1 /* $NetBSD: kern_acct.c,v 1.50 2001/11/12 15:25:05 lukem Exp $ */ 2 3 /*- 4 * Copyright (c) 1994 Christopher G. Demetriou 5 * Copyright (c) 1982, 1986, 1989, 1993 6 * The Regents of the University of California. All rights reserved. 7 * (c) UNIX System Laboratories, Inc. 8 * All or some portions of this file are derived from material licensed 9 * to the University of California by American Telephone and Telegraph 10 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 11 * the permission of UNIX System Laboratories, Inc. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. All advertising materials mentioning features or use of this software 22 * must display the following acknowledgement: 23 * This product includes software developed by the University of 24 * California, Berkeley and its contributors. 25 * 4. Neither the name of the University nor the names of its contributors 26 * may be used to endorse or promote products derived from this software 27 * without specific prior written permission. 28 * 29 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 30 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 31 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 32 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 33 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 34 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 35 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 36 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 38 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 39 * SUCH DAMAGE. 40 * 41 * @(#)kern_acct.c 8.8 (Berkeley) 5/14/95 42 */ 43 44 #include <sys/cdefs.h> 45 __KERNEL_RCSID(0, "$NetBSD: kern_acct.c,v 1.50 2001/11/12 15:25:05 lukem Exp $"); 46 47 #include <sys/param.h> 48 #include <sys/systm.h> 49 #include <sys/proc.h> 50 #include <sys/mount.h> 51 #include <sys/vnode.h> 52 #include <sys/file.h> 53 #include <sys/syslog.h> 54 #include <sys/kernel.h> 55 #include <sys/kthread.h> 56 #include <sys/lock.h> 57 #include <sys/malloc.h> 58 #include <sys/namei.h> 59 #include <sys/errno.h> 60 #include <sys/acct.h> 61 #include <sys/resourcevar.h> 62 #include <sys/ioctl.h> 63 #include <sys/tty.h> 64 65 #include <sys/syscallargs.h> 66 67 /* 68 * The routines implemented in this file are described in: 69 * Leffler, et al.: The Design and Implementation of the 4.3BSD 70 * UNIX Operating System (Addison Welley, 1989) 71 * on pages 62-63. 72 * 73 * Arguably, to simplify accounting operations, this mechanism should 74 * be replaced by one in which an accounting log file (similar to /dev/klog) 75 * is read by a user process, etc. However, that has its own problems. 76 */ 77 78 /* 79 * The global accounting state and related data. Gain the lock before 80 * accessing these variables. 81 */ 82 enum { 83 ACCT_STOP, 84 ACCT_ACTIVE, 85 ACCT_SUSPENDED 86 } acct_state; /* The current accounting state. */ 87 struct vnode *acct_vp; /* Accounting vnode pointer. */ 88 struct ucred *acct_ucred; /* Credential of accounting file 89 owner (i.e root). Used when 90 accounting file i/o. */ 91 struct proc *acct_dkwatcher; /* Free disk space checker. */ 92 93 /* 94 * Lock to serialize system calls and kernel threads. 95 */ 96 struct lock acct_lock; 97 #define ACCT_LOCK() \ 98 do { \ 99 (void) lockmgr(&acct_lock, LK_EXCLUSIVE, NULL); \ 100 } while (/* CONSTCOND */0) 101 #define ACCT_UNLOCK() \ 102 do { \ 103 (void) lockmgr(&acct_lock, LK_RELEASE, NULL); \ 104 } while (/* CONSTCOND */0) 105 106 /* 107 * Internal accounting functions. 108 * The former's operation is described in Leffler, et al., and the latter 109 * was provided by UCB with the 4.4BSD-Lite release 110 */ 111 comp_t encode_comp_t __P((u_long, u_long)); 112 void acctwatch __P((void *)); 113 void acct_stop __P((void)); 114 int acct_chkfree __P((void)); 115 116 /* 117 * Values associated with enabling and disabling accounting 118 */ 119 int acctsuspend = 2; /* stop accounting when < 2% free space left */ 120 int acctresume = 4; /* resume when free space risen to > 4% */ 121 int acctchkfreq = 15; /* frequency (in seconds) to check space */ 122 123 void 124 acct_init() 125 { 126 127 acct_state = ACCT_STOP; 128 acct_vp = NULLVP; 129 acct_ucred = NULL; 130 lockinit(&acct_lock, PWAIT, "acctlk", 0, 0); 131 } 132 133 void 134 acct_stop() 135 { 136 int error; 137 138 if (acct_vp != NULLVP && acct_vp->v_type != VBAD) { 139 error = vn_close(acct_vp, FWRITE, acct_ucred, NULL); 140 #ifdef DIAGNOSTIC 141 if (error != 0) 142 printf("acct_stop: failed to close, errno = %d\n", 143 error); 144 #endif 145 acct_vp = NULLVP; 146 } 147 if (acct_ucred != NULL) { 148 crfree(acct_ucred); 149 acct_ucred = NULL; 150 } 151 acct_state = ACCT_STOP; 152 } 153 154 int 155 acct_chkfree() 156 { 157 int error; 158 struct statfs sb; 159 160 error = VFS_STATFS(acct_vp->v_mount, &sb, NULL); 161 if (error != 0) 162 return (error); 163 164 switch (acct_state) { 165 case ACCT_SUSPENDED: 166 if (sb.f_bavail > acctresume * sb.f_blocks / 100) { 167 acct_state = ACCT_ACTIVE; 168 log(LOG_NOTICE, "Accounting resumed\n"); 169 } 170 break; 171 case ACCT_ACTIVE: 172 if (sb.f_bavail <= acctsuspend * sb.f_blocks / 100) { 173 acct_state = ACCT_SUSPENDED; 174 log(LOG_NOTICE, "Accounting suspended\n"); 175 } 176 break; 177 case ACCT_STOP: 178 break; 179 } 180 return (0); 181 } 182 183 /* 184 * Accounting system call. Written based on the specification and 185 * previous implementation done by Mark Tinguely. 186 */ 187 int 188 sys_acct(p, v, retval) 189 struct proc *p; 190 void *v; 191 register_t *retval; 192 { 193 struct sys_acct_args /* { 194 syscallarg(const char *) path; 195 } */ *uap = v; 196 struct nameidata nd; 197 int error; 198 199 /* Make sure that the caller is root. */ 200 if ((error = suser(p->p_ucred, &p->p_acflag)) != 0) 201 return (error); 202 203 /* 204 * If accounting is to be started to a file, open that file for 205 * writing and make sure it's a 'normal'. 206 */ 207 if (SCARG(uap, path) != NULL) { 208 NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), 209 p); 210 if ((error = vn_open(&nd, FWRITE, 0)) != 0) 211 return (error); 212 VOP_UNLOCK(nd.ni_vp, 0); 213 if (nd.ni_vp->v_type != VREG) { 214 vn_close(nd.ni_vp, FWRITE, p->p_ucred, p); 215 return (EACCES); 216 } 217 } 218 219 ACCT_LOCK(); 220 221 /* 222 * If accounting was previously enabled, kill the old space-watcher, 223 * free credential for accounting file i/o, 224 * ... (and, if no new file was specified, leave). 225 */ 226 acct_stop(); 227 if (SCARG(uap, path) == NULL) 228 goto out; 229 230 /* 231 * Save the new accounting file vnode and credential, 232 * and schedule the new free space watcher. 233 */ 234 acct_state = ACCT_ACTIVE; 235 acct_vp = nd.ni_vp; 236 acct_ucred = p->p_ucred; 237 crhold(acct_ucred); 238 239 error = acct_chkfree(); /* Initial guess. */ 240 if (error != 0) { 241 acct_stop(); 242 goto out; 243 } 244 245 if (acct_dkwatcher == NULL) { 246 error = kthread_create1(acctwatch, NULL, &acct_dkwatcher, 247 "acctwatch"); 248 if (error != 0) 249 acct_stop(); 250 } 251 252 out: 253 ACCT_UNLOCK(); 254 return (error); 255 } 256 257 /* 258 * Write out process accounting information, on process exit. 259 * Data to be written out is specified in Leffler, et al. 260 * and are enumerated below. (They're also noted in the system 261 * "acct.h" header file.) 262 */ 263 int 264 acct_process(p) 265 struct proc *p; 266 { 267 struct acct acct; 268 struct rusage *r; 269 struct timeval ut, st, tmp; 270 int s, t, error = 0; 271 struct plimit *oplim = NULL; 272 273 ACCT_LOCK(); 274 275 /* If accounting isn't enabled, don't bother */ 276 if (acct_state != ACCT_ACTIVE) 277 goto out; 278 279 /* 280 * Raise the file limit so that accounting can't be stopped by 281 * the user. 282 * 283 * XXX We should think about the CPU limit, too. 284 */ 285 if (p->p_limit->p_refcnt > 1) { 286 oplim = p->p_limit; 287 p->p_limit = limcopy(p->p_limit); 288 } 289 p->p_rlimit[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; 290 291 /* 292 * Get process accounting information. 293 */ 294 295 /* (1) The name of the command that ran */ 296 memcpy(acct.ac_comm, p->p_comm, sizeof(acct.ac_comm)); 297 298 /* (2) The amount of user and system time that was used */ 299 calcru(p, &ut, &st, NULL); 300 acct.ac_utime = encode_comp_t(ut.tv_sec, ut.tv_usec); 301 acct.ac_stime = encode_comp_t(st.tv_sec, st.tv_usec); 302 303 /* (3) The elapsed time the commmand ran (and its starting time) */ 304 acct.ac_btime = p->p_stats->p_start.tv_sec; 305 s = splclock(); 306 timersub(&time, &p->p_stats->p_start, &tmp); 307 splx(s); 308 acct.ac_etime = encode_comp_t(tmp.tv_sec, tmp.tv_usec); 309 310 /* (4) The average amount of memory used */ 311 r = &p->p_stats->p_ru; 312 timeradd(&ut, &st, &tmp); 313 t = tmp.tv_sec * hz + tmp.tv_usec / tick; 314 if (t) 315 acct.ac_mem = (r->ru_ixrss + r->ru_idrss + r->ru_isrss) / t; 316 else 317 acct.ac_mem = 0; 318 319 /* (5) The number of disk I/O operations done */ 320 acct.ac_io = encode_comp_t(r->ru_inblock + r->ru_oublock, 0); 321 322 /* (6) The UID and GID of the process */ 323 acct.ac_uid = p->p_cred->p_ruid; 324 acct.ac_gid = p->p_cred->p_rgid; 325 326 /* (7) The terminal from which the process was started */ 327 if ((p->p_flag & P_CONTROLT) && p->p_pgrp->pg_session->s_ttyp) 328 acct.ac_tty = p->p_pgrp->pg_session->s_ttyp->t_dev; 329 else 330 acct.ac_tty = NODEV; 331 332 /* (8) The boolean flags that tell how the process terminated, etc. */ 333 acct.ac_flag = p->p_acflag; 334 335 /* 336 * Now, just write the accounting information to the file. 337 */ 338 VOP_LEASE(acct_vp, p, p->p_ucred, LEASE_WRITE); 339 error = vn_rdwr(UIO_WRITE, acct_vp, (caddr_t)&acct, 340 sizeof(acct), (off_t)0, UIO_SYSSPACE, IO_APPEND|IO_UNIT, 341 acct_ucred, NULL, p); 342 if (error != 0) 343 log(LOG_ERR, "Accounting: write failed %d\n", error); 344 345 if (oplim) { 346 limfree(p->p_limit); 347 p->p_limit = oplim; 348 } 349 350 out: 351 ACCT_UNLOCK(); 352 return (error); 353 } 354 355 /* 356 * Encode_comp_t converts from ticks in seconds and microseconds 357 * to ticks in 1/AHZ seconds. The encoding is described in 358 * Leffler, et al., on page 63. 359 */ 360 361 #define MANTSIZE 13 /* 13 bit mantissa. */ 362 #define EXPSIZE 3 /* Base 8 (3 bit) exponent. */ 363 #define MAXFRACT ((1 << MANTSIZE) - 1) /* Maximum fractional value. */ 364 365 comp_t 366 encode_comp_t(s, us) 367 u_long s, us; 368 { 369 int exp, rnd; 370 371 exp = 0; 372 rnd = 0; 373 s *= AHZ; 374 s += us / (1000000 / AHZ); /* Maximize precision. */ 375 376 while (s > MAXFRACT) { 377 rnd = s & (1 << (EXPSIZE - 1)); /* Round up? */ 378 s >>= EXPSIZE; /* Base 8 exponent == 3 bit shift. */ 379 exp++; 380 } 381 382 /* If we need to round up, do it (and handle overflow correctly). */ 383 if (rnd && (++s > MAXFRACT)) { 384 s >>= EXPSIZE; 385 exp++; 386 } 387 388 /* Clean it up and polish it off. */ 389 exp <<= MANTSIZE; /* Shift the exponent into place */ 390 exp += s; /* and add on the mantissa. */ 391 return (exp); 392 } 393 394 /* 395 * Periodically check the file system to see if accounting 396 * should be turned on or off. Beware the case where the vnode 397 * has been vgone()'d out from underneath us, e.g. when the file 398 * system containing the accounting file has been forcibly unmounted. 399 */ 400 void 401 acctwatch(arg) 402 void *arg; 403 { 404 int error; 405 406 log(LOG_NOTICE, "Accounting started\n"); 407 ACCT_LOCK(); 408 while (acct_state != ACCT_STOP) { 409 if (acct_vp->v_type == VBAD) { 410 log(LOG_NOTICE, "Accounting terminated\n"); 411 acct_stop(); 412 continue; 413 } 414 415 error = acct_chkfree(); 416 #ifdef DIAGNOSTIC 417 if (error != 0) 418 printf("acctwatch: failed to statfs, error = %d\n", 419 error); 420 #endif 421 422 ACCT_UNLOCK(); 423 error = tsleep(acctwatch, PSWP, "actwat", acctchkfreq * hz); 424 ACCT_LOCK(); 425 #ifdef DIAGNOSTIC 426 if (error != 0 && error != EWOULDBLOCK) 427 printf("acctwatch: sleep error %d\n", error); 428 #endif 429 } 430 acct_dkwatcher = NULL; 431 ACCT_UNLOCK(); 432 433 kthread_exit(0); 434 } 435