kern_acct.c revision 172836
1219820Sjeff/*- 2219820Sjeff * Copyright (c) 1982, 1986, 1989, 1993 3219820Sjeff * The Regents of the University of California. All rights reserved. 4219820Sjeff * (c) UNIX System Laboratories, Inc. 5219820Sjeff * Copyright (c) 2005 Robert N. M. Watson 6219820Sjeff * All rights reserved. 7219820Sjeff * 8219820Sjeff * All or some portions of this file are derived from material licensed 9219820Sjeff * to the University of California by American Telephone and Telegraph 10219820Sjeff * Co. or Unix System Laboratories, Inc. and are reproduced herein with 11219820Sjeff * the permission of UNIX System Laboratories, Inc. 12219820Sjeff * 13219820Sjeff * Redistribution and use in source and binary forms, with or without 14219820Sjeff * modification, are permitted provided that the following conditions 15219820Sjeff * are met: 16219820Sjeff * 1. Redistributions of source code must retain the above copyright 17219820Sjeff * notice, this list of conditions and the following disclaimer. 18219820Sjeff * 2. Redistributions in binary form must reproduce the above copyright 19219820Sjeff * notice, this list of conditions and the following disclaimer in the 20219820Sjeff * documentation and/or other materials provided with the distribution. 21219820Sjeff * 4. Neither the name of the University nor the names of its contributors 22219820Sjeff * may be used to endorse or promote products derived from this software 23219820Sjeff * without specific prior written permission. 24219820Sjeff * 25219820Sjeff * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 26219820Sjeff * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27219820Sjeff * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28219820Sjeff * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 29219820Sjeff * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30219820Sjeff * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31219820Sjeff * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32219820Sjeff * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33219820Sjeff * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34219820Sjeff * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35219820Sjeff * SUCH DAMAGE. 36219820Sjeff * 37219820Sjeff * Copyright (c) 1994 Christopher G. Demetriou 38219820Sjeff * 39219820Sjeff * Redistribution and use in source and binary forms, with or without 40219820Sjeff * modification, are permitted provided that the following conditions 41219820Sjeff * are met: 42219820Sjeff * 1. Redistributions of source code must retain the above copyright 43219820Sjeff * notice, this list of conditions and the following disclaimer. 44219820Sjeff * 2. Redistributions in binary form must reproduce the above copyright 45219820Sjeff * notice, this list of conditions and the following disclaimer in the 46219820Sjeff * documentation and/or other materials provided with the distribution. 47219820Sjeff * 3. All advertising materials mentioning features or use of this software 48219820Sjeff * must display the following acknowledgement: 49219820Sjeff * This product includes software developed by the University of 50219820Sjeff * California, Berkeley and its contributors. 51219820Sjeff * 4. Neither the name of the University nor the names of its contributors 52219820Sjeff * may be used to endorse or promote products derived from this software 53219820Sjeff * without specific prior written permission. 54219820Sjeff * 55219820Sjeff * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 56219820Sjeff * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 57219820Sjeff * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 58219820Sjeff * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 59219820Sjeff * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 60219820Sjeff * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 61219820Sjeff * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 62219820Sjeff * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 63219820Sjeff * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 64219820Sjeff * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 65219820Sjeff * SUCH DAMAGE. 66219820Sjeff * 67219820Sjeff * @(#)kern_acct.c 8.1 (Berkeley) 6/14/93 68219820Sjeff */ 69219820Sjeff 70219820Sjeff#include <sys/cdefs.h> 71219820Sjeff__FBSDID("$FreeBSD: head/sys/kern/kern_acct.c 172836 2007-10-20 23:23:23Z julian $"); 72219820Sjeff 73219820Sjeff#include "opt_mac.h" 74219820Sjeff 75219820Sjeff#include <sys/param.h> 76219820Sjeff#include <sys/systm.h> 77219820Sjeff#include <sys/acct.h> 78219820Sjeff#include <sys/fcntl.h> 79219820Sjeff#include <sys/kernel.h> 80219820Sjeff#include <sys/kthread.h> 81219820Sjeff#include <sys/limits.h> 82219820Sjeff#include <sys/lock.h> 83219820Sjeff#include <sys/mount.h> 84219820Sjeff#include <sys/mutex.h> 85219820Sjeff#include <sys/namei.h> 86219820Sjeff#include <sys/priv.h> 87219820Sjeff#include <sys/proc.h> 88219820Sjeff#include <sys/resourcevar.h> 89219820Sjeff#include <sys/sched.h> 90219820Sjeff#include <sys/sx.h> 91219820Sjeff#include <sys/sysctl.h> 92219820Sjeff#include <sys/sysent.h> 93219820Sjeff#include <sys/syslog.h> 94219820Sjeff#include <sys/sysproto.h> 95219820Sjeff#include <sys/tty.h> 96219820Sjeff#include <sys/vnode.h> 97219820Sjeff 98219820Sjeff#include <security/mac/mac_framework.h> 99219820Sjeff 100219820Sjeff/* 101219820Sjeff * The routines implemented in this file are described in: 102219820Sjeff * Leffler, et al.: The Design and Implementation of the 4.3BSD 103219820Sjeff * UNIX Operating System (Addison Welley, 1989) 104219820Sjeff * on pages 62-63. 105219820Sjeff * On May 2007 the historic 3 bits base 8 exponent, 13 bit fraction 106219820Sjeff * compt_t representation described in the above reference was replaced 107219820Sjeff * with that of IEEE-754 floats. 108219820Sjeff * 109219820Sjeff * Arguably, to simplify accounting operations, this mechanism should 110219820Sjeff * be replaced by one in which an accounting log file (similar to /dev/klog) 111219820Sjeff * is read by a user process, etc. However, that has its own problems. 112219820Sjeff */ 113219820Sjeff 114219820Sjeff/* Floating point definitions from <float.h>. */ 115219820Sjeff#define FLT_MANT_DIG 24 /* p */ 116219820Sjeff#define FLT_MAX_EXP 128 /* emax */ 117219820Sjeff 118219820Sjeff/* 119219820Sjeff * Internal accounting functions. 120219820Sjeff * The former's operation is described in Leffler, et al., and the latter 121219820Sjeff * was provided by UCB with the 4.4BSD-Lite release 122219820Sjeff */ 123219820Sjeffstatic uint32_t encode_timeval(struct timeval); 124219820Sjeffstatic uint32_t encode_long(long); 125219820Sjeffstatic void acctwatch(void); 126219820Sjeffstatic void acct_thread(void *); 127219820Sjeffstatic int acct_disable(struct thread *); 128219820Sjeff 129219820Sjeff/* 130219820Sjeff * Accounting vnode pointer, saved vnode pointer, and flags for each. 131219820Sjeff * acct_sx protects against changes to the active vnode and credentials 132219820Sjeff * while accounting records are being committed to disk. 133219820Sjeff */ 134219820Sjeffstatic int acct_configured; 135219820Sjeffstatic int acct_suspended; 136219820Sjeffstatic struct vnode *acct_vp; 137219820Sjeffstatic struct ucred *acct_cred; 138219820Sjeffstatic int acct_flags; 139219820Sjeffstatic struct sx acct_sx; 140219820Sjeff 141219820SjeffSX_SYSINIT(acct, &acct_sx, "acct_sx"); 142219820Sjeff 143219820Sjeff/* 144219820Sjeff * State of the accounting kthread. 145219820Sjeff */ 146219820Sjeffstatic int acct_state; 147219820Sjeff 148219820Sjeff#define ACCT_RUNNING 1 /* Accounting kthread is running. */ 149219820Sjeff#define ACCT_EXITREQ 2 /* Accounting kthread should exit. */ 150219820Sjeff 151219820Sjeff/* 152219820Sjeff * Values associated with enabling and disabling accounting 153219820Sjeff */ 154219820Sjeffstatic int acctsuspend = 2; /* stop accounting when < 2% free space left */ 155219820SjeffSYSCTL_INT(_kern, OID_AUTO, acct_suspend, CTLFLAG_RW, 156219820Sjeff &acctsuspend, 0, "percentage of free disk space below which accounting stops"); 157219820Sjeff 158219820Sjeffstatic int acctresume = 4; /* resume when free space risen to > 4% */ 159219820SjeffSYSCTL_INT(_kern, OID_AUTO, acct_resume, CTLFLAG_RW, 160219820Sjeff &acctresume, 0, "percentage of free disk space above which accounting resumes"); 161219820Sjeff 162219820Sjeffstatic int acctchkfreq = 15; /* frequency (in seconds) to check space */ 163219820Sjeff 164219820Sjeffstatic int 165219820Sjeffsysctl_acct_chkfreq(SYSCTL_HANDLER_ARGS) 166219820Sjeff{ 167219820Sjeff int error, value; 168219820Sjeff 169219820Sjeff /* Write out the old value. */ 170219820Sjeff error = SYSCTL_OUT(req, &acctchkfreq, sizeof(int)); 171219820Sjeff if (error || req->newptr == NULL) 172219820Sjeff return (error); 173219820Sjeff 174219820Sjeff /* Read in and verify the new value. */ 175219820Sjeff error = SYSCTL_IN(req, &value, sizeof(int)); 176219820Sjeff if (error) 177219820Sjeff return (error); 178219820Sjeff if (value <= 0) 179219820Sjeff return (EINVAL); 180219820Sjeff acctchkfreq = value; 181219820Sjeff return (0); 182219820Sjeff} 183219820SjeffSYSCTL_PROC(_kern, OID_AUTO, acct_chkfreq, CTLTYPE_INT|CTLFLAG_RW, 184219820Sjeff &acctchkfreq, 0, sysctl_acct_chkfreq, "I", 185219820Sjeff "frequency for checking the free space"); 186219820Sjeff 187219820SjeffSYSCTL_INT(_kern, OID_AUTO, acct_configured, CTLFLAG_RD, &acct_configured, 0, 188219820Sjeff "Accounting configured or not"); 189219820Sjeff 190219820SjeffSYSCTL_INT(_kern, OID_AUTO, acct_suspended, CTLFLAG_RD, &acct_suspended, 0, 191219820Sjeff "Accounting suspended or not"); 192219820Sjeff 193219820Sjeff/* 194219820Sjeff * Accounting system call. Written based on the specification and previous 195219820Sjeff * implementation done by Mark Tinguely. 196219820Sjeff */ 197219820Sjeffint 198219820Sjeffacct(struct thread *td, struct acct_args *uap) 199219820Sjeff{ 200219820Sjeff struct nameidata nd; 201219820Sjeff int error, flags, vfslocked; 202219820Sjeff 203219820Sjeff error = priv_check(td, PRIV_ACCT); 204219820Sjeff if (error) 205219820Sjeff return (error); 206219820Sjeff 207219820Sjeff /* 208219820Sjeff * If accounting is to be started to a file, open that file for 209219820Sjeff * appending and make sure it's a 'normal'. 210219820Sjeff */ 211219820Sjeff if (uap->path != NULL) { 212219820Sjeff NDINIT(&nd, LOOKUP, NOFOLLOW | MPSAFE | AUDITVNODE1, 213219820Sjeff UIO_USERSPACE, uap->path, td); 214219820Sjeff flags = FWRITE | O_APPEND; 215219820Sjeff error = vn_open(&nd, &flags, 0, NULL); 216219820Sjeff if (error) 217219820Sjeff return (error); 218219820Sjeff vfslocked = NDHASGIANT(&nd); 219219820Sjeff NDFREE(&nd, NDF_ONLY_PNBUF); 220219820Sjeff#ifdef MAC 221219820Sjeff error = mac_check_system_acct(td->td_ucred, nd.ni_vp); 222219820Sjeff if (error) { 223219820Sjeff VOP_UNLOCK(nd.ni_vp, 0, td); 224219820Sjeff vn_close(nd.ni_vp, flags, td->td_ucred, td); 225219820Sjeff VFS_UNLOCK_GIANT(vfslocked); 226219820Sjeff return (error); 227219820Sjeff } 228219820Sjeff#endif 229219820Sjeff VOP_UNLOCK(nd.ni_vp, 0, td); 230219820Sjeff if (nd.ni_vp->v_type != VREG) { 231219820Sjeff vn_close(nd.ni_vp, flags, td->td_ucred, td); 232219820Sjeff VFS_UNLOCK_GIANT(vfslocked); 233219820Sjeff return (EACCES); 234219820Sjeff } 235219820Sjeff VFS_UNLOCK_GIANT(vfslocked); 236219820Sjeff#ifdef MAC 237219820Sjeff } else { 238219820Sjeff error = mac_check_system_acct(td->td_ucred, NULL); 239219820Sjeff if (error) 240219820Sjeff return (error); 241219820Sjeff#endif 242219820Sjeff } 243219820Sjeff 244219820Sjeff /* 245219820Sjeff * Disallow concurrent access to the accounting vnode while we swap 246219820Sjeff * it out, in order to prevent access after close. 247219820Sjeff */ 248219820Sjeff sx_xlock(&acct_sx); 249219820Sjeff 250219820Sjeff /* 251219820Sjeff * If accounting was previously enabled, kill the old space-watcher, 252219820Sjeff * close the file, and (if no new file was specified, leave). Reset 253219820Sjeff * the suspended state regardless of whether accounting remains 254219820Sjeff * enabled. 255219820Sjeff */ 256219820Sjeff acct_suspended = 0; 257219820Sjeff if (acct_vp != NULL) { 258219820Sjeff vfslocked = VFS_LOCK_GIANT(acct_vp->v_mount); 259219820Sjeff error = acct_disable(td); 260219820Sjeff VFS_UNLOCK_GIANT(vfslocked); 261219820Sjeff } 262219820Sjeff if (uap->path == NULL) { 263219820Sjeff if (acct_state & ACCT_RUNNING) { 264219820Sjeff acct_state |= ACCT_EXITREQ; 265219820Sjeff wakeup(&acct_state); 266219820Sjeff } 267219820Sjeff sx_xunlock(&acct_sx); 268219820Sjeff return (error); 269219820Sjeff } 270219820Sjeff 271219820Sjeff /* 272219820Sjeff * Save the new accounting file vnode, and schedule the new 273219820Sjeff * free space watcher. 274219820Sjeff */ 275219820Sjeff acct_vp = nd.ni_vp; 276219820Sjeff acct_cred = crhold(td->td_ucred); 277219820Sjeff acct_flags = flags; 278219820Sjeff if (acct_state & ACCT_RUNNING) 279219820Sjeff acct_state &= ~ACCT_EXITREQ; 280219820Sjeff else { 281219820Sjeff /* 282219820Sjeff * Try to start up an accounting kthread. We may start more 283219820Sjeff * than one, but if so the extras will commit suicide as 284219820Sjeff * soon as they start up. 285219820Sjeff */ 286219820Sjeff error = kproc_create(acct_thread, NULL, NULL, 0, 0, 287219820Sjeff "accounting"); 288219820Sjeff if (error) { 289219820Sjeff vfslocked = VFS_LOCK_GIANT(acct_vp->v_mount); 290219820Sjeff (void) vn_close(acct_vp, acct_flags, acct_cred, td); 291219820Sjeff VFS_UNLOCK_GIANT(vfslocked); 292219820Sjeff crfree(acct_cred); 293219820Sjeff acct_configured = 0; 294219820Sjeff acct_vp = NULL; 295219820Sjeff acct_cred = NULL; 296219820Sjeff acct_flags = 0; 297219820Sjeff sx_xunlock(&acct_sx); 298219820Sjeff log(LOG_NOTICE, "Unable to start accounting thread\n"); 299219820Sjeff return (error); 300219820Sjeff } 301219820Sjeff } 302219820Sjeff acct_configured = 1; 303219820Sjeff sx_xunlock(&acct_sx); 304219820Sjeff log(LOG_NOTICE, "Accounting enabled\n"); 305219820Sjeff return (error); 306219820Sjeff} 307219820Sjeff 308219820Sjeff/* 309219820Sjeff * Disable currently in-progress accounting by closing the vnode, dropping 310219820Sjeff * our reference to the credential, and clearing the vnode's flags. 311219820Sjeff */ 312219820Sjeffstatic int 313219820Sjeffacct_disable(struct thread *td) 314219820Sjeff{ 315219820Sjeff int error; 316219820Sjeff 317219820Sjeff sx_assert(&acct_sx, SX_XLOCKED); 318219820Sjeff error = vn_close(acct_vp, acct_flags, acct_cred, td); 319219820Sjeff crfree(acct_cred); 320219820Sjeff acct_configured = 0; 321219820Sjeff acct_vp = NULL; 322219820Sjeff acct_cred = NULL; 323219820Sjeff acct_flags = 0; 324219820Sjeff log(LOG_NOTICE, "Accounting disabled\n"); 325219820Sjeff return (error); 326219820Sjeff} 327219820Sjeff 328219820Sjeff/* 329219820Sjeff * Write out process accounting information, on process exit. 330219820Sjeff * Data to be written out is specified in Leffler, et al. 331219820Sjeff * and are enumerated below. (They're also noted in the system 332219820Sjeff * "acct.h" header file.) 333219820Sjeff */ 334219820Sjeffint 335219820Sjeffacct_process(struct thread *td) 336219820Sjeff{ 337219820Sjeff struct acctv2 acct; 338219820Sjeff struct timeval ut, st, tmp; 339219820Sjeff struct plimit *newlim, *oldlim; 340219820Sjeff struct proc *p; 341219820Sjeff struct rusage ru; 342219820Sjeff int t, ret, vfslocked; 343219820Sjeff 344219820Sjeff /* 345219820Sjeff * Lockless check of accounting condition before doing the hard 346219820Sjeff * work. 347219820Sjeff */ 348219820Sjeff if (acct_vp == NULL || acct_suspended) 349219820Sjeff return (0); 350219820Sjeff 351219820Sjeff sx_slock(&acct_sx); 352219820Sjeff 353219820Sjeff /* 354219820Sjeff * If accounting isn't enabled, don't bother. Have to check again 355219820Sjeff * once we own the lock in case we raced with disabling of accounting 356219820Sjeff * by another thread. 357219820Sjeff */ 358219820Sjeff if (acct_vp == NULL || acct_suspended) { 359219820Sjeff sx_sunlock(&acct_sx); 360219820Sjeff return (0); 361219820Sjeff } 362219820Sjeff 363219820Sjeff p = td->td_proc; 364219820Sjeff 365219820Sjeff /* 366219820Sjeff * Get process accounting information. 367219820Sjeff */ 368219820Sjeff 369219820Sjeff PROC_LOCK(p); 370219820Sjeff /* (1) The name of the command that ran */ 371219820Sjeff bcopy(p->p_comm, acct.ac_comm, sizeof acct.ac_comm); 372219820Sjeff 373219820Sjeff /* (2) The amount of user and system time that was used */ 374219820Sjeff rufetchcalc(p, &ru, &ut, &st); 375219820Sjeff acct.ac_utime = encode_timeval(ut); 376219820Sjeff acct.ac_stime = encode_timeval(st); 377219820Sjeff 378219820Sjeff /* (3) The elapsed time the command ran (and its starting time) */ 379219820Sjeff tmp = boottime; 380219820Sjeff timevaladd(&tmp, &p->p_stats->p_start); 381219820Sjeff acct.ac_btime = tmp.tv_sec; 382219820Sjeff microuptime(&tmp); 383219820Sjeff timevalsub(&tmp, &p->p_stats->p_start); 384219820Sjeff acct.ac_etime = encode_timeval(tmp); 385219820Sjeff 386219820Sjeff /* (4) The average amount of memory used */ 387 tmp = ut; 388 timevaladd(&tmp, &st); 389 /* Convert tmp (i.e. u + s) into hz units to match ru_i*. */ 390 t = tmp.tv_sec * hz + tmp.tv_usec / tick; 391 if (t) 392 acct.ac_mem = encode_long((ru.ru_ixrss + ru.ru_idrss + 393 + ru.ru_isrss) / t); 394 else 395 acct.ac_mem = 0; 396 397 /* (5) The number of disk I/O operations done */ 398 acct.ac_io = encode_long(ru.ru_inblock + ru.ru_oublock); 399 400 /* (6) The UID and GID of the process */ 401 acct.ac_uid = p->p_ucred->cr_ruid; 402 acct.ac_gid = p->p_ucred->cr_rgid; 403 404 /* (7) The terminal from which the process was started */ 405 SESS_LOCK(p->p_session); 406 if ((p->p_flag & P_CONTROLT) && p->p_pgrp->pg_session->s_ttyp) 407 acct.ac_tty = dev2udev(p->p_pgrp->pg_session->s_ttyp->t_dev); 408 else 409 acct.ac_tty = NODEV; 410 SESS_UNLOCK(p->p_session); 411 412 /* (8) The boolean flags that tell how the process terminated, etc. */ 413 acct.ac_flagx = p->p_acflag; 414 PROC_UNLOCK(p); 415 416 /* Setup ancillary structure fields. */ 417 acct.ac_flagx |= ANVER; 418 acct.ac_zero = 0; 419 acct.ac_version = 2; 420 acct.ac_len = acct.ac_len2 = sizeof(acct); 421 422 /* 423 * Eliminate any file size rlimit. 424 */ 425 newlim = lim_alloc(); 426 PROC_LOCK(p); 427 oldlim = p->p_limit; 428 lim_copy(newlim, oldlim); 429 newlim->pl_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; 430 p->p_limit = newlim; 431 PROC_UNLOCK(p); 432 lim_free(oldlim); 433 434 /* 435 * Write the accounting information to the file. 436 */ 437 vfslocked = VFS_LOCK_GIANT(acct_vp->v_mount); 438 VOP_LEASE(acct_vp, td, acct_cred, LEASE_WRITE); 439 ret = vn_rdwr(UIO_WRITE, acct_vp, (caddr_t)&acct, sizeof (acct), 440 (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, acct_cred, NOCRED, 441 (int *)0, td); 442 VFS_UNLOCK_GIANT(vfslocked); 443 sx_sunlock(&acct_sx); 444 return (ret); 445} 446 447/* FLOAT_CONVERSION_START (Regression testing; don't remove this line.) */ 448 449/* Convert timevals and longs into IEEE-754 bit patterns. */ 450 451/* Mantissa mask (MSB is implied, so subtract 1). */ 452#define MANT_MASK ((1 << (FLT_MANT_DIG - 1)) - 1) 453 454/* 455 * We calculate integer values to a precision of approximately 456 * 28 bits. 457 * This is high-enough precision to fill the 24 float bits 458 * and low-enough to avoid overflowing the 32 int bits. 459 */ 460#define CALC_BITS 28 461 462/* log_2(1000000). */ 463#define LOG2_1M 20 464 465/* 466 * Convert the elements of a timeval into a 32-bit word holding 467 * the bits of a IEEE-754 float. 468 * The float value represents the timeval's value in microsecond units. 469 */ 470static uint32_t 471encode_timeval(struct timeval tv) 472{ 473 int log2_s; 474 int val, exp; /* Unnormalized value and exponent */ 475 int norm_exp; /* Normalized exponent */ 476 int shift; 477 478 /* 479 * First calculate value and exponent to about CALC_BITS precision. 480 * Note that the following conditionals have been ordered so that 481 * the most common cases appear first. 482 */ 483 if (tv.tv_sec == 0) { 484 if (tv.tv_usec == 0) 485 return (0); 486 exp = 0; 487 val = tv.tv_usec; 488 } else { 489 /* 490 * Calculate the value to a precision of approximately 491 * CALC_BITS. 492 */ 493 log2_s = fls(tv.tv_sec) - 1; 494 if (log2_s + LOG2_1M < CALC_BITS) { 495 exp = 0; 496 val = 1000000 * tv.tv_sec + tv.tv_usec; 497 } else { 498 exp = log2_s + LOG2_1M - CALC_BITS; 499 val = (unsigned int)(((u_int64_t)1000000 * tv.tv_sec + 500 tv.tv_usec) >> exp); 501 } 502 } 503 /* Now normalize and pack the value into an IEEE-754 float. */ 504 norm_exp = fls(val) - 1; 505 shift = FLT_MANT_DIG - norm_exp - 1; 506#ifdef ACCT_DEBUG 507 printf("val=%d exp=%d shift=%d log2(val)=%d\n", 508 val, exp, shift, norm_exp); 509 printf("exp=%x mant=%x\n", FLT_MAX_EXP - 1 + exp + norm_exp, 510 ((shift > 0 ? (val << shift) : (val >> -shift)) & MANT_MASK)); 511#endif 512 return (((FLT_MAX_EXP - 1 + exp + norm_exp) << (FLT_MANT_DIG - 1)) | 513 ((shift > 0 ? val << shift : val >> -shift) & MANT_MASK)); 514} 515 516/* 517 * Convert a non-negative long value into the bit pattern of 518 * an IEEE-754 float value. 519 */ 520static uint32_t 521encode_long(long val) 522{ 523 int norm_exp; /* Normalized exponent */ 524 int shift; 525 526 if (val == 0) 527 return (0); 528 if (val < 0) { 529 log(LOG_NOTICE, 530 "encode_long: negative value %ld in accounting record\n", 531 val); 532 val = LONG_MAX; 533 } 534 norm_exp = fls(val) - 1; 535 shift = FLT_MANT_DIG - norm_exp - 1; 536#ifdef ACCT_DEBUG 537 printf("val=%d shift=%d log2(val)=%d\n", 538 val, shift, norm_exp); 539 printf("exp=%x mant=%x\n", FLT_MAX_EXP - 1 + exp + norm_exp, 540 ((shift > 0 ? (val << shift) : (val >> -shift)) & MANT_MASK)); 541#endif 542 return (((FLT_MAX_EXP - 1 + norm_exp) << (FLT_MANT_DIG - 1)) | 543 ((shift > 0 ? val << shift : val >> -shift) & MANT_MASK)); 544} 545 546/* FLOAT_CONVERSION_END (Regression testing; don't remove this line.) */ 547 548/* 549 * Periodically check the filesystem to see if accounting 550 * should be turned on or off. Beware the case where the vnode 551 * has been vgone()'d out from underneath us, e.g. when the file 552 * system containing the accounting file has been forcibly unmounted. 553 */ 554/* ARGSUSED */ 555static void 556acctwatch(void) 557{ 558 struct statfs sb; 559 int vfslocked; 560 561 sx_assert(&acct_sx, SX_XLOCKED); 562 563 /* 564 * If accounting was disabled before our kthread was scheduled, 565 * then acct_vp might be NULL. If so, just ask our kthread to 566 * exit and return. 567 */ 568 if (acct_vp == NULL) { 569 acct_state |= ACCT_EXITREQ; 570 return; 571 } 572 573 /* 574 * If our vnode is no longer valid, tear it down and signal the 575 * accounting thread to die. 576 */ 577 vfslocked = VFS_LOCK_GIANT(acct_vp->v_mount); 578 if (acct_vp->v_type == VBAD) { 579 (void) acct_disable(NULL); 580 VFS_UNLOCK_GIANT(vfslocked); 581 acct_state |= ACCT_EXITREQ; 582 return; 583 } 584 585 /* 586 * Stopping here is better than continuing, maybe it will be VBAD 587 * next time around. 588 */ 589 if (VFS_STATFS(acct_vp->v_mount, &sb, curthread) < 0) { 590 VFS_UNLOCK_GIANT(vfslocked); 591 return; 592 } 593 VFS_UNLOCK_GIANT(vfslocked); 594 if (acct_suspended) { 595 if (sb.f_bavail > (int64_t)(acctresume * sb.f_blocks / 596 100)) { 597 acct_suspended = 0; 598 log(LOG_NOTICE, "Accounting resumed\n"); 599 } 600 } else { 601 if (sb.f_bavail <= (int64_t)(acctsuspend * sb.f_blocks / 602 100)) { 603 acct_suspended = 1; 604 log(LOG_NOTICE, "Accounting suspended\n"); 605 } 606 } 607} 608 609/* 610 * The main loop for the dedicated kernel thread that periodically calls 611 * acctwatch(). 612 */ 613static void 614acct_thread(void *dummy) 615{ 616 u_char pri; 617 618 /* This is a low-priority kernel thread. */ 619 pri = PRI_MAX_KERN; 620 thread_lock(curthread); 621 sched_prio(curthread, pri); 622 thread_unlock(curthread); 623 624 /* If another accounting kthread is already running, just die. */ 625 sx_xlock(&acct_sx); 626 if (acct_state & ACCT_RUNNING) { 627 sx_xunlock(&acct_sx); 628 kproc_exit(0); 629 } 630 acct_state |= ACCT_RUNNING; 631 632 /* Loop until we are asked to exit. */ 633 while (!(acct_state & ACCT_EXITREQ)) { 634 635 /* Perform our periodic checks. */ 636 acctwatch(); 637 638 /* 639 * We check this flag again before sleeping since the 640 * acctwatch() might have shut down accounting and asked us 641 * to exit. 642 */ 643 if (!(acct_state & ACCT_EXITREQ)) { 644 sx_sleep(&acct_state, &acct_sx, 0, "-", 645 acctchkfreq * hz); 646 } 647 } 648 649 /* 650 * Acknowledge the exit request and shutdown. We clear both the 651 * exit request and running flags. 652 */ 653 acct_state = 0; 654 sx_xunlock(&acct_sx); 655 kproc_exit(0); 656} 657