1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
29 #include <sys/types.h>
35 #include "formats-util.h"
36 #include "process-util.h"
37 #include "path-util.h"
38 // #include "unit-name.h"
40 // #include "special.h"
42 #include "login-util.h"
43 #include "cgroup-util.h"
45 int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) {
46 _cleanup_free_ char *fs = NULL;
52 r = cg_get_path(controller, path, "cgroup.procs", &fs);
64 int cg_read_pid(FILE *f, pid_t *_pid) {
67 /* Note that the cgroup.procs might contain duplicates! See
68 * cgroups.txt for details. */
74 if (fscanf(f, "%lu", &ul) != 1) {
79 return errno ? -errno : -EIO;
89 int cg_enumerate_subgroups(const char *controller, const char *path, DIR **_d) {
90 _cleanup_free_ char *fs = NULL;
96 /* This is not recursive! */
98 r = cg_get_path(controller, path, NULL, &fs);
110 int cg_read_subgroup(DIR *d, char **fn) {
116 FOREACH_DIRENT_ALL(de, d, return -errno) {
119 if (de->d_type != DT_DIR)
122 if (streq(de->d_name, ".") ||
123 streq(de->d_name, ".."))
126 b = strdup(de->d_name);
137 int cg_rmdir(const char *controller, const char *path) {
138 _cleanup_free_ char *p = NULL;
141 r = cg_get_path(controller, path, NULL, &p);
146 if (r < 0 && errno != ENOENT)
152 int cg_kill(const char *controller, const char *path, int sig, bool sigcont, bool ignore_self, Set *s) {
153 _cleanup_set_free_ Set *allocated_set = NULL;
160 /* This goes through the tasks list and kills them all. This
161 * is repeated until no further processes are added to the
162 * tasks list, to properly handle forking processes */
165 s = allocated_set = set_new(NULL);
173 _cleanup_fclose_ FILE *f = NULL;
177 r = cg_enumerate_processes(controller, path, &f);
179 if (ret >= 0 && r != -ENOENT)
185 while ((r = cg_read_pid(f, &pid)) > 0) {
187 if (ignore_self && pid == my_pid)
190 if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
193 /* If we haven't killed this process yet, kill
195 if (kill(pid, sig) < 0) {
196 if (ret >= 0 && errno != ESRCH)
199 if (sigcont && sig != SIGKILL)
200 (void) kill(pid, SIGCONT);
208 r = set_put(s, PID_TO_PTR(pid));
224 /* To avoid racing against processes which fork
225 * quicker than we can kill them we repeat this until
226 * no new pids need to be killed. */
233 int cg_kill_recursive(const char *controller, const char *path, int sig, bool sigcont, bool ignore_self, bool rem, Set *s) {
234 _cleanup_set_free_ Set *allocated_set = NULL;
235 _cleanup_closedir_ DIR *d = NULL;
243 s = allocated_set = set_new(NULL);
248 ret = cg_kill(controller, path, sig, sigcont, ignore_self, s);
250 r = cg_enumerate_subgroups(controller, path, &d);
252 if (ret >= 0 && r != -ENOENT)
258 while ((r = cg_read_subgroup(d, &fn)) > 0) {
259 _cleanup_free_ char *p = NULL;
261 p = strjoin(path, "/", fn, NULL);
266 r = cg_kill_recursive(controller, p, sig, sigcont, ignore_self, rem, s);
267 if (r != 0 && ret >= 0)
271 if (ret >= 0 && r < 0)
275 r = cg_rmdir(controller, path);
276 if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY)
283 int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self) {
285 _cleanup_set_free_ Set *s = NULL;
300 log_debug_elogind("Migrating \"%s\"/\"%s\" to \"%s\"/\"%s\" (%s)",
301 cfrom, pfrom, cto, pto,
302 ignore_self ? "ignoring self" : "watching self");
305 _cleanup_fclose_ FILE *f = NULL;
309 r = cg_enumerate_processes(cfrom, pfrom, &f);
311 if (ret >= 0 && r != -ENOENT)
317 while ((r = cg_read_pid(f, &pid)) > 0) {
319 /* This might do weird stuff if we aren't a
320 * single-threaded program. However, we
321 * luckily know we are not */
322 if (ignore_self && pid == my_pid)
325 if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
328 /* Ignore kernel threads. Since they can only
329 * exist in the root cgroup, we only check for
332 (isempty(pfrom) || path_equal(pfrom, "/")) &&
333 is_kernel_thread(pid) > 0)
336 r = cg_attach(cto, pto, pid);
338 if (ret >= 0 && r != -ESRCH)
345 r = set_put(s, PID_TO_PTR(pid));
365 int cg_migrate_recursive(
373 _cleanup_closedir_ DIR *d = NULL;
382 ret = cg_migrate(cfrom, pfrom, cto, pto, ignore_self);
384 r = cg_enumerate_subgroups(cfrom, pfrom, &d);
386 if (ret >= 0 && r != -ENOENT)
392 while ((r = cg_read_subgroup(d, &fn)) > 0) {
393 _cleanup_free_ char *p = NULL;
395 p = strjoin(pfrom, "/", fn, NULL);
400 r = cg_migrate_recursive(cfrom, p, cto, pto, ignore_self, rem);
401 if (r != 0 && ret >= 0)
405 if (r < 0 && ret >= 0)
409 r = cg_rmdir(cfrom, pfrom);
410 if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY)
417 int cg_migrate_recursive_fallback(
432 r = cg_migrate_recursive(cfrom, pfrom, cto, pto, ignore_self, rem);
434 char prefix[strlen(pto) + 1];
436 /* This didn't work? Then let's try all prefixes of the destination */
438 PATH_FOREACH_PREFIX(prefix, pto) {
441 q = cg_migrate_recursive(cfrom, pfrom, cto, prefix, ignore_self, rem);
450 static const char *controller_to_dirname(const char *controller) {
455 /* Converts a controller name to the directory name below
456 * /sys/fs/cgroup/ we want to mount it to. Effectively, this
457 * just cuts off the name= prefixed used for named
458 * hierarchies, if it is specified. */
460 e = startswith(controller, "name=");
467 static int join_path_legacy(const char *controller, const char *path, const char *suffix, char **fs) {
474 dn = controller_to_dirname(controller);
476 if (isempty(path) && isempty(suffix))
477 t = strappend("/sys/fs/cgroup/", dn);
478 else if (isempty(path))
479 t = strjoin("/sys/fs/cgroup/", dn, "/", suffix, NULL);
480 else if (isempty(suffix))
481 t = strjoin("/sys/fs/cgroup/", dn, "/", path, NULL);
483 t = strjoin("/sys/fs/cgroup/", dn, "/", path, "/", suffix, NULL);
491 static int join_path_unified(const char *path, const char *suffix, char **fs) {
496 if (isempty(path) && isempty(suffix))
497 t = strdup("/sys/fs/cgroup");
498 else if (isempty(path))
499 t = strappend("/sys/fs/cgroup/", suffix);
500 else if (isempty(suffix))
501 t = strappend("/sys/fs/cgroup/", path);
503 t = strjoin("/sys/fs/cgroup/", path, "/", suffix, NULL);
511 int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) {
519 /* If no controller is specified, we return the path
520 * *below* the controllers, without any prefix. */
522 if (!path && !suffix)
530 t = strjoin(path, "/", suffix, NULL);
534 *fs = path_kill_slashes(t);
538 if (!cg_controller_is_valid(controller))
541 unified = cg_unified();
546 r = join_path_unified(path, suffix, fs);
548 r = join_path_legacy(controller, path, suffix, fs);
553 path_kill_slashes(*fs);
557 static int controller_is_accessible(const char *controller) {
562 /* Checks whether a specific controller is accessible,
563 * i.e. its hierarchy mounted. In the unified hierarchy all
564 * controllers are considered accessible, except for the named
567 if (!cg_controller_is_valid(controller))
570 unified = cg_unified();
574 /* We don't support named hierarchies if we are using
575 * the unified hierarchy. */
577 if (streq(controller, SYSTEMD_CGROUP_CONTROLLER))
580 if (startswith(controller, "name="))
586 dn = controller_to_dirname(controller);
587 cc = strjoina("/sys/fs/cgroup/", dn);
589 if (laccess(cc, F_OK) < 0)
596 int cg_get_path_and_check(const char *controller, const char *path, const char *suffix, char **fs) {
602 /* Check if the specified controller is actually accessible */
603 r = controller_is_accessible(controller);
607 return cg_get_path(controller, path, suffix, fs);
610 static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct FTW *ftwbuf) {
615 if (typeflag != FTW_DP)
618 if (ftwbuf->level < 1)
625 int cg_trim(const char *controller, const char *path, bool delete_root) {
626 _cleanup_free_ char *fs = NULL;
631 r = cg_get_path(controller, path, NULL, &fs);
636 if (nftw(fs, trim_cb, 64, FTW_DEPTH|FTW_MOUNT|FTW_PHYS) != 0) {
646 if (rmdir(fs) < 0 && errno != ENOENT)
653 int cg_create(const char *controller, const char *path) {
654 _cleanup_free_ char *fs = NULL;
657 r = cg_get_path_and_check(controller, path, NULL, &fs);
661 r = mkdir_parents(fs, 0755);
665 if (mkdir(fs, 0755) < 0) {
676 int cg_create_and_attach(const char *controller, const char *path, pid_t pid) {
681 r = cg_create(controller, path);
685 q = cg_attach(controller, path, pid);
689 /* This does not remove the cgroup on failure */
693 int cg_attach(const char *controller, const char *path, pid_t pid) {
694 _cleanup_free_ char *fs = NULL;
695 char c[DECIMAL_STR_MAX(pid_t) + 2];
701 r = cg_get_path_and_check(controller, path, "cgroup.procs", &fs);
708 snprintf(c, sizeof(c), PID_FMT"\n", pid);
710 return write_string_file(fs, c, 0);
713 int cg_attach_fallback(const char *controller, const char *path, pid_t pid) {
720 r = cg_attach(controller, path, pid);
722 char prefix[strlen(path) + 1];
724 /* This didn't work? Then let's try all prefixes of
727 PATH_FOREACH_PREFIX(prefix, path) {
730 q = cg_attach(controller, prefix, pid);
739 /// UNNEEDED by elogind
741 int cg_set_group_access(
742 const char *controller,
748 _cleanup_free_ char *fs = NULL;
751 if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
754 if (mode != MODE_INVALID)
757 r = cg_get_path(controller, path, NULL, &fs);
761 return chmod_and_chown(fs, mode, uid, gid);
764 int cg_set_task_access(
765 const char *controller,
771 _cleanup_free_ char *fs = NULL, *procs = NULL;
776 if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
779 if (mode != MODE_INVALID)
782 r = cg_get_path(controller, path, "cgroup.procs", &fs);
786 r = chmod_and_chown(fs, mode, uid, gid);
790 unified = cg_unified();
796 /* Compatibility, Always keep values for "tasks" in sync with
798 if (cg_get_path(controller, path, "tasks", &procs) >= 0)
799 (void) chmod_and_chown(procs, mode, uid, gid);
805 int cg_pid_get_path(const char *controller, pid_t pid, char **path) {
806 _cleanup_fclose_ FILE *f = NULL;
815 unified = cg_unified();
820 if (!cg_controller_is_valid(controller))
823 controller = SYSTEMD_CGROUP_CONTROLLER;
825 cs = strlen(controller);
828 fs = procfs_file_alloca(pid, "cgroup");
829 log_debug_elogind("Searching for PID %u in \"%s\" (controller \"%s\")",
830 pid, fs, controller);
833 return errno == ENOENT ? -ESRCH : -errno;
835 FOREACH_LINE(line, f, return -errno) {
841 e = startswith(line, "0:");
851 const char *word, *state;
854 l = strchr(line, ':');
864 FOREACH_WORD_SEPARATOR(word, k, l, ",", state) {
865 if (k == cs && memcmp(word, controller, cs) == 0) {
875 log_debug_elogind("Found %s:%s", line, e+1);
887 int cg_install_release_agent(const char *controller, const char *agent) {
888 _cleanup_free_ char *fs = NULL, *contents = NULL;
894 unified = cg_unified();
897 if (unified) /* doesn't apply to unified hierarchy */
900 r = cg_get_path(controller, NULL, "release_agent", &fs);
904 r = read_one_line_file(fs, &contents);
908 sc = strstrip(contents);
910 r = write_string_file(fs, agent, 0);
913 } else if (!path_equal(sc, agent))
917 r = cg_get_path(controller, NULL, "notify_on_release", &fs);
921 contents = mfree(contents);
922 r = read_one_line_file(fs, &contents);
926 sc = strstrip(contents);
927 if (streq(sc, "0")) {
928 r = write_string_file(fs, "1", 0);
941 int cg_uninstall_release_agent(const char *controller) {
942 _cleanup_free_ char *fs = NULL;
945 unified = cg_unified();
948 if (unified) /* Doesn't apply to unified hierarchy */
951 r = cg_get_path(controller, NULL, "notify_on_release", &fs);
955 r = write_string_file(fs, "0", 0);
961 r = cg_get_path(controller, NULL, "release_agent", &fs);
965 r = write_string_file(fs, "", 0);
972 int cg_is_empty(const char *controller, const char *path) {
973 _cleanup_fclose_ FILE *f = NULL;
979 r = cg_enumerate_processes(controller, path, &f);
985 r = cg_read_pid(f, &pid);
992 int cg_is_empty_recursive(const char *controller, const char *path) {
997 /* The root cgroup is always populated */
998 if (controller && (isempty(path) || path_equal(path, "/")))
1001 unified = cg_unified();
1006 _cleanup_free_ char *populated = NULL, *t = NULL;
1008 /* On the unified hierarchy we can check empty state
1009 * via the "cgroup.populated" attribute. */
1011 r = cg_get_path(controller, path, "cgroup.populated", &populated);
1015 r = read_one_line_file(populated, &t);
1021 return streq(t, "0");
1023 _cleanup_closedir_ DIR *d = NULL;
1026 r = cg_is_empty(controller, path);
1030 r = cg_enumerate_subgroups(controller, path, &d);
1036 while ((r = cg_read_subgroup(d, &fn)) > 0) {
1037 _cleanup_free_ char *p = NULL;
1039 p = strjoin(path, "/", fn, NULL);
1044 r = cg_is_empty_recursive(controller, p);
1055 int cg_split_spec(const char *spec, char **controller, char **path) {
1056 char *t = NULL, *u = NULL;
1062 if (!path_is_safe(spec))
1070 *path = path_kill_slashes(t);
1079 e = strchr(spec, ':');
1081 if (!cg_controller_is_valid(spec))
1098 t = strndup(spec, e-spec);
1101 if (!cg_controller_is_valid(t)) {
1115 if (!path_is_safe(u) ||
1116 !path_is_absolute(u)) {
1122 path_kill_slashes(u);
1138 int cg_mangle_path(const char *path, char **result) {
1139 _cleanup_free_ char *c = NULL, *p = NULL;
1146 /* First, check if it already is a filesystem path */
1147 if (path_startswith(path, "/sys/fs/cgroup")) {
1153 *result = path_kill_slashes(t);
1157 /* Otherwise, treat it as cg spec */
1158 r = cg_split_spec(path, &c, &p);
1162 return cg_get_path(c ? c : SYSTEMD_CGROUP_CONTROLLER, p ? p : "/", NULL, result);
1165 int cg_get_root_path(char **path) {
1166 /// elogind does not support systemd scopes and slices
1173 r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 1, &p);
1177 e = endswith(p, "/" SPECIAL_INIT_SCOPE);
1179 e = endswith(p, "/" SPECIAL_SYSTEM_SLICE); /* legacy */
1181 e = endswith(p, "/system"); /* even more legacy */
1189 return cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 1, path);
1193 int cg_shift_path(const char *cgroup, const char *root, const char **shifted) {
1194 _cleanup_free_ char *rt = NULL;
1202 /* If the root was specified let's use that, otherwise
1203 * let's determine it from PID 1 */
1205 r = cg_get_root_path(&rt);
1210 log_debug_elogind("Determined root path: \"%s\"", root);
1213 p = path_startswith(cgroup, root);
1214 if (p && p[0] && (p > cgroup))
1222 int cg_pid_get_path_shifted(pid_t pid, const char *root, char **cgroup) {
1223 _cleanup_free_ char *raw = NULL;
1230 r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &raw);
1234 log_debug_elogind("Shifting path: \"%s\" (PID %u, root: \"%s\")",
1235 raw, pid, root ? root : "NULL");
1236 r = cg_shift_path(raw, root, &c);
1252 log_debug_elogind("Resulting cgroup:\"%s\"", *cgroup);
1257 /// UNNEEDED by elogind
1259 int cg_path_decode_unit(const char *cgroup, char **unit){
1266 n = strcspn(cgroup, "/");
1270 c = strndupa(cgroup, n);
1273 if (!unit_name_is_valid(c, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
1284 static bool valid_slice_name(const char *p, size_t n) {
1289 if (n < strlen("x.slice"))
1292 if (memcmp(p + n - 6, ".slice", 6) == 0) {
1298 c = cg_unescape(buf);
1300 return unit_name_is_valid(c, UNIT_NAME_PLAIN);
1306 static const char *skip_slices(const char *p) {
1309 /* Skips over all slice assignments */
1314 p += strspn(p, "/");
1316 n = strcspn(p, "/");
1317 if (!valid_slice_name(p, n))
1324 int cg_path_get_unit(const char *path, char **ret) {
1332 e = skip_slices(path);
1334 r = cg_path_decode_unit(e, &unit);
1338 /* We skipped over the slices, don't accept any now */
1339 if (endswith(unit, ".slice")) {
1348 int cg_pid_get_unit(pid_t pid, char **unit) {
1349 _cleanup_free_ char *cgroup = NULL;
1354 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1358 return cg_path_get_unit(cgroup, unit);
1362 * Skip session-*.scope, but require it to be there.
1364 static const char *skip_session(const char *p) {
1370 p += strspn(p, "/");
1372 n = strcspn(p, "/");
1373 if (n < strlen("session-x.scope"))
1376 if (memcmp(p, "session-", 8) == 0 && memcmp(p + n - 6, ".scope", 6) == 0) {
1377 char buf[n - 8 - 6 + 1];
1379 memcpy(buf, p + 8, n - 8 - 6);
1382 /* Note that session scopes never need unescaping,
1383 * since they cannot conflict with the kernel's own
1384 * names, hence we don't need to call cg_unescape()
1387 if (!session_id_valid(buf))
1391 p += strspn(p, "/");
1399 * Skip user@*.service, but require it to be there.
1401 static const char *skip_user_manager(const char *p) {
1407 p += strspn(p, "/");
1409 n = strcspn(p, "/");
1410 if (n < strlen("user@x.service"))
1413 if (memcmp(p, "user@", 5) == 0 && memcmp(p + n - 8, ".service", 8) == 0) {
1414 char buf[n - 5 - 8 + 1];
1416 memcpy(buf, p + 5, n - 5 - 8);
1419 /* Note that user manager services never need unescaping,
1420 * since they cannot conflict with the kernel's own
1421 * names, hence we don't need to call cg_unescape()
1424 if (parse_uid(buf, NULL) < 0)
1428 p += strspn(p, "/");
1436 static const char *skip_user_prefix(const char *path) {
1441 /* Skip slices, if there are any */
1442 e = skip_slices(path);
1444 /* Skip the user manager, if it's in the path now... */
1445 t = skip_user_manager(e);
1449 /* Alternatively skip the user session if it is in the path... */
1450 return skip_session(e);
1453 int cg_path_get_user_unit(const char *path, char **ret) {
1459 t = skip_user_prefix(path);
1463 /* And from here on it looks pretty much the same as for a
1464 * system unit, hence let's use the same parser from here
1466 return cg_path_get_unit(t, ret);
1469 int cg_pid_get_user_unit(pid_t pid, char **unit) {
1470 _cleanup_free_ char *cgroup = NULL;
1475 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1479 return cg_path_get_user_unit(cgroup, unit);
1482 int cg_path_get_machine_name(const char *path, char **machine) {
1483 _cleanup_free_ char *u = NULL;
1487 r = cg_path_get_unit(path, &u);
1491 sl = strjoina("/run/systemd/machines/unit:", u);
1492 return readlink_malloc(sl, machine);
1495 int cg_pid_get_machine_name(pid_t pid, char **machine) {
1496 _cleanup_free_ char *cgroup = NULL;
1501 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1505 return cg_path_get_machine_name(cgroup, machine);
1509 int cg_path_get_session(const char *path, char **session) {
1510 /* Elogind uses a flat hierarchy, just "/SESSION". The only
1511 wrinkle is that SESSION might be escaped. */
1513 _cleanup_free_ char *unit = NULL;
1519 r = cg_path_get_unit(path, &unit);
1523 start = startswith(unit, "session-");
1526 end = endswith(start, ".scope");
1531 if (!session_id_valid(start))
1534 const char *e, *n, *start;
1537 log_debug_elogind("path is \"%s\"", path);
1538 assert(path[0] == '/');
1541 n = strchrnul(e, '/');
1545 start = strndupa(e, n - e);
1546 start = cg_unescape(start);
1555 log_debug_elogind("found session: \"%s\"", start);
1566 int cg_pid_get_session(pid_t pid, char **session) {
1567 _cleanup_free_ char *cgroup = NULL;
1570 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1574 return cg_path_get_session(cgroup, session);
1577 /// UNNEEDED by elogind
1579 int cg_path_get_owner_uid(const char *path, uid_t *uid) {
1580 _cleanup_free_ char *slice = NULL;
1586 r = cg_path_get_slice(path, &slice);
1590 start = startswith(slice, "user-");
1593 end = endswith(start, ".slice");
1598 if (parse_uid(start, uid) < 0)
1604 int cg_pid_get_owner_uid(pid_t pid, uid_t *uid) {
1605 _cleanup_free_ char *cgroup = NULL;
1608 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1612 return cg_path_get_owner_uid(cgroup, uid);
1615 int cg_path_get_slice(const char *p, char **slice) {
1616 const char *e = NULL;
1621 /* Finds the right-most slice unit from the beginning, but
1622 * stops before we come to the first non-slice unit. */
1627 p += strspn(p, "/");
1629 n = strcspn(p, "/");
1630 if (!valid_slice_name(p, n)) {
1635 s = strdup("-.slice");
1643 return cg_path_decode_unit(e, slice);
1651 int cg_pid_get_slice(pid_t pid, char **slice) {
1652 _cleanup_free_ char *cgroup = NULL;
1657 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1661 return cg_path_get_slice(cgroup, slice);
1664 int cg_path_get_user_slice(const char *p, char **slice) {
1669 t = skip_user_prefix(p);
1673 /* And now it looks pretty much the same as for a system
1674 * slice, so let's just use the same parser from here on. */
1675 return cg_path_get_slice(t, slice);
1678 int cg_pid_get_user_slice(pid_t pid, char **slice) {
1679 _cleanup_free_ char *cgroup = NULL;
1684 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1688 return cg_path_get_user_slice(cgroup, slice);
1692 char *cg_escape(const char *p) {
1693 bool need_prefix = false;
1695 /* This implements very minimal escaping for names to be used
1696 * as file names in the cgroup tree: any name which might
1697 * conflict with a kernel name or is prefixed with '_' is
1698 * prefixed with a '_'. That way, when reading cgroup names it
1699 * is sufficient to remove a single prefixing underscore if
1702 /* The return value of this function (unlike cg_unescape())
1708 streq(p, "notify_on_release") ||
1709 streq(p, "release_agent") ||
1710 streq(p, "tasks") ||
1711 startswith(p, "cgroup."))
1716 dot = strrchr(p, '.');
1721 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1724 n = cgroup_controller_to_string(c);
1729 if (memcmp(p, n, l) != 0)
1739 return strappend("_", p);
1744 char *cg_unescape(const char *p) {
1747 /* The return value of this function (unlike cg_escape())
1748 * doesn't need free()! */
1756 #define CONTROLLER_VALID \
1760 bool cg_controller_is_valid(const char *p) {
1766 s = startswith(p, "name=");
1770 if (*p == 0 || *p == '_')
1773 for (t = p; *t; t++)
1774 if (!strchr(CONTROLLER_VALID, *t))
1777 if (t - p > FILENAME_MAX)
1783 /// UNNEEDED by elogind
1785 int cg_slice_to_path(const char *unit, char **ret) {
1786 _cleanup_free_ char *p = NULL, *s = NULL, *e = NULL;
1793 if (streq(unit, "-.slice")) {
1803 if (!unit_name_is_valid(unit, UNIT_NAME_PLAIN))
1806 if (!endswith(unit, ".slice"))
1809 r = unit_name_to_prefix(unit, &p);
1813 dash = strchr(p, '-');
1815 /* Don't allow initial dashes */
1820 _cleanup_free_ char *escaped = NULL;
1821 char n[dash - p + sizeof(".slice")];
1823 /* Don't allow trailing or double dashes */
1824 if (dash[1] == 0 || dash[1] == '-')
1827 strcpy(stpncpy(n, p, dash - p), ".slice");
1828 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN))
1831 escaped = cg_escape(n);
1835 if (!strextend(&s, escaped, "/", NULL))
1838 dash = strchr(dash+1, '-');
1841 e = cg_escape(unit);
1845 if (!strextend(&s, e, NULL))
1855 int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value) {
1856 _cleanup_free_ char *p = NULL;
1859 r = cg_get_path(controller, path, attribute, &p);
1863 return write_string_file(p, value, 0);
1866 /// UNNEEDED by elogind
1868 int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) {
1869 _cleanup_free_ char *p = NULL;
1872 r = cg_get_path(controller, path, attribute, &p);
1876 return read_one_line_file(p, ret);
1879 int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) {
1883 /* This one will create a cgroup in our private tree, but also
1884 * duplicate it in the trees specified in mask, and remove it
1887 /* First create the cgroup in our own hierarchy. */
1888 r = cg_create(SYSTEMD_CGROUP_CONTROLLER, path);
1892 /* If we are in the unified hierarchy, we are done now */
1893 unified = cg_unified();
1899 /* Otherwise, do the same in the other hierarchies */
1900 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1901 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1904 n = cgroup_controller_to_string(c);
1907 (void) cg_create(n, path);
1908 else if (supported & bit)
1909 (void) cg_trim(n, path, true);
1915 int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) {
1919 r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, path, pid);
1923 unified = cg_unified();
1929 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1930 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1931 const char *p = NULL;
1933 if (!(supported & bit))
1937 p = path_callback(bit, userdata);
1942 (void) cg_attach_fallback(cgroup_controller_to_string(c), p, pid);
1948 int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) {
1953 SET_FOREACH(pidp, pids, i) {
1954 pid_t pid = PTR_TO_PID(pidp);
1957 q = cg_attach_everywhere(supported, path, pid, path_callback, userdata);
1958 if (q < 0 && r >= 0)
1965 int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) {
1969 if (!path_equal(from, to)) {
1970 r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, false, true);
1975 unified = cg_unified();
1981 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1982 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1983 const char *p = NULL;
1985 if (!(supported & bit))
1989 p = to_callback(bit, userdata);
1994 (void) cg_migrate_recursive_fallback(SYSTEMD_CGROUP_CONTROLLER, to, cgroup_controller_to_string(c), p, false, false);
2000 int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) {
2004 r = cg_trim(SYSTEMD_CGROUP_CONTROLLER, path, delete_root);
2008 unified = cg_unified();
2014 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2015 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
2017 if (!(supported & bit))
2020 (void) cg_trim(cgroup_controller_to_string(c), path, delete_root);
2027 int cg_mask_supported(CGroupMask *ret) {
2028 CGroupMask mask = 0;
2031 /* Determines the mask of supported cgroup controllers. Only
2032 * includes controllers we can make sense of and that are
2033 * actually accessible. */
2035 unified = cg_unified();
2039 _cleanup_free_ char *root = NULL, *controllers = NULL, *path = NULL;
2042 /* In the unified hierarchy we can read the supported
2043 * and accessible controllers from a the top-level
2044 * cgroup attribute */
2046 r = cg_get_root_path(&root);
2050 r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, root, "cgroup.controllers", &path);
2054 r = read_one_line_file(path, &controllers);
2060 _cleanup_free_ char *n = NULL;
2063 r = extract_first_word(&c, &n, NULL, 0);
2069 v = cgroup_controller_from_string(n);
2073 mask |= CGROUP_CONTROLLER_TO_MASK(v);
2076 /* Currently, we only support the memory controller in
2077 * the unified hierarchy, mask everything else off. */
2078 mask &= CGROUP_MASK_MEMORY;
2083 /* In the legacy hierarchy, we check whether which
2084 * hierarchies are mounted. */
2086 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2089 n = cgroup_controller_to_string(c);
2090 if (controller_is_accessible(n) >= 0)
2091 mask |= CGROUP_CONTROLLER_TO_MASK(c);
2099 /// UNNEEDED by elogind
2101 int cg_kernel_controllers(Set *controllers) {
2102 _cleanup_fclose_ FILE *f = NULL;
2106 assert(controllers);
2108 /* Determines the full list of kernel-known controllers. Might
2109 * include controllers we don't actually support, arbitrary
2110 * named hierarchies and controllers that aren't currently
2111 * accessible (because not mounted). */
2113 f = fopen("/proc/cgroups", "re");
2115 if (errno == ENOENT)
2120 /* Ignore the header line */
2121 (void) fgets(buf, sizeof(buf), f);
2128 if (fscanf(f, "%ms %*i %*i %i", &controller, &enabled) != 2) {
2133 if (ferror(f) && errno != 0)
2144 if (!cg_controller_is_valid(controller)) {
2149 r = set_consume(controllers, controller);
2158 static thread_local int unified_cache = -1;
2160 int cg_unified(void) {
2163 /* Checks if we support the unified hierarchy. Returns an
2164 * error when the cgroup hierarchies aren't mounted yet or we
2165 * have any other trouble determining if the unified hierarchy
2168 if (unified_cache >= 0)
2169 return unified_cache;
2171 if (statfs("/sys/fs/cgroup/", &fs) < 0)
2174 /// elogind can not support the unified hierarchy as a controller,
2175 /// so always assume a classical hierarchy.
2176 /// If, ond only *if*, someone really wants to substitute systemd-login
2177 /// in an environment managed by systemd with elogin, we might have to
2178 /// add such a support.
2180 if (F_TYPE_EQUAL(fs.f_type, CGROUP_SUPER_MAGIC))
2181 unified_cache = true;
2182 else if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC))
2184 if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC))
2186 unified_cache = false;
2190 return unified_cache;
2193 /// UNNEEDED by elogind
2195 void cg_unified_flush(void) {
2199 int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p) {
2200 _cleanup_free_ char *fs = NULL;
2209 unified = cg_unified();
2212 if (!unified) /* on the legacy hiearchy there's no joining of controllers defined */
2215 r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, p, "cgroup.subtree_control", &fs);
2219 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2220 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
2223 if (!(supported & bit))
2226 n = cgroup_controller_to_string(c);
2228 char s[1 + strlen(n) + 1];
2230 s[0] = mask & bit ? '+' : '-';
2233 r = write_string_file(fs, s, 0);
2235 log_debug_errno(r, "Failed to enable controller %s for %s (%s): %m", n, p, fs);
2242 bool cg_is_unified_wanted(void) {
2243 static thread_local int wanted = -1;
2246 /* If the hierarchy is already mounted, then follow whatever
2247 * was chosen for it. */
2248 unified = cg_unified();
2252 /* Otherwise, let's see what the kernel command line has to
2253 * say. Since checking that is expensive, let's cache the
2258 r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy", NULL);
2260 return (wanted = true);
2262 _cleanup_free_ char *value = NULL;
2264 r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy=", &value);
2268 return (wanted = false);
2270 return (wanted = parse_boolean(value) > 0);
2274 bool cg_is_legacy_wanted(void) {
2275 return !cg_is_unified_wanted();
2278 bool cg_is_legacy_wanted(void) {
2283 static const char *cgroup_controller_table[_CGROUP_CONTROLLER_MAX] = {
2284 [CGROUP_CONTROLLER_CPU] = "cpu",
2285 [CGROUP_CONTROLLER_CPUACCT] = "cpuacct",
2286 [CGROUP_CONTROLLER_BLKIO] = "blkio",
2287 [CGROUP_CONTROLLER_MEMORY] = "memory",
2288 [CGROUP_CONTROLLER_DEVICE] = "devices",
2291 DEFINE_STRING_TABLE_LOOKUP(cgroup_controller, CGroupController);