X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fshared%2Fcgroup-util.c;h=78270b3fa93116bc1697166540d9b070196350f5;hp=390259e3e43c5e28b18de5b18494a43291fa0b75;hb=8eb444001b790b0c16369ceb1420afde4c1e5b24;hpb=374ec6abf31ada6ca554cc8ea99b282373fac010 diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c index 390259e3e..78270b3fa 100644 --- a/src/shared/cgroup-util.c +++ b/src/shared/cgroup-util.c @@ -30,15 +30,16 @@ #include #include "cgroup-util.h" -#include "log.h" #include "set.h" #include "macro.h" #include "util.h" +#include "formats-util.h" #include "path-util.h" -#include "strv.h" #include "unit-name.h" #include "fileio.h" #include "special.h" +#include "mkdir.h" +#include "login-shared.h" int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) { _cleanup_free_ char *fs = NULL; @@ -160,7 +161,7 @@ int cg_kill(const char *controller, const char *path, int sig, bool sigcont, boo * tasks list, to properly handle forking processes */ if (!s) { - s = allocated_set = set_new(trivial_hash_func, trivial_compare_func); + s = allocated_set = set_new(NULL); if (!s) return -ENOMEM; } @@ -193,12 +194,12 @@ int cg_kill(const char *controller, const char *path, int sig, bool sigcont, boo if (kill(pid, sig) < 0) { if (ret >= 0 && errno != ESRCH) ret = -errno; - } else if (ret == 0) { - - if (sigcont) + } else { + if (sigcont && sig != SIGKILL) kill(pid, SIGCONT); - ret = 1; + if (ret == 0) + ret = 1; } done = false; @@ -238,7 +239,7 @@ int cg_kill_recursive(const char *controller, const char *path, int sig, bool si assert(sig >= 0); if (!s) { - s = allocated_set = set_new(trivial_hash_func, trivial_compare_func); + s = allocated_set = set_new(NULL); if (!s) return -ENOMEM; } @@ -278,37 +279,6 @@ int cg_kill_recursive(const char *controller, const char *path, int sig, bool si return ret; } -int cg_kill_recursive_and_wait(const char *controller, const char *path, bool rem) { - unsigned i; - - assert(path); - - /* This safely kills all processes; first it sends a SIGTERM, - * then checks 8 times after 200ms whether the group is now - * empty, then kills everything that is left with SIGKILL and - * finally checks 5 times after 200ms each whether the group - * is finally empty. */ - - for (i = 0; i < 15; i++) { - int sig, r; - - if (i <= 0) - sig = SIGTERM; - else if (i == 9) - sig = SIGKILL; - else - sig = 0; - - r = cg_kill_recursive(controller, path, sig, true, true, rem, NULL); - if (r <= 0) - return r; - - usleep(200 * USEC_PER_MSEC); - } - - return 0; -} - int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self) { bool done = false; _cleanup_set_free_ Set *s = NULL; @@ -320,7 +290,7 @@ int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char assert(cto); assert(pto); - s = set_new(trivial_hash_func, trivial_compare_func); + s = set_new(NULL); if (!s) return -ENOMEM; @@ -435,6 +405,37 @@ int cg_migrate_recursive( return ret; } +int cg_migrate_recursive_fallback( + const char *cfrom, + const char *pfrom, + const char *cto, + const char *pto, + bool ignore_self, + bool rem) { + + int r; + + assert(cfrom); + assert(pfrom); + assert(cto); + assert(pto); + + r = cg_migrate_recursive(cfrom, pfrom, cto, pto, ignore_self, rem); + if (r < 0) { + char prefix[strlen(pto) + 1]; + + /* This didn't work? Then let's try all prefixes of the destination */ + + PATH_FOREACH_PREFIX(prefix, pto) { + r = cg_migrate_recursive(cfrom, pfrom, cto, prefix, ignore_self, rem); + if (r >= 0) + break; + } + } + + return 0; +} + static const char *normalize_controller(const char *controller) { assert(controller); @@ -471,15 +472,13 @@ static int join_path(const char *controller, const char *path, const char *suffi if (!t) return -ENOMEM; - path_kill_slashes(t); - - *fs = t; + *fs = path_kill_slashes(t); return 0; } int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) { const char *p; - static __thread bool good = false; + static thread_local bool good = false; assert(fs); @@ -490,8 +489,10 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch int r; r = path_is_mount_point("/sys/fs/cgroup", false); - if (r <= 0) - return r < 0 ? r : -ENOENT; + if (r < 0) + return r; + if (r == 0) + return -ENOENT; /* Cache this to save a few stat()s */ good = true; @@ -503,14 +504,16 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch } static int check_hierarchy(const char *p) { - char *cc; + const char *cc; assert(p); + if (!filename_is_valid(p)) + return 0; + /* Check if this controller actually really exists */ - cc = alloca(sizeof("/sys/fs/cgroup/") + strlen(p)); - strcpy(stpcpy(cc, "/sys/fs/cgroup/"), p); - if (access(cc, F_OK) < 0) + cc = strjoina("/sys/fs/cgroup/", p); + if (laccess(cc, F_OK) < 0) return -errno; return 0; @@ -587,6 +590,46 @@ int cg_delete(const char *controller, const char *path) { return r == -ENOENT ? 0 : r; } +int cg_create(const char *controller, const char *path) { + _cleanup_free_ char *fs = NULL; + int r; + + r = cg_get_path_and_check(controller, path, NULL, &fs); + if (r < 0) + return r; + + r = mkdir_parents(fs, 0755); + if (r < 0) + return r; + + if (mkdir(fs, 0755) < 0) { + + if (errno == EEXIST) + return 0; + + return -errno; + } + + return 1; +} + +int cg_create_and_attach(const char *controller, const char *path, pid_t pid) { + int r, q; + + assert(pid >= 0); + + r = cg_create(controller, path); + if (r < 0) + return r; + + q = cg_attach(controller, path, pid); + if (q < 0) + return q; + + /* This does not remove the cgroup on failure */ + return r; +} + int cg_attach(const char *controller, const char *path, pid_t pid) { _cleanup_free_ char *fs = NULL; char c[DECIMAL_STR_MAX(pid_t) + 2]; @@ -602,9 +645,33 @@ int cg_attach(const char *controller, const char *path, pid_t pid) { if (pid == 0) pid = getpid(); - snprintf(c, sizeof(c), "%lu\n", (unsigned long) pid); + snprintf(c, sizeof(c), PID_FMT"\n", pid); + + return write_string_file_no_create(fs, c); +} + +int cg_attach_fallback(const char *controller, const char *path, pid_t pid) { + int r; + + assert(controller); + assert(path); + assert(pid >= 0); + + r = cg_attach(controller, path, pid); + if (r < 0) { + char prefix[strlen(path) + 1]; + + /* This didn't work? Then let's try all prefixes of + * the destination */ + + PATH_FOREACH_PREFIX(prefix, path) { + r = cg_attach(controller, prefix, pid); + if (r >= 0) + break; + } + } - return write_string_file(fs, c); + return 0; } int cg_set_group_access( @@ -619,7 +686,7 @@ int cg_set_group_access( assert(path); - if (mode != (mode_t) -1) + if (mode != MODE_INVALID) mode &= 0777; r = cg_get_path(controller, path, NULL, &fs); @@ -641,10 +708,10 @@ int cg_set_task_access( assert(path); - if (mode == (mode_t) -1 && uid == (uid_t) -1 && gid == (gid_t) -1) + if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID) return 0; - if (mode != (mode_t) -1) + if (mode != MODE_INVALID) mode &= 0666; r = cg_get_path(controller, path, "cgroup.procs", &fs); @@ -681,10 +748,7 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { } else controller = SYSTEMD_CGROUP_CONTROLLER; - if (pid == 0) - fs = "/proc/self/cgroup"; - else - fs = procfs_file_alloca(pid, "cgroup"); + fs = procfs_file_alloca(pid, "cgroup"); f = fopen(fs, "re"); if (!f) @@ -693,9 +757,9 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { cs = strlen(controller); FOREACH_LINE(line, f, return -errno) { - char *l, *p, *w, *e; + char *l, *p, *e; size_t k; - char *state; + const char *word, *state; bool found = false; truncate_nl(line); @@ -711,16 +775,16 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { *e = 0; - FOREACH_WORD_SEPARATOR(w, k, l, ",", state) { + FOREACH_WORD_SEPARATOR(word, k, l, ",", state) { - if (k == cs && memcmp(w, controller, cs) == 0) { + if (k == cs && memcmp(word, controller, cs) == 0) { found = true; break; } if (k == 5 + cs && - memcmp(w, "name=", 5) == 0 && - memcmp(w+5, controller, cs) == 0) { + memcmp(word, "name=", 5) == 0 && + memcmp(word+5, controller, cs) == 0) { found = true; break; } @@ -757,7 +821,7 @@ int cg_install_release_agent(const char *controller, const char *agent) { sc = strstrip(contents); if (sc[0] == 0) { - r = write_string_file(fs, agent); + r = write_string_file_no_create(fs, agent); if (r < 0) return r; } else if (!streq(sc, agent)) @@ -777,7 +841,7 @@ int cg_install_release_agent(const char *controller, const char *agent) { sc = strstrip(contents); if (streq(sc, "0")) { - r = write_string_file(fs, "1"); + r = write_string_file_no_create(fs, "1"); if (r < 0) return r; @@ -790,6 +854,32 @@ int cg_install_release_agent(const char *controller, const char *agent) { return 0; } +int cg_uninstall_release_agent(const char *controller) { + _cleanup_free_ char *fs = NULL; + int r; + + r = cg_get_path(controller, NULL, "notify_on_release", &fs); + if (r < 0) + return r; + + r = write_string_file_no_create(fs, "0"); + if (r < 0) + return r; + + free(fs); + fs = NULL; + + r = cg_get_path(controller, NULL, "release_agent", &fs); + if (r < 0) + return r; + + r = write_string_file_no_create(fs, ""); + if (r < 0) + return r; + + return 0; +} + int cg_is_empty(const char *controller, const char *path, bool ignore_self) { _cleanup_fclose_ FILE *f = NULL; pid_t pid = 0, self_pid; @@ -819,19 +909,6 @@ int cg_is_empty(const char *controller, const char *path, bool ignore_self) { return !found; } -int cg_is_empty_by_spec(const char *spec, bool ignore_self) { - _cleanup_free_ char *controller = NULL, *path = NULL; - int r; - - assert(spec); - - r = cg_split_spec(spec, &controller, &path); - if (r < 0) - return r; - - return cg_is_empty(controller, path, ignore_self); -} - int cg_is_empty_recursive(const char *controller, const char *path, bool ignore_self) { _cleanup_closedir_ DIR *d = NULL; char *fn; @@ -882,8 +959,7 @@ int cg_split_spec(const char *spec, char **controller, char **path) { if (!t) return -ENOMEM; - path_kill_slashes(t); - *path = t; + *path = path_kill_slashes(t); } if (controller) @@ -922,19 +998,28 @@ int cg_split_spec(const char *spec, char **controller, char **path) { return -EINVAL; } - u = strdup(e+1); - if (!u) { - free(t); - return -ENOMEM; - } - if (!path_is_safe(u) || - !path_is_absolute(u)) { - free(t); - free(u); - return -EINVAL; - } + if (streq(e+1, "")) { + u = strdup("/"); + if (!u) { + free(t); + return -ENOMEM; + } + } else { + u = strdup(e+1); + if (!u) { + free(t); + return -ENOMEM; + } + + if (!path_is_safe(u) || + !path_is_absolute(u)) { + free(t); + free(u); + return -EINVAL; + } - path_kill_slashes(u); + path_kill_slashes(u); + } if (controller) *controller = t; @@ -949,33 +1034,6 @@ int cg_split_spec(const char *spec, char **controller, char **path) { return 0; } -int cg_join_spec(const char *controller, const char *path, char **spec) { - char *s; - - assert(path); - - if (!controller) - controller = "systemd"; - else { - if (!cg_controller_is_valid(controller, true)) - return -EINVAL; - - controller = normalize_controller(controller); - } - - if (!path_is_absolute(path)) - return -EINVAL; - - s = strjoin(controller, ":", path, NULL); - if (!s) - return -ENOMEM; - - path_kill_slashes(s + strlen(controller) + 1); - - *spec = s; - return 0; -} - int cg_mangle_path(const char *path, char **result) { _cleanup_free_ char *c = NULL, *p = NULL; char *t; @@ -984,19 +1042,18 @@ int cg_mangle_path(const char *path, char **result) { assert(path); assert(result); - /* First check if it already is a filesystem path */ + /* First, check if it already is a filesystem path */ if (path_startswith(path, "/sys/fs/cgroup")) { t = strdup(path); if (!t) return -ENOMEM; - path_kill_slashes(t); - *result = t; + *result = path_kill_slashes(t); return 0; } - /* Otherwise treat it as cg spec */ + /* Otherwise, treat it as cg spec */ r = cg_split_spec(path, &c, &p); if (r < 0) return r; @@ -1022,123 +1079,116 @@ int cg_get_root_path(char **path) { return 0; } -char **cg_shorten_controllers(char **controllers) { - char **f, **t; - - if (!controllers) - return controllers; - - for (f = controllers, t = controllers; *f; f++) { - const char *p; - int r; - - p = normalize_controller(*f); +int cg_shift_path(const char *cgroup, const char *root, const char **shifted) { + _cleanup_free_ char *rt = NULL; + char *p; + int r; - if (streq(p, "systemd")) { - free(*f); - continue; - } + assert(cgroup); + assert(shifted); - if (!cg_controller_is_valid(p, true)) { - log_warning("Controller %s is not valid, removing from controllers list.", p); - free(*f); - continue; - } + if (!root) { + /* If the root was specified let's use that, otherwise + * let's determine it from PID 1 */ - r = check_hierarchy(p); - if (r < 0) { - log_debug("Controller %s is not available, removing from controllers list.", p); - free(*f); - continue; - } + r = cg_get_root_path(&rt); + if (r < 0) + return r; - *(t++) = *f; + root = rt; } - *t = NULL; - return strv_uniq(controllers); + p = path_startswith(cgroup, root); + if (p) + *shifted = p - 1; + else + *shifted = cgroup; + + return 0; } -int cg_pid_get_path_shifted(pid_t pid, char **root, char **cgroup) { - _cleanup_free_ char *cg_root = NULL; - char *cg_process, *p; +int cg_pid_get_path_shifted(pid_t pid, const char *root, char **cgroup) { + _cleanup_free_ char *raw = NULL; + const char *c; int r; - r = cg_get_root_path(&cg_root); + assert(pid >= 0); + assert(cgroup); + + r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &raw); if (r < 0) return r; - r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &cg_process); + r = cg_shift_path(raw, root, &c); if (r < 0) return r; - p = path_startswith(cg_process, cg_root); - if (p) - p--; - else - p = cg_process; - - if (cgroup) { - char* c; + if (c == raw) { + *cgroup = raw; + raw = NULL; + } else { + char *n; - c = strdup(p); - if (!c) { - free(cg_process); + n = strdup(c); + if (!n) return -ENOMEM; - } - *cgroup = c; + *cgroup = n; } - if (root) { - cg_process[p-cg_process] = 0; - *root = cg_process; - } else - free(cg_process); - return 0; } int cg_path_decode_unit(const char *cgroup, char **unit){ - char *p, *e, *c, *s, *k; + char *c, *s; + size_t n; assert(cgroup); assert(unit); - e = strchrnul(cgroup, '/'); - c = strndupa(cgroup, e - cgroup); + n = strcspn(cgroup, "/"); + if (n < 3) + return -ENXIO; + + c = strndupa(cgroup, n); c = cg_unescape(c); - /* Could this be a valid unit name? */ - if (!unit_name_is_valid(c, true)) - return -EINVAL; + if (!unit_name_is_valid(c, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) + return -ENXIO; - if (!unit_name_is_template(c)) - s = strdup(c); - else { - if (*e != '/') - return -EINVAL; + s = strdup(c); + if (!s) + return -ENOMEM; - e += strspn(e, "/"); + *unit = s; + return 0; +} - p = strchrnul(e, '/'); - k = strndupa(e, p - e); - k = cg_unescape(k); +static bool valid_slice_name(const char *p, size_t n) { - if (!unit_name_is_valid(k, false)) - return -EINVAL; + if (!p) + return false; - s = strdup(k); - } + if (n < strlen("x.slice")) + return false; - if (!s) - return -ENOMEM; + if (memcmp(p + n - 6, ".slice", 6) == 0) { + char buf[n+1], *c; - *unit = s; - return 0; + memcpy(buf, p, n); + buf[n] = 0; + + c = cg_unescape(buf); + + return unit_name_is_valid(c, UNIT_NAME_PLAIN); + } + + return false; } static const char *skip_slices(const char *p) { + assert(p); + /* Skips over all slice assignments */ for (;;) { @@ -1147,22 +1197,35 @@ static const char *skip_slices(const char *p) { p += strspn(p, "/"); n = strcspn(p, "/"); - if (n <= 6 || memcmp(p + n - 6, ".slice", 6) != 0) + if (!valid_slice_name(p, n)) return p; p += n; } } -int cg_path_get_unit(const char *path, char **unit) { +int cg_path_get_unit(const char *path, char **ret) { const char *e; + char *unit; + int r; assert(path); - assert(unit); + assert(ret); e = skip_slices(path); - return cg_path_decode_unit(e, unit); + r = cg_path_decode_unit(e, &unit); + if (r < 0) + return r; + + /* We skipped over the slices, don't accept any now */ + if (endswith(unit, ".slice")) { + free(unit); + return -ENXIO; + } + + *ret = unit; + return 0; } int cg_pid_get_unit(pid_t pid, char **unit) { @@ -1178,45 +1241,112 @@ int cg_pid_get_unit(pid_t pid, char **unit) { return cg_path_get_unit(cgroup, unit); } +/** + * Skip session-*.scope, but require it to be there. + */ static const char *skip_session(const char *p) { size_t n; - assert(p); + if (isempty(p)) + return NULL; p += strspn(p, "/"); n = strcspn(p, "/"); - if (n <= 12 || memcmp(p, "session-", 8) != 0 || memcmp(p + n - 6, ".scope", 6) != 0) + if (n < strlen("session-x.scope")) + return NULL; + + if (memcmp(p, "session-", 8) == 0 && memcmp(p + n - 6, ".scope", 6) == 0) { + char buf[n - 8 - 6 + 1]; + + memcpy(buf, p + 8, n - 8 - 6); + buf[n - 8 - 6] = 0; + + /* Note that session scopes never need unescaping, + * since they cannot conflict with the kernel's own + * names, hence we don't need to call cg_unescape() + * here. */ + + if (!session_id_valid(buf)) + return false; + + p += n; + p += strspn(p, "/"); + return p; + } + + return NULL; +} + +/** + * Skip user@*.service, but require it to be there. + */ +static const char *skip_user_manager(const char *p) { + size_t n; + + if (isempty(p)) return NULL; - p += n; p += strspn(p, "/"); - return p; + n = strcspn(p, "/"); + if (n < strlen("user@x.service")) + return NULL; + + if (memcmp(p, "user@", 5) == 0 && memcmp(p + n - 8, ".service", 8) == 0) { + char buf[n - 5 - 8 + 1]; + + memcpy(buf, p + 5, n - 5 - 8); + buf[n - 5 - 8] = 0; + + /* Note that user manager services never need unescaping, + * since they cannot conflict with the kernel's own + * names, hence we don't need to call cg_unescape() + * here. */ + + if (parse_uid(buf, NULL) < 0) + return NULL; + + p += n; + p += strspn(p, "/"); + + return p; + } + + return NULL; } -int cg_path_get_user_unit(const char *path, char **unit) { - const char *e; +static const char *skip_user_prefix(const char *path) { + const char *e, *t; assert(path); - assert(unit); - - /* We always have to parse the path from the beginning as unit - * cgroups might have arbitrary child cgroups and we shouldn't get - * confused by those */ /* Skip slices, if there are any */ e = skip_slices(path); - /* Skip the session scope, require that there is one */ - e = skip_session(e); - if (!e) - return -ENOENT; + /* Skip the user manager, if it's in the path now... */ + t = skip_user_manager(e); + if (t) + return t; + + /* Alternatively skip the user session if it is in the path... */ + return skip_session(e); +} + +int cg_path_get_user_unit(const char *path, char **ret) { + const char *t; + + assert(path); + assert(ret); - /* And skip more slices */ - e = skip_slices(e); + t = skip_user_prefix(path); + if (!t) + return -ENXIO; - return cg_path_decode_unit(e, unit); + /* And from here on it looks pretty much the same as for a + * system unit, hence let's use the same parser from here + * on. */ + return cg_path_get_unit(t, ret); } int cg_pid_get_user_unit(pid_t pid, char **unit) { @@ -1233,39 +1363,18 @@ int cg_pid_get_user_unit(pid_t pid, char **unit) { } int cg_path_get_machine_name(const char *path, char **machine) { - const char *e, *n, *x; - char *s, *r; - size_t l; - - assert(path); - assert(machine); - - /* Skip slices, if there are any */ - e = skip_slices(path); - - n = strchrnul(e, '/'); - if (e == n) - return -ENOENT; - - s = strndupa(e, n - e); - s = cg_unescape(s); - - x = startswith(s, "machine-"); - if (!x) - return -ENOENT; - if (!endswith(x, ".scope")) - return -ENOENT; + _cleanup_free_ char *u = NULL, *sl = NULL; + int r; - l = strlen(x); - if (l <= 6) - return -ENOENT; + r = cg_path_get_unit(path, &u); + if (r < 0) + return r; - r = strndup(x, l - 6); - if (!r) + sl = strjoin("/run/systemd/machines/unit:", u, NULL); + if (!sl) return -ENOMEM; - *machine = r; - return 0; + return readlink_malloc(sl, machine); } int cg_pid_get_machine_name(pid_t pid, char **machine) { @@ -1282,38 +1391,37 @@ int cg_pid_get_machine_name(pid_t pid, char **machine) { } int cg_path_get_session(const char *path, char **session) { - const char *e, *n, *x; - char *s, *r; - size_t l; + _cleanup_free_ char *unit = NULL; + char *start, *end; + int r; assert(path); - assert(session); - /* Skip slices, if there are any */ - e = skip_slices(path); + r = cg_path_get_unit(path, &unit); + if (r < 0) + return r; - n = strchrnul(e, '/'); - if (e == n) - return -ENOENT; + start = startswith(unit, "session-"); + if (!start) + return -ENXIO; + end = endswith(start, ".scope"); + if (!end) + return -ENXIO; - s = strndupa(e, n - e); - s = cg_unescape(s); + *end = 0; + if (!session_id_valid(start)) + return -ENXIO; - x = startswith(s, "session-"); - if (!x) - return -ENOENT; - if (!endswith(x, ".scope")) - return -ENOENT; + if (session) { + char *rr; - l = strlen(x); - if (l <= 6) - return -ENOENT; + rr = strdup(start); + if (!rr) + return -ENOMEM; - r = strndup(x, l - 6); - if (!r) - return -ENOMEM; + *session = rr; + } - *session = r; return 0; } @@ -1321,8 +1429,6 @@ int cg_pid_get_session(pid_t pid, char **session) { _cleanup_free_ char *cgroup = NULL; int r; - assert(session); - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); if (r < 0) return r; @@ -1332,36 +1438,33 @@ int cg_pid_get_session(pid_t pid, char **session) { int cg_path_get_owner_uid(const char *path, uid_t *uid) { _cleanup_free_ char *slice = NULL; - const char *e; - char *s; + char *start, *end; int r; assert(path); - assert(uid); r = cg_path_get_slice(path, &slice); if (r < 0) return r; - e = startswith(slice, "user-"); - if (!e) - return -ENOENT; - if (!endswith(slice, ".slice")) - return -ENOENT; + start = startswith(slice, "user-"); + if (!start) + return -ENXIO; + end = endswith(start, ".slice"); + if (!end) + return -ENXIO; - s = strndupa(e, strlen(e) - 6); - if (!s) - return -ENOMEM; + *end = 0; + if (parse_uid(start, uid) < 0) + return -ENXIO; - return parse_uid(s, uid); + return 0; } int cg_pid_get_owner_uid(pid_t pid, uid_t *uid) { _cleanup_free_ char *cgroup = NULL; int r; - assert(uid); - r = cg_pid_get_path_shifted(pid, NULL, &cgroup); if (r < 0) return r; @@ -1371,34 +1474,36 @@ int cg_pid_get_owner_uid(pid_t pid, uid_t *uid) { int cg_path_get_slice(const char *p, char **slice) { const char *e = NULL; - size_t m = 0; assert(p); assert(slice); + /* Finds the right-most slice unit from the beginning, but + * stops before we come to the first non-slice unit. */ + for (;;) { size_t n; p += strspn(p, "/"); n = strcspn(p, "/"); - if (n <= 6 || memcmp(p + n - 6, ".slice", 6) != 0) { - char *s; + if (!valid_slice_name(p, n)) { - if (!e) - return -ENOENT; + if (!e) { + char *s; - s = strndup(e, m); - if (!s) - return -ENOMEM; + s = strdup("-.slice"); + if (!s) + return -ENOMEM; - *slice = s; - return 0; + *slice = s; + return 0; + } + + return cg_path_decode_unit(e, slice); } e = p; - m = n; - p += n; } } @@ -1416,33 +1521,31 @@ int cg_pid_get_slice(pid_t pid, char **slice) { return cg_path_get_slice(cgroup, slice); } -int cg_controller_from_attr(const char *attr, char **controller) { - const char *dot; - char *c; +int cg_path_get_user_slice(const char *p, char **slice) { + const char *t; + assert(p); + assert(slice); - assert(attr); - assert(controller); + t = skip_user_prefix(p); + if (!t) + return -ENXIO; - if (!filename_is_safe(attr)) - return -EINVAL; + /* And now it looks pretty much the same as for a system + * slice, so let's just use the same parser from here on. */ + return cg_path_get_slice(t, slice); +} - dot = strchr(attr, '.'); - if (!dot) { - *controller = NULL; - return 0; - } +int cg_pid_get_user_slice(pid_t pid, char **slice) { + _cleanup_free_ char *cgroup = NULL; + int r; - c = strndup(attr, dot - attr); - if (!c) - return -ENOMEM; + assert(slice); - if (!cg_controller_is_valid(c, false)) { - free(c); - return -EINVAL; - } + r = cg_pid_get_path_shifted(pid, NULL, &cgroup); + if (r < 0) + return r; - *controller = c; - return 1; + return cg_path_get_user_slice(cgroup, slice); } char *cg_escape(const char *p) { @@ -1503,9 +1606,7 @@ char *cg_unescape(const char *p) { } #define CONTROLLER_VALID \ - "0123456789" \ - "abcdefghijklmnopqrstuvwxyz" \ - "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ + DIGITS LETTERS \ "_" bool cg_controller_is_valid(const char *p, bool allow_named) { @@ -1536,28 +1637,41 @@ bool cg_controller_is_valid(const char *p, bool allow_named) { int cg_slice_to_path(const char *unit, char **ret) { _cleanup_free_ char *p = NULL, *s = NULL, *e = NULL; const char *dash; + int r; assert(unit); assert(ret); - if (!unit_name_is_valid(unit, false)) + if (streq(unit, "-.slice")) { + char *x; + + x = strdup(""); + if (!x) + return -ENOMEM; + *ret = x; + return 0; + } + + if (!unit_name_is_valid(unit, UNIT_NAME_PLAIN)) return -EINVAL; if (!endswith(unit, ".slice")) return -EINVAL; - p = unit_name_to_prefix(unit); - if (!p) - return -ENOMEM; + r = unit_name_to_prefix(unit, &p); + if (r < 0) + return r; dash = strchr(p, '-'); while (dash) { _cleanup_free_ char *escaped = NULL; char n[dash - p + sizeof(".slice")]; - strcpy(stpncpy(n, p, dash - p), ".slice"); + if (isempty(dash + 1)) + return -EINVAL; - if (!unit_name_is_valid(n, false)) + strcpy(stpncpy(n, p, dash - p), ".slice"); + if (!unit_name_is_valid(n, UNIT_NAME_PLAIN)) return -EINVAL; escaped = cg_escape(n); @@ -1591,7 +1705,18 @@ int cg_set_attribute(const char *controller, const char *path, const char *attri if (r < 0) return r; - return write_string_file(p, value); + return write_string_file_no_create(p, value); +} + +int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) { + _cleanup_free_ char *p = NULL; + int r; + + r = cg_get_path(controller, path, attribute, &p); + if (r < 0) + return r; + + return read_one_line_file(p, ret); } static const char mask_names[] = @@ -1601,7 +1726,7 @@ static const char mask_names[] = "memory\0" "devices\0"; -int cg_create_with_mask(CGroupControllerMask mask, const char *path) { +int cg_create_everywhere(CGroupControllerMask supported, CGroupControllerMask mask, const char *path) { CGroupControllerMask bit = 1; const char *n; int r; @@ -1617,102 +1742,94 @@ int cg_create_with_mask(CGroupControllerMask mask, const char *path) { /* Then, do the same in the other hierarchies */ NULSTR_FOREACH(n, mask_names) { - if (bit & mask) + if (mask & bit) cg_create(n, path); - else + else if (supported & bit) cg_trim(n, path, true); bit <<= 1; } - return r; + return 0; } -int cg_attach_with_mask(CGroupControllerMask mask, const char *path, pid_t pid) { +int cg_attach_everywhere(CGroupControllerMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) { CGroupControllerMask bit = 1; const char *n; int r; r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, path, pid); + if (r < 0) + return r; NULSTR_FOREACH(n, mask_names) { - if (bit & mask) - cg_attach(n, path, pid); - else { - char prefix[strlen(path) + 1], *slash; - - /* OK, this one is a bit harder... Now we need - * to add to the closest parent cgroup we - * can find */ - strcpy(prefix, path); - while ((slash = strrchr(prefix, '/'))) { - int q; - *slash = 0; - - q = cg_attach(n, prefix, pid); - if (q >= 0) - break; - } + + if (supported & bit) { + const char *p = NULL; + + if (path_callback) + p = path_callback(bit, userdata); + + if (!p) + p = path; + + cg_attach_fallback(n, path, pid); } bit <<= 1; } - return r; + return 0; } -int cg_attach_many_with_mask(CGroupControllerMask mask, const char *path, Set* pids) { +int cg_attach_many_everywhere(CGroupControllerMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) { Iterator i; void *pidp; int r = 0; SET_FOREACH(pidp, pids, i) { pid_t pid = PTR_TO_LONG(pidp); - int k; + int q; - k = cg_attach_with_mask(mask, path, pid); - if (k < 0) - r = k; + q = cg_attach_everywhere(supported, path, pid, path_callback, userdata); + if (q < 0) + r = q; } return r; } -int cg_migrate_with_mask(CGroupControllerMask mask, const char *from, const char *to) { +int cg_migrate_everywhere(CGroupControllerMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) { CGroupControllerMask bit = 1; const char *n; int r; - if (path_equal(from, to)) - return 0; - - r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, false, true); + if (!path_equal(from, to)) { + r = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, from, SYSTEMD_CGROUP_CONTROLLER, to, false, true); + if (r < 0) + return r; + } NULSTR_FOREACH(n, mask_names) { - if (bit & mask) - cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, to, n, to, false, false); - else { - char prefix[strlen(to) + 1], *slash; + if (supported & bit) { + const char *p = NULL; - strcpy(prefix, to); - while ((slash = strrchr(prefix, '/'))) { - int q; + if (to_callback) + p = to_callback(bit, userdata); - *slash = 0; + if (!p) + p = to; - q = cg_migrate_recursive(SYSTEMD_CGROUP_CONTROLLER, to, n, prefix, false, false); - if (q >= 0) - break; - } + cg_migrate_recursive_fallback(SYSTEMD_CGROUP_CONTROLLER, to, n, p, false, false); } bit <<= 1; } - return r; + return 0; } -int cg_trim_with_mask(CGroupControllerMask mask, const char *path, bool delete_root) { +int cg_trim_everywhere(CGroupControllerMask supported, const char *path, bool delete_root) { CGroupControllerMask bit = 1; const char *n; int r; @@ -1722,13 +1839,13 @@ int cg_trim_with_mask(CGroupControllerMask mask, const char *path, bool delete_r return r; NULSTR_FOREACH(n, mask_names) { - if (bit & mask) + if (supported & bit) cg_trim(n, path, delete_root); bit <<= 1; } - return r; + return 0; } CGroupControllerMask cg_mask_supported(void) { @@ -1744,3 +1861,54 @@ CGroupControllerMask cg_mask_supported(void) { return mask; } + +int cg_kernel_controllers(Set *controllers) { + _cleanup_fclose_ FILE *f = NULL; + char buf[LINE_MAX]; + int r; + + assert(controllers); + + f = fopen("/proc/cgroups", "re"); + if (!f) { + if (errno == ENOENT) + return 0; + return -errno; + } + + /* Ignore the header line */ + (void) fgets(buf, sizeof(buf), f); + + for (;;) { + char *controller; + int enabled = 0; + + errno = 0; + if (fscanf(f, "%ms %*i %*i %i", &controller, &enabled) != 2) { + + if (feof(f)) + break; + + if (ferror(f) && errno) + return -errno; + + return -EBADMSG; + } + + if (!enabled) { + free(controller); + continue; + } + + if (!filename_is_valid(controller)) { + free(controller); + return -EBADMSG; + } + + r = set_consume(controllers, controller); + if (r < 0) + return r; + } + + return 0; +}