1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
29 #include <sys/types.h>
35 #include "formats-util.h"
36 #include "process-util.h"
37 #include "path-util.h"
38 #include "unit-name.h"
42 #include "login-util.h"
43 #include "cgroup-util.h"
45 int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) {
46 _cleanup_free_ char *fs = NULL;
52 r = cg_get_path(controller, path, "cgroup.procs", &fs);
64 int cg_read_pid(FILE *f, pid_t *_pid) {
67 /* Note that the cgroup.procs might contain duplicates! See
68 * cgroups.txt for details. */
74 if (fscanf(f, "%lu", &ul) != 1) {
79 return errno ? -errno : -EIO;
89 int cg_enumerate_subgroups(const char *controller, const char *path, DIR **_d) {
90 _cleanup_free_ char *fs = NULL;
96 /* This is not recursive! */
98 r = cg_get_path(controller, path, NULL, &fs);
110 int cg_read_subgroup(DIR *d, char **fn) {
116 FOREACH_DIRENT_ALL(de, d, return -errno) {
119 if (de->d_type != DT_DIR)
122 if (streq(de->d_name, ".") ||
123 streq(de->d_name, ".."))
126 b = strdup(de->d_name);
137 int cg_rmdir(const char *controller, const char *path) {
138 _cleanup_free_ char *p = NULL;
141 r = cg_get_path(controller, path, NULL, &p);
146 if (r < 0 && errno != ENOENT)
152 int cg_kill(const char *controller, const char *path, int sig, bool sigcont, bool ignore_self, Set *s) {
153 _cleanup_set_free_ Set *allocated_set = NULL;
160 /* This goes through the tasks list and kills them all. This
161 * is repeated until no further processes are added to the
162 * tasks list, to properly handle forking processes */
165 s = allocated_set = set_new(NULL);
173 _cleanup_fclose_ FILE *f = NULL;
177 r = cg_enumerate_processes(controller, path, &f);
179 if (ret >= 0 && r != -ENOENT)
185 while ((r = cg_read_pid(f, &pid)) > 0) {
187 if (ignore_self && pid == my_pid)
190 if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
193 /* If we haven't killed this process yet, kill
195 if (kill(pid, sig) < 0) {
196 if (ret >= 0 && errno != ESRCH)
199 if (sigcont && sig != SIGKILL)
200 (void) kill(pid, SIGCONT);
208 r = set_put(s, PID_TO_PTR(pid));
224 /* To avoid racing against processes which fork
225 * quicker than we can kill them we repeat this until
226 * no new pids need to be killed. */
233 int cg_kill_recursive(const char *controller, const char *path, int sig, bool sigcont, bool ignore_self, bool rem, Set *s) {
234 _cleanup_set_free_ Set *allocated_set = NULL;
235 _cleanup_closedir_ DIR *d = NULL;
243 s = allocated_set = set_new(NULL);
248 ret = cg_kill(controller, path, sig, sigcont, ignore_self, s);
250 r = cg_enumerate_subgroups(controller, path, &d);
252 if (ret >= 0 && r != -ENOENT)
258 while ((r = cg_read_subgroup(d, &fn)) > 0) {
259 _cleanup_free_ char *p = NULL;
261 p = strjoin(path, "/", fn, NULL);
266 r = cg_kill_recursive(controller, p, sig, sigcont, ignore_self, rem, s);
267 if (r != 0 && ret >= 0)
271 if (ret >= 0 && r < 0)
275 r = cg_rmdir(controller, path);
276 if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY)
283 int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self) {
285 _cleanup_set_free_ Set *s = NULL;
301 _cleanup_fclose_ FILE *f = NULL;
305 r = cg_enumerate_processes(cfrom, pfrom, &f);
307 if (ret >= 0 && r != -ENOENT)
313 while ((r = cg_read_pid(f, &pid)) > 0) {
315 /* This might do weird stuff if we aren't a
316 * single-threaded program. However, we
317 * luckily know we are not */
318 if (ignore_self && pid == my_pid)
321 if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
324 /* Ignore kernel threads. Since they can only
325 * exist in the root cgroup, we only check for
328 (isempty(pfrom) || path_equal(pfrom, "/")) &&
329 is_kernel_thread(pid) > 0)
332 r = cg_attach(cto, pto, pid);
334 if (ret >= 0 && r != -ESRCH)
341 r = set_put(s, PID_TO_PTR(pid));
361 int cg_migrate_recursive(
369 _cleanup_closedir_ DIR *d = NULL;
378 ret = cg_migrate(cfrom, pfrom, cto, pto, ignore_self);
380 r = cg_enumerate_subgroups(cfrom, pfrom, &d);
382 if (ret >= 0 && r != -ENOENT)
388 while ((r = cg_read_subgroup(d, &fn)) > 0) {
389 _cleanup_free_ char *p = NULL;
391 p = strjoin(pfrom, "/", fn, NULL);
396 r = cg_migrate_recursive(cfrom, p, cto, pto, ignore_self, rem);
397 if (r != 0 && ret >= 0)
401 if (r < 0 && ret >= 0)
405 r = cg_rmdir(cfrom, pfrom);
406 if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY)
413 int cg_migrate_recursive_fallback(
428 r = cg_migrate_recursive(cfrom, pfrom, cto, pto, ignore_self, rem);
430 char prefix[strlen(pto) + 1];
432 /* This didn't work? Then let's try all prefixes of the destination */
434 PATH_FOREACH_PREFIX(prefix, pto) {
437 q = cg_migrate_recursive(cfrom, pfrom, cto, prefix, ignore_self, rem);
446 static const char *controller_to_dirname(const char *controller) {
451 /* Converts a controller name to the directory name below
452 * /sys/fs/cgroup/ we want to mount it to. Effectively, this
453 * just cuts off the name= prefixed used for named
454 * hierarchies, if it is specified. */
456 e = startswith(controller, "name=");
463 static int join_path_legacy(const char *controller, const char *path, const char *suffix, char **fs) {
470 dn = controller_to_dirname(controller);
472 if (isempty(path) && isempty(suffix))
473 t = strappend("/sys/fs/cgroup/", dn);
474 else if (isempty(path))
475 t = strjoin("/sys/fs/cgroup/", dn, "/", suffix, NULL);
476 else if (isempty(suffix))
477 t = strjoin("/sys/fs/cgroup/", dn, "/", path, NULL);
479 t = strjoin("/sys/fs/cgroup/", dn, "/", path, "/", suffix, NULL);
487 static int join_path_unified(const char *path, const char *suffix, char **fs) {
492 if (isempty(path) && isempty(suffix))
493 t = strdup("/sys/fs/cgroup");
494 else if (isempty(path))
495 t = strappend("/sys/fs/cgroup/", suffix);
496 else if (isempty(suffix))
497 t = strappend("/sys/fs/cgroup/", path);
499 t = strjoin("/sys/fs/cgroup/", path, "/", suffix, NULL);
507 int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) {
515 /* If no controller is specified, we return the path
516 * *below* the controllers, without any prefix. */
518 if (!path && !suffix)
526 t = strjoin(path, "/", suffix, NULL);
530 *fs = path_kill_slashes(t);
534 if (!cg_controller_is_valid(controller))
537 unified = cg_unified();
542 r = join_path_unified(path, suffix, fs);
544 r = join_path_legacy(controller, path, suffix, fs);
548 path_kill_slashes(*fs);
552 static int controller_is_accessible(const char *controller) {
557 /* Checks whether a specific controller is accessible,
558 * i.e. its hierarchy mounted. In the unified hierarchy all
559 * controllers are considered accessible, except for the named
562 if (!cg_controller_is_valid(controller))
565 unified = cg_unified();
569 /* We don't support named hierarchies if we are using
570 * the unified hierarchy. */
572 if (streq(controller, ELOGIND_CGROUP_CONTROLLER))
575 if (startswith(controller, "name="))
581 dn = controller_to_dirname(controller);
582 cc = strjoina("/sys/fs/cgroup/", dn);
584 if (laccess(cc, F_OK) < 0)
591 int cg_get_path_and_check(const char *controller, const char *path, const char *suffix, char **fs) {
597 /* Check if the specified controller is actually accessible */
598 r = controller_is_accessible(controller);
602 return cg_get_path(controller, path, suffix, fs);
605 static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct FTW *ftwbuf) {
610 if (typeflag != FTW_DP)
613 if (ftwbuf->level < 1)
620 int cg_trim(const char *controller, const char *path, bool delete_root) {
621 _cleanup_free_ char *fs = NULL;
626 r = cg_get_path(controller, path, NULL, &fs);
631 if (nftw(fs, trim_cb, 64, FTW_DEPTH|FTW_MOUNT|FTW_PHYS) != 0) {
641 if (rmdir(fs) < 0 && errno != ENOENT)
648 int cg_create(const char *controller, const char *path) {
649 _cleanup_free_ char *fs = NULL;
652 r = cg_get_path_and_check(controller, path, NULL, &fs);
656 r = mkdir_parents(fs, 0755);
660 if (mkdir(fs, 0755) < 0) {
671 /// UNNEEDED by elogind
673 int cg_create_and_attach(const char *controller, const char *path, pid_t pid) {
678 r = cg_create(controller, path);
682 q = cg_attach(controller, path, pid);
686 /* This does not remove the cgroup on failure */
691 int cg_attach(const char *controller, const char *path, pid_t pid) {
692 _cleanup_free_ char *fs = NULL;
693 char c[DECIMAL_STR_MAX(pid_t) + 2];
699 r = cg_get_path_and_check(controller, path, "cgroup.procs", &fs);
706 snprintf(c, sizeof(c), PID_FMT"\n", pid);
708 return write_string_file_no_create(fs, c);
711 int cg_attach_fallback(const char *controller, const char *path, pid_t pid) {
718 r = cg_attach(controller, path, pid);
720 char prefix[strlen(path) + 1];
722 /* This didn't work? Then let's try all prefixes of
725 PATH_FOREACH_PREFIX(prefix, path) {
728 q = cg_attach(controller, prefix, pid);
737 /// UNNEEDED by elogind
739 int cg_set_group_access(
740 const char *controller,
746 _cleanup_free_ char *fs = NULL;
749 if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
752 if (mode != MODE_INVALID)
755 r = cg_get_path(controller, path, NULL, &fs);
759 return chmod_and_chown(fs, mode, uid, gid);
762 int cg_set_task_access(
763 const char *controller,
769 _cleanup_free_ char *fs = NULL, *procs = NULL;
774 if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
777 if (mode != MODE_INVALID)
780 r = cg_get_path(controller, path, "cgroup.procs", &fs);
784 r = chmod_and_chown(fs, mode, uid, gid);
788 unified = cg_unified();
794 /* Compatibility, Always keep values for "tasks" in sync with
796 if (cg_get_path(controller, path, "tasks", &procs) >= 0)
797 (void) chmod_and_chown(procs, mode, uid, gid);
803 int cg_pid_get_path(const char *controller, pid_t pid, char **path) {
804 _cleanup_fclose_ FILE *f = NULL;
813 unified = cg_unified();
818 if (!cg_controller_is_valid(controller))
821 controller = ELOGIND_CGROUP_CONTROLLER;
823 cs = strlen(controller);
826 fs = procfs_file_alloca(pid, "cgroup");
829 return errno == ENOENT ? -ESRCH : -errno;
831 FOREACH_LINE(line, f, return -errno) {
837 e = startswith(line, "0:");
847 const char *word, *state;
850 l = strchr(line, ':');
860 FOREACH_WORD_SEPARATOR(word, k, l, ",", state) {
861 if (k == cs && memcmp(word, controller, cs) == 0) {
882 /// UNNEEDED by elogind
884 int cg_install_release_agent(const char *controller, const char *agent) {
885 _cleanup_free_ char *fs = NULL, *contents = NULL;
891 unified = cg_unified();
894 if (unified) /* doesn't apply to unified hierarchy */
897 r = cg_get_path(controller, NULL, "release_agent", &fs);
901 r = read_one_line_file(fs, &contents);
905 sc = strstrip(contents);
907 r = write_string_file_no_create(fs, agent);
910 } else if (!path_equal(sc, agent))
914 r = cg_get_path(controller, NULL, "notify_on_release", &fs);
918 contents = mfree(contents);
919 r = read_one_line_file(fs, &contents);
923 sc = strstrip(contents);
924 if (streq(sc, "0")) {
925 r = write_string_file_no_create(fs, "1");
938 int cg_uninstall_release_agent(const char *controller) {
939 _cleanup_free_ char *fs = NULL;
942 unified = cg_unified();
945 if (unified) /* Doesn't apply to unified hierarchy */
948 r = cg_get_path(controller, NULL, "notify_on_release", &fs);
952 r = write_string_file_no_create(fs, "0");
958 r = cg_get_path(controller, NULL, "release_agent", &fs);
962 r = write_string_file_no_create(fs, "");
970 int cg_is_empty(const char *controller, const char *path) {
971 _cleanup_fclose_ FILE *f = NULL;
977 r = cg_enumerate_processes(controller, path, &f);
983 r = cg_read_pid(f, &pid);
990 int cg_is_empty_recursive(const char *controller, const char *path) {
995 /* The root cgroup is always populated */
996 if (controller && (isempty(path) || path_equal(path, "/")))
999 unified = cg_unified();
1004 _cleanup_free_ char *populated = NULL, *t = NULL;
1006 /* On the unified hierarchy we can check empty state
1007 * via the "cgroup.populated" attribute. */
1009 r = cg_get_path(controller, path, "cgroup.populated", &populated);
1013 r = read_one_line_file(populated, &t);
1019 return streq(t, "0");
1021 _cleanup_closedir_ DIR *d = NULL;
1024 r = cg_is_empty(controller, path);
1028 r = cg_enumerate_subgroups(controller, path, &d);
1034 while ((r = cg_read_subgroup(d, &fn)) > 0) {
1035 _cleanup_free_ char *p = NULL;
1037 p = strjoin(path, "/", fn, NULL);
1042 r = cg_is_empty_recursive(controller, p);
1053 int cg_split_spec(const char *spec, char **controller, char **path) {
1054 char *t = NULL, *u = NULL;
1060 if (!path_is_safe(spec))
1068 *path = path_kill_slashes(t);
1077 e = strchr(spec, ':');
1079 if (!cg_controller_is_valid(spec))
1096 t = strndup(spec, e-spec);
1099 if (!cg_controller_is_valid(t)) {
1113 if (!path_is_safe(u) ||
1114 !path_is_absolute(u)) {
1120 path_kill_slashes(u);
1136 int cg_mangle_path(const char *path, char **result) {
1137 _cleanup_free_ char *c = NULL, *p = NULL;
1144 /* First, check if it already is a filesystem path */
1145 if (path_startswith(path, "/sys/fs/cgroup")) {
1151 *result = path_kill_slashes(t);
1155 /* Otherwise, treat it as cg spec */
1156 r = cg_split_spec(path, &c, &p);
1160 return cg_get_path(c ? c : ELOGIND_CGROUP_CONTROLLER, p ? p : "/", NULL, result);
1163 int cg_get_root_path(char **path) {
1169 r = cg_pid_get_path(ELOGIND_CGROUP_CONTROLLER, 1, &p);
1173 e = endswith(p, "/" SPECIAL_INIT_SCOPE);
1175 e = endswith(p, "/" SPECIAL_SYSTEM_SLICE); /* legacy */
1177 e = endswith(p, "/system"); /* even more legacy */
1185 int cg_shift_path(const char *cgroup, const char *root, const char **shifted) {
1186 _cleanup_free_ char *rt = NULL;
1194 /* If the root was specified let's use that, otherwise
1195 * let's determine it from PID 1 */
1197 r = cg_get_root_path(&rt);
1204 p = path_startswith(cgroup, root);
1205 if (p && p > cgroup)
1213 int cg_pid_get_path_shifted(pid_t pid, const char *root, char **cgroup) {
1214 _cleanup_free_ char *raw = NULL;
1221 r = cg_pid_get_path(ELOGIND_CGROUP_CONTROLLER, pid, &raw);
1225 r = cg_shift_path(raw, root, &c);
1245 int cg_path_decode_unit(const char *cgroup, char **unit){
1252 n = strcspn(cgroup, "/");
1256 c = strndupa(cgroup, n);
1259 if (!unit_name_is_valid(c, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
1270 static bool valid_slice_name(const char *p, size_t n) {
1275 if (n < strlen("x.slice"))
1278 if (memcmp(p + n - 6, ".slice", 6) == 0) {
1284 c = cg_unescape(buf);
1286 return unit_name_is_valid(c, UNIT_NAME_PLAIN);
1292 static const char *skip_slices(const char *p) {
1295 /* Skips over all slice assignments */
1300 p += strspn(p, "/");
1302 n = strcspn(p, "/");
1303 if (!valid_slice_name(p, n))
1310 int cg_path_get_unit(const char *path, char **ret) {
1318 e = skip_slices(path);
1320 r = cg_path_decode_unit(e, &unit);
1324 /* We skipped over the slices, don't accept any now */
1325 if (endswith(unit, ".slice")) {
1334 int cg_pid_get_unit(pid_t pid, char **unit) {
1335 _cleanup_free_ char *cgroup = NULL;
1340 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1344 return cg_path_get_unit(cgroup, unit);
1348 * Skip session-*.scope, but require it to be there.
1350 static const char *skip_session(const char *p) {
1356 p += strspn(p, "/");
1358 n = strcspn(p, "/");
1359 if (n < strlen("session-x.scope"))
1362 if (memcmp(p, "session-", 8) == 0 && memcmp(p + n - 6, ".scope", 6) == 0) {
1363 char buf[n - 8 - 6 + 1];
1365 memcpy(buf, p + 8, n - 8 - 6);
1368 /* Note that session scopes never need unescaping,
1369 * since they cannot conflict with the kernel's own
1370 * names, hence we don't need to call cg_unescape()
1373 if (!session_id_valid(buf))
1377 p += strspn(p, "/");
1385 * Skip user@*.service, but require it to be there.
1387 static const char *skip_user_manager(const char *p) {
1393 p += strspn(p, "/");
1395 n = strcspn(p, "/");
1396 if (n < strlen("user@x.service"))
1399 if (memcmp(p, "user@", 5) == 0 && memcmp(p + n - 8, ".service", 8) == 0) {
1400 char buf[n - 5 - 8 + 1];
1402 memcpy(buf, p + 5, n - 5 - 8);
1405 /* Note that user manager services never need unescaping,
1406 * since they cannot conflict with the kernel's own
1407 * names, hence we don't need to call cg_unescape()
1410 if (parse_uid(buf, NULL) < 0)
1414 p += strspn(p, "/");
1422 static const char *skip_user_prefix(const char *path) {
1427 /* Skip slices, if there are any */
1428 e = skip_slices(path);
1430 /* Skip the user manager, if it's in the path now... */
1431 t = skip_user_manager(e);
1435 /* Alternatively skip the user session if it is in the path... */
1436 return skip_session(e);
1439 int cg_path_get_user_unit(const char *path, char **ret) {
1445 t = skip_user_prefix(path);
1449 /* And from here on it looks pretty much the same as for a
1450 * system unit, hence let's use the same parser from here
1452 return cg_path_get_unit(t, ret);
1455 int cg_pid_get_user_unit(pid_t pid, char **unit) {
1456 _cleanup_free_ char *cgroup = NULL;
1461 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1465 return cg_path_get_user_unit(cgroup, unit);
1468 int cg_path_get_machine_name(const char *path, char **machine) {
1469 _cleanup_free_ char *u = NULL;
1473 r = cg_path_get_unit(path, &u);
1477 sl = strjoina("/run/systemd/machines/unit:", u);
1478 return readlink_malloc(sl, machine);
1481 int cg_pid_get_machine_name(pid_t pid, char **machine) {
1482 _cleanup_free_ char *cgroup = NULL;
1487 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1491 return cg_path_get_machine_name(cgroup, machine);
1494 int cg_path_get_session(const char *path, char **session) {
1495 _cleanup_free_ char *unit = NULL;
1501 r = cg_path_get_unit(path, &unit);
1505 start = startswith(unit, "session-");
1508 end = endswith(start, ".scope");
1513 if (!session_id_valid(start))
1529 int cg_pid_get_session(pid_t pid, char **session) {
1530 _cleanup_free_ char *cgroup = NULL;
1533 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1537 return cg_path_get_session(cgroup, session);
1540 int cg_path_get_owner_uid(const char *path, uid_t *uid) {
1541 _cleanup_free_ char *slice = NULL;
1547 r = cg_path_get_slice(path, &slice);
1551 start = startswith(slice, "user-");
1554 end = endswith(start, ".slice");
1559 if (parse_uid(start, uid) < 0)
1565 int cg_pid_get_owner_uid(pid_t pid, uid_t *uid) {
1566 _cleanup_free_ char *cgroup = NULL;
1569 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1573 return cg_path_get_owner_uid(cgroup, uid);
1576 int cg_path_get_slice(const char *p, char **slice) {
1577 const char *e = NULL;
1582 /* Finds the right-most slice unit from the beginning, but
1583 * stops before we come to the first non-slice unit. */
1588 p += strspn(p, "/");
1590 n = strcspn(p, "/");
1591 if (!valid_slice_name(p, n)) {
1596 s = strdup("-.slice");
1604 return cg_path_decode_unit(e, slice);
1612 int cg_pid_get_slice(pid_t pid, char **slice) {
1613 _cleanup_free_ char *cgroup = NULL;
1618 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1622 return cg_path_get_slice(cgroup, slice);
1625 int cg_path_get_user_slice(const char *p, char **slice) {
1630 t = skip_user_prefix(p);
1634 /* And now it looks pretty much the same as for a system
1635 * slice, so let's just use the same parser from here on. */
1636 return cg_path_get_slice(t, slice);
1639 int cg_pid_get_user_slice(pid_t pid, char **slice) {
1640 _cleanup_free_ char *cgroup = NULL;
1645 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1649 return cg_path_get_user_slice(cgroup, slice);
1652 char *cg_escape(const char *p) {
1653 bool need_prefix = false;
1655 /* This implements very minimal escaping for names to be used
1656 * as file names in the cgroup tree: any name which might
1657 * conflict with a kernel name or is prefixed with '_' is
1658 * prefixed with a '_'. That way, when reading cgroup names it
1659 * is sufficient to remove a single prefixing underscore if
1662 /* The return value of this function (unlike cg_unescape())
1668 streq(p, "notify_on_release") ||
1669 streq(p, "release_agent") ||
1670 streq(p, "tasks") ||
1671 startswith(p, "cgroup."))
1676 dot = strrchr(p, '.');
1681 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1684 n = cgroup_controller_to_string(c);
1689 if (memcmp(p, n, l) != 0)
1699 return strappend("_", p);
1704 char *cg_unescape(const char *p) {
1707 /* The return value of this function (unlike cg_escape())
1708 * doesn't need free()! */
1716 #define CONTROLLER_VALID \
1720 bool cg_controller_is_valid(const char *p) {
1726 s = startswith(p, "name=");
1730 if (*p == 0 || *p == '_')
1733 for (t = p; *t; t++)
1734 if (!strchr(CONTROLLER_VALID, *t))
1737 if (t - p > FILENAME_MAX)
1743 /// UNNEEDED by elogind
1745 int cg_slice_to_path(const char *unit, char **ret) {
1746 _cleanup_free_ char *p = NULL, *s = NULL, *e = NULL;
1753 if (streq(unit, "-.slice")) {
1763 if (!unit_name_is_valid(unit, UNIT_NAME_PLAIN))
1766 if (!endswith(unit, ".slice"))
1769 r = unit_name_to_prefix(unit, &p);
1773 dash = strchr(p, '-');
1775 /* Don't allow initial dashes */
1780 _cleanup_free_ char *escaped = NULL;
1781 char n[dash - p + sizeof(".slice")];
1783 /* Don't allow trailing or double dashes */
1784 if (dash[1] == 0 || dash[1] == '-')
1787 strcpy(stpncpy(n, p, dash - p), ".slice");
1788 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN))
1791 escaped = cg_escape(n);
1795 if (!strextend(&s, escaped, "/", NULL))
1798 dash = strchr(dash+1, '-');
1801 e = cg_escape(unit);
1805 if (!strextend(&s, e, NULL))
1814 int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value) {
1815 _cleanup_free_ char *p = NULL;
1818 r = cg_get_path(controller, path, attribute, &p);
1822 return write_string_file_no_create(p, value);
1825 int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) {
1826 _cleanup_free_ char *p = NULL;
1829 r = cg_get_path(controller, path, attribute, &p);
1833 return read_one_line_file(p, ret);
1837 /// UNNEEDED by elogind
1839 int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) {
1843 /* This one will create a cgroup in our private tree, but also
1844 * duplicate it in the trees specified in mask, and remove it
1847 /* First create the cgroup in our own hierarchy. */
1848 r = cg_create(ELOGIND_CGROUP_CONTROLLER, path);
1852 /* If we are in the unified hierarchy, we are done now */
1853 unified = cg_unified();
1859 /* Otherwise, do the same in the other hierarchies */
1860 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1861 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1864 n = cgroup_controller_to_string(c);
1867 (void) cg_create(n, path);
1868 else if (supported & bit)
1869 (void) cg_trim(n, path, true);
1876 int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) {
1880 r = cg_attach(ELOGIND_CGROUP_CONTROLLER, path, pid);
1884 unified = cg_unified();
1890 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1891 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1892 const char *p = NULL;
1894 if (!(supported & bit))
1898 p = path_callback(bit, userdata);
1903 (void) cg_attach_fallback(cgroup_controller_to_string(c), p, pid);
1909 /// UNNEEDED by elogind
1911 int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) {
1916 SET_FOREACH(pidp, pids, i) {
1917 pid_t pid = PTR_TO_PID(pidp);
1920 q = cg_attach_everywhere(supported, path, pid, path_callback, userdata);
1921 if (q < 0 && r >= 0)
1928 int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) {
1932 if (!path_equal(from, to)) {
1933 r = cg_migrate_recursive(ELOGIND_CGROUP_CONTROLLER, from, ELOGIND_CGROUP_CONTROLLER, to, false, true);
1938 unified = cg_unified();
1944 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1945 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1946 const char *p = NULL;
1948 if (!(supported & bit))
1952 p = to_callback(bit, userdata);
1957 (void) cg_migrate_recursive_fallback(ELOGIND_CGROUP_CONTROLLER, to, cgroup_controller_to_string(c), p, false, false);
1963 int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) {
1967 r = cg_trim(ELOGIND_CGROUP_CONTROLLER, path, delete_root);
1971 unified = cg_unified();
1977 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1978 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1980 if (!(supported & bit))
1983 (void) cg_trim(cgroup_controller_to_string(c), path, delete_root);
1989 int cg_mask_supported(CGroupMask *ret) {
1990 CGroupMask mask = 0;
1993 /* Determines the mask of supported cgroup controllers. Only
1994 * includes controllers we can make sense of and that are
1995 * actually accessible. */
1997 unified = cg_unified();
2001 _cleanup_free_ char *root = NULL, *controllers = NULL, *path = NULL;
2004 /* In the unified hierarchy we can read the supported
2005 * and accessible controllers from a the top-level
2006 * cgroup attribute */
2008 r = cg_get_root_path(&root);
2012 r = cg_get_path(ELOGIND_CGROUP_CONTROLLER, root, "cgroup.controllers", &path);
2016 r = read_one_line_file(path, &controllers);
2022 _cleanup_free_ char *n = NULL;
2025 r = extract_first_word(&c, &n, NULL, 0);
2031 v = cgroup_controller_from_string(n);
2035 mask |= CGROUP_CONTROLLER_TO_MASK(v);
2038 /* Currently, we only support the memory controller in
2039 * the unified hierarchy, mask everything else off. */
2040 mask &= CGROUP_MASK_MEMORY;
2045 /* In the legacy hierarchy, we check whether which
2046 * hierarchies are mounted. */
2048 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2051 n = cgroup_controller_to_string(c);
2052 if (controller_is_accessible(n) >= 0)
2053 mask |= CGROUP_CONTROLLER_TO_MASK(c);
2061 int cg_kernel_controllers(Set *controllers) {
2062 _cleanup_fclose_ FILE *f = NULL;
2066 assert(controllers);
2068 /* Determines the full list of kernel-known controllers. Might
2069 * include controllers we don't actually support, arbitrary
2070 * named hierarchies and controllers that aren't currently
2071 * accessible (because not mounted). */
2073 f = fopen("/proc/cgroups", "re");
2075 if (errno == ENOENT)
2080 /* Ignore the header line */
2081 (void) fgets(buf, sizeof(buf), f);
2088 if (fscanf(f, "%ms %*i %*i %i", &controller, &enabled) != 2) {
2093 if (ferror(f) && errno != 0)
2104 if (!cg_controller_is_valid(controller)) {
2109 r = set_consume(controllers, controller);
2118 static thread_local int unified_cache = -1;
2120 int cg_unified(void) {
2123 /* Checks if we support the unified hierarchy. Returns an
2124 * error when the cgroup hierarchies aren't mounted yet or we
2125 * have any other trouble determining if the unified hierarchy
2128 if (unified_cache >= 0)
2129 return unified_cache;
2131 if (statfs("/sys/fs/cgroup/", &fs) < 0)
2134 if (F_TYPE_EQUAL(fs.f_type, CGROUP_SUPER_MAGIC))
2135 unified_cache = true;
2136 else if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC))
2137 unified_cache = false;
2141 return unified_cache;
2144 /// UNNEEDED by elogind
2146 void cg_unified_flush(void) {
2150 int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p) {
2151 _cleanup_free_ char *fs = NULL;
2160 unified = cg_unified();
2163 if (!unified) /* on the legacy hiearchy there's no joining of controllers defined */
2166 r = cg_get_path(ELOGIND_CGROUP_CONTROLLER, p, "cgroup.subtree_control", &fs);
2170 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2171 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
2174 if (!(supported & bit))
2177 n = cgroup_controller_to_string(c);
2179 char s[1 + strlen(n) + 1];
2181 s[0] = mask & bit ? '+' : '-';
2184 r = write_string_file(fs, s, 0);
2186 log_debug_errno(r, "Failed to enable controller %s for %s (%s): %m", n, p, fs);
2194 bool cg_is_unified_wanted(void) {
2195 static thread_local int wanted = -1;
2198 /* If the hierarchy is already mounted, then follow whatever
2199 * was chosen for it. */
2200 unified = cg_unified();
2204 /* Otherwise, let's see what the kernel command line has to
2205 * say. Since checking that is expensive, let's cache the
2210 r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy", NULL);
2212 return (wanted = true);
2214 _cleanup_free_ char *value = NULL;
2216 r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy=", &value);
2220 return (wanted = false);
2222 return (wanted = parse_boolean(value) > 0);
2226 /// UNNEEDED by elogind
2228 bool cg_is_legacy_wanted(void) {
2229 return !cg_is_unified_wanted();
2233 static const char *cgroup_controller_table[_CGROUP_CONTROLLER_MAX] = {
2234 [CGROUP_CONTROLLER_CPU] = "cpu",
2235 [CGROUP_CONTROLLER_CPUACCT] = "cpuacct",
2236 [CGROUP_CONTROLLER_BLKIO] = "blkio",
2237 [CGROUP_CONTROLLER_MEMORY] = "memory",
2238 [CGROUP_CONTROLLER_DEVICE] = "devices",
2241 DEFINE_STRING_TABLE_LOOKUP(cgroup_controller, CGroupController);