X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fshared%2Fcgroup-util.c;h=c17e1d4d1bde18080cd82a7ebb2b1bd6778a384f;hp=b2fb324a18c995255e954ff2bc5e644c5d8f0ba9;hb=3df82d5a8cdc510f518fd5e234ccb3233b748719;hpb=3474ae3c7e1981301d0b35bc89d759ca13f06e8f diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c index b2fb324a1..c17e1d4d1 100644 --- a/src/shared/cgroup-util.c +++ b/src/shared/cgroup-util.c @@ -34,17 +34,21 @@ #include "set.h" #include "macro.h" #include "util.h" +#include "path-util.h" +#include "strv.h" +#include "unit-name.h" +#include "fileio.h" int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) { char *fs; int r; FILE *f; - assert(controller); assert(path); assert(_f); - if ((r = cg_get_path(controller, path, "cgroup.procs", &fs)) < 0) + r = cg_get_path(controller, path, "cgroup.procs", &fs); + if (r < 0) return r; f = fopen(fs, "re"); @@ -62,11 +66,11 @@ int cg_enumerate_tasks(const char *controller, const char *path, FILE **_f) { int r; FILE *f; - assert(controller); assert(path); assert(_f); - if ((r = cg_get_path(controller, path, "tasks", &fs)) < 0) + r = cg_get_path(controller, path, "tasks", &fs); + if (r < 0) return r; f = fopen(fs, "re"); @@ -106,13 +110,13 @@ int cg_enumerate_subgroups(const char *controller, const char *path, DIR **_d) { int r; DIR *d; - assert(controller); assert(path); assert(_d); /* This is not recursive! */ - if ((r = cg_get_path(controller, path, NULL, &fs)) < 0) + r = cg_get_path(controller, path, NULL, &fs); + if (r < 0) return r; d = opendir(fs); @@ -372,18 +376,20 @@ int cg_kill_recursive_and_wait(const char *controller, const char *path, bool re return 0; } -int cg_migrate(const char *controller, const char *from, const char *to, bool ignore_self) { +int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self) { bool done = false; - Set *s; + _cleanup_set_free_ Set *s = NULL; int r, ret = 0; pid_t my_pid; - FILE *f = NULL; + _cleanup_fclose_ FILE *f = NULL; - assert(controller); - assert(from); - assert(to); + assert(cfrom); + assert(pfrom); + assert(cto); + assert(pto); - if (!(s = set_new(trivial_hash_func, trivial_compare_func))) + s = set_new(trivial_hash_func, trivial_compare_func); + if (!s) return -ENOMEM; my_pid = getpid(); @@ -392,11 +398,12 @@ int cg_migrate(const char *controller, const char *from, const char *to, bool ig pid_t pid = 0; done = true; - if ((r = cg_enumerate_tasks(controller, from, &f)) < 0) { + r = cg_enumerate_tasks(cfrom, pfrom, &f); + if (r < 0) { if (ret >= 0 && r != -ENOENT) ret = r; - goto finish; + return ret; } while ((r = cg_read_pid(f, &pid)) > 0) { @@ -410,7 +417,8 @@ int cg_migrate(const char *controller, const char *from, const char *to, bool ig if (set_get(s, LONG_TO_PTR(pid)) == LONG_TO_PTR(pid)) continue; - if ((r = cg_attach(controller, to, pid)) < 0) { + r = cg_attach(cto, pto, pid); + if (r < 0) { if (ret >= 0 && r != -ESRCH) ret = r; } else if (ret == 0) @@ -418,11 +426,12 @@ int cg_migrate(const char *controller, const char *from, const char *to, bool ig done = false; - if ((r = set_put(s, LONG_TO_PTR(pid))) < 0) { + r = set_put(s, LONG_TO_PTR(pid)); + if (r < 0) { if (ret >= 0) ret = r; - goto finish; + return ret; } } @@ -430,56 +439,48 @@ int cg_migrate(const char *controller, const char *from, const char *to, bool ig if (ret >= 0) ret = r; - goto finish; + return ret; } fclose(f); f = NULL; - } while (!done); -finish: - set_free(s); - - if (f) - fclose(f); - return ret; } -int cg_migrate_recursive(const char *controller, const char *from, const char *to, bool ignore_self, bool rem) { +int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self, bool rem) { int r, ret = 0; - DIR *d = NULL; + _cleanup_closedir_ DIR *d = NULL; char *fn; - assert(controller); - assert(from); - assert(to); + assert(cfrom); + assert(pfrom); + assert(cto); + assert(pto); - ret = cg_migrate(controller, from, to, ignore_self); + ret = cg_migrate(cfrom, pfrom, cto, pto, ignore_self); - if ((r = cg_enumerate_subgroups(controller, from, &d)) < 0) { + r = cg_enumerate_subgroups(cfrom, pfrom, &d); + if (r < 0) { if (ret >= 0 && r != -ENOENT) ret = r; - goto finish; + return ret; } while ((r = cg_read_subgroup(d, &fn)) > 0) { - char *p = NULL; + _cleanup_free_ char *p = NULL; - r = asprintf(&p, "%s/%s", from, fn); + p = strjoin(pfrom, "/", fn, NULL); free(fn); - - if (r < 0) { + if (!p) { if (ret >= 0) ret = -ENOMEM; - goto finish; + return ret; } - r = cg_migrate_recursive(controller, p, to, ignore_self, rem); - free(p); - + r = cg_migrate_recursive(cfrom, p, cto, pto, ignore_self, rem); if (r != 0 && ret >= 0) ret = r; } @@ -487,17 +488,11 @@ int cg_migrate_recursive(const char *controller, const char *from, const char *t if (r < 0 && ret >= 0) ret = r; - if (rem) - if ((r = cg_rmdir(controller, from, true)) < 0) { - if (ret >= 0 && - r != -ENOENT && - r != -EBUSY) - ret = r; - } - -finish: - if (d) - closedir(d); + if (rem) { + r = cg_rmdir(cfrom, pfrom, true); + if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY) + return r; + } return ret; } @@ -513,16 +508,26 @@ static const char *normalize_controller(const char *controller) { } static int join_path(const char *controller, const char *path, const char *suffix, char **fs) { - char *t; - - if (path && suffix) - t = join("/sys/fs/cgroup/", controller, "/", path, "/", suffix, NULL); - else if (path) - t = join("/sys/fs/cgroup/", controller, "/", path, NULL); - else if (suffix) - t = join("/sys/fs/cgroup/", controller, "/", suffix, NULL); - else - t = join("/sys/fs/cgroup/", controller, NULL); + char *t = NULL; + + if (!(controller || path)) + return -EINVAL; + + if (controller) { + if (path && suffix) + t = strjoin("/sys/fs/cgroup/", controller, "/", path, "/", suffix, NULL); + else if (path) + t = strjoin("/sys/fs/cgroup/", controller, "/", path, NULL); + else if (suffix) + t = strjoin("/sys/fs/cgroup/", controller, "/", suffix, NULL); + else + t = strjoin("/sys/fs/cgroup/", controller, NULL); + } else { + if (path && suffix) + t = strjoin(path, "/", suffix, NULL); + else if (path) + t = strdup(path); + } if (!t) return -ENOMEM; @@ -537,12 +542,8 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch const char *p; static __thread bool good = false; - assert(controller); assert(fs); - if (isempty(controller)) - return -EINVAL; - if (_unlikely_(!good)) { int r; @@ -554,14 +555,27 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch good = true; } - p = normalize_controller(controller); - + p = controller ? normalize_controller(controller) : NULL; return join_path(p, path, suffix, fs); } +static int check(const char *p) { + char *cc; + + assert(p); + + /* Check if this controller actually really exists */ + cc = alloca(sizeof("/sys/fs/cgroup/") + strlen(p)); + strcpy(stpcpy(cc, "/sys/fs/cgroup/"), p); + if (access(cc, F_OK) < 0) + return -errno; + + return 0; +} + int cg_get_path_and_check(const char *controller, const char *path, const char *suffix, char **fs) { const char *p; - char *cc; + int r; assert(controller); assert(fs); @@ -569,13 +583,13 @@ int cg_get_path_and_check(const char *controller, const char *path, const char * if (isempty(controller)) return -EINVAL; + /* Normalize the controller syntax */ p = normalize_controller(controller); /* Check if this controller actually really exists */ - cc = alloca(sizeof("/sys/fs/cgroup/") + strlen(p)); - strcpy(stpcpy(cc, "/sys/fs/cgroup/"), p); - if (access(cc, F_OK) < 0) - return -errno; + r = check(p); + if (r < 0) + return r; return join_path(p, path, suffix, fs); } @@ -653,19 +667,19 @@ int cg_delete(const char *controller, const char *path) { assert(controller); assert(path); - if ((r = parent_of_path(path, &parent)) < 0) + if ((r = path_get_parent(path, &parent)) < 0) return r; - r = cg_migrate_recursive(controller, path, parent, false, true); + r = cg_migrate_recursive(controller, path, controller, parent, false, true); free(parent); return r == -ENOENT ? 0 : r; } int cg_attach(const char *controller, const char *path, pid_t pid) { - char *fs; + _cleanup_free_ char *fs = NULL; + char c[DECIMAL_STR_MAX(pid_t) + 2]; int r; - char c[32]; assert(controller); assert(path); @@ -679,16 +693,18 @@ int cg_attach(const char *controller, const char *path, pid_t pid) { pid = getpid(); snprintf(c, sizeof(c), "%lu\n", (unsigned long) pid); - char_array_0(c); - r = write_one_line_file(fs, c); - free(fs); - - return r; + return write_string_file(fs, c); } -int cg_set_group_access(const char *controller, const char *path, mode_t mode, uid_t uid, gid_t gid) { - char *fs; +int cg_set_group_access( + const char *controller, + const char *path, + mode_t mode, + uid_t uid, + gid_t gid) { + + _cleanup_free_ char *fs = NULL; int r; assert(controller); @@ -701,14 +717,18 @@ int cg_set_group_access(const char *controller, const char *path, mode_t mode, u if (r < 0) return r; - r = chmod_and_chown(fs, mode, uid, gid); - free(fs); - - return r; + return chmod_and_chown(fs, mode, uid, gid); } -int cg_set_task_access(const char *controller, const char *path, mode_t mode, uid_t uid, gid_t gid, int sticky) { - char *fs; +int cg_set_task_access( + const char *controller, + const char *path, + mode_t mode, + uid_t uid, + gid_t gid, + int sticky) { + + _cleanup_free_ char *fs = NULL, *procs = NULL; int r; assert(controller); @@ -735,10 +755,8 @@ int cg_set_task_access(const char *controller, const char *path, mode_t mode, ui * mode from the file itself */ r = lstat(fs, &st); - if (r < 0) { - free(fs); + if (r < 0) return -errno; - } if (mode == (mode_t) -1) /* No mode set, we just shall set the sticky bit */ @@ -749,9 +767,15 @@ int cg_set_task_access(const char *controller, const char *path, mode_t mode, ui } r = chmod_and_chown(fs, mode, uid, gid); - free(fs); + if (r < 0) + return r; - return r; + /* Always keep values for "cgroup.procs" in sync with "tasks" */ + r = cg_get_path(controller, path, "cgroup.procs", &procs); + if (r < 0) + return r; + + return chmod_and_chown(procs, mode, uid, gid); } int cg_get_by_pid(const char *controller, pid_t pid, char **path) { @@ -798,7 +822,7 @@ int cg_get_by_pid(const char *controller, pid_t pid, char **path) { continue; l++; - if (strncmp(l, controller, cs) != 0) + if (!strneq(l, controller, cs)) continue; if (l[cs] != ':') @@ -843,7 +867,8 @@ int cg_install_release_agent(const char *controller, const char *agent) { goto finish; } - if ((r = write_one_line_file(fs, line)) < 0) + r = write_string_file(fs, line); + if (r < 0) goto finish; } else if (!streq(sc, agent)) { @@ -864,7 +889,7 @@ int cg_install_release_agent(const char *controller, const char *agent) { sc = strstrip(contents); if (streq(sc, "0")) { - if ((r = write_one_line_file(fs, "1\n")) < 0) + if ((r = write_string_file(fs, "1\n")) < 0) goto finish; r = 1; @@ -883,20 +908,22 @@ finish: } int cg_is_empty(const char *controller, const char *path, bool ignore_self) { - pid_t pid = 0; + pid_t pid = 0, self_pid; int r; FILE *f = NULL; bool found = false; - assert(controller); assert(path); - if ((r = cg_enumerate_tasks(controller, path, &f)) < 0) + r = cg_enumerate_tasks(controller, path, &f); + if (r < 0) return r == -ENOENT ? 1 : r; + self_pid = getpid(); + while ((r = cg_read_pid(f, &pid)) > 0) { - if (ignore_self && pid == getpid()) + if (ignore_self && pid == self_pid) continue; found = true; @@ -911,18 +938,32 @@ int cg_is_empty(const char *controller, const char *path, bool ignore_self) { return !found; } +int cg_is_empty_by_spec(const char *spec, bool ignore_self) { + int r; + _cleanup_free_ char *controller = NULL, *path = NULL; + + assert(spec); + + r = cg_split_spec(spec, &controller, &path); + if (r < 0) + return r; + + return cg_is_empty(controller, path, ignore_self); +} + int cg_is_empty_recursive(const char *controller, const char *path, bool ignore_self) { int r; DIR *d = NULL; char *fn; - assert(controller); assert(path); - if ((r = cg_is_empty(controller, path, ignore_self)) <= 0) + r = cg_is_empty(controller, path, ignore_self); + if (r <= 0) return r; - if ((r = cg_enumerate_subgroups(controller, path, &d)) < 0) + r = cg_enumerate_subgroups(controller, path, &d); + if (r < 0) return r == -ENOENT ? 1 : r; while ((r = cg_read_subgroup(d, &fn)) > 0) { @@ -959,12 +1000,14 @@ int cg_split_spec(const char *spec, char **controller, char **path) { char *t = NULL, *u = NULL; assert(spec); - assert(controller || path); if (*spec == '/') { + if (!path_is_safe(spec)) + return -EINVAL; if (path) { - if (!(t = strdup(spec))) + t = strdup(spec); + if (!t) return -ENOMEM; *path = t; @@ -976,13 +1019,14 @@ int cg_split_spec(const char *spec, char **controller, char **path) { return 0; } - if (!(e = strchr(spec, ':'))) { - - if (strchr(spec, '/') || spec[0] == 0) + e = strchr(spec, ':'); + if (!e) { + if (!filename_is_safe(spec)) return -EINVAL; if (controller) { - if (!(t = strdup(spec))) + t = strdup(spec); + if (!t) return -ENOMEM; *controller = t; @@ -994,26 +1038,34 @@ int cg_split_spec(const char *spec, char **controller, char **path) { return 0; } - if (e[1] != '/' || - e == spec || - memchr(spec, '/', e-spec)) + t = strndup(spec, e-spec); + if (!t) + return -ENOMEM; + if (!filename_is_safe(t)) { + free(t); return -EINVAL; + } - if (controller) - if (!(t = strndup(spec, e-spec))) - return -ENOMEM; - - if (path) - if (!(u = strdup(e+1))) { - free(t); - return -ENOMEM; - } + u = strdup(e+1); + if (!u) { + free(t); + return -ENOMEM; + } + if (!path_is_safe(u)) { + free(t); + free(u); + return -EINVAL; + } if (controller) *controller = t; + else + free(t); if (path) *path = u; + else + free(u); return 0; } @@ -1042,11 +1094,11 @@ int cg_fix_path(const char *path, char **result) { assert(result); /* First check if it already is a filesystem path */ - if (path_is_absolute(path) && - path_startswith(path, "/sys/fs/cgroup") && + if (path_startswith(path, "/sys/fs/cgroup") && access(path, F_OK) >= 0) { - if (!(t = strdup(path))) + t = strdup(path); + if (!t) return -ENOMEM; *result = t; @@ -1054,7 +1106,8 @@ int cg_fix_path(const char *path, char **result) { } /* Otherwise treat it as cg spec */ - if ((r = cg_split_spec(path, &c, &p)) < 0) + r = cg_split_spec(path, &c, &p); + if (r < 0) return r; r = cg_get_path(c ? c : SYSTEMD_CGROUP_CONTROLLER, p ? p : "/", NULL, result); @@ -1091,3 +1144,197 @@ int cg_get_user_path(char **path) { *path = p; return 0; } + +char **cg_shorten_controllers(char **controllers) { + char **f, **t; + + controllers = strv_uniq(controllers); + + if (!controllers) + return controllers; + + for (f = controllers, t = controllers; *f; f++) { + int r; + const char *p; + + if (streq(*f, "systemd") || streq(*f, SYSTEMD_CGROUP_CONTROLLER)) { + free(*f); + continue; + } + + p = normalize_controller(*f); + + r = check(p); + if (r < 0) { + log_debug("Controller %s is not available, removing from controllers list.", *f); + free(*f); + continue; + } + + *(t++) = *f; + } + + *t = NULL; + return controllers; +} + +int cg_pid_get_cgroup(pid_t pid, char **root, char **cgroup) { + char *cg_process, *cg_init, *p; + int r; + + assert(pid >= 0); + + if (pid == 0) + pid = getpid(); + + r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &cg_process); + if (r < 0) + return r; + + r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &cg_init); + if (r < 0) { + free(cg_process); + return r; + } + + if (endswith(cg_init, "/system")) + cg_init[strlen(cg_init)-7] = 0; + else if (streq(cg_init, "/")) + cg_init[0] = 0; + + if (startswith(cg_process, cg_init)) + p = cg_process + strlen(cg_init); + else + p = cg_process; + + free(cg_init); + + if (cgroup) { + char* c; + + c = strdup(p); + if (!c) { + free(cg_process); + return -ENOMEM; + } + + *cgroup = c; + } + + if (root) { + cg_process[p-cg_process] = 0; + *root = cg_process; + } else + free(cg_process); + + return 0; +} + +static int instance_unit_from_cgroup(char *cgroup){ + char *at; + + assert(cgroup); + + at = strstr(cgroup, "@."); + if (at) { + /* This is a templated service */ + + char *i; + char _cleanup_free_ *i2 = NULL, *s = NULL; + + i = strchr(at, '/'); + if (!i || !i[1]) /* disallow empty instances */ + return -EINVAL; + + s = strndup(at + 1, i - at - 1); + i2 = strdup(i + 1); + if (!s || !i2) + return -ENOMEM; + + strcpy(at + 1, i2); + strcat(at + 1, s); + } + + return 0; +} + +/* non-static only for testing purposes */ +int cgroup_to_unit(char *cgroup, char **unit){ + int r; + char *p; + + assert(cgroup); + assert(unit); + + r = instance_unit_from_cgroup(cgroup); + if (r < 0) + return r; + + p = strrchr(cgroup, '/'); + assert(p); + + r = unit_name_is_valid(p + 1, true); + if (!r) + return -EINVAL; + + *unit = strdup(p + 1); + if (!*unit) + return -ENOMEM; + + return 0; +} + +static int cg_pid_get(const char *prefix, pid_t pid, char **unit) { + int r; + char _cleanup_free_ *cgroup = NULL; + + assert(pid >= 0); + assert(unit); + + r = cg_pid_get_cgroup(pid, NULL, &cgroup); + if (r < 0) + return r; + + if (!startswith(cgroup, prefix)) + return -ENOENT; + + r = cgroup_to_unit(cgroup, unit); + return r; +} + +int cg_pid_get_unit(pid_t pid, char **unit) { + return cg_pid_get("/system/", pid, unit); +} + +int cg_pid_get_user_unit(pid_t pid, char **unit) { + return cg_pid_get("/user/", pid, unit); +} + +int cg_controller_from_attr(const char *attr, char **controller) { + const char *dot; + char *c; + + assert(attr); + assert(controller); + + if (!filename_is_safe(attr)) + return -EINVAL; + + dot = strchr(attr, '.'); + if (!dot) { + *controller = NULL; + return 0; + } + + c = strndup(attr, dot - attr); + if (!c) + return -ENOMEM; + + if (!filename_is_safe(c)) { + free(c); + return -EINVAL; + } + + *controller = c; + return 1; +}