diff options
| author | Philip Guenthe <guenther@cvs.openbsd.org> | 2012-04-10 15:50:53 +0000 |
|---|---|---|
| committer | Philip Guenthe <guenther@cvs.openbsd.org> | 2012-04-10 15:50:53 +0000 |
| commit | e8a9a9f2d6489645bf13279629f174fbbb51e5f2 (patch) | |
| tree | 6c4388beca9c54cb18ca390586c38d8057a8a342 /sys/kern | |
| parent | 213c6b55ddb4168cc2df478c206d9f8db6bfac38 (diff) | |
Make the KERN_NPROCS and KERN_MAXPROC sysctl()s and the RLIMIT_NPROC rlimit
count processes instead of threads. New sysctl()s KERN_NTHREADS and
KERN_MAXTHREAD count and limit threads. The nprocs and maxproc kernel
variables are replaced by nprocess, maxprocess, nthreads, and maxthread.
ok tedu@ mikeb@
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_exit.c | 16 | ||||
| -rw-r--r-- | sys/kern/kern_fork.c | 52 | ||||
| -rw-r--r-- | sys/kern/kern_proc.c | 8 | ||||
| -rw-r--r-- | sys/kern/kern_prot.c | 10 | ||||
| -rw-r--r-- | sys/kern/kern_resource.c | 4 | ||||
| -rw-r--r-- | sys/kern/kern_sysctl.c | 10 |
6 files changed, 63 insertions, 37 deletions
diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index a715cd1f1b0..8b5fe9d463a 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_exit.c,v 1.110 2012/04/06 02:18:49 guenther Exp $ */ +/* $OpenBSD: kern_exit.c,v 1.111 2012/04/10 15:50:52 guenther Exp $ */ /* $NetBSD: kern_exit.c,v 1.39 1996/04/22 01:38:25 christos Exp $ */ /* @@ -584,13 +584,14 @@ proc_zap(struct proc *p) if ((p->p_flag & P_THREAD) == 0) leavepgrp(pr); LIST_REMOVE(p, p_list); /* off zombproc */ - if ((p->p_flag & P_THREAD) == 0) + if ((p->p_flag & P_THREAD) == 0) { LIST_REMOVE(pr, ps_sibling); - /* - * Decrement the count of procs running with this uid. - */ - (void)chgproccnt(p->p_cred->p_ruid, -1); + /* + * Decrement the count of procs running with this uid. + */ + (void)chgproccnt(p->p_cred->p_ruid, -1); + } /* * Release reference to text vnode @@ -611,8 +612,9 @@ proc_zap(struct proc *p) crfree(pr->ps_cred->pc_ucred); pool_put(&pcred_pool, pr->ps_cred); pool_put(&process_pool, pr); + nprocesses--; } pool_put(&proc_pool, p); - nprocs--; + nthreads--; } diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index f7225155e47..8bf4a377777 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_fork.c,v 1.135 2012/03/23 15:51:26 guenther Exp $ */ +/* $OpenBSD: kern_fork.c,v 1.136 2012/04/10 15:50:52 guenther Exp $ */ /* $NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $ */ /* @@ -69,7 +69,8 @@ # include <machine/tcb.h> #endif -int nprocs = 1; /* process 0 */ +int nprocesses = 1; /* process 0 */ +int nthreads = 1; /* proc 0 */ int randompid; /* when set to 1, pid's go random */ pid_t lastpid; struct forkstat forkstat; @@ -266,28 +267,46 @@ fork1(struct proc *curp, int exitsig, int flags, void *stack, pid_t *tidptr, /* * Although process entries are dynamically created, we still keep * a global limit on the maximum number we will create. We reserve - * the last 5 processes to root. The variable nprocs is the current - * number of processes, maxproc is the limit. + * the last 5 processes to root. The variable nprocesses is the + * current number of processes, maxprocess is the limit. Similar + * rules for threads (struct proc): we reserve the last 5 to root; + * the variable nthreads is the current number of procs, maxthread is + * the limit. */ uid = curp->p_cred->p_ruid; - if ((nprocs >= maxproc - 5 && uid != 0) || nprocs >= maxproc) { + if ((nthreads >= maxthread - 5 && uid != 0) || nthreads >= maxthread) { static struct timeval lasttfm; if (ratecheck(&lasttfm, &fork_tfmrate)) tablefull("proc"); return (EAGAIN); } - nprocs++; + nthreads++; - /* - * Increment the count of procs running with this uid. Don't allow - * a nonprivileged user to exceed their current limit. - */ - count = chgproccnt(uid, 1); - if (uid != 0 && count > curp->p_rlimit[RLIMIT_NPROC].rlim_cur) { - (void)chgproccnt(uid, -1); - nprocs--; - return (EAGAIN); + if ((flags & FORK_THREAD) == 0) { + if ((nprocesses >= maxprocess - 5 && uid != 0) || + nprocesses >= maxprocess) { + static struct timeval lasttfm; + + if (ratecheck(&lasttfm, &fork_tfmrate)) + tablefull("process"); + nthreads--; + return (EAGAIN); + } + nprocesses++; + + /* + * Increment the count of processes running with + * this uid. Don't allow a nonprivileged user to + * exceed their current limit. + */ + count = chgproccnt(uid, 1); + if (uid != 0 && count > curp->p_rlimit[RLIMIT_NPROC].rlim_cur) { + (void)chgproccnt(uid, -1); + nprocesses--; + nthreads--; + return (EAGAIN); + } } uaddr = uvm_km_kmemalloc_pla(kernel_map, uvm.kernel_object, USPACE, @@ -296,7 +315,8 @@ fork1(struct proc *curp, int exitsig, int flags, void *stack, pid_t *tidptr, 0, 0, USPACE/PAGE_SIZE); if (uaddr == 0) { chgproccnt(uid, -1); - nprocs--; + nprocesses--; + nthreads--; return (ENOMEM); } diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index 2bf3d8589b1..ad861c8e8af 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_proc.c,v 1.47 2011/09/18 23:20:54 miod Exp $ */ +/* $OpenBSD: kern_proc.c,v 1.48 2012/04/10 15:50:52 guenther Exp $ */ /* $NetBSD: kern_proc.c,v 1.14 1996/02/09 18:59:41 christos Exp $ */ /* @@ -86,9 +86,9 @@ procinit(void) LIST_INIT(&zombproc); - pidhashtbl = hashinit(maxproc / 4, M_PROC, M_NOWAIT, &pidhash); - pgrphashtbl = hashinit(maxproc / 4, M_PROC, M_NOWAIT, &pgrphash); - uihashtbl = hashinit(maxproc / 16, M_PROC, M_NOWAIT, &uihash); + pidhashtbl = hashinit(maxthread / 4, M_PROC, M_NOWAIT, &pidhash); + pgrphashtbl = hashinit(maxprocess / 4, M_PROC, M_NOWAIT, &pgrphash); + uihashtbl = hashinit(maxprocess / 16, M_PROC, M_NOWAIT, &uihash); if (!pidhashtbl || !pgrphashtbl || !uihashtbl) panic("procinit: malloc"); diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 95a7c0a2401..c4a833de12e 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_prot.c,v 1.52 2012/02/20 22:23:39 guenther Exp $ */ +/* $OpenBSD: kern_prot.c,v 1.53 2012/04/10 15:50:52 guenther Exp $ */ /* $NetBSD: kern_prot.c,v 1.33 1996/02/09 18:59:42 christos Exp $ */ /* @@ -391,8 +391,8 @@ sys_setresuid(struct proc *p, void *v, register_t *retval) /* * Transfer proc count to new user. */ - (void)chgproccnt(pc->p_ruid, -p->p_p->ps_refcnt); - (void)chgproccnt(ruid, p->p_p->ps_refcnt); + (void)chgproccnt(pc->p_ruid, -1); + (void)chgproccnt(ruid, 1); pc->p_ruid = ruid; } if (euid != (uid_t)-1 && euid != pc->pc_ucred->cr_uid) { @@ -596,8 +596,8 @@ sys_setuid(struct proc *p, void *v, register_t *retval) * Transfer proc count to new user. */ if (uid != pc->p_ruid) { - (void)chgproccnt(pc->p_ruid, -p->p_p->ps_refcnt); - (void)chgproccnt(uid, p->p_p->ps_refcnt); + (void)chgproccnt(pc->p_ruid, -1); + (void)chgproccnt(uid, 1); } pc->p_ruid = uid; pc->p_svuid = uid; diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index ab199d4401e..995b3db15ef 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_resource.c,v 1.39 2012/03/23 15:51:26 guenther Exp $ */ +/* $OpenBSD: kern_resource.c,v 1.40 2012/04/10 15:50:52 guenther Exp $ */ /* $NetBSD: kern_resource.c,v 1.38 1996/10/23 07:19:38 matthias Exp $ */ /*- @@ -264,7 +264,7 @@ dosetrlimit(struct proc *p, u_int which, struct rlimit *limp) maxlim = maxfiles; break; case RLIMIT_NPROC: - maxlim = maxproc; + maxlim = maxprocess; break; default: maxlim = RLIM_INFINITY; diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 8651cf8514a..e577f6b1e35 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sysctl.c,v 1.218 2012/03/28 16:01:30 guenther Exp $ */ +/* $OpenBSD: kern_sysctl.c,v 1.219 2012/04/10 15:50:52 guenther Exp $ */ /* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */ /*- @@ -316,7 +316,7 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, case KERN_MAXVNODES: return(sysctl_int(oldp, oldlenp, newp, newlen, &maxvnodes)); case KERN_MAXPROC: - return (sysctl_int(oldp, oldlenp, newp, newlen, &maxproc)); + return (sysctl_int(oldp, oldlenp, newp, newlen, &maxprocess)); case KERN_MAXFILES: return (sysctl_int(oldp, oldlenp, newp, newlen, &maxfiles)); case KERN_NFILES: @@ -401,6 +401,10 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, return (sysctl_rdint(oldp, oldlenp, newp, MAXPARTITIONS)); case KERN_RAWPARTITION: return (sysctl_rdint(oldp, oldlenp, newp, RAW_PART)); + case KERN_MAXTHREAD: + return (sysctl_int(oldp, oldlenp, newp, newlen, &maxthread)); + case KERN_NTHREADS: + return (sysctl_rdint(oldp, oldlenp, newp, nthreads)); case KERN_SOMAXCONN: return (sysctl_int(oldp, oldlenp, newp, newlen, &somaxconn)); case KERN_SOMINCONN: @@ -494,7 +498,7 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, case KERN_CCPU: return (sysctl_rdint(oldp, oldlenp, newp, ccpu)); case KERN_NPROCS: - return (sysctl_rdint(oldp, oldlenp, newp, nprocs)); + return (sysctl_rdint(oldp, oldlenp, newp, nprocesses)); case KERN_POOL: return (sysctl_dopool(name + 1, namelen - 1, oldp, oldlenp)); case KERN_STACKGAPRANDOM: |