aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEdward Tomasz Napierala <trasz@FreeBSD.org>2012-10-26 16:01:08 +0000
committerEdward Tomasz Napierala <trasz@FreeBSD.org>2012-10-26 16:01:08 +0000
commit36af98697d92141dcd4f4cca56da38a426ccb089 (patch)
tree842a8cfc3ef8239e42a28dbb369918bc9a00b13e
parent6cff4e07c15477db7747f98dc7ecbedfe7563d40 (diff)
downloadsrc-36af98697d92141dcd4f4cca56da38a426ccb089.tar.gz
src-36af98697d92141dcd4f4cca56da38a426ccb089.zip
Add CPU percentage limit enforcement to RCTL. The resouce name is "pcpu".
It was implemented by Rudolf Tomori during Google Summer of Code 2012.
Notes
Notes: svn path=/head/; revision=242139
-rw-r--r--sys/kern/kern_racct.c497
-rw-r--r--sys/kern/kern_rctl.c48
-rw-r--r--sys/kern/sched_4bsd.c34
-rw-r--r--sys/kern/subr_trap.c13
-rw-r--r--sys/sys/proc.h1
-rw-r--r--sys/sys/racct.h22
-rw-r--r--sys/sys/rctl.h1
-rw-r--r--sys/sys/sched.h5
8 files changed, 590 insertions, 31 deletions
diff --git a/sys/kern/kern_racct.c b/sys/kern/kern_racct.c
index 534780fe77f3..df1c45780804 100644
--- a/sys/kern/kern_racct.c
+++ b/sys/kern/kern_racct.c
@@ -33,6 +33,7 @@
__FBSDID("$FreeBSD$");
#include "opt_kdtrace.h"
+#include "opt_sched.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -50,10 +51,13 @@ __FBSDID("$FreeBSD$");
#include <sys/sbuf.h>
#include <sys/sched.h>
#include <sys/sdt.h>
+#include <sys/smp.h>
#include <sys/sx.h>
+#include <sys/sysctl.h>
#include <sys/sysent.h>
#include <sys/sysproto.h>
#include <sys/umtx.h>
+#include <machine/smp.h>
#ifdef RCTL
#include <sys/rctl.h>
@@ -63,6 +67,23 @@ __FBSDID("$FreeBSD$");
FEATURE(racct, "Resource Accounting");
+/*
+ * Do not block processes that have their %cpu usage <= pcpu_threshold.
+ */
+static int pcpu_threshold = 1;
+
+SYSCTL_NODE(_kern, OID_AUTO, racct, CTLFLAG_RW, 0, "Resource Accounting");
+SYSCTL_UINT(_kern_racct, OID_AUTO, pcpu_threshold, CTLFLAG_RW, &pcpu_threshold,
+ 0, "Processes with higher %cpu usage than this value can be throttled.");
+
+/*
+ * How many seconds it takes to use the scheduler %cpu calculations. When a
+ * process starts, we compute its %cpu usage by dividing its runtime by the
+ * process wall clock time. After RACCT_PCPU_SECS pass, we use the value
+ * provided by the scheduler.
+ */
+#define RACCT_PCPU_SECS 3
+
static struct mtx racct_lock;
MTX_SYSINIT(racct_lock, &racct_lock, "racct lock", MTX_DEF);
@@ -140,7 +161,217 @@ int racct_types[] = {
[RACCT_SHMSIZE] =
RACCT_RECLAIMABLE | RACCT_DENIABLE | RACCT_SLOPPY,
[RACCT_WALLCLOCK] =
- RACCT_IN_MILLIONS };
+ RACCT_IN_MILLIONS,
+ [RACCT_PCTCPU] =
+ RACCT_DECAYING | RACCT_DENIABLE | RACCT_IN_MILLIONS };
+
+static const fixpt_t RACCT_DECAY_FACTOR = 0.3 * FSCALE;
+
+#ifdef SCHED_4BSD
+/*
+ * Contains intermediate values for %cpu calculations to avoid using floating
+ * point in the kernel.
+ * ccpu_exp[k] = FSCALE * (ccpu/FSCALE)^k = FSCALE * exp(-k/20)
+ * It is needed only for the 4BSD scheduler, because in ULE, the ccpu equals to
+ * zero so the calculations are more straightforward.
+ */
+fixpt_t ccpu_exp[] = {
+ [0] = FSCALE * 1,
+ [1] = FSCALE * 0.95122942450071400909,
+ [2] = FSCALE * 0.90483741803595957316,
+ [3] = FSCALE * 0.86070797642505780722,
+ [4] = FSCALE * 0.81873075307798185866,
+ [5] = FSCALE * 0.77880078307140486824,
+ [6] = FSCALE * 0.74081822068171786606,
+ [7] = FSCALE * 0.70468808971871343435,
+ [8] = FSCALE * 0.67032004603563930074,
+ [9] = FSCALE * 0.63762815162177329314,
+ [10] = FSCALE * 0.60653065971263342360,
+ [11] = FSCALE * 0.57694981038048669531,
+ [12] = FSCALE * 0.54881163609402643262,
+ [13] = FSCALE * 0.52204577676101604789,
+ [14] = FSCALE * 0.49658530379140951470,
+ [15] = FSCALE * 0.47236655274101470713,
+ [16] = FSCALE * 0.44932896411722159143,
+ [17] = FSCALE * 0.42741493194872666992,
+ [18] = FSCALE * 0.40656965974059911188,
+ [19] = FSCALE * 0.38674102345450120691,
+ [20] = FSCALE * 0.36787944117144232159,
+ [21] = FSCALE * 0.34993774911115535467,
+ [22] = FSCALE * 0.33287108369807955328,
+ [23] = FSCALE * 0.31663676937905321821,
+ [24] = FSCALE * 0.30119421191220209664,
+ [25] = FSCALE * 0.28650479686019010032,
+ [26] = FSCALE * 0.27253179303401260312,
+ [27] = FSCALE * 0.25924026064589150757,
+ [28] = FSCALE * 0.24659696394160647693,
+ [29] = FSCALE * 0.23457028809379765313,
+ [30] = FSCALE * 0.22313016014842982893,
+ [31] = FSCALE * 0.21224797382674305771,
+ [32] = FSCALE * 0.20189651799465540848,
+ [33] = FSCALE * 0.19204990862075411423,
+ [34] = FSCALE * 0.18268352405273465022,
+ [35] = FSCALE * 0.17377394345044512668,
+ [36] = FSCALE * 0.16529888822158653829,
+ [37] = FSCALE * 0.15723716631362761621,
+ [38] = FSCALE * 0.14956861922263505264,
+ [39] = FSCALE * 0.14227407158651357185,
+ [40] = FSCALE * 0.13533528323661269189,
+ [41] = FSCALE * 0.12873490358780421886,
+ [42] = FSCALE * 0.12245642825298191021,
+ [43] = FSCALE * 0.11648415777349695786,
+ [44] = FSCALE * 0.11080315836233388333,
+ [45] = FSCALE * 0.10539922456186433678,
+ [46] = FSCALE * 0.10025884372280373372,
+ [47] = FSCALE * 0.09536916221554961888,
+ [48] = FSCALE * 0.09071795328941250337,
+ [49] = FSCALE * 0.08629358649937051097,
+ [50] = FSCALE * 0.08208499862389879516,
+ [51] = FSCALE * 0.07808166600115315231,
+ [52] = FSCALE * 0.07427357821433388042,
+ [53] = FSCALE * 0.07065121306042958674,
+ [54] = FSCALE * 0.06720551273974976512,
+ [55] = FSCALE * 0.06392786120670757270,
+ [56] = FSCALE * 0.06081006262521796499,
+ [57] = FSCALE * 0.05784432087483846296,
+ [58] = FSCALE * 0.05502322005640722902,
+ [59] = FSCALE * 0.05233970594843239308,
+ [60] = FSCALE * 0.04978706836786394297,
+ [61] = FSCALE * 0.04735892439114092119,
+ [62] = FSCALE * 0.04504920239355780606,
+ [63] = FSCALE * 0.04285212686704017991,
+ [64] = FSCALE * 0.04076220397836621516,
+ [65] = FSCALE * 0.03877420783172200988,
+ [66] = FSCALE * 0.03688316740124000544,
+ [67] = FSCALE * 0.03508435410084502588,
+ [68] = FSCALE * 0.03337326996032607948,
+ [69] = FSCALE * 0.03174563637806794323,
+ [70] = FSCALE * 0.03019738342231850073,
+ [71] = FSCALE * 0.02872463965423942912,
+ [72] = FSCALE * 0.02732372244729256080,
+ [73] = FSCALE * 0.02599112877875534358,
+ [74] = FSCALE * 0.02472352647033939120,
+ [75] = FSCALE * 0.02351774585600910823,
+ [76] = FSCALE * 0.02237077185616559577,
+ [77] = FSCALE * 0.02127973643837716938,
+ [78] = FSCALE * 0.02024191144580438847,
+ [79] = FSCALE * 0.01925470177538692429,
+ [80] = FSCALE * 0.01831563888873418029,
+ [81] = FSCALE * 0.01742237463949351138,
+ [82] = FSCALE * 0.01657267540176124754,
+ [83] = FSCALE * 0.01576441648485449082,
+ [84] = FSCALE * 0.01499557682047770621,
+ [85] = FSCALE * 0.01426423390899925527,
+ [86] = FSCALE * 0.01356855901220093175,
+ [87] = FSCALE * 0.01290681258047986886,
+ [88] = FSCALE * 0.01227733990306844117,
+ [89] = FSCALE * 0.01167856697039544521,
+ [90] = FSCALE * 0.01110899653824230649,
+ [91] = FSCALE * 0.01056720438385265337,
+ [92] = FSCALE * 0.01005183574463358164,
+ [93] = FSCALE * 0.00956160193054350793,
+ [94] = FSCALE * 0.00909527710169581709,
+ [95] = FSCALE * 0.00865169520312063417,
+ [96] = FSCALE * 0.00822974704902002884,
+ [97] = FSCALE * 0.00782837754922577143,
+ [98] = FSCALE * 0.00744658307092434051,
+ [99] = FSCALE * 0.00708340892905212004,
+ [100] = FSCALE * 0.00673794699908546709,
+ [101] = FSCALE * 0.00640933344625638184,
+ [102] = FSCALE * 0.00609674656551563610,
+ [103] = FSCALE * 0.00579940472684214321,
+ [104] = FSCALE * 0.00551656442076077241,
+ [105] = FSCALE * 0.00524751839918138427,
+ [106] = FSCALE * 0.00499159390691021621,
+ [107] = FSCALE * 0.00474815099941147558,
+ [108] = FSCALE * 0.00451658094261266798,
+ [109] = FSCALE * 0.00429630469075234057,
+ [110] = FSCALE * 0.00408677143846406699,
+};
+#endif
+
+#define CCPU_EXP_MAX 110
+
+/*
+ * This function is analogical to the getpcpu() function in the ps(1) command.
+ * They should both calculate in the same way so that the racct %cpu
+ * calculations are consistent with the values showed by the ps(1) tool.
+ * The calculations are more complex in the 4BSD scheduler because of the value
+ * of the ccpu variable. In ULE it is defined to be zero which saves us some
+ * work.
+ */
+static uint64_t
+racct_getpcpu(struct proc *p, u_int pcpu)
+{
+ u_int swtime;
+#ifdef SCHED_4BSD
+ fixpt_t pctcpu, pctcpu_next;
+#endif
+#ifdef SMP
+ struct pcpu *pc;
+ int found;
+#endif
+ fixpt_t p_pctcpu;
+ struct thread *td;
+
+ /*
+ * If the process is swapped out, we count its %cpu usage as zero.
+ * This behaviour is consistent with the userland ps(1) tool.
+ */
+ if ((p->p_flag & P_INMEM) == 0)
+ return (0);
+ swtime = (ticks - p->p_swtick) / hz;
+
+ /*
+ * For short-lived processes, the sched_pctcpu() returns small
+ * values even for cpu intensive processes. Therefore we use
+ * our own estimate in this case.
+ */
+ if (swtime < RACCT_PCPU_SECS)
+ return (pcpu);
+
+ p_pctcpu = 0;
+ FOREACH_THREAD_IN_PROC(p, td) {
+ if (td == PCPU_GET(idlethread))
+ continue;
+#ifdef SMP
+ found = 0;
+ STAILQ_FOREACH(pc, &cpuhead, pc_allcpu) {
+ if (td == pc->pc_idlethread) {
+ found = 1;
+ break;
+ }
+ }
+ if (found)
+ continue;
+#endif
+ thread_lock(td);
+#ifdef SCHED_4BSD
+ pctcpu = sched_pctcpu(td);
+ /* Count also the yet unfinished second. */
+ pctcpu_next = (pctcpu * ccpu_exp[1]) >> FSHIFT;
+ pctcpu_next += sched_pctcpu_delta(td);
+ p_pctcpu += max(pctcpu, pctcpu_next);
+#else
+ /*
+ * In ULE the %cpu statistics are updated on every
+ * sched_pctcpu() call. So special calculations to
+ * account for the latest (unfinished) second are
+ * not needed.
+ */
+ p_pctcpu += sched_pctcpu(td);
+#endif
+ thread_unlock(td);
+ }
+
+#ifdef SCHED_4BSD
+ if (swtime <= CCPU_EXP_MAX)
+ return ((100 * (uint64_t)p_pctcpu * 1000000) /
+ (FSCALE - ccpu_exp[swtime]));
+#endif
+
+ return ((100 * (uint64_t)p_pctcpu * 1000000) / FSCALE);
+}
static void
racct_add_racct(struct racct *dest, const struct racct *src)
@@ -180,7 +411,7 @@ racct_sub_racct(struct racct *dest, const struct racct *src)
KASSERT(src->r_resources[i] <= dest->r_resources[i],
("racct propagation meltdown: src > dest"));
}
- if (RACCT_IS_RECLAIMABLE(i)) {
+ if (RACCT_CAN_DROP(i)) {
dest->r_resources[i] -= src->r_resources[i];
if (dest->r_resources[i] < 0) {
KASSERT(RACCT_IS_SLOPPY(i),
@@ -254,10 +485,23 @@ racct_alloc_resource(struct racct *racct, int resource,
racct->r_resources[resource] += amount;
if (racct->r_resources[resource] < 0) {
- KASSERT(RACCT_IS_SLOPPY(resource),
+ KASSERT(RACCT_IS_SLOPPY(resource) || RACCT_IS_DECAYING(resource),
("racct_alloc_resource: usage < 0"));
racct->r_resources[resource] = 0;
}
+
+ /*
+ * There are some cases where the racct %cpu resource would grow
+ * beyond 100%.
+ * For example in racct_proc_exit() we add the process %cpu usage
+ * to the ucred racct containers. If too many processes terminated
+ * in a short time span, the ucred %cpu resource could grow too much.
+ * Also, the 4BSD scheduler sometimes returns for a thread more than
+ * 100% cpu usage. So we set a boundary here to 100%.
+ */
+ if ((resource == RACCT_PCTCPU) &&
+ (racct->r_resources[RACCT_PCTCPU] > 100 * 1000000))
+ racct->r_resources[RACCT_PCTCPU] = 100 * 1000000;
}
static int
@@ -357,7 +601,8 @@ racct_add_force(struct proc *p, int resource, uint64_t amount)
static int
racct_set_locked(struct proc *p, int resource, uint64_t amount)
{
- int64_t diff;
+ int64_t old_amount, decayed_amount;
+ int64_t diff_proc, diff_cred;
#ifdef RCTL
int error;
#endif
@@ -369,15 +614,30 @@ racct_set_locked(struct proc *p, int resource, uint64_t amount)
*/
PROC_LOCK_ASSERT(p, MA_OWNED);
- diff = amount - p->p_racct->r_resources[resource];
+ old_amount = p->p_racct->r_resources[resource];
+ /*
+ * The diffs may be negative.
+ */
+ diff_proc = amount - old_amount;
+ if (RACCT_IS_DECAYING(resource)) {
+ /*
+ * Resources in per-credential racct containers may decay.
+ * If this is the case, we need to calculate the difference
+ * between the new amount and the proportional value of the
+ * old amount that has decayed in the ucred racct containers.
+ */
+ decayed_amount = old_amount * RACCT_DECAY_FACTOR / FSCALE;
+ diff_cred = amount - decayed_amount;
+ } else
+ diff_cred = diff_proc;
#ifdef notyet
- KASSERT(diff >= 0 || RACCT_IS_RECLAIMABLE(resource),
- ("racct_set: usage of non-reclaimable resource %d dropping",
+ KASSERT(diff_proc >= 0 || RACCT_CAN_DROP(resource),
+ ("racct_set: usage of non-droppable resource %d dropping",
resource));
#endif
#ifdef RCTL
- if (diff > 0) {
- error = rctl_enforce(p, resource, diff);
+ if (diff_proc > 0) {
+ error = rctl_enforce(p, resource, diff_proc);
if (error && RACCT_IS_DENIABLE(resource)) {
SDT_PROBE(racct, kernel, rusage, set_failure, p,
resource, amount, 0, 0);
@@ -385,11 +645,11 @@ racct_set_locked(struct proc *p, int resource, uint64_t amount)
}
}
#endif
- racct_alloc_resource(p->p_racct, resource, diff);
- if (diff > 0)
- racct_add_cred_locked(p->p_ucred, resource, diff);
- else if (diff < 0)
- racct_sub_cred_locked(p->p_ucred, resource, -diff);
+ racct_alloc_resource(p->p_racct, resource, diff_proc);
+ if (diff_cred > 0)
+ racct_add_cred_locked(p->p_ucred, resource, diff_cred);
+ else if (diff_cred < 0)
+ racct_sub_cred_locked(p->p_ucred, resource, -diff_cred);
return (0);
}
@@ -412,10 +672,11 @@ racct_set(struct proc *p, int resource, uint64_t amount)
return (error);
}
-void
-racct_set_force(struct proc *p, int resource, uint64_t amount)
+static void
+racct_set_force_locked(struct proc *p, int resource, uint64_t amount)
{
- int64_t diff;
+ int64_t old_amount, decayed_amount;
+ int64_t diff_proc, diff_cred;
SDT_PROBE(racct, kernel, rusage, set, p, resource, amount, 0, 0);
@@ -424,13 +685,35 @@ racct_set_force(struct proc *p, int resource, uint64_t amount)
*/
PROC_LOCK_ASSERT(p, MA_OWNED);
+ old_amount = p->p_racct->r_resources[resource];
+ /*
+ * The diffs may be negative.
+ */
+ diff_proc = amount - old_amount;
+ if (RACCT_IS_DECAYING(resource)) {
+ /*
+ * Resources in per-credential racct containers may decay.
+ * If this is the case, we need to calculate the difference
+ * between the new amount and the proportional value of the
+ * old amount that has decayed in the ucred racct containers.
+ */
+ decayed_amount = old_amount * RACCT_DECAY_FACTOR / FSCALE;
+ diff_cred = amount - decayed_amount;
+ } else
+ diff_cred = diff_proc;
+
+ racct_alloc_resource(p->p_racct, resource, diff_proc);
+ if (diff_cred > 0)
+ racct_add_cred_locked(p->p_ucred, resource, diff_cred);
+ else if (diff_cred < 0)
+ racct_sub_cred_locked(p->p_ucred, resource, -diff_cred);
+}
+
+void
+racct_set_force(struct proc *p, int resource, uint64_t amount)
+{
mtx_lock(&racct_lock);
- diff = amount - p->p_racct->r_resources[resource];
- racct_alloc_resource(p->p_racct, resource, diff);
- if (diff > 0)
- racct_add_cred_locked(p->p_ucred, resource, diff);
- else if (diff < 0)
- racct_sub_cred_locked(p->p_ucred, resource, -diff);
+ racct_set_force_locked(p, resource, amount);
mtx_unlock(&racct_lock);
}
@@ -469,6 +752,22 @@ racct_get_available(struct proc *p, int resource)
}
/*
+ * Returns amount of the %cpu resource that process 'p' can add to its %cpu
+ * utilization. Adding more than that would lead to the process being
+ * throttled.
+ */
+static int64_t
+racct_pcpu_available(struct proc *p)
+{
+
+#ifdef RCTL
+ return (rctl_pcpu_available(p));
+#else
+ return (INT64_MAX);
+#endif
+}
+
+/*
* Decrease allocation of 'resource' by 'amount' for process 'p'.
*/
void
@@ -481,8 +780,8 @@ racct_sub(struct proc *p, int resource, uint64_t amount)
* We need proc lock to dereference p->p_ucred.
*/
PROC_LOCK_ASSERT(p, MA_OWNED);
- KASSERT(RACCT_IS_RECLAIMABLE(resource),
- ("racct_sub: called for non-reclaimable resource %d", resource));
+ KASSERT(RACCT_CAN_DROP(resource),
+ ("racct_sub: called for non-droppable resource %d", resource));
mtx_lock(&racct_lock);
KASSERT(amount <= p->p_racct->r_resources[resource],
@@ -504,8 +803,8 @@ racct_sub_cred_locked(struct ucred *cred, int resource, uint64_t amount)
0, 0);
#ifdef notyet
- KASSERT(RACCT_IS_RECLAIMABLE(resource),
- ("racct_sub_cred: called for non-reclaimable resource %d",
+ KASSERT(RACCT_CAN_DROP(resource),
+ ("racct_sub_cred: called for resource %d which can not drop",
resource));
#endif
@@ -551,6 +850,10 @@ racct_proc_fork(struct proc *parent, struct proc *child)
goto out;
#endif
+ /* Init process cpu time. */
+ child->p_prev_runtime = 0;
+ child->p_throttled = 0;
+
/*
* Inherit resource usage.
*/
@@ -602,6 +905,8 @@ racct_proc_exit(struct proc *p)
{
int i;
uint64_t runtime;
+ struct timeval wallclock;
+ uint64_t pct_estimate, pct;
PROC_LOCK(p);
/*
@@ -614,8 +919,16 @@ racct_proc_exit(struct proc *p)
if (runtime < p->p_prev_runtime)
runtime = p->p_prev_runtime;
#endif
+ microuptime(&wallclock);
+ timevalsub(&wallclock, &p->p_stats->p_start);
+ pct_estimate = (1000000 * runtime * 100) /
+ ((uint64_t)wallclock.tv_sec * 1000000 +
+ wallclock.tv_usec);
+ pct = racct_getpcpu(p, pct_estimate);
+
mtx_lock(&racct_lock);
racct_set_locked(p, RACCT_CPU, runtime);
+ racct_add_cred_locked(p->p_ucred, RACCT_PCTCPU, pct);
for (i = 0; i <= RACCT_MAX; i++) {
if (p->p_racct->r_resources[i] == 0)
@@ -692,23 +1005,124 @@ racct_move(struct racct *dest, struct racct *src)
}
static void
+racct_proc_throttle(struct proc *p)
+{
+ struct thread *td;
+#ifdef SMP
+ int cpuid;
+#endif
+
+ PROC_LOCK_ASSERT(p, MA_OWNED);
+
+ /*
+ * Do not block kernel processes. Also do not block processes with
+ * low %cpu utilization to improve interactivity.
+ */
+ if (((p->p_flag & (P_SYSTEM | P_KTHREAD)) != 0) ||
+ (p->p_racct->r_resources[RACCT_PCTCPU] <= pcpu_threshold))
+ return;
+ p->p_throttled = 1;
+
+ FOREACH_THREAD_IN_PROC(p, td) {
+ switch (td->td_state) {
+ case TDS_RUNQ:
+ /*
+ * If the thread is on the scheduler run-queue, we can
+ * not just remove it from there. So we set the flag
+ * TDF_NEEDRESCHED for the thread, so that once it is
+ * running, it is taken off the cpu as soon as possible.
+ */
+ thread_lock(td);
+ td->td_flags |= TDF_NEEDRESCHED;
+ thread_unlock(td);
+ break;
+ case TDS_RUNNING:
+ /*
+ * If the thread is running, we request a context
+ * switch for it by setting the TDF_NEEDRESCHED flag.
+ */
+ thread_lock(td);
+ td->td_flags |= TDF_NEEDRESCHED;
+#ifdef SMP
+ cpuid = td->td_oncpu;
+ if ((cpuid != NOCPU) && (td != curthread))
+ ipi_cpu(cpuid, IPI_AST);
+#endif
+ thread_unlock(td);
+ break;
+ default:
+ break;
+ }
+ }
+}
+
+static void
+racct_proc_wakeup(struct proc *p)
+{
+ PROC_LOCK_ASSERT(p, MA_OWNED);
+
+ if (p->p_throttled) {
+ p->p_throttled = 0;
+ wakeup(p->p_racct);
+ }
+}
+
+static void
+racct_decay_resource(struct racct *racct, void * res, void* dummy)
+{
+ int resource;
+ int64_t r_old, r_new;
+
+ resource = *(int *)res;
+ r_old = racct->r_resources[resource];
+
+ /* If there is nothing to decay, just exit. */
+ if (r_old <= 0)
+ return;
+
+ mtx_lock(&racct_lock);
+ r_new = r_old * RACCT_DECAY_FACTOR / FSCALE;
+ racct->r_resources[resource] = r_new;
+ mtx_unlock(&racct_lock);
+}
+
+static void
+racct_decay(int resource)
+{
+ ui_racct_foreach(racct_decay_resource, &resource, NULL);
+ loginclass_racct_foreach(racct_decay_resource, &resource, NULL);
+ prison_racct_foreach(racct_decay_resource, &resource, NULL);
+}
+
+static void
racctd(void)
{
struct thread *td;
struct proc *p;
struct timeval wallclock;
uint64_t runtime;
+ uint64_t pct, pct_estimate;
for (;;) {
+ racct_decay(RACCT_PCTCPU);
+
sx_slock(&allproc_lock);
+ LIST_FOREACH(p, &zombproc, p_list) {
+ PROC_LOCK(p);
+ racct_set(p, RACCT_PCTCPU, 0);
+ PROC_UNLOCK(p);
+ }
+
FOREACH_PROC_IN_SYSTEM(p) {
- if (p->p_state != PRS_NORMAL)
+ PROC_LOCK(p);
+ if (p->p_state != PRS_NORMAL) {
+ PROC_UNLOCK(p);
continue;
+ }
microuptime(&wallclock);
timevalsub(&wallclock, &p->p_stats->p_start);
- PROC_LOCK(p);
PROC_SLOCK(p);
FOREACH_THREAD_IN_PROC(p, td)
ruxagg(p, td);
@@ -722,7 +1136,12 @@ racctd(void)
runtime = p->p_prev_runtime;
#endif
p->p_prev_runtime = runtime;
+ pct_estimate = (1000000 * runtime * 100) /
+ ((uint64_t)wallclock.tv_sec * 1000000 +
+ wallclock.tv_usec);
+ pct = racct_getpcpu(p, pct_estimate);
mtx_lock(&racct_lock);
+ racct_set_force_locked(p, RACCT_PCTCPU, pct);
racct_set_locked(p, RACCT_CPU, runtime);
racct_set_locked(p, RACCT_WALLCLOCK,
(uint64_t)wallclock.tv_sec * 1000000 +
@@ -730,6 +1149,26 @@ racctd(void)
mtx_unlock(&racct_lock);
PROC_UNLOCK(p);
}
+
+ /*
+ * To ensure that processes are throttled in a fair way, we need
+ * to iterate over all processes again and check the limits
+ * for %cpu resource only after ucred racct containers have been
+ * properly filled.
+ */
+ FOREACH_PROC_IN_SYSTEM(p) {
+ PROC_LOCK(p);
+ if (p->p_state != PRS_NORMAL) {
+ PROC_UNLOCK(p);
+ continue;
+ }
+
+ if (racct_pcpu_available(p) <= 0)
+ racct_proc_throttle(p);
+ else if (p->p_throttled)
+ racct_proc_wakeup(p);
+ PROC_UNLOCK(p);
+ }
sx_sunlock(&allproc_lock);
pause("-", hz);
}
diff --git a/sys/kern/kern_rctl.c b/sys/kern/kern_rctl.c
index 1d0a440da7a2..934327a41d82 100644
--- a/sys/kern/kern_rctl.c
+++ b/sys/kern/kern_rctl.c
@@ -76,6 +76,8 @@ FEATURE(rctl, "Resource Limits");
#define RCTL_MAX_INBUFLEN 4096
#define RCTL_LOG_BUFSIZE 128
+#define RCTL_PCPU_SHIFT (10 * 1000000)
+
/*
* 'rctl_rule_link' connects a rule with every racct it's related to.
* For example, rule 'user:X:openfiles:deny=N/process' is linked
@@ -120,6 +122,7 @@ static struct dict resourcenames[] = {
{ "nshm", RACCT_NSHM },
{ "shmsize", RACCT_SHMSIZE },
{ "wallclock", RACCT_WALLCLOCK },
+ { "pcpu", RACCT_PCTCPU },
{ NULL, -1 }};
static struct dict actionnames[] = {
@@ -271,6 +274,51 @@ rctl_would_exceed(const struct proc *p, const struct rctl_rule *rule,
}
/*
+ * Special version of rctl_available() function for the %cpu resource.
+ * We slightly cheat here and return less than we normally would.
+ */
+int64_t
+rctl_pcpu_available(const struct proc *p) {
+ struct rctl_rule *rule;
+ struct rctl_rule_link *link;
+ int64_t available, minavailable, limit;
+
+ minavailable = INT64_MAX;
+ limit = 0;
+
+ rw_rlock(&rctl_lock);
+
+ LIST_FOREACH(link, &p->p_racct->r_rule_links, rrl_next) {
+ rule = link->rrl_rule;
+ if (rule->rr_resource != RACCT_PCTCPU)
+ continue;
+ if (rule->rr_action != RCTL_ACTION_DENY)
+ continue;
+ available = rctl_available_resource(p, rule);
+ if (available < minavailable) {
+ minavailable = available;
+ limit = rule->rr_amount;
+ }
+ }
+
+ rw_runlock(&rctl_lock);
+
+ /*
+ * Return slightly less than actual value of the available
+ * %cpu resource. This makes %cpu throttling more agressive
+ * and lets us act sooner than the limits are already exceeded.
+ */
+ if (limit != 0) {
+ if (limit > 2 * RCTL_PCPU_SHIFT)
+ minavailable -= RCTL_PCPU_SHIFT;
+ else
+ minavailable -= (limit / 2);
+ }
+
+ return (minavailable);
+}
+
+/*
* Check whether the proc 'p' can allocate 'amount' of 'resource' in addition
* to what it keeps allocated now. Returns non-zero if the allocation should
* be denied, 0 otherwise.
diff --git a/sys/kern/sched_4bsd.c b/sys/kern/sched_4bsd.c
index 7aaf37c45fc6..d1595c71a83c 100644
--- a/sys/kern/sched_4bsd.c
+++ b/sys/kern/sched_4bsd.c
@@ -1585,6 +1585,40 @@ sched_pctcpu(struct thread *td)
return (ts->ts_pctcpu);
}
+#ifdef RACCT
+/*
+ * Calculates the contribution to the thread cpu usage for the latest
+ * (unfinished) second.
+ */
+fixpt_t
+sched_pctcpu_delta(struct thread *td)
+{
+ struct td_sched *ts;
+ fixpt_t delta;
+ int realstathz;
+
+ THREAD_LOCK_ASSERT(td, MA_OWNED);
+ ts = td->td_sched;
+ delta = 0;
+ realstathz = stathz ? stathz : hz;
+ if (ts->ts_cpticks != 0) {
+#if (FSHIFT >= CCPU_SHIFT)
+ delta = (realstathz == 100)
+ ? ((fixpt_t) ts->ts_cpticks) <<
+ (FSHIFT - CCPU_SHIFT) :
+ 100 * (((fixpt_t) ts->ts_cpticks)
+ << (FSHIFT - CCPU_SHIFT)) / realstathz;
+#else
+ delta = ((FSCALE - ccpu) *
+ (ts->ts_cpticks *
+ FSCALE / realstathz)) >> FSHIFT;
+#endif
+ }
+
+ return (delta);
+}
+#endif
+
void
sched_tick(int cnt)
{
diff --git a/sys/kern/subr_trap.c b/sys/kern/subr_trap.c
index 66e32018e04f..70df8a10895c 100644
--- a/sys/kern/subr_trap.c
+++ b/sys/kern/subr_trap.c
@@ -100,6 +100,9 @@ void
userret(struct thread *td, struct trapframe *frame)
{
struct proc *p = td->td_proc;
+#ifdef RACCT
+ int sig;
+#endif
CTR3(KTR_SYSC, "userret: thread %p (pid %d, %s)", td, p->p_pid,
td->td_name);
@@ -163,6 +166,16 @@ userret(struct thread *td, struct trapframe *frame)
__func__, td, p->p_pid, td->td_name, curvnet,
(td->td_vnet_lpush != NULL) ? td->td_vnet_lpush : "N/A"));
#endif
+#ifdef RACCT
+ PROC_LOCK(p);
+ while (p->p_throttled == 1) {
+ sig = msleep(p->p_racct, &p->p_mtx, PCATCH | PBDRY, "racct",
+ hz);
+ if ((sig == EINTR) || (sig == ERESTART))
+ break;
+ }
+ PROC_UNLOCK(p);
+#endif
}
/*
diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index 0aae0cefefb3..567cb63bf410 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h
@@ -584,6 +584,7 @@ struct proc {
after fork. */
uint64_t p_prev_runtime; /* (c) Resource usage accounting. */
struct racct *p_racct; /* (b) Resource accounting. */
+ u_char p_throttled; /* (c) Flag for racct pcpu throttling */
/*
* An orphan is the child that has beed re-parented to the
* debugger as a result of attaching to it. Need to keep
diff --git a/sys/sys/racct.h b/sys/sys/racct.h
index b4aeee8d21f8..3b34891af14c 100644
--- a/sys/sys/racct.h
+++ b/sys/sys/racct.h
@@ -68,7 +68,8 @@ struct ucred;
#define RACCT_NSHM 17
#define RACCT_SHMSIZE 18
#define RACCT_WALLCLOCK 19
-#define RACCT_MAX RACCT_WALLCLOCK
+#define RACCT_PCTCPU 20
+#define RACCT_MAX RACCT_PCTCPU
/*
* Resource properties.
@@ -78,6 +79,7 @@ struct ucred;
#define RACCT_INHERITABLE 0x04
#define RACCT_DENIABLE 0x08
#define RACCT_SLOPPY 0x10
+#define RACCT_DECAYING 0x20
extern int racct_types[];
@@ -89,7 +91,9 @@ extern int racct_types[];
#define RACCT_IS_IN_MILLIONS(X) (racct_types[X] & RACCT_IN_MILLIONS)
/*
- * Resource usage can drop, as opposed to only grow.
+ * Resource usage can drop, as opposed to only grow. When the process
+ * terminates, its resource usage is freed from the respective
+ * per-credential racct containers.
*/
#define RACCT_IS_RECLAIMABLE(X) (racct_types[X] & RACCT_RECLAIMABLE)
@@ -113,6 +117,20 @@ extern int racct_types[];
#define RACCT_IS_SLOPPY(X) (racct_types[X] & RACCT_SLOPPY)
/*
+ * When a process terminates, its resource usage is not automatically
+ * subtracted from per-credential racct containers. Instead, the resource
+ * usage of per-credential racct containers decays in time.
+ * Resource usage can olso drop for such resource.
+ * So far, the only such resource is RACCT_PCTCPU.
+ */
+#define RACCT_IS_DECAYING(X) (racct_types[X] & RACCT_DECAYING)
+
+/*
+ * Resource usage can drop, as opposed to only grow.
+ */
+#define RACCT_CAN_DROP(X) (RACCT_IS_RECLAIMABLE(X) | RACCT_IS_DECAYING(X))
+
+/*
* The 'racct' structure defines resource consumption for a particular
* subject, such as process or jail.
*
diff --git a/sys/sys/rctl.h b/sys/sys/rctl.h
index 1e0342732b80..e1a45a4949fa 100644
--- a/sys/sys/rctl.h
+++ b/sys/sys/rctl.h
@@ -140,6 +140,7 @@ void rctl_rule_release(struct rctl_rule *rule);
int rctl_rule_add(struct rctl_rule *rule);
int rctl_rule_remove(struct rctl_rule *filter);
int rctl_enforce(struct proc *p, int resource, uint64_t amount);
+int64_t rctl_pcpu_available(const struct proc *p);
uint64_t rctl_get_limit(struct proc *p, int resource);
uint64_t rctl_get_available(struct proc *p, int resource);
const char *rctl_resource_name(int resource);
diff --git a/sys/sys/sched.h b/sys/sys/sched.h
index 4b8387c1d26c..b15104eae032 100644
--- a/sys/sys/sched.h
+++ b/sys/sys/sched.h
@@ -103,6 +103,11 @@ void sched_user_prio(struct thread *td, u_char prio);
void sched_userret(struct thread *td);
void sched_wakeup(struct thread *td);
void sched_preempt(struct thread *td);
+#ifdef RACCT
+#ifdef SCHED_4BSD
+fixpt_t sched_pctcpu_delta(struct thread *td);
+#endif
+#endif
/*
* Threads are moved on and off of run queues