X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fshared%2Fcgroup-util.c;h=c746d606d9ff648c29cbcd530d579b5e87acd547;hb=01c94c5d0aff09b4c0e429d483c8eeba40017071;hp=016080f65b902b49eae26e2195ff5a8f7d77a159;hpb=5954c07433b134694256b9989f2ad3f85a643976;p=elogind.git diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c index 016080f65..c746d606d 100644 --- a/src/shared/cgroup-util.c +++ b/src/shared/cgroup-util.c @@ -30,14 +30,14 @@ #include #include "cgroup-util.h" -#include "log.h" #include "set.h" #include "macro.h" #include "util.h" +#include "formats-util.h" #include "path-util.h" -#include "strv.h" -#include "unit-name.h" #include "fileio.h" +#include "special.h" +#include "mkdir.h" int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) { _cleanup_free_ char *fs = NULL; @@ -58,25 +58,6 @@ int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) return 0; } -int cg_enumerate_tasks(const char *controller, const char *path, FILE **_f) { - _cleanup_free_ char *fs = NULL; - FILE *f; - int r; - - assert(_f); - - r = cg_get_path(controller, path, "tasks", &fs); - if (r < 0) - return r; - - f = fopen(fs, "re"); - if (!f) - return -errno; - - *_f = f; - return 0; -} - int cg_read_pid(FILE *f, pid_t *_pid) { unsigned long ul; @@ -150,7 +131,7 @@ int cg_read_subgroup(DIR *d, char **fn) { return 0; } -int cg_rmdir(const char *controller, const char *path, bool honour_sticky) { +int cg_rmdir(const char *controller, const char *path) { _cleanup_free_ char *p = NULL; int r; @@ -158,22 +139,6 @@ int cg_rmdir(const char *controller, const char *path, bool honour_sticky) { if (r < 0) return r; - if (honour_sticky) { - char *tasks; - - /* If the sticky bit is set don't remove the directory */ - - tasks = strappend(p, "/tasks"); - if (!tasks) - return -ENOMEM; - - r = file_is_priv_sticky(tasks); - free(tasks); - - if (r > 0) - return 0; - } - r = rmdir(p); if (r < 0 && errno != ENOENT) return -errno; @@ -194,7 +159,7 @@ int cg_kill(const char *controller, const char *path, int sig, bool sigcont, boo * tasks list, to properly handle forking processes */ if (!s) { - s = allocated_set = set_new(trivial_hash_func, trivial_compare_func); + s = allocated_set = set_new(NULL); if (!s) return -ENOMEM; } @@ -227,12 +192,12 @@ int cg_kill(const char *controller, const char *path, int sig, bool sigcont, boo if (kill(pid, sig) < 0) { if (ret >= 0 && errno != ESRCH) ret = -errno; - } else if (ret == 0) { - - if (sigcont) + } else { + if (sigcont && sig != SIGKILL) kill(pid, SIGCONT); - ret = 1; + if (ret == 0) + ret = 1; } done = false; @@ -272,7 +237,7 @@ int cg_kill_recursive(const char *controller, const char *path, int sig, bool si assert(sig >= 0); if (!s) { - s = allocated_set = set_new(trivial_hash_func, trivial_compare_func); + s = allocated_set = set_new(NULL); if (!s) return -ENOMEM; } @@ -304,7 +269,7 @@ int cg_kill_recursive(const char *controller, const char *path, int sig, bool si ret = r; if (rem) { - r = cg_rmdir(controller, path, true); + r = cg_rmdir(controller, path); if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY) return r; } @@ -312,37 +277,6 @@ int cg_kill_recursive(const char *controller, const char *path, int sig, bool si return ret; } -int cg_kill_recursive_and_wait(const char *controller, const char *path, bool rem) { - unsigned i; - - assert(path); - - /* This safely kills all processes; first it sends a SIGTERM, - * then checks 8 times after 200ms whether the group is now - * empty, then kills everything that is left with SIGKILL and - * finally checks 5 times after 200ms each whether the group - * is finally empty. */ - - for (i = 0; i < 15; i++) { - int sig, r; - - if (i <= 0) - sig = SIGTERM; - else if (i == 9) - sig = SIGKILL; - else - sig = 0; - - r = cg_kill_recursive(controller, path, sig, true, true, rem, NULL); - if (r <= 0) - return r; - - usleep(200 * USEC_PER_MSEC); - } - - return 0; -} - int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self) { bool done = false; _cleanup_set_free_ Set *s = NULL; @@ -354,7 +288,7 @@ int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char assert(cto); assert(pto); - s = set_new(trivial_hash_func, trivial_compare_func); + s = set_new(NULL); if (!s) return -ENOMEM; @@ -365,7 +299,7 @@ int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char pid_t pid = 0; done = true; - r = cg_enumerate_tasks(cfrom, pfrom, &f); + r = cg_enumerate_processes(cfrom, pfrom, &f); if (r < 0) { if (ret >= 0 && r != -ENOENT) return r; @@ -413,7 +347,14 @@ int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char return ret; } -int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self, bool rem) { +int cg_migrate_recursive( + const char *cfrom, + const char *pfrom, + const char *cto, + const char *pto, + bool ignore_self, + bool rem) { + _cleanup_closedir_ DIR *d = NULL; int r, ret = 0; char *fn; @@ -454,7 +395,7 @@ int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, ret = r; if (rem) { - r = cg_rmdir(cfrom, pfrom, true); + r = cg_rmdir(cfrom, pfrom); if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY) return r; } @@ -462,12 +403,43 @@ int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, return ret; } +int cg_migrate_recursive_fallback( + const char *cfrom, + const char *pfrom, + const char *cto, + const char *pto, + bool ignore_self, + bool rem) { + + int r; + + assert(cfrom); + assert(pfrom); + assert(cto); + assert(pto); + + r = cg_migrate_recursive(cfrom, pfrom, cto, pto, ignore_self, rem); + if (r < 0) { + char prefix[strlen(pto) + 1]; + + /* This didn't work? Then let's try all prefixes of the destination */ + + PATH_FOREACH_PREFIX(prefix, pto) { + r = cg_migrate_recursive(cfrom, pfrom, cto, prefix, ignore_self, rem); + if (r >= 0) + break; + } + } + + return 0; +} + static const char *normalize_controller(const char *controller) { assert(controller); if (streq(controller, SYSTEMD_CGROUP_CONTROLLER)) - return "systemd"; + return "elogind"; else if (startswith(controller, "name=")) return controller + 5; else @@ -477,19 +449,19 @@ static const char *normalize_controller(const char *controller) { static int join_path(const char *controller, const char *path, const char *suffix, char **fs) { char *t = NULL; - if (controller) { - if (path && suffix) + if (!isempty(controller)) { + if (!isempty(path) && !isempty(suffix)) t = strjoin("/sys/fs/cgroup/", controller, "/", path, "/", suffix, NULL); - else if (path) + else if (!isempty(path)) t = strjoin("/sys/fs/cgroup/", controller, "/", path, NULL); - else if (suffix) + else if (!isempty(suffix)) t = strjoin("/sys/fs/cgroup/", controller, "/", suffix, NULL); else t = strappend("/sys/fs/cgroup/", controller); } else { - if (path && suffix) + if (!isempty(path) && !isempty(suffix)) t = strjoin(path, "/", suffix, NULL); - else if (path) + else if (!isempty(path)) t = strdup(path); else return -EINVAL; @@ -498,15 +470,13 @@ static int join_path(const char *controller, const char *path, const char *suffi if (!t) return -ENOMEM; - path_kill_slashes(t); - - *fs = t; + *fs = path_kill_slashes(t); return 0; } int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) { const char *p; - static __thread bool good = false; + static thread_local bool good = false; assert(fs); @@ -517,8 +487,10 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch int r; r = path_is_mount_point("/sys/fs/cgroup", false); - if (r <= 0) - return r < 0 ? r : -ENOENT; + if (r < 0) + return r; + if (r == 0) + return -ENOENT; /* Cache this to save a few stat()s */ good = true; @@ -530,14 +502,16 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch } static int check_hierarchy(const char *p) { - char *cc; + const char *cc; assert(p); + if (!filename_is_valid(p)) + return 0; + /* Check if this controller actually really exists */ - cc = alloca(sizeof("/sys/fs/cgroup/") + strlen(p)); - strcpy(stpcpy(cc, "/sys/fs/cgroup/"), p); - if (access(cc, F_OK) < 0) + cc = strjoina("/sys/fs/cgroup/", p); + if (laccess(cc, F_OK) < 0) return -errno; return 0; @@ -564,8 +538,9 @@ int cg_get_path_and_check(const char *controller, const char *path, const char * } static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct FTW *ftwbuf) { - char *p; - bool is_sticky; + assert(path); + assert(sb); + assert(ftwbuf); if (typeflag != FTW_DP) return 0; @@ -573,18 +548,6 @@ static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct if (ftwbuf->level < 1) return 0; - p = strappend(path, "/tasks"); - if (!p) { - errno = ENOMEM; - return 1; - } - - is_sticky = file_is_priv_sticky(p) > 0; - free(p); - - if (is_sticky) - return 0; - rmdir(path); return 0; } @@ -604,19 +567,8 @@ int cg_trim(const char *controller, const char *path, bool delete_root) { r = errno ? -errno : -EIO; if (delete_root) { - bool is_sticky; - char *p; - - p = strappend(fs, "/tasks"); - if (!p) - return -ENOMEM; - - is_sticky = file_is_priv_sticky(p) > 0; - free(p); - - if (!is_sticky) - if (rmdir(fs) < 0 && errno != ENOENT && r == 0) - return -errno; + if (rmdir(fs) < 0 && errno != ENOENT) + return -errno; } return r; @@ -636,6 +588,46 @@ int cg_delete(const char *controller, const char *path) { return r == -ENOENT ? 0 : r; } +int cg_create(const char *controller, const char *path) { + _cleanup_free_ char *fs = NULL; + int r; + + r = cg_get_path_and_check(controller, path, NULL, &fs); + if (r < 0) + return r; + + r = mkdir_parents(fs, 0755); + if (r < 0) + return r; + + if (mkdir(fs, 0755) < 0) { + + if (errno == EEXIST) + return 0; + + return -errno; + } + + return 1; +} + +int cg_create_and_attach(const char *controller, const char *path, pid_t pid) { + int r, q; + + assert(pid >= 0); + + r = cg_create(controller, path); + if (r < 0) + return r; + + q = cg_attach(controller, path, pid); + if (q < 0) + return q; + + /* This does not remove the cgroup on failure */ + return r; +} + int cg_attach(const char *controller, const char *path, pid_t pid) { _cleanup_free_ char *fs = NULL; char c[DECIMAL_STR_MAX(pid_t) + 2]; @@ -644,16 +636,40 @@ int cg_attach(const char *controller, const char *path, pid_t pid) { assert(path); assert(pid >= 0); - r = cg_get_path_and_check(controller, path, "tasks", &fs); + r = cg_get_path_and_check(controller, path, "cgroup.procs", &fs); if (r < 0) return r; if (pid == 0) pid = getpid(); - snprintf(c, sizeof(c), "%lu\n", (unsigned long) pid); + snprintf(c, sizeof(c), PID_FMT"\n", pid); + + return write_string_file_no_create(fs, c); +} + +int cg_attach_fallback(const char *controller, const char *path, pid_t pid) { + int r; + + assert(controller); + assert(path); + assert(pid >= 0); + + r = cg_attach(controller, path, pid); + if (r < 0) { + char prefix[strlen(path) + 1]; + + /* This didn't work? Then let's try all prefixes of + * the destination */ + + PATH_FOREACH_PREFIX(prefix, path) { + r = cg_attach(controller, prefix, pid); + if (r >= 0) + break; + } + } - return write_string_file(fs, c); + return 0; } int cg_set_group_access( @@ -668,7 +684,7 @@ int cg_set_group_access( assert(path); - if (mode != (mode_t) -1) + if (mode != MODE_INVALID) mode &= 0777; r = cg_get_path(controller, path, NULL, &fs); @@ -683,52 +699,30 @@ int cg_set_task_access( const char *path, mode_t mode, uid_t uid, - gid_t gid, - int sticky) { + gid_t gid) { _cleanup_free_ char *fs = NULL, *procs = NULL; int r; assert(path); - if (mode == (mode_t) -1 && uid == (uid_t) -1 && gid == (gid_t) -1 && sticky < 0) + if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID) return 0; - if (mode != (mode_t) -1) + if (mode != MODE_INVALID) mode &= 0666; - r = cg_get_path(controller, path, "tasks", &fs); + r = cg_get_path(controller, path, "cgroup.procs", &fs); if (r < 0) return r; - if (sticky >= 0 && mode != (mode_t) -1) - /* Both mode and sticky param are passed */ - mode |= (sticky ? S_ISVTX : 0); - else if ((sticky >= 0 && mode == (mode_t) -1) || - (mode != (mode_t) -1 && sticky < 0)) { - struct stat st; - - /* Only one param is passed, hence read the current - * mode from the file itself */ - - r = lstat(fs, &st); - if (r < 0) - return -errno; - - if (mode == (mode_t) -1) - /* No mode set, we just shall set the sticky bit */ - mode = (st.st_mode & ~S_ISVTX) | (sticky ? S_ISVTX : 0); - else - /* Only mode set, leave sticky bit untouched */ - mode = (st.st_mode & ~0777) | mode; - } - r = chmod_and_chown(fs, mode, uid, gid); if (r < 0) return r; - /* Always keep values for "cgroup.procs" in sync with "tasks" */ - r = cg_get_path(controller, path, "cgroup.procs", &procs); + /* Compatibility, Always keep values for "tasks" in sync with + * "cgroup.procs" */ + r = cg_get_path(controller, path, "tasks", &procs); if (r < 0) return r; @@ -736,24 +730,24 @@ int cg_set_task_access( } int cg_pid_get_path(const char *controller, pid_t pid, char **path) { - char fs[sizeof("/proc/") - 1 + DECIMAL_STR_MAX(pid_t) + sizeof("/cgroup")]; _cleanup_fclose_ FILE *f = NULL; char line[LINE_MAX]; + const char *fs; size_t cs; assert(path); assert(pid >= 0); - if (controller && !cg_controller_is_valid(controller, true)) - return -EINVAL; + if (controller) { + if (!cg_controller_is_valid(controller, true)) + return -EINVAL; - if (!controller) + controller = normalize_controller(controller); + } else controller = SYSTEMD_CGROUP_CONTROLLER; - if (pid == 0) - pid = getpid(); + fs = procfs_file_alloca(pid, "cgroup"); - sprintf(fs, "/proc/%lu/cgroup", (unsigned long) pid); f = fopen(fs, "re"); if (!f) return errno == ENOENT ? -ESRCH : -errno; @@ -761,7 +755,10 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { cs = strlen(controller); FOREACH_LINE(line, f, return -errno) { - char *l, *p; + char *l, *p, *e; + size_t k; + const char *word, *state; + bool found = false; truncate_nl(line); @@ -770,13 +767,31 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { continue; l++; - if (!strneq(l, controller, cs)) + e = strchr(l, ':'); + if (!e) continue; - if (l[cs] != ':') + *e = 0; + + FOREACH_WORD_SEPARATOR(word, k, l, ",", state) { + + if (k == cs && memcmp(word, controller, cs) == 0) { + found = true; + break; + } + + if (k == 5 + cs && + memcmp(word, "name=", 5) == 0 && + memcmp(word+5, controller, cs) == 0) { + found = true; + break; + } + } + + if (!found) continue; - p = strdup(l + cs + 1); + p = strdup(e + 1); if (!p) return -ENOMEM; @@ -804,7 +819,7 @@ int cg_install_release_agent(const char *controller, const char *agent) { sc = strstrip(contents); if (sc[0] == 0) { - r = write_string_file(fs, agent); + r = write_string_file_no_create(fs, agent); if (r < 0) return r; } else if (!streq(sc, agent)) @@ -824,7 +839,7 @@ int cg_install_release_agent(const char *controller, const char *agent) { sc = strstrip(contents); if (streq(sc, "0")) { - r = write_string_file(fs, "1"); + r = write_string_file_no_create(fs, "1"); if (r < 0) return r; @@ -837,6 +852,32 @@ int cg_install_release_agent(const char *controller, const char *agent) { return 0; } +int cg_uninstall_release_agent(const char *controller) { + _cleanup_free_ char *fs = NULL; + int r; + + r = cg_get_path(controller, NULL, "notify_on_release", &fs); + if (r < 0) + return r; + + r = write_string_file_no_create(fs, "0"); + if (r < 0) + return r; + + free(fs); + fs = NULL; + + r = cg_get_path(controller, NULL, "release_agent", &fs); + if (r < 0) + return r; + + r = write_string_file_no_create(fs, ""); + if (r < 0) + return r; + + return 0; +} + int cg_is_empty(const char *controller, const char *path, bool ignore_self) { _cleanup_fclose_ FILE *f = NULL; pid_t pid = 0, self_pid; @@ -845,7 +886,7 @@ int cg_is_empty(const char *controller, const char *path, bool ignore_self) { assert(path); - r = cg_enumerate_tasks(controller, path, &f); + r = cg_enumerate_processes(controller, path, &f); if (r < 0) return r == -ENOENT ? 1 : r; @@ -866,19 +907,6 @@ int cg_is_empty(const char *controller, const char *path, bool ignore_self) { return !found; } -int cg_is_empty_by_spec(const char *spec, bool ignore_self) { - _cleanup_free_ char *controller = NULL, *path = NULL; - int r; - - assert(spec); - - r = cg_split_spec(spec, &controller, &path); - if (r < 0) - return r; - - return cg_is_empty(controller, path, ignore_self); -} - int cg_is_empty_recursive(const char *controller, const char *path, bool ignore_self) { _cleanup_closedir_ DIR *d = NULL; char *fn; @@ -929,8 +957,7 @@ int cg_split_spec(const char *spec, char **controller, char **path) { if (!t) return -ENOMEM; - path_kill_slashes(t); - *path = t; + *path = path_kill_slashes(t); } if (controller) @@ -969,19 +996,28 @@ int cg_split_spec(const char *spec, char **controller, char **path) { return -EINVAL; } - u = strdup(e+1); - if (!u) { - free(t); - return -ENOMEM; - } - if (!path_is_safe(u) || - !path_is_absolute(u)) { - free(t); - free(u); - return -EINVAL; - } + if (streq(e+1, "")) { + u = strdup("/"); + if (!u) { + free(t); + return -ENOMEM; + } + } else { + u = strdup(e+1); + if (!u) { + free(t); + return -ENOMEM; + } - path_kill_slashes(u); + if (!path_is_safe(u) || + !path_is_absolute(u)) { + free(t); + free(u); + return -EINVAL; + } + + path_kill_slashes(u); + } if (controller) *controller = t; @@ -996,33 +1032,6 @@ int cg_split_spec(const char *spec, char **controller, char **path) { return 0; } -int cg_join_spec(const char *controller, const char *path, char **spec) { - char *s; - - assert(path); - - if (!controller) - controller = "systemd"; - else { - if (!cg_controller_is_valid(controller, true)) - return -EINVAL; - - controller = normalize_controller(controller); - } - - if (!path_is_absolute(path)) - return -EINVAL; - - s = strjoin(controller, ":", path, NULL); - if (!s) - return -ENOMEM; - - path_kill_slashes(s + strlen(controller) + 1); - - *spec = s; - return 0; -} - int cg_mangle_path(const char *path, char **result) { _cleanup_free_ char *c = NULL, *p = NULL; char *t; @@ -1031,19 +1040,18 @@ int cg_mangle_path(const char *path, char **result) { assert(path); assert(result); - /* First check if it already is a filesystem path */ + /* First, check if it already is a filesystem path */ if (path_startswith(path, "/sys/fs/cgroup")) { t = strdup(path); if (!t) return -ENOMEM; - path_kill_slashes(t); - *result = t; + *result = path_kill_slashes(t); return 0; } - /* Otherwise treat it as cg spec */ + /* Otherwise, treat it as cg spec */ r = cg_split_spec(path, &c, &p); if (r < 0) return r; @@ -1051,519 +1059,414 @@ int cg_mangle_path(const char *path, char **result) { return cg_get_path(c ? c : SYSTEMD_CGROUP_CONTROLLER, p ? p : "/", NULL, result); } -int cg_get_system_path(char **path) { +int cg_get_root_path(char **path) { + assert(path); + + return cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 1, path); +} + +int cg_shift_path(const char *cgroup, const char *root, const char **shifted) { + _cleanup_free_ char *rt = NULL; char *p; int r; - assert(path); - - r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 1, &p); - if (r < 0) { - p = strdup("/system"); - if (!p) - return -ENOMEM; - } + assert(cgroup); + assert(shifted); - if (endswith(p, "/system")) - *path = p; - else { - char *q; + if (!root) { + /* If the root was specified let's use that, otherwise + * let's determine it from PID 1 */ - q = strappend(p, "/system"); - free(p); - if (!q) - return -ENOMEM; + r = cg_get_root_path(&rt); + if (r < 0) + return r; - *path = q; + root = rt; } + p = path_startswith(cgroup, root); + if (p) + *shifted = p - 1; + else + *shifted = cgroup; + return 0; } -int cg_get_root_path(char **path) { - char *root, *e; +int cg_pid_get_path_shifted(pid_t pid, const char *root, char **cgroup) { + _cleanup_free_ char *raw = NULL; + const char *c; int r; - assert(path); + assert(pid >= 0); + assert(cgroup); - r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 1, &root); + r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &raw); if (r < 0) return r; - e = endswith(root, "/system"); - if (e == root) - e[1] = 0; - else if (e) - *e = 0; + r = cg_shift_path(raw, root, &c); + if (r < 0) + return r; + + if (c == raw) { + *cgroup = raw; + raw = NULL; + } else { + char *n; + + n = strdup(c); + if (!n) + return -ENOMEM; + + *cgroup = n; + } - *path = root; return 0; } -int cg_get_user_path(char **path) { - _cleanup_free_ char *root = NULL; - char *p; +int cg_path_get_session(const char *path, char **session) { + const char *e, *n, *s; - assert(path); + /* Elogind uses a flat hierarchy, just "/SESSION". The only + wrinkle is that SESSION might be escaped. */ - /* Figure out the place to put user cgroups below. We use the - * same as PID 1 has but with the "/system" suffix replaced by - * "/user" */ + assert(path); + assert(path[0] == '/'); - if (cg_get_root_path(&root) < 0 || streq(root, "/")) - p = strdup("/user"); - else - p = strappend(root, "/user"); - - if (!p) - return -ENOMEM; - - *path = p; - return 0; -} - -int cg_get_machine_path(char **path) { - _cleanup_free_ char *root = NULL; - char *p; - - assert(path); - - if (cg_get_root_path(&root) < 0 || streq(root, "/")) - p = strdup("/machine"); - else - p = strappend(root, "/machine"); - - if (!p) - return -ENOMEM; - - *path = p; - return 0; -} - -char **cg_shorten_controllers(char **controllers) { - char **f, **t; - - if (!controllers) - return controllers; - - for (f = controllers, t = controllers; *f; f++) { - const char *p; - int r; + e = path + 1; + n = strchrnul(e, '/'); + if (e == n) + return -ENOENT; - p = normalize_controller(*f); + s = strndupa(e, n - e); + s = cg_unescape(s); - if (streq(p, "systemd")) { - free(*f); - continue; - } + if (!s[0]) + return -ENOENT; - if (!cg_controller_is_valid(p, true)) { - log_warning("Controller %s is not valid, removing from controllers list.", p); - free(*f); - continue; - } + if (session) { + char *r; - r = check_hierarchy(p); - if (r < 0) { - log_debug("Controller %s is not available, removing from controllers list.", p); - free(*f); - continue; - } + r = strdup(s); + if (!r) + return -ENOMEM; - *(t++) = *f; + *session = r; } - *t = NULL; - return strv_uniq(controllers); + return 0; } -int cg_pid_get_path_shifted(pid_t pid, char **root, char **cgroup) { - _cleanup_free_ char *cg_root = NULL; - char *cg_process, *p; +int cg_pid_get_session(pid_t pid, char **session) { + _cleanup_free_ char *cgroup = NULL; int r; - r = cg_get_root_path(&cg_root); - if (r < 0) - return r; - - r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &cg_process); + r = cg_pid_get_path_shifted(pid, NULL, &cgroup); if (r < 0) return r; - p = path_startswith(cg_process, cg_root); - if (p) - p--; - else - p = cg_process; - - if (cgroup) { - char* c; - - c = strdup(p); - if (!c) { - free(cg_process); - return -ENOMEM; - } - - *cgroup = c; - } - - if (root) { - cg_process[p-cg_process] = 0; - *root = cg_process; - } else - free(cg_process); - - return 0; + return cg_path_get_session(cgroup, session); } -int cg_path_decode_unit(const char *cgroup, char **unit){ - char *p, *e, *c, *s, *k; - - assert(cgroup); - assert(unit); +char *cg_escape(const char *p) { + bool need_prefix = false; - e = strchrnul(cgroup, '/'); - c = strndupa(cgroup, e - cgroup); - c = cg_unescape(c); + /* This implements very minimal escaping for names to be used + * as file names in the cgroup tree: any name which might + * conflict with a kernel name or is prefixed with '_' is + * prefixed with a '_'. That way, when reading cgroup names it + * is sufficient to remove a single prefixing underscore if + * there is one. */ - /* Could this be a valid unit name? */ - if (!unit_name_is_valid(c, true)) - return -EINVAL; + /* The return value of this function (unlike cg_unescape()) + * needs free()! */ - if (!unit_name_is_template(c)) - s = strdup(c); + if (p[0] == 0 || + p[0] == '_' || + p[0] == '.' || + streq(p, "notify_on_release") || + streq(p, "release_agent") || + streq(p, "tasks")) + need_prefix = true; else { - if (*e != '/') - return -EINVAL; + const char *dot; - e += strspn(e, "/"); + dot = strrchr(p, '.'); + if (dot) { - p = strchrnul(e, '/'); - k = strndupa(e, p - e); - k = cg_unescape(k); + if (dot - p == 6 && memcmp(p, "cgroup", 6) == 0) + need_prefix = true; + else { + char *n; - if (!unit_name_is_valid(k, false)) - return -EINVAL; + n = strndupa(p, dot - p); - s = strdup(k); + if (check_hierarchy(n) >= 0) + need_prefix = true; + } + } } - if (!s) - return -ENOMEM; - - *unit = s; - return 0; -} - -int cg_path_get_unit(const char *path, char **unit) { - const char *e; - - assert(path); - assert(unit); - - e = path_startswith(path, "/system/"); - if (!e) - return -ENOENT; - - return cg_path_decode_unit(e, unit); + if (need_prefix) + return strappend("_", p); + else + return strdup(p); } -int cg_pid_get_unit(pid_t pid, char **unit) { - _cleanup_free_ char *cgroup = NULL; - int r; +char *cg_unescape(const char *p) { + assert(p); - assert(unit); + /* The return value of this function (unlike cg_escape()) + * doesn't need free()! */ - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); - if (r < 0) - return r; + if (p[0] == '_') + return (char*) p+1; - return cg_path_get_unit(cgroup, unit); + return (char*) p; } -static const char *skip_label(const char *e) { - assert(e); +#define CONTROLLER_VALID \ + DIGITS LETTERS \ + "_" - e = strchr(e, '/'); - if (!e) - return NULL; +bool cg_controller_is_valid(const char *p, bool allow_named) { + const char *t, *s; - e += strspn(e, "/"); - return e; -} + if (!p) + return false; -int cg_path_get_user_unit(const char *path, char **unit) { - const char *e; + if (allow_named) { + s = startswith(p, "name="); + if (s) + p = s; + } - assert(path); - assert(unit); + if (*p == 0 || *p == '_') + return false; - /* We always have to parse the path from the beginning as unit - * cgroups might have arbitrary child cgroups and we shouldn't get - * confused by those */ + for (t = p; *t; t++) + if (!strchr(CONTROLLER_VALID, *t)) + return false; - e = path_startswith(path, "/user/"); - if (!e) - return -ENOENT; + if (t - p > FILENAME_MAX) + return false; - /* Skip the user name */ - e = skip_label(e); - if (!e) - return -ENOENT; + return true; +} - /* Skip the session ID */ - e = skip_label(e); - if (!e) - return -ENOENT; +int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value) { + _cleanup_free_ char *p = NULL; + int r; - /* Skip the systemd cgroup */ - e = skip_label(e); - if (!e) - return -ENOENT; + r = cg_get_path(controller, path, attribute, &p); + if (r < 0) + return r; - return cg_path_decode_unit(e, unit); + return write_string_file_no_create(p, value); } -int cg_pid_get_user_unit(pid_t pid, char **unit) { - _cleanup_free_ char *cgroup = NULL; +int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) { + _cleanup_free_ char *p = NULL; int r; - assert(unit); - - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); + r = cg_get_path(controller, path, attribute, &p); if (r < 0) return r; - return cg_path_get_user_unit(cgroup, unit); + return read_one_line_file(p, ret); } -int cg_path_get_machine_name(const char *path, char **machine) { - const char *e, *n; - char *s, *r; +static const char mask_names[] = + "cpu\0" + "cpuacct\0" + "blkio\0" + "memory\0" + "devices\0"; - assert(path); - assert(machine); +int cg_create_everywhere(CGroupControllerMask supported, CGroupControllerMask mask, const char *path) { + CGroupControllerMask bit = 1; + const char *n; + int r; - e = path_startswith(path, "/machine/"); - if (!e) - return -ENOENT; + /* This one will create a cgroup in our private tree, but also + * duplicate it in the trees specified in mask, and remove it + * in all others */ - n = strchrnul(e, '/'); - if (e == n) - return -ENOENT; + /* First create the cgroup in our own hierarchy. */ + r = cg_create(SYSTEMD_CGROUP_CONTROLLER, path); + if (r < 0) + return r; - s = strndupa(e, n - e); + /* Then, do the same in the other hierarchies */ + NULSTR_FOREACH(n, mask_names) { + if (mask & bit) + cg_create(n, path); + else if (supported & bit) + cg_trim(n, path, true); - r = strdup(cg_unescape(s)); - if (!r) - return -ENOMEM; + bit <<= 1; + } - *machine = r; return 0; } -int cg_pid_get_machine_name(pid_t pid, char **machine) { - _cleanup_free_ char *cgroup = NULL; +int cg_attach_everywhere(CGroupControllerMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) { + CGroupControllerMask bit = 1; + const char *n; int r; - assert(machine); - - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); + r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, path, pid); if (r < 0) return r; - return cg_path_get_machine_name(cgroup, machine); -} + NULSTR_FOREACH(n, mask_names) { -int cg_path_get_session(const char *path, char **session) { - const char *e, *n; - char *s; + if (supported & bit) { + const char *p = NULL; - assert(path); - assert(session); + if (path_callback) + p = path_callback(bit, userdata); - e = path_startswith(path, "/user/"); - if (!e) - return -ENOENT; - - /* Skip the user name */ - e = skip_label(e); - if (!e) - return -ENOENT; + if (!p) + p = path; - n = strchrnul(e, '/'); - if (n - e < 8) - return -ENOENT; - if (memcmp(n - 8, ".session", 8) != 0) - return -ENOENT; + cg_attach_fallback(n, path, pid); + } - s = strndup(e, n - e - 8); - if (!s) - return -ENOMEM; + bit <<= 1; + } - *session = s; return 0; } -int cg_pid_get_session(pid_t pid, char **session) { - _cleanup_free_ char *cgroup = NULL; - int r; +int cg_attach_many_everywhere(CGroupControllerMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) { + Iterator i; + void *pidp; + int r = 0; - assert(session); + SET_FOREACH(pidp, pids, i) { + pid_t pid = PTR_TO_LONG(pidp); + int q; - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); - if (r < 0) - return r; + q = cg_attach_everywhere(supported, path, pid, path_callback, userdata); + if (q < 0) + r = q; + } - return cg_path_get_session(cgroup, session); + return r; } -int cg_path_get_owner_uid(const char *path, uid_t *uid) { - const char *e, *n; - char *s; +int cg_migrate_everywhere(CGroupControllerMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) { + CGroupControllerMask bit = 1; + const char *n; + int r; - assert(path); - assert(uid); + if (!path_equal(from, to)) { + r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, false, true); + if (r < 0) + return r; + } - e = path_startswith(path, "/user/"); - if (!e) - return -ENOENT; + NULSTR_FOREACH(n, mask_names) { + if (supported & bit) { + const char *p = NULL; - n = strchrnul(e, '/'); - if (n - e < 5) - return -ENOENT; - if (memcmp(n - 5, ".user", 5) != 0) - return -ENOENT; + if (to_callback) + p = to_callback(bit, userdata); - s = strndupa(e, n - e - 5); - if (!s) - return -ENOMEM; + if (!p) + p = to; - return parse_uid(s, uid); + cg_migrate_recursive_fallback(SYSTEMD_CGROUP_CONTROLLER, to, n, p, false, false); + } + + bit <<= 1; + } + + return 0; } -int cg_pid_get_owner_uid(pid_t pid, uid_t *uid) { - _cleanup_free_ char *cgroup = NULL; +int cg_trim_everywhere(CGroupControllerMask supported, const char *path, bool delete_root) { + CGroupControllerMask bit = 1; + const char *n; int r; - assert(uid); - - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); + r = cg_trim(SYSTEMD_CGROUP_CONTROLLER, path, delete_root); if (r < 0) return r; - return cg_path_get_owner_uid(cgroup, uid); -} - -int cg_controller_from_attr(const char *attr, char **controller) { - const char *dot; - char *c; - - assert(attr); - assert(controller); - - if (!filename_is_safe(attr)) - return -EINVAL; - - dot = strchr(attr, '.'); - if (!dot) { - *controller = NULL; - return 0; - } - - c = strndup(attr, dot - attr); - if (!c) - return -ENOMEM; + NULSTR_FOREACH(n, mask_names) { + if (supported & bit) + cg_trim(n, path, delete_root); - if (!cg_controller_is_valid(c, false)) { - free(c); - return -EINVAL; + bit <<= 1; } - *controller = c; - return 1; + return 0; } -char *cg_escape(const char *p) { - bool need_prefix = false; +CGroupControllerMask cg_mask_supported(void) { + CGroupControllerMask bit = 1, mask = 0; + const char *n; - /* This implements very minimal escaping for names to be used - * as file names in the cgroup tree: any name which might - * conflict with a kernel name or is prefixed with '_' is - * prefixed with a '_'. That way, when reading cgroup names it - * is sufficient to remove a single prefixing underscore if - * there is one. */ - - /* The return value of this function (unlike cg_unescape()) - * needs free()! */ + NULSTR_FOREACH(n, mask_names) { + if (check_hierarchy(n) >= 0) + mask |= bit; - if (p[0] == '_' || streq(p, "notify_on_release") || streq(p, "release_agent") || streq(p, "tasks")) - need_prefix = true; - else { - const char *dot; + bit <<= 1; + } - dot = strrchr(p, '.'); - if (dot) { + return mask; +} - if (dot - p == 6 && memcmp(p, "cgroup", 6) == 0) - need_prefix = true; - else { - char *n; +int cg_kernel_controllers(Set *controllers) { + _cleanup_fclose_ FILE *f = NULL; + char buf[LINE_MAX]; + int r; - n = strndupa(p, dot - p); + assert(controllers); - if (check_hierarchy(n) >= 0) - need_prefix = true; - } - } + f = fopen("/proc/cgroups", "re"); + if (!f) { + if (errno == ENOENT) + return 0; + return -errno; } - if (need_prefix) - return strappend("_", p); - else - return strdup(p); -} + /* Ignore the header line */ + (void) fgets(buf, sizeof(buf), f); -char *cg_unescape(const char *p) { - assert(p); + for (;;) { + char *controller; + int enabled = 0; - /* The return value of this function (unlike cg_escape()) - * doesn't need free()! */ + errno = 0; + if (fscanf(f, "%ms %*i %*i %i", &controller, &enabled) != 2) { - if (p[0] == '_') - return (char*) p+1; + if (feof(f)) + break; - return (char*) p; -} + if (ferror(f) && errno) + return -errno; -#define CONTROLLER_VALID \ - "0123456789" \ - "abcdefghijklmnopqrstuvwxyz" \ - "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ - "_" + return -EBADMSG; + } -bool cg_controller_is_valid(const char *p, bool allow_named) { - const char *t, *s; + if (!enabled) { + free(controller); + continue; + } - if (!p) - return false; + if (!filename_is_valid(controller)) { + free(controller); + return -EBADMSG; + } - if (allow_named) { - s = startswith(p, "name="); - if (s) - p = s; + r = set_consume(controllers, controller); + if (r < 0) + return r; } - if (*p == 0 || *p == '_') - return false; - - for (t = p; *t; t++) - if (!strchr(CONTROLLER_VALID, *t)) - return false; - - if (t - p > FILENAME_MAX) - return false; - - return true; + return 0; }