1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
29 #include <sys/types.h>
35 #include "formats-util.h"
36 #include "process-util.h"
37 #include "path-util.h"
38 // #include "unit-name.h"
40 // #include "special.h"
42 #include "login-util.h"
43 #include "cgroup-util.h"
45 int cg_enumerate_processes(const char *controller, const char *path, FILE **_f) {
46 _cleanup_free_ char *fs = NULL;
52 r = cg_get_path(controller, path, "cgroup.procs", &fs);
64 int cg_read_pid(FILE *f, pid_t *_pid) {
67 /* Note that the cgroup.procs might contain duplicates! See
68 * cgroups.txt for details. */
74 if (fscanf(f, "%lu", &ul) != 1) {
79 return errno ? -errno : -EIO;
89 int cg_enumerate_subgroups(const char *controller, const char *path, DIR **_d) {
90 _cleanup_free_ char *fs = NULL;
96 /* This is not recursive! */
98 r = cg_get_path(controller, path, NULL, &fs);
110 int cg_read_subgroup(DIR *d, char **fn) {
116 FOREACH_DIRENT_ALL(de, d, return -errno) {
119 if (de->d_type != DT_DIR)
122 if (streq(de->d_name, ".") ||
123 streq(de->d_name, ".."))
126 b = strdup(de->d_name);
137 int cg_rmdir(const char *controller, const char *path) {
138 _cleanup_free_ char *p = NULL;
141 r = cg_get_path(controller, path, NULL, &p);
146 if (r < 0 && errno != ENOENT)
152 int cg_kill(const char *controller, const char *path, int sig, bool sigcont, bool ignore_self, Set *s) {
153 _cleanup_set_free_ Set *allocated_set = NULL;
160 /* This goes through the tasks list and kills them all. This
161 * is repeated until no further processes are added to the
162 * tasks list, to properly handle forking processes */
165 s = allocated_set = set_new(NULL);
173 _cleanup_fclose_ FILE *f = NULL;
177 r = cg_enumerate_processes(controller, path, &f);
179 if (ret >= 0 && r != -ENOENT)
185 while ((r = cg_read_pid(f, &pid)) > 0) {
187 if (ignore_self && pid == my_pid)
190 if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
193 /* If we haven't killed this process yet, kill
195 if (kill(pid, sig) < 0) {
196 if (ret >= 0 && errno != ESRCH)
199 if (sigcont && sig != SIGKILL)
200 (void) kill(pid, SIGCONT);
208 r = set_put(s, PID_TO_PTR(pid));
224 /* To avoid racing against processes which fork
225 * quicker than we can kill them we repeat this until
226 * no new pids need to be killed. */
233 int cg_kill_recursive(const char *controller, const char *path, int sig, bool sigcont, bool ignore_self, bool rem, Set *s) {
234 _cleanup_set_free_ Set *allocated_set = NULL;
235 _cleanup_closedir_ DIR *d = NULL;
243 s = allocated_set = set_new(NULL);
248 ret = cg_kill(controller, path, sig, sigcont, ignore_self, s);
250 r = cg_enumerate_subgroups(controller, path, &d);
252 if (ret >= 0 && r != -ENOENT)
258 while ((r = cg_read_subgroup(d, &fn)) > 0) {
259 _cleanup_free_ char *p = NULL;
261 p = strjoin(path, "/", fn, NULL);
266 r = cg_kill_recursive(controller, p, sig, sigcont, ignore_self, rem, s);
267 if (r != 0 && ret >= 0)
271 if (ret >= 0 && r < 0)
275 r = cg_rmdir(controller, path);
276 if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY)
283 int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, bool ignore_self) {
285 _cleanup_set_free_ Set *s = NULL;
301 _cleanup_fclose_ FILE *f = NULL;
305 r = cg_enumerate_processes(cfrom, pfrom, &f);
307 if (ret >= 0 && r != -ENOENT)
313 while ((r = cg_read_pid(f, &pid)) > 0) {
315 /* This might do weird stuff if we aren't a
316 * single-threaded program. However, we
317 * luckily know we are not */
318 if (ignore_self && pid == my_pid)
321 if (set_get(s, PID_TO_PTR(pid)) == PID_TO_PTR(pid))
324 /* Ignore kernel threads. Since they can only
325 * exist in the root cgroup, we only check for
328 (isempty(pfrom) || path_equal(pfrom, "/")) &&
329 is_kernel_thread(pid) > 0)
332 r = cg_attach(cto, pto, pid);
334 if (ret >= 0 && r != -ESRCH)
341 r = set_put(s, PID_TO_PTR(pid));
361 int cg_migrate_recursive(
369 _cleanup_closedir_ DIR *d = NULL;
378 ret = cg_migrate(cfrom, pfrom, cto, pto, ignore_self);
380 r = cg_enumerate_subgroups(cfrom, pfrom, &d);
382 if (ret >= 0 && r != -ENOENT)
388 while ((r = cg_read_subgroup(d, &fn)) > 0) {
389 _cleanup_free_ char *p = NULL;
391 p = strjoin(pfrom, "/", fn, NULL);
396 r = cg_migrate_recursive(cfrom, p, cto, pto, ignore_self, rem);
397 if (r != 0 && ret >= 0)
401 if (r < 0 && ret >= 0)
405 r = cg_rmdir(cfrom, pfrom);
406 if (r < 0 && ret >= 0 && r != -ENOENT && r != -EBUSY)
413 int cg_migrate_recursive_fallback(
428 r = cg_migrate_recursive(cfrom, pfrom, cto, pto, ignore_self, rem);
430 char prefix[strlen(pto) + 1];
432 /* This didn't work? Then let's try all prefixes of the destination */
434 PATH_FOREACH_PREFIX(prefix, pto) {
437 q = cg_migrate_recursive(cfrom, pfrom, cto, prefix, ignore_self, rem);
446 static const char *controller_to_dirname(const char *controller) {
451 /* Converts a controller name to the directory name below
452 * /sys/fs/cgroup/ we want to mount it to. Effectively, this
453 * just cuts off the name= prefixed used for named
454 * hierarchies, if it is specified. */
456 e = startswith(controller, "name=");
463 static int join_path_legacy(const char *controller, const char *path, const char *suffix, char **fs) {
470 dn = controller_to_dirname(controller);
472 if (isempty(path) && isempty(suffix))
473 t = strappend("/sys/fs/cgroup/", dn);
474 else if (isempty(path))
475 t = strjoin("/sys/fs/cgroup/", dn, "/", suffix, NULL);
476 else if (isempty(suffix))
477 t = strjoin("/sys/fs/cgroup/", dn, "/", path, NULL);
479 t = strjoin("/sys/fs/cgroup/", dn, "/", path, "/", suffix, NULL);
487 static int join_path_unified(const char *path, const char *suffix, char **fs) {
492 if (isempty(path) && isempty(suffix))
493 t = strdup("/sys/fs/cgroup");
494 else if (isempty(path))
495 t = strappend("/sys/fs/cgroup/", suffix);
496 else if (isempty(suffix))
497 t = strappend("/sys/fs/cgroup/", path);
499 t = strjoin("/sys/fs/cgroup/", path, "/", suffix, NULL);
507 int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs) {
515 /* If no controller is specified, we return the path
516 * *below* the controllers, without any prefix. */
518 if (!path && !suffix)
526 t = strjoin(path, "/", suffix, NULL);
530 *fs = path_kill_slashes(t);
534 if (!cg_controller_is_valid(controller))
537 unified = cg_unified();
542 r = join_path_unified(path, suffix, fs);
544 r = join_path_legacy(controller, path, suffix, fs);
548 path_kill_slashes(*fs);
552 static int controller_is_accessible(const char *controller) {
557 /* Checks whether a specific controller is accessible,
558 * i.e. its hierarchy mounted. In the unified hierarchy all
559 * controllers are considered accessible, except for the named
562 if (!cg_controller_is_valid(controller))
565 unified = cg_unified();
569 /* We don't support named hierarchies if we are using
570 * the unified hierarchy. */
572 if (streq(controller, ELOGIND_CGROUP_CONTROLLER))
575 if (startswith(controller, "name="))
581 dn = controller_to_dirname(controller);
582 cc = strjoina("/sys/fs/cgroup/", dn);
584 if (laccess(cc, F_OK) < 0)
591 int cg_get_path_and_check(const char *controller, const char *path, const char *suffix, char **fs) {
597 /* Check if the specified controller is actually accessible */
598 r = controller_is_accessible(controller);
602 return cg_get_path(controller, path, suffix, fs);
605 static int trim_cb(const char *path, const struct stat *sb, int typeflag, struct FTW *ftwbuf) {
610 if (typeflag != FTW_DP)
613 if (ftwbuf->level < 1)
620 int cg_trim(const char *controller, const char *path, bool delete_root) {
621 _cleanup_free_ char *fs = NULL;
626 r = cg_get_path(controller, path, NULL, &fs);
631 if (nftw(fs, trim_cb, 64, FTW_DEPTH|FTW_MOUNT|FTW_PHYS) != 0) {
641 if (rmdir(fs) < 0 && errno != ENOENT)
648 int cg_create(const char *controller, const char *path) {
649 _cleanup_free_ char *fs = NULL;
652 r = cg_get_path_and_check(controller, path, NULL, &fs);
656 r = mkdir_parents(fs, 0755);
660 if (mkdir(fs, 0755) < 0) {
671 int cg_create_and_attach(const char *controller, const char *path, pid_t pid) {
676 r = cg_create(controller, path);
680 q = cg_attach(controller, path, pid);
684 /* This does not remove the cgroup on failure */
688 int cg_attach(const char *controller, const char *path, pid_t pid) {
689 _cleanup_free_ char *fs = NULL;
690 char c[DECIMAL_STR_MAX(pid_t) + 2];
696 r = cg_get_path_and_check(controller, path, "cgroup.procs", &fs);
703 snprintf(c, sizeof(c), PID_FMT"\n", pid);
705 return write_string_file_no_create(fs, c);
708 int cg_attach_fallback(const char *controller, const char *path, pid_t pid) {
715 r = cg_attach(controller, path, pid);
717 char prefix[strlen(path) + 1];
719 /* This didn't work? Then let's try all prefixes of
722 PATH_FOREACH_PREFIX(prefix, path) {
725 q = cg_attach(controller, prefix, pid);
734 /// UNNEEDED by elogind
736 int cg_set_group_access(
737 const char *controller,
743 _cleanup_free_ char *fs = NULL;
746 if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
749 if (mode != MODE_INVALID)
752 r = cg_get_path(controller, path, NULL, &fs);
756 return chmod_and_chown(fs, mode, uid, gid);
759 int cg_set_task_access(
760 const char *controller,
766 _cleanup_free_ char *fs = NULL, *procs = NULL;
771 if (mode == MODE_INVALID && uid == UID_INVALID && gid == GID_INVALID)
774 if (mode != MODE_INVALID)
777 r = cg_get_path(controller, path, "cgroup.procs", &fs);
781 r = chmod_and_chown(fs, mode, uid, gid);
785 unified = cg_unified();
791 /* Compatibility, Always keep values for "tasks" in sync with
793 if (cg_get_path(controller, path, "tasks", &procs) >= 0)
794 (void) chmod_and_chown(procs, mode, uid, gid);
800 int cg_pid_get_path(const char *controller, pid_t pid, char **path) {
801 _cleanup_fclose_ FILE *f = NULL;
810 unified = cg_unified();
815 if (!cg_controller_is_valid(controller))
818 controller = ELOGIND_CGROUP_CONTROLLER;
820 cs = strlen(controller);
823 fs = procfs_file_alloca(pid, "cgroup");
826 return errno == ENOENT ? -ESRCH : -errno;
828 FOREACH_LINE(line, f, return -errno) {
834 e = startswith(line, "0:");
844 const char *word, *state;
847 l = strchr(line, ':');
857 FOREACH_WORD_SEPARATOR(word, k, l, ",", state) {
858 if (k == cs && memcmp(word, controller, cs) == 0) {
879 int cg_install_release_agent(const char *controller, const char *agent) {
880 _cleanup_free_ char *fs = NULL, *contents = NULL;
886 unified = cg_unified();
889 if (unified) /* doesn't apply to unified hierarchy */
892 r = cg_get_path(controller, NULL, "release_agent", &fs);
896 r = read_one_line_file(fs, &contents);
900 sc = strstrip(contents);
902 r = write_string_file_no_create(fs, agent);
905 } else if (!path_equal(sc, agent))
909 r = cg_get_path(controller, NULL, "notify_on_release", &fs);
913 contents = mfree(contents);
914 r = read_one_line_file(fs, &contents);
918 sc = strstrip(contents);
919 if (streq(sc, "0")) {
920 r = write_string_file_no_create(fs, "1");
933 int cg_uninstall_release_agent(const char *controller) {
934 _cleanup_free_ char *fs = NULL;
937 unified = cg_unified();
940 if (unified) /* Doesn't apply to unified hierarchy */
943 r = cg_get_path(controller, NULL, "notify_on_release", &fs);
947 r = write_string_file_no_create(fs, "0");
953 r = cg_get_path(controller, NULL, "release_agent", &fs);
957 r = write_string_file_no_create(fs, "");
964 int cg_is_empty(const char *controller, const char *path) {
965 _cleanup_fclose_ FILE *f = NULL;
971 r = cg_enumerate_processes(controller, path, &f);
977 r = cg_read_pid(f, &pid);
984 int cg_is_empty_recursive(const char *controller, const char *path) {
989 /* The root cgroup is always populated */
990 if (controller && (isempty(path) || path_equal(path, "/")))
993 unified = cg_unified();
998 _cleanup_free_ char *populated = NULL, *t = NULL;
1000 /* On the unified hierarchy we can check empty state
1001 * via the "cgroup.populated" attribute. */
1003 r = cg_get_path(controller, path, "cgroup.populated", &populated);
1007 r = read_one_line_file(populated, &t);
1013 return streq(t, "0");
1015 _cleanup_closedir_ DIR *d = NULL;
1018 r = cg_is_empty(controller, path);
1022 r = cg_enumerate_subgroups(controller, path, &d);
1028 while ((r = cg_read_subgroup(d, &fn)) > 0) {
1029 _cleanup_free_ char *p = NULL;
1031 p = strjoin(path, "/", fn, NULL);
1036 r = cg_is_empty_recursive(controller, p);
1047 int cg_split_spec(const char *spec, char **controller, char **path) {
1048 char *t = NULL, *u = NULL;
1054 if (!path_is_safe(spec))
1062 *path = path_kill_slashes(t);
1071 e = strchr(spec, ':');
1073 if (!cg_controller_is_valid(spec))
1090 t = strndup(spec, e-spec);
1093 if (!cg_controller_is_valid(t)) {
1107 if (!path_is_safe(u) ||
1108 !path_is_absolute(u)) {
1114 path_kill_slashes(u);
1130 int cg_mangle_path(const char *path, char **result) {
1131 _cleanup_free_ char *c = NULL, *p = NULL;
1138 /* First, check if it already is a filesystem path */
1139 if (path_startswith(path, "/sys/fs/cgroup")) {
1145 *result = path_kill_slashes(t);
1149 /* Otherwise, treat it as cg spec */
1150 r = cg_split_spec(path, &c, &p);
1154 return cg_get_path(c ? c : ELOGIND_CGROUP_CONTROLLER, p ? p : "/", NULL, result);
1157 int cg_get_root_path(char **path) {
1158 /// elogind does not support systemd scopes and slices
1165 r = cg_pid_get_path(ELOGIND_CGROUP_CONTROLLER, 1, &p);
1169 e = endswith(p, "/" SPECIAL_INIT_SCOPE);
1171 e = endswith(p, "/" SPECIAL_SYSTEM_SLICE); /* legacy */
1173 e = endswith(p, "/system"); /* even more legacy */
1181 return cg_pid_get_path(ELOGIND_CGROUP_CONTROLLER, 1, path);
1185 int cg_shift_path(const char *cgroup, const char *root, const char **shifted) {
1186 _cleanup_free_ char *rt = NULL;
1194 /* If the root was specified let's use that, otherwise
1195 * let's determine it from PID 1 */
1197 r = cg_get_root_path(&rt);
1204 p = path_startswith(cgroup, root);
1205 if (p && p > cgroup)
1213 int cg_pid_get_path_shifted(pid_t pid, const char *root, char **cgroup) {
1214 _cleanup_free_ char *raw = NULL;
1221 r = cg_pid_get_path(ELOGIND_CGROUP_CONTROLLER, pid, &raw);
1225 r = cg_shift_path(raw, root, &c);
1245 /// UNNEEDED by elogind
1247 int cg_path_decode_unit(const char *cgroup, char **unit){
1254 n = strcspn(cgroup, "/");
1258 c = strndupa(cgroup, n);
1261 if (!unit_name_is_valid(c, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
1272 static bool valid_slice_name(const char *p, size_t n) {
1277 if (n < strlen("x.slice"))
1280 if (memcmp(p + n - 6, ".slice", 6) == 0) {
1286 c = cg_unescape(buf);
1288 return unit_name_is_valid(c, UNIT_NAME_PLAIN);
1294 static const char *skip_slices(const char *p) {
1297 /* Skips over all slice assignments */
1302 p += strspn(p, "/");
1304 n = strcspn(p, "/");
1305 if (!valid_slice_name(p, n))
1312 int cg_path_get_unit(const char *path, char **ret) {
1320 e = skip_slices(path);
1322 r = cg_path_decode_unit(e, &unit);
1326 /* We skipped over the slices, don't accept any now */
1327 if (endswith(unit, ".slice")) {
1336 int cg_pid_get_unit(pid_t pid, char **unit) {
1337 _cleanup_free_ char *cgroup = NULL;
1342 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1346 return cg_path_get_unit(cgroup, unit);
1350 * Skip session-*.scope, but require it to be there.
1352 static const char *skip_session(const char *p) {
1358 p += strspn(p, "/");
1360 n = strcspn(p, "/");
1361 if (n < strlen("session-x.scope"))
1364 if (memcmp(p, "session-", 8) == 0 && memcmp(p + n - 6, ".scope", 6) == 0) {
1365 char buf[n - 8 - 6 + 1];
1367 memcpy(buf, p + 8, n - 8 - 6);
1370 /* Note that session scopes never need unescaping,
1371 * since they cannot conflict with the kernel's own
1372 * names, hence we don't need to call cg_unescape()
1375 if (!session_id_valid(buf))
1379 p += strspn(p, "/");
1387 * Skip user@*.service, but require it to be there.
1389 static const char *skip_user_manager(const char *p) {
1395 p += strspn(p, "/");
1397 n = strcspn(p, "/");
1398 if (n < strlen("user@x.service"))
1401 if (memcmp(p, "user@", 5) == 0 && memcmp(p + n - 8, ".service", 8) == 0) {
1402 char buf[n - 5 - 8 + 1];
1404 memcpy(buf, p + 5, n - 5 - 8);
1407 /* Note that user manager services never need unescaping,
1408 * since they cannot conflict with the kernel's own
1409 * names, hence we don't need to call cg_unescape()
1412 if (parse_uid(buf, NULL) < 0)
1416 p += strspn(p, "/");
1424 static const char *skip_user_prefix(const char *path) {
1429 /* Skip slices, if there are any */
1430 e = skip_slices(path);
1432 /* Skip the user manager, if it's in the path now... */
1433 t = skip_user_manager(e);
1437 /* Alternatively skip the user session if it is in the path... */
1438 return skip_session(e);
1441 int cg_path_get_user_unit(const char *path, char **ret) {
1447 t = skip_user_prefix(path);
1451 /* And from here on it looks pretty much the same as for a
1452 * system unit, hence let's use the same parser from here
1454 return cg_path_get_unit(t, ret);
1457 int cg_pid_get_user_unit(pid_t pid, char **unit) {
1458 _cleanup_free_ char *cgroup = NULL;
1463 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1467 return cg_path_get_user_unit(cgroup, unit);
1470 int cg_path_get_machine_name(const char *path, char **machine) {
1471 _cleanup_free_ char *u = NULL;
1475 r = cg_path_get_unit(path, &u);
1479 sl = strjoina("/run/systemd/machines/unit:", u);
1480 return readlink_malloc(sl, machine);
1483 int cg_pid_get_machine_name(pid_t pid, char **machine) {
1484 _cleanup_free_ char *cgroup = NULL;
1489 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1493 return cg_path_get_machine_name(cgroup, machine);
1497 int cg_path_get_session(const char *path, char **session) {
1498 /* Elogind uses a flat hierarchy, just "/SESSION". The only
1499 wrinkle is that SESSION might be escaped. */
1501 _cleanup_free_ char *unit = NULL;
1507 r = cg_path_get_unit(path, &unit);
1511 start = startswith(unit, "session-");
1514 end = endswith(start, ".scope");
1519 if (!session_id_valid(start))
1522 const char *e, *n, *start;
1525 assert(path[0] == '/');
1528 n = strchrnul(e, '/');
1532 start = strndupa(e, n - e);
1533 start = cg_unescape(start);
1552 int cg_pid_get_session(pid_t pid, char **session) {
1553 _cleanup_free_ char *cgroup = NULL;
1556 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1560 return cg_path_get_session(cgroup, session);
1563 /// UNNEEDED by elogind
1565 int cg_path_get_owner_uid(const char *path, uid_t *uid) {
1566 _cleanup_free_ char *slice = NULL;
1572 r = cg_path_get_slice(path, &slice);
1576 start = startswith(slice, "user-");
1579 end = endswith(start, ".slice");
1584 if (parse_uid(start, uid) < 0)
1590 int cg_pid_get_owner_uid(pid_t pid, uid_t *uid) {
1591 _cleanup_free_ char *cgroup = NULL;
1594 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1598 return cg_path_get_owner_uid(cgroup, uid);
1601 int cg_path_get_slice(const char *p, char **slice) {
1602 const char *e = NULL;
1607 /* Finds the right-most slice unit from the beginning, but
1608 * stops before we come to the first non-slice unit. */
1613 p += strspn(p, "/");
1615 n = strcspn(p, "/");
1616 if (!valid_slice_name(p, n)) {
1621 s = strdup("-.slice");
1629 return cg_path_decode_unit(e, slice);
1637 int cg_pid_get_slice(pid_t pid, char **slice) {
1638 _cleanup_free_ char *cgroup = NULL;
1643 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1647 return cg_path_get_slice(cgroup, slice);
1650 int cg_path_get_user_slice(const char *p, char **slice) {
1655 t = skip_user_prefix(p);
1659 /* And now it looks pretty much the same as for a system
1660 * slice, so let's just use the same parser from here on. */
1661 return cg_path_get_slice(t, slice);
1664 int cg_pid_get_user_slice(pid_t pid, char **slice) {
1665 _cleanup_free_ char *cgroup = NULL;
1670 r = cg_pid_get_path_shifted(pid, NULL, &cgroup);
1674 return cg_path_get_user_slice(cgroup, slice);
1678 char *cg_escape(const char *p) {
1679 bool need_prefix = false;
1681 /* This implements very minimal escaping for names to be used
1682 * as file names in the cgroup tree: any name which might
1683 * conflict with a kernel name or is prefixed with '_' is
1684 * prefixed with a '_'. That way, when reading cgroup names it
1685 * is sufficient to remove a single prefixing underscore if
1688 /* The return value of this function (unlike cg_unescape())
1694 streq(p, "notify_on_release") ||
1695 streq(p, "release_agent") ||
1696 streq(p, "tasks") ||
1697 startswith(p, "cgroup."))
1702 dot = strrchr(p, '.');
1707 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1710 n = cgroup_controller_to_string(c);
1715 if (memcmp(p, n, l) != 0)
1725 return strappend("_", p);
1730 char *cg_unescape(const char *p) {
1733 /* The return value of this function (unlike cg_escape())
1734 * doesn't need free()! */
1742 #define CONTROLLER_VALID \
1746 bool cg_controller_is_valid(const char *p) {
1752 s = startswith(p, "name=");
1756 if (*p == 0 || *p == '_')
1759 for (t = p; *t; t++)
1760 if (!strchr(CONTROLLER_VALID, *t))
1763 if (t - p > FILENAME_MAX)
1769 /// UNNEEDED by elogind
1771 int cg_slice_to_path(const char *unit, char **ret) {
1772 _cleanup_free_ char *p = NULL, *s = NULL, *e = NULL;
1779 if (streq(unit, "-.slice")) {
1789 if (!unit_name_is_valid(unit, UNIT_NAME_PLAIN))
1792 if (!endswith(unit, ".slice"))
1795 r = unit_name_to_prefix(unit, &p);
1799 dash = strchr(p, '-');
1801 /* Don't allow initial dashes */
1806 _cleanup_free_ char *escaped = NULL;
1807 char n[dash - p + sizeof(".slice")];
1809 /* Don't allow trailing or double dashes */
1810 if (dash[1] == 0 || dash[1] == '-')
1813 strcpy(stpncpy(n, p, dash - p), ".slice");
1814 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN))
1817 escaped = cg_escape(n);
1821 if (!strextend(&s, escaped, "/", NULL))
1824 dash = strchr(dash+1, '-');
1827 e = cg_escape(unit);
1831 if (!strextend(&s, e, NULL))
1841 int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value) {
1842 _cleanup_free_ char *p = NULL;
1845 r = cg_get_path(controller, path, attribute, &p);
1849 return write_string_file_no_create(p, value);
1852 /// UNNEEDED by elogind
1854 int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret) {
1855 _cleanup_free_ char *p = NULL;
1858 r = cg_get_path(controller, path, attribute, &p);
1862 return read_one_line_file(p, ret);
1865 int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) {
1869 /* This one will create a cgroup in our private tree, but also
1870 * duplicate it in the trees specified in mask, and remove it
1873 /* First create the cgroup in our own hierarchy. */
1874 r = cg_create(ELOGIND_CGROUP_CONTROLLER, path);
1878 /* If we are in the unified hierarchy, we are done now */
1879 unified = cg_unified();
1885 /* Otherwise, do the same in the other hierarchies */
1886 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1887 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1890 n = cgroup_controller_to_string(c);
1893 (void) cg_create(n, path);
1894 else if (supported & bit)
1895 (void) cg_trim(n, path, true);
1902 int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t path_callback, void *userdata) {
1906 r = cg_attach(ELOGIND_CGROUP_CONTROLLER, path, pid);
1910 unified = cg_unified();
1916 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1917 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1918 const char *p = NULL;
1920 if (!(supported & bit))
1924 p = path_callback(bit, userdata);
1929 (void) cg_attach_fallback(cgroup_controller_to_string(c), p, pid);
1935 /// UNNEEDED by elogind
1937 int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t path_callback, void *userdata) {
1942 SET_FOREACH(pidp, pids, i) {
1943 pid_t pid = PTR_TO_PID(pidp);
1946 q = cg_attach_everywhere(supported, path, pid, path_callback, userdata);
1947 if (q < 0 && r >= 0)
1954 int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t to_callback, void *userdata) {
1958 if (!path_equal(from, to)) {
1959 r = cg_migrate_recursive(ELOGIND_CGROUP_CONTROLLER, from, ELOGIND_CGROUP_CONTROLLER, to, false, true);
1964 unified = cg_unified();
1970 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
1971 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
1972 const char *p = NULL;
1974 if (!(supported & bit))
1978 p = to_callback(bit, userdata);
1983 (void) cg_migrate_recursive_fallback(ELOGIND_CGROUP_CONTROLLER, to, cgroup_controller_to_string(c), p, false, false);
1989 int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root) {
1993 r = cg_trim(ELOGIND_CGROUP_CONTROLLER, path, delete_root);
1997 unified = cg_unified();
2003 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2004 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
2006 if (!(supported & bit))
2009 (void) cg_trim(cgroup_controller_to_string(c), path, delete_root);
2016 int cg_mask_supported(CGroupMask *ret) {
2017 CGroupMask mask = 0;
2020 /* Determines the mask of supported cgroup controllers. Only
2021 * includes controllers we can make sense of and that are
2022 * actually accessible. */
2024 unified = cg_unified();
2028 _cleanup_free_ char *root = NULL, *controllers = NULL, *path = NULL;
2031 /* In the unified hierarchy we can read the supported
2032 * and accessible controllers from a the top-level
2033 * cgroup attribute */
2035 r = cg_get_root_path(&root);
2039 r = cg_get_path(ELOGIND_CGROUP_CONTROLLER, root, "cgroup.controllers", &path);
2043 r = read_one_line_file(path, &controllers);
2049 _cleanup_free_ char *n = NULL;
2052 r = extract_first_word(&c, &n, NULL, 0);
2058 v = cgroup_controller_from_string(n);
2062 mask |= CGROUP_CONTROLLER_TO_MASK(v);
2065 /* Currently, we only support the memory controller in
2066 * the unified hierarchy, mask everything else off. */
2067 mask &= CGROUP_MASK_MEMORY;
2072 /* In the legacy hierarchy, we check whether which
2073 * hierarchies are mounted. */
2075 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2078 n = cgroup_controller_to_string(c);
2079 if (controller_is_accessible(n) >= 0)
2080 mask |= CGROUP_CONTROLLER_TO_MASK(c);
2088 /// UNNEEDED by elogind
2090 int cg_kernel_controllers(Set *controllers) {
2091 _cleanup_fclose_ FILE *f = NULL;
2095 assert(controllers);
2097 /* Determines the full list of kernel-known controllers. Might
2098 * include controllers we don't actually support, arbitrary
2099 * named hierarchies and controllers that aren't currently
2100 * accessible (because not mounted). */
2102 f = fopen("/proc/cgroups", "re");
2104 if (errno == ENOENT)
2109 /* Ignore the header line */
2110 (void) fgets(buf, sizeof(buf), f);
2117 if (fscanf(f, "%ms %*i %*i %i", &controller, &enabled) != 2) {
2122 if (ferror(f) && errno != 0)
2133 if (!cg_controller_is_valid(controller)) {
2138 r = set_consume(controllers, controller);
2147 static thread_local int unified_cache = -1;
2149 int cg_unified(void) {
2152 /* Checks if we support the unified hierarchy. Returns an
2153 * error when the cgroup hierarchies aren't mounted yet or we
2154 * have any other trouble determining if the unified hierarchy
2157 if (unified_cache >= 0)
2158 return unified_cache;
2160 if (statfs("/sys/fs/cgroup/", &fs) < 0)
2163 /// elogind can not support the unified hierarchy as a controller,
2164 /// so always assume a classical hierarchy.
2165 /// If, ond only *if*, someone really wants to substitute systemd-login
2166 /// in an environment managed by systemd with elogin, we might have to
2167 /// add such a support.
2169 if (F_TYPE_EQUAL(fs.f_type, CGROUP_SUPER_MAGIC))
2170 unified_cache = true;
2171 else if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC))
2173 if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC))
2175 unified_cache = false;
2179 return unified_cache;
2182 /// UNNEEDED by elogind
2184 void cg_unified_flush(void) {
2188 int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p) {
2189 _cleanup_free_ char *fs = NULL;
2198 unified = cg_unified();
2201 if (!unified) /* on the legacy hiearchy there's no joining of controllers defined */
2204 r = cg_get_path(ELOGIND_CGROUP_CONTROLLER, p, "cgroup.subtree_control", &fs);
2208 for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) {
2209 CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c);
2212 if (!(supported & bit))
2215 n = cgroup_controller_to_string(c);
2217 char s[1 + strlen(n) + 1];
2219 s[0] = mask & bit ? '+' : '-';
2222 r = write_string_file(fs, s, 0);
2224 log_debug_errno(r, "Failed to enable controller %s for %s (%s): %m", n, p, fs);
2232 bool cg_is_unified_wanted(void) {
2233 static thread_local int wanted = -1;
2236 /* If the hierarchy is already mounted, then follow whatever
2237 * was chosen for it. */
2238 unified = cg_unified();
2242 /* Otherwise, let's see what the kernel command line has to
2243 * say. Since checking that is expensive, let's cache the
2248 r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy", NULL);
2250 return (wanted = true);
2252 _cleanup_free_ char *value = NULL;
2254 r = get_proc_cmdline_key("systemd.unified_cgroup_hierarchy=", &value);
2258 return (wanted = false);
2260 return (wanted = parse_boolean(value) > 0);
2264 /// UNNEEDED by elogind
2266 bool cg_is_legacy_wanted(void) {
2267 return !cg_is_unified_wanted();
2271 static const char *cgroup_controller_table[_CGROUP_CONTROLLER_MAX] = {
2272 [CGROUP_CONTROLLER_CPU] = "cpu",
2273 [CGROUP_CONTROLLER_CPUACCT] = "cpuacct",
2274 [CGROUP_CONTROLLER_BLKIO] = "blkio",
2275 [CGROUP_CONTROLLER_MEMORY] = "memory",
2276 [CGROUP_CONTROLLER_DEVICE] = "devices",
2279 DEFINE_STRING_TABLE_LOOKUP(cgroup_controller, CGroupController);