Locking for the per-process resource limits structure.

- struct plimit includes a mutex to protect a reference count.  The plimit
  structure is treated similarly to struct ucred in that is is always copy
  on write, so having a reference to a structure is sufficient to read from
  it without needing a further lock.
- The proc lock protects the p_limit pointer and must be held while reading
  limits from a process to keep the limit structure from changing out from
  under you while reading from it.
- Various global limits that are ints are not protected by a lock since
  int writes are atomic on all the archs we support and thus a lock
  wouldn't buy us anything.
- All accesses to individual resource limits from a process are abstracted
  behind a simple lim_rlimit(), lim_max(), and lim_cur() API that return
  either an rlimit, or the current or max individual limit of the specified
  resource from a process.
- dosetrlimit() was renamed to kern_setrlimit() to match existing style of
  other similar syscall helper functions.
- The alpha OSF/1 compat layer no longer calls getrlimit() and setrlimit()
  (it didn't used the stackgap when it should have) but uses lim_rlimit()
  and kern_setrlimit() instead.
- The svr4 compat no longer uses the stackgap for resource limits calls,
  but uses lim_rlimit() and kern_setrlimit() instead.
- The ibcs2 compat no longer uses the stackgap for resource limits.  It
  also no longer uses the stackgap for accessing sysctl's for the
  ibcs2_sysconf() syscall but uses kernel_sysctl() instead.  As a result,
  ibcs2_sysconf() no longer needs Giant.
- The p_rlimit macro no longer exists.

Submitted by:	mtm (mostly, I only did a few cleanups and catchups)
Tested on:	i386
Compiled on:	alpha, amd64

1 files changed, 6 insertions, 5 deletions

diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
index ff11078..fac25e8 100644
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -794,11 +794,11 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp)
 	 * limits after loading the segments since we do
 	 * not actually fault in all the segments pages.
 	 */
-	if (data_size >
-	    imgp->proc->p_rlimit[RLIMIT_DATA].rlim_cur ||
+	PROC_LOCK(imgp->proc);
+	if (data_size > lim_cur(imgp->proc, RLIMIT_DATA) ||
 	    text_size > maxtsiz ||
-	    total_size >
-	    imgp->proc->p_rlimit[RLIMIT_VMEM].rlim_cur) {
+	    total_size > lim_cur(imgp->proc, RLIMIT_VMEM)) {
+		PROC_UNLOCK(imgp->proc);
 		error = ENOMEM;
 		goto fail;
 	}
@@ -815,7 +815,8 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp)
 	 * its maximum allowed size.
 	 */
 	addr = round_page((vm_offset_t)imgp->proc->p_vmspace->vm_daddr +
-	    imgp->proc->p_rlimit[RLIMIT_DATA].rlim_max);
+	    lim_max(imgp->proc, RLIMIT_DATA));
+	PROC_UNLOCK(imgp->proc);
 
 	imgp->entry_addr = entry;