *, zone, struct zsd_entry *, t);
1278 1281 if (lockp != NULL) {
1279 1282 dropped = B_TRUE;
1280 1283 mutex_exit(lockp);
1281 1284 }
1282 1285 cv_wait(&t->zsd_cv, &zone->zone_lock);
1283 1286 if (lockp != NULL) {
1284 1287 /* First drop zone_lock to preserve order */
1285 1288 mutex_exit(&zone->zone_lock);
1286 1289 mutex_enter(lockp);
1287 1290 mutex_enter(&zone->zone_lock);
1288 1291 }
1289 1292 }
1290 1293 return (dropped);
1291 1294 }
1292 1295
1293 1296 /*
1294 1297 * Frees memory associated with the zone dataset list.
1295 1298 */
1296 1299 static void
1297 1300 zone_free_datasets(zone_t *zone)
1298 1301 {
1299 1302 zone_dataset_t *t, *next;
1300 1303
1301 1304 for (t = list_head(&zone->zone_datasets); t != NULL; t = next) {
1302 1305 next = list_next(&zone->zone_datasets, t);
1303 1306 list_remove(&zone->zone_datasets, t);
1304 1307 kmem_free(t->zd_dataset, strlen(t->zd_dataset) + 1);
1305 1308 kmem_free(t, sizeof (*t));
1306 1309 }
1307 1310 list_destroy(&zone->zone_datasets);
1308 1311 }
1309 1312
1310 1313 /*
1311 1314 * zone.cpu-shares resource control support.
1312 1315 */
1313 1316 /*ARGSUSED*/
1314 1317 static rctl_qty_t
1315 1318 zone_cpu_shares_usage(rctl_t *rctl, struct proc *p)
1316 1319 {
1317 1320 ASSERT(MUTEX_HELD(&p->p_lock));
1318 1321 return (p->p_zone->zone_shares);
1319 1322 }
1320 1323
1321 1324 /*ARGSUSED*/
1322 1325 static int
1323 1326 zone_cpu_shares_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1324 1327 rctl_qty_t nv)
1325 1328 {
1326 1329 ASSERT(MUTEX_HELD(&p->p_lock));
1327 1330 ASSERT(e->rcep_t == RCENTITY_ZONE);
1328 1331 if (e->rcep_p.zone == NULL)
1329 1332 return (0);
1330 1333
1331 1334 e->rcep_p.zone->zone_shares = nv;
1332 1335 return (0);
1333 1336 }
1334 1337
1335 1338 static rctl_ops_t zone_cpu_shares_ops = {
1336 1339 rcop_no_action,
1337 1340 zone_cpu_shares_usage,
1338 1341 zone_cpu_shares_set,
1339 1342 rcop_no_test
1340 1343 };
1341 1344
1342 1345 /*
1343 1346 * zone.cpu-cap resource control support.
1344 1347 */
1345 1348 /*ARGSUSED*/
1346 1349 static rctl_qty_t
1347 1350 zone_cpu_cap_get(rctl_t *rctl, struct proc *p)
1348 1351 {
1349 1352 ASSERT(MUTEX_HELD(&p->p_lock));
1350 1353 return (cpucaps_zone_get(p->p_zone));
1351 1354 }
1352 1355
1353 1356 /*ARGSUSED*/
1354 1357 static int
1355 1358 zone_cpu_cap_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1356 1359 rctl_qty_t nv)
1357 1360 {
1358 1361 zone_t *zone = e->rcep_p.zone;
1359 1362
1360 1363 ASSERT(MUTEX_HELD(&p->p_lock));
1361 1364 ASSERT(e->rcep_t == RCENTITY_ZONE);
1362 1365
1363 1366 if (zone == NULL)
1364 1367 return (0);
1365 1368
1366 1369 /*
1367 1370 * set cap to the new value.
1368 1371 */
1369 1372 return (cpucaps_zone_set(zone, nv));
1370 1373 }
1371 1374
1372 1375 static rctl_ops_t zone_cpu_cap_ops = {
1373 1376 rcop_no_action,
1374 1377 zone_cpu_cap_get,
1375 1378 zone_cpu_cap_set,
1376 1379 rcop_no_test
1377 1380 };
1378 1381
1379 1382 /*
1380 1383 * zone.zfs-io-pri resource control support (IO priority).
1381 1384 */
1382 1385 /*ARGSUSED*/
1383 1386 static rctl_qty_t
1384 1387 zone_zfs_io_pri_get(rctl_t *rctl, struct proc *p)
1385 1388 {
1386 1389 ASSERT(MUTEX_HELD(&p->p_lock));
1387 1390 return (p->p_zone->zone_zfs_io_pri);
1388 1391 }
1389 1392
1390 1393 /*ARGSUSED*/
1391 1394 static int
1392 1395 zone_zfs_io_pri_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1393 1396 rctl_qty_t nv)
1394 1397 {
1395 1398 zone_t *zone = e->rcep_p.zone;
1396 1399
1397 1400 ASSERT(MUTEX_HELD(&p->p_lock));
1398 1401 ASSERT(e->rcep_t == RCENTITY_ZONE);
1399 1402
1400 1403 if (zone == NULL)
1401 1404 return (0);
1402 1405
1403 1406 /*
1404 1407 * set priority to the new value.
1405 1408 */
1406 1409 zone->zone_zfs_io_pri = nv;
1407 1410 return (0);
1408 1411 }
1409 1412
1410 1413 static rctl_ops_t zone_zfs_io_pri_ops = {
1411 1414 rcop_no_action,
1412 1415 zone_zfs_io_pri_get,
1413 1416 zone_zfs_io_pri_set,
1414 1417 rcop_no_test
1415 1418 };
1416 1419
1417 1420 /*ARGSUSED*/
1418 1421 static rctl_qty_t
1419 1422 zone_lwps_usage(rctl_t *r, proc_t *p)
1420 1423 {
1421 1424 rctl_qty_t nlwps;
1422 1425 zone_t *zone = p->p_zone;
1423 1426
1424 1427 ASSERT(MUTEX_HELD(&p->p_lock));
1425 1428
1426 1429 mutex_enter(&zone->zone_nlwps_lock);
1427 1430 nlwps = zone->zone_nlwps;
1428 1431 mutex_exit(&zone->zone_nlwps_lock);
1429 1432
1430 1433 return (nlwps);
1431 1434 }
1432 1435
1433 1436 /*ARGSUSED*/
1434 1437 static int
1435 1438 zone_lwps_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e, rctl_val_t *rcntl,
1436 1439 rctl_qty_t incr, uint_t flags)
1437 1440 {
1438 1441 rctl_qty_t nlwps;
1439 1442
1440 1443 ASSERT(MUTEX_HELD(&p->p_lock));
1441 1444 ASSERT(e->rcep_t == RCENTITY_ZONE);
1442 1445 if (e->rcep_p.zone == NULL)
1443 1446 return (0);
1444 1447 ASSERT(MUTEX_HELD(&(e->rcep_p.zone->zone_nlwps_lock)));
1445 1448 nlwps = e->rcep_p.zone->zone_nlwps;
1446 1449
1447 1450 if (nlwps + incr > rcntl->rcv_value)
1448 1451 return (1);
1449 1452
1450 1453 return (0);
1451 1454 }
1452 1455
1453 1456 /*ARGSUSED*/
1454 1457 static int
1455 1458 zone_lwps_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e, rctl_qty_t nv)
1456 1459 {
1457 1460 ASSERT(MUTEX_HELD(&p->p_lock));
1458 1461 ASSERT(e->rcep_t == RCENTITY_ZONE);
1459 1462 if (e->rcep_p.zone == NULL)
1460 1463 return (0);
1461 1464 e->rcep_p.zone->zone_nlwps_ctl = nv;
1462 1465 return (0);
1463 1466 }
1464 1467
1465 1468 static rctl_ops_t zone_lwps_ops = {
1466 1469 rcop_no_action,
1467 1470 zone_lwps_usage,
1468 1471 zone_lwps_set,
1469 1472 zone_lwps_test,
1470 1473 };
1471 1474
1472 1475 /*ARGSUSED*/
1473 1476 static rctl_qty_t
1474 1477 zone_procs_usage(rctl_t *r, proc_t *p)
1475 1478 {
1476 1479 rctl_qty_t nprocs;
1477 1480 zone_t *zone = p->p_zone;
1478 1481
1479 1482 ASSERT(MUTEX_HELD(&p->p_lock));
1480 1483
1481 1484 mutex_enter(&zone->zone_nlwps_lock);
1482 1485 nprocs = zone->zone_nprocs;
1483 1486 mutex_exit(&zone->zone_nlwps_lock);
1484 1487
1485 1488 return (nprocs);
1486 1489 }
1487 1490
1488 1491 /*ARGSUSED*/
1489 1492 static int
1490 1493 zone_procs_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e, rctl_val_t *rcntl,
1491 1494 rctl_qty_t incr, uint_t flags)
1492 1495 {
1493 1496 rctl_qty_t nprocs;
1494 1497
1495 1498 ASSERT(MUTEX_HELD(&p->p_lock));
1496 1499 ASSERT(e->rcep_t == RCENTITY_ZONE);
1497 1500 if (e->rcep_p.zone == NULL)
1498 1501 return (0);
1499 1502 ASSERT(MUTEX_HELD(&(e->rcep_p.zone->zone_nlwps_lock)));
1500 1503 nprocs = e->rcep_p.zone->zone_nprocs;
1501 1504
1502 1505 if (nprocs + incr > rcntl->rcv_value)
1503 1506 return (1);
1504 1507
1505 1508 return (0);
1506 1509 }
1507 1510
1508 1511 /*ARGSUSED*/
1509 1512 static int
1510 1513 zone_procs_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e, rctl_qty_t nv)
1511 1514 {
1512 1515 ASSERT(MUTEX_HELD(&p->p_lock));
1513 1516 ASSERT(e->rcep_t == RCENTITY_ZONE);
1514 1517 if (e->rcep_p.zone == NULL)
1515 1518 return (0);
1516 1519 e->rcep_p.zone->zone_nprocs_ctl = nv;
1517 1520 return (0);
1518 1521 }
1519 1522
1520 1523 static rctl_ops_t zone_procs_ops = {
1521 1524 rcop_no_action,
1522 1525 zone_procs_usage,
1523 1526 zone_procs_set,
1524 1527 zone_procs_test,
1525 1528 };
1526 1529
1527 1530 /*ARGSUSED*/
1528 1531 static rctl_qty_t
1529 1532 zone_shmmax_usage(rctl_t *rctl, struct proc *p)
1530 1533 {
1531 1534 ASSERT(MUTEX_HELD(&p->p_lock));
1532 1535 return (p->p_zone->zone_shmmax);
1533 1536 }
1534 1537
1535 1538 /*ARGSUSED*/
1536 1539 static int
1537 1540 zone_shmmax_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e, rctl_val_t *rval,
1538 1541 rctl_qty_t incr, uint_t flags)
1539 1542 {
1540 1543 rctl_qty_t v;
1541 1544 ASSERT(MUTEX_HELD(&p->p_lock));
1542 1545 ASSERT(e->rcep_t == RCENTITY_ZONE);
1543 1546 v = e->rcep_p.zone->zone_shmmax + incr;
1544 1547 if (v > rval->rcv_value)
1545 1548 return (1);
1546 1549 return (0);
1547 1550 }
1548 1551
1549 1552 static rctl_ops_t zone_shmmax_ops = {
1550 1553 rcop_no_action,
1551 1554 zone_shmmax_usage,
1552 1555 rcop_no_set,
1553 1556 zone_shmmax_test
1554 1557 };
1555 1558
1556 1559 /*ARGSUSED*/
1557 1560 static rctl_qty_t
1558 1561 zone_shmmni_usage(rctl_t *rctl, struct proc *p)
1559 1562 {
1560 1563 ASSERT(MUTEX_HELD(&p->p_lock));
1561 1564 return (p->p_zone->zone_ipc.ipcq_shmmni);
1562 1565 }
1563 1566
1564 1567 /*ARGSUSED*/
1565 1568 static int
1566 1569 zone_shmmni_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e, rctl_val_t *rval,
1567 1570 rctl_qty_t incr, uint_t flags)
1568 1571 {
1569 1572 rctl_qty_t v;
1570 1573 ASSERT(MUTEX_HELD(&p->p_lock));
1571 1574 ASSERT(e->rcep_t == RCENTITY_ZONE);
1572 1575 v = e->rcep_p.zone->zone_ipc.ipcq_shmmni + incr;
1573 1576 if (v > rval->rcv_value)
1574 1577 return (1);
1575 1578 return (0);
1576 1579 }
1577 1580
1578 1581 static rctl_ops_t zone_shmmni_ops = {
1579 1582 rcop_no_action,
1580 1583 zone_shmmni_usage,
1581 1584 rcop_no_set,
1582 1585 zone_shmmni_test
1583 1586 };
1584 1587
1585 1588 /*ARGSUSED*/
1586 1589 static rctl_qty_t
1587 1590 zone_semmni_usage(rctl_t *rctl, struct proc *p)
1588 1591 {
1589 1592 ASSERT(MUTEX_HELD(&p->p_lock));
1590 1593 return (p->p_zone->zone_ipc.ipcq_semmni);
1591 1594 }
1592 1595
1593 1596 /*ARGSUSED*/
1594 1597 static int
1595 1598 zone_semmni_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e, rctl_val_t *rval,
1596 1599 rctl_qty_t incr, uint_t flags)
1597 1600 {
1598 1601 rctl_qty_t v;
1599 1602 ASSERT(MUTEX_HELD(&p->p_lock));
1600 1603 ASSERT(e->rcep_t == RCENTITY_ZONE);
1601 1604 v = e->rcep_p.zone->zone_ipc.ipcq_semmni + incr;
1602 1605 if (v > rval->rcv_value)
1603 1606 return (1);
1604 1607 return (0);
1605 1608 }
1606 1609
1607 1610 static rctl_ops_t zone_semmni_ops = {
1608 1611 rcop_no_action,
1609 1612 zone_semmni_usage,
1610 1613 rcop_no_set,
1611 1614 zone_semmni_test
1612 1615 };
1613 1616
1614 1617 /*ARGSUSED*/
1615 1618 static rctl_qty_t
1616 1619 zone_msgmni_usage(rctl_t *rctl, struct proc *p)
1617 1620 {
1618 1621 ASSERT(MUTEX_HELD(&p->p_lock));
1619 1622 return (p->p_zone->zone_ipc.ipcq_msgmni);
1620 1623 }
1621 1624
1622 1625 /*ARGSUSED*/
1623 1626 static int
1624 1627 zone_msgmni_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e, rctl_val_t *rval,
1625 1628 rctl_qty_t incr, uint_t flags)
1626 1629 {
1627 1630 rctl_qty_t v;
1628 1631 ASSERT(MUTEX_HELD(&p->p_lock));
1629 1632 ASSERT(e->rcep_t == RCENTITY_ZONE);
1630 1633 v = e->rcep_p.zone->zone_ipc.ipcq_msgmni + incr;
1631 1634 if (v > rval->rcv_value)
1632 1635 return (1);
1633 1636 return (0);
1634 1637 }
1635 1638
1636 1639 static rctl_ops_t zone_msgmni_ops = {
1637 1640 rcop_no_action,
1638 1641 zone_msgmni_usage,
1639 1642 rcop_no_set,
1640 1643 zone_msgmni_test
1641 1644 };
1642 1645
1643 1646 /*ARGSUSED*/
1644 1647 static rctl_qty_t
1645 1648 zone_locked_mem_usage(rctl_t *rctl, struct proc *p)
1646 1649 {
1647 1650 rctl_qty_t q;
1648 1651 ASSERT(MUTEX_HELD(&p->p_lock));
1649 1652 mutex_enter(&p->p_zone->zone_mem_lock);
1650 1653 q = p->p_zone->zone_locked_mem;
1651 1654 mutex_exit(&p->p_zone->zone_mem_lock);
1652 1655 return (q);
1653 1656 }
1654 1657
1655 1658 /*ARGSUSED*/
1656 1659 static int
1657 1660 zone_locked_mem_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e,
1658 1661 rctl_val_t *rcntl, rctl_qty_t incr, uint_t flags)
1659 1662 {
1660 1663 rctl_qty_t q;
1661 1664 zone_t *z;
1662 1665
1663 1666 z = e->rcep_p.zone;
1664 1667 ASSERT(MUTEX_HELD(&p->p_lock));
1665 1668 ASSERT(MUTEX_HELD(&z->zone_mem_lock));
1666 1669 q = z->zone_locked_mem;
1667 1670 if (q + incr > rcntl->rcv_value)
1668 1671 return (1);
1669 1672 return (0);
1670 1673 }
1671 1674
1672 1675 /*ARGSUSED*/
1673 1676 static int
1674 1677 zone_locked_mem_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1675 1678 rctl_qty_t nv)
1676 1679 {
1677 1680 ASSERT(MUTEX_HELD(&p->p_lock));
1678 1681 ASSERT(e->rcep_t == RCENTITY_ZONE);
1679 1682 if (e->rcep_p.zone == NULL)
1680 1683 return (0);
1681 1684 e->rcep_p.zone->zone_locked_mem_ctl = nv;
1682 1685 return (0);
1683 1686 }
1684 1687
1685 1688 static rctl_ops_t zone_locked_mem_ops = {
1686 1689 rcop_no_action,
1687 1690 zone_locked_mem_usage,
1688 1691 zone_locked_mem_set,
1689 1692 zone_locked_mem_test
1690 1693 };
1691 1694
1692 1695 /*ARGSUSED*/
1693 1696 static rctl_qty_t
1694 1697 zone_max_swap_usage(rctl_t *rctl, struct proc *p)
1695 1698 {
1696 1699 rctl_qty_t q;
1697 1700 zone_t *z = p->p_zone;
1698 1701
1699 1702 ASSERT(MUTEX_HELD(&p->p_lock));
1700 1703 mutex_enter(&z->zone_mem_lock);
1701 1704 q = z->zone_max_swap;
1702 1705 mutex_exit(&z->zone_mem_lock);
1703 1706 return (q);
1704 1707 }
1705 1708
1706 1709 /*ARGSUSED*/
1707 1710 static int
1708 1711 zone_max_swap_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e,
1709 1712 rctl_val_t *rcntl, rctl_qty_t incr, uint_t flags)
1710 1713 {
1711 1714 rctl_qty_t q;
1712 1715 zone_t *z;
1713 1716
1714 1717 z = e->rcep_p.zone;
1715 1718 ASSERT(MUTEX_HELD(&p->p_lock));
1716 1719 ASSERT(MUTEX_HELD(&z->zone_mem_lock));
1717 1720 q = z->zone_max_swap;
1718 1721 if (q + incr > rcntl->rcv_value)
1719 1722 return (1);
1720 1723 return (0);
1721 1724 }
1722 1725
1723 1726 /*ARGSUSED*/
1724 1727 static int
1725 1728 zone_max_swap_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1726 1729 rctl_qty_t nv)
1727 1730 {
1728 1731 ASSERT(MUTEX_HELD(&p->p_lock));
1729 1732 ASSERT(e->rcep_t == RCENTITY_ZONE);
1730 1733 if (e->rcep_p.zone == NULL)
1731 1734 return (0);
1732 1735 e->rcep_p.zone->zone_max_swap_ctl = nv;
1733 1736 return (0);
1734 1737 }
|
↓ open down ↓ |
1352 lines elided |
↑ open up ↑ |
1735 1738
1736 1739 static rctl_ops_t zone_max_swap_ops = {
1737 1740 rcop_no_action,
1738 1741 zone_max_swap_usage,
1739 1742 zone_max_swap_set,
1740 1743 zone_max_swap_test
1741 1744 };
1742 1745
1743 1746 /*ARGSUSED*/
1744 1747 static rctl_qty_t
1748 +zone_phys_mem_usage(rctl_t *rctl, struct proc *p)
1749 +{
1750 + rctl_qty_t q;
1751 + zone_t *z = p->p_zone;
1752 +
1753 + ASSERT(MUTEX_HELD(&p->p_lock));
1754 + /* No additional lock because not enforced in the kernel */
1755 + q = z->zone_phys_mem;
1756 + return (q);
1757 +}
1758 +
1759 +/*ARGSUSED*/
1760 +static int
1761 +zone_phys_mem_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1762 + rctl_qty_t nv)
1763 +{
1764 + ASSERT(MUTEX_HELD(&p->p_lock));
1765 + ASSERT(e->rcep_t == RCENTITY_ZONE);
1766 + if (e->rcep_p.zone == NULL)
1767 + return (0);
1768 + e->rcep_p.zone->zone_phys_mem_ctl = nv;
1769 + return (0);
1770 +}
1771 +
1772 +static rctl_ops_t zone_phys_mem_ops = {
1773 + rcop_no_action,
1774 + zone_phys_mem_usage,
1775 + zone_phys_mem_set,
1776 + rcop_no_test
1777 +};
1778 +
1779 +/*ARGSUSED*/
1780 +static rctl_qty_t
1745 1781 zone_max_lofi_usage(rctl_t *rctl, struct proc *p)
1746 1782 {
1747 1783 rctl_qty_t q;
1748 1784 zone_t *z = p->p_zone;
1749 1785
1750 1786 ASSERT(MUTEX_HELD(&p->p_lock));
1751 1787 mutex_enter(&z->zone_rctl_lock);
1752 1788 q = z->zone_max_lofi;
1753 1789 mutex_exit(&z->zone_rctl_lock);
1754 1790 return (q);
1755 1791 }
1756 1792
1757 1793 /*ARGSUSED*/
1758 1794 static int
1759 1795 zone_max_lofi_test(rctl_t *r, proc_t *p, rctl_entity_p_t *e,
1760 1796 rctl_val_t *rcntl, rctl_qty_t incr, uint_t flags)
1761 1797 {
1762 1798 rctl_qty_t q;
1763 1799 zone_t *z;
1764 1800
1765 1801 z = e->rcep_p.zone;
1766 1802 ASSERT(MUTEX_HELD(&p->p_lock));
1767 1803 ASSERT(MUTEX_HELD(&z->zone_rctl_lock));
1768 1804 q = z->zone_max_lofi;
1769 1805 if (q + incr > rcntl->rcv_value)
1770 1806 return (1);
1771 1807 return (0);
1772 1808 }
1773 1809
1774 1810 /*ARGSUSED*/
1775 1811 static int
1776 1812 zone_max_lofi_set(rctl_t *rctl, struct proc *p, rctl_entity_p_t *e,
1777 1813 rctl_qty_t nv)
1778 1814 {
1779 1815 ASSERT(MUTEX_HELD(&p->p_lock));
1780 1816 ASSERT(e->rcep_t == RCENTITY_ZONE);
1781 1817 if (e->rcep_p.zone == NULL)
1782 1818 return (0);
1783 1819 e->rcep_p.zone->zone_max_lofi_ctl = nv;
1784 1820 return (0);
1785 1821 }
1786 1822
1787 1823 static rctl_ops_t zone_max_lofi_ops = {
1788 1824 rcop_no_action,
1789 1825 zone_max_lofi_usage,
1790 1826 zone_max_lofi_set,
1791 1827 zone_max_lofi_test
1792 1828 };
1793 1829
1794 1830 /*
1795 1831 * Helper function to brand the zone with a unique ID.
1796 1832 */
1797 1833 static void
1798 1834 zone_uniqid(zone_t *zone)
1799 1835 {
1800 1836 static uint64_t uniqid = 0;
1801 1837
1802 1838 ASSERT(MUTEX_HELD(&zonehash_lock));
1803 1839 zone->zone_uniqid = uniqid++;
1804 1840 }
1805 1841
1806 1842 /*
1807 1843 * Returns a held pointer to the "kcred" for the specified zone.
1808 1844 */
1809 1845 struct cred *
1810 1846 zone_get_kcred(zoneid_t zoneid)
1811 1847 {
1812 1848 zone_t *zone;
1813 1849 cred_t *cr;
1814 1850
1815 1851 if ((zone = zone_find_by_id(zoneid)) == NULL)
1816 1852 return (NULL);
1817 1853 cr = zone->zone_kcred;
1818 1854 crhold(cr);
1819 1855 zone_rele(zone);
1820 1856 return (cr);
1821 1857 }
1822 1858
1823 1859 static int
1824 1860 zone_lockedmem_kstat_update(kstat_t *ksp, int rw)
1825 1861 {
1826 1862 zone_t *zone = ksp->ks_private;
1827 1863 zone_kstat_t *zk = ksp->ks_data;
|
↓ open down ↓ |
73 lines elided |
↑ open up ↑ |
1828 1864
1829 1865 if (rw == KSTAT_WRITE)
1830 1866 return (EACCES);
1831 1867
1832 1868 zk->zk_usage.value.ui64 = zone->zone_locked_mem;
1833 1869 zk->zk_value.value.ui64 = zone->zone_locked_mem_ctl;
1834 1870 return (0);
1835 1871 }
1836 1872
1837 1873 static int
1874 +zone_physmem_kstat_update(kstat_t *ksp, int rw)
1875 +{
1876 + zone_t *zone = ksp->ks_private;
1877 + zone_kstat_t *zk = ksp->ks_data;
1878 +
1879 + if (rw == KSTAT_WRITE)
1880 + return (EACCES);
1881 +
1882 + zk->zk_usage.value.ui64 = zone->zone_phys_mem;
1883 + zk->zk_value.value.ui64 = zone->zone_phys_mem_ctl;
1884 + return (0);
1885 +}
1886 +
1887 +static int
1838 1888 zone_nprocs_kstat_update(kstat_t *ksp, int rw)
1839 1889 {
1840 1890 zone_t *zone = ksp->ks_private;
1841 1891 zone_kstat_t *zk = ksp->ks_data;
1842 1892
1843 1893 if (rw == KSTAT_WRITE)
1844 1894 return (EACCES);
1845 1895
1846 1896 zk->zk_usage.value.ui64 = zone->zone_nprocs;
1847 1897 zk->zk_value.value.ui64 = zone->zone_nprocs_ctl;
1848 1898 return (0);
1849 1899 }
1850 1900
1851 1901 static int
1852 1902 zone_swapresv_kstat_update(kstat_t *ksp, int rw)
1853 1903 {
1854 1904 zone_t *zone = ksp->ks_private;
1855 1905 zone_kstat_t *zk = ksp->ks_data;
1856 1906
1857 1907 if (rw == KSTAT_WRITE)
1858 1908 return (EACCES);
1859 1909
1860 1910 zk->zk_usage.value.ui64 = zone->zone_max_swap;
1861 1911 zk->zk_value.value.ui64 = zone->zone_max_swap_ctl;
1862 1912 return (0);
1863 1913 }
1864 1914
1865 1915 static kstat_t *
1866 1916 zone_kstat_create_common(zone_t *zone, char *name,
1867 1917 int (*updatefunc) (kstat_t *, int))
1868 1918 {
1869 1919 kstat_t *ksp;
1870 1920 zone_kstat_t *zk;
1871 1921
1872 1922 ksp = rctl_kstat_create_zone(zone, name, KSTAT_TYPE_NAMED,
1873 1923 sizeof (zone_kstat_t) / sizeof (kstat_named_t),
1874 1924 KSTAT_FLAG_VIRTUAL);
1875 1925
1876 1926 if (ksp == NULL)
1877 1927 return (NULL);
1878 1928
1879 1929 zk = ksp->ks_data = kmem_alloc(sizeof (zone_kstat_t), KM_SLEEP);
1880 1930 ksp->ks_data_size += strlen(zone->zone_name) + 1;
|
↓ open down ↓ |
33 lines elided |
↑ open up ↑ |
1881 1931 kstat_named_init(&zk->zk_zonename, "zonename", KSTAT_DATA_STRING);
1882 1932 kstat_named_setstr(&zk->zk_zonename, zone->zone_name);
1883 1933 kstat_named_init(&zk->zk_usage, "usage", KSTAT_DATA_UINT64);
1884 1934 kstat_named_init(&zk->zk_value, "value", KSTAT_DATA_UINT64);
1885 1935 ksp->ks_update = updatefunc;
1886 1936 ksp->ks_private = zone;
1887 1937 kstat_install(ksp);
1888 1938 return (ksp);
1889 1939 }
1890 1940
1941 +static int
1942 +zone_vfs_kstat_update(kstat_t *ksp, int rw)
1943 +{
1944 + zone_t *zone = ksp->ks_private;
1945 + zone_vfs_kstat_t *zvp = ksp->ks_data;
1946 + kstat_io_t *kiop = &zone->zone_vfs_rwstats;
1891 1947
1948 + if (rw == KSTAT_WRITE)
1949 + return (EACCES);
1950 +
1951 + /*
1952 + * Extract the VFS statistics from the kstat_io_t structure used by
1953 + * kstat_runq_enter() and related functions. Since the slow ops
1954 + * counters are updated directly by the VFS layer, there's no need to
1955 + * copy those statistics here.
1956 + *
1957 + * Note that kstat_runq_enter() and the related functions use
1958 + * gethrtime_unscaled(), so scale the time here.
1959 + */
1960 + zvp->zv_nread.value.ui64 = kiop->nread;
1961 + zvp->zv_reads.value.ui64 = kiop->reads;
1962 + zvp->zv_rtime.value.ui64 = kiop->rtime;
1963 + zvp->zv_rcnt.value.ui64 = kiop->rcnt;
1964 + zvp->zv_rlentime.value.ui64 = kiop->rlentime;
1965 + zvp->zv_nwritten.value.ui64 = kiop->nwritten;
1966 + zvp->zv_writes.value.ui64 = kiop->writes;
1967 + zvp->zv_wtime.value.ui64 = kiop->wtime;
1968 + zvp->zv_wcnt.value.ui64 = kiop->wcnt;
1969 + zvp->zv_wlentime.value.ui64 = kiop->wlentime;
1970 +
1971 + scalehrtime((hrtime_t *)&zvp->zv_rtime.value.ui64);
1972 + scalehrtime((hrtime_t *)&zvp->zv_rlentime.value.ui64);
1973 + scalehrtime((hrtime_t *)&zvp->zv_wtime.value.ui64);
1974 + scalehrtime((hrtime_t *)&zvp->zv_wlentime.value.ui64);
1975 +
1976 + return (0);
1977 +}
1978 +
1979 +static kstat_t *
1980 +zone_vfs_kstat_create(zone_t *zone)
1981 +{
1982 + kstat_t *ksp;
1983 + zone_vfs_kstat_t *zvp;
1984 +
1985 + if ((ksp = kstat_create_zone("zone_vfs", zone->zone_id,
1986 + zone->zone_name, "zone_vfs", KSTAT_TYPE_NAMED,
1987 + sizeof (zone_vfs_kstat_t) / sizeof (kstat_named_t),
1988 + KSTAT_FLAG_VIRTUAL, zone->zone_id)) == NULL)
1989 + return (NULL);
1990 +
1991 + if (zone->zone_id != GLOBAL_ZONEID)
1992 + kstat_zone_add(ksp, GLOBAL_ZONEID);
1993 +
1994 + zvp = ksp->ks_data = kmem_zalloc(sizeof (zone_vfs_kstat_t), KM_SLEEP);
1995 + ksp->ks_data_size += strlen(zone->zone_name) + 1;
1996 + ksp->ks_lock = &zone->zone_vfs_lock;
1997 + zone->zone_vfs_stats = zvp;
1998 +
1999 + /* The kstat "name" field is not large enough for a full zonename */
2000 + kstat_named_init(&zvp->zv_zonename, "zonename", KSTAT_DATA_STRING);
2001 + kstat_named_setstr(&zvp->zv_zonename, zone->zone_name);
2002 + kstat_named_init(&zvp->zv_nread, "nread", KSTAT_DATA_UINT64);
2003 + kstat_named_init(&zvp->zv_reads, "reads", KSTAT_DATA_UINT64);
2004 + kstat_named_init(&zvp->zv_rtime, "rtime", KSTAT_DATA_UINT64);
2005 + kstat_named_init(&zvp->zv_rcnt, "rcnt", KSTAT_DATA_UINT64);
2006 + kstat_named_init(&zvp->zv_rlentime, "rlentime", KSTAT_DATA_UINT64);
2007 + kstat_named_init(&zvp->zv_nwritten, "nwritten", KSTAT_DATA_UINT64);
2008 + kstat_named_init(&zvp->zv_writes, "writes", KSTAT_DATA_UINT64);
2009 + kstat_named_init(&zvp->zv_wtime, "wtime", KSTAT_DATA_UINT64);
2010 + kstat_named_init(&zvp->zv_wcnt, "wcnt", KSTAT_DATA_UINT64);
2011 + kstat_named_init(&zvp->zv_wlentime, "wlentime", KSTAT_DATA_UINT64);
2012 + kstat_named_init(&zvp->zv_10ms_ops, "10ms_ops", KSTAT_DATA_UINT64);
2013 + kstat_named_init(&zvp->zv_100ms_ops, "100ms_ops", KSTAT_DATA_UINT64);
2014 + kstat_named_init(&zvp->zv_1s_ops, "1s_ops", KSTAT_DATA_UINT64);
2015 + kstat_named_init(&zvp->zv_10s_ops, "10s_ops", KSTAT_DATA_UINT64);
2016 + kstat_named_init(&zvp->zv_delay_cnt, "delay_cnt", KSTAT_DATA_UINT64);
2017 + kstat_named_init(&zvp->zv_delay_time, "delay_time", KSTAT_DATA_UINT64);
2018 +
2019 + ksp->ks_update = zone_vfs_kstat_update;
2020 + ksp->ks_private = zone;
2021 +
2022 + kstat_install(ksp);
2023 + return (ksp);
2024 +}
2025 +
1892 2026 static int
2027 +zone_zfs_kstat_update(kstat_t *ksp, int rw)
2028 +{
2029 + zone_t *zone = ksp->ks_private;
2030 + zone_zfs_kstat_t *zzp = ksp->ks_data;
2031 + kstat_io_t *kiop = &zone->zone_zfs_rwstats;
2032 +
2033 + if (rw == KSTAT_WRITE)
2034 + return (EACCES);
2035 +
2036 + /*
2037 + * Extract the ZFS statistics from the kstat_io_t structure used by
2038 + * kstat_runq_enter() and related functions. Since the I/O throttle
2039 + * counters are updated directly by the ZFS layer, there's no need to
2040 + * copy those statistics here.
2041 + *
2042 + * Note that kstat_runq_enter() and the related functions use
2043 + * gethrtime_unscaled(), so scale the time here.
2044 + */
2045 + zzp->zz_nread.value.ui64 = kiop->nread;
2046 + zzp->zz_reads.value.ui64 = kiop->reads;
2047 + zzp->zz_rtime.value.ui64 = kiop->rtime;
2048 + zzp->zz_rlentime.value.ui64 = kiop->rlentime;
2049 + zzp->zz_nwritten.value.ui64 = kiop->nwritten;
2050 + zzp->zz_writes.value.ui64 = kiop->writes;
2051 +
2052 + scalehrtime((hrtime_t *)&zzp->zz_rtime.value.ui64);
2053 + scalehrtime((hrtime_t *)&zzp->zz_rlentime.value.ui64);
2054 +
2055 + return (0);
2056 +}
2057 +
2058 +static kstat_t *
2059 +zone_zfs_kstat_create(zone_t *zone)
2060 +{
2061 + kstat_t *ksp;
2062 + zone_zfs_kstat_t *zzp;
2063 +
2064 + if ((ksp = kstat_create_zone("zone_zfs", zone->zone_id,
2065 + zone->zone_name, "zone_zfs", KSTAT_TYPE_NAMED,
2066 + sizeof (zone_zfs_kstat_t) / sizeof (kstat_named_t),
2067 + KSTAT_FLAG_VIRTUAL, zone->zone_id)) == NULL)
2068 + return (NULL);
2069 +
2070 + if (zone->zone_id != GLOBAL_ZONEID)
2071 + kstat_zone_add(ksp, GLOBAL_ZONEID);
2072 +
2073 + zzp = ksp->ks_data = kmem_zalloc(sizeof (zone_zfs_kstat_t), KM_SLEEP);
2074 + ksp->ks_data_size += strlen(zone->zone_name) + 1;
2075 + ksp->ks_lock = &zone->zone_zfs_lock;
2076 + zone->zone_zfs_stats = zzp;
2077 +
2078 + /* The kstat "name" field is not large enough for a full zonename */
2079 + kstat_named_init(&zzp->zz_zonename, "zonename", KSTAT_DATA_STRING);
2080 + kstat_named_setstr(&zzp->zz_zonename, zone->zone_name);
2081 + kstat_named_init(&zzp->zz_nread, "nread", KSTAT_DATA_UINT64);
2082 + kstat_named_init(&zzp->zz_reads, "reads", KSTAT_DATA_UINT64);
2083 + kstat_named_init(&zzp->zz_rtime, "rtime", KSTAT_DATA_UINT64);
2084 + kstat_named_init(&zzp->zz_rlentime, "rlentime", KSTAT_DATA_UINT64);
2085 + kstat_named_init(&zzp->zz_nwritten, "nwritten", KSTAT_DATA_UINT64);
2086 + kstat_named_init(&zzp->zz_writes, "writes", KSTAT_DATA_UINT64);
2087 + kstat_named_init(&zzp->zz_waittime, "waittime", KSTAT_DATA_UINT64);
2088 +
2089 + ksp->ks_update = zone_zfs_kstat_update;
2090 + ksp->ks_private = zone;
2091 +
2092 + kstat_install(ksp);
2093 + return (ksp);
2094 +}
2095 +
2096 +static int
1893 2097 zone_mcap_kstat_update(kstat_t *ksp, int rw)
1894 2098 {
1895 2099 zone_t *zone = ksp->ks_private;
1896 2100 zone_mcap_kstat_t *zmp = ksp->ks_data;
1897 2101
1898 2102 if (rw == KSTAT_WRITE)
1899 2103 return (EACCES);
1900 2104
2105 + zmp->zm_rss.value.ui64 = zone->zone_phys_mem;
2106 + zmp->zm_phys_cap.value.ui64 = zone->zone_phys_mem_ctl;
2107 + zmp->zm_swap.value.ui64 = zone->zone_max_swap;
2108 + zmp->zm_swap_cap.value.ui64 = zone->zone_max_swap_ctl;
2109 + zmp->zm_nover.value.ui64 = zone->zone_mcap_nover;
2110 + zmp->zm_pagedout.value.ui64 = zone->zone_mcap_pagedout;
1901 2111 zmp->zm_pgpgin.value.ui64 = zone->zone_pgpgin;
1902 2112 zmp->zm_anonpgin.value.ui64 = zone->zone_anonpgin;
1903 2113 zmp->zm_execpgin.value.ui64 = zone->zone_execpgin;
1904 2114 zmp->zm_fspgin.value.ui64 = zone->zone_fspgin;
1905 2115 zmp->zm_anon_alloc_fail.value.ui64 = zone->zone_anon_alloc_fail;
2116 + zmp->zm_pf_throttle.value.ui64 = zone->zone_pf_throttle;
2117 + zmp->zm_pf_throttle_usec.value.ui64 = zone->zone_pf_throttle_usec;
1906 2118
1907 2119 return (0);
1908 2120 }
1909 2121
1910 2122 static kstat_t *
1911 2123 zone_mcap_kstat_create(zone_t *zone)
1912 2124 {
1913 2125 kstat_t *ksp;
1914 2126 zone_mcap_kstat_t *zmp;
1915 2127
1916 2128 if ((ksp = kstat_create_zone("memory_cap", zone->zone_id,
1917 2129 zone->zone_name, "zone_memory_cap", KSTAT_TYPE_NAMED,
1918 2130 sizeof (zone_mcap_kstat_t) / sizeof (kstat_named_t),
1919 2131 KSTAT_FLAG_VIRTUAL, zone->zone_id)) == NULL)
1920 2132 return (NULL);
1921 2133
1922 2134 if (zone->zone_id != GLOBAL_ZONEID)
|
↓ open down ↓ |
7 lines elided |
↑ open up ↑ |
1923 2135 kstat_zone_add(ksp, GLOBAL_ZONEID);
1924 2136
1925 2137 zmp = ksp->ks_data = kmem_zalloc(sizeof (zone_mcap_kstat_t), KM_SLEEP);
1926 2138 ksp->ks_data_size += strlen(zone->zone_name) + 1;
1927 2139 ksp->ks_lock = &zone->zone_mcap_lock;
1928 2140 zone->zone_mcap_stats = zmp;
1929 2141
1930 2142 /* The kstat "name" field is not large enough for a full zonename */
1931 2143 kstat_named_init(&zmp->zm_zonename, "zonename", KSTAT_DATA_STRING);
1932 2144 kstat_named_setstr(&zmp->zm_zonename, zone->zone_name);
2145 + kstat_named_setstr(&zmp->zm_zonename, zone->zone_name);
2146 + kstat_named_init(&zmp->zm_rss, "rss", KSTAT_DATA_UINT64);
2147 + kstat_named_init(&zmp->zm_phys_cap, "physcap", KSTAT_DATA_UINT64);
2148 + kstat_named_init(&zmp->zm_swap, "swap", KSTAT_DATA_UINT64);
2149 + kstat_named_init(&zmp->zm_swap_cap, "swapcap", KSTAT_DATA_UINT64);
2150 + kstat_named_init(&zmp->zm_nover, "nover", KSTAT_DATA_UINT64);
2151 + kstat_named_init(&zmp->zm_pagedout, "pagedout", KSTAT_DATA_UINT64);
1933 2152 kstat_named_init(&zmp->zm_pgpgin, "pgpgin", KSTAT_DATA_UINT64);
1934 2153 kstat_named_init(&zmp->zm_anonpgin, "anonpgin", KSTAT_DATA_UINT64);
1935 2154 kstat_named_init(&zmp->zm_execpgin, "execpgin", KSTAT_DATA_UINT64);
1936 2155 kstat_named_init(&zmp->zm_fspgin, "fspgin", KSTAT_DATA_UINT64);
1937 2156 kstat_named_init(&zmp->zm_anon_alloc_fail, "anon_alloc_fail",
1938 2157 KSTAT_DATA_UINT64);
2158 + kstat_named_init(&zmp->zm_pf_throttle, "n_pf_throttle",
2159 + KSTAT_DATA_UINT64);
2160 + kstat_named_init(&zmp->zm_pf_throttle_usec, "n_pf_throttle_usec",
2161 + KSTAT_DATA_UINT64);
1939 2162
1940 2163 ksp->ks_update = zone_mcap_kstat_update;
1941 2164 ksp->ks_private = zone;
1942 2165
1943 2166 kstat_install(ksp);
1944 2167 return (ksp);
1945 2168 }
1946 2169
1947 2170 static int
1948 2171 zone_misc_kstat_update(kstat_t *ksp, int rw)
1949 2172 {
1950 2173 zone_t *zone = ksp->ks_private;
1951 2174 zone_misc_kstat_t *zmp = ksp->ks_data;
1952 2175 hrtime_t tmp;
1953 2176
1954 2177 if (rw == KSTAT_WRITE)
1955 2178 return (EACCES);
1956 2179
1957 2180 tmp = zone->zone_utime;
1958 2181 scalehrtime(&tmp);
1959 2182 zmp->zm_utime.value.ui64 = tmp;
1960 2183 tmp = zone->zone_stime;
1961 2184 scalehrtime(&tmp);
1962 2185 zmp->zm_stime.value.ui64 = tmp;
1963 2186 tmp = zone->zone_wtime;
1964 2187 scalehrtime(&tmp);
1965 2188 zmp->zm_wtime.value.ui64 = tmp;
1966 2189
1967 2190 zmp->zm_avenrun1.value.ui32 = zone->zone_avenrun[0];
1968 2191 zmp->zm_avenrun5.value.ui32 = zone->zone_avenrun[1];
1969 2192 zmp->zm_avenrun15.value.ui32 = zone->zone_avenrun[2];
1970 2193
1971 2194 zmp->zm_ffcap.value.ui32 = zone->zone_ffcap;
1972 2195 zmp->zm_ffnoproc.value.ui32 = zone->zone_ffnoproc;
1973 2196 zmp->zm_ffnomem.value.ui32 = zone->zone_ffnomem;
1974 2197 zmp->zm_ffmisc.value.ui32 = zone->zone_ffmisc;
1975 2198
1976 2199 zmp->zm_nested_intp.value.ui32 = zone->zone_nested_intp;
1977 2200
1978 2201 zmp->zm_init_pid.value.ui32 = zone->zone_proc_initpid;
1979 2202 zmp->zm_boot_time.value.ui64 = (uint64_t)zone->zone_boot_time;
1980 2203
1981 2204 return (0);
1982 2205 }
1983 2206
1984 2207 static kstat_t *
1985 2208 zone_misc_kstat_create(zone_t *zone)
1986 2209 {
1987 2210 kstat_t *ksp;
1988 2211 zone_misc_kstat_t *zmp;
1989 2212
1990 2213 if ((ksp = kstat_create_zone("zones", zone->zone_id,
1991 2214 zone->zone_name, "zone_misc", KSTAT_TYPE_NAMED,
1992 2215 sizeof (zone_misc_kstat_t) / sizeof (kstat_named_t),
1993 2216 KSTAT_FLAG_VIRTUAL, zone->zone_id)) == NULL)
1994 2217 return (NULL);
1995 2218
1996 2219 if (zone->zone_id != GLOBAL_ZONEID)
1997 2220 kstat_zone_add(ksp, GLOBAL_ZONEID);
1998 2221
1999 2222 zmp = ksp->ks_data = kmem_zalloc(sizeof (zone_misc_kstat_t), KM_SLEEP);
2000 2223 ksp->ks_data_size += strlen(zone->zone_name) + 1;
2001 2224 ksp->ks_lock = &zone->zone_misc_lock;
2002 2225 zone->zone_misc_stats = zmp;
2003 2226
2004 2227 /* The kstat "name" field is not large enough for a full zonename */
2005 2228 kstat_named_init(&zmp->zm_zonename, "zonename", KSTAT_DATA_STRING);
2006 2229 kstat_named_setstr(&zmp->zm_zonename, zone->zone_name);
2007 2230 kstat_named_init(&zmp->zm_utime, "nsec_user", KSTAT_DATA_UINT64);
2008 2231 kstat_named_init(&zmp->zm_stime, "nsec_sys", KSTAT_DATA_UINT64);
2009 2232 kstat_named_init(&zmp->zm_wtime, "nsec_waitrq", KSTAT_DATA_UINT64);
2010 2233 kstat_named_init(&zmp->zm_avenrun1, "avenrun_1min", KSTAT_DATA_UINT32);
2011 2234 kstat_named_init(&zmp->zm_avenrun5, "avenrun_5min", KSTAT_DATA_UINT32);
2012 2235 kstat_named_init(&zmp->zm_avenrun15, "avenrun_15min",
2013 2236 KSTAT_DATA_UINT32);
2014 2237 kstat_named_init(&zmp->zm_ffcap, "forkfail_cap", KSTAT_DATA_UINT32);
2015 2238 kstat_named_init(&zmp->zm_ffnoproc, "forkfail_noproc",
2016 2239 KSTAT_DATA_UINT32);
2017 2240 kstat_named_init(&zmp->zm_ffnomem, "forkfail_nomem", KSTAT_DATA_UINT32);
2018 2241 kstat_named_init(&zmp->zm_ffmisc, "forkfail_misc", KSTAT_DATA_UINT32);
2019 2242 kstat_named_init(&zmp->zm_nested_intp, "nested_interp",
2020 2243 KSTAT_DATA_UINT32);
2021 2244 kstat_named_init(&zmp->zm_init_pid, "init_pid", KSTAT_DATA_UINT32);
2022 2245 kstat_named_init(&zmp->zm_boot_time, "boot_time", KSTAT_DATA_UINT64);
2023 2246
2024 2247 ksp->ks_update = zone_misc_kstat_update;
2025 2248 ksp->ks_private = zone;
2026 2249
2027 2250 kstat_install(ksp);
|
↓ open down ↓ |
79 lines elided |
↑ open up ↑ |
2028 2251 return (ksp);
2029 2252 }
2030 2253
2031 2254 static void
2032 2255 zone_kstat_create(zone_t *zone)
2033 2256 {
2034 2257 zone->zone_lockedmem_kstat = zone_kstat_create_common(zone,
2035 2258 "lockedmem", zone_lockedmem_kstat_update);
2036 2259 zone->zone_swapresv_kstat = zone_kstat_create_common(zone,
2037 2260 "swapresv", zone_swapresv_kstat_update);
2261 + zone->zone_physmem_kstat = zone_kstat_create_common(zone,
2262 + "physicalmem", zone_physmem_kstat_update);
2038 2263 zone->zone_nprocs_kstat = zone_kstat_create_common(zone,
2039 2264 "nprocs", zone_nprocs_kstat_update);
2040 2265
2266 + if ((zone->zone_vfs_ksp = zone_vfs_kstat_create(zone)) == NULL) {
2267 + zone->zone_vfs_stats = kmem_zalloc(
2268 + sizeof (zone_vfs_kstat_t), KM_SLEEP);
2269 + }
2270 +
2041 2271 if ((zone->zone_mcap_ksp = zone_mcap_kstat_create(zone)) == NULL) {
2042 2272 zone->zone_mcap_stats = kmem_zalloc(
2043 2273 sizeof (zone_mcap_kstat_t), KM_SLEEP);
2044 2274 }
2045 2275
2046 2276 if ((zone->zone_misc_ksp = zone_misc_kstat_create(zone)) == NULL) {
2047 2277 zone->zone_misc_stats = kmem_zalloc(
2048 2278 sizeof (zone_misc_kstat_t), KM_SLEEP);
2049 2279 }
2280 +
2050 2281 }
2051 2282
2052 2283 static void
2053 2284 zone_kstat_delete_common(kstat_t **pkstat, size_t datasz)
2054 2285 {
2055 2286 void *data;
2056 2287
2057 2288 if (*pkstat != NULL) {
2058 2289 data = (*pkstat)->ks_data;
2059 2290 kstat_delete(*pkstat);
2060 2291 kmem_free(data, datasz);
2061 2292 *pkstat = NULL;
|
↓ open down ↓ |
2 lines elided |
↑ open up ↑ |
2062 2293 }
2063 2294 }
2064 2295
2065 2296 static void
2066 2297 zone_kstat_delete(zone_t *zone)
2067 2298 {
2068 2299 zone_kstat_delete_common(&zone->zone_lockedmem_kstat,
2069 2300 sizeof (zone_kstat_t));
2070 2301 zone_kstat_delete_common(&zone->zone_swapresv_kstat,
2071 2302 sizeof (zone_kstat_t));
2303 + zone_kstat_delete_common(&zone->zone_physmem_kstat,
2304 + sizeof (zone_kstat_t));
2072 2305 zone_kstat_delete_common(&zone->zone_nprocs_kstat,
2073 2306 sizeof (zone_kstat_t));
2307 +
2308 + zone_kstat_delete_common(&zone->zone_vfs_ksp,
2309 + sizeof (zone_vfs_kstat_t));
2074 2310 zone_kstat_delete_common(&zone->zone_mcap_ksp,
2075 2311 sizeof (zone_mcap_kstat_t));
2076 2312 zone_kstat_delete_common(&zone->zone_misc_ksp,
2077 2313 sizeof (zone_misc_kstat_t));
2314 +
2078 2315 }
2079 2316
2080 2317 /*
2081 2318 * Called very early on in boot to initialize the ZSD list so that
2082 2319 * zone_key_create() can be called before zone_init(). It also initializes
2083 2320 * portions of zone0 which may be used before zone_init() is called. The
2084 2321 * variable "global_zone" will be set when zone0 is fully initialized by
2085 2322 * zone_init().
2086 2323 */
2087 2324 void
2088 2325 zone_zsd_init(void)
2089 2326 {
2090 2327 mutex_init(&zonehash_lock, NULL, MUTEX_DEFAULT, NULL);
2091 2328 mutex_init(&zsd_key_lock, NULL, MUTEX_DEFAULT, NULL);
2092 2329 list_create(&zsd_registered_keys, sizeof (struct zsd_entry),
2093 2330 offsetof(struct zsd_entry, zsd_linkage));
2094 2331 list_create(&zone_active, sizeof (zone_t),
2095 2332 offsetof(zone_t, zone_linkage));
2096 2333 list_create(&zone_deathrow, sizeof (zone_t),
2097 2334 offsetof(zone_t, zone_linkage));
2098 2335
2099 2336 mutex_init(&zone0.zone_lock, NULL, MUTEX_DEFAULT, NULL);
2100 2337 mutex_init(&zone0.zone_nlwps_lock, NULL, MUTEX_DEFAULT, NULL);
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
2101 2338 mutex_init(&zone0.zone_mem_lock, NULL, MUTEX_DEFAULT, NULL);
2102 2339 zone0.zone_shares = 1;
2103 2340 zone0.zone_nlwps = 0;
2104 2341 zone0.zone_nlwps_ctl = INT_MAX;
2105 2342 zone0.zone_nprocs = 0;
2106 2343 zone0.zone_nprocs_ctl = INT_MAX;
2107 2344 zone0.zone_locked_mem = 0;
2108 2345 zone0.zone_locked_mem_ctl = UINT64_MAX;
2109 2346 ASSERT(zone0.zone_max_swap == 0);
2110 2347 zone0.zone_max_swap_ctl = UINT64_MAX;
2348 + zone0.zone_phys_mem = 0;
2349 + zone0.zone_phys_mem_ctl = UINT64_MAX;
2111 2350 zone0.zone_max_lofi = 0;
2112 2351 zone0.zone_max_lofi_ctl = UINT64_MAX;
2113 2352 zone0.zone_shmmax = 0;
2114 2353 zone0.zone_ipc.ipcq_shmmni = 0;
2115 2354 zone0.zone_ipc.ipcq_semmni = 0;
2116 2355 zone0.zone_ipc.ipcq_msgmni = 0;
2117 2356 zone0.zone_name = GLOBAL_ZONENAME;
2118 2357 zone0.zone_nodename = utsname.nodename;
2119 2358 zone0.zone_domain = srpc_domain;
2120 2359 zone0.zone_hostid = HW_INVALID_HOSTID;
2121 2360 zone0.zone_fs_allowed = NULL;
2122 2361 zone0.zone_ref = 1;
2123 2362 zone0.zone_id = GLOBAL_ZONEID;
|
↓ open down ↓ |
3 lines elided |
↑ open up ↑ |
2124 2363 zone0.zone_status = ZONE_IS_RUNNING;
2125 2364 zone0.zone_rootpath = "/";
2126 2365 zone0.zone_rootpathlen = 2;
2127 2366 zone0.zone_psetid = ZONE_PS_INVAL;
2128 2367 zone0.zone_ncpus = 0;
2129 2368 zone0.zone_ncpus_online = 0;
2130 2369 zone0.zone_proc_initpid = 1;
2131 2370 zone0.zone_initname = initname;
2132 2371 zone0.zone_lockedmem_kstat = NULL;
2133 2372 zone0.zone_swapresv_kstat = NULL;
2373 + zone0.zone_physmem_kstat = NULL;
2134 2374 zone0.zone_nprocs_kstat = NULL;
2135 2375 zone0.zone_zfs_io_pri = 1;
2136 2376
2137 2377 zone0.zone_stime = 0;
2138 2378 zone0.zone_utime = 0;
2139 2379 zone0.zone_wtime = 0;
2140 2380
2141 2381 list_create(&zone0.zone_ref_list, sizeof (zone_ref_t),
2142 2382 offsetof(zone_ref_t, zref_linkage));
2143 2383 list_create(&zone0.zone_zsd, sizeof (struct zsd_entry),
2144 2384 offsetof(struct zsd_entry, zsd_linkage));
2145 2385 list_insert_head(&zone_active, &zone0);
2146 2386
2147 2387 /*
2148 2388 * The root filesystem is not mounted yet, so zone_rootvp cannot be set
2149 2389 * to anything meaningful. It is assigned to be 'rootdir' in
2150 2390 * vfs_mountroot().
2151 2391 */
2152 2392 zone0.zone_rootvp = NULL;
2153 2393 zone0.zone_vfslist = NULL;
2154 2394 zone0.zone_bootargs = initargs;
2155 2395 zone0.zone_privset = kmem_alloc(sizeof (priv_set_t), KM_SLEEP);
2156 2396 /*
2157 2397 * The global zone has all privileges
2158 2398 */
2159 2399 priv_fillset(zone0.zone_privset);
2160 2400 /*
2161 2401 * Add p0 to the global zone
2162 2402 */
2163 2403 zone0.zone_zsched = &p0;
2164 2404 p0.p_zone = &zone0;
2165 2405 }
2166 2406
2167 2407 /*
2168 2408 * Compute a hash value based on the contents of the label and the DOI. The
2169 2409 * hash algorithm is somewhat arbitrary, but is based on the observation that
2170 2410 * humans will likely pick labels that differ by amounts that work out to be
2171 2411 * multiples of the number of hash chains, and thus stirring in some primes
2172 2412 * should help.
2173 2413 */
2174 2414 static uint_t
2175 2415 hash_bylabel(void *hdata, mod_hash_key_t key)
2176 2416 {
2177 2417 const ts_label_t *lab = (ts_label_t *)key;
2178 2418 const uint32_t *up, *ue;
2179 2419 uint_t hash;
2180 2420 int i;
2181 2421
2182 2422 _NOTE(ARGUNUSED(hdata));
2183 2423
2184 2424 hash = lab->tsl_doi + (lab->tsl_doi << 1);
2185 2425 /* we depend on alignment of label, but not representation */
2186 2426 up = (const uint32_t *)&lab->tsl_label;
2187 2427 ue = up + sizeof (lab->tsl_label) / sizeof (*up);
2188 2428 i = 1;
2189 2429 while (up < ue) {
2190 2430 /* using 2^n + 1, 1 <= n <= 16 as source of many primes */
2191 2431 hash += *up + (*up << ((i % 16) + 1));
2192 2432 up++;
2193 2433 i++;
2194 2434 }
2195 2435 return (hash);
2196 2436 }
2197 2437
2198 2438 /*
2199 2439 * All that mod_hash cares about here is zero (equal) versus non-zero (not
2200 2440 * equal). This may need to be changed if less than / greater than is ever
2201 2441 * needed.
2202 2442 */
2203 2443 static int
2204 2444 hash_labelkey_cmp(mod_hash_key_t key1, mod_hash_key_t key2)
2205 2445 {
2206 2446 ts_label_t *lab1 = (ts_label_t *)key1;
2207 2447 ts_label_t *lab2 = (ts_label_t *)key2;
2208 2448
2209 2449 return (label_equal(lab1, lab2) ? 0 : 1);
2210 2450 }
2211 2451
2212 2452 /*
2213 2453 * Called by main() to initialize the zones framework.
2214 2454 */
2215 2455 void
2216 2456 zone_init(void)
2217 2457 {
2218 2458 rctl_dict_entry_t *rde;
2219 2459 rctl_val_t *dval;
2220 2460 rctl_set_t *set;
2221 2461 rctl_alloc_gp_t *gp;
2222 2462 rctl_entity_p_t e;
2223 2463 int res;
2224 2464
2225 2465 ASSERT(curproc == &p0);
2226 2466
2227 2467 /*
2228 2468 * Create ID space for zone IDs. ID 0 is reserved for the
2229 2469 * global zone.
2230 2470 */
2231 2471 zoneid_space = id_space_create("zoneid_space", 1, MAX_ZONEID);
2232 2472
2233 2473 /*
2234 2474 * Initialize generic zone resource controls, if any.
2235 2475 */
2236 2476 rc_zone_cpu_shares = rctl_register("zone.cpu-shares",
2237 2477 RCENTITY_ZONE, RCTL_GLOBAL_SIGNAL_NEVER | RCTL_GLOBAL_DENY_NEVER |
2238 2478 RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_COUNT | RCTL_GLOBAL_SYSLOG_NEVER,
2239 2479 FSS_MAXSHARES, FSS_MAXSHARES, &zone_cpu_shares_ops);
|
↓ open down ↓ |
96 lines elided |
↑ open up ↑ |
2240 2480
2241 2481 rc_zone_cpu_cap = rctl_register("zone.cpu-cap",
2242 2482 RCENTITY_ZONE, RCTL_GLOBAL_SIGNAL_NEVER | RCTL_GLOBAL_DENY_ALWAYS |
2243 2483 RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_COUNT |RCTL_GLOBAL_SYSLOG_NEVER |
2244 2484 RCTL_GLOBAL_INFINITE,
2245 2485 MAXCAP, MAXCAP, &zone_cpu_cap_ops);
2246 2486
2247 2487 rc_zone_zfs_io_pri = rctl_register("zone.zfs-io-priority",
2248 2488 RCENTITY_ZONE, RCTL_GLOBAL_SIGNAL_NEVER | RCTL_GLOBAL_DENY_NEVER |
2249 2489 RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_COUNT | RCTL_GLOBAL_SYSLOG_NEVER,
2250 - 1024, 1024, &zone_zfs_io_pri_ops);
2490 + 16384, 16384, &zone_zfs_io_pri_ops);
2251 2491
2252 2492 rc_zone_nlwps = rctl_register("zone.max-lwps", RCENTITY_ZONE,
2253 2493 RCTL_GLOBAL_NOACTION | RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_COUNT,
2254 2494 INT_MAX, INT_MAX, &zone_lwps_ops);
2255 2495
2256 2496 rc_zone_nprocs = rctl_register("zone.max-processes", RCENTITY_ZONE,
2257 2497 RCTL_GLOBAL_NOACTION | RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_COUNT,
2258 2498 INT_MAX, INT_MAX, &zone_procs_ops);
2259 2499
2260 2500 /*
2261 2501 * System V IPC resource controls
2262 2502 */
2263 2503 rc_zone_msgmni = rctl_register("zone.max-msg-ids",
2264 2504 RCENTITY_ZONE, RCTL_GLOBAL_DENY_ALWAYS | RCTL_GLOBAL_NOBASIC |
2265 2505 RCTL_GLOBAL_COUNT, IPC_IDS_MAX, IPC_IDS_MAX, &zone_msgmni_ops);
2266 2506
2267 2507 rc_zone_semmni = rctl_register("zone.max-sem-ids",
2268 2508 RCENTITY_ZONE, RCTL_GLOBAL_DENY_ALWAYS | RCTL_GLOBAL_NOBASIC |
2269 2509 RCTL_GLOBAL_COUNT, IPC_IDS_MAX, IPC_IDS_MAX, &zone_semmni_ops);
2270 2510
2271 2511 rc_zone_shmmni = rctl_register("zone.max-shm-ids",
2272 2512 RCENTITY_ZONE, RCTL_GLOBAL_DENY_ALWAYS | RCTL_GLOBAL_NOBASIC |
2273 2513 RCTL_GLOBAL_COUNT, IPC_IDS_MAX, IPC_IDS_MAX, &zone_shmmni_ops);
2274 2514
2275 2515 rc_zone_shmmax = rctl_register("zone.max-shm-memory",
2276 2516 RCENTITY_ZONE, RCTL_GLOBAL_DENY_ALWAYS | RCTL_GLOBAL_NOBASIC |
2277 2517 RCTL_GLOBAL_BYTES, UINT64_MAX, UINT64_MAX, &zone_shmmax_ops);
2278 2518
2279 2519 /*
2280 2520 * Create a rctl_val with PRIVILEGED, NOACTION, value = 1. Then attach
2281 2521 * this at the head of the rctl_dict_entry for ``zone.cpu-shares''.
2282 2522 */
2283 2523 dval = kmem_cache_alloc(rctl_val_cache, KM_SLEEP);
2284 2524 bzero(dval, sizeof (rctl_val_t));
2285 2525 dval->rcv_value = 1;
2286 2526 dval->rcv_privilege = RCPRIV_PRIVILEGED;
2287 2527 dval->rcv_flagaction = RCTL_LOCAL_NOACTION;
2288 2528 dval->rcv_action_recip_pid = -1;
2289 2529
2290 2530 rde = rctl_dict_lookup("zone.cpu-shares");
2291 2531 (void) rctl_val_list_insert(&rde->rcd_default_value, dval);
2292 2532
|
↓ open down ↓ |
32 lines elided |
↑ open up ↑ |
2293 2533 rc_zone_locked_mem = rctl_register("zone.max-locked-memory",
2294 2534 RCENTITY_ZONE, RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_BYTES |
2295 2535 RCTL_GLOBAL_DENY_ALWAYS, UINT64_MAX, UINT64_MAX,
2296 2536 &zone_locked_mem_ops);
2297 2537
2298 2538 rc_zone_max_swap = rctl_register("zone.max-swap",
2299 2539 RCENTITY_ZONE, RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_BYTES |
2300 2540 RCTL_GLOBAL_DENY_ALWAYS, UINT64_MAX, UINT64_MAX,
2301 2541 &zone_max_swap_ops);
2302 2542
2543 + rc_zone_phys_mem = rctl_register("zone.max-physical-memory",
2544 + RCENTITY_ZONE, RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_BYTES |
2545 + RCTL_GLOBAL_DENY_ALWAYS, UINT64_MAX, UINT64_MAX,
2546 + &zone_phys_mem_ops);
2547 +
2303 2548 rc_zone_max_lofi = rctl_register("zone.max-lofi",
2304 2549 RCENTITY_ZONE, RCTL_GLOBAL_NOBASIC | RCTL_GLOBAL_COUNT |
2305 2550 RCTL_GLOBAL_DENY_ALWAYS, UINT64_MAX, UINT64_MAX,
2306 2551 &zone_max_lofi_ops);
2307 2552
2308 2553 /*
2309 2554 * Initialize the ``global zone''.
2310 2555 */
2311 2556 set = rctl_set_create();
2312 2557 gp = rctl_set_init_prealloc(RCENTITY_ZONE);
2313 2558 mutex_enter(&p0.p_lock);
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
2314 2559 e.rcep_p.zone = &zone0;
2315 2560 e.rcep_t = RCENTITY_ZONE;
2316 2561 zone0.zone_rctls = rctl_set_init(RCENTITY_ZONE, &p0, &e, set,
2317 2562 gp);
2318 2563
2319 2564 zone0.zone_nlwps = p0.p_lwpcnt;
2320 2565 zone0.zone_nprocs = 1;
2321 2566 zone0.zone_ntasks = 1;
2322 2567 mutex_exit(&p0.p_lock);
2323 2568 zone0.zone_restart_init = B_TRUE;
2569 + zone0.zone_reboot_on_init_exit = B_FALSE;
2570 + zone0.zone_init_status = -1;
2324 2571 zone0.zone_brand = &native_brand;
2325 2572 rctl_prealloc_destroy(gp);
2326 2573 /*
2327 2574 * pool_default hasn't been initialized yet, so we let pool_init()
2328 2575 * take care of making sure the global zone is in the default pool.
2329 2576 */
2330 2577
2331 2578 /*
2332 2579 * Initialize global zone kstats
2333 2580 */
2334 2581 zone_kstat_create(&zone0);
2335 2582
2336 2583 /*
2337 2584 * Initialize zone label.
2338 2585 * mlp are initialized when tnzonecfg is loaded.
2339 2586 */
2340 2587 zone0.zone_slabel = l_admin_low;
2341 2588 rw_init(&zone0.zone_mlps.mlpl_rwlock, NULL, RW_DEFAULT, NULL);
2342 2589 label_hold(l_admin_low);
2343 2590
2344 2591 /*
2345 2592 * Initialise the lock for the database structure used by mntfs.
2346 2593 */
2347 2594 rw_init(&zone0.zone_mntfs_db_lock, NULL, RW_DEFAULT, NULL);
2348 2595
2349 2596 mutex_enter(&zonehash_lock);
2350 2597 zone_uniqid(&zone0);
2351 2598 ASSERT(zone0.zone_uniqid == GLOBAL_ZONEUNIQID);
2352 2599
2353 2600 zonehashbyid = mod_hash_create_idhash("zone_by_id", zone_hash_size,
2354 2601 mod_hash_null_valdtor);
2355 2602 zonehashbyname = mod_hash_create_strhash("zone_by_name",
2356 2603 zone_hash_size, mod_hash_null_valdtor);
2357 2604 /*
2358 2605 * maintain zonehashbylabel only for labeled systems
2359 2606 */
2360 2607 if (is_system_labeled())
2361 2608 zonehashbylabel = mod_hash_create_extended("zone_by_label",
2362 2609 zone_hash_size, mod_hash_null_keydtor,
2363 2610 mod_hash_null_valdtor, hash_bylabel, NULL,
2364 2611 hash_labelkey_cmp, KM_SLEEP);
2365 2612 zonecount = 1;
2366 2613
2367 2614 (void) mod_hash_insert(zonehashbyid, (mod_hash_key_t)GLOBAL_ZONEID,
2368 2615 (mod_hash_val_t)&zone0);
2369 2616 (void) mod_hash_insert(zonehashbyname, (mod_hash_key_t)zone0.zone_name,
2370 2617 (mod_hash_val_t)&zone0);
2371 2618 if (is_system_labeled()) {
2372 2619 zone0.zone_flags |= ZF_HASHED_LABEL;
2373 2620 (void) mod_hash_insert(zonehashbylabel,
2374 2621 (mod_hash_key_t)zone0.zone_slabel, (mod_hash_val_t)&zone0);
2375 2622 }
2376 2623 mutex_exit(&zonehash_lock);
2377 2624
2378 2625 /*
2379 2626 * We avoid setting zone_kcred until now, since kcred is initialized
2380 2627 * sometime after zone_zsd_init() and before zone_init().
2381 2628 */
2382 2629 zone0.zone_kcred = kcred;
2383 2630 /*
2384 2631 * The global zone is fully initialized (except for zone_rootvp which
2385 2632 * will be set when the root filesystem is mounted).
2386 2633 */
2387 2634 global_zone = &zone0;
2388 2635
2389 2636 /*
2390 2637 * Setup an event channel to send zone status change notifications on
2391 2638 */
2392 2639 res = sysevent_evc_bind(ZONE_EVENT_CHANNEL, &zone_event_chan,
|
↓ open down ↓ |
59 lines elided |
↑ open up ↑ |
2393 2640 EVCH_CREAT);
2394 2641
2395 2642 if (res)
2396 2643 panic("Sysevent_evc_bind failed during zone setup.\n");
2397 2644
2398 2645 }
2399 2646
2400 2647 static void
2401 2648 zone_free(zone_t *zone)
2402 2649 {
2650 + zone_dl_t *zdl;
2651 +
2403 2652 ASSERT(zone != global_zone);
2404 2653 ASSERT(zone->zone_ntasks == 0);
2405 2654 ASSERT(zone->zone_nlwps == 0);
2406 2655 ASSERT(zone->zone_nprocs == 0);
2407 2656 ASSERT(zone->zone_cred_ref == 0);
2408 2657 ASSERT(zone->zone_kcred == NULL);
2409 2658 ASSERT(zone_status_get(zone) == ZONE_IS_DEAD ||
2410 2659 zone_status_get(zone) == ZONE_IS_UNINITIALIZED);
2411 2660 ASSERT(list_is_empty(&zone->zone_ref_list));
2412 2661
2413 2662 /*
2414 2663 * Remove any zone caps.
2415 2664 */
2416 2665 cpucaps_zone_remove(zone);
2417 2666
2418 2667 ASSERT(zone->zone_cpucap == NULL);
2419 2668
2420 2669 /* remove from deathrow list */
|
↓ open down ↓ |
8 lines elided |
↑ open up ↑ |
2421 2670 if (zone_status_get(zone) == ZONE_IS_DEAD) {
2422 2671 ASSERT(zone->zone_ref == 0);
2423 2672 mutex_enter(&zone_deathrow_lock);
2424 2673 list_remove(&zone_deathrow, zone);
2425 2674 mutex_exit(&zone_deathrow_lock);
2426 2675 }
2427 2676
2428 2677 list_destroy(&zone->zone_ref_list);
2429 2678 zone_free_zsd(zone);
2430 2679 zone_free_datasets(zone);
2680 +
2681 + /*
2682 + * While dlmgmtd should have removed all of these, it could have left
2683 + * something behind or crashed. In which case it's not safe for us to
2684 + * assume that the list is empty which list_destroy() will ASSERT. We
2685 + * clean up for our userland comrades which may have crashed, or worse,
2686 + * been disabled by SMF.
2687 + */
2688 + while ((zdl = list_remove_head(&zone->zone_dl_list)) != NULL) {
2689 + if (zdl->zdl_net != NULL)
2690 + nvlist_free(zdl->zdl_net);
2691 + kmem_free(zdl, sizeof (zone_dl_t));
2692 + }
2431 2693 list_destroy(&zone->zone_dl_list);
2432 2694
2433 2695 if (zone->zone_rootvp != NULL)
2434 2696 VN_RELE(zone->zone_rootvp);
2435 2697 if (zone->zone_rootpath)
2436 2698 kmem_free(zone->zone_rootpath, zone->zone_rootpathlen);
2437 2699 if (zone->zone_name != NULL)
2438 2700 kmem_free(zone->zone_name, ZONENAME_MAX);
2439 2701 if (zone->zone_slabel != NULL)
2440 2702 label_rele(zone->zone_slabel);
2441 2703 if (zone->zone_nodename != NULL)
2442 2704 kmem_free(zone->zone_nodename, _SYS_NMLN);
2443 2705 if (zone->zone_domain != NULL)
2444 2706 kmem_free(zone->zone_domain, _SYS_NMLN);
2445 2707 if (zone->zone_privset != NULL)
2446 2708 kmem_free(zone->zone_privset, sizeof (priv_set_t));
2447 2709 if (zone->zone_rctls != NULL)
2448 2710 rctl_set_free(zone->zone_rctls);
2449 2711 if (zone->zone_bootargs != NULL)
2450 2712 strfree(zone->zone_bootargs);
2451 2713 if (zone->zone_initname != NULL)
2452 2714 strfree(zone->zone_initname);
2453 2715 if (zone->zone_fs_allowed != NULL)
2454 2716 strfree(zone->zone_fs_allowed);
2455 2717 if (zone->zone_pfexecd != NULL)
2456 2718 klpd_freelist(&zone->zone_pfexecd);
2457 2719 id_free(zoneid_space, zone->zone_id);
2458 2720 mutex_destroy(&zone->zone_lock);
2459 2721 cv_destroy(&zone->zone_cv);
2460 2722 rw_destroy(&zone->zone_mlps.mlpl_rwlock);
2461 2723 rw_destroy(&zone->zone_mntfs_db_lock);
2462 2724 kmem_free(zone, sizeof (zone_t));
2463 2725 }
2464 2726
2465 2727 /*
2466 2728 * See block comment at the top of this file for information about zone
2467 2729 * status values.
2468 2730 */
2469 2731 /*
2470 2732 * Convenience function for setting zone status.
2471 2733 */
2472 2734 static void
2473 2735 zone_status_set(zone_t *zone, zone_status_t status)
2474 2736 {
2475 2737
2476 2738 nvlist_t *nvl = NULL;
2477 2739 ASSERT(MUTEX_HELD(&zone_status_lock));
2478 2740 ASSERT(status > ZONE_MIN_STATE && status <= ZONE_MAX_STATE &&
2479 2741 status >= zone_status_get(zone));
2480 2742
2481 2743 if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) ||
2482 2744 nvlist_add_string(nvl, ZONE_CB_NAME, zone->zone_name) ||
2483 2745 nvlist_add_string(nvl, ZONE_CB_NEWSTATE,
2484 2746 zone_status_table[status]) ||
2485 2747 nvlist_add_string(nvl, ZONE_CB_OLDSTATE,
2486 2748 zone_status_table[zone->zone_status]) ||
2487 2749 nvlist_add_int32(nvl, ZONE_CB_ZONEID, zone->zone_id) ||
2488 2750 nvlist_add_uint64(nvl, ZONE_CB_TIMESTAMP, (uint64_t)gethrtime()) ||
2489 2751 sysevent_evc_publish(zone_event_chan, ZONE_EVENT_STATUS_CLASS,
2490 2752 ZONE_EVENT_STATUS_SUBCLASS, "sun.com", "kernel", nvl, EVCH_SLEEP)) {
2491 2753 #ifdef DEBUG
2492 2754 (void) printf(
2493 2755 "Failed to allocate and send zone state change event.\n");
2494 2756 #endif
2495 2757 }
2496 2758 nvlist_free(nvl);
2497 2759
2498 2760 zone->zone_status = status;
2499 2761
2500 2762 cv_broadcast(&zone->zone_cv);
2501 2763 }
2502 2764
2503 2765 /*
2504 2766 * Public function to retrieve the zone status. The zone status may
2505 2767 * change after it is retrieved.
2506 2768 */
2507 2769 zone_status_t
2508 2770 zone_status_get(zone_t *zone)
2509 2771 {
2510 2772 return (zone->zone_status);
2511 2773 }
2512 2774
2513 2775 static int
2514 2776 zone_set_bootargs(zone_t *zone, const char *zone_bootargs)
2515 2777 {
2516 2778 char *buf = kmem_zalloc(BOOTARGS_MAX, KM_SLEEP);
2517 2779 int err = 0;
2518 2780
2519 2781 ASSERT(zone != global_zone);
2520 2782 if ((err = copyinstr(zone_bootargs, buf, BOOTARGS_MAX, NULL)) != 0)
2521 2783 goto done; /* EFAULT or ENAMETOOLONG */
2522 2784
2523 2785 if (zone->zone_bootargs != NULL)
2524 2786 strfree(zone->zone_bootargs);
2525 2787
2526 2788 zone->zone_bootargs = strdup(buf);
2527 2789
2528 2790 done:
2529 2791 kmem_free(buf, BOOTARGS_MAX);
2530 2792 return (err);
2531 2793 }
2532 2794
2533 2795 static int
2534 2796 zone_set_brand(zone_t *zone, const char *brand)
2535 2797 {
2536 2798 struct brand_attr *attrp;
2537 2799 brand_t *bp;
2538 2800
2539 2801 attrp = kmem_alloc(sizeof (struct brand_attr), KM_SLEEP);
2540 2802 if (copyin(brand, attrp, sizeof (struct brand_attr)) != 0) {
2541 2803 kmem_free(attrp, sizeof (struct brand_attr));
2542 2804 return (EFAULT);
2543 2805 }
2544 2806
2545 2807 bp = brand_register_zone(attrp);
2546 2808 kmem_free(attrp, sizeof (struct brand_attr));
2547 2809 if (bp == NULL)
2548 2810 return (EINVAL);
2549 2811
2550 2812 /*
2551 2813 * This is the only place where a zone can change it's brand.
2552 2814 * We already need to hold zone_status_lock to check the zone
2553 2815 * status, so we'll just use that lock to serialize zone
2554 2816 * branding requests as well.
2555 2817 */
|
↓ open down ↓ |
115 lines elided |
↑ open up ↑ |
2556 2818 mutex_enter(&zone_status_lock);
2557 2819
2558 2820 /* Re-Branding is not allowed and the zone can't be booted yet */
2559 2821 if ((ZONE_IS_BRANDED(zone)) ||
2560 2822 (zone_status_get(zone) >= ZONE_IS_BOOTING)) {
2561 2823 mutex_exit(&zone_status_lock);
2562 2824 brand_unregister_zone(bp);
2563 2825 return (EINVAL);
2564 2826 }
2565 2827
2566 - /* set up the brand specific data */
2828 + /*
2829 + * Set up the brand specific data.
2830 + * Note that it's possible that the hook has to drop the
2831 + * zone_status_lock and reaquire it before returning so we can't
2832 + * assume the lock has been held the entire time.
2833 + */
2567 2834 zone->zone_brand = bp;
2568 - ZBROP(zone)->b_init_brand_data(zone);
2835 + ZBROP(zone)->b_init_brand_data(zone, &zone_status_lock);
2569 2836
2570 2837 mutex_exit(&zone_status_lock);
2571 2838 return (0);
2572 2839 }
2573 2840
2574 2841 static int
2575 2842 zone_set_fs_allowed(zone_t *zone, const char *zone_fs_allowed)
2576 2843 {
2577 2844 char *buf = kmem_zalloc(ZONE_FS_ALLOWED_MAX, KM_SLEEP);
2578 2845 int err = 0;
2579 2846
2580 2847 ASSERT(zone != global_zone);
2581 2848 if ((err = copyinstr(zone_fs_allowed, buf,
2582 2849 ZONE_FS_ALLOWED_MAX, NULL)) != 0)
2583 2850 goto done;
2584 2851
2585 2852 if (zone->zone_fs_allowed != NULL)
2586 2853 strfree(zone->zone_fs_allowed);
2587 2854
2588 2855 zone->zone_fs_allowed = strdup(buf);
2589 2856
2590 2857 done:
2591 2858 kmem_free(buf, ZONE_FS_ALLOWED_MAX);
2592 2859 return (err);
2593 2860 }
2594 2861
2595 2862 static int
2596 2863 zone_set_initname(zone_t *zone, const char *zone_initname)
2597 2864 {
2598 2865 char initname[INITNAME_SZ];
2599 2866 size_t len;
2600 2867 int err = 0;
2601 2868
2602 2869 ASSERT(zone != global_zone);
2603 2870 if ((err = copyinstr(zone_initname, initname, INITNAME_SZ, &len)) != 0)
|
↓ open down ↓ |
25 lines elided |
↑ open up ↑ |
2604 2871 return (err); /* EFAULT or ENAMETOOLONG */
2605 2872
2606 2873 if (zone->zone_initname != NULL)
2607 2874 strfree(zone->zone_initname);
2608 2875
2609 2876 zone->zone_initname = kmem_alloc(strlen(initname) + 1, KM_SLEEP);
2610 2877 (void) strcpy(zone->zone_initname, initname);
2611 2878 return (0);
2612 2879 }
2613 2880
2881 +/*
2882 + * The zone_set_mcap_nover and zone_set_mcap_pageout functions are used
2883 + * to provide the physical memory capping kstats. Since physical memory
2884 + * capping is currently implemented in userland, that code uses the setattr
2885 + * entry point to increment the kstats. We always simply increment nover
2886 + * every time that setattr is called and we always add in the input value
2887 + * to zone_mcap_pagedout every time that is called.
2888 + */
2889 +/*ARGSUSED*/
2614 2890 static int
2615 -zone_set_phys_mcap(zone_t *zone, const uint64_t *zone_mcap)
2891 +zone_set_mcap_nover(zone_t *zone, const uint64_t *zone_nover)
2616 2892 {
2617 - uint64_t mcap;
2618 - int err = 0;
2893 + zone->zone_mcap_nover++;
2619 2894
2620 - if ((err = copyin(zone_mcap, &mcap, sizeof (uint64_t))) == 0)
2621 - zone->zone_phys_mcap = mcap;
2895 + return (0);
2896 +}
2622 2897
2898 +static int
2899 +zone_set_mcap_pageout(zone_t *zone, const uint64_t *zone_pageout)
2900 +{
2901 + uint64_t pageout;
2902 + int err;
2903 +
2904 + if ((err = copyin(zone_pageout, &pageout, sizeof (uint64_t))) == 0)
2905 + zone->zone_mcap_pagedout += pageout;
2906 +
2623 2907 return (err);
2624 2908 }
2625 2909
2910 +/*
2911 + * The zone_set_page_fault_delay function is used to set the number of usecs
2912 + * to throttle page faults. This is normally 0 but can be set to a non-0 value
2913 + * by the user-land memory capping code when the zone is over its physcial
2914 + * memory cap.
2915 + */
2626 2916 static int
2917 +zone_set_page_fault_delay(zone_t *zone, const uint32_t *pfdelay)
2918 +{
2919 + uint32_t dusec;
2920 + int err;
2921 +
2922 + if ((err = copyin(pfdelay, &dusec, sizeof (uint32_t))) == 0)
2923 + zone->zone_pg_flt_delay = dusec;
2924 +
2925 + return (err);
2926 +}
2927 +
2928 +/*
2929 + * The zone_set_rss function is used to set the zone's RSS when we do the
2930 + * fast, approximate calculation in user-land.
2931 + */
2932 +static int
2933 +zone_set_rss(zone_t *zone, const uint64_t *prss)
2934 +{
2935 + uint64_t rss;
2936 + int err;
2937 +
2938 + if ((err = copyin(prss, &rss, sizeof (uint64_t))) == 0)
2939 + zone->zone_phys_mem = rss;
2940 +
2941 + return (err);
2942 +}
2943 +
2944 +static int
2627 2945 zone_set_sched_class(zone_t *zone, const char *new_class)
2628 2946 {
2629 2947 char sched_class[PC_CLNMSZ];
2630 2948 id_t classid;
2631 2949 int err;
2632 2950
2633 2951 ASSERT(zone != global_zone);
2634 2952 if ((err = copyinstr(new_class, sched_class, PC_CLNMSZ, NULL)) != 0)
2635 2953 return (err); /* EFAULT or ENAMETOOLONG */
2636 2954
2637 2955 if (getcid(sched_class, &classid) != 0 || CLASS_KERNEL(classid))
2638 2956 return (set_errno(EINVAL));
2639 2957 zone->zone_defaultcid = classid;
2640 2958 ASSERT(zone->zone_defaultcid > 0 &&
2641 2959 zone->zone_defaultcid < loaded_classes);
2642 2960
2643 2961 return (0);
2644 2962 }
2645 2963
2646 2964 /*
2647 2965 * Block indefinitely waiting for (zone_status >= status)
2648 2966 */
2649 2967 void
2650 2968 zone_status_wait(zone_t *zone, zone_status_t status)
2651 2969 {
2652 2970 ASSERT(status > ZONE_MIN_STATE && status <= ZONE_MAX_STATE);
2653 2971
2654 2972 mutex_enter(&zone_status_lock);
2655 2973 while (zone->zone_status < status) {
2656 2974 cv_wait(&zone->zone_cv, &zone_status_lock);
2657 2975 }
2658 2976 mutex_exit(&zone_status_lock);
2659 2977 }
2660 2978
2661 2979 /*
2662 2980 * Private CPR-safe version of zone_status_wait().
2663 2981 */
2664 2982 static void
2665 2983 zone_status_wait_cpr(zone_t *zone, zone_status_t status, char *str)
2666 2984 {
2667 2985 callb_cpr_t cprinfo;
2668 2986
2669 2987 ASSERT(status > ZONE_MIN_STATE && status <= ZONE_MAX_STATE);
2670 2988
2671 2989 CALLB_CPR_INIT(&cprinfo, &zone_status_lock, callb_generic_cpr,
2672 2990 str);
2673 2991 mutex_enter(&zone_status_lock);
2674 2992 while (zone->zone_status < status) {
2675 2993 CALLB_CPR_SAFE_BEGIN(&cprinfo);
2676 2994 cv_wait(&zone->zone_cv, &zone_status_lock);
2677 2995 CALLB_CPR_SAFE_END(&cprinfo, &zone_status_lock);
2678 2996 }
2679 2997 /*
2680 2998 * zone_status_lock is implicitly released by the following.
2681 2999 */
2682 3000 CALLB_CPR_EXIT(&cprinfo);
2683 3001 }
2684 3002
2685 3003 /*
2686 3004 * Block until zone enters requested state or signal is received. Return (0)
2687 3005 * if signaled, non-zero otherwise.
2688 3006 */
2689 3007 int
2690 3008 zone_status_wait_sig(zone_t *zone, zone_status_t status)
2691 3009 {
2692 3010 ASSERT(status > ZONE_MIN_STATE && status <= ZONE_MAX_STATE);
2693 3011
2694 3012 mutex_enter(&zone_status_lock);
2695 3013 while (zone->zone_status < status) {
2696 3014 if (!cv_wait_sig(&zone->zone_cv, &zone_status_lock)) {
2697 3015 mutex_exit(&zone_status_lock);
2698 3016 return (0);
2699 3017 }
2700 3018 }
2701 3019 mutex_exit(&zone_status_lock);
2702 3020 return (1);
2703 3021 }
2704 3022
2705 3023 /*
2706 3024 * Block until the zone enters the requested state or the timeout expires,
2707 3025 * whichever happens first. Return (-1) if operation timed out, time remaining
2708 3026 * otherwise.
2709 3027 */
2710 3028 clock_t
2711 3029 zone_status_timedwait(zone_t *zone, clock_t tim, zone_status_t status)
2712 3030 {
2713 3031 clock_t timeleft = 0;
2714 3032
2715 3033 ASSERT(status > ZONE_MIN_STATE && status <= ZONE_MAX_STATE);
2716 3034
2717 3035 mutex_enter(&zone_status_lock);
2718 3036 while (zone->zone_status < status && timeleft != -1) {
2719 3037 timeleft = cv_timedwait(&zone->zone_cv, &zone_status_lock, tim);
2720 3038 }
2721 3039 mutex_exit(&zone_status_lock);
2722 3040 return (timeleft);
2723 3041 }
2724 3042
2725 3043 /*
2726 3044 * Block until the zone enters the requested state, the current process is
2727 3045 * signaled, or the timeout expires, whichever happens first. Return (-1) if
2728 3046 * operation timed out, 0 if signaled, time remaining otherwise.
2729 3047 */
2730 3048 clock_t
2731 3049 zone_status_timedwait_sig(zone_t *zone, clock_t tim, zone_status_t status)
2732 3050 {
2733 3051 clock_t timeleft = tim - ddi_get_lbolt();
2734 3052
2735 3053 ASSERT(status > ZONE_MIN_STATE && status <= ZONE_MAX_STATE);
2736 3054
2737 3055 mutex_enter(&zone_status_lock);
2738 3056 while (zone->zone_status < status) {
2739 3057 timeleft = cv_timedwait_sig(&zone->zone_cv, &zone_status_lock,
2740 3058 tim);
2741 3059 if (timeleft <= 0)
2742 3060 break;
2743 3061 }
2744 3062 mutex_exit(&zone_status_lock);
2745 3063 return (timeleft);
2746 3064 }
2747 3065
2748 3066 /*
2749 3067 * Zones have two reference counts: one for references from credential
2750 3068 * structures (zone_cred_ref), and one (zone_ref) for everything else.
2751 3069 * This is so we can allow a zone to be rebooted while there are still
2752 3070 * outstanding cred references, since certain drivers cache dblks (which
2753 3071 * implicitly results in cached creds). We wait for zone_ref to drop to
2754 3072 * 0 (actually 1), but not zone_cred_ref. The zone structure itself is
2755 3073 * later freed when the zone_cred_ref drops to 0, though nothing other
2756 3074 * than the zone id and privilege set should be accessed once the zone
2757 3075 * is "dead".
2758 3076 *
2759 3077 * A debugging flag, zone_wait_for_cred, can be set to a non-zero value
2760 3078 * to force halt/reboot to block waiting for the zone_cred_ref to drop
2761 3079 * to 0. This can be useful to flush out other sources of cached creds
2762 3080 * that may be less innocuous than the driver case.
2763 3081 *
2764 3082 * Zones also provide a tracked reference counting mechanism in which zone
2765 3083 * references are represented by "crumbs" (zone_ref structures). Crumbs help
2766 3084 * debuggers determine the sources of leaked zone references. See
2767 3085 * zone_hold_ref() and zone_rele_ref() below for more information.
2768 3086 */
2769 3087
2770 3088 int zone_wait_for_cred = 0;
2771 3089
2772 3090 static void
2773 3091 zone_hold_locked(zone_t *z)
2774 3092 {
2775 3093 ASSERT(MUTEX_HELD(&z->zone_lock));
2776 3094 z->zone_ref++;
2777 3095 ASSERT(z->zone_ref != 0);
2778 3096 }
2779 3097
2780 3098 /*
2781 3099 * Increment the specified zone's reference count. The zone's zone_t structure
2782 3100 * will not be freed as long as the zone's reference count is nonzero.
2783 3101 * Decrement the zone's reference count via zone_rele().
2784 3102 *
2785 3103 * NOTE: This function should only be used to hold zones for short periods of
2786 3104 * time. Use zone_hold_ref() if the zone must be held for a long time.
2787 3105 */
2788 3106 void
2789 3107 zone_hold(zone_t *z)
2790 3108 {
2791 3109 mutex_enter(&z->zone_lock);
2792 3110 zone_hold_locked(z);
2793 3111 mutex_exit(&z->zone_lock);
2794 3112 }
2795 3113
2796 3114 /*
2797 3115 * If the non-cred ref count drops to 1 and either the cred ref count
2798 3116 * is 0 or we aren't waiting for cred references, the zone is ready to
2799 3117 * be destroyed.
2800 3118 */
2801 3119 #define ZONE_IS_UNREF(zone) ((zone)->zone_ref == 1 && \
2802 3120 (!zone_wait_for_cred || (zone)->zone_cred_ref == 0))
2803 3121
2804 3122 /*
2805 3123 * Common zone reference release function invoked by zone_rele() and
2806 3124 * zone_rele_ref(). If subsys is ZONE_REF_NUM_SUBSYS, then the specified
2807 3125 * zone's subsystem-specific reference counters are not affected by the
2808 3126 * release. If ref is not NULL, then the zone_ref_t to which it refers is
2809 3127 * removed from the specified zone's reference list. ref must be non-NULL iff
2810 3128 * subsys is not ZONE_REF_NUM_SUBSYS.
2811 3129 */
2812 3130 static void
2813 3131 zone_rele_common(zone_t *z, zone_ref_t *ref, zone_ref_subsys_t subsys)
2814 3132 {
2815 3133 boolean_t wakeup;
2816 3134
2817 3135 mutex_enter(&z->zone_lock);
2818 3136 ASSERT(z->zone_ref != 0);
2819 3137 z->zone_ref--;
2820 3138 if (subsys != ZONE_REF_NUM_SUBSYS) {
2821 3139 ASSERT(z->zone_subsys_ref[subsys] != 0);
2822 3140 z->zone_subsys_ref[subsys]--;
2823 3141 list_remove(&z->zone_ref_list, ref);
2824 3142 }
2825 3143 if (z->zone_ref == 0 && z->zone_cred_ref == 0) {
2826 3144 /* no more refs, free the structure */
2827 3145 mutex_exit(&z->zone_lock);
2828 3146 zone_free(z);
2829 3147 return;
2830 3148 }
2831 3149 /* signal zone_destroy so the zone can finish halting */
2832 3150 wakeup = (ZONE_IS_UNREF(z) && zone_status_get(z) >= ZONE_IS_DEAD);
2833 3151 mutex_exit(&z->zone_lock);
2834 3152
2835 3153 if (wakeup) {
2836 3154 /*
2837 3155 * Grabbing zonehash_lock here effectively synchronizes with
2838 3156 * zone_destroy() to avoid missed signals.
2839 3157 */
2840 3158 mutex_enter(&zonehash_lock);
2841 3159 cv_broadcast(&zone_destroy_cv);
2842 3160 mutex_exit(&zonehash_lock);
2843 3161 }
2844 3162 }
2845 3163
2846 3164 /*
2847 3165 * Decrement the specified zone's reference count. The specified zone will
2848 3166 * cease to exist after this function returns if the reference count drops to
2849 3167 * zero. This function should be paired with zone_hold().
2850 3168 */
2851 3169 void
2852 3170 zone_rele(zone_t *z)
2853 3171 {
2854 3172 zone_rele_common(z, NULL, ZONE_REF_NUM_SUBSYS);
2855 3173 }
2856 3174
2857 3175 /*
2858 3176 * Initialize a zone reference structure. This function must be invoked for
2859 3177 * a reference structure before the structure is passed to zone_hold_ref().
2860 3178 */
2861 3179 void
2862 3180 zone_init_ref(zone_ref_t *ref)
2863 3181 {
2864 3182 ref->zref_zone = NULL;
2865 3183 list_link_init(&ref->zref_linkage);
2866 3184 }
2867 3185
2868 3186 /*
2869 3187 * Acquire a reference to zone z. The caller must specify the
2870 3188 * zone_ref_subsys_t constant associated with its subsystem. The specified
2871 3189 * zone_ref_t structure will represent a reference to the specified zone. Use
2872 3190 * zone_rele_ref() to release the reference.
2873 3191 *
2874 3192 * The referenced zone_t structure will not be freed as long as the zone_t's
2875 3193 * zone_status field is not ZONE_IS_DEAD and the zone has outstanding
2876 3194 * references.
2877 3195 *
2878 3196 * NOTE: The zone_ref_t structure must be initialized before it is used.
2879 3197 * See zone_init_ref() above.
2880 3198 */
2881 3199 void
2882 3200 zone_hold_ref(zone_t *z, zone_ref_t *ref, zone_ref_subsys_t subsys)
2883 3201 {
2884 3202 ASSERT(subsys >= 0 && subsys < ZONE_REF_NUM_SUBSYS);
2885 3203
2886 3204 /*
2887 3205 * Prevent consumers from reusing a reference structure before
2888 3206 * releasing it.
2889 3207 */
2890 3208 VERIFY(ref->zref_zone == NULL);
2891 3209
2892 3210 ref->zref_zone = z;
2893 3211 mutex_enter(&z->zone_lock);
2894 3212 zone_hold_locked(z);
2895 3213 z->zone_subsys_ref[subsys]++;
2896 3214 ASSERT(z->zone_subsys_ref[subsys] != 0);
2897 3215 list_insert_head(&z->zone_ref_list, ref);
2898 3216 mutex_exit(&z->zone_lock);
2899 3217 }
2900 3218
2901 3219 /*
2902 3220 * Release the zone reference represented by the specified zone_ref_t.
2903 3221 * The reference is invalid after it's released; however, the zone_ref_t
2904 3222 * structure can be reused without having to invoke zone_init_ref().
2905 3223 * subsys should be the same value that was passed to zone_hold_ref()
2906 3224 * when the reference was acquired.
2907 3225 */
2908 3226 void
2909 3227 zone_rele_ref(zone_ref_t *ref, zone_ref_subsys_t subsys)
2910 3228 {
2911 3229 zone_rele_common(ref->zref_zone, ref, subsys);
2912 3230
2913 3231 /*
2914 3232 * Set the zone_ref_t's zref_zone field to NULL to generate panics
2915 3233 * when consumers dereference the reference. This helps us catch
2916 3234 * consumers who use released references. Furthermore, this lets
2917 3235 * consumers reuse the zone_ref_t structure without having to
2918 3236 * invoke zone_init_ref().
2919 3237 */
2920 3238 ref->zref_zone = NULL;
2921 3239 }
2922 3240
2923 3241 void
2924 3242 zone_cred_hold(zone_t *z)
2925 3243 {
2926 3244 mutex_enter(&z->zone_lock);
2927 3245 z->zone_cred_ref++;
2928 3246 ASSERT(z->zone_cred_ref != 0);
2929 3247 mutex_exit(&z->zone_lock);
2930 3248 }
2931 3249
2932 3250 void
2933 3251 zone_cred_rele(zone_t *z)
2934 3252 {
2935 3253 boolean_t wakeup;
2936 3254
2937 3255 mutex_enter(&z->zone_lock);
2938 3256 ASSERT(z->zone_cred_ref != 0);
2939 3257 z->zone_cred_ref--;
2940 3258 if (z->zone_ref == 0 && z->zone_cred_ref == 0) {
2941 3259 /* no more refs, free the structure */
2942 3260 mutex_exit(&z->zone_lock);
2943 3261 zone_free(z);
2944 3262 return;
2945 3263 }
2946 3264 /*
2947 3265 * If zone_destroy is waiting for the cred references to drain
2948 3266 * out, and they have, signal it.
2949 3267 */
2950 3268 wakeup = (zone_wait_for_cred && ZONE_IS_UNREF(z) &&
2951 3269 zone_status_get(z) >= ZONE_IS_DEAD);
2952 3270 mutex_exit(&z->zone_lock);
2953 3271
2954 3272 if (wakeup) {
2955 3273 /*
2956 3274 * Grabbing zonehash_lock here effectively synchronizes with
2957 3275 * zone_destroy() to avoid missed signals.
2958 3276 */
2959 3277 mutex_enter(&zonehash_lock);
2960 3278 cv_broadcast(&zone_destroy_cv);
2961 3279 mutex_exit(&zonehash_lock);
2962 3280 }
2963 3281 }
2964 3282
2965 3283 void
2966 3284 zone_task_hold(zone_t *z)
2967 3285 {
2968 3286 mutex_enter(&z->zone_lock);
2969 3287 z->zone_ntasks++;
2970 3288 ASSERT(z->zone_ntasks != 0);
2971 3289 mutex_exit(&z->zone_lock);
2972 3290 }
2973 3291
2974 3292 void
2975 3293 zone_task_rele(zone_t *zone)
2976 3294 {
2977 3295 uint_t refcnt;
2978 3296
2979 3297 mutex_enter(&zone->zone_lock);
2980 3298 ASSERT(zone->zone_ntasks != 0);
2981 3299 refcnt = --zone->zone_ntasks;
2982 3300 if (refcnt > 1) { /* Common case */
2983 3301 mutex_exit(&zone->zone_lock);
2984 3302 return;
2985 3303 }
2986 3304 zone_hold_locked(zone); /* so we can use the zone_t later */
2987 3305 mutex_exit(&zone->zone_lock);
2988 3306 if (refcnt == 1) {
2989 3307 /*
2990 3308 * See if the zone is shutting down.
2991 3309 */
2992 3310 mutex_enter(&zone_status_lock);
2993 3311 if (zone_status_get(zone) != ZONE_IS_SHUTTING_DOWN) {
2994 3312 goto out;
2995 3313 }
2996 3314
2997 3315 /*
2998 3316 * Make sure the ntasks didn't change since we
2999 3317 * dropped zone_lock.
3000 3318 */
3001 3319 mutex_enter(&zone->zone_lock);
3002 3320 if (refcnt != zone->zone_ntasks) {
3003 3321 mutex_exit(&zone->zone_lock);
3004 3322 goto out;
3005 3323 }
3006 3324 mutex_exit(&zone->zone_lock);
3007 3325
3008 3326 /*
3009 3327 * No more user processes in the zone. The zone is empty.
3010 3328 */
3011 3329 zone_status_set(zone, ZONE_IS_EMPTY);
3012 3330 goto out;
3013 3331 }
3014 3332
3015 3333 ASSERT(refcnt == 0);
3016 3334 /*
3017 3335 * zsched has exited; the zone is dead.
3018 3336 */
3019 3337 zone->zone_zsched = NULL; /* paranoia */
3020 3338 mutex_enter(&zone_status_lock);
3021 3339 zone_status_set(zone, ZONE_IS_DEAD);
3022 3340 out:
3023 3341 mutex_exit(&zone_status_lock);
3024 3342 zone_rele(zone);
3025 3343 }
3026 3344
3027 3345 zoneid_t
3028 3346 getzoneid(void)
3029 3347 {
3030 3348 return (curproc->p_zone->zone_id);
3031 3349 }
3032 3350
3033 3351 /*
3034 3352 * Internal versions of zone_find_by_*(). These don't zone_hold() or
3035 3353 * check the validity of a zone's state.
3036 3354 */
3037 3355 static zone_t *
3038 3356 zone_find_all_by_id(zoneid_t zoneid)
3039 3357 {
3040 3358 mod_hash_val_t hv;
3041 3359 zone_t *zone = NULL;
3042 3360
3043 3361 ASSERT(MUTEX_HELD(&zonehash_lock));
3044 3362
3045 3363 if (mod_hash_find(zonehashbyid,
3046 3364 (mod_hash_key_t)(uintptr_t)zoneid, &hv) == 0)
3047 3365 zone = (zone_t *)hv;
3048 3366 return (zone);
3049 3367 }
3050 3368
3051 3369 static zone_t *
3052 3370 zone_find_all_by_label(const ts_label_t *label)
3053 3371 {
3054 3372 mod_hash_val_t hv;
3055 3373 zone_t *zone = NULL;
3056 3374
3057 3375 ASSERT(MUTEX_HELD(&zonehash_lock));
3058 3376
3059 3377 /*
3060 3378 * zonehashbylabel is not maintained for unlabeled systems
3061 3379 */
3062 3380 if (!is_system_labeled())
3063 3381 return (NULL);
3064 3382 if (mod_hash_find(zonehashbylabel, (mod_hash_key_t)label, &hv) == 0)
3065 3383 zone = (zone_t *)hv;
3066 3384 return (zone);
3067 3385 }
3068 3386
3069 3387 static zone_t *
3070 3388 zone_find_all_by_name(char *name)
3071 3389 {
3072 3390 mod_hash_val_t hv;
3073 3391 zone_t *zone = NULL;
3074 3392
3075 3393 ASSERT(MUTEX_HELD(&zonehash_lock));
3076 3394
3077 3395 if (mod_hash_find(zonehashbyname, (mod_hash_key_t)name, &hv) == 0)
3078 3396 zone = (zone_t *)hv;
3079 3397 return (zone);
3080 3398 }
3081 3399
3082 3400 /*
3083 3401 * Public interface for looking up a zone by zoneid. Only returns the zone if
3084 3402 * it is fully initialized, and has not yet begun the zone_destroy() sequence.
3085 3403 * Caller must call zone_rele() once it is done with the zone.
3086 3404 *
3087 3405 * The zone may begin the zone_destroy() sequence immediately after this
3088 3406 * function returns, but may be safely used until zone_rele() is called.
3089 3407 */
3090 3408 zone_t *
3091 3409 zone_find_by_id(zoneid_t zoneid)
3092 3410 {
3093 3411 zone_t *zone;
3094 3412 zone_status_t status;
3095 3413
3096 3414 mutex_enter(&zonehash_lock);
3097 3415 if ((zone = zone_find_all_by_id(zoneid)) == NULL) {
3098 3416 mutex_exit(&zonehash_lock);
3099 3417 return (NULL);
3100 3418 }
3101 3419 status = zone_status_get(zone);
3102 3420 if (status < ZONE_IS_READY || status > ZONE_IS_DOWN) {
3103 3421 /*
3104 3422 * For all practical purposes the zone doesn't exist.
3105 3423 */
3106 3424 mutex_exit(&zonehash_lock);
3107 3425 return (NULL);
3108 3426 }
3109 3427 zone_hold(zone);
3110 3428 mutex_exit(&zonehash_lock);
3111 3429 return (zone);
3112 3430 }
3113 3431
3114 3432 /*
3115 3433 * Similar to zone_find_by_id, but using zone label as the key.
3116 3434 */
3117 3435 zone_t *
3118 3436 zone_find_by_label(const ts_label_t *label)
3119 3437 {
3120 3438 zone_t *zone;
3121 3439 zone_status_t status;
3122 3440
3123 3441 mutex_enter(&zonehash_lock);
3124 3442 if ((zone = zone_find_all_by_label(label)) == NULL) {
3125 3443 mutex_exit(&zonehash_lock);
3126 3444 return (NULL);
3127 3445 }
3128 3446
3129 3447 status = zone_status_get(zone);
3130 3448 if (status > ZONE_IS_DOWN) {
3131 3449 /*
3132 3450 * For all practical purposes the zone doesn't exist.
3133 3451 */
3134 3452 mutex_exit(&zonehash_lock);
3135 3453 return (NULL);
3136 3454 }
3137 3455 zone_hold(zone);
3138 3456 mutex_exit(&zonehash_lock);
3139 3457 return (zone);
3140 3458 }
3141 3459
3142 3460 /*
3143 3461 * Similar to zone_find_by_id, but using zone name as the key.
3144 3462 */
3145 3463 zone_t *
3146 3464 zone_find_by_name(char *name)
3147 3465 {
3148 3466 zone_t *zone;
3149 3467 zone_status_t status;
3150 3468
3151 3469 mutex_enter(&zonehash_lock);
3152 3470 if ((zone = zone_find_all_by_name(name)) == NULL) {
3153 3471 mutex_exit(&zonehash_lock);
3154 3472 return (NULL);
3155 3473 }
3156 3474 status = zone_status_get(zone);
3157 3475 if (status < ZONE_IS_READY || status > ZONE_IS_DOWN) {
3158 3476 /*
3159 3477 * For all practical purposes the zone doesn't exist.
3160 3478 */
3161 3479 mutex_exit(&zonehash_lock);
3162 3480 return (NULL);
3163 3481 }
3164 3482 zone_hold(zone);
3165 3483 mutex_exit(&zonehash_lock);
3166 3484 return (zone);
3167 3485 }
3168 3486
3169 3487 /*
3170 3488 * Similar to zone_find_by_id(), using the path as a key. For instance,
3171 3489 * if there is a zone "foo" rooted at /foo/root, and the path argument
3172 3490 * is "/foo/root/proc", it will return the held zone_t corresponding to
3173 3491 * zone "foo".
3174 3492 *
3175 3493 * zone_find_by_path() always returns a non-NULL value, since at the
3176 3494 * very least every path will be contained in the global zone.
3177 3495 *
3178 3496 * As with the other zone_find_by_*() functions, the caller is
3179 3497 * responsible for zone_rele()ing the return value of this function.
3180 3498 */
3181 3499 zone_t *
3182 3500 zone_find_by_path(const char *path)
3183 3501 {
3184 3502 zone_t *zone;
3185 3503 zone_t *zret = NULL;
3186 3504 zone_status_t status;
3187 3505
3188 3506 if (path == NULL) {
3189 3507 /*
3190 3508 * Call from rootconf().
3191 3509 */
3192 3510 zone_hold(global_zone);
3193 3511 return (global_zone);
3194 3512 }
3195 3513 ASSERT(*path == '/');
3196 3514 mutex_enter(&zonehash_lock);
3197 3515 for (zone = list_head(&zone_active); zone != NULL;
3198 3516 zone = list_next(&zone_active, zone)) {
3199 3517 if (ZONE_PATH_VISIBLE(path, zone))
3200 3518 zret = zone;
3201 3519 }
3202 3520 ASSERT(zret != NULL);
3203 3521 status = zone_status_get(zret);
3204 3522 if (status < ZONE_IS_READY || status > ZONE_IS_DOWN) {
3205 3523 /*
3206 3524 * Zone practically doesn't exist.
3207 3525 */
3208 3526 zret = global_zone;
3209 3527 }
3210 3528 zone_hold(zret);
3211 3529 mutex_exit(&zonehash_lock);
3212 3530 return (zret);
3213 3531 }
3214 3532
3215 3533 /*
3216 3534 * Public interface for updating per-zone load averages. Called once per
3217 3535 * second.
3218 3536 *
3219 3537 * Based on loadavg_update(), genloadavg() and calcloadavg() from clock.c.
3220 3538 */
3221 3539 void
3222 3540 zone_loadavg_update()
3223 3541 {
3224 3542 zone_t *zp;
3225 3543 zone_status_t status;
3226 3544 struct loadavg_s *lavg;
3227 3545 hrtime_t zone_total;
3228 3546 int i;
3229 3547 hrtime_t hr_avg;
3230 3548 int nrun;
3231 3549 static int64_t f[3] = { 135, 27, 9 };
3232 3550 int64_t q, r;
3233 3551
3234 3552 mutex_enter(&zonehash_lock);
3235 3553 for (zp = list_head(&zone_active); zp != NULL;
3236 3554 zp = list_next(&zone_active, zp)) {
3237 3555 mutex_enter(&zp->zone_lock);
3238 3556
3239 3557 /* Skip zones that are on the way down or not yet up */
3240 3558 status = zone_status_get(zp);
3241 3559 if (status < ZONE_IS_READY || status >= ZONE_IS_DOWN) {
3242 3560 /* For all practical purposes the zone doesn't exist. */
3243 3561 mutex_exit(&zp->zone_lock);
3244 3562 continue;
3245 3563 }
3246 3564
3247 3565 /*
3248 3566 * Update the 10 second moving average data in zone_loadavg.
3249 3567 */
3250 3568 lavg = &zp->zone_loadavg;
3251 3569
3252 3570 zone_total = zp->zone_utime + zp->zone_stime + zp->zone_wtime;
3253 3571 scalehrtime(&zone_total);
3254 3572
3255 3573 /* The zone_total should always be increasing. */
3256 3574 lavg->lg_loads[lavg->lg_cur] = (zone_total > lavg->lg_total) ?
3257 3575 zone_total - lavg->lg_total : 0;
3258 3576 lavg->lg_cur = (lavg->lg_cur + 1) % S_LOADAVG_SZ;
3259 3577 /* lg_total holds the prev. 1 sec. total */
3260 3578 lavg->lg_total = zone_total;
3261 3579
3262 3580 /*
3263 3581 * To simplify the calculation, we don't calculate the load avg.
3264 3582 * until the zone has been up for at least 10 seconds and our
3265 3583 * moving average is thus full.
3266 3584 */
3267 3585 if ((lavg->lg_len + 1) < S_LOADAVG_SZ) {
3268 3586 lavg->lg_len++;
3269 3587 mutex_exit(&zp->zone_lock);
3270 3588 continue;
3271 3589 }
3272 3590
3273 3591 /* Now calculate the 1min, 5min, 15 min load avg. */
3274 3592 hr_avg = 0;
3275 3593 for (i = 0; i < S_LOADAVG_SZ; i++)
3276 3594 hr_avg += lavg->lg_loads[i];
3277 3595 hr_avg = hr_avg / S_LOADAVG_SZ;
3278 3596 nrun = hr_avg / (NANOSEC / LGRP_LOADAVG_IN_THREAD_MAX);
3279 3597
3280 3598 /* Compute load avg. See comment in calcloadavg() */
3281 3599 for (i = 0; i < 3; i++) {
3282 3600 q = (zp->zone_hp_avenrun[i] >> 16) << 7;
3283 3601 r = (zp->zone_hp_avenrun[i] & 0xffff) << 7;
3284 3602 zp->zone_hp_avenrun[i] +=
3285 3603 ((nrun - q) * f[i] - ((r * f[i]) >> 16)) >> 4;
3286 3604
3287 3605 /* avenrun[] can only hold 31 bits of load avg. */
3288 3606 if (zp->zone_hp_avenrun[i] <
3289 3607 ((uint64_t)1<<(31+16-FSHIFT)))
3290 3608 zp->zone_avenrun[i] = (int32_t)
3291 3609 (zp->zone_hp_avenrun[i] >> (16 - FSHIFT));
3292 3610 else
3293 3611 zp->zone_avenrun[i] = 0x7fffffff;
3294 3612 }
3295 3613
3296 3614 mutex_exit(&zp->zone_lock);
3297 3615 }
3298 3616 mutex_exit(&zonehash_lock);
3299 3617 }
3300 3618
3301 3619 /*
3302 3620 * Get the number of cpus visible to this zone. The system-wide global
3303 3621 * 'ncpus' is returned if pools are disabled, the caller is in the
3304 3622 * global zone, or a NULL zone argument is passed in.
3305 3623 */
3306 3624 int
3307 3625 zone_ncpus_get(zone_t *zone)
3308 3626 {
3309 3627 int myncpus = zone == NULL ? 0 : zone->zone_ncpus;
3310 3628
3311 3629 return (myncpus != 0 ? myncpus : ncpus);
3312 3630 }
3313 3631
3314 3632 /*
3315 3633 * Get the number of online cpus visible to this zone. The system-wide
3316 3634 * global 'ncpus_online' is returned if pools are disabled, the caller
3317 3635 * is in the global zone, or a NULL zone argument is passed in.
3318 3636 */
3319 3637 int
3320 3638 zone_ncpus_online_get(zone_t *zone)
3321 3639 {
3322 3640 int myncpus_online = zone == NULL ? 0 : zone->zone_ncpus_online;
3323 3641
3324 3642 return (myncpus_online != 0 ? myncpus_online : ncpus_online);
3325 3643 }
3326 3644
3327 3645 /*
3328 3646 * Return the pool to which the zone is currently bound.
3329 3647 */
3330 3648 pool_t *
3331 3649 zone_pool_get(zone_t *zone)
3332 3650 {
3333 3651 ASSERT(pool_lock_held());
3334 3652
3335 3653 return (zone->zone_pool);
3336 3654 }
3337 3655
3338 3656 /*
3339 3657 * Set the zone's pool pointer and update the zone's visibility to match
3340 3658 * the resources in the new pool.
3341 3659 */
3342 3660 void
3343 3661 zone_pool_set(zone_t *zone, pool_t *pool)
3344 3662 {
3345 3663 ASSERT(pool_lock_held());
3346 3664 ASSERT(MUTEX_HELD(&cpu_lock));
3347 3665
3348 3666 zone->zone_pool = pool;
3349 3667 zone_pset_set(zone, pool->pool_pset->pset_id);
3350 3668 }
3351 3669
3352 3670 /*
3353 3671 * Return the cached value of the id of the processor set to which the
3354 3672 * zone is currently bound. The value will be ZONE_PS_INVAL if the pools
3355 3673 * facility is disabled.
3356 3674 */
3357 3675 psetid_t
3358 3676 zone_pset_get(zone_t *zone)
3359 3677 {
3360 3678 ASSERT(MUTEX_HELD(&cpu_lock));
3361 3679
3362 3680 return (zone->zone_psetid);
3363 3681 }
3364 3682
3365 3683 /*
3366 3684 * Set the cached value of the id of the processor set to which the zone
3367 3685 * is currently bound. Also update the zone's visibility to match the
3368 3686 * resources in the new processor set.
3369 3687 */
3370 3688 void
3371 3689 zone_pset_set(zone_t *zone, psetid_t newpsetid)
3372 3690 {
3373 3691 psetid_t oldpsetid;
3374 3692
3375 3693 ASSERT(MUTEX_HELD(&cpu_lock));
3376 3694 oldpsetid = zone_pset_get(zone);
3377 3695
3378 3696 if (oldpsetid == newpsetid)
3379 3697 return;
3380 3698 /*
3381 3699 * Global zone sees all.
3382 3700 */
3383 3701 if (zone != global_zone) {
3384 3702 zone->zone_psetid = newpsetid;
3385 3703 if (newpsetid != ZONE_PS_INVAL)
3386 3704 pool_pset_visibility_add(newpsetid, zone);
3387 3705 if (oldpsetid != ZONE_PS_INVAL)
3388 3706 pool_pset_visibility_remove(oldpsetid, zone);
3389 3707 }
3390 3708 /*
3391 3709 * Disabling pools, so we should start using the global values
3392 3710 * for ncpus and ncpus_online.
3393 3711 */
3394 3712 if (newpsetid == ZONE_PS_INVAL) {
3395 3713 zone->zone_ncpus = 0;
3396 3714 zone->zone_ncpus_online = 0;
3397 3715 }
3398 3716 }
3399 3717
3400 3718 /*
3401 3719 * Walk the list of active zones and issue the provided callback for
3402 3720 * each of them.
3403 3721 *
3404 3722 * Caller must not be holding any locks that may be acquired under
3405 3723 * zonehash_lock. See comment at the beginning of the file for a list of
3406 3724 * common locks and their interactions with zones.
3407 3725 */
3408 3726 int
3409 3727 zone_walk(int (*cb)(zone_t *, void *), void *data)
3410 3728 {
3411 3729 zone_t *zone;
3412 3730 int ret = 0;
3413 3731 zone_status_t status;
3414 3732
3415 3733 mutex_enter(&zonehash_lock);
3416 3734 for (zone = list_head(&zone_active); zone != NULL;
3417 3735 zone = list_next(&zone_active, zone)) {
3418 3736 /*
3419 3737 * Skip zones that shouldn't be externally visible.
3420 3738 */
3421 3739 status = zone_status_get(zone);
3422 3740 if (status < ZONE_IS_READY || status > ZONE_IS_DOWN)
3423 3741 continue;
3424 3742 /*
3425 3743 * Bail immediately if any callback invocation returns a
3426 3744 * non-zero value.
3427 3745 */
3428 3746 ret = (*cb)(zone, data);
3429 3747 if (ret != 0)
3430 3748 break;
3431 3749 }
3432 3750 mutex_exit(&zonehash_lock);
3433 3751 return (ret);
3434 3752 }
3435 3753
3436 3754 static int
3437 3755 zone_set_root(zone_t *zone, const char *upath)
3438 3756 {
3439 3757 vnode_t *vp;
3440 3758 int trycount;
3441 3759 int error = 0;
3442 3760 char *path;
3443 3761 struct pathname upn, pn;
3444 3762 size_t pathlen;
3445 3763
3446 3764 if ((error = pn_get((char *)upath, UIO_USERSPACE, &upn)) != 0)
3447 3765 return (error);
3448 3766
3449 3767 pn_alloc(&pn);
3450 3768
3451 3769 /* prevent infinite loop */
3452 3770 trycount = 10;
3453 3771 for (;;) {
3454 3772 if (--trycount <= 0) {
3455 3773 error = ESTALE;
3456 3774 goto out;
3457 3775 }
3458 3776
3459 3777 if ((error = lookuppn(&upn, &pn, FOLLOW, NULLVPP, &vp)) == 0) {
3460 3778 /*
3461 3779 * VOP_ACCESS() may cover 'vp' with a new
3462 3780 * filesystem, if 'vp' is an autoFS vnode.
3463 3781 * Get the new 'vp' if so.
3464 3782 */
3465 3783 if ((error =
3466 3784 VOP_ACCESS(vp, VEXEC, 0, CRED(), NULL)) == 0 &&
3467 3785 (!vn_ismntpt(vp) ||
3468 3786 (error = traverse(&vp)) == 0)) {
3469 3787 pathlen = pn.pn_pathlen + 2;
3470 3788 path = kmem_alloc(pathlen, KM_SLEEP);
3471 3789 (void) strncpy(path, pn.pn_path,
3472 3790 pn.pn_pathlen + 1);
3473 3791 path[pathlen - 2] = '/';
3474 3792 path[pathlen - 1] = '\0';
3475 3793 pn_free(&pn);
3476 3794 pn_free(&upn);
3477 3795
3478 3796 /* Success! */
3479 3797 break;
3480 3798 }
3481 3799 VN_RELE(vp);
3482 3800 }
3483 3801 if (error != ESTALE)
3484 3802 goto out;
3485 3803 }
3486 3804
3487 3805 ASSERT(error == 0);
3488 3806 zone->zone_rootvp = vp; /* we hold a reference to vp */
3489 3807 zone->zone_rootpath = path;
3490 3808 zone->zone_rootpathlen = pathlen;
3491 3809 if (pathlen > 5 && strcmp(path + pathlen - 5, "/lu/") == 0)
3492 3810 zone->zone_flags |= ZF_IS_SCRATCH;
3493 3811 return (0);
3494 3812
3495 3813 out:
3496 3814 pn_free(&pn);
3497 3815 pn_free(&upn);
3498 3816 return (error);
3499 3817 }
3500 3818
3501 3819 #define isalnum(c) (((c) >= '0' && (c) <= '9') || \
3502 3820 ((c) >= 'a' && (c) <= 'z') || \
3503 3821 ((c) >= 'A' && (c) <= 'Z'))
3504 3822
3505 3823 static int
3506 3824 zone_set_name(zone_t *zone, const char *uname)
3507 3825 {
3508 3826 char *kname = kmem_zalloc(ZONENAME_MAX, KM_SLEEP);
3509 3827 size_t len;
3510 3828 int i, err;
3511 3829
3512 3830 if ((err = copyinstr(uname, kname, ZONENAME_MAX, &len)) != 0) {
3513 3831 kmem_free(kname, ZONENAME_MAX);
3514 3832 return (err); /* EFAULT or ENAMETOOLONG */
3515 3833 }
3516 3834
3517 3835 /* must be less than ZONENAME_MAX */
3518 3836 if (len == ZONENAME_MAX && kname[ZONENAME_MAX - 1] != '\0') {
3519 3837 kmem_free(kname, ZONENAME_MAX);
3520 3838 return (EINVAL);
3521 3839 }
3522 3840
3523 3841 /*
3524 3842 * Name must start with an alphanumeric and must contain only
3525 3843 * alphanumerics, '-', '_' and '.'.
3526 3844 */
3527 3845 if (!isalnum(kname[0])) {
3528 3846 kmem_free(kname, ZONENAME_MAX);
3529 3847 return (EINVAL);
3530 3848 }
3531 3849 for (i = 1; i < len - 1; i++) {
3532 3850 if (!isalnum(kname[i]) && kname[i] != '-' && kname[i] != '_' &&
3533 3851 kname[i] != '.') {
3534 3852 kmem_free(kname, ZONENAME_MAX);
3535 3853 return (EINVAL);
3536 3854 }
3537 3855 }
3538 3856
3539 3857 zone->zone_name = kname;
3540 3858 return (0);
3541 3859 }
3542 3860
3543 3861 /*
3544 3862 * Gets the 32-bit hostid of the specified zone as an unsigned int. If 'zonep'
3545 3863 * is NULL or it points to a zone with no hostid emulation, then the machine's
3546 3864 * hostid (i.e., the global zone's hostid) is returned. This function returns
3547 3865 * zero if neither the zone nor the host machine (global zone) have hostids. It
3548 3866 * returns HW_INVALID_HOSTID if the function attempts to return the machine's
3549 3867 * hostid and the machine's hostid is invalid.
3550 3868 */
3551 3869 uint32_t
3552 3870 zone_get_hostid(zone_t *zonep)
3553 3871 {
3554 3872 unsigned long machine_hostid;
3555 3873
3556 3874 if (zonep == NULL || zonep->zone_hostid == HW_INVALID_HOSTID) {
3557 3875 if (ddi_strtoul(hw_serial, NULL, 10, &machine_hostid) != 0)
3558 3876 return (HW_INVALID_HOSTID);
3559 3877 return ((uint32_t)machine_hostid);
3560 3878 }
3561 3879 return (zonep->zone_hostid);
3562 3880 }
3563 3881
3564 3882 /*
3565 3883 * Similar to thread_create(), but makes sure the thread is in the appropriate
3566 3884 * zone's zsched process (curproc->p_zone->zone_zsched) before returning.
3567 3885 */
3568 3886 /*ARGSUSED*/
3569 3887 kthread_t *
3570 3888 zthread_create(
3571 3889 caddr_t stk,
3572 3890 size_t stksize,
3573 3891 void (*proc)(),
3574 3892 void *arg,
3575 3893 size_t len,
3576 3894 pri_t pri)
3577 3895 {
3578 3896 kthread_t *t;
3579 3897 zone_t *zone = curproc->p_zone;
3580 3898 proc_t *pp = zone->zone_zsched;
3581 3899
3582 3900 zone_hold(zone); /* Reference to be dropped when thread exits */
3583 3901
3584 3902 /*
3585 3903 * No-one should be trying to create threads if the zone is shutting
3586 3904 * down and there aren't any kernel threads around. See comment
3587 3905 * in zthread_exit().
3588 3906 */
3589 3907 ASSERT(!(zone->zone_kthreads == NULL &&
3590 3908 zone_status_get(zone) >= ZONE_IS_EMPTY));
3591 3909 /*
3592 3910 * Create a thread, but don't let it run until we've finished setting
3593 3911 * things up.
3594 3912 */
3595 3913 t = thread_create(stk, stksize, proc, arg, len, pp, TS_STOPPED, pri);
3596 3914 ASSERT(t->t_forw == NULL);
3597 3915 mutex_enter(&zone_status_lock);
3598 3916 if (zone->zone_kthreads == NULL) {
3599 3917 t->t_forw = t->t_back = t;
3600 3918 } else {
3601 3919 kthread_t *tx = zone->zone_kthreads;
3602 3920
3603 3921 t->t_forw = tx;
3604 3922 t->t_back = tx->t_back;
3605 3923 tx->t_back->t_forw = t;
3606 3924 tx->t_back = t;
3607 3925 }
3608 3926 zone->zone_kthreads = t;
3609 3927 mutex_exit(&zone_status_lock);
3610 3928
3611 3929 mutex_enter(&pp->p_lock);
3612 3930 t->t_proc_flag |= TP_ZTHREAD;
3613 3931 project_rele(t->t_proj);
3614 3932 t->t_proj = project_hold(pp->p_task->tk_proj);
3615 3933
3616 3934 /*
3617 3935 * Setup complete, let it run.
3618 3936 */
3619 3937 thread_lock(t);
3620 3938 t->t_schedflag |= TS_ALLSTART;
3621 3939 setrun_locked(t);
3622 3940 thread_unlock(t);
3623 3941
3624 3942 mutex_exit(&pp->p_lock);
3625 3943
3626 3944 return (t);
3627 3945 }
3628 3946
3629 3947 /*
3630 3948 * Similar to thread_exit(). Must be called by threads created via
3631 3949 * zthread_exit().
3632 3950 */
3633 3951 void
3634 3952 zthread_exit(void)
3635 3953 {
3636 3954 kthread_t *t = curthread;
3637 3955 proc_t *pp = curproc;
3638 3956 zone_t *zone = pp->p_zone;
3639 3957
3640 3958 mutex_enter(&zone_status_lock);
3641 3959
3642 3960 /*
3643 3961 * Reparent to p0
3644 3962 */
3645 3963 kpreempt_disable();
3646 3964 mutex_enter(&pp->p_lock);
3647 3965 t->t_proc_flag &= ~TP_ZTHREAD;
3648 3966 t->t_procp = &p0;
3649 3967 hat_thread_exit(t);
3650 3968 mutex_exit(&pp->p_lock);
3651 3969 kpreempt_enable();
3652 3970
3653 3971 if (t->t_back == t) {
3654 3972 ASSERT(t->t_forw == t);
3655 3973 /*
3656 3974 * If the zone is empty, once the thread count
3657 3975 * goes to zero no further kernel threads can be
3658 3976 * created. This is because if the creator is a process
3659 3977 * in the zone, then it must have exited before the zone
3660 3978 * state could be set to ZONE_IS_EMPTY.
3661 3979 * Otherwise, if the creator is a kernel thread in the
3662 3980 * zone, the thread count is non-zero.
3663 3981 *
3664 3982 * This really means that non-zone kernel threads should
3665 3983 * not create zone kernel threads.
3666 3984 */
3667 3985 zone->zone_kthreads = NULL;
3668 3986 if (zone_status_get(zone) == ZONE_IS_EMPTY) {
3669 3987 zone_status_set(zone, ZONE_IS_DOWN);
3670 3988 /*
3671 3989 * Remove any CPU caps on this zone.
3672 3990 */
3673 3991 cpucaps_zone_remove(zone);
3674 3992 }
3675 3993 } else {
3676 3994 t->t_forw->t_back = t->t_back;
3677 3995 t->t_back->t_forw = t->t_forw;
3678 3996 if (zone->zone_kthreads == t)
3679 3997 zone->zone_kthreads = t->t_forw;
3680 3998 }
3681 3999 mutex_exit(&zone_status_lock);
3682 4000 zone_rele(zone);
3683 4001 thread_exit();
3684 4002 /* NOTREACHED */
3685 4003 }
3686 4004
3687 4005 static void
3688 4006 zone_chdir(vnode_t *vp, vnode_t **vpp, proc_t *pp)
3689 4007 {
3690 4008 vnode_t *oldvp;
3691 4009
3692 4010 /* we're going to hold a reference here to the directory */
3693 4011 VN_HOLD(vp);
3694 4012
3695 4013 /* update abs cwd/root path see c2/audit.c */
3696 4014 if (AU_AUDITING())
3697 4015 audit_chdirec(vp, vpp);
3698 4016
3699 4017 mutex_enter(&pp->p_lock);
3700 4018 oldvp = *vpp;
3701 4019 *vpp = vp;
3702 4020 mutex_exit(&pp->p_lock);
3703 4021 if (oldvp != NULL)
3704 4022 VN_RELE(oldvp);
3705 4023 }
3706 4024
3707 4025 /*
3708 4026 * Convert an rctl value represented by an nvlist_t into an rctl_val_t.
3709 4027 */
3710 4028 static int
3711 4029 nvlist2rctlval(nvlist_t *nvl, rctl_val_t *rv)
3712 4030 {
3713 4031 nvpair_t *nvp = NULL;
3714 4032 boolean_t priv_set = B_FALSE;
3715 4033 boolean_t limit_set = B_FALSE;
3716 4034 boolean_t action_set = B_FALSE;
3717 4035
3718 4036 while ((nvp = nvlist_next_nvpair(nvl, nvp)) != NULL) {
3719 4037 const char *name;
3720 4038 uint64_t ui64;
3721 4039
3722 4040 name = nvpair_name(nvp);
3723 4041 if (nvpair_type(nvp) != DATA_TYPE_UINT64)
3724 4042 return (EINVAL);
3725 4043 (void) nvpair_value_uint64(nvp, &ui64);
3726 4044 if (strcmp(name, "privilege") == 0) {
3727 4045 /*
3728 4046 * Currently only privileged values are allowed, but
3729 4047 * this may change in the future.
3730 4048 */
3731 4049 if (ui64 != RCPRIV_PRIVILEGED)
3732 4050 return (EINVAL);
3733 4051 rv->rcv_privilege = ui64;
3734 4052 priv_set = B_TRUE;
3735 4053 } else if (strcmp(name, "limit") == 0) {
3736 4054 rv->rcv_value = ui64;
3737 4055 limit_set = B_TRUE;
3738 4056 } else if (strcmp(name, "action") == 0) {
3739 4057 if (ui64 != RCTL_LOCAL_NOACTION &&
3740 4058 ui64 != RCTL_LOCAL_DENY)
3741 4059 return (EINVAL);
3742 4060 rv->rcv_flagaction = ui64;
3743 4061 action_set = B_TRUE;
3744 4062 } else {
3745 4063 return (EINVAL);
3746 4064 }
3747 4065 }
3748 4066
3749 4067 if (!(priv_set && limit_set && action_set))
3750 4068 return (EINVAL);
3751 4069 rv->rcv_action_signal = 0;
3752 4070 rv->rcv_action_recipient = NULL;
3753 4071 rv->rcv_action_recip_pid = -1;
3754 4072 rv->rcv_firing_time = 0;
3755 4073
3756 4074 return (0);
3757 4075 }
3758 4076
3759 4077 /*
3760 4078 * Non-global zone version of start_init.
3761 4079 */
3762 4080 void
3763 4081 zone_start_init(void)
3764 4082 {
3765 4083 proc_t *p = ttoproc(curthread);
|
↓ open down ↓ |
1129 lines elided |
↑ open up ↑ |
3766 4084 zone_t *z = p->p_zone;
3767 4085
3768 4086 ASSERT(!INGLOBALZONE(curproc));
3769 4087
3770 4088 /*
3771 4089 * For all purposes (ZONE_ATTR_INITPID and restart_init),
3772 4090 * storing just the pid of init is sufficient.
3773 4091 */
3774 4092 z->zone_proc_initpid = p->p_pid;
3775 4093
4094 + if (z->zone_setup_app_contract == B_TRUE) {
4095 + /*
4096 + * Normally a process cannot modify its own contract, but we're
4097 + * just starting the zone's init process and its contract is
4098 + * always initialized from the sys_process_tmpl template, so
4099 + * this is the simplest way to setup init's contract to kill
4100 + * the process if any other process in the contract exits.
4101 + */
4102 + p->p_ct_process->conp_ev_fatal |= CT_PR_EV_EXIT;
4103 + }
4104 +
3776 4105 /*
3777 4106 * We maintain zone_boot_err so that we can return the cause of the
3778 4107 * failure back to the caller of the zone_boot syscall.
3779 4108 */
3780 4109 p->p_zone->zone_boot_err = start_init_common();
3781 4110
3782 4111 /*
3783 4112 * We will prevent booting zones from becoming running zones if the
3784 4113 * global zone is shutting down.
3785 4114 */
3786 4115 mutex_enter(&zone_status_lock);
3787 4116 if (z->zone_boot_err != 0 || zone_status_get(global_zone) >=
3788 4117 ZONE_IS_SHUTTING_DOWN) {
3789 4118 /*
3790 4119 * Make sure we are still in the booting state-- we could have
3791 4120 * raced and already be shutting down, or even further along.
3792 4121 */
3793 4122 if (zone_status_get(z) == ZONE_IS_BOOTING) {
|
↓ open down ↓ |
8 lines elided |
↑ open up ↑ |
3794 4123 zone_status_set(z, ZONE_IS_SHUTTING_DOWN);
3795 4124 }
3796 4125 mutex_exit(&zone_status_lock);
3797 4126 /* It's gone bad, dispose of the process */
3798 4127 if (proc_exit(CLD_EXITED, z->zone_boot_err) != 0) {
3799 4128 mutex_enter(&p->p_lock);
3800 4129 ASSERT(p->p_flag & SEXITLWPS);
3801 4130 lwp_exit();
3802 4131 }
3803 4132 } else {
4133 + id_t cid = curthread->t_cid;
4134 +
3804 4135 if (zone_status_get(z) == ZONE_IS_BOOTING)
3805 4136 zone_status_set(z, ZONE_IS_RUNNING);
3806 4137 mutex_exit(&zone_status_lock);
4138 +
4139 + mutex_enter(&class_lock);
4140 + ASSERT(cid < loaded_classes);
4141 + if (strcmp(sclass[cid].cl_name, "FX") == 0 &&
4142 + z->zone_fixed_hipri) {
4143 + /*
4144 + * If the zone is using FX then by default all
4145 + * processes start at the lowest priority and stay
4146 + * there. We provide a mechanism for the zone to
4147 + * indicate that it should run at "high priority". In
4148 + * this case we setup init to run at the highest FX
4149 + * priority (which is one level higher than the
4150 + * non-fixed scheduling classes can use).
4151 + */
4152 + pcparms_t pcparms;
4153 +
4154 + pcparms.pc_cid = cid;
4155 + ((fxkparms_t *)pcparms.pc_clparms)->fx_upri = FXMAXUPRI;
4156 + ((fxkparms_t *)pcparms.pc_clparms)->fx_uprilim =
4157 + FXMAXUPRI;
4158 + ((fxkparms_t *)pcparms.pc_clparms)->fx_cflags =
4159 + FX_DOUPRILIM | FX_DOUPRI;
4160 +
4161 + mutex_enter(&pidlock);
4162 + mutex_enter(&curproc->p_lock);
4163 +
4164 + (void) parmsset(&pcparms, curthread);
4165 +
4166 + mutex_exit(&curproc->p_lock);
4167 + mutex_exit(&pidlock);
4168 + } else if (strcmp(sclass[cid].cl_name, "RT") == 0) {
4169 + /*
4170 + * zsched always starts the init lwp at priority
4171 + * minclsyspri - 1. This priority gets set in t_pri and
4172 + * is invalid for RT, but RT never uses t_pri. However
4173 + * t_pri is used by procfs, so we always see processes
4174 + * within an RT zone with an invalid priority value.
4175 + * We fix that up now.
4176 + */
4177 + curthread->t_pri = RTGPPRIO0;
4178 + }
4179 + mutex_exit(&class_lock);
4180 +
3807 4181 /* cause the process to return to userland. */
3808 4182 lwp_rtt();
3809 4183 }
3810 4184 }
3811 4185
3812 4186 struct zsched_arg {
3813 4187 zone_t *zone;
3814 4188 nvlist_t *nvlist;
3815 4189 };
3816 4190
3817 4191 /*
3818 4192 * Per-zone "sched" workalike. The similarity to "sched" doesn't have
3819 4193 * anything to do with scheduling, but rather with the fact that
3820 4194 * per-zone kernel threads are parented to zsched, just like regular
3821 4195 * kernel threads are parented to sched (p0).
3822 4196 *
3823 4197 * zsched is also responsible for launching init for the zone.
3824 4198 */
3825 4199 static void
3826 4200 zsched(void *arg)
3827 4201 {
3828 4202 struct zsched_arg *za = arg;
3829 4203 proc_t *pp = curproc;
3830 4204 proc_t *initp = proc_init;
3831 4205 zone_t *zone = za->zone;
3832 4206 cred_t *cr, *oldcred;
3833 4207 rctl_set_t *set;
3834 4208 rctl_alloc_gp_t *gp;
3835 4209 contract_t *ct = NULL;
3836 4210 task_t *tk, *oldtk;
3837 4211 rctl_entity_p_t e;
|
↓ open down ↓ |
21 lines elided |
↑ open up ↑ |
3838 4212 kproject_t *pj;
3839 4213
3840 4214 nvlist_t *nvl = za->nvlist;
3841 4215 nvpair_t *nvp = NULL;
3842 4216
3843 4217 bcopy("zsched", PTOU(pp)->u_psargs, sizeof ("zsched"));
3844 4218 bcopy("zsched", PTOU(pp)->u_comm, sizeof ("zsched"));
3845 4219 PTOU(pp)->u_argc = 0;
3846 4220 PTOU(pp)->u_argv = NULL;
3847 4221 PTOU(pp)->u_envp = NULL;
4222 + PTOU(pp)->u_commpagep = NULL;
3848 4223 closeall(P_FINFO(pp));
3849 4224
3850 4225 /*
3851 4226 * We are this zone's "zsched" process. As the zone isn't generally
3852 4227 * visible yet we don't need to grab any locks before initializing its
3853 4228 * zone_proc pointer.
3854 4229 */
3855 4230 zone_hold(zone); /* this hold is released by zone_destroy() */
3856 4231 zone->zone_zsched = pp;
3857 4232 mutex_enter(&pp->p_lock);
3858 4233 pp->p_zone = zone;
3859 4234 mutex_exit(&pp->p_lock);
3860 4235
3861 4236 /*
3862 4237 * Disassociate process from its 'parent'; parent ourselves to init
3863 4238 * (pid 1) and change other values as needed.
3864 4239 */
3865 4240 sess_create();
3866 4241
3867 4242 mutex_enter(&pidlock);
3868 4243 proc_detach(pp);
3869 4244 pp->p_ppid = 1;
3870 4245 pp->p_flag |= SZONETOP;
3871 4246 pp->p_ancpid = 1;
3872 4247 pp->p_parent = initp;
3873 4248 pp->p_psibling = NULL;
3874 4249 if (initp->p_child)
3875 4250 initp->p_child->p_psibling = pp;
3876 4251 pp->p_sibling = initp->p_child;
3877 4252 initp->p_child = pp;
3878 4253
3879 4254 /* Decrement what newproc() incremented. */
3880 4255 upcount_dec(crgetruid(CRED()), GLOBAL_ZONEID);
3881 4256 /*
3882 4257 * Our credentials are about to become kcred-like, so we don't care
3883 4258 * about the caller's ruid.
3884 4259 */
3885 4260 upcount_inc(crgetruid(kcred), zone->zone_id);
3886 4261 mutex_exit(&pidlock);
3887 4262
3888 4263 /*
3889 4264 * getting out of global zone, so decrement lwp and process counts
3890 4265 */
3891 4266 pj = pp->p_task->tk_proj;
3892 4267 mutex_enter(&global_zone->zone_nlwps_lock);
3893 4268 pj->kpj_nlwps -= pp->p_lwpcnt;
3894 4269 global_zone->zone_nlwps -= pp->p_lwpcnt;
3895 4270 pj->kpj_nprocs--;
3896 4271 global_zone->zone_nprocs--;
3897 4272 mutex_exit(&global_zone->zone_nlwps_lock);
3898 4273
3899 4274 /*
3900 4275 * Decrement locked memory counts on old zone and project.
3901 4276 */
3902 4277 mutex_enter(&global_zone->zone_mem_lock);
3903 4278 global_zone->zone_locked_mem -= pp->p_locked_mem;
3904 4279 pj->kpj_data.kpd_locked_mem -= pp->p_locked_mem;
3905 4280 mutex_exit(&global_zone->zone_mem_lock);
3906 4281
3907 4282 /*
3908 4283 * Create and join a new task in project '0' of this zone.
3909 4284 *
3910 4285 * We don't need to call holdlwps() since we know we're the only lwp in
3911 4286 * this process.
3912 4287 *
3913 4288 * task_join() returns with p_lock held.
3914 4289 */
3915 4290 tk = task_create(0, zone);
3916 4291 mutex_enter(&cpu_lock);
3917 4292 oldtk = task_join(tk, 0);
3918 4293
3919 4294 pj = pp->p_task->tk_proj;
3920 4295
3921 4296 mutex_enter(&zone->zone_mem_lock);
3922 4297 zone->zone_locked_mem += pp->p_locked_mem;
3923 4298 pj->kpj_data.kpd_locked_mem += pp->p_locked_mem;
3924 4299 mutex_exit(&zone->zone_mem_lock);
3925 4300
3926 4301 /*
3927 4302 * add lwp and process counts to zsched's zone, and increment
3928 4303 * project's task and process count due to the task created in
3929 4304 * the above task_create.
3930 4305 */
3931 4306 mutex_enter(&zone->zone_nlwps_lock);
3932 4307 pj->kpj_nlwps += pp->p_lwpcnt;
3933 4308 pj->kpj_ntasks += 1;
3934 4309 zone->zone_nlwps += pp->p_lwpcnt;
3935 4310 pj->kpj_nprocs++;
3936 4311 zone->zone_nprocs++;
3937 4312 mutex_exit(&zone->zone_nlwps_lock);
3938 4313
3939 4314 mutex_exit(&curproc->p_lock);
3940 4315 mutex_exit(&cpu_lock);
3941 4316 task_rele(oldtk);
3942 4317
3943 4318 /*
3944 4319 * The process was created by a process in the global zone, hence the
3945 4320 * credentials are wrong. We might as well have kcred-ish credentials.
3946 4321 */
3947 4322 cr = zone->zone_kcred;
3948 4323 crhold(cr);
3949 4324 mutex_enter(&pp->p_crlock);
3950 4325 oldcred = pp->p_cred;
3951 4326 pp->p_cred = cr;
3952 4327 mutex_exit(&pp->p_crlock);
3953 4328 crfree(oldcred);
3954 4329
3955 4330 /*
3956 4331 * Hold credentials again (for thread)
3957 4332 */
3958 4333 crhold(cr);
3959 4334
3960 4335 /*
3961 4336 * p_lwpcnt can't change since this is a kernel process.
3962 4337 */
3963 4338 crset(pp, cr);
3964 4339
3965 4340 /*
3966 4341 * Chroot
3967 4342 */
3968 4343 zone_chdir(zone->zone_rootvp, &PTOU(pp)->u_cdir, pp);
3969 4344 zone_chdir(zone->zone_rootvp, &PTOU(pp)->u_rdir, pp);
3970 4345
3971 4346 /*
3972 4347 * Initialize zone's rctl set.
3973 4348 */
3974 4349 set = rctl_set_create();
3975 4350 gp = rctl_set_init_prealloc(RCENTITY_ZONE);
3976 4351 mutex_enter(&pp->p_lock);
3977 4352 e.rcep_p.zone = zone;
3978 4353 e.rcep_t = RCENTITY_ZONE;
3979 4354 zone->zone_rctls = rctl_set_init(RCENTITY_ZONE, pp, &e, set, gp);
3980 4355 mutex_exit(&pp->p_lock);
3981 4356 rctl_prealloc_destroy(gp);
3982 4357
3983 4358 /*
3984 4359 * Apply the rctls passed in to zone_create(). This is basically a list
3985 4360 * assignment: all of the old values are removed and the new ones
3986 4361 * inserted. That is, if an empty list is passed in, all values are
3987 4362 * removed.
3988 4363 */
3989 4364 while ((nvp = nvlist_next_nvpair(nvl, nvp)) != NULL) {
3990 4365 rctl_dict_entry_t *rde;
3991 4366 rctl_hndl_t hndl;
3992 4367 char *name;
3993 4368 nvlist_t **nvlarray;
3994 4369 uint_t i, nelem;
3995 4370 int error; /* For ASSERT()s */
3996 4371
3997 4372 name = nvpair_name(nvp);
3998 4373 hndl = rctl_hndl_lookup(name);
3999 4374 ASSERT(hndl != -1);
4000 4375 rde = rctl_dict_lookup_hndl(hndl);
4001 4376 ASSERT(rde != NULL);
4002 4377
4003 4378 for (; /* ever */; ) {
4004 4379 rctl_val_t oval;
4005 4380
4006 4381 mutex_enter(&pp->p_lock);
4007 4382 error = rctl_local_get(hndl, NULL, &oval, pp);
4008 4383 mutex_exit(&pp->p_lock);
4009 4384 ASSERT(error == 0); /* Can't fail for RCTL_FIRST */
4010 4385 ASSERT(oval.rcv_privilege != RCPRIV_BASIC);
4011 4386 if (oval.rcv_privilege == RCPRIV_SYSTEM)
4012 4387 break;
4013 4388 mutex_enter(&pp->p_lock);
4014 4389 error = rctl_local_delete(hndl, &oval, pp);
4015 4390 mutex_exit(&pp->p_lock);
4016 4391 ASSERT(error == 0);
4017 4392 }
4018 4393 error = nvpair_value_nvlist_array(nvp, &nvlarray, &nelem);
4019 4394 ASSERT(error == 0);
4020 4395 for (i = 0; i < nelem; i++) {
4021 4396 rctl_val_t *nvalp;
4022 4397
4023 4398 nvalp = kmem_cache_alloc(rctl_val_cache, KM_SLEEP);
4024 4399 error = nvlist2rctlval(nvlarray[i], nvalp);
4025 4400 ASSERT(error == 0);
4026 4401 /*
4027 4402 * rctl_local_insert can fail if the value being
4028 4403 * inserted is a duplicate; this is OK.
4029 4404 */
4030 4405 mutex_enter(&pp->p_lock);
4031 4406 if (rctl_local_insert(hndl, nvalp, pp) != 0)
4032 4407 kmem_cache_free(rctl_val_cache, nvalp);
4033 4408 mutex_exit(&pp->p_lock);
4034 4409 }
4035 4410 }
4036 4411 /*
4037 4412 * Tell the world that we're done setting up.
4038 4413 *
4039 4414 * At this point we want to set the zone status to ZONE_IS_INITIALIZED
4040 4415 * and atomically set the zone's processor set visibility. Once
4041 4416 * we drop pool_lock() this zone will automatically get updated
4042 4417 * to reflect any future changes to the pools configuration.
4043 4418 *
4044 4419 * Note that after we drop the locks below (zonehash_lock in
4045 4420 * particular) other operations such as a zone_getattr call can
4046 4421 * now proceed and observe the zone. That is the reason for doing a
4047 4422 * state transition to the INITIALIZED state.
4048 4423 */
4049 4424 pool_lock();
4050 4425 mutex_enter(&cpu_lock);
4051 4426 mutex_enter(&zonehash_lock);
4052 4427 zone_uniqid(zone);
4053 4428 zone_zsd_configure(zone);
4054 4429 if (pool_state == POOL_ENABLED)
4055 4430 zone_pset_set(zone, pool_default->pool_pset->pset_id);
4056 4431 mutex_enter(&zone_status_lock);
4057 4432 ASSERT(zone_status_get(zone) == ZONE_IS_UNINITIALIZED);
4058 4433 zone_status_set(zone, ZONE_IS_INITIALIZED);
4059 4434 mutex_exit(&zone_status_lock);
4060 4435 mutex_exit(&zonehash_lock);
4061 4436 mutex_exit(&cpu_lock);
4062 4437 pool_unlock();
4063 4438
4064 4439 /* Now call the create callback for this key */
4065 4440 zsd_apply_all_keys(zsd_apply_create, zone);
4066 4441
4067 4442 /* The callbacks are complete. Mark ZONE_IS_READY */
4068 4443 mutex_enter(&zone_status_lock);
4069 4444 ASSERT(zone_status_get(zone) == ZONE_IS_INITIALIZED);
4070 4445 zone_status_set(zone, ZONE_IS_READY);
4071 4446 mutex_exit(&zone_status_lock);
4072 4447
4073 4448 /*
4074 4449 * Once we see the zone transition to the ZONE_IS_BOOTING state,
4075 4450 * we launch init, and set the state to running.
4076 4451 */
4077 4452 zone_status_wait_cpr(zone, ZONE_IS_BOOTING, "zsched");
4078 4453
4079 4454 if (zone_status_get(zone) == ZONE_IS_BOOTING) {
4080 4455 id_t cid;
4081 4456
4082 4457 /*
4083 4458 * Ok, this is a little complicated. We need to grab the
4084 4459 * zone's pool's scheduling class ID; note that by now, we
4085 4460 * are already bound to a pool if we need to be (zoneadmd
4086 4461 * will have done that to us while we're in the READY
4087 4462 * state). *But* the scheduling class for the zone's 'init'
4088 4463 * must be explicitly passed to newproc, which doesn't
4089 4464 * respect pool bindings.
4090 4465 *
4091 4466 * We hold the pool_lock across the call to newproc() to
4092 4467 * close the obvious race: the pool's scheduling class
4093 4468 * could change before we manage to create the LWP with
4094 4469 * classid 'cid'.
4095 4470 */
4096 4471 pool_lock();
4097 4472 if (zone->zone_defaultcid > 0)
4098 4473 cid = zone->zone_defaultcid;
4099 4474 else
4100 4475 cid = pool_get_class(zone->zone_pool);
4101 4476 if (cid == -1)
4102 4477 cid = defaultcid;
4103 4478
4104 4479 /*
4105 4480 * If this fails, zone_boot will ultimately fail. The
4106 4481 * state of the zone will be set to SHUTTING_DOWN-- userland
4107 4482 * will have to tear down the zone, and fail, or try again.
4108 4483 */
4109 4484 if ((zone->zone_boot_err = newproc(zone_start_init, NULL, cid,
4110 4485 minclsyspri - 1, &ct, 0)) != 0) {
4111 4486 mutex_enter(&zone_status_lock);
4112 4487 zone_status_set(zone, ZONE_IS_SHUTTING_DOWN);
4113 4488 mutex_exit(&zone_status_lock);
4114 4489 } else {
4115 4490 zone->zone_boot_time = gethrestime_sec();
4116 4491 }
4117 4492
4118 4493 pool_unlock();
4119 4494 }
4120 4495
4121 4496 /*
4122 4497 * Wait for zone_destroy() to be called. This is what we spend
4123 4498 * most of our life doing.
4124 4499 */
4125 4500 zone_status_wait_cpr(zone, ZONE_IS_DYING, "zsched");
4126 4501
4127 4502 if (ct)
4128 4503 /*
4129 4504 * At this point the process contract should be empty.
4130 4505 * (Though if it isn't, it's not the end of the world.)
4131 4506 */
4132 4507 VERIFY(contract_abandon(ct, curproc, B_TRUE) == 0);
4133 4508
4134 4509 /*
4135 4510 * Allow kcred to be freed when all referring processes
4136 4511 * (including this one) go away. We can't just do this in
4137 4512 * zone_free because we need to wait for the zone_cred_ref to
4138 4513 * drop to 0 before calling zone_free, and the existence of
4139 4514 * zone_kcred will prevent that. Thus, we call crfree here to
4140 4515 * balance the crdup in zone_create. The crhold calls earlier
4141 4516 * in zsched will be dropped when the thread and process exit.
4142 4517 */
4143 4518 crfree(zone->zone_kcred);
4144 4519 zone->zone_kcred = NULL;
4145 4520
4146 4521 exit(CLD_EXITED, 0);
4147 4522 }
4148 4523
4149 4524 /*
4150 4525 * Helper function to determine if there are any submounts of the
4151 4526 * provided path. Used to make sure the zone doesn't "inherit" any
4152 4527 * mounts from before it is created.
4153 4528 */
4154 4529 static uint_t
4155 4530 zone_mount_count(const char *rootpath)
4156 4531 {
4157 4532 vfs_t *vfsp;
4158 4533 uint_t count = 0;
4159 4534 size_t rootpathlen = strlen(rootpath);
4160 4535
4161 4536 /*
4162 4537 * Holding zonehash_lock prevents race conditions with
4163 4538 * vfs_list_add()/vfs_list_remove() since we serialize with
4164 4539 * zone_find_by_path().
4165 4540 */
4166 4541 ASSERT(MUTEX_HELD(&zonehash_lock));
4167 4542 /*
4168 4543 * The rootpath must end with a '/'
4169 4544 */
4170 4545 ASSERT(rootpath[rootpathlen - 1] == '/');
4171 4546
4172 4547 /*
4173 4548 * This intentionally does not count the rootpath itself if that
4174 4549 * happens to be a mount point.
4175 4550 */
4176 4551 vfs_list_read_lock();
4177 4552 vfsp = rootvfs;
4178 4553 do {
4179 4554 if (strncmp(rootpath, refstr_value(vfsp->vfs_mntpt),
4180 4555 rootpathlen) == 0)
4181 4556 count++;
4182 4557 vfsp = vfsp->vfs_next;
4183 4558 } while (vfsp != rootvfs);
4184 4559 vfs_list_unlock();
4185 4560 return (count);
4186 4561 }
4187 4562
4188 4563 /*
4189 4564 * Helper function to make sure that a zone created on 'rootpath'
4190 4565 * wouldn't end up containing other zones' rootpaths.
4191 4566 */
4192 4567 static boolean_t
4193 4568 zone_is_nested(const char *rootpath)
4194 4569 {
4195 4570 zone_t *zone;
4196 4571 size_t rootpathlen = strlen(rootpath);
4197 4572 size_t len;
4198 4573
4199 4574 ASSERT(MUTEX_HELD(&zonehash_lock));
4200 4575
4201 4576 /*
4202 4577 * zone_set_root() appended '/' and '\0' at the end of rootpath
4203 4578 */
4204 4579 if ((rootpathlen <= 3) && (rootpath[0] == '/') &&
4205 4580 (rootpath[1] == '/') && (rootpath[2] == '\0'))
4206 4581 return (B_TRUE);
4207 4582
4208 4583 for (zone = list_head(&zone_active); zone != NULL;
4209 4584 zone = list_next(&zone_active, zone)) {
4210 4585 if (zone == global_zone)
4211 4586 continue;
4212 4587 len = strlen(zone->zone_rootpath);
4213 4588 if (strncmp(rootpath, zone->zone_rootpath,
4214 4589 MIN(rootpathlen, len)) == 0)
4215 4590 return (B_TRUE);
4216 4591 }
4217 4592 return (B_FALSE);
4218 4593 }
4219 4594
4220 4595 static int
4221 4596 zone_set_privset(zone_t *zone, const priv_set_t *zone_privs,
4222 4597 size_t zone_privssz)
4223 4598 {
4224 4599 priv_set_t *privs;
4225 4600
4226 4601 if (zone_privssz < sizeof (priv_set_t))
4227 4602 return (ENOMEM);
4228 4603
4229 4604 privs = kmem_alloc(sizeof (priv_set_t), KM_SLEEP);
4230 4605
4231 4606 if (copyin(zone_privs, privs, sizeof (priv_set_t))) {
4232 4607 kmem_free(privs, sizeof (priv_set_t));
4233 4608 return (EFAULT);
4234 4609 }
4235 4610
4236 4611 zone->zone_privset = privs;
4237 4612 return (0);
4238 4613 }
4239 4614
4240 4615 /*
4241 4616 * We make creative use of nvlists to pass in rctls from userland. The list is
4242 4617 * a list of the following structures:
4243 4618 *
4244 4619 * (name = rctl_name, value = nvpair_list_array)
4245 4620 *
4246 4621 * Where each element of the nvpair_list_array is of the form:
4247 4622 *
4248 4623 * [(name = "privilege", value = RCPRIV_PRIVILEGED),
4249 4624 * (name = "limit", value = uint64_t),
4250 4625 * (name = "action", value = (RCTL_LOCAL_NOACTION || RCTL_LOCAL_DENY))]
4251 4626 */
4252 4627 static int
4253 4628 parse_rctls(caddr_t ubuf, size_t buflen, nvlist_t **nvlp)
4254 4629 {
4255 4630 nvpair_t *nvp = NULL;
4256 4631 nvlist_t *nvl = NULL;
4257 4632 char *kbuf;
4258 4633 int error;
4259 4634 rctl_val_t rv;
4260 4635
4261 4636 *nvlp = NULL;
4262 4637
4263 4638 if (buflen == 0)
4264 4639 return (0);
4265 4640
4266 4641 if ((kbuf = kmem_alloc(buflen, KM_NOSLEEP)) == NULL)
4267 4642 return (ENOMEM);
4268 4643 if (copyin(ubuf, kbuf, buflen)) {
4269 4644 error = EFAULT;
4270 4645 goto out;
4271 4646 }
4272 4647 if (nvlist_unpack(kbuf, buflen, &nvl, KM_SLEEP) != 0) {
4273 4648 /*
4274 4649 * nvl may have been allocated/free'd, but the value set to
4275 4650 * non-NULL, so we reset it here.
4276 4651 */
4277 4652 nvl = NULL;
4278 4653 error = EINVAL;
4279 4654 goto out;
|
↓ open down ↓ |
422 lines elided |
↑ open up ↑ |
4280 4655 }
4281 4656 while ((nvp = nvlist_next_nvpair(nvl, nvp)) != NULL) {
4282 4657 rctl_dict_entry_t *rde;
4283 4658 rctl_hndl_t hndl;
4284 4659 nvlist_t **nvlarray;
4285 4660 uint_t i, nelem;
4286 4661 char *name;
4287 4662
4288 4663 error = EINVAL;
4289 4664 name = nvpair_name(nvp);
4290 - if (strncmp(nvpair_name(nvp), "zone.", sizeof ("zone.") - 1)
4291 - != 0 || nvpair_type(nvp) != DATA_TYPE_NVLIST_ARRAY) {
4665 + if ((strncmp(name, "zone.", sizeof ("zone.") - 1) != 0 &&
4666 + strncmp(name, "project.", sizeof ("project.") - 1) != 0) ||
4667 + nvpair_type(nvp) != DATA_TYPE_NVLIST_ARRAY) {
4292 4668 goto out;
4293 4669 }
4294 4670 if ((hndl = rctl_hndl_lookup(name)) == -1) {
4295 4671 goto out;
4296 4672 }
4297 4673 rde = rctl_dict_lookup_hndl(hndl);
4298 4674 error = nvpair_value_nvlist_array(nvp, &nvlarray, &nelem);
4299 4675 ASSERT(error == 0);
4300 4676 for (i = 0; i < nelem; i++) {
4301 4677 if (error = nvlist2rctlval(nvlarray[i], &rv))
4302 4678 goto out;
4303 4679 }
4304 4680 if (rctl_invalid_value(rde, &rv)) {
4305 4681 error = EINVAL;
4306 4682 goto out;
4307 4683 }
4308 4684 }
4309 4685 error = 0;
4310 4686 *nvlp = nvl;
4311 4687 out:
4312 4688 kmem_free(kbuf, buflen);
4313 4689 if (error && nvl != NULL)
4314 4690 nvlist_free(nvl);
4315 4691 return (error);
4316 4692 }
4317 4693
4318 4694 int
4319 4695 zone_create_error(int er_error, int er_ext, int *er_out) {
4320 4696 if (er_out != NULL) {
4321 4697 if (copyout(&er_ext, er_out, sizeof (int))) {
4322 4698 return (set_errno(EFAULT));
4323 4699 }
4324 4700 }
4325 4701 return (set_errno(er_error));
4326 4702 }
4327 4703
4328 4704 static int
4329 4705 zone_set_label(zone_t *zone, const bslabel_t *lab, uint32_t doi)
4330 4706 {
4331 4707 ts_label_t *tsl;
4332 4708 bslabel_t blab;
4333 4709
4334 4710 /* Get label from user */
4335 4711 if (copyin(lab, &blab, sizeof (blab)) != 0)
4336 4712 return (EFAULT);
4337 4713 tsl = labelalloc(&blab, doi, KM_NOSLEEP);
4338 4714 if (tsl == NULL)
4339 4715 return (ENOMEM);
4340 4716
4341 4717 zone->zone_slabel = tsl;
4342 4718 return (0);
4343 4719 }
4344 4720
4345 4721 /*
4346 4722 * Parses a comma-separated list of ZFS datasets into a per-zone dictionary.
4347 4723 */
4348 4724 static int
4349 4725 parse_zfs(zone_t *zone, caddr_t ubuf, size_t buflen)
4350 4726 {
4351 4727 char *kbuf;
4352 4728 char *dataset, *next;
4353 4729 zone_dataset_t *zd;
4354 4730 size_t len;
4355 4731
4356 4732 if (ubuf == NULL || buflen == 0)
4357 4733 return (0);
4358 4734
4359 4735 if ((kbuf = kmem_alloc(buflen, KM_NOSLEEP)) == NULL)
4360 4736 return (ENOMEM);
4361 4737
4362 4738 if (copyin(ubuf, kbuf, buflen) != 0) {
4363 4739 kmem_free(kbuf, buflen);
4364 4740 return (EFAULT);
4365 4741 }
4366 4742
4367 4743 dataset = next = kbuf;
4368 4744 for (;;) {
4369 4745 zd = kmem_alloc(sizeof (zone_dataset_t), KM_SLEEP);
4370 4746
4371 4747 next = strchr(dataset, ',');
4372 4748
4373 4749 if (next == NULL)
4374 4750 len = strlen(dataset);
4375 4751 else
4376 4752 len = next - dataset;
4377 4753
4378 4754 zd->zd_dataset = kmem_alloc(len + 1, KM_SLEEP);
4379 4755 bcopy(dataset, zd->zd_dataset, len);
4380 4756 zd->zd_dataset[len] = '\0';
4381 4757
4382 4758 list_insert_head(&zone->zone_datasets, zd);
4383 4759
4384 4760 if (next == NULL)
4385 4761 break;
4386 4762
4387 4763 dataset = next + 1;
4388 4764 }
4389 4765
4390 4766 kmem_free(kbuf, buflen);
4391 4767 return (0);
4392 4768 }
4393 4769
4394 4770 /*
4395 4771 * System call to create/initialize a new zone named 'zone_name', rooted
4396 4772 * at 'zone_root', with a zone-wide privilege limit set of 'zone_privs',
4397 4773 * and initialized with the zone-wide rctls described in 'rctlbuf', and
4398 4774 * with labeling set by 'match', 'doi', and 'label'.
4399 4775 *
4400 4776 * If extended error is non-null, we may use it to return more detailed
4401 4777 * error information.
4402 4778 */
4403 4779 static zoneid_t
4404 4780 zone_create(const char *zone_name, const char *zone_root,
4405 4781 const priv_set_t *zone_privs, size_t zone_privssz,
4406 4782 caddr_t rctlbuf, size_t rctlbufsz,
4407 4783 caddr_t zfsbuf, size_t zfsbufsz, int *extended_error,
4408 4784 int match, uint32_t doi, const bslabel_t *label,
4409 4785 int flags)
4410 4786 {
4411 4787 struct zsched_arg zarg;
4412 4788 nvlist_t *rctls = NULL;
4413 4789 proc_t *pp = curproc;
4414 4790 zone_t *zone, *ztmp;
4415 4791 zoneid_t zoneid;
4416 4792 int error;
4417 4793 int error2 = 0;
4418 4794 char *str;
4419 4795 cred_t *zkcr;
4420 4796 boolean_t insert_label_hash;
4421 4797
4422 4798 if (secpolicy_zone_config(CRED()) != 0)
4423 4799 return (set_errno(EPERM));
4424 4800
4425 4801 /* can't boot zone from within chroot environment */
4426 4802 if (PTOU(pp)->u_rdir != NULL && PTOU(pp)->u_rdir != rootdir)
4427 4803 return (zone_create_error(ENOTSUP, ZE_CHROOTED,
4428 4804 extended_error));
|
↓ open down ↓ |
127 lines elided |
↑ open up ↑ |
4429 4805
4430 4806 zone = kmem_zalloc(sizeof (zone_t), KM_SLEEP);
4431 4807 zoneid = zone->zone_id = id_alloc(zoneid_space);
4432 4808 zone->zone_status = ZONE_IS_UNINITIALIZED;
4433 4809 zone->zone_pool = pool_default;
4434 4810 zone->zone_pool_mod = gethrtime();
4435 4811 zone->zone_psetid = ZONE_PS_INVAL;
4436 4812 zone->zone_ncpus = 0;
4437 4813 zone->zone_ncpus_online = 0;
4438 4814 zone->zone_restart_init = B_TRUE;
4815 + zone->zone_reboot_on_init_exit = B_FALSE;
4816 + zone->zone_init_status = -1;
4439 4817 zone->zone_brand = &native_brand;
4440 4818 zone->zone_initname = NULL;
4441 4819 mutex_init(&zone->zone_lock, NULL, MUTEX_DEFAULT, NULL);
4442 4820 mutex_init(&zone->zone_nlwps_lock, NULL, MUTEX_DEFAULT, NULL);
4443 4821 mutex_init(&zone->zone_mem_lock, NULL, MUTEX_DEFAULT, NULL);
4444 4822 cv_init(&zone->zone_cv, NULL, CV_DEFAULT, NULL);
4445 4823 list_create(&zone->zone_ref_list, sizeof (zone_ref_t),
4446 4824 offsetof(zone_ref_t, zref_linkage));
4447 4825 list_create(&zone->zone_zsd, sizeof (struct zsd_entry),
4448 4826 offsetof(struct zsd_entry, zsd_linkage));
4449 4827 list_create(&zone->zone_datasets, sizeof (zone_dataset_t),
4450 4828 offsetof(zone_dataset_t, zd_linkage));
4451 4829 list_create(&zone->zone_dl_list, sizeof (zone_dl_t),
4452 4830 offsetof(zone_dl_t, zdl_linkage));
4453 4831 rw_init(&zone->zone_mlps.mlpl_rwlock, NULL, RW_DEFAULT, NULL);
4454 4832 rw_init(&zone->zone_mntfs_db_lock, NULL, RW_DEFAULT, NULL);
4455 4833
4456 4834 if (flags & ZCF_NET_EXCL) {
4457 4835 zone->zone_flags |= ZF_NET_EXCL;
4458 4836 }
4459 4837
4460 4838 if ((error = zone_set_name(zone, zone_name)) != 0) {
4461 4839 zone_free(zone);
4462 4840 return (zone_create_error(error, 0, extended_error));
4463 4841 }
4464 4842
4465 4843 if ((error = zone_set_root(zone, zone_root)) != 0) {
4466 4844 zone_free(zone);
4467 4845 return (zone_create_error(error, 0, extended_error));
4468 4846 }
4469 4847 if ((error = zone_set_privset(zone, zone_privs, zone_privssz)) != 0) {
4470 4848 zone_free(zone);
4471 4849 return (zone_create_error(error, 0, extended_error));
4472 4850 }
4473 4851
4474 4852 /* initialize node name to be the same as zone name */
4475 4853 zone->zone_nodename = kmem_alloc(_SYS_NMLN, KM_SLEEP);
4476 4854 (void) strncpy(zone->zone_nodename, zone->zone_name, _SYS_NMLN);
4477 4855 zone->zone_nodename[_SYS_NMLN - 1] = '\0';
4478 4856
4479 4857 zone->zone_domain = kmem_alloc(_SYS_NMLN, KM_SLEEP);
4480 4858 zone->zone_domain[0] = '\0';
4481 4859 zone->zone_hostid = HW_INVALID_HOSTID;
4482 4860 zone->zone_shares = 1;
4483 4861 zone->zone_shmmax = 0;
4484 4862 zone->zone_ipc.ipcq_shmmni = 0;
4485 4863 zone->zone_ipc.ipcq_semmni = 0;
4486 4864 zone->zone_ipc.ipcq_msgmni = 0;
4487 4865 zone->zone_bootargs = NULL;
4488 4866 zone->zone_fs_allowed = NULL;
4489 4867 zone->zone_initname =
|
↓ open down ↓ |
41 lines elided |
↑ open up ↑ |
4490 4868 kmem_alloc(strlen(zone_default_initname) + 1, KM_SLEEP);
4491 4869 (void) strcpy(zone->zone_initname, zone_default_initname);
4492 4870 zone->zone_nlwps = 0;
4493 4871 zone->zone_nlwps_ctl = INT_MAX;
4494 4872 zone->zone_nprocs = 0;
4495 4873 zone->zone_nprocs_ctl = INT_MAX;
4496 4874 zone->zone_locked_mem = 0;
4497 4875 zone->zone_locked_mem_ctl = UINT64_MAX;
4498 4876 zone->zone_max_swap = 0;
4499 4877 zone->zone_max_swap_ctl = UINT64_MAX;
4878 + zone->zone_phys_mem = 0;
4879 + zone->zone_phys_mem_ctl = UINT64_MAX;
4500 4880 zone->zone_max_lofi = 0;
4501 4881 zone->zone_max_lofi_ctl = UINT64_MAX;
4502 4882 zone->zone_lockedmem_kstat = NULL;
4503 4883 zone->zone_swapresv_kstat = NULL;
4884 + zone->zone_physmem_kstat = NULL;
4504 4885 zone->zone_zfs_io_pri = 1;
4505 4886
4506 4887 /*
4507 4888 * Zsched initializes the rctls.
4508 4889 */
4509 4890 zone->zone_rctls = NULL;
4510 4891
4511 4892 if ((error = parse_rctls(rctlbuf, rctlbufsz, &rctls)) != 0) {
4512 4893 zone_free(zone);
4513 4894 return (zone_create_error(error, 0, extended_error));
4514 4895 }
4515 4896
4516 4897 if ((error = parse_zfs(zone, zfsbuf, zfsbufsz)) != 0) {
4517 4898 zone_free(zone);
4518 4899 return (set_errno(error));
4519 4900 }
4520 4901
4521 4902 /*
4522 4903 * Read in the trusted system parameters:
4523 4904 * match flag and sensitivity label.
4524 4905 */
4525 4906 zone->zone_match = match;
4526 4907 if (is_system_labeled() && !(zone->zone_flags & ZF_IS_SCRATCH)) {
4527 4908 /* Fail if requested to set doi to anything but system's doi */
4528 4909 if (doi != 0 && doi != default_doi) {
4529 4910 zone_free(zone);
4530 4911 return (set_errno(EINVAL));
4531 4912 }
4532 4913 /* Always apply system's doi to the zone */
4533 4914 error = zone_set_label(zone, label, default_doi);
4534 4915 if (error != 0) {
4535 4916 zone_free(zone);
4536 4917 return (set_errno(error));
4537 4918 }
4538 4919 insert_label_hash = B_TRUE;
4539 4920 } else {
4540 4921 /* all zones get an admin_low label if system is not labeled */
4541 4922 zone->zone_slabel = l_admin_low;
4542 4923 label_hold(l_admin_low);
4543 4924 insert_label_hash = B_FALSE;
4544 4925 }
4545 4926
4546 4927 /*
4547 4928 * Stop all lwps since that's what normally happens as part of fork().
4548 4929 * This needs to happen before we grab any locks to avoid deadlock
4549 4930 * (another lwp in the process could be waiting for the held lock).
4550 4931 */
4551 4932 if (curthread != pp->p_agenttp && !holdlwps(SHOLDFORK)) {
4552 4933 zone_free(zone);
4553 4934 nvlist_free(rctls);
4554 4935 return (zone_create_error(error, 0, extended_error));
4555 4936 }
4556 4937
4557 4938 if (block_mounts(zone) == 0) {
4558 4939 mutex_enter(&pp->p_lock);
4559 4940 if (curthread != pp->p_agenttp)
4560 4941 continuelwps(pp);
4561 4942 mutex_exit(&pp->p_lock);
4562 4943 zone_free(zone);
4563 4944 nvlist_free(rctls);
4564 4945 return (zone_create_error(error, 0, extended_error));
4565 4946 }
4566 4947
4567 4948 /*
4568 4949 * Set up credential for kernel access. After this, any errors
4569 4950 * should go through the dance in errout rather than calling
4570 4951 * zone_free directly.
4571 4952 */
4572 4953 zone->zone_kcred = crdup(kcred);
4573 4954 crsetzone(zone->zone_kcred, zone);
4574 4955 priv_intersect(zone->zone_privset, &CR_PPRIV(zone->zone_kcred));
4575 4956 priv_intersect(zone->zone_privset, &CR_EPRIV(zone->zone_kcred));
4576 4957 priv_intersect(zone->zone_privset, &CR_IPRIV(zone->zone_kcred));
4577 4958 priv_intersect(zone->zone_privset, &CR_LPRIV(zone->zone_kcred));
4578 4959
4579 4960 mutex_enter(&zonehash_lock);
4580 4961 /*
4581 4962 * Make sure zone doesn't already exist.
4582 4963 *
4583 4964 * If the system and zone are labeled,
4584 4965 * make sure no other zone exists that has the same label.
4585 4966 */
4586 4967 if ((ztmp = zone_find_all_by_name(zone->zone_name)) != NULL ||
4587 4968 (insert_label_hash &&
4588 4969 (ztmp = zone_find_all_by_label(zone->zone_slabel)) != NULL)) {
4589 4970 zone_status_t status;
4590 4971
4591 4972 status = zone_status_get(ztmp);
4592 4973 if (status == ZONE_IS_READY || status == ZONE_IS_RUNNING)
4593 4974 error = EEXIST;
4594 4975 else
4595 4976 error = EBUSY;
4596 4977
4597 4978 if (insert_label_hash)
4598 4979 error2 = ZE_LABELINUSE;
4599 4980
4600 4981 goto errout;
4601 4982 }
4602 4983
4603 4984 /*
4604 4985 * Don't allow zone creations which would cause one zone's rootpath to
4605 4986 * be accessible from that of another (non-global) zone.
4606 4987 */
4607 4988 if (zone_is_nested(zone->zone_rootpath)) {
4608 4989 error = EBUSY;
4609 4990 goto errout;
4610 4991 }
4611 4992
4612 4993 ASSERT(zonecount != 0); /* check for leaks */
4613 4994 if (zonecount + 1 > maxzones) {
4614 4995 error = ENOMEM;
4615 4996 goto errout;
4616 4997 }
4617 4998
4618 4999 if (zone_mount_count(zone->zone_rootpath) != 0) {
4619 5000 error = EBUSY;
4620 5001 error2 = ZE_AREMOUNTS;
4621 5002 goto errout;
4622 5003 }
4623 5004
4624 5005 /*
4625 5006 * Zone is still incomplete, but we need to drop all locks while
4626 5007 * zsched() initializes this zone's kernel process. We
4627 5008 * optimistically add the zone to the hashtable and associated
4628 5009 * lists so a parallel zone_create() doesn't try to create the
4629 5010 * same zone.
4630 5011 */
4631 5012 zonecount++;
4632 5013 (void) mod_hash_insert(zonehashbyid,
4633 5014 (mod_hash_key_t)(uintptr_t)zone->zone_id,
4634 5015 (mod_hash_val_t)(uintptr_t)zone);
4635 5016 str = kmem_alloc(strlen(zone->zone_name) + 1, KM_SLEEP);
4636 5017 (void) strcpy(str, zone->zone_name);
4637 5018 (void) mod_hash_insert(zonehashbyname, (mod_hash_key_t)str,
4638 5019 (mod_hash_val_t)(uintptr_t)zone);
4639 5020 if (insert_label_hash) {
4640 5021 (void) mod_hash_insert(zonehashbylabel,
4641 5022 (mod_hash_key_t)zone->zone_slabel, (mod_hash_val_t)zone);
4642 5023 zone->zone_flags |= ZF_HASHED_LABEL;
4643 5024 }
4644 5025
4645 5026 /*
4646 5027 * Insert into active list. At this point there are no 'hold's
4647 5028 * on the zone, but everyone else knows not to use it, so we can
4648 5029 * continue to use it. zsched() will do a zone_hold() if the
|
↓ open down ↓ |
135 lines elided |
↑ open up ↑ |
4649 5030 * newproc() is successful.
4650 5031 */
4651 5032 list_insert_tail(&zone_active, zone);
4652 5033 mutex_exit(&zonehash_lock);
4653 5034
4654 5035 zarg.zone = zone;
4655 5036 zarg.nvlist = rctls;
4656 5037 /*
4657 5038 * The process, task, and project rctls are probably wrong;
4658 5039 * we need an interface to get the default values of all rctls,
4659 - * and initialize zsched appropriately. I'm not sure that that
4660 - * makes much of a difference, though.
5040 + * and initialize zsched appropriately. However, we allow zoneadmd
5041 + * to pass down both zone and project rctls for the zone's init.
4661 5042 */
4662 5043 error = newproc(zsched, (void *)&zarg, syscid, minclsyspri, NULL, 0);
4663 5044 if (error != 0) {
4664 5045 /*
4665 5046 * We need to undo all globally visible state.
4666 5047 */
4667 5048 mutex_enter(&zonehash_lock);
4668 5049 list_remove(&zone_active, zone);
4669 5050 if (zone->zone_flags & ZF_HASHED_LABEL) {
4670 5051 ASSERT(zone->zone_slabel != NULL);
4671 5052 (void) mod_hash_destroy(zonehashbylabel,
4672 5053 (mod_hash_key_t)zone->zone_slabel);
4673 5054 }
4674 5055 (void) mod_hash_destroy(zonehashbyname,
4675 5056 (mod_hash_key_t)(uintptr_t)zone->zone_name);
4676 5057 (void) mod_hash_destroy(zonehashbyid,
4677 5058 (mod_hash_key_t)(uintptr_t)zone->zone_id);
4678 5059 ASSERT(zonecount > 1);
4679 5060 zonecount--;
4680 5061 goto errout;
4681 5062 }
4682 5063
4683 5064 /*
4684 5065 * Zone creation can't fail from now on.
4685 5066 */
4686 5067
4687 5068 /*
4688 5069 * Create zone kstats
4689 5070 */
4690 5071 zone_kstat_create(zone);
4691 5072
4692 5073 /*
4693 5074 * Let the other lwps continue.
4694 5075 */
4695 5076 mutex_enter(&pp->p_lock);
4696 5077 if (curthread != pp->p_agenttp)
4697 5078 continuelwps(pp);
4698 5079 mutex_exit(&pp->p_lock);
4699 5080
4700 5081 /*
4701 5082 * Wait for zsched to finish initializing the zone.
4702 5083 */
4703 5084 zone_status_wait(zone, ZONE_IS_READY);
4704 5085 /*
4705 5086 * The zone is fully visible, so we can let mounts progress.
4706 5087 */
4707 5088 resume_mounts(zone);
4708 5089 nvlist_free(rctls);
4709 5090
4710 5091 return (zoneid);
4711 5092
4712 5093 errout:
4713 5094 mutex_exit(&zonehash_lock);
4714 5095 /*
4715 5096 * Let the other lwps continue.
4716 5097 */
4717 5098 mutex_enter(&pp->p_lock);
4718 5099 if (curthread != pp->p_agenttp)
4719 5100 continuelwps(pp);
4720 5101 mutex_exit(&pp->p_lock);
4721 5102
4722 5103 resume_mounts(zone);
4723 5104 nvlist_free(rctls);
4724 5105 /*
4725 5106 * There is currently one reference to the zone, a cred_ref from
4726 5107 * zone_kcred. To free the zone, we call crfree, which will call
4727 5108 * zone_cred_rele, which will call zone_free.
4728 5109 */
4729 5110 ASSERT(zone->zone_cred_ref == 1);
4730 5111 ASSERT(zone->zone_kcred->cr_ref == 1);
4731 5112 ASSERT(zone->zone_ref == 0);
4732 5113 zkcr = zone->zone_kcred;
4733 5114 zone->zone_kcred = NULL;
4734 5115 crfree(zkcr); /* triggers call to zone_free */
4735 5116 return (zone_create_error(error, error2, extended_error));
4736 5117 }
4737 5118
4738 5119 /*
4739 5120 * Cause the zone to boot. This is pretty simple, since we let zoneadmd do
4740 5121 * the heavy lifting. initname is the path to the program to launch
4741 5122 * at the "top" of the zone; if this is NULL, we use the system default,
4742 5123 * which is stored at zone_default_initname.
4743 5124 */
4744 5125 static int
4745 5126 zone_boot(zoneid_t zoneid)
4746 5127 {
4747 5128 int err;
4748 5129 zone_t *zone;
4749 5130
4750 5131 if (secpolicy_zone_config(CRED()) != 0)
4751 5132 return (set_errno(EPERM));
4752 5133 if (zoneid < MIN_USERZONEID || zoneid > MAX_ZONEID)
4753 5134 return (set_errno(EINVAL));
4754 5135
4755 5136 mutex_enter(&zonehash_lock);
4756 5137 /*
4757 5138 * Look for zone under hash lock to prevent races with calls to
4758 5139 * zone_shutdown, zone_destroy, etc.
4759 5140 */
4760 5141 if ((zone = zone_find_all_by_id(zoneid)) == NULL) {
4761 5142 mutex_exit(&zonehash_lock);
4762 5143 return (set_errno(EINVAL));
4763 5144 }
4764 5145
4765 5146 mutex_enter(&zone_status_lock);
4766 5147 if (zone_status_get(zone) != ZONE_IS_READY) {
4767 5148 mutex_exit(&zone_status_lock);
4768 5149 mutex_exit(&zonehash_lock);
4769 5150 return (set_errno(EINVAL));
4770 5151 }
4771 5152 zone_status_set(zone, ZONE_IS_BOOTING);
4772 5153 mutex_exit(&zone_status_lock);
4773 5154
4774 5155 zone_hold(zone); /* so we can use the zone_t later */
4775 5156 mutex_exit(&zonehash_lock);
4776 5157
4777 5158 if (zone_status_wait_sig(zone, ZONE_IS_RUNNING) == 0) {
4778 5159 zone_rele(zone);
4779 5160 return (set_errno(EINTR));
4780 5161 }
4781 5162
4782 5163 /*
4783 5164 * Boot (starting init) might have failed, in which case the zone
4784 5165 * will go to the SHUTTING_DOWN state; an appropriate errno will
4785 5166 * be placed in zone->zone_boot_err, and so we return that.
4786 5167 */
4787 5168 err = zone->zone_boot_err;
4788 5169 zone_rele(zone);
4789 5170 return (err ? set_errno(err) : 0);
4790 5171 }
4791 5172
4792 5173 /*
4793 5174 * Kills all user processes in the zone, waiting for them all to exit
4794 5175 * before returning.
4795 5176 */
4796 5177 static int
4797 5178 zone_empty(zone_t *zone)
4798 5179 {
4799 5180 int waitstatus;
4800 5181
4801 5182 /*
4802 5183 * We need to drop zonehash_lock before killing all
4803 5184 * processes, otherwise we'll deadlock with zone_find_*
4804 5185 * which can be called from the exit path.
4805 5186 */
4806 5187 ASSERT(MUTEX_NOT_HELD(&zonehash_lock));
4807 5188 while ((waitstatus = zone_status_timedwait_sig(zone,
4808 5189 ddi_get_lbolt() + hz, ZONE_IS_EMPTY)) == -1) {
4809 5190 killall(zone->zone_id);
4810 5191 }
4811 5192 /*
4812 5193 * return EINTR if we were signaled
4813 5194 */
4814 5195 if (waitstatus == 0)
4815 5196 return (EINTR);
4816 5197 return (0);
4817 5198 }
4818 5199
4819 5200 /*
4820 5201 * This function implements the policy for zone visibility.
4821 5202 *
4822 5203 * In standard Solaris, a non-global zone can only see itself.
4823 5204 *
4824 5205 * In Trusted Extensions, a labeled zone can lookup any zone whose label
4825 5206 * it dominates. For this test, the label of the global zone is treated as
4826 5207 * admin_high so it is special-cased instead of being checked for dominance.
4827 5208 *
4828 5209 * Returns true if zone attributes are viewable, false otherwise.
4829 5210 */
4830 5211 static boolean_t
4831 5212 zone_list_access(zone_t *zone)
4832 5213 {
4833 5214
4834 5215 if (curproc->p_zone == global_zone ||
4835 5216 curproc->p_zone == zone) {
4836 5217 return (B_TRUE);
4837 5218 } else if (is_system_labeled() && !(zone->zone_flags & ZF_IS_SCRATCH)) {
4838 5219 bslabel_t *curproc_label;
4839 5220 bslabel_t *zone_label;
4840 5221
4841 5222 curproc_label = label2bslabel(curproc->p_zone->zone_slabel);
4842 5223 zone_label = label2bslabel(zone->zone_slabel);
4843 5224
4844 5225 if (zone->zone_id != GLOBAL_ZONEID &&
4845 5226 bldominates(curproc_label, zone_label)) {
4846 5227 return (B_TRUE);
4847 5228 } else {
4848 5229 return (B_FALSE);
4849 5230 }
4850 5231 } else {
4851 5232 return (B_FALSE);
4852 5233 }
4853 5234 }
4854 5235
4855 5236 /*
4856 5237 * Systemcall to start the zone's halt sequence. By the time this
4857 5238 * function successfully returns, all user processes and kernel threads
4858 5239 * executing in it will have exited, ZSD shutdown callbacks executed,
4859 5240 * and the zone status set to ZONE_IS_DOWN.
4860 5241 *
4861 5242 * It is possible that the call will interrupt itself if the caller is the
4862 5243 * parent of any process running in the zone, and doesn't have SIGCHLD blocked.
4863 5244 */
4864 5245 static int
4865 5246 zone_shutdown(zoneid_t zoneid)
4866 5247 {
4867 5248 int error;
4868 5249 zone_t *zone;
4869 5250 zone_status_t status;
4870 5251
4871 5252 if (secpolicy_zone_config(CRED()) != 0)
4872 5253 return (set_errno(EPERM));
4873 5254 if (zoneid < MIN_USERZONEID || zoneid > MAX_ZONEID)
4874 5255 return (set_errno(EINVAL));
4875 5256
4876 5257 mutex_enter(&zonehash_lock);
4877 5258 /*
4878 5259 * Look for zone under hash lock to prevent races with other
4879 5260 * calls to zone_shutdown and zone_destroy.
4880 5261 */
4881 5262 if ((zone = zone_find_all_by_id(zoneid)) == NULL) {
4882 5263 mutex_exit(&zonehash_lock);
4883 5264 return (set_errno(EINVAL));
4884 5265 }
4885 5266
4886 5267 /*
4887 5268 * We have to drop zonehash_lock before calling block_mounts.
4888 5269 * Hold the zone so we can continue to use the zone_t.
4889 5270 */
4890 5271 zone_hold(zone);
4891 5272 mutex_exit(&zonehash_lock);
4892 5273
4893 5274 /*
4894 5275 * Block mounts so that VFS_MOUNT() can get an accurate view of
4895 5276 * the zone's status with regards to ZONE_IS_SHUTTING down.
4896 5277 *
4897 5278 * e.g. NFS can fail the mount if it determines that the zone
4898 5279 * has already begun the shutdown sequence.
4899 5280 *
4900 5281 */
4901 5282 if (block_mounts(zone) == 0) {
4902 5283 zone_rele(zone);
4903 5284 return (set_errno(EINTR));
4904 5285 }
4905 5286
4906 5287 mutex_enter(&zonehash_lock);
4907 5288 mutex_enter(&zone_status_lock);
4908 5289 status = zone_status_get(zone);
4909 5290 /*
4910 5291 * Fail if the zone isn't fully initialized yet.
4911 5292 */
4912 5293 if (status < ZONE_IS_READY) {
4913 5294 mutex_exit(&zone_status_lock);
4914 5295 mutex_exit(&zonehash_lock);
4915 5296 resume_mounts(zone);
4916 5297 zone_rele(zone);
4917 5298 return (set_errno(EINVAL));
4918 5299 }
4919 5300 /*
4920 5301 * If conditions required for zone_shutdown() to return have been met,
4921 5302 * return success.
4922 5303 */
4923 5304 if (status >= ZONE_IS_DOWN) {
4924 5305 mutex_exit(&zone_status_lock);
4925 5306 mutex_exit(&zonehash_lock);
4926 5307 resume_mounts(zone);
4927 5308 zone_rele(zone);
4928 5309 return (0);
4929 5310 }
4930 5311 /*
4931 5312 * If zone_shutdown() hasn't been called before, go through the motions.
4932 5313 * If it has, there's nothing to do but wait for the kernel threads to
4933 5314 * drain.
4934 5315 */
4935 5316 if (status < ZONE_IS_EMPTY) {
4936 5317 uint_t ntasks;
4937 5318
4938 5319 mutex_enter(&zone->zone_lock);
4939 5320 if ((ntasks = zone->zone_ntasks) != 1) {
4940 5321 /*
4941 5322 * There's still stuff running.
4942 5323 */
4943 5324 zone_status_set(zone, ZONE_IS_SHUTTING_DOWN);
4944 5325 }
4945 5326 mutex_exit(&zone->zone_lock);
4946 5327 if (ntasks == 1) {
4947 5328 /*
4948 5329 * The only way to create another task is through
4949 5330 * zone_enter(), which will block until we drop
4950 5331 * zonehash_lock. The zone is empty.
4951 5332 */
4952 5333 if (zone->zone_kthreads == NULL) {
4953 5334 /*
4954 5335 * Skip ahead to ZONE_IS_DOWN
4955 5336 */
4956 5337 zone_status_set(zone, ZONE_IS_DOWN);
4957 5338 } else {
4958 5339 zone_status_set(zone, ZONE_IS_EMPTY);
4959 5340 }
4960 5341 }
4961 5342 }
4962 5343 mutex_exit(&zone_status_lock);
4963 5344 mutex_exit(&zonehash_lock);
4964 5345 resume_mounts(zone);
4965 5346
4966 5347 if (error = zone_empty(zone)) {
4967 5348 zone_rele(zone);
4968 5349 return (set_errno(error));
4969 5350 }
4970 5351 /*
4971 5352 * After the zone status goes to ZONE_IS_DOWN this zone will no
4972 5353 * longer be notified of changes to the pools configuration, so
4973 5354 * in order to not end up with a stale pool pointer, we point
4974 5355 * ourselves at the default pool and remove all resource
4975 5356 * visibility. This is especially important as the zone_t may
4976 5357 * languish on the deathrow for a very long time waiting for
4977 5358 * cred's to drain out.
4978 5359 *
4979 5360 * This rebinding of the zone can happen multiple times
4980 5361 * (presumably due to interrupted or parallel systemcalls)
4981 5362 * without any adverse effects.
4982 5363 */
4983 5364 if (pool_lock_intr() != 0) {
4984 5365 zone_rele(zone);
4985 5366 return (set_errno(EINTR));
4986 5367 }
4987 5368 if (pool_state == POOL_ENABLED) {
4988 5369 mutex_enter(&cpu_lock);
4989 5370 zone_pool_set(zone, pool_default);
4990 5371 /*
4991 5372 * The zone no longer needs to be able to see any cpus.
4992 5373 */
4993 5374 zone_pset_set(zone, ZONE_PS_INVAL);
4994 5375 mutex_exit(&cpu_lock);
4995 5376 }
4996 5377 pool_unlock();
4997 5378
4998 5379 /*
4999 5380 * ZSD shutdown callbacks can be executed multiple times, hence
5000 5381 * it is safe to not be holding any locks across this call.
5001 5382 */
5002 5383 zone_zsd_callbacks(zone, ZSD_SHUTDOWN);
5003 5384
5004 5385 mutex_enter(&zone_status_lock);
5005 5386 if (zone->zone_kthreads == NULL && zone_status_get(zone) < ZONE_IS_DOWN)
5006 5387 zone_status_set(zone, ZONE_IS_DOWN);
5007 5388 mutex_exit(&zone_status_lock);
5008 5389
5009 5390 /*
5010 5391 * Wait for kernel threads to drain.
5011 5392 */
5012 5393 if (!zone_status_wait_sig(zone, ZONE_IS_DOWN)) {
5013 5394 zone_rele(zone);
5014 5395 return (set_errno(EINTR));
5015 5396 }
5016 5397
5017 5398 /*
5018 5399 * Zone can be become down/destroyable even if the above wait
5019 5400 * returns EINTR, so any code added here may never execute.
5020 5401 * (i.e. don't add code here)
5021 5402 */
5022 5403
5023 5404 zone_rele(zone);
5024 5405 return (0);
5025 5406 }
5026 5407
5027 5408 /*
5028 5409 * Log the specified zone's reference counts. The caller should not be
5029 5410 * holding the zone's zone_lock.
5030 5411 */
5031 5412 static void
5032 5413 zone_log_refcounts(zone_t *zone)
5033 5414 {
5034 5415 char *buffer;
5035 5416 char *buffer_position;
5036 5417 uint32_t buffer_size;
5037 5418 uint32_t index;
5038 5419 uint_t ref;
5039 5420 uint_t cred_ref;
5040 5421
5041 5422 /*
5042 5423 * Construct a string representing the subsystem-specific reference
5043 5424 * counts. The counts are printed in ascending order by index into the
5044 5425 * zone_t::zone_subsys_ref array. The list will be surrounded by
5045 5426 * square brackets [] and will only contain nonzero reference counts.
5046 5427 *
5047 5428 * The buffer will hold two square bracket characters plus ten digits,
5048 5429 * one colon, one space, one comma, and some characters for a
5049 5430 * subsystem name per subsystem-specific reference count. (Unsigned 32-
5050 5431 * bit integers have at most ten decimal digits.) The last
5051 5432 * reference count's comma is replaced by the closing square
5052 5433 * bracket and a NULL character to terminate the string.
5053 5434 *
5054 5435 * NOTE: We have to grab the zone's zone_lock to create a consistent
5055 5436 * snapshot of the zone's reference counters.
5056 5437 *
5057 5438 * First, figure out how much space the string buffer will need.
5058 5439 * The buffer's size is stored in buffer_size.
5059 5440 */
5060 5441 buffer_size = 2; /* for the square brackets */
5061 5442 mutex_enter(&zone->zone_lock);
5062 5443 zone->zone_flags |= ZF_REFCOUNTS_LOGGED;
5063 5444 ref = zone->zone_ref;
5064 5445 cred_ref = zone->zone_cred_ref;
5065 5446 for (index = 0; index < ZONE_REF_NUM_SUBSYS; ++index)
5066 5447 if (zone->zone_subsys_ref[index] != 0)
5067 5448 buffer_size += strlen(zone_ref_subsys_names[index]) +
5068 5449 13;
5069 5450 if (buffer_size == 2) {
5070 5451 /*
5071 5452 * No subsystems had nonzero reference counts. Don't bother
5072 5453 * with allocating a buffer; just log the general-purpose and
5073 5454 * credential reference counts.
5074 5455 */
5075 5456 mutex_exit(&zone->zone_lock);
5076 5457 (void) strlog(0, 0, 1, SL_CONSOLE | SL_NOTE,
5077 5458 "Zone '%s' (ID: %d) is shutting down, but %u zone "
5078 5459 "references and %u credential references are still extant",
5079 5460 zone->zone_name, zone->zone_id, ref, cred_ref);
5080 5461 return;
5081 5462 }
5082 5463
5083 5464 /*
5084 5465 * buffer_size contains the exact number of characters that the
5085 5466 * buffer will need. Allocate the buffer and fill it with nonzero
5086 5467 * subsystem-specific reference counts. Surround the results with
5087 5468 * square brackets afterwards.
5088 5469 */
5089 5470 buffer = kmem_alloc(buffer_size, KM_SLEEP);
5090 5471 buffer_position = &buffer[1];
5091 5472 for (index = 0; index < ZONE_REF_NUM_SUBSYS; ++index) {
5092 5473 /*
5093 5474 * NOTE: The DDI's version of sprintf() returns a pointer to
5094 5475 * the modified buffer rather than the number of bytes written
5095 5476 * (as in snprintf(3C)). This is unfortunate and annoying.
5096 5477 * Therefore, we'll use snprintf() with INT_MAX to get the
5097 5478 * number of bytes written. Using INT_MAX is safe because
5098 5479 * the buffer is perfectly sized for the data: we'll never
5099 5480 * overrun the buffer.
5100 5481 */
5101 5482 if (zone->zone_subsys_ref[index] != 0)
5102 5483 buffer_position += snprintf(buffer_position, INT_MAX,
5103 5484 "%s: %u,", zone_ref_subsys_names[index],
5104 5485 zone->zone_subsys_ref[index]);
5105 5486 }
5106 5487 mutex_exit(&zone->zone_lock);
5107 5488 buffer[0] = '[';
5108 5489 ASSERT((uintptr_t)(buffer_position - buffer) < buffer_size);
5109 5490 ASSERT(buffer_position[0] == '\0' && buffer_position[-1] == ',');
5110 5491 buffer_position[-1] = ']';
5111 5492
5112 5493 /*
5113 5494 * Log the reference counts and free the message buffer.
5114 5495 */
5115 5496 (void) strlog(0, 0, 1, SL_CONSOLE | SL_NOTE,
5116 5497 "Zone '%s' (ID: %d) is shutting down, but %u zone references and "
5117 5498 "%u credential references are still extant %s", zone->zone_name,
5118 5499 zone->zone_id, ref, cred_ref, buffer);
5119 5500 kmem_free(buffer, buffer_size);
5120 5501 }
5121 5502
5122 5503 /*
5123 5504 * Systemcall entry point to finalize the zone halt process. The caller
5124 5505 * must have already successfully called zone_shutdown().
5125 5506 *
5126 5507 * Upon successful completion, the zone will have been fully destroyed:
5127 5508 * zsched will have exited, destructor callbacks executed, and the zone
5128 5509 * removed from the list of active zones.
5129 5510 */
5130 5511 static int
5131 5512 zone_destroy(zoneid_t zoneid)
5132 5513 {
5133 5514 uint64_t uniqid;
5134 5515 zone_t *zone;
5135 5516 zone_status_t status;
5136 5517 clock_t wait_time;
5137 5518 boolean_t log_refcounts;
5138 5519
5139 5520 if (secpolicy_zone_config(CRED()) != 0)
5140 5521 return (set_errno(EPERM));
5141 5522 if (zoneid < MIN_USERZONEID || zoneid > MAX_ZONEID)
5142 5523 return (set_errno(EINVAL));
5143 5524
5144 5525 mutex_enter(&zonehash_lock);
5145 5526 /*
5146 5527 * Look for zone under hash lock to prevent races with other
5147 5528 * calls to zone_destroy.
5148 5529 */
5149 5530 if ((zone = zone_find_all_by_id(zoneid)) == NULL) {
5150 5531 mutex_exit(&zonehash_lock);
5151 5532 return (set_errno(EINVAL));
5152 5533 }
5153 5534
5154 5535 if (zone_mount_count(zone->zone_rootpath) != 0) {
5155 5536 mutex_exit(&zonehash_lock);
5156 5537 return (set_errno(EBUSY));
5157 5538 }
5158 5539 mutex_enter(&zone_status_lock);
5159 5540 status = zone_status_get(zone);
5160 5541 if (status < ZONE_IS_DOWN) {
5161 5542 mutex_exit(&zone_status_lock);
5162 5543 mutex_exit(&zonehash_lock);
5163 5544 return (set_errno(EBUSY));
5164 5545 } else if (status == ZONE_IS_DOWN) {
5165 5546 zone_status_set(zone, ZONE_IS_DYING); /* Tell zsched to exit */
5166 5547 }
5167 5548 mutex_exit(&zone_status_lock);
5168 5549 zone_hold(zone);
5169 5550 mutex_exit(&zonehash_lock);
5170 5551
5171 5552 /*
5172 5553 * wait for zsched to exit
5173 5554 */
5174 5555 zone_status_wait(zone, ZONE_IS_DEAD);
5175 5556 zone_zsd_callbacks(zone, ZSD_DESTROY);
5176 5557 zone->zone_netstack = NULL;
5177 5558 uniqid = zone->zone_uniqid;
5178 5559 zone_rele(zone);
5179 5560 zone = NULL; /* potentially free'd */
5180 5561
5181 5562 log_refcounts = B_FALSE;
5182 5563 wait_time = SEC_TO_TICK(ZONE_DESTROY_TIMEOUT_SECS);
5183 5564 mutex_enter(&zonehash_lock);
5184 5565 for (; /* ever */; ) {
5185 5566 boolean_t unref;
5186 5567 boolean_t refs_have_been_logged;
5187 5568
5188 5569 if ((zone = zone_find_all_by_id(zoneid)) == NULL ||
5189 5570 zone->zone_uniqid != uniqid) {
5190 5571 /*
5191 5572 * The zone has gone away. Necessary conditions
5192 5573 * are met, so we return success.
5193 5574 */
5194 5575 mutex_exit(&zonehash_lock);
5195 5576 return (0);
5196 5577 }
5197 5578 mutex_enter(&zone->zone_lock);
5198 5579 unref = ZONE_IS_UNREF(zone);
5199 5580 refs_have_been_logged = (zone->zone_flags &
5200 5581 ZF_REFCOUNTS_LOGGED);
5201 5582 mutex_exit(&zone->zone_lock);
5202 5583 if (unref) {
5203 5584 /*
5204 5585 * There is only one reference to the zone -- that
5205 5586 * added when the zone was added to the hashtables --
5206 5587 * and things will remain this way until we drop
5207 5588 * zonehash_lock... we can go ahead and cleanup the
5208 5589 * zone.
5209 5590 */
5210 5591 break;
5211 5592 }
5212 5593
5213 5594 /*
5214 5595 * Wait for zone_rele_common() or zone_cred_rele() to signal
5215 5596 * zone_destroy_cv. zone_destroy_cv is signaled only when
5216 5597 * some zone's general-purpose reference count reaches one.
5217 5598 * If ZONE_DESTROY_TIMEOUT_SECS seconds elapse while waiting
5218 5599 * on zone_destroy_cv, then log the zone's reference counts and
5219 5600 * continue to wait for zone_rele() and zone_cred_rele().
5220 5601 */
5221 5602 if (!refs_have_been_logged) {
5222 5603 if (!log_refcounts) {
5223 5604 /*
5224 5605 * This thread hasn't timed out waiting on
5225 5606 * zone_destroy_cv yet. Wait wait_time clock
5226 5607 * ticks (initially ZONE_DESTROY_TIMEOUT_SECS
5227 5608 * seconds) for the zone's references to clear.
5228 5609 */
5229 5610 ASSERT(wait_time > 0);
5230 5611 wait_time = cv_reltimedwait_sig(
5231 5612 &zone_destroy_cv, &zonehash_lock, wait_time,
5232 5613 TR_SEC);
5233 5614 if (wait_time > 0) {
5234 5615 /*
5235 5616 * A thread in zone_rele() or
5236 5617 * zone_cred_rele() signaled
5237 5618 * zone_destroy_cv before this thread's
5238 5619 * wait timed out. The zone might have
5239 5620 * only one reference left; find out!
5240 5621 */
5241 5622 continue;
5242 5623 } else if (wait_time == 0) {
5243 5624 /* The thread's process was signaled. */
5244 5625 mutex_exit(&zonehash_lock);
5245 5626 return (set_errno(EINTR));
5246 5627 }
5247 5628
5248 5629 /*
5249 5630 * The thread timed out while waiting on
5250 5631 * zone_destroy_cv. Even though the thread
5251 5632 * timed out, it has to check whether another
5252 5633 * thread woke up from zone_destroy_cv and
5253 5634 * destroyed the zone.
5254 5635 *
5255 5636 * If the zone still exists and has more than
5256 5637 * one unreleased general-purpose reference,
5257 5638 * then log the zone's reference counts.
5258 5639 */
5259 5640 log_refcounts = B_TRUE;
5260 5641 continue;
5261 5642 }
5262 5643
5263 5644 /*
5264 5645 * The thread already timed out on zone_destroy_cv while
5265 5646 * waiting for subsystems to release the zone's last
5266 5647 * general-purpose references. Log the zone's reference
5267 5648 * counts and wait indefinitely on zone_destroy_cv.
5268 5649 */
5269 5650 zone_log_refcounts(zone);
5270 5651 }
5271 5652 if (cv_wait_sig(&zone_destroy_cv, &zonehash_lock) == 0) {
5272 5653 /* The thread's process was signaled. */
5273 5654 mutex_exit(&zonehash_lock);
5274 5655 return (set_errno(EINTR));
5275 5656 }
5276 5657 }
5277 5658
5278 5659 /*
5279 5660 * Remove CPU cap for this zone now since we're not going to
5280 5661 * fail below this point.
5281 5662 */
5282 5663 cpucaps_zone_remove(zone);
5283 5664
5284 5665 /* Get rid of the zone's kstats */
5285 5666 zone_kstat_delete(zone);
5286 5667
5287 5668 /* remove the pfexecd doors */
5288 5669 if (zone->zone_pfexecd != NULL) {
5289 5670 klpd_freelist(&zone->zone_pfexecd);
5290 5671 zone->zone_pfexecd = NULL;
5291 5672 }
5292 5673
5293 5674 /* free brand specific data */
5294 5675 if (ZONE_IS_BRANDED(zone))
5295 5676 ZBROP(zone)->b_free_brand_data(zone);
5296 5677
5297 5678 /* Say goodbye to brand framework. */
5298 5679 brand_unregister_zone(zone->zone_brand);
5299 5680
5300 5681 /*
5301 5682 * It is now safe to let the zone be recreated; remove it from the
5302 5683 * lists. The memory will not be freed until the last cred
5303 5684 * reference goes away.
5304 5685 */
5305 5686 ASSERT(zonecount > 1); /* must be > 1; can't destroy global zone */
5306 5687 zonecount--;
5307 5688 /* remove from active list and hash tables */
5308 5689 list_remove(&zone_active, zone);
5309 5690 (void) mod_hash_destroy(zonehashbyname,
5310 5691 (mod_hash_key_t)zone->zone_name);
5311 5692 (void) mod_hash_destroy(zonehashbyid,
5312 5693 (mod_hash_key_t)(uintptr_t)zone->zone_id);
5313 5694 if (zone->zone_flags & ZF_HASHED_LABEL)
5314 5695 (void) mod_hash_destroy(zonehashbylabel,
5315 5696 (mod_hash_key_t)zone->zone_slabel);
5316 5697 mutex_exit(&zonehash_lock);
5317 5698
5318 5699 /*
5319 5700 * Release the root vnode; we're not using it anymore. Nor should any
5320 5701 * other thread that might access it exist.
5321 5702 */
5322 5703 if (zone->zone_rootvp != NULL) {
5323 5704 VN_RELE(zone->zone_rootvp);
5324 5705 zone->zone_rootvp = NULL;
5325 5706 }
5326 5707
5327 5708 /* add to deathrow list */
5328 5709 mutex_enter(&zone_deathrow_lock);
5329 5710 list_insert_tail(&zone_deathrow, zone);
5330 5711 mutex_exit(&zone_deathrow_lock);
5331 5712
5332 5713 /*
5333 5714 * Drop last reference (which was added by zsched()), this will
5334 5715 * free the zone unless there are outstanding cred references.
5335 5716 */
5336 5717 zone_rele(zone);
5337 5718 return (0);
5338 5719 }
5339 5720
5340 5721 /*
5341 5722 * Systemcall entry point for zone_getattr(2).
5342 5723 */
5343 5724 static ssize_t
5344 5725 zone_getattr(zoneid_t zoneid, int attr, void *buf, size_t bufsize)
5345 5726 {
5346 5727 size_t size;
5347 5728 int error = 0, err;
5348 5729 zone_t *zone;
5349 5730 char *zonepath;
5350 5731 char *outstr;
5351 5732 zone_status_t zone_status;
5352 5733 pid_t initpid;
5353 5734 boolean_t global = (curzone == global_zone);
5354 5735 boolean_t inzone = (curzone->zone_id == zoneid);
5355 5736 ushort_t flags;
5356 5737 zone_net_data_t *zbuf;
5357 5738
5358 5739 mutex_enter(&zonehash_lock);
5359 5740 if ((zone = zone_find_all_by_id(zoneid)) == NULL) {
5360 5741 mutex_exit(&zonehash_lock);
5361 5742 return (set_errno(EINVAL));
5362 5743 }
5363 5744 zone_status = zone_status_get(zone);
5364 5745 if (zone_status < ZONE_IS_INITIALIZED) {
5365 5746 mutex_exit(&zonehash_lock);
5366 5747 return (set_errno(EINVAL));
5367 5748 }
5368 5749 zone_hold(zone);
5369 5750 mutex_exit(&zonehash_lock);
5370 5751
5371 5752 /*
5372 5753 * If not in the global zone, don't show information about other zones,
5373 5754 * unless the system is labeled and the local zone's label dominates
5374 5755 * the other zone.
5375 5756 */
5376 5757 if (!zone_list_access(zone)) {
5377 5758 zone_rele(zone);
5378 5759 return (set_errno(EINVAL));
5379 5760 }
5380 5761
5381 5762 switch (attr) {
5382 5763 case ZONE_ATTR_ROOT:
5383 5764 if (global) {
5384 5765 /*
5385 5766 * Copy the path to trim the trailing "/" (except for
5386 5767 * the global zone).
5387 5768 */
5388 5769 if (zone != global_zone)
5389 5770 size = zone->zone_rootpathlen - 1;
5390 5771 else
5391 5772 size = zone->zone_rootpathlen;
5392 5773 zonepath = kmem_alloc(size, KM_SLEEP);
5393 5774 bcopy(zone->zone_rootpath, zonepath, size);
5394 5775 zonepath[size - 1] = '\0';
5395 5776 } else {
5396 5777 if (inzone || !is_system_labeled()) {
5397 5778 /*
5398 5779 * Caller is not in the global zone.
5399 5780 * if the query is on the current zone
5400 5781 * or the system is not labeled,
5401 5782 * just return faked-up path for current zone.
5402 5783 */
5403 5784 zonepath = "/";
5404 5785 size = 2;
5405 5786 } else {
5406 5787 /*
5407 5788 * Return related path for current zone.
5408 5789 */
5409 5790 int prefix_len = strlen(zone_prefix);
5410 5791 int zname_len = strlen(zone->zone_name);
5411 5792
5412 5793 size = prefix_len + zname_len + 1;
5413 5794 zonepath = kmem_alloc(size, KM_SLEEP);
5414 5795 bcopy(zone_prefix, zonepath, prefix_len);
5415 5796 bcopy(zone->zone_name, zonepath +
5416 5797 prefix_len, zname_len);
5417 5798 zonepath[size - 1] = '\0';
5418 5799 }
5419 5800 }
5420 5801 if (bufsize > size)
5421 5802 bufsize = size;
5422 5803 if (buf != NULL) {
5423 5804 err = copyoutstr(zonepath, buf, bufsize, NULL);
5424 5805 if (err != 0 && err != ENAMETOOLONG)
5425 5806 error = EFAULT;
5426 5807 }
5427 5808 if (global || (is_system_labeled() && !inzone))
5428 5809 kmem_free(zonepath, size);
5429 5810 break;
5430 5811
5431 5812 case ZONE_ATTR_NAME:
5432 5813 size = strlen(zone->zone_name) + 1;
5433 5814 if (bufsize > size)
5434 5815 bufsize = size;
5435 5816 if (buf != NULL) {
5436 5817 err = copyoutstr(zone->zone_name, buf, bufsize, NULL);
5437 5818 if (err != 0 && err != ENAMETOOLONG)
5438 5819 error = EFAULT;
5439 5820 }
5440 5821 break;
5441 5822
5442 5823 case ZONE_ATTR_STATUS:
5443 5824 /*
5444 5825 * Since we're not holding zonehash_lock, the zone status
5445 5826 * may be anything; leave it up to userland to sort it out.
5446 5827 */
5447 5828 size = sizeof (zone_status);
5448 5829 if (bufsize > size)
5449 5830 bufsize = size;
5450 5831 zone_status = zone_status_get(zone);
5451 5832 if (buf != NULL &&
5452 5833 copyout(&zone_status, buf, bufsize) != 0)
5453 5834 error = EFAULT;
5454 5835 break;
5455 5836 case ZONE_ATTR_FLAGS:
5456 5837 size = sizeof (zone->zone_flags);
5457 5838 if (bufsize > size)
5458 5839 bufsize = size;
5459 5840 flags = zone->zone_flags;
5460 5841 if (buf != NULL &&
5461 5842 copyout(&flags, buf, bufsize) != 0)
5462 5843 error = EFAULT;
5463 5844 break;
5464 5845 case ZONE_ATTR_PRIVSET:
5465 5846 size = sizeof (priv_set_t);
5466 5847 if (bufsize > size)
5467 5848 bufsize = size;
5468 5849 if (buf != NULL &&
5469 5850 copyout(zone->zone_privset, buf, bufsize) != 0)
5470 5851 error = EFAULT;
5471 5852 break;
5472 5853 case ZONE_ATTR_UNIQID:
5473 5854 size = sizeof (zone->zone_uniqid);
5474 5855 if (bufsize > size)
5475 5856 bufsize = size;
5476 5857 if (buf != NULL &&
5477 5858 copyout(&zone->zone_uniqid, buf, bufsize) != 0)
5478 5859 error = EFAULT;
5479 5860 break;
5480 5861 case ZONE_ATTR_POOLID:
5481 5862 {
5482 5863 pool_t *pool;
5483 5864 poolid_t poolid;
5484 5865
5485 5866 if (pool_lock_intr() != 0) {
5486 5867 error = EINTR;
5487 5868 break;
5488 5869 }
5489 5870 pool = zone_pool_get(zone);
5490 5871 poolid = pool->pool_id;
5491 5872 pool_unlock();
5492 5873 size = sizeof (poolid);
5493 5874 if (bufsize > size)
5494 5875 bufsize = size;
5495 5876 if (buf != NULL && copyout(&poolid, buf, size) != 0)
5496 5877 error = EFAULT;
5497 5878 }
5498 5879 break;
5499 5880 case ZONE_ATTR_SLBL:
5500 5881 size = sizeof (bslabel_t);
5501 5882 if (bufsize > size)
5502 5883 bufsize = size;
5503 5884 if (zone->zone_slabel == NULL)
5504 5885 error = EINVAL;
5505 5886 else if (buf != NULL &&
5506 5887 copyout(label2bslabel(zone->zone_slabel), buf,
5507 5888 bufsize) != 0)
5508 5889 error = EFAULT;
5509 5890 break;
5510 5891 case ZONE_ATTR_INITPID:
5511 5892 size = sizeof (initpid);
5512 5893 if (bufsize > size)
5513 5894 bufsize = size;
5514 5895 initpid = zone->zone_proc_initpid;
5515 5896 if (initpid == -1) {
5516 5897 error = ESRCH;
5517 5898 break;
5518 5899 }
5519 5900 if (buf != NULL &&
5520 5901 copyout(&initpid, buf, bufsize) != 0)
5521 5902 error = EFAULT;
5522 5903 break;
5523 5904 case ZONE_ATTR_BRAND:
5524 5905 size = strlen(zone->zone_brand->b_name) + 1;
5525 5906
5526 5907 if (bufsize > size)
5527 5908 bufsize = size;
5528 5909 if (buf != NULL) {
5529 5910 err = copyoutstr(zone->zone_brand->b_name, buf,
5530 5911 bufsize, NULL);
5531 5912 if (err != 0 && err != ENAMETOOLONG)
5532 5913 error = EFAULT;
5533 5914 }
5534 5915 break;
5535 5916 case ZONE_ATTR_INITNAME:
5536 5917 size = strlen(zone->zone_initname) + 1;
5537 5918 if (bufsize > size)
5538 5919 bufsize = size;
5539 5920 if (buf != NULL) {
5540 5921 err = copyoutstr(zone->zone_initname, buf, bufsize,
5541 5922 NULL);
5542 5923 if (err != 0 && err != ENAMETOOLONG)
5543 5924 error = EFAULT;
5544 5925 }
5545 5926 break;
5546 5927 case ZONE_ATTR_BOOTARGS:
5547 5928 if (zone->zone_bootargs == NULL)
5548 5929 outstr = "";
5549 5930 else
|
↓ open down ↓ |
879 lines elided |
↑ open up ↑ |
5550 5931 outstr = zone->zone_bootargs;
5551 5932 size = strlen(outstr) + 1;
5552 5933 if (bufsize > size)
5553 5934 bufsize = size;
5554 5935 if (buf != NULL) {
5555 5936 err = copyoutstr(outstr, buf, bufsize, NULL);
5556 5937 if (err != 0 && err != ENAMETOOLONG)
5557 5938 error = EFAULT;
5558 5939 }
5559 5940 break;
5560 - case ZONE_ATTR_PHYS_MCAP:
5561 - size = sizeof (zone->zone_phys_mcap);
5562 - if (bufsize > size)
5563 - bufsize = size;
5564 - if (buf != NULL &&
5565 - copyout(&zone->zone_phys_mcap, buf, bufsize) != 0)
5566 - error = EFAULT;
5567 - break;
5568 5941 case ZONE_ATTR_SCHED_CLASS:
5569 5942 mutex_enter(&class_lock);
5570 5943
5571 5944 if (zone->zone_defaultcid >= loaded_classes)
5572 5945 outstr = "";
5573 5946 else
5574 5947 outstr = sclass[zone->zone_defaultcid].cl_name;
5575 5948 size = strlen(outstr) + 1;
5576 5949 if (bufsize > size)
5577 5950 bufsize = size;
5578 5951 if (buf != NULL) {
5579 5952 err = copyoutstr(outstr, buf, bufsize, NULL);
5580 5953 if (err != 0 && err != ENAMETOOLONG)
5581 5954 error = EFAULT;
5582 5955 }
5583 5956
5584 5957 mutex_exit(&class_lock);
5585 5958 break;
5586 5959 case ZONE_ATTR_HOSTID:
5587 5960 if (zone->zone_hostid != HW_INVALID_HOSTID &&
5588 5961 bufsize == sizeof (zone->zone_hostid)) {
5589 5962 size = sizeof (zone->zone_hostid);
5590 5963 if (buf != NULL && copyout(&zone->zone_hostid, buf,
5591 5964 bufsize) != 0)
5592 5965 error = EFAULT;
5593 5966 } else {
5594 5967 error = EINVAL;
5595 5968 }
5596 5969 break;
5597 5970 case ZONE_ATTR_FS_ALLOWED:
5598 5971 if (zone->zone_fs_allowed == NULL)
5599 5972 outstr = "";
5600 5973 else
5601 5974 outstr = zone->zone_fs_allowed;
5602 5975 size = strlen(outstr) + 1;
5603 5976 if (bufsize > size)
5604 5977 bufsize = size;
5605 5978 if (buf != NULL) {
5606 5979 err = copyoutstr(outstr, buf, bufsize, NULL);
5607 5980 if (err != 0 && err != ENAMETOOLONG)
5608 5981 error = EFAULT;
5609 5982 }
5610 5983 break;
5611 5984 case ZONE_ATTR_NETWORK:
|
↓ open down ↓ |
34 lines elided |
↑ open up ↑ |
5612 5985 zbuf = kmem_alloc(bufsize, KM_SLEEP);
5613 5986 if (copyin(buf, zbuf, bufsize) != 0) {
5614 5987 error = EFAULT;
5615 5988 } else {
5616 5989 error = zone_get_network(zoneid, zbuf);
5617 5990 if (error == 0 && copyout(zbuf, buf, bufsize) != 0)
5618 5991 error = EFAULT;
5619 5992 }
5620 5993 kmem_free(zbuf, bufsize);
5621 5994 break;
5995 + case ZONE_ATTR_SCHED_FIXEDHI:
5996 + size = sizeof (boolean_t);
5997 + if (bufsize > size)
5998 + bufsize = size;
5999 +
6000 + if (buf != NULL && copyout(&zone->zone_fixed_hipri, buf,
6001 + bufsize) != 0)
6002 + error = EFAULT;
6003 + break;
5622 6004 default:
5623 6005 if ((attr >= ZONE_ATTR_BRAND_ATTRS) && ZONE_IS_BRANDED(zone)) {
5624 6006 size = bufsize;
5625 6007 error = ZBROP(zone)->b_getattr(zone, attr, buf, &size);
5626 6008 } else {
5627 6009 error = EINVAL;
5628 6010 }
5629 6011 }
5630 6012 zone_rele(zone);
5631 6013
5632 6014 if (error)
5633 6015 return (set_errno(error));
5634 6016 return ((ssize_t)size);
5635 6017 }
5636 6018
5637 6019 /*
5638 6020 * Systemcall entry point for zone_setattr(2).
5639 6021 */
5640 6022 /*ARGSUSED*/
5641 6023 static int
5642 6024 zone_setattr(zoneid_t zoneid, int attr, void *buf, size_t bufsize)
|
↓ open down ↓ |
11 lines elided |
↑ open up ↑ |
5643 6025 {
5644 6026 zone_t *zone;
5645 6027 zone_status_t zone_status;
5646 6028 int err = -1;
5647 6029 zone_net_data_t *zbuf;
5648 6030
5649 6031 if (secpolicy_zone_config(CRED()) != 0)
5650 6032 return (set_errno(EPERM));
5651 6033
5652 6034 /*
5653 - * Only the ZONE_ATTR_PHYS_MCAP attribute can be set on the
5654 - * global zone.
6035 + * Only the ZONE_ATTR_PMCAP_NOVER and ZONE_ATTR_PMCAP_PAGEOUT
6036 + * attributes can be set on the global zone.
5655 6037 */
5656 - if (zoneid == GLOBAL_ZONEID && attr != ZONE_ATTR_PHYS_MCAP) {
6038 + if (zoneid == GLOBAL_ZONEID &&
6039 + attr != ZONE_ATTR_PMCAP_NOVER && attr != ZONE_ATTR_PMCAP_PAGEOUT) {
5657 6040 return (set_errno(EINVAL));
5658 6041 }
5659 6042
5660 6043 mutex_enter(&zonehash_lock);
5661 6044 if ((zone = zone_find_all_by_id(zoneid)) == NULL) {
5662 6045 mutex_exit(&zonehash_lock);
5663 6046 return (set_errno(EINVAL));
5664 6047 }
5665 6048 zone_hold(zone);
5666 6049 mutex_exit(&zonehash_lock);
5667 6050
5668 6051 /*
5669 6052 * At present most attributes can only be set on non-running,
5670 6053 * non-global zones.
5671 6054 */
5672 6055 zone_status = zone_status_get(zone);
5673 - if (attr != ZONE_ATTR_PHYS_MCAP && zone_status > ZONE_IS_READY) {
6056 + if (attr != ZONE_ATTR_PMCAP_NOVER && attr != ZONE_ATTR_PMCAP_PAGEOUT &&
6057 + attr != ZONE_ATTR_PG_FLT_DELAY && attr != ZONE_ATTR_RSS &&
6058 + zone_status > ZONE_IS_READY) {
5674 6059 err = EINVAL;
5675 6060 goto done;
5676 6061 }
5677 6062
5678 6063 switch (attr) {
5679 6064 case ZONE_ATTR_INITNAME:
5680 6065 err = zone_set_initname(zone, (const char *)buf);
5681 6066 break;
5682 6067 case ZONE_ATTR_INITNORESTART:
5683 6068 zone->zone_restart_init = B_FALSE;
5684 6069 err = 0;
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
5685 6070 break;
5686 6071 case ZONE_ATTR_BOOTARGS:
5687 6072 err = zone_set_bootargs(zone, (const char *)buf);
5688 6073 break;
5689 6074 case ZONE_ATTR_BRAND:
5690 6075 err = zone_set_brand(zone, (const char *)buf);
5691 6076 break;
5692 6077 case ZONE_ATTR_FS_ALLOWED:
5693 6078 err = zone_set_fs_allowed(zone, (const char *)buf);
5694 6079 break;
5695 - case ZONE_ATTR_PHYS_MCAP:
5696 - err = zone_set_phys_mcap(zone, (const uint64_t *)buf);
6080 + case ZONE_ATTR_PMCAP_NOVER:
6081 + err = zone_set_mcap_nover(zone, (const uint64_t *)buf);
5697 6082 break;
6083 + case ZONE_ATTR_PMCAP_PAGEOUT:
6084 + err = zone_set_mcap_pageout(zone, (const uint64_t *)buf);
6085 + break;
6086 + case ZONE_ATTR_PG_FLT_DELAY:
6087 + err = zone_set_page_fault_delay(zone, (const uint32_t *)buf);
6088 + break;
6089 + case ZONE_ATTR_RSS:
6090 + err = zone_set_rss(zone, (const uint64_t *)buf);
6091 + break;
5698 6092 case ZONE_ATTR_SCHED_CLASS:
5699 6093 err = zone_set_sched_class(zone, (const char *)buf);
5700 6094 break;
5701 6095 case ZONE_ATTR_HOSTID:
5702 6096 if (bufsize == sizeof (zone->zone_hostid)) {
5703 6097 if (copyin(buf, &zone->zone_hostid, bufsize) == 0)
5704 6098 err = 0;
5705 6099 else
5706 6100 err = EFAULT;
5707 6101 } else {
5708 6102 err = EINVAL;
5709 6103 }
5710 6104 break;
5711 6105 case ZONE_ATTR_NETWORK:
5712 6106 if (bufsize > (PIPE_BUF + sizeof (zone_net_data_t))) {
5713 6107 err = EINVAL;
5714 6108 break;
|
↓ open down ↓ |
7 lines elided |
↑ open up ↑ |
5715 6109 }
5716 6110 zbuf = kmem_alloc(bufsize, KM_SLEEP);
5717 6111 if (copyin(buf, zbuf, bufsize) != 0) {
5718 6112 kmem_free(zbuf, bufsize);
5719 6113 err = EFAULT;
5720 6114 break;
5721 6115 }
5722 6116 err = zone_set_network(zoneid, zbuf);
5723 6117 kmem_free(zbuf, bufsize);
5724 6118 break;
6119 + case ZONE_ATTR_APP_SVC_CT:
6120 + if (bufsize != sizeof (boolean_t)) {
6121 + err = EINVAL;
6122 + } else {
6123 + zone->zone_setup_app_contract = (boolean_t)buf;
6124 + err = 0;
6125 + }
6126 + break;
6127 + case ZONE_ATTR_SCHED_FIXEDHI:
6128 + if (bufsize != sizeof (boolean_t)) {
6129 + err = EINVAL;
6130 + } else {
6131 + zone->zone_fixed_hipri = (boolean_t)buf;
6132 + err = 0;
6133 + }
6134 + break;
5725 6135 default:
5726 6136 if ((attr >= ZONE_ATTR_BRAND_ATTRS) && ZONE_IS_BRANDED(zone))
5727 6137 err = ZBROP(zone)->b_setattr(zone, attr, buf, bufsize);
5728 6138 else
5729 6139 err = EINVAL;
5730 6140 }
5731 6141
5732 6142 done:
5733 6143 zone_rele(zone);
5734 6144 ASSERT(err != -1);
5735 6145 return (err != 0 ? set_errno(err) : 0);
5736 6146 }
5737 6147
5738 6148 /*
5739 6149 * Return zero if the process has at least one vnode mapped in to its
5740 6150 * address space which shouldn't be allowed to change zones.
5741 6151 *
5742 6152 * Also return zero if the process has any shared mappings which reserve
5743 6153 * swap. This is because the counting for zone.max-swap does not allow swap
5744 6154 * reservation to be shared between zones. zone swap reservation is counted
5745 6155 * on zone->zone_max_swap.
5746 6156 */
5747 6157 static int
5748 6158 as_can_change_zones(void)
5749 6159 {
5750 6160 proc_t *pp = curproc;
5751 6161 struct seg *seg;
5752 6162 struct as *as = pp->p_as;
5753 6163 vnode_t *vp;
5754 6164 int allow = 1;
5755 6165
5756 6166 ASSERT(pp->p_as != &kas);
5757 6167 AS_LOCK_ENTER(as, RW_READER);
5758 6168 for (seg = AS_SEGFIRST(as); seg != NULL; seg = AS_SEGNEXT(as, seg)) {
5759 6169
5760 6170 /*
5761 6171 * Cannot enter zone with shared anon memory which
5762 6172 * reserves swap. See comment above.
5763 6173 */
5764 6174 if (seg_can_change_zones(seg) == B_FALSE) {
5765 6175 allow = 0;
5766 6176 break;
5767 6177 }
5768 6178 /*
5769 6179 * if we can't get a backing vnode for this segment then skip
5770 6180 * it.
5771 6181 */
5772 6182 vp = NULL;
5773 6183 if (SEGOP_GETVP(seg, seg->s_base, &vp) != 0 || vp == NULL)
5774 6184 continue;
5775 6185 if (!vn_can_change_zones(vp)) { /* bail on first match */
5776 6186 allow = 0;
5777 6187 break;
5778 6188 }
5779 6189 }
5780 6190 AS_LOCK_EXIT(as);
5781 6191 return (allow);
5782 6192 }
5783 6193
5784 6194 /*
5785 6195 * Count swap reserved by curproc's address space
5786 6196 */
5787 6197 static size_t
5788 6198 as_swresv(void)
5789 6199 {
5790 6200 proc_t *pp = curproc;
5791 6201 struct seg *seg;
5792 6202 struct as *as = pp->p_as;
5793 6203 size_t swap = 0;
5794 6204
5795 6205 ASSERT(pp->p_as != &kas);
5796 6206 ASSERT(AS_WRITE_HELD(as));
5797 6207 for (seg = AS_SEGFIRST(as); seg != NULL; seg = AS_SEGNEXT(as, seg))
5798 6208 swap += seg_swresv(seg);
5799 6209
5800 6210 return (swap);
5801 6211 }
5802 6212
5803 6213 /*
5804 6214 * Systemcall entry point for zone_enter().
5805 6215 *
5806 6216 * The current process is injected into said zone. In the process
5807 6217 * it will change its project membership, privileges, rootdir/cwd,
5808 6218 * zone-wide rctls, and pool association to match those of the zone.
5809 6219 *
5810 6220 * The first zone_enter() called while the zone is in the ZONE_IS_READY
5811 6221 * state will transition it to ZONE_IS_RUNNING. Processes may only
5812 6222 * enter a zone that is "ready" or "running".
5813 6223 */
5814 6224 static int
5815 6225 zone_enter(zoneid_t zoneid)
5816 6226 {
5817 6227 zone_t *zone;
5818 6228 vnode_t *vp;
5819 6229 proc_t *pp = curproc;
5820 6230 contract_t *ct;
5821 6231 cont_process_t *ctp;
5822 6232 task_t *tk, *oldtk;
5823 6233 kproject_t *zone_proj0;
5824 6234 cred_t *cr, *newcr;
5825 6235 pool_t *oldpool, *newpool;
5826 6236 sess_t *sp;
5827 6237 uid_t uid;
5828 6238 zone_status_t status;
5829 6239 int err = 0;
5830 6240 rctl_entity_p_t e;
5831 6241 size_t swap;
5832 6242 kthread_id_t t;
5833 6243
5834 6244 if (secpolicy_zone_config(CRED()) != 0)
5835 6245 return (set_errno(EPERM));
5836 6246 if (zoneid < MIN_USERZONEID || zoneid > MAX_ZONEID)
5837 6247 return (set_errno(EINVAL));
5838 6248
5839 6249 /*
5840 6250 * Stop all lwps so we don't need to hold a lock to look at
5841 6251 * curproc->p_zone. This needs to happen before we grab any
5842 6252 * locks to avoid deadlock (another lwp in the process could
5843 6253 * be waiting for the held lock).
5844 6254 */
5845 6255 if (curthread != pp->p_agenttp && !holdlwps(SHOLDFORK))
5846 6256 return (set_errno(EINTR));
5847 6257
5848 6258 /*
5849 6259 * Make sure we're not changing zones with files open or mapped in
5850 6260 * to our address space which shouldn't be changing zones.
5851 6261 */
5852 6262 if (!files_can_change_zones()) {
5853 6263 err = EBADF;
5854 6264 goto out;
5855 6265 }
5856 6266 if (!as_can_change_zones()) {
5857 6267 err = EFAULT;
5858 6268 goto out;
5859 6269 }
5860 6270
5861 6271 mutex_enter(&zonehash_lock);
5862 6272 if (pp->p_zone != global_zone) {
5863 6273 mutex_exit(&zonehash_lock);
5864 6274 err = EINVAL;
5865 6275 goto out;
5866 6276 }
5867 6277
5868 6278 zone = zone_find_all_by_id(zoneid);
5869 6279 if (zone == NULL) {
5870 6280 mutex_exit(&zonehash_lock);
5871 6281 err = EINVAL;
5872 6282 goto out;
5873 6283 }
5874 6284
5875 6285 /*
5876 6286 * To prevent processes in a zone from holding contracts on
5877 6287 * extrazonal resources, and to avoid process contract
5878 6288 * memberships which span zones, contract holders and processes
5879 6289 * which aren't the sole members of their encapsulating process
5880 6290 * contracts are not allowed to zone_enter.
5881 6291 */
5882 6292 ctp = pp->p_ct_process;
5883 6293 ct = &ctp->conp_contract;
5884 6294 mutex_enter(&ct->ct_lock);
5885 6295 mutex_enter(&pp->p_lock);
5886 6296 if ((avl_numnodes(&pp->p_ct_held) != 0) || (ctp->conp_nmembers != 1)) {
5887 6297 mutex_exit(&pp->p_lock);
5888 6298 mutex_exit(&ct->ct_lock);
5889 6299 mutex_exit(&zonehash_lock);
5890 6300 err = EINVAL;
5891 6301 goto out;
5892 6302 }
5893 6303
5894 6304 /*
5895 6305 * Moreover, we don't allow processes whose encapsulating
5896 6306 * process contracts have inherited extrazonal contracts.
5897 6307 * While it would be easier to eliminate all process contracts
5898 6308 * with inherited contracts, we need to be able to give a
5899 6309 * restarted init (or other zone-penetrating process) its
5900 6310 * predecessor's contracts.
5901 6311 */
5902 6312 if (ctp->conp_ninherited != 0) {
5903 6313 contract_t *next;
5904 6314 for (next = list_head(&ctp->conp_inherited); next;
5905 6315 next = list_next(&ctp->conp_inherited, next)) {
5906 6316 if (contract_getzuniqid(next) != zone->zone_uniqid) {
5907 6317 mutex_exit(&pp->p_lock);
5908 6318 mutex_exit(&ct->ct_lock);
5909 6319 mutex_exit(&zonehash_lock);
5910 6320 err = EINVAL;
5911 6321 goto out;
5912 6322 }
5913 6323 }
5914 6324 }
5915 6325
5916 6326 mutex_exit(&pp->p_lock);
5917 6327 mutex_exit(&ct->ct_lock);
5918 6328
5919 6329 status = zone_status_get(zone);
5920 6330 if (status < ZONE_IS_READY || status >= ZONE_IS_SHUTTING_DOWN) {
5921 6331 /*
5922 6332 * Can't join
5923 6333 */
5924 6334 mutex_exit(&zonehash_lock);
5925 6335 err = EINVAL;
5926 6336 goto out;
5927 6337 }
5928 6338
5929 6339 /*
5930 6340 * Make sure new priv set is within the permitted set for caller
5931 6341 */
5932 6342 if (!priv_issubset(zone->zone_privset, &CR_OPPRIV(CRED()))) {
5933 6343 mutex_exit(&zonehash_lock);
5934 6344 err = EPERM;
5935 6345 goto out;
5936 6346 }
5937 6347 /*
5938 6348 * We want to momentarily drop zonehash_lock while we optimistically
5939 6349 * bind curproc to the pool it should be running in. This is safe
5940 6350 * since the zone can't disappear (we have a hold on it).
5941 6351 */
5942 6352 zone_hold(zone);
5943 6353 mutex_exit(&zonehash_lock);
5944 6354
5945 6355 /*
5946 6356 * Grab pool_lock to keep the pools configuration from changing
5947 6357 * and to stop ourselves from getting rebound to another pool
5948 6358 * until we join the zone.
5949 6359 */
5950 6360 if (pool_lock_intr() != 0) {
5951 6361 zone_rele(zone);
5952 6362 err = EINTR;
5953 6363 goto out;
5954 6364 }
5955 6365 ASSERT(secpolicy_pool(CRED()) == 0);
5956 6366 /*
5957 6367 * Bind ourselves to the pool currently associated with the zone.
5958 6368 */
5959 6369 oldpool = curproc->p_pool;
5960 6370 newpool = zone_pool_get(zone);
5961 6371 if (pool_state == POOL_ENABLED && newpool != oldpool &&
5962 6372 (err = pool_do_bind(newpool, P_PID, P_MYID,
5963 6373 POOL_BIND_ALL)) != 0) {
5964 6374 pool_unlock();
5965 6375 zone_rele(zone);
5966 6376 goto out;
5967 6377 }
5968 6378
5969 6379 /*
5970 6380 * Grab cpu_lock now; we'll need it later when we call
5971 6381 * task_join().
5972 6382 */
5973 6383 mutex_enter(&cpu_lock);
5974 6384 mutex_enter(&zonehash_lock);
5975 6385 /*
5976 6386 * Make sure the zone hasn't moved on since we dropped zonehash_lock.
5977 6387 */
5978 6388 if (zone_status_get(zone) >= ZONE_IS_SHUTTING_DOWN) {
5979 6389 /*
5980 6390 * Can't join anymore.
5981 6391 */
5982 6392 mutex_exit(&zonehash_lock);
5983 6393 mutex_exit(&cpu_lock);
5984 6394 if (pool_state == POOL_ENABLED &&
5985 6395 newpool != oldpool)
5986 6396 (void) pool_do_bind(oldpool, P_PID, P_MYID,
5987 6397 POOL_BIND_ALL);
5988 6398 pool_unlock();
5989 6399 zone_rele(zone);
5990 6400 err = EINVAL;
5991 6401 goto out;
5992 6402 }
5993 6403
5994 6404 /*
5995 6405 * a_lock must be held while transfering locked memory and swap
5996 6406 * reservation from the global zone to the non global zone because
5997 6407 * asynchronous faults on the processes' address space can lock
5998 6408 * memory and reserve swap via MCL_FUTURE and MAP_NORESERVE
5999 6409 * segments respectively.
6000 6410 */
6001 6411 AS_LOCK_ENTER(pp->p_as, RW_WRITER);
6002 6412 swap = as_swresv();
6003 6413 mutex_enter(&pp->p_lock);
6004 6414 zone_proj0 = zone->zone_zsched->p_task->tk_proj;
6005 6415 /* verify that we do not exceed and task or lwp limits */
6006 6416 mutex_enter(&zone->zone_nlwps_lock);
6007 6417 /* add new lwps to zone and zone's proj0 */
6008 6418 zone_proj0->kpj_nlwps += pp->p_lwpcnt;
6009 6419 zone->zone_nlwps += pp->p_lwpcnt;
6010 6420 /* add 1 task to zone's proj0 */
6011 6421 zone_proj0->kpj_ntasks += 1;
6012 6422
6013 6423 zone_proj0->kpj_nprocs++;
6014 6424 zone->zone_nprocs++;
6015 6425 mutex_exit(&zone->zone_nlwps_lock);
6016 6426
6017 6427 mutex_enter(&zone->zone_mem_lock);
6018 6428 zone->zone_locked_mem += pp->p_locked_mem;
6019 6429 zone_proj0->kpj_data.kpd_locked_mem += pp->p_locked_mem;
6020 6430 zone->zone_max_swap += swap;
6021 6431 mutex_exit(&zone->zone_mem_lock);
6022 6432
6023 6433 mutex_enter(&(zone_proj0->kpj_data.kpd_crypto_lock));
6024 6434 zone_proj0->kpj_data.kpd_crypto_mem += pp->p_crypto_mem;
6025 6435 mutex_exit(&(zone_proj0->kpj_data.kpd_crypto_lock));
6026 6436
6027 6437 /* remove lwps and process from proc's old zone and old project */
6028 6438 mutex_enter(&pp->p_zone->zone_nlwps_lock);
6029 6439 pp->p_zone->zone_nlwps -= pp->p_lwpcnt;
6030 6440 pp->p_task->tk_proj->kpj_nlwps -= pp->p_lwpcnt;
6031 6441 pp->p_task->tk_proj->kpj_nprocs--;
6032 6442 pp->p_zone->zone_nprocs--;
6033 6443 mutex_exit(&pp->p_zone->zone_nlwps_lock);
6034 6444
6035 6445 mutex_enter(&pp->p_zone->zone_mem_lock);
6036 6446 pp->p_zone->zone_locked_mem -= pp->p_locked_mem;
6037 6447 pp->p_task->tk_proj->kpj_data.kpd_locked_mem -= pp->p_locked_mem;
6038 6448 pp->p_zone->zone_max_swap -= swap;
6039 6449 mutex_exit(&pp->p_zone->zone_mem_lock);
6040 6450
6041 6451 mutex_enter(&(pp->p_task->tk_proj->kpj_data.kpd_crypto_lock));
6042 6452 pp->p_task->tk_proj->kpj_data.kpd_crypto_mem -= pp->p_crypto_mem;
6043 6453 mutex_exit(&(pp->p_task->tk_proj->kpj_data.kpd_crypto_lock));
6044 6454
6045 6455 pp->p_flag |= SZONETOP;
6046 6456 pp->p_zone = zone;
6047 6457 mutex_exit(&pp->p_lock);
6048 6458 AS_LOCK_EXIT(pp->p_as);
6049 6459
6050 6460 /*
6051 6461 * Joining the zone cannot fail from now on.
6052 6462 *
6053 6463 * This means that a lot of the following code can be commonized and
6054 6464 * shared with zsched().
6055 6465 */
6056 6466
6057 6467 /*
6058 6468 * If the process contract fmri was inherited, we need to
6059 6469 * flag this so that any contract status will not leak
6060 6470 * extra zone information, svc_fmri in this case
6061 6471 */
6062 6472 if (ctp->conp_svc_ctid != ct->ct_id) {
6063 6473 mutex_enter(&ct->ct_lock);
6064 6474 ctp->conp_svc_zone_enter = ct->ct_id;
6065 6475 mutex_exit(&ct->ct_lock);
6066 6476 }
6067 6477
6068 6478 /*
6069 6479 * Reset the encapsulating process contract's zone.
6070 6480 */
6071 6481 ASSERT(ct->ct_mzuniqid == GLOBAL_ZONEUNIQID);
6072 6482 contract_setzuniqid(ct, zone->zone_uniqid);
6073 6483
6074 6484 /*
6075 6485 * Create a new task and associate the process with the project keyed
6076 6486 * by (projid,zoneid).
6077 6487 *
6078 6488 * We might as well be in project 0; the global zone's projid doesn't
6079 6489 * make much sense in a zone anyhow.
6080 6490 *
6081 6491 * This also increments zone_ntasks, and returns with p_lock held.
6082 6492 */
6083 6493 tk = task_create(0, zone);
6084 6494 oldtk = task_join(tk, 0);
6085 6495 mutex_exit(&cpu_lock);
6086 6496
6087 6497 /*
6088 6498 * call RCTLOP_SET functions on this proc
6089 6499 */
6090 6500 e.rcep_p.zone = zone;
6091 6501 e.rcep_t = RCENTITY_ZONE;
6092 6502 (void) rctl_set_dup(NULL, NULL, pp, &e, zone->zone_rctls, NULL,
6093 6503 RCD_CALLBACK);
6094 6504 mutex_exit(&pp->p_lock);
6095 6505
6096 6506 /*
6097 6507 * We don't need to hold any of zsched's locks here; not only do we know
6098 6508 * the process and zone aren't going away, we know its session isn't
6099 6509 * changing either.
6100 6510 *
6101 6511 * By joining zsched's session here, we mimic the behavior in the
6102 6512 * global zone of init's sid being the pid of sched. We extend this
6103 6513 * to all zlogin-like zone_enter()'ing processes as well.
6104 6514 */
6105 6515 mutex_enter(&pidlock);
6106 6516 sp = zone->zone_zsched->p_sessp;
6107 6517 sess_hold(zone->zone_zsched);
6108 6518 mutex_enter(&pp->p_lock);
6109 6519 pgexit(pp);
6110 6520 sess_rele(pp->p_sessp, B_TRUE);
6111 6521 pp->p_sessp = sp;
6112 6522 pgjoin(pp, zone->zone_zsched->p_pidp);
6113 6523
6114 6524 /*
6115 6525 * If any threads are scheduled to be placed on zone wait queue they
6116 6526 * should abandon the idea since the wait queue is changing.
6117 6527 * We need to be holding pidlock & p_lock to do this.
6118 6528 */
6119 6529 if ((t = pp->p_tlist) != NULL) {
6120 6530 do {
6121 6531 thread_lock(t);
6122 6532 /*
6123 6533 * Kick this thread so that he doesn't sit
6124 6534 * on a wrong wait queue.
6125 6535 */
6126 6536 if (ISWAITING(t))
6127 6537 setrun_locked(t);
6128 6538
6129 6539 if (t->t_schedflag & TS_ANYWAITQ)
6130 6540 t->t_schedflag &= ~ TS_ANYWAITQ;
6131 6541
6132 6542 thread_unlock(t);
6133 6543 } while ((t = t->t_forw) != pp->p_tlist);
6134 6544 }
6135 6545
6136 6546 /*
6137 6547 * If there is a default scheduling class for the zone and it is not
6138 6548 * the class we are currently in, change all of the threads in the
6139 6549 * process to the new class. We need to be holding pidlock & p_lock
6140 6550 * when we call parmsset so this is a good place to do it.
6141 6551 */
6142 6552 if (zone->zone_defaultcid > 0 &&
6143 6553 zone->zone_defaultcid != curthread->t_cid) {
6144 6554 pcparms_t pcparms;
6145 6555
6146 6556 pcparms.pc_cid = zone->zone_defaultcid;
6147 6557 pcparms.pc_clparms[0] = 0;
6148 6558
6149 6559 /*
6150 6560 * If setting the class fails, we still want to enter the zone.
6151 6561 */
6152 6562 if ((t = pp->p_tlist) != NULL) {
6153 6563 do {
6154 6564 (void) parmsset(&pcparms, t);
6155 6565 } while ((t = t->t_forw) != pp->p_tlist);
6156 6566 }
6157 6567 }
6158 6568
6159 6569 mutex_exit(&pp->p_lock);
6160 6570 mutex_exit(&pidlock);
6161 6571
6162 6572 mutex_exit(&zonehash_lock);
6163 6573 /*
6164 6574 * We're firmly in the zone; let pools progress.
6165 6575 */
6166 6576 pool_unlock();
6167 6577 task_rele(oldtk);
6168 6578 /*
6169 6579 * We don't need to retain a hold on the zone since we already
6170 6580 * incremented zone_ntasks, so the zone isn't going anywhere.
6171 6581 */
6172 6582 zone_rele(zone);
6173 6583
6174 6584 /*
6175 6585 * Chroot
6176 6586 */
6177 6587 vp = zone->zone_rootvp;
6178 6588 zone_chdir(vp, &PTOU(pp)->u_cdir, pp);
6179 6589 zone_chdir(vp, &PTOU(pp)->u_rdir, pp);
6180 6590
6181 6591 /*
6182 6592 * Change process credentials
6183 6593 */
6184 6594 newcr = cralloc();
6185 6595 mutex_enter(&pp->p_crlock);
6186 6596 cr = pp->p_cred;
6187 6597 crcopy_to(cr, newcr);
6188 6598 crsetzone(newcr, zone);
6189 6599 pp->p_cred = newcr;
6190 6600
6191 6601 /*
6192 6602 * Restrict all process privilege sets to zone limit
6193 6603 */
6194 6604 priv_intersect(zone->zone_privset, &CR_PPRIV(newcr));
6195 6605 priv_intersect(zone->zone_privset, &CR_EPRIV(newcr));
6196 6606 priv_intersect(zone->zone_privset, &CR_IPRIV(newcr));
6197 6607 priv_intersect(zone->zone_privset, &CR_LPRIV(newcr));
6198 6608 mutex_exit(&pp->p_crlock);
6199 6609 crset(pp, newcr);
6200 6610
6201 6611 /*
6202 6612 * Adjust upcount to reflect zone entry.
6203 6613 */
6204 6614 uid = crgetruid(newcr);
6205 6615 mutex_enter(&pidlock);
6206 6616 upcount_dec(uid, GLOBAL_ZONEID);
6207 6617 upcount_inc(uid, zoneid);
6208 6618 mutex_exit(&pidlock);
6209 6619
6210 6620 /*
6211 6621 * Set up core file path and content.
6212 6622 */
6213 6623 set_core_defaults();
6214 6624
6215 6625 out:
6216 6626 /*
6217 6627 * Let the other lwps continue.
6218 6628 */
6219 6629 mutex_enter(&pp->p_lock);
6220 6630 if (curthread != pp->p_agenttp)
6221 6631 continuelwps(pp);
6222 6632 mutex_exit(&pp->p_lock);
6223 6633
6224 6634 return (err != 0 ? set_errno(err) : 0);
6225 6635 }
6226 6636
6227 6637 /*
6228 6638 * Systemcall entry point for zone_list(2).
6229 6639 *
6230 6640 * Processes running in a (non-global) zone only see themselves.
6231 6641 * On labeled systems, they see all zones whose label they dominate.
6232 6642 */
6233 6643 static int
6234 6644 zone_list(zoneid_t *zoneidlist, uint_t *numzones)
6235 6645 {
6236 6646 zoneid_t *zoneids;
6237 6647 zone_t *zone, *myzone;
6238 6648 uint_t user_nzones, real_nzones;
6239 6649 uint_t domi_nzones;
6240 6650 int error;
6241 6651
6242 6652 if (copyin(numzones, &user_nzones, sizeof (uint_t)) != 0)
6243 6653 return (set_errno(EFAULT));
6244 6654
6245 6655 myzone = curproc->p_zone;
6246 6656 if (myzone != global_zone) {
6247 6657 bslabel_t *mybslab;
6248 6658
6249 6659 if (!is_system_labeled()) {
6250 6660 /* just return current zone */
6251 6661 real_nzones = domi_nzones = 1;
6252 6662 zoneids = kmem_alloc(sizeof (zoneid_t), KM_SLEEP);
6253 6663 zoneids[0] = myzone->zone_id;
6254 6664 } else {
6255 6665 /* return all zones that are dominated */
6256 6666 mutex_enter(&zonehash_lock);
6257 6667 real_nzones = zonecount;
6258 6668 domi_nzones = 0;
6259 6669 if (real_nzones > 0) {
6260 6670 zoneids = kmem_alloc(real_nzones *
6261 6671 sizeof (zoneid_t), KM_SLEEP);
6262 6672 mybslab = label2bslabel(myzone->zone_slabel);
6263 6673 for (zone = list_head(&zone_active);
6264 6674 zone != NULL;
6265 6675 zone = list_next(&zone_active, zone)) {
6266 6676 if (zone->zone_id == GLOBAL_ZONEID)
6267 6677 continue;
6268 6678 if (zone != myzone &&
6269 6679 (zone->zone_flags & ZF_IS_SCRATCH))
6270 6680 continue;
6271 6681 /*
6272 6682 * Note that a label always dominates
6273 6683 * itself, so myzone is always included
6274 6684 * in the list.
6275 6685 */
6276 6686 if (bldominates(mybslab,
6277 6687 label2bslabel(zone->zone_slabel))) {
6278 6688 zoneids[domi_nzones++] =
6279 6689 zone->zone_id;
6280 6690 }
6281 6691 }
6282 6692 }
6283 6693 mutex_exit(&zonehash_lock);
6284 6694 }
6285 6695 } else {
6286 6696 mutex_enter(&zonehash_lock);
6287 6697 real_nzones = zonecount;
6288 6698 domi_nzones = 0;
6289 6699 if (real_nzones > 0) {
6290 6700 zoneids = kmem_alloc(real_nzones * sizeof (zoneid_t),
6291 6701 KM_SLEEP);
6292 6702 for (zone = list_head(&zone_active); zone != NULL;
6293 6703 zone = list_next(&zone_active, zone))
6294 6704 zoneids[domi_nzones++] = zone->zone_id;
6295 6705 ASSERT(domi_nzones == real_nzones);
6296 6706 }
6297 6707 mutex_exit(&zonehash_lock);
6298 6708 }
6299 6709
6300 6710 /*
6301 6711 * If user has allocated space for fewer entries than we found, then
6302 6712 * return only up to his limit. Either way, tell him exactly how many
6303 6713 * we found.
6304 6714 */
6305 6715 if (domi_nzones < user_nzones)
6306 6716 user_nzones = domi_nzones;
6307 6717 error = 0;
6308 6718 if (copyout(&domi_nzones, numzones, sizeof (uint_t)) != 0) {
6309 6719 error = EFAULT;
6310 6720 } else if (zoneidlist != NULL && user_nzones != 0) {
6311 6721 if (copyout(zoneids, zoneidlist,
6312 6722 user_nzones * sizeof (zoneid_t)) != 0)
6313 6723 error = EFAULT;
6314 6724 }
6315 6725
6316 6726 if (real_nzones > 0)
6317 6727 kmem_free(zoneids, real_nzones * sizeof (zoneid_t));
6318 6728
6319 6729 if (error != 0)
6320 6730 return (set_errno(error));
6321 6731 else
6322 6732 return (0);
6323 6733 }
6324 6734
6325 6735 /*
6326 6736 * Systemcall entry point for zone_lookup(2).
6327 6737 *
6328 6738 * Non-global zones are only able to see themselves and (on labeled systems)
6329 6739 * the zones they dominate.
6330 6740 */
6331 6741 static zoneid_t
6332 6742 zone_lookup(const char *zone_name)
6333 6743 {
6334 6744 char *kname;
6335 6745 zone_t *zone;
6336 6746 zoneid_t zoneid;
6337 6747 int err;
6338 6748
6339 6749 if (zone_name == NULL) {
6340 6750 /* return caller's zone id */
6341 6751 return (getzoneid());
6342 6752 }
6343 6753
6344 6754 kname = kmem_zalloc(ZONENAME_MAX, KM_SLEEP);
6345 6755 if ((err = copyinstr(zone_name, kname, ZONENAME_MAX, NULL)) != 0) {
6346 6756 kmem_free(kname, ZONENAME_MAX);
6347 6757 return (set_errno(err));
6348 6758 }
6349 6759
6350 6760 mutex_enter(&zonehash_lock);
6351 6761 zone = zone_find_all_by_name(kname);
6352 6762 kmem_free(kname, ZONENAME_MAX);
6353 6763 /*
6354 6764 * In a non-global zone, can only lookup global and own name.
6355 6765 * In Trusted Extensions zone label dominance rules apply.
6356 6766 */
6357 6767 if (zone == NULL ||
6358 6768 zone_status_get(zone) < ZONE_IS_READY ||
6359 6769 !zone_list_access(zone)) {
6360 6770 mutex_exit(&zonehash_lock);
6361 6771 return (set_errno(EINVAL));
6362 6772 } else {
6363 6773 zoneid = zone->zone_id;
6364 6774 mutex_exit(&zonehash_lock);
6365 6775 return (zoneid);
6366 6776 }
6367 6777 }
6368 6778
6369 6779 static int
6370 6780 zone_version(int *version_arg)
6371 6781 {
6372 6782 int version = ZONE_SYSCALL_API_VERSION;
6373 6783
6374 6784 if (copyout(&version, version_arg, sizeof (int)) != 0)
6375 6785 return (set_errno(EFAULT));
6376 6786 return (0);
6377 6787 }
6378 6788
6379 6789 /* ARGSUSED */
6380 6790 long
6381 6791 zone(int cmd, void *arg1, void *arg2, void *arg3, void *arg4)
6382 6792 {
6383 6793 zone_def zs;
6384 6794 int err;
6385 6795
6386 6796 switch (cmd) {
6387 6797 case ZONE_CREATE:
6388 6798 if (get_udatamodel() == DATAMODEL_NATIVE) {
6389 6799 if (copyin(arg1, &zs, sizeof (zone_def))) {
6390 6800 return (set_errno(EFAULT));
6391 6801 }
6392 6802 } else {
6393 6803 #ifdef _SYSCALL32_IMPL
6394 6804 zone_def32 zs32;
6395 6805
6396 6806 if (copyin(arg1, &zs32, sizeof (zone_def32))) {
6397 6807 return (set_errno(EFAULT));
6398 6808 }
6399 6809 zs.zone_name =
6400 6810 (const char *)(unsigned long)zs32.zone_name;
6401 6811 zs.zone_root =
6402 6812 (const char *)(unsigned long)zs32.zone_root;
6403 6813 zs.zone_privs =
6404 6814 (const struct priv_set *)
6405 6815 (unsigned long)zs32.zone_privs;
6406 6816 zs.zone_privssz = zs32.zone_privssz;
6407 6817 zs.rctlbuf = (caddr_t)(unsigned long)zs32.rctlbuf;
6408 6818 zs.rctlbufsz = zs32.rctlbufsz;
6409 6819 zs.zfsbuf = (caddr_t)(unsigned long)zs32.zfsbuf;
6410 6820 zs.zfsbufsz = zs32.zfsbufsz;
6411 6821 zs.extended_error =
6412 6822 (int *)(unsigned long)zs32.extended_error;
6413 6823 zs.match = zs32.match;
6414 6824 zs.doi = zs32.doi;
6415 6825 zs.label = (const bslabel_t *)(uintptr_t)zs32.label;
6416 6826 zs.flags = zs32.flags;
6417 6827 #else
6418 6828 panic("get_udatamodel() returned bogus result\n");
6419 6829 #endif
6420 6830 }
6421 6831
6422 6832 return (zone_create(zs.zone_name, zs.zone_root,
6423 6833 zs.zone_privs, zs.zone_privssz,
6424 6834 (caddr_t)zs.rctlbuf, zs.rctlbufsz,
6425 6835 (caddr_t)zs.zfsbuf, zs.zfsbufsz,
6426 6836 zs.extended_error, zs.match, zs.doi,
6427 6837 zs.label, zs.flags));
6428 6838 case ZONE_BOOT:
6429 6839 return (zone_boot((zoneid_t)(uintptr_t)arg1));
6430 6840 case ZONE_DESTROY:
6431 6841 return (zone_destroy((zoneid_t)(uintptr_t)arg1));
6432 6842 case ZONE_GETATTR:
6433 6843 return (zone_getattr((zoneid_t)(uintptr_t)arg1,
6434 6844 (int)(uintptr_t)arg2, arg3, (size_t)arg4));
6435 6845 case ZONE_SETATTR:
6436 6846 return (zone_setattr((zoneid_t)(uintptr_t)arg1,
6437 6847 (int)(uintptr_t)arg2, arg3, (size_t)arg4));
6438 6848 case ZONE_ENTER:
6439 6849 return (zone_enter((zoneid_t)(uintptr_t)arg1));
6440 6850 case ZONE_LIST:
6441 6851 return (zone_list((zoneid_t *)arg1, (uint_t *)arg2));
6442 6852 case ZONE_SHUTDOWN:
6443 6853 return (zone_shutdown((zoneid_t)(uintptr_t)arg1));
6444 6854 case ZONE_LOOKUP:
6445 6855 return (zone_lookup((const char *)arg1));
6446 6856 case ZONE_VERSION:
6447 6857 return (zone_version((int *)arg1));
6448 6858 case ZONE_ADD_DATALINK:
6449 6859 return (zone_add_datalink((zoneid_t)(uintptr_t)arg1,
6450 6860 (datalink_id_t)(uintptr_t)arg2));
6451 6861 case ZONE_DEL_DATALINK:
6452 6862 return (zone_remove_datalink((zoneid_t)(uintptr_t)arg1,
6453 6863 (datalink_id_t)(uintptr_t)arg2));
6454 6864 case ZONE_CHECK_DATALINK: {
6455 6865 zoneid_t zoneid;
6456 6866 boolean_t need_copyout;
6457 6867
6458 6868 if (copyin(arg1, &zoneid, sizeof (zoneid)) != 0)
6459 6869 return (EFAULT);
6460 6870 need_copyout = (zoneid == ALL_ZONES);
6461 6871 err = zone_check_datalink(&zoneid,
6462 6872 (datalink_id_t)(uintptr_t)arg2);
6463 6873 if (err == 0 && need_copyout) {
6464 6874 if (copyout(&zoneid, arg1, sizeof (zoneid)) != 0)
6465 6875 err = EFAULT;
6466 6876 }
6467 6877 return (err == 0 ? 0 : set_errno(err));
6468 6878 }
6469 6879 case ZONE_LIST_DATALINK:
6470 6880 return (zone_list_datalink((zoneid_t)(uintptr_t)arg1,
6471 6881 (int *)arg2, (datalink_id_t *)(uintptr_t)arg3));
6472 6882 default:
6473 6883 return (set_errno(EINVAL));
6474 6884 }
6475 6885 }
6476 6886
6477 6887 struct zarg {
6478 6888 zone_t *zone;
6479 6889 zone_cmd_arg_t arg;
6480 6890 };
6481 6891
6482 6892 static int
6483 6893 zone_lookup_door(const char *zone_name, door_handle_t *doorp)
6484 6894 {
6485 6895 char *buf;
6486 6896 size_t buflen;
6487 6897 int error;
6488 6898
6489 6899 buflen = sizeof (ZONE_DOOR_PATH) + strlen(zone_name);
6490 6900 buf = kmem_alloc(buflen, KM_SLEEP);
6491 6901 (void) snprintf(buf, buflen, ZONE_DOOR_PATH, zone_name);
6492 6902 error = door_ki_open(buf, doorp);
6493 6903 kmem_free(buf, buflen);
6494 6904 return (error);
6495 6905 }
6496 6906
6497 6907 static void
6498 6908 zone_release_door(door_handle_t *doorp)
6499 6909 {
6500 6910 door_ki_rele(*doorp);
6501 6911 *doorp = NULL;
6502 6912 }
6503 6913
6504 6914 static void
6505 6915 zone_ki_call_zoneadmd(struct zarg *zargp)
6506 6916 {
6507 6917 door_handle_t door = NULL;
6508 6918 door_arg_t darg, save_arg;
6509 6919 char *zone_name;
6510 6920 size_t zone_namelen;
6511 6921 zoneid_t zoneid;
6512 6922 zone_t *zone;
6513 6923 zone_cmd_arg_t arg;
6514 6924 uint64_t uniqid;
6515 6925 size_t size;
6516 6926 int error;
6517 6927 int retry;
|
↓ open down ↓ |
783 lines elided |
↑ open up ↑ |
6518 6928
6519 6929 zone = zargp->zone;
6520 6930 arg = zargp->arg;
6521 6931 kmem_free(zargp, sizeof (*zargp));
6522 6932
6523 6933 zone_namelen = strlen(zone->zone_name) + 1;
6524 6934 zone_name = kmem_alloc(zone_namelen, KM_SLEEP);
6525 6935 bcopy(zone->zone_name, zone_name, zone_namelen);
6526 6936 zoneid = zone->zone_id;
6527 6937 uniqid = zone->zone_uniqid;
6938 + arg.status = zone->zone_init_status;
6528 6939 /*
6529 6940 * zoneadmd may be down, but at least we can empty out the zone.
6530 6941 * We can ignore the return value of zone_empty() since we're called
6531 6942 * from a kernel thread and know we won't be delivered any signals.
6532 6943 */
6533 6944 ASSERT(curproc == &p0);
6534 6945 (void) zone_empty(zone);
6535 6946 ASSERT(zone_status_get(zone) >= ZONE_IS_EMPTY);
6536 6947 zone_rele(zone);
6537 6948
6538 6949 size = sizeof (arg);
6539 6950 darg.rbuf = (char *)&arg;
6540 6951 darg.data_ptr = (char *)&arg;
6541 6952 darg.rsize = size;
6542 6953 darg.data_size = size;
6543 6954 darg.desc_ptr = NULL;
6544 6955 darg.desc_num = 0;
6545 6956
6546 6957 save_arg = darg;
6547 6958 /*
6548 6959 * Since we're not holding a reference to the zone, any number of
6549 6960 * things can go wrong, including the zone disappearing before we get a
6550 6961 * chance to talk to zoneadmd.
6551 6962 */
6552 6963 for (retry = 0; /* forever */; retry++) {
6553 6964 if (door == NULL &&
6554 6965 (error = zone_lookup_door(zone_name, &door)) != 0) {
6555 6966 goto next;
6556 6967 }
6557 6968 ASSERT(door != NULL);
6558 6969
6559 6970 if ((error = door_ki_upcall_limited(door, &darg, NULL,
6560 6971 SIZE_MAX, 0)) == 0) {
6561 6972 break;
6562 6973 }
6563 6974 switch (error) {
6564 6975 case EINTR:
6565 6976 /* FALLTHROUGH */
6566 6977 case EAGAIN: /* process may be forking */
6567 6978 /*
6568 6979 * Back off for a bit
6569 6980 */
6570 6981 break;
6571 6982 case EBADF:
6572 6983 zone_release_door(&door);
6573 6984 if (zone_lookup_door(zone_name, &door) != 0) {
6574 6985 /*
6575 6986 * zoneadmd may be dead, but it may come back to
6576 6987 * life later.
6577 6988 */
6578 6989 break;
6579 6990 }
6580 6991 break;
6581 6992 default:
6582 6993 cmn_err(CE_WARN,
6583 6994 "zone_ki_call_zoneadmd: door_ki_upcall error %d\n",
6584 6995 error);
6585 6996 goto out;
6586 6997 }
6587 6998 next:
6588 6999 /*
6589 7000 * If this isn't the same zone_t that we originally had in mind,
6590 7001 * then this is the same as if two kadmin requests come in at
6591 7002 * the same time: the first one wins. This means we lose, so we
6592 7003 * bail.
6593 7004 */
6594 7005 if ((zone = zone_find_by_id(zoneid)) == NULL) {
6595 7006 /*
6596 7007 * Problem is solved.
6597 7008 */
6598 7009 break;
6599 7010 }
6600 7011 if (zone->zone_uniqid != uniqid) {
6601 7012 /*
6602 7013 * zoneid recycled
6603 7014 */
6604 7015 zone_rele(zone);
6605 7016 break;
6606 7017 }
6607 7018 /*
6608 7019 * We could zone_status_timedwait(), but there doesn't seem to
6609 7020 * be much point in doing that (plus, it would mean that
6610 7021 * zone_free() isn't called until this thread exits).
6611 7022 */
6612 7023 zone_rele(zone);
6613 7024 delay(hz);
6614 7025 darg = save_arg;
6615 7026 }
6616 7027 out:
6617 7028 if (door != NULL) {
6618 7029 zone_release_door(&door);
6619 7030 }
6620 7031 kmem_free(zone_name, zone_namelen);
6621 7032 thread_exit();
6622 7033 }
6623 7034
6624 7035 /*
6625 7036 * Entry point for uadmin() to tell the zone to go away or reboot. Analog to
6626 7037 * kadmin(). The caller is a process in the zone.
6627 7038 *
6628 7039 * In order to shutdown the zone, we will hand off control to zoneadmd
6629 7040 * (running in the global zone) via a door. We do a half-hearted job at
6630 7041 * killing all processes in the zone, create a kernel thread to contact
6631 7042 * zoneadmd, and make note of the "uniqid" of the zone. The uniqid is
6632 7043 * a form of generation number used to let zoneadmd (as well as
6633 7044 * zone_destroy()) know exactly which zone they're re talking about.
6634 7045 */
6635 7046 int
6636 7047 zone_kadmin(int cmd, int fcn, const char *mdep, cred_t *credp)
6637 7048 {
6638 7049 struct zarg *zargp;
6639 7050 zone_cmd_t zcmd;
6640 7051 zone_t *zone;
6641 7052
6642 7053 zone = curproc->p_zone;
6643 7054 ASSERT(getzoneid() != GLOBAL_ZONEID);
6644 7055
6645 7056 switch (cmd) {
6646 7057 case A_SHUTDOWN:
6647 7058 switch (fcn) {
6648 7059 case AD_HALT:
6649 7060 case AD_POWEROFF:
6650 7061 zcmd = Z_HALT;
6651 7062 break;
6652 7063 case AD_BOOT:
6653 7064 zcmd = Z_REBOOT;
6654 7065 break;
6655 7066 case AD_IBOOT:
6656 7067 case AD_SBOOT:
6657 7068 case AD_SIBOOT:
6658 7069 case AD_NOSYNC:
6659 7070 return (ENOTSUP);
6660 7071 default:
6661 7072 return (EINVAL);
6662 7073 }
6663 7074 break;
6664 7075 case A_REBOOT:
6665 7076 zcmd = Z_REBOOT;
6666 7077 break;
6667 7078 case A_FTRACE:
6668 7079 case A_REMOUNT:
6669 7080 case A_FREEZE:
6670 7081 case A_DUMP:
6671 7082 case A_CONFIG:
6672 7083 return (ENOTSUP);
6673 7084 default:
6674 7085 ASSERT(cmd != A_SWAPCTL); /* handled by uadmin() */
6675 7086 return (EINVAL);
6676 7087 }
6677 7088
6678 7089 if (secpolicy_zone_admin(credp, B_FALSE))
6679 7090 return (EPERM);
6680 7091 mutex_enter(&zone_status_lock);
6681 7092
6682 7093 /*
6683 7094 * zone_status can't be ZONE_IS_EMPTY or higher since curproc
6684 7095 * is in the zone.
6685 7096 */
6686 7097 ASSERT(zone_status_get(zone) < ZONE_IS_EMPTY);
6687 7098 if (zone_status_get(zone) > ZONE_IS_RUNNING) {
6688 7099 /*
6689 7100 * This zone is already on its way down.
6690 7101 */
6691 7102 mutex_exit(&zone_status_lock);
6692 7103 return (0);
6693 7104 }
6694 7105 /*
6695 7106 * Prevent future zone_enter()s
6696 7107 */
6697 7108 zone_status_set(zone, ZONE_IS_SHUTTING_DOWN);
6698 7109 mutex_exit(&zone_status_lock);
6699 7110
6700 7111 /*
6701 7112 * Kill everyone now and call zoneadmd later.
6702 7113 * zone_ki_call_zoneadmd() will do a more thorough job of this
6703 7114 * later.
6704 7115 */
6705 7116 killall(zone->zone_id);
6706 7117 /*
6707 7118 * Now, create the thread to contact zoneadmd and do the rest of the
6708 7119 * work. This thread can't be created in our zone otherwise
6709 7120 * zone_destroy() would deadlock.
6710 7121 */
6711 7122 zargp = kmem_zalloc(sizeof (*zargp), KM_SLEEP);
6712 7123 zargp->arg.cmd = zcmd;
6713 7124 zargp->arg.uniqid = zone->zone_uniqid;
6714 7125 zargp->zone = zone;
6715 7126 (void) strcpy(zargp->arg.locale, "C");
6716 7127 /* mdep was already copied in for us by uadmin */
6717 7128 if (mdep != NULL)
6718 7129 (void) strlcpy(zargp->arg.bootbuf, mdep,
6719 7130 sizeof (zargp->arg.bootbuf));
6720 7131 zone_hold(zone);
6721 7132
6722 7133 (void) thread_create(NULL, 0, zone_ki_call_zoneadmd, zargp, 0, &p0,
6723 7134 TS_RUN, minclsyspri);
6724 7135 exit(CLD_EXITED, 0);
6725 7136
6726 7137 return (EINVAL);
6727 7138 }
6728 7139
6729 7140 /*
6730 7141 * Entry point so kadmin(A_SHUTDOWN, ...) can set the global zone's
6731 7142 * status to ZONE_IS_SHUTTING_DOWN.
6732 7143 *
6733 7144 * This function also shuts down all running zones to ensure that they won't
6734 7145 * fork new processes.
6735 7146 */
6736 7147 void
6737 7148 zone_shutdown_global(void)
6738 7149 {
6739 7150 zone_t *current_zonep;
6740 7151
6741 7152 ASSERT(INGLOBALZONE(curproc));
6742 7153 mutex_enter(&zonehash_lock);
6743 7154 mutex_enter(&zone_status_lock);
6744 7155
6745 7156 /* Modify the global zone's status first. */
6746 7157 ASSERT(zone_status_get(global_zone) == ZONE_IS_RUNNING);
6747 7158 zone_status_set(global_zone, ZONE_IS_SHUTTING_DOWN);
6748 7159
6749 7160 /*
6750 7161 * Now change the states of all running zones to ZONE_IS_SHUTTING_DOWN.
6751 7162 * We don't mark all zones with ZONE_IS_SHUTTING_DOWN because doing so
6752 7163 * could cause assertions to fail (e.g., assertions about a zone's
6753 7164 * state during initialization, readying, or booting) or produce races.
6754 7165 * We'll let threads continue to initialize and ready new zones: they'll
6755 7166 * fail to boot the new zones when they see that the global zone is
6756 7167 * shutting down.
6757 7168 */
|
↓ open down ↓ |
220 lines elided |
↑ open up ↑ |
6758 7169 for (current_zonep = list_head(&zone_active); current_zonep != NULL;
6759 7170 current_zonep = list_next(&zone_active, current_zonep)) {
6760 7171 if (zone_status_get(current_zonep) == ZONE_IS_RUNNING)
6761 7172 zone_status_set(current_zonep, ZONE_IS_SHUTTING_DOWN);
6762 7173 }
6763 7174 mutex_exit(&zone_status_lock);
6764 7175 mutex_exit(&zonehash_lock);
6765 7176 }
6766 7177
6767 7178 /*
6768 - * Returns true if the named dataset is visible in the current zone.
7179 + * Returns true if the named dataset is visible in the specified zone.
6769 7180 * The 'write' parameter is set to 1 if the dataset is also writable.
6770 7181 */
6771 7182 int
6772 -zone_dataset_visible(const char *dataset, int *write)
7183 +zone_dataset_visible_inzone(zone_t *zone, const char *dataset, int *write)
6773 7184 {
6774 7185 static int zfstype = -1;
6775 7186 zone_dataset_t *zd;
6776 7187 size_t len;
6777 - zone_t *zone = curproc->p_zone;
6778 7188 const char *name = NULL;
6779 7189 vfs_t *vfsp = NULL;
6780 7190
6781 7191 if (dataset[0] == '\0')
6782 7192 return (0);
6783 7193
6784 7194 /*
6785 7195 * Walk the list once, looking for datasets which match exactly, or
6786 7196 * specify a dataset underneath an exported dataset. If found, return
6787 7197 * true and note that it is writable.
6788 7198 */
6789 7199 for (zd = list_head(&zone->zone_datasets); zd != NULL;
6790 7200 zd = list_next(&zone->zone_datasets, zd)) {
6791 7201
6792 7202 len = strlen(zd->zd_dataset);
6793 7203 if (strlen(dataset) >= len &&
6794 7204 bcmp(dataset, zd->zd_dataset, len) == 0 &&
6795 7205 (dataset[len] == '\0' || dataset[len] == '/' ||
6796 7206 dataset[len] == '@')) {
6797 7207 if (write)
6798 7208 *write = 1;
6799 7209 return (1);
6800 7210 }
6801 7211 }
6802 7212
6803 7213 /*
6804 7214 * Walk the list a second time, searching for datasets which are parents
6805 7215 * of exported datasets. These should be visible, but read-only.
6806 7216 *
6807 7217 * Note that we also have to support forms such as 'pool/dataset/', with
6808 7218 * a trailing slash.
6809 7219 */
6810 7220 for (zd = list_head(&zone->zone_datasets); zd != NULL;
6811 7221 zd = list_next(&zone->zone_datasets, zd)) {
6812 7222
6813 7223 len = strlen(dataset);
6814 7224 if (dataset[len - 1] == '/')
6815 7225 len--; /* Ignore trailing slash */
6816 7226 if (len < strlen(zd->zd_dataset) &&
6817 7227 bcmp(dataset, zd->zd_dataset, len) == 0 &&
6818 7228 zd->zd_dataset[len] == '/') {
6819 7229 if (write)
6820 7230 *write = 0;
6821 7231 return (1);
6822 7232 }
6823 7233 }
6824 7234
6825 7235 /*
6826 7236 * We reach here if the given dataset is not found in the zone_dataset
6827 7237 * list. Check if this dataset was added as a filesystem (ie. "add fs")
6828 7238 * instead of delegation. For this we search for the dataset in the
6829 7239 * zone_vfslist of this zone. If found, return true and note that it is
6830 7240 * not writable.
6831 7241 */
6832 7242
6833 7243 /*
6834 7244 * Initialize zfstype if it is not initialized yet.
|
↓ open down ↓ |
47 lines elided |
↑ open up ↑ |
6835 7245 */
6836 7246 if (zfstype == -1) {
6837 7247 struct vfssw *vswp = vfs_getvfssw("zfs");
6838 7248 zfstype = vswp - vfssw;
6839 7249 vfs_unrefvfssw(vswp);
6840 7250 }
6841 7251
6842 7252 vfs_list_read_lock();
6843 7253 vfsp = zone->zone_vfslist;
6844 7254 do {
6845 - ASSERT(vfsp);
7255 + if (vfsp == NULL)
7256 + break;
6846 7257 if (vfsp->vfs_fstype == zfstype) {
6847 7258 name = refstr_value(vfsp->vfs_resource);
6848 7259
6849 7260 /*
6850 7261 * Check if we have an exact match.
6851 7262 */
6852 7263 if (strcmp(dataset, name) == 0) {
6853 7264 vfs_list_unlock();
6854 7265 if (write)
6855 7266 *write = 0;
6856 7267 return (1);
6857 7268 }
6858 7269 /*
6859 7270 * We need to check if we are looking for parents of
6860 7271 * a dataset. These should be visible, but read-only.
6861 7272 */
6862 7273 len = strlen(dataset);
6863 7274 if (dataset[len - 1] == '/')
6864 7275 len--;
6865 7276
6866 7277 if (len < strlen(name) &&
6867 7278 bcmp(dataset, name, len) == 0 && name[len] == '/') {
6868 7279 vfs_list_unlock();
6869 7280 if (write)
6870 7281 *write = 0;
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
6871 7282 return (1);
6872 7283 }
6873 7284 }
6874 7285 vfsp = vfsp->vfs_zone_next;
6875 7286 } while (vfsp != zone->zone_vfslist);
6876 7287
6877 7288 vfs_list_unlock();
6878 7289 return (0);
6879 7290 }
6880 7291
7292 +/*
7293 + * Returns true if the named dataset is visible in the current zone.
7294 + * The 'write' parameter is set to 1 if the dataset is also writable.
7295 + */
7296 +int
7297 +zone_dataset_visible(const char *dataset, int *write)
7298 +{
7299 + zone_t *zone = curproc->p_zone;
7300 +
7301 + return (zone_dataset_visible_inzone(zone, dataset, write));
7302 +}
7303 +
6881 7304 /*
6882 7305 * zone_find_by_any_path() -
6883 7306 *
6884 7307 * kernel-private routine similar to zone_find_by_path(), but which
6885 7308 * effectively compares against zone paths rather than zonerootpath
6886 7309 * (i.e., the last component of zonerootpaths, which should be "root/",
6887 7310 * are not compared.) This is done in order to accurately identify all
6888 7311 * paths, whether zone-visible or not, including those which are parallel
6889 7312 * to /root/, such as /dev/, /home/, etc...
6890 7313 *
6891 7314 * If the specified path does not fall under any zone path then global
6892 7315 * zone is returned.
6893 7316 *
6894 7317 * The treat_abs parameter indicates whether the path should be treated as
6895 7318 * an absolute path although it does not begin with "/". (This supports
6896 7319 * nfs mount syntax such as host:any/path.)
6897 7320 *
6898 7321 * The caller is responsible for zone_rele of the returned zone.
6899 7322 */
6900 7323 zone_t *
6901 7324 zone_find_by_any_path(const char *path, boolean_t treat_abs)
6902 7325 {
6903 7326 zone_t *zone;
6904 7327 int path_offset = 0;
6905 7328
6906 7329 if (path == NULL) {
6907 7330 zone_hold(global_zone);
6908 7331 return (global_zone);
6909 7332 }
6910 7333
6911 7334 if (*path != '/') {
6912 7335 ASSERT(treat_abs);
6913 7336 path_offset = 1;
6914 7337 }
6915 7338
6916 7339 mutex_enter(&zonehash_lock);
6917 7340 for (zone = list_head(&zone_active); zone != NULL;
6918 7341 zone = list_next(&zone_active, zone)) {
6919 7342 char *c;
6920 7343 size_t pathlen;
6921 7344 char *rootpath_start;
6922 7345
6923 7346 if (zone == global_zone) /* skip global zone */
6924 7347 continue;
6925 7348
6926 7349 /* scan backwards to find start of last component */
6927 7350 c = zone->zone_rootpath + zone->zone_rootpathlen - 2;
6928 7351 do {
6929 7352 c--;
6930 7353 } while (*c != '/');
6931 7354
6932 7355 pathlen = c - zone->zone_rootpath + 1 - path_offset;
6933 7356 rootpath_start = (zone->zone_rootpath + path_offset);
6934 7357 if (strncmp(path, rootpath_start, pathlen) == 0)
6935 7358 break;
6936 7359 }
6937 7360 if (zone == NULL)
6938 7361 zone = global_zone;
6939 7362 zone_hold(zone);
6940 7363 mutex_exit(&zonehash_lock);
6941 7364 return (zone);
6942 7365 }
6943 7366
6944 7367 /*
6945 7368 * Finds a zone_dl_t with the given linkid in the given zone. Returns the
6946 7369 * zone_dl_t pointer if found, and NULL otherwise.
6947 7370 */
6948 7371 static zone_dl_t *
6949 7372 zone_find_dl(zone_t *zone, datalink_id_t linkid)
6950 7373 {
6951 7374 zone_dl_t *zdl;
6952 7375
6953 7376 ASSERT(mutex_owned(&zone->zone_lock));
6954 7377 for (zdl = list_head(&zone->zone_dl_list); zdl != NULL;
6955 7378 zdl = list_next(&zone->zone_dl_list, zdl)) {
6956 7379 if (zdl->zdl_id == linkid)
6957 7380 break;
6958 7381 }
6959 7382 return (zdl);
6960 7383 }
6961 7384
6962 7385 static boolean_t
6963 7386 zone_dl_exists(zone_t *zone, datalink_id_t linkid)
6964 7387 {
6965 7388 boolean_t exists;
6966 7389
6967 7390 mutex_enter(&zone->zone_lock);
6968 7391 exists = (zone_find_dl(zone, linkid) != NULL);
6969 7392 mutex_exit(&zone->zone_lock);
6970 7393 return (exists);
6971 7394 }
6972 7395
6973 7396 /*
6974 7397 * Add an data link name for the zone.
6975 7398 */
6976 7399 static int
6977 7400 zone_add_datalink(zoneid_t zoneid, datalink_id_t linkid)
6978 7401 {
6979 7402 zone_dl_t *zdl;
6980 7403 zone_t *zone;
6981 7404 zone_t *thiszone;
6982 7405
6983 7406 if ((thiszone = zone_find_by_id(zoneid)) == NULL)
6984 7407 return (set_errno(ENXIO));
6985 7408
6986 7409 /* Verify that the datalink ID doesn't already belong to a zone. */
6987 7410 mutex_enter(&zonehash_lock);
6988 7411 for (zone = list_head(&zone_active); zone != NULL;
6989 7412 zone = list_next(&zone_active, zone)) {
6990 7413 if (zone_dl_exists(zone, linkid)) {
6991 7414 mutex_exit(&zonehash_lock);
6992 7415 zone_rele(thiszone);
6993 7416 return (set_errno((zone == thiszone) ? EEXIST : EPERM));
6994 7417 }
6995 7418 }
6996 7419
6997 7420 zdl = kmem_zalloc(sizeof (*zdl), KM_SLEEP);
6998 7421 zdl->zdl_id = linkid;
6999 7422 zdl->zdl_net = NULL;
7000 7423 mutex_enter(&thiszone->zone_lock);
7001 7424 list_insert_head(&thiszone->zone_dl_list, zdl);
7002 7425 mutex_exit(&thiszone->zone_lock);
7003 7426 mutex_exit(&zonehash_lock);
7004 7427 zone_rele(thiszone);
7005 7428 return (0);
7006 7429 }
7007 7430
7008 7431 static int
7009 7432 zone_remove_datalink(zoneid_t zoneid, datalink_id_t linkid)
7010 7433 {
7011 7434 zone_dl_t *zdl;
7012 7435 zone_t *zone;
7013 7436 int err = 0;
7014 7437
7015 7438 if ((zone = zone_find_by_id(zoneid)) == NULL)
7016 7439 return (set_errno(EINVAL));
7017 7440
7018 7441 mutex_enter(&zone->zone_lock);
7019 7442 if ((zdl = zone_find_dl(zone, linkid)) == NULL) {
7020 7443 err = ENXIO;
7021 7444 } else {
7022 7445 list_remove(&zone->zone_dl_list, zdl);
7023 7446 nvlist_free(zdl->zdl_net);
7024 7447 kmem_free(zdl, sizeof (zone_dl_t));
7025 7448 }
7026 7449 mutex_exit(&zone->zone_lock);
7027 7450 zone_rele(zone);
7028 7451 return (err == 0 ? 0 : set_errno(err));
7029 7452 }
7030 7453
7031 7454 /*
7032 7455 * Using the zoneidp as ALL_ZONES, we can lookup which zone has been assigned
7033 7456 * the linkid. Otherwise we just check if the specified zoneidp has been
7034 7457 * assigned the supplied linkid.
7035 7458 */
7036 7459 int
7037 7460 zone_check_datalink(zoneid_t *zoneidp, datalink_id_t linkid)
7038 7461 {
7039 7462 zone_t *zone;
7040 7463 int err = ENXIO;
7041 7464
7042 7465 if (*zoneidp != ALL_ZONES) {
7043 7466 if ((zone = zone_find_by_id(*zoneidp)) != NULL) {
7044 7467 if (zone_dl_exists(zone, linkid))
7045 7468 err = 0;
7046 7469 zone_rele(zone);
7047 7470 }
7048 7471 return (err);
7049 7472 }
7050 7473
7051 7474 mutex_enter(&zonehash_lock);
7052 7475 for (zone = list_head(&zone_active); zone != NULL;
7053 7476 zone = list_next(&zone_active, zone)) {
7054 7477 if (zone_dl_exists(zone, linkid)) {
7055 7478 *zoneidp = zone->zone_id;
7056 7479 err = 0;
7057 7480 break;
7058 7481 }
7059 7482 }
7060 7483 mutex_exit(&zonehash_lock);
7061 7484 return (err);
7062 7485 }
7063 7486
7064 7487 /*
7065 7488 * Get the list of datalink IDs assigned to a zone.
7066 7489 *
7067 7490 * On input, *nump is the number of datalink IDs that can fit in the supplied
7068 7491 * idarray. Upon return, *nump is either set to the number of datalink IDs
7069 7492 * that were placed in the array if the array was large enough, or to the
7070 7493 * number of datalink IDs that the function needs to place in the array if the
7071 7494 * array is too small.
7072 7495 */
7073 7496 static int
7074 7497 zone_list_datalink(zoneid_t zoneid, int *nump, datalink_id_t *idarray)
7075 7498 {
7076 7499 uint_t num, dlcount;
7077 7500 zone_t *zone;
7078 7501 zone_dl_t *zdl;
7079 7502 datalink_id_t *idptr = idarray;
7080 7503
7081 7504 if (copyin(nump, &dlcount, sizeof (dlcount)) != 0)
7082 7505 return (set_errno(EFAULT));
7083 7506 if ((zone = zone_find_by_id(zoneid)) == NULL)
7084 7507 return (set_errno(ENXIO));
7085 7508
7086 7509 num = 0;
7087 7510 mutex_enter(&zone->zone_lock);
7088 7511 for (zdl = list_head(&zone->zone_dl_list); zdl != NULL;
7089 7512 zdl = list_next(&zone->zone_dl_list, zdl)) {
7090 7513 /*
7091 7514 * If the list is bigger than what the caller supplied, just
7092 7515 * count, don't do copyout.
7093 7516 */
7094 7517 if (++num > dlcount)
7095 7518 continue;
7096 7519 if (copyout(&zdl->zdl_id, idptr, sizeof (*idptr)) != 0) {
7097 7520 mutex_exit(&zone->zone_lock);
7098 7521 zone_rele(zone);
7099 7522 return (set_errno(EFAULT));
7100 7523 }
7101 7524 idptr++;
7102 7525 }
7103 7526 mutex_exit(&zone->zone_lock);
7104 7527 zone_rele(zone);
7105 7528
7106 7529 /* Increased or decreased, caller should be notified. */
7107 7530 if (num != dlcount) {
7108 7531 if (copyout(&num, nump, sizeof (num)) != 0)
7109 7532 return (set_errno(EFAULT));
7110 7533 }
7111 7534 return (0);
7112 7535 }
7113 7536
7114 7537 /*
7115 7538 * Public interface for looking up a zone by zoneid. It's a customized version
7116 7539 * for netstack_zone_create(). It can only be called from the zsd create
7117 7540 * callbacks, since it doesn't have reference on the zone structure hence if
7118 7541 * it is called elsewhere the zone could disappear after the zonehash_lock
7119 7542 * is dropped.
7120 7543 *
7121 7544 * Furthermore it
7122 7545 * 1. Doesn't check the status of the zone.
7123 7546 * 2. It will be called even before zone_init is called, in that case the
7124 7547 * address of zone0 is returned directly, and netstack_zone_create()
7125 7548 * will only assign a value to zone0.zone_netstack, won't break anything.
7126 7549 * 3. Returns without the zone being held.
7127 7550 */
7128 7551 zone_t *
7129 7552 zone_find_by_id_nolock(zoneid_t zoneid)
7130 7553 {
7131 7554 zone_t *zone;
7132 7555
7133 7556 mutex_enter(&zonehash_lock);
7134 7557 if (zonehashbyid == NULL)
7135 7558 zone = &zone0;
7136 7559 else
7137 7560 zone = zone_find_all_by_id(zoneid);
7138 7561 mutex_exit(&zonehash_lock);
7139 7562 return (zone);
7140 7563 }
7141 7564
7142 7565 /*
7143 7566 * Walk the datalinks for a given zone
7144 7567 */
7145 7568 int
7146 7569 zone_datalink_walk(zoneid_t zoneid, int (*cb)(datalink_id_t, void *),
7147 7570 void *data)
7148 7571 {
7149 7572 zone_t *zone;
7150 7573 zone_dl_t *zdl;
7151 7574 datalink_id_t *idarray;
7152 7575 uint_t idcount = 0;
7153 7576 int i, ret = 0;
7154 7577
7155 7578 if ((zone = zone_find_by_id(zoneid)) == NULL)
7156 7579 return (ENOENT);
7157 7580
7158 7581 /*
7159 7582 * We first build an array of linkid's so that we can walk these and
7160 7583 * execute the callback with the zone_lock dropped.
7161 7584 */
7162 7585 mutex_enter(&zone->zone_lock);
7163 7586 for (zdl = list_head(&zone->zone_dl_list); zdl != NULL;
7164 7587 zdl = list_next(&zone->zone_dl_list, zdl)) {
7165 7588 idcount++;
7166 7589 }
7167 7590
7168 7591 if (idcount == 0) {
7169 7592 mutex_exit(&zone->zone_lock);
7170 7593 zone_rele(zone);
7171 7594 return (0);
7172 7595 }
7173 7596
7174 7597 idarray = kmem_alloc(sizeof (datalink_id_t) * idcount, KM_NOSLEEP);
7175 7598 if (idarray == NULL) {
7176 7599 mutex_exit(&zone->zone_lock);
7177 7600 zone_rele(zone);
7178 7601 return (ENOMEM);
7179 7602 }
7180 7603
7181 7604 for (i = 0, zdl = list_head(&zone->zone_dl_list); zdl != NULL;
7182 7605 i++, zdl = list_next(&zone->zone_dl_list, zdl)) {
7183 7606 idarray[i] = zdl->zdl_id;
7184 7607 }
7185 7608
7186 7609 mutex_exit(&zone->zone_lock);
7187 7610
7188 7611 for (i = 0; i < idcount && ret == 0; i++) {
7189 7612 if ((ret = (*cb)(idarray[i], data)) != 0)
7190 7613 break;
7191 7614 }
7192 7615
7193 7616 zone_rele(zone);
7194 7617 kmem_free(idarray, sizeof (datalink_id_t) * idcount);
7195 7618 return (ret);
7196 7619 }
7197 7620
7198 7621 static char *
7199 7622 zone_net_type2name(int type)
7200 7623 {
7201 7624 switch (type) {
7202 7625 case ZONE_NETWORK_ADDRESS:
7203 7626 return (ZONE_NET_ADDRNAME);
7204 7627 case ZONE_NETWORK_DEFROUTER:
7205 7628 return (ZONE_NET_RTRNAME);
7206 7629 default:
7207 7630 return (NULL);
7208 7631 }
7209 7632 }
7210 7633
7211 7634 static int
7212 7635 zone_set_network(zoneid_t zoneid, zone_net_data_t *znbuf)
7213 7636 {
7214 7637 zone_t *zone;
7215 7638 zone_dl_t *zdl;
7216 7639 nvlist_t *nvl;
7217 7640 int err = 0;
7218 7641 uint8_t *new = NULL;
7219 7642 char *nvname;
7220 7643 int bufsize;
7221 7644 datalink_id_t linkid = znbuf->zn_linkid;
7222 7645
7223 7646 if (secpolicy_zone_config(CRED()) != 0)
7224 7647 return (set_errno(EPERM));
7225 7648
7226 7649 if (zoneid == GLOBAL_ZONEID)
7227 7650 return (set_errno(EINVAL));
7228 7651
7229 7652 nvname = zone_net_type2name(znbuf->zn_type);
7230 7653 bufsize = znbuf->zn_len;
7231 7654 new = znbuf->zn_val;
7232 7655 if (nvname == NULL)
7233 7656 return (set_errno(EINVAL));
7234 7657
7235 7658 if ((zone = zone_find_by_id(zoneid)) == NULL) {
7236 7659 return (set_errno(EINVAL));
7237 7660 }
7238 7661
7239 7662 mutex_enter(&zone->zone_lock);
7240 7663 if ((zdl = zone_find_dl(zone, linkid)) == NULL) {
7241 7664 err = ENXIO;
7242 7665 goto done;
7243 7666 }
7244 7667 if ((nvl = zdl->zdl_net) == NULL) {
7245 7668 if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP)) {
7246 7669 err = ENOMEM;
7247 7670 goto done;
7248 7671 } else {
7249 7672 zdl->zdl_net = nvl;
7250 7673 }
7251 7674 }
7252 7675 if (nvlist_exists(nvl, nvname)) {
7253 7676 err = EINVAL;
7254 7677 goto done;
7255 7678 }
7256 7679 err = nvlist_add_uint8_array(nvl, nvname, new, bufsize);
7257 7680 ASSERT(err == 0);
7258 7681 done:
7259 7682 mutex_exit(&zone->zone_lock);
7260 7683 zone_rele(zone);
7261 7684 if (err != 0)
7262 7685 return (set_errno(err));
7263 7686 else
7264 7687 return (0);
7265 7688 }
7266 7689
7267 7690 static int
7268 7691 zone_get_network(zoneid_t zoneid, zone_net_data_t *znbuf)
7269 7692 {
7270 7693 zone_t *zone;
7271 7694 zone_dl_t *zdl;
7272 7695 nvlist_t *nvl;
7273 7696 uint8_t *ptr;
7274 7697 uint_t psize;
7275 7698 int err = 0;
7276 7699 char *nvname;
7277 7700 int bufsize;
7278 7701 void *buf;
7279 7702 datalink_id_t linkid = znbuf->zn_linkid;
7280 7703
7281 7704 if (zoneid == GLOBAL_ZONEID)
7282 7705 return (set_errno(EINVAL));
7283 7706
7284 7707 nvname = zone_net_type2name(znbuf->zn_type);
7285 7708 bufsize = znbuf->zn_len;
7286 7709 buf = znbuf->zn_val;
7287 7710
7288 7711 if (nvname == NULL)
7289 7712 return (set_errno(EINVAL));
7290 7713 if ((zone = zone_find_by_id(zoneid)) == NULL)
7291 7714 return (set_errno(EINVAL));
7292 7715
7293 7716 mutex_enter(&zone->zone_lock);
7294 7717 if ((zdl = zone_find_dl(zone, linkid)) == NULL) {
7295 7718 err = ENXIO;
7296 7719 goto done;
7297 7720 }
7298 7721 if ((nvl = zdl->zdl_net) == NULL || !nvlist_exists(nvl, nvname)) {
7299 7722 err = ENOENT;
7300 7723 goto done;
7301 7724 }
7302 7725 err = nvlist_lookup_uint8_array(nvl, nvname, &ptr, &psize);
7303 7726 ASSERT(err == 0);
7304 7727
7305 7728 if (psize > bufsize) {
7306 7729 err = ENOBUFS;
7307 7730 goto done;
7308 7731 }
7309 7732 znbuf->zn_len = psize;
7310 7733 bcopy(ptr, buf, psize);
7311 7734 done:
7312 7735 mutex_exit(&zone->zone_lock);
7313 7736 zone_rele(zone);
7314 7737 if (err != 0)
7315 7738 return (set_errno(err));
7316 7739 else
7317 7740 return (0);
7318 7741 }
|
↓ open down ↓ |
428 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX