1 /*-
2 * Copyright (c) 1994 Christopher G. Demetriou
3 * Copyright (c) 1982, 1986, 1989, 1993
4 * The Regents of the University of California. All rights reserved.
5 * (c) UNIX System Laboratories, Inc.
6 * All or some portions of this file are derived from material licensed
7 * to the University of California by American Telephone and Telegraph
8 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
9 * the permission of UNIX System Laboratories, Inc.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the University nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 * @(#)kern_acct.c 8.1 (Berkeley) 6/14/93
36 * $FreeBSD: src/sys/kern/kern_acct.c,v 1.23.2.1 2002/07/24 18:33:55 johan Exp $
37 */
38
39 #include <sys/param.h>
40 #include <sys/systm.h>
41 #include <sys/sysmsg.h>
42 #include <sys/proc.h>
43 #include <sys/caps.h>
44 #include <sys/mount.h>
45 #include <sys/vnode.h>
46 #include <sys/fcntl.h>
47 #include <sys/syslog.h>
48 #include <sys/kernel.h>
49 #include <sys/sysent.h>
50 #include <sys/sysctl.h>
51 #include <sys/nlookup.h>
52 #include <sys/acct.h>
53 #include <sys/resourcevar.h>
54 #include <sys/tty.h>
55
56 #include <vm/vm_zone.h>
57
58 static struct lock acct_lock = LOCK_INITIALIZER("acct_lock", 0, 0);
59
60 /*
61 * The routines implemented in this file are described in:
62 * Leffler, et al.: The Design and Implementation of the 4.3BSD
63 * UNIX Operating System (Addison Welley, 1989)
64 * on pages 62-63.
65 *
66 * Arguably, to simplify accounting operations, this mechanism should
67 * be replaced by one in which an accounting log file (similar to /dev/klog)
68 * is read by a user process, etc. However, that has its own problems.
69 */
70
71 /*
72 * Internal accounting functions.
73 * The former's operation is described in Leffler, et al., and the latter
74 * was provided by UCB with the 4.4BSD-Lite release
75 */
76 static comp_t encode_comp_t (u_long, u_long);
77 static void acctwatch (void *);
78
79 /*
80 * Accounting callout handle used for periodic scheduling of
81 * acctwatch.
82 */
83 static struct callout acctwatch_handle;
84
85 /*
86 * Accounting vnode pointer, and saved vnode pointer.
87 */
88 static struct vnode *acctp;
89 static struct vnode *savacctp;
90
91 /*
92 * Values associated with enabling and disabling accounting
93 */
94 static int acctsuspend = 2; /* stop accounting when < 2% free space left */
95 SYSCTL_INT(_kern, OID_AUTO, acct_suspend, CTLFLAG_RW,
96 &acctsuspend, 0, "Percentage of free disk space below which accounting will be suspended");
97
98 static int acctresume = 4; /* resume when free space risen to > 4% */
99 SYSCTL_INT(_kern, OID_AUTO, acct_resume, CTLFLAG_RW,
100 &acctresume, 0, "Minimum percentage of free disk space needed to resume accounting");
101
102 static int acctchkfreq = 15; /* frequency (in seconds) to check space */
103 SYSCTL_INT(_kern, OID_AUTO, acct_chkfreq, CTLFLAG_RW,
104 &acctchkfreq, 0, "Frequency (in seconds) of free disk space checking");
105
106 static void
acct_init(void * arg __unused)107 acct_init(void *arg __unused)
108 {
109 callout_init_lk(&acctwatch_handle, &acct_lock);
110 }
111 SYSINIT(acct, SI_SUB_DRIVERS, SI_ORDER_ANY, acct_init, NULL);
112
113 /*
114 * Accounting system call. Written based on the specification and
115 * previous implementation done by Mark Tinguely.
116 *
117 * acct(char *path)
118 *
119 * MPALMOSTSAFE
120 */
121 int
sys_acct(struct sysmsg * sysmsg,const struct acct_args * uap)122 sys_acct(struct sysmsg *sysmsg, const struct acct_args *uap)
123 {
124 struct nlookupdata nd;
125 struct vnode *vp;
126 int error;
127
128 error = caps_priv_check_self(SYSCAP_NOACCT);
129 if (error)
130 return (error);
131
132 lockmgr(&acct_lock, LK_EXCLUSIVE);
133
134 /*
135 * If accounting is to be started to a file, open that file for
136 * appending and make sure it's a 'normal'.
137 */
138 if (uap->path != NULL) {
139 error = nlookup_init(&nd, uap->path, UIO_USERSPACE,
140 NLC_LOCKVP);
141 if (error == 0)
142 error = vn_open(&nd, NULL, FWRITE | O_APPEND, 0);
143 if (error == 0 && nd.nl_open_vp->v_type != VREG)
144 error = EACCES;
145 if (error) {
146 nlookup_done(&nd);
147 goto done;
148 }
149 vp = nd.nl_open_vp;
150 nd.nl_open_vp = NULL;
151 nlookup_done(&nd);
152
153 vn_unlock(vp);
154 } else {
155 vp = NULL;
156 }
157
158 /*
159 * If accounting was previously enabled, kill the old space-watcher,
160 * close the file.
161 */
162 if (acctp != NULLVP || savacctp != NULLVP) {
163 callout_stop(&acctwatch_handle);
164 error = vn_close((acctp != NULLVP ? acctp : savacctp),
165 FWRITE | O_APPEND, NULL);
166 acctp = savacctp = NULLVP;
167 }
168
169 /*
170 * If no new file opened then leave. We never did an nlookup so
171 * don't try cleaning it up.
172 */
173 if (uap->path == NULL)
174 goto done;
175
176 /*
177 * Save the new accounting file vnode, and schedule the new
178 * free space watcher.
179 */
180 acctp = vp;
181 acctwatch(NULL);
182 done:
183 lockmgr(&acct_lock, LK_RELEASE);
184
185 return (error);
186 }
187
188 /*
189 * Write out process accounting information, on process exit.
190 * Data to be written out is specified in Leffler, et al.
191 * and are enumerated below. (They're also noted in the system
192 * "acct.h" header file.)
193 */
194
195 int
acct_process(struct proc * p)196 acct_process(struct proc *p)
197 {
198 struct acct acct;
199 struct rusage *r;
200 struct rusage ru;
201 struct timeval tmp;
202 struct rlimit rlim;
203 int t;
204 int error;
205 struct vnode *vp;
206
207 /*
208 * If accounting isn't enabled, don't bother. Lock acct_lock
209 * make sure.
210 */
211 if (acctp == NULLVP)
212 return 0;
213 lockmgr(&acct_lock, LK_SHARED);
214 vp = acctp;
215 if (vp == NULLVP) {
216 lockmgr(&acct_lock, LK_RELEASE);
217 return 0;
218 }
219
220 /*
221 * Get process accounting information.
222 */
223
224 /* (1) The name of the command that ran */
225 bcopy(p->p_comm, acct.ac_comm, sizeof acct.ac_comm);
226
227 /* (2) The amount of user and system time that was used */
228 calcru_proc(p, &ru);
229 acct.ac_utime = encode_comp_t(ru.ru_utime.tv_sec, ru.ru_utime.tv_usec);
230 acct.ac_stime = encode_comp_t(ru.ru_stime.tv_sec, ru.ru_stime.tv_usec);
231
232 /* (3) The elapsed time the commmand ran (and its starting time) */
233 acct.ac_btime = p->p_start.tv_sec;
234 microtime(&tmp);
235 timevalsub(&tmp, &p->p_start);
236 acct.ac_etime = encode_comp_t(tmp.tv_sec, tmp.tv_usec);
237
238 /* (4) The average amount of memory used */
239 r = &p->p_ru;
240 tmp = ru.ru_utime;
241 timevaladd(&tmp, &ru.ru_stime);
242 t = tmp.tv_sec * hz + tmp.tv_usec / ustick;
243 if (t)
244 acct.ac_mem = (r->ru_ixrss + r->ru_idrss + r->ru_isrss) / t;
245 else
246 acct.ac_mem = 0;
247
248 /* (5) The number of disk I/O operations done */
249 acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0);
250
251 /* (6) The UID and GID of the process */
252 acct.ac_uid = p->p_ucred->cr_ruid;
253 acct.ac_gid = p->p_ucred->cr_rgid;
254
255 /* (7) The terminal from which the process was started */
256 if ((p->p_flags & P_CONTROLT) && p->p_pgrp->pg_session->s_ttyp) {
257 acct.ac_tty =
258 devid_from_dev(p->p_pgrp->pg_session->s_ttyp->t_dev);
259 } else {
260 acct.ac_tty = NOUDEV;
261 }
262
263 /* (8) The boolean flags that tell how the process terminated, etc. */
264 acct.ac_flag = p->p_acflag;
265
266 /*
267 * Eliminate any file size rlimit.
268 */
269 rlim.rlim_cur = RLIM_INFINITY;
270 rlim.rlim_max = RLIM_INFINITY;
271 plimit_modify(p, RLIMIT_FSIZE, &rlim);
272
273 /*
274 * Write the accounting information to the file.
275 */
276 error = vn_rdwr(UIO_WRITE, vp, (caddr_t)&acct, sizeof (acct),
277 (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, p->p_ucred,
278 NULL);
279 lockmgr(&acct_lock, LK_RELEASE);
280
281 return error;
282 }
283
284 /*
285 * Encode_comp_t converts from ticks in seconds and microseconds
286 * to ticks in 1/AHZ seconds. The encoding is described in
287 * Leffler, et al., on page 63.
288 */
289
290 #define MANTSIZE 13 /* 13 bit mantissa. */
291 #define EXPSIZE 3 /* Base 8 (3 bit) exponent. */
292 #define MAXFRACT ((1 << MANTSIZE) - 1) /* Maximum fractional value. */
293
294 static comp_t
encode_comp_t(u_long s,u_long us)295 encode_comp_t(u_long s, u_long us)
296 {
297 int exp, rnd;
298
299 exp = 0;
300 rnd = 0;
301 s *= AHZ;
302 s += us / (1000000 / AHZ); /* Maximize precision. */
303
304 while (s > MAXFRACT) {
305 rnd = s & (1 << (EXPSIZE - 1)); /* Round up? */
306 s >>= EXPSIZE; /* Base 8 exponent == 3 bit shift. */
307 exp++;
308 }
309
310 /* If we need to round up, do it (and handle overflow correctly). */
311 if (rnd && (++s > MAXFRACT)) {
312 s >>= EXPSIZE;
313 exp++;
314 }
315
316 /* Clean it up and polish it off. */
317 exp <<= MANTSIZE; /* Shift the exponent into place */
318 exp += s; /* and add on the mantissa. */
319 return (exp);
320 }
321
322 /*
323 * Periodically check the file system to see if accounting
324 * should be turned on or off. Beware the case where the vnode
325 * has been vgone()'d out from underneath us, e.g. when the file
326 * system containing the accounting file has been forcibly unmounted.
327 */
328 /* ARGSUSED */
329 static void
acctwatch(void * a)330 acctwatch(void *a)
331 {
332 struct statfs sb;
333
334 if (savacctp != NULLVP) {
335 if (savacctp->v_type == VBAD) {
336 (void) vn_close(savacctp, FWRITE | O_APPEND, NULL);
337 savacctp = NULLVP;
338 return;
339 }
340 (void)VFS_STATFS(savacctp->v_mount, &sb, proc0.p_ucred);
341 if (sb.f_bavail > acctresume * sb.f_blocks / 100) {
342 acctp = savacctp;
343 savacctp = NULLVP;
344 log(LOG_NOTICE, "Accounting resumed\n");
345 }
346 } else {
347 if (acctp == NULLVP)
348 return;
349 if (acctp->v_type == VBAD) {
350 (void) vn_close(acctp, FWRITE | O_APPEND, NULL);
351 acctp = NULLVP;
352 return;
353 }
354 (void)VFS_STATFS(acctp->v_mount, &sb, proc0.p_ucred);
355 if (sb.f_bavail <= acctsuspend * sb.f_blocks / 100) {
356 savacctp = acctp;
357 acctp = NULLVP;
358 log(LOG_NOTICE, "Accounting suspended\n");
359 }
360 }
361 callout_reset(&acctwatch_handle, acctchkfreq * hz, acctwatch, NULL);
362 }
363