Re: vmd: remove the user quota tracking

[Dave Voutila]

Matthew Martin  writes:

> On Wed, Oct 12, 2022 at 09:20:06AM -0400, Dave Voutila wrote:
>>
>> 1 week bump for the below. If you use this feature or currently hacking
>> on it, speak up by end of week. I'm sharpening my axes.
>
> Are the axes sharp?
>

Thanks for the ping. Committed now.

-dv

Re: vmd: remove the user quota tracking

[Matthew Martin]

On Wed, Oct 12, 2022 at 09:20:06AM -0400, Dave Voutila wrote:
> 
> 1 week bump for the below. If you use this feature or currently hacking
> on it, speak up by end of week. I'm sharpening my axes.

Are the axes sharp?

> > diff refs/heads/master refs/heads/vmd-user
> > commit - bfe2092d87b190d9f89c4a6f2728a539b7f88233
> > commit + e84ff2c7628a811e00044a447ad906d6e24beac0
> > blob - 374d7de6629e072065b5c0232536c23c1e5bbbe0
> > blob + a192223cf118e2a8764b24f965a15acbf8ae506f
> > --- usr.sbin/vmd/config.c
> > +++ usr.sbin/vmd/config.c
> > @@ -98,12 +98,6 @@ config_init(struct vmd *env)
> > return (-1);
> > TAILQ_INIT(env->vmd_switches);
> > }
> > -   if (what & CONFIG_USERS) {
> > -   if ((env->vmd_users = calloc(1,
> > -   sizeof(*env->vmd_users))) == NULL)
> > -   return (-1);
> > -   TAILQ_INIT(env->vmd_users);
> > -   }
> >
> > return (0);
> >  }
> > @@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, ui
> > return (EALREADY);
> > }
> >
> > -   /* increase the user reference counter and check user limits */
> > -   if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) {
> > -   user_inc(vcp, vm->vm_user, 1);
> > -   if (user_checklimit(vm->vm_user, vcp) == -1)
> > -   return (EPERM);
> > -   }
> > -
> > /*
> >  * Rate-limit the VM so that it cannot restart in a loop:
> >  * if the VM restarts after less than VM_START_RATE_SEC seconds,
> > blob - 2f3ac1a76f2c3e458919eca85c238a668c10422a
> > blob + 755cbedb6a18502a87724502ec86e9e426961701
> > --- usr.sbin/vmd/vmd.c
> > +++ usr.sbin/vmd/vmd.c
> > @@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *ca
> > vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING
> > | VM_STATE_SHUTDOWN);
> >
> > -   user_inc(>vm_params.vmc_params, vm->vm_user, 0);
> > -   user_put(vm->vm_user);
> > -
> > if (vm->vm_iev.ibuf.fd != -1) {
> > event_del(>vm_iev.ev);
> > close(vm->vm_iev.ibuf.fd);
> > @@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller)
> >
> > TAILQ_REMOVE(env->vmd_vms, vm, vm_entry);
> >
> > -   user_put(vm->vm_user);
> > vm_stop(vm, 0, caller);
> > free(vm);
> >  }
> > @@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
> > struct vmd_vm   *vm = NULL, *vm_parent = NULL;
> > struct vm_create_params *vcp = >vmc_params;
> > struct vmop_owner   *vmo = NULL;
> > -   struct vmd_user *usr = NULL;
> > uint32_t nid, rng;
> > unsigned int i, j;
> > struct vmd_switch   *sw;
> > @@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct 
> > vmop_create_par
> > }
> > }
> >
> > -   /* track active users */
> > -   if (uid != 0 && env->vmd_users != NULL &&
> > -   (usr = user_get(uid)) == NULL) {
> > -   log_warnx("could not add user");
> > -   goto fail;
> > -   }
> > -
> > if ((vm = calloc(1, sizeof(*vm))) == NULL)
> > goto fail;
> >
> > @@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
> > vm->vm_tty = -1;
> > vm->vm_receive_fd = -1;
> > vm->vm_state &= ~VM_STATE_PAUSED;
> > -   vm->vm_user = usr;
> >
> > for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++)
> > for (j = 0; j < VM_MAX_BASE_PER_DISK; j++)
> > @@ -1903,104 +1890,6 @@ struct vmd_user *
> > return (NULL);
> >  }
> >
> > -struct vmd_user *
> > -user_get(uid_t uid)
> > -{
> > -   struct vmd_user *usr;
> > -
> > -   if (uid == 0)
> > -   return (NULL);
> > -
> > -   /* first try to find an existing user */
> > -   TAILQ_FOREACH(usr, env->vmd_users, usr_entry) {
> > -   if (usr->usr_id.uid == uid)
> > -   goto done;
> > -   }
> > -
> > -   if ((usr = calloc(1, sizeof(*usr))) == NULL) {
> > -   log_warn("could not allocate user");
> > -   return (NULL);
> > -   }
> > -
> > -   usr->usr_id.uid = uid;
> > -   usr->usr_id.gid = -1;
> > -   TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry);
> > -
> > - done:
> > -   DPRINTF("%s: uid %d #%d +",
> > -   __func__, usr->usr_id.uid, usr->usr_refcnt + 1);
> > -   usr->usr_refcnt++;
> > -
> > -   return (usr);
> > -}
> > -
> > -void
> > -user_put(struct vmd_user *usr)
> > -{
> > -   if (usr == NULL)
> > -   return;
> > -
> > -   DPRINTF("%s: uid %d #%d -",
> > -   __func__, usr->usr_id.uid, usr->usr_refcnt - 1);
> > -
> > -   if (--usr->usr_refcnt > 0)
> > -   return;
> > -
> > -   TAILQ_REMOVE(env->vmd_users, usr, usr_entry);
> > -   free(usr);
> > -}
> > -
> > -void
> > -user_inc(struct vm_create_params *vcp, struct vmd_user *usr, int inc)
> > -{
> > -   char mem[FMT_SCALED_STRSIZE];
> > -
> > -   if (usr == NULL)
> > -   return;
> > -
> > -   /* increment or decrement counters */
> > -   inc = inc ? 1 : -1;
> > -
> 

Re: vmd: remove the user quota tracking

[Dave Voutila]

1 week bump for the below. If you use this feature or currently hacking
on it, speak up by end of week. I'm sharpening my axes.

Dave Voutila  writes:

> Matthew Martin recently presented a patch on tech@ [1] fixing some missed
> scaling from when I converted vmd(8) to use bytes instead of megabytes
> everywhere. I finally found time to wade through the code it touches and
> am proposing we simply "tedu" the incomplete feature.
>
> Does anyone use this? (And if so, how?)
>
> I don't see much value in this framework and it only adds additional
> state to track. Users can be confined by limits associated in
> login.conf(5) for the most part. There are more interesting things to
> work on, so unless anyone speaks up I'll look for an OK to remove it.
>
> -dv
>
> [1] https://marc.info/?l=openbsd-tech=166346196317673=2
>
>
> diff refs/heads/master refs/heads/vmd-user
> commit - bfe2092d87b190d9f89c4a6f2728a539b7f88233
> commit + e84ff2c7628a811e00044a447ad906d6e24beac0
> blob - 374d7de6629e072065b5c0232536c23c1e5bbbe0
> blob + a192223cf118e2a8764b24f965a15acbf8ae506f
> --- usr.sbin/vmd/config.c
> +++ usr.sbin/vmd/config.c
> @@ -98,12 +98,6 @@ config_init(struct vmd *env)
>   return (-1);
>   TAILQ_INIT(env->vmd_switches);
>   }
> - if (what & CONFIG_USERS) {
> - if ((env->vmd_users = calloc(1,
> - sizeof(*env->vmd_users))) == NULL)
> - return (-1);
> - TAILQ_INIT(env->vmd_users);
> - }
>
>   return (0);
>  }
> @@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, ui
>   return (EALREADY);
>   }
>
> - /* increase the user reference counter and check user limits */
> - if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) {
> - user_inc(vcp, vm->vm_user, 1);
> - if (user_checklimit(vm->vm_user, vcp) == -1)
> - return (EPERM);
> - }
> -
>   /*
>* Rate-limit the VM so that it cannot restart in a loop:
>* if the VM restarts after less than VM_START_RATE_SEC seconds,
> blob - 2f3ac1a76f2c3e458919eca85c238a668c10422a
> blob + 755cbedb6a18502a87724502ec86e9e426961701
> --- usr.sbin/vmd/vmd.c
> +++ usr.sbin/vmd/vmd.c
> @@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *ca
>   vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING
>   | VM_STATE_SHUTDOWN);
>
> - user_inc(>vm_params.vmc_params, vm->vm_user, 0);
> - user_put(vm->vm_user);
> -
>   if (vm->vm_iev.ibuf.fd != -1) {
>   event_del(>vm_iev.ev);
>   close(vm->vm_iev.ibuf.fd);
> @@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller)
>
>   TAILQ_REMOVE(env->vmd_vms, vm, vm_entry);
>
> - user_put(vm->vm_user);
>   vm_stop(vm, 0, caller);
>   free(vm);
>  }
> @@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   struct vmd_vm   *vm = NULL, *vm_parent = NULL;
>   struct vm_create_params *vcp = >vmc_params;
>   struct vmop_owner   *vmo = NULL;
> - struct vmd_user *usr = NULL;
>   uint32_t nid, rng;
>   unsigned int i, j;
>   struct vmd_switch   *sw;
> @@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   }
>   }
>
> - /* track active users */
> - if (uid != 0 && env->vmd_users != NULL &&
> - (usr = user_get(uid)) == NULL) {
> - log_warnx("could not add user");
> - goto fail;
> - }
> -
>   if ((vm = calloc(1, sizeof(*vm))) == NULL)
>   goto fail;
>
> @@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   vm->vm_tty = -1;
>   vm->vm_receive_fd = -1;
>   vm->vm_state &= ~VM_STATE_PAUSED;
> - vm->vm_user = usr;
>
>   for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++)
>   for (j = 0; j < VM_MAX_BASE_PER_DISK; j++)
> @@ -1903,104 +1890,6 @@ struct vmd_user *
>   return (NULL);
>  }
>
> -struct vmd_user *
> -user_get(uid_t uid)
> -{
> - struct vmd_user *usr;
> -
> - if (uid == 0)
> - return (NULL);
> -
> - /* first try to find an existing user */
> - TAILQ_FOREACH(usr, env->vmd_users, usr_entry) {
> - if (usr->usr_id.uid == uid)
> - goto done;
> - }
> -
> - if ((usr = calloc(1, sizeof(*usr))) == NULL) {
> - log_warn("could not allocate user");
> - return (NULL);
> - }
> -
> - usr->usr_id.uid = uid;
> - usr->usr_id.gid = -1;
> - TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry);
> -
> - done:
> - DPRINTF("%s: uid %d #%d +",
> - __func__, usr->usr_id.uid, usr->usr_refcnt + 1);
> - usr->usr_refcnt++;
> -
> - return (usr);
> -}
> -
> -void
> -user_put(struct vmd_user *usr)
> -{
> - if (usr == NULL)
> - return;
> -
> - DPRINTF("%s: uid 

Re: vmd: remove the user quota tracking

[Theo Buehler]

On Wed, Oct 05, 2022 at 05:03:16PM -0400, Dave Voutila wrote:
> Matthew Martin recently presented a patch on tech@ [1] fixing some missed
> scaling from when I converted vmd(8) to use bytes instead of megabytes
> everywhere. I finally found time to wade through the code it touches and
> am proposing we simply "tedu" the incomplete feature.
> 
> Does anyone use this? (And if so, how?)
> 
> I don't see much value in this framework and it only adds additional
> state to track. Users can be confined by limits associated in
> login.conf(5) for the most part. There are more interesting things to
> work on, so unless anyone speaks up I'll look for an OK to remove it.

I'm not convinced that login.conf can really replace this undocumented
feature. That said, I have no opinion on whether your or Matthew's diff
is the way to go. You and mlarkin are the maintainers, so it's your call.

If your diff should go in, you probably want to garbage collect
CONFIG_USERS.

Index: usr.sbin/vmd/proc.h
===
RCS file: /cvs/src/usr.sbin/vmd/proc.h,v
retrieving revision 1.21
diff -u -p -r1.21 proc.h
--- usr.sbin/vmd/proc.h 13 Sep 2022 10:28:19 -  1.21
+++ usr.sbin/vmd/proc.h 6 Oct 2022 11:58:46 -
@@ -89,7 +89,6 @@ extern enum privsep_procid privsep_proce
 #define CONFIG_RELOAD  0x00
 #define CONFIG_VMS 0x01
 #define CONFIG_SWITCHES0x02
-#define CONFIG_USERS   0x04
 #define CONFIG_ALL 0xff
 
 struct privsep_pipes {

Re: vmd: remove the user quota tracking

[Matthew Martin]

On Wed, Oct 05, 2022 at 05:03:16PM -0400, Dave Voutila wrote:
> Matthew Martin recently presented a patch on tech@ [1] fixing some missed
> scaling from when I converted vmd(8) to use bytes instead of megabytes
> everywhere. I finally found time to wade through the code it touches and
> am proposing we simply "tedu" the incomplete feature.
> 
> Does anyone use this? (And if so, how?)
> 
> I don't see much value in this framework and it only adds additional
> state to track. Users can be confined by limits associated in
> login.conf(5) for the most part. There are more interesting things to
> work on, so unless anyone speaks up I'll look for an OK to remove it.
> 
> -dv
> 
> [1] https://marc.info/?l=openbsd-tech=166346196317673=2

For what it's worth this works for me (I can use double-p's packer
builder with the diff). Thanks

> diff refs/heads/master refs/heads/vmd-user
> commit - bfe2092d87b190d9f89c4a6f2728a539b7f88233
> commit + e84ff2c7628a811e00044a447ad906d6e24beac0
> blob - 374d7de6629e072065b5c0232536c23c1e5bbbe0
> blob + a192223cf118e2a8764b24f965a15acbf8ae506f
> --- usr.sbin/vmd/config.c
> +++ usr.sbin/vmd/config.c
> @@ -98,12 +98,6 @@ config_init(struct vmd *env)
>   return (-1);
>   TAILQ_INIT(env->vmd_switches);
>   }
> - if (what & CONFIG_USERS) {
> - if ((env->vmd_users = calloc(1,
> - sizeof(*env->vmd_users))) == NULL)
> - return (-1);
> - TAILQ_INIT(env->vmd_users);
> - }
> 
>   return (0);
>  }
> @@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, ui
>   return (EALREADY);
>   }
> 
> - /* increase the user reference counter and check user limits */
> - if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) {
> - user_inc(vcp, vm->vm_user, 1);
> - if (user_checklimit(vm->vm_user, vcp) == -1)
> - return (EPERM);
> - }
> -
>   /*
>* Rate-limit the VM so that it cannot restart in a loop:
>* if the VM restarts after less than VM_START_RATE_SEC seconds,
> blob - 2f3ac1a76f2c3e458919eca85c238a668c10422a
> blob + 755cbedb6a18502a87724502ec86e9e426961701
> --- usr.sbin/vmd/vmd.c
> +++ usr.sbin/vmd/vmd.c
> @@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *ca
>   vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING
>   | VM_STATE_SHUTDOWN);
> 
> - user_inc(>vm_params.vmc_params, vm->vm_user, 0);
> - user_put(vm->vm_user);
> -
>   if (vm->vm_iev.ibuf.fd != -1) {
>   event_del(>vm_iev.ev);
>   close(vm->vm_iev.ibuf.fd);
> @@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller)
> 
>   TAILQ_REMOVE(env->vmd_vms, vm, vm_entry);
> 
> - user_put(vm->vm_user);
>   vm_stop(vm, 0, caller);
>   free(vm);
>  }
> @@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   struct vmd_vm   *vm = NULL, *vm_parent = NULL;
>   struct vm_create_params *vcp = >vmc_params;
>   struct vmop_owner   *vmo = NULL;
> - struct vmd_user *usr = NULL;
>   uint32_t nid, rng;
>   unsigned int i, j;
>   struct vmd_switch   *sw;
> @@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   }
>   }
> 
> - /* track active users */
> - if (uid != 0 && env->vmd_users != NULL &&
> - (usr = user_get(uid)) == NULL) {
> - log_warnx("could not add user");
> - goto fail;
> - }
> -
>   if ((vm = calloc(1, sizeof(*vm))) == NULL)
>   goto fail;
> 
> @@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   vm->vm_tty = -1;
>   vm->vm_receive_fd = -1;
>   vm->vm_state &= ~VM_STATE_PAUSED;
> - vm->vm_user = usr;
> 
>   for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++)
>   for (j = 0; j < VM_MAX_BASE_PER_DISK; j++)
> @@ -1903,104 +1890,6 @@ struct vmd_user *
>   return (NULL);
>  }
> 
> -struct vmd_user *
> -user_get(uid_t uid)
> -{
> - struct vmd_user *usr;
> -
> - if (uid == 0)
> - return (NULL);
> -
> - /* first try to find an existing user */
> - TAILQ_FOREACH(usr, env->vmd_users, usr_entry) {
> - if (usr->usr_id.uid == uid)
> - goto done;
> - }
> -
> - if ((usr = calloc(1, sizeof(*usr))) == NULL) {
> - log_warn("could not allocate user");
> - return (NULL);
> - }
> -
> - usr->usr_id.uid = uid;
> - usr->usr_id.gid = -1;
> - TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry);
> -
> - done:
> - DPRINTF("%s: uid %d #%d +",
> - __func__, usr->usr_id.uid, usr->usr_refcnt + 1);
> - usr->usr_refcnt++;
> -
> - return (usr);
> -}
> -
> -void
> -user_put(struct vmd_user *usr)
> -{
> - if (usr == NULL)
> - return;
> -
> - 

Re: vmd: remove the user quota tracking

[Mike Larkin]

On Wed, Oct 05, 2022 at 05:03:16PM -0400, Dave Voutila wrote:
> Matthew Martin recently presented a patch on tech@ [1] fixing some missed
> scaling from when I converted vmd(8) to use bytes instead of megabytes
> everywhere. I finally found time to wade through the code it touches and
> am proposing we simply "tedu" the incomplete feature.
>
> Does anyone use this? (And if so, how?)
>
> I don't see much value in this framework and it only adds additional
> state to track. Users can be confined by limits associated in
> login.conf(5) for the most part. There are more interesting things to
> work on, so unless anyone speaks up I'll look for an OK to remove it.
>
> -dv
>
> [1] https://marc.info/?l=openbsd-tech=166346196317673=2
>

I'd wait for someone to speak up and become the owner of this part of vmd and
if nobody does, ok mlarkin to nuke it.

-ml

>
> diff refs/heads/master refs/heads/vmd-user
> commit - bfe2092d87b190d9f89c4a6f2728a539b7f88233
> commit + e84ff2c7628a811e00044a447ad906d6e24beac0
> blob - 374d7de6629e072065b5c0232536c23c1e5bbbe0
> blob + a192223cf118e2a8764b24f965a15acbf8ae506f
> --- usr.sbin/vmd/config.c
> +++ usr.sbin/vmd/config.c
> @@ -98,12 +98,6 @@ config_init(struct vmd *env)
>   return (-1);
>   TAILQ_INIT(env->vmd_switches);
>   }
> - if (what & CONFIG_USERS) {
> - if ((env->vmd_users = calloc(1,
> - sizeof(*env->vmd_users))) == NULL)
> - return (-1);
> - TAILQ_INIT(env->vmd_users);
> - }
>
>   return (0);
>  }
> @@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, ui
>   return (EALREADY);
>   }
>
> - /* increase the user reference counter and check user limits */
> - if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) {
> - user_inc(vcp, vm->vm_user, 1);
> - if (user_checklimit(vm->vm_user, vcp) == -1)
> - return (EPERM);
> - }
> -
>   /*
>* Rate-limit the VM so that it cannot restart in a loop:
>* if the VM restarts after less than VM_START_RATE_SEC seconds,
> blob - 2f3ac1a76f2c3e458919eca85c238a668c10422a
> blob + 755cbedb6a18502a87724502ec86e9e426961701
> --- usr.sbin/vmd/vmd.c
> +++ usr.sbin/vmd/vmd.c
> @@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *ca
>   vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING
>   | VM_STATE_SHUTDOWN);
>
> - user_inc(>vm_params.vmc_params, vm->vm_user, 0);
> - user_put(vm->vm_user);
> -
>   if (vm->vm_iev.ibuf.fd != -1) {
>   event_del(>vm_iev.ev);
>   close(vm->vm_iev.ibuf.fd);
> @@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller)
>
>   TAILQ_REMOVE(env->vmd_vms, vm, vm_entry);
>
> - user_put(vm->vm_user);
>   vm_stop(vm, 0, caller);
>   free(vm);
>  }
> @@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   struct vmd_vm   *vm = NULL, *vm_parent = NULL;
>   struct vm_create_params *vcp = >vmc_params;
>   struct vmop_owner   *vmo = NULL;
> - struct vmd_user *usr = NULL;
>   uint32_t nid, rng;
>   unsigned int i, j;
>   struct vmd_switch   *sw;
> @@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   }
>   }
>
> - /* track active users */
> - if (uid != 0 && env->vmd_users != NULL &&
> - (usr = user_get(uid)) == NULL) {
> - log_warnx("could not add user");
> - goto fail;
> - }
> -
>   if ((vm = calloc(1, sizeof(*vm))) == NULL)
>   goto fail;
>
> @@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
>   vm->vm_tty = -1;
>   vm->vm_receive_fd = -1;
>   vm->vm_state &= ~VM_STATE_PAUSED;
> - vm->vm_user = usr;
>
>   for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++)
>   for (j = 0; j < VM_MAX_BASE_PER_DISK; j++)
> @@ -1903,104 +1890,6 @@ struct vmd_user *
>   return (NULL);
>  }
>
> -struct vmd_user *
> -user_get(uid_t uid)
> -{
> - struct vmd_user *usr;
> -
> - if (uid == 0)
> - return (NULL);
> -
> - /* first try to find an existing user */
> - TAILQ_FOREACH(usr, env->vmd_users, usr_entry) {
> - if (usr->usr_id.uid == uid)
> - goto done;
> - }
> -
> - if ((usr = calloc(1, sizeof(*usr))) == NULL) {
> - log_warn("could not allocate user");
> - return (NULL);
> - }
> -
> - usr->usr_id.uid = uid;
> - usr->usr_id.gid = -1;
> - TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry);
> -
> - done:
> - DPRINTF("%s: uid %d #%d +",
> - __func__, usr->usr_id.uid, usr->usr_refcnt + 1);
> - usr->usr_refcnt++;
> -
> - return (usr);
> -}
> -
> -void
> -user_put(struct vmd_user *usr)
> -{
> - if (usr == NULL)
> - 

vmd: remove the user quota tracking

[Dave Voutila]

Matthew Martin recently presented a patch on tech@ [1] fixing some missed
scaling from when I converted vmd(8) to use bytes instead of megabytes
everywhere. I finally found time to wade through the code it touches and
am proposing we simply "tedu" the incomplete feature.

Does anyone use this? (And if so, how?)

I don't see much value in this framework and it only adds additional
state to track. Users can be confined by limits associated in
login.conf(5) for the most part. There are more interesting things to
work on, so unless anyone speaks up I'll look for an OK to remove it.

-dv

[1] https://marc.info/?l=openbsd-tech=166346196317673=2


diff refs/heads/master refs/heads/vmd-user
commit - bfe2092d87b190d9f89c4a6f2728a539b7f88233
commit + e84ff2c7628a811e00044a447ad906d6e24beac0
blob - 374d7de6629e072065b5c0232536c23c1e5bbbe0
blob + a192223cf118e2a8764b24f965a15acbf8ae506f
--- usr.sbin/vmd/config.c
+++ usr.sbin/vmd/config.c
@@ -98,12 +98,6 @@ config_init(struct vmd *env)
return (-1);
TAILQ_INIT(env->vmd_switches);
}
-   if (what & CONFIG_USERS) {
-   if ((env->vmd_users = calloc(1,
-   sizeof(*env->vmd_users))) == NULL)
-   return (-1);
-   TAILQ_INIT(env->vmd_users);
-   }

return (0);
 }
@@ -238,13 +232,6 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm, ui
return (EALREADY);
}

-   /* increase the user reference counter and check user limits */
-   if (vm->vm_user != NULL && user_get(vm->vm_user->usr_id.uid) != NULL) {
-   user_inc(vcp, vm->vm_user, 1);
-   if (user_checklimit(vm->vm_user, vcp) == -1)
-   return (EPERM);
-   }
-
/*
 * Rate-limit the VM so that it cannot restart in a loop:
 * if the VM restarts after less than VM_START_RATE_SEC seconds,
blob - 2f3ac1a76f2c3e458919eca85c238a668c10422a
blob + 755cbedb6a18502a87724502ec86e9e426961701
--- usr.sbin/vmd/vmd.c
+++ usr.sbin/vmd/vmd.c
@@ -1188,9 +1188,6 @@ vm_stop(struct vmd_vm *vm, int keeptty, const char *ca
vm->vm_state &= ~(VM_STATE_RECEIVED | VM_STATE_RUNNING
| VM_STATE_SHUTDOWN);

-   user_inc(>vm_params.vmc_params, vm->vm_user, 0);
-   user_put(vm->vm_user);
-
if (vm->vm_iev.ibuf.fd != -1) {
event_del(>vm_iev.ev);
close(vm->vm_iev.ibuf.fd);
@@ -1243,7 +1240,6 @@ vm_remove(struct vmd_vm *vm, const char *caller)

TAILQ_REMOVE(env->vmd_vms, vm, vm_entry);

-   user_put(vm->vm_user);
vm_stop(vm, 0, caller);
free(vm);
 }
@@ -1286,7 +1282,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
struct vmd_vm   *vm = NULL, *vm_parent = NULL;
struct vm_create_params *vcp = >vmc_params;
struct vmop_owner   *vmo = NULL;
-   struct vmd_user *usr = NULL;
uint32_t nid, rng;
unsigned int i, j;
struct vmd_switch   *sw;
@@ -1362,13 +1357,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
}
}

-   /* track active users */
-   if (uid != 0 && env->vmd_users != NULL &&
-   (usr = user_get(uid)) == NULL) {
-   log_warnx("could not add user");
-   goto fail;
-   }
-
if ((vm = calloc(1, sizeof(*vm))) == NULL)
goto fail;

@@ -1379,7 +1367,6 @@ vm_register(struct privsep *ps, struct vmop_create_par
vm->vm_tty = -1;
vm->vm_receive_fd = -1;
vm->vm_state &= ~VM_STATE_PAUSED;
-   vm->vm_user = usr;

for (i = 0; i < VMM_MAX_DISKS_PER_VM; i++)
for (j = 0; j < VM_MAX_BASE_PER_DISK; j++)
@@ -1903,104 +1890,6 @@ struct vmd_user *
return (NULL);
 }

-struct vmd_user *
-user_get(uid_t uid)
-{
-   struct vmd_user *usr;
-
-   if (uid == 0)
-   return (NULL);
-
-   /* first try to find an existing user */
-   TAILQ_FOREACH(usr, env->vmd_users, usr_entry) {
-   if (usr->usr_id.uid == uid)
-   goto done;
-   }
-
-   if ((usr = calloc(1, sizeof(*usr))) == NULL) {
-   log_warn("could not allocate user");
-   return (NULL);
-   }
-
-   usr->usr_id.uid = uid;
-   usr->usr_id.gid = -1;
-   TAILQ_INSERT_TAIL(env->vmd_users, usr, usr_entry);
-
- done:
-   DPRINTF("%s: uid %d #%d +",
-   __func__, usr->usr_id.uid, usr->usr_refcnt + 1);
-   usr->usr_refcnt++;
-
-   return (usr);
-}
-
-void
-user_put(struct vmd_user *usr)
-{
-   if (usr == NULL)
-   return;
-
-   DPRINTF("%s: uid %d #%d -",
-   __func__, usr->usr_id.uid, usr->usr_refcnt - 1);
-
-   if (--usr->usr_refcnt > 0)
-   return;
-
-   TAILQ_REMOVE(env->vmd_users, usr, usr_entry);
-   free(usr);
-}
-
-void
-user_inc(struct vm_create_params *vcp, struct