5 files changed, 320 insertions, 10 deletions
diff --git a/pkg/sentry/control/BUILD b/pkg/sentry/control/BUILD
index 7ee237c9f..cfb33a398 100644
--- a/pkg/sentry/control/BUILD
+++ b/pkg/sentry/control/BUILD
@@ -1,17 +1,25 @@
-load("//tools:defs.bzl", "go_library", "go_test")
+load("//tools:defs.bzl", "go_library", "go_test", "proto_library")
 
 package(licenses = ["notice"])
 
+proto_library(
+    name = "control",
+    srcs = ["control.proto"],
+    visibility = ["//visibility:public"],
+)
+
 go_library(
     name = "control",
     srcs = [
         "control.go",
+        "events.go",
         "fs.go",
         "lifecycle.go",
         "logging.go",
         "pprof.go",
         "proc.go",
         "state.go",
+        "usage.go",
     ],
     visibility = [
         "//:sandbox",
@@ -19,6 +27,7 @@ go_library(
     deps = [
         "//pkg/abi/linux",
         "//pkg/context",
+        "//pkg/eventchannel",
         "//pkg/fd",
         "//pkg/log",
         "//pkg/sentry/fdimport",
@@ -39,6 +48,7 @@ go_library(
         "//pkg/tcpip/link/sniffer",
         "//pkg/urpc",
         "//pkg/usermem",
+        "@org_golang_x_sys//unix:go_default_library",
     ],
 )
 
diff --git a/pkg/sentry/control/control.proto b/pkg/sentry/control/control.proto
new file mode 100644
index 000000000..72dda3fbc
--- /dev/null
+++ b/pkg/sentry/control/control.proto
@@ -0,0 +1,40 @@
+// Copyright 2021 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package gvisor;
+
+// ControlConfig configures the permission of controls.
+message ControlConfig {
+  // Names for individual control URPC service objects.
+  // Any new service object that should be given conditional access should be
+  // named here and conditionally added based on presence in allowed_controls.
+  enum Endpoint {
+    UNKNOWN = 0;
+    EVENTS = 1;
+    FS = 2;
+    LIFECYCLE = 3;
+    LOGGING = 4;
+    PROFILE = 5;
+    USAGE = 6;
+    PROC = 7;
+    STATE = 8;
+    DEBUG = 9;
+  }
+
+  // allowed_controls represents which endpoints may be registered to the
+  // server.
+  repeated Endpoint allowed_controls = 1;
+}
diff --git a/pkg/sentry/control/events.go b/pkg/sentry/control/events.go
new file mode 100644
index 000000000..92e437ae7
--- /dev/null
+++ b/pkg/sentry/control/events.go
@@ -0,0 +1,65 @@
+// Copyright 2021 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package control
+
+import (
+	"errors"
+	"fmt"
+
+	"gvisor.dev/gvisor/pkg/eventchannel"
+	"gvisor.dev/gvisor/pkg/urpc"
+)
+
+// EventsOpts are the arguments for eventchannel-related commands.
+type EventsOpts struct {
+	urpc.FilePayload
+}
+
+// Events is the control server state for eventchannel-related commands.
+type Events struct {
+	emitter eventchannel.Emitter
+}
+
+// AttachDebugEmitter receives a connected unix domain socket FD from the client
+// and establishes it as a new emitter for the sentry eventchannel. Any existing
+// emitters are replaced on a subsequent attach.
+func (e *Events) AttachDebugEmitter(o *EventsOpts, _ *struct{}) error {
+	if len(o.FilePayload.Files) < 1 {
+		return errors.New("no output writer provided")
+	}
+
+	sock, err := o.ReleaseFD(0)
+	if err != nil {
+		return err
+	}
+	sockFD := sock.Release()
+
+	// SocketEmitter takes ownership of sockFD.
+	emitter, err := eventchannel.SocketEmitter(sockFD)
+	if err != nil {
+		return fmt.Errorf("failed to create SocketEmitter for FD %d: %v", sockFD, err)
+	}
+
+	// If there is already a debug emitter, close the old one.
+	if e.emitter != nil {
+		e.emitter.Close()
+	}
+
+	e.emitter = eventchannel.DebugEmitterFrom(emitter)
+
+	// Register the new stream destination.
+	eventchannel.AddEmitter(e.emitter)
+	return nil
+}
diff --git a/pkg/sentry/control/pprof.go b/pkg/sentry/control/pprof.go
index 2f3664c57..f721b7236 100644
--- a/pkg/sentry/control/pprof.go
+++ b/pkg/sentry/control/pprof.go
@@ -26,6 +26,23 @@ import (
 	"gvisor.dev/gvisor/pkg/urpc"
 )
 
+const (
+	// DefaultBlockProfileRate is the default profiling rate for block
+	// profiles.
+	//
+	// The default here is 10%, which will record a stacktrace 10% of the
+	// time when blocking occurs. Since these events should not be super
+	// frequent, we expect this to achieve a reasonable balance between
+	// collecting the data we need and imposing a high performance cost
+	// (e.g. skewing even the CPU profile).
+	DefaultBlockProfileRate = 10
+
+	// DefaultMutexProfileRate is the default profiling rate for mutex
+	// profiles. Like the block rate above, we use a default rate of 10%
+	// for the same reasons.
+	DefaultMutexProfileRate = 10
+)
+
 // Profile includes profile-related RPC stubs. It provides a way to
 // control the built-in runtime profiling facilities.
 //
@@ -175,12 +192,8 @@ func (p *Profile) Block(o *BlockProfileOpts, _ *struct{}) error {
 	defer p.blockMu.Unlock()
 
 	// Always set the rate. We then wait to collect a profile at this rate,
-	// and disable when we're done. Note that the default here is 10%, which
-	// will record a stacktrace 10% of the time when blocking occurs. Since
-	// these events should not be super frequent, we expect this to achieve
-	// a reasonable balance between collecting the data we need and imposing
-	// a high performance cost (e.g. skewing even the CPU profile).
-	rate := 10
+	// and disable when we're done.
+	rate := DefaultBlockProfileRate
 	if o.Rate != 0 {
 		rate = o.Rate
 	}
@@ -220,9 +233,8 @@ func (p *Profile) Mutex(o *MutexProfileOpts, _ *struct{}) error {
 	p.mutexMu.Lock()
 	defer p.mutexMu.Unlock()
 
-	// Always set the fraction. Like the block rate above, we use
-	// a default rate of 10% for the same reasons.
-	fraction := 10
+	// Always set the fraction.
+	fraction := DefaultMutexProfileRate
 	if o.Fraction != 0 {
 		fraction = o.Fraction
 	}
diff --git a/pkg/sentry/control/usage.go b/pkg/sentry/control/usage.go
new file mode 100644
index 000000000..cc78d3f45
--- /dev/null
+++ b/pkg/sentry/control/usage.go
@@ -0,0 +1,183 @@
+// Copyright 2021 The gVisor Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package control
+
+import (
+	"fmt"
+	"os"
+	"runtime"
+
+	"golang.org/x/sys/unix"
+	"gvisor.dev/gvisor/pkg/sentry/kernel"
+	"gvisor.dev/gvisor/pkg/sentry/usage"
+	"gvisor.dev/gvisor/pkg/urpc"
+)
+
+// Usage includes usage-related RPC stubs.
+type Usage struct {
+	Kernel *kernel.Kernel
+}
+
+// MemoryUsageOpts contains usage options.
+type MemoryUsageOpts struct {
+	// Full indicates that a full accounting should be done. If Full is not
+	// specified, then a partial accounting will be done, and Unknown will
+	// contain a majority of memory. See Collect for more information.
+	Full bool `json:"Full"`
+}
+
+// MemoryUsage is a memory usage structure.
+type MemoryUsage struct {
+	Unknown   uint64 `json:"Unknown"`
+	System    uint64 `json:"System"`
+	Anonymous uint64 `json:"Anonymous"`
+	PageCache uint64 `json:"PageCache"`
+	Mapped    uint64 `json:"Mapped"`
+	Tmpfs     uint64 `json:"Tmpfs"`
+	Ramdiskfs uint64 `json:"Ramdiskfs"`
+	Total     uint64 `json:"Total"`
+}
+
+// MemoryUsageFileOpts contains usage file options.
+type MemoryUsageFileOpts struct {
+	// Version is used to ensure both sides agree on the format of the
+	// shared memory buffer.
+	Version uint64 `json:"Version"`
+}
+
+// MemoryUsageFile contains the file handle to the usage file.
+type MemoryUsageFile struct {
+	urpc.FilePayload
+}
+
+// UsageFD returns the file that tracks the memory usage of the application.
+func (u *Usage) UsageFD(opts *MemoryUsageFileOpts, out *MemoryUsageFile) error {
+	// Only support version 1 for now.
+	if opts.Version != 1 {
+		return fmt.Errorf("unsupported version requested: %d", opts.Version)
+	}
+
+	mf := u.Kernel.MemoryFile()
+	*out = MemoryUsageFile{
+		FilePayload: urpc.FilePayload{
+			Files: []*os.File{
+				usage.MemoryAccounting.File,
+				mf.File(),
+			},
+		},
+	}
+
+	return nil
+}
+
+// Collect returns memory used by the sandboxed application.
+func (u *Usage) Collect(opts *MemoryUsageOpts, out *MemoryUsage) error {
+	if opts.Full {
+		// Ensure everything is up to date.
+		if err := u.Kernel.MemoryFile().UpdateUsage(); err != nil {
+			return err
+		}
+
+		// Copy out a snapshot.
+		snapshot, total := usage.MemoryAccounting.Copy()
+		*out = MemoryUsage{
+			System:    snapshot.System,
+			Anonymous: snapshot.Anonymous,
+			PageCache: snapshot.PageCache,
+			Mapped:    snapshot.Mapped,
+			Tmpfs:     snapshot.Tmpfs,
+			Ramdiskfs: snapshot.Ramdiskfs,
+			Total:     total,
+		}
+	} else {
+		// Get total usage from the MemoryFile implementation.
+		total, err := u.Kernel.MemoryFile().TotalUsage()
+		if err != nil {
+			return err
+		}
+
+		// The memory accounting is guaranteed to be accurate only when
+		// UpdateUsage is called. If UpdateUsage is not called, then only Mapped
+		// will be up-to-date.
+		snapshot, _ := usage.MemoryAccounting.Copy()
+		*out = MemoryUsage{
+			Unknown: total,
+			Mapped:  snapshot.Mapped,
+			Total:   total + snapshot.Mapped,
+		}
+
+	}
+
+	return nil
+}
+
+// UsageReduceOpts contains options to Usage.Reduce().
+type UsageReduceOpts struct {
+	// If Wait is true, Reduce blocks until all activity initiated by
+	// Usage.Reduce() has completed.
+	Wait bool `json:"wait"`
+}
+
+// UsageReduceOutput contains output from Usage.Reduce().
+type UsageReduceOutput struct{}
+
+// Reduce requests that the sentry attempt to reduce its memory usage.
+func (u *Usage) Reduce(opts *UsageReduceOpts, out *UsageReduceOutput) error {
+	mf := u.Kernel.MemoryFile()
+	mf.StartEvictions()
+	if opts.Wait {
+		mf.WaitForEvictions()
+	}
+	return nil
+}
+
+// MemoryUsageRecord contains the mapping and platform memory file.
+type MemoryUsageRecord struct {
+	mmap  uintptr
+	stats *usage.RTMemoryStats
+	mf    os.File
+}
+
+// NewMemoryUsageRecord creates a new MemoryUsageRecord from usageFile and
+// platformFile.
+func NewMemoryUsageRecord(usageFile, platformFile os.File) (*MemoryUsageRecord, error) {
+	mmap, _, e := unix.RawSyscall6(unix.SYS_MMAP, 0, usage.RTMemoryStatsSize, unix.PROT_READ, unix.MAP_SHARED, usageFile.Fd(), 0)
+	if e != 0 {
+		return nil, fmt.Errorf("mmap returned %d, want 0", e)
+	}
+
+	m := MemoryUsageRecord{
+		mmap:  mmap,
+		stats: usage.RTMemoryStatsPointer(mmap),
+		mf:    platformFile,
+	}
+
+	runtime.SetFinalizer(&m, finalizer)
+	return &m, nil
+}
+
+func finalizer(m *MemoryUsageRecord) {
+	unix.RawSyscall(unix.SYS_MUNMAP, m.mmap, usage.RTMemoryStatsSize, 0)
+}
+
+// Fetch fetches the usage info from a MemoryUsageRecord.
+func (m *MemoryUsageRecord) Fetch() (mapped, unknown, total uint64, err error) {
+	var stat unix.Stat_t
+	if err := unix.Fstat(int(m.mf.Fd()), &stat); err != nil {
+		return 0, 0, 0, err
+	}
+	fmem := uint64(stat.Blocks) * 512
+	return m.stats.RTMapped, fmem, m.stats.RTMapped + fmem, nil
+}