1 /* 2 * Copyright (c) 2011 The Native Client Authors. All rights reserved. 3 * Use of this source code is governed by a BSD-style license that can be 4 * found in the LICENSE file. 5 */ 6 7 /* 8 * NaClDescQuota subclass of NaClDesc, which contains other NaClDescs. 9 */ 10 11 #ifndef NATIVE_CLIENT_SRC_TRUSTED_DESC_NACL_DESC_QUOTA_H_ 12 #define NATIVE_CLIENT_SRC_TRUSTED_DESC_NACL_DESC_QUOTA_H_ 13 14 #include "native_client/src/include/nacl_base.h" 15 #include "native_client/src/include/portability.h" 16 17 #include "native_client/src/trusted/desc/nacl_desc_base.h" 18 19 #include "native_client/src/shared/platform/nacl_sync.h" 20 21 EXTERN_C_BEGIN 22 23 /* 24 * When quota limit is reached, then a short write operation is 25 * performed unless quota says zero bytes can be transferred, in which 26 * case we will return -NACL_ABI_EDQUOT, disk quota exceeded. 27 * 28 * This wrapper is for enforcing disk storage quotas, not I/O transfer 29 * rates. A version of this that has read/write/sendmsg/recvmsg 30 * quotas can be done as well, though the RateLimitQuota interface 31 * should include a CondVar to sleep on to avoid polling, with an 32 * upcall mechanism to deliver additional quota. 33 */ 34 35 #define NACL_DESC_QUOTA_FILE_ID_LEN (16) 36 /* 37 * An ID of 128 bits should suffice for random IDs to not collide, 38 * assuming RNG is good. Smaller would suffice if it is just a 39 * counter. 40 */ 41 42 struct NaClDescQuota { 43 struct NaClDesc base NACL_IS_REFCOUNT_SUBCLASS; 44 struct NaClMutex mu; 45 struct NaClDesc *desc; 46 uint8_t file_id[NACL_DESC_QUOTA_FILE_ID_LEN]; 47 struct NaClDescQuotaInterface *quota_interface; 48 }; 49 50 /* 51 * Takes ownership of desc. 52 */ 53 int NaClDescQuotaCtor(struct NaClDescQuota *self, 54 struct NaClDesc *desc, 55 uint8_t const *file_id, 56 struct NaClDescQuotaInterface *quota_interface) 57 NACL_WUR; 58 59 EXTERN_C_END 60 61 #endif /* NATIVE_CLIENT_SRC_TRUSTED_DESC_NACL_DESC_QUOTA_H_ */ 62