1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 1992, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 
  25 /*      Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T     */
  26 /*        All Rights Reserved   */
  27 
  28 
  29 #include <sys/types.h>
  30 #include <sys/sysmacros.h>
  31 #include <sys/param.h>
  32 #include <sys/systm.h>
  33 #include <sys/acct.h>
  34 #include <sys/cred.h>
  35 #include <sys/user.h>
  36 #include <sys/errno.h>
  37 #include <sys/file.h>
  38 #include <sys/vnode.h>
  39 #include <sys/debug.h>
  40 #include <sys/proc.h>
  41 #include <sys/resource.h>
  42 #include <sys/session.h>
  43 #include <sys/modctl.h>
  44 #include <sys/syscall.h>
  45 #include <sys/policy.h>
  46 #include <sys/list.h>
  47 #include <sys/time.h>
  48 #include <sys/msacct.h>
  49 #include <sys/zone.h>
  50 
  51 /*
  52  * Each zone has its own accounting settings (on or off) and associated
  53  * file.  The global zone is not special in this aspect; it will only
  54  * generate records for processes that ran in the global zone.  We could
  55  * allow the global zone to record all activity on the system, but there
  56  * would be no way of knowing the zone in which the processes executed.
  57  * sysacct() is thus virtualized to only act on the caller's zone.
  58  */
  59 struct acct_globals {
  60         struct acct     acctbuf;
  61         kmutex_t        aclock;
  62         struct vnode    *acctvp;
  63         list_node_t     aclink;
  64 };
  65 
  66 /*
  67  * We need a list of all accounting settings for all zones, so we can
  68  * accurately determine if a file is in use for accounting (possibly by
  69  * another zone).
  70  */
  71 static zone_key_t acct_zone_key;
  72 static list_t acct_list;
  73 kmutex_t acct_list_lock;
  74 
  75 static struct sysent acctsysent = {
  76         1,
  77         SE_NOUNLOAD | SE_ARGC | SE_32RVAL1,
  78         sysacct
  79 };
  80 
  81 static struct modlsys modlsys = {
  82         &mod_syscallops, "acct(2) syscall", &acctsysent
  83 };
  84 
  85 #ifdef _SYSCALL32_IMPL
  86 static struct modlsys modlsys32 = {
  87         &mod_syscallops32, "32-bit acct(2) syscall", &acctsysent
  88 };
  89 #endif
  90 
  91 static struct modlinkage modlinkage = {
  92         MODREV_1,
  93         {   &modlsys,
  94 #ifdef _SYSCALL32_IMPL
  95             &modlsys32,
  96 #endif
  97             NULL
  98         }
  99 };
 100 
 101 /*ARGSUSED*/
 102 static void *
 103 acct_init(zoneid_t zoneid)
 104 {
 105         struct acct_globals *ag;
 106 
 107         ag = kmem_alloc(sizeof (*ag), KM_SLEEP);
 108         bzero(&ag->acctbuf, sizeof (ag->acctbuf));
 109         mutex_init(&ag->aclock, NULL, MUTEX_DEFAULT, NULL);
 110         ag->acctvp = NULL;
 111 
 112         mutex_enter(&acct_list_lock);
 113         list_insert_tail(&acct_list, ag);
 114         mutex_exit(&acct_list_lock);
 115         return (ag);
 116 }
 117 
 118 /* ARGSUSED */
 119 static void
 120 acct_shutdown(zoneid_t zoneid, void *arg)
 121 {
 122         struct acct_globals *ag = arg;
 123 
 124         mutex_enter(&ag->aclock);
 125         if (ag->acctvp) {
 126                 /*
 127                  * This needs to be done as a shutdown callback, otherwise this
 128                  * held vnode may cause filesystems to be busy, and the zone
 129                  * shutdown operation to fail.
 130                  */
 131                 (void) VOP_CLOSE(ag->acctvp, FWRITE, 1, (offset_t)0, kcred,
 132                     NULL);
 133                 VN_RELE(ag->acctvp);
 134         }
 135         ag->acctvp = NULL;
 136         mutex_exit(&ag->aclock);
 137 }
 138 
 139 /*ARGSUSED*/
 140 static void
 141 acct_fini(zoneid_t zoneid, void *arg)
 142 {
 143         struct acct_globals *ag = arg;
 144 
 145         mutex_enter(&acct_list_lock);
 146         list_remove(&acct_list, ag);
 147         mutex_exit(&acct_list_lock);
 148 
 149         mutex_destroy(&ag->aclock);
 150         kmem_free(ag, sizeof (*ag));
 151 }
 152 
 153 int
 154 _init(void)
 155 {
 156         int error;
 157 
 158         mutex_init(&acct_list_lock, NULL, MUTEX_DEFAULT, NULL);
 159         list_create(&acct_list, sizeof (struct acct_globals),
 160             offsetof(struct acct_globals, aclink));
 161         /*
 162          * Using an initializer here wastes a bit of memory for zones that
 163          * don't use accounting, but vastly simplifies the locking.
 164          */
 165         zone_key_create(&acct_zone_key, acct_init, acct_shutdown, acct_fini);
 166         if ((error = mod_install(&modlinkage)) != 0) {
 167                 (void) zone_key_delete(acct_zone_key);
 168                 list_destroy(&acct_list);
 169                 mutex_destroy(&acct_list_lock);
 170         }
 171         return (error);
 172 }
 173 
 174 int
 175 _info(struct modinfo *modinfop)
 176 {
 177         return (mod_info(&modlinkage, modinfop));
 178 }
 179 
 180 /*
 181  * acct() is a "weak stub" routine called from exit().
 182  * Once this module has been loaded, we refuse to allow
 183  * it to unload - otherwise accounting would quietly
 184  * cease.  See 1211661.  It's possible to make this module
 185  * unloadable but it's substantially safer not to bother.
 186  */
 187 int
 188 _fini(void)
 189 {
 190         return (EBUSY);
 191 }
 192 
 193 /*
 194  * See if vp is in use by the accounting system on any zone.  This does a deep
 195  * comparison of vnodes such that a file and a lofs "shadow" node of it will
 196  * appear to be the same.
 197  *
 198  * If 'compare_vfs' is true, the function will do a comparison of vfs_t's
 199  * instead (ie, is the vfs_t on which the vnode resides in use by the
 200  * accounting system in any zone).
 201  *
 202  * Returns 1 if found (in use), 0 otherwise.
 203  */
 204 static int
 205 acct_find(vnode_t *vp, boolean_t compare_vfs)
 206 {
 207         struct acct_globals *ag;
 208         vnode_t *realvp;
 209 
 210         ASSERT(MUTEX_HELD(&acct_list_lock));
 211         ASSERT(vp != NULL);
 212 
 213         if (VOP_REALVP(vp, &realvp, NULL))
 214                 realvp = vp;
 215         for (ag = list_head(&acct_list); ag != NULL;
 216             ag = list_next(&acct_list, ag)) {
 217                 vnode_t *racctvp;
 218                 boolean_t found = B_FALSE;
 219 
 220                 mutex_enter(&ag->aclock);
 221                 if (ag->acctvp == NULL) {
 222                         mutex_exit(&ag->aclock);
 223                         continue;
 224                 }
 225                 if (VOP_REALVP(ag->acctvp, &racctvp, NULL))
 226                         racctvp = ag->acctvp;
 227                 if (compare_vfs) {
 228                         if (racctvp->v_vfsp == realvp->v_vfsp)
 229                                 found = B_TRUE;
 230                 } else {
 231                         if (VN_CMP(realvp, racctvp))
 232                                 found = B_TRUE;
 233                 }
 234                 mutex_exit(&ag->aclock);
 235                 if (found)
 236                         return (1);
 237         }
 238         return (0);
 239 }
 240 
 241 /*
 242  * Returns 1 if the vfs that vnode resides on is in use for the accounting
 243  * subsystem, 0 otherwise.
 244  */
 245 int
 246 acct_fs_in_use(vnode_t *vp)
 247 {
 248         int found;
 249 
 250         if (vp == NULL)
 251                 return (0);
 252         mutex_enter(&acct_list_lock);
 253         found = acct_find(vp, B_TRUE);
 254         mutex_exit(&acct_list_lock);
 255         return (found);
 256 }
 257 
 258 /*
 259  * Perform process accounting functions.
 260  */
 261 int
 262 sysacct(char *fname)
 263 {
 264         struct acct_globals *ag;
 265         struct vnode *vp;
 266         int error = 0;
 267 
 268         if (secpolicy_acct(CRED()) != 0)
 269                 return (set_errno(EPERM));
 270 
 271         ag = zone_getspecific(acct_zone_key, curproc->p_zone);
 272         ASSERT(ag != NULL);
 273 
 274         if (fname == NULL) {
 275                 /*
 276                  * Close the file and stop accounting.
 277                  */
 278                 mutex_enter(&ag->aclock);
 279                 vp = ag->acctvp;
 280                 ag->acctvp = NULL;
 281                 mutex_exit(&ag->aclock);
 282                 if (vp) {
 283                         error = VOP_CLOSE(vp, FWRITE, 1, (offset_t)0, CRED(),
 284                             NULL);
 285                         VN_RELE(vp);
 286                 }
 287                 return (error == 0 ? 0 : set_errno(error));
 288         }
 289 
 290         /*
 291          * Either (a) open a new file and begin accounting -or- (b)
 292          * switch accounting from an old to a new file.
 293          *
 294          * (Open the file without holding aclock in case it
 295          * sleeps (holding the lock prevents process exit).)
 296          */
 297         if ((error = vn_open(fname, UIO_USERSPACE, FWRITE,
 298             0, &vp, (enum create)0, 0)) != 0) {
 299                 /* SVID  compliance */
 300                 if (error == EISDIR)
 301                         error = EACCES;
 302                 return (set_errno(error));
 303         }
 304 
 305         if (vp->v_type != VREG) {
 306                 error = EACCES;
 307         } else {
 308                 mutex_enter(&acct_list_lock);
 309                 if (acct_find(vp, B_FALSE)) {
 310                         error = EBUSY;
 311                 } else {
 312                         mutex_enter(&ag->aclock);
 313                         if (ag->acctvp) {
 314                                 vnode_t *oldvp;
 315 
 316                                 /*
 317                                  * close old acctvp, and point acct()
 318                                  * at new file by swapping vp and acctvp
 319                                  */
 320                                 oldvp = ag->acctvp;
 321                                 ag->acctvp = vp;
 322                                 vp = oldvp;
 323                         } else {
 324                                 /*
 325                                  * no existing file, start accounting ..
 326                                  */
 327                                 ag->acctvp = vp;
 328                                 vp = NULL;
 329                         }
 330                         mutex_exit(&ag->aclock);
 331                 }
 332                 mutex_exit(&acct_list_lock);
 333         }
 334 
 335         if (vp) {
 336                 (void) VOP_CLOSE(vp, FWRITE, 1, (offset_t)0, CRED(), NULL);
 337                 VN_RELE(vp);
 338         }
 339         return (error == 0 ? 0 : set_errno(error));
 340 }
 341 
 342 /*
 343  * Produce a pseudo-floating point representation
 344  * with 3 bits base-8 exponent, 13 bits fraction.
 345  */
 346 static comp_t
 347 acct_compress(ulong_t t)
 348 {
 349         int exp = 0, round = 0;
 350 
 351         while (t >= 8192) {
 352                 exp++;
 353                 round = t & 04;
 354                 t >>= 3;
 355         }
 356         if (round) {
 357                 t++;
 358                 if (t >= 8192) {
 359                         t >>= 3;
 360                         exp++;
 361                 }
 362         }
 363 #ifdef _LP64
 364         if (exp > 7) {
 365                 /* prevent wraparound */
 366                 t = 8191;
 367                 exp = 7;
 368         }
 369 #endif
 370         return ((exp << 13) + t);
 371 }
 372 
 373 /*
 374  * On exit, write a record on the accounting file.
 375  */
 376 void
 377 acct(char st)
 378 {
 379         struct vnode *vp;
 380         struct cred *cr;
 381         struct proc *p;
 382         user_t *ua;
 383         struct vattr va;
 384         ssize_t resid = 0;
 385         int error;
 386         struct acct_globals *ag;
 387 
 388         /*
 389          * If sysacct module is loaded when zone is in down state then
 390          * the following function can return NULL.
 391          */
 392         ag = zone_getspecific(acct_zone_key, curproc->p_zone);
 393         if (ag == NULL)
 394                 return;
 395 
 396         mutex_enter(&ag->aclock);
 397         if ((vp = ag->acctvp) == NULL) {
 398                 mutex_exit(&ag->aclock);
 399                 return;
 400         }
 401 
 402         /*
 403          * This only gets called from exit after all lwp's have exited so no
 404          * cred locking is needed.
 405          */
 406         p = curproc;
 407         ua = PTOU(p);
 408         bcopy(ua->u_comm, ag->acctbuf.ac_comm, sizeof (ag->acctbuf.ac_comm));
 409         ag->acctbuf.ac_btime = ua->u_start.tv_sec;
 410         ag->acctbuf.ac_utime = acct_compress(NSEC_TO_TICK(p->p_acct[LMS_USER]));
 411         ag->acctbuf.ac_stime = acct_compress(
 412             NSEC_TO_TICK(p->p_acct[LMS_SYSTEM] + p->p_acct[LMS_TRAP]));
 413         ag->acctbuf.ac_etime = acct_compress(ddi_get_lbolt() - ua->u_ticks);
 414         ag->acctbuf.ac_mem = acct_compress((ulong_t)ua->u_mem);
 415         ag->acctbuf.ac_io = acct_compress((ulong_t)p->p_ru.ioch);
 416         ag->acctbuf.ac_rw = acct_compress((ulong_t)(p->p_ru.inblock +
 417             p->p_ru.oublock));
 418         cr = CRED();
 419         ag->acctbuf.ac_uid = crgetruid(cr);
 420         ag->acctbuf.ac_gid = crgetrgid(cr);
 421         (void) cmpldev(&ag->acctbuf.ac_tty, cttydev(p));
 422         ag->acctbuf.ac_stat = st;
 423         ag->acctbuf.ac_flag = (ua->u_acflag | AEXPND);
 424 
 425         /*
 426          * Save the size. If the write fails, reset the size to avoid
 427          * corrupted acct files.
 428          *
 429          * Large Files: We deliberately prevent accounting files from
 430          * exceeding the 2GB limit as none of the accounting commands are
 431          * currently large file aware.
 432          */
 433         va.va_mask = AT_SIZE;
 434         if (VOP_GETATTR(vp, &va, 0, kcred, NULL) == 0) {
 435                 error = vn_rdwr(UIO_WRITE, vp, (caddr_t)&ag->acctbuf,
 436                     sizeof (ag->acctbuf), 0LL, UIO_SYSSPACE, FAPPEND,
 437                     (rlim64_t)MAXOFF32_T, kcred, &resid);
 438                 if (error || resid)
 439                         (void) VOP_SETATTR(vp, &va, 0, kcred, NULL);
 440         }
 441         mutex_exit(&ag->aclock);
 442 }