From 7aaa6cf22594cfc7eff2070191c0077bfd58046a Mon Sep 17 00:00:00 2001 From: Googler Date: Wed, 13 Feb 2019 12:06:20 -0800 Subject: Internal change. PiperOrigin-RevId: 233802562 Change-Id: I40e1b13fd571daaf241b00f8df4bcedd034dc3f1 --- pkg/sentry/fs/BUILD | 1 + pkg/sentry/fs/file.go | 5 +++++ pkg/sentry/fs/gofer/file.go | 20 ++++++++++++++++++-- pkg/sentry/fs/inode.go | 4 ++++ pkg/sentry/fs/tmpfs/BUILD | 1 + pkg/sentry/fs/tmpfs/inode_file.go | 13 +++++++++++++ 6 files changed, 42 insertions(+), 2 deletions(-) (limited to 'pkg/sentry/fs') diff --git a/pkg/sentry/fs/BUILD b/pkg/sentry/fs/BUILD index e58333da3..6957c1bbe 100644 --- a/pkg/sentry/fs/BUILD +++ b/pkg/sentry/fs/BUILD @@ -48,6 +48,7 @@ go_library( "//pkg/amutex", "//pkg/ilist", "//pkg/log", + "//pkg/metric", "//pkg/p9", "//pkg/refs", "//pkg/sentry/arch", diff --git a/pkg/sentry/fs/file.go b/pkg/sentry/fs/file.go index d6752ed1b..b66d2f265 100644 --- a/pkg/sentry/fs/file.go +++ b/pkg/sentry/fs/file.go @@ -21,6 +21,7 @@ import ( "gvisor.googlesource.com/gvisor/pkg/amutex" "gvisor.googlesource.com/gvisor/pkg/log" + "gvisor.googlesource.com/gvisor/pkg/metric" "gvisor.googlesource.com/gvisor/pkg/refs" "gvisor.googlesource.com/gvisor/pkg/sentry/context" "gvisor.googlesource.com/gvisor/pkg/sentry/fs/lock" @@ -32,6 +33,8 @@ import ( "gvisor.googlesource.com/gvisor/pkg/waiter" ) +var reads = metric.MustCreateNewUint64Metric("/fs/reads", false /* sync */, "Number of file reads.") + // FileMaxOffset is the maximum possible file offset. const FileMaxOffset = math.MaxInt64 @@ -237,6 +240,7 @@ func (f *File) Readv(ctx context.Context, dst usermem.IOSequence) (int64, error) return 0, syserror.ErrInterrupted } + reads.Increment() n, err := f.FileOperations.Read(ctx, f, dst, f.offset) if n > 0 { atomic.AddInt64(&f.offset, n) @@ -255,6 +259,7 @@ func (f *File) Preadv(ctx context.Context, dst usermem.IOSequence, offset int64) return 0, syserror.ErrInterrupted } + reads.Increment() n, err := f.FileOperations.Read(ctx, f, dst, offset) f.mu.Unlock() return n, err diff --git a/pkg/sentry/fs/gofer/file.go b/pkg/sentry/fs/gofer/file.go index 2bb25daf1..7a6dabba8 100644 --- a/pkg/sentry/fs/gofer/file.go +++ b/pkg/sentry/fs/gofer/file.go @@ -31,7 +31,13 @@ import ( "gvisor.googlesource.com/gvisor/pkg/waiter" ) -var openedWX = metric.MustCreateNewUint64Metric("/gofer/opened_write_execute_file", true /* sync */, "Number of times a writable+executable file was opened from a gofer.") +var ( + opensWX = metric.MustCreateNewUint64Metric("/gofer/opened_write_execute_file", true /* sync */, "Number of times a writable+executable file was opened from a gofer.") + opens9P = metric.MustCreateNewUint64Metric("/gofer/opens_9p", false /* sync */, "Number of times a 9P file was opened from a gofer.") + opensHost = metric.MustCreateNewUint64Metric("/gofer/opens_host", false /* sync */, "Number of times a host file was opened from a gofer.") + reads9P = metric.MustCreateNewUint64Metric("/gofer/reads_9p", false /* sync */, "Number of 9P file reads from a gofer.") + readsHost = metric.MustCreateNewUint64Metric("/gofer/reads_host", false /* sync */, "Number of host file reads from a gofer.") +) // fileOperations implements fs.FileOperations for a remote file system. // @@ -91,10 +97,15 @@ func NewFile(ctx context.Context, dirent *fs.Dirent, name string, flags fs.FileF } if flags.Write { if err := dirent.Inode.CheckPermission(ctx, fs.PermMask{Execute: true}); err == nil { - openedWX.Increment() + opensWX.Increment() log.Warningf("Opened a writable executable: %q", name) } } + if handles.Host != nil { + opensHost.Increment() + } else { + opens9P.Increment() + } return fs.NewFile(ctx, dirent, flags, f) } @@ -227,6 +238,11 @@ func (f *fileOperations) Read(ctx context.Context, file *fs.File, dst usermem.IO // Not all remote file systems enforce this so this client does. return 0, syserror.EISDIR } + if f.handles.Host != nil { + readsHost.Increment() + } else { + reads9P.Increment() + } if f.inodeOperations.session().cachePolicy.useCachingInodeOps(file.Dirent.Inode) { return f.inodeOperations.cachingInodeOps.Read(ctx, file, dst, offset) diff --git a/pkg/sentry/fs/inode.go b/pkg/sentry/fs/inode.go index d32f52d55..08b5c5902 100644 --- a/pkg/sentry/fs/inode.go +++ b/pkg/sentry/fs/inode.go @@ -17,6 +17,7 @@ package fs import ( "gvisor.googlesource.com/gvisor/pkg/abi/linux" "gvisor.googlesource.com/gvisor/pkg/log" + "gvisor.googlesource.com/gvisor/pkg/metric" "gvisor.googlesource.com/gvisor/pkg/refs" "gvisor.googlesource.com/gvisor/pkg/sentry/context" "gvisor.googlesource.com/gvisor/pkg/sentry/fs/lock" @@ -26,6 +27,8 @@ import ( "gvisor.googlesource.com/gvisor/pkg/syserror" ) +var opens = metric.MustCreateNewUint64Metric("/fs/opens", false /* sync */, "Number of file opens.") + // Inode is a file system object that can be simultaneously referenced by different // components of the VFS (Dirent, fs.File, etc). // @@ -236,6 +239,7 @@ func (i *Inode) GetFile(ctx context.Context, d *Dirent, flags FileFlags) (*File, if i.overlay != nil { return overlayGetFile(ctx, i.overlay, d, flags) } + opens.Increment() return i.InodeOperations.GetFile(ctx, d, flags) } diff --git a/pkg/sentry/fs/tmpfs/BUILD b/pkg/sentry/fs/tmpfs/BUILD index bf5b68869..9570c71e5 100644 --- a/pkg/sentry/fs/tmpfs/BUILD +++ b/pkg/sentry/fs/tmpfs/BUILD @@ -15,6 +15,7 @@ go_library( visibility = ["//pkg/sentry:internal"], deps = [ "//pkg/abi/linux", + "//pkg/metric", "//pkg/sentry/context", "//pkg/sentry/device", "//pkg/sentry/fs", diff --git a/pkg/sentry/fs/tmpfs/inode_file.go b/pkg/sentry/fs/tmpfs/inode_file.go index 2505e2c69..ef5e67dda 100644 --- a/pkg/sentry/fs/tmpfs/inode_file.go +++ b/pkg/sentry/fs/tmpfs/inode_file.go @@ -18,6 +18,7 @@ import ( "io" "sync" + "gvisor.googlesource.com/gvisor/pkg/metric" "gvisor.googlesource.com/gvisor/pkg/sentry/context" "gvisor.googlesource.com/gvisor/pkg/sentry/fs" "gvisor.googlesource.com/gvisor/pkg/sentry/fs/fsutil" @@ -29,6 +30,12 @@ import ( "gvisor.googlesource.com/gvisor/pkg/sentry/usermem" ) +var ( + opensRO = metric.MustCreateNewUint64Metric("/in_memory_file/opens_ro", false /* sync */, "Number of times an in-memory file was opened in read-only mode.") + opensW = metric.MustCreateNewUint64Metric("/in_memory_file/opens_w", false /* sync */, "Number of times an in-memory file was opened in write mode.") + reads = metric.MustCreateNewUint64Metric("/in_memory_file/reads", false /* sync */, "Number of in-memory file reads.") +) + // fileInodeOperations implements fs.InodeOperations for a regular tmpfs file. // These files are backed by FrameRegions allocated from a platform.Memory, // and may be directly mapped. @@ -116,6 +123,11 @@ func (*fileInodeOperations) Rename(ctx context.Context, oldParent *fs.Inode, old // GetFile implements fs.InodeOperations.GetFile. func (f *fileInodeOperations) GetFile(ctx context.Context, d *fs.Dirent, flags fs.FileFlags) (*fs.File, error) { + if flags.Write { + opensW.Increment() + } else if flags.Read { + opensRO.Increment() + } flags.Pread = true flags.Pwrite = true return fs.NewFile(ctx, d, flags, ®ularFileOperations{iops: f}), nil @@ -237,6 +249,7 @@ func (*fileInodeOperations) StatFS(context.Context) (fs.Info, error) { } func (f *fileInodeOperations) read(ctx context.Context, dst usermem.IOSequence, offset int64) (int64, error) { + reads.Increment() // Zero length reads for tmpfs are no-ops. if dst.NumBytes() == 0 { return 0, nil -- cgit v1.2.3