vmd(8): remove unfinished user accounting.

User accounting and enforcement was never finished. tedu the thing
until someone wants to pick it up and finish it.

Originally found by Matthew Martin.

ok mlarkin@, kn@. input from tb@.

4 files changed, 4 insertions, 151 deletions

diff --git a/usr.sbin/vmd/config.c b/usr.sbin/vmd/config.c
index 374d7de6629..c955212c6df 100644
--- a/usr.sbin/vmd/config.c
+++ b/usr.sbin/vmd/config.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: config.c,v 1.65 2022/05/08 14:44:54 dv Exp $	*/
+/*	$OpenBSD: config.c,v 1.66 2022/10/31 14:02:11 dv Exp $	*/
 
 /*
  * Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@@ -98,12 +98,6 @@ config_init(struct vmd *env)
 			return (-1);
 		TAILQ_INIT(env->vmd_switches);
 	}
-	if (what & CONFIG_USERS) {
-		if ((env->vmd_users = calloc(1,
-		    sizeof(*env->vmd_users))) == NULL)
-			return (-1);
-		TAILQ_INIT(env->vmd_users);
-	}
 
 	return (0);
 }
@@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, uint32_t peerid, uid_t uid)
 		return (EALREADY);
 	}
 
-	/* increase the user reference counter and check user limits */
-	if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) {
-		user_inc(vcp, vm->vm_user, 1);
-		if (user_checklimit(vm->vm_user, vcp) == -1)
-			return (EPERM);
-	}
-
 	/*
 	 * Rate-limit the VM so that it cannot restart in a loop:
 	 * if the VM restarts after less than VM_START_RATE_SEC seconds,
diff --git a/usr.sbin/vmd/proc.h b/usr.sbin/vmd/proc.h
index 123df4fe465..1702bd9756d 100644
--- a/usr.sbin/vmd/proc.h
+++ b/usr.sbin/vmd/proc.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: proc.h,v 1.21 2022/09/13 10:28:19 martijn Exp $	*/
+/*	$OpenBSD: proc.h,v 1.22 2022/10/31 14:02:11 dv Exp $	*/
 
 /*
  * Copyright (c) 2010-2015 Reyk Floeter <reyk@openbsd.org>
@@ -89,7 +89,6 @@ extern enum privsep_procid privsep_process;
 #define CONFIG_RELOAD		0x00
 #define CONFIG_VMS		0x01
 #define CONFIG_SWITCHES		0x02
-#define CONFIG_USERS		0x04
 #define CONFIG_ALL		0xff
 
 struct privsep_pipes {
diff --git a/usr.sbin/vmd/vmd.c b/usr.sbin/vmd/vmd.c
index 2f3ac1a76f2..bd0d8580ffc 100644
--- a/usr.sbin/vmd/vmd.c
+++ b/usr.sbin/vmd/vmd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vmd.c,v 1.132 2022/09/13 10:28:19 martijn Exp $	*/
+/*	$OpenBSD: vmd.c,v 1.133 2022/10/31 14:02:11 dv Exp $	*/
 
 /*
  * Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *caller)
 	vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING
 	    | VM_STATE_SHUTDOWN);
 
-	user_inc(&vm->vm_params.vmc_params, vm->vm_user, 0);
-	user_put(vm->vm_user);
-
 	if (vm->vm_iev.ibuf.fd != -1) {
 		event_del(&vm->vm_iev.ev);
 		close(vm->vm_iev.ibuf.fd);
@@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller)
 
 	TAILQ_REMOVE(env->vmd_vms, vm, vm_entry);
 
-	user_put(vm->vm_user);
 	vm_stop(vm, 0, caller);
 	free(vm);
 }
@@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_params *vmc,
 	struct vmd_vm		*vm = NULL, *vm_parent = NULL;
 	struct vm_create_params	*vcp = &vmc->vmc_params;
 	struct vmop_owner	*vmo = NULL;
-	struct vmd_user		*usr = NULL;
 	uint32_t		 nid, rng;
 	unsigned int		 i, j;
 	struct vmd_switch	*sw;
@@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct vmop_create_params *vmc,
 		}
 	}
 
-	/* track active users */
-	if (uid != 0 && env->vmd_users != NULL &&
-	    (usr = user_get(uid)) == NULL) {
-		log_warnx("could not add user");
-		goto fail;
-	}
-
 	if ((vm = calloc(1, sizeof(*vm))) == NULL)
 		goto fail;
 
@@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_params *vmc,
 	vm->vm_tty = -1;
 	vm->vm_receive_fd = -1;
 	vm->vm_state &= ~VM_STATE_PAUSED;
-	vm->vm_user = usr;
 
 	for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++)
 		for (j = 0; j < VM_MAX_BASE_PER_DISK; j++)
@@ -1903,104 +1890,6 @@ switch_getbyname(const char *name)
 	return (NULL);
 }
 
-struct vmd_user *
-user_get(uid_t uid)
-{
-	struct vmd_user		*usr;
-
-	if (uid == 0)
-		return (NULL);
-
-	/* first try to find an existing user */
-	TAILQ_FOREACH(usr, env->vmd_users, usr_entry) {
-		if (usr->usr_id.uid == uid)
-			goto done;
-	}
-
-	if ((usr = calloc(1, sizeof(*usr))) == NULL) {
-		log_warn("could not allocate user");
-		return (NULL);
-	}
-
-	usr->usr_id.uid = uid;
-	usr->usr_id.gid = -1;
-	TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry);
-
- done:
-	DPRINTF("%s: uid %d #%d +",
-	    __func__, usr->usr_id.uid, usr->usr_refcnt + 1);
-	usr->usr_refcnt++;
-
-	return (usr);
-}
-
-void
-user_put(struct vmd_user *usr)
-{
-	if (usr == NULL)
-		return;
-
-	DPRINTF("%s: uid %d #%d -",
-	    __func__, usr->usr_id.uid, usr->usr_refcnt - 1);
-
-	if (--usr->usr_refcnt > 0)
-		return;
-
-	TAILQ_REMOVE(env->vmd_users, usr, usr_entry);
-	free(usr);
-}
-
-void
-user_inc(struct vm_create_params *vcp, struct vmd_user *usr, int inc)
-{
-	char	 mem[FMT_SCALED_STRSIZE];
-
-	if (usr == NULL)
-		return;
-
-	/* increment or decrement counters */
-	inc = inc ? 1 : -1;
-
-	usr->usr_maxcpu += vcp->vcp_ncpus * inc;
-	usr->usr_maxmem += vcp->vcp_memranges[0].vmr_size * inc;
-	usr->usr_maxifs += vcp->vcp_nnics * inc;
-
-	if (log_getverbose() > 1) {
-		(void)fmt_scaled(usr->usr_maxmem * 1024 * 1024, mem);
-		log_debug("%s: %c uid %d ref %d cpu %llu mem %s ifs %llu",
-		    __func__, inc == 1 ? '+' : '-',
-		    usr->usr_id.uid, usr->usr_refcnt,
-		    usr->usr_maxcpu, mem, usr->usr_maxifs);
-	}
-}
-
-int
-user_checklimit(struct vmd_user *usr, struct vm_create_params *vcp)
-{
-	const char	*limit = "";
-
-	/* XXX make the limits configurable */
-	if (usr->usr_maxcpu > VM_DEFAULT_USER_MAXCPU) {
-		limit = "cpu ";
-		goto fail;
-	}
-	if (usr->usr_maxmem > VM_DEFAULT_USER_MAXMEM) {
-		limit = "memory ";
-		goto fail;
-	}
-	if (usr->usr_maxifs > VM_DEFAULT_USER_MAXIFS) {
-		limit = "interface ";
-		goto fail;
-	}
-
-	return (0);
-
- fail:
-	log_warnx("%s: user %d %slimit reached", vcp->vcp_name,
-	    usr->usr_id.uid, limit);
-	return (-1);
-}
-
 char *
 get_string(uint8_t *ptr, size_t len)
 {
diff --git a/usr.sbin/vmd/vmd.h b/usr.sbin/vmd/vmd.h
index 9010ad6eb9f..c27d03df733 100644
--- a/usr.sbin/vmd/vmd.h
+++ b/usr.sbin/vmd/vmd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vmd.h,v 1.110 2022/09/13 10:28:19 martijn Exp $	*/
+/*	$OpenBSD: vmd.h,v 1.111 2022/10/31 14:02:11 dv Exp $	*/
 
 /*
  * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@@ -65,11 +65,6 @@
 #define VM_START_RATE_SEC	6	/* min. seconds since last reboot */
 #define VM_START_RATE_LIMIT	3	/* max. number of fast reboots */
 
-/* default user instance limits */
-#define VM_DEFAULT_USER_MAXCPU	4
-#define VM_DEFAULT_USER_MAXMEM	2048
-#define VM_DEFAULT_USER_MAXIFS	8
-
 /* vmd -> vmctl error codes */
 #define VMD_BIOS_MISSING	1001
 #define VMD_DISK_MISSING	1002
@@ -287,7 +282,6 @@ struct vmd_vm {
 	struct imsgev		 vm_iev;
 	uid_t			 vm_uid;
 	int			 vm_receive_fd;
-	struct vmd_user		*vm_user;
 	unsigned int		 vm_state;
 /* When set, VM is running now (PROC_PARENT only) */
 #define VM_STATE_RUNNING	0x01
@@ -307,17 +301,6 @@ struct vmd_vm {
 };
 TAILQ_HEAD(vmlist, vmd_vm);
 
-struct vmd_user {
-	struct vmop_owner	 usr_id;
-	uint64_t		 usr_maxcpu;
-	uint64_t		 usr_maxmem;
-	uint64_t		 usr_maxifs;
-	int			 usr_refcnt;
-
-	TAILQ_ENTRY(vmd_user)	 usr_entry;
-};
-TAILQ_HEAD(userlist, vmd_user);
-
 struct name2id {
 	char			name[VMM_MAX_NAME_LEN];
 	int			uid;
@@ -373,7 +356,6 @@ struct vmd {
 	struct name2idlist	*vmd_known;
 	uint32_t		 vmd_nswitches;
 	struct switchlist	*vmd_switches;
-	struct userlist		*vmd_users;
 
 	int			 vmd_fd;
 	int			 vmd_fd6;
@@ -445,10 +427,6 @@ int	 vm_opentty(struct vmd_vm *);
 void	 vm_closetty(struct vmd_vm *);
 void	 switch_remove(struct vmd_switch *);
 struct vmd_switch *switch_getbyname(const char *);
-struct vmd_user *user_get(uid_t);
-void	 user_put(struct vmd_user *);
-void	 user_inc(struct vm_create_params *, struct vmd_user *, int);
-int	 user_checklimit(struct vmd_user *, struct vm_create_params *);
 char	*get_string(uint8_t *, size_t);
 uint32_t prefixlen2mask(uint8_t);
 void	 prefixlen2mask6(u_int8_t, struct in6_addr *);