xref: /illumos-gate/usr/src/uts/common/os/rctl.c (revision bbf21555)
17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * CDDL HEADER START
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
5aa4a4f3bSnf  * Common Development and Distribution License (the "License").
6aa4a4f3bSnf  * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate  *
87c478bd9Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate  * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate  * and limitations under the License.
127c478bd9Sstevel@tonic-gate  *
137c478bd9Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate  *
197c478bd9Sstevel@tonic-gate  * CDDL HEADER END
207c478bd9Sstevel@tonic-gate  */
217c478bd9Sstevel@tonic-gate /*
220fbb751dSJohn Levon  * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
237c478bd9Sstevel@tonic-gate  */
247c478bd9Sstevel@tonic-gate 
257c478bd9Sstevel@tonic-gate #include <sys/atomic.h>
267c478bd9Sstevel@tonic-gate #include <sys/cmn_err.h>
277c478bd9Sstevel@tonic-gate #include <sys/id_space.h>
287c478bd9Sstevel@tonic-gate #include <sys/kmem.h>
290209230bSgjelinek #include <sys/kstat.h>
307c478bd9Sstevel@tonic-gate #include <sys/log.h>
317c478bd9Sstevel@tonic-gate #include <sys/modctl.h>
327c478bd9Sstevel@tonic-gate #include <sys/modhash.h>
337c478bd9Sstevel@tonic-gate #include <sys/mutex.h>
347c478bd9Sstevel@tonic-gate #include <sys/proc.h>
357c478bd9Sstevel@tonic-gate #include <sys/procset.h>
367c478bd9Sstevel@tonic-gate #include <sys/project.h>
377c478bd9Sstevel@tonic-gate #include <sys/resource.h>
387c478bd9Sstevel@tonic-gate #include <sys/rctl.h>
397c478bd9Sstevel@tonic-gate #include <sys/siginfo.h>
407c478bd9Sstevel@tonic-gate #include <sys/strlog.h>
417c478bd9Sstevel@tonic-gate #include <sys/systm.h>
427c478bd9Sstevel@tonic-gate #include <sys/task.h>
437c478bd9Sstevel@tonic-gate #include <sys/types.h>
447c478bd9Sstevel@tonic-gate #include <sys/policy.h>
457c478bd9Sstevel@tonic-gate #include <sys/zone.h>
467c478bd9Sstevel@tonic-gate 
477c478bd9Sstevel@tonic-gate /*
487c478bd9Sstevel@tonic-gate  * Resource controls (rctls)
497c478bd9Sstevel@tonic-gate  *
507c478bd9Sstevel@tonic-gate  *   The rctl subsystem provides a mechanism for kernel components to
517c478bd9Sstevel@tonic-gate  *   register their individual resource controls with the system as a whole,
527c478bd9Sstevel@tonic-gate  *   such that those controls can subscribe to specific actions while being
537c478bd9Sstevel@tonic-gate  *   associated with the various process-model entities provided by the kernel:
547c478bd9Sstevel@tonic-gate  *   the process, the task, the project, and the zone.  (In principle, only
557c478bd9Sstevel@tonic-gate  *   minor modifications would be required to connect the resource control
567c478bd9Sstevel@tonic-gate  *   functionality to non-process-model entities associated with the system.)
577c478bd9Sstevel@tonic-gate  *
587c478bd9Sstevel@tonic-gate  *   Subsystems register their rctls via rctl_register().  Subsystems
597c478bd9Sstevel@tonic-gate  *   also wishing to provide additional limits on a given rctl can modify
607c478bd9Sstevel@tonic-gate  *   them once they have the rctl handle.  Each subsystem should store the
617c478bd9Sstevel@tonic-gate  *   handle to their rctl for direct access.
627c478bd9Sstevel@tonic-gate  *
637c478bd9Sstevel@tonic-gate  *   A primary dictionary, rctl_dict, contains a hash of id to the default
647c478bd9Sstevel@tonic-gate  *   control definition for each controlled resource-entity pair on the system.
657c478bd9Sstevel@tonic-gate  *   A secondary dictionary, rctl_dict_by_name, contains a hash of name to
667c478bd9Sstevel@tonic-gate  *   resource control handles.  The resource control handles are distributed by
677c478bd9Sstevel@tonic-gate  *   the rctl_ids ID space.  The handles are private and not to be
687c478bd9Sstevel@tonic-gate  *   advertised to userland; all userland interactions are via the rctl
697c478bd9Sstevel@tonic-gate  *   names.
707c478bd9Sstevel@tonic-gate  *
717c478bd9Sstevel@tonic-gate  *   Entities inherit their rctls from their predecessor.  Since projects have
727c478bd9Sstevel@tonic-gate  *   no ancestor, they inherit their rctls from the rctl dict for project
737c478bd9Sstevel@tonic-gate  *   rctls.  It is expected that project controls will be set to their
747c478bd9Sstevel@tonic-gate  *   appropriate values shortly after project creation, presumably from a
757c478bd9Sstevel@tonic-gate  *   policy source such as the project database.
767c478bd9Sstevel@tonic-gate  *
777c478bd9Sstevel@tonic-gate  * Data structures
787c478bd9Sstevel@tonic-gate  *   The rctl_set_t attached to each of the process model entities is a simple
797c478bd9Sstevel@tonic-gate  *   hash table keyed on the rctl handle assigned at registration.  The entries
807c478bd9Sstevel@tonic-gate  *   in the hash table are rctl_t's, whose relationship with the active control
817c478bd9Sstevel@tonic-gate  *   values on that resource and with the global state of the resource we
827c478bd9Sstevel@tonic-gate  *   illustrate below:
837c478bd9Sstevel@tonic-gate  *
847c478bd9Sstevel@tonic-gate  *   rctl_dict[key] --> rctl_dict_entry
857c478bd9Sstevel@tonic-gate  *			   ^
867c478bd9Sstevel@tonic-gate  *			   |
877c478bd9Sstevel@tonic-gate  *			+--+---+
887c478bd9Sstevel@tonic-gate  *   rctl_set[key] ---> | rctl | --> value <-> value <-> system value --> NULL
897c478bd9Sstevel@tonic-gate  *			+--+---+		 ^
907c478bd9Sstevel@tonic-gate  *			   |			 |
917c478bd9Sstevel@tonic-gate  *			   +------- cursor ------+
927c478bd9Sstevel@tonic-gate  *
937c478bd9Sstevel@tonic-gate  *   That is, the rctl contains a back pointer to the global resource control
947c478bd9Sstevel@tonic-gate  *   state for this resource, which is also available in the rctl_dict hash
957c478bd9Sstevel@tonic-gate  *   table mentioned earlier.  The rctl contains two pointers to resource
967c478bd9Sstevel@tonic-gate  *   control values:  one, values, indicates the entire sequence of control
977c478bd9Sstevel@tonic-gate  *   values; the other, cursor, indicates the currently active control
987c478bd9Sstevel@tonic-gate  *   value--the next value to be enforced.  The value list itself is an open,
997c478bd9Sstevel@tonic-gate  *   doubly-linked list, the last non-NULL member of which is the system value
1007c478bd9Sstevel@tonic-gate  *   for that resource (being the theoretical/conventional maximum allowable
1017c478bd9Sstevel@tonic-gate  *   value for the resource on this OS instance).
1027c478bd9Sstevel@tonic-gate  *
1037c478bd9Sstevel@tonic-gate  * Ops Vector
1047c478bd9Sstevel@tonic-gate  *   Subsystems publishing rctls need not provide instances of all of the
1057c478bd9Sstevel@tonic-gate  *   functions specified by the ops vector.  In particular, if general
1067c478bd9Sstevel@tonic-gate  *   rctl_*() entry points are not being called, certain functions can be
1077c478bd9Sstevel@tonic-gate  *   omitted.  These align as follows:
1087c478bd9Sstevel@tonic-gate  *
1097c478bd9Sstevel@tonic-gate  *   rctl_set()
1107c478bd9Sstevel@tonic-gate  *     You may wish to provide a set callback if locking circumstances prevent
1117c478bd9Sstevel@tonic-gate  *     it or if the performance cost of requesting the enforced value from the
1127c478bd9Sstevel@tonic-gate  *     resource control is prohibitively expensive.  For instance, the currently
1137c478bd9Sstevel@tonic-gate  *     enforced file size limit is stored on the process in the p_fsz_ctl to
1147c478bd9Sstevel@tonic-gate  *     maintain read()/write() performance.
1157c478bd9Sstevel@tonic-gate  *
1167c478bd9Sstevel@tonic-gate  *   rctl_test()
1177c478bd9Sstevel@tonic-gate  *     You must provide a test callback if you are using the rctl_test()
1187c478bd9Sstevel@tonic-gate  *     interface.  An action callback is optional.
1197c478bd9Sstevel@tonic-gate  *
1207c478bd9Sstevel@tonic-gate  *   rctl_action()
1217c478bd9Sstevel@tonic-gate  *     You may wish to provide an action callback.
1227c478bd9Sstevel@tonic-gate  *
1237c478bd9Sstevel@tonic-gate  * Registration
1247c478bd9Sstevel@tonic-gate  *   New resource controls can be added to a running instance by loaded modules
1257c478bd9Sstevel@tonic-gate  *   via registration.  (The current implementation does not support unloadable
1267c478bd9Sstevel@tonic-gate  *   modules; this functionality can be added if needed, via an
1277c478bd9Sstevel@tonic-gate  *   activation/deactivation interface involving the manipulation of the
1287c478bd9Sstevel@tonic-gate  *   ops vector for the resource control(s) needing to support unloading.)
1297c478bd9Sstevel@tonic-gate  *
1307c478bd9Sstevel@tonic-gate  * Control value ordering
1317c478bd9Sstevel@tonic-gate  *   Because the rctl_val chain on each rctl must be navigable in a
1327c478bd9Sstevel@tonic-gate  *   deterministic way, we have to define an ordering on the rctl_val_t's.  The
1337c478bd9Sstevel@tonic-gate  *   defined order is (flags & [maximal], value, flags & [deny-action],
1347c478bd9Sstevel@tonic-gate  *   privilege).
1357c478bd9Sstevel@tonic-gate  *
1367c478bd9Sstevel@tonic-gate  * Locking
1377c478bd9Sstevel@tonic-gate  *   rctl_dict_lock must be acquired prior to rctl_lists_lock.  Since
1387c478bd9Sstevel@tonic-gate  *   rctl_dict_lock or rctl_lists_lock can be called at the enforcement point
1397c478bd9Sstevel@tonic-gate  *   of any subsystem, holding subsystem locks, it is at all times inappropriate
1407c478bd9Sstevel@tonic-gate  *   to call kmem_alloc(., KM_SLEEP) while holding either of these locks.
1417c478bd9Sstevel@tonic-gate  *   Traversing any of the various resource control entity lists requires
1427c478bd9Sstevel@tonic-gate  *   holding rctl_lists_lock.
1437c478bd9Sstevel@tonic-gate  *
1447c478bd9Sstevel@tonic-gate  *   Each individual resource control set associated with an entity must have
1457c478bd9Sstevel@tonic-gate  *   its rcs_lock held for the duration of any operations that would add
1467c478bd9Sstevel@tonic-gate  *   resource controls or control values to the set.
1477c478bd9Sstevel@tonic-gate  *
1487c478bd9Sstevel@tonic-gate  *   The locking subsequence of interest is: p_lock, rctl_dict_lock,
1497c478bd9Sstevel@tonic-gate  *   rctl_lists_lock, entity->rcs_lock.
150532877c4Srd  *
151*bbf21555SRichard Lowe  * The project(5) database and project entity resource controls
152532877c4Srd  *   A special case is made for RCENTITY_PROJECT values set through the
153532877c4Srd  *   setproject(3PROJECT) interface.  setproject() makes use of a private
154532877c4Srd  *   interface, setprojrctl(), which passes through an array of resource control
155532877c4Srd  *   blocks that need to be set while holding the entity->rcs_lock.  This
156532877c4Srd  *   ensures that the act of modifying a project's resource controls is
157532877c4Srd  *   "atomic" within the kernel.
158532877c4Srd  *
159532877c4Srd  *   Within the rctl sub-system, we provide two interfaces that are only used by
160532877c4Srd  *   the setprojrctl() code path - rctl_local_insert_all() and
161532877c4Srd  *   rctl_local_replace_all().  rctl_local_insert_all() will ensure that the
162532877c4Srd  *   resource values specified in *new_values are applied.
163532877c4Srd  *   rctl_local_replace_all() will purge the current rctl->rc_projdb and
164532877c4Srd  *   rctl->rc_values entries, and apply the *new_values.
165532877c4Srd  *
166532877c4Srd  *   These functions modify not only the linked list of active resource controls
167532877c4Srd  *   (rctl->rc_values), but also a "cached" linked list (rctl->rc_projdb) of
168532877c4Srd  *   values set through these interfaces.  To clarify:
169532877c4Srd  *
170532877c4Srd  *      rctl->rc_values - a linked list of rctl_val_t.  These are the active
171532877c4Srd  *      resource values associated with this rctl, and may have been set by
172*bbf21555SRichard Lowe  *      setrctl() - via prctl(1), or by setprojrctl() - via
173532877c4Srd  *      setproject(3PROJECT).
174532877c4Srd  *
175532877c4Srd  *      rctl->rc_projdb - a linked list of rctl_val_t.  These reflect the
176532877c4Srd  *      resource values set by the setprojrctl() code path.  rc_projdb is not
177532877c4Srd  *      referenced by any other component of the rctl sub-system.
178532877c4Srd  *
179532877c4Srd  *   As various locks are held when calling these functions, we ensure that all
180532877c4Srd  *   the possible memory allocations are performed prior to calling the
181532877c4Srd  *   function.  *alloc_values is a linked list of uninitialized rctl_val_t,
182532877c4Srd  *   which may be used to duplicate a new resource control value (passed in as
183532877c4Srd  *   one of the members of the *new_values linked list), in order to populate
184532877c4Srd  *   rctl->rc_values.
1857c478bd9Sstevel@tonic-gate  */
1867c478bd9Sstevel@tonic-gate 
1877c478bd9Sstevel@tonic-gate id_t max_rctl_hndl = 32768;
1887c478bd9Sstevel@tonic-gate int rctl_dict_size = 64;
1897c478bd9Sstevel@tonic-gate int rctl_set_size = 8;
1907c478bd9Sstevel@tonic-gate kmutex_t rctl_dict_lock;
1917c478bd9Sstevel@tonic-gate mod_hash_t *rctl_dict;
1927c478bd9Sstevel@tonic-gate mod_hash_t *rctl_dict_by_name;
1937c478bd9Sstevel@tonic-gate id_space_t *rctl_ids;
1947c478bd9Sstevel@tonic-gate kmem_cache_t *rctl_cache;	/* kmem cache for rctl structures */
1957c478bd9Sstevel@tonic-gate kmem_cache_t *rctl_val_cache;	/* kmem cache for rctl values */
1967c478bd9Sstevel@tonic-gate 
1977c478bd9Sstevel@tonic-gate kmutex_t rctl_lists_lock;
1987c478bd9Sstevel@tonic-gate rctl_dict_entry_t *rctl_lists[RC_MAX_ENTITY + 1];
1997c478bd9Sstevel@tonic-gate 
2007c478bd9Sstevel@tonic-gate /*
2017c478bd9Sstevel@tonic-gate  * Default resource control operations and ops vector
2027c478bd9Sstevel@tonic-gate  *   To be used if the particular rcontrol has no specific actions defined, or
2037c478bd9Sstevel@tonic-gate  *   if the subsystem providing the control is quiescing (in preparation for
2047c478bd9Sstevel@tonic-gate  *   unloading, presumably.)
2057c478bd9Sstevel@tonic-gate  *
2067c478bd9Sstevel@tonic-gate  *   Resource controls with callbacks should fill the unused operations with the
2077c478bd9Sstevel@tonic-gate  *   appropriate default impotent callback.
2087c478bd9Sstevel@tonic-gate  */
2097c478bd9Sstevel@tonic-gate /*ARGSUSED*/
2107c478bd9Sstevel@tonic-gate void
rcop_no_action(struct rctl * r,struct proc * p,rctl_entity_p_t * e)2117c478bd9Sstevel@tonic-gate rcop_no_action(struct rctl *r, struct proc *p, rctl_entity_p_t *e)
2127c478bd9Sstevel@tonic-gate {
2137c478bd9Sstevel@tonic-gate }
2147c478bd9Sstevel@tonic-gate 
2157c478bd9Sstevel@tonic-gate /*ARGSUSED*/
2167c478bd9Sstevel@tonic-gate rctl_qty_t
rcop_no_usage(struct rctl * r,struct proc * p)2177c478bd9Sstevel@tonic-gate rcop_no_usage(struct rctl *r, struct proc *p)
2187c478bd9Sstevel@tonic-gate {
2197c478bd9Sstevel@tonic-gate 	return (0);
2207c478bd9Sstevel@tonic-gate }
2217c478bd9Sstevel@tonic-gate 
2227c478bd9Sstevel@tonic-gate /*ARGSUSED*/
2237c478bd9Sstevel@tonic-gate int
rcop_no_set(struct rctl * r,struct proc * p,rctl_entity_p_t * e,rctl_qty_t l)2247c478bd9Sstevel@tonic-gate rcop_no_set(struct rctl *r, struct proc *p, rctl_entity_p_t *e, rctl_qty_t l)
2257c478bd9Sstevel@tonic-gate {
2267c478bd9Sstevel@tonic-gate 	return (0);
2277c478bd9Sstevel@tonic-gate }
2287c478bd9Sstevel@tonic-gate 
2297c478bd9Sstevel@tonic-gate /*ARGSUSED*/
2307c478bd9Sstevel@tonic-gate int
rcop_no_test(struct rctl * r,struct proc * p,rctl_entity_p_t * e,struct rctl_val * rv,rctl_qty_t i,uint_t f)2317c478bd9Sstevel@tonic-gate rcop_no_test(struct rctl *r, struct proc *p, rctl_entity_p_t *e,
2327c478bd9Sstevel@tonic-gate     struct rctl_val *rv, rctl_qty_t i, uint_t f)
2337c478bd9Sstevel@tonic-gate {
2347c478bd9Sstevel@tonic-gate 	return (0);
2357c478bd9Sstevel@tonic-gate }
2367c478bd9Sstevel@tonic-gate 
2377c478bd9Sstevel@tonic-gate rctl_ops_t rctl_default_ops = {
2387c478bd9Sstevel@tonic-gate 	rcop_no_action,
2397c478bd9Sstevel@tonic-gate 	rcop_no_usage,
2407c478bd9Sstevel@tonic-gate 	rcop_no_set,
2417c478bd9Sstevel@tonic-gate 	rcop_no_test
2427c478bd9Sstevel@tonic-gate };
2437c478bd9Sstevel@tonic-gate 
2447c478bd9Sstevel@tonic-gate /*
2457c478bd9Sstevel@tonic-gate  * Default "absolute" resource control operation and ops vector
2467c478bd9Sstevel@tonic-gate  *   Useful if there is no usage associated with the
2477c478bd9Sstevel@tonic-gate  *   resource control.
2487c478bd9Sstevel@tonic-gate  */
2497c478bd9Sstevel@tonic-gate /*ARGSUSED*/
2507c478bd9Sstevel@tonic-gate int
rcop_absolute_test(struct rctl * r,struct proc * p,rctl_entity_p_t * e,struct rctl_val * rv,rctl_qty_t i,uint_t f)2517c478bd9Sstevel@tonic-gate rcop_absolute_test(struct rctl *r, struct proc *p, rctl_entity_p_t *e,
2527c478bd9Sstevel@tonic-gate     struct rctl_val *rv, rctl_qty_t i, uint_t f)
2537c478bd9Sstevel@tonic-gate {
2547c478bd9Sstevel@tonic-gate 	return (i > rv->rcv_value);
2557c478bd9Sstevel@tonic-gate }
2567c478bd9Sstevel@tonic-gate 
2577c478bd9Sstevel@tonic-gate rctl_ops_t rctl_absolute_ops = {
2587c478bd9Sstevel@tonic-gate 	rcop_no_action,
2597c478bd9Sstevel@tonic-gate 	rcop_no_usage,
2607c478bd9Sstevel@tonic-gate 	rcop_no_set,
2617c478bd9Sstevel@tonic-gate 	rcop_absolute_test
2627c478bd9Sstevel@tonic-gate };
2637c478bd9Sstevel@tonic-gate 
2647c478bd9Sstevel@tonic-gate /*ARGSUSED*/
2657c478bd9Sstevel@tonic-gate static uint_t
rctl_dict_hash_by_id(void * hash_data,mod_hash_key_t key)2667c478bd9Sstevel@tonic-gate rctl_dict_hash_by_id(void *hash_data, mod_hash_key_t key)
2677c478bd9Sstevel@tonic-gate {
2687c478bd9Sstevel@tonic-gate 	return ((uint_t)(uintptr_t)key % rctl_dict_size);
2697c478bd9Sstevel@tonic-gate }
2707c478bd9Sstevel@tonic-gate 
2717c478bd9Sstevel@tonic-gate static int
rctl_dict_id_cmp(mod_hash_key_t key1,mod_hash_key_t key2)2727c478bd9Sstevel@tonic-gate rctl_dict_id_cmp(mod_hash_key_t key1, mod_hash_key_t key2)
2737c478bd9Sstevel@tonic-gate {
2747c478bd9Sstevel@tonic-gate 	uint_t u1 = (uint_t)(uintptr_t)key1;
2757c478bd9Sstevel@tonic-gate 	uint_t u2 = (uint_t)(uintptr_t)key2;
2767c478bd9Sstevel@tonic-gate 
2777c478bd9Sstevel@tonic-gate 	if (u1 > u2)
2787c478bd9Sstevel@tonic-gate 		return (1);
2797c478bd9Sstevel@tonic-gate 
2807c478bd9Sstevel@tonic-gate 	if (u1 == u2)
2817c478bd9Sstevel@tonic-gate 		return (0);
2827c478bd9Sstevel@tonic-gate 
2837c478bd9Sstevel@tonic-gate 	return (-1);
2847c478bd9Sstevel@tonic-gate }
2857c478bd9Sstevel@tonic-gate 
2867c478bd9Sstevel@tonic-gate static void
rctl_dict_val_dtor(mod_hash_val_t val)2877c478bd9Sstevel@tonic-gate rctl_dict_val_dtor(mod_hash_val_t val)
2887c478bd9Sstevel@tonic-gate {
2897c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *kr = (rctl_dict_entry_t *)val;
2907c478bd9Sstevel@tonic-gate 
2917c478bd9Sstevel@tonic-gate 	kmem_free(kr, sizeof (rctl_dict_entry_t));
2927c478bd9Sstevel@tonic-gate }
2937c478bd9Sstevel@tonic-gate 
2947c478bd9Sstevel@tonic-gate /*
2957c478bd9Sstevel@tonic-gate  * size_t rctl_build_name_buf()
2967c478bd9Sstevel@tonic-gate  *
2977c478bd9Sstevel@tonic-gate  * Overview
2987c478bd9Sstevel@tonic-gate  *   rctl_build_name_buf() walks all active resource controls in the dictionary,
2997c478bd9Sstevel@tonic-gate  *   building a buffer of continguous NUL-terminated strings.
3007c478bd9Sstevel@tonic-gate  *
3017c478bd9Sstevel@tonic-gate  * Return values
3027c478bd9Sstevel@tonic-gate  *   The size of the buffer is returned, the passed pointer's contents are
3037c478bd9Sstevel@tonic-gate  *   modified to that of the location of the buffer.
3047c478bd9Sstevel@tonic-gate  *
3057c478bd9Sstevel@tonic-gate  * Caller's context
3067c478bd9Sstevel@tonic-gate  *   Caller must be in a context suitable for KM_SLEEP allocations.
3077c478bd9Sstevel@tonic-gate  */
3087c478bd9Sstevel@tonic-gate size_t
rctl_build_name_buf(char ** rbufp)3097c478bd9Sstevel@tonic-gate rctl_build_name_buf(char **rbufp)
3107c478bd9Sstevel@tonic-gate {
3117c478bd9Sstevel@tonic-gate 	size_t req_size, cpy_size;
3127c478bd9Sstevel@tonic-gate 	char *rbufloc;
3137c478bd9Sstevel@tonic-gate 	int i;
3147c478bd9Sstevel@tonic-gate 
3157c478bd9Sstevel@tonic-gate rctl_rebuild_name_buf:
3167c478bd9Sstevel@tonic-gate 	req_size = cpy_size = 0;
3177c478bd9Sstevel@tonic-gate 
3187c478bd9Sstevel@tonic-gate 	/*
3197c478bd9Sstevel@tonic-gate 	 * Calculate needed buffer length.
3207c478bd9Sstevel@tonic-gate 	 */
3217c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_lists_lock);
3227c478bd9Sstevel@tonic-gate 	for (i = 0; i < RC_MAX_ENTITY + 1; i++) {
3237c478bd9Sstevel@tonic-gate 		rctl_dict_entry_t *rde;
3247c478bd9Sstevel@tonic-gate 
3257c478bd9Sstevel@tonic-gate 		for (rde = rctl_lists[i];
3267c478bd9Sstevel@tonic-gate 		    rde != NULL;
3277c478bd9Sstevel@tonic-gate 		    rde = rde->rcd_next)
3287c478bd9Sstevel@tonic-gate 			req_size += strlen(rde->rcd_name) + 1;
3297c478bd9Sstevel@tonic-gate 	}
3307c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_lists_lock);
3317c478bd9Sstevel@tonic-gate 
3327c478bd9Sstevel@tonic-gate 	rbufloc = *rbufp = kmem_alloc(req_size, KM_SLEEP);
3337c478bd9Sstevel@tonic-gate 
3347c478bd9Sstevel@tonic-gate 	/*
3357c478bd9Sstevel@tonic-gate 	 * Copy rctl names into our buffer.  If the copy length exceeds the
3367c478bd9Sstevel@tonic-gate 	 * allocate length (due to registration changes), stop copying, free the
3377c478bd9Sstevel@tonic-gate 	 * buffer, and start again.
3387c478bd9Sstevel@tonic-gate 	 */
3397c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_lists_lock);
3407c478bd9Sstevel@tonic-gate 	for (i = 0; i < RC_MAX_ENTITY + 1; i++) {
3417c478bd9Sstevel@tonic-gate 		rctl_dict_entry_t *rde;
3427c478bd9Sstevel@tonic-gate 
3437c478bd9Sstevel@tonic-gate 		for (rde = rctl_lists[i];
3447c478bd9Sstevel@tonic-gate 		    rde != NULL;
3457c478bd9Sstevel@tonic-gate 		    rde = rde->rcd_next) {
3467c478bd9Sstevel@tonic-gate 			size_t length = strlen(rde->rcd_name) + 1;
3477c478bd9Sstevel@tonic-gate 
3487c478bd9Sstevel@tonic-gate 			cpy_size += length;
3497c478bd9Sstevel@tonic-gate 
3507c478bd9Sstevel@tonic-gate 			if (cpy_size > req_size) {
3517c478bd9Sstevel@tonic-gate 				kmem_free(*rbufp, req_size);
3527c478bd9Sstevel@tonic-gate 				mutex_exit(&rctl_lists_lock);
3537c478bd9Sstevel@tonic-gate 				goto rctl_rebuild_name_buf;
3547c478bd9Sstevel@tonic-gate 			}
3557c478bd9Sstevel@tonic-gate 
3567c478bd9Sstevel@tonic-gate 			bcopy(rde->rcd_name, rbufloc, length);
3577c478bd9Sstevel@tonic-gate 			rbufloc += length;
3587c478bd9Sstevel@tonic-gate 		}
3597c478bd9Sstevel@tonic-gate 	}
3607c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_lists_lock);
3617c478bd9Sstevel@tonic-gate 
3627c478bd9Sstevel@tonic-gate 	return (req_size);
3637c478bd9Sstevel@tonic-gate }
3647c478bd9Sstevel@tonic-gate 
3657c478bd9Sstevel@tonic-gate /*
3667c478bd9Sstevel@tonic-gate  * rctl_dict_entry_t *rctl_dict_lookup(const char *)
3677c478bd9Sstevel@tonic-gate  *
3687c478bd9Sstevel@tonic-gate  * Overview
3697c478bd9Sstevel@tonic-gate  *   rctl_dict_lookup() returns the resource control dictionary entry for the
3707c478bd9Sstevel@tonic-gate  *   named resource control.
3717c478bd9Sstevel@tonic-gate  *
3727c478bd9Sstevel@tonic-gate  * Return values
3737c478bd9Sstevel@tonic-gate  *   A pointer to the appropriate resource control dictionary entry, or NULL if
3747c478bd9Sstevel@tonic-gate  *   no such named entry exists.
3757c478bd9Sstevel@tonic-gate  *
3767c478bd9Sstevel@tonic-gate  * Caller's context
3777c478bd9Sstevel@tonic-gate  *   Caller must not be holding rctl_dict_lock.
3787c478bd9Sstevel@tonic-gate  */
3797c478bd9Sstevel@tonic-gate rctl_dict_entry_t *
rctl_dict_lookup(const char * name)3807c478bd9Sstevel@tonic-gate rctl_dict_lookup(const char *name)
3817c478bd9Sstevel@tonic-gate {
3827c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde;
3837c478bd9Sstevel@tonic-gate 
3847c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_dict_lock);
3857c478bd9Sstevel@tonic-gate 
3867c478bd9Sstevel@tonic-gate 	if (mod_hash_find(rctl_dict_by_name, (mod_hash_key_t)name,
3877c478bd9Sstevel@tonic-gate 	    (mod_hash_val_t *)&rde) == MH_ERR_NOTFOUND) {
3887c478bd9Sstevel@tonic-gate 		mutex_exit(&rctl_dict_lock);
3897c478bd9Sstevel@tonic-gate 		return (NULL);
3907c478bd9Sstevel@tonic-gate 	}
3917c478bd9Sstevel@tonic-gate 
3927c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_dict_lock);
3937c478bd9Sstevel@tonic-gate 
3947c478bd9Sstevel@tonic-gate 	return (rde);
3957c478bd9Sstevel@tonic-gate }
3967c478bd9Sstevel@tonic-gate 
3977c478bd9Sstevel@tonic-gate /*
3987c478bd9Sstevel@tonic-gate  * rctl_hndl_t rctl_hndl_lookup(const char *)
3997c478bd9Sstevel@tonic-gate  *
4007c478bd9Sstevel@tonic-gate  * Overview
4017c478bd9Sstevel@tonic-gate  *   rctl_hndl_lookup() returns the resource control id (the "handle") for the
4027c478bd9Sstevel@tonic-gate  *   named resource control.
4037c478bd9Sstevel@tonic-gate  *
4047c478bd9Sstevel@tonic-gate  * Return values
4057c478bd9Sstevel@tonic-gate  *   The appropriate id, or -1 if no such named entry exists.
4067c478bd9Sstevel@tonic-gate  *
4077c478bd9Sstevel@tonic-gate  * Caller's context
4087c478bd9Sstevel@tonic-gate  *   Caller must not be holding rctl_dict_lock.
4097c478bd9Sstevel@tonic-gate  */
4107c478bd9Sstevel@tonic-gate rctl_hndl_t
rctl_hndl_lookup(const char * name)4117c478bd9Sstevel@tonic-gate rctl_hndl_lookup(const char *name)
4127c478bd9Sstevel@tonic-gate {
4137c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde;
4147c478bd9Sstevel@tonic-gate 
4157c478bd9Sstevel@tonic-gate 	if ((rde = rctl_dict_lookup(name)) == NULL)
4167c478bd9Sstevel@tonic-gate 		return (-1);
4177c478bd9Sstevel@tonic-gate 
4187c478bd9Sstevel@tonic-gate 	return (rde->rcd_id);
4197c478bd9Sstevel@tonic-gate }
4207c478bd9Sstevel@tonic-gate 
4217c478bd9Sstevel@tonic-gate /*
4227c478bd9Sstevel@tonic-gate  * rctl_dict_entry_t * rctl_dict_lookup_hndl(rctl_hndl_t)
4237c478bd9Sstevel@tonic-gate  *
4247c478bd9Sstevel@tonic-gate  * Overview
4257c478bd9Sstevel@tonic-gate  *   rctl_dict_lookup_hndl() completes the public lookup functions, by returning
4267c478bd9Sstevel@tonic-gate  *   the resource control dictionary entry matching a given resource control id.
4277c478bd9Sstevel@tonic-gate  *
4287c478bd9Sstevel@tonic-gate  * Return values
4297c478bd9Sstevel@tonic-gate  *   A pointer to the matching resource control dictionary entry, or NULL if the
4307c478bd9Sstevel@tonic-gate  *   id does not match any existing entries.
4317c478bd9Sstevel@tonic-gate  *
4327c478bd9Sstevel@tonic-gate  * Caller's context
4337c478bd9Sstevel@tonic-gate  *   Caller must not be holding rctl_lists_lock.
4347c478bd9Sstevel@tonic-gate  */
4357c478bd9Sstevel@tonic-gate rctl_dict_entry_t *
rctl_dict_lookup_hndl(rctl_hndl_t hndl)4367c478bd9Sstevel@tonic-gate rctl_dict_lookup_hndl(rctl_hndl_t hndl)
4377c478bd9Sstevel@tonic-gate {
4387c478bd9Sstevel@tonic-gate 	uint_t i;
4397c478bd9Sstevel@tonic-gate 
4407c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_lists_lock);
4417c478bd9Sstevel@tonic-gate 	for (i = 0; i < RC_MAX_ENTITY + 1; i++) {
4427c478bd9Sstevel@tonic-gate 		rctl_dict_entry_t *rde;
4437c478bd9Sstevel@tonic-gate 
4447c478bd9Sstevel@tonic-gate 		for (rde = rctl_lists[i];
4457c478bd9Sstevel@tonic-gate 		    rde != NULL;
4467c478bd9Sstevel@tonic-gate 		    rde = rde->rcd_next)
4477c478bd9Sstevel@tonic-gate 			if (rde->rcd_id == hndl) {
4487c478bd9Sstevel@tonic-gate 				mutex_exit(&rctl_lists_lock);
4497c478bd9Sstevel@tonic-gate 				return (rde);
4507c478bd9Sstevel@tonic-gate 			}
4517c478bd9Sstevel@tonic-gate 	}
4527c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_lists_lock);
4537c478bd9Sstevel@tonic-gate 
4547c478bd9Sstevel@tonic-gate 	return (NULL);
4557c478bd9Sstevel@tonic-gate }
4567c478bd9Sstevel@tonic-gate 
4577c478bd9Sstevel@tonic-gate /*
4587c478bd9Sstevel@tonic-gate  * void rctl_add_default_limit(const char *name, rctl_qty_t value,
4597c478bd9Sstevel@tonic-gate  *     rctl_priv_t privilege, uint_t action)
4607c478bd9Sstevel@tonic-gate  *
4617c478bd9Sstevel@tonic-gate  * Overview
4627c478bd9Sstevel@tonic-gate  *   Create a default limit with specified value, privilege, and action.
4637c478bd9Sstevel@tonic-gate  *
4647c478bd9Sstevel@tonic-gate  * Return value
4657c478bd9Sstevel@tonic-gate  *   No value returned.
4667c478bd9Sstevel@tonic-gate  */
4677c478bd9Sstevel@tonic-gate void
rctl_add_default_limit(const char * name,rctl_qty_t value,rctl_priv_t privilege,uint_t action)4687c478bd9Sstevel@tonic-gate rctl_add_default_limit(const char *name, rctl_qty_t value,
4697c478bd9Sstevel@tonic-gate     rctl_priv_t privilege, uint_t action)
4707c478bd9Sstevel@tonic-gate {
4717c478bd9Sstevel@tonic-gate 	rctl_val_t *dval;
4727c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde;
4737c478bd9Sstevel@tonic-gate 
4747c478bd9Sstevel@tonic-gate 	dval = kmem_cache_alloc(rctl_val_cache, KM_SLEEP);
4757c478bd9Sstevel@tonic-gate 	bzero(dval, sizeof (rctl_val_t));
4767c478bd9Sstevel@tonic-gate 	dval->rcv_value = value;
4777c478bd9Sstevel@tonic-gate 	dval->rcv_privilege = privilege;
4787c478bd9Sstevel@tonic-gate 	dval->rcv_flagaction = action;
4797c478bd9Sstevel@tonic-gate 	dval->rcv_action_recip_pid = -1;
4807c478bd9Sstevel@tonic-gate 
4817c478bd9Sstevel@tonic-gate 	rde = rctl_dict_lookup(name);
4827c478bd9Sstevel@tonic-gate 	(void) rctl_val_list_insert(&rde->rcd_default_value, dval);
4837c478bd9Sstevel@tonic-gate }
4847c478bd9Sstevel@tonic-gate 
4857c478bd9Sstevel@tonic-gate /*
4867c478bd9Sstevel@tonic-gate  * void rctl_add_legacy_limit(const char *name, const char *mname,
4877c478bd9Sstevel@tonic-gate  *     const char *lname, rctl_qty_t dflt)
4887c478bd9Sstevel@tonic-gate  *
4897c478bd9Sstevel@tonic-gate  * Overview
4907c478bd9Sstevel@tonic-gate  *   Create a default privileged limit, using the value obtained from
4917c478bd9Sstevel@tonic-gate  *   /etc/system if it exists and is greater than the specified default
4927c478bd9Sstevel@tonic-gate  *   value.  Exists primarily for System V IPC.
4937c478bd9Sstevel@tonic-gate  *
4947c478bd9Sstevel@tonic-gate  * Return value
4957c478bd9Sstevel@tonic-gate  *   No value returned.
4967c478bd9Sstevel@tonic-gate  */
4977c478bd9Sstevel@tonic-gate void
rctl_add_legacy_limit(const char * name,const char * mname,const char * lname,rctl_qty_t dflt,rctl_qty_t max)4987c478bd9Sstevel@tonic-gate rctl_add_legacy_limit(const char *name, const char *mname, const char *lname,
4997c478bd9Sstevel@tonic-gate     rctl_qty_t dflt, rctl_qty_t max)
5007c478bd9Sstevel@tonic-gate {
5017c478bd9Sstevel@tonic-gate 	rctl_qty_t qty;
5027c478bd9Sstevel@tonic-gate 
5037c478bd9Sstevel@tonic-gate 	if (!mod_sysvar(mname, lname, &qty) || (qty < dflt))
5047c478bd9Sstevel@tonic-gate 		qty = dflt;
5057c478bd9Sstevel@tonic-gate 
5067c478bd9Sstevel@tonic-gate 	if (qty > max)
5077c478bd9Sstevel@tonic-gate 		qty = max;
5087c478bd9Sstevel@tonic-gate 
5097c478bd9Sstevel@tonic-gate 	rctl_add_default_limit(name, qty, RCPRIV_PRIVILEGED, RCTL_LOCAL_DENY);
5107c478bd9Sstevel@tonic-gate }
5117c478bd9Sstevel@tonic-gate 
51255c01d4fSMenno Lageman rctl_set_t *
rctl_entity_obtain_rset(rctl_dict_entry_t * rcd,struct proc * p)5137c478bd9Sstevel@tonic-gate rctl_entity_obtain_rset(rctl_dict_entry_t *rcd, struct proc *p)
5147c478bd9Sstevel@tonic-gate {
5157c478bd9Sstevel@tonic-gate 	rctl_set_t *rset = NULL;
5167c478bd9Sstevel@tonic-gate 
5177c478bd9Sstevel@tonic-gate 	if (rcd == NULL)
5187c478bd9Sstevel@tonic-gate 		return (NULL);
5197c478bd9Sstevel@tonic-gate 
5207c478bd9Sstevel@tonic-gate 	switch (rcd->rcd_entity) {
5217c478bd9Sstevel@tonic-gate 	case RCENTITY_PROCESS:
5227c478bd9Sstevel@tonic-gate 		rset = p->p_rctls;
5237c478bd9Sstevel@tonic-gate 		break;
5247c478bd9Sstevel@tonic-gate 	case RCENTITY_TASK:
5257c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&p->p_lock));
5267c478bd9Sstevel@tonic-gate 		if (p->p_task != NULL)
5277c478bd9Sstevel@tonic-gate 			rset = p->p_task->tk_rctls;
5287c478bd9Sstevel@tonic-gate 		break;
5297c478bd9Sstevel@tonic-gate 	case RCENTITY_PROJECT:
5307c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&p->p_lock));
5317c478bd9Sstevel@tonic-gate 		if (p->p_task != NULL &&
5327c478bd9Sstevel@tonic-gate 		    p->p_task->tk_proj != NULL)
5337c478bd9Sstevel@tonic-gate 			rset = p->p_task->tk_proj->kpj_rctls;
5347c478bd9Sstevel@tonic-gate 		break;
5357c478bd9Sstevel@tonic-gate 	case RCENTITY_ZONE:
5367c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&p->p_lock));
5377c478bd9Sstevel@tonic-gate 		if (p->p_zone != NULL)
5387c478bd9Sstevel@tonic-gate 			rset = p->p_zone->zone_rctls;
5397c478bd9Sstevel@tonic-gate 		break;
5407c478bd9Sstevel@tonic-gate 	default:
5417c478bd9Sstevel@tonic-gate 		panic("unknown rctl entity type %d seen", rcd->rcd_entity);
5427c478bd9Sstevel@tonic-gate 		break;
5437c478bd9Sstevel@tonic-gate 	}
5447c478bd9Sstevel@tonic-gate 
5457c478bd9Sstevel@tonic-gate 	return (rset);
5467c478bd9Sstevel@tonic-gate }
5477c478bd9Sstevel@tonic-gate 
5487c478bd9Sstevel@tonic-gate static void
rctl_entity_obtain_entity_p(rctl_entity_t entity,struct proc * p,rctl_entity_p_t * e)5497c478bd9Sstevel@tonic-gate rctl_entity_obtain_entity_p(rctl_entity_t entity, struct proc *p,
5507c478bd9Sstevel@tonic-gate     rctl_entity_p_t *e)
5517c478bd9Sstevel@tonic-gate {
5527c478bd9Sstevel@tonic-gate 	e->rcep_p.proc = NULL;
5537c478bd9Sstevel@tonic-gate 	e->rcep_t = entity;
5547c478bd9Sstevel@tonic-gate 
5557c478bd9Sstevel@tonic-gate 	switch (entity) {
5567c478bd9Sstevel@tonic-gate 	case RCENTITY_PROCESS:
5577c478bd9Sstevel@tonic-gate 		e->rcep_p.proc = p;
5587c478bd9Sstevel@tonic-gate 		break;
5597c478bd9Sstevel@tonic-gate 	case RCENTITY_TASK:
5607c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&p->p_lock));
5617c478bd9Sstevel@tonic-gate 		if (p->p_task != NULL)
5627c478bd9Sstevel@tonic-gate 			e->rcep_p.task = p->p_task;
5637c478bd9Sstevel@tonic-gate 		break;
5647c478bd9Sstevel@tonic-gate 	case RCENTITY_PROJECT:
5657c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&p->p_lock));
5667c478bd9Sstevel@tonic-gate 		if (p->p_task != NULL &&
5677c478bd9Sstevel@tonic-gate 		    p->p_task->tk_proj != NULL)
5687c478bd9Sstevel@tonic-gate 			e->rcep_p.proj = p->p_task->tk_proj;
5697c478bd9Sstevel@tonic-gate 		break;
5707c478bd9Sstevel@tonic-gate 	case RCENTITY_ZONE:
5717c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&p->p_lock));
5727c478bd9Sstevel@tonic-gate 		if (p->p_zone != NULL)
5737c478bd9Sstevel@tonic-gate 			e->rcep_p.zone = p->p_zone;
5747c478bd9Sstevel@tonic-gate 		break;
5757c478bd9Sstevel@tonic-gate 	default:
5767c478bd9Sstevel@tonic-gate 		panic("unknown rctl entity type %d seen", entity);
5777c478bd9Sstevel@tonic-gate 		break;
5787c478bd9Sstevel@tonic-gate 	}
5797c478bd9Sstevel@tonic-gate }
5807c478bd9Sstevel@tonic-gate 
5817c478bd9Sstevel@tonic-gate static void
rctl_gp_alloc(rctl_alloc_gp_t * rcgp)5827c478bd9Sstevel@tonic-gate rctl_gp_alloc(rctl_alloc_gp_t *rcgp)
5837c478bd9Sstevel@tonic-gate {
5847c478bd9Sstevel@tonic-gate 	uint_t i;
5857c478bd9Sstevel@tonic-gate 
5867c478bd9Sstevel@tonic-gate 	if (rcgp->rcag_nctls > 0) {
5877c478bd9Sstevel@tonic-gate 		rctl_t *prev = kmem_cache_alloc(rctl_cache, KM_SLEEP);
5887c478bd9Sstevel@tonic-gate 		rctl_t *rctl = prev;
5897c478bd9Sstevel@tonic-gate 
5907c478bd9Sstevel@tonic-gate 		rcgp->rcag_ctls = prev;
5917c478bd9Sstevel@tonic-gate 
5927c478bd9Sstevel@tonic-gate 		for (i = 1; i < rcgp->rcag_nctls; i++) {
5937c478bd9Sstevel@tonic-gate 			rctl = kmem_cache_alloc(rctl_cache, KM_SLEEP);
5947c478bd9Sstevel@tonic-gate 			prev->rc_next = rctl;
5957c478bd9Sstevel@tonic-gate 			prev = rctl;
5967c478bd9Sstevel@tonic-gate 		}
5977c478bd9Sstevel@tonic-gate 
5987c478bd9Sstevel@tonic-gate 		rctl->rc_next = NULL;
5997c478bd9Sstevel@tonic-gate 	}
6007c478bd9Sstevel@tonic-gate 
6017c478bd9Sstevel@tonic-gate 	if (rcgp->rcag_nvals > 0) {
6027c478bd9Sstevel@tonic-gate 		rctl_val_t *prev = kmem_cache_alloc(rctl_val_cache, KM_SLEEP);
6037c478bd9Sstevel@tonic-gate 		rctl_val_t *rval = prev;
6047c478bd9Sstevel@tonic-gate 
6057c478bd9Sstevel@tonic-gate 		rcgp->rcag_vals = prev;
6067c478bd9Sstevel@tonic-gate 
6077c478bd9Sstevel@tonic-gate 		for (i = 1; i < rcgp->rcag_nvals; i++) {
6087c478bd9Sstevel@tonic-gate 			rval = kmem_cache_alloc(rctl_val_cache, KM_SLEEP);
6097c478bd9Sstevel@tonic-gate 			prev->rcv_next = rval;
6107c478bd9Sstevel@tonic-gate 			prev = rval;
6117c478bd9Sstevel@tonic-gate 		}
6127c478bd9Sstevel@tonic-gate 
6137c478bd9Sstevel@tonic-gate 		rval->rcv_next = NULL;
6147c478bd9Sstevel@tonic-gate 	}
6157c478bd9Sstevel@tonic-gate 
6167c478bd9Sstevel@tonic-gate }
6177c478bd9Sstevel@tonic-gate 
6187c478bd9Sstevel@tonic-gate static rctl_val_t *
rctl_gp_detach_val(rctl_alloc_gp_t * rcgp)6197c478bd9Sstevel@tonic-gate rctl_gp_detach_val(rctl_alloc_gp_t *rcgp)
6207c478bd9Sstevel@tonic-gate {
6217c478bd9Sstevel@tonic-gate 	rctl_val_t *rval = rcgp->rcag_vals;
6227c478bd9Sstevel@tonic-gate 
6237c478bd9Sstevel@tonic-gate 	ASSERT(rcgp->rcag_nvals > 0);
6247c478bd9Sstevel@tonic-gate 	rcgp->rcag_nvals--;
6257c478bd9Sstevel@tonic-gate 	rcgp->rcag_vals = rval->rcv_next;
6267c478bd9Sstevel@tonic-gate 
6277c478bd9Sstevel@tonic-gate 	rval->rcv_next = NULL;
6287c478bd9Sstevel@tonic-gate 
6297c478bd9Sstevel@tonic-gate 	return (rval);
6307c478bd9Sstevel@tonic-gate }
6317c478bd9Sstevel@tonic-gate 
6327c478bd9Sstevel@tonic-gate static rctl_t *
rctl_gp_detach_ctl(rctl_alloc_gp_t * rcgp)6337c478bd9Sstevel@tonic-gate rctl_gp_detach_ctl(rctl_alloc_gp_t *rcgp)
6347c478bd9Sstevel@tonic-gate {
6357c478bd9Sstevel@tonic-gate 	rctl_t *rctl = rcgp->rcag_ctls;
6367c478bd9Sstevel@tonic-gate 
6377c478bd9Sstevel@tonic-gate 	ASSERT(rcgp->rcag_nctls > 0);
6387c478bd9Sstevel@tonic-gate 	rcgp->rcag_nctls--;
6397c478bd9Sstevel@tonic-gate 	rcgp->rcag_ctls = rctl->rc_next;
6407c478bd9Sstevel@tonic-gate 
6417c478bd9Sstevel@tonic-gate 	rctl->rc_next = NULL;
6427c478bd9Sstevel@tonic-gate 
6437c478bd9Sstevel@tonic-gate 	return (rctl);
6447c478bd9Sstevel@tonic-gate 
6457c478bd9Sstevel@tonic-gate }
6467c478bd9Sstevel@tonic-gate 
6477c478bd9Sstevel@tonic-gate static void
rctl_gp_free(rctl_alloc_gp_t * rcgp)6487c478bd9Sstevel@tonic-gate rctl_gp_free(rctl_alloc_gp_t *rcgp)
6497c478bd9Sstevel@tonic-gate {
6507c478bd9Sstevel@tonic-gate 	rctl_val_t *rval = rcgp->rcag_vals;
6517c478bd9Sstevel@tonic-gate 	rctl_t *rctl = rcgp->rcag_ctls;
6527c478bd9Sstevel@tonic-gate 
6537c478bd9Sstevel@tonic-gate 	while (rval != NULL) {
6547c478bd9Sstevel@tonic-gate 		rctl_val_t *next = rval->rcv_next;
6557c478bd9Sstevel@tonic-gate 
6567c478bd9Sstevel@tonic-gate 		kmem_cache_free(rctl_val_cache, rval);
6577c478bd9Sstevel@tonic-gate 		rval = next;
6587c478bd9Sstevel@tonic-gate 	}
6597c478bd9Sstevel@tonic-gate 
6607c478bd9Sstevel@tonic-gate 	while (rctl != NULL) {
6617c478bd9Sstevel@tonic-gate 		rctl_t *next = rctl->rc_next;
6627c478bd9Sstevel@tonic-gate 
6637c478bd9Sstevel@tonic-gate 		kmem_cache_free(rctl_cache, rctl);
6647c478bd9Sstevel@tonic-gate 		rctl = next;
6657c478bd9Sstevel@tonic-gate 	}
6667c478bd9Sstevel@tonic-gate }
6677c478bd9Sstevel@tonic-gate 
6687c478bd9Sstevel@tonic-gate /*
6697c478bd9Sstevel@tonic-gate  * void rctl_prealloc_destroy(rctl_alloc_gp_t *)
6707c478bd9Sstevel@tonic-gate  *
6717c478bd9Sstevel@tonic-gate  * Overview
6727c478bd9Sstevel@tonic-gate  *   Release all unused memory allocated via one of the "prealloc" functions:
6737c478bd9Sstevel@tonic-gate  *   rctl_set_init_prealloc, rctl_set_dup_prealloc, or rctl_rlimit_set_prealloc.
6747c478bd9Sstevel@tonic-gate  *
6757c478bd9Sstevel@tonic-gate  * Return values
6767c478bd9Sstevel@tonic-gate  *   None.
6777c478bd9Sstevel@tonic-gate  *
6787c478bd9Sstevel@tonic-gate  * Caller's context
6797c478bd9Sstevel@tonic-gate  *   No restrictions on context.
6807c478bd9Sstevel@tonic-gate  */
6817c478bd9Sstevel@tonic-gate void
rctl_prealloc_destroy(rctl_alloc_gp_t * gp)6827c478bd9Sstevel@tonic-gate rctl_prealloc_destroy(rctl_alloc_gp_t *gp)
6837c478bd9Sstevel@tonic-gate {
6847c478bd9Sstevel@tonic-gate 	rctl_gp_free(gp);
6857c478bd9Sstevel@tonic-gate 	kmem_free(gp, sizeof (rctl_alloc_gp_t));
6867c478bd9Sstevel@tonic-gate }
6877c478bd9Sstevel@tonic-gate 
6887c478bd9Sstevel@tonic-gate /*
6897c478bd9Sstevel@tonic-gate  * int rctl_val_cmp(rctl_val_t *, rctl_val_t *, int)
6907c478bd9Sstevel@tonic-gate  *
6917c478bd9Sstevel@tonic-gate  * Overview
6927c478bd9Sstevel@tonic-gate  *   This function defines an ordering to rctl_val_t's in order to allow
6937c478bd9Sstevel@tonic-gate  *   for correct placement in value lists. When the imprecise flag is set,
6947c478bd9Sstevel@tonic-gate  *   the action recipient is ignored. This is to facilitate insert,
6957c478bd9Sstevel@tonic-gate  *   delete, and replace operations by rctlsys.
6967c478bd9Sstevel@tonic-gate  *
6977c478bd9Sstevel@tonic-gate  * Return values
6987c478bd9Sstevel@tonic-gate  *   0 if the val_t's are are considered identical
6997c478bd9Sstevel@tonic-gate  *   -1 if a is ordered lower than b
7007c478bd9Sstevel@tonic-gate  *   1 if a is lowered higher than b
7017c478bd9Sstevel@tonic-gate  *
7027c478bd9Sstevel@tonic-gate  * Caller's context
7037c478bd9Sstevel@tonic-gate  *   No restrictions on context.
7047c478bd9Sstevel@tonic-gate  */
7057c478bd9Sstevel@tonic-gate int
rctl_val_cmp(rctl_val_t * a,rctl_val_t * b,int imprecise)7067c478bd9Sstevel@tonic-gate rctl_val_cmp(rctl_val_t *a, rctl_val_t *b, int imprecise)
7077c478bd9Sstevel@tonic-gate {
7087c478bd9Sstevel@tonic-gate 	if ((a->rcv_flagaction & RCTL_LOCAL_MAXIMAL) <
7097c478bd9Sstevel@tonic-gate 	    (b->rcv_flagaction & RCTL_LOCAL_MAXIMAL))
7107c478bd9Sstevel@tonic-gate 		return (-1);
7117c478bd9Sstevel@tonic-gate 
7127c478bd9Sstevel@tonic-gate 	if ((a->rcv_flagaction & RCTL_LOCAL_MAXIMAL) >
7137c478bd9Sstevel@tonic-gate 	    (b->rcv_flagaction & RCTL_LOCAL_MAXIMAL))
7147c478bd9Sstevel@tonic-gate 		return (1);
7157c478bd9Sstevel@tonic-gate 
7167c478bd9Sstevel@tonic-gate 	if (a->rcv_value < b->rcv_value)
7177c478bd9Sstevel@tonic-gate 		return (-1);
7187c478bd9Sstevel@tonic-gate 
7197c478bd9Sstevel@tonic-gate 	if (a->rcv_value > b->rcv_value)
7207c478bd9Sstevel@tonic-gate 		return (1);
7217c478bd9Sstevel@tonic-gate 
7227c478bd9Sstevel@tonic-gate 	if ((a->rcv_flagaction & RCTL_LOCAL_DENY) <
7237c478bd9Sstevel@tonic-gate 	    (b->rcv_flagaction & RCTL_LOCAL_DENY))
7247c478bd9Sstevel@tonic-gate 		return (-1);
7257c478bd9Sstevel@tonic-gate 
7267c478bd9Sstevel@tonic-gate 	if ((a->rcv_flagaction & RCTL_LOCAL_DENY) >
7277c478bd9Sstevel@tonic-gate 	    (b->rcv_flagaction & RCTL_LOCAL_DENY))
7287c478bd9Sstevel@tonic-gate 		return (1);
7297c478bd9Sstevel@tonic-gate 
7307c478bd9Sstevel@tonic-gate 	if (a->rcv_privilege < b->rcv_privilege)
7317c478bd9Sstevel@tonic-gate 		return (-1);
7327c478bd9Sstevel@tonic-gate 
7337c478bd9Sstevel@tonic-gate 	if (a->rcv_privilege > b->rcv_privilege)
7347c478bd9Sstevel@tonic-gate 		return (1);
7357c478bd9Sstevel@tonic-gate 
7367c478bd9Sstevel@tonic-gate 	if (imprecise)
7377c478bd9Sstevel@tonic-gate 		return (0);
7387c478bd9Sstevel@tonic-gate 
7397c478bd9Sstevel@tonic-gate 	if (a->rcv_action_recip_pid < b->rcv_action_recip_pid)
7407c478bd9Sstevel@tonic-gate 		return (-1);
7417c478bd9Sstevel@tonic-gate 
7427c478bd9Sstevel@tonic-gate 	if (a->rcv_action_recip_pid > b->rcv_action_recip_pid)
7437c478bd9Sstevel@tonic-gate 		return (1);
7447c478bd9Sstevel@tonic-gate 
7457c478bd9Sstevel@tonic-gate 	return (0);
7467c478bd9Sstevel@tonic-gate }
7477c478bd9Sstevel@tonic-gate 
7487c478bd9Sstevel@tonic-gate static rctl_val_t *
rctl_val_list_find(rctl_val_t ** head,rctl_val_t * cval)7497c478bd9Sstevel@tonic-gate rctl_val_list_find(rctl_val_t **head, rctl_val_t *cval)
7507c478bd9Sstevel@tonic-gate {
7517c478bd9Sstevel@tonic-gate 	rctl_val_t *rval = *head;
7527c478bd9Sstevel@tonic-gate 
7537c478bd9Sstevel@tonic-gate 	while (rval != NULL) {
7547c478bd9Sstevel@tonic-gate 		if (rctl_val_cmp(cval, rval, 0) == 0)
7557c478bd9Sstevel@tonic-gate 			return (rval);
7567c478bd9Sstevel@tonic-gate 
7577c478bd9Sstevel@tonic-gate 		rval = rval->rcv_next;
7587c478bd9Sstevel@tonic-gate 	}
7597c478bd9Sstevel@tonic-gate 
7607c478bd9Sstevel@tonic-gate 	return (NULL);
7617c478bd9Sstevel@tonic-gate 
7627c478bd9Sstevel@tonic-gate }
7637c478bd9Sstevel@tonic-gate 
7647c478bd9Sstevel@tonic-gate /*
7657c478bd9Sstevel@tonic-gate  * int rctl_val_list_insert(rctl_val_t **, rctl_val_t *)
7667c478bd9Sstevel@tonic-gate  *
7677c478bd9Sstevel@tonic-gate  * Overview
7687c478bd9Sstevel@tonic-gate  *   This function inserts the rctl_val_t into the value list provided.
7697c478bd9Sstevel@tonic-gate  *   The insert is always successful unless if the value is a duplicate
7707c478bd9Sstevel@tonic-gate  *   of one already in the list.
7717c478bd9Sstevel@tonic-gate  *
7727c478bd9Sstevel@tonic-gate  * Return values
7737c478bd9Sstevel@tonic-gate  *    1 if the value was a duplicate of an existing value in the list.
7747c478bd9Sstevel@tonic-gate  *    0 if the insert was successful.
7757c478bd9Sstevel@tonic-gate  */
7767c478bd9Sstevel@tonic-gate int
rctl_val_list_insert(rctl_val_t ** root,rctl_val_t * rval)7777c478bd9Sstevel@tonic-gate rctl_val_list_insert(rctl_val_t **root, rctl_val_t *rval)
7787c478bd9Sstevel@tonic-gate {
7797c478bd9Sstevel@tonic-gate 	rctl_val_t *prev;
7807c478bd9Sstevel@tonic-gate 	int equiv;
7817c478bd9Sstevel@tonic-gate 
7827c478bd9Sstevel@tonic-gate 	rval->rcv_next = NULL;
7837c478bd9Sstevel@tonic-gate 	rval->rcv_prev = NULL;
7847c478bd9Sstevel@tonic-gate 
7857c478bd9Sstevel@tonic-gate 	if (*root == NULL) {
7867c478bd9Sstevel@tonic-gate 		*root = rval;
7877c478bd9Sstevel@tonic-gate 		return (0);
7887c478bd9Sstevel@tonic-gate 	}
7897c478bd9Sstevel@tonic-gate 
7907c478bd9Sstevel@tonic-gate 	equiv = rctl_val_cmp(rval, *root, 0);
7917c478bd9Sstevel@tonic-gate 
7927c478bd9Sstevel@tonic-gate 	if (equiv == 0)
7937c478bd9Sstevel@tonic-gate 		return (1);
7947c478bd9Sstevel@tonic-gate 
7957c478bd9Sstevel@tonic-gate 	if (equiv < 0) {
7967c478bd9Sstevel@tonic-gate 		rval->rcv_next = *root;
7977c478bd9Sstevel@tonic-gate 		rval->rcv_next->rcv_prev = rval;
7987c478bd9Sstevel@tonic-gate 		*root = rval;
7997c478bd9Sstevel@tonic-gate 
8007c478bd9Sstevel@tonic-gate 		return (0);
8017c478bd9Sstevel@tonic-gate 	}
8027c478bd9Sstevel@tonic-gate 
8037c478bd9Sstevel@tonic-gate 	prev = *root;
8047c478bd9Sstevel@tonic-gate 	while (prev->rcv_next != NULL &&
8057c478bd9Sstevel@tonic-gate 	    (equiv = rctl_val_cmp(rval, prev->rcv_next, 0)) > 0) {
8067c478bd9Sstevel@tonic-gate 		prev = prev->rcv_next;
8077c478bd9Sstevel@tonic-gate 	}
8087c478bd9Sstevel@tonic-gate 
8097c478bd9Sstevel@tonic-gate 	if (equiv == 0)
8107c478bd9Sstevel@tonic-gate 		return (1);
8117c478bd9Sstevel@tonic-gate 
8127c478bd9Sstevel@tonic-gate 	rval->rcv_next = prev->rcv_next;
8137c478bd9Sstevel@tonic-gate 	if (rval->rcv_next != NULL)
8147c478bd9Sstevel@tonic-gate 		rval->rcv_next->rcv_prev = rval;
8157c478bd9Sstevel@tonic-gate 	prev->rcv_next = rval;
8167c478bd9Sstevel@tonic-gate 	rval->rcv_prev = prev;
8177c478bd9Sstevel@tonic-gate 
8187c478bd9Sstevel@tonic-gate 	return (0);
8197c478bd9Sstevel@tonic-gate }
8207c478bd9Sstevel@tonic-gate 
8217c478bd9Sstevel@tonic-gate static int
rctl_val_list_delete(rctl_val_t ** root,rctl_val_t * rval)8227c478bd9Sstevel@tonic-gate rctl_val_list_delete(rctl_val_t **root, rctl_val_t *rval)
8237c478bd9Sstevel@tonic-gate {
8247c478bd9Sstevel@tonic-gate 	rctl_val_t *prev;
8257c478bd9Sstevel@tonic-gate 
8267c478bd9Sstevel@tonic-gate 	if (*root == NULL)
8277c478bd9Sstevel@tonic-gate 		return (-1);
8287c478bd9Sstevel@tonic-gate 
8297c478bd9Sstevel@tonic-gate 	prev = *root;
8307c478bd9Sstevel@tonic-gate 	if (rctl_val_cmp(rval, prev, 0) == 0) {
8317c478bd9Sstevel@tonic-gate 		*root = prev->rcv_next;
832db30663eSrd 		if (*root != NULL)
833db30663eSrd 			(*root)->rcv_prev = NULL;
8347c478bd9Sstevel@tonic-gate 
8357c478bd9Sstevel@tonic-gate 		kmem_cache_free(rctl_val_cache, prev);
8367c478bd9Sstevel@tonic-gate 
8377c478bd9Sstevel@tonic-gate 		return (0);
8387c478bd9Sstevel@tonic-gate 	}
8397c478bd9Sstevel@tonic-gate 
8407c478bd9Sstevel@tonic-gate 	while (prev->rcv_next != NULL &&
8417c478bd9Sstevel@tonic-gate 	    rctl_val_cmp(rval, prev->rcv_next, 0) != 0) {
8427c478bd9Sstevel@tonic-gate 		prev = prev->rcv_next;
8437c478bd9Sstevel@tonic-gate 	}
8447c478bd9Sstevel@tonic-gate 
8457c478bd9Sstevel@tonic-gate 	if (prev->rcv_next == NULL) {
8467c478bd9Sstevel@tonic-gate 		/*
8477c478bd9Sstevel@tonic-gate 		 * If we navigate the entire list and cannot find a match, then
8487c478bd9Sstevel@tonic-gate 		 * return failure.
8497c478bd9Sstevel@tonic-gate 		 */
8507c478bd9Sstevel@tonic-gate 		return (-1);
8517c478bd9Sstevel@tonic-gate 	}
8527c478bd9Sstevel@tonic-gate 
8537c478bd9Sstevel@tonic-gate 	prev = prev->rcv_next;
8547c478bd9Sstevel@tonic-gate 	prev->rcv_prev->rcv_next = prev->rcv_next;
8557c478bd9Sstevel@tonic-gate 	if (prev->rcv_next != NULL)
8567c478bd9Sstevel@tonic-gate 		prev->rcv_next->rcv_prev = prev->rcv_prev;
8577c478bd9Sstevel@tonic-gate 
8587c478bd9Sstevel@tonic-gate 	kmem_cache_free(rctl_val_cache, prev);
8597c478bd9Sstevel@tonic-gate 
8607c478bd9Sstevel@tonic-gate 	return (0);
8617c478bd9Sstevel@tonic-gate }
8627c478bd9Sstevel@tonic-gate 
8637c478bd9Sstevel@tonic-gate static rctl_val_t *
rctl_val_list_dup(rctl_val_t * rval,rctl_alloc_gp_t * ragp,struct proc * oldp,struct proc * newp)8647c478bd9Sstevel@tonic-gate rctl_val_list_dup(rctl_val_t *rval, rctl_alloc_gp_t *ragp, struct proc *oldp,
8657c478bd9Sstevel@tonic-gate     struct proc *newp)
8667c478bd9Sstevel@tonic-gate {
8677c478bd9Sstevel@tonic-gate 	rctl_val_t *head = NULL;
8687c478bd9Sstevel@tonic-gate 
8697c478bd9Sstevel@tonic-gate 	for (; rval != NULL; rval = rval->rcv_next) {
8707c478bd9Sstevel@tonic-gate 		rctl_val_t *dval = rctl_gp_detach_val(ragp);
8717c478bd9Sstevel@tonic-gate 
8727c478bd9Sstevel@tonic-gate 		bcopy(rval, dval, sizeof (rctl_val_t));
8737c478bd9Sstevel@tonic-gate 		dval->rcv_prev = dval->rcv_next = NULL;
8747c478bd9Sstevel@tonic-gate 
8757c478bd9Sstevel@tonic-gate 		if (oldp == NULL ||
8767c478bd9Sstevel@tonic-gate 		    rval->rcv_action_recipient == NULL ||
8777c478bd9Sstevel@tonic-gate 		    rval->rcv_action_recipient == oldp) {
8787c478bd9Sstevel@tonic-gate 			if (rval->rcv_privilege == RCPRIV_BASIC) {
8797c478bd9Sstevel@tonic-gate 				dval->rcv_action_recipient = newp;
8807c478bd9Sstevel@tonic-gate 				dval->rcv_action_recip_pid = newp->p_pid;
8817c478bd9Sstevel@tonic-gate 			} else {
8827c478bd9Sstevel@tonic-gate 				dval->rcv_action_recipient = NULL;
8837c478bd9Sstevel@tonic-gate 				dval->rcv_action_recip_pid = -1;
8847c478bd9Sstevel@tonic-gate 			}
8857c478bd9Sstevel@tonic-gate 
8867c478bd9Sstevel@tonic-gate 			(void) rctl_val_list_insert(&head, dval);
8877c478bd9Sstevel@tonic-gate 		} else {
8887c478bd9Sstevel@tonic-gate 			kmem_cache_free(rctl_val_cache, dval);
8897c478bd9Sstevel@tonic-gate 		}
8907c478bd9Sstevel@tonic-gate 	}
8917c478bd9Sstevel@tonic-gate 
8927c478bd9Sstevel@tonic-gate 	return (head);
8937c478bd9Sstevel@tonic-gate }
8947c478bd9Sstevel@tonic-gate 
8957c478bd9Sstevel@tonic-gate static void
rctl_val_list_reset(rctl_val_t * rval)8967c478bd9Sstevel@tonic-gate rctl_val_list_reset(rctl_val_t *rval)
8977c478bd9Sstevel@tonic-gate {
8987c478bd9Sstevel@tonic-gate 	for (; rval != NULL; rval = rval->rcv_next)
8997c478bd9Sstevel@tonic-gate 		rval->rcv_firing_time = 0;
9007c478bd9Sstevel@tonic-gate }
9017c478bd9Sstevel@tonic-gate 
9027c478bd9Sstevel@tonic-gate static uint_t
rctl_val_list_count(rctl_val_t * rval)9037c478bd9Sstevel@tonic-gate rctl_val_list_count(rctl_val_t *rval)
9047c478bd9Sstevel@tonic-gate {
9057c478bd9Sstevel@tonic-gate 	uint_t n = 0;
9067c478bd9Sstevel@tonic-gate 
9077c478bd9Sstevel@tonic-gate 	for (; rval != NULL; rval = rval->rcv_next)
9087c478bd9Sstevel@tonic-gate 		n++;
9097c478bd9Sstevel@tonic-gate 
9107c478bd9Sstevel@tonic-gate 	return (n);
9117c478bd9Sstevel@tonic-gate }
9127c478bd9Sstevel@tonic-gate 
9137c478bd9Sstevel@tonic-gate 
9147c478bd9Sstevel@tonic-gate static void
rctl_val_list_free(rctl_val_t * rval)9157c478bd9Sstevel@tonic-gate rctl_val_list_free(rctl_val_t *rval)
9167c478bd9Sstevel@tonic-gate {
9177c478bd9Sstevel@tonic-gate 	while (rval != NULL) {
9187c478bd9Sstevel@tonic-gate 		rctl_val_t *next = rval->rcv_next;
9197c478bd9Sstevel@tonic-gate 
9207c478bd9Sstevel@tonic-gate 		kmem_cache_free(rctl_val_cache, rval);
9217c478bd9Sstevel@tonic-gate 
9227c478bd9Sstevel@tonic-gate 		rval = next;
9237c478bd9Sstevel@tonic-gate 	}
9247c478bd9Sstevel@tonic-gate }
9257c478bd9Sstevel@tonic-gate 
9267c478bd9Sstevel@tonic-gate /*
9277c478bd9Sstevel@tonic-gate  * rctl_qty_t rctl_model_maximum(rctl_dict_entry_t *, struct proc *)
9287c478bd9Sstevel@tonic-gate  *
9297c478bd9Sstevel@tonic-gate  * Overview
9307c478bd9Sstevel@tonic-gate  *   In cases where the operating system supports more than one process
9317c478bd9Sstevel@tonic-gate  *   addressing model, the operating system capabilities will exceed those of
9327c478bd9Sstevel@tonic-gate  *   one or more of these models.  Processes in a less capable model must have
9337c478bd9Sstevel@tonic-gate  *   their resources accurately controlled, without diluting those of their
9347c478bd9Sstevel@tonic-gate  *   descendants reached via exec().  rctl_model_maximum() returns the governing
9357c478bd9Sstevel@tonic-gate  *   value for the specified process with respect to a resource control, such
9367c478bd9Sstevel@tonic-gate  *   that the value can used for the RCTLOP_SET callback or compatability
9377c478bd9Sstevel@tonic-gate  *   support.
9387c478bd9Sstevel@tonic-gate  *
9397c478bd9Sstevel@tonic-gate  * Return values
9407c478bd9Sstevel@tonic-gate  *   The maximum value for the given process for the specified resource control.
9417c478bd9Sstevel@tonic-gate  *
9427c478bd9Sstevel@tonic-gate  * Caller's context
9437c478bd9Sstevel@tonic-gate  *   No restrictions on context.
9447c478bd9Sstevel@tonic-gate  */
9457c478bd9Sstevel@tonic-gate rctl_qty_t
rctl_model_maximum(rctl_dict_entry_t * rde,struct proc * p)9467c478bd9Sstevel@tonic-gate rctl_model_maximum(rctl_dict_entry_t *rde, struct proc *p)
9477c478bd9Sstevel@tonic-gate {
9487c478bd9Sstevel@tonic-gate 	if (p->p_model == DATAMODEL_NATIVE)
9497c478bd9Sstevel@tonic-gate 		return (rde->rcd_max_native);
9507c478bd9Sstevel@tonic-gate 
9517c478bd9Sstevel@tonic-gate 	return (rde->rcd_max_ilp32);
9527c478bd9Sstevel@tonic-gate }
9537c478bd9Sstevel@tonic-gate 
9547c478bd9Sstevel@tonic-gate /*
9557c478bd9Sstevel@tonic-gate  * rctl_qty_t rctl_model_value(rctl_dict_entry_t *, struct proc *, rctl_qty_t)
9567c478bd9Sstevel@tonic-gate  *
9577c478bd9Sstevel@tonic-gate  * Overview
9587c478bd9Sstevel@tonic-gate  *   Convenience function wrapping the rctl_model_maximum() functionality.
9597c478bd9Sstevel@tonic-gate  *
9607c478bd9Sstevel@tonic-gate  * Return values
9617c478bd9Sstevel@tonic-gate  *   The lesser of the process's maximum value and the given value for the
9627c478bd9Sstevel@tonic-gate  *   specified resource control.
9637c478bd9Sstevel@tonic-gate  *
9647c478bd9Sstevel@tonic-gate  * Caller's context
9657c478bd9Sstevel@tonic-gate  *   No restrictions on context.
9667c478bd9Sstevel@tonic-gate  */
9677c478bd9Sstevel@tonic-gate rctl_qty_t
rctl_model_value(rctl_dict_entry_t * rde,struct proc * p,rctl_qty_t value)9687c478bd9Sstevel@tonic-gate rctl_model_value(rctl_dict_entry_t *rde, struct proc *p, rctl_qty_t value)
9697c478bd9Sstevel@tonic-gate {
9707c478bd9Sstevel@tonic-gate 	rctl_qty_t max = rctl_model_maximum(rde, p);
9717c478bd9Sstevel@tonic-gate 
9727c478bd9Sstevel@tonic-gate 	return (value < max ? value : max);
9737c478bd9Sstevel@tonic-gate }
9747c478bd9Sstevel@tonic-gate 
9757c478bd9Sstevel@tonic-gate static void
rctl_set_insert(rctl_set_t * set,rctl_hndl_t hndl,rctl_t * rctl)9767c478bd9Sstevel@tonic-gate rctl_set_insert(rctl_set_t *set, rctl_hndl_t hndl, rctl_t *rctl)
9777c478bd9Sstevel@tonic-gate {
9787c478bd9Sstevel@tonic-gate 	uint_t index = hndl % rctl_set_size;
9797c478bd9Sstevel@tonic-gate 	rctl_t *next_ctl, *prev_ctl;
9807c478bd9Sstevel@tonic-gate 
9817c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_HELD(&set->rcs_lock));
9827c478bd9Sstevel@tonic-gate 
9837c478bd9Sstevel@tonic-gate 	rctl->rc_next = NULL;
9847c478bd9Sstevel@tonic-gate 
9857c478bd9Sstevel@tonic-gate 	if (set->rcs_ctls[index] == NULL) {
9867c478bd9Sstevel@tonic-gate 		set->rcs_ctls[index] = rctl;
9877c478bd9Sstevel@tonic-gate 		return;
9887c478bd9Sstevel@tonic-gate 	}
9897c478bd9Sstevel@tonic-gate 
9907c478bd9Sstevel@tonic-gate 	if (hndl < set->rcs_ctls[index]->rc_id) {
9917c478bd9Sstevel@tonic-gate 		rctl->rc_next = set->rcs_ctls[index];
9927c478bd9Sstevel@tonic-gate 		set->rcs_ctls[index] = rctl;
9937c478bd9Sstevel@tonic-gate 
9947c478bd9Sstevel@tonic-gate 		return;
9957c478bd9Sstevel@tonic-gate 	}
9967c478bd9Sstevel@tonic-gate 
9977c478bd9Sstevel@tonic-gate 	for (next_ctl = set->rcs_ctls[index]->rc_next,
9987c478bd9Sstevel@tonic-gate 	    prev_ctl = set->rcs_ctls[index];
9997c478bd9Sstevel@tonic-gate 	    next_ctl != NULL;
10007c478bd9Sstevel@tonic-gate 	    prev_ctl = next_ctl,
10017c478bd9Sstevel@tonic-gate 	    next_ctl = next_ctl->rc_next) {
10027c478bd9Sstevel@tonic-gate 		if (next_ctl->rc_id > hndl) {
10037c478bd9Sstevel@tonic-gate 			rctl->rc_next = next_ctl;
10047c478bd9Sstevel@tonic-gate 			prev_ctl->rc_next = rctl;
10057c478bd9Sstevel@tonic-gate 
10067c478bd9Sstevel@tonic-gate 			return;
10077c478bd9Sstevel@tonic-gate 		}
10087c478bd9Sstevel@tonic-gate 	}
10097c478bd9Sstevel@tonic-gate 
10107c478bd9Sstevel@tonic-gate 	rctl->rc_next = next_ctl;
10117c478bd9Sstevel@tonic-gate 	prev_ctl->rc_next = rctl;
10127c478bd9Sstevel@tonic-gate }
10137c478bd9Sstevel@tonic-gate 
10147c478bd9Sstevel@tonic-gate /*
10157c478bd9Sstevel@tonic-gate  * rctl_set_t *rctl_set_create()
10167c478bd9Sstevel@tonic-gate  *
10177c478bd9Sstevel@tonic-gate  * Overview
10187c478bd9Sstevel@tonic-gate  *   Create an empty resource control set, suitable for attaching to a
10197c478bd9Sstevel@tonic-gate  *   controlled entity.
10207c478bd9Sstevel@tonic-gate  *
10217c478bd9Sstevel@tonic-gate  * Return values
10227c478bd9Sstevel@tonic-gate  *   A pointer to the newly created set.
10237c478bd9Sstevel@tonic-gate  *
10247c478bd9Sstevel@tonic-gate  * Caller's context
10257c478bd9Sstevel@tonic-gate  *   Safe for KM_SLEEP allocations.
10267c478bd9Sstevel@tonic-gate  */
10277c478bd9Sstevel@tonic-gate rctl_set_t *
rctl_set_create()10287c478bd9Sstevel@tonic-gate rctl_set_create()
10297c478bd9Sstevel@tonic-gate {
10307c478bd9Sstevel@tonic-gate 	rctl_set_t *rset = kmem_zalloc(sizeof (rctl_set_t), KM_SLEEP);
10317c478bd9Sstevel@tonic-gate 
10327c478bd9Sstevel@tonic-gate 	mutex_init(&rset->rcs_lock, NULL, MUTEX_DEFAULT, NULL);
10337c478bd9Sstevel@tonic-gate 	rset->rcs_ctls = kmem_zalloc(rctl_set_size * sizeof (rctl_t *),
10347c478bd9Sstevel@tonic-gate 	    KM_SLEEP);
10357c478bd9Sstevel@tonic-gate 	rset->rcs_entity = -1;
10367c478bd9Sstevel@tonic-gate 
10377c478bd9Sstevel@tonic-gate 	return (rset);
10387c478bd9Sstevel@tonic-gate }
10397c478bd9Sstevel@tonic-gate 
10407c478bd9Sstevel@tonic-gate /*
10417c478bd9Sstevel@tonic-gate  * rctl_gp_alloc_t *rctl_set_init_prealloc(rctl_entity_t)
10427c478bd9Sstevel@tonic-gate  *
10437c478bd9Sstevel@tonic-gate  * Overview
10447c478bd9Sstevel@tonic-gate  *    rctl_set_init_prealloc() examines the globally defined resource controls
10457c478bd9Sstevel@tonic-gate  *    and their default values and returns a resource control allocation group
10467c478bd9Sstevel@tonic-gate  *    populated with sufficient controls and values to form a representative
10477c478bd9Sstevel@tonic-gate  *    resource control set for the specified entity.
10487c478bd9Sstevel@tonic-gate  *
10497c478bd9Sstevel@tonic-gate  * Return values
10507c478bd9Sstevel@tonic-gate  *    A pointer to the newly created allocation group.
10517c478bd9Sstevel@tonic-gate  *
10527c478bd9Sstevel@tonic-gate  * Caller's context
10537c478bd9Sstevel@tonic-gate  *    Caller must be in a context suitable for KM_SLEEP allocations.
10547c478bd9Sstevel@tonic-gate  */
10557c478bd9Sstevel@tonic-gate rctl_alloc_gp_t *
rctl_set_init_prealloc(rctl_entity_t entity)10567c478bd9Sstevel@tonic-gate rctl_set_init_prealloc(rctl_entity_t entity)
10577c478bd9Sstevel@tonic-gate {
10587c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde;
10597c478bd9Sstevel@tonic-gate 	rctl_alloc_gp_t *ragp = kmem_zalloc(sizeof (rctl_alloc_gp_t), KM_SLEEP);
10607c478bd9Sstevel@tonic-gate 
10617c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_NOT_HELD(&curproc->p_lock));
10627c478bd9Sstevel@tonic-gate 
10637c478bd9Sstevel@tonic-gate 	if (rctl_lists[entity] == NULL)
10647c478bd9Sstevel@tonic-gate 		return (ragp);
10657c478bd9Sstevel@tonic-gate 
10667c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_lists_lock);
10677c478bd9Sstevel@tonic-gate 
10687c478bd9Sstevel@tonic-gate 	for (rde = rctl_lists[entity]; rde != NULL; rde = rde->rcd_next) {
10697c478bd9Sstevel@tonic-gate 		ragp->rcag_nctls++;
10707c478bd9Sstevel@tonic-gate 		ragp->rcag_nvals += rctl_val_list_count(rde->rcd_default_value);
10717c478bd9Sstevel@tonic-gate 	}
10727c478bd9Sstevel@tonic-gate 
10737c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_lists_lock);
10747c478bd9Sstevel@tonic-gate 
10757c478bd9Sstevel@tonic-gate 	rctl_gp_alloc(ragp);
10767c478bd9Sstevel@tonic-gate 
10777c478bd9Sstevel@tonic-gate 	return (ragp);
10787c478bd9Sstevel@tonic-gate }
10797c478bd9Sstevel@tonic-gate 
10807c478bd9Sstevel@tonic-gate /*
10817c478bd9Sstevel@tonic-gate  * rctl_set_t *rctl_set_init(rctl_entity_t)
10827c478bd9Sstevel@tonic-gate  *
10837c478bd9Sstevel@tonic-gate  * Overview
10847c478bd9Sstevel@tonic-gate  *   rctl_set_create() creates a resource control set, initialized with the
10857c478bd9Sstevel@tonic-gate  *   system infinite values on all registered controls, for attachment to a
10867c478bd9Sstevel@tonic-gate  *   system entity requiring resource controls, such as a process or a task.
10877c478bd9Sstevel@tonic-gate  *
10887c478bd9Sstevel@tonic-gate  * Return values
10897c478bd9Sstevel@tonic-gate  *   A pointer to the newly filled set.
10907c478bd9Sstevel@tonic-gate  *
10917c478bd9Sstevel@tonic-gate  * Caller's context
10927c478bd9Sstevel@tonic-gate  *   Caller must be holding p_lock on entry so that RCTLOP_SET() functions
10937c478bd9Sstevel@tonic-gate  *   may modify task and project members based on the proc structure
10947c478bd9Sstevel@tonic-gate  *   they are passed.
10957c478bd9Sstevel@tonic-gate  */
10967c478bd9Sstevel@tonic-gate rctl_set_t *
rctl_set_init(rctl_entity_t entity,struct proc * p,rctl_entity_p_t * e,rctl_set_t * rset,rctl_alloc_gp_t * ragp)10977c478bd9Sstevel@tonic-gate rctl_set_init(rctl_entity_t entity, struct proc *p, rctl_entity_p_t *e,
10987c478bd9Sstevel@tonic-gate     rctl_set_t *rset, rctl_alloc_gp_t *ragp)
10997c478bd9Sstevel@tonic-gate {
11007c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde;
11017c478bd9Sstevel@tonic-gate 
11027c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_HELD(&p->p_lock));
11037c478bd9Sstevel@tonic-gate 	ASSERT(e);
11047c478bd9Sstevel@tonic-gate 	rset->rcs_entity = entity;
11057c478bd9Sstevel@tonic-gate 
11067c478bd9Sstevel@tonic-gate 	if (rctl_lists[entity] == NULL)
11077c478bd9Sstevel@tonic-gate 		return (rset);
11087c478bd9Sstevel@tonic-gate 
11097c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_lists_lock);
11107c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
11117c478bd9Sstevel@tonic-gate 
11127c478bd9Sstevel@tonic-gate 	for (rde = rctl_lists[entity]; rde != NULL; rde = rde->rcd_next) {
11137c478bd9Sstevel@tonic-gate 		rctl_t *rctl = rctl_gp_detach_ctl(ragp);
11147c478bd9Sstevel@tonic-gate 
11157c478bd9Sstevel@tonic-gate 		rctl->rc_dict_entry = rde;
11167c478bd9Sstevel@tonic-gate 		rctl->rc_id = rde->rcd_id;
1117532877c4Srd 		rctl->rc_projdb = NULL;
11187c478bd9Sstevel@tonic-gate 
11197c478bd9Sstevel@tonic-gate 		rctl->rc_values = rctl_val_list_dup(rde->rcd_default_value,
11207c478bd9Sstevel@tonic-gate 		    ragp, NULL, p);
11217c478bd9Sstevel@tonic-gate 		rctl->rc_cursor = rctl->rc_values;
11227c478bd9Sstevel@tonic-gate 
11237c478bd9Sstevel@tonic-gate 		ASSERT(rctl->rc_cursor != NULL);
11247c478bd9Sstevel@tonic-gate 
11257c478bd9Sstevel@tonic-gate 		rctl_set_insert(rset, rde->rcd_id, rctl);
11267c478bd9Sstevel@tonic-gate 
11277c478bd9Sstevel@tonic-gate 		RCTLOP_SET(rctl, p, e, rctl_model_value(rctl->rc_dict_entry, p,
11287c478bd9Sstevel@tonic-gate 		    rctl->rc_cursor->rcv_value));
11297c478bd9Sstevel@tonic-gate 	}
11307c478bd9Sstevel@tonic-gate 
11317c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
11327c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_lists_lock);
11337c478bd9Sstevel@tonic-gate 
11347c478bd9Sstevel@tonic-gate 	return (rset);
11357c478bd9Sstevel@tonic-gate }
11367c478bd9Sstevel@tonic-gate 
11377c478bd9Sstevel@tonic-gate static rctl_t *
rctl_dup(rctl_t * rctl,rctl_alloc_gp_t * ragp,struct proc * oldp,struct proc * newp)11387c478bd9Sstevel@tonic-gate rctl_dup(rctl_t *rctl, rctl_alloc_gp_t *ragp, struct proc *oldp,
11397c478bd9Sstevel@tonic-gate     struct proc *newp)
11407c478bd9Sstevel@tonic-gate {
11417c478bd9Sstevel@tonic-gate 	rctl_t *dup = rctl_gp_detach_ctl(ragp);
11427c478bd9Sstevel@tonic-gate 	rctl_val_t *dval;
11437c478bd9Sstevel@tonic-gate 
11447c478bd9Sstevel@tonic-gate 	dup->rc_id = rctl->rc_id;
11457c478bd9Sstevel@tonic-gate 	dup->rc_dict_entry = rctl->rc_dict_entry;
11467c478bd9Sstevel@tonic-gate 	dup->rc_next = NULL;
11477c478bd9Sstevel@tonic-gate 	dup->rc_cursor = NULL;
11487c478bd9Sstevel@tonic-gate 	dup->rc_values = rctl_val_list_dup(rctl->rc_values, ragp, oldp, newp);
11497c478bd9Sstevel@tonic-gate 
11507c478bd9Sstevel@tonic-gate 	for (dval = dup->rc_values;
11517c478bd9Sstevel@tonic-gate 	    dval != NULL; dval = dval->rcv_next) {
11527c478bd9Sstevel@tonic-gate 		if (rctl_val_cmp(rctl->rc_cursor, dval, 0) >= 0) {
11537c478bd9Sstevel@tonic-gate 			dup->rc_cursor = dval;
11547c478bd9Sstevel@tonic-gate 			break;
11557c478bd9Sstevel@tonic-gate 		}
11567c478bd9Sstevel@tonic-gate 	}
11577c478bd9Sstevel@tonic-gate 
11587c478bd9Sstevel@tonic-gate 	if (dup->rc_cursor == NULL)
11597c478bd9Sstevel@tonic-gate 		dup->rc_cursor = dup->rc_values;
11607c478bd9Sstevel@tonic-gate 
11617c478bd9Sstevel@tonic-gate 	return (dup);
11627c478bd9Sstevel@tonic-gate }
11637c478bd9Sstevel@tonic-gate 
11647c478bd9Sstevel@tonic-gate static void
rctl_set_fill_alloc_gp(rctl_set_t * set,rctl_alloc_gp_t * ragp)11657c478bd9Sstevel@tonic-gate rctl_set_fill_alloc_gp(rctl_set_t *set, rctl_alloc_gp_t *ragp)
11667c478bd9Sstevel@tonic-gate {
11677c478bd9Sstevel@tonic-gate 	uint_t i;
11687c478bd9Sstevel@tonic-gate 
11697c478bd9Sstevel@tonic-gate 	bzero(ragp, sizeof (rctl_alloc_gp_t));
11707c478bd9Sstevel@tonic-gate 
11717c478bd9Sstevel@tonic-gate 	for (i = 0; i < rctl_set_size; i++) {
11727c478bd9Sstevel@tonic-gate 		rctl_t *r = set->rcs_ctls[i];
11737c478bd9Sstevel@tonic-gate 
11747c478bd9Sstevel@tonic-gate 		while (r != NULL) {
11757c478bd9Sstevel@tonic-gate 			ragp->rcag_nctls++;
11767c478bd9Sstevel@tonic-gate 
11777c478bd9Sstevel@tonic-gate 			ragp->rcag_nvals += rctl_val_list_count(r->rc_values);
11787c478bd9Sstevel@tonic-gate 
11797c478bd9Sstevel@tonic-gate 			r = r->rc_next;
11807c478bd9Sstevel@tonic-gate 		}
11817c478bd9Sstevel@tonic-gate 	}
11827c478bd9Sstevel@tonic-gate }
11837c478bd9Sstevel@tonic-gate 
11847c478bd9Sstevel@tonic-gate /*
11857c478bd9Sstevel@tonic-gate  * rctl_alloc_gp_t *rctl_set_dup_prealloc(rctl_set_t *)
11867c478bd9Sstevel@tonic-gate  *
11877c478bd9Sstevel@tonic-gate  * Overview
11887c478bd9Sstevel@tonic-gate  *   Given a resource control set, allocate a sufficiently large allocation
11897c478bd9Sstevel@tonic-gate  *   group to contain a duplicate of the set.
11907c478bd9Sstevel@tonic-gate  *
11917c478bd9Sstevel@tonic-gate  * Return value
11927c478bd9Sstevel@tonic-gate  *   A pointer to the newly created allocation group.
11937c478bd9Sstevel@tonic-gate  *
11947c478bd9Sstevel@tonic-gate  * Caller's context
11957c478bd9Sstevel@tonic-gate  *   Safe for KM_SLEEP allocations.
11967c478bd9Sstevel@tonic-gate  */
11977c478bd9Sstevel@tonic-gate rctl_alloc_gp_t *
rctl_set_dup_prealloc(rctl_set_t * set)11987c478bd9Sstevel@tonic-gate rctl_set_dup_prealloc(rctl_set_t *set)
11997c478bd9Sstevel@tonic-gate {
12007c478bd9Sstevel@tonic-gate 	rctl_alloc_gp_t *ragp = kmem_zalloc(sizeof (rctl_alloc_gp_t), KM_SLEEP);
12017c478bd9Sstevel@tonic-gate 
12027c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_NOT_HELD(&curproc->p_lock));
12037c478bd9Sstevel@tonic-gate 
12047c478bd9Sstevel@tonic-gate 	mutex_enter(&set->rcs_lock);
12057c478bd9Sstevel@tonic-gate 	rctl_set_fill_alloc_gp(set, ragp);
12067c478bd9Sstevel@tonic-gate 	mutex_exit(&set->rcs_lock);
12077c478bd9Sstevel@tonic-gate 
12087c478bd9Sstevel@tonic-gate 	rctl_gp_alloc(ragp);
12097c478bd9Sstevel@tonic-gate 
12107c478bd9Sstevel@tonic-gate 	return (ragp);
12117c478bd9Sstevel@tonic-gate }
12127c478bd9Sstevel@tonic-gate 
12137c478bd9Sstevel@tonic-gate /*
12147c478bd9Sstevel@tonic-gate  * int rctl_set_dup_ready(rctl_set_t *, rctl_alloc_gp_t *)
12157c478bd9Sstevel@tonic-gate  *
12167c478bd9Sstevel@tonic-gate  * Overview
12177c478bd9Sstevel@tonic-gate  *   Verify that the allocation group provided is large enough to allow a
12187c478bd9Sstevel@tonic-gate  *   duplicate of the given resource control set to be constructed from its
12197c478bd9Sstevel@tonic-gate  *   contents.
12207c478bd9Sstevel@tonic-gate  *
12217c478bd9Sstevel@tonic-gate  * Return values
12227c478bd9Sstevel@tonic-gate  *   1 if the allocation group is sufficiently large, 0 otherwise.
12237c478bd9Sstevel@tonic-gate  *
12247c478bd9Sstevel@tonic-gate  * Caller's context
12257c478bd9Sstevel@tonic-gate  *   rcs_lock must be held prior to entry.
12267c478bd9Sstevel@tonic-gate  */
12277c478bd9Sstevel@tonic-gate int
rctl_set_dup_ready(rctl_set_t * set,rctl_alloc_gp_t * ragp)12287c478bd9Sstevel@tonic-gate rctl_set_dup_ready(rctl_set_t *set, rctl_alloc_gp_t *ragp)
12297c478bd9Sstevel@tonic-gate {
12307c478bd9Sstevel@tonic-gate 	rctl_alloc_gp_t curr_gp;
12317c478bd9Sstevel@tonic-gate 
12327c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_HELD(&set->rcs_lock));
12337c478bd9Sstevel@tonic-gate 
12347c478bd9Sstevel@tonic-gate 	rctl_set_fill_alloc_gp(set, &curr_gp);
12357c478bd9Sstevel@tonic-gate 
12367c478bd9Sstevel@tonic-gate 	if (curr_gp.rcag_nctls <= ragp->rcag_nctls &&
12377c478bd9Sstevel@tonic-gate 	    curr_gp.rcag_nvals <= ragp->rcag_nvals)
12387c478bd9Sstevel@tonic-gate 		return (1);
12397c478bd9Sstevel@tonic-gate 
12407c478bd9Sstevel@tonic-gate 	return (0);
12417c478bd9Sstevel@tonic-gate }
12427c478bd9Sstevel@tonic-gate 
12437c478bd9Sstevel@tonic-gate /*
12447c478bd9Sstevel@tonic-gate  * rctl_set_t *rctl_set_dup(rctl_set_t *, struct proc *, struct proc *,
12457c478bd9Sstevel@tonic-gate  *   rctl_set_t *, rctl_alloc_gp_t *, int)
12467c478bd9Sstevel@tonic-gate  *
12477c478bd9Sstevel@tonic-gate  * Overview
12487c478bd9Sstevel@tonic-gate  *   Make a duplicate of the resource control set.  The proc pointers are those
12497c478bd9Sstevel@tonic-gate  *   of the owning process and of the process associated with the entity
12507c478bd9Sstevel@tonic-gate  *   receiving the duplicate.
12517c478bd9Sstevel@tonic-gate  *
12527c478bd9Sstevel@tonic-gate  *   Duplication is a 3 stage process. Stage 1 is memory allocation for
12537c478bd9Sstevel@tonic-gate  *   the duplicate set, which is taken care of by rctl_set_dup_prealloc().
12547c478bd9Sstevel@tonic-gate  *   Stage 2 consists of copying all rctls and values from the old set into
12557c478bd9Sstevel@tonic-gate  *   the new. Stage 3 completes the duplication by performing the appropriate
12567c478bd9Sstevel@tonic-gate  *   callbacks for each rctl in the new set.
12577c478bd9Sstevel@tonic-gate  *
12587c478bd9Sstevel@tonic-gate  *   Stages 2 and 3 are handled by calling rctl_set_dup with the RCD_DUP and
12597c478bd9Sstevel@tonic-gate  *   RCD_CALLBACK functions, respectively. The RCD_CALLBACK flag may only
12607c478bd9Sstevel@tonic-gate  *   be supplied if the newp proc structure reflects the new task and
12617c478bd9Sstevel@tonic-gate  *   project linkage.
12627c478bd9Sstevel@tonic-gate  *
12637c478bd9Sstevel@tonic-gate  * Return value
12647c478bd9Sstevel@tonic-gate  *   A pointer to the duplicate set.
12657c478bd9Sstevel@tonic-gate  *
12667c478bd9Sstevel@tonic-gate  * Caller's context
12677c478bd9Sstevel@tonic-gate  *   The rcs_lock of the set to be duplicated must be held prior to entry.
12687c478bd9Sstevel@tonic-gate  */
12697c478bd9Sstevel@tonic-gate rctl_set_t *
rctl_set_dup(rctl_set_t * set,struct proc * oldp,struct proc * newp,rctl_entity_p_t * e,rctl_set_t * dup,rctl_alloc_gp_t * ragp,int flag)12707c478bd9Sstevel@tonic-gate rctl_set_dup(rctl_set_t *set, struct proc *oldp, struct proc *newp,
12717c478bd9Sstevel@tonic-gate     rctl_entity_p_t *e, rctl_set_t *dup, rctl_alloc_gp_t *ragp, int flag)
12727c478bd9Sstevel@tonic-gate {
12737c478bd9Sstevel@tonic-gate 	uint_t i;
12747c478bd9Sstevel@tonic-gate 	rctl_set_t	*iter;
12757c478bd9Sstevel@tonic-gate 
12767c478bd9Sstevel@tonic-gate 	ASSERT((flag & RCD_DUP) || (flag & RCD_CALLBACK));
12777c478bd9Sstevel@tonic-gate 	ASSERT(e);
12787c478bd9Sstevel@tonic-gate 	/*
12797c478bd9Sstevel@tonic-gate 	 * When copying the old set, iterate over that. Otherwise, when
12807c478bd9Sstevel@tonic-gate 	 * only callbacks have been requested, iterate over the dup set.
12817c478bd9Sstevel@tonic-gate 	 */
12827c478bd9Sstevel@tonic-gate 	if (flag & RCD_DUP) {
12837c478bd9Sstevel@tonic-gate 		ASSERT(MUTEX_HELD(&set->rcs_lock));
12847c478bd9Sstevel@tonic-gate 		iter = set;
12857c478bd9Sstevel@tonic-gate 		dup->rcs_entity = set->rcs_entity;
12867c478bd9Sstevel@tonic-gate 	} else {
12877c478bd9Sstevel@tonic-gate 		iter = dup;
12887c478bd9Sstevel@tonic-gate 	}
12897c478bd9Sstevel@tonic-gate 
12907c478bd9Sstevel@tonic-gate 	mutex_enter(&dup->rcs_lock);
12917c478bd9Sstevel@tonic-gate 
12927c478bd9Sstevel@tonic-gate 	for (i = 0; i < rctl_set_size; i++) {
12937c478bd9Sstevel@tonic-gate 		rctl_t *r = iter->rcs_ctls[i];
12947c478bd9Sstevel@tonic-gate 		rctl_t *d;
12957c478bd9Sstevel@tonic-gate 
12967c478bd9Sstevel@tonic-gate 		while (r != NULL) {
12977c478bd9Sstevel@tonic-gate 			if (flag & RCD_DUP) {
12987c478bd9Sstevel@tonic-gate 				d = rctl_dup(r, ragp, oldp, newp);
12997c478bd9Sstevel@tonic-gate 				rctl_set_insert(dup, r->rc_id, d);
13007c478bd9Sstevel@tonic-gate 			} else {
13017c478bd9Sstevel@tonic-gate 				d = r;
13027c478bd9Sstevel@tonic-gate 			}
13037c478bd9Sstevel@tonic-gate 
13047c478bd9Sstevel@tonic-gate 			if (flag & RCD_CALLBACK)
13057c478bd9Sstevel@tonic-gate 				RCTLOP_SET(d, newp, e,
13067c478bd9Sstevel@tonic-gate 				    rctl_model_value(d->rc_dict_entry, newp,
13077c478bd9Sstevel@tonic-gate 				    d->rc_cursor->rcv_value));
13087c478bd9Sstevel@tonic-gate 
13097c478bd9Sstevel@tonic-gate 			r = r->rc_next;
13107c478bd9Sstevel@tonic-gate 		}
13117c478bd9Sstevel@tonic-gate 	}
13127c478bd9Sstevel@tonic-gate 
13137c478bd9Sstevel@tonic-gate 	mutex_exit(&dup->rcs_lock);
13147c478bd9Sstevel@tonic-gate 
13157c478bd9Sstevel@tonic-gate 	return (dup);
13167c478bd9Sstevel@tonic-gate }
13177c478bd9Sstevel@tonic-gate 
13187c478bd9Sstevel@tonic-gate /*
13197c478bd9Sstevel@tonic-gate  * void rctl_set_free(rctl_set_t *)
13207c478bd9Sstevel@tonic-gate  *
13217c478bd9Sstevel@tonic-gate  * Overview
13227c478bd9Sstevel@tonic-gate  *   Delete resource control set and all attached values.
13237c478bd9Sstevel@tonic-gate  *
13247c478bd9Sstevel@tonic-gate  * Return values
13257c478bd9Sstevel@tonic-gate  *   No value returned.
13267c478bd9Sstevel@tonic-gate  *
13277c478bd9Sstevel@tonic-gate  * Caller's context
13287c478bd9Sstevel@tonic-gate  *   No restrictions on context.
13297c478bd9Sstevel@tonic-gate  */
13307c478bd9Sstevel@tonic-gate void
rctl_set_free(rctl_set_t * set)13317c478bd9Sstevel@tonic-gate rctl_set_free(rctl_set_t *set)
13327c478bd9Sstevel@tonic-gate {
13337c478bd9Sstevel@tonic-gate 	uint_t i;
13347c478bd9Sstevel@tonic-gate 
13357c478bd9Sstevel@tonic-gate 	mutex_enter(&set->rcs_lock);
13367c478bd9Sstevel@tonic-gate 	for (i = 0; i < rctl_set_size; i++) {
13377c478bd9Sstevel@tonic-gate 		rctl_t *r = set->rcs_ctls[i];
13387c478bd9Sstevel@tonic-gate 
13397c478bd9Sstevel@tonic-gate 		while (r != NULL) {
13407c478bd9Sstevel@tonic-gate 			rctl_val_t *v = r->rc_values;
13417c478bd9Sstevel@tonic-gate 			rctl_t *n = r->rc_next;
13427c478bd9Sstevel@tonic-gate 
13437c478bd9Sstevel@tonic-gate 			kmem_cache_free(rctl_cache, r);
13447c478bd9Sstevel@tonic-gate 
13457c478bd9Sstevel@tonic-gate 			rctl_val_list_free(v);
13467c478bd9Sstevel@tonic-gate 
13477c478bd9Sstevel@tonic-gate 			r = n;
13487c478bd9Sstevel@tonic-gate 		}
13497c478bd9Sstevel@tonic-gate 	}
13507c478bd9Sstevel@tonic-gate 	mutex_exit(&set->rcs_lock);
13517c478bd9Sstevel@tonic-gate 
13527c478bd9Sstevel@tonic-gate 	kmem_free(set->rcs_ctls, sizeof (rctl_t *) * rctl_set_size);
13537c478bd9Sstevel@tonic-gate 	kmem_free(set, sizeof (rctl_set_t));
13547c478bd9Sstevel@tonic-gate }
13557c478bd9Sstevel@tonic-gate 
13567c478bd9Sstevel@tonic-gate /*
13577c478bd9Sstevel@tonic-gate  * void rctl_set_reset(rctl_set_t *)
13587c478bd9Sstevel@tonic-gate  *
13597c478bd9Sstevel@tonic-gate  * Overview
13607c478bd9Sstevel@tonic-gate  *   Resets all rctls within the set such that the lowest value becomes active.
13617c478bd9Sstevel@tonic-gate  *
13627c478bd9Sstevel@tonic-gate  * Return values
13637c478bd9Sstevel@tonic-gate  *   No value returned.
13647c478bd9Sstevel@tonic-gate  *
13657c478bd9Sstevel@tonic-gate  * Caller's context
13667c478bd9Sstevel@tonic-gate  *   No restrictions on context.
13677c478bd9Sstevel@tonic-gate  */
13687c478bd9Sstevel@tonic-gate void
rctl_set_reset(rctl_set_t * set,struct proc * p,rctl_entity_p_t * e)13697c478bd9Sstevel@tonic-gate rctl_set_reset(rctl_set_t *set, struct proc *p, rctl_entity_p_t *e)
13707c478bd9Sstevel@tonic-gate {
13717c478bd9Sstevel@tonic-gate 	uint_t i;
13727c478bd9Sstevel@tonic-gate 
13737c478bd9Sstevel@tonic-gate 	ASSERT(e);
13747c478bd9Sstevel@tonic-gate 
13757c478bd9Sstevel@tonic-gate 	mutex_enter(&set->rcs_lock);
13767c478bd9Sstevel@tonic-gate 	for (i = 0; i < rctl_set_size; i++) {
13777c478bd9Sstevel@tonic-gate 		rctl_t *r = set->rcs_ctls[i];
13787c478bd9Sstevel@tonic-gate 
13797c478bd9Sstevel@tonic-gate 		while (r != NULL) {
13807c478bd9Sstevel@tonic-gate 			r->rc_cursor = r->rc_values;
13817c478bd9Sstevel@tonic-gate 			rctl_val_list_reset(r->rc_cursor);
13827c478bd9Sstevel@tonic-gate 			RCTLOP_SET(r, p, e, rctl_model_value(r->rc_dict_entry,
13837c478bd9Sstevel@tonic-gate 			    p, r->rc_cursor->rcv_value));
13847c478bd9Sstevel@tonic-gate 
13857c478bd9Sstevel@tonic-gate 			ASSERT(r->rc_cursor != NULL);
13867c478bd9Sstevel@tonic-gate 
13877c478bd9Sstevel@tonic-gate 			r = r->rc_next;
13887c478bd9Sstevel@tonic-gate 		}
13897c478bd9Sstevel@tonic-gate 	}
13907c478bd9Sstevel@tonic-gate 
13917c478bd9Sstevel@tonic-gate 	mutex_exit(&set->rcs_lock);
13927c478bd9Sstevel@tonic-gate }
13937c478bd9Sstevel@tonic-gate 
13947c478bd9Sstevel@tonic-gate /*
13957c478bd9Sstevel@tonic-gate  * void rctl_set_tearoff(rctl_set *, struct proc *)
13967c478bd9Sstevel@tonic-gate  *
13977c478bd9Sstevel@tonic-gate  * Overview
13987c478bd9Sstevel@tonic-gate  *   Tear off any resource control values on this set with an action recipient
13997c478bd9Sstevel@tonic-gate  *   equal to the specified process (as they are becoming invalid with the
14007c478bd9Sstevel@tonic-gate  *   process's departure from this set as an observer).
14017c478bd9Sstevel@tonic-gate  *
14027c478bd9Sstevel@tonic-gate  * Return values
14037c478bd9Sstevel@tonic-gate  *   No value returned.
14047c478bd9Sstevel@tonic-gate  *
14057c478bd9Sstevel@tonic-gate  * Caller's context
14067c478bd9Sstevel@tonic-gate  *   No restrictions on context
14077c478bd9Sstevel@tonic-gate  */
14087c478bd9Sstevel@tonic-gate void
rctl_set_tearoff(rctl_set_t * set,struct proc * p)14097c478bd9Sstevel@tonic-gate rctl_set_tearoff(rctl_set_t *set, struct proc *p)
14107c478bd9Sstevel@tonic-gate {
14117c478bd9Sstevel@tonic-gate 	uint_t i;
14127c478bd9Sstevel@tonic-gate 
14137c478bd9Sstevel@tonic-gate 	mutex_enter(&set->rcs_lock);
14147c478bd9Sstevel@tonic-gate 	for (i = 0; i < rctl_set_size; i++) {
14157c478bd9Sstevel@tonic-gate 		rctl_t *r = set->rcs_ctls[i];
14167c478bd9Sstevel@tonic-gate 
14177c478bd9Sstevel@tonic-gate 		while (r != NULL) {
14187c478bd9Sstevel@tonic-gate 			rctl_val_t *rval;
14197c478bd9Sstevel@tonic-gate 
14207c478bd9Sstevel@tonic-gate tearoff_rewalk_list:
14217c478bd9Sstevel@tonic-gate 			rval = r->rc_values;
14227c478bd9Sstevel@tonic-gate 
14237c478bd9Sstevel@tonic-gate 			while (rval != NULL) {
14247c478bd9Sstevel@tonic-gate 				if (rval->rcv_privilege == RCPRIV_BASIC &&
14257c478bd9Sstevel@tonic-gate 				    rval->rcv_action_recipient == p) {
14267c478bd9Sstevel@tonic-gate 					if (r->rc_cursor == rval)
14277c478bd9Sstevel@tonic-gate 						r->rc_cursor = rval->rcv_next;
14287c478bd9Sstevel@tonic-gate 
14297c478bd9Sstevel@tonic-gate 					(void) rctl_val_list_delete(
14307c478bd9Sstevel@tonic-gate 					    &r->rc_values, rval);
14317c478bd9Sstevel@tonic-gate 
14327c478bd9Sstevel@tonic-gate 					goto tearoff_rewalk_list;
14337c478bd9Sstevel@tonic-gate 				}
14347c478bd9Sstevel@tonic-gate 
14357c478bd9Sstevel@tonic-gate 				rval = rval->rcv_next;
14367c478bd9Sstevel@tonic-gate 			}
14377c478bd9Sstevel@tonic-gate 
14387c478bd9Sstevel@tonic-gate 			ASSERT(r->rc_cursor != NULL);
14397c478bd9Sstevel@tonic-gate 
14407c478bd9Sstevel@tonic-gate 			r = r->rc_next;
14417c478bd9Sstevel@tonic-gate 		}
14427c478bd9Sstevel@tonic-gate 	}
14437c478bd9Sstevel@tonic-gate 
14447c478bd9Sstevel@tonic-gate 	mutex_exit(&set->rcs_lock);
14457c478bd9Sstevel@tonic-gate }
14467c478bd9Sstevel@tonic-gate 
144755c01d4fSMenno Lageman int
rctl_set_find(rctl_set_t * set,rctl_hndl_t hndl,rctl_t ** rctl)14487c478bd9Sstevel@tonic-gate rctl_set_find(rctl_set_t *set, rctl_hndl_t hndl, rctl_t **rctl)
14497c478bd9Sstevel@tonic-gate {
14507c478bd9Sstevel@tonic-gate 	uint_t index = hndl % rctl_set_size;
14517c478bd9Sstevel@tonic-gate 	rctl_t *curr_ctl;
14527c478bd9Sstevel@tonic-gate 
14537c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_HELD(&set->rcs_lock));
14547c478bd9Sstevel@tonic-gate 
14557c478bd9Sstevel@tonic-gate 	for (curr_ctl = set->rcs_ctls[index]; curr_ctl != NULL;
14567c478bd9Sstevel@tonic-gate 	    curr_ctl = curr_ctl->rc_next) {
14577c478bd9Sstevel@tonic-gate 		if (curr_ctl->rc_id == hndl) {
14587c478bd9Sstevel@tonic-gate 			*rctl = curr_ctl;
14597c478bd9Sstevel@tonic-gate 
14607c478bd9Sstevel@tonic-gate 			return (0);
14617c478bd9Sstevel@tonic-gate 		}
14627c478bd9Sstevel@tonic-gate 	}
14637c478bd9Sstevel@tonic-gate 
14647c478bd9Sstevel@tonic-gate 	return (-1);
14657c478bd9Sstevel@tonic-gate }
14667c478bd9Sstevel@tonic-gate 
14677c478bd9Sstevel@tonic-gate /*
14687c478bd9Sstevel@tonic-gate  * rlim64_t rctl_enforced_value(rctl_hndl_t, rctl_set_t *, struct proc *)
14697c478bd9Sstevel@tonic-gate  *
14707c478bd9Sstevel@tonic-gate  * Overview
14717c478bd9Sstevel@tonic-gate  *   Given a process, get the next enforced value on the rctl of the specified
14727c478bd9Sstevel@tonic-gate  *   handle.
14737c478bd9Sstevel@tonic-gate  *
14747c478bd9Sstevel@tonic-gate  * Return value
14757c478bd9Sstevel@tonic-gate  *   The enforced value.
14767c478bd9Sstevel@tonic-gate  *
14777c478bd9Sstevel@tonic-gate  * Caller's context
14787c478bd9Sstevel@tonic-gate  *   For controls on process collectives, p->p_lock must be held across the
14797c478bd9Sstevel@tonic-gate  *   operation.
14807c478bd9Sstevel@tonic-gate  */
14817c478bd9Sstevel@tonic-gate /*ARGSUSED*/
14827c478bd9Sstevel@tonic-gate rctl_qty_t
rctl_enforced_value(rctl_hndl_t hndl,rctl_set_t * rset,struct proc * p)14837c478bd9Sstevel@tonic-gate rctl_enforced_value(rctl_hndl_t hndl, rctl_set_t *rset, struct proc *p)
14847c478bd9Sstevel@tonic-gate {
14857c478bd9Sstevel@tonic-gate 	rctl_t *rctl;
14867c478bd9Sstevel@tonic-gate 	rlim64_t ret;
14877c478bd9Sstevel@tonic-gate 
14887c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
14897c478bd9Sstevel@tonic-gate 
14907c478bd9Sstevel@tonic-gate 	if (rctl_set_find(rset, hndl, &rctl) == -1)
14917c478bd9Sstevel@tonic-gate 		panic("unknown resource control handle %d requested", hndl);
14927c478bd9Sstevel@tonic-gate 	else
14937c478bd9Sstevel@tonic-gate 		ret = rctl_model_value(rctl->rc_dict_entry, p,
14947c478bd9Sstevel@tonic-gate 		    rctl->rc_cursor->rcv_value);
14957c478bd9Sstevel@tonic-gate 
14967c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
14977c478bd9Sstevel@tonic-gate 
14987c478bd9Sstevel@tonic-gate 	return (ret);
14997c478bd9Sstevel@tonic-gate }
15007c478bd9Sstevel@tonic-gate 
15017c478bd9Sstevel@tonic-gate /*
15027c478bd9Sstevel@tonic-gate  * int rctl_global_get(const char *, rctl_dict_entry_t *)
15037c478bd9Sstevel@tonic-gate  *
15047c478bd9Sstevel@tonic-gate  * Overview
15057c478bd9Sstevel@tonic-gate  *   Copy a sanitized version of the global rctl for a given resource control
15067c478bd9Sstevel@tonic-gate  *   name.  (By sanitization, we mean that the unsafe data pointers have been
15077c478bd9Sstevel@tonic-gate  *   zeroed.)
15087c478bd9Sstevel@tonic-gate  *
15097c478bd9Sstevel@tonic-gate  * Return value
15107c478bd9Sstevel@tonic-gate  *   -1 if name not defined, 0 otherwise.
15117c478bd9Sstevel@tonic-gate  *
15127c478bd9Sstevel@tonic-gate  * Caller's context
15137c478bd9Sstevel@tonic-gate  *   No restrictions on context.  rctl_dict_lock must not be held.
15147c478bd9Sstevel@tonic-gate  */
15157c478bd9Sstevel@tonic-gate int
rctl_global_get(const char * name,rctl_dict_entry_t * drde)15167c478bd9Sstevel@tonic-gate rctl_global_get(const char *name, rctl_dict_entry_t *drde)
15177c478bd9Sstevel@tonic-gate {
15187c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde = rctl_dict_lookup(name);
15197c478bd9Sstevel@tonic-gate 
15207c478bd9Sstevel@tonic-gate 	if (rde == NULL)
15217c478bd9Sstevel@tonic-gate 		return (-1);
15227c478bd9Sstevel@tonic-gate 
15237c478bd9Sstevel@tonic-gate 	bcopy(rde, drde, sizeof (rctl_dict_entry_t));
15247c478bd9Sstevel@tonic-gate 
15257c478bd9Sstevel@tonic-gate 	drde->rcd_next = NULL;
15267c478bd9Sstevel@tonic-gate 	drde->rcd_ops = NULL;
15277c478bd9Sstevel@tonic-gate 
15287c478bd9Sstevel@tonic-gate 	return (0);
15297c478bd9Sstevel@tonic-gate }
15307c478bd9Sstevel@tonic-gate 
15317c478bd9Sstevel@tonic-gate /*
15327c478bd9Sstevel@tonic-gate  * int rctl_global_set(const char *, rctl_dict_entry_t *)
15337c478bd9Sstevel@tonic-gate  *
15347c478bd9Sstevel@tonic-gate  * Overview
15357c478bd9Sstevel@tonic-gate  *   Transfer the settable fields of the named rctl to the global rctl matching
15367c478bd9Sstevel@tonic-gate  *   the given resource control name.
15377c478bd9Sstevel@tonic-gate  *
15387c478bd9Sstevel@tonic-gate  * Return value
15397c478bd9Sstevel@tonic-gate  *   -1 if name not defined, 0 otherwise.
15407c478bd9Sstevel@tonic-gate  *
15417c478bd9Sstevel@tonic-gate  * Caller's context
15427c478bd9Sstevel@tonic-gate  *   No restrictions on context.  rctl_dict_lock must not be held.
15437c478bd9Sstevel@tonic-gate  */
15447c478bd9Sstevel@tonic-gate int
rctl_global_set(const char * name,rctl_dict_entry_t * drde)15457c478bd9Sstevel@tonic-gate rctl_global_set(const char *name, rctl_dict_entry_t *drde)
15467c478bd9Sstevel@tonic-gate {
15477c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde = rctl_dict_lookup(name);
15487c478bd9Sstevel@tonic-gate 
15497c478bd9Sstevel@tonic-gate 	if (rde == NULL)
15507c478bd9Sstevel@tonic-gate 		return (-1);
15517c478bd9Sstevel@tonic-gate 
15527c478bd9Sstevel@tonic-gate 	rde->rcd_flagaction = drde->rcd_flagaction;
15537c478bd9Sstevel@tonic-gate 	rde->rcd_syslog_level = drde->rcd_syslog_level;
15547c478bd9Sstevel@tonic-gate 	rde->rcd_strlog_flags = drde->rcd_strlog_flags;
15557c478bd9Sstevel@tonic-gate 
15567c478bd9Sstevel@tonic-gate 	return (0);
15577c478bd9Sstevel@tonic-gate }
15587c478bd9Sstevel@tonic-gate 
15597c478bd9Sstevel@tonic-gate static int
rctl_local_op(rctl_hndl_t hndl,rctl_val_t * oval,rctl_val_t * nval,int (* cbop)(rctl_hndl_t,struct proc * p,rctl_entity_p_t * e,rctl_t *,rctl_val_t *,rctl_val_t *),struct proc * p)15607c478bd9Sstevel@tonic-gate rctl_local_op(rctl_hndl_t hndl, rctl_val_t *oval, rctl_val_t *nval,
15617c478bd9Sstevel@tonic-gate     int (*cbop)(rctl_hndl_t, struct proc *p, rctl_entity_p_t *e, rctl_t *,
15627c478bd9Sstevel@tonic-gate     rctl_val_t *, rctl_val_t *), struct proc *p)
15637c478bd9Sstevel@tonic-gate {
15647c478bd9Sstevel@tonic-gate 	rctl_t *rctl;
15657c478bd9Sstevel@tonic-gate 	rctl_set_t *rset;
15667c478bd9Sstevel@tonic-gate 	rctl_entity_p_t e;
15677c478bd9Sstevel@tonic-gate 	int ret = 0;
15687c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde = rctl_dict_lookup_hndl(hndl);
15697c478bd9Sstevel@tonic-gate 
15707c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_HELD(&p->p_lock));
15717c478bd9Sstevel@tonic-gate 
15727c478bd9Sstevel@tonic-gate 	rset = rctl_entity_obtain_rset(rde, p);
15737c478bd9Sstevel@tonic-gate 
15747c478bd9Sstevel@tonic-gate 	if (rset == NULL) {
15757c478bd9Sstevel@tonic-gate 		return (-1);
15767c478bd9Sstevel@tonic-gate 	}
15777c478bd9Sstevel@tonic-gate 	rctl_entity_obtain_entity_p(rset->rcs_entity, p, &e);
15787c478bd9Sstevel@tonic-gate 
15797c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
15807c478bd9Sstevel@tonic-gate 
15817c478bd9Sstevel@tonic-gate 	/* using rctl's hndl, get rctl from local set */
15827c478bd9Sstevel@tonic-gate 	if (rctl_set_find(rset, hndl, &rctl) == -1) {
15837c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
15847c478bd9Sstevel@tonic-gate 		return (-1);
15857c478bd9Sstevel@tonic-gate 	}
15867c478bd9Sstevel@tonic-gate 
15877c478bd9Sstevel@tonic-gate 	ret = cbop(hndl, p, &e, rctl, oval, nval);
15887c478bd9Sstevel@tonic-gate 
15897c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
15907c478bd9Sstevel@tonic-gate 	return (ret);
15917c478bd9Sstevel@tonic-gate }
15927c478bd9Sstevel@tonic-gate 
15937c478bd9Sstevel@tonic-gate /*ARGSUSED*/
15947c478bd9Sstevel@tonic-gate static int
rctl_local_get_cb(rctl_hndl_t hndl,struct proc * p,rctl_entity_p_t * e,rctl_t * rctl,rctl_val_t * oval,rctl_val_t * nval)15957c478bd9Sstevel@tonic-gate rctl_local_get_cb(rctl_hndl_t hndl, struct proc *p, rctl_entity_p_t *e,
15967c478bd9Sstevel@tonic-gate     rctl_t *rctl, rctl_val_t *oval, rctl_val_t *nval)
15977c478bd9Sstevel@tonic-gate {
15987c478bd9Sstevel@tonic-gate 	if (oval == NULL) {
15997c478bd9Sstevel@tonic-gate 		/*
16007c478bd9Sstevel@tonic-gate 		 * RCTL_FIRST
16017c478bd9Sstevel@tonic-gate 		 */
16027c478bd9Sstevel@tonic-gate 		bcopy(rctl->rc_values, nval, sizeof (rctl_val_t));
16037c478bd9Sstevel@tonic-gate 	} else {
16047c478bd9Sstevel@tonic-gate 		/*
16057c478bd9Sstevel@tonic-gate 		 * RCTL_NEXT
16067c478bd9Sstevel@tonic-gate 		 */
16077c478bd9Sstevel@tonic-gate 		rctl_val_t *tval = rctl_val_list_find(&rctl->rc_values, oval);
16087c478bd9Sstevel@tonic-gate 
16097c478bd9Sstevel@tonic-gate 		if (tval == NULL)
16107c478bd9Sstevel@tonic-gate 			return (ESRCH);
16117c478bd9Sstevel@tonic-gate 		else if (tval->rcv_next == NULL)
16127c478bd9Sstevel@tonic-gate 			return (ENOENT);
16137c478bd9Sstevel@tonic-gate 		else
16147c478bd9Sstevel@tonic-gate 			bcopy(tval->rcv_next, nval, sizeof (rctl_val_t));
16157c478bd9Sstevel@tonic-gate 	}
16167c478bd9Sstevel@tonic-gate 
16177c478bd9Sstevel@tonic-gate 	return (0);
16187c478bd9Sstevel@tonic-gate }
16197c478bd9Sstevel@tonic-gate 
16207c478bd9Sstevel@tonic-gate /*
16217c478bd9Sstevel@tonic-gate  * int rctl_local_get(rctl_hndl_t, rctl_val_t *)
16227c478bd9Sstevel@tonic-gate  *
16237c478bd9Sstevel@tonic-gate  * Overview
16247c478bd9Sstevel@tonic-gate  *   Get the rctl value for the given flags.
16257c478bd9Sstevel@tonic-gate  *
16267c478bd9Sstevel@tonic-gate  * Return values
16277c478bd9Sstevel@tonic-gate  *   0 for successful get, errno otherwise.
16287c478bd9Sstevel@tonic-gate  */
16297c478bd9Sstevel@tonic-gate int
rctl_local_get(rctl_hndl_t hndl,rctl_val_t * oval,rctl_val_t * nval,struct proc * p)16307c478bd9Sstevel@tonic-gate rctl_local_get(rctl_hndl_t hndl, rctl_val_t *oval, rctl_val_t *nval,
16317c478bd9Sstevel@tonic-gate     struct proc *p)
16327c478bd9Sstevel@tonic-gate {
16337c478bd9Sstevel@tonic-gate 	return (rctl_local_op(hndl, oval, nval, rctl_local_get_cb, p));
16347c478bd9Sstevel@tonic-gate }
16357c478bd9Sstevel@tonic-gate 
16367c478bd9Sstevel@tonic-gate /*ARGSUSED*/
16377c478bd9Sstevel@tonic-gate static int
rctl_local_delete_cb(rctl_hndl_t hndl,struct proc * p,rctl_entity_p_t * e,rctl_t * rctl,rctl_val_t * oval,rctl_val_t * nval)16387c478bd9Sstevel@tonic-gate rctl_local_delete_cb(rctl_hndl_t hndl, struct proc *p, rctl_entity_p_t *e,
16397c478bd9Sstevel@tonic-gate     rctl_t *rctl, rctl_val_t *oval, rctl_val_t *nval)
16407c478bd9Sstevel@tonic-gate {
16417c478bd9Sstevel@tonic-gate 	if ((oval = rctl_val_list_find(&rctl->rc_values, nval)) == NULL)
16427c478bd9Sstevel@tonic-gate 		return (ESRCH);
16437c478bd9Sstevel@tonic-gate 
16447c478bd9Sstevel@tonic-gate 	if (rctl->rc_cursor == oval) {
16457c478bd9Sstevel@tonic-gate 		rctl->rc_cursor = oval->rcv_next;
16467c478bd9Sstevel@tonic-gate 		rctl_val_list_reset(rctl->rc_cursor);
16477c478bd9Sstevel@tonic-gate 		RCTLOP_SET(rctl, p, e, rctl_model_value(rctl->rc_dict_entry, p,
16487c478bd9Sstevel@tonic-gate 		    rctl->rc_cursor->rcv_value));
16497c478bd9Sstevel@tonic-gate 
16507c478bd9Sstevel@tonic-gate 		ASSERT(rctl->rc_cursor != NULL);
16517c478bd9Sstevel@tonic-gate 	}
16527c478bd9Sstevel@tonic-gate 
16537c478bd9Sstevel@tonic-gate 	(void) rctl_val_list_delete(&rctl->rc_values, oval);
16547c478bd9Sstevel@tonic-gate 
16557c478bd9Sstevel@tonic-gate 	return (0);
16567c478bd9Sstevel@tonic-gate }
16577c478bd9Sstevel@tonic-gate 
16587c478bd9Sstevel@tonic-gate /*
16597c478bd9Sstevel@tonic-gate  * int rctl_local_delete(rctl_hndl_t, rctl_val_t *)
16607c478bd9Sstevel@tonic-gate  *
16617c478bd9Sstevel@tonic-gate  * Overview
16627c478bd9Sstevel@tonic-gate  *   Delete the rctl value for the given flags.
16637c478bd9Sstevel@tonic-gate  *
16647c478bd9Sstevel@tonic-gate  * Return values
16657c478bd9Sstevel@tonic-gate  *   0 for successful delete, errno otherwise.
16667c478bd9Sstevel@tonic-gate  */
16677c478bd9Sstevel@tonic-gate int
rctl_local_delete(rctl_hndl_t hndl,rctl_val_t * val,struct proc * p)16687c478bd9Sstevel@tonic-gate rctl_local_delete(rctl_hndl_t hndl, rctl_val_t *val, struct proc *p)
16697c478bd9Sstevel@tonic-gate {
16707c478bd9Sstevel@tonic-gate 	return (rctl_local_op(hndl, NULL, val, rctl_local_delete_cb, p));
16717c478bd9Sstevel@tonic-gate }
16727c478bd9Sstevel@tonic-gate 
16737c478bd9Sstevel@tonic-gate /*
16747c478bd9Sstevel@tonic-gate  * rctl_local_insert_cb()
16757c478bd9Sstevel@tonic-gate  *
16767c478bd9Sstevel@tonic-gate  * Overview
16777c478bd9Sstevel@tonic-gate  *   Insert a new value into the rctl's val list. If an error occurs,
16787c478bd9Sstevel@tonic-gate  *   the val list must be left in the same state as when the function
16797c478bd9Sstevel@tonic-gate  *   was entered.
16807c478bd9Sstevel@tonic-gate  *
16817c478bd9Sstevel@tonic-gate  * Return Values
16827c478bd9Sstevel@tonic-gate  *   0 for successful insert, EINVAL if the value is duplicated in the
16837c478bd9Sstevel@tonic-gate  *   existing list.
16847c478bd9Sstevel@tonic-gate  */
16857c478bd9Sstevel@tonic-gate /*ARGSUSED*/
16867c478bd9Sstevel@tonic-gate static int
rctl_local_insert_cb(rctl_hndl_t hndl,struct proc * p,rctl_entity_p_t * e,rctl_t * rctl,rctl_val_t * oval,rctl_val_t * nval)16877c478bd9Sstevel@tonic-gate rctl_local_insert_cb(rctl_hndl_t hndl, struct proc *p, rctl_entity_p_t *e,
16887c478bd9Sstevel@tonic-gate     rctl_t *rctl, rctl_val_t *oval, rctl_val_t *nval)
16897c478bd9Sstevel@tonic-gate {
16907c478bd9Sstevel@tonic-gate 	/*
16917c478bd9Sstevel@tonic-gate 	 * Before inserting, confirm there are no duplicates of this value
16927c478bd9Sstevel@tonic-gate 	 * and flag level. If there is a duplicate, flag an error and do
16937c478bd9Sstevel@tonic-gate 	 * nothing.
16947c478bd9Sstevel@tonic-gate 	 */
16957c478bd9Sstevel@tonic-gate 	if (rctl_val_list_insert(&rctl->rc_values, nval) != 0)
16967c478bd9Sstevel@tonic-gate 		return (EINVAL);
16977c478bd9Sstevel@tonic-gate 
16987c478bd9Sstevel@tonic-gate 	if (rctl_val_cmp(nval, rctl->rc_cursor, 0) < 0) {
16997c478bd9Sstevel@tonic-gate 		rctl->rc_cursor = nval;
17007c478bd9Sstevel@tonic-gate 		rctl_val_list_reset(rctl->rc_cursor);
17017c478bd9Sstevel@tonic-gate 		RCTLOP_SET(rctl, p, e, rctl_model_value(rctl->rc_dict_entry, p,
17027c478bd9Sstevel@tonic-gate 		    rctl->rc_cursor->rcv_value));
17037c478bd9Sstevel@tonic-gate 
17047c478bd9Sstevel@tonic-gate 		ASSERT(rctl->rc_cursor != NULL);
17057c478bd9Sstevel@tonic-gate 	}
17067c478bd9Sstevel@tonic-gate 
17077c478bd9Sstevel@tonic-gate 	return (0);
17087c478bd9Sstevel@tonic-gate }
17097c478bd9Sstevel@tonic-gate 
17107c478bd9Sstevel@tonic-gate /*
17117c478bd9Sstevel@tonic-gate  * int rctl_local_insert(rctl_hndl_t, rctl_val_t *)
17127c478bd9Sstevel@tonic-gate  *
17137c478bd9Sstevel@tonic-gate  * Overview
17147c478bd9Sstevel@tonic-gate  *   Insert the rctl value into the appropriate rctl set for the calling
17157c478bd9Sstevel@tonic-gate  *   process, given the handle.
17167c478bd9Sstevel@tonic-gate  */
17177c478bd9Sstevel@tonic-gate int
rctl_local_insert(rctl_hndl_t hndl,rctl_val_t * val,struct proc * p)17187c478bd9Sstevel@tonic-gate rctl_local_insert(rctl_hndl_t hndl, rctl_val_t *val, struct proc *p)
17197c478bd9Sstevel@tonic-gate {
17207c478bd9Sstevel@tonic-gate 	return (rctl_local_op(hndl, NULL, val, rctl_local_insert_cb, p));
17217c478bd9Sstevel@tonic-gate }
17227c478bd9Sstevel@tonic-gate 
1723532877c4Srd /*
1724532877c4Srd  * rctl_local_insert_all_cb()
1725532877c4Srd  *
1726532877c4Srd  * Overview
1727532877c4Srd  *   Called for RCENTITY_PROJECT rctls only, via rctlsys_projset().
1728532877c4Srd  *
1729532877c4Srd  *   Inserts new values from the project database (new_values).  alloc_values
1730532877c4Srd  *   should be a linked list of pre-allocated rctl_val_t, which are used to
1731532877c4Srd  *   populate (rc_projdb).
1732532877c4Srd  *
1733532877c4Srd  *   Should the *new_values linked list match the contents of the rctl's
1734532877c4Srd  *   rp_projdb then we do nothing.
1735532877c4Srd  *
1736532877c4Srd  * Return Values
1737532877c4Srd  *   0 is always returned.
1738532877c4Srd  */
1739532877c4Srd /*ARGSUSED*/
1740532877c4Srd static int
rctl_local_insert_all_cb(rctl_hndl_t hndl,struct proc * p,rctl_entity_p_t * e,rctl_t * rctl,rctl_val_t * new_values,rctl_val_t * alloc_values)1741532877c4Srd rctl_local_insert_all_cb(rctl_hndl_t hndl, struct proc *p, rctl_entity_p_t *e,
1742532877c4Srd     rctl_t *rctl, rctl_val_t *new_values, rctl_val_t *alloc_values)
1743532877c4Srd {
1744532877c4Srd 	rctl_val_t *val;
1745532877c4Srd 	rctl_val_t *tmp_val;
1746532877c4Srd 	rctl_val_t *next;
1747532877c4Srd 	int modified = 0;
1748532877c4Srd 
1749532877c4Srd 	/*
1750532877c4Srd 	 * If this the first time we've set this project rctl, then we delete
1751532877c4Srd 	 * all the privilege values.  These privilege values have been set by
1752532877c4Srd 	 * rctl_add_default_limit().
1753532877c4Srd 	 *
1754532877c4Srd 	 * We save some cycles here by not calling rctl_val_list_delete().
1755532877c4Srd 	 */
1756532877c4Srd 	if (rctl->rc_projdb == NULL) {
1757532877c4Srd 		val = rctl->rc_values;
1758532877c4Srd 
1759532877c4Srd 		while (val != NULL) {
1760532877c4Srd 			if (val->rcv_privilege == RCPRIV_PRIVILEGED) {
1761532877c4Srd 				if (val->rcv_prev != NULL)
1762532877c4Srd 					val->rcv_prev->rcv_next = val->rcv_next;
1763532877c4Srd 				else
1764532877c4Srd 					rctl->rc_values = val->rcv_next;
1765532877c4Srd 
1766532877c4Srd 				if (val->rcv_next != NULL)
1767532877c4Srd 					val->rcv_next->rcv_prev = val->rcv_prev;
1768532877c4Srd 
1769532877c4Srd 				tmp_val = val;
1770532877c4Srd 				val = val->rcv_next;
1771532877c4Srd 				kmem_cache_free(rctl_val_cache, tmp_val);
1772532877c4Srd 			} else {
1773532877c4Srd 				val = val->rcv_next;
1774532877c4Srd 			}
1775532877c4Srd 		}
1776532877c4Srd 		modified = 1;
1777532877c4Srd 	}
1778532877c4Srd 
1779532877c4Srd 	/*
1780532877c4Srd 	 * Delete active values previously set through the project database.
1781532877c4Srd 	 */
1782532877c4Srd 	val = rctl->rc_projdb;
1783532877c4Srd 
1784532877c4Srd 	while (val != NULL) {
1785532877c4Srd 
1786532877c4Srd 		/* Is the old value found in the new values? */
1787532877c4Srd 		if (rctl_val_list_find(&new_values, val) == NULL) {
1788532877c4Srd 
1789532877c4Srd 			/*
1790532877c4Srd 			 * Delete from the active values if it originated from
1791532877c4Srd 			 * the project database.
1792532877c4Srd 			 */
1793532877c4Srd 			if (((tmp_val = rctl_val_list_find(&rctl->rc_values,
1794532877c4Srd 			    val)) != NULL) &&
1795532877c4Srd 			    (tmp_val->rcv_flagaction & RCTL_LOCAL_PROJDB)) {
1796532877c4Srd 				(void) rctl_val_list_delete(&rctl->rc_values,
1797532877c4Srd 				    tmp_val);
1798532877c4Srd 			}
1799532877c4Srd 
1800532877c4Srd 			tmp_val = val->rcv_next;
1801532877c4Srd 			(void) rctl_val_list_delete(&rctl->rc_projdb, val);
1802532877c4Srd 			val = tmp_val;
1803532877c4Srd 			modified = 1;
1804532877c4Srd 
1805532877c4Srd 		} else
1806532877c4Srd 			val = val->rcv_next;
1807532877c4Srd 	}
1808532877c4Srd 
1809532877c4Srd 	/*
1810532877c4Srd 	 * Insert new values from the project database.
1811532877c4Srd 	 */
1812532877c4Srd 	while (new_values != NULL) {
1813532877c4Srd 		next = new_values->rcv_next;
1814532877c4Srd 
1815532877c4Srd 		/*
1816532877c4Srd 		 * Insert this new value into the rc_projdb, and duplicate this
1817532877c4Srd 		 * entry to the active list.
1818532877c4Srd 		 */
1819532877c4Srd 		if (rctl_val_list_insert(&rctl->rc_projdb, new_values) == 0) {
1820532877c4Srd 
1821532877c4Srd 			tmp_val = alloc_values->rcv_next;
1822532877c4Srd 			bcopy(new_values, alloc_values, sizeof (rctl_val_t));
1823532877c4Srd 			alloc_values->rcv_next = tmp_val;
1824532877c4Srd 
1825532877c4Srd 			if (rctl_val_list_insert(&rctl->rc_values,
1826903a11ebSrh 			    alloc_values) == 0) {
1827532877c4Srd 				/* inserted move alloc_values on */
1828532877c4Srd 				alloc_values = tmp_val;
1829532877c4Srd 				modified = 1;
1830532877c4Srd 			}
1831532877c4Srd 		} else {
1832532877c4Srd 			/*
1833532877c4Srd 			 * Unlike setrctl() we don't want to return an error on
1834532877c4Srd 			 * a duplicate entry; we are concerned solely with
1835532877c4Srd 			 * ensuring that all the values specified are set.
1836532877c4Srd 			 */
1837532877c4Srd 			kmem_cache_free(rctl_val_cache, new_values);
1838532877c4Srd 		}
1839532877c4Srd 		new_values = next;
1840532877c4Srd 	}
1841532877c4Srd 
1842532877c4Srd 	/* Teardown any unused rctl_val_t */
1843532877c4Srd 	while (alloc_values != NULL) {
1844532877c4Srd 		tmp_val = alloc_values;
1845532877c4Srd 		alloc_values = alloc_values->rcv_next;
1846532877c4Srd 		kmem_cache_free(rctl_val_cache, tmp_val);
1847532877c4Srd 	}
1848532877c4Srd 
1849532877c4Srd 	/* Reset the cursor if rctl values have been modified */
1850532877c4Srd 	if (modified) {
1851532877c4Srd 		rctl->rc_cursor = rctl->rc_values;
1852532877c4Srd 		rctl_val_list_reset(rctl->rc_cursor);
1853532877c4Srd 		RCTLOP_SET(rctl, p, e, rctl_model_value(rctl->rc_dict_entry, p,
1854532877c4Srd 		    rctl->rc_cursor->rcv_value));
1855532877c4Srd 	}
1856532877c4Srd 
1857532877c4Srd 	return (0);
1858532877c4Srd }
1859532877c4Srd 
1860532877c4Srd int
rctl_local_insert_all(rctl_hndl_t hndl,rctl_val_t * new_values,rctl_val_t * alloc_values,struct proc * p)1861532877c4Srd rctl_local_insert_all(rctl_hndl_t hndl, rctl_val_t *new_values,
1862532877c4Srd     rctl_val_t *alloc_values, struct proc *p)
1863532877c4Srd {
1864532877c4Srd 	return (rctl_local_op(hndl, new_values, alloc_values,
1865532877c4Srd 	    rctl_local_insert_all_cb, p));
1866532877c4Srd }
1867532877c4Srd 
1868532877c4Srd /*
1869532877c4Srd  * rctl_local_replace_all_cb()
1870532877c4Srd  *
1871532877c4Srd  * Overview
1872532877c4Srd  *   Called for RCENTITY_PROJECT rctls only, via rctlsys_projset().
1873532877c4Srd  *
1874532877c4Srd  *   Clears the active rctl values (rc_values), and stored values from the
1875532877c4Srd  *   previous insertions from the project database (rc_projdb).
1876532877c4Srd  *
1877532877c4Srd  *   Inserts new values from the project database (new_values).  alloc_values
1878532877c4Srd  *   should be a linked list of pre-allocated rctl_val_t, which are used to
1879532877c4Srd  *   populate (rc_projdb).
1880532877c4Srd  *
1881532877c4Srd  * Return Values
1882532877c4Srd  *   0 is always returned.
1883532877c4Srd  */
1884532877c4Srd /*ARGSUSED*/
1885532877c4Srd static int
rctl_local_replace_all_cb(rctl_hndl_t hndl,struct proc * p,rctl_entity_p_t * e,rctl_t * rctl,rctl_val_t * new_values,rctl_val_t * alloc_values)1886532877c4Srd rctl_local_replace_all_cb(rctl_hndl_t hndl, struct proc *p, rctl_entity_p_t *e,
1887532877c4Srd     rctl_t *rctl, rctl_val_t *new_values, rctl_val_t *alloc_values)
1888532877c4Srd {
1889532877c4Srd 	rctl_val_t *val;
1890532877c4Srd 	rctl_val_t *next;
1891532877c4Srd 	rctl_val_t *tmp_val;
1892532877c4Srd 
1893532877c4Srd 	/* Delete all the privilege vaules */
1894532877c4Srd 	val = rctl->rc_values;
1895532877c4Srd 
1896532877c4Srd 	while (val != NULL) {
1897532877c4Srd 		if (val->rcv_privilege == RCPRIV_PRIVILEGED) {
1898532877c4Srd 			if (val->rcv_prev != NULL)
1899532877c4Srd 				val->rcv_prev->rcv_next = val->rcv_next;
1900532877c4Srd 			else
1901532877c4Srd 				rctl->rc_values = val->rcv_next;
1902532877c4Srd 
1903532877c4Srd 			if (val->rcv_next != NULL)
1904532877c4Srd 				val->rcv_next->rcv_prev = val->rcv_prev;
1905532877c4Srd 
1906532877c4Srd 			tmp_val = val;
1907532877c4Srd 			val = val->rcv_next;
1908532877c4Srd 			kmem_cache_free(rctl_val_cache, tmp_val);
1909532877c4Srd 		} else {
1910532877c4Srd 			val = val->rcv_next;
1911532877c4Srd 		}
1912532877c4Srd 	}
1913532877c4Srd 
1914532877c4Srd 	/* Delete the contents of rc_projdb */
1915532877c4Srd 	val = rctl->rc_projdb;
1916532877c4Srd 	while (val != NULL) {
1917532877c4Srd 
1918532877c4Srd 		tmp_val = val;
1919532877c4Srd 		val = val->rcv_next;
1920532877c4Srd 		kmem_cache_free(rctl_val_cache, tmp_val);
1921532877c4Srd 	}
1922532877c4Srd 	rctl->rc_projdb = NULL;
1923532877c4Srd 
1924532877c4Srd 	/*
1925532877c4Srd 	 * Insert new values from the project database.
1926532877c4Srd 	 */
1927532877c4Srd 	while (new_values != NULL) {
1928532877c4Srd 		next = new_values->rcv_next;
1929532877c4Srd 
1930532877c4Srd 		if (rctl_val_list_insert(&rctl->rc_projdb, new_values) == 0) {
1931532877c4Srd 			tmp_val = alloc_values->rcv_next;
1932532877c4Srd 			bcopy(new_values, alloc_values, sizeof (rctl_val_t));
1933532877c4Srd 			alloc_values->rcv_next = tmp_val;
1934532877c4Srd 
1935532877c4Srd 			if (rctl_val_list_insert(&rctl->rc_values,
1936903a11ebSrh 			    alloc_values) == 0) {
1937532877c4Srd 				/* inserted, so move alloc_values on */
1938532877c4Srd 				alloc_values = tmp_val;
1939532877c4Srd 			}
1940532877c4Srd 		} else {
1941532877c4Srd 			/*
1942532877c4Srd 			 * Unlike setrctl() we don't want to return an error on
1943532877c4Srd 			 * a duplicate entry; we are concerned solely with
1944532877c4Srd 			 * ensuring that all the values specified are set.
1945532877c4Srd 			 */
1946532877c4Srd 			kmem_cache_free(rctl_val_cache, new_values);
1947532877c4Srd 		}
1948532877c4Srd 
1949532877c4Srd 		new_values = next;
1950532877c4Srd 	}
1951532877c4Srd 
1952532877c4Srd 	/* Teardown any unused rctl_val_t */
1953532877c4Srd 	while (alloc_values != NULL) {
1954532877c4Srd 		tmp_val = alloc_values;
1955532877c4Srd 		alloc_values = alloc_values->rcv_next;
1956532877c4Srd 		kmem_cache_free(rctl_val_cache, tmp_val);
1957532877c4Srd 	}
1958532877c4Srd 
1959532877c4Srd 	/* Always reset the cursor */
1960532877c4Srd 	rctl->rc_cursor = rctl->rc_values;
1961532877c4Srd 	rctl_val_list_reset(rctl->rc_cursor);
1962532877c4Srd 	RCTLOP_SET(rctl, p, e, rctl_model_value(rctl->rc_dict_entry, p,
1963532877c4Srd 	    rctl->rc_cursor->rcv_value));
1964532877c4Srd 
1965532877c4Srd 	return (0);
1966532877c4Srd }
1967532877c4Srd 
1968532877c4Srd int
rctl_local_replace_all(rctl_hndl_t hndl,rctl_val_t * new_values,rctl_val_t * alloc_values,struct proc * p)1969532877c4Srd rctl_local_replace_all(rctl_hndl_t hndl, rctl_val_t *new_values,
1970532877c4Srd     rctl_val_t *alloc_values, struct proc *p)
1971532877c4Srd {
1972532877c4Srd 	return (rctl_local_op(hndl, new_values, alloc_values,
1973532877c4Srd 	    rctl_local_replace_all_cb, p));
1974532877c4Srd }
1975532877c4Srd 
19767c478bd9Sstevel@tonic-gate static int
rctl_local_replace_cb(rctl_hndl_t hndl,struct proc * p,rctl_entity_p_t * e,rctl_t * rctl,rctl_val_t * oval,rctl_val_t * nval)19777c478bd9Sstevel@tonic-gate rctl_local_replace_cb(rctl_hndl_t hndl, struct proc *p, rctl_entity_p_t *e,
19787c478bd9Sstevel@tonic-gate     rctl_t *rctl, rctl_val_t *oval, rctl_val_t *nval)
19797c478bd9Sstevel@tonic-gate {
19807c478bd9Sstevel@tonic-gate 	int ret;
1981c1c0ebd5Ssl 	rctl_val_t *tmp;
1982c1c0ebd5Ssl 
1983c1c0ebd5Ssl 	/* Verify that old will be delete-able */
1984c1c0ebd5Ssl 	tmp = rctl_val_list_find(&rctl->rc_values, oval);
1985c1c0ebd5Ssl 	if (tmp == NULL)
1986c1c0ebd5Ssl 		return (ESRCH);
1987c1c0ebd5Ssl 	/*
1988c1c0ebd5Ssl 	 * Caller should verify that value being deleted is not the
1989c1c0ebd5Ssl 	 * system value.
1990c1c0ebd5Ssl 	 */
1991c1c0ebd5Ssl 	ASSERT(tmp->rcv_privilege != RCPRIV_SYSTEM);
19927c478bd9Sstevel@tonic-gate 
19937c478bd9Sstevel@tonic-gate 	/*
19947c478bd9Sstevel@tonic-gate 	 * rctl_local_insert_cb() does the job of flagging an error
19957c478bd9Sstevel@tonic-gate 	 * for any duplicate values. So, call rctl_local_insert_cb()
19967c478bd9Sstevel@tonic-gate 	 * for the new value first, then do deletion of the old value.
19977c478bd9Sstevel@tonic-gate 	 * Since this is a callback function to rctl_local_op, we can
19987c478bd9Sstevel@tonic-gate 	 * count on rcs_lock being held at this point. This guarantees
19997c478bd9Sstevel@tonic-gate 	 * that there is at no point a visible list which contains both
20007c478bd9Sstevel@tonic-gate 	 * new and old values.
20017c478bd9Sstevel@tonic-gate 	 */
20027c478bd9Sstevel@tonic-gate 	if (ret = rctl_local_insert_cb(hndl, p, e, rctl, NULL, nval))
20037c478bd9Sstevel@tonic-gate 		return (ret);
20047c478bd9Sstevel@tonic-gate 
2005c1c0ebd5Ssl 	ret = rctl_local_delete_cb(hndl, p, e, rctl, NULL, oval);
2006c1c0ebd5Ssl 	ASSERT(ret == 0);
2007c1c0ebd5Ssl 	return (0);
20087c478bd9Sstevel@tonic-gate }
20097c478bd9Sstevel@tonic-gate 
20107c478bd9Sstevel@tonic-gate /*
20117c478bd9Sstevel@tonic-gate  * int rctl_local_replace(rctl_hndl_t, void *, int, uint64_t *)
20127c478bd9Sstevel@tonic-gate  *
20137c478bd9Sstevel@tonic-gate  * Overview
20147c478bd9Sstevel@tonic-gate  *   Replace the rctl value with a new one.
20157c478bd9Sstevel@tonic-gate  *
20167c478bd9Sstevel@tonic-gate  * Return values
20177c478bd9Sstevel@tonic-gate  *   0 for successful replace, errno otherwise.
20187c478bd9Sstevel@tonic-gate  */
20197c478bd9Sstevel@tonic-gate int
rctl_local_replace(rctl_hndl_t hndl,rctl_val_t * oval,rctl_val_t * nval,struct proc * p)20207c478bd9Sstevel@tonic-gate rctl_local_replace(rctl_hndl_t hndl, rctl_val_t *oval, rctl_val_t *nval,
20217c478bd9Sstevel@tonic-gate     struct proc *p)
20227c478bd9Sstevel@tonic-gate {
20237c478bd9Sstevel@tonic-gate 	return (rctl_local_op(hndl, oval, nval, rctl_local_replace_cb, p));
20247c478bd9Sstevel@tonic-gate }
20257c478bd9Sstevel@tonic-gate 
20267c478bd9Sstevel@tonic-gate /*
20277c478bd9Sstevel@tonic-gate  * int rctl_rlimit_get(rctl_hndl_t, struct proc *, struct rlimit64 *)
20287c478bd9Sstevel@tonic-gate  *
20297c478bd9Sstevel@tonic-gate  * Overview
20307c478bd9Sstevel@tonic-gate  *   To support rlimit compatibility, we need a function which takes a 64-bit
20317c478bd9Sstevel@tonic-gate  *   rlimit and encodes it as appropriate rcontrol values on the given rcontrol.
20327c478bd9Sstevel@tonic-gate  *   This operation is only intended for legacy rlimits.
20337c478bd9Sstevel@tonic-gate  */
20347c478bd9Sstevel@tonic-gate int
rctl_rlimit_get(rctl_hndl_t rc,struct proc * p,struct rlimit64 * rlp64)20357c478bd9Sstevel@tonic-gate rctl_rlimit_get(rctl_hndl_t rc, struct proc *p, struct rlimit64 *rlp64)
20367c478bd9Sstevel@tonic-gate {
20377c478bd9Sstevel@tonic-gate 	rctl_t *rctl;
20387c478bd9Sstevel@tonic-gate 	rctl_val_t *rval;
20397c478bd9Sstevel@tonic-gate 	rctl_set_t *rset = p->p_rctls;
20407c478bd9Sstevel@tonic-gate 	int soft_limit_seen = 0;
20417c478bd9Sstevel@tonic-gate 	int test_for_deny = 1;
20427c478bd9Sstevel@tonic-gate 
20437c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
20447c478bd9Sstevel@tonic-gate 	if (rctl_set_find(rset, rc, &rctl) == -1) {
20457c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
20467c478bd9Sstevel@tonic-gate 		return (-1);
20477c478bd9Sstevel@tonic-gate 	}
20487c478bd9Sstevel@tonic-gate 
20497c478bd9Sstevel@tonic-gate 	rval = rctl->rc_values;
20507c478bd9Sstevel@tonic-gate 
20517c478bd9Sstevel@tonic-gate 	if (rctl->rc_dict_entry->rcd_flagaction & (RCTL_GLOBAL_DENY_NEVER |
20527c478bd9Sstevel@tonic-gate 	    RCTL_GLOBAL_DENY_ALWAYS))
20537c478bd9Sstevel@tonic-gate 		test_for_deny = 0;
20547c478bd9Sstevel@tonic-gate 
20557c478bd9Sstevel@tonic-gate 	/*
20567c478bd9Sstevel@tonic-gate 	 * 1.  Find the first control value with the RCTL_LOCAL_DENY bit set.
20577c478bd9Sstevel@tonic-gate 	 */
20587c478bd9Sstevel@tonic-gate 	while (rval != NULL && rval->rcv_privilege != RCPRIV_SYSTEM) {
20597c478bd9Sstevel@tonic-gate 		if (test_for_deny &&
20607c478bd9Sstevel@tonic-gate 		    (rval->rcv_flagaction & RCTL_LOCAL_DENY) == 0) {
20617c478bd9Sstevel@tonic-gate 			rval = rval->rcv_next;
20627c478bd9Sstevel@tonic-gate 			continue;
20637c478bd9Sstevel@tonic-gate 		}
20647c478bd9Sstevel@tonic-gate 
20657c478bd9Sstevel@tonic-gate 		/*
20667c478bd9Sstevel@tonic-gate 		 * 2.  If this is an RCPRIV_BASIC value, then we've found the
20677c478bd9Sstevel@tonic-gate 		 * effective soft limit and should set rlim_cur.  We should then
20687c478bd9Sstevel@tonic-gate 		 * continue looking for another control value with the DENY bit
20697c478bd9Sstevel@tonic-gate 		 * set.
20707c478bd9Sstevel@tonic-gate 		 */
20717c478bd9Sstevel@tonic-gate 		if (rval->rcv_privilege == RCPRIV_BASIC) {
20727c478bd9Sstevel@tonic-gate 			if (soft_limit_seen) {
20737c478bd9Sstevel@tonic-gate 				rval = rval->rcv_next;
20747c478bd9Sstevel@tonic-gate 				continue;
20757c478bd9Sstevel@tonic-gate 			}
20767c478bd9Sstevel@tonic-gate 
20777c478bd9Sstevel@tonic-gate 			if ((rval->rcv_flagaction & RCTL_LOCAL_MAXIMAL) == 0 &&
20787c478bd9Sstevel@tonic-gate 			    rval->rcv_value < rctl_model_maximum(
20797c478bd9Sstevel@tonic-gate 			    rctl->rc_dict_entry, p))
20807c478bd9Sstevel@tonic-gate 				rlp64->rlim_cur = rval->rcv_value;
20817c478bd9Sstevel@tonic-gate 			else
20827c478bd9Sstevel@tonic-gate 				rlp64->rlim_cur = RLIM64_INFINITY;
20837c478bd9Sstevel@tonic-gate 			soft_limit_seen = 1;
20847c478bd9Sstevel@tonic-gate 
20857c478bd9Sstevel@tonic-gate 			rval = rval->rcv_next;
20867c478bd9Sstevel@tonic-gate 			continue;
20877c478bd9Sstevel@tonic-gate 		}
20887c478bd9Sstevel@tonic-gate 
20897c478bd9Sstevel@tonic-gate 		/*
20907c478bd9Sstevel@tonic-gate 		 * 3.  This is an RCPRIV_PRIVILEGED value.  If we haven't found
20917c478bd9Sstevel@tonic-gate 		 * a soft limit candidate, then we've found the effective hard
20927c478bd9Sstevel@tonic-gate 		 * and soft limits and should set both  If we had found a soft
20937c478bd9Sstevel@tonic-gate 		 * limit, then this is only the hard limit and we need only set
20947c478bd9Sstevel@tonic-gate 		 * rlim_max.
20957c478bd9Sstevel@tonic-gate 		 */
20967c478bd9Sstevel@tonic-gate 		if ((rval->rcv_flagaction & RCTL_LOCAL_MAXIMAL) == 0 &&
20977c478bd9Sstevel@tonic-gate 		    rval->rcv_value < rctl_model_maximum(rctl->rc_dict_entry,
20987c478bd9Sstevel@tonic-gate 		    p))
20997c478bd9Sstevel@tonic-gate 			rlp64->rlim_max = rval->rcv_value;
21007c478bd9Sstevel@tonic-gate 		else
21017c478bd9Sstevel@tonic-gate 			rlp64->rlim_max = RLIM64_INFINITY;
21027c478bd9Sstevel@tonic-gate 		if (!soft_limit_seen)
21037c478bd9Sstevel@tonic-gate 			rlp64->rlim_cur = rlp64->rlim_max;
21047c478bd9Sstevel@tonic-gate 
21057c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
21067c478bd9Sstevel@tonic-gate 		return (0);
21077c478bd9Sstevel@tonic-gate 	}
21087c478bd9Sstevel@tonic-gate 
21097c478bd9Sstevel@tonic-gate 	if (rval == NULL) {
21107c478bd9Sstevel@tonic-gate 		/*
21117c478bd9Sstevel@tonic-gate 		 * This control sequence is corrupt, as it is not terminated by
21127c478bd9Sstevel@tonic-gate 		 * a system privileged control value.
21137c478bd9Sstevel@tonic-gate 		 */
21147c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
21157c478bd9Sstevel@tonic-gate 		return (-1);
21167c478bd9Sstevel@tonic-gate 	}
21177c478bd9Sstevel@tonic-gate 
21187c478bd9Sstevel@tonic-gate 	/*
21197c478bd9Sstevel@tonic-gate 	 * 4.  If we run into a RCPRIV_SYSTEM value, then the hard limit (and
21207c478bd9Sstevel@tonic-gate 	 * the soft, if we haven't a soft candidate) should be the value of the
21217c478bd9Sstevel@tonic-gate 	 * system control value.
21227c478bd9Sstevel@tonic-gate 	 */
21237c478bd9Sstevel@tonic-gate 	if ((rval->rcv_flagaction & RCTL_LOCAL_MAXIMAL) == 0 &&
21247c478bd9Sstevel@tonic-gate 	    rval->rcv_value < rctl_model_maximum(rctl->rc_dict_entry, p))
21257c478bd9Sstevel@tonic-gate 		rlp64->rlim_max = rval->rcv_value;
21267c478bd9Sstevel@tonic-gate 	else
21277c478bd9Sstevel@tonic-gate 		rlp64->rlim_max = RLIM64_INFINITY;
21287c478bd9Sstevel@tonic-gate 
21297c478bd9Sstevel@tonic-gate 	if (!soft_limit_seen)
21307c478bd9Sstevel@tonic-gate 		rlp64->rlim_cur = rlp64->rlim_max;
21317c478bd9Sstevel@tonic-gate 
21327c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
21337c478bd9Sstevel@tonic-gate 	return (0);
21347c478bd9Sstevel@tonic-gate }
21357c478bd9Sstevel@tonic-gate 
21367c478bd9Sstevel@tonic-gate /*
21377c478bd9Sstevel@tonic-gate  * rctl_alloc_gp_t *rctl_rlimit_set_prealloc(uint_t)
21387c478bd9Sstevel@tonic-gate  *
21397c478bd9Sstevel@tonic-gate  * Overview
21407c478bd9Sstevel@tonic-gate  *   Before making a series of calls to rctl_rlimit_set(), we must have a
21417c478bd9Sstevel@tonic-gate  *   preallocated batch of resource control values, as rctl_rlimit_set() can
21427c478bd9Sstevel@tonic-gate  *   potentially consume two resource control values per call.
21437c478bd9Sstevel@tonic-gate  *
21447c478bd9Sstevel@tonic-gate  * Return values
21457c478bd9Sstevel@tonic-gate  *   A populated resource control allocation group with 2n resource control
21467c478bd9Sstevel@tonic-gate  *   values.
21477c478bd9Sstevel@tonic-gate  *
21487c478bd9Sstevel@tonic-gate  * Caller's context
21497c478bd9Sstevel@tonic-gate  *   Must be safe for KM_SLEEP allocations.
21507c478bd9Sstevel@tonic-gate  */
21517c478bd9Sstevel@tonic-gate rctl_alloc_gp_t *
rctl_rlimit_set_prealloc(uint_t n)21527c478bd9Sstevel@tonic-gate rctl_rlimit_set_prealloc(uint_t n)
21537c478bd9Sstevel@tonic-gate {
21547c478bd9Sstevel@tonic-gate 	rctl_alloc_gp_t *gp = kmem_zalloc(sizeof (rctl_alloc_gp_t), KM_SLEEP);
21557c478bd9Sstevel@tonic-gate 
21567c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_NOT_HELD(&curproc->p_lock));
21577c478bd9Sstevel@tonic-gate 
21587c478bd9Sstevel@tonic-gate 	gp->rcag_nvals = 2 * n;
21597c478bd9Sstevel@tonic-gate 
21607c478bd9Sstevel@tonic-gate 	rctl_gp_alloc(gp);
21617c478bd9Sstevel@tonic-gate 
21627c478bd9Sstevel@tonic-gate 	return (gp);
21637c478bd9Sstevel@tonic-gate }
21647c478bd9Sstevel@tonic-gate 
21657c478bd9Sstevel@tonic-gate /*
21667c478bd9Sstevel@tonic-gate  * int rctl_rlimit_set(rctl_hndl_t, struct proc *, struct rlimit64 *, int,
21677c478bd9Sstevel@tonic-gate  *   int)
21687c478bd9Sstevel@tonic-gate  *
21697c478bd9Sstevel@tonic-gate  * Overview
21707c478bd9Sstevel@tonic-gate  *   To support rlimit compatibility, we need a function which takes a 64-bit
21717c478bd9Sstevel@tonic-gate  *   rlimit and encodes it as appropriate rcontrol values on the given rcontrol.
21727c478bd9Sstevel@tonic-gate  *   This operation is only intended for legacy rlimits.
21737c478bd9Sstevel@tonic-gate  *
21747c478bd9Sstevel@tonic-gate  *   The implementation of rctl_rlimit_set() is a bit clever, as it tries to
21757c478bd9Sstevel@tonic-gate  *   minimize the number of values placed on the value sequence in various
21767c478bd9Sstevel@tonic-gate  *   cases.  Furthermore, we don't allow multiple identical privilege-action
21777c478bd9Sstevel@tonic-gate  *   values on the same sequence.  (That is, we don't want a sequence like
21787c478bd9Sstevel@tonic-gate  *   "while (1) { rlim.rlim_cur++; setrlimit(..., rlim); }" to exhaust kernel
21797c478bd9Sstevel@tonic-gate  *   memory.)  So we want to delete any values with the same privilege value and
21807c478bd9Sstevel@tonic-gate  *   action.
21817c478bd9Sstevel@tonic-gate  *
21827c478bd9Sstevel@tonic-gate  * Return values
21837c478bd9Sstevel@tonic-gate  *   0 for successful set, errno otherwise. Errno will be either EINVAL
21847c478bd9Sstevel@tonic-gate  *   or EPERM, in keeping with defined errnos for ulimit() and setrlimit()
21857c478bd9Sstevel@tonic-gate  *   system calls.
21867c478bd9Sstevel@tonic-gate  */
21877c478bd9Sstevel@tonic-gate /*ARGSUSED*/
21887c478bd9Sstevel@tonic-gate int
rctl_rlimit_set(rctl_hndl_t rc,struct proc * p,struct rlimit64 * rlp64,rctl_alloc_gp_t * ragp,int flagaction,int signal,const cred_t * cr)21897c478bd9Sstevel@tonic-gate rctl_rlimit_set(rctl_hndl_t rc, struct proc *p, struct rlimit64 *rlp64,
21907c478bd9Sstevel@tonic-gate     rctl_alloc_gp_t *ragp, int flagaction, int signal, const cred_t *cr)
21917c478bd9Sstevel@tonic-gate {
21927c478bd9Sstevel@tonic-gate 	rctl_t *rctl;
21937c478bd9Sstevel@tonic-gate 	rctl_val_t *rval, *rval_priv, *rval_basic;
21947c478bd9Sstevel@tonic-gate 	rctl_set_t *rset = p->p_rctls;
21957c478bd9Sstevel@tonic-gate 	rctl_qty_t max;
21967c478bd9Sstevel@tonic-gate 	rctl_entity_p_t e;
21977c478bd9Sstevel@tonic-gate 	struct rlimit64 cur_rl;
21987c478bd9Sstevel@tonic-gate 
21997c478bd9Sstevel@tonic-gate 	e.rcep_t = RCENTITY_PROCESS;
22007c478bd9Sstevel@tonic-gate 	e.rcep_p.proc = p;
22017c478bd9Sstevel@tonic-gate 
22027c478bd9Sstevel@tonic-gate 	if (rlp64->rlim_cur > rlp64->rlim_max)
22037c478bd9Sstevel@tonic-gate 		return (EINVAL);
22047c478bd9Sstevel@tonic-gate 
22057c478bd9Sstevel@tonic-gate 	if (rctl_rlimit_get(rc, p, &cur_rl) == -1)
22067c478bd9Sstevel@tonic-gate 		return (EINVAL);
22077c478bd9Sstevel@tonic-gate 
22087c478bd9Sstevel@tonic-gate 	/*
22097c478bd9Sstevel@tonic-gate 	 * If we are not privileged, we can only lower the hard limit.
22107c478bd9Sstevel@tonic-gate 	 */
22117c478bd9Sstevel@tonic-gate 	if ((rlp64->rlim_max > cur_rl.rlim_max) &&
22127c478bd9Sstevel@tonic-gate 	    cur_rl.rlim_max != RLIM64_INFINITY &&
22137c478bd9Sstevel@tonic-gate 	    secpolicy_resource(cr) != 0)
22147c478bd9Sstevel@tonic-gate 		return (EPERM);
22157c478bd9Sstevel@tonic-gate 
22167c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
22177c478bd9Sstevel@tonic-gate 
22187c478bd9Sstevel@tonic-gate 	if (rctl_set_find(rset, rc, &rctl) == -1) {
22197c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
22207c478bd9Sstevel@tonic-gate 		return (EINVAL);
22217c478bd9Sstevel@tonic-gate 	}
22227c478bd9Sstevel@tonic-gate 
22237c478bd9Sstevel@tonic-gate 	rval_priv = rctl_gp_detach_val(ragp);
22247c478bd9Sstevel@tonic-gate 
22257c478bd9Sstevel@tonic-gate 	rval = rctl->rc_values;
22267c478bd9Sstevel@tonic-gate 
22277c478bd9Sstevel@tonic-gate 	while (rval != NULL) {
22287c478bd9Sstevel@tonic-gate 		rctl_val_t *next = rval->rcv_next;
22297c478bd9Sstevel@tonic-gate 
22307c478bd9Sstevel@tonic-gate 		if (rval->rcv_privilege == RCPRIV_SYSTEM)
22317c478bd9Sstevel@tonic-gate 			break;
22327c478bd9Sstevel@tonic-gate 
22337c478bd9Sstevel@tonic-gate 		if ((rval->rcv_privilege == RCPRIV_BASIC) ||
22347c478bd9Sstevel@tonic-gate 		    (rval->rcv_flagaction & ~RCTL_LOCAL_ACTION_MASK) ==
22357c478bd9Sstevel@tonic-gate 		    (flagaction & ~RCTL_LOCAL_ACTION_MASK)) {
22367c478bd9Sstevel@tonic-gate 			if (rctl->rc_cursor == rval) {
22377c478bd9Sstevel@tonic-gate 				rctl->rc_cursor = rval->rcv_next;
22387c478bd9Sstevel@tonic-gate 				rctl_val_list_reset(rctl->rc_cursor);
22397c478bd9Sstevel@tonic-gate 				RCTLOP_SET(rctl, p, &e, rctl_model_value(
22407c478bd9Sstevel@tonic-gate 				    rctl->rc_dict_entry, p,
22417c478bd9Sstevel@tonic-gate 				    rctl->rc_cursor->rcv_value));
22427c478bd9Sstevel@tonic-gate 			}
22437c478bd9Sstevel@tonic-gate 			(void) rctl_val_list_delete(&rctl->rc_values, rval);
22447c478bd9Sstevel@tonic-gate 		}
22457c478bd9Sstevel@tonic-gate 
22467c478bd9Sstevel@tonic-gate 		rval = next;
22477c478bd9Sstevel@tonic-gate 	}
22487c478bd9Sstevel@tonic-gate 
22497c478bd9Sstevel@tonic-gate 	rval_priv->rcv_privilege = RCPRIV_PRIVILEGED;
22507c478bd9Sstevel@tonic-gate 	rval_priv->rcv_flagaction = flagaction;
22517c478bd9Sstevel@tonic-gate 	if (rlp64->rlim_max == RLIM64_INFINITY) {
22527c478bd9Sstevel@tonic-gate 		rval_priv->rcv_flagaction |= RCTL_LOCAL_MAXIMAL;
22537c478bd9Sstevel@tonic-gate 		max = rctl->rc_dict_entry->rcd_max_native;
22547c478bd9Sstevel@tonic-gate 	} else {
22557c478bd9Sstevel@tonic-gate 		max = rlp64->rlim_max;
22567c478bd9Sstevel@tonic-gate 	}
22577c478bd9Sstevel@tonic-gate 	rval_priv->rcv_value = max;
22587c478bd9Sstevel@tonic-gate 	rval_priv->rcv_action_signal = signal;
22597c478bd9Sstevel@tonic-gate 	rval_priv->rcv_action_recipient = NULL;
22607c478bd9Sstevel@tonic-gate 	rval_priv->rcv_action_recip_pid = -1;
22617c478bd9Sstevel@tonic-gate 	rval_priv->rcv_firing_time = 0;
22627c478bd9Sstevel@tonic-gate 	rval_priv->rcv_prev = rval_priv->rcv_next = NULL;
22637c478bd9Sstevel@tonic-gate 
22647c478bd9Sstevel@tonic-gate 	(void) rctl_val_list_insert(&rctl->rc_values, rval_priv);
22657c478bd9Sstevel@tonic-gate 	rctl->rc_cursor = rval_priv;
22667c478bd9Sstevel@tonic-gate 	rctl_val_list_reset(rctl->rc_cursor);
22677c478bd9Sstevel@tonic-gate 	RCTLOP_SET(rctl, p, &e, rctl_model_value(rctl->rc_dict_entry, p,
22687c478bd9Sstevel@tonic-gate 	    rctl->rc_cursor->rcv_value));
22697c478bd9Sstevel@tonic-gate 
22707c478bd9Sstevel@tonic-gate 	if (rlp64->rlim_cur != RLIM64_INFINITY && rlp64->rlim_cur < max) {
22717c478bd9Sstevel@tonic-gate 		rval_basic = rctl_gp_detach_val(ragp);
22727c478bd9Sstevel@tonic-gate 
22737c478bd9Sstevel@tonic-gate 		rval_basic->rcv_privilege = RCPRIV_BASIC;
22747c478bd9Sstevel@tonic-gate 		rval_basic->rcv_value = rlp64->rlim_cur;
22757c478bd9Sstevel@tonic-gate 		rval_basic->rcv_flagaction = flagaction;
22767c478bd9Sstevel@tonic-gate 		rval_basic->rcv_action_signal = signal;
22777c478bd9Sstevel@tonic-gate 		rval_basic->rcv_action_recipient = p;
22787c478bd9Sstevel@tonic-gate 		rval_basic->rcv_action_recip_pid = p->p_pid;
22797c478bd9Sstevel@tonic-gate 		rval_basic->rcv_firing_time = 0;
22807c478bd9Sstevel@tonic-gate 		rval_basic->rcv_prev = rval_basic->rcv_next = NULL;
22817c478bd9Sstevel@tonic-gate 
22827c478bd9Sstevel@tonic-gate 		(void) rctl_val_list_insert(&rctl->rc_values, rval_basic);
22837c478bd9Sstevel@tonic-gate 		rctl->rc_cursor = rval_basic;
22847c478bd9Sstevel@tonic-gate 		rctl_val_list_reset(rctl->rc_cursor);
22857c478bd9Sstevel@tonic-gate 		RCTLOP_SET(rctl, p, &e, rctl_model_value(rctl->rc_dict_entry, p,
22867c478bd9Sstevel@tonic-gate 		    rctl->rc_cursor->rcv_value));
22877c478bd9Sstevel@tonic-gate 	}
22887c478bd9Sstevel@tonic-gate 
22897c478bd9Sstevel@tonic-gate 	ASSERT(rctl->rc_cursor != NULL);
22907c478bd9Sstevel@tonic-gate 
22917c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
22927c478bd9Sstevel@tonic-gate 	return (0);
22937c478bd9Sstevel@tonic-gate }
22947c478bd9Sstevel@tonic-gate 
22957c478bd9Sstevel@tonic-gate 
22967c478bd9Sstevel@tonic-gate /*
22977c478bd9Sstevel@tonic-gate  * rctl_hndl_t rctl_register(const char *, rctl_entity_t, int, rlim64_t,
22987c478bd9Sstevel@tonic-gate  *   rlim64_t, rctl_ops_t *)
22997c478bd9Sstevel@tonic-gate  *
23007c478bd9Sstevel@tonic-gate  * Overview
23017c478bd9Sstevel@tonic-gate  *   rctl_register() performs a look-up in the dictionary of rctls
23027c478bd9Sstevel@tonic-gate  *   active on the system; if a rctl of that name is absent, an entry is
23037c478bd9Sstevel@tonic-gate  *   made into the dictionary.  The rctl is returned with its reference
23047c478bd9Sstevel@tonic-gate  *   count incremented by one.  If the rctl name already exists, we panic.
23057c478bd9Sstevel@tonic-gate  *   (Were the resource control system to support dynamic loading and unloading,
23067c478bd9Sstevel@tonic-gate  *   which it is structured for, duplicate registration should lead to load
23077c478bd9Sstevel@tonic-gate  *   failure instead of panicking.)
23087c478bd9Sstevel@tonic-gate  *
23097c478bd9Sstevel@tonic-gate  *   Each registered rctl has a requirement that a RCPRIV_SYSTEM limit be
23107c478bd9Sstevel@tonic-gate  *   defined.  This limit contains the highest possible value for this quantity
23117c478bd9Sstevel@tonic-gate  *   on the system.  Furthermore, the registered control must provide infinite
23127c478bd9Sstevel@tonic-gate  *   values for all applicable address space models supported by the operating
23137c478bd9Sstevel@tonic-gate  *   system.  Attempts to set resource control values beyond the system limit
23147c478bd9Sstevel@tonic-gate  *   will fail.
23157c478bd9Sstevel@tonic-gate  *
23167c478bd9Sstevel@tonic-gate  * Return values
23177c478bd9Sstevel@tonic-gate  *   The rctl's ID.
23187c478bd9Sstevel@tonic-gate  *
23197c478bd9Sstevel@tonic-gate  * Caller's context
23207c478bd9Sstevel@tonic-gate  *   Caller must be in a context suitable for KM_SLEEP allocations.
23217c478bd9Sstevel@tonic-gate  */
23227c478bd9Sstevel@tonic-gate rctl_hndl_t
rctl_register(const char * name,rctl_entity_t entity,int global_flags,rlim64_t max_native,rlim64_t max_ilp32,rctl_ops_t * ops)23237c478bd9Sstevel@tonic-gate rctl_register(
23247c478bd9Sstevel@tonic-gate     const char *name,
23257c478bd9Sstevel@tonic-gate     rctl_entity_t entity,
23267c478bd9Sstevel@tonic-gate     int global_flags,
23277c478bd9Sstevel@tonic-gate     rlim64_t max_native,
23287c478bd9Sstevel@tonic-gate     rlim64_t max_ilp32,
23297c478bd9Sstevel@tonic-gate     rctl_ops_t *ops)
23307c478bd9Sstevel@tonic-gate {
23317c478bd9Sstevel@tonic-gate 	rctl_t *rctl = kmem_cache_alloc(rctl_cache, KM_SLEEP);
23327c478bd9Sstevel@tonic-gate 	rctl_val_t *rctl_val = kmem_cache_alloc(rctl_val_cache, KM_SLEEP);
23337c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rctl_de = kmem_zalloc(sizeof (rctl_dict_entry_t),
23347c478bd9Sstevel@tonic-gate 	    KM_SLEEP);
23357c478bd9Sstevel@tonic-gate 	rctl_t *old_rctl;
23367c478bd9Sstevel@tonic-gate 	rctl_hndl_t rhndl;
23377c478bd9Sstevel@tonic-gate 	int localflags;
23387c478bd9Sstevel@tonic-gate 
23397c478bd9Sstevel@tonic-gate 	ASSERT(ops != NULL);
23407c478bd9Sstevel@tonic-gate 
23417c478bd9Sstevel@tonic-gate 	bzero(rctl, sizeof (rctl_t));
23427c478bd9Sstevel@tonic-gate 	bzero(rctl_val, sizeof (rctl_val_t));
23437c478bd9Sstevel@tonic-gate 
23447c478bd9Sstevel@tonic-gate 	if (global_flags & RCTL_GLOBAL_DENY_NEVER)
23457c478bd9Sstevel@tonic-gate 		localflags = RCTL_LOCAL_MAXIMAL;
23467c478bd9Sstevel@tonic-gate 	else
23477c478bd9Sstevel@tonic-gate 		localflags = RCTL_LOCAL_MAXIMAL | RCTL_LOCAL_DENY;
23487c478bd9Sstevel@tonic-gate 
23497c478bd9Sstevel@tonic-gate 	rctl_val->rcv_privilege = RCPRIV_SYSTEM;
23507c478bd9Sstevel@tonic-gate 	rctl_val->rcv_value = max_native;
23517c478bd9Sstevel@tonic-gate 	rctl_val->rcv_flagaction = localflags;
23527c478bd9Sstevel@tonic-gate 	rctl_val->rcv_action_signal = 0;
23537c478bd9Sstevel@tonic-gate 	rctl_val->rcv_action_recipient = NULL;
23547c478bd9Sstevel@tonic-gate 	rctl_val->rcv_action_recip_pid = -1;
23557c478bd9Sstevel@tonic-gate 	rctl_val->rcv_firing_time = 0;
23567c478bd9Sstevel@tonic-gate 	rctl_val->rcv_next = NULL;
23577c478bd9Sstevel@tonic-gate 	rctl_val->rcv_prev = NULL;
23587c478bd9Sstevel@tonic-gate 
23597c478bd9Sstevel@tonic-gate 	rctl_de->rcd_name = (char *)name;
23607c478bd9Sstevel@tonic-gate 	rctl_de->rcd_default_value = rctl_val;
23617c478bd9Sstevel@tonic-gate 	rctl_de->rcd_max_native = max_native;
23627c478bd9Sstevel@tonic-gate 	rctl_de->rcd_max_ilp32 = max_ilp32;
23637c478bd9Sstevel@tonic-gate 	rctl_de->rcd_entity = entity;
23647c478bd9Sstevel@tonic-gate 	rctl_de->rcd_ops = ops;
23657c478bd9Sstevel@tonic-gate 	rctl_de->rcd_flagaction = global_flags;
23667c478bd9Sstevel@tonic-gate 
23677c478bd9Sstevel@tonic-gate 	rctl->rc_dict_entry = rctl_de;
23687c478bd9Sstevel@tonic-gate 	rctl->rc_values = rctl_val;
23697c478bd9Sstevel@tonic-gate 
23707c478bd9Sstevel@tonic-gate 	/*
23717c478bd9Sstevel@tonic-gate 	 * 1.  Take global lock, validate nonexistence of name, get ID.
23727c478bd9Sstevel@tonic-gate 	 */
23737c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_dict_lock);
23747c478bd9Sstevel@tonic-gate 
23757c478bd9Sstevel@tonic-gate 	if (mod_hash_find(rctl_dict_by_name, (mod_hash_key_t)name,
23767c478bd9Sstevel@tonic-gate 	    (mod_hash_val_t *)&rhndl) != MH_ERR_NOTFOUND)
23777c478bd9Sstevel@tonic-gate 		panic("duplicate registration of rctl %s", name);
23787c478bd9Sstevel@tonic-gate 
23797c478bd9Sstevel@tonic-gate 	rhndl = rctl_de->rcd_id = rctl->rc_id =
23807c478bd9Sstevel@tonic-gate 	    (rctl_hndl_t)id_alloc(rctl_ids);
23817c478bd9Sstevel@tonic-gate 
23827c478bd9Sstevel@tonic-gate 	/*
23837c478bd9Sstevel@tonic-gate 	 * 2.  Insert name-entry pair in rctl_dict_by_name.
23847c478bd9Sstevel@tonic-gate 	 */
23857c478bd9Sstevel@tonic-gate 	if (mod_hash_insert(rctl_dict_by_name, (mod_hash_key_t)name,
23867c478bd9Sstevel@tonic-gate 	    (mod_hash_val_t)rctl_de))
23877c478bd9Sstevel@tonic-gate 		panic("unable to insert rctl dict entry for %s (%u)", name,
23887c478bd9Sstevel@tonic-gate 		    (uint_t)rctl->rc_id);
23897c478bd9Sstevel@tonic-gate 
23907c478bd9Sstevel@tonic-gate 	/*
23917c478bd9Sstevel@tonic-gate 	 * 3.  Insert ID-rctl_t * pair in rctl_dict.
23927c478bd9Sstevel@tonic-gate 	 */
23937c478bd9Sstevel@tonic-gate 	if (mod_hash_find(rctl_dict, (mod_hash_key_t)(uintptr_t)rctl->rc_id,
23947c478bd9Sstevel@tonic-gate 	    (mod_hash_val_t *)&old_rctl) != MH_ERR_NOTFOUND)
23957c478bd9Sstevel@tonic-gate 		panic("duplicate rctl ID %u registered", rctl->rc_id);
23967c478bd9Sstevel@tonic-gate 
23977c478bd9Sstevel@tonic-gate 	if (mod_hash_insert(rctl_dict, (mod_hash_key_t)(uintptr_t)rctl->rc_id,
23987c478bd9Sstevel@tonic-gate 	    (mod_hash_val_t)rctl))
23997c478bd9Sstevel@tonic-gate 		panic("unable to insert rctl %s/%u (%p)", name,
2400903a11ebSrh 		    (uint_t)rctl->rc_id, (void *)rctl);
24017c478bd9Sstevel@tonic-gate 
24027c478bd9Sstevel@tonic-gate 	/*
24037c478bd9Sstevel@tonic-gate 	 * 3a. Insert rctl_dict_entry_t * in appropriate entity list.
24047c478bd9Sstevel@tonic-gate 	 */
24057c478bd9Sstevel@tonic-gate 
24067c478bd9Sstevel@tonic-gate 	mutex_enter(&rctl_lists_lock);
24077c478bd9Sstevel@tonic-gate 
24087c478bd9Sstevel@tonic-gate 	switch (entity) {
24097c478bd9Sstevel@tonic-gate 	case RCENTITY_ZONE:
24107c478bd9Sstevel@tonic-gate 	case RCENTITY_PROJECT:
24117c478bd9Sstevel@tonic-gate 	case RCENTITY_TASK:
24127c478bd9Sstevel@tonic-gate 	case RCENTITY_PROCESS:
24137c478bd9Sstevel@tonic-gate 		rctl_de->rcd_next = rctl_lists[entity];
24147c478bd9Sstevel@tonic-gate 		rctl_lists[entity] = rctl_de;
24157c478bd9Sstevel@tonic-gate 		break;
24167c478bd9Sstevel@tonic-gate 	default:
24177c478bd9Sstevel@tonic-gate 		panic("registering unknown rctl entity %d (%s)", entity,
24187c478bd9Sstevel@tonic-gate 		    name);
24197c478bd9Sstevel@tonic-gate 		break;
24207c478bd9Sstevel@tonic-gate 	}
24217c478bd9Sstevel@tonic-gate 
24227c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_lists_lock);
24237c478bd9Sstevel@tonic-gate 
24247c478bd9Sstevel@tonic-gate 	/*
24257c478bd9Sstevel@tonic-gate 	 * 4.  Drop lock.
24267c478bd9Sstevel@tonic-gate 	 */
24277c478bd9Sstevel@tonic-gate 	mutex_exit(&rctl_dict_lock);
24287c478bd9Sstevel@tonic-gate 
24297c478bd9Sstevel@tonic-gate 	return (rhndl);
24307c478bd9Sstevel@tonic-gate }
24317c478bd9Sstevel@tonic-gate 
24327c478bd9Sstevel@tonic-gate /*
24337c478bd9Sstevel@tonic-gate  * static int rctl_global_action(rctl_t *r, rctl_set_t *rset, struct proc *p,
24347c478bd9Sstevel@tonic-gate  *    rctl_val_t *v)
24357c478bd9Sstevel@tonic-gate  *
24367c478bd9Sstevel@tonic-gate  * Overview
24377c478bd9Sstevel@tonic-gate  *   rctl_global_action() takes, in according with the flags on the rctl_dict
24387c478bd9Sstevel@tonic-gate  *   entry for the given control, the appropriate actions on the exceeded
24397c478bd9Sstevel@tonic-gate  *   control value.  Additionally, rctl_global_action() updates the firing time
24407c478bd9Sstevel@tonic-gate  *   on the exceeded value.
24417c478bd9Sstevel@tonic-gate  *
24427c478bd9Sstevel@tonic-gate  * Return values
24437c478bd9Sstevel@tonic-gate  *   A bitmask reflecting the actions actually taken.
24447c478bd9Sstevel@tonic-gate  *
24457c478bd9Sstevel@tonic-gate  * Caller's context
24467c478bd9Sstevel@tonic-gate  *   No restrictions on context.
24477c478bd9Sstevel@tonic-gate  */
24487c478bd9Sstevel@tonic-gate /*ARGSUSED*/
24497c478bd9Sstevel@tonic-gate static int
rctl_global_action(rctl_t * r,rctl_set_t * rset,struct proc * p,rctl_val_t * v)24507c478bd9Sstevel@tonic-gate rctl_global_action(rctl_t *r, rctl_set_t *rset, struct proc *p, rctl_val_t *v)
24517c478bd9Sstevel@tonic-gate {
24527c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde = r->rc_dict_entry;
2453aa4a4f3bSnf 	const char *pr, *en, *idstr;
24547c478bd9Sstevel@tonic-gate 	id_t id;
2455aa4a4f3bSnf 	enum {
2456aa4a4f3bSnf 		SUFFIX_NONE,	/* id consumed directly */
2457aa4a4f3bSnf 		SUFFIX_NUMERIC,	/* id consumed in suffix */
2458aa4a4f3bSnf 		SUFFIX_STRING	/* idstr consumed in suffix */
2459aa4a4f3bSnf 	} suffix = SUFFIX_NONE;
24607c478bd9Sstevel@tonic-gate 	int ret = 0;
24617c478bd9Sstevel@tonic-gate 
24627c478bd9Sstevel@tonic-gate 	v->rcv_firing_time = gethrtime();
24637c478bd9Sstevel@tonic-gate 
24647c478bd9Sstevel@tonic-gate 	switch (v->rcv_privilege) {
24657c478bd9Sstevel@tonic-gate 	case RCPRIV_BASIC:
24667c478bd9Sstevel@tonic-gate 		pr = "basic";
24677c478bd9Sstevel@tonic-gate 		break;
24687c478bd9Sstevel@tonic-gate 	case RCPRIV_PRIVILEGED:
24697c478bd9Sstevel@tonic-gate 		pr = "privileged";
24707c478bd9Sstevel@tonic-gate 		break;
24717c478bd9Sstevel@tonic-gate 	case RCPRIV_SYSTEM:
24727c478bd9Sstevel@tonic-gate 		pr = "system";
24737c478bd9Sstevel@tonic-gate 		break;
24747c478bd9Sstevel@tonic-gate 	default:
24757c478bd9Sstevel@tonic-gate 		pr = "unknown";
24767c478bd9Sstevel@tonic-gate 		break;
24777c478bd9Sstevel@tonic-gate 	}
24787c478bd9Sstevel@tonic-gate 
24797c478bd9Sstevel@tonic-gate 	switch (rde->rcd_entity) {
24807c478bd9Sstevel@tonic-gate 	case RCENTITY_PROCESS:
24817c478bd9Sstevel@tonic-gate 		en = "process";
24827c478bd9Sstevel@tonic-gate 		id = p->p_pid;
2483aa4a4f3bSnf 		suffix = SUFFIX_NONE;
24847c478bd9Sstevel@tonic-gate 		break;
24857c478bd9Sstevel@tonic-gate 	case RCENTITY_TASK:
24867c478bd9Sstevel@tonic-gate 		en = "task";
24877c478bd9Sstevel@tonic-gate 		id = p->p_task->tk_tkid;
2488aa4a4f3bSnf 		suffix = SUFFIX_NUMERIC;
24897c478bd9Sstevel@tonic-gate 		break;
24907c478bd9Sstevel@tonic-gate 	case RCENTITY_PROJECT:
24917c478bd9Sstevel@tonic-gate 		en = "project";
24927c478bd9Sstevel@tonic-gate 		id = p->p_task->tk_proj->kpj_id;
2493aa4a4f3bSnf 		suffix = SUFFIX_NUMERIC;
24947c478bd9Sstevel@tonic-gate 		break;
24957c478bd9Sstevel@tonic-gate 	case RCENTITY_ZONE:
24967c478bd9Sstevel@tonic-gate 		en = "zone";
2497aa4a4f3bSnf 		idstr = p->p_zone->zone_name;
2498aa4a4f3bSnf 		suffix = SUFFIX_STRING;
24997c478bd9Sstevel@tonic-gate 		break;
25007c478bd9Sstevel@tonic-gate 	default:
2501aa4a4f3bSnf 		en = "unknown entity associated with process";
25027c478bd9Sstevel@tonic-gate 		id = p->p_pid;
2503aa4a4f3bSnf 		suffix = SUFFIX_NONE;
25047c478bd9Sstevel@tonic-gate 		break;
25057c478bd9Sstevel@tonic-gate 	}
25067c478bd9Sstevel@tonic-gate 
25077c478bd9Sstevel@tonic-gate 	if (rde->rcd_flagaction & RCTL_GLOBAL_SYSLOG) {
2508aa4a4f3bSnf 		switch (suffix) {
2509aa4a4f3bSnf 		default:
2510aa4a4f3bSnf 		case SUFFIX_NONE:
2511aa4a4f3bSnf 			(void) strlog(0, 0, 0,
2512aa4a4f3bSnf 			    rde->rcd_strlog_flags | log_global.lz_active,
2513aa4a4f3bSnf 			    "%s rctl %s (value %llu) exceeded by %s %d.",
2514aa4a4f3bSnf 			    pr, rde->rcd_name, v->rcv_value, en, id);
2515aa4a4f3bSnf 			break;
2516aa4a4f3bSnf 		case SUFFIX_NUMERIC:
2517aa4a4f3bSnf 			(void) strlog(0, 0, 0,
2518aa4a4f3bSnf 			    rde->rcd_strlog_flags | log_global.lz_active,
2519aa4a4f3bSnf 			    "%s rctl %s (value %llu) exceeded by process %d"
2520aa4a4f3bSnf 			    " in %s %d.",
2521aa4a4f3bSnf 			    pr, rde->rcd_name, v->rcv_value, p->p_pid,
2522aa4a4f3bSnf 			    en, id);
2523aa4a4f3bSnf 			break;
2524aa4a4f3bSnf 		case SUFFIX_STRING:
2525aa4a4f3bSnf 			(void) strlog(0, 0, 0,
2526aa4a4f3bSnf 			    rde->rcd_strlog_flags | log_global.lz_active,
2527aa4a4f3bSnf 			    "%s rctl %s (value %llu) exceeded by process %d"
2528aa4a4f3bSnf 			    " in %s %s.",
2529aa4a4f3bSnf 			    pr, rde->rcd_name, v->rcv_value, p->p_pid,
2530aa4a4f3bSnf 			    en, idstr);
2531aa4a4f3bSnf 			break;
2532aa4a4f3bSnf 		}
25337c478bd9Sstevel@tonic-gate 	}
25347c478bd9Sstevel@tonic-gate 
25357c478bd9Sstevel@tonic-gate 	if (rde->rcd_flagaction & RCTL_GLOBAL_DENY_ALWAYS)
25367c478bd9Sstevel@tonic-gate 		ret |= RCT_DENY;
25377c478bd9Sstevel@tonic-gate 
25387c478bd9Sstevel@tonic-gate 	return (ret);
25397c478bd9Sstevel@tonic-gate }
25407c478bd9Sstevel@tonic-gate 
25417c478bd9Sstevel@tonic-gate static int
rctl_local_action(rctl_t * r,rctl_set_t * rset,struct proc * p,rctl_val_t * v,uint_t safety)25427c478bd9Sstevel@tonic-gate rctl_local_action(rctl_t *r, rctl_set_t *rset, struct proc *p, rctl_val_t *v,
25437c478bd9Sstevel@tonic-gate     uint_t safety)
25447c478bd9Sstevel@tonic-gate {
25457c478bd9Sstevel@tonic-gate 	int ret = 0;
25467c478bd9Sstevel@tonic-gate 	sigqueue_t *sqp = NULL;
25477c478bd9Sstevel@tonic-gate 	rctl_dict_entry_t *rde = r->rc_dict_entry;
25487c478bd9Sstevel@tonic-gate 	int unobservable = (rde->rcd_flagaction & RCTL_GLOBAL_UNOBSERVABLE);
25497c478bd9Sstevel@tonic-gate 
25507c478bd9Sstevel@tonic-gate 	proc_t *recipient = v->rcv_action_recipient;
25517c478bd9Sstevel@tonic-gate 	id_t recip_pid = v->rcv_action_recip_pid;
25527c478bd9Sstevel@tonic-gate 	int recip_signal = v->rcv_action_signal;
25537c478bd9Sstevel@tonic-gate 	uint_t flagaction = v->rcv_flagaction;
25547c478bd9Sstevel@tonic-gate 
25557c478bd9Sstevel@tonic-gate 	if (safety == RCA_UNSAFE_ALL) {
25567c478bd9Sstevel@tonic-gate 		if (flagaction & RCTL_LOCAL_DENY) {
25577c478bd9Sstevel@tonic-gate 			ret |= RCT_DENY;
25587c478bd9Sstevel@tonic-gate 		}
25597c478bd9Sstevel@tonic-gate 		return (ret);
25607c478bd9Sstevel@tonic-gate 	}
25617c478bd9Sstevel@tonic-gate 
25627c478bd9Sstevel@tonic-gate 	if (flagaction & RCTL_LOCAL_SIGNAL) {
25637c478bd9Sstevel@tonic-gate 		/*
25647c478bd9Sstevel@tonic-gate 		 * We can build a siginfo only in the case that it is
25657c478bd9Sstevel@tonic-gate 		 * safe for us to drop p_lock.  (For asynchronous
25667c478bd9Sstevel@tonic-gate 		 * checks this is currently not true.)
25677c478bd9Sstevel@tonic-gate 		 */
25687c478bd9Sstevel@tonic-gate 		if (safety == RCA_SAFE) {
25697c478bd9Sstevel@tonic-gate 			mutex_exit(&rset->rcs_lock);
25707c478bd9Sstevel@tonic-gate 			mutex_exit(&p->p_lock);
25717c478bd9Sstevel@tonic-gate 			sqp = kmem_zalloc(sizeof (sigqueue_t), KM_SLEEP);
25727c478bd9Sstevel@tonic-gate 			mutex_enter(&p->p_lock);
25737c478bd9Sstevel@tonic-gate 			mutex_enter(&rset->rcs_lock);
25747c478bd9Sstevel@tonic-gate 
25757c478bd9Sstevel@tonic-gate 			sqp->sq_info.si_signo = recip_signal;
25767c478bd9Sstevel@tonic-gate 			sqp->sq_info.si_code = SI_RCTL;
25777c478bd9Sstevel@tonic-gate 			sqp->sq_info.si_errno = 0;
25787c478bd9Sstevel@tonic-gate 			sqp->sq_info.si_entity = (int)rde->rcd_entity;
25797c478bd9Sstevel@tonic-gate 		}
25807c478bd9Sstevel@tonic-gate 
25817c478bd9Sstevel@tonic-gate 		if (recipient == NULL || recipient == p) {
25827c478bd9Sstevel@tonic-gate 			ret |= RCT_SIGNAL;
25837c478bd9Sstevel@tonic-gate 
25847c478bd9Sstevel@tonic-gate 			if (sqp == NULL) {
25857c478bd9Sstevel@tonic-gate 				sigtoproc(p, NULL, recip_signal);
25867c478bd9Sstevel@tonic-gate 			} else if (p == curproc) {
25877c478bd9Sstevel@tonic-gate 				/*
25887c478bd9Sstevel@tonic-gate 				 * Then this is a synchronous test and we can
25897c478bd9Sstevel@tonic-gate 				 * direct the signal at the violating thread.
25907c478bd9Sstevel@tonic-gate 				 */
25917c478bd9Sstevel@tonic-gate 				sigaddqa(curproc, curthread, sqp);
25927c478bd9Sstevel@tonic-gate 			} else {
25937c478bd9Sstevel@tonic-gate 				sigaddqa(p, NULL, sqp);
25947c478bd9Sstevel@tonic-gate 			}
25957c478bd9Sstevel@tonic-gate 		} else if (!unobservable) {
25967c478bd9Sstevel@tonic-gate 			proc_t *rp;
25977c478bd9Sstevel@tonic-gate 
25987c478bd9Sstevel@tonic-gate 			mutex_exit(&rset->rcs_lock);
25997c478bd9Sstevel@tonic-gate 			mutex_exit(&p->p_lock);
26007c478bd9Sstevel@tonic-gate 
26017c478bd9Sstevel@tonic-gate 			mutex_enter(&pidlock);
26027c478bd9Sstevel@tonic-gate 			if ((rp = prfind(recip_pid)) == recipient) {
26037c478bd9Sstevel@tonic-gate 				/*
26047c478bd9Sstevel@tonic-gate 				 * Recipient process is still alive, but may not
26057c478bd9Sstevel@tonic-gate 				 * be in this task or project any longer.  In
26067c478bd9Sstevel@tonic-gate 				 * this case, the recipient's resource control
26077c478bd9Sstevel@tonic-gate 				 * set pertinent to this control will have
26087c478bd9Sstevel@tonic-gate 				 * changed--and we will not deliver the signal,
26097c478bd9Sstevel@tonic-gate 				 * as the recipient process is trying to tear
26107c478bd9Sstevel@tonic-gate 				 * itself off of its former set.
26117c478bd9Sstevel@tonic-gate 				 */
26127c478bd9Sstevel@tonic-gate 				mutex_enter(&rp->p_lock);
26137c478bd9Sstevel@tonic-gate 				mutex_exit(&pidlock);
26147c478bd9Sstevel@tonic-gate 
26157c478bd9Sstevel@tonic-gate 				if (rctl_entity_obtain_rset(rde, rp) == rset) {
26167c478bd9Sstevel@tonic-gate 					ret |= RCT_SIGNAL;
26177c478bd9Sstevel@tonic-gate 
26187c478bd9Sstevel@tonic-gate 					if (sqp == NULL)
26197c478bd9Sstevel@tonic-gate 						sigtoproc(rp, NULL,
26207c478bd9Sstevel@tonic-gate 						    recip_signal);
26217c478bd9Sstevel@tonic-gate 					else
26227c478bd9Sstevel@tonic-gate 						sigaddqa(rp, NULL, sqp);
26237c478bd9Sstevel@tonic-gate 				} else if (sqp) {
26247c478bd9Sstevel@tonic-gate 					kmem_free(sqp, sizeof (sigqueue_t));
26257c478bd9Sstevel@tonic-gate 				}
26267c478bd9Sstevel@tonic-gate 				mutex_exit(&rp->p_lock);
26277c478bd9Sstevel@tonic-gate 			} else {
26287c478bd9Sstevel@tonic-gate 				mutex_exit(&pidlock);
26297c478bd9Sstevel@tonic-gate 				if (sqp)
26307c478bd9Sstevel@tonic-gate 					kmem_free(sqp, sizeof (sigqueue_t));
26317c478bd9Sstevel@tonic-gate 			}
26327c478bd9Sstevel@tonic-gate 
26337c478bd9Sstevel@tonic-gate 			mutex_enter(&p->p_lock);
26347c478bd9Sstevel@tonic-gate 			/*
26357c478bd9Sstevel@tonic-gate 			 * Since we dropped p_lock, we may no longer be in the
26367c478bd9Sstevel@tonic-gate 			 * same task or project as we were at entry.  It is thus
26377c478bd9Sstevel@tonic-gate 			 * unsafe for us to reacquire the set lock at this
26387c478bd9Sstevel@tonic-gate 			 * point; callers of rctl_local_action() must handle
26397c478bd9Sstevel@tonic-gate 			 * this possibility.
26407c478bd9Sstevel@tonic-gate 			 */
26417c478bd9Sstevel@tonic-gate 			ret |= RCT_LK_ABANDONED;
26427c478bd9Sstevel@tonic-gate 		} else if (sqp) {
26437c478bd9Sstevel@tonic-gate 			kmem_free(sqp, sizeof (sigqueue_t));
26447c478bd9Sstevel@tonic-gate 		}
26457c478bd9Sstevel@tonic-gate 	}
26467c478bd9Sstevel@tonic-gate 
26477c478bd9Sstevel@tonic-gate 	if ((flagaction & RCTL_LOCAL_DENY) &&
26487c478bd9Sstevel@tonic-gate 	    (recipient == NULL || recipient == p)) {
26497c478bd9Sstevel@tonic-gate 		ret |= RCT_DENY;
26507c478bd9Sstevel@tonic-gate 	}
26517c478bd9Sstevel@tonic-gate 
26527c478bd9Sstevel@tonic-gate 	return (ret);
26537c478bd9Sstevel@tonic-gate }
26547c478bd9Sstevel@tonic-gate 
26557c478bd9Sstevel@tonic-gate /*
26567c478bd9Sstevel@tonic-gate  * int rctl_action(rctl_hndl_t, rctl_set_t *, struct proc *, uint_t)
26577c478bd9Sstevel@tonic-gate  *
26587c478bd9Sstevel@tonic-gate  * Overview
26597c478bd9Sstevel@tonic-gate  *   Take the action associated with the enforced value (as defined by
26607c478bd9Sstevel@tonic-gate  *   rctl_get_enforced_value()) being exceeded or encountered.  Possibly perform
26617c478bd9Sstevel@tonic-gate  *   a restricted subset of the available actions, if circumstances dictate that
26627c478bd9Sstevel@tonic-gate  *   we cannot safely allocate memory (for a sigqueue_t) or guarantee process
26637c478bd9Sstevel@tonic-gate  *   persistence across the duration of the function (an asynchronous action).
26647c478bd9Sstevel@tonic-gate  *
26657c478bd9Sstevel@tonic-gate  * Return values
26667c478bd9Sstevel@tonic-gate  *   Actions taken, according to the rctl_test bitmask.
26677c478bd9Sstevel@tonic-gate  *
26687c478bd9Sstevel@tonic-gate  * Caller's context
26697c478bd9Sstevel@tonic-gate  *   Safe to acquire rcs_lock.
26707c478bd9Sstevel@tonic-gate  */
26717c478bd9Sstevel@tonic-gate int
rctl_action(rctl_hndl_t hndl,rctl_set_t * rset,struct proc * p,uint_t safety)26727c478bd9Sstevel@tonic-gate rctl_action(rctl_hndl_t hndl, rctl_set_t *rset, struct proc *p, uint_t safety)
26737c478bd9Sstevel@tonic-gate {
26747c478bd9Sstevel@tonic-gate 	return (rctl_action_entity(hndl, rset, p, NULL, safety));
26757c478bd9Sstevel@tonic-gate }
26767c478bd9Sstevel@tonic-gate 
26777c478bd9Sstevel@tonic-gate int
rctl_action_entity(rctl_hndl_t hndl,rctl_set_t * rset,struct proc * p,rctl_entity_p_t * e,uint_t safety)26787c478bd9Sstevel@tonic-gate rctl_action_entity(rctl_hndl_t hndl, rctl_set_t *rset, struct proc *p,
26797c478bd9Sstevel@tonic-gate     rctl_entity_p_t *e, uint_t safety)
26807c478bd9Sstevel@tonic-gate {
26817c478bd9Sstevel@tonic-gate 	int ret = RCT_NONE;
26827c478bd9Sstevel@tonic-gate 	rctl_t *lrctl;
26837c478bd9Sstevel@tonic-gate 	rctl_entity_p_t e_tmp;
26847c478bd9Sstevel@tonic-gate 
26857c478bd9Sstevel@tonic-gate rctl_action_acquire:
26867c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
26877c478bd9Sstevel@tonic-gate 	if (rctl_set_find(rset, hndl, &lrctl) == -1) {
26887c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
26897c478bd9Sstevel@tonic-gate 		return (ret);
26907c478bd9Sstevel@tonic-gate 	}
26917c478bd9Sstevel@tonic-gate 
26927c478bd9Sstevel@tonic-gate 	if (e == NULL) {
26937c478bd9Sstevel@tonic-gate 		rctl_entity_obtain_entity_p(lrctl->rc_dict_entry->rcd_entity,
2694903a11ebSrh 		    p, &e_tmp);
26957c478bd9Sstevel@tonic-gate 		e = &e_tmp;
26967c478bd9Sstevel@tonic-gate 	}
26977c478bd9Sstevel@tonic-gate 
26987c478bd9Sstevel@tonic-gate 	if ((ret & RCT_LK_ABANDONED) == 0) {
26997c478bd9Sstevel@tonic-gate 		ret |= rctl_global_action(lrctl, rset, p, lrctl->rc_cursor);
27007c478bd9Sstevel@tonic-gate 
27017c478bd9Sstevel@tonic-gate 		RCTLOP_ACTION(lrctl, p, e);
27027c478bd9Sstevel@tonic-gate 
27037c478bd9Sstevel@tonic-gate 		ret |= rctl_local_action(lrctl, rset, p,
27047c478bd9Sstevel@tonic-gate 		    lrctl->rc_cursor, safety);
27057c478bd9Sstevel@tonic-gate 
27067c478bd9Sstevel@tonic-gate 		if (ret & RCT_LK_ABANDONED)
27077c478bd9Sstevel@tonic-gate 			goto rctl_action_acquire;
27087c478bd9Sstevel@tonic-gate 	}
27097c478bd9Sstevel@tonic-gate 
27107c478bd9Sstevel@tonic-gate 	ret &= ~RCT_LK_ABANDONED;
27117c478bd9Sstevel@tonic-gate 
27127c478bd9Sstevel@tonic-gate 	if (!(ret & RCT_DENY) &&
27137c478bd9Sstevel@tonic-gate 	    lrctl->rc_cursor->rcv_next != NULL) {
27147c478bd9Sstevel@tonic-gate 		lrctl->rc_cursor = lrctl->rc_cursor->rcv_next;
27157c478bd9Sstevel@tonic-gate 
27167c478bd9Sstevel@tonic-gate 		RCTLOP_SET(lrctl, p, e, rctl_model_value(lrctl->rc_dict_entry,
27177c478bd9Sstevel@tonic-gate 		    p, lrctl->rc_cursor->rcv_value));
27187c478bd9Sstevel@tonic-gate 
27197c478bd9Sstevel@tonic-gate 	}
27207c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
27217c478bd9Sstevel@tonic-gate 
27227c478bd9Sstevel@tonic-gate 	return (ret);
27237c478bd9Sstevel@tonic-gate }
27247c478bd9Sstevel@tonic-gate 
27257c478bd9Sstevel@tonic-gate /*
27267c478bd9Sstevel@tonic-gate  * int rctl_test(rctl_hndl_t, rctl_set_t *, struct proc *, rctl_qty_t, uint_t)
27277c478bd9Sstevel@tonic-gate  *
27287c478bd9Sstevel@tonic-gate  * Overview
27297c478bd9Sstevel@tonic-gate  *   Increment the resource associated with the given handle, returning zero if
27307c478bd9Sstevel@tonic-gate  *   the incremented value does not exceed the threshold for the current limit
27317c478bd9Sstevel@tonic-gate  *   on the resource.
27327c478bd9Sstevel@tonic-gate  *
27337c478bd9Sstevel@tonic-gate  * Return values
27347c478bd9Sstevel@tonic-gate  *   Actions taken, according to the rctl_test bitmask.
27357c478bd9Sstevel@tonic-gate  *
27367c478bd9Sstevel@tonic-gate  * Caller's context
27377c478bd9Sstevel@tonic-gate  *   p_lock held by caller.
27387c478bd9Sstevel@tonic-gate  */
27397c478bd9Sstevel@tonic-gate /*ARGSUSED*/
27407c478bd9Sstevel@tonic-gate int
rctl_test(rctl_hndl_t rhndl,rctl_set_t * rset,struct proc * p,rctl_qty_t incr,uint_t flags)27417c478bd9Sstevel@tonic-gate rctl_test(rctl_hndl_t rhndl, rctl_set_t *rset, struct proc *p,
27427c478bd9Sstevel@tonic-gate     rctl_qty_t incr, uint_t flags)
27437c478bd9Sstevel@tonic-gate {
27447c478bd9Sstevel@tonic-gate 	return (rctl_test_entity(rhndl, rset, p, NULL, incr, flags));
27457c478bd9Sstevel@tonic-gate }
27467c478bd9Sstevel@tonic-gate 
27477c478bd9Sstevel@tonic-gate int
rctl_test_entity(rctl_hndl_t rhndl,rctl_set_t * rset,struct proc * p,rctl_entity_p_t * e,rctl_qty_t incr,uint_t flags)27487c478bd9Sstevel@tonic-gate rctl_test_entity(rctl_hndl_t rhndl, rctl_set_t *rset, struct proc *p,
27497c478bd9Sstevel@tonic-gate     rctl_entity_p_t *e, rctl_qty_t incr, uint_t flags)
27507c478bd9Sstevel@tonic-gate {
27517c478bd9Sstevel@tonic-gate 	rctl_t *lrctl;
27527c478bd9Sstevel@tonic-gate 	int ret = RCT_NONE;
27537c478bd9Sstevel@tonic-gate 	rctl_entity_p_t e_tmp;
27547c478bd9Sstevel@tonic-gate 	if (p == &p0) {
27557c478bd9Sstevel@tonic-gate 		/*
27567c478bd9Sstevel@tonic-gate 		 * We don't enforce rctls on the kernel itself.
27577c478bd9Sstevel@tonic-gate 		 */
27587c478bd9Sstevel@tonic-gate 		return (ret);
27597c478bd9Sstevel@tonic-gate 	}
27607c478bd9Sstevel@tonic-gate 
27617c478bd9Sstevel@tonic-gate rctl_test_acquire:
27627c478bd9Sstevel@tonic-gate 	ASSERT(MUTEX_HELD(&p->p_lock));
27637c478bd9Sstevel@tonic-gate 
27647c478bd9Sstevel@tonic-gate 	mutex_enter(&rset->rcs_lock);
27657c478bd9Sstevel@tonic-gate 
27667c478bd9Sstevel@tonic-gate 	/*
27677c478bd9Sstevel@tonic-gate 	 * Dereference from rctl_set.  We don't enforce newly loaded controls
27687c478bd9Sstevel@tonic-gate 	 * that haven't been set on this entity (since the only valid value is
27697c478bd9Sstevel@tonic-gate 	 * the infinite system value).
27707c478bd9Sstevel@tonic-gate 	 */
27717c478bd9Sstevel@tonic-gate 	if (rctl_set_find(rset, rhndl, &lrctl) == -1) {
27727c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
27737c478bd9Sstevel@tonic-gate 		return (ret);
27747c478bd9Sstevel@tonic-gate 	}
27757c478bd9Sstevel@tonic-gate 
27767c478bd9Sstevel@tonic-gate 	/*
27777c478bd9Sstevel@tonic-gate 	 * This control is currently unenforced:  maximal value on control
27787c478bd9Sstevel@tonic-gate 	 * supporting infinitely available resource.
27797c478bd9Sstevel@tonic-gate 	 */
27807c478bd9Sstevel@tonic-gate 	if ((lrctl->rc_dict_entry->rcd_flagaction & RCTL_GLOBAL_INFINITE) &&
27817c478bd9Sstevel@tonic-gate 	    (lrctl->rc_cursor->rcv_flagaction & RCTL_LOCAL_MAXIMAL)) {
27827c478bd9Sstevel@tonic-gate 
27837c478bd9Sstevel@tonic-gate 		mutex_exit(&rset->rcs_lock);
27847c478bd9Sstevel@tonic-gate 		return (ret);
27857c478bd9Sstevel@tonic-gate 	}
27867c478bd9Sstevel@tonic-gate 
27877c478bd9Sstevel@tonic-gate 	/*
27887c478bd9Sstevel@tonic-gate 	 * If we have been called by rctl_test, look up the entity pointer
27897c478bd9Sstevel@tonic-gate 	 * from the proc pointer.
27907c478bd9Sstevel@tonic-gate 	 */
27917c478bd9Sstevel@tonic-gate 	if (e == NULL) {
27927c478bd9Sstevel@tonic-gate 		rctl_entity_obtain_entity_p(lrctl->rc_dict_entry->rcd_entity,
2793903a11ebSrh 		    p, &e_tmp);
27947c478bd9Sstevel@tonic-gate 		e = &e_tmp;
27957c478bd9Sstevel@tonic-gate 	}
27967c478bd9Sstevel@tonic-gate 
27977c478bd9Sstevel@tonic-gate 	/*
27987c478bd9Sstevel@tonic-gate 	 * Get enforced rctl value and current usage.  Test the increment
27997c478bd9Sstevel@tonic-gate 	 * with the current usage against the enforced value--take action as
28007c478bd9Sstevel@tonic-gate 	 * necessary.
28017c478bd9Sstevel@tonic-gate 	 */
28027c478bd9Sstevel@tonic-gate 	while (RCTLOP_TEST(lrctl, p, e, lrctl->rc_cursor, incr, flags)) {
28037c478bd9Sstevel@tonic-gate 		if ((ret & RCT_LK_ABANDONED) == 0) {
28047c478bd9Sstevel@tonic-gate 			ret |= rctl_global_action(lrctl, rset, p,
28057c478bd9Sstevel@tonic-gate 			    lrctl->rc_cursor);
28067c478bd9Sstevel@tonic-gate 
28077c478bd9Sstevel@tonic-gate 			RCTLOP_ACTION(lrctl, p, e);
28087c478bd9Sstevel@tonic-gate 
28097c478bd9Sstevel@tonic-gate 			ret |= rctl_local_action(lrctl, rset, p,
28107c478bd9Sstevel@tonic-gate 			    lrctl->rc_cursor, flags);
28117c478bd9Sstevel@tonic-gate 
28127c478bd9Sstevel@tonic-gate 			if (ret & RCT_LK_ABANDONED)
28137c478bd9Sstevel@tonic-gate 				goto rctl_test_acquire;
28147c478bd9Sstevel@tonic-gate 		}
28157c478bd9Sstevel@tonic-gate 
28167c478bd9Sstevel@tonic-gate 		ret &= ~RCT_LK_ABANDONED;
28177c478bd9Sstevel@tonic-gate 
28187c478bd9Sstevel@tonic-gate 		if ((ret & RCT_DENY) == RCT_DENY ||
28197c478bd9Sstevel@tonic-gate 		    lrctl->rc_cursor->rcv_next == NULL) {
28207c478bd9Sstevel@tonic-gate 			ret |= RCT_DENY;
28217c478bd9Sstevel@tonic-gate 			break;
28227c478bd9Sstevel@tonic-gate 		}
28237c478bd9Sstevel@tonic-gate 
28247c478bd9Sstevel@tonic-gate 		lrctl->rc_cursor = lrctl->rc_cursor->rcv_next;
28257c478bd9Sstevel@tonic-gate 		RCTLOP_SET(lrctl, p, e, rctl_model_value(lrctl->rc_dict_entry,
28267c478bd9Sstevel@tonic-gate 		    p, lrctl->rc_cursor->rcv_value));
28277c478bd9Sstevel@tonic-gate 	}
28287c478bd9Sstevel@tonic-gate 
28297c478bd9Sstevel@tonic-gate 	mutex_exit(&rset->rcs_lock);
28307c478bd9Sstevel@tonic-gate 
28317c478bd9Sstevel@tonic-gate 	return (ret);
28327c478bd9Sstevel@tonic-gate }
28337c478bd9Sstevel@tonic-gate 
28347c478bd9Sstevel@tonic-gate /*
28357c478bd9Sstevel@tonic-gate  * void rctl_init(void)
28367c478bd9Sstevel@tonic-gate  *
28377c478bd9Sstevel@tonic-gate  * Overview
28387c478bd9Sstevel@tonic-gate  *   Initialize the rctl subsystem, including the primoridal rctls
28397c478bd9Sstevel@tonic-gate  *   provided by the system.  New subsystem-specific rctls should _not_ be
28407c478bd9Sstevel@tonic-gate  *   initialized here.  (Do it in your own file.)
28417c478bd9Sstevel@tonic-gate  *
28427c478bd9Sstevel@tonic-gate  * Return values
28437c478bd9Sstevel@tonic-gate  *   None.
28447c478bd9Sstevel@tonic-gate  *
28457c478bd9Sstevel@tonic-gate  * Caller's context
28467c478bd9Sstevel@tonic-gate  *   Safe for KM_SLEEP allocations.  Must be called prior to any process model
28477c478bd9Sstevel@tonic-gate  *   initialization.
28487c478bd9Sstevel@tonic-gate  */
28497c478bd9Sstevel@tonic-gate void
rctl_init(void)28507c478bd9Sstevel@tonic-gate rctl_init(void)
28517c478bd9Sstevel@tonic-gate {
28527c478bd9Sstevel@tonic-gate 	rctl_cache = kmem_cache_create("rctl_cache", sizeof (rctl_t),
28537c478bd9Sstevel@tonic-gate 	    0, NULL, NULL, NULL, NULL, NULL, 0);
28547c478bd9Sstevel@tonic-gate 	rctl_val_cache = kmem_cache_create("rctl_val_cache",
28557c478bd9Sstevel@tonic-gate 	    sizeof (rctl_val_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
28567c478bd9Sstevel@tonic-gate 
28577c478bd9Sstevel@tonic-gate 	rctl_dict = mod_hash_create_extended("rctl_dict",
28587c478bd9Sstevel@tonic-gate 	    rctl_dict_size, mod_hash_null_keydtor, rctl_dict_val_dtor,
28597c478bd9Sstevel@tonic-gate 	    rctl_dict_hash_by_id, NULL, rctl_dict_id_cmp, KM_SLEEP);
28607c478bd9Sstevel@tonic-gate 	rctl_dict_by_name = mod_hash_create_strhash(
28617c478bd9Sstevel@tonic-gate 	    "rctl_handles_by_name", rctl_dict_size,
28627c478bd9Sstevel@tonic-gate 	    mod_hash_null_valdtor);
28637c478bd9Sstevel@tonic-gate 	rctl_ids = id_space_create("rctl_ids", 1, max_rctl_hndl);
28647c478bd9Sstevel@tonic-gate 	bzero(rctl_lists, (RC_MAX_ENTITY + 1) * sizeof (rctl_dict_entry_t *));
28657c478bd9Sstevel@tonic-gate 
28667c478bd9Sstevel@tonic-gate 	rctlproc_init();
28677c478bd9Sstevel@tonic-gate }
2868c6939658Ssl 
2869c6939658Ssl /*
28700032277fSRobert Harris  * rctl_incr_locked_mem(proc_t *p, kproject_t *proj, rctl_qty_t inc,
28710032277fSRobert Harris  *     int chargeproc)
2872c6939658Ssl  *
2873c6939658Ssl  * Increments the amount of locked memory on a project, and
28740032277fSRobert Harris  * zone. If proj is non-NULL the project must be held by the
28750032277fSRobert Harris  * caller; if it is NULL the proj and zone of proc_t p are used.
28760032277fSRobert Harris  * If chargeproc is non-zero, then the charged amount is cached
28770032277fSRobert Harris  * on p->p_locked_mem so that the charge can be migrated when a
28780032277fSRobert Harris  * process changes projects.
2879c6939658Ssl  *
2880c6939658Ssl  * Return values
2881c6939658Ssl  *    0 - success
2882c6939658Ssl  *    EAGAIN - attempting to increment locked memory is denied by one
2883c6939658Ssl  *      or more resource entities.
2884c6939658Ssl  */
2885c6939658Ssl int
rctl_incr_locked_mem(proc_t * p,kproject_t * proj,rctl_qty_t inc,int chargeproc)2886c6939658Ssl rctl_incr_locked_mem(proc_t *p, kproject_t *proj, rctl_qty_t inc,
2887c6939658Ssl     int chargeproc)
2888c6939658Ssl {
2889c6939658Ssl 	kproject_t *projp;
2890c6939658Ssl 	zone_t *zonep;
2891c6939658Ssl 	rctl_entity_p_t e;
2892c6939658Ssl 	int ret = 0;
2893c6939658Ssl 
2894c6939658Ssl 	ASSERT(p != NULL);
2895c6939658Ssl 	ASSERT(MUTEX_HELD(&p->p_lock));
2896c6939658Ssl 	if (proj != NULL) {
2897c6939658Ssl 		projp = proj;
28980032277fSRobert Harris 		zonep = proj->kpj_zone;
2899c6939658Ssl 	} else {
2900c6939658Ssl 		projp = p->p_task->tk_proj;
2901c6939658Ssl 		zonep = p->p_zone;
2902c6939658Ssl 	}
2903c6939658Ssl 
29040209230bSgjelinek 	mutex_enter(&zonep->zone_mem_lock);
2905c6939658Ssl 
2906c6939658Ssl 	e.rcep_p.proj = projp;
2907c6939658Ssl 	e.rcep_t = RCENTITY_PROJECT;
2908bb5ca623SVamsi Nagineni 
2909bb5ca623SVamsi Nagineni 	/* check for overflow */
2910bb5ca623SVamsi Nagineni 	if ((projp->kpj_data.kpd_locked_mem + inc) <
2911bb5ca623SVamsi Nagineni 	    projp->kpj_data.kpd_locked_mem) {
2912bb5ca623SVamsi Nagineni 		ret = EAGAIN;
2913bb5ca623SVamsi Nagineni 		goto out;
2914bb5ca623SVamsi Nagineni 	}
2915c6939658Ssl 	if (projp->kpj_data.kpd_locked_mem + inc >
2916c6939658Ssl 	    projp->kpj_data.kpd_locked_mem_ctl) {
2917c6939658Ssl 		if (rctl_test_entity(rc_project_locked_mem, projp->kpj_rctls,
2918c6939658Ssl 		    p, &e, inc, 0) & RCT_DENY) {
2919c6939658Ssl 			ret = EAGAIN;
2920c6939658Ssl 			goto out;
2921c6939658Ssl 		}
2922c6939658Ssl 	}
2923c6939658Ssl 	e.rcep_p.zone = zonep;
2924c6939658Ssl 	e.rcep_t = RCENTITY_ZONE;
2925bb5ca623SVamsi Nagineni 
2926bb5ca623SVamsi Nagineni 	/* Check for overflow */
2927bb5ca623SVamsi Nagineni 	if ((zonep->zone_locked_mem + inc) < zonep->zone_locked_mem) {
2928bb5ca623SVamsi Nagineni 		ret = EAGAIN;
2929bb5ca623SVamsi Nagineni 		goto out;
2930bb5ca623SVamsi Nagineni 	}
2931c6939658Ssl 	if (zonep->zone_locked_mem + inc > zonep->zone_locked_mem_ctl) {
2932c6939658Ssl 		if (rctl_test_entity(rc_zone_locked_mem, zonep->zone_rctls,
2933c6939658Ssl 		    p, &e, inc, 0) & RCT_DENY) {
2934c6939658Ssl 			ret = EAGAIN;
2935c6939658Ssl 			goto out;
2936c6939658Ssl 		}
2937c6939658Ssl 	}
2938c6939658Ssl 
2939c6939658Ssl 	zonep->zone_locked_mem += inc;
2940c6939658Ssl 	projp->kpj_data.kpd_locked_mem += inc;
2941c6939658Ssl 	if (chargeproc != 0) {
2942c6939658Ssl 		p->p_locked_mem += inc;
2943c6939658Ssl 	}
2944c6939658Ssl out:
29450209230bSgjelinek 	mutex_exit(&zonep->zone_mem_lock);
2946c6939658Ssl 	return (ret);
2947c6939658Ssl }
2948c6939658Ssl 
2949c6939658Ssl /*
29500032277fSRobert Harris  * rctl_decr_locked_mem(proc_t *p, kproject_t *proj, rctl_qty_t inc,
29510032277fSRobert Harris  *     int creditproc)
2952c6939658Ssl  *
2953c6939658Ssl  * Decrements the amount of locked memory on a project and
29540032277fSRobert Harris  * zone.  If proj is non-NULL the project must be held by the
29550032277fSRobert Harris  * caller; if it is NULL the proj and zone of proc_t p are used.
29560032277fSRobert Harris  * If creditproc is non-zero, then the quantity of locked memory
29570032277fSRobert Harris  * is subtracted from p->p_locked_mem.
2958c6939658Ssl  *
2959c6939658Ssl  * Return values
2960c6939658Ssl  *   none
2961c6939658Ssl  */
2962c6939658Ssl void
rctl_decr_locked_mem(proc_t * p,kproject_t * proj,rctl_qty_t inc,int creditproc)2963c6939658Ssl rctl_decr_locked_mem(proc_t *p, kproject_t *proj, rctl_qty_t inc,
2964c6939658Ssl     int creditproc)
2965c6939658Ssl {
2966c6939658Ssl 	kproject_t *projp;
2967c6939658Ssl 	zone_t *zonep;
2968c6939658Ssl 
2969c6939658Ssl 	if (proj != NULL) {
2970c6939658Ssl 		projp = proj;
29710032277fSRobert Harris 		zonep = proj->kpj_zone;
2972c6939658Ssl 	} else {
2973c6939658Ssl 		ASSERT(p != NULL);
2974c6939658Ssl 		ASSERT(MUTEX_HELD(&p->p_lock));
2975c6939658Ssl 		projp = p->p_task->tk_proj;
2976c6939658Ssl 		zonep = p->p_zone;
2977c6939658Ssl 	}
2978c6939658Ssl 
29790209230bSgjelinek 	mutex_enter(&zonep->zone_mem_lock);
2980c6939658Ssl 	zonep->zone_locked_mem -= inc;
2981c6939658Ssl 	projp->kpj_data.kpd_locked_mem -= inc;
2982c6939658Ssl 	if (creditproc != 0) {
2983c6939658Ssl 		ASSERT(p != NULL);
2984c6939658Ssl 		ASSERT(MUTEX_HELD(&p->p_lock));
2985c6939658Ssl 		p->p_locked_mem -= inc;
2986c6939658Ssl 	}
29870209230bSgjelinek 	mutex_exit(&zonep->zone_mem_lock);
2988c6939658Ssl }
29890209230bSgjelinek 
29900209230bSgjelinek /*
29910209230bSgjelinek  * rctl_incr_swap(proc_t *, zone_t *, size_t)
29920209230bSgjelinek  *
29930209230bSgjelinek  * Overview
29940209230bSgjelinek  *   Increments the swap charge on the specified zone.
29950209230bSgjelinek  *
29960209230bSgjelinek  * Return values
29970209230bSgjelinek  *   0 on success.  EAGAIN if swap increment fails due an rctl value
29980209230bSgjelinek  *   on the zone.
29990209230bSgjelinek  *
30000209230bSgjelinek  * Callers context
30010209230bSgjelinek  *   p_lock held on specified proc.
30020209230bSgjelinek  *   swap must be even multiple of PAGESIZE
30030209230bSgjelinek  */
30040209230bSgjelinek int
rctl_incr_swap(proc_t * proc,zone_t * zone,size_t swap)30050209230bSgjelinek rctl_incr_swap(proc_t *proc, zone_t *zone, size_t swap)
30060209230bSgjelinek {
30070209230bSgjelinek 	rctl_entity_p_t e;
30080209230bSgjelinek 
30090209230bSgjelinek 	ASSERT(MUTEX_HELD(&proc->p_lock));
30100209230bSgjelinek 	ASSERT((swap & PAGEOFFSET) == 0);
30110209230bSgjelinek 	e.rcep_p.zone = zone;
30120209230bSgjelinek 	e.rcep_t = RCENTITY_ZONE;
30130209230bSgjelinek 
30140209230bSgjelinek 	mutex_enter(&zone->zone_mem_lock);
30150209230bSgjelinek 
3016bb5ca623SVamsi Nagineni 	/* Check for overflow */
3017bb5ca623SVamsi Nagineni 	if ((zone->zone_max_swap + swap) < zone->zone_max_swap) {
3018bb5ca623SVamsi Nagineni 		mutex_exit(&zone->zone_mem_lock);
3019bb5ca623SVamsi Nagineni 		return (EAGAIN);
3020bb5ca623SVamsi Nagineni 	}
30210209230bSgjelinek 	if ((zone->zone_max_swap + swap) >
30220209230bSgjelinek 	    zone->zone_max_swap_ctl) {
30230209230bSgjelinek 
30240209230bSgjelinek 		if (rctl_test_entity(rc_zone_max_swap, zone->zone_rctls,
30250209230bSgjelinek 		    proc, &e, swap, 0) & RCT_DENY) {
30260209230bSgjelinek 			mutex_exit(&zone->zone_mem_lock);
30270209230bSgjelinek 			return (EAGAIN);
30280209230bSgjelinek 		}
30290209230bSgjelinek 	}
30300209230bSgjelinek 	zone->zone_max_swap += swap;
30310209230bSgjelinek 	mutex_exit(&zone->zone_mem_lock);
30320209230bSgjelinek 	return (0);
30330209230bSgjelinek }
30340209230bSgjelinek 
30350209230bSgjelinek /*
30360209230bSgjelinek  * rctl_decr_swap(zone_t *, size_t)
30370209230bSgjelinek  *
30380209230bSgjelinek  * Overview
30390209230bSgjelinek  *   Decrements the swap charge on the specified zone.
30400209230bSgjelinek  *
30410209230bSgjelinek  * Return values
30420209230bSgjelinek  *   None
30430209230bSgjelinek  *
30440209230bSgjelinek  * Callers context
30450209230bSgjelinek  *   swap must be even multiple of PAGESIZE
30460209230bSgjelinek  */
30470209230bSgjelinek void
rctl_decr_swap(zone_t * zone,size_t swap)30480209230bSgjelinek rctl_decr_swap(zone_t *zone, size_t swap)
30490209230bSgjelinek {
30500209230bSgjelinek 	ASSERT((swap & PAGEOFFSET) == 0);
30510209230bSgjelinek 	mutex_enter(&zone->zone_mem_lock);
30520209230bSgjelinek 	ASSERT(zone->zone_max_swap >= swap);
30530209230bSgjelinek 	zone->zone_max_swap -= swap;
30540209230bSgjelinek 	mutex_exit(&zone->zone_mem_lock);
30550209230bSgjelinek }
30560209230bSgjelinek 
30570fbb751dSJohn Levon /*
30580fbb751dSJohn Levon  * rctl_incr_lofi(proc_t *, zone_t *, size_t)
30590fbb751dSJohn Levon  *
30600fbb751dSJohn Levon  * Overview
30610fbb751dSJohn Levon  *   Increments the number of lofi devices for the zone.
30620fbb751dSJohn Levon  *
30630fbb751dSJohn Levon  * Return values
30640fbb751dSJohn Levon  *   0 on success.  EAGAIN if increment fails due an rctl value
30650fbb751dSJohn Levon  *   on the zone.
30660fbb751dSJohn Levon  *
30670fbb751dSJohn Levon  * Callers context
30680fbb751dSJohn Levon  *   p_lock held on specified proc.
30690fbb751dSJohn Levon  */
30700fbb751dSJohn Levon int
rctl_incr_lofi(proc_t * proc,zone_t * zone,size_t incr)30710fbb751dSJohn Levon rctl_incr_lofi(proc_t *proc, zone_t *zone, size_t incr)
30720fbb751dSJohn Levon {
30730fbb751dSJohn Levon 	rctl_entity_p_t e;
30740fbb751dSJohn Levon 
30750fbb751dSJohn Levon 	ASSERT(MUTEX_HELD(&proc->p_lock));
30760fbb751dSJohn Levon 	ASSERT(incr > 0);
30770fbb751dSJohn Levon 
30780fbb751dSJohn Levon 	e.rcep_p.zone = zone;
30790fbb751dSJohn Levon 	e.rcep_t = RCENTITY_ZONE;
30800fbb751dSJohn Levon 
30810fbb751dSJohn Levon 	mutex_enter(&zone->zone_rctl_lock);
30820fbb751dSJohn Levon 
30830fbb751dSJohn Levon 	/* Check for overflow */
30840fbb751dSJohn Levon 	if ((zone->zone_max_lofi + incr) < zone->zone_max_lofi) {
30850fbb751dSJohn Levon 		mutex_exit(&zone->zone_rctl_lock);
30860fbb751dSJohn Levon 		return (EAGAIN);
30870fbb751dSJohn Levon 	}
30880fbb751dSJohn Levon 	if ((zone->zone_max_lofi + incr) > zone->zone_max_lofi_ctl) {
30890fbb751dSJohn Levon 		if (rctl_test_entity(rc_zone_max_lofi, zone->zone_rctls,
30900fbb751dSJohn Levon 		    proc, &e, incr, 0) & RCT_DENY) {
30910fbb751dSJohn Levon 			mutex_exit(&zone->zone_rctl_lock);
30920fbb751dSJohn Levon 			return (EAGAIN);
30930fbb751dSJohn Levon 		}
30940fbb751dSJohn Levon 	}
30950fbb751dSJohn Levon 	zone->zone_max_lofi += incr;
30960fbb751dSJohn Levon 	mutex_exit(&zone->zone_rctl_lock);
30970fbb751dSJohn Levon 	return (0);
30980fbb751dSJohn Levon }
30990fbb751dSJohn Levon 
31000fbb751dSJohn Levon /*
31010fbb751dSJohn Levon  * rctl_decr_lofi(zone_t *, size_t)
31020fbb751dSJohn Levon  *
31030fbb751dSJohn Levon  * Overview
31040fbb751dSJohn Levon  *   Decrements the number of lofi devices for the zone.
31050fbb751dSJohn Levon  */
31060fbb751dSJohn Levon void
rctl_decr_lofi(zone_t * zone,size_t decr)31070fbb751dSJohn Levon rctl_decr_lofi(zone_t *zone, size_t decr)
31080fbb751dSJohn Levon {
31090fbb751dSJohn Levon 	mutex_enter(&zone->zone_rctl_lock);
31100fbb751dSJohn Levon 	ASSERT(zone->zone_max_lofi >= decr);
31110fbb751dSJohn Levon 	zone->zone_max_lofi -= decr;
31120fbb751dSJohn Levon 	mutex_exit(&zone->zone_rctl_lock);
31130fbb751dSJohn Levon }
31140fbb751dSJohn Levon 
31150209230bSgjelinek /*
31160209230bSgjelinek  * Create resource kstat
31170209230bSgjelinek  */
31180209230bSgjelinek static kstat_t *
rctl_kstat_create_common(char * ks_name,int ks_instance,char * ks_class,uchar_t ks_type,uint_t ks_ndata,uchar_t ks_flags,int ks_zoneid)31190209230bSgjelinek rctl_kstat_create_common(char *ks_name, int ks_instance, char *ks_class,
31200209230bSgjelinek     uchar_t ks_type, uint_t ks_ndata, uchar_t ks_flags, int ks_zoneid)
31210209230bSgjelinek {
31220209230bSgjelinek 	kstat_t *ksp = NULL;
31230209230bSgjelinek 	char name[KSTAT_STRLEN];
31240209230bSgjelinek 
31250209230bSgjelinek 	(void) snprintf(name, KSTAT_STRLEN, "%s_%d", ks_name, ks_instance);
31260209230bSgjelinek 
31270209230bSgjelinek 	if ((ksp = kstat_create_zone("caps", ks_zoneid,
3128903a11ebSrh 	    name, ks_class, ks_type,
3129903a11ebSrh 	    ks_ndata, ks_flags, ks_zoneid)) != NULL) {
31300209230bSgjelinek 		if (ks_zoneid != GLOBAL_ZONEID)
31310209230bSgjelinek 			kstat_zone_add(ksp, GLOBAL_ZONEID);
31320209230bSgjelinek 	}
31330209230bSgjelinek 	return (ksp);
31340209230bSgjelinek }
31350209230bSgjelinek 
31360209230bSgjelinek /*
31370209230bSgjelinek  * Create zone-specific resource kstat
31380209230bSgjelinek  */
31390209230bSgjelinek kstat_t *
rctl_kstat_create_zone(zone_t * zone,char * ks_name,uchar_t ks_type,uint_t ks_ndata,uchar_t ks_flags)31400209230bSgjelinek rctl_kstat_create_zone(zone_t *zone, char *ks_name, uchar_t ks_type,
31410209230bSgjelinek     uint_t ks_ndata, uchar_t ks_flags)
31420209230bSgjelinek {
31430209230bSgjelinek 	char name[KSTAT_STRLEN];
31440209230bSgjelinek 
31450209230bSgjelinek 	(void) snprintf(name, KSTAT_STRLEN, "%s_zone", ks_name);
31460209230bSgjelinek 
31470209230bSgjelinek 	return (rctl_kstat_create_common(name, zone->zone_id, "zone_caps",
31480209230bSgjelinek 	    ks_type, ks_ndata, ks_flags, zone->zone_id));
31490209230bSgjelinek }
31500209230bSgjelinek 
31510209230bSgjelinek /*
31520209230bSgjelinek  * Create project-specific resource kstat
31530209230bSgjelinek  */
31540209230bSgjelinek kstat_t *
rctl_kstat_create_project(kproject_t * kpj,char * ks_name,uchar_t ks_type,uint_t ks_ndata,uchar_t ks_flags)31550209230bSgjelinek rctl_kstat_create_project(kproject_t *kpj, char *ks_name, uchar_t ks_type,
31560209230bSgjelinek     uint_t ks_ndata, uchar_t ks_flags)
31570209230bSgjelinek {
31580209230bSgjelinek 	char name[KSTAT_STRLEN];
31590209230bSgjelinek 
31600209230bSgjelinek 	(void) snprintf(name, KSTAT_STRLEN, "%s_project", ks_name);
31610209230bSgjelinek 
31620209230bSgjelinek 	return (rctl_kstat_create_common(name, kpj->kpj_id, "project_caps",
31630209230bSgjelinek 	    ks_type, ks_ndata, ks_flags, kpj->kpj_zoneid));
31640209230bSgjelinek }
3165ff19e029SMenno Lageman 
3166ff19e029SMenno Lageman /*
3167ff19e029SMenno Lageman  * Create task-specific resource kstat
3168ff19e029SMenno Lageman  */
3169ff19e029SMenno Lageman kstat_t *
rctl_kstat_create_task(task_t * tk,char * ks_name,uchar_t ks_type,uint_t ks_ndata,uchar_t ks_flags)3170ff19e029SMenno Lageman rctl_kstat_create_task(task_t *tk, char *ks_name, uchar_t ks_type,
3171ff19e029SMenno Lageman     uint_t ks_ndata, uchar_t ks_flags)
3172ff19e029SMenno Lageman {
3173ff19e029SMenno Lageman 	char name[KSTAT_STRLEN];
3174ff19e029SMenno Lageman 
3175ff19e029SMenno Lageman 	(void) snprintf(name, KSTAT_STRLEN, "%s_task", ks_name);
3176ff19e029SMenno Lageman 
3177ff19e029SMenno Lageman 	return (rctl_kstat_create_common(name, tk->tk_tkid, "task_caps",
3178ff19e029SMenno Lageman 	    ks_type, ks_ndata, ks_flags, tk->tk_proj->kpj_zoneid));
3179ff19e029SMenno Lageman }
3180