1 week bump for the below. If you use this feature or currently hacking on it, speak up by end of week. I'm sharpening my axes.
Dave Voutila <d...@sisu.io> writes: > Matthew Martin recently presented a patch on tech@ [1] fixing some missed > scaling from when I converted vmd(8) to use bytes instead of megabytes > everywhere. I finally found time to wade through the code it touches and > am proposing we simply "tedu" the incomplete feature. > > Does anyone use this? (And if so, how?) > > I don't see much value in this framework and it only adds additional > state to track. Users can be confined by limits associated in > login.conf(5) for the most part. There are more interesting things to > work on, so unless anyone speaks up I'll look for an OK to remove it. > > -dv > > [1] https://marc.info/?l=openbsd-tech&m=166346196317673&w=2 > > > diff refs/heads/master refs/heads/vmd-user > commit - bfe2092d87b190d9f89c4a6f2728a539b7f88233 > commit + e84ff2c7628a811e00044a447ad906d6e24beac0 > blob - 374d7de6629e072065b5c0232536c23c1e5bbbe0 > blob + a192223cf118e2a8764b24f965a15acbf8ae506f > --- usr.sbin/vmd/config.c > +++ usr.sbin/vmd/config.c > @@ -98,12 +98,6 @@ config_init(struct vmd *env) > return (-1); > TAILQ_INIT(env->vmd_switches); > } > - if (what & CONFIG_USERS) { > - if ((env->vmd_users = calloc(1, > - sizeof(*env->vmd_users))) == NULL) > - return (-1); > - TAILQ_INIT(env->vmd_users); > - } > > return (0); > } > @@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, ui > return (EALREADY); > } > > - /* increase the user reference counter and check user limits */ > - if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) { > - user_inc(vcp, vm->vm_user, 1); > - if (user_checklimit(vm->vm_user, vcp) == -1) > - return (EPERM); > - } > - > /* > * Rate-limit the VM so that it cannot restart in a loop: > * if the VM restarts after less than VM_START_RATE_SEC seconds, > blob - 2f3ac1a76f2c3e458919eca85c238a668c10422a > blob + 755cbedb6a18502a87724502ec86e9e426961701 > --- usr.sbin/vmd/vmd.c > +++ usr.sbin/vmd/vmd.c > @@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *ca > vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING > | VM_STATE_SHUTDOWN); > > - user_inc(&vm->vm_params.vmc_params, vm->vm_user, 0); > - user_put(vm->vm_user); > - > if (vm->vm_iev.ibuf.fd != -1) { > event_del(&vm->vm_iev.ev); > close(vm->vm_iev.ibuf.fd); > @@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller) > > TAILQ_REMOVE(env->vmd_vms, vm, vm_entry); > > - user_put(vm->vm_user); > vm_stop(vm, 0, caller); > free(vm); > } > @@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_par > struct vmd_vm *vm = NULL, *vm_parent = NULL; > struct vm_create_params *vcp = &vmc->vmc_params; > struct vmop_owner *vmo = NULL; > - struct vmd_user *usr = NULL; > uint32_t nid, rng; > unsigned int i, j; > struct vmd_switch *sw; > @@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct vmop_create_par > } > } > > - /* track active users */ > - if (uid != 0 && env->vmd_users != NULL && > - (usr = user_get(uid)) == NULL) { > - log_warnx("could not add user"); > - goto fail; > - } > - > if ((vm = calloc(1, sizeof(*vm))) == NULL) > goto fail; > > @@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_par > vm->vm_tty = -1; > vm->vm_receive_fd = -1; > vm->vm_state &= ~VM_STATE_PAUSED; > - vm->vm_user = usr; > > for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++) > for (j = 0; j < VM_MAX_BASE_PER_DISK; j++) > @@ -1903,104 +1890,6 @@ struct vmd_user * > return (NULL); > } > > -struct vmd_user * > -user_get(uid_t uid) > -{ > - struct vmd_user *usr; > - > - if (uid == 0) > - return (NULL); > - > - /* first try to find an existing user */ > - TAILQ_FOREACH(usr, env->vmd_users, usr_entry) { > - if (usr->usr_id.uid == uid) > - goto done; > - } > - > - if ((usr = calloc(1, sizeof(*usr))) == NULL) { > - log_warn("could not allocate user"); > - return (NULL); > - } > - > - usr->usr_id.uid = uid; > - usr->usr_id.gid = -1; > - TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry); > - > - done: > - DPRINTF("%s: uid %d #%d +", > - __func__, usr->usr_id.uid, usr->usr_refcnt + 1); > - usr->usr_refcnt++; > - > - return (usr); > -} > - > -void > -user_put(struct vmd_user *usr) > -{ > - if (usr == NULL) > - return; > - > - DPRINTF("%s: uid %d #%d -", > - __func__, usr->usr_id.uid, usr->usr_refcnt - 1); > - > - if (--usr->usr_refcnt > 0) > - return; > - > - TAILQ_REMOVE(env->vmd_users, usr, usr_entry); > - free(usr); > -} > - > -void > -user_inc(struct vm_create_params *vcp, struct vmd_user *usr, int inc) > -{ > - char mem[FMT_SCALED_STRSIZE]; > - > - if (usr == NULL) > - return; > - > - /* increment or decrement counters */ > - inc = inc ? 1 : -1; > - > - usr->usr_maxcpu += vcp->vcp_ncpus * inc; > - usr->usr_maxmem += vcp->vcp_memranges[0].vmr_size * inc; > - usr->usr_maxifs += vcp->vcp_nnics * inc; > - > - if (log_getverbose() > 1) { > - (void)fmt_scaled(usr->usr_maxmem * 1024 * 1024, mem); > - log_debug("%s: %c uid %d ref %d cpu %llu mem %s ifs %llu", > - __func__, inc == 1 ? '+' : '-', > - usr->usr_id.uid, usr->usr_refcnt, > - usr->usr_maxcpu, mem, usr->usr_maxifs); > - } > -} > - > -int > -user_checklimit(struct vmd_user *usr, struct vm_create_params *vcp) > -{ > - const char *limit = ""; > - > - /* XXX make the limits configurable */ > - if (usr->usr_maxcpu > VM_DEFAULT_USER_MAXCPU) { > - limit = "cpu "; > - goto fail; > - } > - if (usr->usr_maxmem > VM_DEFAULT_USER_MAXMEM) { > - limit = "memory "; > - goto fail; > - } > - if (usr->usr_maxifs > VM_DEFAULT_USER_MAXIFS) { > - limit = "interface "; > - goto fail; > - } > - > - return (0); > - > - fail: > - log_warnx("%s: user %d %slimit reached", vcp->vcp_name, > - usr->usr_id.uid, limit); > - return (-1); > -} > - > char * > get_string(uint8_t *ptr, size_t len) > { > blob - 9010ad6eb9f4b593a6b74d69b6109bd68b9e585c > blob + 5e9f81fc8fd2d3d6245cede0503628ecd0482320 > --- usr.sbin/vmd/vmd.h > +++ usr.sbin/vmd/vmd.h > @@ -65,11 +65,6 @@ > #define VM_START_RATE_SEC 6 /* min. seconds since last reboot */ > #define VM_START_RATE_LIMIT 3 /* max. number of fast reboots */ > > -/* default user instance limits */ > -#define VM_DEFAULT_USER_MAXCPU 4 > -#define VM_DEFAULT_USER_MAXMEM 2048 > -#define VM_DEFAULT_USER_MAXIFS 8 > - > /* vmd -> vmctl error codes */ > #define VMD_BIOS_MISSING 1001 > #define VMD_DISK_MISSING 1002 > @@ -287,7 +282,6 @@ struct vmd_vm { > struct imsgev vm_iev; > uid_t vm_uid; > int vm_receive_fd; > - struct vmd_user *vm_user; > unsigned int vm_state; > /* When set, VM is running now (PROC_PARENT only) */ > #define VM_STATE_RUNNING 0x01 > @@ -307,17 +301,6 @@ struct vmd_user { > }; > TAILQ_HEAD(vmlist, vmd_vm); > > -struct vmd_user { > - struct vmop_owner usr_id; > - uint64_t usr_maxcpu; > - uint64_t usr_maxmem; > - uint64_t usr_maxifs; > - int usr_refcnt; > - > - TAILQ_ENTRY(vmd_user) usr_entry; > -}; > -TAILQ_HEAD(userlist, vmd_user); > - > struct name2id { > char name[VMM_MAX_NAME_LEN]; > int uid; > @@ -373,7 +356,6 @@ struct vmd { > struct name2idlist *vmd_known; > uint32_t vmd_nswitches; > struct switchlist *vmd_switches; > - struct userlist *vmd_users; > > int vmd_fd; > int vmd_fd6; > @@ -445,10 +427,6 @@ struct vmd_user *user_get(uid_t); > void vm_closetty(struct vmd_vm *); > void switch_remove(struct vmd_switch *); > struct vmd_switch *switch_getbyname(const char *); > -struct vmd_user *user_get(uid_t); > -void user_put(struct vmd_user *); > -void user_inc(struct vm_create_params *, struct vmd_user *, int); > -int user_checklimit(struct vmd_user *, struct vm_create_params *); > char *get_string(uint8_t *, size_t); > uint32_t prefixlen2mask(uint8_t); > void prefixlen2mask6(u_int8_t, struct in6_addr *);
