Line data Source code
1 : /* SPDX-License-Identifier: LGPL-2.1+ */
2 : #pragma once
3 :
4 : #include <dirent.h>
5 : #include <stdbool.h>
6 : #include <stdint.h>
7 : #include <stdio.h>
8 : #include <sys/statfs.h>
9 : #include <sys/types.h>
10 :
11 : #include "def.h"
12 : #include "set.h"
13 :
14 : #define SYSTEMD_CGROUP_CONTROLLER_LEGACY "name=systemd"
15 : #define SYSTEMD_CGROUP_CONTROLLER_HYBRID "name=unified"
16 : #define SYSTEMD_CGROUP_CONTROLLER "_systemd"
17 :
18 : /* An enum of well known cgroup controllers */
19 : typedef enum CGroupController {
20 : /* Original cgroup controllers */
21 : CGROUP_CONTROLLER_CPU,
22 : CGROUP_CONTROLLER_CPUACCT, /* v1 only */
23 : CGROUP_CONTROLLER_IO, /* v2 only */
24 : CGROUP_CONTROLLER_BLKIO, /* v1 only */
25 : CGROUP_CONTROLLER_MEMORY,
26 : CGROUP_CONTROLLER_DEVICES, /* v1 only */
27 : CGROUP_CONTROLLER_PIDS,
28 :
29 : /* BPF-based pseudo-controllers, v2 only */
30 : CGROUP_CONTROLLER_BPF_FIREWALL,
31 : CGROUP_CONTROLLER_BPF_DEVICES,
32 :
33 : _CGROUP_CONTROLLER_MAX,
34 : _CGROUP_CONTROLLER_INVALID = -1,
35 : } CGroupController;
36 :
37 : #define CGROUP_CONTROLLER_TO_MASK(c) (1U << (c))
38 :
39 : /* A bit mask of well known cgroup controllers */
40 : typedef enum CGroupMask {
41 : CGROUP_MASK_CPU = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_CPU),
42 : CGROUP_MASK_CPUACCT = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_CPUACCT),
43 : CGROUP_MASK_IO = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_IO),
44 : CGROUP_MASK_BLKIO = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_BLKIO),
45 : CGROUP_MASK_MEMORY = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_MEMORY),
46 : CGROUP_MASK_DEVICES = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_DEVICES),
47 : CGROUP_MASK_PIDS = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_PIDS),
48 : CGROUP_MASK_BPF_FIREWALL = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_BPF_FIREWALL),
49 : CGROUP_MASK_BPF_DEVICES = CGROUP_CONTROLLER_TO_MASK(CGROUP_CONTROLLER_BPF_DEVICES),
50 :
51 : /* All real cgroup v1 controllers */
52 : CGROUP_MASK_V1 = CGROUP_MASK_CPU|CGROUP_MASK_CPUACCT|CGROUP_MASK_BLKIO|CGROUP_MASK_MEMORY|CGROUP_MASK_DEVICES|CGROUP_MASK_PIDS,
53 :
54 : /* All real cgroup v2 controllers */
55 : CGROUP_MASK_V2 = CGROUP_MASK_CPU|CGROUP_MASK_IO|CGROUP_MASK_MEMORY|CGROUP_MASK_PIDS,
56 :
57 : /* All cgroup v2 BPF pseudo-controllers */
58 : CGROUP_MASK_BPF = CGROUP_MASK_BPF_FIREWALL|CGROUP_MASK_BPF_DEVICES,
59 :
60 : _CGROUP_MASK_ALL = CGROUP_CONTROLLER_TO_MASK(_CGROUP_CONTROLLER_MAX) - 1
61 : } CGroupMask;
62 :
63 677 : static inline CGroupMask CGROUP_MASK_EXTEND_JOINED(CGroupMask mask) {
64 : /* We always mount "cpu" and "cpuacct" in the same hierarchy. Hence, when one bit is set also set the other */
65 :
66 677 : if (mask & (CGROUP_MASK_CPU|CGROUP_MASK_CPUACCT))
67 48 : mask |= (CGROUP_MASK_CPU|CGROUP_MASK_CPUACCT);
68 :
69 677 : return mask;
70 : }
71 :
72 : CGroupMask get_cpu_accounting_mask(void);
73 : bool cpu_accounting_is_cheap(void);
74 :
75 : /* Special values for all weight knobs on unified hierarchy */
76 : #define CGROUP_WEIGHT_INVALID ((uint64_t) -1)
77 : #define CGROUP_WEIGHT_MIN UINT64_C(1)
78 : #define CGROUP_WEIGHT_MAX UINT64_C(10000)
79 : #define CGROUP_WEIGHT_DEFAULT UINT64_C(100)
80 :
81 : #define CGROUP_LIMIT_MIN UINT64_C(0)
82 : #define CGROUP_LIMIT_MAX ((uint64_t) -1)
83 :
84 0 : static inline bool CGROUP_WEIGHT_IS_OK(uint64_t x) {
85 : return
86 0 : x == CGROUP_WEIGHT_INVALID ||
87 0 : (x >= CGROUP_WEIGHT_MIN && x <= CGROUP_WEIGHT_MAX);
88 : }
89 :
90 : /* IO limits on unified hierarchy */
91 : typedef enum CGroupIOLimitType {
92 : CGROUP_IO_RBPS_MAX,
93 : CGROUP_IO_WBPS_MAX,
94 : CGROUP_IO_RIOPS_MAX,
95 : CGROUP_IO_WIOPS_MAX,
96 :
97 : _CGROUP_IO_LIMIT_TYPE_MAX,
98 : _CGROUP_IO_LIMIT_TYPE_INVALID = -1
99 : } CGroupIOLimitType;
100 :
101 : extern const uint64_t cgroup_io_limit_defaults[_CGROUP_IO_LIMIT_TYPE_MAX];
102 :
103 : const char* cgroup_io_limit_type_to_string(CGroupIOLimitType t) _const_;
104 : CGroupIOLimitType cgroup_io_limit_type_from_string(const char *s) _pure_;
105 :
106 : /* Special values for the cpu.shares attribute */
107 : #define CGROUP_CPU_SHARES_INVALID ((uint64_t) -1)
108 : #define CGROUP_CPU_SHARES_MIN UINT64_C(2)
109 : #define CGROUP_CPU_SHARES_MAX UINT64_C(262144)
110 : #define CGROUP_CPU_SHARES_DEFAULT UINT64_C(1024)
111 :
112 0 : static inline bool CGROUP_CPU_SHARES_IS_OK(uint64_t x) {
113 : return
114 0 : x == CGROUP_CPU_SHARES_INVALID ||
115 0 : (x >= CGROUP_CPU_SHARES_MIN && x <= CGROUP_CPU_SHARES_MAX);
116 : }
117 :
118 : /* Special values for the blkio.weight attribute */
119 : #define CGROUP_BLKIO_WEIGHT_INVALID ((uint64_t) -1)
120 : #define CGROUP_BLKIO_WEIGHT_MIN UINT64_C(10)
121 : #define CGROUP_BLKIO_WEIGHT_MAX UINT64_C(1000)
122 : #define CGROUP_BLKIO_WEIGHT_DEFAULT UINT64_C(500)
123 :
124 0 : static inline bool CGROUP_BLKIO_WEIGHT_IS_OK(uint64_t x) {
125 : return
126 0 : x == CGROUP_BLKIO_WEIGHT_INVALID ||
127 0 : (x >= CGROUP_BLKIO_WEIGHT_MIN && x <= CGROUP_BLKIO_WEIGHT_MAX);
128 : }
129 :
130 : /* Default resource limits */
131 : #define DEFAULT_TASKS_MAX_PERCENTAGE 15U /* 15% of PIDs, 4915 on default settings */
132 : #define DEFAULT_USER_TASKS_MAX_PERCENTAGE 33U /* 33% of PIDs, 10813 on default settings */
133 :
134 : typedef enum CGroupUnified {
135 : CGROUP_UNIFIED_UNKNOWN = -1,
136 : CGROUP_UNIFIED_NONE = 0, /* Both systemd and controllers on legacy */
137 : CGROUP_UNIFIED_SYSTEMD = 1, /* Only systemd on unified */
138 : CGROUP_UNIFIED_ALL = 2, /* Both systemd and controllers on unified */
139 : } CGroupUnified;
140 :
141 : /*
142 : * General rules:
143 : *
144 : * We accept named hierarchies in the syntax "foo" and "name=foo".
145 : *
146 : * We expect that named hierarchies do not conflict in name with a
147 : * kernel hierarchy, modulo the "name=" prefix.
148 : *
149 : * We always generate "normalized" controller names, i.e. without the
150 : * "name=" prefix.
151 : *
152 : * We require absolute cgroup paths. When returning, we will always
153 : * generate paths with multiple adjacent / removed.
154 : */
155 :
156 : int cg_enumerate_processes(const char *controller, const char *path, FILE **_f);
157 : int cg_read_pid(FILE *f, pid_t *_pid);
158 : int cg_read_event(const char *controller, const char *path, const char *event,
159 : char **val);
160 :
161 : int cg_enumerate_subgroups(const char *controller, const char *path, DIR **_d);
162 : int cg_read_subgroup(DIR *d, char **fn);
163 :
164 : typedef enum CGroupFlags {
165 : CGROUP_SIGCONT = 1 << 0,
166 : CGROUP_IGNORE_SELF = 1 << 1,
167 : CGROUP_REMOVE = 1 << 2,
168 : } CGroupFlags;
169 :
170 : typedef int (*cg_kill_log_func_t)(pid_t pid, int sig, void *userdata);
171 :
172 : int cg_kill(const char *controller, const char *path, int sig, CGroupFlags flags, Set *s, cg_kill_log_func_t kill_log, void *userdata);
173 : int cg_kill_recursive(const char *controller, const char *path, int sig, CGroupFlags flags, Set *s, cg_kill_log_func_t kill_log, void *userdata);
174 :
175 : int cg_migrate(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
176 : int cg_migrate_recursive(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
177 : int cg_migrate_recursive_fallback(const char *cfrom, const char *pfrom, const char *cto, const char *pto, CGroupFlags flags);
178 :
179 : int cg_split_spec(const char *spec, char **controller, char **path);
180 : int cg_mangle_path(const char *path, char **result);
181 :
182 : int cg_get_path(const char *controller, const char *path, const char *suffix, char **fs);
183 : int cg_get_path_and_check(const char *controller, const char *path, const char *suffix, char **fs);
184 :
185 : int cg_pid_get_path(const char *controller, pid_t pid, char **path);
186 :
187 : int cg_trim(const char *controller, const char *path, bool delete_root);
188 :
189 : int cg_rmdir(const char *controller, const char *path);
190 :
191 : int cg_create(const char *controller, const char *path);
192 : int cg_attach(const char *controller, const char *path, pid_t pid);
193 : int cg_attach_fallback(const char *controller, const char *path, pid_t pid);
194 : int cg_create_and_attach(const char *controller, const char *path, pid_t pid);
195 :
196 : int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value);
197 : int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret);
198 : int cg_get_keyed_attribute(const char *controller, const char *path, const char *attribute, char **keys, char **values);
199 :
200 : int cg_set_access(const char *controller, const char *path, uid_t uid, gid_t gid);
201 :
202 : int cg_set_xattr(const char *controller, const char *path, const char *name, const void *value, size_t size, int flags);
203 : int cg_get_xattr(const char *controller, const char *path, const char *name, void *value, size_t size);
204 :
205 : int cg_install_release_agent(const char *controller, const char *agent);
206 : int cg_uninstall_release_agent(const char *controller);
207 :
208 : int cg_is_empty(const char *controller, const char *path);
209 : int cg_is_empty_recursive(const char *controller, const char *path);
210 :
211 : int cg_get_root_path(char **path);
212 :
213 : int cg_path_get_session(const char *path, char **session);
214 : int cg_path_get_owner_uid(const char *path, uid_t *uid);
215 : int cg_path_get_unit(const char *path, char **unit);
216 : int cg_path_get_user_unit(const char *path, char **unit);
217 : int cg_path_get_machine_name(const char *path, char **machine);
218 : int cg_path_get_slice(const char *path, char **slice);
219 : int cg_path_get_user_slice(const char *path, char **slice);
220 :
221 : int cg_shift_path(const char *cgroup, const char *cached_root, const char **shifted);
222 : int cg_pid_get_path_shifted(pid_t pid, const char *cached_root, char **cgroup);
223 :
224 : int cg_pid_get_session(pid_t pid, char **session);
225 : int cg_pid_get_owner_uid(pid_t pid, uid_t *uid);
226 : int cg_pid_get_unit(pid_t pid, char **unit);
227 : int cg_pid_get_user_unit(pid_t pid, char **unit);
228 : int cg_pid_get_machine_name(pid_t pid, char **machine);
229 : int cg_pid_get_slice(pid_t pid, char **slice);
230 : int cg_pid_get_user_slice(pid_t pid, char **slice);
231 :
232 : int cg_path_decode_unit(const char *cgroup, char **unit);
233 :
234 : char *cg_escape(const char *p);
235 : char *cg_unescape(const char *p) _pure_;
236 :
237 : bool cg_controller_is_valid(const char *p);
238 :
239 : int cg_slice_to_path(const char *unit, char **ret);
240 :
241 : typedef const char* (*cg_migrate_callback_t)(CGroupMask mask, void *userdata);
242 :
243 : int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path);
244 : int cg_attach_everywhere(CGroupMask supported, const char *path, pid_t pid, cg_migrate_callback_t callback, void *userdata);
245 : int cg_attach_many_everywhere(CGroupMask supported, const char *path, Set* pids, cg_migrate_callback_t callback, void *userdata);
246 : int cg_migrate_everywhere(CGroupMask supported, const char *from, const char *to, cg_migrate_callback_t callback, void *userdata);
247 : int cg_trim_everywhere(CGroupMask supported, const char *path, bool delete_root);
248 : int cg_enable_everywhere(CGroupMask supported, CGroupMask mask, const char *p, CGroupMask *ret_result_mask);
249 :
250 : int cg_mask_supported(CGroupMask *ret);
251 : int cg_mask_from_string(const char *s, CGroupMask *ret);
252 : int cg_mask_to_string(CGroupMask mask, char **ret);
253 :
254 : int cg_kernel_controllers(Set **controllers);
255 :
256 : bool cg_ns_supported(void);
257 :
258 : int cg_all_unified(void);
259 : int cg_hybrid_unified(void);
260 : int cg_unified_controller(const char *controller);
261 : int cg_unified_flush(void);
262 :
263 : bool cg_is_unified_wanted(void);
264 : bool cg_is_legacy_wanted(void);
265 : bool cg_is_hybrid_wanted(void);
266 :
267 : const char* cgroup_controller_to_string(CGroupController c) _const_;
268 : CGroupController cgroup_controller_from_string(const char *s) _pure_;
269 :
270 : int cg_weight_parse(const char *s, uint64_t *ret);
271 : int cg_cpu_shares_parse(const char *s, uint64_t *ret);
272 : int cg_blkio_weight_parse(const char *s, uint64_t *ret);
273 :
274 : bool is_cgroup_fs(const struct statfs *s);
275 : bool fd_is_cgroup_fs(int fd);
|
