Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/kern/kern_loginclass.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2011 The FreeBSD Foundation 5 * All rights reserved. 6 * 7 * This software was developed by Edward Tomasz Napierala under sponsorship 8 * from the FreeBSD Foundation. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 * 31 * $FreeBSD$ 32 */ 33 34 /* 35 * Processes may set login class name using setloginclass(2). This 36 * is usually done through call to setusercontext(3), by programs 37 * such as login(1), based on information from master.passwd(5). Kernel 38 * uses this information to enforce per-class resource limits. Current 39 * login class can be determined using id(1). Login class is inherited 40 * from the parent process during fork(2). If not set, it defaults 41 * to "default". 42 * 43 * Code in this file implements setloginclass(2) and getloginclass(2) 44 * system calls, and maintains class name storage and retrieval. 45 */ 46 47 #include <sys/cdefs.h> 48 __FBSDID("$FreeBSD$"); 49 50 #include <sys/param.h> 51 #include <sys/eventhandler.h> 52 #include <sys/kernel.h> 53 #include <sys/lock.h> 54 #include <sys/loginclass.h> 55 #include <sys/malloc.h> 56 #include <sys/types.h> 57 #include <sys/priv.h> 58 #include <sys/proc.h> 59 #include <sys/queue.h> 60 #include <sys/racct.h> 61 #include <sys/rctl.h> 62 #include <sys/refcount.h> 63 #include <sys/rwlock.h> 64 #include <sys/sysproto.h> 65 #include <sys/systm.h> 66 67 static MALLOC_DEFINE(M_LOGINCLASS, "loginclass", "loginclass structures"); 68 69 LIST_HEAD(, loginclass) loginclasses; 70 71 /* 72 * Lock protecting loginclasses list. 73 */ 74 static struct rwlock loginclasses_lock; 75 RW_SYSINIT(loginclasses_init, &loginclasses_lock, "loginclasses lock"); 76 77 void 78 loginclass_hold(struct loginclass *lc) 79 { 80 81 refcount_acquire(&lc->lc_refcount); 82 } 83 84 void 85 loginclass_free(struct loginclass *lc) 86 { 87 int old; 88 89 old = lc->lc_refcount; 90 if (old > 1 && atomic_cmpset_int(&lc->lc_refcount, old, old - 1)) 91 return; 92 93 rw_wlock(&loginclasses_lock); 94 if (!refcount_release(&lc->lc_refcount)) { 95 rw_wunlock(&loginclasses_lock); 96 return; 97 } 98 99 racct_destroy(&lc->lc_racct); 100 LIST_REMOVE(lc, lc_next); 101 rw_wunlock(&loginclasses_lock); 102 103 free(lc, M_LOGINCLASS); 104 } 105 106 /* 107 * Look up a loginclass struct for the parameter name. 108 * loginclasses_lock must be locked. 109 * Increase refcount on loginclass struct returned. 110 */ 111 static struct loginclass * 112 loginclass_lookup(const char *name) 113 { 114 struct loginclass *lc; 115 116 rw_assert(&loginclasses_lock, RA_LOCKED); 117 LIST_FOREACH(lc, &loginclasses, lc_next) 118 if (strcmp(name, lc->lc_name) == 0) { 119 loginclass_hold(lc); 120 break; 121 } 122 123 return (lc); 124 } 125 126 /* 127 * Return loginclass structure with a corresponding name. Not 128 * performance critical, as it's used mainly by setloginclass(2), 129 * which happens once per login session. Caller has to use 130 * loginclass_free() on the returned value when it's no longer 131 * needed. 132 */ 133 struct loginclass * 134 loginclass_find(const char *name) 135 { 136 struct loginclass *lc, *new_lc; 137 138 if (name[0] == '\0' || strlen(name) >= MAXLOGNAME) 139 return (NULL); 140 141 lc = curthread->td_ucred->cr_loginclass; 142 if (strcmp(name, lc->lc_name) == 0) { 143 loginclass_hold(lc); 144 return (lc); 145 } 146 147 rw_rlock(&loginclasses_lock); 148 lc = loginclass_lookup(name); 149 rw_runlock(&loginclasses_lock); 150 if (lc != NULL) 151 return (lc); 152 153 new_lc = malloc(sizeof(*new_lc), M_LOGINCLASS, M_ZERO | M_WAITOK); 154 racct_create(&new_lc->lc_racct); 155 refcount_init(&new_lc->lc_refcount, 1); 156 strcpy(new_lc->lc_name, name); 157 158 rw_wlock(&loginclasses_lock); 159 /* 160 * There's a chance someone created our loginclass while we 161 * were in malloc and not holding the lock, so we have to 162 * make sure we don't insert a duplicate loginclass. 163 */ 164 if ((lc = loginclass_lookup(name)) == NULL) { 165 LIST_INSERT_HEAD(&loginclasses, new_lc, lc_next); 166 rw_wunlock(&loginclasses_lock); 167 lc = new_lc; 168 } else { 169 rw_wunlock(&loginclasses_lock); 170 racct_destroy(&new_lc->lc_racct); 171 free(new_lc, M_LOGINCLASS); 172 } 173 174 return (lc); 175 } 176 177 /* 178 * Get login class name. 179 */ 180 #ifndef _SYS_SYSPROTO_H_ 181 struct getloginclass_args { 182 char *namebuf; 183 size_t namelen; 184 }; 185 #endif 186 /* ARGSUSED */ 187 int 188 sys_getloginclass(struct thread *td, struct getloginclass_args *uap) 189 { 190 struct loginclass *lc; 191 size_t lcnamelen; 192 193 lc = td->td_ucred->cr_loginclass; 194 lcnamelen = strlen(lc->lc_name) + 1; 195 if (lcnamelen > uap->namelen) 196 return (ERANGE); 197 return (copyout(lc->lc_name, uap->namebuf, lcnamelen)); 198 } 199 200 /* 201 * Set login class name. 202 */ 203 #ifndef _SYS_SYSPROTO_H_ 204 struct setloginclass_args { 205 const char *namebuf; 206 }; 207 #endif 208 /* ARGSUSED */ 209 int 210 sys_setloginclass(struct thread *td, struct setloginclass_args *uap) 211 { 212 struct proc *p = td->td_proc; 213 int error; 214 char lcname[MAXLOGNAME]; 215 struct loginclass *newlc; 216 struct ucred *newcred, *oldcred; 217 218 error = priv_check(td, PRIV_PROC_SETLOGINCLASS); 219 if (error != 0) 220 return (error); 221 error = copyinstr(uap->namebuf, lcname, sizeof(lcname), NULL); 222 if (error != 0) 223 return (error); 224 225 newlc = loginclass_find(lcname); 226 if (newlc == NULL) 227 return (EINVAL); 228 newcred = crget(); 229 230 PROC_LOCK(p); 231 oldcred = crcopysafe(p, newcred); 232 newcred->cr_loginclass = newlc; 233 proc_set_cred(p, newcred); 234 #ifdef RACCT 235 racct_proc_ucred_changed(p, oldcred, newcred); 236 crhold(newcred); 237 #endif 238 PROC_UNLOCK(p); 239 #ifdef RCTL 240 rctl_proc_ucred_changed(p, newcred); 241 crfree(newcred); 242 #endif 243 loginclass_free(oldcred->cr_loginclass); 244 crfree(oldcred); 245 246 return (0); 247 } 248 249 void 250 loginclass_racct_foreach(void (*callback)(struct racct *racct, 251 void *arg2, void *arg3), void (*pre)(void), void (*post)(void), 252 void *arg2, void *arg3) 253 { 254 struct loginclass *lc; 255 256 rw_rlock(&loginclasses_lock); 257 if (pre != NULL) 258 (pre)(); 259 LIST_FOREACH(lc, &loginclasses, lc_next) 260 (callback)(lc->lc_racct, arg2, arg3); 261 if (post != NULL) 262 (post)(); 263 rw_runlock(&loginclasses_lock); 264 }
Cache object: 6c05969ba99268ebe5f179b1e731ad17
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]