kern_acct.c revision 150419
1/*- 2 * Copyright (c) 1994 Christopher G. Demetriou 3 * Copyright (c) 1982, 1986, 1989, 1993 4 * The Regents of the University of California. All rights reserved. 5 * (c) UNIX System Laboratories, Inc. 6 * All or some portions of this file are derived from material licensed 7 * to the University of California by American Telephone and Telegraph 8 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 9 * the permission of UNIX System Laboratories, Inc. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. All advertising materials mentioning features or use of this software 20 * must display the following acknowledgement: 21 * This product includes software developed by the University of 22 * California, Berkeley and its contributors. 23 * 4. Neither the name of the University nor the names of its contributors 24 * may be used to endorse or promote products derived from this software 25 * without specific prior written permission. 26 * 27 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * @(#)kern_acct.c 8.1 (Berkeley) 6/14/93 40 */ 41 42#include <sys/cdefs.h> 43__FBSDID("$FreeBSD: head/sys/kern/kern_acct.c 150419 2005-09-21 15:28:07Z rwatson $"); 44 45#include "opt_mac.h" 46 47#include <sys/param.h> 48#include <sys/systm.h> 49#include <sys/lock.h> 50#include <sys/mutex.h> 51#include <sys/sysproto.h> 52#include <sys/proc.h> 53#include <sys/mac.h> 54#include <sys/mount.h> 55#include <sys/vnode.h> 56#include <sys/fcntl.h> 57#include <sys/syslog.h> 58#include <sys/kernel.h> 59#include <sys/sysent.h> 60#include <sys/sysctl.h> 61#include <sys/namei.h> 62#include <sys/acct.h> 63#include <sys/resourcevar.h> 64#include <sys/tty.h> 65 66/* 67 * The routines implemented in this file are described in: 68 * Leffler, et al.: The Design and Implementation of the 4.3BSD 69 * UNIX Operating System (Addison Welley, 1989) 70 * on pages 62-63. 71 * 72 * Arguably, to simplify accounting operations, this mechanism should 73 * be replaced by one in which an accounting log file (similar to /dev/klog) 74 * is read by a user process, etc. However, that has its own problems. 75 */ 76 77/* 78 * Internal accounting functions. 79 * The former's operation is described in Leffler, et al., and the latter 80 * was provided by UCB with the 4.4BSD-Lite release 81 */ 82static comp_t encode_comp_t(u_long, u_long); 83static void acctwatch(void *); 84 85/* 86 * Accounting callout used for periodic scheduling of acctwatch. 87 */ 88static struct callout acctwatch_callout; 89 90/* 91 * Accounting vnode pointer, saved vnode pointer, and flags for each. 92 */ 93static struct vnode *acctp; 94static struct ucred *acctcred; 95static int acctflags; 96static struct vnode *savacctp; 97static struct ucred *savacctcred; 98static int savacctflags; 99 100static struct mtx acct_mtx; 101MTX_SYSINIT(acct, &acct_mtx, "accounting", MTX_DEF); 102 103/* 104 * Values associated with enabling and disabling accounting 105 */ 106static int acctsuspend = 2; /* stop accounting when < 2% free space left */ 107SYSCTL_INT(_kern, OID_AUTO, acct_suspend, CTLFLAG_RW, 108 &acctsuspend, 0, "percentage of free disk space below which accounting stops"); 109 110static int acctresume = 4; /* resume when free space risen to > 4% */ 111SYSCTL_INT(_kern, OID_AUTO, acct_resume, CTLFLAG_RW, 112 &acctresume, 0, "percentage of free disk space above which accounting resumes"); 113 114static int acctchkfreq = 15; /* frequency (in seconds) to check space */ 115SYSCTL_INT(_kern, OID_AUTO, acct_chkfreq, CTLFLAG_RW, 116 &acctchkfreq, 0, "frequency for checking the free space"); 117 118/* 119 * Accounting system call. Written based on the specification and 120 * previous implementation done by Mark Tinguely. 121 * 122 * MPSAFE 123 */ 124int 125acct(td, uap) 126 struct thread *td; 127 struct acct_args /* { 128 char *path; 129 } */ *uap; 130{ 131 struct nameidata nd; 132 int error, flags; 133 134 /* Make sure that the caller is root. */ 135 error = suser(td); 136 if (error) 137 return (error); 138 139 mtx_lock(&Giant); 140 141 /* 142 * If accounting is to be started to a file, open that file for 143 * appending and make sure it's a 'normal'. 144 */ 145 if (uap->path != NULL) { 146 NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td); 147 flags = FWRITE | O_APPEND; 148 error = vn_open(&nd, &flags, 0, -1); 149 if (error) 150 goto done2; 151 NDFREE(&nd, NDF_ONLY_PNBUF); 152#ifdef MAC 153 error = mac_check_system_acct(td->td_ucred, nd.ni_vp); 154 if (error) { 155 VOP_UNLOCK(nd.ni_vp, 0, td); 156 vn_close(nd.ni_vp, flags, td->td_ucred, td); 157 goto done2; 158 } 159#endif 160 VOP_UNLOCK(nd.ni_vp, 0, td); 161 if (nd.ni_vp->v_type != VREG) { 162 vn_close(nd.ni_vp, flags, td->td_ucred, td); 163 error = EACCES; 164 goto done2; 165 } 166#ifdef MAC 167 } else { 168 error = mac_check_system_acct(td->td_ucred, NULL); 169 if (error) 170 goto done2; 171#endif 172 } 173 174 mtx_lock(&acct_mtx); 175 176 /* 177 * If accounting was previously enabled, kill the old space-watcher, 178 * close the file, and (if no new file was specified, leave). 179 * 180 * XXX arr: should not hold lock over vnode operation. 181 */ 182 if (acctp != NULLVP || savacctp != NULLVP) { 183 callout_stop(&acctwatch_callout); 184 error = vn_close((acctp != NULLVP ? acctp : savacctp), 185 (acctp != NULLVP ? acctflags : savacctflags), 186 (acctcred != NOCRED ? acctcred : savacctcred), td); 187 acctp = savacctp = NULLVP; 188 crfree(acctcred != NOCRED ? acctcred : savacctcred); 189 acctcred = savacctcred = NOCRED; 190 log(LOG_NOTICE, "Accounting disabled\n"); 191 } 192 if (uap->path == NULL) { 193 mtx_unlock(&acct_mtx); 194 goto done2; 195 } 196 197 /* 198 * Save the new accounting file vnode, and schedule the new 199 * free space watcher. 200 */ 201 acctp = nd.ni_vp; 202 acctcred = crhold(td->td_ucred); 203 acctflags = flags; 204 callout_init(&acctwatch_callout, 0); 205 mtx_unlock(&acct_mtx); 206 log(LOG_NOTICE, "Accounting enabled\n"); 207 acctwatch(NULL); 208 209done2: 210 mtx_unlock(&Giant); 211 return (error); 212} 213 214/* 215 * Write out process accounting information, on process exit. 216 * Data to be written out is specified in Leffler, et al. 217 * and are enumerated below. (They're also noted in the system 218 * "acct.h" header file.) 219 */ 220int 221acct_process(td) 222 struct thread *td; 223{ 224 struct acct acct; 225 struct timeval ut, st, tmp; 226 struct plimit *newlim, *oldlim; 227 struct proc *p; 228 struct rusage *r; 229 struct ucred *uc; 230 struct vnode *vp; 231 int t, ret; 232 233 /* 234 * Lockless check of accounting condition before doing the hard 235 * work. 236 */ 237 if (acctp == NULLVP) 238 return (0); 239 240 mtx_lock(&acct_mtx); 241 242 /* 243 * If accounting isn't enabled, don't bother. Have to check again 244 * once we own the lock in case we raced with disabling of accounting 245 * by another thread. 246 */ 247 vp = acctp; 248 if (vp == NULLVP) { 249 mtx_unlock(&acct_mtx); 250 return (0); 251 } 252 253 p = td->td_proc; 254 255 /* 256 * Get process accounting information. 257 */ 258 259 PROC_LOCK(p); 260 /* (1) The name of the command that ran */ 261 bcopy(p->p_comm, acct.ac_comm, sizeof acct.ac_comm); 262 263 /* (2) The amount of user and system time that was used */ 264 calcru(p, &ut, &st); 265 acct.ac_utime = encode_comp_t(ut.tv_sec, ut.tv_usec); 266 acct.ac_stime = encode_comp_t(st.tv_sec, st.tv_usec); 267 268 /* (3) The elapsed time the command ran (and its starting time) */ 269 tmp = boottime; 270 timevaladd(&tmp, &p->p_stats->p_start); 271 acct.ac_btime = tmp.tv_sec; 272 microuptime(&tmp); 273 timevalsub(&tmp, &p->p_stats->p_start); 274 acct.ac_etime = encode_comp_t(tmp.tv_sec, tmp.tv_usec); 275 276 /* (4) The average amount of memory used */ 277 r = &p->p_stats->p_ru; 278 tmp = ut; 279 timevaladd(&tmp, &st); 280 t = tmp.tv_sec * hz + tmp.tv_usec / tick; 281 if (t) 282 acct.ac_mem = (r->ru_ixrss + r->ru_idrss + r->ru_isrss) / t; 283 else 284 acct.ac_mem = 0; 285 286 /* (5) The number of disk I/O operations done */ 287 acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); 288 289 /* (6) The UID and GID of the process */ 290 acct.ac_uid = p->p_ucred->cr_ruid; 291 acct.ac_gid = p->p_ucred->cr_rgid; 292 293 /* (7) The terminal from which the process was started */ 294 SESS_LOCK(p->p_session); 295 if ((p->p_flag & P_CONTROLT) && p->p_pgrp->pg_session->s_ttyp) 296 acct.ac_tty = dev2udev(p->p_pgrp->pg_session->s_ttyp->t_dev); 297 else 298 acct.ac_tty = NODEV; 299 SESS_UNLOCK(p->p_session); 300 301 /* (8) The boolean flags that tell how the process terminated, etc. */ 302 acct.ac_flag = p->p_acflag; 303 PROC_UNLOCK(p); 304 305 /* 306 * Finish doing things that require acct_mtx, and release acct_mtx. 307 */ 308 uc = crhold(acctcred); 309 vref(vp); 310 mtx_unlock(&acct_mtx); 311 312 /* 313 * Eliminate any file size rlimit. 314 */ 315 newlim = lim_alloc(); 316 PROC_LOCK(p); 317 oldlim = p->p_limit; 318 lim_copy(newlim, oldlim); 319 newlim->pl_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; 320 p->p_limit = newlim; 321 PROC_UNLOCK(p); 322 lim_free(oldlim); 323 324 /* 325 * Write the accounting information to the file. 326 */ 327 VOP_LEASE(vp, td, uc, LEASE_WRITE); 328 ret = vn_rdwr(UIO_WRITE, vp, (caddr_t)&acct, sizeof (acct), 329 (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, uc, NOCRED, 330 (int *)0, td); 331 vrele(vp); 332 crfree(uc); 333 return (ret); 334} 335 336/* 337 * Encode_comp_t converts from ticks in seconds and microseconds 338 * to ticks in 1/AHZ seconds. The encoding is described in 339 * Leffler, et al., on page 63. 340 */ 341 342#define MANTSIZE 13 /* 13 bit mantissa. */ 343#define EXPSIZE 3 /* Base 8 (3 bit) exponent. */ 344#define MAXFRACT ((1 << MANTSIZE) - 1) /* Maximum fractional value. */ 345 346static comp_t 347encode_comp_t(s, us) 348 u_long s, us; 349{ 350 int exp, rnd; 351 352 exp = 0; 353 rnd = 0; 354 s *= AHZ; 355 s += us / (1000000 / AHZ); /* Maximize precision. */ 356 357 while (s > MAXFRACT) { 358 rnd = s & (1 << (EXPSIZE - 1)); /* Round up? */ 359 s >>= EXPSIZE; /* Base 8 exponent == 3 bit shift. */ 360 exp++; 361 } 362 363 /* If we need to round up, do it (and handle overflow correctly). */ 364 if (rnd && (++s > MAXFRACT)) { 365 s >>= EXPSIZE; 366 exp++; 367 } 368 369 /* Clean it up and polish it off. */ 370 exp <<= MANTSIZE; /* Shift the exponent into place */ 371 exp += s; /* and add on the mantissa. */ 372 return (exp); 373} 374 375/* 376 * Periodically check the filesystem to see if accounting 377 * should be turned on or off. Beware the case where the vnode 378 * has been vgone()'d out from underneath us, e.g. when the file 379 * system containing the accounting file has been forcibly unmounted. 380 */ 381/* ARGSUSED */ 382static void 383acctwatch(a) 384 void *a; 385{ 386 struct statfs sb; 387 388 mtx_lock(&acct_mtx); 389 390 /* 391 * XXX arr: need to fix the issue of holding acct_mtx over 392 * the below vnode operations. 393 */ 394 if (savacctp != NULLVP) { 395 if (savacctp->v_type == VBAD) { 396 (void) vn_close(savacctp, savacctflags, savacctcred, 397 NULL); 398 savacctp = NULLVP; 399 savacctcred = NOCRED; 400 mtx_unlock(&acct_mtx); 401 return; 402 } 403 (void)VFS_STATFS(savacctp->v_mount, &sb, curthread); 404 if (sb.f_bavail > acctresume * sb.f_blocks / 100) { 405 acctp = savacctp; 406 acctcred = savacctcred; 407 acctflags = savacctflags; 408 savacctp = NULLVP; 409 savacctcred = NOCRED; 410 log(LOG_NOTICE, "Accounting resumed\n"); 411 } 412 } else { 413 if (acctp == NULLVP) { 414 mtx_unlock(&acct_mtx); 415 return; 416 } 417 if (acctp->v_type == VBAD) { 418 (void) vn_close(acctp, acctflags, acctcred, NULL); 419 acctp = NULLVP; 420 crfree(acctcred); 421 acctcred = NOCRED; 422 mtx_unlock(&acct_mtx); 423 return; 424 } 425 (void)VFS_STATFS(acctp->v_mount, &sb, curthread); 426 if (sb.f_bavail <= acctsuspend * sb.f_blocks / 100) { 427 savacctp = acctp; 428 savacctflags = acctflags; 429 savacctcred = acctcred; 430 acctp = NULLVP; 431 acctcred = NOCRED; 432 log(LOG_NOTICE, "Accounting suspended\n"); 433 } 434 } 435 callout_reset(&acctwatch_callout, acctchkfreq * hz, acctwatch, NULL); 436 mtx_unlock(&acct_mtx); 437} 438