X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fbasic%2Fcgroup-util.c;h=1c26c7f8ffd12469125f6a8ef073d6893add66f7;hb=aa63b97173e12293234cce3b378912eb761778e1;hp=424c2b69bb1bc4f730f16a06b509309c9812a500;hpb=d5949929f1247b0407637a44f388365e3966ef91;p=elogind.git diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c index 424c2b69b..1c26c7f8f 100644 --- a/src/basic/cgroup-util.c +++ b/src/basic/cgroup-util.c @@ -28,6 +28,7 @@ #include //#include #include +#include #include #include "alloc-util.h" @@ -37,7 +38,7 @@ #include "extract-word.h" #include "fd-util.h" #include "fileio.h" -#include "formats-util.h" +#include "format-util.h" #include "fs-util.h" //#include "log.h" #include "login-util.h" @@ -183,8 +184,7 @@ int cg_read_subgroup(DIR *d, char **fn) { if (de->d_type != DT_DIR) continue; - if (streq(de->d_name, ".") || - streq(de->d_name, "..")) + if (dot_or_dot_dot(de->d_name)) continue; b = strdup(de->d_name); @@ -210,6 +210,12 @@ int cg_rmdir(const char *controller, const char *path) { if (r < 0 && errno != ENOENT) return -errno; + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && cg_hybrid_unified()) { + r = cg_rmdir(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path); + if (r < 0) + log_warning_errno(r, "Failed to remove compat systemd cgroup %s: %m", path); + } + return 0; } @@ -346,7 +352,7 @@ int cg_kill_recursive( while ((r = cg_read_subgroup(d, &fn)) > 0) { _cleanup_free_ char *p = NULL; - p = strjoin(path, "/", fn, NULL); + p = strjoin(path, "/", fn); free(fn); if (!p) return -ENOMEM; @@ -484,7 +490,7 @@ int cg_migrate_recursive( while ((r = cg_read_subgroup(d, &fn)) > 0) { _cleanup_free_ char *p = NULL; - p = strjoin(pfrom, "/", fn, NULL); + p = strjoin(pfrom, "/", fn); free(fn); if (!p) return -ENOMEM; @@ -548,6 +554,13 @@ static const char *controller_to_dirname(const char *controller) { * just cuts off the name= prefixed used for named * hierarchies, if it is specified. */ + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER)) { + if (cg_hybrid_unified()) + controller = SYSTEMD_CGROUP_CONTROLLER_HYBRID; + else + controller = SYSTEMD_CGROUP_CONTROLLER_LEGACY; + } + e = startswith(controller, "name="); if (e) return e; @@ -567,11 +580,11 @@ static int join_path_legacy(const char *controller, const char *path, const char if (isempty(path) && isempty(suffix)) t = strappend("/sys/fs/cgroup/", dn); else if (isempty(path)) - t = strjoin("/sys/fs/cgroup/", dn, "/", suffix, NULL); + t = strjoin("/sys/fs/cgroup/", dn, "/", suffix); else if (isempty(suffix)) - t = strjoin("/sys/fs/cgroup/", dn, "/", path, NULL); + t = strjoin("/sys/fs/cgroup/", dn, "/", path); else - t = strjoin("/sys/fs/cgroup/", dn, "/", path, "/", suffix, NULL); + t = strjoin("/sys/fs/cgroup/", dn, "/", path, "/", suffix); if (!t) return -ENOMEM; @@ -591,7 +604,7 @@ static int join_path_unified(const char *path, const char *suffix, char **fs) { else if (isempty(suffix)) t = strappend("/sys/fs/cgroup/", path); else - t = strjoin("/sys/fs/cgroup/", path, "/", suffix, NULL); + t = strjoin("/sys/fs/cgroup/", path, "/", suffix); if (!t) return -ENOMEM; @@ -600,7 +613,7 @@ static int join_path_unified(const char *path, const char *suffix, char **fs) { } int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) { - int unified, r; + int r; assert(fs); @@ -618,7 +631,7 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch else if (!path) t = strdup(suffix); else - t = strjoin(path, "/", suffix, NULL); + t = strjoin(path, "/", suffix); if (!t) return -ENOMEM; @@ -629,11 +642,7 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch if (!cg_controller_is_valid(controller)) return -EINVAL; - unified = cg_all_unified(); - if (unified < 0) - return unified; - - if (unified > 0) + if (cg_all_unified()) r = join_path_unified(path, suffix, fs); else r = join_path_legacy(controller, path, suffix, fs); @@ -645,7 +654,6 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch } static int controller_is_accessible(const char *controller) { - int unified; assert(controller); @@ -657,10 +665,7 @@ static int controller_is_accessible(const char *controller) { if (!cg_controller_is_valid(controller)) return -EINVAL; - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (unified > 0) { + if (cg_all_unified()) { /* We don't support named hierarchies if we are using * the unified hierarchy. */ @@ -714,7 +719,7 @@ static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct int cg_trim(const char *controller, const char *path, bool delete_root) { _cleanup_free_ char *fs = NULL; - int r = 0; + int r = 0, q; assert(path); @@ -737,6 +742,12 @@ int cg_trim(const char *controller, const char *path, bool delete_root) { return -errno; } + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && cg_hybrid_unified()) { + q = cg_trim(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, delete_root); + if (q < 0) + log_warning_errno(q, "Failed to trim compat systemd cgroup %s: %m", path); + } + return r; } @@ -760,6 +771,12 @@ int cg_create(const char *controller, const char *path) { return -errno; } + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && cg_hybrid_unified()) { + r = cg_create(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path); + if (r < 0) + log_warning_errno(r, "Failed to create compat systemd cgroup %s: %m", path); + } + return 1; } @@ -797,7 +814,17 @@ int cg_attach(const char *controller, const char *path, pid_t pid) { xsprintf(c, PID_FMT "\n", pid); - return write_string_file(fs, c, 0); + r = write_string_file(fs, c, 0); + if (r < 0) + return r; + + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && cg_hybrid_unified()) { + r = cg_attach(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, pid); + if (r < 0) + log_warning_errno(r, "Failed to attach %d to compat systemd cgroup %s: %m", pid, path); + } + + return 0; } int cg_attach_fallback(const char *controller, const char *path, pid_t pid) { @@ -847,7 +874,17 @@ int cg_set_group_access( if (r < 0) return r; - return chmod_and_chown(fs, mode, uid, gid); + r = chmod_and_chown(fs, mode, uid, gid); + if (r < 0) + return r; + + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && cg_hybrid_unified()) { + r = cg_set_group_access(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, mode, uid, gid); + if (r < 0) + log_warning_errno(r, "Failed to set group access on compat systemd cgroup %s: %m", path); + } + + return 0; } int cg_set_task_access( @@ -858,7 +895,7 @@ int cg_set_task_access( gid_t gid) { _cleanup_free_ char *fs = NULL, *procs = NULL; - int r, unified; + int r; assert(path); @@ -876,20 +913,21 @@ int cg_set_task_access( if (r < 0) return r; - unified = cg_unified(controller); - if (unified < 0) - return unified; - if (unified) - return 0; + if (!cg_unified(controller)) { + /* Compatibility, Always keep values for "tasks" in sync with + * "cgroup.procs" */ + if (cg_get_path(controller, path, "tasks", &procs) >= 0) + (void) chmod_and_chown(procs, mode, uid, gid); + } - /* Compatibility, Always keep values for "tasks" in sync with - * "cgroup.procs" */ - if (cg_get_path(controller, path, "tasks", &procs) >= 0) - (void) chmod_and_chown(procs, mode, uid, gid); + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && cg_hybrid_unified()) { + r = cg_set_task_access(SYSTEMD_CGROUP_CONTROLLER_LEGACY, path, mode, uid, gid); + if (r < 0) + log_warning_errno(r, "Failed to set task access on compat systemd cgroup %s: %m", path); + } return 0; } -#endif // 0 int cg_set_xattr(const char *controller, const char *path, const char *name, const void *value, size_t size, int flags) { _cleanup_free_ char *fs = NULL; @@ -927,13 +965,14 @@ int cg_get_xattr(const char *controller, const char *path, const char *name, voi return (int) n; } +#endif // 0 int cg_pid_get_path(const char *controller, pid_t pid, char **path) { _cleanup_fclose_ FILE *f = NULL; char line[LINE_MAX]; - const char *fs; + const char *fs, *controller_str; size_t cs = 0; - int unified; + bool unified; assert(path); assert(pid >= 0); @@ -945,10 +984,14 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { controller = SYSTEMD_CGROUP_CONTROLLER; unified = cg_unified(controller); - if (unified < 0) - return unified; - if (unified == 0) - cs = strlen(controller); + if (!unified) { + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER)) + controller_str = SYSTEMD_CGROUP_CONTROLLER_LEGACY; + else + controller_str = controller; + + cs = strlen(controller_str); + } fs = procfs_file_alloca(pid, "cgroup"); log_debug_elogind("Searching for PID %u in \"%s\" (controller \"%s\")", @@ -987,7 +1030,7 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { *e = 0; FOREACH_WORD_SEPARATOR(word, k, l, ",", state) { - if (k == cs && memcmp(word, controller, cs) == 0) { + if (k == cs && memcmp(word, controller_str, cs) == 0) { found = true; break; } @@ -1012,14 +1055,11 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { int cg_install_release_agent(const char *controller, const char *agent) { _cleanup_free_ char *fs = NULL, *contents = NULL; const char *sc; - int r, unified; + int r; assert(agent); - unified = cg_unified(controller); - if (unified < 0) - return unified; - if (unified) /* doesn't apply to unified hierarchy */ + if (cg_unified(controller)) /* doesn't apply to unified hierarchy */ return -EOPNOTSUPP; r = cg_get_path(controller, NULL, "release_agent", &fs); @@ -1065,12 +1105,9 @@ int cg_install_release_agent(const char *controller, const char *agent) { int cg_uninstall_release_agent(const char *controller) { _cleanup_free_ char *fs = NULL; - int r, unified; + int r; - unified = cg_unified(controller); - if (unified < 0) - return unified; - if (unified) /* Doesn't apply to unified hierarchy */ + if (cg_unified(controller)) /* Doesn't apply to unified hierarchy */ return -EOPNOTSUPP; r = cg_get_path(controller, NULL, "notify_on_release", &fs); @@ -1115,7 +1152,7 @@ int cg_is_empty(const char *controller, const char *path) { } int cg_is_empty_recursive(const char *controller, const char *path) { - int unified, r; + int r; assert(path); @@ -1123,11 +1160,7 @@ int cg_is_empty_recursive(const char *controller, const char *path) { if (controller && (isempty(path) || path_equal(path, "/"))) return false; - unified = cg_unified(controller); - if (unified < 0) - return unified; - - if (unified > 0) { + if (cg_unified(controller)) { _cleanup_free_ char *t = NULL; /* On the unified hierarchy we can check empty state @@ -1155,7 +1188,7 @@ int cg_is_empty_recursive(const char *controller, const char *path) { while ((r = cg_read_subgroup(d, &fn)) > 0) { _cleanup_free_ char *p = NULL; - p = strjoin(path, "/", fn, NULL); + p = strjoin(path, "/", fn); free(fn); if (!p) return -ENOMEM; @@ -1329,7 +1362,11 @@ int cg_shift_path(const char *cgroup, const char *root, const char **shifted) { } p = path_startswith(cgroup, root); +#if 0 /// With other controllers, elogind might end up in /elogind, and *p is 0 if (p && p > cgroup) +#else + if (p && p[0] && (p > cgroup)) +#endif // 0 *shifted = p - 1; else *shifted = cgroup; @@ -1879,6 +1916,9 @@ bool cg_controller_is_valid(const char *p) { if (!p) return false; + if (streq(p, SYSTEMD_CGROUP_CONTROLLER)) + return true; + s = startswith(p, "name="); if (s) p = s; @@ -2035,7 +2075,7 @@ int cg_get_keyed_attribute(const char *controller, const char *path, const char int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) { CGroupController c; - int r, unified; + int r; /* This one will create a cgroup in our private tree, but also * duplicate it in the trees specified in mask, and remove it @@ -2047,10 +2087,7 @@ int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path return r; /* If we are in the unified hierarchy, we are done now */ - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (unified > 0) + if (cg_all_unified()) return 0; /* Otherwise, do the same in the other hierarchies */ @@ -2071,16 +2108,13 @@ int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) { CGroupController c; - int r, unified; + int r; r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, path, pid); if (r < 0) return r; - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (unified > 0) + if (cg_all_unified()) return 0; for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) { @@ -2121,7 +2155,7 @@ int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) { CGroupController c; - int r = 0, unified; + int r = 0; if (!path_equal(from, to)) { r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, CGROUP_REMOVE); @@ -2129,10 +2163,7 @@ int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to return r; } - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (unified > 0) + if (cg_all_unified()) return r; for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) { @@ -2156,16 +2187,13 @@ int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) { CGroupController c; - int r, unified; + int r; r = cg_trim(SYSTEMD_CGROUP_CONTROLLER, path, delete_root); if (r < 0) return r; - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (unified > 0) + if (cg_all_unified()) return r; for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) { @@ -2183,16 +2211,13 @@ int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) int cg_mask_supported(CGroupMask *ret) { CGroupMask mask = 0; - int r, unified; + int r; /* Determines the mask of supported cgroup controllers. Only * includes controllers we can make sense of and that are * actually accessible. */ - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (unified > 0) { + if (cg_all_unified()) { _cleanup_free_ char *root = NULL, *controllers = NULL, *path = NULL; const char *c; @@ -2314,6 +2339,20 @@ int cg_kernel_controllers(Set *controllers) { static thread_local CGroupUnified unified_cache = CGROUP_UNIFIED_UNKNOWN; +/* The hybrid mode was initially implemented in v232 and simply mounted + * cgroup v2 on /sys/fs/cgroup/systemd. This unfortunately broke other + * tools (such as docker) which expected the v1 "name=systemd" hierarchy + * on /sys/fs/cgroup/systemd. From v233 and on, the hybrid mode mountnbs + * v2 on /sys/fs/cgroup/unified and maintains "name=systemd" hierarchy + * on /sys/fs/cgroup/systemd for compatibility with other tools. + * + * To keep live upgrade working, we detect and support v232 layout. When + * v232 layout is detected, to keep cgroup v2 process management but + * disable the compat dual layout, we return %true on + * cg_unified(SYSTEMD_CGROUP_CONTROLLER) and %false on cg_hybrid_unified(). + */ +static thread_local bool unified_systemd_v232; + static int cg_update_unified(void) { struct statfs fs; @@ -2331,34 +2370,40 @@ static int cg_update_unified(void) { #if 0 /// UNNEEDED by elogind if (F_TYPE_EQUAL(fs.f_type, CGROUP2_SUPER_MAGIC)) + unified_cache = CGROUP_UNIFIED_ALL; + else if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC)) { + if (statfs("/sys/fs/cgroup/unified/", &fs) == 0 && + F_TYPE_EQUAL(fs.f_type, CGROUP2_SUPER_MAGIC)) { + unified_cache = CGROUP_UNIFIED_SYSTEMD; + unified_systemd_v232 = false; + } else if (statfs("/sys/fs/cgroup/systemd/", &fs) == 0 && + F_TYPE_EQUAL(fs.f_type, CGROUP2_SUPER_MAGIC)) { + unified_cache = CGROUP_UNIFIED_SYSTEMD; + unified_systemd_v232 = true; + } else { + if (statfs("/sys/fs/cgroup/systemd/", &fs) < 0) + return -errno; + if (!F_TYPE_EQUAL(fs.f_type, CGROUP_SUPER_MAGIC)) + return -ENOMEDIUM; + unified_cache = CGROUP_UNIFIED_NONE; + } + } else + return -ENOMEDIUM; #else /* elogind can not support the unified hierarchy as a controller, * so always assume a classical hierarchy. * If, and only *if*, someone really wants to substitute systemd-login * in an environment managed by systemd with elogind, we might have to * add such a support. */ - if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC)) { + unified_cache = CGROUP_UNIFIED_NONE; #endif // 0 - unified_cache = CGROUP_UNIFIED_ALL; - else if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC)) { - if (statfs("/sys/fs/cgroup/systemd/", &fs) < 0) - return -errno; - - unified_cache = F_TYPE_EQUAL(fs.f_type, CGROUP2_SUPER_MAGIC) ? - CGROUP_UNIFIED_SYSTEMD : CGROUP_UNIFIED_NONE; - } else - return -ENOMEDIUM; return 0; } -int cg_unified(const char *controller) { +bool cg_unified(const char *controller) { - int r; - - r = cg_update_unified(); - if (r < 0) - return r; + assert(cg_update_unified() >= 0); if (streq_ptr(controller, SYSTEMD_CGROUP_CONTROLLER)) return unified_cache >= CGROUP_UNIFIED_SYSTEMD; @@ -2366,30 +2411,36 @@ int cg_unified(const char *controller) { return unified_cache >= CGROUP_UNIFIED_ALL; } -int cg_all_unified(void) { +bool cg_all_unified(void) { return cg_unified(NULL); } #if 0 /// UNNEEDED by elogind -void cg_unified_flush(void) { +bool cg_hybrid_unified(void) { + + assert(cg_update_unified() >= 0); + + return unified_cache == CGROUP_UNIFIED_SYSTEMD && !unified_systemd_v232; +} + +int cg_unified_flush(void) { unified_cache = CGROUP_UNIFIED_UNKNOWN; + + return cg_update_unified(); } int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p) { _cleanup_free_ char *fs = NULL; CGroupController c; - int r, unified; + int r; assert(p); if (supported == 0) return 0; - unified = cg_all_unified(); - if (unified < 0) - return unified; - if (!unified) /* on the legacy hiearchy there's no joining of controllers defined */ + if (!cg_all_unified()) /* on the legacy hiearchy there's no joining of controllers defined */ return 0; r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, p, "cgroup.subtree_control", &fs); @@ -2421,13 +2472,13 @@ int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p) { bool cg_is_unified_wanted(void) { static thread_local int wanted = -1; - int r, unified; + int r; + bool b; /* If the hierarchy is already mounted, then follow whatever * was chosen for it. */ - unified = cg_all_unified(); - if (unified >= 0) - return unified; + if (cg_unified_flush() >= 0) + return cg_all_unified(); /* Otherwise, let's see what the kernel command line has to * say. Since checking that is expensive, let's cache the @@ -2435,32 +2486,21 @@ bool cg_is_unified_wanted(void) { if (wanted >= 0) return wanted; - r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy", NULL); - if (r > 0) - return (wanted = true); - else { - _cleanup_free_ char *value = NULL; - - r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy=", &value); - if (r < 0) - return false; - if (r == 0) - return (wanted = false); + r = proc_cmdline_get_bool("systemd.unified_cgroup_hierarchy", &b); + if (r < 0) + return false; - return (wanted = parse_boolean(value) > 0); - } + return (wanted = r > 0 ? b : false); } bool cg_is_legacy_wanted(void) { return !cg_is_unified_wanted(); } -#else -bool cg_is_legacy_wanted(void) { - return true; bool cg_is_unified_systemd_controller_wanted(void) { static thread_local int wanted = -1; - int r, unified; + int r; + bool b; /* If the unified hierarchy is requested in full, no need to * bother with this. */ @@ -2469,9 +2509,8 @@ bool cg_is_unified_systemd_controller_wanted(void) { /* If the hierarchy is already mounted, then follow whatever * was chosen for it. */ - unified = cg_unified(SYSTEMD_CGROUP_CONTROLLER); - if (unified >= 0) - return unified; + if (cg_unified_flush() >= 0) + return cg_unified(SYSTEMD_CGROUP_CONTROLLER); /* Otherwise, let's see what the kernel command line has to * say. Since checking that is expensive, let's cache the @@ -2479,25 +2518,17 @@ bool cg_is_unified_systemd_controller_wanted(void) { if (wanted >= 0) return wanted; - r = get_proc_cmdline_key("systemd.legacy_systemd_cgroup_controller", NULL); - if (r > 0) { - if (r > 0) - wanted = false; - } else { - else { - _cleanup_free_ char *value = NULL; - - r = get_proc_cmdline_key("systemd.legacy_systemd_cgroup_controller=", &value); - if (r < 0) - return true; - - if (r == 0) - wanted = true; - else - wanted = parse_boolean(value) <= 0; - } + r = proc_cmdline_get_bool("systemd.legacy_systemd_cgroup_controller", &b); + if (r < 0) + return false; - return wanted; +#else +bool cg_is_legacy_wanted(void) { + return true; + /* The meaning of the kernel option is reversed wrt. to the return value + * of this function, hence the negation. */ + return (wanted = r > 0 ? !b : false); + return (wanted = r > 0 ? b : false); } bool cg_is_legacy_systemd_controller_wanted(void) {